diff --git a/bitnami/acmesolver/1/debian-11/Dockerfile b/bitnami/acmesolver/1/debian-11/Dockerfile deleted file mode 100644 index 718eb4d17513..000000000000 --- a/bitnami/acmesolver/1/debian-11/Dockerfile +++ /dev/null @@ -1,52 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T20:55:45Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.14.2-debian-11-r18" \ - org.opencontainers.image.title="acmesolver" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="1.14.2" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "acmesolver-1.14.2-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="1.14.2" \ - BITNAMI_APP_NAME="acmesolver" \ - PATH="/opt/bitnami/acmesolver/bin:$PATH" - -WORKDIR /opt/bitnami/acmesolver -USER 1001 -ENTRYPOINT [ "/opt/bitnami/acmesolver/bin/acmesolver" ] diff --git a/bitnami/acmesolver/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/acmesolver/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index bacf77c41a85..000000000000 --- a/bitnami/acmesolver/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "acmesolver": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.14.2-1" - } -} \ No newline at end of file diff --git a/bitnami/acmesolver/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/acmesolver/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/acmesolver/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/acmesolver/1/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/acmesolver/1/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/acmesolver/1/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/acmesolver/1/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/acmesolver/1/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/acmesolver/1/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/acmesolver/1/debian-11/tags-info.yaml b/bitnami/acmesolver/1/debian-11/tags-info.yaml deleted file mode 100644 index 0df37b435b01..000000000000 --- a/bitnami/acmesolver/1/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "1" -- 1-debian-11 -- 1.14.2 -- latest diff --git a/bitnami/airflow-exporter/0/debian-11/Dockerfile b/bitnami/airflow-exporter/0/debian-11/Dockerfile deleted file mode 100644 index fea08b4576b5..000000000000 --- a/bitnami/airflow-exporter/0/debian-11/Dockerfile +++ /dev/null @@ -1,54 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T20:59:41Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="0.20220314.0-debian-11-r467" \ - org.opencontainers.image.title="airflow-exporter" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="0.20220314.0" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "airflow-exporter-0.20220314.0-174-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="0.20220314.0" \ - BITNAMI_APP_NAME="airflow-exporter" \ - PATH="/opt/bitnami/airflow-exporter/bin:$PATH" - -EXPOSE 9112 - -WORKDIR /opt/bitnami/airflow-exporter -USER 1001 -ENTRYPOINT [ "airflow-prometheus-exporter" ] diff --git a/bitnami/airflow-exporter/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/airflow-exporter/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index c87a6424bb81..000000000000 --- a/bitnami/airflow-exporter/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "airflow-exporter": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "0.20220314.0-174" - } -} \ No newline at end of file diff --git a/bitnami/airflow-exporter/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/airflow-exporter/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/airflow-exporter/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/airflow-exporter/0/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/airflow-exporter/0/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/airflow-exporter/0/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/airflow-exporter/0/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/airflow-exporter/0/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/airflow-exporter/0/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/airflow-exporter/0/debian-11/tags-info.yaml b/bitnami/airflow-exporter/0/debian-11/tags-info.yaml deleted file mode 100644 index c4ce94708627..000000000000 --- a/bitnami/airflow-exporter/0/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "0" -- 0-debian-11 -- 0.20220314.0 -- latest diff --git a/bitnami/airflow-scheduler/2/debian-11/Dockerfile b/bitnami/airflow-scheduler/2/debian-11/Dockerfile deleted file mode 100644 index 8dcf3fae1338..000000000000 --- a/bitnami/airflow-scheduler/2/debian-11/Dockerfile +++ /dev/null @@ -1,72 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T04:28:59Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="2.8.1-debian-11-r28" \ - org.opencontainers.image.title="airflow-scheduler" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="2.8.1" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl krb5-user libbsd0 libbz2-1.0 libcom-err2 libcrypt1 libedit2 libffi7 libgcc-s1 libgmp10 libgnutls30 libgss-dev libgssapi-krb5-2 libhogweed6 libicu67 libidn2-0 libk5crypto3 libkeyutils1 libkrb5-3 libkrb5-dev libkrb5support0 libldap-2.4-2 liblz4-1 liblzma5 libmariadb3 libmd0 libncursesw6 libnettle8 libnsl2 libp11-kit0 libreadline8 libsasl2-2 libsasl2-modules libsqlite3-0 libssl1.1 libstdc++6 libsybdb5 libtasn1-6 libtinfo6 libtirpc3 libunistring2 libuuid1 libxml2 libxslt1.1 locales netbase procps tzdata zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "wait-for-port-1.0.7-9-linux-${OS_ARCH}-debian-11" \ - "python-3.11.8-0-linux-${OS_ARCH}-debian-11" \ - "postgresql-client-16.2.0-0-linux-${OS_ARCH}-debian-11" \ - "ini-file-1.4.6-9-linux-${OS_ARCH}-debian-11" \ - "airflow-scheduler-2.8.1-4-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN localedef -c -f UTF-8 -i en_US en_US.UTF-8 -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN update-locale LANG=C.UTF-8 LC_MESSAGES=POSIX && \ - DEBIAN_FRONTEND=noninteractive dpkg-reconfigure locales -RUN echo 'en_US.UTF-8 UTF-8' >> /etc/locale.gen && locale-gen -RUN mkdir /.local && chmod g+rwX /.local - -COPY rootfs / -RUN /opt/bitnami/scripts/airflow-scheduler/postunpack.sh -RUN /opt/bitnami/scripts/locales/add-extra-locales.sh -ENV AIRFLOW_HOME="/opt/bitnami/airflow" \ - APP_VERSION="2.8.1" \ - BITNAMI_APP_NAME="airflow-scheduler" \ - LANG="en_US.UTF-8" \ - LANGUAGE="en_US:en" \ - LD_LIBRARY_PATH="/opt/bitnami/airflow/venv/lib/python3.8/site-packages/numpy.libs:/opt/bitnami/python/lib:$LD_LIBRARY_PATH" \ - LIBNSS_WRAPPER_PATH="/opt/bitnami/common/lib/libnss_wrapper.so" \ - LNAME="airflow" \ - NSS_WRAPPER_GROUP="/opt/bitnami/airflow/nss_group" \ - NSS_WRAPPER_PASSWD="/opt/bitnami/airflow/nss_passwd" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/python/bin:/opt/bitnami/postgresql/bin:/opt/bitnami/airflow/venv/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/airflow-scheduler/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/airflow-scheduler/run.sh" ] diff --git a/bitnami/airflow-scheduler/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/airflow-scheduler/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index e3cecc2dde94..000000000000 --- a/bitnami/airflow-scheduler/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,32 +0,0 @@ -{ - "airflow-scheduler": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.8.1-4" - }, - "ini-file": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.4.6-9" - }, - "postgresql-client": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "16.2.0-0" - }, - "python": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.11.8-0" - }, - "wait-for-port": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.7-9" - } -} \ No newline at end of file diff --git a/bitnami/airflow-scheduler/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/airflow-scheduler/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/airflow-scheduler/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/airflow-scheduler/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/airflow-scheduler/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/airflow-scheduler/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/airflow-scheduler/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/airflow-scheduler/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/airflow-scheduler/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/airflow-scheduler/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/airflow-scheduler/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/airflow-scheduler/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/airflow-scheduler/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/airflow-scheduler/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/airflow-scheduler/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/airflow-scheduler/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/airflow-scheduler/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/airflow-scheduler/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/airflow-scheduler/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/airflow-scheduler/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/airflow-scheduler/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/airflow-scheduler/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/airflow-scheduler/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/airflow-scheduler/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/airflow-scheduler/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/airflow-scheduler/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/airflow-scheduler/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/airflow-scheduler/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/airflow-scheduler/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/airflow-scheduler/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/airflow-scheduler/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/airflow-scheduler/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/airflow-scheduler/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/airflow-scheduler/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/airflow-scheduler/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/airflow-scheduler/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/airflow-scheduler/2/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/airflow-scheduler/2/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/airflow-scheduler/2/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/airflow-scheduler/2/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/airflow-scheduler/2/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/airflow-scheduler/2/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/airflow-scheduler/2/debian-11/rootfs/opt/bitnami/scripts/airflow-scheduler-env.sh b/bitnami/airflow-scheduler/2/debian-11/rootfs/opt/bitnami/scripts/airflow-scheduler-env.sh deleted file mode 100644 index 54b8bdd378fa..000000000000 --- a/bitnami/airflow-scheduler/2/debian-11/rootfs/opt/bitnami/scripts/airflow-scheduler-env.sh +++ /dev/null @@ -1,102 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for airflow-scheduler - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-airflow-scheduler}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -airflow_scheduler_env_vars=( - AIRFLOW_EXECUTOR - AIRFLOW_RAW_FERNET_KEY - AIRFLOW_FERNET_KEY - AIRFLOW_SECRET_KEY - AIRFLOW_WEBSERVER_HOST - AIRFLOW_WEBSERVER_PORT_NUMBER - AIRFLOW_LOAD_EXAMPLES - AIRFLOW_HOSTNAME_CALLABLE - AIRFLOW_DATABASE_HOST - AIRFLOW_DATABASE_PORT_NUMBER - AIRFLOW_DATABASE_NAME - AIRFLOW_DATABASE_USERNAME - AIRFLOW_DATABASE_PASSWORD - AIRFLOW_DATABASE_USE_SSL - AIRFLOW_REDIS_USE_SSL - REDIS_HOST - REDIS_PORT_NUMBER - REDIS_USER - REDIS_PASSWORD - REDIS_DATABASE -) -for env_var in "${airflow_scheduler_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset airflow_scheduler_env_vars - -# Airflow paths -export AIRFLOW_BASE_DIR="${BITNAMI_ROOT_DIR}/airflow" -export AIRFLOW_HOME="${AIRFLOW_BASE_DIR}" -export AIRFLOW_BIN_DIR="${AIRFLOW_BASE_DIR}/venv/bin" -export AIRFLOW_LOGS_DIR="${AIRFLOW_BASE_DIR}/logs" -export AIRFLOW_SCHEDULER_LOGS_DIR="${AIRFLOW_LOGS_DIR}/scheduler" -export AIRFLOW_LOG_FILE="${AIRFLOW_LOGS_DIR}/airflow-scheduler.log" -export AIRFLOW_CONF_FILE="${AIRFLOW_BASE_DIR}/airflow.cfg" -export AIRFLOW_TMP_DIR="${AIRFLOW_BASE_DIR}/tmp" -export AIRFLOW_PID_FILE="${AIRFLOW_TMP_DIR}/airflow-scheduler.pid" -export AIRFLOW_DAGS_DIR="${AIRFLOW_BASE_DIR}/dags" -export PATH="${AIRFLOW_BIN_DIR}:${BITNAMI_ROOT_DIR}/common/bin:${PATH}" - -# System users (when running with a privileged user) -export AIRFLOW_DAEMON_USER="airflow" -export AIRFLOW_DAEMON_GROUP="airflow" - -# Airflow configuration -export AIRFLOW_EXECUTOR="${AIRFLOW_EXECUTOR:-SequentialExecutor}" -export AIRFLOW_RAW_FERNET_KEY="${AIRFLOW_RAW_FERNET_KEY:-}" -export AIRFLOW_FERNET_KEY="${AIRFLOW_FERNET_KEY:-}" -export AIRFLOW_SECRET_KEY="${AIRFLOW_SECRET_KEY:-}" -export AIRFLOW_WEBSERVER_HOST="${AIRFLOW_WEBSERVER_HOST:-127.0.0.1}" -export AIRFLOW_WEBSERVER_PORT_NUMBER="${AIRFLOW_WEBSERVER_PORT_NUMBER:-8080}" -export AIRFLOW_LOAD_EXAMPLES="${AIRFLOW_LOAD_EXAMPLES:-yes}" -export AIRFLOW_HOSTNAME_CALLABLE="${AIRFLOW_HOSTNAME_CALLABLE:-}" - -# Airflow database configuration -export AIRFLOW_DATABASE_HOST="${AIRFLOW_DATABASE_HOST:-postgresql}" -export AIRFLOW_DATABASE_PORT_NUMBER="${AIRFLOW_DATABASE_PORT_NUMBER:-5432}" -export AIRFLOW_DATABASE_NAME="${AIRFLOW_DATABASE_NAME:-bitnami_airflow}" -export AIRFLOW_DATABASE_USERNAME="${AIRFLOW_DATABASE_USERNAME:-bn_airflow}" -export AIRFLOW_DATABASE_PASSWORD="${AIRFLOW_DATABASE_PASSWORD:-}" -export AIRFLOW_DATABASE_USE_SSL="${AIRFLOW_DATABASE_USE_SSL:-no}" -export AIRFLOW_REDIS_USE_SSL="${AIRFLOW_REDIS_USE_SSL:-no}" -export REDIS_HOST="${REDIS_HOST:-redis}" -export REDIS_PORT_NUMBER="${REDIS_PORT_NUMBER:-6379}" -export REDIS_USER="${REDIS_USER:-}" -export REDIS_PASSWORD="${REDIS_PASSWORD:-}" -export REDIS_DATABASE="${REDIS_DATABASE:-1}" - -# Custom environment variables may be defined below diff --git a/bitnami/airflow-scheduler/2/debian-11/rootfs/opt/bitnami/scripts/airflow-scheduler/entrypoint.sh b/bitnami/airflow-scheduler/2/debian-11/rootfs/opt/bitnami/scripts/airflow-scheduler/entrypoint.sh deleted file mode 100755 index 78dc088ce131..000000000000 --- a/bitnami/airflow-scheduler/2/debian-11/rootfs/opt/bitnami/scripts/airflow-scheduler/entrypoint.sh +++ /dev/null @@ -1,44 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load Airflow environment variables -. /opt/bitnami/scripts/airflow-scheduler-env.sh - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/libairflowscheduler.sh - -print_welcome_page - -if ! am_i_root && [[ -e "$LIBNSS_WRAPPER_PATH" ]]; then - info "Enabling non-root system user with nss_wrapper" - echo "airflow:x:$(id -u):$(id -g):Airflow:$AIRFLOW_HOME:/bin/false" > "$NSS_WRAPPER_PASSWD" - echo "airflow:x:$(id -g):" > "$NSS_WRAPPER_GROUP" - - export LD_PRELOAD="$LIBNSS_WRAPPER_PATH" - export HOME="$AIRFLOW_HOME" -fi - -# Install custom python package if requirements.txt is present -if [[ -f "/bitnami/python/requirements.txt" ]]; then - . /opt/bitnami/airflow/venv/bin/activate - pip install -r /bitnami/python/requirements.txt - deactivate -fi - -if [[ "$*" = *"/opt/bitnami/scripts/airflow-scheduler/run.sh"* || "$*" = *"/run.sh"* ]]; then - info "** Starting Airflow setup **" - /opt/bitnami/scripts/airflow-scheduler/setup.sh - info "** Airflow setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/airflow-scheduler/2/debian-11/rootfs/opt/bitnami/scripts/airflow-scheduler/postunpack.sh b/bitnami/airflow-scheduler/2/debian-11/rootfs/opt/bitnami/scripts/airflow-scheduler/postunpack.sh deleted file mode 100755 index a072fc965d6c..000000000000 --- a/bitnami/airflow-scheduler/2/debian-11/rootfs/opt/bitnami/scripts/airflow-scheduler/postunpack.sh +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load Airflow environment variables -. /opt/bitnami/scripts/airflow-scheduler-env.sh - -# Load libraries -. /opt/bitnami/scripts/libairflowscheduler.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh - -ensure_dir_exists "$AIRFLOW_BASE_DIR" -# Ensure the needed directories exist with write permissions -for dir in "$AIRFLOW_TMP_DIR" "$AIRFLOW_LOGS_DIR" "$AIRFLOW_DAGS_DIR"; do - ensure_dir_exists "$dir" - configure_permissions_ownership "$dir" -d "775" -f "664" -g "root" -done - -chmod -R g+rwX "$AIRFLOW_BASE_DIR" diff --git a/bitnami/airflow-scheduler/2/debian-11/rootfs/opt/bitnami/scripts/airflow-scheduler/run.sh b/bitnami/airflow-scheduler/2/debian-11/rootfs/opt/bitnami/scripts/airflow-scheduler/run.sh deleted file mode 100755 index 8c89bdacad58..000000000000 --- a/bitnami/airflow-scheduler/2/debian-11/rootfs/opt/bitnami/scripts/airflow-scheduler/run.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load Airflow environment variables -. /opt/bitnami/scripts/airflow-scheduler-env.sh - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libairflowscheduler.sh - -args=("--pid" "$AIRFLOW_PID_FILE" "$@") - -info "** Starting Airflow **" -if am_i_root; then - exec_as_user "$AIRFLOW_DAEMON_USER" "${AIRFLOW_BIN_DIR}/airflow" "scheduler" "${args[@]}" -else - exec "${AIRFLOW_BIN_DIR}/airflow" "scheduler" "${args[@]}" -fi diff --git a/bitnami/airflow-scheduler/2/debian-11/rootfs/opt/bitnami/scripts/airflow-scheduler/setup.sh b/bitnami/airflow-scheduler/2/debian-11/rootfs/opt/bitnami/scripts/airflow-scheduler/setup.sh deleted file mode 100755 index 95011ea642a7..000000000000 --- a/bitnami/airflow-scheduler/2/debian-11/rootfs/opt/bitnami/scripts/airflow-scheduler/setup.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load Airflow environment variables -. /opt/bitnami/scripts/airflow-scheduler-env.sh - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libairflowscheduler.sh - - -# Ensure Airflow environment variables settings are valid -airflow_scheduler_validate -# Ensure Airflow daemon user exists when running as root -am_i_root && ensure_user_exists "$AIRFLOW_DAEMON_USER" --group "$AIRFLOW_DAEMON_GROUP" -# Ensure Airflow is initialized -airflow_scheduler_initialize diff --git a/bitnami/airflow-scheduler/2/debian-11/rootfs/opt/bitnami/scripts/libairflow.sh b/bitnami/airflow-scheduler/2/debian-11/rootfs/opt/bitnami/scripts/libairflow.sh deleted file mode 100644 index b21d4cb26ed7..000000000000 --- a/bitnami/airflow-scheduler/2/debian-11/rootfs/opt/bitnami/scripts/libairflow.sh +++ /dev/null @@ -1,552 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# Bitnami Airflow library - -# shellcheck disable=SC1091,SC2153 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libpersistence.sh - -# Load database library -if [[ -f /opt/bitnami/scripts/libpostgresqlclient.sh ]]; then - . /opt/bitnami/scripts/libpostgresqlclient.sh -elif [[ -f /opt/bitnami/scripts/libpostgresql.sh ]]; then - . /opt/bitnami/scripts/libpostgresql.sh -fi - -# Functions - -######################## -# Validate Airflow inputs -# Globals: -# AIRFLOW_* -# Arguments: -# None -# Returns: -# 0 if the validation succeeded, 1 otherwise -######################### -airflow_validate() { - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - check_multi_value() { - if [[ " ${2} " != *" ${!1} "* ]]; then - print_validation_error "The allowed values for ${1} are: ${2}" - fi - } - - # Check postgresql host - [[ -z "$AIRFLOW_DATABASE_HOST" ]] && print_validation_error "Missing AIRFLOW_DATABASE_HOST" - - # Check LDAP parameters - if is_boolean_yes "$AIRFLOW_LDAP_ENABLE"; then - [[ -z "$AIRFLOW_LDAP_URI" ]] && print_validation_error "Missing AIRFLOW_LDAP_URI" - [[ -z "$AIRFLOW_LDAP_SEARCH" ]] && print_validation_error "Missing AIRFLOW_LDAP_SEARCH" - [[ -z "$AIRFLOW_LDAP_UID_FIELD" ]] && print_validation_error "Missing AIRFLOW_LDAP_UID_FIELD" - [[ -z "$AIRFLOW_LDAP_BIND_USER" ]] && print_validation_error "Missing AIRFLOW_LDAP_BIND_USER" - [[ -z "$AIRFLOW_LDAP_BIND_PASSWORD" ]] && print_validation_error "Missing AIRFLOW_LDAP_BIND_PASSWORD" - [[ -z "$AIRFLOW_LDAP_ROLES_MAPPING" ]] && print_validation_error "Missing AIRFLOW_LDAP_ROLES_MAPPING" - [[ -z "$AIRFLOW_LDAP_ROLES_SYNC_AT_LOGIN" ]] && print_validation_error "Missing AIRFLOW_LDAP_ROLES_SYNC_AT_LOGIN" - [[ -z "$AIRFLOW_LDAP_USER_REGISTRATION" ]] && print_validation_error "Missing AIRFLOW_LDAP_USER_REGISTRATION" - [[ -z "$AIRFLOW_LDAP_USER_REGISTRATION_ROLE" ]] && print_validation_error "Missing AIRFLOW_LDAP_USER_REGISTRATION_ROLE" - - # Chack boolean env vars contain valid values - for var in "AIRFLOW_LDAP_USER_REGISTRATION" "AIRFLOW_LDAP_ROLES_SYNC_AT_LOGIN" "AIRFLOW_LDAP_USE_TLS"; do - check_multi_value "$var" "True False" - done - - if [[ "$AIRFLOW_LDAP_USE_TLS" == "True" ]]; then - [[ -z "$AIRFLOW_LDAP_ALLOW_SELF_SIGNED" ]] && print_validation_error "Missing AIRFLOW_LDAP_ALLOW_SELF_SIGNED" - [[ -z "$AIRFLOW_LDAP_TLS_CA_CERTIFICATE" ]] && print_validation_error "Missing AIRFLOW_LDAP_TLS_CA_CERTIFICATE" - fi - - fi - - # Check pool parameters - if [[ -n "$AIRFLOW_POOL_NAME" ]]; then - [[ -z "$AIRFLOW_POOL_DESC" ]] && print_validation_error "Provided AIRFLOW_POOL_NAME but missing AIRFLOW_POOL_DESC" - [[ -z "$AIRFLOW_POOL_SIZE" ]] && print_validation_error "Provided AIRFLOW_POOL_NAME but missing AIRFLOW_POOL_SIZE" - fi - - # Check cryptography parameters - if [[ -n "$AIRFLOW_RAW_FERNET_KEY" && -z "$AIRFLOW_FERNET_KEY" ]]; then - local fernet_char_count - fernet_char_count="$(echo -n "$AIRFLOW_RAW_FERNET_KEY")" - if [[ "$fernet_char_count" -lt 32 ]]; then - print_validation_error "AIRFLOW_RAW_FERNET_KEY must have at least 32 characters" - elif [[ "$fernet_char_count" -gt 32 ]]; then - warn "AIRFLOW_RAW_FERNET_KEY has more than 32 characters, the rest will be ignored" - fi - AIRFLOW_FERNET_KEY="$(echo -n "${AIRFLOW_RAW_FERNET_KEY:0:32}" | base64)" - fi - - return "$error_code" -} - -######################## -# Ensure Airflow is initialized -# Globals: -# AIRFLOW_* -# Arguments: -# None -# Returns: -# None -######################### -airflow_initialize() { - info "Initializing Airflow ..." - - # Change permissions if running as root - for dir in "$AIRFLOW_TMP_DIR" "$AIRFLOW_LOGS_DIR" "$AIRFLOW_DAGS_DIR"; do - ensure_dir_exists "$dir" - am_i_root && chown "$AIRFLOW_DAEMON_USER:$AIRFLOW_DAEMON_GROUP" "$dir" - done - - # The configuration file is not persisted. If it is not provided, generate it based on env vars - if [[ ! -f "$AIRFLOW_CONF_FILE" ]]; then - info "No injected configuration file found. Creating default config file" - airflow_generate_config - else - info "Configuration file found, loading configuration" - fi - - info "Trying to connect to the database server" - airflow_wait_for_postgresql_connection - # Check if the Airflow database has been already initialized - if ! airflow_execute db check-migrations; then - # Delete pid file - rm -f "$AIRFLOW_PID_FILE" - - # Initialize database - info "Populating database" - airflow_execute db init - - airflow_create_admin_user - airflow_create_pool - else - # Upgrade database - info "Upgrading database schema" - airflow_execute db upgrade - true # Avoid return false when I am not root - fi -} - -######################## -# Executes the 'airflow' CLI with the specified arguments and print result to stdout/stderr -# Globals: -# AIRFLOW_* -# Arguments: -# $1..$n - Arguments to pass to the CLI call -# Returns: -# None -######################### -airflow_execute_print_output() { - # Run as web server user to avoid having to change permissions/ownership afterwards - if am_i_root; then - run_as_user "$AIRFLOW_DAEMON_USER" airflow "$@" - else - airflow "$@" - fi -} - -######################## -# Executes the 'airflow' CLI with the specified arguments -# Globals: -# AIRFLOW_* -# Arguments: -# $1..$n - Arguments to pass to the CLI call -# Returns: -# None -######################### -airflow_execute() { - debug_execute airflow_execute_print_output "$@" -} - -######################## -# Generate Airflow conf file -# Globals: -# AIRFLOW_* -# Arguments: -# None -# Returns: -# None -######################### -airflow_generate_config() { - # Create Airflow confirguration from default files - [[ ! -f "$AIRFLOW_CONF_FILE" ]] && cp "$(find "$AIRFLOW_BASE_DIR" -name default_airflow.cfg)" "$AIRFLOW_CONF_FILE" - [[ -n "$AIRFLOW_WEBSERVER_CONF_FILE" ]] && [[ ! -f "$AIRFLOW_WEBSERVER_CONF_FILE" ]] && cp "$(find "$AIRFLOW_BASE_DIR" -name default_webserver_config.py)" "$AIRFLOW_WEBSERVER_CONF_FILE" - - # Setup Airflow base URL - airflow_configure_base_url - # Configure Airflow Hostname - [[ -n "$AIRFLOW_HOSTNAME_CALLABLE" ]] && airflow_conf_set "core" "hostname_callable" "$AIRFLOW_HOSTNAME_CALLABLE" - # Configure Airflow webserver authentication - airflow_configure_webserver_authentication - # Configure Airflow to load examples - if is_boolean_yes "$AIRFLOW_LOAD_EXAMPLES"; then - airflow_conf_set "core" "load_examples" "True" - else - airflow_conf_set "core" "load_examples" "False" - fi - # Configure Airflow database - airflow_configure_database - - # Configure the Webserver port - airflow_conf_set "webserver" "web_server_port" "$AIRFLOW_WEBSERVER_PORT_NUMBER" - - # Setup the secret keys for database connection and flask application (fernet key and secret key) - # ref: https://airflow.apache.org/docs/apache-airflow/stable/configurations-ref.html#fernet-key - # ref: https://airflow.apache.org/docs/apache-airflow/stable/configurations-ref.html#secret-key - [[ -n "$AIRFLOW_FERNET_KEY" ]] && airflow_conf_set "core" "fernet_key" "$AIRFLOW_FERNET_KEY" - [[ -n "$AIRFLOW_SECRET_KEY" ]] && airflow_conf_set "webserver" "secret_key" "$AIRFLOW_SECRET_KEY" - - # Configure Airflow executor - airflow_conf_set "core" "executor" "$AIRFLOW_EXECUTOR" - [[ "$AIRFLOW_EXECUTOR" == "CeleryExecutor" || "$AIRFLOW_EXECUTOR" == "CeleryKubernetesExecutor" ]] && airflow_configure_celery_executor - true # Avoid the function to fail due to the check above -} - -######################## -# Set property on the Airflow configuration file -# Globals: -# AIRFLOW_* -# Arguments: -# None -# Returns: -# None -######################### -airflow_conf_set() { - local -r section="${1:?section is required}" - local -r key="${2:?key is required}" - local -r value="${3:?value is required}" - local -r file="${4:-${AIRFLOW_CONF_FILE}}" - - ini-file set --section "$section" --key "$key" --value "$value" "$file" -} - -######################## -# Configure Airflow base url -# Globals: -# AIRFLOW_* -# Arguments: -# None -# Returns: -# None -######################### -airflow_configure_base_url() { - if [[ -z "$AIRFLOW_BASE_URL" ]]; then - airflow_conf_set "webserver" "base_url" "http://${AIRFLOW_WEBSERVER_HOST}:${AIRFLOW_WEBSERVER_PORT_NUMBER}" - else - airflow_conf_set "webserver" "base_url" "$AIRFLOW_BASE_URL" - fi -} - -######################## -# Configure Airflow webserver authentication -# Globals: -# AIRFLOW_* -# Arguments: -# None -# Returns: -# None -######################### -airflow_configure_webserver_authentication() { - info "Configuring Airflow webserver authentication" - airflow_conf_set "webserver" "rbac" "true" - - if is_boolean_yes "$AIRFLOW_LDAP_ENABLE"; then - info "Enabling LDAP authentication" - # Based on PR https://github.com/apache/airflow/pull/16647 - replace_in_file "$AIRFLOW_WEBSERVER_CONF_FILE" "# from airflow.www.fab_security.manager import AUTH_LDAP" "from airflow.www.fab_security.manager import AUTH_LDAP" - replace_in_file "$AIRFLOW_WEBSERVER_CONF_FILE" "from airflow.www.fab_security.manager import AUTH_DB" "# from airflow.www.fab_security.manager import AUTH_DB" - - # webserver config - airflow_webserver_conf_set "AUTH_TYPE" "AUTH_LDAP" - airflow_webserver_conf_set "AUTH_LDAP_SERVER" "$AIRFLOW_LDAP_URI" "yes" - - # searches - airflow_webserver_conf_set "AUTH_LDAP_SEARCH" "$AIRFLOW_LDAP_SEARCH" "yes" - airflow_webserver_conf_set "AUTH_LDAP_UID_FIELD" "$AIRFLOW_LDAP_UID_FIELD" "yes" - - # Special account for searches - airflow_webserver_conf_set "AUTH_LDAP_BIND_USER" "$AIRFLOW_LDAP_BIND_USER" "yes" - airflow_webserver_conf_set "AUTH_LDAP_BIND_PASSWORD" "$AIRFLOW_LDAP_BIND_PASSWORD" "yes" - - # User self registration - airflow_webserver_conf_set "AUTH_USER_REGISTRATION" "$AIRFLOW_LDAP_USER_REGISTRATION" - airflow_webserver_conf_set "AUTH_USER_REGISTRATION_ROLE" "$AIRFLOW_LDAP_USER_REGISTRATION_ROLE" "yes" - - # Mapping from LDAP DN to list of FAB roles - airflow_webserver_conf_set "AUTH_ROLES_MAPPING" "$AIRFLOW_LDAP_ROLES_MAPPING" - - # Replace user's roles at login - airflow_webserver_conf_set "AUTH_ROLES_SYNC_AT_LOGIN" "$AIRFLOW_LDAP_ROLES_SYNC_AT_LOGIN" - - # Allowing/Denying of self signed certs for StartTLS OR SSL ldaps:// connections - airflow_webserver_conf_set "AUTH_LDAP_ALLOW_SELF_SIGNED" "$AIRFLOW_LDAP_ALLOW_SELF_SIGNED" - - # If StartTLS supply cert - if [[ "$AIRFLOW_LDAP_USE_TLS" == "True" ]]; then - airflow_webserver_conf_set "AUTH_LDAP_TLS_CACERTFILE" "$AIRFLOW_LDAP_TLS_CA_CERTIFICATE" "yes" - fi - fi -} - -######################## -# Set properties in Airflow's webserver_config.py -# Globals: -# AIRFLOW_* -# Arguments: -# None -# Returns: -# None -######################### -airflow_webserver_conf_set() { - local -r key="${1:?missing key}" - local -r value="${2:?missing key}" - local -r is_literal="${3:-no}" - shift 2 - - local -r file="$AIRFLOW_WEBSERVER_CONF_FILE" - # Check if the value was set before - if grep -q "^#*\\s*${key} =.*$" "$file"; then - local entry - is_boolean_yes "$is_literal" && entry="${key} = '${value}'" || entry="${key} = ${value}" - # Update the existing key - replace_in_file "$file" "^#*\\s*${key} =.*$" "$entry" false - else - # Add a new key - local new_value="$value" - is_boolean_yes "$is_literal" && new_value="'${value}'" - printf '\n%s = %s' "$key" "$new_value" >>"$file" - fi -} - -######################## -# Configure Airflow database -# Globals: -# AIRFLOW_* -# Arguments: -# None -# Returns: -# None -######################### -airflow_configure_database() { - local -r user=$(airflow_encode_url "$AIRFLOW_DATABASE_USERNAME") - local -r password=$(airflow_encode_url "$AIRFLOW_DATABASE_PASSWORD") - local extra_options - is_boolean_yes "$AIRFLOW_DATABASE_USE_SSL" && extra_options="?sslmode=require" - - info "Configuring Airflow database" - airflow_conf_set "database" "sql_alchemy_conn" "postgresql+psycopg2://${user}:${password}@${AIRFLOW_DATABASE_HOST}:${AIRFLOW_DATABASE_PORT_NUMBER}/${AIRFLOW_DATABASE_NAME}${extra_options:-}" -} - -######################## -# Return URL encoded string in the airflow conf format -# Globals: -# AIRFLOW_* -# Arguments: -# None -# Returns: -# None -######################### -airflow_encode_url() { - local -r url="${1?Missing url}" - - urlencode() { - old_lc_collate="${LC_COLLATE:-}" - LC_COLLATE=C - - local length="${#1}" - for ((i = 0; i < length; i++)); do - local c="${1:$i:1}" - case $c in - [a-zA-Z0-9.~_-]) printf '%s' "$c" ;; - *) printf '%%%02X' "'$c" ;; - esac - done - - LC_COLLATE="$old_lc_collate" - } - - local -r url_encoded=$(urlencode "$url") - # Replace % by %% - echo "${url_encoded//\%/\%\%}" -} - -######################## -# Configure Airflow celery executor -# Globals: -# AIRFLOW_* -# Arguments: -# None -# Returns: -# None -######################### -airflow_configure_celery_executor() { - info "Configuring Celery Executor" - - # Configure celery Redis url - local -r redis_user=$(airflow_encode_url "$REDIS_USER") - local -r redis_password=$(airflow_encode_url "$REDIS_PASSWORD") - airflow_conf_set "celery" "broker_url" "redis://${redis_user}:${redis_password}@${REDIS_HOST}:${REDIS_PORT_NUMBER}/${REDIS_DATABASE}" - is_boolean_yes "$AIRFLOW_REDIS_USE_SSL" && airflow_conf_set "celery" "broker_url" "rediss://${redis_user}:${redis_password}@${REDIS_HOST}:${REDIS_PORT_NUMBER}/${REDIS_DATABASE}" - is_boolean_yes "$AIRFLOW_REDIS_USE_SSL" && airflow_conf_set "celery" "redis_backend_use_ssl" "true" - - # Configure celery backend - local -r database_user=$(airflow_encode_url "$AIRFLOW_DATABASE_USERNAME") - local -r database_password=$(airflow_encode_url "$AIRFLOW_DATABASE_PASSWORD") - local database_extra_options - is_boolean_yes "$AIRFLOW_DATABASE_USE_SSL" && database_extra_options="?sslmode=require" - airflow_conf_set "celery" "result_backend" "db+postgresql://${database_user}:${database_password}@${AIRFLOW_DATABASE_HOST}:${AIRFLOW_DATABASE_PORT_NUMBER}/${AIRFLOW_DATABASE_NAME}${database_extra_options:-}" -} - -######################## -# Wait until the database is accessible -# Globals: -# None -# Arguments: -# None -# Returns: -# true if the database connection succeeded, false otherwise -######################### -airflow_wait_for_postgresql_connection() { - if ! retry_while "airflow_execute db check"; then - error "Could not connect to the database" - return 1 - fi -} - -######################## -# Airflow create admin user -# Arguments: -# None -# Returns: -# None -######################### -airflow_create_admin_user() { - info "Creating Airflow admin user" - airflow_execute users create -r "Admin" -u "$AIRFLOW_USERNAME" -e "$AIRFLOW_EMAIL" -p "$AIRFLOW_PASSWORD" -f "$AIRFLOW_FIRSTNAME" -l "$AIRFLOW_LASTNAME" -} - -######################## -# Airflow create pool -# Arguments: -# None -# Returns: -# None -######################### -airflow_create_pool() { - if [[ -n "$AIRFLOW_POOL_NAME" ]] && [[ -n "$AIRFLOW_POOL_SIZE" ]] && [[ -n "$AIRFLOW_POOL_DESC" ]]; then - info "Creating Airflow pool" - airflow_execute pool -s "$AIRFLOW_POOL_NAME" "$AIRFLOW_POOL_SIZE" "$AIRFLOW_POOL_DESC" - fi -} - -######################## -# Check if Airflow is running -# Globals: -# AIRFLOW_PID_FILE -# Arguments: -# None -# Returns: -# Whether Airflow is running -######################## -is_airflow_running() { - local pid - pid="$(get_pid_from_file "$AIRFLOW_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if Airflow is not running -# Globals: -# AIRFLOW_PID_FILE -# Arguments: -# None -# Returns: -# Whether Airflow is not running -######################## -is_airflow_not_running() { - ! is_airflow_running -} - -######################## -# Stop Airflow -# Globals: -# AIRFLOW* -# Arguments: -# None -# Returns: -# None -######################### -airflow_stop() { - info "Stopping Airflow..." - stop_service_using_pid "$AIRFLOW_PID_FILE" -} - -######################## -# Check if airflow-exporter is running -# Globals: -# AIRFLOW_EXPORTER_PID_FILE -# Arguments: -# None -# Returns: -# Whether airflow-exporter is running -######################## -is_airflow_exporter_running() { - # airflow-exporter does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "airflow-prometheus-exporter" | head -n 1 > "$AIRFLOW_EXPORTER_PID_FILE" - - local pid - pid="$(get_pid_from_file "$AIRFLOW_EXPORTER_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if airflow-exporter is not running -# Globals: -# AIRFLOW_EXPORTER_PID_FILE -# Arguments: -# None -# Returns: -# Whether airflow-exporter is not running -######################## -is_airflow_exporter_not_running() { - ! is_airflow_exporter_running -} - -######################## -# Stop airflow-exporter -# Globals: -# AIRFLOW* -# Arguments: -# None -# Returns: -# None -######################### -airflow_exporter_stop() { - info "Stopping airflow-exporter..." - stop_service_using_pid "$AIRFLOW_EXPORTER_PID_FILE" -} diff --git a/bitnami/airflow-scheduler/2/debian-11/rootfs/opt/bitnami/scripts/libairflowscheduler.sh b/bitnami/airflow-scheduler/2/debian-11/rootfs/opt/bitnami/scripts/libairflowscheduler.sh deleted file mode 100644 index b6a05f365536..000000000000 --- a/bitnami/airflow-scheduler/2/debian-11/rootfs/opt/bitnami/scripts/libairflowscheduler.sh +++ /dev/null @@ -1,155 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# Bitnami Airflow library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libpersistence.sh - -# Load airflow library -. /opt/bitnami/scripts/libairflow.sh - -######################## -# Validate Airflow Scheduler inputs -# Globals: -# AIRFLOW_* -# Arguments: -# None -# Returns: -# None -######################### -airflow_scheduler_validate() { - # Check webserver host - [[ -z "$AIRFLOW_WEBSERVER_HOST" ]] && print_validation_error "Missing AIRFLOW_WEBSERVER_HOST" - [[ -z "$AIRFLOW_WEBSERVER_PORT_NUMBER" ]] && print_validation_error "Missing AIRFLOW_WEBSERVER_PORT_NUMBER" - # Check postgresql host - [[ -z "$AIRFLOW_DATABASE_HOST" ]] && print_validation_error "Missing AIRFLOW_DATABASE_HOST" - - # Check cryptography parameters - if [[ -n "$AIRFLOW_RAW_FERNET_KEY" && -z "$AIRFLOW_FERNET_KEY" ]]; then - local fernet_char_count - fernet_char_count="$(echo -n "$AIRFLOW_RAW_FERNET_KEY")" - if [[ "$fernet_char_count" -lt 32 ]]; then - print_validation_error "AIRFLOW_RAW_FERNET_KEY must have at least 32 characters" - elif [[ "$fernet_char_count" -gt 32 ]]; then - warn "AIRFLOW_RAW_FERNET_KEY has more than 32 characters, the rest will be ignored" - fi - AIRFLOW_FERNET_KEY="$(echo -n "${AIRFLOW_RAW_FERNET_KEY:0:32}" | base64)" - fi - - # Avoid to fail because of the above check - true -} - -######################## -# Ensure Airflow Scheduler is initialized -# Globals: -# AIRFLOW_* -# Arguments: -# None -# Returns: -# None -######################### -airflow_scheduler_initialize() { - # Change permissions if running as root - for dir in "$AIRFLOW_TMP_DIR" "$AIRFLOW_LOGS_DIR" "$AIRFLOW_SCHEDULER_LOGS_DIR"; do - ensure_dir_exists "$dir" - am_i_root && chown "$AIRFLOW_DAEMON_USER:$AIRFLOW_DAEMON_GROUP" "$dir" - done - - # The configuration file is not persisted. If it is not provided, generate it based on env vars - if [[ ! -f "$AIRFLOW_CONF_FILE" ]]; then - info "No injected configuration file found. Creating default config file" - airflow_scheduler_generate_config - else - info "Configuration file found, loading configuration" - fi - - info "Trying to connect to the database server" - airflow_wait_for_postgresql_connection - # Change the permissions after restoring the persisted data in case we are root - for dir in "$AIRFLOW_TMP_DIR" "$AIRFLOW_LOGS_DIR"; do - ensure_dir_exists "$dir" - am_i_root && chown "$AIRFLOW_DAEMON_USER:$AIRFLOW_DAEMON_GROUP" "$dir" - done - - # Wait for airflow webserver to be available - info "Waiting for Airflow Webserver to be up" - airflow_scheduler_wait_for_webserver "$AIRFLOW_WEBSERVER_HOST" "$AIRFLOW_WEBSERVER_PORT_NUMBER" - if [[ "$AIRFLOW_EXECUTOR" == "CeleryExecutor" || "$AIRFLOW_EXECUTOR" == "CeleryKubernetesExecutor" ]]; then - wait-for-port --host "$REDIS_HOST" "$REDIS_PORT_NUMBER" - fi - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Generate Airflow Scheduler conf file -# Globals: -# AIRFLOW_* -# Arguments: -# None -# Returns: -# None -######################### -airflow_scheduler_generate_config() { - # Generate Airflow default files - debug_execute airflow version - - # Configure Airflow Hostname - [[ -n "$AIRFLOW_HOSTNAME_CALLABLE" ]] && airflow_conf_set "core" "hostname_callable" "$AIRFLOW_HOSTNAME_CALLABLE" - # Configure Airflow to load examples - if is_boolean_yes "$AIRFLOW_LOAD_EXAMPLES"; then - airflow_conf_set "core" "load_examples" "True" - else - airflow_conf_set "core" "load_examples" "False" - fi - - # Configure Airflow database - airflow_configure_database - - # Configure the Webserver port - airflow_conf_set "webserver" "web_server_port" "$AIRFLOW_WEBSERVER_PORT_NUMBER" - - # Setup the secret keys for database connection and flask application (fernet key and secret key) - # ref: https://airflow.apache.org/docs/apache-airflow/stable/configurations-ref.html#fernet-key - # ref: https://airflow.apache.org/docs/apache-airflow/stable/configurations-ref.html#secret-key - [[ -n "$AIRFLOW_FERNET_KEY" ]] && airflow_conf_set "core" "fernet_key" "$AIRFLOW_FERNET_KEY" - [[ -n "$AIRFLOW_SECRET_KEY" ]] && airflow_conf_set "webserver" "secret_key" "$AIRFLOW_SECRET_KEY" - - # Configure Airflow executor - airflow_conf_set "core" "executor" "$AIRFLOW_EXECUTOR" - [[ "$AIRFLOW_EXECUTOR" == "CeleryExecutor" || "$AIRFLOW_EXECUTOR" == "CeleryKubernetesExecutor" ]] && airflow_configure_celery_executor - true # Avoid the function to fail due to the check above -} - -######################## -# Wait Ariflow webserver -# Globals: -# AIRFLOW_* -# Arguments: -# None -# Returns: -# None -######################### -airflow_scheduler_wait_for_webserver() { - local -r webserver_host="${1:?missing database host}" - local -r webserver_port="${2:?missing database port}" - check_webserver_connection() { - wait-for-port --host "$webserver_host" "$webserver_port" - } - if ! retry_while "check_webserver_connection"; then - error "Could not connect to the Airflow webserver" - return 1 - fi -} diff --git a/bitnami/airflow-scheduler/2/debian-11/rootfs/opt/bitnami/scripts/libpostgresqlclient.sh b/bitnami/airflow-scheduler/2/debian-11/rootfs/opt/bitnami/scripts/libpostgresqlclient.sh deleted file mode 100644 index 0c921ff1d2ef..000000000000 --- a/bitnami/airflow-scheduler/2/debian-11/rootfs/opt/bitnami/scripts/libpostgresqlclient.sh +++ /dev/null @@ -1,424 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami PostgreSQL Client library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh - -######################## -# Validate settings in POSTGRESQL_CLIENT_* environment variables -# Globals: -# POSTGRESQL_CLIENT_* -# Arguments: -# None -# Returns: -# None -######################### -postgresql_client_validate() { - info "Validating settings in POSTGRESQL_CLIENT_* env vars" - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - empty_password_enabled_warn() { - warn "You set the environment variable ALLOW_EMPTY_PASSWORD=${ALLOW_EMPTY_PASSWORD}. For safety reasons, do not use this flag in a production environment." - } - empty_password_error() { - print_validation_error "The $1 environment variable is empty or not set. Set the environment variable ALLOW_EMPTY_PASSWORD=yes to allow the container to be started with blank passwords. This is recommended only for development." - } - - # Only validate environment variables if any action needs to be performed - local -a database_names - read -r -a database_names <<< "$(tr ',;' ' ' <<< "$POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES")" - if [[ -n "$POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME" || "${#database_names[@]}" -gt 0 ]]; then - if is_boolean_yes "$ALLOW_EMPTY_PASSWORD"; then - empty_password_enabled_warn - else - if [[ -z "$POSTGRESQL_CLIENT_POSTGRES_PASSWORD" ]]; then - empty_password_error "POSTGRESQL_CLIENT_POSTGRES_PASSWORD" - fi - if [[ -n "$POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME" ]] && [[ -z "$POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD" ]]; then - empty_password_error "POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD" - fi - fi - fi - # When enabling extensions, the DB name must be provided - local -a extensions - read -r -a extensions <<< "$(tr ',;' ' ' <<< "$POSTGRESQL_CLIENT_CREATE_DATABASE_EXTENSIONS")" - if [[ "${#database_names[@]}" -le 0 && "${#extensions[@]}" -gt 0 ]]; then - print_validation_error "POSTGRESQL_CLIENT_CREATE_DATABASE_EXTENSIONS requires POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES to be set." - fi - return "$error_code" -} - -######################## -# Perform actions to a database -# Globals: -# POSTGRESQL_CLIENT_* -# Arguments: -# None -# Returns: -# None -######################### -postgresql_client_initialize() { - local -a database_names - read -r -a database_names <<< "$(tr ',;' ' ' <<< "$POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES")" - # Wait for the database to be accessible if any action needs to be performed - if [[ -n "$POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME" || "${#database_names[@]}" -gt 0 ]]; then - info "Trying to connect to the database server" - check_postgresql_connection() { - echo "SELECT 1" | postgresql_remote_execute "$POSTGRESQL_CLIENT_DATABASE_HOST" "$POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER" "postgres" "$POSTGRESQL_CLIENT_POSTGRES_USER" "$POSTGRESQL_CLIENT_POSTGRES_PASSWORD" - } - if ! retry_while "check_postgresql_connection"; then - error "Could not connect to the database server" - return 1 - fi - fi - # Ensure a database user exists in the server - if [[ -n "$POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME" ]]; then - info "Creating database user ${POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME}" - local -a args=("$POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME" "--host" "$POSTGRESQL_CLIENT_DATABASE_HOST" "--port" "$POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER") - [[ -n "$POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD" ]] && args+=("-p" "$POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD") - postgresql_ensure_user_exists "${args[@]}" - fi - # Ensure a database exists in the server (and that the user has write privileges, if specified) - if [[ "${#database_names[@]}" -gt 0 ]]; then - local -a createdb_args extensions - read -r -a extensions <<< "$(tr ',;' ' ' <<< "$POSTGRESQL_CLIENT_CREATE_DATABASE_EXTENSIONS")" - for database_name in "${database_names[@]}"; do - info "Creating database ${database_name}" - createdb_args=("$database_name" "--host" "$POSTGRESQL_CLIENT_DATABASE_HOST" "--port" "$POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER") - [[ -n "$POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME" ]] && createdb_args+=("-u" "$POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME") - postgresql_ensure_database_exists "${createdb_args[@]}" - # Ensure the list of extensions are enabled in the specified database - if [[ "${#extensions[@]}" -gt 0 ]]; then - for extension_to_create in "${extensions[@]}"; do - echo "CREATE EXTENSION IF NOT EXISTS ${extension_to_create}" | postgresql_remote_execute "$POSTGRESQL_CLIENT_DATABASE_HOST" "$POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER" "$database_name" "$POSTGRESQL_CLIENT_POSTGRES_USER" "$POSTGRESQL_CLIENT_POSTGRES_PASSWORD" - done - fi - done - fi - # Execute a custom SQL script - if [[ -n "$POSTGRESQL_CLIENT_EXECUTE_SQL" ]]; then - info "Executing custom SQL script" - echo "$POSTGRESQL_CLIENT_EXECUTE_SQL" | postgresql_remote_execute "$POSTGRESQL_CLIENT_DATABASE_HOST" "$POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER" "postgres" "$POSTGRESQL_CLIENT_POSTGRES_USER" "$POSTGRESQL_CLIENT_POSTGRES_PASSWORD" - fi - # Avoid exit code of previous commands to affect the result of this function - true -} - -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC2148 - -######################## -# Return PostgreSQL major version -# Globals: -# POSTGRESQL_* -# Arguments: -# None -# Returns: -# String -######################### -postgresql_get_major_version() { - psql --version | grep -oE "[0-9]+\.[0-9]+" | grep -oE "^[0-9]+" -} - -######################## -# Gets an environment variable name based on the suffix -# Arguments: -# $1 - environment variable suffix -# Returns: -# environment variable name -######################### -get_env_var_value() { - local env_var_suffix="${1:?missing suffix}" - local env_var_name - for env_var_prefix in POSTGRESQL POSTGRESQL_CLIENT; do - env_var_name="${env_var_prefix}_${env_var_suffix}" - if [[ -n "${!env_var_name:-}" ]]; then - echo "${!env_var_name}" - break - fi - done -} - -######################## -# Execute an arbitrary query/queries against the running PostgreSQL service and print the output -# Stdin: -# Query/queries to execute -# Globals: -# BITNAMI_DEBUG -# POSTGRESQL_* -# Arguments: -# $1 - Database where to run the queries -# $2 - User to run queries -# $3 - Password -# $4 - Extra options (eg. -tA) -# Returns: -# None -######################### -postgresql_execute_print_output() { - local -r db="${1:-}" - local -r user="${2:-postgres}" - local -r pass="${3:-}" - local opts - read -r -a opts <<<"${@:4}" - - local args=("-U" "$user" "-p" "${POSTGRESQL_PORT_NUMBER:-5432}") - [[ -n "$db" ]] && args+=("-d" "$db") - [[ "${#opts[@]}" -gt 0 ]] && args+=("${opts[@]}") - - # Execute the Query/queries from stdin - PGPASSWORD=$pass psql "${args[@]}" -} - -######################## -# Execute an arbitrary query/queries against the running PostgreSQL service -# Stdin: -# Query/queries to execute -# Globals: -# BITNAMI_DEBUG -# POSTGRESQL_* -# Arguments: -# $1 - Database where to run the queries -# $2 - User to run queries -# $3 - Password -# $4 - Extra options (eg. -tA) -# Returns: -# None -######################### -postgresql_execute() { - if [[ "${BITNAMI_DEBUG:-false}" = true ]]; then - "postgresql_execute_print_output" "$@" - elif [[ "${NO_ERRORS:-false}" = true ]]; then - "postgresql_execute_print_output" "$@" 2>/dev/null - else - "postgresql_execute_print_output" "$@" >/dev/null 2>&1 - fi -} - -######################## -# Execute an arbitrary query/queries against a remote PostgreSQL service and print to stdout -# Stdin: -# Query/queries to execute -# Globals: -# BITNAMI_DEBUG -# DB_* -# Arguments: -# $1 - Remote PostgreSQL service hostname -# $2 - Remote PostgreSQL service port -# $3 - Database where to run the queries -# $4 - User to run queries -# $5 - Password -# $6 - Extra options (eg. -tA) -# Returns: -# None -postgresql_remote_execute_print_output() { - local -r hostname="${1:?hostname is required}" - local -r port="${2:?port is required}" - local -a args=("-h" "$hostname" "-p" "$port") - shift 2 - "postgresql_execute_print_output" "$@" "${args[@]}" -} - -######################## -# Execute an arbitrary query/queries against a remote PostgreSQL service -# Stdin: -# Query/queries to execute -# Globals: -# BITNAMI_DEBUG -# DB_* -# Arguments: -# $1 - Remote PostgreSQL service hostname -# $2 - Remote PostgreSQL service port -# $3 - Database where to run the queries -# $4 - User to run queries -# $5 - Password -# $6 - Extra options (eg. -tA) -# Returns: -# None -postgresql_remote_execute() { - if [[ "${BITNAMI_DEBUG:-false}" = true ]]; then - "postgresql_remote_execute_print_output" "$@" - elif [[ "${NO_ERRORS:-false}" = true ]]; then - "postgresql_remote_execute_print_output" "$@" 2>/dev/null - else - "postgresql_remote_execute_print_output" "$@" >/dev/null 2>&1 - fi -} - -######################## -# Optionally create the given database user -# Flags: -# -p|--password - database password -# --host - database host -# --port - database port -# Arguments: -# $1 - user -# Returns: -# None -######################### -postgresql_ensure_user_exists() { - local -r user="${1:?user is missing}" - local password="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -p | --password) - shift - password="${1:?missing password}" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - local -a postgresql_execute_cmd=("postgresql_execute") - [[ -n "$db_host" && -n "$db_port" ]] && postgresql_execute_cmd=("postgresql_remote_execute" "$db_host" "$db_port") - local -a postgresql_execute_flags=("postgres" "$(get_env_var_value POSTGRES_USER)" "$(get_env_var_value POSTGRES_PASSWORD)") - - "${postgresql_execute_cmd[@]}" "${postgresql_execute_flags[@]}" <&2 - return 1 - ;; - esac - shift - done - - local -a postgresql_execute_cmd=("postgresql_execute") - [[ -n "$db_host" && -n "$db_port" ]] && postgresql_execute_cmd=("postgresql_remote_execute" "$db_host" "$db_port") - local -a postgresql_execute_flags=("postgres" "$(get_env_var_value POSTGRES_USER)" "$(get_env_var_value POSTGRES_PASSWORD)") - - "${postgresql_execute_cmd[@]}" "${postgresql_execute_flags[@]}" <> "$LOCALES_FILE" - else - echo "Locale ${locale} is already enabled" - fi -} - -if [[ "$WITH_ALL_LOCALES" =~ ^(yes|true|1)$ ]]; then - echo "Enabling all locales" - cp "$SUPPORTED_LOCALES_FILE" "$LOCALES_FILE" -else - # shellcheck disable=SC2001 - LOCALES_TO_ADD="$(sed 's/[,;]\s*/\n/g' <<< "$EXTRA_LOCALES")" - while [[ -n "$LOCALES_TO_ADD" ]] && read -r locale; do - echo "Enabling locale ${locale}" - enable_locale "$locale" - done <<< "$LOCALES_TO_ADD" -fi - -locale-gen diff --git a/bitnami/airflow-scheduler/2/debian-11/rootfs/opt/bitnami/scripts/postgresql-client-env.sh b/bitnami/airflow-scheduler/2/debian-11/rootfs/opt/bitnami/scripts/postgresql-client-env.sh deleted file mode 100644 index ddd1f09d06fd..000000000000 --- a/bitnami/airflow-scheduler/2/debian-11/rootfs/opt/bitnami/scripts/postgresql-client-env.sh +++ /dev/null @@ -1,88 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for postgresql-client - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-postgresql-client}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -postgresql_client_env_vars=( - ALLOW_EMPTY_PASSWORD - POSTGRESQL_CLIENT_DATABASE_HOST - POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER - POSTGRESQL_CLIENT_POSTGRES_USER - POSTGRESQL_CLIENT_POSTGRES_PASSWORD - POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES - POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME - POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD - POSTGRESQL_CLIENT_CREATE_DATABASE_EXTENSIONS - POSTGRESQL_CLIENT_EXECUTE_SQL - POSTGRESQL_HOST - POSTGRESQL_PORT_NUMBER - POSTGRESQL_CLIENT_ROOT_USER - POSTGRESQL_POSTGRES_USER - POSTGRESQL_ROOT_USER - POSTGRESQL_CLIENT_ROOT_PASSWORD - POSTGRESQL_POSTGRES_PASSWORD - POSTGRESQL_ROOT_PASSWORD - POSTGRESQL_CLIENT_CREATE_DATABASE_NAME - POSTGRESQL_CLIENT_CREATE_DATABASE_USER -) -for env_var in "${postgresql_client_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset postgresql_client_env_vars - -# Paths -export POSTGRESQL_BASE_DIR="/opt/bitnami/postgresql" -export POSTGRESQL_BIN_DIR="$POSTGRESQL_BASE_DIR/bin" -export PATH="${POSTGRESQL_BIN_DIR}:${PATH}" - -# PostgreSQL settings -export ALLOW_EMPTY_PASSWORD="${ALLOW_EMPTY_PASSWORD:-no}" -POSTGRESQL_CLIENT_DATABASE_HOST="${POSTGRESQL_CLIENT_DATABASE_HOST:-"${POSTGRESQL_HOST:-}"}" -export POSTGRESQL_CLIENT_DATABASE_HOST="${POSTGRESQL_CLIENT_DATABASE_HOST:-postgresql}" -POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER="${POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER:-"${POSTGRESQL_PORT_NUMBER:-}"}" -export POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER="${POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER:-5432}" -POSTGRESQL_CLIENT_POSTGRES_USER="${POSTGRESQL_CLIENT_POSTGRES_USER:-"${POSTGRESQL_CLIENT_ROOT_USER:-}"}" -POSTGRESQL_CLIENT_POSTGRES_USER="${POSTGRESQL_CLIENT_POSTGRES_USER:-"${POSTGRESQL_POSTGRES_USER:-}"}" -POSTGRESQL_CLIENT_POSTGRES_USER="${POSTGRESQL_CLIENT_POSTGRES_USER:-"${POSTGRESQL_ROOT_USER:-}"}" -export POSTGRESQL_CLIENT_POSTGRES_USER="${POSTGRESQL_CLIENT_POSTGRES_USER:-postgres}" # only used during the first initialization -POSTGRESQL_CLIENT_POSTGRES_PASSWORD="${POSTGRESQL_CLIENT_POSTGRES_PASSWORD:-"${POSTGRESQL_CLIENT_ROOT_PASSWORD:-}"}" -POSTGRESQL_CLIENT_POSTGRES_PASSWORD="${POSTGRESQL_CLIENT_POSTGRES_PASSWORD:-"${POSTGRESQL_POSTGRES_PASSWORD:-}"}" -POSTGRESQL_CLIENT_POSTGRES_PASSWORD="${POSTGRESQL_CLIENT_POSTGRES_PASSWORD:-"${POSTGRESQL_ROOT_PASSWORD:-}"}" -export POSTGRESQL_CLIENT_POSTGRES_PASSWORD="${POSTGRESQL_CLIENT_POSTGRES_PASSWORD:-}" # only used during the first initialization -POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES="${POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES:-"${POSTGRESQL_CLIENT_CREATE_DATABASE_NAME:-}"}" -export POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES="${POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES:-}" # only used during the first initialization -POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME="${POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME:-"${POSTGRESQL_CLIENT_CREATE_DATABASE_USER:-}"}" -export POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME="${POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME:-}" # only used during the first initialization -export POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD="${POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD:-}" # only used during the first initialization -export POSTGRESQL_CLIENT_CREATE_DATABASE_EXTENSIONS="${POSTGRESQL_CLIENT_CREATE_DATABASE_EXTENSIONS:-}" # only used during the first initialization -export POSTGRESQL_CLIENT_EXECUTE_SQL="${POSTGRESQL_CLIENT_EXECUTE_SQL:-}" # only used during the first initialization - -# Custom environment variables may be defined below diff --git a/bitnami/airflow-scheduler/2/debian-11/rootfs/opt/bitnami/scripts/postgresql-client/setup.sh b/bitnami/airflow-scheduler/2/debian-11/rootfs/opt/bitnami/scripts/postgresql-client/setup.sh deleted file mode 100755 index ff786a6f712b..000000000000 --- a/bitnami/airflow-scheduler/2/debian-11/rootfs/opt/bitnami/scripts/postgresql-client/setup.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libpostgresqlclient.sh - -# Load PostgreSQL Client environment variables -. /opt/bitnami/scripts/postgresql-client-env.sh - -# Ensure PostgreSQL Client environment variables settings are valid -postgresql_client_validate -# Ensure PostgreSQL Client is initialized -postgresql_client_initialize diff --git a/bitnami/airflow-scheduler/2/debian-11/tags-info.yaml b/bitnami/airflow-scheduler/2/debian-11/tags-info.yaml deleted file mode 100644 index bd9d3572b884..000000000000 --- a/bitnami/airflow-scheduler/2/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "2" -- 2-debian-11 -- 2.8.1 -- latest diff --git a/bitnami/airflow-worker/2/debian-11/Dockerfile b/bitnami/airflow-worker/2/debian-11/Dockerfile deleted file mode 100644 index e5da48cf3188..000000000000 --- a/bitnami/airflow-worker/2/debian-11/Dockerfile +++ /dev/null @@ -1,75 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T04:29:30Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="2.8.1-debian-11-r29" \ - org.opencontainers.image.title="airflow-worker" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="2.8.1" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl git krb5-user libbsd0 libbz2-1.0 libcom-err2 libcrypt1 libedit2 libffi7 libgcc-s1 libgmp10 libgnutls30 libgss-dev libgssapi-krb5-2 libhogweed6 libicu67 libidn2-0 libk5crypto3 libkeyutils1 libkrb5-3 libkrb5-dev libkrb5support0 libldap-2.4-2 liblz4-1 liblzma5 libmariadb3 libmd0 libncursesw6 libnettle8 libnsl2 libp11-kit0 libreadline8 libsasl2-2 libsasl2-modules libsqlite3-0 libssl1.1 libstdc++6 libsybdb5 libtasn1-6 libtinfo6 libtirpc3 libunistring2 libuuid1 libxml2 libxslt1.1 locales netbase procps tzdata zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "wait-for-port-1.0.7-9-linux-${OS_ARCH}-debian-11" \ - "python-3.11.8-0-linux-${OS_ARCH}-debian-11" \ - "postgresql-client-16.2.0-0-linux-${OS_ARCH}-debian-11" \ - "ini-file-1.4.6-9-linux-${OS_ARCH}-debian-11" \ - "airflow-worker-2.8.1-4-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN localedef -c -f UTF-8 -i en_US en_US.UTF-8 -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN update-locale LANG=C.UTF-8 LC_MESSAGES=POSIX && \ - DEBIAN_FRONTEND=noninteractive dpkg-reconfigure locales -RUN echo 'en_US.UTF-8 UTF-8' >> /etc/locale.gen && locale-gen -RUN mkdir /.local && chmod g+rwX /.local - -COPY rootfs / -RUN /opt/bitnami/scripts/airflow-worker/postunpack.sh -RUN /opt/bitnami/scripts/locales/add-extra-locales.sh -ENV AIRFLOW_HOME="/opt/bitnami/airflow" \ - APP_VERSION="2.8.1" \ - BITNAMI_APP_NAME="airflow-worker" \ - C_FORCE_ROOT="True" \ - LANG="en_US.UTF-8" \ - LANGUAGE="en_US:en" \ - LD_LIBRARY_PATH="/opt/bitnami/airflow/venv/lib/python3.8/site-packages/numpy.libs:/opt/bitnami/python/lib:$LD_LIBRARY_PATH" \ - LIBNSS_WRAPPER_PATH="/opt/bitnami/common/lib/libnss_wrapper.so" \ - LNAME="airflow" \ - NSS_WRAPPER_GROUP="/opt/bitnami/airflow/nss_group" \ - NSS_WRAPPER_PASSWD="/opt/bitnami/airflow/nss_passwd" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/python/bin:/opt/bitnami/postgresql/bin:/opt/bitnami/airflow/venv/bin:$PATH" - -EXPOSE 8793 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/airflow-worker/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/airflow-worker/run.sh" ] diff --git a/bitnami/airflow-worker/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/airflow-worker/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 99e7f0870bb6..000000000000 --- a/bitnami/airflow-worker/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,32 +0,0 @@ -{ - "airflow-worker": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.8.1-4" - }, - "ini-file": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.4.6-9" - }, - "postgresql-client": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "16.2.0-0" - }, - "python": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.11.8-0" - }, - "wait-for-port": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.7-9" - } -} \ No newline at end of file diff --git a/bitnami/airflow-worker/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/airflow-worker/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/airflow-worker/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/airflow-worker/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/airflow-worker/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/airflow-worker/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/airflow-worker/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/airflow-worker/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/airflow-worker/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/airflow-worker/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/airflow-worker/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/airflow-worker/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/airflow-worker/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/airflow-worker/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/airflow-worker/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/airflow-worker/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/airflow-worker/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/airflow-worker/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/airflow-worker/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/airflow-worker/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/airflow-worker/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/airflow-worker/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/airflow-worker/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/airflow-worker/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/airflow-worker/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/airflow-worker/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/airflow-worker/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/airflow-worker/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/airflow-worker/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/airflow-worker/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/airflow-worker/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/airflow-worker/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/airflow-worker/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/airflow-worker/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/airflow-worker/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/airflow-worker/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/airflow-worker/2/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/airflow-worker/2/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/airflow-worker/2/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/airflow-worker/2/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/airflow-worker/2/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/airflow-worker/2/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/airflow-worker/2/debian-11/rootfs/opt/bitnami/scripts/airflow-worker-env.sh b/bitnami/airflow-worker/2/debian-11/rootfs/opt/bitnami/scripts/airflow-worker-env.sh deleted file mode 100644 index dc78dce44e75..000000000000 --- a/bitnami/airflow-worker/2/debian-11/rootfs/opt/bitnami/scripts/airflow-worker-env.sh +++ /dev/null @@ -1,101 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for airflow-worker - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-airflow-worker}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -airflow_worker_env_vars=( - AIRFLOW_EXECUTOR - AIRFLOW_RAW_FERNET_KEY - AIRFLOW_FERNET_KEY - AIRFLOW_SECRET_KEY - AIRFLOW_WEBSERVER_HOST - AIRFLOW_WEBSERVER_PORT_NUMBER - AIRFLOW_HOSTNAME_CALLABLE - AIRFLOW_QUEUE - AIRFLOW_DATABASE_HOST - AIRFLOW_DATABASE_PORT_NUMBER - AIRFLOW_DATABASE_NAME - AIRFLOW_DATABASE_USERNAME - AIRFLOW_DATABASE_PASSWORD - AIRFLOW_DATABASE_USE_SSL - AIRFLOW_REDIS_USE_SSL - REDIS_HOST - REDIS_PORT_NUMBER - REDIS_USER - REDIS_PASSWORD - REDIS_DATABASE -) -for env_var in "${airflow_worker_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset airflow_worker_env_vars - -# Airflow paths -export AIRFLOW_BASE_DIR="${BITNAMI_ROOT_DIR}/airflow" -export AIRFLOW_HOME="${AIRFLOW_BASE_DIR}" -export AIRFLOW_BIN_DIR="${AIRFLOW_BASE_DIR}/venv/bin" -export AIRFLOW_LOGS_DIR="${AIRFLOW_BASE_DIR}/logs" -export AIRFLOW_LOG_FILE="${AIRFLOW_LOGS_DIR}/airflow-worker.log" -export AIRFLOW_CONF_FILE="${AIRFLOW_BASE_DIR}/airflow.cfg" -export AIRFLOW_TMP_DIR="${AIRFLOW_BASE_DIR}/tmp" -export AIRFLOW_PID_FILE="${AIRFLOW_TMP_DIR}/airflow-worker.pid" -export AIRFLOW_DAGS_DIR="${AIRFLOW_BASE_DIR}/dags" -export PATH="${AIRFLOW_BIN_DIR}:${BITNAMI_ROOT_DIR}/common/bin:${PATH}" - -# System users (when running with a privileged user) -export AIRFLOW_DAEMON_USER="airflow" -export AIRFLOW_DAEMON_GROUP="airflow" - -# Airflow configuration -export AIRFLOW_EXECUTOR="${AIRFLOW_EXECUTOR:-SequentialExecutor}" -export AIRFLOW_RAW_FERNET_KEY="${AIRFLOW_RAW_FERNET_KEY:-}" -export AIRFLOW_FERNET_KEY="${AIRFLOW_FERNET_KEY:-}" -export AIRFLOW_SECRET_KEY="${AIRFLOW_SECRET_KEY:-}" -export AIRFLOW_WEBSERVER_HOST="${AIRFLOW_WEBSERVER_HOST:-127.0.0.1}" -export AIRFLOW_WEBSERVER_PORT_NUMBER="${AIRFLOW_WEBSERVER_PORT_NUMBER:-8080}" -export AIRFLOW_HOSTNAME_CALLABLE="${AIRFLOW_HOSTNAME_CALLABLE:-}" -export AIRFLOW_QUEUE="${AIRFLOW_QUEUE:-}" - -# Airflow database configuration -export AIRFLOW_DATABASE_HOST="${AIRFLOW_DATABASE_HOST:-postgresql}" -export AIRFLOW_DATABASE_PORT_NUMBER="${AIRFLOW_DATABASE_PORT_NUMBER:-5432}" -export AIRFLOW_DATABASE_NAME="${AIRFLOW_DATABASE_NAME:-bitnami_airflow}" -export AIRFLOW_DATABASE_USERNAME="${AIRFLOW_DATABASE_USERNAME:-bn_airflow}" -export AIRFLOW_DATABASE_PASSWORD="${AIRFLOW_DATABASE_PASSWORD:-}" -export AIRFLOW_DATABASE_USE_SSL="${AIRFLOW_DATABASE_USE_SSL:-no}" -export AIRFLOW_REDIS_USE_SSL="${AIRFLOW_REDIS_USE_SSL:-no}" -export REDIS_HOST="${REDIS_HOST:-redis}" -export REDIS_PORT_NUMBER="${REDIS_PORT_NUMBER:-6379}" -export REDIS_USER="${REDIS_USER:-}" -export REDIS_PASSWORD="${REDIS_PASSWORD:-}" -export REDIS_DATABASE="${REDIS_DATABASE:-1}" - -# Custom environment variables may be defined below diff --git a/bitnami/airflow-worker/2/debian-11/rootfs/opt/bitnami/scripts/airflow-worker/entrypoint.sh b/bitnami/airflow-worker/2/debian-11/rootfs/opt/bitnami/scripts/airflow-worker/entrypoint.sh deleted file mode 100755 index 37b8a7e31e5b..000000000000 --- a/bitnami/airflow-worker/2/debian-11/rootfs/opt/bitnami/scripts/airflow-worker/entrypoint.sh +++ /dev/null @@ -1,44 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load Airflow environment variables -. /opt/bitnami/scripts/airflow-worker-env.sh - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/libairflowworker.sh - -print_welcome_page - -if ! am_i_root && [[ -e "$LIBNSS_WRAPPER_PATH" ]]; then - info "Enabling non-root system user with nss_wrapper" - echo "airflow:x:$(id -u):$(id -g):Airflow:$AIRFLOW_HOME:/bin/false" > "$NSS_WRAPPER_PASSWD" - echo "airflow:x:$(id -g):" > "$NSS_WRAPPER_GROUP" - - export LD_PRELOAD="$LIBNSS_WRAPPER_PATH" - export HOME="$AIRFLOW_HOME" -fi - -# Install custom python package if requirements.txt is present -if [[ -f "/bitnami/python/requirements.txt" ]]; then - . /opt/bitnami/airflow/venv/bin/activate - pip install -r /bitnami/python/requirements.txt - deactivate -fi - -if [[ "$*" = *"/opt/bitnami/scripts/airflow-worker/run.sh"* || "$*" = *"/run.sh"* ]]; then - info "** Starting Airflow setup **" - /opt/bitnami/scripts/airflow-worker/setup.sh - info "** Airflow setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/airflow-worker/2/debian-11/rootfs/opt/bitnami/scripts/airflow-worker/postunpack.sh b/bitnami/airflow-worker/2/debian-11/rootfs/opt/bitnami/scripts/airflow-worker/postunpack.sh deleted file mode 100755 index aa1fbfa7dac7..000000000000 --- a/bitnami/airflow-worker/2/debian-11/rootfs/opt/bitnami/scripts/airflow-worker/postunpack.sh +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load Airflow environment variables -. /opt/bitnami/scripts/airflow-worker-env.sh - -# Load libraries -. /opt/bitnami/scripts/libairflowworker.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh - -ensure_dir_exists "$AIRFLOW_BASE_DIR" -# Ensure the needed directories exist with write permissions -for dir in "$AIRFLOW_TMP_DIR" "$AIRFLOW_LOGS_DIR" "$AIRFLOW_DAGS_DIR"; do - ensure_dir_exists "$dir" - configure_permissions_ownership "$dir" -d "775" -f "664" -g "root" -done - -chmod -R g+rwX "$AIRFLOW_BASE_DIR" diff --git a/bitnami/airflow-worker/2/debian-11/rootfs/opt/bitnami/scripts/airflow-worker/run.sh b/bitnami/airflow-worker/2/debian-11/rootfs/opt/bitnami/scripts/airflow-worker/run.sh deleted file mode 100755 index 9c030fbb0c59..000000000000 --- a/bitnami/airflow-worker/2/debian-11/rootfs/opt/bitnami/scripts/airflow-worker/run.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load Airflow environment variables -. /opt/bitnami/scripts/airflow-worker-env.sh - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libairflowworker.sh - -EXEC="${AIRFLOW_BIN_DIR}/airflow" -args=("celery" "worker") -if [[ -n "$AIRFLOW_QUEUE" ]]; then - args+=("-q" "$AIRFLOW_QUEUE") -fi -args+=("--pid" "$AIRFLOW_PID_FILE" "$@") - -info "** Starting Airflow **" -if am_i_root; then - exec_as_user "$AIRFLOW_DAEMON_USER" "$EXEC" "${args[@]}" -else - exec "$EXEC" "${args[@]}" -fi diff --git a/bitnami/airflow-worker/2/debian-11/rootfs/opt/bitnami/scripts/airflow-worker/setup.sh b/bitnami/airflow-worker/2/debian-11/rootfs/opt/bitnami/scripts/airflow-worker/setup.sh deleted file mode 100755 index 2d14c90d2e2f..000000000000 --- a/bitnami/airflow-worker/2/debian-11/rootfs/opt/bitnami/scripts/airflow-worker/setup.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load Airflow environment variables -. /opt/bitnami/scripts/airflow-worker-env.sh - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libairflowworker.sh - -# Ensure Airflow environment variables settings are valid -airflow_worker_validate -# Ensure Airflow daemon user exists when running as root -am_i_root && ensure_user_exists "$AIRFLOW_DAEMON_USER" --group "$AIRFLOW_DAEMON_GROUP" -# Ensure Airflow is initialized -airflow_worker_initialize diff --git a/bitnami/airflow-worker/2/debian-11/rootfs/opt/bitnami/scripts/libairflow.sh b/bitnami/airflow-worker/2/debian-11/rootfs/opt/bitnami/scripts/libairflow.sh deleted file mode 100644 index b21d4cb26ed7..000000000000 --- a/bitnami/airflow-worker/2/debian-11/rootfs/opt/bitnami/scripts/libairflow.sh +++ /dev/null @@ -1,552 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# Bitnami Airflow library - -# shellcheck disable=SC1091,SC2153 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libpersistence.sh - -# Load database library -if [[ -f /opt/bitnami/scripts/libpostgresqlclient.sh ]]; then - . /opt/bitnami/scripts/libpostgresqlclient.sh -elif [[ -f /opt/bitnami/scripts/libpostgresql.sh ]]; then - . /opt/bitnami/scripts/libpostgresql.sh -fi - -# Functions - -######################## -# Validate Airflow inputs -# Globals: -# AIRFLOW_* -# Arguments: -# None -# Returns: -# 0 if the validation succeeded, 1 otherwise -######################### -airflow_validate() { - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - check_multi_value() { - if [[ " ${2} " != *" ${!1} "* ]]; then - print_validation_error "The allowed values for ${1} are: ${2}" - fi - } - - # Check postgresql host - [[ -z "$AIRFLOW_DATABASE_HOST" ]] && print_validation_error "Missing AIRFLOW_DATABASE_HOST" - - # Check LDAP parameters - if is_boolean_yes "$AIRFLOW_LDAP_ENABLE"; then - [[ -z "$AIRFLOW_LDAP_URI" ]] && print_validation_error "Missing AIRFLOW_LDAP_URI" - [[ -z "$AIRFLOW_LDAP_SEARCH" ]] && print_validation_error "Missing AIRFLOW_LDAP_SEARCH" - [[ -z "$AIRFLOW_LDAP_UID_FIELD" ]] && print_validation_error "Missing AIRFLOW_LDAP_UID_FIELD" - [[ -z "$AIRFLOW_LDAP_BIND_USER" ]] && print_validation_error "Missing AIRFLOW_LDAP_BIND_USER" - [[ -z "$AIRFLOW_LDAP_BIND_PASSWORD" ]] && print_validation_error "Missing AIRFLOW_LDAP_BIND_PASSWORD" - [[ -z "$AIRFLOW_LDAP_ROLES_MAPPING" ]] && print_validation_error "Missing AIRFLOW_LDAP_ROLES_MAPPING" - [[ -z "$AIRFLOW_LDAP_ROLES_SYNC_AT_LOGIN" ]] && print_validation_error "Missing AIRFLOW_LDAP_ROLES_SYNC_AT_LOGIN" - [[ -z "$AIRFLOW_LDAP_USER_REGISTRATION" ]] && print_validation_error "Missing AIRFLOW_LDAP_USER_REGISTRATION" - [[ -z "$AIRFLOW_LDAP_USER_REGISTRATION_ROLE" ]] && print_validation_error "Missing AIRFLOW_LDAP_USER_REGISTRATION_ROLE" - - # Chack boolean env vars contain valid values - for var in "AIRFLOW_LDAP_USER_REGISTRATION" "AIRFLOW_LDAP_ROLES_SYNC_AT_LOGIN" "AIRFLOW_LDAP_USE_TLS"; do - check_multi_value "$var" "True False" - done - - if [[ "$AIRFLOW_LDAP_USE_TLS" == "True" ]]; then - [[ -z "$AIRFLOW_LDAP_ALLOW_SELF_SIGNED" ]] && print_validation_error "Missing AIRFLOW_LDAP_ALLOW_SELF_SIGNED" - [[ -z "$AIRFLOW_LDAP_TLS_CA_CERTIFICATE" ]] && print_validation_error "Missing AIRFLOW_LDAP_TLS_CA_CERTIFICATE" - fi - - fi - - # Check pool parameters - if [[ -n "$AIRFLOW_POOL_NAME" ]]; then - [[ -z "$AIRFLOW_POOL_DESC" ]] && print_validation_error "Provided AIRFLOW_POOL_NAME but missing AIRFLOW_POOL_DESC" - [[ -z "$AIRFLOW_POOL_SIZE" ]] && print_validation_error "Provided AIRFLOW_POOL_NAME but missing AIRFLOW_POOL_SIZE" - fi - - # Check cryptography parameters - if [[ -n "$AIRFLOW_RAW_FERNET_KEY" && -z "$AIRFLOW_FERNET_KEY" ]]; then - local fernet_char_count - fernet_char_count="$(echo -n "$AIRFLOW_RAW_FERNET_KEY")" - if [[ "$fernet_char_count" -lt 32 ]]; then - print_validation_error "AIRFLOW_RAW_FERNET_KEY must have at least 32 characters" - elif [[ "$fernet_char_count" -gt 32 ]]; then - warn "AIRFLOW_RAW_FERNET_KEY has more than 32 characters, the rest will be ignored" - fi - AIRFLOW_FERNET_KEY="$(echo -n "${AIRFLOW_RAW_FERNET_KEY:0:32}" | base64)" - fi - - return "$error_code" -} - -######################## -# Ensure Airflow is initialized -# Globals: -# AIRFLOW_* -# Arguments: -# None -# Returns: -# None -######################### -airflow_initialize() { - info "Initializing Airflow ..." - - # Change permissions if running as root - for dir in "$AIRFLOW_TMP_DIR" "$AIRFLOW_LOGS_DIR" "$AIRFLOW_DAGS_DIR"; do - ensure_dir_exists "$dir" - am_i_root && chown "$AIRFLOW_DAEMON_USER:$AIRFLOW_DAEMON_GROUP" "$dir" - done - - # The configuration file is not persisted. If it is not provided, generate it based on env vars - if [[ ! -f "$AIRFLOW_CONF_FILE" ]]; then - info "No injected configuration file found. Creating default config file" - airflow_generate_config - else - info "Configuration file found, loading configuration" - fi - - info "Trying to connect to the database server" - airflow_wait_for_postgresql_connection - # Check if the Airflow database has been already initialized - if ! airflow_execute db check-migrations; then - # Delete pid file - rm -f "$AIRFLOW_PID_FILE" - - # Initialize database - info "Populating database" - airflow_execute db init - - airflow_create_admin_user - airflow_create_pool - else - # Upgrade database - info "Upgrading database schema" - airflow_execute db upgrade - true # Avoid return false when I am not root - fi -} - -######################## -# Executes the 'airflow' CLI with the specified arguments and print result to stdout/stderr -# Globals: -# AIRFLOW_* -# Arguments: -# $1..$n - Arguments to pass to the CLI call -# Returns: -# None -######################### -airflow_execute_print_output() { - # Run as web server user to avoid having to change permissions/ownership afterwards - if am_i_root; then - run_as_user "$AIRFLOW_DAEMON_USER" airflow "$@" - else - airflow "$@" - fi -} - -######################## -# Executes the 'airflow' CLI with the specified arguments -# Globals: -# AIRFLOW_* -# Arguments: -# $1..$n - Arguments to pass to the CLI call -# Returns: -# None -######################### -airflow_execute() { - debug_execute airflow_execute_print_output "$@" -} - -######################## -# Generate Airflow conf file -# Globals: -# AIRFLOW_* -# Arguments: -# None -# Returns: -# None -######################### -airflow_generate_config() { - # Create Airflow confirguration from default files - [[ ! -f "$AIRFLOW_CONF_FILE" ]] && cp "$(find "$AIRFLOW_BASE_DIR" -name default_airflow.cfg)" "$AIRFLOW_CONF_FILE" - [[ -n "$AIRFLOW_WEBSERVER_CONF_FILE" ]] && [[ ! -f "$AIRFLOW_WEBSERVER_CONF_FILE" ]] && cp "$(find "$AIRFLOW_BASE_DIR" -name default_webserver_config.py)" "$AIRFLOW_WEBSERVER_CONF_FILE" - - # Setup Airflow base URL - airflow_configure_base_url - # Configure Airflow Hostname - [[ -n "$AIRFLOW_HOSTNAME_CALLABLE" ]] && airflow_conf_set "core" "hostname_callable" "$AIRFLOW_HOSTNAME_CALLABLE" - # Configure Airflow webserver authentication - airflow_configure_webserver_authentication - # Configure Airflow to load examples - if is_boolean_yes "$AIRFLOW_LOAD_EXAMPLES"; then - airflow_conf_set "core" "load_examples" "True" - else - airflow_conf_set "core" "load_examples" "False" - fi - # Configure Airflow database - airflow_configure_database - - # Configure the Webserver port - airflow_conf_set "webserver" "web_server_port" "$AIRFLOW_WEBSERVER_PORT_NUMBER" - - # Setup the secret keys for database connection and flask application (fernet key and secret key) - # ref: https://airflow.apache.org/docs/apache-airflow/stable/configurations-ref.html#fernet-key - # ref: https://airflow.apache.org/docs/apache-airflow/stable/configurations-ref.html#secret-key - [[ -n "$AIRFLOW_FERNET_KEY" ]] && airflow_conf_set "core" "fernet_key" "$AIRFLOW_FERNET_KEY" - [[ -n "$AIRFLOW_SECRET_KEY" ]] && airflow_conf_set "webserver" "secret_key" "$AIRFLOW_SECRET_KEY" - - # Configure Airflow executor - airflow_conf_set "core" "executor" "$AIRFLOW_EXECUTOR" - [[ "$AIRFLOW_EXECUTOR" == "CeleryExecutor" || "$AIRFLOW_EXECUTOR" == "CeleryKubernetesExecutor" ]] && airflow_configure_celery_executor - true # Avoid the function to fail due to the check above -} - -######################## -# Set property on the Airflow configuration file -# Globals: -# AIRFLOW_* -# Arguments: -# None -# Returns: -# None -######################### -airflow_conf_set() { - local -r section="${1:?section is required}" - local -r key="${2:?key is required}" - local -r value="${3:?value is required}" - local -r file="${4:-${AIRFLOW_CONF_FILE}}" - - ini-file set --section "$section" --key "$key" --value "$value" "$file" -} - -######################## -# Configure Airflow base url -# Globals: -# AIRFLOW_* -# Arguments: -# None -# Returns: -# None -######################### -airflow_configure_base_url() { - if [[ -z "$AIRFLOW_BASE_URL" ]]; then - airflow_conf_set "webserver" "base_url" "http://${AIRFLOW_WEBSERVER_HOST}:${AIRFLOW_WEBSERVER_PORT_NUMBER}" - else - airflow_conf_set "webserver" "base_url" "$AIRFLOW_BASE_URL" - fi -} - -######################## -# Configure Airflow webserver authentication -# Globals: -# AIRFLOW_* -# Arguments: -# None -# Returns: -# None -######################### -airflow_configure_webserver_authentication() { - info "Configuring Airflow webserver authentication" - airflow_conf_set "webserver" "rbac" "true" - - if is_boolean_yes "$AIRFLOW_LDAP_ENABLE"; then - info "Enabling LDAP authentication" - # Based on PR https://github.com/apache/airflow/pull/16647 - replace_in_file "$AIRFLOW_WEBSERVER_CONF_FILE" "# from airflow.www.fab_security.manager import AUTH_LDAP" "from airflow.www.fab_security.manager import AUTH_LDAP" - replace_in_file "$AIRFLOW_WEBSERVER_CONF_FILE" "from airflow.www.fab_security.manager import AUTH_DB" "# from airflow.www.fab_security.manager import AUTH_DB" - - # webserver config - airflow_webserver_conf_set "AUTH_TYPE" "AUTH_LDAP" - airflow_webserver_conf_set "AUTH_LDAP_SERVER" "$AIRFLOW_LDAP_URI" "yes" - - # searches - airflow_webserver_conf_set "AUTH_LDAP_SEARCH" "$AIRFLOW_LDAP_SEARCH" "yes" - airflow_webserver_conf_set "AUTH_LDAP_UID_FIELD" "$AIRFLOW_LDAP_UID_FIELD" "yes" - - # Special account for searches - airflow_webserver_conf_set "AUTH_LDAP_BIND_USER" "$AIRFLOW_LDAP_BIND_USER" "yes" - airflow_webserver_conf_set "AUTH_LDAP_BIND_PASSWORD" "$AIRFLOW_LDAP_BIND_PASSWORD" "yes" - - # User self registration - airflow_webserver_conf_set "AUTH_USER_REGISTRATION" "$AIRFLOW_LDAP_USER_REGISTRATION" - airflow_webserver_conf_set "AUTH_USER_REGISTRATION_ROLE" "$AIRFLOW_LDAP_USER_REGISTRATION_ROLE" "yes" - - # Mapping from LDAP DN to list of FAB roles - airflow_webserver_conf_set "AUTH_ROLES_MAPPING" "$AIRFLOW_LDAP_ROLES_MAPPING" - - # Replace user's roles at login - airflow_webserver_conf_set "AUTH_ROLES_SYNC_AT_LOGIN" "$AIRFLOW_LDAP_ROLES_SYNC_AT_LOGIN" - - # Allowing/Denying of self signed certs for StartTLS OR SSL ldaps:// connections - airflow_webserver_conf_set "AUTH_LDAP_ALLOW_SELF_SIGNED" "$AIRFLOW_LDAP_ALLOW_SELF_SIGNED" - - # If StartTLS supply cert - if [[ "$AIRFLOW_LDAP_USE_TLS" == "True" ]]; then - airflow_webserver_conf_set "AUTH_LDAP_TLS_CACERTFILE" "$AIRFLOW_LDAP_TLS_CA_CERTIFICATE" "yes" - fi - fi -} - -######################## -# Set properties in Airflow's webserver_config.py -# Globals: -# AIRFLOW_* -# Arguments: -# None -# Returns: -# None -######################### -airflow_webserver_conf_set() { - local -r key="${1:?missing key}" - local -r value="${2:?missing key}" - local -r is_literal="${3:-no}" - shift 2 - - local -r file="$AIRFLOW_WEBSERVER_CONF_FILE" - # Check if the value was set before - if grep -q "^#*\\s*${key} =.*$" "$file"; then - local entry - is_boolean_yes "$is_literal" && entry="${key} = '${value}'" || entry="${key} = ${value}" - # Update the existing key - replace_in_file "$file" "^#*\\s*${key} =.*$" "$entry" false - else - # Add a new key - local new_value="$value" - is_boolean_yes "$is_literal" && new_value="'${value}'" - printf '\n%s = %s' "$key" "$new_value" >>"$file" - fi -} - -######################## -# Configure Airflow database -# Globals: -# AIRFLOW_* -# Arguments: -# None -# Returns: -# None -######################### -airflow_configure_database() { - local -r user=$(airflow_encode_url "$AIRFLOW_DATABASE_USERNAME") - local -r password=$(airflow_encode_url "$AIRFLOW_DATABASE_PASSWORD") - local extra_options - is_boolean_yes "$AIRFLOW_DATABASE_USE_SSL" && extra_options="?sslmode=require" - - info "Configuring Airflow database" - airflow_conf_set "database" "sql_alchemy_conn" "postgresql+psycopg2://${user}:${password}@${AIRFLOW_DATABASE_HOST}:${AIRFLOW_DATABASE_PORT_NUMBER}/${AIRFLOW_DATABASE_NAME}${extra_options:-}" -} - -######################## -# Return URL encoded string in the airflow conf format -# Globals: -# AIRFLOW_* -# Arguments: -# None -# Returns: -# None -######################### -airflow_encode_url() { - local -r url="${1?Missing url}" - - urlencode() { - old_lc_collate="${LC_COLLATE:-}" - LC_COLLATE=C - - local length="${#1}" - for ((i = 0; i < length; i++)); do - local c="${1:$i:1}" - case $c in - [a-zA-Z0-9.~_-]) printf '%s' "$c" ;; - *) printf '%%%02X' "'$c" ;; - esac - done - - LC_COLLATE="$old_lc_collate" - } - - local -r url_encoded=$(urlencode "$url") - # Replace % by %% - echo "${url_encoded//\%/\%\%}" -} - -######################## -# Configure Airflow celery executor -# Globals: -# AIRFLOW_* -# Arguments: -# None -# Returns: -# None -######################### -airflow_configure_celery_executor() { - info "Configuring Celery Executor" - - # Configure celery Redis url - local -r redis_user=$(airflow_encode_url "$REDIS_USER") - local -r redis_password=$(airflow_encode_url "$REDIS_PASSWORD") - airflow_conf_set "celery" "broker_url" "redis://${redis_user}:${redis_password}@${REDIS_HOST}:${REDIS_PORT_NUMBER}/${REDIS_DATABASE}" - is_boolean_yes "$AIRFLOW_REDIS_USE_SSL" && airflow_conf_set "celery" "broker_url" "rediss://${redis_user}:${redis_password}@${REDIS_HOST}:${REDIS_PORT_NUMBER}/${REDIS_DATABASE}" - is_boolean_yes "$AIRFLOW_REDIS_USE_SSL" && airflow_conf_set "celery" "redis_backend_use_ssl" "true" - - # Configure celery backend - local -r database_user=$(airflow_encode_url "$AIRFLOW_DATABASE_USERNAME") - local -r database_password=$(airflow_encode_url "$AIRFLOW_DATABASE_PASSWORD") - local database_extra_options - is_boolean_yes "$AIRFLOW_DATABASE_USE_SSL" && database_extra_options="?sslmode=require" - airflow_conf_set "celery" "result_backend" "db+postgresql://${database_user}:${database_password}@${AIRFLOW_DATABASE_HOST}:${AIRFLOW_DATABASE_PORT_NUMBER}/${AIRFLOW_DATABASE_NAME}${database_extra_options:-}" -} - -######################## -# Wait until the database is accessible -# Globals: -# None -# Arguments: -# None -# Returns: -# true if the database connection succeeded, false otherwise -######################### -airflow_wait_for_postgresql_connection() { - if ! retry_while "airflow_execute db check"; then - error "Could not connect to the database" - return 1 - fi -} - -######################## -# Airflow create admin user -# Arguments: -# None -# Returns: -# None -######################### -airflow_create_admin_user() { - info "Creating Airflow admin user" - airflow_execute users create -r "Admin" -u "$AIRFLOW_USERNAME" -e "$AIRFLOW_EMAIL" -p "$AIRFLOW_PASSWORD" -f "$AIRFLOW_FIRSTNAME" -l "$AIRFLOW_LASTNAME" -} - -######################## -# Airflow create pool -# Arguments: -# None -# Returns: -# None -######################### -airflow_create_pool() { - if [[ -n "$AIRFLOW_POOL_NAME" ]] && [[ -n "$AIRFLOW_POOL_SIZE" ]] && [[ -n "$AIRFLOW_POOL_DESC" ]]; then - info "Creating Airflow pool" - airflow_execute pool -s "$AIRFLOW_POOL_NAME" "$AIRFLOW_POOL_SIZE" "$AIRFLOW_POOL_DESC" - fi -} - -######################## -# Check if Airflow is running -# Globals: -# AIRFLOW_PID_FILE -# Arguments: -# None -# Returns: -# Whether Airflow is running -######################## -is_airflow_running() { - local pid - pid="$(get_pid_from_file "$AIRFLOW_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if Airflow is not running -# Globals: -# AIRFLOW_PID_FILE -# Arguments: -# None -# Returns: -# Whether Airflow is not running -######################## -is_airflow_not_running() { - ! is_airflow_running -} - -######################## -# Stop Airflow -# Globals: -# AIRFLOW* -# Arguments: -# None -# Returns: -# None -######################### -airflow_stop() { - info "Stopping Airflow..." - stop_service_using_pid "$AIRFLOW_PID_FILE" -} - -######################## -# Check if airflow-exporter is running -# Globals: -# AIRFLOW_EXPORTER_PID_FILE -# Arguments: -# None -# Returns: -# Whether airflow-exporter is running -######################## -is_airflow_exporter_running() { - # airflow-exporter does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "airflow-prometheus-exporter" | head -n 1 > "$AIRFLOW_EXPORTER_PID_FILE" - - local pid - pid="$(get_pid_from_file "$AIRFLOW_EXPORTER_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if airflow-exporter is not running -# Globals: -# AIRFLOW_EXPORTER_PID_FILE -# Arguments: -# None -# Returns: -# Whether airflow-exporter is not running -######################## -is_airflow_exporter_not_running() { - ! is_airflow_exporter_running -} - -######################## -# Stop airflow-exporter -# Globals: -# AIRFLOW* -# Arguments: -# None -# Returns: -# None -######################### -airflow_exporter_stop() { - info "Stopping airflow-exporter..." - stop_service_using_pid "$AIRFLOW_EXPORTER_PID_FILE" -} diff --git a/bitnami/airflow-worker/2/debian-11/rootfs/opt/bitnami/scripts/libairflowworker.sh b/bitnami/airflow-worker/2/debian-11/rootfs/opt/bitnami/scripts/libairflowworker.sh deleted file mode 100644 index 9fbebedfe78d..000000000000 --- a/bitnami/airflow-worker/2/debian-11/rootfs/opt/bitnami/scripts/libairflowworker.sh +++ /dev/null @@ -1,154 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# Bitnami Airflow library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libpersistence.sh - -# Load airflow library -. /opt/bitnami/scripts/libairflow.sh - -######################## -# Validate Airflow Scheduler inputs -# Globals: -# AIRFLOW_* -# Arguments: -# None -# Returns: -# None -######################### -airflow_worker_validate() { - # Check postgresql host - [[ -z "$AIRFLOW_WEBSERVER_HOST" ]] && print_validation_error "Missing AIRFLOW_WEBSERVER_HOST" - [[ -z "$AIRFLOW_WEBSERVER_PORT_NUMBER" ]] && print_validation_error "Missing AIRFLOW_WEBSERVER_PORT_NUMBER" - # Check postgresql host - [[ -z "$AIRFLOW_DATABASE_HOST" ]] && print_validation_error "Missing AIRFLOW_DATABASE_HOST" - - # Check cryptography parameters - if [[ -n "$AIRFLOW_RAW_FERNET_KEY" && -z "$AIRFLOW_FERNET_KEY" ]]; then - local fernet_char_count - fernet_char_count="$(echo -n "$AIRFLOW_RAW_FERNET_KEY")" - if [[ "$fernet_char_count" -lt 32 ]]; then - print_validation_error "AIRFLOW_RAW_FERNET_KEY must have at least 32 characters" - elif [[ "$fernet_char_count" -gt 32 ]]; then - warn "AIRFLOW_RAW_FERNET_KEY has more than 32 characters, the rest will be ignored" - fi - AIRFLOW_FERNET_KEY="$(echo -n "${AIRFLOW_RAW_FERNET_KEY:0:32}" | base64)" - fi - - # Avoid fail because of the above check - true -} - -######################## -# Ensure Airflow Scheduler is initialized -# Globals: -# AIRFLOW_* -# Arguments: -# None -# Returns: -# None -######################### -airflow_worker_initialize() { - # Remove airflow-worker.pid file if exists to prevent error after WSL restarts - if [ -f "$AIRFLOW_PID_FILE" ]; then - rm "$AIRFLOW_PID_FILE" - fi - - # Change permissions if running as root - for dir in "$AIRFLOW_TMP_DIR" "$AIRFLOW_LOGS_DIR"; do - ensure_dir_exists "$dir" - am_i_root && chown "$AIRFLOW_DAEMON_USER:$AIRFLOW_DAEMON_GROUP" "$dir" - done - - # The configuration file is not persisted. If it is not provided, generate it based on env vars - if [[ ! -f "$AIRFLOW_CONF_FILE" ]]; then - info "No injected configuration file found. Creating default config file" - airflow_worker_generate_config - else - info "Configuration file found, loading configuration" - fi - - info "Trying to connect to the database server" - airflow_wait_for_postgresql_connection - # Change the permissions after restoring the persisted data in case we are root - for dir in "$AIRFLOW_TMP_DIR" "$AIRFLOW_LOGS_DIR"; do - ensure_dir_exists "$dir" - am_i_root && chown "$AIRFLOW_DAEMON_USER:$AIRFLOW_DAEMON_GROUP" "$dir" - done - - # Wait for airflow webserver to be available - info "Waiting for Airflow Webserver to be up" - airflow_worker_wait_for_webserver "$AIRFLOW_WEBSERVER_HOST" "$AIRFLOW_WEBSERVER_PORT_NUMBER" - if [[ "$AIRFLOW_EXECUTOR" == "CeleryExecutor" || "$AIRFLOW_EXECUTOR" == "CeleryKubernetesExecutor" ]]; then - wait-for-port --host "$REDIS_HOST" "$REDIS_PORT_NUMBER" - fi - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Generate Airflow Scheduler conf file -# Globals: -# AIRFLOW_* -# Arguments: -# None -# Returns: -# None -######################### -airflow_worker_generate_config() { - # Generate Airflow default files - debug_execute airflow version - - # Configure Airflow Hostname - [[ -n "$AIRFLOW_HOSTNAME_CALLABLE" ]] && airflow_conf_set "core" "hostname_callable" "$AIRFLOW_HOSTNAME_CALLABLE" - - # Configure Airflow database - airflow_configure_database - - # Configure the Webserver port - airflow_conf_set "webserver" "web_server_port" "$AIRFLOW_WEBSERVER_PORT_NUMBER" - - # Setup the secret keys for database connection and flask application (fernet key and secret key) - # ref: https://airflow.apache.org/docs/apache-airflow/stable/configurations-ref.html#fernet-key - # ref: https://airflow.apache.org/docs/apache-airflow/stable/configurations-ref.html#secret-key - [[ -n "$AIRFLOW_FERNET_KEY" ]] && airflow_conf_set "core" "fernet_key" "$AIRFLOW_FERNET_KEY" - [[ -n "$AIRFLOW_SECRET_KEY" ]] && airflow_conf_set "webserver" "secret_key" "$AIRFLOW_SECRET_KEY" - - # Configure Airflow executor - airflow_conf_set "core" "executor" "$AIRFLOW_EXECUTOR" - [[ "$AIRFLOW_EXECUTOR" == "CeleryExecutor" || "$AIRFLOW_EXECUTOR" == "CeleryKubernetesExecutor" ]] && airflow_configure_celery_executor - true # Avoid the function to fail due to the check above -} - -######################## -# Wait Ariflow webserver -# Globals: -# AIRFLOW_* -# Arguments: -# None -# Returns: -# None -######################### -airflow_worker_wait_for_webserver() { - local -r webserver_host="${1:?missing database host}" - local -r webserver_port="${2:?missing database port}" - check_webserver_connection() { - wait-for-port --host "$webserver_host" "$webserver_port" - } - if ! retry_while "check_webserver_connection"; then - error "Could not connect to the Airflow webserver" - return 1 - fi -} diff --git a/bitnami/airflow-worker/2/debian-11/rootfs/opt/bitnami/scripts/libpostgresqlclient.sh b/bitnami/airflow-worker/2/debian-11/rootfs/opt/bitnami/scripts/libpostgresqlclient.sh deleted file mode 100644 index 0c921ff1d2ef..000000000000 --- a/bitnami/airflow-worker/2/debian-11/rootfs/opt/bitnami/scripts/libpostgresqlclient.sh +++ /dev/null @@ -1,424 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami PostgreSQL Client library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh - -######################## -# Validate settings in POSTGRESQL_CLIENT_* environment variables -# Globals: -# POSTGRESQL_CLIENT_* -# Arguments: -# None -# Returns: -# None -######################### -postgresql_client_validate() { - info "Validating settings in POSTGRESQL_CLIENT_* env vars" - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - empty_password_enabled_warn() { - warn "You set the environment variable ALLOW_EMPTY_PASSWORD=${ALLOW_EMPTY_PASSWORD}. For safety reasons, do not use this flag in a production environment." - } - empty_password_error() { - print_validation_error "The $1 environment variable is empty or not set. Set the environment variable ALLOW_EMPTY_PASSWORD=yes to allow the container to be started with blank passwords. This is recommended only for development." - } - - # Only validate environment variables if any action needs to be performed - local -a database_names - read -r -a database_names <<< "$(tr ',;' ' ' <<< "$POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES")" - if [[ -n "$POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME" || "${#database_names[@]}" -gt 0 ]]; then - if is_boolean_yes "$ALLOW_EMPTY_PASSWORD"; then - empty_password_enabled_warn - else - if [[ -z "$POSTGRESQL_CLIENT_POSTGRES_PASSWORD" ]]; then - empty_password_error "POSTGRESQL_CLIENT_POSTGRES_PASSWORD" - fi - if [[ -n "$POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME" ]] && [[ -z "$POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD" ]]; then - empty_password_error "POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD" - fi - fi - fi - # When enabling extensions, the DB name must be provided - local -a extensions - read -r -a extensions <<< "$(tr ',;' ' ' <<< "$POSTGRESQL_CLIENT_CREATE_DATABASE_EXTENSIONS")" - if [[ "${#database_names[@]}" -le 0 && "${#extensions[@]}" -gt 0 ]]; then - print_validation_error "POSTGRESQL_CLIENT_CREATE_DATABASE_EXTENSIONS requires POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES to be set." - fi - return "$error_code" -} - -######################## -# Perform actions to a database -# Globals: -# POSTGRESQL_CLIENT_* -# Arguments: -# None -# Returns: -# None -######################### -postgresql_client_initialize() { - local -a database_names - read -r -a database_names <<< "$(tr ',;' ' ' <<< "$POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES")" - # Wait for the database to be accessible if any action needs to be performed - if [[ -n "$POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME" || "${#database_names[@]}" -gt 0 ]]; then - info "Trying to connect to the database server" - check_postgresql_connection() { - echo "SELECT 1" | postgresql_remote_execute "$POSTGRESQL_CLIENT_DATABASE_HOST" "$POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER" "postgres" "$POSTGRESQL_CLIENT_POSTGRES_USER" "$POSTGRESQL_CLIENT_POSTGRES_PASSWORD" - } - if ! retry_while "check_postgresql_connection"; then - error "Could not connect to the database server" - return 1 - fi - fi - # Ensure a database user exists in the server - if [[ -n "$POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME" ]]; then - info "Creating database user ${POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME}" - local -a args=("$POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME" "--host" "$POSTGRESQL_CLIENT_DATABASE_HOST" "--port" "$POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER") - [[ -n "$POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD" ]] && args+=("-p" "$POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD") - postgresql_ensure_user_exists "${args[@]}" - fi - # Ensure a database exists in the server (and that the user has write privileges, if specified) - if [[ "${#database_names[@]}" -gt 0 ]]; then - local -a createdb_args extensions - read -r -a extensions <<< "$(tr ',;' ' ' <<< "$POSTGRESQL_CLIENT_CREATE_DATABASE_EXTENSIONS")" - for database_name in "${database_names[@]}"; do - info "Creating database ${database_name}" - createdb_args=("$database_name" "--host" "$POSTGRESQL_CLIENT_DATABASE_HOST" "--port" "$POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER") - [[ -n "$POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME" ]] && createdb_args+=("-u" "$POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME") - postgresql_ensure_database_exists "${createdb_args[@]}" - # Ensure the list of extensions are enabled in the specified database - if [[ "${#extensions[@]}" -gt 0 ]]; then - for extension_to_create in "${extensions[@]}"; do - echo "CREATE EXTENSION IF NOT EXISTS ${extension_to_create}" | postgresql_remote_execute "$POSTGRESQL_CLIENT_DATABASE_HOST" "$POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER" "$database_name" "$POSTGRESQL_CLIENT_POSTGRES_USER" "$POSTGRESQL_CLIENT_POSTGRES_PASSWORD" - done - fi - done - fi - # Execute a custom SQL script - if [[ -n "$POSTGRESQL_CLIENT_EXECUTE_SQL" ]]; then - info "Executing custom SQL script" - echo "$POSTGRESQL_CLIENT_EXECUTE_SQL" | postgresql_remote_execute "$POSTGRESQL_CLIENT_DATABASE_HOST" "$POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER" "postgres" "$POSTGRESQL_CLIENT_POSTGRES_USER" "$POSTGRESQL_CLIENT_POSTGRES_PASSWORD" - fi - # Avoid exit code of previous commands to affect the result of this function - true -} - -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC2148 - -######################## -# Return PostgreSQL major version -# Globals: -# POSTGRESQL_* -# Arguments: -# None -# Returns: -# String -######################### -postgresql_get_major_version() { - psql --version | grep -oE "[0-9]+\.[0-9]+" | grep -oE "^[0-9]+" -} - -######################## -# Gets an environment variable name based on the suffix -# Arguments: -# $1 - environment variable suffix -# Returns: -# environment variable name -######################### -get_env_var_value() { - local env_var_suffix="${1:?missing suffix}" - local env_var_name - for env_var_prefix in POSTGRESQL POSTGRESQL_CLIENT; do - env_var_name="${env_var_prefix}_${env_var_suffix}" - if [[ -n "${!env_var_name:-}" ]]; then - echo "${!env_var_name}" - break - fi - done -} - -######################## -# Execute an arbitrary query/queries against the running PostgreSQL service and print the output -# Stdin: -# Query/queries to execute -# Globals: -# BITNAMI_DEBUG -# POSTGRESQL_* -# Arguments: -# $1 - Database where to run the queries -# $2 - User to run queries -# $3 - Password -# $4 - Extra options (eg. -tA) -# Returns: -# None -######################### -postgresql_execute_print_output() { - local -r db="${1:-}" - local -r user="${2:-postgres}" - local -r pass="${3:-}" - local opts - read -r -a opts <<<"${@:4}" - - local args=("-U" "$user" "-p" "${POSTGRESQL_PORT_NUMBER:-5432}") - [[ -n "$db" ]] && args+=("-d" "$db") - [[ "${#opts[@]}" -gt 0 ]] && args+=("${opts[@]}") - - # Execute the Query/queries from stdin - PGPASSWORD=$pass psql "${args[@]}" -} - -######################## -# Execute an arbitrary query/queries against the running PostgreSQL service -# Stdin: -# Query/queries to execute -# Globals: -# BITNAMI_DEBUG -# POSTGRESQL_* -# Arguments: -# $1 - Database where to run the queries -# $2 - User to run queries -# $3 - Password -# $4 - Extra options (eg. -tA) -# Returns: -# None -######################### -postgresql_execute() { - if [[ "${BITNAMI_DEBUG:-false}" = true ]]; then - "postgresql_execute_print_output" "$@" - elif [[ "${NO_ERRORS:-false}" = true ]]; then - "postgresql_execute_print_output" "$@" 2>/dev/null - else - "postgresql_execute_print_output" "$@" >/dev/null 2>&1 - fi -} - -######################## -# Execute an arbitrary query/queries against a remote PostgreSQL service and print to stdout -# Stdin: -# Query/queries to execute -# Globals: -# BITNAMI_DEBUG -# DB_* -# Arguments: -# $1 - Remote PostgreSQL service hostname -# $2 - Remote PostgreSQL service port -# $3 - Database where to run the queries -# $4 - User to run queries -# $5 - Password -# $6 - Extra options (eg. -tA) -# Returns: -# None -postgresql_remote_execute_print_output() { - local -r hostname="${1:?hostname is required}" - local -r port="${2:?port is required}" - local -a args=("-h" "$hostname" "-p" "$port") - shift 2 - "postgresql_execute_print_output" "$@" "${args[@]}" -} - -######################## -# Execute an arbitrary query/queries against a remote PostgreSQL service -# Stdin: -# Query/queries to execute -# Globals: -# BITNAMI_DEBUG -# DB_* -# Arguments: -# $1 - Remote PostgreSQL service hostname -# $2 - Remote PostgreSQL service port -# $3 - Database where to run the queries -# $4 - User to run queries -# $5 - Password -# $6 - Extra options (eg. -tA) -# Returns: -# None -postgresql_remote_execute() { - if [[ "${BITNAMI_DEBUG:-false}" = true ]]; then - "postgresql_remote_execute_print_output" "$@" - elif [[ "${NO_ERRORS:-false}" = true ]]; then - "postgresql_remote_execute_print_output" "$@" 2>/dev/null - else - "postgresql_remote_execute_print_output" "$@" >/dev/null 2>&1 - fi -} - -######################## -# Optionally create the given database user -# Flags: -# -p|--password - database password -# --host - database host -# --port - database port -# Arguments: -# $1 - user -# Returns: -# None -######################### -postgresql_ensure_user_exists() { - local -r user="${1:?user is missing}" - local password="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -p | --password) - shift - password="${1:?missing password}" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - local -a postgresql_execute_cmd=("postgresql_execute") - [[ -n "$db_host" && -n "$db_port" ]] && postgresql_execute_cmd=("postgresql_remote_execute" "$db_host" "$db_port") - local -a postgresql_execute_flags=("postgres" "$(get_env_var_value POSTGRES_USER)" "$(get_env_var_value POSTGRES_PASSWORD)") - - "${postgresql_execute_cmd[@]}" "${postgresql_execute_flags[@]}" <&2 - return 1 - ;; - esac - shift - done - - local -a postgresql_execute_cmd=("postgresql_execute") - [[ -n "$db_host" && -n "$db_port" ]] && postgresql_execute_cmd=("postgresql_remote_execute" "$db_host" "$db_port") - local -a postgresql_execute_flags=("postgres" "$(get_env_var_value POSTGRES_USER)" "$(get_env_var_value POSTGRES_PASSWORD)") - - "${postgresql_execute_cmd[@]}" "${postgresql_execute_flags[@]}" <> "$LOCALES_FILE" - else - echo "Locale ${locale} is already enabled" - fi -} - -if [[ "$WITH_ALL_LOCALES" =~ ^(yes|true|1)$ ]]; then - echo "Enabling all locales" - cp "$SUPPORTED_LOCALES_FILE" "$LOCALES_FILE" -else - # shellcheck disable=SC2001 - LOCALES_TO_ADD="$(sed 's/[,;]\s*/\n/g' <<< "$EXTRA_LOCALES")" - while [[ -n "$LOCALES_TO_ADD" ]] && read -r locale; do - echo "Enabling locale ${locale}" - enable_locale "$locale" - done <<< "$LOCALES_TO_ADD" -fi - -locale-gen diff --git a/bitnami/airflow-worker/2/debian-11/rootfs/opt/bitnami/scripts/postgresql-client-env.sh b/bitnami/airflow-worker/2/debian-11/rootfs/opt/bitnami/scripts/postgresql-client-env.sh deleted file mode 100644 index ddd1f09d06fd..000000000000 --- a/bitnami/airflow-worker/2/debian-11/rootfs/opt/bitnami/scripts/postgresql-client-env.sh +++ /dev/null @@ -1,88 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for postgresql-client - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-postgresql-client}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -postgresql_client_env_vars=( - ALLOW_EMPTY_PASSWORD - POSTGRESQL_CLIENT_DATABASE_HOST - POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER - POSTGRESQL_CLIENT_POSTGRES_USER - POSTGRESQL_CLIENT_POSTGRES_PASSWORD - POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES - POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME - POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD - POSTGRESQL_CLIENT_CREATE_DATABASE_EXTENSIONS - POSTGRESQL_CLIENT_EXECUTE_SQL - POSTGRESQL_HOST - POSTGRESQL_PORT_NUMBER - POSTGRESQL_CLIENT_ROOT_USER - POSTGRESQL_POSTGRES_USER - POSTGRESQL_ROOT_USER - POSTGRESQL_CLIENT_ROOT_PASSWORD - POSTGRESQL_POSTGRES_PASSWORD - POSTGRESQL_ROOT_PASSWORD - POSTGRESQL_CLIENT_CREATE_DATABASE_NAME - POSTGRESQL_CLIENT_CREATE_DATABASE_USER -) -for env_var in "${postgresql_client_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset postgresql_client_env_vars - -# Paths -export POSTGRESQL_BASE_DIR="/opt/bitnami/postgresql" -export POSTGRESQL_BIN_DIR="$POSTGRESQL_BASE_DIR/bin" -export PATH="${POSTGRESQL_BIN_DIR}:${PATH}" - -# PostgreSQL settings -export ALLOW_EMPTY_PASSWORD="${ALLOW_EMPTY_PASSWORD:-no}" -POSTGRESQL_CLIENT_DATABASE_HOST="${POSTGRESQL_CLIENT_DATABASE_HOST:-"${POSTGRESQL_HOST:-}"}" -export POSTGRESQL_CLIENT_DATABASE_HOST="${POSTGRESQL_CLIENT_DATABASE_HOST:-postgresql}" -POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER="${POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER:-"${POSTGRESQL_PORT_NUMBER:-}"}" -export POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER="${POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER:-5432}" -POSTGRESQL_CLIENT_POSTGRES_USER="${POSTGRESQL_CLIENT_POSTGRES_USER:-"${POSTGRESQL_CLIENT_ROOT_USER:-}"}" -POSTGRESQL_CLIENT_POSTGRES_USER="${POSTGRESQL_CLIENT_POSTGRES_USER:-"${POSTGRESQL_POSTGRES_USER:-}"}" -POSTGRESQL_CLIENT_POSTGRES_USER="${POSTGRESQL_CLIENT_POSTGRES_USER:-"${POSTGRESQL_ROOT_USER:-}"}" -export POSTGRESQL_CLIENT_POSTGRES_USER="${POSTGRESQL_CLIENT_POSTGRES_USER:-postgres}" # only used during the first initialization -POSTGRESQL_CLIENT_POSTGRES_PASSWORD="${POSTGRESQL_CLIENT_POSTGRES_PASSWORD:-"${POSTGRESQL_CLIENT_ROOT_PASSWORD:-}"}" -POSTGRESQL_CLIENT_POSTGRES_PASSWORD="${POSTGRESQL_CLIENT_POSTGRES_PASSWORD:-"${POSTGRESQL_POSTGRES_PASSWORD:-}"}" -POSTGRESQL_CLIENT_POSTGRES_PASSWORD="${POSTGRESQL_CLIENT_POSTGRES_PASSWORD:-"${POSTGRESQL_ROOT_PASSWORD:-}"}" -export POSTGRESQL_CLIENT_POSTGRES_PASSWORD="${POSTGRESQL_CLIENT_POSTGRES_PASSWORD:-}" # only used during the first initialization -POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES="${POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES:-"${POSTGRESQL_CLIENT_CREATE_DATABASE_NAME:-}"}" -export POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES="${POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES:-}" # only used during the first initialization -POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME="${POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME:-"${POSTGRESQL_CLIENT_CREATE_DATABASE_USER:-}"}" -export POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME="${POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME:-}" # only used during the first initialization -export POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD="${POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD:-}" # only used during the first initialization -export POSTGRESQL_CLIENT_CREATE_DATABASE_EXTENSIONS="${POSTGRESQL_CLIENT_CREATE_DATABASE_EXTENSIONS:-}" # only used during the first initialization -export POSTGRESQL_CLIENT_EXECUTE_SQL="${POSTGRESQL_CLIENT_EXECUTE_SQL:-}" # only used during the first initialization - -# Custom environment variables may be defined below diff --git a/bitnami/airflow-worker/2/debian-11/rootfs/opt/bitnami/scripts/postgresql-client/setup.sh b/bitnami/airflow-worker/2/debian-11/rootfs/opt/bitnami/scripts/postgresql-client/setup.sh deleted file mode 100755 index ff786a6f712b..000000000000 --- a/bitnami/airflow-worker/2/debian-11/rootfs/opt/bitnami/scripts/postgresql-client/setup.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libpostgresqlclient.sh - -# Load PostgreSQL Client environment variables -. /opt/bitnami/scripts/postgresql-client-env.sh - -# Ensure PostgreSQL Client environment variables settings are valid -postgresql_client_validate -# Ensure PostgreSQL Client is initialized -postgresql_client_initialize diff --git a/bitnami/airflow-worker/2/debian-11/tags-info.yaml b/bitnami/airflow-worker/2/debian-11/tags-info.yaml deleted file mode 100644 index bd9d3572b884..000000000000 --- a/bitnami/airflow-worker/2/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "2" -- 2-debian-11 -- 2.8.1 -- latest diff --git a/bitnami/airflow/2/debian-11/Dockerfile b/bitnami/airflow/2/debian-11/Dockerfile deleted file mode 100644 index a28f805a9ab3..000000000000 --- a/bitnami/airflow/2/debian-11/Dockerfile +++ /dev/null @@ -1,74 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T03:03:25Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="2.8.1-debian-11-r31" \ - org.opencontainers.image.title="airflow" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="2.8.1" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl git krb5-user libbsd0 libbz2-1.0 libcom-err2 libcrypt1 libedit2 libffi7 libgcc-s1 libgmp10 libgnutls30 libgss-dev libgssapi-krb5-2 libhogweed6 libicu67 libidn2-0 libk5crypto3 libkeyutils1 libkrb5-3 libkrb5-dev libkrb5support0 libldap-2.4-2 liblz4-1 liblzma5 libmariadb3 libmd0 libncursesw6 libnettle8 libnsl2 libp11-kit0 libreadline8 libsasl2-2 libsasl2-modules libsqlite3-0 libssl1.1 libstdc++6 libsybdb5 libtasn1-6 libtinfo6 libtirpc3 libunistring2 libuuid1 libxml2 libxslt1.1 locales netbase procps tzdata zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "wait-for-port-1.0.7-9-linux-${OS_ARCH}-debian-11" \ - "python-3.11.8-0-linux-${OS_ARCH}-debian-11" \ - "postgresql-client-16.2.0-0-linux-${OS_ARCH}-debian-11" \ - "ini-file-1.4.6-9-linux-${OS_ARCH}-debian-11" \ - "airflow-2.8.1-3-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN localedef -c -f UTF-8 -i en_US en_US.UTF-8 -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN update-locale LANG=C.UTF-8 LC_MESSAGES=POSIX && \ - DEBIAN_FRONTEND=noninteractive dpkg-reconfigure locales -RUN echo 'en_US.UTF-8 UTF-8' >> /etc/locale.gen && locale-gen -RUN mkdir /.local && chmod g+rwX /.local - -COPY rootfs / -RUN /opt/bitnami/scripts/airflow/postunpack.sh -RUN /opt/bitnami/scripts/locales/add-extra-locales.sh -ENV AIRFLOW_HOME="/opt/bitnami/airflow" \ - APP_VERSION="2.8.1" \ - BITNAMI_APP_NAME="airflow" \ - LANG="en_US.UTF-8" \ - LANGUAGE="en_US:en" \ - LD_LIBRARY_PATH="/opt/bitnami/airflow/venv/lib/python3.8/site-packages/numpy.libs:/opt/bitnami/python/lib:$LD_LIBRARY_PATH" \ - LIBNSS_WRAPPER_PATH="/opt/bitnami/common/lib/libnss_wrapper.so" \ - LNAME="airflow" \ - NSS_WRAPPER_GROUP="/opt/bitnami/airflow/nss_group" \ - NSS_WRAPPER_PASSWD="/opt/bitnami/airflow/nss_passwd" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/python/bin:/opt/bitnami/postgresql/bin:/opt/bitnami/airflow/venv/bin:$PATH" - -EXPOSE 8080 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/airflow/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/airflow/run.sh" ] diff --git a/bitnami/airflow/2/debian-11/docker-compose.yml b/bitnami/airflow/2/debian-11/docker-compose.yml deleted file mode 100644 index 43e73e7650f1..000000000000 --- a/bitnami/airflow/2/debian-11/docker-compose.yml +++ /dev/null @@ -1,53 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' - -services: - postgresql: - image: docker.io/bitnami/postgresql:16 - volumes: - - 'postgresql_data:/bitnami/postgresql' - environment: - - POSTGRESQL_DATABASE=bitnami_airflow - - POSTGRESQL_USERNAME=bn_airflow - - POSTGRESQL_PASSWORD=bitnami1 - # ALLOW_EMPTY_PASSWORD is recommended only for development. - - ALLOW_EMPTY_PASSWORD=yes - redis: - image: docker.io/bitnami/redis:7.0 - volumes: - - 'redis_data:/bitnami' - environment: - # ALLOW_EMPTY_PASSWORD is recommended only for development. - - ALLOW_EMPTY_PASSWORD=yes - airflow-scheduler: - image: docker.io/bitnami/airflow-scheduler:2 - environment: - - AIRFLOW_DATABASE_NAME=bitnami_airflow - - AIRFLOW_DATABASE_USERNAME=bn_airflow - - AIRFLOW_DATABASE_PASSWORD=bitnami1 - - AIRFLOW_EXECUTOR=CeleryExecutor - - AIRFLOW_WEBSERVER_HOST=airflow - airflow-worker: - image: docker.io/bitnami/airflow-worker:2 - environment: - - AIRFLOW_DATABASE_NAME=bitnami_airflow - - AIRFLOW_DATABASE_USERNAME=bn_airflow - - AIRFLOW_DATABASE_PASSWORD=bitnami1 - - AIRFLOW_EXECUTOR=CeleryExecutor - - AIRFLOW_WEBSERVER_HOST=airflow - airflow: - image: docker.io/bitnami/airflow:2 - environment: - - AIRFLOW_DATABASE_NAME=bitnami_airflow - - AIRFLOW_DATABASE_USERNAME=bn_airflow - - AIRFLOW_DATABASE_PASSWORD=bitnami1 - - AIRFLOW_EXECUTOR=CeleryExecutor - ports: - - '8080:8080' -volumes: - postgresql_data: - driver: local - redis_data: - driver: local diff --git a/bitnami/airflow/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/airflow/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 592591cd955d..000000000000 --- a/bitnami/airflow/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,32 +0,0 @@ -{ - "airflow": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.8.1-3" - }, - "ini-file": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.4.6-9" - }, - "postgresql-client": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "16.2.0-0" - }, - "python": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.11.8-0" - }, - "wait-for-port": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.7-9" - } -} \ No newline at end of file diff --git a/bitnami/airflow/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/airflow/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/airflow/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/airflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/airflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/airflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/airflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/airflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/airflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/airflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/airflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/airflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/airflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/airflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/airflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/airflow/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/airflow/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/airflow/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/airflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/airflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/airflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/airflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/airflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/airflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/airflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/airflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/airflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/airflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/airflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/airflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/airflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/airflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/airflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/airflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/airflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/airflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/airflow/2/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/airflow/2/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/airflow/2/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/airflow/2/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/airflow/2/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/airflow/2/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/airflow/2/debian-11/rootfs/opt/bitnami/scripts/airflow-env.sh b/bitnami/airflow/2/debian-11/rootfs/opt/bitnami/scripts/airflow-env.sh deleted file mode 100644 index 87fca9db6096..000000000000 --- a/bitnami/airflow/2/debian-11/rootfs/opt/bitnami/scripts/airflow-env.sh +++ /dev/null @@ -1,151 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for airflow - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-airflow}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -airflow_env_vars=( - AIRFLOW_USERNAME - AIRFLOW_PASSWORD - AIRFLOW_FIRSTNAME - AIRFLOW_LASTNAME - AIRFLOW_EMAIL - AIRFLOW_EXECUTOR - AIRFLOW_RAW_FERNET_KEY - AIRFLOW_FERNET_KEY - AIRFLOW_SECRET_KEY - AIRFLOW_WEBSERVER_HOST - AIRFLOW_WEBSERVER_PORT_NUMBER - AIRFLOW_LOAD_EXAMPLES - AIRFLOW_BASE_URL - AIRFLOW_HOSTNAME_CALLABLE - AIRFLOW_POOL_NAME - AIRFLOW_POOL_SIZE - AIRFLOW_POOL_DESC - AIRFLOW_DATABASE_HOST - AIRFLOW_DATABASE_PORT_NUMBER - AIRFLOW_DATABASE_NAME - AIRFLOW_DATABASE_USERNAME - AIRFLOW_DATABASE_PASSWORD - AIRFLOW_DATABASE_USE_SSL - AIRFLOW_REDIS_USE_SSL - REDIS_HOST - REDIS_PORT_NUMBER - REDIS_USER - REDIS_PASSWORD - REDIS_DATABASE - AIRFLOW_LDAP_ENABLE - AIRFLOW_LDAP_URI - AIRFLOW_LDAP_SEARCH - AIRFLOW_LDAP_UID_FIELD - AIRFLOW_LDAP_BIND_USER - AIRFLOW_LDAP_BIND_PASSWORD - AIRFLOW_LDAP_USER_REGISTRATION - AIRFLOW_LDAP_USER_REGISTRATION_ROLE - AIRFLOW_LDAP_ROLES_MAPPING - AIRFLOW_LDAP_ROLES_SYNC_AT_LOGIN - AIRFLOW_LDAP_USE_TLS - AIRFLOW_LDAP_ALLOW_SELF_SIGNED - AIRFLOW_LDAP_TLS_CA_CERTIFICATE -) -for env_var in "${airflow_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset airflow_env_vars - -# Airflow paths -export AIRFLOW_BASE_DIR="${BITNAMI_ROOT_DIR}/airflow" -export AIRFLOW_HOME="${AIRFLOW_BASE_DIR}" -export AIRFLOW_BIN_DIR="${AIRFLOW_BASE_DIR}/venv/bin" -export AIRFLOW_LOGS_DIR="${AIRFLOW_BASE_DIR}/logs" -export AIRFLOW_SCHEDULER_LOGS_DIR="${AIRFLOW_LOGS_DIR}/scheduler" -export AIRFLOW_LOG_FILE="${AIRFLOW_LOGS_DIR}/airflow-webserver.log" -export AIRFLOW_CONF_FILE="${AIRFLOW_BASE_DIR}/airflow.cfg" -export AIRFLOW_WEBSERVER_CONF_FILE="${AIRFLOW_BASE_DIR}/webserver_config.py" -export AIRFLOW_TMP_DIR="${AIRFLOW_BASE_DIR}/tmp" -export AIRFLOW_PID_FILE="${AIRFLOW_TMP_DIR}/airflow-webserver.pid" -export AIRFLOW_DAGS_DIR="${AIRFLOW_BASE_DIR}/dags" -export PATH="${AIRFLOW_BIN_DIR}:${BITNAMI_ROOT_DIR}/common/bin:${PATH}" - -# System users (when running with a privileged user) -export AIRFLOW_DAEMON_USER="airflow" -export AIRFLOW_DAEMON_GROUP="airflow" - -# User configuration -export AIRFLOW_USERNAME="${AIRFLOW_USERNAME:-user}" -export AIRFLOW_PASSWORD="${AIRFLOW_PASSWORD:-bitnami}" -export AIRFLOW_FIRSTNAME="${AIRFLOW_FIRSTNAME:-Firstname}" -export AIRFLOW_LASTNAME="${AIRFLOW_LASTNAME:-Lastname}" -export AIRFLOW_EMAIL="${AIRFLOW_EMAIL:-user@example.com}" - -# Airflow configuration -export AIRFLOW_EXECUTOR="${AIRFLOW_EXECUTOR:-SequentialExecutor}" -export AIRFLOW_RAW_FERNET_KEY="${AIRFLOW_RAW_FERNET_KEY:-}" -export AIRFLOW_FERNET_KEY="${AIRFLOW_FERNET_KEY:-}" -export AIRFLOW_SECRET_KEY="${AIRFLOW_SECRET_KEY:-}" -export AIRFLOW_WEBSERVER_HOST="${AIRFLOW_WEBSERVER_HOST:-127.0.0.1}" -export AIRFLOW_WEBSERVER_PORT_NUMBER="${AIRFLOW_WEBSERVER_PORT_NUMBER:-8080}" -export AIRFLOW_LOAD_EXAMPLES="${AIRFLOW_LOAD_EXAMPLES:-yes}" -export AIRFLOW_BASE_URL="${AIRFLOW_BASE_URL:-}" -export AIRFLOW_HOSTNAME_CALLABLE="${AIRFLOW_HOSTNAME_CALLABLE:-}" -export AIRFLOW_POOL_NAME="${AIRFLOW_POOL_NAME:-}" -export AIRFLOW_POOL_SIZE="${AIRFLOW_POOL_SIZE:-}" -export AIRFLOW_POOL_DESC="${AIRFLOW_POOL_DESC:-}" - -# Airflow database configuration -export AIRFLOW_DATABASE_HOST="${AIRFLOW_DATABASE_HOST:-postgresql}" -export AIRFLOW_DATABASE_PORT_NUMBER="${AIRFLOW_DATABASE_PORT_NUMBER:-5432}" -export AIRFLOW_DATABASE_NAME="${AIRFLOW_DATABASE_NAME:-bitnami_airflow}" -export AIRFLOW_DATABASE_USERNAME="${AIRFLOW_DATABASE_USERNAME:-bn_airflow}" -export AIRFLOW_DATABASE_PASSWORD="${AIRFLOW_DATABASE_PASSWORD:-}" -export AIRFLOW_DATABASE_USE_SSL="${AIRFLOW_DATABASE_USE_SSL:-no}" -export AIRFLOW_REDIS_USE_SSL="${AIRFLOW_REDIS_USE_SSL:-no}" -export REDIS_HOST="${REDIS_HOST:-redis}" -export REDIS_PORT_NUMBER="${REDIS_PORT_NUMBER:-6379}" -export REDIS_USER="${REDIS_USER:-}" -export REDIS_PASSWORD="${REDIS_PASSWORD:-}" -export REDIS_DATABASE="${REDIS_DATABASE:-1}" - -# Airflow LDAP configuration -export AIRFLOW_LDAP_ENABLE="${AIRFLOW_LDAP_ENABLE:-no}" -export AIRFLOW_LDAP_URI="${AIRFLOW_LDAP_URI:-}" -export AIRFLOW_LDAP_SEARCH="${AIRFLOW_LDAP_SEARCH:-}" -export AIRFLOW_LDAP_UID_FIELD="${AIRFLOW_LDAP_UID_FIELD:-}" -export AIRFLOW_LDAP_BIND_USER="${AIRFLOW_LDAP_BIND_USER:-}" -export AIRFLOW_LDAP_BIND_PASSWORD="${AIRFLOW_LDAP_BIND_PASSWORD:-}" -export AIRFLOW_LDAP_USER_REGISTRATION="${AIRFLOW_LDAP_USER_REGISTRATION:-True}" -export AIRFLOW_LDAP_USER_REGISTRATION_ROLE="${AIRFLOW_LDAP_USER_REGISTRATION_ROLE:-}" -export AIRFLOW_LDAP_ROLES_MAPPING="${AIRFLOW_LDAP_ROLES_MAPPING:-}" -export AIRFLOW_LDAP_ROLES_SYNC_AT_LOGIN="${AIRFLOW_LDAP_ROLES_SYNC_AT_LOGIN:-True}" -export AIRFLOW_LDAP_USE_TLS="${AIRFLOW_LDAP_USE_TLS:-False}" -export AIRFLOW_LDAP_ALLOW_SELF_SIGNED="${AIRFLOW_LDAP_ALLOW_SELF_SIGNED:-True}" -export AIRFLOW_LDAP_TLS_CA_CERTIFICATE="${AIRFLOW_LDAP_TLS_CA_CERTIFICATE:-}" - -# Custom environment variables may be defined below diff --git a/bitnami/airflow/2/debian-11/rootfs/opt/bitnami/scripts/airflow/entrypoint.sh b/bitnami/airflow/2/debian-11/rootfs/opt/bitnami/scripts/airflow/entrypoint.sh deleted file mode 100755 index 807f693453e8..000000000000 --- a/bitnami/airflow/2/debian-11/rootfs/opt/bitnami/scripts/airflow/entrypoint.sh +++ /dev/null @@ -1,45 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load Airflow environment variables -. /opt/bitnami/scripts/airflow-env.sh - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/libairflow.sh - -print_welcome_page - -if ! am_i_root && [[ -e "$LIBNSS_WRAPPER_PATH" ]]; then - info "Enabling non-root system user with nss_wrapper" - echo "airflow:x:$(id -u):$(id -g):Airflow:$AIRFLOW_HOME:/bin/false" > "$NSS_WRAPPER_PASSWD" - echo "airflow:x:$(id -g):" > "$NSS_WRAPPER_GROUP" - - export LD_PRELOAD="$LIBNSS_WRAPPER_PATH" - export HOME="$AIRFLOW_HOME" -fi - -# Install custom python package if requirements.txt is present -if [[ -f "/bitnami/python/requirements.txt" ]]; then - . /opt/bitnami/airflow/venv/bin/activate - pip install -r /bitnami/python/requirements.txt - deactivate -fi - -if [[ "$*" = *"/opt/bitnami/scripts/airflow/run.sh"* || "$*" = *"/run.sh"* ]]; then - info "** Starting Airflow setup **" - /opt/bitnami/scripts/postgresql-client/setup.sh - /opt/bitnami/scripts/airflow/setup.sh - info "** Airflow setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/airflow/2/debian-11/rootfs/opt/bitnami/scripts/airflow/postunpack.sh b/bitnami/airflow/2/debian-11/rootfs/opt/bitnami/scripts/airflow/postunpack.sh deleted file mode 100755 index 4dde981a7cde..000000000000 --- a/bitnami/airflow/2/debian-11/rootfs/opt/bitnami/scripts/airflow/postunpack.sh +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091,SC1090 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load Airflow environment variables -. /opt/bitnami/scripts/airflow-env.sh - -# Load libraries -. /opt/bitnami/scripts/libairflow.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh - -ensure_dir_exists "$AIRFLOW_BASE_DIR" -# Ensure the needed directories exist with write permissions -for dir in "$AIRFLOW_TMP_DIR" "$AIRFLOW_LOGS_DIR" "$AIRFLOW_SCHEDULER_LOGS_DIR" "$AIRFLOW_DAGS_DIR"; do - ensure_dir_exists "$dir" - configure_permissions_ownership "$dir" -d "775" -f "664" -g "root" -done - -chmod -R g+rwX "$AIRFLOW_BASE_DIR" diff --git a/bitnami/airflow/2/debian-11/rootfs/opt/bitnami/scripts/airflow/run.sh b/bitnami/airflow/2/debian-11/rootfs/opt/bitnami/scripts/airflow/run.sh deleted file mode 100755 index 28cbc8f16b36..000000000000 --- a/bitnami/airflow/2/debian-11/rootfs/opt/bitnami/scripts/airflow/run.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load Airflow environment variables -. /opt/bitnami/scripts/airflow-env.sh - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libairflow.sh - -args=("--pid" "$AIRFLOW_PID_FILE" "$@") - -info "** Starting Airflow **" -if am_i_root; then - exec_as_user "$AIRFLOW_DAEMON_USER" "${AIRFLOW_BIN_DIR}/airflow" "webserver" "${args[@]}" -else - exec "${AIRFLOW_BIN_DIR}/airflow" "webserver" "${args[@]}" -fi diff --git a/bitnami/airflow/2/debian-11/rootfs/opt/bitnami/scripts/airflow/setup.sh b/bitnami/airflow/2/debian-11/rootfs/opt/bitnami/scripts/airflow/setup.sh deleted file mode 100755 index 35d38e1ccde1..000000000000 --- a/bitnami/airflow/2/debian-11/rootfs/opt/bitnami/scripts/airflow/setup.sh +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load Airflow environment variables -. /opt/bitnami/scripts/airflow-env.sh - -# Load PostgreSQL Client environment for 'postgresql_remote_execute' (after 'airflow-env.sh' so that MODULE is not set to a wrong value) -if [[ -f /opt/bitnami/scripts/postgresql-client-env.sh ]]; then - . /opt/bitnami/scripts/postgresql-client-env.sh -elif [[ -f /opt/bitnami/scripts/postgresql-env.sh ]]; then - . /opt/bitnami/scripts/postgresql-env.sh -fi - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libairflow.sh - -# Ensure Airflow environment variables settings are valid -airflow_validate -# Ensure Airflow daemon user exists when running as root -am_i_root && ensure_user_exists "$AIRFLOW_DAEMON_USER" --group "$AIRFLOW_DAEMON_GROUP" -# Ensure Airflow is initialized -airflow_initialize diff --git a/bitnami/airflow/2/debian-11/rootfs/opt/bitnami/scripts/libairflow.sh b/bitnami/airflow/2/debian-11/rootfs/opt/bitnami/scripts/libairflow.sh deleted file mode 100644 index b21d4cb26ed7..000000000000 --- a/bitnami/airflow/2/debian-11/rootfs/opt/bitnami/scripts/libairflow.sh +++ /dev/null @@ -1,552 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# Bitnami Airflow library - -# shellcheck disable=SC1091,SC2153 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libpersistence.sh - -# Load database library -if [[ -f /opt/bitnami/scripts/libpostgresqlclient.sh ]]; then - . /opt/bitnami/scripts/libpostgresqlclient.sh -elif [[ -f /opt/bitnami/scripts/libpostgresql.sh ]]; then - . /opt/bitnami/scripts/libpostgresql.sh -fi - -# Functions - -######################## -# Validate Airflow inputs -# Globals: -# AIRFLOW_* -# Arguments: -# None -# Returns: -# 0 if the validation succeeded, 1 otherwise -######################### -airflow_validate() { - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - check_multi_value() { - if [[ " ${2} " != *" ${!1} "* ]]; then - print_validation_error "The allowed values for ${1} are: ${2}" - fi - } - - # Check postgresql host - [[ -z "$AIRFLOW_DATABASE_HOST" ]] && print_validation_error "Missing AIRFLOW_DATABASE_HOST" - - # Check LDAP parameters - if is_boolean_yes "$AIRFLOW_LDAP_ENABLE"; then - [[ -z "$AIRFLOW_LDAP_URI" ]] && print_validation_error "Missing AIRFLOW_LDAP_URI" - [[ -z "$AIRFLOW_LDAP_SEARCH" ]] && print_validation_error "Missing AIRFLOW_LDAP_SEARCH" - [[ -z "$AIRFLOW_LDAP_UID_FIELD" ]] && print_validation_error "Missing AIRFLOW_LDAP_UID_FIELD" - [[ -z "$AIRFLOW_LDAP_BIND_USER" ]] && print_validation_error "Missing AIRFLOW_LDAP_BIND_USER" - [[ -z "$AIRFLOW_LDAP_BIND_PASSWORD" ]] && print_validation_error "Missing AIRFLOW_LDAP_BIND_PASSWORD" - [[ -z "$AIRFLOW_LDAP_ROLES_MAPPING" ]] && print_validation_error "Missing AIRFLOW_LDAP_ROLES_MAPPING" - [[ -z "$AIRFLOW_LDAP_ROLES_SYNC_AT_LOGIN" ]] && print_validation_error "Missing AIRFLOW_LDAP_ROLES_SYNC_AT_LOGIN" - [[ -z "$AIRFLOW_LDAP_USER_REGISTRATION" ]] && print_validation_error "Missing AIRFLOW_LDAP_USER_REGISTRATION" - [[ -z "$AIRFLOW_LDAP_USER_REGISTRATION_ROLE" ]] && print_validation_error "Missing AIRFLOW_LDAP_USER_REGISTRATION_ROLE" - - # Chack boolean env vars contain valid values - for var in "AIRFLOW_LDAP_USER_REGISTRATION" "AIRFLOW_LDAP_ROLES_SYNC_AT_LOGIN" "AIRFLOW_LDAP_USE_TLS"; do - check_multi_value "$var" "True False" - done - - if [[ "$AIRFLOW_LDAP_USE_TLS" == "True" ]]; then - [[ -z "$AIRFLOW_LDAP_ALLOW_SELF_SIGNED" ]] && print_validation_error "Missing AIRFLOW_LDAP_ALLOW_SELF_SIGNED" - [[ -z "$AIRFLOW_LDAP_TLS_CA_CERTIFICATE" ]] && print_validation_error "Missing AIRFLOW_LDAP_TLS_CA_CERTIFICATE" - fi - - fi - - # Check pool parameters - if [[ -n "$AIRFLOW_POOL_NAME" ]]; then - [[ -z "$AIRFLOW_POOL_DESC" ]] && print_validation_error "Provided AIRFLOW_POOL_NAME but missing AIRFLOW_POOL_DESC" - [[ -z "$AIRFLOW_POOL_SIZE" ]] && print_validation_error "Provided AIRFLOW_POOL_NAME but missing AIRFLOW_POOL_SIZE" - fi - - # Check cryptography parameters - if [[ -n "$AIRFLOW_RAW_FERNET_KEY" && -z "$AIRFLOW_FERNET_KEY" ]]; then - local fernet_char_count - fernet_char_count="$(echo -n "$AIRFLOW_RAW_FERNET_KEY")" - if [[ "$fernet_char_count" -lt 32 ]]; then - print_validation_error "AIRFLOW_RAW_FERNET_KEY must have at least 32 characters" - elif [[ "$fernet_char_count" -gt 32 ]]; then - warn "AIRFLOW_RAW_FERNET_KEY has more than 32 characters, the rest will be ignored" - fi - AIRFLOW_FERNET_KEY="$(echo -n "${AIRFLOW_RAW_FERNET_KEY:0:32}" | base64)" - fi - - return "$error_code" -} - -######################## -# Ensure Airflow is initialized -# Globals: -# AIRFLOW_* -# Arguments: -# None -# Returns: -# None -######################### -airflow_initialize() { - info "Initializing Airflow ..." - - # Change permissions if running as root - for dir in "$AIRFLOW_TMP_DIR" "$AIRFLOW_LOGS_DIR" "$AIRFLOW_DAGS_DIR"; do - ensure_dir_exists "$dir" - am_i_root && chown "$AIRFLOW_DAEMON_USER:$AIRFLOW_DAEMON_GROUP" "$dir" - done - - # The configuration file is not persisted. If it is not provided, generate it based on env vars - if [[ ! -f "$AIRFLOW_CONF_FILE" ]]; then - info "No injected configuration file found. Creating default config file" - airflow_generate_config - else - info "Configuration file found, loading configuration" - fi - - info "Trying to connect to the database server" - airflow_wait_for_postgresql_connection - # Check if the Airflow database has been already initialized - if ! airflow_execute db check-migrations; then - # Delete pid file - rm -f "$AIRFLOW_PID_FILE" - - # Initialize database - info "Populating database" - airflow_execute db init - - airflow_create_admin_user - airflow_create_pool - else - # Upgrade database - info "Upgrading database schema" - airflow_execute db upgrade - true # Avoid return false when I am not root - fi -} - -######################## -# Executes the 'airflow' CLI with the specified arguments and print result to stdout/stderr -# Globals: -# AIRFLOW_* -# Arguments: -# $1..$n - Arguments to pass to the CLI call -# Returns: -# None -######################### -airflow_execute_print_output() { - # Run as web server user to avoid having to change permissions/ownership afterwards - if am_i_root; then - run_as_user "$AIRFLOW_DAEMON_USER" airflow "$@" - else - airflow "$@" - fi -} - -######################## -# Executes the 'airflow' CLI with the specified arguments -# Globals: -# AIRFLOW_* -# Arguments: -# $1..$n - Arguments to pass to the CLI call -# Returns: -# None -######################### -airflow_execute() { - debug_execute airflow_execute_print_output "$@" -} - -######################## -# Generate Airflow conf file -# Globals: -# AIRFLOW_* -# Arguments: -# None -# Returns: -# None -######################### -airflow_generate_config() { - # Create Airflow confirguration from default files - [[ ! -f "$AIRFLOW_CONF_FILE" ]] && cp "$(find "$AIRFLOW_BASE_DIR" -name default_airflow.cfg)" "$AIRFLOW_CONF_FILE" - [[ -n "$AIRFLOW_WEBSERVER_CONF_FILE" ]] && [[ ! -f "$AIRFLOW_WEBSERVER_CONF_FILE" ]] && cp "$(find "$AIRFLOW_BASE_DIR" -name default_webserver_config.py)" "$AIRFLOW_WEBSERVER_CONF_FILE" - - # Setup Airflow base URL - airflow_configure_base_url - # Configure Airflow Hostname - [[ -n "$AIRFLOW_HOSTNAME_CALLABLE" ]] && airflow_conf_set "core" "hostname_callable" "$AIRFLOW_HOSTNAME_CALLABLE" - # Configure Airflow webserver authentication - airflow_configure_webserver_authentication - # Configure Airflow to load examples - if is_boolean_yes "$AIRFLOW_LOAD_EXAMPLES"; then - airflow_conf_set "core" "load_examples" "True" - else - airflow_conf_set "core" "load_examples" "False" - fi - # Configure Airflow database - airflow_configure_database - - # Configure the Webserver port - airflow_conf_set "webserver" "web_server_port" "$AIRFLOW_WEBSERVER_PORT_NUMBER" - - # Setup the secret keys for database connection and flask application (fernet key and secret key) - # ref: https://airflow.apache.org/docs/apache-airflow/stable/configurations-ref.html#fernet-key - # ref: https://airflow.apache.org/docs/apache-airflow/stable/configurations-ref.html#secret-key - [[ -n "$AIRFLOW_FERNET_KEY" ]] && airflow_conf_set "core" "fernet_key" "$AIRFLOW_FERNET_KEY" - [[ -n "$AIRFLOW_SECRET_KEY" ]] && airflow_conf_set "webserver" "secret_key" "$AIRFLOW_SECRET_KEY" - - # Configure Airflow executor - airflow_conf_set "core" "executor" "$AIRFLOW_EXECUTOR" - [[ "$AIRFLOW_EXECUTOR" == "CeleryExecutor" || "$AIRFLOW_EXECUTOR" == "CeleryKubernetesExecutor" ]] && airflow_configure_celery_executor - true # Avoid the function to fail due to the check above -} - -######################## -# Set property on the Airflow configuration file -# Globals: -# AIRFLOW_* -# Arguments: -# None -# Returns: -# None -######################### -airflow_conf_set() { - local -r section="${1:?section is required}" - local -r key="${2:?key is required}" - local -r value="${3:?value is required}" - local -r file="${4:-${AIRFLOW_CONF_FILE}}" - - ini-file set --section "$section" --key "$key" --value "$value" "$file" -} - -######################## -# Configure Airflow base url -# Globals: -# AIRFLOW_* -# Arguments: -# None -# Returns: -# None -######################### -airflow_configure_base_url() { - if [[ -z "$AIRFLOW_BASE_URL" ]]; then - airflow_conf_set "webserver" "base_url" "http://${AIRFLOW_WEBSERVER_HOST}:${AIRFLOW_WEBSERVER_PORT_NUMBER}" - else - airflow_conf_set "webserver" "base_url" "$AIRFLOW_BASE_URL" - fi -} - -######################## -# Configure Airflow webserver authentication -# Globals: -# AIRFLOW_* -# Arguments: -# None -# Returns: -# None -######################### -airflow_configure_webserver_authentication() { - info "Configuring Airflow webserver authentication" - airflow_conf_set "webserver" "rbac" "true" - - if is_boolean_yes "$AIRFLOW_LDAP_ENABLE"; then - info "Enabling LDAP authentication" - # Based on PR https://github.com/apache/airflow/pull/16647 - replace_in_file "$AIRFLOW_WEBSERVER_CONF_FILE" "# from airflow.www.fab_security.manager import AUTH_LDAP" "from airflow.www.fab_security.manager import AUTH_LDAP" - replace_in_file "$AIRFLOW_WEBSERVER_CONF_FILE" "from airflow.www.fab_security.manager import AUTH_DB" "# from airflow.www.fab_security.manager import AUTH_DB" - - # webserver config - airflow_webserver_conf_set "AUTH_TYPE" "AUTH_LDAP" - airflow_webserver_conf_set "AUTH_LDAP_SERVER" "$AIRFLOW_LDAP_URI" "yes" - - # searches - airflow_webserver_conf_set "AUTH_LDAP_SEARCH" "$AIRFLOW_LDAP_SEARCH" "yes" - airflow_webserver_conf_set "AUTH_LDAP_UID_FIELD" "$AIRFLOW_LDAP_UID_FIELD" "yes" - - # Special account for searches - airflow_webserver_conf_set "AUTH_LDAP_BIND_USER" "$AIRFLOW_LDAP_BIND_USER" "yes" - airflow_webserver_conf_set "AUTH_LDAP_BIND_PASSWORD" "$AIRFLOW_LDAP_BIND_PASSWORD" "yes" - - # User self registration - airflow_webserver_conf_set "AUTH_USER_REGISTRATION" "$AIRFLOW_LDAP_USER_REGISTRATION" - airflow_webserver_conf_set "AUTH_USER_REGISTRATION_ROLE" "$AIRFLOW_LDAP_USER_REGISTRATION_ROLE" "yes" - - # Mapping from LDAP DN to list of FAB roles - airflow_webserver_conf_set "AUTH_ROLES_MAPPING" "$AIRFLOW_LDAP_ROLES_MAPPING" - - # Replace user's roles at login - airflow_webserver_conf_set "AUTH_ROLES_SYNC_AT_LOGIN" "$AIRFLOW_LDAP_ROLES_SYNC_AT_LOGIN" - - # Allowing/Denying of self signed certs for StartTLS OR SSL ldaps:// connections - airflow_webserver_conf_set "AUTH_LDAP_ALLOW_SELF_SIGNED" "$AIRFLOW_LDAP_ALLOW_SELF_SIGNED" - - # If StartTLS supply cert - if [[ "$AIRFLOW_LDAP_USE_TLS" == "True" ]]; then - airflow_webserver_conf_set "AUTH_LDAP_TLS_CACERTFILE" "$AIRFLOW_LDAP_TLS_CA_CERTIFICATE" "yes" - fi - fi -} - -######################## -# Set properties in Airflow's webserver_config.py -# Globals: -# AIRFLOW_* -# Arguments: -# None -# Returns: -# None -######################### -airflow_webserver_conf_set() { - local -r key="${1:?missing key}" - local -r value="${2:?missing key}" - local -r is_literal="${3:-no}" - shift 2 - - local -r file="$AIRFLOW_WEBSERVER_CONF_FILE" - # Check if the value was set before - if grep -q "^#*\\s*${key} =.*$" "$file"; then - local entry - is_boolean_yes "$is_literal" && entry="${key} = '${value}'" || entry="${key} = ${value}" - # Update the existing key - replace_in_file "$file" "^#*\\s*${key} =.*$" "$entry" false - else - # Add a new key - local new_value="$value" - is_boolean_yes "$is_literal" && new_value="'${value}'" - printf '\n%s = %s' "$key" "$new_value" >>"$file" - fi -} - -######################## -# Configure Airflow database -# Globals: -# AIRFLOW_* -# Arguments: -# None -# Returns: -# None -######################### -airflow_configure_database() { - local -r user=$(airflow_encode_url "$AIRFLOW_DATABASE_USERNAME") - local -r password=$(airflow_encode_url "$AIRFLOW_DATABASE_PASSWORD") - local extra_options - is_boolean_yes "$AIRFLOW_DATABASE_USE_SSL" && extra_options="?sslmode=require" - - info "Configuring Airflow database" - airflow_conf_set "database" "sql_alchemy_conn" "postgresql+psycopg2://${user}:${password}@${AIRFLOW_DATABASE_HOST}:${AIRFLOW_DATABASE_PORT_NUMBER}/${AIRFLOW_DATABASE_NAME}${extra_options:-}" -} - -######################## -# Return URL encoded string in the airflow conf format -# Globals: -# AIRFLOW_* -# Arguments: -# None -# Returns: -# None -######################### -airflow_encode_url() { - local -r url="${1?Missing url}" - - urlencode() { - old_lc_collate="${LC_COLLATE:-}" - LC_COLLATE=C - - local length="${#1}" - for ((i = 0; i < length; i++)); do - local c="${1:$i:1}" - case $c in - [a-zA-Z0-9.~_-]) printf '%s' "$c" ;; - *) printf '%%%02X' "'$c" ;; - esac - done - - LC_COLLATE="$old_lc_collate" - } - - local -r url_encoded=$(urlencode "$url") - # Replace % by %% - echo "${url_encoded//\%/\%\%}" -} - -######################## -# Configure Airflow celery executor -# Globals: -# AIRFLOW_* -# Arguments: -# None -# Returns: -# None -######################### -airflow_configure_celery_executor() { - info "Configuring Celery Executor" - - # Configure celery Redis url - local -r redis_user=$(airflow_encode_url "$REDIS_USER") - local -r redis_password=$(airflow_encode_url "$REDIS_PASSWORD") - airflow_conf_set "celery" "broker_url" "redis://${redis_user}:${redis_password}@${REDIS_HOST}:${REDIS_PORT_NUMBER}/${REDIS_DATABASE}" - is_boolean_yes "$AIRFLOW_REDIS_USE_SSL" && airflow_conf_set "celery" "broker_url" "rediss://${redis_user}:${redis_password}@${REDIS_HOST}:${REDIS_PORT_NUMBER}/${REDIS_DATABASE}" - is_boolean_yes "$AIRFLOW_REDIS_USE_SSL" && airflow_conf_set "celery" "redis_backend_use_ssl" "true" - - # Configure celery backend - local -r database_user=$(airflow_encode_url "$AIRFLOW_DATABASE_USERNAME") - local -r database_password=$(airflow_encode_url "$AIRFLOW_DATABASE_PASSWORD") - local database_extra_options - is_boolean_yes "$AIRFLOW_DATABASE_USE_SSL" && database_extra_options="?sslmode=require" - airflow_conf_set "celery" "result_backend" "db+postgresql://${database_user}:${database_password}@${AIRFLOW_DATABASE_HOST}:${AIRFLOW_DATABASE_PORT_NUMBER}/${AIRFLOW_DATABASE_NAME}${database_extra_options:-}" -} - -######################## -# Wait until the database is accessible -# Globals: -# None -# Arguments: -# None -# Returns: -# true if the database connection succeeded, false otherwise -######################### -airflow_wait_for_postgresql_connection() { - if ! retry_while "airflow_execute db check"; then - error "Could not connect to the database" - return 1 - fi -} - -######################## -# Airflow create admin user -# Arguments: -# None -# Returns: -# None -######################### -airflow_create_admin_user() { - info "Creating Airflow admin user" - airflow_execute users create -r "Admin" -u "$AIRFLOW_USERNAME" -e "$AIRFLOW_EMAIL" -p "$AIRFLOW_PASSWORD" -f "$AIRFLOW_FIRSTNAME" -l "$AIRFLOW_LASTNAME" -} - -######################## -# Airflow create pool -# Arguments: -# None -# Returns: -# None -######################### -airflow_create_pool() { - if [[ -n "$AIRFLOW_POOL_NAME" ]] && [[ -n "$AIRFLOW_POOL_SIZE" ]] && [[ -n "$AIRFLOW_POOL_DESC" ]]; then - info "Creating Airflow pool" - airflow_execute pool -s "$AIRFLOW_POOL_NAME" "$AIRFLOW_POOL_SIZE" "$AIRFLOW_POOL_DESC" - fi -} - -######################## -# Check if Airflow is running -# Globals: -# AIRFLOW_PID_FILE -# Arguments: -# None -# Returns: -# Whether Airflow is running -######################## -is_airflow_running() { - local pid - pid="$(get_pid_from_file "$AIRFLOW_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if Airflow is not running -# Globals: -# AIRFLOW_PID_FILE -# Arguments: -# None -# Returns: -# Whether Airflow is not running -######################## -is_airflow_not_running() { - ! is_airflow_running -} - -######################## -# Stop Airflow -# Globals: -# AIRFLOW* -# Arguments: -# None -# Returns: -# None -######################### -airflow_stop() { - info "Stopping Airflow..." - stop_service_using_pid "$AIRFLOW_PID_FILE" -} - -######################## -# Check if airflow-exporter is running -# Globals: -# AIRFLOW_EXPORTER_PID_FILE -# Arguments: -# None -# Returns: -# Whether airflow-exporter is running -######################## -is_airflow_exporter_running() { - # airflow-exporter does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "airflow-prometheus-exporter" | head -n 1 > "$AIRFLOW_EXPORTER_PID_FILE" - - local pid - pid="$(get_pid_from_file "$AIRFLOW_EXPORTER_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if airflow-exporter is not running -# Globals: -# AIRFLOW_EXPORTER_PID_FILE -# Arguments: -# None -# Returns: -# Whether airflow-exporter is not running -######################## -is_airflow_exporter_not_running() { - ! is_airflow_exporter_running -} - -######################## -# Stop airflow-exporter -# Globals: -# AIRFLOW* -# Arguments: -# None -# Returns: -# None -######################### -airflow_exporter_stop() { - info "Stopping airflow-exporter..." - stop_service_using_pid "$AIRFLOW_EXPORTER_PID_FILE" -} diff --git a/bitnami/airflow/2/debian-11/rootfs/opt/bitnami/scripts/libpostgresqlclient.sh b/bitnami/airflow/2/debian-11/rootfs/opt/bitnami/scripts/libpostgresqlclient.sh deleted file mode 100644 index 0c921ff1d2ef..000000000000 --- a/bitnami/airflow/2/debian-11/rootfs/opt/bitnami/scripts/libpostgresqlclient.sh +++ /dev/null @@ -1,424 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami PostgreSQL Client library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh - -######################## -# Validate settings in POSTGRESQL_CLIENT_* environment variables -# Globals: -# POSTGRESQL_CLIENT_* -# Arguments: -# None -# Returns: -# None -######################### -postgresql_client_validate() { - info "Validating settings in POSTGRESQL_CLIENT_* env vars" - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - empty_password_enabled_warn() { - warn "You set the environment variable ALLOW_EMPTY_PASSWORD=${ALLOW_EMPTY_PASSWORD}. For safety reasons, do not use this flag in a production environment." - } - empty_password_error() { - print_validation_error "The $1 environment variable is empty or not set. Set the environment variable ALLOW_EMPTY_PASSWORD=yes to allow the container to be started with blank passwords. This is recommended only for development." - } - - # Only validate environment variables if any action needs to be performed - local -a database_names - read -r -a database_names <<< "$(tr ',;' ' ' <<< "$POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES")" - if [[ -n "$POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME" || "${#database_names[@]}" -gt 0 ]]; then - if is_boolean_yes "$ALLOW_EMPTY_PASSWORD"; then - empty_password_enabled_warn - else - if [[ -z "$POSTGRESQL_CLIENT_POSTGRES_PASSWORD" ]]; then - empty_password_error "POSTGRESQL_CLIENT_POSTGRES_PASSWORD" - fi - if [[ -n "$POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME" ]] && [[ -z "$POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD" ]]; then - empty_password_error "POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD" - fi - fi - fi - # When enabling extensions, the DB name must be provided - local -a extensions - read -r -a extensions <<< "$(tr ',;' ' ' <<< "$POSTGRESQL_CLIENT_CREATE_DATABASE_EXTENSIONS")" - if [[ "${#database_names[@]}" -le 0 && "${#extensions[@]}" -gt 0 ]]; then - print_validation_error "POSTGRESQL_CLIENT_CREATE_DATABASE_EXTENSIONS requires POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES to be set." - fi - return "$error_code" -} - -######################## -# Perform actions to a database -# Globals: -# POSTGRESQL_CLIENT_* -# Arguments: -# None -# Returns: -# None -######################### -postgresql_client_initialize() { - local -a database_names - read -r -a database_names <<< "$(tr ',;' ' ' <<< "$POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES")" - # Wait for the database to be accessible if any action needs to be performed - if [[ -n "$POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME" || "${#database_names[@]}" -gt 0 ]]; then - info "Trying to connect to the database server" - check_postgresql_connection() { - echo "SELECT 1" | postgresql_remote_execute "$POSTGRESQL_CLIENT_DATABASE_HOST" "$POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER" "postgres" "$POSTGRESQL_CLIENT_POSTGRES_USER" "$POSTGRESQL_CLIENT_POSTGRES_PASSWORD" - } - if ! retry_while "check_postgresql_connection"; then - error "Could not connect to the database server" - return 1 - fi - fi - # Ensure a database user exists in the server - if [[ -n "$POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME" ]]; then - info "Creating database user ${POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME}" - local -a args=("$POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME" "--host" "$POSTGRESQL_CLIENT_DATABASE_HOST" "--port" "$POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER") - [[ -n "$POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD" ]] && args+=("-p" "$POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD") - postgresql_ensure_user_exists "${args[@]}" - fi - # Ensure a database exists in the server (and that the user has write privileges, if specified) - if [[ "${#database_names[@]}" -gt 0 ]]; then - local -a createdb_args extensions - read -r -a extensions <<< "$(tr ',;' ' ' <<< "$POSTGRESQL_CLIENT_CREATE_DATABASE_EXTENSIONS")" - for database_name in "${database_names[@]}"; do - info "Creating database ${database_name}" - createdb_args=("$database_name" "--host" "$POSTGRESQL_CLIENT_DATABASE_HOST" "--port" "$POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER") - [[ -n "$POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME" ]] && createdb_args+=("-u" "$POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME") - postgresql_ensure_database_exists "${createdb_args[@]}" - # Ensure the list of extensions are enabled in the specified database - if [[ "${#extensions[@]}" -gt 0 ]]; then - for extension_to_create in "${extensions[@]}"; do - echo "CREATE EXTENSION IF NOT EXISTS ${extension_to_create}" | postgresql_remote_execute "$POSTGRESQL_CLIENT_DATABASE_HOST" "$POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER" "$database_name" "$POSTGRESQL_CLIENT_POSTGRES_USER" "$POSTGRESQL_CLIENT_POSTGRES_PASSWORD" - done - fi - done - fi - # Execute a custom SQL script - if [[ -n "$POSTGRESQL_CLIENT_EXECUTE_SQL" ]]; then - info "Executing custom SQL script" - echo "$POSTGRESQL_CLIENT_EXECUTE_SQL" | postgresql_remote_execute "$POSTGRESQL_CLIENT_DATABASE_HOST" "$POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER" "postgres" "$POSTGRESQL_CLIENT_POSTGRES_USER" "$POSTGRESQL_CLIENT_POSTGRES_PASSWORD" - fi - # Avoid exit code of previous commands to affect the result of this function - true -} - -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC2148 - -######################## -# Return PostgreSQL major version -# Globals: -# POSTGRESQL_* -# Arguments: -# None -# Returns: -# String -######################### -postgresql_get_major_version() { - psql --version | grep -oE "[0-9]+\.[0-9]+" | grep -oE "^[0-9]+" -} - -######################## -# Gets an environment variable name based on the suffix -# Arguments: -# $1 - environment variable suffix -# Returns: -# environment variable name -######################### -get_env_var_value() { - local env_var_suffix="${1:?missing suffix}" - local env_var_name - for env_var_prefix in POSTGRESQL POSTGRESQL_CLIENT; do - env_var_name="${env_var_prefix}_${env_var_suffix}" - if [[ -n "${!env_var_name:-}" ]]; then - echo "${!env_var_name}" - break - fi - done -} - -######################## -# Execute an arbitrary query/queries against the running PostgreSQL service and print the output -# Stdin: -# Query/queries to execute -# Globals: -# BITNAMI_DEBUG -# POSTGRESQL_* -# Arguments: -# $1 - Database where to run the queries -# $2 - User to run queries -# $3 - Password -# $4 - Extra options (eg. -tA) -# Returns: -# None -######################### -postgresql_execute_print_output() { - local -r db="${1:-}" - local -r user="${2:-postgres}" - local -r pass="${3:-}" - local opts - read -r -a opts <<<"${@:4}" - - local args=("-U" "$user" "-p" "${POSTGRESQL_PORT_NUMBER:-5432}") - [[ -n "$db" ]] && args+=("-d" "$db") - [[ "${#opts[@]}" -gt 0 ]] && args+=("${opts[@]}") - - # Execute the Query/queries from stdin - PGPASSWORD=$pass psql "${args[@]}" -} - -######################## -# Execute an arbitrary query/queries against the running PostgreSQL service -# Stdin: -# Query/queries to execute -# Globals: -# BITNAMI_DEBUG -# POSTGRESQL_* -# Arguments: -# $1 - Database where to run the queries -# $2 - User to run queries -# $3 - Password -# $4 - Extra options (eg. -tA) -# Returns: -# None -######################### -postgresql_execute() { - if [[ "${BITNAMI_DEBUG:-false}" = true ]]; then - "postgresql_execute_print_output" "$@" - elif [[ "${NO_ERRORS:-false}" = true ]]; then - "postgresql_execute_print_output" "$@" 2>/dev/null - else - "postgresql_execute_print_output" "$@" >/dev/null 2>&1 - fi -} - -######################## -# Execute an arbitrary query/queries against a remote PostgreSQL service and print to stdout -# Stdin: -# Query/queries to execute -# Globals: -# BITNAMI_DEBUG -# DB_* -# Arguments: -# $1 - Remote PostgreSQL service hostname -# $2 - Remote PostgreSQL service port -# $3 - Database where to run the queries -# $4 - User to run queries -# $5 - Password -# $6 - Extra options (eg. -tA) -# Returns: -# None -postgresql_remote_execute_print_output() { - local -r hostname="${1:?hostname is required}" - local -r port="${2:?port is required}" - local -a args=("-h" "$hostname" "-p" "$port") - shift 2 - "postgresql_execute_print_output" "$@" "${args[@]}" -} - -######################## -# Execute an arbitrary query/queries against a remote PostgreSQL service -# Stdin: -# Query/queries to execute -# Globals: -# BITNAMI_DEBUG -# DB_* -# Arguments: -# $1 - Remote PostgreSQL service hostname -# $2 - Remote PostgreSQL service port -# $3 - Database where to run the queries -# $4 - User to run queries -# $5 - Password -# $6 - Extra options (eg. -tA) -# Returns: -# None -postgresql_remote_execute() { - if [[ "${BITNAMI_DEBUG:-false}" = true ]]; then - "postgresql_remote_execute_print_output" "$@" - elif [[ "${NO_ERRORS:-false}" = true ]]; then - "postgresql_remote_execute_print_output" "$@" 2>/dev/null - else - "postgresql_remote_execute_print_output" "$@" >/dev/null 2>&1 - fi -} - -######################## -# Optionally create the given database user -# Flags: -# -p|--password - database password -# --host - database host -# --port - database port -# Arguments: -# $1 - user -# Returns: -# None -######################### -postgresql_ensure_user_exists() { - local -r user="${1:?user is missing}" - local password="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -p | --password) - shift - password="${1:?missing password}" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - local -a postgresql_execute_cmd=("postgresql_execute") - [[ -n "$db_host" && -n "$db_port" ]] && postgresql_execute_cmd=("postgresql_remote_execute" "$db_host" "$db_port") - local -a postgresql_execute_flags=("postgres" "$(get_env_var_value POSTGRES_USER)" "$(get_env_var_value POSTGRES_PASSWORD)") - - "${postgresql_execute_cmd[@]}" "${postgresql_execute_flags[@]}" <&2 - return 1 - ;; - esac - shift - done - - local -a postgresql_execute_cmd=("postgresql_execute") - [[ -n "$db_host" && -n "$db_port" ]] && postgresql_execute_cmd=("postgresql_remote_execute" "$db_host" "$db_port") - local -a postgresql_execute_flags=("postgres" "$(get_env_var_value POSTGRES_USER)" "$(get_env_var_value POSTGRES_PASSWORD)") - - "${postgresql_execute_cmd[@]}" "${postgresql_execute_flags[@]}" <> "$LOCALES_FILE" - else - echo "Locale ${locale} is already enabled" - fi -} - -if [[ "$WITH_ALL_LOCALES" =~ ^(yes|true|1)$ ]]; then - echo "Enabling all locales" - cp "$SUPPORTED_LOCALES_FILE" "$LOCALES_FILE" -else - # shellcheck disable=SC2001 - LOCALES_TO_ADD="$(sed 's/[,;]\s*/\n/g' <<< "$EXTRA_LOCALES")" - while [[ -n "$LOCALES_TO_ADD" ]] && read -r locale; do - echo "Enabling locale ${locale}" - enable_locale "$locale" - done <<< "$LOCALES_TO_ADD" -fi - -locale-gen diff --git a/bitnami/airflow/2/debian-11/rootfs/opt/bitnami/scripts/postgresql-client-env.sh b/bitnami/airflow/2/debian-11/rootfs/opt/bitnami/scripts/postgresql-client-env.sh deleted file mode 100644 index ddd1f09d06fd..000000000000 --- a/bitnami/airflow/2/debian-11/rootfs/opt/bitnami/scripts/postgresql-client-env.sh +++ /dev/null @@ -1,88 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for postgresql-client - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-postgresql-client}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -postgresql_client_env_vars=( - ALLOW_EMPTY_PASSWORD - POSTGRESQL_CLIENT_DATABASE_HOST - POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER - POSTGRESQL_CLIENT_POSTGRES_USER - POSTGRESQL_CLIENT_POSTGRES_PASSWORD - POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES - POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME - POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD - POSTGRESQL_CLIENT_CREATE_DATABASE_EXTENSIONS - POSTGRESQL_CLIENT_EXECUTE_SQL - POSTGRESQL_HOST - POSTGRESQL_PORT_NUMBER - POSTGRESQL_CLIENT_ROOT_USER - POSTGRESQL_POSTGRES_USER - POSTGRESQL_ROOT_USER - POSTGRESQL_CLIENT_ROOT_PASSWORD - POSTGRESQL_POSTGRES_PASSWORD - POSTGRESQL_ROOT_PASSWORD - POSTGRESQL_CLIENT_CREATE_DATABASE_NAME - POSTGRESQL_CLIENT_CREATE_DATABASE_USER -) -for env_var in "${postgresql_client_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset postgresql_client_env_vars - -# Paths -export POSTGRESQL_BASE_DIR="/opt/bitnami/postgresql" -export POSTGRESQL_BIN_DIR="$POSTGRESQL_BASE_DIR/bin" -export PATH="${POSTGRESQL_BIN_DIR}:${PATH}" - -# PostgreSQL settings -export ALLOW_EMPTY_PASSWORD="${ALLOW_EMPTY_PASSWORD:-no}" -POSTGRESQL_CLIENT_DATABASE_HOST="${POSTGRESQL_CLIENT_DATABASE_HOST:-"${POSTGRESQL_HOST:-}"}" -export POSTGRESQL_CLIENT_DATABASE_HOST="${POSTGRESQL_CLIENT_DATABASE_HOST:-postgresql}" -POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER="${POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER:-"${POSTGRESQL_PORT_NUMBER:-}"}" -export POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER="${POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER:-5432}" -POSTGRESQL_CLIENT_POSTGRES_USER="${POSTGRESQL_CLIENT_POSTGRES_USER:-"${POSTGRESQL_CLIENT_ROOT_USER:-}"}" -POSTGRESQL_CLIENT_POSTGRES_USER="${POSTGRESQL_CLIENT_POSTGRES_USER:-"${POSTGRESQL_POSTGRES_USER:-}"}" -POSTGRESQL_CLIENT_POSTGRES_USER="${POSTGRESQL_CLIENT_POSTGRES_USER:-"${POSTGRESQL_ROOT_USER:-}"}" -export POSTGRESQL_CLIENT_POSTGRES_USER="${POSTGRESQL_CLIENT_POSTGRES_USER:-postgres}" # only used during the first initialization -POSTGRESQL_CLIENT_POSTGRES_PASSWORD="${POSTGRESQL_CLIENT_POSTGRES_PASSWORD:-"${POSTGRESQL_CLIENT_ROOT_PASSWORD:-}"}" -POSTGRESQL_CLIENT_POSTGRES_PASSWORD="${POSTGRESQL_CLIENT_POSTGRES_PASSWORD:-"${POSTGRESQL_POSTGRES_PASSWORD:-}"}" -POSTGRESQL_CLIENT_POSTGRES_PASSWORD="${POSTGRESQL_CLIENT_POSTGRES_PASSWORD:-"${POSTGRESQL_ROOT_PASSWORD:-}"}" -export POSTGRESQL_CLIENT_POSTGRES_PASSWORD="${POSTGRESQL_CLIENT_POSTGRES_PASSWORD:-}" # only used during the first initialization -POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES="${POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES:-"${POSTGRESQL_CLIENT_CREATE_DATABASE_NAME:-}"}" -export POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES="${POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES:-}" # only used during the first initialization -POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME="${POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME:-"${POSTGRESQL_CLIENT_CREATE_DATABASE_USER:-}"}" -export POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME="${POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME:-}" # only used during the first initialization -export POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD="${POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD:-}" # only used during the first initialization -export POSTGRESQL_CLIENT_CREATE_DATABASE_EXTENSIONS="${POSTGRESQL_CLIENT_CREATE_DATABASE_EXTENSIONS:-}" # only used during the first initialization -export POSTGRESQL_CLIENT_EXECUTE_SQL="${POSTGRESQL_CLIENT_EXECUTE_SQL:-}" # only used during the first initialization - -# Custom environment variables may be defined below diff --git a/bitnami/airflow/2/debian-11/rootfs/opt/bitnami/scripts/postgresql-client/setup.sh b/bitnami/airflow/2/debian-11/rootfs/opt/bitnami/scripts/postgresql-client/setup.sh deleted file mode 100755 index ff786a6f712b..000000000000 --- a/bitnami/airflow/2/debian-11/rootfs/opt/bitnami/scripts/postgresql-client/setup.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libpostgresqlclient.sh - -# Load PostgreSQL Client environment variables -. /opt/bitnami/scripts/postgresql-client-env.sh - -# Ensure PostgreSQL Client environment variables settings are valid -postgresql_client_validate -# Ensure PostgreSQL Client is initialized -postgresql_client_initialize diff --git a/bitnami/airflow/2/debian-11/tags-info.yaml b/bitnami/airflow/2/debian-11/tags-info.yaml deleted file mode 100644 index bd9d3572b884..000000000000 --- a/bitnami/airflow/2/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "2" -- 2-debian-11 -- 2.8.1 -- latest diff --git a/bitnami/alertmanager/0/debian-11/Dockerfile b/bitnami/alertmanager/0/debian-11/Dockerfile deleted file mode 100644 index a6a9cac994cc..000000000000 --- a/bitnami/alertmanager/0/debian-11/Dockerfile +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T20:59:20Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="0.26.0-debian-11-r73" \ - org.opencontainers.image.title="alertmanager" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="0.26.0" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "alertmanager-0.26.0-14-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN ln -sf /opt/bitnami/alertmanager/conf /etc/alertmanager -RUN ln -sf /opt/bitnami/alertmanager/data /alertmanager -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -RUN mkdir -p /opt/bitnami/alertmanager/data/ && chmod g+rwX /opt/bitnami/alertmanager/data/ -ENV APP_VERSION="0.26.0" \ - BITNAMI_APP_NAME="alertmanager" \ - PATH="/opt/bitnami/alertmanager/bin:$PATH" - -EXPOSE 9093 - -WORKDIR /opt/bitnami/alertmanager -USER 1001 -ENTRYPOINT [ "/opt/bitnami/alertmanager/bin/alertmanager" ] -CMD [ "--config.file=/opt/bitnami/alertmanager/conf/config.yml", "--storage.path=/opt/bitnami/alertmanager/data" ] diff --git a/bitnami/alertmanager/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/alertmanager/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 148d982fd7f6..000000000000 --- a/bitnami/alertmanager/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "alertmanager": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "0.26.0-14" - } -} \ No newline at end of file diff --git a/bitnami/alertmanager/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/alertmanager/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/alertmanager/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/alertmanager/0/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/alertmanager/0/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/alertmanager/0/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/alertmanager/0/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/alertmanager/0/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/alertmanager/0/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/alertmanager/0/debian-11/tags-info.yaml b/bitnami/alertmanager/0/debian-11/tags-info.yaml deleted file mode 100644 index 12f63ab2e007..000000000000 --- a/bitnami/alertmanager/0/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "0" -- 0-debian-11 -- 0.26.0 -- latest diff --git a/bitnami/apache-exporter/1/debian-11/Dockerfile b/bitnami/apache-exporter/1/debian-11/Dockerfile deleted file mode 100644 index 0b8e0dcecd79..000000000000 --- a/bitnami/apache-exporter/1/debian-11/Dockerfile +++ /dev/null @@ -1,55 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T21:01:52Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.0.6-debian-11-r21" \ - org.opencontainers.image.title="apache-exporter" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="1.0.6" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "apache-exporter-1.0.6-2-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y ca-certificates curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN ln -sf /opt/bitnami/apache-exporter/bin/apache_exporter /bin/apache_exporter -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="1.0.6" \ - BITNAMI_APP_NAME="apache-exporter" \ - PATH="/opt/bitnami/apache-exporter/bin:$PATH" - -EXPOSE 9117 - -WORKDIR /opt/bitnami/apache-exporter -USER 1001 -ENTRYPOINT [ "apache_exporter" ] diff --git a/bitnami/apache-exporter/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/apache-exporter/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 130f354222d2..000000000000 --- a/bitnami/apache-exporter/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "apache-exporter": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.6-2" - } -} \ No newline at end of file diff --git a/bitnami/apache-exporter/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/apache-exporter/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/apache-exporter/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/apache-exporter/1/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/apache-exporter/1/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/apache-exporter/1/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/apache-exporter/1/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/apache-exporter/1/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/apache-exporter/1/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/apache-exporter/1/debian-11/tags-info.yaml b/bitnami/apache-exporter/1/debian-11/tags-info.yaml deleted file mode 100644 index 89587f2c0421..000000000000 --- a/bitnami/apache-exporter/1/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "1" -- 1-debian-11 -- 1.0.6 -- latest diff --git a/bitnami/apache/2.4/debian-11/Dockerfile b/bitnami/apache/2.4/debian-11/Dockerfile deleted file mode 100644 index f13c15c5974a..000000000000 --- a/bitnami/apache/2.4/debian-11/Dockerfile +++ /dev/null @@ -1,60 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T21:08:44Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="2.4.58-debian-11-r29" \ - org.opencontainers.image.title="apache" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="2.4.58" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libcrypt1 libexpat1 libffi7 libgcc-s1 libgmp10 libgnutls30 libhogweed6 libicu67 libidn2-0 libldap-2.4-2 liblzma5 libnettle8 libnghttp2-14 libp11-kit0 libpcre3 libsasl2-2 libssl1.1 libstdc++6 libtasn1-6 libunistring2 libxml2 openssl procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "render-template-1.0.6-8-linux-${OS_ARCH}-debian-11" \ - "apache-2.4.58-7-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/apache/postunpack.sh -ENV APACHE_HTTPS_PORT_NUMBER="" \ - APACHE_HTTP_PORT_NUMBER="" \ - APP_VERSION="2.4.58" \ - BITNAMI_APP_NAME="apache" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/apache/bin:$PATH" - -EXPOSE 8080 8443 - -WORKDIR /app -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/apache/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/apache/run.sh" ] diff --git a/bitnami/apache/2.4/debian-11/docker-compose.yml b/bitnami/apache/2.4/debian-11/docker-compose.yml deleted file mode 100644 index 8dc387641215..000000000000 --- a/bitnami/apache/2.4/debian-11/docker-compose.yml +++ /dev/null @@ -1,10 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' -services: - apache: - image: docker.io/bitnami/apache:2.4 - ports: - - 80:8080 - - 443:8443 diff --git a/bitnami/apache/2.4/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/apache/2.4/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index f1e9a18a6f87..000000000000 --- a/bitnami/apache/2.4/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "apache": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.4.58-7" - }, - "render-template": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.6-8" - } -} \ No newline at end of file diff --git a/bitnami/apache/2.4/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/apache/2.4/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/apache/2.4/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/apache/2.4/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/apache/2.4/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/apache/2.4/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/apache/2.4/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/apache/2.4/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/apache/2.4/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/apache/2.4/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/apache/2.4/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/apache/2.4/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/apache/2.4/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/apache/2.4/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/apache/2.4/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/apache/2.4/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/apache/2.4/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/apache/2.4/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/apache/2.4/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/apache/2.4/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/apache/2.4/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/apache/2.4/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/apache/2.4/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/apache/2.4/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/apache/2.4/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/apache/2.4/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/apache/2.4/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/apache/2.4/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/apache/2.4/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/apache/2.4/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/apache/2.4/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/apache/2.4/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/apache/2.4/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/apache/2.4/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/apache/2.4/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/apache/2.4/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/apache/2.4/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/apache/2.4/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/apache/2.4/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/apache/2.4/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/apache/2.4/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/apache/2.4/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/apache/conf/deflate.conf b/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/apache/conf/deflate.conf deleted file mode 100644 index ca9bc1d6e4b6..000000000000 --- a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/apache/conf/deflate.conf +++ /dev/null @@ -1,5 +0,0 @@ - - AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css - AddOutputFilterByType DEFLATE application/x-javascript application/javascript application/ecmascript - AddOutputFilterByType DEFLATE application/rss+xml - diff --git a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/apache/conf/vhosts/00_status-vhost.conf b/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/apache/conf/vhosts/00_status-vhost.conf deleted file mode 100644 index c0838da2a4e5..000000000000 --- a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/apache/conf/vhosts/00_status-vhost.conf +++ /dev/null @@ -1,7 +0,0 @@ - - ServerName status.localhost - - Require local - SetHandler server-status - - diff --git a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache-env.sh b/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache-env.sh deleted file mode 100644 index 449481062e54..000000000000 --- a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache-env.sh +++ /dev/null @@ -1,80 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for apache - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-apache}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -apache_env_vars=( - APACHE_HTTP_PORT_NUMBER - APACHE_HTTPS_PORT_NUMBER - APACHE_SERVER_TOKENS - APACHE_HTTP_PORT - APACHE_HTTPS_PORT -) -for env_var in "${apache_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset apache_env_vars -export WEB_SERVER_TYPE="apache" - -# Paths -export APACHE_BASE_DIR="${BITNAMI_ROOT_DIR}/apache" -export APACHE_BIN_DIR="${APACHE_BASE_DIR}/bin" -export APACHE_CONF_DIR="${APACHE_BASE_DIR}/conf" -export APACHE_HTDOCS_DIR="${APACHE_BASE_DIR}/htdocs" -export APACHE_TMP_DIR="${APACHE_BASE_DIR}/var/run" -export APACHE_LOGS_DIR="${APACHE_BASE_DIR}/logs" -export APACHE_VHOSTS_DIR="${APACHE_CONF_DIR}/vhosts" -export APACHE_HTACCESS_DIR="${APACHE_VHOSTS_DIR}/htaccess" -export APACHE_CONF_FILE="${APACHE_CONF_DIR}/httpd.conf" -export APACHE_PID_FILE="${APACHE_TMP_DIR}/httpd.pid" -export PATH="${APACHE_BIN_DIR}:${BITNAMI_ROOT_DIR}/common/bin:${PATH}" - -# System users (when running with a privileged user) -export APACHE_DAEMON_USER="daemon" -export WEB_SERVER_DAEMON_USER="$APACHE_DAEMON_USER" -export APACHE_DAEMON_GROUP="daemon" -export WEB_SERVER_DAEMON_GROUP="$APACHE_DAEMON_GROUP" -export WEB_SERVER_GROUP="$APACHE_DAEMON_GROUP" - -# Apache configuration -export APACHE_DEFAULT_HTTP_PORT_NUMBER="8080" -export WEB_SERVER_DEFAULT_HTTP_PORT_NUMBER="$APACHE_DEFAULT_HTTP_PORT_NUMBER" # only used at build time -export APACHE_DEFAULT_HTTPS_PORT_NUMBER="8443" -export WEB_SERVER_DEFAULT_HTTPS_PORT_NUMBER="$APACHE_DEFAULT_HTTPS_PORT_NUMBER" # only used at build time -APACHE_HTTP_PORT_NUMBER="${APACHE_HTTP_PORT_NUMBER:-"${APACHE_HTTP_PORT:-}"}" -export APACHE_HTTP_PORT_NUMBER="${APACHE_HTTP_PORT_NUMBER:-}" -export WEB_SERVER_HTTP_PORT_NUMBER="$APACHE_HTTP_PORT_NUMBER" -APACHE_HTTPS_PORT_NUMBER="${APACHE_HTTPS_PORT_NUMBER:-"${APACHE_HTTPS_PORT:-}"}" -export APACHE_HTTPS_PORT_NUMBER="${APACHE_HTTPS_PORT_NUMBER:-}" -export WEB_SERVER_HTTPS_PORT_NUMBER="$APACHE_HTTPS_PORT_NUMBER" -export APACHE_SERVER_TOKENS="${APACHE_SERVER_TOKENS:-Prod}" - -# Custom environment variables may be defined below diff --git a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-http-vhost.conf.tpl b/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-http-vhost.conf.tpl deleted file mode 100644 index b434680af734..000000000000 --- a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-http-vhost.conf.tpl +++ /dev/null @@ -1,7 +0,0 @@ -{{http_listen_configuration}} -{{before_vhost_configuration}} - - {{server_name_configuration}} - {{additional_http_configuration}} - {{additional_configuration}} - diff --git a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-https-vhost.conf.tpl b/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-https-vhost.conf.tpl deleted file mode 100644 index 589538513c9c..000000000000 --- a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-https-vhost.conf.tpl +++ /dev/null @@ -1,10 +0,0 @@ -{{https_listen_configuration}} -{{before_vhost_configuration}} - - {{server_name_configuration}} - SSLEngine on - SSLCertificateFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.crt" - SSLCertificateKeyFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.key" - {{additional_https_configuration}} - {{additional_configuration}} - diff --git a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-prefix.conf.tpl b/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-prefix.conf.tpl deleted file mode 100644 index c895e537502a..000000000000 --- a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-prefix.conf.tpl +++ /dev/null @@ -1 +0,0 @@ -{{additional_configuration}} diff --git a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-http-vhost.conf.tpl b/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-http-vhost.conf.tpl deleted file mode 100644 index 96be8f822771..000000000000 --- a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-http-vhost.conf.tpl +++ /dev/null @@ -1,15 +0,0 @@ -{{http_listen_configuration}} -{{before_vhost_configuration}} - - {{server_name_configuration}} - DocumentRoot {{document_root}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - {{extra_directory_configuration}} - - {{additional_http_configuration}} - {{additional_configuration}} - {{htaccess_include}} - diff --git a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-https-vhost.conf.tpl b/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-https-vhost.conf.tpl deleted file mode 100644 index 1ad938929726..000000000000 --- a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-https-vhost.conf.tpl +++ /dev/null @@ -1,18 +0,0 @@ -{{https_listen_configuration}} -{{before_vhost_configuration}} - - {{server_name_configuration}} - SSLEngine on - SSLCertificateFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.crt" - SSLCertificateKeyFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.key" - DocumentRoot {{document_root}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - {{extra_directory_configuration}} - - {{additional_https_configuration}} - {{additional_configuration}} - {{htaccess_include}} - diff --git a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-prefix.conf.tpl b/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-prefix.conf.tpl deleted file mode 100644 index fc0f6c218196..000000000000 --- a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-prefix.conf.tpl +++ /dev/null @@ -1,9 +0,0 @@ -{{prefix_conf}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - {{extra_directory_configuration}} - -{{additional_configuration}} -{{htaccess_include}} diff --git a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-http-vhost.conf.tpl b/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-http-vhost.conf.tpl deleted file mode 100644 index 9440b89d28bf..000000000000 --- a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-http-vhost.conf.tpl +++ /dev/null @@ -1,11 +0,0 @@ -{{http_listen_configuration}} -{{before_vhost_configuration}} - - {{server_name_configuration}} - {{proxy_configuration}} - {{proxy_http_configuration}} - ProxyPass / {{proxy_address}} - ProxyPassReverse / {{proxy_address}} - {{additional_http_configuration}} - {{additional_configuration}} - diff --git a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-https-vhost.conf.tpl b/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-https-vhost.conf.tpl deleted file mode 100644 index 577cd461eb9d..000000000000 --- a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-https-vhost.conf.tpl +++ /dev/null @@ -1,14 +0,0 @@ -{{https_listen_configuration}} -{{before_vhost_configuration}} - - {{server_name_configuration}} - SSLEngine on - SSLCertificateFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.crt" - SSLCertificateKeyFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.key" - {{proxy_configuration}} - {{proxy_https_configuration}} - ProxyPass / {{proxy_address}} - ProxyPassReverse / {{proxy_address}} - {{additional_https_configuration}} - {{additional_configuration}} - diff --git a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-prefix.conf.tpl b/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-prefix.conf.tpl deleted file mode 100644 index 7ac08b131680..000000000000 --- a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-prefix.conf.tpl +++ /dev/null @@ -1,11 +0,0 @@ -{{prefix_conf}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - {{proxy_configuration}} - ProxyPass / {{proxy_address}} - ProxyPassReverse / {{proxy_address}} - {{extra_directory_configuration}} - -{{additional_configuration}} diff --git a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-http-vhost.conf.tpl b/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-http-vhost.conf.tpl deleted file mode 100644 index f518c7d42aab..000000000000 --- a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-http-vhost.conf.tpl +++ /dev/null @@ -1,16 +0,0 @@ -{{http_listen_configuration}} -{{before_vhost_configuration}} -PassengerPreStart http://localhost:{{http_port}}/ - - {{server_name_configuration}} - DocumentRoot {{document_root}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - PassengerEnabled on - {{extra_directory_configuration}} - - {{additional_http_configuration}} - {{additional_configuration}} - diff --git a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-https-vhost.conf.tpl b/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-https-vhost.conf.tpl deleted file mode 100644 index 5aae54c37d3b..000000000000 --- a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-https-vhost.conf.tpl +++ /dev/null @@ -1,19 +0,0 @@ -{{https_listen_configuration}} -{{before_vhost_configuration}} -PassengerPreStart https://localhost:{{https_port}}/ - - {{server_name_configuration}} - SSLEngine on - SSLCertificateFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.crt" - SSLCertificateKeyFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.key" - DocumentRoot {{document_root}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - PassengerEnabled on - {{extra_directory_configuration}} - - {{additional_https_configuration}} - {{additional_configuration}} - diff --git a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-prefix.conf.tpl b/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-prefix.conf.tpl deleted file mode 100644 index 2242d656b5a8..000000000000 --- a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-prefix.conf.tpl +++ /dev/null @@ -1,9 +0,0 @@ -{{prefix_conf}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - PassengerEnabled on - {{extra_directory_configuration}} - -{{additional_configuration}} diff --git a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami-ssl.conf.tpl b/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami-ssl.conf.tpl deleted file mode 100644 index f1d31ed3ecc3..000000000000 --- a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami-ssl.conf.tpl +++ /dev/null @@ -1,29 +0,0 @@ -# Default SSL Virtual Host configuration. - - - LoadModule ssl_module modules/mod_ssl.so - - -Listen 443 -SSLProtocol all -SSLv2 -SSLv3 -SSLHonorCipherOrder on -SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !EDH !RC4" -SSLPassPhraseDialog builtin -SSLSessionCache "shmcb:{{APACHE_LOGS_DIR}}/ssl_scache(512000)" -SSLSessionCacheTimeout 300 - - - DocumentRoot "{{APACHE_BASE_DIR}}/htdocs" - SSLEngine on - SSLCertificateFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.crt" - SSLCertificateKeyFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.key" - - - Options Indexes FollowSymLinks - AllowOverride All - Require all granted - - - # Error Documents - ErrorDocument 503 /503.html - diff --git a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami.conf.tpl b/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami.conf.tpl deleted file mode 100644 index 75a255c3efee..000000000000 --- a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami.conf.tpl +++ /dev/null @@ -1,17 +0,0 @@ -# Default Virtual Host configuration. - -# Let Apache know we're behind a SSL reverse proxy -SetEnvIf X-Forwarded-Proto https HTTPS=on - - - DocumentRoot "{{APACHE_BASE_DIR}}/htdocs" - - Options Indexes FollowSymLinks - AllowOverride All - Require all granted - - - # Error Documents - ErrorDocument 503 /503.html - - diff --git a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/entrypoint.sh b/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/entrypoint.sh deleted file mode 100755 index dad82feba389..000000000000 --- a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/entrypoint.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -#set -o xtrace - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Apache environment -. /opt/bitnami/scripts/apache-env.sh - -print_welcome_page - -if [[ "$*" == *"/opt/bitnami/scripts/apache/run.sh"* ]]; then - info "** Starting Apache setup **" - /opt/bitnami/scripts/apache/setup.sh - info "** Apache setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/postunpack.sh b/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/postunpack.sh deleted file mode 100755 index 6a480ad4ddde..000000000000 --- a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/postunpack.sh +++ /dev/null @@ -1,127 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh - -######################## -# Sets up the default Bitnami configuration -# Globals: -# APACHE_* -# Arguments: -# None -# Returns: -# None -######################### -apache_setup_bitnami_config() { - local template_dir="${BITNAMI_ROOT_DIR}/scripts/apache/bitnami-templates" - - # Enable Apache modules - local -a modules_to_enable=( - "deflate_module" - "negotiation_module" - "proxy[^\s]*_module" - "rewrite_module" - "slotmem_shm_module" - "socache_shmcb_module" - "ssl_module" - "status_module" - "version_module" - ) - for module in "${modules_to_enable[@]}"; do - apache_enable_module "$module" - done - - # Disable Apache modules - local -a modules_to_disable=( - "http2_module" - "proxy_hcheck_module" - "proxy_html_module" - "proxy_http2_module" - ) - for module in "${modules_to_disable[@]}"; do - apache_disable_module "$module" - done - - # Bitnami customizations - ensure_dir_exists "${APACHE_CONF_DIR}/bitnami" - render-template "${template_dir}/bitnami.conf.tpl" > "${APACHE_CONF_DIR}/bitnami/bitnami.conf" - render-template "${template_dir}/bitnami-ssl.conf.tpl" > "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf" - - # Add new configuration only once, to avoid a second postunpack run breaking Apache - local apache_conf_add - apache_conf_add="$(cat <>"$APACHE_CONF_FILE" < - RequestHeader unset Proxy - -EOF - fi -} - -# Load Apache environment -. /opt/bitnami/scripts/apache-env.sh - -apache_setup_bitnami_config - -# Ensure non-root user has write permissions on a set of directories -for dir in "$APACHE_TMP_DIR" "$APACHE_CONF_DIR" "$APACHE_LOGS_DIR" "$APACHE_VHOSTS_DIR" "$APACHE_HTACCESS_DIR" "$APACHE_HTDOCS_DIR"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" -done - -# Create 'apache2' symlink pointing to the 'apache' directory, for compatibility with Bitnami Docs guides -ln -sf apache "${BITNAMI_ROOT_DIR}/apache2" - -ln -sf "/dev/stdout" "${APACHE_LOGS_DIR}/access_log" -ln -sf "/dev/stderr" "${APACHE_LOGS_DIR}/error_log" - -# This file is necessary for avoiding the error -# "unable to write random state" -# Source: https://stackoverflow.com/questions/94445/using-openssl-what-does-unable-to-write-random-state-mean - -touch /.rnd && chmod g+rw /.rnd diff --git a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/reload.sh b/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/reload.sh deleted file mode 100755 index 759c76157cc5..000000000000 --- a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/reload.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Apache environment -. /opt/bitnami/scripts/apache-env.sh - -info "** Reloading Apache configuration **" -exec "${APACHE_BIN_DIR}/apachectl" -k graceful diff --git a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/restart.sh b/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/restart.sh deleted file mode 100755 index a58851df0bab..000000000000 --- a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/restart.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh - -# Load Apache environment variables -. /opt/bitnami/scripts/apache-env.sh - -/opt/bitnami/scripts/apache/stop.sh -/opt/bitnami/scripts/apache/start.sh diff --git a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/run.sh b/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/run.sh deleted file mode 100755 index 01872e16a58a..000000000000 --- a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/run.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Apache environment -. /opt/bitnami/scripts/apache-env.sh - -info "** Starting Apache **" -exec "${APACHE_BIN_DIR}/httpd" -f "$APACHE_CONF_FILE" -D "FOREGROUND" diff --git a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/setup.sh b/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/setup.sh deleted file mode 100755 index ab451b6c1442..000000000000 --- a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/setup.sh +++ /dev/null @@ -1,91 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libapache.sh - -# Load Apache environment -. /opt/bitnami/scripts/apache-env.sh - -# Ensure Apache environment variables are valid -apache_validate - -# Ensure Apache daemon user exists when running as 'root' -am_i_root && ensure_user_exists "$APACHE_DAEMON_USER" --group "$APACHE_DAEMON_GROUP" - -# Generate SSL certs (without a passphrase) -ensure_dir_exists "${APACHE_CONF_DIR}/bitnami/certs" -if [[ ! -f "${APACHE_CONF_DIR}/bitnami/certs/server.crt" ]]; then - info "Generating sample certificates" - SSL_KEY_FILE="${APACHE_CONF_DIR}/bitnami/certs/server.key" - SSL_CERT_FILE="${APACHE_CONF_DIR}/bitnami/certs/server.crt" - SSL_CSR_FILE="${APACHE_CONF_DIR}/bitnami/certs/server.csr" - SSL_SUBJ="/CN=example.com" - SSL_EXT="subjectAltName=DNS:example.com,DNS:www.example.com,IP:127.0.0.1" - rm -f "$SSL_KEY_FILE" "$SSL_CERT_FILE" - openssl genrsa -out "$SSL_KEY_FILE" 4096 - # OpenSSL version 1.0.x does not use the same parameters as OpenSSL >= 1.1.x - if [[ "$(openssl version | grep -oE "[0-9]+\.[0-9]+")" == "1.0" ]]; then - openssl req -new -sha256 -out "$SSL_CSR_FILE" -key "$SSL_KEY_FILE" -nodes -subj "$SSL_SUBJ" - else - openssl req -new -sha256 -out "$SSL_CSR_FILE" -key "$SSL_KEY_FILE" -nodes -subj "$SSL_SUBJ" -addext "$SSL_EXT" - fi - openssl x509 -req -sha256 -in "$SSL_CSR_FILE" -signkey "$SSL_KEY_FILE" -out "$SSL_CERT_FILE" -days 1825 -extfile <(echo -n "$SSL_EXT") - rm -f "$SSL_CSR_FILE" -fi -# Load SSL configuration -if [[ -f "${APACHE_CONF_DIR}/bitnami/bitnami.conf" ]] && [[ -f "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf" ]]; then - ensure_apache_configuration_exists "Include \"${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf\"" "bitnami-ssl\.conf" "${APACHE_CONF_DIR}/bitnami/bitnami.conf" -fi - -# Copy vhosts files -if ! is_dir_empty "/vhosts"; then - info "Found mounted virtual hosts in '/vhosts'. Copying them to '${APACHE_BASE_DIR}/conf/vhosts'" - cp -Lr "/vhosts/." "${APACHE_VHOSTS_DIR}" -fi - -# Mount certificate files -if ! is_dir_empty "${APACHE_BASE_DIR}/certs"; then - warn "The directory '${APACHE_BASE_DIR}/certs' was externally mounted. This is a legacy configuration and will be deprecated soon. Please mount certificate files at '/certs' instead. Find an example at: https://github.com/bitnami/containers/tree/main/bitnami/apache#using-custom-ssl-certificates" - warn "Restoring certificates at '${APACHE_BASE_DIR}/certs' to '${APACHE_CONF_DIR}/bitnami/certs'" - rm -rf "${APACHE_CONF_DIR}/bitnami/certs" - ln -sf "${APACHE_BASE_DIR}/certs" "${APACHE_CONF_DIR}/bitnami/certs" -elif ! is_dir_empty "/certs"; then - info "Mounting certificates files from '/certs'" - rm -rf "${APACHE_CONF_DIR}/bitnami/certs" - ln -sf "/certs" "${APACHE_CONF_DIR}/bitnami/certs" -fi - -# Mount application files -if ! is_dir_empty "/app"; then - info "Mounting application files from '/app'" - rm -rf "$APACHE_HTDOCS_DIR" - ln -sf "/app" "$APACHE_HTDOCS_DIR" -fi - -# Restore persisted configuration files (deprecated) -if ! is_dir_empty "/bitnami/apache/conf"; then - warn "The directory '/bitnami/apache/conf' was externally mounted. This is a legacy configuration and will be deprecated soon. Please mount certificate files at '${APACHE_CONF_DIR}' instead. Find an example at: https://github.com/bitnami/containers/tree/main/bitnami/apache#full-configuration" - warn "Restoring configuration at '/bitnami/apache/conf' to '${APACHE_CONF_DIR}'" - rm -rf "$APACHE_CONF_DIR" - ln -sf "/bitnami/apache/conf" "$APACHE_CONF_DIR" -fi - -# Update ports in configuration -[[ -n "$APACHE_HTTP_PORT_NUMBER" ]] && info "Configuring the HTTP port" && apache_configure_http_port "$APACHE_HTTP_PORT_NUMBER" -[[ -n "$APACHE_HTTPS_PORT_NUMBER" ]] && info "Configuring the HTTPS port" && apache_configure_https_port "$APACHE_HTTPS_PORT_NUMBER" - -# Configure ServerTokens with user values -[[ -n "$APACHE_SERVER_TOKENS" ]] && info "Configuring Apache ServerTokens directive" && apache_configure_server_tokens "$APACHE_SERVER_TOKENS" - -# Fix logging issue when running as root -! am_i_root || chmod o+w "$(readlink /dev/stdout)" "$(readlink /dev/stderr)" diff --git a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/start.sh b/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/start.sh deleted file mode 100755 index 28425368c332..000000000000 --- a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/start.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Apache environment variables -. /opt/bitnami/scripts/apache-env.sh - -error_code=0 - -if is_apache_not_running; then - "${APACHE_BIN_DIR}/httpd" -f "$APACHE_CONF_FILE" - if ! retry_while "is_apache_running"; then - error "apache did not start" - error_code=1 - else - info "apache started" - fi -else - info "apache is already running" -fi - -exit "$error_code" diff --git a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/status.sh b/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/status.sh deleted file mode 100755 index 825fe8d37620..000000000000 --- a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/status.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Apache environment variables -. /opt/bitnami/scripts/apache-env.sh - -if is_apache_running; then - info "apache is already running" -else - info "apache is not running" -fi diff --git a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/stop.sh b/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/stop.sh deleted file mode 100755 index 8cca0a07ac64..000000000000 --- a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/apache/stop.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Apache environment variables -. /opt/bitnami/scripts/apache-env.sh - -error_code=0 - -if is_apache_running; then - BITNAMI_QUIET=1 apache_stop - if ! retry_while "is_apache_not_running"; then - error "apache could not be stopped" - error_code=1 - else - info "apache stopped" - fi -else - info "apache is not running" -fi - -exit "$error_code" diff --git a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/libapache.sh b/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/libapache.sh deleted file mode 100644 index c83892a10c5f..000000000000 --- a/bitnami/apache/2.4/debian-11/rootfs/opt/bitnami/scripts/libapache.sh +++ /dev/null @@ -1,808 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Apache library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libservice.sh - -######################## -# Validate settings in APACHE_* env vars -# Globals: -# APACHE_* -# Arguments: -# None -# Returns: -# None -######################### -apache_validate() { - debug "Validating settings in APACHE_* environment variables" - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - check_allowed_port() { - local port_var="${1:?missing port variable}" - local -a validate_port_args=() - ! am_i_root && validate_port_args+=("-unprivileged") - validate_port_args+=("${!port_var}") - if ! err=$(validate_port "${validate_port_args[@]}"); then - print_validation_error "An invalid port was specified in the environment variable ${port_var}: ${err}." - fi - } - - [[ -w "$APACHE_CONF_FILE" ]] || warn "The Apache configuration file '${APACHE_CONF_FILE}' is not writable. Configurations based on environment variables will not be applied." - - if [[ -n "$APACHE_HTTP_PORT_NUMBER" ]] && [[ -n "$APACHE_HTTPS_PORT_NUMBER" ]]; then - if [[ "$APACHE_HTTP_PORT_NUMBER" -eq "$APACHE_HTTPS_PORT_NUMBER" ]]; then - print_validation_error "APACHE_HTTP_PORT_NUMBER and APACHE_HTTPS_PORT_NUMBER are bound to the same port!" - fi - fi - - [[ -n "$APACHE_HTTP_PORT_NUMBER" ]] && check_allowed_port APACHE_HTTP_PORT_NUMBER - [[ -n "$APACHE_HTTPS_PORT_NUMBER" ]] && check_allowed_port APACHE_HTTPS_PORT_NUMBER - - [[ "$error_code" -eq 0 ]] || exit "$error_code" -} - -######################## -# Configure Apache's HTTP port -# Globals: -# APACHE_CONF_FILE, APACHE_CONF_DIR -# Arguments: -# None -# Returns: -# None -######################### -apache_configure_http_port() { - local -r port=${1:?missing port} - local -r listen_exp="s|^\s*Listen\s+([^:]*:)?[0-9]+\s*$|Listen ${port}|" - local -r server_name_exp="s|^\s*#?\s*ServerName\s+([^:\s]+)(:[0-9]+)?$|ServerName \1:${port}|" - local -r vhost_exp="s|VirtualHost\s+([^:>]+)(:[0-9]+)|VirtualHost \1:${port}|" - local apache_configuration - - if [[ -w "$APACHE_CONF_FILE" ]]; then - debug "Configuring port ${port} on file ${APACHE_CONF_FILE}" - apache_configuration="$(sed -E -e "$listen_exp" -e "$server_name_exp" "$APACHE_CONF_FILE")" - echo "$apache_configuration" > "$APACHE_CONF_FILE" - fi - - if [[ -w "${APACHE_CONF_DIR}/bitnami/bitnami.conf" ]]; then - debug "Configuring port ${port} on file ${APACHE_CONF_DIR}/bitnami/bitnami.conf" - apache_configuration="$(sed -E "$vhost_exp" "${APACHE_CONF_DIR}/bitnami/bitnami.conf")" - echo "$apache_configuration" > "${APACHE_CONF_DIR}/bitnami/bitnami.conf" - fi - - if [[ -w "${APACHE_VHOSTS_DIR}/00_status-vhost.conf" ]]; then - debug "Configuring port ${port} on file ${APACHE_VHOSTS_DIR}/00_status-vhost.conf" - apache_configuration="$(sed -E "$vhost_exp" "${APACHE_VHOSTS_DIR}/00_status-vhost.conf")" - echo "$apache_configuration" > "${APACHE_VHOSTS_DIR}/00_status-vhost.conf" - fi -} - -######################## -# Configure Apache's HTTPS port -# Globals: -# APACHE_CONF_DIR -# Arguments: -# None -# Returns: -# None -######################### -apache_configure_https_port() { - local -r port=${1:?missing port} - local -r listen_exp="s|^\s*Listen\s+([^:]*:)?[0-9]+\s*$|Listen ${port}|" - local -r vhost_exp="s|VirtualHost\s+([^:>]+)(:[0-9]+)|VirtualHost \1:${port}|" - local apache_configuration - - if [[ -w "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf" ]]; then - debug "Configuring port ${port} on file ${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf" - apache_configuration="$(sed -E -e "$listen_exp" -e "$vhost_exp" "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf")" - echo "$apache_configuration" > "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf" - fi -} - -######################## -# Configure Apache's ServerTokens directive -# Globals: -# APACHE_CONF_DIR -# Arguments: -# $1 - Value for ServerTokens directive -# Returns: -# None -######################### -apache_configure_server_tokens() { - local -r value=${1:?missing value} - local -r server_tokens_exp="s|^\s*ServerTokens\s+\w+\s*$|ServerTokens ${value}|" - local apache_configuration - - if [[ -w "$APACHE_CONF_FILE" ]]; then - debug "Configuring ServerTokens ${value} on file ${APACHE_CONF_FILE}" - apache_configuration="$(sed -E -e "$server_tokens_exp" "$APACHE_CONF_FILE")" - echo "$apache_configuration" > "$APACHE_CONF_FILE" - fi -} - -######################## -# Enable a module in the Apache configuration file -# Globals: -# APACHE_CONF_FILE -# Arguments: -# $1 - Module to enable -# $2 - Path to module .so file (optional if already defined in httpd.conf) -# Returns: -# None -######################### -apache_enable_module() { - local -r name="${1:?missing name}" - local -r file="${2:-}" - local -r regex="[#\s]*(LoadModule\s+${name}\s+.*)$" - local apache_configuration - - if [[ -w "$APACHE_CONF_FILE" ]]; then - debug "Enabling module '${name}'" - if grep -q -E "$regex" "$APACHE_CONF_FILE"; then - # Uncomment line if the module was already defined - replace_in_file "$APACHE_CONF_FILE" "$regex" "\1" - elif [[ -n "$file" ]]; then - # Add right after the last LoadModule, so all Apache modules are organized in the same section of the file - append_file_after_last_match "$APACHE_CONF_FILE" "^[#\s]*LoadModule" "LoadModule ${name} ${file}" - else - error "Module ${name} was not defined in ${APACHE_CONF_FILE}. Please specify the 'file' parameter for 'apache_enable_module'." - fi - fi -} - -######################## -# Disable a module in the Apache configuration file -# Globals: -# APACHE_CONF_FILE -# Arguments: -# $1 - Module to disable -# Returns: -# None -######################### -apache_disable_module() { - local -r name="${1:?missing name}" - local -r file="${2:-}" - local -r regex="[#\s]*(LoadModule\s+${name}\s+.*)$" - local apache_configuration - - if [[ -w "$APACHE_CONF_FILE" ]]; then - debug "Disabling module '${name}'" - replace_in_file "$APACHE_CONF_FILE" "$regex" "#\1" - fi -} - -######################## -# Stop Apache -# Globals: -# APACHE_* -# Arguments: -# None -# Returns: -# None -######################### -apache_stop() { - is_apache_not_running && return - stop_service_using_pid "$APACHE_PID_FILE" -} - -######################## -# Check if Apache is running -# Globals: -# APACHE_PID_FILE -# Arguments: -# None -# Returns: -# Whether Apache is running -######################## -is_apache_running() { - local pid - pid="$(get_pid_from_file "$APACHE_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if Apache is running -# Globals: -# APACHE_PID_FILE -# Arguments: -# None -# Returns: -# Whether Apache is not running -######################## -is_apache_not_running() { - ! is_apache_running -} - -######################## -# Ensure configuration gets added to the main Apache configuration file -# Globals: -# APACHE_* -# Arguments: -# $1 - configuration string -# $2 - pattern to use for checking if the configuration already exists (default: $1) -# $3 - Apache configuration file (default: $APACHE_CONF_FILE) -# Returns: -# None -######################## -ensure_apache_configuration_exists() { - local -r conf="${1:?conf missing}" - local -r pattern="${2:-"$conf"}" - local -r conf_file="${3:-"$APACHE_CONF_FILE"}" - # Enable configuration by appending to httpd.conf - if ! grep -E -q "$pattern" "$conf_file"; then - if is_file_writable "$conf_file"; then - cat >> "$conf_file" <<< "$conf" - else - error "Could not add the following configuration to '${conf_file}:" - error "" - error "$(indent "$conf" 4)" - error "" - error "Include the configuration manually and try again." - return 1 - fi - fi -} - -######################## -# Collect all the .htaccess files from /opt/bitnami/$name and write the result in the 'htaccess' directory -# Globals: -# APACHE_* -# Arguments: -# $1 - App name -# $2 - Overwrite the original .htaccess with the explanation text (defaults to 'yes') -# Flags: -# --document-root - Path to document root directory -# Returns: -# None -######################## -apache_replace_htaccess_files() { - local -r app="${1:?missing app}" - local -r result_file="${APACHE_HTACCESS_DIR}/${app}-htaccess.conf" - # Default options - local document_root="${BITNAMI_ROOT_DIR}/${app}" - local overwrite="yes" - local -a htaccess_files - local htaccess_dir - local htaccess_contents - # Validate arguments - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --document-root) - shift - document_root="$1" - ;; - --overwrite) - shift - overwrite="$1" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - if is_file_writable "$result_file"; then - # Locate all .htaccess files inside the document root - read -r -a htaccess_files <<< "$(find "$document_root" -name .htaccess -print0 | xargs -0)" - [[ "${#htaccess_files[@]}" = 0 ]] && return - # Create file with root group write privileges, so it can be modified in non-root containers - [[ ! -f "$result_file" ]] && touch "$result_file" && chmod g+rw "$result_file" - for htaccess_file in "${htaccess_files[@]}"; do - htaccess_dir="$(dirname "$htaccess_file")" - htaccess_contents="$(indent "$(< "$htaccess_file")" 2)" - # Skip if it was already included to the resulting htaccess file - if grep -q "^" <<< "$htaccess_contents"; then - continue - fi - # Add to the htaccess file - cat >> "$result_file" < -${htaccess_contents} - -EOF - # Overwrite the original .htaccess with the explanation text - if is_boolean_yes "$overwrite"; then - echo "# This configuration has been moved to the ${result_file} config file for performance and security reasons" > "$htaccess_file" - fi - done - elif [[ ! -f "$result_file" ]]; then - error "Could not create htaccess for ${app} at '${result_file}'. Check permissions and ownership for parent directories." - return 1 - else - warn "The ${app} htaccess file '${result_file}' is not writable. Configurations based on environment variables will not be applied for this file." - return - fi -} - -######################## -# Ensure an Apache application configuration exists (in virtual host format) -# Globals: -# APACHE_* -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on what configuration template will be used, allowed values: php, (empty) -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases (defaults to '*') -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render the app's virtual hosts with a .disabled prefix -# --disable-http - Whether to render the app's HTTP virtual host with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS virtual host with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# --additional-configuration - Additional vhost configuration (no default) -# --additional-http-configuration - Additional HTTP vhost configuration (no default) -# --additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --before-vhost-configuration - Configuration to add before the directive (no default) -# --allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --document-root - Path to document root directory -# --extra-directory-configuration - Extra configuration for the document root directory -# --proxy-address - Address where to proxy requests -# --proxy-configuration - Extra configuration for the proxy -# --proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_apache_app_configuration_exists() { - local -r app="${1:?missing app}" - # Default options - local type="" - local -a hosts=("127.0.0.1" "_default_") - local server_name="www.example.com" # Default ServerName in httpd.conf - local -a server_aliases=("*") - local allow_remote_connections="yes" - local disable="no" - local disable_http="no" - local disable_https="no" - local move_htaccess="yes" - # Template variables defaults - export additional_configuration="" - export additional_http_configuration="" - export additional_https_configuration="" - export before_vhost_configuration="" - export allow_override="All" - export document_root="${BITNAMI_ROOT_DIR}/${app}" - export extra_directory_configuration="" - export default_http_port="${APACHE_HTTP_PORT_NUMBER:-"$APACHE_DEFAULT_HTTP_PORT_NUMBER"}" - export default_https_port="${APACHE_HTTPS_PORT_NUMBER:-"$APACHE_DEFAULT_HTTPS_PORT_NUMBER"}" - export http_port="$default_http_port" - export https_port="$default_https_port" - export proxy_address="" - export proxy_configuration="" - export proxy_http_configuration="" - export proxy_https_configuration="" - # Validate arguments - local var_name - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --hosts \ - | --server-aliases) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - read -r -a "${var_name?}" <<< "$1" - ;; - --disable \ - | --disable-http \ - | --disable-https \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - export "${var_name}=yes" - ;; - --type \ - | --server-name \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --move-htaccess \ - | --additional-configuration \ - | --additional-http-configuration \ - | --additional-https-configuration \ - | --before-vhost-configuration \ - | --allow-override \ - | --document-root \ - | --extra-directory-configuration \ - | --proxy-address \ - | --proxy-configuration \ - | --proxy-http-configuration \ - | --proxy-https-configuration \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - export "${var_name}=${1}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Construct listen ports configuration (only to add when using non-standard ports) - export http_listen_configuration="" - export https_listen_configuration="" - [[ "$http_port" != "$default_http_port" ]] && http_listen_configuration="Listen ${http_port}" - [[ "$https_port" != "$default_https_port" ]] && https_listen_configuration="Listen ${https_port}" - # Construct host string in the format of "host1:port1[ host2:port2[ ...]]" - export http_listen_addresses="" - export https_listen_addresses="" - for host in "${hosts[@]}"; do - http_listen="${host}:${http_port}" - https_listen="${host}:${https_port}" - [[ -z "${http_listen_addresses:-}" ]] && http_listen_addresses="$http_listen" || http_listen_addresses="${http_listen_addresses} ${http_listen}" - [[ -z "${https_listen_addresses:-}" ]] && https_listen_addresses="$https_listen" || https_listen_addresses="${https_listen_addresses} ${https_listen}" - done - # Construct ServerName/ServerAlias block - export server_name_configuration="" - if ! is_empty_value "${server_name:-}"; then - server_name_configuration="ServerName ${server_name}" - fi - if [[ "${#server_aliases[@]}" -gt 0 ]]; then - server_name_configuration+=$'\n'"ServerAlias ${server_aliases[*]}" - fi - # App .htaccess support (only when type is not defined) - export htaccess_include - [[ -z "$type" || "$type" = "php" ]] && is_boolean_yes "$move_htaccess" && apache_replace_htaccess_files "$app" --document-root "$document_root" - if [[ -z "$type" || "$type" = "php" ]] && [[ -f "${APACHE_HTACCESS_DIR}/${app}-htaccess.conf" ]]; then - allow_override="None" - htaccess_include="Include \"${APACHE_HTACCESS_DIR}/${app}-htaccess.conf\"" - else - # allow_override is already set to the expected value - htaccess_include="" - fi - # ACL configuration - export acl_configuration - if is_boolean_yes "$allow_remote_connections"; then - acl_configuration="Require all granted" - else - acl_configuration="$(cat < "$http_vhost" - elif [[ ! -f "$http_vhost" ]]; then - error "Could not create virtual host for ${app} at '${http_vhost}'. Check permissions and ownership for parent directories." - return 1 - else - warn "The ${app} virtual host file '${http_vhost}' is not writable. Configurations based on environment variables will not be applied for this file." - fi - if is_file_writable "$https_vhost"; then - # Create file with root group write privileges, so it can be modified in non-root containers - [[ ! -f "$https_vhost" ]] && touch "$https_vhost" && chmod g+rw "$https_vhost" - render-template "${template_dir}/${template_name}-https-vhost.conf.tpl" | sed '/^\s*$/d' > "$https_vhost" - elif [[ ! -f "$https_vhost" ]]; then - error "Could not create virtual host for ${app} at '${https_vhost}'. Check permissions and ownership for parent directories." - return 1 - else - warn "The ${app} virtual host file '${https_vhost}' is not writable. Configurations based on environment variables will not be applied for this file." - fi -} - -######################## -# Ensure an Apache application configuration does not exist anymore (in virtual hosts format) -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_apache_app_configuration_not_exists() { - local -r app="${1:?missing app}" - local -r http_vhost="${APACHE_VHOSTS_DIR}/${app}-vhost.conf" - local -r https_vhost="${APACHE_VHOSTS_DIR}/${app}-https-vhost.conf" - local -r disable_suffix=".disabled" - # Note that 'rm -f' will not fail if the files don't exist - # However if we lack permissions to remove the file, it will result in a non-zero exit code, as expected by this function - rm -f "$http_vhost" "$https_vhost" "${http_vhost}${disable_suffix}" "${https_vhost}${disable_suffix}" -} - -######################## -# Ensure Apache loads the configuration for an application in a URL prefix -# Globals: -# APACHE_* -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on what configuration template will be used, allowed values: php, (empty) -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --additional-configuration - Additional vhost configuration (no default) -# --allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --document-root - Path to document root directory -# --extra-directory-configuration - Extra configuration for the document root directory -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_apache_prefix_configuration_exists() { - local -r app="${1:?missing app}" - # Default options - local type="" - local allow_remote_connections="yes" - local move_htaccess="yes" - local prefix="/${app}" - # Template variables defaults - export additional_configuration="" - export allow_override="All" - export document_root="${BITNAMI_ROOT_DIR}/${app}" - export extra_directory_configuration="" - # Validate arguments - local var_name - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --type \ - | --allow-remote-connections \ - | --move-htaccess \ - | --prefix \ - | --additional-configuration \ - | --allow-override \ - | --document-root \ - | --extra-directory-configuration \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "${var_name}=${1}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # App .htaccess support (only when type is not defined) - export htaccess_include - [[ -z "$type" || "$type" = "php" ]] && is_boolean_yes "$move_htaccess" && apache_replace_htaccess_files "$app" --document-root "$document_root" - if [[ -z "$type" || "$type" = "php" ]] && [[ -f "${APACHE_HTACCESS_DIR}/${app}-htaccess.conf" ]]; then - allow_override="None" - htaccess_include="Include \"${APACHE_HTACCESS_DIR}/${app}-htaccess.conf\"" - else - # allow_override is already set to the expected value - htaccess_include="" - fi - # ACL configuration - export acl_configuration - if is_boolean_yes "$allow_remote_connections"; then - acl_configuration="Require all granted" - else - acl_configuration="$(cat < "$prefix_file" - ensure_apache_configuration_exists "Include \"$prefix_file\"" - elif [[ ! -f "$prefix_file" ]]; then - error "Could not create web server configuration file for ${app} at '${prefix_file}'. Check permissions and ownership for parent directories." - return 1 - else - warn "The ${app} web server configuration file '${prefix_file}' is not writable. Configurations based on environment variables will not be applied for this file." - fi -} - -######################## -# Ensure Apache application configuration is updated with the runtime configuration (i.e. ports) -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -apache_update_app_configuration() { - local -r app="${1:?missing app}" - # Default options - local -a hosts=("127.0.0.1" "_default_") - local server_name="www.example.com" # Default ServerName in httpd.conf - local -a server_aliases=() - local enable_http="no" - local enable_https="no" - local disable_http="no" - local disable_https="no" - export default_http_port="${APACHE_HTTP_PORT_NUMBER:-"$APACHE_DEFAULT_HTTP_PORT_NUMBER"}" - export default_https_port="${APACHE_HTTPS_PORT_NUMBER:-"$APACHE_DEFAULT_HTTPS_PORT_NUMBER"}" - export http_port="$default_http_port" - export https_port="$default_https_port" - local var_name - # Validate arguments - local var_name - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --hosts \ - | --server-aliases) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - read -r -a "${var_name?}" <<< "$1" - ;; - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - declare "${var_name}=yes" - ;; - --server-name \ - | --http-port \ - | --https-port \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "${var_name}=${1}" - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Construct host string in the format of "host1:port1[ host2:port2[ ...]]" - export http_listen_addresses="" - export https_listen_addresses="" - for host in "${hosts[@]}"; do - http_listen="${host}:${http_port}" - https_listen="${host}:${https_port}" - [[ -z "${http_listen_addresses:-}" ]] && http_listen_addresses="$http_listen" || http_listen_addresses="${http_listen_addresses} ${http_listen}" - [[ -z "${https_listen_addresses:-}" ]] && https_listen_addresses="$https_listen" || https_listen_addresses="${https_listen_addresses} ${https_listen}" - done - # Update configuration - local -r http_vhost="${APACHE_VHOSTS_DIR}/${app}-vhost.conf" - local -r https_vhost="${APACHE_VHOSTS_DIR}/${app}-https-vhost.conf" - local -r disable_suffix=".disabled" - # Helper function to avoid duplicating code - update_common_vhost_config() { - local -r vhost_file="${1:?missing virtual host}" - # Update ServerName - if ! is_empty_value "${server_name:-}"; then - replace_in_file "$vhost_file" "^(\s*ServerName\s+).*" "\1${server_name}" - fi - # Update ServerAlias - if [[ "${#server_aliases[@]}" -gt 0 ]]; then - replace_in_file "$vhost_file" "^(\s*ServerAlias\s+).*" "\1${server_aliases[*]}" - fi - } - # Disable and enable configuration files - rename_conf_file() { - local -r origin="$1" - local -r destination="$2" - if is_file_writable "$origin" && is_file_writable "$destination"; then - warn "Could not rename virtual host file '${origin}' to '${destination}' due to lack of permissions." - else - mv "$origin" "$destination" - fi - } - is_boolean_yes "$disable_http" && [[ -e "$http_vhost" ]] && rename_conf_file "${http_vhost}${disable_suffix}" "$http_vhost" - is_boolean_yes "$disable_https" && [[ -e "$https_vhost" ]] && rename_conf_file "${https_vhost}${disable_suffix}" "$https_vhost" - is_boolean_yes "$enable_http" && [[ -e "${http_vhost}${disable_suffix}" ]] && rename_conf_file "${http_vhost}${disable_suffix}" "$http_vhost" - is_boolean_yes "$enable_https" && [[ -e "${https_vhost}${disable_suffix}" ]] && rename_conf_file "${https_vhost}${disable_suffix}" "$https_vhost" - # Update only configuration files without the '.disabled' suffix - if [[ -e "$http_vhost" ]]; then - if is_file_writable "$http_vhost"; then - update_common_vhost_config "$http_vhost" - # Update vhost-specific config (listen port and addresses) - replace_in_file "$http_vhost" "^Listen .*" "Listen ${http_port}" - replace_in_file "$http_vhost" "^$" "" - else - warn "The ${app} virtual host file '${http_vhost}' is not writable. Configurations based on environment variables will not be applied for this file." - fi - fi - if [[ -e "$https_vhost" ]]; then - if is_file_writable "$https_vhost"; then - update_common_vhost_config "$https_vhost" - # Update vhost-specific config (listen port and addresses) - replace_in_file "$https_vhost" "^Listen .*" "Listen ${https_port}" - replace_in_file "$https_vhost" "^$" "" - else - warn "The ${app} virtual host file '${https_vhost}' is not writable. Configurations based on environment variables will not be applied for this file." - fi - fi -} - -######################## -# Create a password file for basic authentication and restrict its permissions -# Globals: -# * -# Arguments: -# $1 - file -# $2 - username -# $3 - password -# Returns: -# true if the configuration was updated, false otherwise -######################## -apache_create_password_file() { - local -r file="${1:?missing file}" - local -r username="${2:?missing username}" - local -r password="${3:?missing password}" - - "${APACHE_BIN_DIR}/htpasswd" -bc "$file" "$username" "$password" - am_i_root && configure_permissions_ownership "$file" --file-mode "600" --user "$APACHE_DAEMON_USER" --group "$APACHE_DAEMON_GROUP" -} diff --git a/bitnami/apache/2.4/debian-11/tags-info.yaml b/bitnami/apache/2.4/debian-11/tags-info.yaml deleted file mode 100644 index 792118d14f21..000000000000 --- a/bitnami/apache/2.4/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "2.4" -- 2.4-debian-11 -- 2.4.58 -- latest diff --git a/bitnami/apisix-dashboard/3/debian-11/Dockerfile b/bitnami/apisix-dashboard/3/debian-11/Dockerfile deleted file mode 100644 index dd98b57e661f..000000000000 --- a/bitnami/apisix-dashboard/3/debian-11/Dockerfile +++ /dev/null @@ -1,55 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T14:55:15Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="3.0.1-debian-11-r160" \ - org.opencontainers.image.title="apisix-dashboard" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="3.0.1" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "yq-4.41.1-0-linux-${OS_ARCH}-debian-11" \ - "render-template-1.0.6-8-linux-${OS_ARCH}-debian-11" \ - "apisix-dashboard-3.0.1-20-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN mkdir -p /opt/bitnami/apisix-dashboard/logs && chmod g+rwX /opt/bitnami/apisix-dashboard/logs -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN useradd -r -u 1001 -g root apisix-dashboard -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="3.0.1" \ - BITNAMI_APP_NAME="apisix-dashboard" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/apisix-dashboard:$PATH" - -WORKDIR /opt/bitnami/apisix-dashboard -USER 1001 -ENTRYPOINT [ "/opt/bitnami/apisix-dashboard/manager-api" ] diff --git a/bitnami/apisix-dashboard/3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/apisix-dashboard/3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 587c97404aed..000000000000 --- a/bitnami/apisix-dashboard/3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "apisix-dashboard": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.0.1-20" - }, - "render-template": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.6-8" - }, - "yq": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "4.41.1-0" - } -} \ No newline at end of file diff --git a/bitnami/apisix-dashboard/3/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/apisix-dashboard/3/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/apisix-dashboard/3/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/apisix-dashboard/3/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/apisix-dashboard/3/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/apisix-dashboard/3/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/apisix-dashboard/3/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/apisix-dashboard/3/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/apisix-dashboard/3/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/apisix-dashboard/3/debian-11/tags-info.yaml b/bitnami/apisix-dashboard/3/debian-11/tags-info.yaml deleted file mode 100644 index 725d565b266a..000000000000 --- a/bitnami/apisix-dashboard/3/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "3" -- 3-debian-11 -- 3.0.1 -- latest diff --git a/bitnami/apisix-ingress-controller/1/debian-11/Dockerfile b/bitnami/apisix-ingress-controller/1/debian-11/Dockerfile deleted file mode 100644 index 1e5d84f38368..000000000000 --- a/bitnami/apisix-ingress-controller/1/debian-11/Dockerfile +++ /dev/null @@ -1,53 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T21:14:43Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.8.0-debian-11-r24" \ - org.opencontainers.image.title="apisix-ingress-controller" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="1.8.0" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "yq-4.41.1-0-linux-${OS_ARCH}-debian-11" \ - "render-template-1.0.6-8-linux-${OS_ARCH}-debian-11" \ - "apisix-ingress-controller-1.8.0-3-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN useradd -r -u 1001 -g root apisix-ingress-controller -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="1.8.0" \ - BITNAMI_APP_NAME="apisix-ingress-controller" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/apisix-ingress-controller/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/apisix-ingress-controller/bin/apisix-ingress-controller" ] diff --git a/bitnami/apisix-ingress-controller/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/apisix-ingress-controller/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 7318ce96cc96..000000000000 --- a/bitnami/apisix-ingress-controller/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "apisix-ingress-controller": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.8.0-3" - }, - "render-template": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.6-8" - }, - "yq": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "4.41.1-0" - } -} \ No newline at end of file diff --git a/bitnami/apisix-ingress-controller/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/apisix-ingress-controller/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/apisix-ingress-controller/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/apisix-ingress-controller/1/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/apisix-ingress-controller/1/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/apisix-ingress-controller/1/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/apisix-ingress-controller/1/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/apisix-ingress-controller/1/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/apisix-ingress-controller/1/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/apisix-ingress-controller/1/debian-11/tags-info.yaml b/bitnami/apisix-ingress-controller/1/debian-11/tags-info.yaml deleted file mode 100644 index 96825eeb2c81..000000000000 --- a/bitnami/apisix-ingress-controller/1/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "1" -- 1-debian-11 -- 1.8.0 -- latest diff --git a/bitnami/apisix/3/debian-11/Dockerfile b/bitnami/apisix/3/debian-11/Dockerfile deleted file mode 100644 index c601615e23f7..000000000000 --- a/bitnami/apisix/3/debian-11/Dockerfile +++ /dev/null @@ -1,54 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T21:16:54Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="3.8.0-debian-11-r23" \ - org.opencontainers.image.title="apisix" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="3.8.0" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libcrypt1 libffi7 libgcc-s1 libgmp10 libgnutls30 libhogweed6 libidn2-0 libldap-2.4-2 libnettle8 libp11-kit0 libpcre3 libsasl2-2 libstdc++6 libtasn1-6 libunistring2 procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "yq-4.41.1-0-linux-${OS_ARCH}-debian-11" \ - "render-template-1.0.6-8-linux-${OS_ARCH}-debian-11" \ - "apisix-3.8.0-3-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN useradd -r -u 1001 -g root apisix -RUN chmod g+rwX /opt/bitnami/apisix/conf && mkdir -p /usr/local/apisix/logs && chmod -R g+rwX /usr/local/apisix && ln -s /opt/bitnami/apisix/conf /usr/local/apisix && ln -s /opt/bitnami/apisix/deps /usr/local/apisix && ln -s /opt/bitnami/apisix/openresty/luajit/share/lua/*/apisix /usr/local/apisix -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="3.8.0" \ - BITNAMI_APP_NAME="apisix" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/apisix/bin:/opt/bitnami/apisix/openresty/bin:/opt/bitnami/apisix/openresty/luajit/bin:/opt/bitnami/apisix/openresty/luarocks/bin:/opt/bitnami/apisix/openresty/nginx/sbin:$PATH" - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/apisix/bin/apisix" ] diff --git a/bitnami/apisix/3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/apisix/3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 8498ba810b25..000000000000 --- a/bitnami/apisix/3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "apisix": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.8.0-3" - }, - "render-template": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.6-8" - }, - "yq": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "4.41.1-0" - } -} \ No newline at end of file diff --git a/bitnami/apisix/3/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/apisix/3/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/apisix/3/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/apisix/3/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/apisix/3/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/apisix/3/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/apisix/3/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/apisix/3/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/apisix/3/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/apisix/3/debian-11/tags-info.yaml b/bitnami/apisix/3/debian-11/tags-info.yaml deleted file mode 100644 index 8d1d7c002ed3..000000000000 --- a/bitnami/apisix/3/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "3" -- 3-debian-11 -- 3.8.0 -- latest diff --git a/bitnami/appsmith/1/debian-11/Dockerfile b/bitnami/appsmith/1/debian-11/Dockerfile deleted file mode 100644 index 7a2d4869d9c8..000000000000 --- a/bitnami/appsmith/1/debian-11/Dockerfile +++ /dev/null @@ -1,65 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T16:16:00Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.13.0-debian-11-r1" \ - org.opencontainers.image.title="appsmith" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="1.13.0" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages acl ca-certificates curl gettext libbz2-1.0 libcom-err2 libcrypt1 libffi7 libgcc-s1 libgeoip1 libgssapi-krb5-2 libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 liblzma5 libncursesw6 libnsl2 libpcre3 libreadline8 libsqlite3-0 libssl1.1 libstdc++6 libtinfo6 libtirpc3 openssl procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "render-template-1.0.6-8-linux-${OS_ARCH}-debian-11" \ - "python-3.11.8-0-linux-${OS_ARCH}-debian-11" \ - "wait-for-port-1.0.7-8-linux-${OS_ARCH}-debian-11" \ - "node-18.19.1-0-linux-${OS_ARCH}-debian-11" \ - "nginx-1.25.4-0-linux-${OS_ARCH}-debian-11" \ - "mongodb-shell-2.1.4-0-linux-${OS_ARCH}-debian-11" \ - "java-17.0.10-13-1-linux-${OS_ARCH}-debian-11" \ - "appsmith-1.13.0-0-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/nginx/postunpack.sh -RUN /opt/bitnami/scripts/appsmith/postunpack.sh -ENV APP_VERSION="1.13.0" \ - BITNAMI_APP_NAME="appsmith" \ - NGINX_HTTPS_PORT_NUMBER="" \ - NGINX_HTTP_PORT_NUMBER="" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/python/bin:/opt/bitnami/node/bin:/opt/bitnami/nginx/sbin:/opt/bitnami/mongodb/bin:/opt/bitnami/java/bin:$PATH" - -EXPOSE 3000 8080 8091 8443 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/appsmith/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/appsmith/run.sh" ] diff --git a/bitnami/appsmith/1/debian-11/docker-compose.yml b/bitnami/appsmith/1/debian-11/docker-compose.yml deleted file mode 100644 index 3ca1cc0241f8..000000000000 --- a/bitnami/appsmith/1/debian-11/docker-compose.yml +++ /dev/null @@ -1,83 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' -services: - mongodb: - image: docker.io/bitnami/mongodb:7.0 - volumes: - - 'mongodb_data:/bitnami/mongodb' - environment: - - MONGODB_ADVERTISED_HOSTNAME=mongodb - - MONGODB_USERNAME=bn_appsmith - - MONGODB_DATABASE=bitnami_appsmith - - MONGODB_PASSWORD=bitnami123 - - MONGODB_ROOT_PASSWORD=password123 - - MONGODB_REPLICA_SET_MODE=primary - - MONGODB_REPLICA_SET_KEY=replicasetkey123 - - mongodb-secondary: - image: docker.io/bitnami/mongodb:7.0 - depends_on: - - mongodb - volumes: - - 'mongodb_secondary_data:/bitnami/mongodb' - environment: - - MONGODB_ADVERTISED_HOSTNAME=mongodb-secondary - - MONGODB_REPLICA_SET_MODE=secondary - - MONGODB_INITIAL_PRIMARY_HOST=mongodb - - MONGODB_INITIAL_PRIMARY_ROOT_PASSWORD=password123 - - MONGODB_REPLICA_SET_KEY=replicasetkey123 - redis: - image: docker.io/bitnami/redis:7.0 - volumes: - - 'redis_data:/bitnami/redis' - environment: - - REDIS_PASSWORD=bitnami123 - appsmith: - image: docker.io/bitnami/appsmith:1 - environment: - - APPSMITH_MODE=client - - APPSMITH_API_HOST=appsmith-api - - APPSMITH_RTS_HOST=appsmith-rts - ports: - - 80:8080 - appsmith-api: - image: docker.io/bitnami/appsmith:1 - environment: - - APPSMITH_MODE=backend - - BITNAMI_DEBUG=true - - APPSMITH_API_HOST=appsmith-api - - APPSMITH_DATABASE_HOST=mongodb,mongodb-secondary - - APPSMITH_DATABASE_PORT_NUMBER=27017 - - APPSMITH_DATABASE_USER=bn_appsmith - - APPSMITH_DATABASE_NAME=bitnami_appsmith - - APPSMITH_DATABASE_PASSWORD=bitnami123 - - APPSMITH_REDIS_PASSWORD=bitnami123 - - APPSMITH_ENCRYPTION_PASSWORD=test123 - - APPSMITH_ENCRYPTION_SALT=testsalt123 - # Hack: This is only necessary in docker-compose - - APPSMITH_DATABASE_INIT_DELAY=90 - volumes: - - 'appsmith_backend_data:/bitnami/appsmith' - appsmith-rts: - image: docker.io/bitnami/appsmith:1 - environment: - - APPSMITH_MODE=rts - - APPSMITH_API_HOST=appsmith-api - - APPSMITH_DATABASE_HOST=mongodb,mongodb-secondary - - APPSMITH_DATABASE_PORT_NUMBER=27017 - - APPSMITH_DATABASE_USER=bn_appsmith - - APPSMITH_DATABASE_NAME=bitnami_appsmith - - APPSMITH_DATABASE_PASSWORD=bitnami123 - # Hack: This is only necessary in docker-compose - - APPSMITH_DATABASE_INIT_DELAY=60 -volumes: - mongodb_data: - driver: local - mongodb_secondary_data: - driver: local - redis_data: - driver: local - appsmith_backend_data: - driver: local diff --git a/bitnami/appsmith/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/appsmith/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 374da1fb0b4e..000000000000 --- a/bitnami/appsmith/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,50 +0,0 @@ -{ - "appsmith": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.13.0-0" - }, - "java": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "17.0.10-13-1" - }, - "mongodb-shell": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.1.4-0" - }, - "nginx": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.25.4-0" - }, - "node": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "18.19.1-0" - }, - "python": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.11.8-0" - }, - "render-template": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.6-8" - }, - "wait-for-port": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.7-8" - } -} \ No newline at end of file diff --git a/bitnami/appsmith/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/appsmith/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/appsmith/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/appsmith/1/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/appsmith/1/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/appsmith/1/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/appsmith/1/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/appsmith/1/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/appsmith/1/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/appsmith/1/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/appsmith/1/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/appsmith/1/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/appsmith/1/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/appsmith/1/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/appsmith/1/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/appsmith/1/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/appsmith/1/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/appsmith/1/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/appsmith/1/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/appsmith/1/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/appsmith/1/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/appsmith/1/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/appsmith/1/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/appsmith/1/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/appsmith/1/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/appsmith/1/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/appsmith/1/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/appsmith/1/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/appsmith/1/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/appsmith/1/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/appsmith/1/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/appsmith/1/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/appsmith/1/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/appsmith/1/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/appsmith/1/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/appsmith/1/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/appsmith/1/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/appsmith/1/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/appsmith/1/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/appsmith/1/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/appsmith/1/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/appsmith/1/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/nginx/conf/bitnami/protect-hidden-files.conf b/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/nginx/conf/bitnami/protect-hidden-files.conf deleted file mode 100644 index 2ddab8c9a1e0..000000000000 --- a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/nginx/conf/bitnami/protect-hidden-files.conf +++ /dev/null @@ -1,4 +0,0 @@ -# Deny all attempts to access hidden files such as .htaccess or .htpasswd -location ~ /\. { - deny all; -} diff --git a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/nginx/conf/nginx.conf b/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/nginx/conf/nginx.conf deleted file mode 100644 index 9833b1cfd043..000000000000 --- a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/nginx/conf/nginx.conf +++ /dev/null @@ -1,60 +0,0 @@ -# Based on https://www.nginx.com/resources/wiki/start/topics/examples/full/#nginx-conf -user www www; ## Default: nobody - -worker_processes auto; -error_log "/opt/bitnami/nginx/logs/error.log"; -pid "/opt/bitnami/nginx/tmp/nginx.pid"; - -events { - worker_connections 1024; -} - -http { - include mime.types; - default_type application/octet-stream; - log_format main '$remote_addr - $remote_user [$time_local] ' - '"$request" $status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; - access_log "/opt/bitnami/nginx/logs/access.log" main; - add_header X-Frame-Options SAMEORIGIN; - - client_body_temp_path "/opt/bitnami/nginx/tmp/client_body" 1 2; - proxy_temp_path "/opt/bitnami/nginx/tmp/proxy" 1 2; - fastcgi_temp_path "/opt/bitnami/nginx/tmp/fastcgi" 1 2; - scgi_temp_path "/opt/bitnami/nginx/tmp/scgi" 1 2; - uwsgi_temp_path "/opt/bitnami/nginx/tmp/uwsgi" 1 2; - - sendfile on; - tcp_nopush on; - tcp_nodelay off; - gzip on; - gzip_http_version 1.0; - gzip_comp_level 2; - gzip_proxied any; - gzip_types text/plain text/css application/javascript text/xml application/xml+rss; - keepalive_timeout 65; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305; - client_max_body_size 80M; - server_tokens off; - - absolute_redirect off; - port_in_redirect off; - - include "/opt/bitnami/nginx/conf/server_blocks/*.conf"; - - # HTTP Server - server { - # Port to listen on, can also be set in IP:PORT format - listen 80; - - include "/opt/bitnami/nginx/conf/bitnami/*.conf"; - - location /status { - stub_status on; - access_log off; - allow 127.0.0.1; - deny all; - } - } -} diff --git a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/appsmith-env.sh b/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/appsmith-env.sh deleted file mode 100644 index 4d64105fee26..000000000000 --- a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/appsmith-env.sh +++ /dev/null @@ -1,123 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for appsmith - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-appsmith}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -appsmith_env_vars=( - ALLOW_EMPTY_PASSWORD - APPSMITH_USERNAME - APPSMITH_PASSWORD - APPSMITH_EMAIL - APPSMITH_MODE - APPSMITH_ENCRYPTION_PASSWORD - APPSMITH_ENCRYPTION_SALT - APPSMITH_API_HOST - APPSMITH_API_PORT - APPSMITH_UI_HTTP_PORT - APPSMITH_UI_HTTPS_PORT - APPSMITH_RTS_HOST - APPSMITH_RTS_PORT - APPSMITH_DATABASE_HOST - APPSMITH_DATABASE_PORT_NUMBER - APPSMITH_DATABASE_NAME - APPSMITH_DATABASE_USER - APPSMITH_DATABASE_PASSWORD - APPSMITH_DATABASE_INIT_DELAY - APPSMITH_REDIS_HOST - APPSMITH_REDIS_PORT_NUMBER - APPSMITH_REDIS_PASSWORD - APPSMITH_STARTUP_TIMEOUT - APPSMITH_STARTUP_ATTEMPTS - APPSMITH_DATA_TO_PERSIST - MONGODB_HOST - MONGODB_PORT_NUMBER - MONGODB_DATABASE_NAME - MONGODB_DATABASE_USER - MONGODB_DATABASE_PASSWORD - REDIS_HOST - REDIS_PORT_NUMBER - REDIS_PASSWORD -) -for env_var in "${appsmith_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset appsmith_env_vars - -# Paths -export APPSMITH_BASE_DIR="${BITNAMI_ROOT_DIR}/appsmith" -export APPSMITH_VOLUME_DIR="/bitnami/appsmith" -export APPSMITH_LOG_DIR="${APPSMITH_BASE_DIR}/logs" -export APPSMITH_LOG_FILE="${APPSMITH_LOG_DIR}/appsmith.log" -export APPSMITH_CONF_DIR="${APPSMITH_BASE_DIR}/conf" -export APPSMITH_CONF_FILE="${APPSMITH_CONF_DIR}/docker.env" -export APPSMITH_TMP_DIR="${APPSMITH_BASE_DIR}/tmp" -export APPSMITH_PID_FILE="${APPSMITH_TMP_DIR}/appsmith.pid" - -# Appsmith configuration parameters -export ALLOW_EMPTY_PASSWORD="${ALLOW_EMPTY_PASSWORD:-no}" -export APPSMITH_USERNAME="${APPSMITH_USERNAME:-user}" # only used during the first initialization -export APPSMITH_PASSWORD="${APPSMITH_PASSWORD:-bitnami}" # only used during the first initialization -export APPSMITH_EMAIL="${APPSMITH_EMAIL:-user@example.com}" # only used during the first initialization -export APPSMITH_MODE="${APPSMITH_MODE:-backend}" -export APPSMITH_ENCRYPTION_PASSWORD="${APPSMITH_ENCRYPTION_PASSWORD:-bitnami123}" # only used during the first initialization -export APPSMITH_ENCRYPTION_SALT="${APPSMITH_ENCRYPTION_SALT:-}" -export APPSMITH_API_HOST="${APPSMITH_API_HOST:-appsmith-api}" -export APPSMITH_API_PORT="${APPSMITH_API_PORT:-8080}" -export APPSMITH_UI_HTTP_PORT="${APPSMITH_UI_HTTP_PORT:-8080}" -export APPSMITH_UI_HTTPS_PORT="${APPSMITH_UI_HTTPS_PORT:-8443}" -export APPSMITH_RTS_HOST="${APPSMITH_RTS_HOST:-appsmith-rts}" -export APPSMITH_RTS_PORT="${APPSMITH_RTS_PORT:-8091}" -APPSMITH_DATABASE_HOST="${APPSMITH_DATABASE_HOST:-"${MONGODB_HOST:-}"}" -export APPSMITH_DATABASE_HOST="${APPSMITH_DATABASE_HOST:-mongodb}" # only used during the first initialization -APPSMITH_DATABASE_PORT_NUMBER="${APPSMITH_DATABASE_PORT_NUMBER:-"${MONGODB_PORT_NUMBER:-}"}" -export APPSMITH_DATABASE_PORT_NUMBER="${APPSMITH_DATABASE_PORT_NUMBER:-27017}" # only used during the first initialization -APPSMITH_DATABASE_NAME="${APPSMITH_DATABASE_NAME:-"${MONGODB_DATABASE_NAME:-}"}" -export APPSMITH_DATABASE_NAME="${APPSMITH_DATABASE_NAME:-bitnami_appsmith}" # only used during the first initialization -APPSMITH_DATABASE_USER="${APPSMITH_DATABASE_USER:-"${MONGODB_DATABASE_USER:-}"}" -export APPSMITH_DATABASE_USER="${APPSMITH_DATABASE_USER:-bn_appsmith}" # only used during the first initialization -APPSMITH_DATABASE_PASSWORD="${APPSMITH_DATABASE_PASSWORD:-"${MONGODB_DATABASE_PASSWORD:-}"}" -export APPSMITH_DATABASE_PASSWORD="${APPSMITH_DATABASE_PASSWORD:-}" # only used during the first initialization -export APPSMITH_DATABASE_INIT_DELAY="${APPSMITH_DATABASE_INIT_DELAY:-0}" -APPSMITH_REDIS_HOST="${APPSMITH_REDIS_HOST:-"${REDIS_HOST:-}"}" -export APPSMITH_REDIS_HOST="${APPSMITH_REDIS_HOST:-redis}" # only used during the first initialization -APPSMITH_REDIS_PORT_NUMBER="${APPSMITH_REDIS_PORT_NUMBER:-"${REDIS_PORT_NUMBER:-}"}" -export APPSMITH_REDIS_PORT_NUMBER="${APPSMITH_REDIS_PORT_NUMBER:-6379}" # only used during the first initialization -APPSMITH_REDIS_PASSWORD="${APPSMITH_REDIS_PASSWORD:-"${REDIS_PASSWORD:-}"}" -export APPSMITH_REDIS_PASSWORD="${APPSMITH_REDIS_PASSWORD:-}" # only used during the first initialization -export APPSMITH_STARTUP_TIMEOUT="${APPSMITH_STARTUP_TIMEOUT:-120}" -export APPSMITH_STARTUP_ATTEMPTS="${APPSMITH_STARTUP_ATTEMPTS:-5}" -export APPSMITH_DATA_TO_PERSIST="${APPSMITH_DATA_TO_PERSIST:-$APPSMITH_CONF_FILE}" - -# Appsmith system parameters -export APPSMITH_DAEMON_USER="appsmith" -export APPSMITH_DAEMON_GROUP="appsmith" - -# Custom environment variables may be defined below diff --git a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/appsmith/entrypoint.sh b/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/appsmith/entrypoint.sh deleted file mode 100755 index b108002acc2f..000000000000 --- a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/appsmith/entrypoint.sh +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Appsmith environment variables -. /opt/bitnami/scripts/appsmith-env.sh - -print_welcome_page - -if [[ "$1" = "/opt/bitnami/scripts/appsmith/run.sh" ]]; then - info "** Starting Appsmith ${APPSMITH_MODE} setup **" - /opt/bitnami/scripts/appsmith/setup.sh - if [[ "$APPSMITH_MODE" == "client" ]]; then - # In the case of the frontend, we need to configure nginx too - /opt/bitnami/scripts/nginx/setup.sh - fi - info "** Appsmith ${APPSMITH_MODE} setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/appsmith/postunpack.sh b/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/appsmith/postunpack.sh deleted file mode 100755 index f0e148aaf4c3..000000000000 --- a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/appsmith/postunpack.sh +++ /dev/null @@ -1,39 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libwebserver.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libappsmith.sh - -# Load Appsmith environment variables -. /opt/bitnami/scripts/appsmith-env.sh - -# Load web server environment -. "/opt/bitnami/scripts/$(web_server_type)-env.sh" - -# System User -ensure_user_exists "$APPSMITH_DAEMON_USER" --group "$APPSMITH_DAEMON_GROUP" --system - -for dir in "${APPSMITH_CONF_DIR}" "${APPSMITH_LOG_DIR}" "${APPSMITH_TMP_DIR}" "${APPSMITH_VOLUME_DIR}"; do - ensure_dir_exists "$dir" - configure_permissions_ownership "$dir" -d "775" -f "664" -u "$APPSMITH_DAEMON_USER" -g "root" -done - -# Generate default configuration file -# https://github.com/appsmithorg/appsmith/blob/release/deploy/docker/templates/docker.env.sh#L14 -bash "${APPSMITH_BASE_DIR}/templates/docker.env.sh" "" "" "" "" "" >"${APPSMITH_CONF_FILE}" -chmod -R g+rwX "${APPSMITH_CONF_FILE}" - -# Add symlinks to the default paths to make a similar UX as the upstream Appsmith container -# https://github.com/appsmithorg/appsmith/blob/release/Dockerfile#L6 -ln -s "${APPSMITH_BASE_DIR}" "/opt/appsmith" diff --git a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/appsmith/run.sh b/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/appsmith/run.sh deleted file mode 100755 index fc31313e2010..000000000000 --- a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/appsmith/run.sh +++ /dev/null @@ -1,57 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libappsmith.sh - -# Load Appsmith environment variables -. /opt/bitnami/scripts/appsmith-env.sh - -# We need to load in the environment the Appsmith configuration file in order -# for the application to work. Using a similar approach as the upstream container -# https://github.com/appsmithorg/appsmith/blob/v1.9.12/deploy/docker/entrypoint.sh#L58-L63 -set -a -. "$APPSMITH_CONF_FILE" -set +a - -appsmith_unset_unused_variables - -declare -a cmd=() -declare -a args=() - -if [[ "$APPSMITH_MODE" == "backend" ]]; then - # We need to be in the same folder or the application will fail for not finding - # the datasource plugins - # https://github.com/appsmithorg/appsmith/blob/release/app/server/entrypoint.sh#L15 - cd "${APPSMITH_BASE_DIR}/backend" || exit 1 - cmd+=("java") - args+=("-Dserver.port=${APPSMITH_API_PORT}" "-Dappsmith.admin.envfile=${APPSMITH_CONF_FILE}" "-Djava.security.egd=file:/dev/./urandom" "-jar" "${APPSMITH_BASE_DIR}/backend/server.jar") -elif [[ "$APPSMITH_MODE" == "rts" ]]; then - # We need to be in the same folder as the server.js script or it will fail - # https://github.com/appsmithorg/appsmith/blob/release/app/rts/start-server.sh#L5 - cd "${APPSMITH_BASE_DIR}/rts" || exit 1 - export PORT="$APPSMITH_RTS_PORT" - cmd+=("node") - args+=("${APPSMITH_BASE_DIR}/rts/bundle/server.js") -else - # For the Client (UI) we just run nginx with the generated configuration - cmd+=("${BITNAMI_ROOT_DIR}/scripts/nginx/run.sh") -fi - -info "** Starting Appsmith ${APPSMITH_MODE} **" -if am_i_root; then - exec_as_user "$APPSMITH_DAEMON_USER" "${cmd[@]}" "${args[@]}" -else - exec "${cmd[@]}" "${args[@]}" -fi diff --git a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/appsmith/setup.sh b/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/appsmith/setup.sh deleted file mode 100755 index cda4e153c77d..000000000000 --- a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/appsmith/setup.sh +++ /dev/null @@ -1,94 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libwebserver.sh -. /opt/bitnami/scripts/libappsmith.sh - -# Load Appsmith environment settings -. /opt/bitnami/scripts/appsmith-env.sh - -# Load web server environment (after WordPress environment file so MODULE is not set to a wrong value) -. "/opt/bitnami/scripts/$(web_server_type)-env.sh" - -# Ensure Appsmith environment settings are valid -appsmith_validate -# Ensure Appsmith is stopped when this script ends. -trap "appsmith_backend_stop" EXIT -# Ensure 'appsmith' user exists when running as 'root' -am_i_root && ensure_user_exists "$APPSMITH_DAEMON_USER" --group "$APPSMITH_DAEMON_GROUP" - -# Nginx configuration, based on upstream nginx configuration but removing hardcoded references to localhost -# https://github.com/appsmithorg/appsmith/blob/release/deploy/docker/templates/nginx/nginx-app-http.conf.template.sh#L102 -ensure_web_server_app_configuration_exists "appsmith" \ - --document-root /opt/bitnami/appsmith/editor \ - --http-port "$APPSMITH_UI_HTTP_PORT" \ - --https-port "$APPSMITH_UI_HTTPS_PORT" \ - --nginx-external-configuration $' -map $http_x_forwarded_proto $origin_scheme { - default $http_x_forwarded_proto; - \'\' $scheme; -} - -map $http_x_forwarded_host $origin_host { - default $http_x_forwarded_host; - \'\' $host; -} -' \ - --nginx-additional-configuration " -client_max_body_size 100m; - -gzip on; -gzip_types *; - -server_tokens off; -index index.html index.htm; -error_page 404 /; - -# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-ancestors -add_header Content-Security-Policy \"frame-ancestors 'self' *\"; - -proxy_set_header X-Forwarded-Proto \$origin_scheme; -proxy_set_header X-Forwarded-Host \$origin_host; - -location / { - try_files \$uri /index.html =404; -} - -location /api { - proxy_set_header X-Forwarded-Proto \$scheme; - proxy_set_header X-Forwarded-Host \$host; - proxy_pass http://${APPSMITH_API_HOST}:${APPSMITH_API_PORT}; -} - -location /oauth2 { - proxy_set_header X-Forwarded-Proto \$scheme; - proxy_set_header X-Forwarded-Host \$host; - proxy_pass http://${APPSMITH_API_HOST}:${APPSMITH_API_PORT}; -} - -location /login { - proxy_set_header X-Forwarded-Proto \$scheme; - proxy_set_header X-Forwarded-Host \$host; - proxy_pass http://${APPSMITH_API_HOST}:${APPSMITH_API_PORT}; -} - -location /rts { - proxy_pass http://${APPSMITH_RTS_HOST}:${APPSMITH_RTS_PORT}; - proxy_http_version 1.1; - proxy_set_header Host \$host; - proxy_set_header Connection 'upgrade'; - proxy_set_header Upgrade \$http_upgrade; -} -" - -appsmith_initialize diff --git a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/libappsmith.sh b/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/libappsmith.sh deleted file mode 100644 index 2f8b53be6c68..000000000000 --- a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/libappsmith.sh +++ /dev/null @@ -1,446 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Appsmith library - -# shellcheck disable=SC1090 -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libpersistence.sh -. /opt/bitnami/scripts/libservice.sh - -######################## -# Validate settings in APPSMITH_* env vars -# Globals: -# APPSMITH_* -# Arguments: -# None -# Returns: -# 0 if the validation succeeded, 1 otherwise -######################### -appsmith_validate() { - debug "Validating settings in APPSMITH_* environment variables..." - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - check_empty_value() { - if is_empty_value "${!1}"; then - print_validation_error "${1} must be set" - fi - } - - check_multi_value() { - if [[ " ${2} " != *" ${!1} "* ]]; then - print_validation_error "The allowed values for ${1} are: ${2}" - fi - } - check_resolved_hostname() { - if ! is_hostname_resolved "$1"; then - warn "Hostname ${1} could not be resolved, this could lead to connection issues" - fi - } - check_valid_port() { - local port_var="${1:?missing port variable}" - local err - if ! err="$(validate_port "${!port_var}")"; then - print_validation_error "An invalid port was specified in the environment variable ${port_var}: ${err}." - fi - } - - # Validate user inputs - ! is_empty_value "$APPSMITH_API_PORT" && check_valid_port "APPSMITH_API_PORT" - ! is_empty_value "$APPSMITH_RTS_PORT" && check_valid_port "APPSMITH_RTS_PORT" - - if [[ "$APPSMITH_MODE" == "client" ]]; then - ! is_empty_value "$APPSMITH_UI_HTTP_PORT" && check_valid_port "APPSMITH_UI_HTTP_PORT" - fi - - # Validate credentials - if is_boolean_yes "${ALLOW_EMPTY_PASSWORD:-}"; then - warn "You set the environment variable ALLOW_EMPTY_PASSWORD=${ALLOW_EMPTY_PASSWORD:-}. For safety reasons, do not use this flag in a production environment." - else - if [[ "$APPSMITH_MODE" != "client" ]]; then - is_empty_value "${APPSMITH_DATABASE_PASSWORD}" && print_validation_error "The APPSMITH_DATABASE_PASSWORD environment variable is empty or not set. Set the environment variable ALLOW_EMPTY_PASSWORD=yes to allow a blank password. This is only recommended for development environments." - fi - if [[ "$APPSMITH_MODE" == "backend" ]]; then - is_empty_value "${APPSMITH_REDIS_PASSWORD}" && print_validation_error "The APPSMITH_REDIS_PASSWORD environment variable is empty or not set. Set the environment variable ALLOW_EMPTY_PASSWORD=yes to allow a blank password. This is only recommended for development environments." - fi - fi - - if [[ "$APPSMITH_MODE" == "backend" ]]; then - for empty_env_var in "APPSMITH_ENCRYPTION_PASSWORD" "APPSMITH_ENCRYPTION_SALT"; do - is_empty_value "${!empty_env_var}" && print_validation_error "The ${empty_env_var} environment variable is empty or not set." - done - fi - - if [[ "$APPSMITH_MODE" != "client" ]]; then - # Database configuration validations - check_resolved_hostname "$APPSMITH_DATABASE_HOST" - check_valid_port "APPSMITH_DATABASE_PORT_NUMBER" - - # Redis configuration validations - check_resolved_hostname "$APPSMITH_REDIS_HOST" - check_valid_port "APPSMITH_REDIS_PORT_NUMBER" - fi - # Appsmith mode - check_multi_value "APPSMITH_MODE" "backend rts client" - - if [[ $APPSMITH_MODE == "rts" ]]; then - is_empty_value "${APPSMITH_API_HOST}" && print_validation_error "For RTS mode, the APPSMITH_API_HOST variable must be set" - fi - - if [[ $APPSMITH_MODE == "client" ]]; then - is_empty_value "${APPSMITH_API_HOST}" && print_validation_error "For client mode, the APPSMITH_API_HOST variable must be set" - is_empty_value "${APPSMITH_RTS_HOST}" && print_validation_error "For client mode, the APPSMITH_API_HOST variable must be set" - fi - - return "$error_code" -} - -######################## -# Add or modify an entry in the Appsmith configuration file -# Globals: -# APPSMITH_* -# Arguments: -# $1 - XPath expression -# $2 - Value to assign to the variable -# $3 - Configuration file -# Returns: -# None -######################### -appsmith_conf_set() { - local -r key="${1:?key missing}" - local -r value="${2:?value missing}" - local -r is_literal="${3:-no}" - debug "Setting ${key} to '${value}' in Appsmith configuration (literal: ${is_literal})" - # Sanitize key (sed does not support fixed string substitutions) - local sanitized_pattern - sanitized_pattern="${key}=.*" - local entry - is_boolean_yes "$is_literal" && entry="${key}=${value}" || entry="${key}='${value}'" - # Check if the configuration exists in the file - debug "$sanitized_pattern" - if grep -q -E "$sanitized_pattern" "$APPSMITH_CONF_FILE"; then - # It exists, so replace the line - replace_in_file "$APPSMITH_CONF_FILE" "$sanitized_pattern" "$entry" - else - # The Appsmith configuration file includes all supported keys, but because of its format, - # we cannot append contents to the end. - warn "Could not set the Appsmith '${key}' configuration. Check that the file has not been modified externally." - fi -} - -######################## -# Check if Appsmith backend daemon is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_appsmith_backend_running() { - # appsmith-backend does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "${APPSMITH_BASE_DIR}/backend/server.jar" | head -n 1 > "$APPSMITH_PID_FILE" - - pid="$(get_pid_from_file "$APPSMITH_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if Appsmith backend daemon is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_appsmith_backend_not_running() { - ! is_appsmith_backend_running -} - -######################## -# Stop Appsmith backend daemon -# Arguments: -# None -# Returns: -# None -######################### -appsmith_backend_stop() { - ! is_appsmith_backend_running && return - stop_service_using_pid "$APPSMITH_PID_FILE" -} - -######################## -# Check if Appsmith rts daemon is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_appsmith_rts_running() { - # appsmith-rts does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "${APPSMITH_BASE_DIR}/rts/bundle/server.js" | head -n 1 > "$APPSMITH_RTS_PID_FILE" - - pid="$(get_pid_from_file "$APPSMITH_RTS_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if Appsmith rts daemon is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_appsmith_rts_not_running() { - ! is_appsmith_rts_running -} - -######################## -# Stop Appsmith rts daemon -# Arguments: -# None -# Returns: -# None -######################### -appsmith_rts_stop() { - ! is_appsmith_rts_running && return - stop_service_using_pid "$APPSMITH_RTS_PID_FILE" -} - -######################## -# Get a configuration setting value from the configuration file(s) -# Globals: -# APPSMITH_* -# Arguments: -# $1 - property key -# $2 - configuration file (optional) -# Returns: -# String (empty string if file or key doesn't exist) -######################### -appsmith_conf_get() { - local -r key="${1:?key missing}" - local -r file="${2:-"${APPSMITH_CONF_FILE}"}" - - # Sanitize key (sed does not support fixed string substitutions) - local sanitized_pattern - sanitized_pattern="^\s*(//\s*)?$(sed 's/[]\[^$.*/]/\\&/g' <<<"$key")=(.*)" - grep -E "$sanitized_pattern" "$file" | sed -E "s|${sanitized_pattern}|\2|" | tr -d "\"' " -} - -######################## -# Wait until the database is accessible with the currently-known credentials -# Globals: -# * -# Arguments: -# $1 - connection string -# Returns: -# true if the database connection succeeded, false otherwise -######################### -appsmith_wait_for_mongodb_connection() { - local -r connection_string="${1:?missing connection string}" - check_mongodb_connection() { - local -r mongo_args=("$connection_string" "--eval" "db.stats()") - local -r res=$(mongosh "${mongo_args[@]}") - debug "$res" - echo "$res" | grep -q 'ok: 1' - } - if ! retry_while "check_mongodb_connection"; then - error "Could not connect to the database" - return 1 - fi - # HACK: The MongoDB Replica Set initialization requires the MongoDB cluster to be - # accessible during the initial sync. After that, the secondary nodes shut downs and then - # starts again (this is how the current Bitnami MongoDB container works). In the case of - # docker-compose scenarios, we experienced several race conditions, as the cluster is ready - # (performing the initial sync) but the MongoDB container initialization logic is not finished yet. - # As a workaround, only in docker-compose we add this extra delay to ensure that Appsmith components - # do not crash. In the case of helm charts, we have readiness/liveness probes as well as init containers - # that avoid this unwanted race condition. - if [[ "$APPSMITH_DATABASE_INIT_DELAY" -ge "0" ]]; then - info "Sleeping $APPSMITH_DATABASE_INIT_DELAY seconds for the MongoDB cluster to be ready" - sleep "$APPSMITH_DATABASE_INIT_DELAY" - fi -} - -######################## -# Initialize Appsmith -# Arguments: -# None -# Returns: -# None -######################### -appsmith_initialize() { - # The logic is inspired on the upstream Appsmith container. Currently it follows a "fat-container" - # approach with all the services in the container. In the Bitnami version we want to keep them separate - # as it works better for the helm chart - # Appsmith is comprised of three components: - # - backend: API written in Java. The client (UI) component interacts with it. Connects to MongoDB and Redis - # - client: Web UI. Point of access for users. Has nginx as the backend. Connects to the API and the RTS. - # - rts: Component written in Node.js. Creates websockets for editing the applications in real-time. Connects to the API and MongoDB - # https://github.com/appsmithorg/appsmith/tree/release/deploy/docker - - # The client (UI) only needs to generate the nginx vhost configuration - if [[ "$APPSMITH_MODE" != "client" ]]; then - # RTS or API server - if { [[ "$APPSMITH_MODE" == "rts" ]]; } || { ! is_app_initialized "appsmith"; }; then - info "Deploying Appsmith $APPSMITH_MODE from scratch" - # First connect to the database - # Appsmith (especially the RTS component) requires the MongoDB instance to be a Replica Set. - # We performed tests with single-node replica sets but didn't work as expected in container - # re-creation scenarios. - local connection_string="mongodb://${APPSMITH_DATABASE_USER}:${APPSMITH_DATABASE_PASSWORD}@" - local add_comma=false - for host in ${APPSMITH_DATABASE_HOST//,/ }; do - if is_boolean_yes "$add_comma"; then - connection_string+="," - else - add_comma=true - fi - connection_string+="${host}:${APPSMITH_DATABASE_PORT_NUMBER}" - done - connection_string+="/${APPSMITH_DATABASE_NAME}" - appsmith_wait_for_mongodb_connection "$connection_string" - - # These parameters are common between RTS and Backend - # https://github.com/appsmithorg/appsmith/blob/658e369f4fc2f12445af5b238bc4d4a1a34d9a8b/app/rts/.env.example#L1-L3 - appsmith_conf_set "APPSMITH_MONGODB_URI" "$connection_string" - appsmith_conf_set "APPSMITH_API_BASE_URL" "http://${APPSMITH_API_HOST}:${APPSMITH_API_PORT}/api/v1" - - if [[ "$APPSMITH_MODE" == "backend" ]]; then - # Necessary configuration for the Backend. As this can be edited via the - # admin panel, we only edit it the first time - # https://github.com/appsmithorg/appsmith/blob/release/app/server/appsmith-server/src/main/resources/application.properties - appsmith_conf_set "APPSMITH_MONGODB_PASSWORD" "$APPSMITH_DATABASE_PASSWORD" - appsmith_conf_set "APPSMITH_MONGODB_USER" "$APPSMITH_DATABASE_USER" - appsmith_conf_set "APPSMITH_REDIS_URL" "redis://:${APPSMITH_REDIS_PASSWORD}@${APPSMITH_REDIS_HOST}:${APPSMITH_REDIS_PORT_NUMBER}" - appsmith_conf_set "APPSMITH_ENCRYPTION_PASSWORD" "$APPSMITH_ENCRYPTION_PASSWORD" - appsmith_conf_set "APPSMITH_ENCRYPTION_SALT" "$APPSMITH_ENCRYPTION_SALT" - info "Ensuring Appsmith directories exist" - ensure_dir_exists "$APPSMITH_VOLUME_DIR" - info "Persisting Appsmith installation" - persist_app "appsmith" "$APPSMITH_DATA_TO_PERSIST" - - # Create Appsmith user - appsmith_backend_start_bg "${APPSMITH_LOG_DIR}/appsmith_first_boot.log" - info "Creating admin user" - local -r -a create_user_cmd=("curl") - # Taken from inspecting Appsmith wizard - # https://github.com/appsmithorg/appsmith/blob/release/app/server/appsmith-server/src/main/java/com/appsmith/server/dtos/UserSignupRequestDTO.java#L26 - # Necessary for the installer to succeed - local -r -a create_user_args=("-L" "http://localhost:${APPSMITH_API_PORT}/api/v1/users/super" - "-H" "Origin: http://localhost:${APPSMITH_API_PORT}" - "-H" "Content-Type: application/x-www-form-urlencoded" - "--data-urlencode" "name=${APPSMITH_USERNAME}" - "--data-urlencode" "email=${APPSMITH_EMAIL}" - "--data-urlencode" "password=${APPSMITH_PASSWORD}" - "--data-urlencode" "allowCollectingAnnonymousData=false" - "--data-urlencode" "signupForNewsletter=false") - if ! debug_execute "${create_user_cmd[@]}" "${create_user_args[@]}"; then - error "Installation failed. User ${APPSMITH_USERNAME} could not be created" - exit 1 - fi - info "User created successfully" - fi - else - # The migration is done by Appsmith itself, not necessary to run - # any extra script. We just connect to the database - info "Restoring persisted Appsmith $APPSMITH_MODE installation" - restore_persisted_app "appsmith" "$APPSMITH_DATA_TO_PERSIST" - local -r connection_string="$(appsmith_conf_get APPSMITH_MONGODB_URI)" - appsmith_wait_for_mongodb_connection "$connection_string" - fi - fi - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Start Appsmith daemon -# Arguments: -# $1 - Log file to check the startup message -# Returns: -# None -######################### -appsmith_backend_start_bg() { - local -r log_file="${1:-"${APPSMITH_LOG_FILE}"}" - info "Starting Appsmith backend in background" - - is_appsmith_backend_running && return - - # We need to load in the environment the Appsmith configuration file in order - # for the application to work. Using a similar approach as the upstream container. - # We also need to load only those environment variables that are not empty, otherwise - # the Appsmith daemon crashes on startup because of not allowed empty values. - # https://github.com/appsmithorg/appsmith/blob/v1.9.12/deploy/docker/entrypoint.sh#L58-L63 - set -a - . "$APPSMITH_CONF_FILE" - set +a - - appsmith_unset_unused_variables - - cd "${APPSMITH_BASE_DIR}/backend" || exit 1 - local -r cmd=("java") - local -r args=("-Dserver.port=${APPSMITH_API_PORT}" "-Dappsmith.admin.envfile=${APPSMITH_CONF_FILE}" "-Djava.security.egd=file:/dev/./urandom" "-jar" "${APPSMITH_BASE_DIR}/backend/server.jar") - if am_i_root; then - run_as_user "$APPSMITH_DAEMON_USER" "${cmd[@]}" "${args[@]}" >"$log_file" 2>&1 & - else - "${cmd[@]}" "${args[@]}" >"$log_file" 2>&1 & - fi - - echo "$!" >"$APPSMITH_PID_FILE" - - wait_for_log_entry "Please open http://localhost: in your browser to experience Appsmith!" "$log_file" - info "Appsmith started successfully" -} - -######################## -# Unset environment variables that may cause Appsmith to crash during initialization -# https://github.com/appsmithorg/appsmith/blob/v1.9.12/deploy/docker/entrypoint.sh#L83-L109 -# Arguments: -# None -# Returns: -# None -######################### -appsmith_unset_unused_variables() { - info "Unsetting unused environment variables" - if [[ -z "${APPSMITH_MAIL_ENABLED}" ]]; then - unset APPSMITH_MAIL_ENABLED - fi - - if [[ -z "${APPSMITH_OAUTH2_GITHUB_CLIENT_ID}" ]] || [[ -z "${APPSMITH_OAUTH2_GITHUB_CLIENT_SECRET}" ]]; then - unset APPSMITH_OAUTH2_GITHUB_CLIENT_ID - unset APPSMITH_OAUTH2_GITHUB_CLIENT_SECRET - fi - - if [[ -z "${APPSMITH_OAUTH2_GOOGLE_CLIENT_ID}" ]] || [[ -z "${APPSMITH_OAUTH2_GOOGLE_CLIENT_SECRET}" ]]; then - unset APPSMITH_OAUTH2_GOOGLE_CLIENT_ID - unset APPSMITH_OAUTH2_GOOGLE_CLIENT_SECRET - fi - - if [[ -z "${APPSMITH_RECAPTCHA_SITE_KEY}" ]] || [[ -z "${APPSMITH_RECAPTCHA_SECRET_KEY}" ]] || [[ -z "${APPSMITH_RECAPTCHA_ENABLED}" ]]; then - unset APPSMITH_RECAPTCHA_SITE_KEY - unset APPSMITH_RECAPTCHA_SECRET_KEY - unset APPSMITH_RECAPTCHA_ENABLED - fi -} diff --git a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/libnginx.sh b/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/libnginx.sh deleted file mode 100644 index 40f204ea4f7c..000000000000 --- a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/libnginx.sh +++ /dev/null @@ -1,669 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami NGINX library - -# shellcheck disable=SC1090,SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if NGINX is running -# Globals: -# NGINX_TMP_DIR -# Arguments: -# None -# Returns: -# Boolean -######################### -is_nginx_running() { - local pid - pid="$(get_pid_from_file "$NGINX_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if NGINX is not running -# Globals: -# NGINX_TMP_DIR -# Arguments: -# None -# Returns: -# Boolean -######################### -is_nginx_not_running() { - ! is_nginx_running -} - -######################## -# Stop NGINX -# Globals: -# NGINX_TMP_DIR -# Arguments: -# None -# Returns: -# None -######################### -nginx_stop() { - ! is_nginx_running && return - debug "Stopping NGINX" - stop_service_using_pid "$NGINX_PID_FILE" -} - -######################## -# Configure NGINX server block port -# Globals: -# NGINX_CONF_DIR -# Arguments: -# $1 - Port number -# $2 - (optional) Path to server block file -# Returns: -# None -######################### -nginx_configure_port() { - local port=${1:?missing port} - local file=${2:-"$NGINX_CONF_FILE"} - if is_file_writable "$file"; then - local nginx_configuration - debug "Setting port number to ${port} in '${file}'" - # TODO: find an appropriate NGINX parser to avoid 'sed calls' - nginx_configuration="$(sed -E "s/(listen\s+)[0-9]{1,5}(.*);/\1${port}\2;/g" "$file")" - echo "$nginx_configuration" >"$file" - fi -} - -######################## -# Configure NGINX directives -# Globals: -# NGINX_CONF_DIR -# Arguments: -# $1 - Directive to modify -# $2 - Value -# $3 - (optional) Path to server block file -# Returns: -# None -######################### -nginx_configure() { - local directive=${1:?missing directive} - local value=${2:?missing value} - local file=${3:-"$NGINX_CONF_FILE"} - if is_file_writable "$file"; then - local nginx_configuration - debug "Setting directive '${directive}' to '${value}' in '${file}'" - nginx_configuration="$(sed -E "s/(\s*${directive}\s+)(.+);/\1${value};/g" "$file")" - echo "$nginx_configuration" >"$file" - fi -} - -######################## -# Validate settings in NGINX_* env vars -# Globals: -# NGINX_* -# Arguments: -# None -# Returns: -# None -######################### -nginx_validate() { - info "Validating settings in NGINX_* env vars" - local error_code=0 - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - check_yes_no_value() { - if ! is_yes_no_value "${!1}" && ! is_true_false_value "${!1}"; then - print_validation_error "The allowed values for ${1} are: yes no" - fi - } - check_valid_port() { - local port_var="${1:?missing port variable}" - local validate_port_args=() - local err - ! am_i_root && validate_port_args+=("-unprivileged") - if ! err="$(validate_port "${validate_port_args[@]}" "${!port_var}")"; then - print_validation_error "An invalid port was specified in the environment variable ${port_var}: ${err}." - fi - } - - ! is_empty_value "$NGINX_ENABLE_ABSOLUTE_REDIRECT" && check_yes_no_value "NGINX_ENABLE_ABSOLUTE_REDIRECT" - ! is_empty_value "$NGINX_ENABLE_PORT_IN_REDIRECT" && check_yes_no_value "NGINX_ENABLE_PORT_IN_REDIRECT" - - ! is_empty_value "$NGINX_HTTP_PORT_NUMBER" && check_valid_port "NGINX_HTTP_PORT_NUMBER" - ! is_empty_value "$NGINX_HTTPS_PORT_NUMBER" && check_valid_port "NGINX_HTTPS_PORT_NUMBER" - - if ! is_file_writable "$NGINX_CONF_FILE"; then - warn "The NGINX configuration file '${NGINX_CONF_FILE}' is not writable by current user. Configurations based on environment variables will not be applied." - fi - return "$error_code" -} - -######################## -# Initialize NGINX -# Globals: -# NGINX_* -# Arguments: -# None -# Returns: -# None -######################### -nginx_initialize() { - info "Initializing NGINX" - - # This fixes an issue where the trap would kill the entrypoint.sh, if a PID was left over from a previous run - # Exec replaces the process without creating a new one, and when the container is restarted it may have the same PID - rm -f "${NGINX_TMP_DIR}/nginx.pid" - - # Persisted configuration files from old versions - if [[ -f "$NGINX_VOLUME_DIR/conf/nginx.conf" ]]; then - error "A 'nginx.conf' file was found inside '${NGINX_VOLUME_DIR}/conf'. This configuration is not supported anymore. Please mount the configuration file at '${NGINX_CONF_FILE}' instead." - exit 1 - fi - if ! is_dir_empty "$NGINX_VOLUME_DIR/conf/vhosts"; then - error "Custom server blocks files were found inside '$NGINX_VOLUME_DIR/conf/vhosts'. This configuration is not supported anymore. Please mount your custom server blocks config files at '${NGINX_SERVER_BLOCKS_DIR}' instead." - exit 1 - fi - - debug "Updating NGINX configuration based on environment variables" - local nginx_user_configuration - if am_i_root; then - debug "Ensuring NGINX daemon user/group exists" - ensure_user_exists "$NGINX_DAEMON_USER" --group "$NGINX_DAEMON_GROUP" - if [[ -n "${NGINX_DAEMON_USER:-}" ]]; then - chown -R "${NGINX_DAEMON_USER:-}" "$NGINX_TMP_DIR" - fi - nginx_configure "user" "${NGINX_DAEMON_USER:-} ${NGINX_DAEMON_GROUP:-}" - else - # The "user" directive makes sense only if the master process runs with super-user privileges - # TODO: find an appropriate NGINX parser to avoid 'sed calls' - nginx_user_configuration="$(sed -E "s/(^user)/# \1/g" "$NGINX_CONF_FILE")" - is_file_writable "$NGINX_CONF_FILE" && echo "$nginx_user_configuration" >"$NGINX_CONF_FILE" - fi - # Configure HTTP port number - if [[ -n "${NGINX_HTTP_PORT_NUMBER:-}" ]]; then - nginx_configure_port "$NGINX_HTTP_PORT_NUMBER" - fi - # Configure HTTPS port number - if [[ -n "${NGINX_HTTPS_PORT_NUMBER:-}" ]] && [[ -f "${NGINX_SERVER_BLOCKS_DIR}/default-https-server-block.conf" ]]; then - nginx_configure_port "$NGINX_HTTPS_PORT_NUMBER" "${NGINX_SERVER_BLOCKS_DIR}/default-https-server-block.conf" - fi - nginx_configure "absolute_redirect" "$(is_boolean_yes "$NGINX_ENABLE_ABSOLUTE_REDIRECT" && echo "on" || echo "off" )" - nginx_configure "port_in_redirect" "$(is_boolean_yes "$NGINX_ENABLE_PORT_IN_REDIRECT" && echo "on" || echo "off" )" -} - -######################## -# Ensure an NGINX application configuration exists (in server block format) -# Globals: -# NGINX_* -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on what configuration template will be used, allowed values: php, (empty) -# --hosts - Host listen addresses -# --server-name - Server name (if not specified, a catch-all server block will be created) -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render the app's server blocks with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server block with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server block with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --additional-configuration - Additional server block configuration (no default) -# --external-configuration - Configuration external to server block (no default) -# --document-root - Path to document root directory -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_nginx_app_configuration_exists() { - export app="${1:?missing app}" - # Default options - local type="" - local -a hosts=() - local server_name - local -a server_aliases=() - local allow_remote_connections="yes" - local disable="no" - local disable_http="no" - local disable_https="no" - # Template variables defaults - export additional_configuration="" - export external_configuration="" - export document_root="${BITNAMI_ROOT_DIR}/${app}" - export http_port="${NGINX_HTTP_PORT_NUMBER:-"$NGINX_DEFAULT_HTTP_PORT_NUMBER"}" - export https_port="${NGINX_HTTPS_PORT_NUMBER:-"$NGINX_DEFAULT_HTTPS_PORT_NUMBER"}" - # Validate arguments - local var_name - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --hosts | \ - --server-aliases) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - read -r -a "${var_name?}" <<<"$1" - ;; - --disable | \ - --disable-http | \ - --disable-https) - - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - export "${var_name?}=yes" - ;; - --type | \ - --server-name | \ - --allow-remote-connections | \ - --http-port | \ - --https-port | \ - --additional-configuration | \ - --external-configuration | \ - --document-root | \ - --extra-directory-configuration) - - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - export "${var_name?}"="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Construct host string in the format of "listen host1:port1", "listen host2:port2", ... - export http_listen_configuration="" - export https_listen_configuration="" - if [[ "${#hosts[@]}" -gt 0 ]]; then - for host in "${hosts[@]}"; do - http_listen=$'\n'"listen ${host}:${http_port};" - https_listen=$'\n'"listen ${host}:${https_port} ssl;" - [[ -z "${http_listen_configuration:-}" ]] && http_listen_configuration="$http_listen" || http_listen_configuration="${http_listen_configuration}${http_listen}" - [[ -z "${https_listen_configuration:-}" ]] && https_listen_configuration="$https_listen" || https_listen_configuration="${https_listen_configuration}${https_listen}" - done - else - http_listen_configuration=$'\n'"listen ${http_port} default_server;" - https_listen_configuration=$'\n'"listen ${https_port} ssl default_server;" - fi - # Construct server_name block - export server_name_configuration="" - if ! is_empty_value "${server_name:-}"; then - server_name_configuration="server_name ${server_name}" - if [[ "${#server_aliases[@]}" -gt 0 ]]; then - server_name_configuration+=" ${server_aliases[*]}" - fi - server_name_configuration+=";" - else - server_name_configuration=" -# Catch-all server block -# See: https://nginx.org/en/docs/http/server_names.html#miscellaneous_names -server_name _;" - fi - # ACL configuration - export acl_configuration="" - if ! is_boolean_yes "$allow_remote_connections"; then - acl_configuration=" -default_type text/html; -if (\$remote_addr != 127.0.0.1) { - return 403 'For security reasons, this URL is only accessible using localhost (127.0.0.1) as the hostname.'; -} -# Avoid absolute redirects when connecting through a SSH tunnel -absolute_redirect off;" - fi - # Indent configurations - server_name_configuration="$(indent $'\n'"$server_name_configuration" 4)" - acl_configuration="$(indent "$acl_configuration" 4)" - additional_configuration=$'\n'"$(indent "$additional_configuration" 4)" - external_configuration=$'\n'"$external_configuration" - http_listen_configuration="$(indent "$http_listen_configuration" 4)" - https_listen_configuration="$(indent "$https_listen_configuration" 4)" - # Render templates - # We remove lines that are empty or contain only newspaces with 'sed', so the resulting file looks better - local template_name="app" - [[ -n "$type" && "$type" != "php" ]] && template_name="app-${type}" - local template_dir="${BITNAMI_ROOT_DIR}/scripts/nginx/bitnami-templates" - local http_server_block="${NGINX_SERVER_BLOCKS_DIR}/${app}-server-block.conf" - local https_server_block="${NGINX_SERVER_BLOCKS_DIR}/${app}-https-server-block.conf" - local -r disable_suffix=".disabled" - (is_boolean_yes "$disable" || is_boolean_yes "$disable_http") && http_server_block+="$disable_suffix" - (is_boolean_yes "$disable" || is_boolean_yes "$disable_https") && https_server_block+="$disable_suffix" - if is_file_writable "$http_server_block"; then - # Create file with root group write privileges, so it can be modified in non-root containers - [[ ! -f "$http_server_block" ]] && touch "$http_server_block" && chmod g+rw "$http_server_block" - render-template "${template_dir}/${template_name}-http-server-block.conf.tpl" | sed '/^\s*$/d' >"$http_server_block" - elif [[ ! -f "$http_server_block" ]]; then - error "Could not create server block for ${app} at '${http_server_block}'. Check permissions and ownership for parent directories." - return 1 - else - warn "The ${app} server block file '${http_server_block}' is not writable. Configurations based on environment variables will not be applied for this file." - fi - if is_file_writable "$https_server_block"; then - # Create file with root group write privileges, so it can be modified in non-root containers - [[ ! -f "$https_server_block" ]] && touch "$https_server_block" && chmod g+rw "$https_server_block" - render-template "${template_dir}/${template_name}-https-server-block.conf.tpl" | sed '/^\s*$/d' >"$https_server_block" - elif [[ ! -f "$https_server_block" ]]; then - error "Could not create server block for ${app} at '${https_server_block}'. Check permissions and ownership for parent directories." - return 1 - else - warn "The ${app} server block file '${https_server_block}' is not writable. Configurations based on environment variables will not be applied for this file." - fi -} - -######################## -# Ensure an NGINX application configuration does not exist anymore (in server block format) -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_nginx_app_configuration_not_exists() { - local app="${1:?missing app}" - local http_server_block="${NGINX_SERVER_BLOCKS_DIR}/${app}-server-block.conf" - local https_server_block="${NGINX_SERVER_BLOCKS_DIR}/${app}-https-server-block.conf" - local -r disable_suffix=".disabled" - # Note that 'rm -f' will not fail if the files don't exist - # However if we lack permissions to remove the file, it will result in a non-zero exit code, as expected by this function - rm -f "$http_server_block" "$https_server_block" "${http_server_block}${disable_suffix}" "${https_server_block}${disable_suffix}" -} - -######################## -# Ensure NGINX loads the configuration for an application in a URL prefix -# Globals: -# NGINX_* -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on what configuration template will be used, allowed values: php, (empty) -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --additional-configuration - Additional server block configuration (no default) -# --document-root - Path to document root directory -# --extra-directory-configuration - Extra configuration for the document root directory -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_nginx_prefix_configuration_exists() { - local app="${1:?missing app}" - # Default options - local type="" - local allow_remote_connections="yes" - local prefix="/${app}" - # Template variables defaults - export additional_configuration="" - export document_root="${BITNAMI_ROOT_DIR}/${app}" - export extra_directory_configuration="" - # Validate arguments - local var_name - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --type | \ - --allow-remote-connections | \ - --additional-configuration | \ - --document-root | \ - --extra-directory-configuration | \ - --prefix) - - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "${var_name?}"="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # ACL configuration - export acl_configuration="" - if ! is_boolean_yes "$allow_remote_connections"; then - acl_configuration=" -default_type text/html; -if (\$remote_addr != 127.0.0.1) { - return 403 'For security reasons, this URL is only accessible using localhost (127.0.0.1) as the hostname.'; -} -# Avoid absolute redirects when connecting through a SSH tunnel -absolute_redirect off;" - fi - # Prefix configuration - export location="$prefix" - # Indent configurations - acl_configuration="$(indent "$acl_configuration" 4)" - additional_configuration=$'\n'"$(indent "$additional_configuration" 4)" - # Render templates - # We remove lines that are empty or contain only newspaces with 'sed', so the resulting file looks better - local template_name="app" - [[ -n "$type" ]] && template_name="app-${type}" - local template_dir="${BITNAMI_ROOT_DIR}/scripts/nginx/bitnami-templates" - local prefix_file="${NGINX_CONF_DIR}/bitnami/${app}.conf" - if is_file_writable "$prefix_file"; then - # Create file with root group write privileges, so it can be modified in non-root containers - [[ ! -f "$prefix_file" ]] && touch "$prefix_file" && chmod g+rw "$prefix_file" - render-template "${template_dir}/${template_name}-prefix.conf.tpl" | sed '/^\s*$/d' >"$prefix_file" - elif [[ ! -f "$prefix_file" ]]; then - error "Could not create web server configuration file for ${app} at '${prefix_file}'. Check permissions and ownership for parent directories." - return 1 - else - warn "The ${app} web server configuration file '${prefix_file}' is not writable. Configurations based on environment variables will not be applied for this file." - fi -} - -######################## -# Ensure NGINX application configuration is updated with the runtime configuration (i.e. ports) -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Hosts to enable -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -nginx_update_app_configuration() { - local -r app="${1:?missing app}" - # Default options - local -a hosts=() - local enable_http="no" - local enable_https="no" - local disable_http="no" - local disable_https="no" - local http_port="${NGINX_HTTP_PORT_NUMBER:-"$NGINX_DEFAULT_HTTP_PORT_NUMBER"}" - local https_port="${NGINX_HTTPS_PORT_NUMBER:-"$NGINX_DEFAULT_HTTPS_PORT_NUMBER"}" - # Validate arguments - local var_name - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --hosts \ - | --server-aliases \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - read -r -a "${var_name?}" <<<"$1" - ;; - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - declare "${var_name?}=yes" - ;; - --server-name \ - | --http-port \ - | --https-port \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "${var_name?}=${1}" - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Construct host string in the format of "listen host1:port1", "listen host2:port2", ... - export http_listen_configuration="" - export https_listen_configuration="" - if [[ "${#hosts[@]}" -gt 0 ]]; then - for host in "${hosts[@]}"; do - http_listen="listen ${host}:${http_port};" - https_listen="listen ${host}:${https_port} ssl;" - [[ -z "${http_listen_configuration:-}" ]] && http_listen_configuration="$http_listen" || http_listen_configuration="${http_listen_configuration}"$'\\\n'"${http_listen}" - [[ -z "${https_listen_configuration:-}" ]] && https_listen_configuration="$https_listen" || https_listen_configuration="${https_listen_configuration}"$'\\\n'"${https_listen}" - done - else - http_listen_configuration="listen ${http_port} default_server;" - https_listen_configuration="listen ${https_port} ssl default_server;" - fi - # Indent configurations - http_listen_configuration="$(indent "$http_listen_configuration" 4)" - https_listen_configuration="$(indent "$https_listen_configuration" 4)" - # Update configuration - local -r http_server_block="${NGINX_SERVER_BLOCKS_DIR}/${app}-server-block.conf" - local -r https_server_block="${NGINX_SERVER_BLOCKS_DIR}/${app}-https-server-block.conf" - # Helper function to avoid duplicating code - update_common_server_block_config() { - local -r server_block_file="${1:?missing server block}" - # Update server_name - if ! is_empty_value "${server_name:-}"; then - local server_name_list="$server_name" - if [[ "${#server_aliases[@]}" -gt 0 ]]; then - server_name_list+=" ${server_aliases[*]}" - fi - replace_in_file "$server_block_file" "^(\s*server_name\s+)[^;]*" "\1${server_name_list}" - fi - } - # Disable and enable configuration files - rename_conf_file() { - local -r origin="$1" - local -r destination="$2" - if is_file_writable "$origin" && is_file_writable "$destination"; then - warn "Could not rename server block file '${origin}' to '${destination}' due to lack of permissions." - else - mv "$origin" "$destination" - fi - } - is_boolean_yes "$disable_http" && [[ -e "$http_server_block" ]] && rename_conf_file "${http_server_block}${disable_suffix}" "$http_server_block" - is_boolean_yes "$disable_https" && [[ -e "$https_server_block" ]] && rename_conf_file "${https_server_block}${disable_suffix}" "$https_server_block" - is_boolean_yes "$enable_http" && [[ -e "${http_server_block}${disable_suffix}" ]] && rename_conf_file "${http_server_block}${disable_suffix}" "$http_server_block" - is_boolean_yes "$enable_https" && [[ -e "${https_server_block}${disable_suffix}" ]] && rename_conf_file "${https_server_block}${disable_suffix}" "$https_server_block" - # Update only configuration files without the '.disabled' suffix - if [[ -e "$http_server_block" ]]; then - if is_file_writable "$http_server_block"; then - update_common_server_block_config "$http_server_block" - # Update specific server block config (listen addresses) - replace_in_file "$http_server_block" "^\s*listen\s.*;" "$http_listen_configuration" - else - warn "The ${app} server block file '${http_server_block}' is not writable. Configurations based on environment variables will not be applied for this file." - fi - fi - if [[ -e "$https_server_block" ]]; then - if is_file_writable "$https_server_block"; then - update_common_server_block_config "$https_server_block" - # Update specific server block config (listen addresses) - replace_in_file "$https_server_block" "^\s*listen\s.*\sssl;" "$https_listen_configuration" - else - warn "The ${app} server block file '${https_server_block}' is not writable. Configurations based on environment variables will not be applied for this file." - fi - fi -} - -######################## -# Run custom initialization scripts -# Globals: -# NGINX_* -# Arguments: -# None -# Returns: -# None -######################### -nginx_custom_init_scripts() { - if [[ -n $(find "${NGINX_INITSCRIPTS_DIR}/" -type f -regex ".*\.sh") ]]; then - info "Loading user's custom files from $NGINX_INITSCRIPTS_DIR ..." - local -r tmp_file="/tmp/filelist" - find "${NGINX_INITSCRIPTS_DIR}/" -type f -regex ".*\.sh" | sort >"$tmp_file" - while read -r f; do - case "$f" in - *.sh) - if [[ -x "$f" ]]; then - debug "Executing $f" - "$f" - else - debug "Sourcing $f" - . "$f" - fi - ;; - *) - debug "Ignoring $f" - ;; - esac - done <$tmp_file - nginx_stop - rm -f "$tmp_file" - else - info "No custom scripts in $NGINX_INITSCRIPTS_DIR" - fi -} - -######################## -# Generate sample TLS certificates without passphrase for sample HTTPS server_block -# Globals: -# NGINX_* -# Arguments: -# None -# Returns: -# None -######################### -nginx_generate_sample_certs() { - local certs_dir="${NGINX_CONF_DIR}/bitnami/certs" - - if ! is_boolean_yes "$NGINX_SKIP_SAMPLE_CERTS" && [[ ! -f "${certs_dir}/server.crt" ]]; then - # Check certificates directory exists and is writable - if [[ -d "$certs_dir" && -w "$certs_dir" ]]; then - SSL_KEY_FILE="${certs_dir}/server.key" - SSL_CERT_FILE="${certs_dir}/server.crt" - SSL_CSR_FILE="${certs_dir}/server.csr" - SSL_SUBJ="/CN=example.com" - SSL_EXT="subjectAltName=DNS:example.com,DNS:www.example.com,IP:127.0.0.1" - rm -f "$SSL_KEY_FILE" "$SSL_CERT_FILE" - openssl genrsa -out "$SSL_KEY_FILE" 4096 - # OpenSSL version 1.0.x does not use the same parameters as OpenSSL >= 1.1.x - if [[ "$(openssl version | grep -oE "[0-9]+\.[0-9]+")" == "1.0" ]]; then - openssl req -new -sha256 -out "$SSL_CSR_FILE" -key "$SSL_KEY_FILE" -nodes -subj "$SSL_SUBJ" - else - openssl req -new -sha256 -out "$SSL_CSR_FILE" -key "$SSL_KEY_FILE" -nodes -subj "$SSL_SUBJ" -addext "$SSL_EXT" - fi - openssl x509 -req -sha256 -in "$SSL_CSR_FILE" -signkey "$SSL_KEY_FILE" -out "$SSL_CERT_FILE" -days 1825 -extfile <(echo -n "$SSL_EXT") - rm -f "$SSL_CSR_FILE" - else - warn "The certificates directories '${certs_dir}' does not exist or is not writable, skipping sample HTTPS certificates generation" - fi - fi -} diff --git a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx-env.sh b/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx-env.sh deleted file mode 100644 index 1d584e7b82c1..000000000000 --- a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx-env.sh +++ /dev/null @@ -1,80 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for nginx - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-nginx}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -nginx_env_vars=( - NGINX_HTTP_PORT_NUMBER - NGINX_HTTPS_PORT_NUMBER - NGINX_SKIP_SAMPLE_CERTS - NGINX_ENABLE_ABSOLUTE_REDIRECT - NGINX_ENABLE_PORT_IN_REDIRECT -) -for env_var in "${nginx_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset nginx_env_vars -export WEB_SERVER_TYPE="nginx" - -# Paths -export NGINX_BASE_DIR="${BITNAMI_ROOT_DIR}/nginx" -export NGINX_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/nginx" -export NGINX_SBIN_DIR="${NGINX_BASE_DIR}/sbin" -export NGINX_CONF_DIR="${NGINX_BASE_DIR}/conf" -export NGINX_HTDOCS_DIR="${NGINX_BASE_DIR}/html" -export NGINX_TMP_DIR="${NGINX_BASE_DIR}/tmp" -export NGINX_LOGS_DIR="${NGINX_BASE_DIR}/logs" -export NGINX_SERVER_BLOCKS_DIR="${NGINX_CONF_DIR}/server_blocks" -export NGINX_INITSCRIPTS_DIR="/docker-entrypoint-initdb.d" -export NGINX_CONF_FILE="${NGINX_CONF_DIR}/nginx.conf" -export NGINX_PID_FILE="${NGINX_TMP_DIR}/nginx.pid" -export PATH="${NGINX_SBIN_DIR}:${BITNAMI_ROOT_DIR}/common/bin:${PATH}" - -# System users (when running with a privileged user) -export NGINX_DAEMON_USER="daemon" -export WEB_SERVER_DAEMON_USER="$NGINX_DAEMON_USER" -export NGINX_DAEMON_GROUP="daemon" -export WEB_SERVER_DAEMON_GROUP="$NGINX_DAEMON_GROUP" -export NGINX_DEFAULT_HTTP_PORT_NUMBER="8080" -export WEB_SERVER_DEFAULT_HTTP_PORT_NUMBER="$NGINX_DEFAULT_HTTP_PORT_NUMBER" # only used at build time -export NGINX_DEFAULT_HTTPS_PORT_NUMBER="8443" -export WEB_SERVER_DEFAULT_HTTPS_PORT_NUMBER="$NGINX_DEFAULT_HTTPS_PORT_NUMBER" # only used at build time - -# NGINX configuration -export NGINX_HTTP_PORT_NUMBER="${NGINX_HTTP_PORT_NUMBER:-}" -export WEB_SERVER_HTTP_PORT_NUMBER="$NGINX_HTTP_PORT_NUMBER" -export NGINX_HTTPS_PORT_NUMBER="${NGINX_HTTPS_PORT_NUMBER:-}" -export WEB_SERVER_HTTPS_PORT_NUMBER="$NGINX_HTTPS_PORT_NUMBER" -export NGINX_SKIP_SAMPLE_CERTS="${NGINX_SKIP_SAMPLE_CERTS:-false}" -export NGINX_ENABLE_ABSOLUTE_REDIRECT="${NGINX_ENABLE_ABSOLUTE_REDIRECT:-no}" -export NGINX_ENABLE_PORT_IN_REDIRECT="${NGINX_ENABLE_PORT_IN_REDIRECT:-no}" - -# Custom environment variables may be defined below diff --git a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-http-server-block.conf.tpl b/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-http-server-block.conf.tpl deleted file mode 100644 index 4ebeed573889..000000000000 --- a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-http-server-block.conf.tpl +++ /dev/null @@ -1,16 +0,0 @@ -{{external_configuration}} - -server { - # Port to listen on, can also be set in IP:PORT format - {{http_listen_configuration}} - - root {{document_root}}; - - {{server_name_configuration}} - - {{acl_configuration}} - - {{additional_configuration}} - - include "/opt/bitnami/nginx/conf/bitnami/*.conf"; -} diff --git a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-https-server-block.conf.tpl b/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-https-server-block.conf.tpl deleted file mode 100644 index 02acfbb055c6..000000000000 --- a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-https-server-block.conf.tpl +++ /dev/null @@ -1,19 +0,0 @@ -{{external_configuration}} - -server { - # Port to listen on, can also be set in IP:PORT format - {{https_listen_configuration}} - - root {{document_root}}; - - {{server_name_configuration}} - - ssl_certificate bitnami/certs/server.crt; - ssl_certificate_key bitnami/certs/server.key; - - {{acl_configuration}} - - {{additional_configuration}} - - include "/opt/bitnami/nginx/conf/bitnami/*.conf"; -} diff --git a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-php-prefix.conf.tpl b/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-php-prefix.conf.tpl deleted file mode 100644 index 28bb0393aaa3..000000000000 --- a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-php-prefix.conf.tpl +++ /dev/null @@ -1,10 +0,0 @@ -location ^~ {{location}} { - alias "{{document_root}}"; - - {{acl_configuration}} - - include "/opt/bitnami/nginx/conf/bitnami/protect-hidden-files.conf"; - include "/opt/bitnami/nginx/conf/bitnami/php-fpm.conf"; -} - -{{additional_configuration}} diff --git a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-prefix.conf.tpl b/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-prefix.conf.tpl deleted file mode 100644 index b7d04e1e80f7..000000000000 --- a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-prefix.conf.tpl +++ /dev/null @@ -1,9 +0,0 @@ -location ^~ {{location}} { - alias "{{document_root}}"; - - {{acl_configuration}} - - include "/opt/bitnami/nginx/conf/bitnami/protect-hidden-files.conf"; -} - -{{additional_configuration}} diff --git a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/default-https-server-block.conf b/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/default-https-server-block.conf deleted file mode 100644 index 27284a637c31..000000000000 --- a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/default-https-server-block.conf +++ /dev/null @@ -1,17 +0,0 @@ -# HTTPS Server -server { - # Port to listen on, can also be set in IP:PORT format - listen 443 ssl; - - ssl_certificate bitnami/certs/server.crt; - ssl_certificate_key bitnami/certs/server.key; - - include "/opt/bitnami/nginx/conf/bitnami/*.conf"; - - location /status { - stub_status on; - access_log off; - allow 127.0.0.1; - deny all; - } -} diff --git a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/entrypoint.sh b/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/entrypoint.sh deleted file mode 100755 index cce4b3e874a3..000000000000 --- a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/entrypoint.sh +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/libnginx.sh - -# Load NGINX environment variables -. /opt/bitnami/scripts/nginx-env.sh - -print_welcome_page - -if [[ "$1" = "/opt/bitnami/scripts/nginx/run.sh" ]]; then - info "** Starting NGINX setup **" - /opt/bitnami/scripts/nginx/setup.sh - info "** NGINX setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/postunpack.sh b/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/postunpack.sh deleted file mode 100755 index 2ebe0fb36870..000000000000 --- a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/postunpack.sh +++ /dev/null @@ -1,74 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libnginx.sh -. /opt/bitnami/scripts/libfs.sh - -# Auxiliar Functions - -######################## -# Unset HTTP_PROXY header to protect vs HTTPPOXY vulnerability -# Ref: https://www.digitalocean.com/community/tutorials/how-to-protect-your-server-against-the-httpoxy-vulnerability -# Globals: -# NGINX_* -# Arguments: -# None -# Returns: -# None -######################### -nginx_patch_httpoxy_vulnerability() { - debug "Unsetting HTTP_PROXY header..." - echo '# Unset the HTTP_PROXY header' >>"${NGINX_CONF_DIR}/fastcgi_params" - echo 'fastcgi_param HTTP_PROXY "";' >>"${NGINX_CONF_DIR}/fastcgi_params" -} - -# Load NGINX environment variables -. /opt/bitnami/scripts/nginx-env.sh - -# Remove unnecessary directories that come with the tarball -rm -rf "${BITNAMI_ROOT_DIR}/certs" "${BITNAMI_ROOT_DIR}/server_blocks" - -# Ensure non-root user has write permissions on a set of directories -for dir in "$NGINX_VOLUME_DIR" "$NGINX_CONF_DIR" "$NGINX_INITSCRIPTS_DIR" "$NGINX_SERVER_BLOCKS_DIR" "${NGINX_CONF_DIR}/bitnami" "${NGINX_CONF_DIR}/bitnami/certs" "$NGINX_LOGS_DIR" "$NGINX_TMP_DIR"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" -done - -# Unset HTTP_PROXY header to protect vs HTTPPOXY vulnerability -nginx_patch_httpoxy_vulnerability - -# Configure default HTTP port -nginx_configure_port "$NGINX_DEFAULT_HTTP_PORT_NUMBER" -# Configure default HTTPS port -nginx_configure_port "$NGINX_DEFAULT_HTTPS_PORT_NUMBER" "${BITNAMI_ROOT_DIR}/scripts/nginx/bitnami-templates/default-https-server-block.conf" - -# shellcheck disable=SC1091 - -# Load additional libraries -. /opt/bitnami/scripts/libfs.sh - -# Users can mount their html sites at /app -mv "${NGINX_BASE_DIR}/html" /app -ln -sf /app "${NGINX_BASE_DIR}/html" - -# Users can mount their certificates at /certs -mv "${NGINX_CONF_DIR}/bitnami/certs" /certs -ln -sf /certs "${NGINX_CONF_DIR}/bitnami/certs" - -ln -sf "/dev/stdout" "${NGINX_LOGS_DIR}/access.log" -ln -sf "/dev/stderr" "${NGINX_LOGS_DIR}/error.log" - -# This file is necessary for avoiding the error -# "unable to write random state" -# Source: https://stackoverflow.com/questions/94445/using-openssl-what-does-unable-to-write-random-state-mean - -touch /.rnd && chmod g+rw /.rnd diff --git a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/reload.sh b/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/reload.sh deleted file mode 100755 index 1b18ed6d9637..000000000000 --- a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/reload.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libnginx.sh -. /opt/bitnami/scripts/liblog.sh - -# Load NGINX environment -. /opt/bitnami/scripts/nginx-env.sh - -info "** Reloading NGINX configuration **" -exec "${NGINX_SBIN_DIR}/nginx" -s reload diff --git a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/restart.sh b/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/restart.sh deleted file mode 100755 index deaa515bac32..000000000000 --- a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/restart.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libnginx.sh - -# Load NGINX environment variables -. /opt/bitnami/scripts/nginx-env.sh - -/opt/bitnami/scripts/nginx/stop.sh -/opt/bitnami/scripts/nginx/start.sh diff --git a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/run.sh b/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/run.sh deleted file mode 100755 index a2f3b57114d0..000000000000 --- a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/run.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libnginx.sh - -# Load NGINX environment variables -. /opt/bitnami/scripts/nginx-env.sh - -info "** Starting NGINX **" -exec "${NGINX_SBIN_DIR}/nginx" -c "$NGINX_CONF_FILE" -g "daemon off;" diff --git a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/setup.sh b/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/setup.sh deleted file mode 100755 index 084490b6ac83..000000000000 --- a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/setup.sh +++ /dev/null @@ -1,45 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libnginx.sh - -# Load NGINX environment variables -. /opt/bitnami/scripts/nginx-env.sh - -# Ensure NGINX environment variables settings are valid -nginx_validate - -# Ensure NGINX is stopped when this script ends -trap "nginx_stop" EXIT - -# Ensure NGINX daemon user exists when running as 'root' -am_i_root && ensure_user_exists "$NGINX_DAEMON_USER" --group "$NGINX_DAEMON_GROUP" - -# Configure HTTPS sample block using generated SSL certs -nginx_generate_sample_certs - -# Run init scripts -nginx_custom_init_scripts - -# Fix logging issue when running as root -! am_i_root || chmod o+w "$(readlink /dev/stdout)" "$(readlink /dev/stderr)" - -# Configure HTTPS port number -if [[ -f "${NGINX_CONF_DIR}/bitnami/certs/server.crt" ]] && [[ -n "${NGINX_HTTPS_PORT_NUMBER:-}" ]] && [[ ! -f "${NGINX_SERVER_BLOCKS_DIR}/default-https-server-block.conf" ]] && is_file_writable "${NGINX_SERVER_BLOCKS_DIR}/default-https-server-block.conf"; then - cp "${BITNAMI_ROOT_DIR}/scripts/nginx/bitnami-templates/default-https-server-block.conf" "${NGINX_SERVER_BLOCKS_DIR}/default-https-server-block.conf" -fi - -# Initialize NGINX -nginx_initialize - diff --git a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/start.sh b/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/start.sh deleted file mode 100755 index 1dc8e8e746dd..000000000000 --- a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/start.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libnginx.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh - -# Load NGINX environment variables -. /opt/bitnami/scripts/nginx-env.sh - -error_code=0 - -if is_nginx_not_running; then - "${NGINX_SBIN_DIR}/nginx" -c "$NGINX_CONF_FILE" - if ! retry_while "is_nginx_running"; then - error "nginx did not start" - error_code=1 - else - info "nginx started" - fi -else - info "nginx is already running" -fi - -exit "$error_code" diff --git a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/status.sh b/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/status.sh deleted file mode 100755 index 16b35ef1b0e8..000000000000 --- a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/status.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libnginx.sh -. /opt/bitnami/scripts/liblog.sh - -# Load NGINX environment variables -. /opt/bitnami/scripts/nginx-env.sh - -if is_nginx_running; then - info "nginx is already running" -else - info "nginx is not running" -fi diff --git a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/stop.sh b/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/stop.sh deleted file mode 100755 index bc6f4f3fd8aa..000000000000 --- a/bitnami/appsmith/1/debian-11/rootfs/opt/bitnami/scripts/nginx/stop.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libnginx.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh - -# Load NGINX environment variables -. /opt/bitnami/scripts/nginx-env.sh - -error_code=0 - -if is_nginx_running; then - BITNAMI_QUIET=1 nginx_stop - if ! retry_while "is_nginx_not_running"; then - error "nginx could not be stopped" - error_code=1 - else - info "nginx stopped" - fi -else - info "nginx is not running" -fi - -exit "$error_code" diff --git a/bitnami/appsmith/1/debian-11/tags-info.yaml b/bitnami/appsmith/1/debian-11/tags-info.yaml deleted file mode 100644 index be0fa83f374f..000000000000 --- a/bitnami/appsmith/1/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "1" -- 1-debian-11 -- 1.13.0 -- latest diff --git a/bitnami/argo-cd/2/debian-11/Dockerfile b/bitnami/argo-cd/2/debian-11/Dockerfile deleted file mode 100644 index 09ce84e8f373..000000000000 --- a/bitnami/argo-cd/2/debian-11/Dockerfile +++ /dev/null @@ -1,54 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T14:56:48Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="2.10.0-debian-11-r18" \ - org.opencontainers.image.title="argo-cd" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="2.10.0" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl git git-lfs gnupg openssh-client procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "argo-cd-2.10.0-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/argo-cd/postunpack.sh -ENV APP_VERSION="2.10.0" \ - BITNAMI_APP_NAME="argo-cd" \ - PATH="/opt/bitnami/argo-cd/bin:/opt/bitnami/argo-cd/hack:/opt/bitnami/helm/bin:/opt/bitnami/ksonnet/bin:/opt/bitnami/kustomize/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/argo-cd/entrypoint.sh" ] -CMD [ "argocd", "--help" ] diff --git a/bitnami/argo-cd/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/argo-cd/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 81b700d6f871..000000000000 --- a/bitnami/argo-cd/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "argo-cd": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.10.0-1" - } -} \ No newline at end of file diff --git a/bitnami/argo-cd/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/argo-cd/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/argo-cd/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/argo-cd/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/argo-cd/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/argo-cd/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/argo-cd/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/argo-cd/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/argo-cd/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/argo-cd/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/argo-cd/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/argo-cd/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/argo-cd/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/argo-cd/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/argo-cd/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/argo-cd/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/argo-cd/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/argo-cd/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/argo-cd/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/argo-cd/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/argo-cd/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/argo-cd/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/argo-cd/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/argo-cd/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/argo-cd/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/argo-cd/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/argo-cd/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/argo-cd/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/argo-cd/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/argo-cd/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/argo-cd/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/argo-cd/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/argo-cd/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/argo-cd/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/argo-cd/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/argo-cd/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/argo-cd/2/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/argo-cd/2/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/argo-cd/2/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/argo-cd/2/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/argo-cd/2/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/argo-cd/2/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/argo-cd/2/debian-11/rootfs/opt/bitnami/argo-cd/nss-wrapper/nss_group b/bitnami/argo-cd/2/debian-11/rootfs/opt/bitnami/argo-cd/nss-wrapper/nss_group deleted file mode 100644 index 4dc90fb7651d..000000000000 --- a/bitnami/argo-cd/2/debian-11/rootfs/opt/bitnami/argo-cd/nss-wrapper/nss_group +++ /dev/null @@ -1 +0,0 @@ -argocd:x:0: \ No newline at end of file diff --git a/bitnami/argo-cd/2/debian-11/rootfs/opt/bitnami/argo-cd/nss-wrapper/nss_passwd b/bitnami/argo-cd/2/debian-11/rootfs/opt/bitnami/argo-cd/nss-wrapper/nss_passwd deleted file mode 100644 index 3ce33ff85bc7..000000000000 --- a/bitnami/argo-cd/2/debian-11/rootfs/opt/bitnami/argo-cd/nss-wrapper/nss_passwd +++ /dev/null @@ -1 +0,0 @@ -argocd:x:1001:0:ArgoCD:/opt/bitnami/argo-cd:/bin/false \ No newline at end of file diff --git a/bitnami/argo-cd/2/debian-11/rootfs/opt/bitnami/scripts/argo-cd/entrypoint.sh b/bitnami/argo-cd/2/debian-11/rootfs/opt/bitnami/scripts/argo-cd/entrypoint.sh deleted file mode 100755 index fad097777a9e..000000000000 --- a/bitnami/argo-cd/2/debian-11/rootfs/opt/bitnami/scripts/argo-cd/entrypoint.sh +++ /dev/null @@ -1,41 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -print_welcome_page - -# Set nss_wrapper vars only when running as non-root -# Configure libnss_wrapper based on the UID/GID used to run the container -# This container supports arbitrary UIDs, therefore we have do it dynamically -if ! am_i_root; then - export LNAME="argocd" - export LD_PRELOAD="/opt/bitnami/common/lib/libnss_wrapper.so" - if ! user_exists "$(id -u)" && [[ -f "$LD_PRELOAD" ]]; then - info "Configuring libnss_wrapper" - NSS_WRAPPER_PASSWD="$(mktemp)" - export NSS_WRAPPER_PASSWD - NSS_WRAPPER_GROUP="$(mktemp)" - export NSS_WRAPPER_GROUP - if [[ "$HOME" == "/" ]]; then - export HOME=/opt/bitnami/argo-cd - fi - echo "argocd:x:$(id -u):$(id -g):ArgoCD:${HOME}:/bin/false" > "$NSS_WRAPPER_PASSWD" - echo "argocd:x:$(id -g):" > "$NSS_WRAPPER_GROUP" - chmod 400 "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP" - fi -fi - -echo "" -exec "$@" diff --git a/bitnami/argo-cd/2/debian-11/rootfs/opt/bitnami/scripts/argo-cd/postunpack.sh b/bitnami/argo-cd/2/debian-11/rootfs/opt/bitnami/scripts/argo-cd/postunpack.sh deleted file mode 100755 index 39074d51d365..000000000000 --- a/bitnami/argo-cd/2/debian-11/rootfs/opt/bitnami/scripts/argo-cd/postunpack.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh - -# Argo CD repo server requires the directory /app/config/gpg/source to exist -for dir in "/app/config/gpg/keys" "/app/config/gpg/source" "/bitnami/argocd" "/.argocd"; do - ensure_dir_exists "$dir" - configure_permissions_ownership "$dir" -d "775" -f "664" -g "root" -done - diff --git a/bitnami/argo-cd/2/debian-11/tags-info.yaml b/bitnami/argo-cd/2/debian-11/tags-info.yaml deleted file mode 100644 index fa154790da8f..000000000000 --- a/bitnami/argo-cd/2/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "2" -- 2-debian-11 -- 2.10.0 -- latest diff --git a/bitnami/argo-workflow-cli/3/debian-11/Dockerfile b/bitnami/argo-workflow-cli/3/debian-11/Dockerfile deleted file mode 100644 index 6c78df676125..000000000000 --- a/bitnami/argo-workflow-cli/3/debian-11/Dockerfile +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye as builder - -ARG TARGETARCH - -ENV OS_ARCH="${TARGETARCH:-amd64}" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] - -# Install required system packages and dependencies -RUN install_packages ca-certificates curl -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "argo-workflows-3.5.4-3-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done - -###### - -FROM scratch - -ARG TARGETARCH - -ENV OS_ARCH="${TARGETARCH:-amd64}" - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="scratch" \ - org.opencontainers.image.created="2024-02-19T21:34:37Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="3.5.4-debian-11-r5" \ - org.opencontainers.image.title="argo-workflow-cli" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="3.5.4" - -COPY prebuildfs / -COPY rootfs / -COPY --from=builder /opt/bitnami/argo-workflows/hack/nsswitch.conf /etc/nsswitch.conf -COPY --from=builder /opt/bitnami/argo-workflows/bin/argo /argo -COPY --from=builder /opt/bitnami/argo-workflows/hack/ssh_known_hosts /etc/ssh/ssh_known_hosts - -ENV APP_VERSION="3.5.4" \ - BITNAMI_APP_NAME="argo-workflow-cli" - -USER 1001 - -ENTRYPOINT [ "/argo" ] diff --git a/bitnami/argo-workflow-cli/3/debian-11/docker-compose.yml b/bitnami/argo-workflow-cli/3/debian-11/docker-compose.yml deleted file mode 100644 index cf0182da49ca..000000000000 --- a/bitnami/argo-workflow-cli/3/debian-11/docker-compose.yml +++ /dev/null @@ -1,9 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' - -services: - argo-workflows: - image: docker.io/bitnami/argo-workflow-cli:3 - entrypoint: tail -f /dev/null diff --git a/bitnami/argo-workflow-cli/3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/argo-workflow-cli/3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 2e20bbffc4f6..000000000000 --- a/bitnami/argo-workflow-cli/3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "argo-workflows": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.5.4-3" - } -} \ No newline at end of file diff --git a/bitnami/argo-workflow-cli/3/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/argo-workflow-cli/3/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/argo-workflow-cli/3/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/argo-workflow-cli/3/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/argo-workflow-cli/3/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/argo-workflow-cli/3/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/argo-workflow-cli/3/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/argo-workflow-cli/3/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/argo-workflow-cli/3/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/argo-workflow-cli/3/debian-11/rootfs/etc/ssl/certs/ca-certificates.crt b/bitnami/argo-workflow-cli/3/debian-11/rootfs/etc/ssl/certs/ca-certificates.crt deleted file mode 100644 index 2d584626cce6..000000000000 --- a/bitnami/argo-workflow-cli/3/debian-11/rootfs/etc/ssl/certs/ca-certificates.crt +++ /dev/null @@ -1,3864 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIH0zCCBbugAwIBAgIIXsO3pkN/pOAwDQYJKoZIhvcNAQEFBQAwQjESMBAGA1UE -AwwJQUNDVlJBSVoxMRAwDgYDVQQLDAdQS0lBQ0NWMQ0wCwYDVQQKDARBQ0NWMQsw -CQYDVQQGEwJFUzAeFw0xMTA1MDUwOTM3MzdaFw0zMDEyMzEwOTM3MzdaMEIxEjAQ -BgNVBAMMCUFDQ1ZSQUlaMTEQMA4GA1UECwwHUEtJQUNDVjENMAsGA1UECgwEQUND -VjELMAkGA1UEBhMCRVMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCb -qau/YUqXry+XZpp0X9DZlv3P4uRm7x8fRzPCRKPfmt4ftVTdFXxpNRFvu8gMjmoY -HtiP2Ra8EEg2XPBjs5BaXCQ316PWywlxufEBcoSwfdtNgM3802/J+Nq2DoLSRYWo -G2ioPej0RGy9ocLLA76MPhMAhN9KSMDjIgro6TenGEyxCQ0jVn8ETdkXhBilyNpA -lHPrzg5XPAOBOp0KoVdDaaxXbXmQeOW1tDvYvEyNKKGno6e6Ak4l0Squ7a4DIrhr -IA8wKFSVf+DuzgpmndFALW4ir50awQUZ0m/A8p/4e7MCQvtQqR0tkw8jq8bBD5L/ -0KIV9VMJcRz/RROE5iZe+OCIHAr8Fraocwa48GOEAqDGWuzndN9wrqODJerWx5eH -k6fGioozl2A3ED6XPm4pFdahD9GILBKfb6qkxkLrQaLjlUPTAYVtjrs78yM2x/47 -4KElB0iryYl0/wiPgL/AlmXz7uxLaL2diMMxs0Dx6M/2OLuc5NF/1OVYm3z61PMO -m3WR5LpSLhl+0fXNWhn8ugb2+1KoS5kE3fj5tItQo05iifCHJPqDQsGH+tUtKSpa -cXpkatcnYGMN285J9Y0fkIkyF/hzQ7jSWpOGYdbhdQrqeWZ2iE9x6wQl1gpaepPl -uUsXQA+xtrn13k/c4LOsOxFwYIRKQ26ZIMApcQrAZQIDAQABo4ICyzCCAscwfQYI -KwYBBQUHAQEEcTBvMEwGCCsGAQUFBzAChkBodHRwOi8vd3d3LmFjY3YuZXMvZmls -ZWFkbWluL0FyY2hpdm9zL2NlcnRpZmljYWRvcy9yYWl6YWNjdjEuY3J0MB8GCCsG -AQUFBzABhhNodHRwOi8vb2NzcC5hY2N2LmVzMB0GA1UdDgQWBBTSh7Tj3zcnk1X2 -VuqB5TbMjB4/vTAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFNKHtOPfNyeT -VfZW6oHlNsyMHj+9MIIBcwYDVR0gBIIBajCCAWYwggFiBgRVHSAAMIIBWDCCASIG -CCsGAQUFBwICMIIBFB6CARAAQQB1AHQAbwByAGkAZABhAGQAIABkAGUAIABDAGUA -cgB0AGkAZgBpAGMAYQBjAGkA8wBuACAAUgBhAO0AegAgAGQAZQAgAGwAYQAgAEEA -QwBDAFYAIAAoAEEAZwBlAG4AYwBpAGEAIABkAGUAIABUAGUAYwBuAG8AbABvAGcA -7QBhACAAeQAgAEMAZQByAHQAaQBmAGkAYwBhAGMAaQDzAG4AIABFAGwAZQBjAHQA -cgDzAG4AaQBjAGEALAAgAEMASQBGACAAUQA0ADYAMAAxADEANQA2AEUAKQAuACAA -QwBQAFMAIABlAG4AIABoAHQAdABwADoALwAvAHcAdwB3AC4AYQBjAGMAdgAuAGUA -czAwBggrBgEFBQcCARYkaHR0cDovL3d3dy5hY2N2LmVzL2xlZ2lzbGFjaW9uX2Mu -aHRtMFUGA1UdHwROMEwwSqBIoEaGRGh0dHA6Ly93d3cuYWNjdi5lcy9maWxlYWRt -aW4vQXJjaGl2b3MvY2VydGlmaWNhZG9zL3JhaXphY2N2MV9kZXIuY3JsMA4GA1Ud -DwEB/wQEAwIBBjAXBgNVHREEEDAOgQxhY2N2QGFjY3YuZXMwDQYJKoZIhvcNAQEF -BQADggIBAJcxAp/n/UNnSEQU5CmH7UwoZtCPNdpNYbdKl02125DgBS4OxnnQ8pdp -D70ER9m+27Up2pvZrqmZ1dM8MJP1jaGo/AaNRPTKFpV8M9xii6g3+CfYCS0b78gU -JyCpZET/LtZ1qmxNYEAZSUNUY9rizLpm5U9EelvZaoErQNV/+QEnWCzI7UiRfD+m -AM/EKXMRNt6GGT6d7hmKG9Ww7Y49nCrADdg9ZuM8Db3VlFzi4qc1GwQA9j9ajepD -vV+JHanBsMyZ4k0ACtrJJ1vnE5Bc5PUzolVt3OAJTS+xJlsndQAJxGJ3KQhfnlms -tn6tn1QwIgPBHnFk/vk4CpYY3QIUrCPLBhwepH2NDd4nQeit2hW3sCPdK6jT2iWH -7ehVRE2I9DZ+hJp4rPcOVkkO1jMl1oRQQmwgEh0q1b688nCBpHBgvgW1m54ERL5h -I6zppSSMEYCUWqKiuUnSwdzRp+0xESyeGabu4VXhwOrPDYTkF7eifKXeVSUG7szA -h1xA2syVP1XgNce4hL60Xc16gwFy7ofmXx2utYXGJt/mwZrpHgJHnyqobalbz+xF -d3+YJ5oyXSrjhO7FmGYvliAd3djDJ9ew+f7Zfc3Qn48LFFhRny+Lwzgt3uiP1o2H -pPVWQxaZLPSkVrQ0uGE3ycJYgBugl6H8WY3pEfbRD0tVNEYqi4Y7 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFgzCCA2ugAwIBAgIPXZONMGc2yAYdGsdUhGkHMA0GCSqGSIb3DQEBCwUAMDsx -CzAJBgNVBAYTAkVTMREwDwYDVQQKDAhGTk1ULVJDTTEZMBcGA1UECwwQQUMgUkFJ -WiBGTk1ULVJDTTAeFw0wODEwMjkxNTU5NTZaFw0zMDAxMDEwMDAwMDBaMDsxCzAJ -BgNVBAYTAkVTMREwDwYDVQQKDAhGTk1ULVJDTTEZMBcGA1UECwwQQUMgUkFJWiBG -Tk1ULVJDTTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALpxgHpMhm5/ -yBNtwMZ9HACXjywMI7sQmkCpGreHiPibVmr75nuOi5KOpyVdWRHbNi63URcfqQgf -BBckWKo3Shjf5TnUV/3XwSyRAZHiItQDwFj8d0fsjz50Q7qsNI1NOHZnjrDIbzAz -WHFctPVrbtQBULgTfmxKo0nRIBnuvMApGGWn3v7v3QqQIecaZ5JCEJhfTzC8PhxF -tBDXaEAUwED653cXeuYLj2VbPNmaUtu1vZ5Gzz3rkQUCwJaydkxNEJY7kvqcfw+Z -374jNUUeAlz+taibmSXaXvMiwzn15Cou08YfxGyqxRxqAQVKL9LFwag0Jl1mpdIC -IfkYtwb1TplvqKtMUejPUBjFd8g5CSxJkjKZqLsXF3mwWsXmo8RZZUc1g16p6DUL -mbvkzSDGm0oGObVo/CK67lWMK07q87Hj/LaZmtVC+nFNCM+HHmpxffnTtOmlcYF7 -wk5HlqX2doWjKI/pgG6BU6VtX7hI+cL5NqYuSf+4lsKMB7ObiFj86xsc3i1w4peS -MKGJ47xVqCfWS+2QrYv6YyVZLag13cqXM7zlzced0ezvXg5KkAYmY6252TUtB7p2 -ZSysV4999AeU14ECll2jB0nVetBX+RvnU0Z1qrB5QstocQjpYL05ac70r8NWQMet -UqIJ5G+GR4of6ygnXYMgrwTJbFaai0b1AgMBAAGjgYMwgYAwDwYDVR0TAQH/BAUw -AwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFPd9xf3E6Jobd2Sn9R2gzL+H -YJptMD4GA1UdIAQ3MDUwMwYEVR0gADArMCkGCCsGAQUFBwIBFh1odHRwOi8vd3d3 -LmNlcnQuZm5tdC5lcy9kcGNzLzANBgkqhkiG9w0BAQsFAAOCAgEAB5BK3/MjTvDD -nFFlm5wioooMhfNzKWtN/gHiqQxjAb8EZ6WdmF/9ARP67Jpi6Yb+tmLSbkyU+8B1 -RXxlDPiyN8+sD8+Nb/kZ94/sHvJwnvDKuO+3/3Y3dlv2bojzr2IyIpMNOmqOFGYM -LVN0V2Ue1bLdI4E7pWYjJ2cJj+F3qkPNZVEI7VFY/uY5+ctHhKQV8Xa7pO6kO8Rf -77IzlhEYt8llvhjho6Tc+hj507wTmzl6NLrTQfv6MooqtyuGC2mDOL7Nii4LcK2N -JpLuHvUBKwrZ1pebbuCoGRw6IYsMHkCtA+fdZn71uSANA+iW+YJF1DngoABd15jm -fZ5nc8OaKveri6E6FO80vFIOiZiaBECEHX5FaZNXzuvO+FB8TxxuBEOb+dY7Ixjp -6o7RTUaN8Tvkasq6+yO3m/qZASlaWFot4/nUbQ4mrcFuNLwy+AwF+mWj2zs3gyLp -1txyM/1d8iC9djwj2ij3+RvrWWTV3F9yfiD8zYm1kGdNYno/Tq0dwzn+evQoFt9B -9kiABdcPUXmsEKvU7ANm5mqwujGSQkBqvjrTcuFqN1W8rB2Vt2lh8kORdOag0wok -RqEIr9baRRmW1FMdW4R58MD3R++Lj8UGrp1MYp3/RgT408m2ECVAdf4WqslKYIYv -uu8wd+RU4riEmViAqhOLUTpPSPaLtrM= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIGZjCCBE6gAwIBAgIPB35Sk3vgFeNX8GmMy+wMMA0GCSqGSIb3DQEBBQUAMHsx -CzAJBgNVBAYTAkNPMUcwRQYDVQQKDD5Tb2NpZWRhZCBDYW1lcmFsIGRlIENlcnRp -ZmljYWNpw7NuIERpZ2l0YWwgLSBDZXJ0aWPDoW1hcmEgUy5BLjEjMCEGA1UEAwwa -QUMgUmHDrXogQ2VydGljw6FtYXJhIFMuQS4wHhcNMDYxMTI3MjA0NjI5WhcNMzAw -NDAyMjE0MjAyWjB7MQswCQYDVQQGEwJDTzFHMEUGA1UECgw+U29jaWVkYWQgQ2Ft -ZXJhbCBkZSBDZXJ0aWZpY2FjacOzbiBEaWdpdGFsIC0gQ2VydGljw6FtYXJhIFMu -QS4xIzAhBgNVBAMMGkFDIFJhw616IENlcnRpY8OhbWFyYSBTLkEuMIICIjANBgkq -hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAq2uJo1PMSCMI+8PPUZYILrgIem08kBeG -qentLhM0R7LQcNzJPNCNyu5LF6vQhbCnIwTLqKL85XXbQMpiiY9QngE9JlsYhBzL -fDe3fezTf3MZsGqy2IiKLUV0qPezuMDU2s0iiXRNWhU5cxh0T7XrmafBHoi0wpOQ -Y5fzp6cSsgkiBzPZkc0OnB8OIMfuuzONj8LSWKdf/WU34ojC2I+GdV75LaeHM/J4 -Ny+LvB2GNzmxlPLYvEqcgxhaBvzz1NS6jBUJJfD5to0EfhcSM2tXSExP2yYe68yQ -54v5aHxwD6Mq0Do43zeX4lvegGHTgNiRg0JaTASJaBE8rF9ogEHMYELODVoqDA+b -MMCm8Ibbq0nXl21Ii/kDwFJnmxL3wvIumGVC2daa49AZMQyth9VXAnow6IYm+48j -ilSH5L887uvDdUhfHjlvgWJsxS3EF1QZtzeNnDeRyPYL1epjb4OsOMLzP96a++Ej -YfDIJss2yKHzMI+ko6Kh3VOz3vCaMh+DkXkwwakfU5tTohVTP92dsxA7SH2JD/zt -A/X7JWR1DhcZDY8AFmd5ekD8LVkH2ZD6mq093ICK5lw1omdMEWux+IBkAC1vImHF -rEsm5VoQgpukg3s0956JkSCXjrdCx2bD0Omk1vUgjcTDlaxECp1bczwmPS9KvqfJ -pxAe+59QafMCAwEAAaOB5jCB4zAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE -AwIBBjAdBgNVHQ4EFgQU0QnQ6dfOeXRU+Tows/RtLAMDG2gwgaAGA1UdIASBmDCB -lTCBkgYEVR0gADCBiTArBggrBgEFBQcCARYfaHR0cDovL3d3dy5jZXJ0aWNhbWFy -YS5jb20vZHBjLzBaBggrBgEFBQcCAjBOGkxMaW1pdGFjaW9uZXMgZGUgZ2FyYW50 -7WFzIGRlIGVzdGUgY2VydGlmaWNhZG8gc2UgcHVlZGVuIGVuY29udHJhciBlbiBs -YSBEUEMuMA0GCSqGSIb3DQEBBQUAA4ICAQBclLW4RZFNjmEfAygPU3zmpFmps4p6 -xbD/CHwso3EcIRNnoZUSQDWDg4902zNc8El2CoFS3UnUmjIz75uny3XlesuXEpBc -unvFm9+7OSPI/5jOCk0iAUgHforA1SBClETvv3eiiWdIG0ADBaGJ7M9i4z0ldma/ -Jre7Ir5v/zlXdLp6yQGVwZVR6Kss+LGGIOk/yzVb0hfpKv6DExdA7ohiZVvVO2Dp -ezy4ydV/NgIlqmjCMRW3MGXrfx1IebHPOeJCgBbT9ZMj/EyXyVo3bHwi2ErN0o42 -gzmRkBDI8ck1fj+404HGIGQatlDCIaR43NAvO2STdPCWkPHv+wlaNECW8DYSwaN0 -jJN+Qd53i+yG2dIPPy3RzECiiWZIHiCznCNZc6lEc7wkeZBWN7PGKX6jD/EpOe9+ -XCgycDWs2rjIdWb8m0w5R44bb5tNAlQiM+9hup4phO9OSzNHdpdqy35f/RWmnkJD -W2ZaiogN9xa5P1FlK2Zqi9E4UqLWRhH6/JocdJ6PlwsCT2TG9WjTSy3/pDceiz+/ -RL5hRqGEPQgnTIEgd4kI6mdAXmwIUV80WoyWaM3X94nCHNMyAK9Sy9NgWyo6R35r -MDOhYil/SrnhLecUIw4OGEfhefwVVdCx/CVxY3UzHCMrr1zZ7Ud3YA47Dx7SwNxk -BYn8eNZcLCZDqQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFuzCCA6OgAwIBAgIIVwoRl0LE48wwDQYJKoZIhvcNAQELBQAwazELMAkGA1UE -BhMCSVQxDjAMBgNVBAcMBU1pbGFuMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8w -MzM1ODUyMDk2NzEnMCUGA1UEAwweQWN0YWxpcyBBdXRoZW50aWNhdGlvbiBSb290 -IENBMB4XDTExMDkyMjExMjIwMloXDTMwMDkyMjExMjIwMlowazELMAkGA1UEBhMC -SVQxDjAMBgNVBAcMBU1pbGFuMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8wMzM1 -ODUyMDk2NzEnMCUGA1UEAwweQWN0YWxpcyBBdXRoZW50aWNhdGlvbiBSb290IENB -MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAp8bEpSmkLO/lGMWwUKNv -UTufClrJwkg4CsIcoBh/kbWHuUA/3R1oHwiD1S0eiKD4j1aPbZkCkpAW1V8IbInX -4ay8IMKx4INRimlNAJZaby/ARH6jDuSRzVju3PvHHkVH3Se5CAGfpiEd9UEtL0z9 -KK3giq0itFZljoZUj5NDKd45RnijMCO6zfB9E1fAXdKDa0hMxKufgFpbOr3JpyI/ -gCczWw63igxdBzcIy2zSekciRDXFzMwujt0q7bd9Zg1fYVEiVRvjRuPjPdA1Yprb -rxTIW6HMiRvhMCb8oJsfgadHHwTrozmSBp+Z07/T6k9QnBn+locePGX2oxgkg4YQ -51Q+qDp2JE+BIcXjDwL4k5RHILv+1A7TaLndxHqEguNTVHnd25zS8gebLra8Pu2F -be8lEfKXGkJh90qX6IuxEAf6ZYGyojnP9zz/GPvG8VqLWeICrHuS0E4UT1lF9gxe -KF+w6D9Fz8+vm2/7hNN3WpVvrJSEnu68wEqPSpP4RCHiMUVhUE4Q2OM1fEwZtN4F -v6MGn8i1zeQf1xcGDXqVdFUNaBr8EBtiZJ1t4JWgw5QHVw0U5r0F+7if5t+L4sbn -fpb2U8WANFAoWPASUHEXMLrmeGO89LKtmyuy/uE5jF66CyCU3nuDuP/jVo23Eek7 -jPKxwV2dpAtMK9myGPW1n0sCAwEAAaNjMGEwHQYDVR0OBBYEFFLYiDrIn3hm7Ynz -ezhwlMkCAjbQMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUUtiIOsifeGbt -ifN7OHCUyQICNtAwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4ICAQAL -e3KHwGCmSUyIWOYdiPcUZEim2FgKDk8TNd81HdTtBjHIgT5q1d07GjLukD0R0i70 -jsNjLiNmsGe+b7bAEzlgqqI0JZN1Ut6nna0Oh4lScWoWPBkdg/iaKWW+9D+a2fDz -WochcYBNy+A4mz+7+uAwTc+G02UQGRjRlwKxK3JCaKygvU5a2hi/a5iB0P2avl4V -SM0RFbnAKVy06Ij3Pjaut2L9HmLecHgQHEhb2rykOLpn7VU+Xlff1ANATIGk0k9j -pwlCCRT8AKnCgHNPLsBA2RF7SOp6AsDT6ygBJlh0wcBzIm2Tlf05fbsq4/aC4yyX -X04fkZT6/iyj2HYauE2yOE+b+h1IYHkm4vP9qdCa6HCPSXrW5b0KDtst842/6+Ok -fcvHlXHo2qN8xcL4dJIEG4aspCJTQLas/kx2z/uUMsA1n3Y/buWQbqCmJqK4LL7R -K4X9p2jIugErsWx0Hbhzlefut8cl8ABMALJ+tguLHPPAUJ4lueAI3jZm/zel0btU -ZCzJJ7VLkn5l/9Mt4blOvH+kQSGQQXemOR/qnuOf0GZvBeyqdn6/axag67XH/JJU -LysRJyU3eExRarDzzFhdFPFqSBX/wge2sY0PjlxQRrM9vwGYT7JZVEc+NHt4bVaT -LnPqZih4zR0Uv6CPLy64Lo7yFIrM6bV8+2ydDKXhlg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIENjCCAx6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBvMQswCQYDVQQGEwJTRTEU -MBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4dGVybmFs -IFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBFeHRlcm5hbCBDQSBSb290 -MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFowbzELMAkGA1UEBhMCU0Ux -FDASBgNVBAoTC0FkZFRydXN0IEFCMSYwJAYDVQQLEx1BZGRUcnVzdCBFeHRlcm5h -bCBUVFAgTmV0d29yazEiMCAGA1UEAxMZQWRkVHJ1c3QgRXh0ZXJuYWwgQ0EgUm9v -dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALf3GjPm8gAELTngTlvt -H7xsD821+iO2zt6bETOXpClMfZOfvUq8k+0DGuOPz+VtUFrWlymUWoCwSXrbLpX9 -uMq/NzgtHj6RQa1wVsfwTz/oMp50ysiQVOnGXw94nZpAPA6sYapeFI+eh6FqUNzX -mk6vBbOmcZSccbNQYArHE504B4YCqOmoaSYYkKtMsE8jqzpPhNjfzp/haW+710LX -a0Tkx63ubUFfclpxCDezeWWkWaCUN/cALw3CknLa0Dhy2xSoRcRdKn23tNbE7qzN -E0S3ySvdQwAl+mG5aWpYIxG3pzOPVnVZ9c0p10a3CitlttNCbxWyuHv77+ldU9U0 -WicCAwEAAaOB3DCB2TAdBgNVHQ4EFgQUrb2YejS0Jvf6xCZU7wO94CTLVBowCwYD -VR0PBAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wgZkGA1UdIwSBkTCBjoAUrb2YejS0 -Jvf6xCZU7wO94CTLVBqhc6RxMG8xCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRU -cnVzdCBBQjEmMCQGA1UECxMdQWRkVHJ1c3QgRXh0ZXJuYWwgVFRQIE5ldHdvcmsx -IjAgBgNVBAMTGUFkZFRydXN0IEV4dGVybmFsIENBIFJvb3SCAQEwDQYJKoZIhvcN -AQEFBQADggEBALCb4IUlwtYj4g+WBpKdQZic2YR5gdkeWxQHIzZlj7DYd7usQWxH -YINRsPkyPef89iYTx4AWpb9a/IfPeHmJIZriTAcKhjW88t5RxNKWt9x+Tu5w/Rw5 -6wwCURQtjr0W4MHfRnXnJK3s9EK0hZNwEGe6nQY1ShjTK3rMUUKhemPR5ruhxSvC -Nr4TDea9Y355e6cJDUCrat2PisP29owaQgVR1EX1n6diIWgVIEM8med8vSTYqZEX -c4g/VhsxOBi0cQ+azcgOno4uG+GMmIPLHzHxREzGBHNJdmAPx/i9F4BrLunMTA5a -mnkPIAou1Z5jJh5VkpTYghdae9C8x49OhgQ= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEGDCCAwCgAwIBAgIBATANBgkqhkiG9w0BAQUFADBlMQswCQYDVQQGEwJTRTEU -MBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3 -b3JrMSEwHwYDVQQDExhBZGRUcnVzdCBDbGFzcyAxIENBIFJvb3QwHhcNMDAwNTMw -MTAzODMxWhcNMjAwNTMwMTAzODMxWjBlMQswCQYDVQQGEwJTRTEUMBIGA1UEChML -QWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3b3JrMSEwHwYD -VQQDExhBZGRUcnVzdCBDbGFzcyAxIENBIFJvb3QwggEiMA0GCSqGSIb3DQEBAQUA -A4IBDwAwggEKAoIBAQCWltQhSWDia+hBBwzexODcEyPNwTXH+9ZOEQpnXvUGW2ul -CDtbKRY654eyNAbFvAWlA3yCyykQruGIgb3WntP+LVbBFc7jJp0VLhD7Bo8wBN6n -tGO0/7Gcrjyvd7ZWxbWroulpOj0OM3kyP3CCkplhbY0wCI9xP6ZIVxn4JdxLZlyl -dI+Yrsj5wAYi56xz36Uu+1LcsRVlIPo1Zmne3yzxbrww2ywkEtvrNTVokMsAsJch -PXQhI2U0K7t4WaPW4XY5mqRJjox0r26kmqPZm9I4XJuiGMx1I4S+6+JNM3GOGvDC -+Mcdoq0Dlyz4zyXG9rgkMbFjXZJ/Y/AlyVMuH79NAgMBAAGjgdIwgc8wHQYDVR0O -BBYEFJWxtPCUtr3H2tERCSG+wa9J/RB7MAsGA1UdDwQEAwIBBjAPBgNVHRMBAf8E -BTADAQH/MIGPBgNVHSMEgYcwgYSAFJWxtPCUtr3H2tERCSG+wa9J/RB7oWmkZzBl -MQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFk -ZFRydXN0IFRUUCBOZXR3b3JrMSEwHwYDVQQDExhBZGRUcnVzdCBDbGFzcyAxIENB -IFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBACxtZBsfzQ3duQH6lmM0MkhHma6X -7f1yFqZzR1r0693p9db7RcwpiURdv0Y5PejuvE1Uhh4dbOMXJ0PhiVYrqW9yTkkz -43J8KiOavD7/KCrto/8cI7pDVwlnTUtiBi34/2ydYB7YHEt9tTEv2dB8Xfjea4MY -eDdXL+gzB2ffHsdrKpV2ro9Xo/D0UrSpUwjP4E/TelOL/bscVjby/rK25Xa71SJl -pz/+0WatC7xrmYbvP33zGDLKe8bjq2RGlfgmadlVg3sslgf/WSxEo8bl6ancoWOA -WiFeIc9TVPC6b4nbqKqVz4vjccweGyBECMB6tkD9xOQ14R0WHNC8K47Wcdk= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDTDCCAjSgAwIBAgIId3cGJyapsXwwDQYJKoZIhvcNAQELBQAwRDELMAkGA1UE -BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVz -dCBDb21tZXJjaWFsMB4XDTEwMDEyOTE0MDYwNloXDTMwMTIzMTE0MDYwNlowRDEL -MAkGA1UEBhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZp -cm1UcnVzdCBDb21tZXJjaWFsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC -AQEA9htPZwcroRX1BiLLHwGy43NFBkRJLLtJJRTWzsO3qyxPxkEylFf6EqdbDuKP -Hx6GGaeqtS25Xw2Kwq+FNXkyLbscYjfysVtKPcrNcV/pQr6U6Mje+SJIZMblq8Yr -ba0F8PrVC8+a5fBQpIs7R6UjW3p6+DM/uO+Zl+MgwdYoic+U+7lF7eNAFxHUdPAL -MeIrJmqbTFeurCA+ukV6BfO9m2kVrn1OIGPENXY6BwLJN/3HR+7o8XYdcxXyl6S1 -yHp52UKqK39c/s4mT6NmgTWvRLpUHhwwMmWd5jyTXlBOeuM61G7MGvv50jeuJCqr -VwMiKA1JdX+3KNp1v47j3A55MQIDAQABo0IwQDAdBgNVHQ4EFgQUnZPGU4teyq8/ -nx4P5ZmVvCT2lI8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwDQYJ -KoZIhvcNAQELBQADggEBAFis9AQOzcAN/wr91LoWXym9e2iZWEnStB03TX8nfUYG -XUPGhi4+c7ImfU+TqbbEKpqrIZcUsd6M06uJFdhrJNTxFq7YpFzUf1GO7RgBsZNj -vbz4YYCanrHOQnDiqX0GJX0nof5v7LMeJNrjS1UaADs1tDvZ110w/YETifLCBivt -Z8SOyUOyXGsViQK8YvxO8rUzqrJv0wqiUOP2O+guRMLbZjipM1ZI8W0bM40NjD9g -N53Tym1+NH4Nn3J2ixufcv1SNUFFApYvHLKac0khsUlHRUe072o0EclNmsxZt9YC -nlpOZbWUrhvfKbAW8b8Angc6F2S1BLUjIZkKlTuXfO8= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDTDCCAjSgAwIBAgIIfE8EORzUmS0wDQYJKoZIhvcNAQEFBQAwRDELMAkGA1UE -BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVz -dCBOZXR3b3JraW5nMB4XDTEwMDEyOTE0MDgyNFoXDTMwMTIzMTE0MDgyNFowRDEL -MAkGA1UEBhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZp -cm1UcnVzdCBOZXR3b3JraW5nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC -AQEAtITMMxcua5Rsa2FSoOujz3mUTOWUgJnLVWREZY9nZOIG41w3SfYvm4SEHi3y -YJ0wTsyEheIszx6e/jarM3c1RNg1lho9Nuh6DtjVR6FqaYvZ/Ls6rnla1fTWcbua -kCNrmreIdIcMHl+5ni36q1Mr3Lt2PpNMCAiMHqIjHNRqrSK6mQEubWXLviRmVSRL -QESxG9fhwoXA3hA/Pe24/PHxI1Pcv2WXb9n5QHGNfb2V1M6+oF4nI979ptAmDgAp -6zxG8D1gvz9Q0twmQVGeFDdCBKNwV6gbh+0t+nvujArjqWaJGctB+d1ENmHP4ndG -yH329JKBNv3bNPFyfvMMFr20FQIDAQABo0IwQDAdBgNVHQ4EFgQUBx/S55zawm6i -QLSwelAQUHTEyL0wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwDQYJ -KoZIhvcNAQEFBQADggEBAIlXshZ6qML91tmbmzTCnLQyFE2npN/svqe++EPbkTfO -tDIuUFUaNU52Q3Eg75N3ThVwLofDwR1t3Mu1J9QsVtFSUzpE0nPIxBsFZVpikpzu -QY0x2+c06lkh1QF612S4ZDnNye2v7UsDSKegmQGA3GWjNq5lWUhPgkvIZfFXHeVZ -Lgo/bNjR9eUJtGxUAArgFU2HdW23WJZa3W3SAKD0m0i+wzekujbgfIeFlxoVot4u -olu9rxj5kFDNcFn4J2dHy8egBzp90SxdbBk6ZrV9/ZFvgrG+CJPbFEfxojfHRZ48 -x3evZKiT3/Zpg4Jg8klCNO1aAFSFHBY2kgxc+qatv9s= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFRjCCAy6gAwIBAgIIbYwURrGmCu4wDQYJKoZIhvcNAQEMBQAwQTELMAkGA1UE -BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MRwwGgYDVQQDDBNBZmZpcm1UcnVz -dCBQcmVtaXVtMB4XDTEwMDEyOTE0MTAzNloXDTQwMTIzMTE0MTAzNlowQTELMAkG -A1UEBhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MRwwGgYDVQQDDBNBZmZpcm1U -cnVzdCBQcmVtaXVtMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxBLf -qV/+Qd3d9Z+K4/as4Tx4mrzY8H96oDMq3I0gW64tb+eT2TZwamjPjlGjhVtnBKAQ -JG9dKILBl1fYSCkTtuG+kU3fhQxTGJoeJKJPj/CihQvL9Cl/0qRY7iZNyaqoe5rZ -+jjeRFcV5fiMyNlI4g0WJx0eyIOFJbe6qlVBzAMiSy2RjYvmia9mx+n/K+k8rNrS -s8PhaJyJ+HoAVt70VZVs+7pk3WKL3wt3MutizCaam7uqYoNMtAZ6MMgpv+0GTZe5 -HMQxK9VfvFMSF5yZVylmd2EhMQcuJUmdGPLu8ytxjLW6OQdJd/zvLpKQBY0tL3d7 -70O/Nbua2Plzpyzy0FfuKE4mX4+QaAkvuPjcBukumj5Rp9EixAqnOEhss/n/fauG -V+O61oV4d7pD6kh/9ti+I20ev9E2bFhc8e6kGVQa9QPSdubhjL08s9NIS+LI+H+S -qHZGnEJlPqQewQcDWkYtuJfzt9WyVSHvutxMAJf7FJUnM7/oQ0dG0giZFmA7mn7S -5u046uwBHjxIVkkJx0w3AJ6IDsBz4W9m6XJHMD4Q5QsDyZpCAGzFlH5hxIrff4Ia -C1nEWTJ3s7xgaVY5/bQGeyzWZDbZvUjthB9+pSKPKrhC9IK31FOQeE4tGv2Bb0TX -OwF0lkLgAOIua+rF7nKsu7/+6qqo+Nz2snmKtmcCAwEAAaNCMEAwHQYDVR0OBBYE -FJ3AZ6YMItkm9UWrpmVSESfYRaxjMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/ -BAQDAgEGMA0GCSqGSIb3DQEBDAUAA4ICAQCzV00QYk465KzquByvMiPIs0laUZx2 -KI15qldGF9X1Uva3ROgIRL8YhNILgM3FEv0AVQVhh0HctSSePMTYyPtwni94loMg -Nt58D2kTiKV1NpgIpsbfrM7jWNa3Pt668+s0QNiigfV4Py/VpfzZotReBA4Xrf5B -8OWycvpEgjNC6C1Y91aMYj+6QrCcDFx+LmUmXFNPALJ4fqENmS2NuB2OosSw/WDQ -MKSOyARiqcTtNd56l+0OOF6SL5Nwpamcb6d9Ex1+xghIsV5n61EIJenmJWtSKZGc -0jlzCFfemQa0W50QBuHCAKi4HEoCChTQwUHK+4w1IX2COPKpVJEZNZOUbWo6xbLQ -u4mGk+ibyQ86p3q4ofB4Rvr8Ny/lioTz3/4E2aFooC8k4gmVBtWVyuEklut89pMF -u+1z6S3RdTnX5yTb2E5fQ4+e0BQ5v1VwSJlXMbSc7kqYA5YwH2AG7hsj/oFgIxpH -YoWlzBk0gG+zrBrjn/B7SK3VAdlntqlyk+otZrWyuOQ9PLLvTIzq6we/qzWaVYa8 -GKa1qF60g2xraUDTn9zxw2lrueFtCfTxqlB2Cnp9ehehVZZCmTEJ3WARjQUwfuaO -RtGdFNrHF+QFlozEJLUbzxQHskD4o55BhrwE0GuWyCqANP2/7waj3VjFhT0+j/6e -KeC2uAloGRwYQw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB/jCCAYWgAwIBAgIIdJclisc/elQwCgYIKoZIzj0EAwMwRTELMAkGA1UEBhMC -VVMxFDASBgNVBAoMC0FmZmlybVRydXN0MSAwHgYDVQQDDBdBZmZpcm1UcnVzdCBQ -cmVtaXVtIEVDQzAeFw0xMDAxMjkxNDIwMjRaFw00MDEyMzExNDIwMjRaMEUxCzAJ -BgNVBAYTAlVTMRQwEgYDVQQKDAtBZmZpcm1UcnVzdDEgMB4GA1UEAwwXQWZmaXJt -VHJ1c3QgUHJlbWl1bSBFQ0MwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQNMF4bFZ0D -0KF5Nbc6PJJ6yhUczWLznCZcBz3lVPqj1swS6vQUX+iOGasvLkjmrBhDeKzQN8O9 -ss0s5kfiGuZjuD0uL3jET9v0D6RoTFVya5UdThhClXjMNzyR4ptlKymjQjBAMB0G -A1UdDgQWBBSaryl6wBE1NSZRMADDav5A1a7WPDAPBgNVHRMBAf8EBTADAQH/MA4G -A1UdDwEB/wQEAwIBBjAKBggqhkjOPQQDAwNnADBkAjAXCfOHiFBar8jAQr9HX/Vs -aobgxCd05DhT1wV/GzTjxi+zygk8N53X57hG8f2h4nECMEJZh0PUUd+60wkyWs6I -flc9nF9Ca/UHLbXwgpP5WW+uZPpY5Yse42O+tYHNbwKMeQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDQTCCAimgAwIBAgITBmyfz5m/jAo54vB4ikPmljZbyjANBgkqhkiG9w0BAQsF -ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6 -b24gUm9vdCBDQSAxMB4XDTE1MDUyNjAwMDAwMFoXDTM4MDExNzAwMDAwMFowOTEL -MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv -b3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALJ4gHHKeNXj -ca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgHFzZM -9O6II8c+6zf1tRn4SWiw3te5djgdYZ6k/oI2peVKVuRF4fn9tBb6dNqcmzU5L/qw -IFAGbHrQgLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6 -VOujw5H5SNz/0egwLX0tdHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L -93FcXmn/6pUCyziKrlA4b9v7LWIbxcceVOF34GfID5yHI9Y/QCB/IIDEgEw+OyQm -jgSubJrIqg0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC -AYYwHQYDVR0OBBYEFIQYzIU07LwMlJQuCFmcx7IQTgoIMA0GCSqGSIb3DQEBCwUA -A4IBAQCY8jdaQZChGsV2USggNiMOruYou6r4lK5IpDB/G/wkjUu0yKGX9rbxenDI -U5PMCCjjmCXPI6T53iHTfIUJrU6adTrCC2qJeHZERxhlbI1Bjjt/msv0tadQ1wUs -N+gDS63pYaACbvXy8MWy7Vu33PqUXHeeE6V/Uq2V8viTO96LXFvKWlJbYK8U90vv -o/ufQJVtMVT8QtPHRh8jrdkPSHCa2XV4cdFyQzR1bldZwgJcJmApzyMZFo6IQ6XU -5MsI+yMRQ+hDKXJioaldXgjUkK642M4UwtBV8ob2xJNDd2ZhwLnoQdeXeGADbkpy -rqXRfboQnoZsG4q5WTP468SQvvG5 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFQTCCAymgAwIBAgITBmyf0pY1hp8KD+WGePhbJruKNzANBgkqhkiG9w0BAQwF -ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6 -b24gUm9vdCBDQSAyMB4XDTE1MDUyNjAwMDAwMFoXDTQwMDUyNjAwMDAwMFowOTEL -MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv -b3QgQ0EgMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK2Wny2cSkxK -gXlRmeyKy2tgURO8TW0G/LAIjd0ZEGrHJgw12MBvIITplLGbhQPDW9tK6Mj4kHbZ -W0/jTOgGNk3Mmqw9DJArktQGGWCsN0R5hYGCrVo34A3MnaZMUnbqQ523BNFQ9lXg -1dKmSYXpN+nKfq5clU1Imj+uIFptiJXZNLhSGkOQsL9sBbm2eLfq0OQ6PBJTYv9K -8nu+NQWpEjTj82R0Yiw9AElaKP4yRLuH3WUnAnE72kr3H9rN9yFVkE8P7K6C4Z9r -2UXTu/Bfh+08LDmG2j/e7HJV63mjrdvdfLC6HM783k81ds8P+HgfajZRRidhW+me -z/CiVX18JYpvL7TFz4QuK/0NURBs+18bvBt+xa47mAExkv8LV/SasrlX6avvDXbR -8O70zoan4G7ptGmh32n2M8ZpLpcTnqWHsFcQgTfJU7O7f/aS0ZzQGPSSbtqDT6Zj -mUyl+17vIWR6IF9sZIUVyzfpYgwLKhbcAS4y2j5L9Z469hdAlO+ekQiG+r5jqFoz -7Mt0Q5X5bGlSNscpb/xVA1wf+5+9R+vnSUeVC06JIglJ4PVhHvG/LopyboBZ/1c6 -+XUyo05f7O0oYtlNc/LMgRdg7c3r3NunysV+Ar3yVAhU/bQtCSwXVEqY0VThUWcI -0u1ufm8/0i2BWSlmy5A5lREedCf+3euvAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMB -Af8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBSwDPBMMPQFWAJI/TPlUq9LhONm -UjANBgkqhkiG9w0BAQwFAAOCAgEAqqiAjw54o+Ci1M3m9Zh6O+oAA7CXDpO8Wqj2 -LIxyh6mx/H9z/WNxeKWHWc8w4Q0QshNabYL1auaAn6AFC2jkR2vHat+2/XcycuUY -+gn0oJMsXdKMdYV2ZZAMA3m3MSNjrXiDCYZohMr/+c8mmpJ5581LxedhpxfL86kS -k5Nrp+gvU5LEYFiwzAJRGFuFjWJZY7attN6a+yb3ACfAXVU3dJnJUH/jWS5E4ywl -7uxMMne0nxrpS10gxdr9HIcWxkPo1LsmmkVwXqkLN1PiRnsn/eBG8om3zEK2yygm -btmlyTrIQRNg91CMFa6ybRoVGld45pIq2WWQgj9sAq+uEjonljYE1x2igGOpm/Hl -urR8FLBOybEfdF849lHqm/osohHUqS0nGkWxr7JOcQ3AWEbWaQbLU8uz/mtBzUF+ -fUwPfHJ5elnNXkoOrJupmHN5fLT0zLm4BwyydFy4x2+IoZCn9Kr5v2c69BoVYh63 -n749sSmvZ6ES8lgQGVMDMBu4Gon2nL2XA46jCfMdiyHxtN/kHNGfZQIG6lzWE7OE -76KlXIx3KadowGuuQNKotOrN8I1LOJwZmhsoVLiJkO/KdYE+HvJkJMcYr07/R54H -9jVlpNMKVv/1F2Rs76giJUmTtt8AF9pYfl3uxRuw0dFfIRDH+fO6AgonB8Xx1sfT -4PsJYGw= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIBtjCCAVugAwIBAgITBmyf1XSXNmY/Owua2eiedgPySjAKBggqhkjOPQQDAjA5 -MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24g -Um9vdCBDQSAzMB4XDTE1MDUyNjAwMDAwMFoXDTQwMDUyNjAwMDAwMFowOTELMAkG -A1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJvb3Qg -Q0EgMzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABCmXp8ZBf8ANm+gBG1bG8lKl -ui2yEujSLtf6ycXYqm0fc4E7O5hrOXwzpcVOho6AF2hiRVd9RFgdszflZwjrZt6j -QjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBSr -ttvXBp43rDCGB5Fwx5zEGbF4wDAKBggqhkjOPQQDAgNJADBGAiEA4IWSoxe3jfkr -BqWTrBqYaGFy+uGh0PsceGCmQ5nFuMQCIQCcAu/xlJyzlvnrxir4tiz+OpAUFteM -YyRIHN8wfdVoOw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB8jCCAXigAwIBAgITBmyf18G7EEwpQ+Vxe3ssyBrBDjAKBggqhkjOPQQDAzA5 -MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24g -Um9vdCBDQSA0MB4XDTE1MDUyNjAwMDAwMFoXDTQwMDUyNjAwMDAwMFowOTELMAkG -A1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJvb3Qg -Q0EgNDB2MBAGByqGSM49AgEGBSuBBAAiA2IABNKrijdPo1MN/sGKe0uoe0ZLY7Bi -9i0b2whxIdIA6GO9mif78DluXeo9pcmBqqNbIJhFXRbb/egQbeOc4OO9X4Ri83Bk -M6DLJC9wuoihKqB1+IGuYgbEgds5bimwHvouXKNCMEAwDwYDVR0TAQH/BAUwAwEB -/zAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0OBBYEFNPsxzplbszh2naaVvuc84ZtV+WB -MAoGCCqGSM49BAMDA2gAMGUCMDqLIfG9fhGt0O9Yli/W651+kI0rz2ZVwyzjKKlw -CkcO8DdZEv8tmZQoTipPNU0zWgIxAOp1AE47xDqUEpHJWEadIRNyp4iciuRMStuW -1KyLa2tJElMzrdfkviT8tQp21KW8EA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDdzCCAl+gAwIBAgIIXDPLYixfszIwDQYJKoZIhvcNAQELBQAwPDEeMBwGA1UE -AwwVQXRvcyBUcnVzdGVkUm9vdCAyMDExMQ0wCwYDVQQKDARBdG9zMQswCQYDVQQG -EwJERTAeFw0xMTA3MDcxNDU4MzBaFw0zMDEyMzEyMzU5NTlaMDwxHjAcBgNVBAMM -FUF0b3MgVHJ1c3RlZFJvb3QgMjAxMTENMAsGA1UECgwEQXRvczELMAkGA1UEBhMC -REUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVhTuXbyo7LjvPpvMp -Nb7PGKw+qtn4TaA+Gke5vJrf8v7MPkfoepbCJI419KkM/IL9bcFyYie96mvr54rM -VD6QUM+A1JX76LWC1BTFtqlVJVfbsVD2sGBkWXppzwO3bw2+yj5vdHLqqjAqc2K+ -SZFhyBH+DgMq92og3AIVDV4VavzjgsG1xZ1kCWyjWZgHJ8cblithdHFsQ/H3NYkQ -4J7sVaE3IqKHBAUsR320HLliKWYoyrfhk/WklAOZuXCFteZI6o1Q/NnezG8HDt0L -cp2AMBYHlT8oDv3FdU9T1nSatCQujgKRz3bFmx5VdJx4IbHwLfELn8LVlhgf8FQi -eowHAgMBAAGjfTB7MB0GA1UdDgQWBBSnpQaxLKYJYO7Rl+lwrrw7GWzbITAPBgNV -HRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFKelBrEspglg7tGX6XCuvDsZbNshMBgG -A1UdIAQRMA8wDQYLKwYBBAGwLQMEAQEwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3 -DQEBCwUAA4IBAQAmdzTblEiGKkGdLD4GkGDEjKwLVLgfuXvTBznk+j57sj1O7Z8j -vZfza1zv7v1Apt+hk6EKhqzvINB5Ab149xnYJDE0BAGmuhWawyfc2E8PzBhj/5kP -DpFrdRbhIfzYJsdHt6bPWHJxfrrhTZVHO8mvbaG0weyJ9rQPOLXiZNwlz6bb65pc -maHFCN795trV1lpFDMS3wrUU77QR/w4VtfX128a961qn8FYiqTxlVMYVqL2Gns2D -lmh6cYGJ4Qvh6hEbaAjMaZ7snkGeRDImeuKHCnE96+RapNLbxc3G3mB/ufNPRJLv -KrcYPqcZ2Qt9sTdBQrC6YB3y/gkRsPCHe6ed ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIGFDCCA/ygAwIBAgIIU+w77vuySF8wDQYJKoZIhvcNAQEFBQAwUTELMAkGA1UE -BhMCRVMxQjBABgNVBAMMOUF1dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIEZpcm1h -cHJvZmVzaW9uYWwgQ0lGIEE2MjYzNDA2ODAeFw0wOTA1MjAwODM4MTVaFw0zMDEy -MzEwODM4MTVaMFExCzAJBgNVBAYTAkVTMUIwQAYDVQQDDDlBdXRvcmlkYWQgZGUg -Q2VydGlmaWNhY2lvbiBGaXJtYXByb2Zlc2lvbmFsIENJRiBBNjI2MzQwNjgwggIi -MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDKlmuO6vj78aI14H9M2uDDUtd9 -thDIAl6zQyrET2qyyhxdKJp4ERppWVevtSBC5IsP5t9bpgOSL/UR5GLXMnE42QQM -cas9UX4PB99jBVzpv5RvwSmCwLTaUbDBPLutN0pcyvFLNg4kq7/DhHf9qFD0sefG -L9ItWY16Ck6WaVICqjaY7Pz6FIMMNx/Jkjd/14Et5cS54D40/mf0PmbR0/RAz15i -NA9wBj4gGFrO93IbJWyTdBSTo3OxDqqHECNZXyAFGUftaI6SEspd/NYrspI8IM/h -X68gvqB2f3bl7BqGYTM+53u0P6APjqK5am+5hyZvQWyIplD9amML9ZMWGxmPsu2b -m8mQ9QEM3xk9Dz44I8kvjwzRAv4bVdZO0I08r0+k8/6vKtMFnXkIoctXMbScyJCy -Z/QYFpM6/EfY0XiWMR+6KwxfXZmtY4laJCB22N/9q06mIqqdXuYnin1oKaPnirja -EbsXLZmdEyRG98Xi2J+Of8ePdG1asuhy9azuJBCtLxTa/y2aRnFHvkLfuwHb9H/T -KI8xWVvTyQKmtFLKbpf7Q8UIJm+K9Lv9nyiqDdVF8xM6HdjAeI9BZzwelGSuewvF -6NkBiDkal4ZkQdU7hwxu+g/GvUgUvzlN1J5Bto+WHWOWk9mVBngxaJ43BjuAiUVh -OSPHG0SjFeUc+JIwuwIDAQABo4HvMIHsMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYD -VR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRlzeurNR4APn7VdMActHNHDhpkLzCBpgYD -VR0gBIGeMIGbMIGYBgRVHSAAMIGPMC8GCCsGAQUFBwIBFiNodHRwOi8vd3d3LmZp -cm1hcHJvZmVzaW9uYWwuY29tL2NwczBcBggrBgEFBQcCAjBQHk4AUABhAHMAZQBv -ACAAZABlACAAbABhACAAQgBvAG4AYQBuAG8AdgBhACAANAA3ACAAQgBhAHIAYwBl -AGwAbwBuAGEAIAAwADgAMAAxADcwDQYJKoZIhvcNAQEFBQADggIBABd9oPm03cXF -661LJLWhAqvdpYhKsg9VSytXjDvlMd3+xDLx51tkljYyGOylMnfX40S2wBEqgLk9 -am58m9Ot/MPWo+ZkKXzR4Tgegiv/J2Wv+xYVxC5xhOW1//qkR71kMrv2JYSiJ0L1 -ILDCExARzRAVukKQKtJE4ZYm6zFIEv0q2skGz3QeqUvVhyj5eTSSPi5E6PaPT481 -PyWzOdxjKpBrIF/EUhJOlywqrJ2X3kjyo2bbwtKDlaZmp54lD+kLM5FlClrD2VQS -3a/DTg4fJl4N3LON7NWBcN7STyQF82xO9UxJZo3R/9ILJUFI/lGExkKvgATP0H5k -SeTy36LssUzAKh3ntLFlosS88Zj0qnAHY7S42jtM+kAiMFsRpvAFDsYCA0irhpuF -3dvd6qJ2gHN99ZwExEWN57kci57q13XRcrHedUTnQn3iV2t93Jm8PYMo6oCTjcVM -ZcFwgbg4/EMxsvYDNEeyrPsiBsse3RdHHF9mudMaotoRsaS8I8nkvof/uZS2+F0g -StRf571oe2XyFR7SOqkt6dhrJKyXWERHrVkY8SFlcN7ONGCoQPHzPKTDKCOM/icz -Q0CgFzzr6juwcqajuUpLXhZI9LK8yIySxZ2frHI2vDSANGupi5LAuBft7HZT9SQB -jLMi6Et8Vcad+qMUu2WFbm5PEn4KPJ2V ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDdzCCAl+gAwIBAgIEAgAAuTANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJ -RTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYD -VQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTAwMDUxMjE4NDYwMFoX -DTI1MDUxMjIzNTkwMFowWjELMAkGA1UEBhMCSUUxEjAQBgNVBAoTCUJhbHRpbW9y -ZTETMBEGA1UECxMKQ3liZXJUcnVzdDEiMCAGA1UEAxMZQmFsdGltb3JlIEN5YmVy -VHJ1c3QgUm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKMEuyKr -mD1X6CZymrV51Cni4eiVgLGw41uOKymaZN+hXe2wCQVt2yguzmKiYv60iNoS6zjr -IZ3AQSsBUnuId9Mcj8e6uYi1agnnc+gRQKfRzMpijS3ljwumUNKoUMMo6vWrJYeK -mpYcqWe4PwzV9/lSEy/CG9VwcPCPwBLKBsua4dnKM3p31vjsufFoREJIE9LAwqSu -XmD+tqYF/LTdB1kC1FkYmGP1pWPgkAx9XbIGevOF6uvUA65ehD5f/xXtabz5OTZy -dc93Uk3zyZAsuT3lySNTPx8kmCFcB5kpvcY67Oduhjprl3RjM71oGDHweI12v/ye -jl0qhqdNkNwnGjkCAwEAAaNFMEMwHQYDVR0OBBYEFOWdWTCCR1jMrPoIVDaGezq1 -BE3wMBIGA1UdEwEB/wQIMAYBAf8CAQMwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3 -DQEBBQUAA4IBAQCFDF2O5G9RaEIFoN27TyclhAO992T9Ldcw46QQF+vaKSm2eT92 -9hkTI7gQCvlYpNRhcL0EYWoSihfVCr3FvDB81ukMJY2GQE/szKN+OMY3EU/t3Wgx -jkzSswF07r51XgdIGn9w/xZchMB5hbgF/X++ZRGjD8ACtPhSNzkE1akxehi/oCr0 -Epn3o0WC4zxe9Z2etciefC7IpJ5OCBRLbf1wbWsaY71k5h+3zvDyny67G7fyUIhz -ksLi4xaNmjICq44Y3ekQEe5+NauQrz4wlHrQMz2nZQ/1/I6eYs9HRCwBXbsdtTLS -R9I4LtD+gdwyah617jzV/OeBHRnDJELqYzmp ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFWTCCA0GgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJOTzEd -MBsGA1UECgwUQnV5cGFzcyBBUy05ODMxNjMzMjcxIDAeBgNVBAMMF0J1eXBhc3Mg -Q2xhc3MgMiBSb290IENBMB4XDTEwMTAyNjA4MzgwM1oXDTQwMTAyNjA4MzgwM1ow -TjELMAkGA1UEBhMCTk8xHTAbBgNVBAoMFEJ1eXBhc3MgQVMtOTgzMTYzMzI3MSAw -HgYDVQQDDBdCdXlwYXNzIENsYXNzIDIgUm9vdCBDQTCCAiIwDQYJKoZIhvcNAQEB -BQADggIPADCCAgoCggIBANfHXvfBB9R3+0Mh9PT1aeTuMgHbo4Yf5FkNuud1g1Lr -6hxhFUi7HQfKjK6w3Jad6sNgkoaCKHOcVgb/S2TwDCo3SbXlzwx87vFKu3MwZfPV -L4O2fuPn9Z6rYPnT8Z2SdIrkHJasW4DptfQxh6NR/Md+oW+OU3fUl8FVM5I+GC91 -1K2GScuVr1QGbNgGE41b/+EmGVnAJLqBcXmQRFBoJJRfuLMR8SlBYaNByyM21cHx -MlAQTn/0hpPshNOOvEu/XAFOBz3cFIqUCqTqc/sLUegTBxj6DvEr0VQVfTzh97QZ -QmdiXnfgolXsttlpF9U6r0TtSsWe5HonfOV116rLJeffawrbD02TTqigzXsu8lkB -arcNuAeBfos4GzjmCleZPe4h6KP1DBbdi+w0jpwqHAAVF41og9JwnxgIzRFo1clr -Us3ERo/ctfPYV3Me6ZQ5BL/T3jjetFPsaRyifsSP5BtwrfKi+fv3FmRmaZ9JUaLi -FRhnBkp/1Wy1TbMz4GHrXb7pmA8y1x1LPC5aAVKRCfLf6o3YBkBjqhHk/sM3nhRS -P/TizPJhk9H9Z2vXUq6/aKtAQ6BXNVN48FP4YUIHZMbXb5tMOA1jrGKvNouicwoN -9SG9dKpN6nIDSdvHXx1iY8f93ZHsM+71bbRuMGjeyNYmsHVee7QHIJihdjK4TWxP -AgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFMmAd+BikoL1Rpzz -uvdMw964o605MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEAU18h -9bqwOlI5LJKwbADJ784g7wbylp7ppHR/ehb8t/W2+xUbP6umwHJdELFx7rxP462s -A20ucS6vxOOto70MEae0/0qyexAQH6dXQbLArvQsWdZHEIjzIVEpMMpghq9Gqx3t -OluwlN5E40EIosHsHdb9T7bWR9AUC8rmyrV7d35BH16Dx7aMOZawP5aBQW9gkOLo -+fsicdl9sz1Gv7SEr5AcD48Saq/v7h56rgJKihcrdv6sVIkkLE8/trKnToyokZf7 -KcZ7XC25y2a2t6hbElGFtQl+Ynhw/qlqYLYdDnkM/crqJIByw5c/8nerQyIKx+u2 -DISCLIBrQYoIwOula9+ZEsuK1V6ADJHgJgg2SMX6OBE1/yWDLfJ6v9r9jv6ly0Us -H8SIU653DtmadsWOLB2jutXsMq7Aqqz30XpN69QH4kj3Io6wpJ9qzo6ysmD0oyLQ -I+uUWnpp3Q+/QFesa1lQ2aOZ4W7+jQF5JyMV3pKdewlNWudLSDBaGOYKbeaP4NK7 -5t98biGCwWg5TbSYWGZizEqQXsP6JwSxeRV0mcy+rSDeJmAc61ZRpqPq5KM/p/9h -3PFaTWwyI0PurKju7koSCTxdccK+efrCh2gdC/1cacwG0Jp9VJkqyTkaGa9LKkPz -Y11aWOIv4x3kqdbQCtCev9eBCfHJxyYNrJgWVqA= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFWTCCA0GgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJOTzEd -MBsGA1UECgwUQnV5cGFzcyBBUy05ODMxNjMzMjcxIDAeBgNVBAMMF0J1eXBhc3Mg -Q2xhc3MgMyBSb290IENBMB4XDTEwMTAyNjA4Mjg1OFoXDTQwMTAyNjA4Mjg1OFow -TjELMAkGA1UEBhMCTk8xHTAbBgNVBAoMFEJ1eXBhc3MgQVMtOTgzMTYzMzI3MSAw -HgYDVQQDDBdCdXlwYXNzIENsYXNzIDMgUm9vdCBDQTCCAiIwDQYJKoZIhvcNAQEB -BQADggIPADCCAgoCggIBAKXaCpUWUOOV8l6ddjEGMnqb8RB2uACatVI2zSRHsJ8Y -ZLya9vrVediQYkwiL944PdbgqOkcLNt4EemOaFEVcsfzM4fkoF0LXOBXByow9c3E -N3coTRiR5r/VUv1xLXA+58bEiuPwKAv0dpihi4dVsjoT/Lc+JzeOIuOoTyrvYLs9 -tznDDgFHmV0ST9tD+leh7fmdvhFHJlsTmKtdFoqwNxxXnUX/iJY2v7vKB3tvh2PX -0DJq1l1sDPGzbjniazEuOQAnFN44wOwZZoYS6J1yFhNkUsepNxz9gjDthBgd9K5c -/3ATAOux9TN6S9ZV+AWNS2mw9bMoNlwUxFFzTWsL8TQH2xc519woe2v1n/MuwU8X -KhDzzMro6/1rqy6any2CbgTUUgGTLT2G/H783+9CHaZr77kgxve9oKeV/afmiSTY -zIw0bOIjL9kSGiG5VZFvC5F5GQytQIgLcOJ60g7YaEi7ghM5EFjp2CoHxhLbWNvS -O1UQRwUVZ2J+GGOmRj8JDlQyXr8NYnon74Do29lLBlo3WiXQCBJ31G8JUJc9yB3D -34xFMFbG02SrZvPAXpacw8Tvw3xrizp5f7NJzz3iiZ+gMEuFuZyUJHmPfWupRWgP -K9Dx2hzLabjKSWJtyNBjYt1gD1iqj6G8BaVmos8bdrKEZLFMOVLAMLrwjEsCsLa3 -AgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFEe4zf/lb+74suwv -Tg75JbCOPGvDMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEAACAj -QTUEkMJAYmDv4jVM1z+s4jSQuKFvdvoWFqRINyzpkMLyPPgKn9iB5btb2iUspKdV -cSQy9sgL8rxq+JOssgfCX5/bzMiKqr5qb+FJEMwx14C7u8jYog5kV+qi9cKpMRXS -IGrs/CIBKM+GuIAeqcwRpTzyFrNHnfzSgCHEy9BHcEGhyoMZCCxt8l13nIoUE9Q2 -HJLw5QY33KbmkJs4j1xrG0aGQ0JfPgEHU1RdZX33inOhmlRaHylDFCfChQ+1iHsa -O5S3HWCntZznKWlXWpuTekMwGwPXYshApqr8ZORK15FTAaggiG6cX0S5y2CBNOxv -033aSF/rtJC8LakcC6wc1aJoIIAE1vyxjy+7SjENSoYc6+I2KSb12tjE8nVhz36u -dmNKekBlk4f4HoCMhuWG1o8O/FMsYOgWYRqiPkN7zTlgVGr18okmAWiDSKIz6MkE -kbIRNBE+6tBDGR8Dk5AM/1E9V/RBbuHLoL7ryWPNbczk+DaqaJ3tvV2XcEQNtg41 -3OEMXbugUZTLfhbrES+jkkXITHHZvMmZUldGL1DPvTVp9D0VzgalLA8+9oG6lLvD -u79leNKGef9JOxqDDPDeeOzI8k1MGt6CKfjBWtrt7uYnXuhF0J0cUahoq0Tj0Itq -4/g7u9xN12TyUb7mqqta6THuBrxzvxNiCp/HuZc= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFaTCCA1GgAwIBAgIJAJK4iNuwisFjMA0GCSqGSIb3DQEBCwUAMFIxCzAJBgNV -BAYTAlNLMRMwEQYDVQQHEwpCcmF0aXNsYXZhMRMwEQYDVQQKEwpEaXNpZyBhLnMu -MRkwFwYDVQQDExBDQSBEaXNpZyBSb290IFIyMB4XDTEyMDcxOTA5MTUzMFoXDTQy -MDcxOTA5MTUzMFowUjELMAkGA1UEBhMCU0sxEzARBgNVBAcTCkJyYXRpc2xhdmEx -EzARBgNVBAoTCkRpc2lnIGEucy4xGTAXBgNVBAMTEENBIERpc2lnIFJvb3QgUjIw -ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCio8QACdaFXS1tFPbCw3Oe -NcJxVX6B+6tGUODBfEl45qt5WDza/3wcn9iXAng+a0EE6UG9vgMsRfYvZNSrXaNH -PWSb6WiaxswbP7q+sos0Ai6YVRn8jG+qX9pMzk0DIaPY0jSTVpbLTAwAFjxfGs3I -x2ymrdMxp7zo5eFm1tL7A7RBZckQrg4FY8aAamkw/dLukO8NJ9+flXP04SXabBbe -QTg06ov80egEFGEtQX6sx3dOy1FU+16SGBsEWmjGycT6txOgmLcRK7fWV8x8nhfR -yyX+hk4kLlYMeE2eARKmK6cBZW58Yh2EhN/qwGu1pSqVg8NTEQxzHQuyRpDRQjrO -QG6Vrf/GlK1ul4SOfW+eioANSW1z4nuSHsPzwfPrLgVv2RvPN3YEyLRa5Beny912 -H9AZdugsBbPWnDTYltxhh5EF5EQIM8HauQhl1K6yNg3ruji6DOWbnuuNZt2Zz9aJ -QfYEkoopKW1rOhzndX0CcQ7zwOe9yxndnWCywmZgtrEE7snmhrmaZkCo5xHtgUUD -i/ZnWejBBhG93c+AAk9lQHhcR1DIm+YfgXvkRKhbhZri3lrVx/k6RGZL5DJUfORs -nLMOPReisjQS1n6yqEm70XooQL6iFh/f5DcfEXP7kAplQ6INfPgGAVUzfbANuPT1 -rqVCV3w2EYx7XsQDnYx5nQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud -DwEB/wQEAwIBBjAdBgNVHQ4EFgQUtZn4r7CU9eMg1gqtzk5WpC5uQu0wDQYJKoZI -hvcNAQELBQADggIBACYGXnDnZTPIgm7ZnBc6G3pmsgH2eDtpXi/q/075KMOYKmFM -tCQSin1tERT3nLXK5ryeJ45MGcipvXrA1zYObYVybqjGom32+nNjf7xueQgcnYqf -GopTpti72TVVsRHFqQOzVju5hJMiXn7B9hJSi+osZ7z+Nkz1uM/Rs0mSO9MpDpkb -lvdhuDvEK7Z4bLQjb/D907JedR+Zlais9trhxTF7+9FGs9K8Z7RiVLoJ92Owk6Ka -+elSLotgEqv89WBW7xBci8QaQtyDW2QOy7W81k/BfDxujRNt+3vrMNDcTa/F1bal -TFtxyegxvug4BkihGuLq0t4SOVga/4AOgnXmt8kHbA7v/zjxmHHEt38OFdAlab0i -nSvtBfZGR6ztwPDUO+Ls7pZbkBNOHlY667DvlruWIxG68kOGdGSVyCh13x01utI3 -gzhTODY7z2zp+WsO0PsE6E9312UBeIYMej4hYvF/Y3EMyZ9E26gnonW+boE+18Dr -G5gPcFw0sorMwIUY6256s/daoQe/qUKS82Ail+QUoQebTnbAjn39pCXHR+3/H3Os -zMOl6W8KjptlwlCFtaOgUxLMVYdh84GuEEZhvUQhuMI9dM9+JDX6HAcOmz0iyu8x -L4ysEr3vQCj8KWefshNPZiTEUxnpHikV7+ZtsH8tZ/3zbBt1RqPlShfppNcL ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFjTCCA3WgAwIBAgIEGErM1jANBgkqhkiG9w0BAQsFADBWMQswCQYDVQQGEwJD -TjEwMC4GA1UECgwnQ2hpbmEgRmluYW5jaWFsIENlcnRpZmljYXRpb24gQXV0aG9y -aXR5MRUwEwYDVQQDDAxDRkNBIEVWIFJPT1QwHhcNMTIwODA4MDMwNzAxWhcNMjkx -MjMxMDMwNzAxWjBWMQswCQYDVQQGEwJDTjEwMC4GA1UECgwnQ2hpbmEgRmluYW5j -aWFsIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRUwEwYDVQQDDAxDRkNBIEVWIFJP -T1QwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDXXWvNED8fBVnVBU03 -sQ7smCuOFR36k0sXgiFxEFLXUWRwFsJVaU2OFW2fvwwbwuCjZ9YMrM8irq93VCpL -TIpTUnrD7i7es3ElweldPe6hL6P3KjzJIx1qqx2hp/Hz7KDVRM8Vz3IvHWOX6Jn5 -/ZOkVIBMUtRSqy5J35DNuF++P96hyk0g1CXohClTt7GIH//62pCfCqktQT+x8Rgp -7hZZLDRJGqgG16iI0gNyejLi6mhNbiyWZXvKWfry4t3uMCz7zEasxGPrb382KzRz -EpR/38wmnvFyXVBlWY9ps4deMm/DGIq1lY+wejfeWkU7xzbh72fROdOXW3NiGUgt -hxwG+3SYIElz8AXSG7Ggo7cbcNOIabla1jj0Ytwli3i/+Oh+uFzJlU9fpy25IGvP -a931DfSCt/SyZi4QKPaXWnuWFo8BGS1sbn85WAZkgwGDg8NNkt0yxoekN+kWzqot -aK8KgWU6cMGbrU1tVMoqLUuFG7OA5nBFDWteNfB/O7ic5ARwiRIlk9oKmSJgamNg -TnYGmE69g60dWIolhdLHZR4tjsbftsbhf4oEIRUpdPA+nJCdDC7xij5aqgwJHsfV -PKPtl8MeNPo4+QgO48BdK4PRVmrJtqhUUy54Mmc9gn900PvhtgVguXDbjgv5E1hv -cWAQUhC5wUEJ73IfZzF4/5YFjQIDAQABo2MwYTAfBgNVHSMEGDAWgBTj/i39KNAL -tbq2osS/BqoFjJP7LzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAd -BgNVHQ4EFgQU4/4t/SjQC7W6tqLEvwaqBYyT+y8wDQYJKoZIhvcNAQELBQADggIB -ACXGumvrh8vegjmWPfBEp2uEcwPenStPuiB/vHiyz5ewG5zz13ku9Ui20vsXiObT -ej/tUxPQ4i9qecsAIyjmHjdXNYmEwnZPNDatZ8POQQaIxffu2Bq41gt/UP+TqhdL -jOztUmCypAbqTuv0axn96/Ua4CUqmtzHQTb3yHQFhDmVOdYLO6Qn+gjYXB74BGBS -ESgoA//vU2YApUo0FmZ8/Qmkrp5nGm9BC2sGE5uPhnEFtC+NiWYzKXZUmhH4J/qy -P5Hgzg0b8zAarb8iXRvTvyUFTeGSGn+ZnzxEk8rUQElsgIfXBDrDMlI1Dlb4pd19 -xIsNER9Tyx6yF7Zod1rg1MvIB671Oi6ON7fQAUtDKXeMOZePglr4UeWJoBjnaH9d -Ci77o0cOPaYjesYBx4/IXr9tgFa+iiS6M+qf4TIRnvHST4D2G0CvOJ4RUHlzEhLN -5mydLIhyPDCBBpEi6lmt2hkuIsKNuYyH4Ga8cyNfIWRjgEj1oDwYPZTISEEdQLpe -/v5WOaHIz16eGWRGENoXkbcFgKyLmZJ956LYBws2J+dIeWCKw9cTXPhyQN9Ky8+Z -AAoACxGV2lZFA4gKn2fQ1XmxqI1AbQ3CekD6819kR5LLU7m7Wc5P/dAVUwHY3+vZ -5nbv0CO7O6l5s9UCKc2Jo5YPSjXnTkLAdc0Hz+Ys63su ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEHTCCAwWgAwIBAgIQToEtioJl4AsC7j41AkblPTANBgkqhkiG9w0BAQUFADCB -gTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G -A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxJzAlBgNV -BAMTHkNPTU9ETyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNjEyMDEwMDAw -MDBaFw0yOTEyMzEyMzU5NTlaMIGBMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3Jl -YXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFDT01P -RE8gQ0EgTGltaXRlZDEnMCUGA1UEAxMeQ09NT0RPIENlcnRpZmljYXRpb24gQXV0 -aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ECLi3LjkRv3 -UcEbVASY06m/weaKXTuH+7uIzg3jLz8GlvCiKVCZrts7oVewdFFxze1CkU1B/qnI -2GqGd0S7WWaXUF601CxwRM/aN5VCaTwwxHGzUvAhTaHYujl8HJ6jJJ3ygxaYqhZ8 -Q5sVW7euNJH+1GImGEaaP+vB+fGQV+useg2L23IwambV4EajcNxo2f8ESIl33rXp -+2dtQem8Ob0y2WIC8bGoPW43nOIv4tOiJovGuFVDiOEjPqXSJDlqR6sA1KGzqSX+ -DT+nHbrTUcELpNqsOO9VUCQFZUaTNE8tja3G1CEZ0o7KBWFxB3NH5YoZEr0ETc5O -nKVIrLsm9wIDAQABo4GOMIGLMB0GA1UdDgQWBBQLWOWLxkwVN6RAqTCpIb5HNlpW -/zAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBJBgNVHR8EQjBAMD6g -PKA6hjhodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9DZXJ0aWZpY2F0aW9u -QXV0aG9yaXR5LmNybDANBgkqhkiG9w0BAQUFAAOCAQEAPpiem/Yb6dc5t3iuHXIY -SdOH5EOC6z/JqvWote9VfCFSZfnVDeFs9D6Mk3ORLgLETgdxb8CPOGEIqB6BCsAv -IC9Bi5HcSEW88cbeunZrM8gALTFGTO3nnc+IlP8zwFboJIYmuNg4ON8qa90SzMc/ -RxdMosIGlgnW2/4/PEZB31jiVg88O8EckzXZOFKs7sjsLjBOlDW0JB9LeGna8gI4 -zJVSk/BwJVmcIGfE7vmLV2H0knZ9P4SNVbfo5azV8fUZVqZa+5Acr5Pr5RzUZ5dd -BA6+C4OmF4O5MBKgxTMVBbkN+8cFduPYSo38NBejxiEovjBFMR7HeL5YYTisO+IB -ZQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICiTCCAg+gAwIBAgIQH0evqmIAcFBUTAGem2OZKjAKBggqhkjOPQQDAzCBhTEL -MAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE -BxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMT -IkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDgwMzA2MDAw -MDAwWhcNMzgwMTE4MjM1OTU5WjCBhTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdy -ZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09N -T0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlv -biBBdXRob3JpdHkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQDR3svdcmCFYX7deSR -FtSrYpn1PlILBs5BAH+X4QokPB0BBO490o0JlwzgdeT6+3eKKvUDYEs2ixYjFq0J -cfRK9ChQtP6IHG4/bC8vCVlbpVsLM5niwz2J+Wos77LTBumjQjBAMB0GA1UdDgQW -BBR1cacZSBm8nZ3qQUfflMRId5nTeTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/ -BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjEA7wNbeqy3eApyt4jf/7VGFAkK+qDm -fQjGGoe9GKhzvSbKYAydzpmfz1wPMOG+FDHqAjAU9JM8SaczepBGR7NjfRObTrdv -GDeAU/7dIOA1mjbRxwG55tzd8/8dLDoWV9mSOdY= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF2DCCA8CgAwIBAgIQTKr5yttjb+Af907YWwOGnTANBgkqhkiG9w0BAQwFADCB -hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G -A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNV -BAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAwMTE5 -MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBhTELMAkGA1UEBhMCR0IxGzAZBgNVBAgT -EkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR -Q09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNh -dGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCR -6FSS0gpWsawNJN3Fz0RndJkrN6N9I3AAcbxT38T6KhKPS38QVr2fcHK3YX/JSw8X -pz3jsARh7v8Rl8f0hj4K+j5c+ZPmNHrZFGvnnLOFoIJ6dq9xkNfs/Q36nGz637CC -9BR++b7Epi9Pf5l/tfxnQ3K9DADWietrLNPtj5gcFKt+5eNu/Nio5JIk2kNrYrhV -/erBvGy2i/MOjZrkm2xpmfh4SDBF1a3hDTxFYPwyllEnvGfDyi62a+pGx8cgoLEf -Zd5ICLqkTqnyg0Y3hOvozIFIQ2dOciqbXL1MGyiKXCJ7tKuY2e7gUYPDCUZObT6Z -+pUX2nwzV0E8jVHtC7ZcryxjGt9XyD+86V3Em69FmeKjWiS0uqlWPc9vqv9JWL7w -qP/0uK3pN/u6uPQLOvnoQ0IeidiEyxPx2bvhiWC4jChWrBQdnArncevPDt09qZah -SL0896+1DSJMwBGB7FY79tOi4lu3sgQiUpWAk2nojkxl8ZEDLXB0AuqLZxUpaVIC -u9ffUGpVRr+goyhhf3DQw6KqLCGqR84onAZFdr+CGCe01a60y1Dma/RMhnEw6abf -Fobg2P9A3fvQQoh/ozM6LlweQRGBY84YcWsr7KaKtzFcOmpH4MN5WdYgGq/yapiq -crxXStJLnbsQ/LBMQeXtHT1eKJ2czL+zUdqnR+WEUwIDAQABo0IwQDAdBgNVHQ4E -FgQUu69+Aj36pvE8hI6t7jiY7NkyMtQwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB -/wQFMAMBAf8wDQYJKoZIhvcNAQEMBQADggIBAArx1UaEt65Ru2yyTUEUAJNMnMvl -wFTPoCWOAvn9sKIN9SCYPBMtrFaisNZ+EZLpLrqeLppysb0ZRGxhNaKatBYSaVqM -4dc+pBroLwP0rmEdEBsqpIt6xf4FpuHA1sj+nq6PK7o9mfjYcwlYRm6mnPTXJ9OV -2jeDchzTc+CiR5kDOF3VSXkAKRzH7JsgHAckaVd4sjn8OoSgtZx8jb8uk2Intzna -FxiuvTwJaP+EmzzV1gsD41eeFPfR60/IvYcjt7ZJQ3mFXLrrkguhxuhoqEwWsRqZ -CuhTLJK7oQkYdQxlqHvLI7cawiiFwxv/0Cti76R7CZGYZ4wUAc1oBmpjIXUDgIiK -boHGhfKppC3n9KUkEEeDys30jXlYsQab5xoq2Z0B15R97QNKyvDb6KkBPvVWmcke -jkk9u+UJueBPSZI9FoJAzMxZxuY67RIuaTxslbH9qh17f4a+Hg4yRvv7E491f0yL -S0Zj/gA0QHDBw7mh3aZw4gSzQbzpgJHqZJx64SIDqZxubw5lT2yHh17zbqD5daWb -QOhTsiedSrnAdyGN/4fy3ryM7xfft0kL0fJuMAsaDk527RH89elWsn2/x20Kk4yl -0MC2Hb46TpSi125sC8KKfPog88Tk5c0NqMuRkrF8hey1FGlmDoLnzc7ILaZRfyHB -NVOFBkpdn627G190 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEvTCCA6WgAwIBAgIBADANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJFVTEn -MCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQL -ExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEiMCAGA1UEAxMZQ2hhbWJlcnMg -b2YgQ29tbWVyY2UgUm9vdDAeFw0wMzA5MzAxNjEzNDNaFw0zNzA5MzAxNjEzNDRa -MH8xCzAJBgNVBAYTAkVVMScwJQYDVQQKEx5BQyBDYW1lcmZpcm1hIFNBIENJRiBB -ODI3NDMyODcxIzAhBgNVBAsTGmh0dHA6Ly93d3cuY2hhbWJlcnNpZ24ub3JnMSIw -IAYDVQQDExlDaGFtYmVycyBvZiBDb21tZXJjZSBSb290MIIBIDANBgkqhkiG9w0B -AQEFAAOCAQ0AMIIBCAKCAQEAtzZV5aVdGDDg2olUkfzIx1L4L1DZ77F1c2VHfRtb -unXF/KGIJPov7coISjlUxFF6tdpg6jg8gbLL8bvZkSM/SAFwdakFKq0fcfPJVD0d -BmpAPrMMhe5cG3nCYsS4No41XQEMIwRHNaqbYE6gZj3LJgqcQKH0XZi/caulAGgq -7YN6D6IUtdQis4CwPAxaUWktWBiP7Zme8a7ileb2R6jWDA+wWFjbw2Y3npuRVDM3 -0pQcakjJyfKl2qUMI/cjDpwyVV5xnIQFUZot/eZOKjRa3spAN2cMVCFVd9oKDMyX -roDclDZK9D7ONhMeU+SsTjoF7Nuucpw4i9A5O4kKPnf+dQIBA6OCAUQwggFAMBIG -A1UdEwEB/wQIMAYBAf8CAQwwPAYDVR0fBDUwMzAxoC+gLYYraHR0cDovL2NybC5j -aGFtYmVyc2lnbi5vcmcvY2hhbWJlcnNyb290LmNybDAdBgNVHQ4EFgQU45T1sU3p -26EpW1eLTXYGduHRooowDgYDVR0PAQH/BAQDAgEGMBEGCWCGSAGG+EIBAQQEAwIA -BzAnBgNVHREEIDAegRxjaGFtYmVyc3Jvb3RAY2hhbWJlcnNpZ24ub3JnMCcGA1Ud -EgQgMB6BHGNoYW1iZXJzcm9vdEBjaGFtYmVyc2lnbi5vcmcwWAYDVR0gBFEwTzBN -BgsrBgEEAYGHLgoDATA+MDwGCCsGAQUFBwIBFjBodHRwOi8vY3BzLmNoYW1iZXJz -aWduLm9yZy9jcHMvY2hhbWJlcnNyb290Lmh0bWwwDQYJKoZIhvcNAQEFBQADggEB -AAxBl8IahsAifJ/7kPMa0QOx7xP5IV8EnNrJpY0nbJaHkb5BkAFyk+cefV/2icZd -p0AJPaxJRUXcLo0waLIJuvvDL8y6C98/d3tGfToSJI6WjzwFCm/SlCgdbQzALogi -1djPHRPH8EjX1wWnz8dHnjs8NMiAT9QUu/wNUPf6s+xCX6ndbcj0dc97wXImsQEc -XCz9ek60AcUFV7nnPKoF2YjpB0ZBzu9Bga5Y34OirsrXdx/nADydb47kMgkdTXg0 -eDQ8lJsm7U9xxhl6vSAiSFr+S30Dt+dYvsYyTnQeaN2oaFuzPu5ifdmA6Ap1erfu -tGWaIZDgqtCYvDi1czyL+Nw= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIExTCCA62gAwIBAgIBADANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJFVTEn -MCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQL -ExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEgMB4GA1UEAxMXR2xvYmFsIENo -YW1iZXJzaWduIFJvb3QwHhcNMDMwOTMwMTYxNDE4WhcNMzcwOTMwMTYxNDE4WjB9 -MQswCQYDVQQGEwJFVTEnMCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgy -NzQzMjg3MSMwIQYDVQQLExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEgMB4G -A1UEAxMXR2xvYmFsIENoYW1iZXJzaWduIFJvb3QwggEgMA0GCSqGSIb3DQEBAQUA -A4IBDQAwggEIAoIBAQCicKLQn0KuWxfH2H3PFIP8T8mhtxOviteePgQKkotgVvq0 -Mi+ITaFgCPS3CU6gSS9J1tPfnZdan5QEcOw/Wdm3zGaLmFIoCQLfxS+EjXqXd7/s -QJ0lcqu1PzKY+7e3/HKE5TWH+VX6ox8Oby4o3Wmg2UIQxvi1RMLQQ3/bvOSiPGpV -eAp3qdjqGTK3L/5cPxvusZjsyq16aUXjlg9V9ubtdepl6DJWk0aJqCWKZQbua795 -B9Dxt6/tLE2Su8CoX6dnfQTyFQhwrJLWfQTSM/tMtgsL+xrJxI0DqX5c8lCrEqWh -z0hQpe/SyBoT+rB/sYIcd2oPX9wLlY/vQ37mRQklAgEDo4IBUDCCAUwwEgYDVR0T -AQH/BAgwBgEB/wIBDDA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vY3JsLmNoYW1i -ZXJzaWduLm9yZy9jaGFtYmVyc2lnbnJvb3QuY3JsMB0GA1UdDgQWBBRDnDafsJ4w -TcbOX60Qq+UDpfqpFDAOBgNVHQ8BAf8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgAH -MCoGA1UdEQQjMCGBH2NoYW1iZXJzaWducm9vdEBjaGFtYmVyc2lnbi5vcmcwKgYD -VR0SBCMwIYEfY2hhbWJlcnNpZ25yb290QGNoYW1iZXJzaWduLm9yZzBbBgNVHSAE -VDBSMFAGCysGAQQBgYcuCgEBMEEwPwYIKwYBBQUHAgEWM2h0dHA6Ly9jcHMuY2hh -bWJlcnNpZ24ub3JnL2Nwcy9jaGFtYmVyc2lnbnJvb3QuaHRtbDANBgkqhkiG9w0B -AQUFAAOCAQEAPDtwkfkEVCeR4e3t/mh/YV3lQWVPMvEYBZRqHN4fcNs+ezICNLUM -bKGKfKX0j//U2K0X1S0E0T9YgOKBWYi+wONGkyT+kL0mojAt6JcmVzWJdJYY9hXi -ryQZVgICsroPFOrGimbBhkVVi76SvpykBMdJPJ7oKXqJ1/6v/2j1pReQvayZzKWG -VwlnRtvWFsJG8eSpUPWP0ZIV018+xgBJOm5YstHRJw0lyDL4IBHNfTIzSJRUTN3c -ecQwn+uOuFW114hcxWokPbLTBQNRxgfvzBRydD1ucs4YKIxKoHflCStFREest2d/ -AYoFWpO+ocH/+OcOZ6RHSXZddZAa9SaP8A== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDqDCCApCgAwIBAgIJAP7c4wEPyUj/MA0GCSqGSIb3DQEBBQUAMDQxCzAJBgNV -BAYTAkZSMRIwEAYDVQQKDAlEaGlteW90aXMxETAPBgNVBAMMCENlcnRpZ25hMB4X -DTA3MDYyOTE1MTMwNVoXDTI3MDYyOTE1MTMwNVowNDELMAkGA1UEBhMCRlIxEjAQ -BgNVBAoMCURoaW15b3RpczERMA8GA1UEAwwIQ2VydGlnbmEwggEiMA0GCSqGSIb3 -DQEBAQUAA4IBDwAwggEKAoIBAQDIaPHJ1tazNHUmgh7stL7qXOEm7RFHYeGifBZ4 -QCHkYJ5ayGPhxLGWkv8YbWkj4Sti993iNi+RB7lIzw7sebYs5zRLcAglozyHGxny -gQcPOJAZ0xH+hrTy0V4eHpbNgGzOOzGTtvKg0KmVEn2lmsxryIRWijOp5yIVUxbw -zBfsV1/pogqYCd7jX5xv3EjjhQsVWqa6n6xI4wmy9/Qy3l40vhx4XUJbzg4ij02Q -130yGLMLLGq/jj8UEYkgDncUtT2UCIf3JR7VsmAA7G8qKCVuKj4YYxclPz5EIBb2 -JsglrgVKtOdjLPOMFlN+XPsRGgjBRmKfIrjxwo1p3Po6WAbfAgMBAAGjgbwwgbkw -DwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUGu3+QTmQtCRZvgHyUtVF9lo53BEw -ZAYDVR0jBF0wW4AUGu3+QTmQtCRZvgHyUtVF9lo53BGhOKQ2MDQxCzAJBgNVBAYT -AkZSMRIwEAYDVQQKDAlEaGlteW90aXMxETAPBgNVBAMMCENlcnRpZ25hggkA/tzj -AQ/JSP8wDgYDVR0PAQH/BAQDAgEGMBEGCWCGSAGG+EIBAQQEAwIABzANBgkqhkiG -9w0BAQUFAAOCAQEAhQMeknH2Qq/ho2Ge6/PAD/Kl1NqV5ta+aDY9fm4fTIrv0Q8h -bV6lUmPOEvjvKtpv6zf+EwLHyzs+ImvaYS5/1HI93TDhHkxAGYwP15zRgzB7mFnc -fca5DClMoTOi62c6ZYTTluLtdkVwj7Ur3vkj1kluPBS1xp81HlDQwY9qcEQCYsuu -HWhBp6pX6FOqB9IG9tUUBguRA3UsbHK1YZWaDYu5Def131TN3ubY1gkIl2PlwS6w -t0QmwCbAr1UwnjvVNioZBPRcHv/PLLf/0P2HQBHVESO7SMAhqaQoLf0V+LBOK/Qw -WyH8EZE0vkHve52Xdf+XlcCWWC/qu0bXu+TZLg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFkjCCA3qgAwIBAgIBATANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJGUjET -MBEGA1UEChMKQ2VydGlub21pczEXMBUGA1UECxMOMDAwMiA0MzM5OTg5MDMxHTAb -BgNVBAMTFENlcnRpbm9taXMgLSBSb290IENBMB4XDTEzMTAyMTA5MTcxOFoXDTMz -MTAyMTA5MTcxOFowWjELMAkGA1UEBhMCRlIxEzARBgNVBAoTCkNlcnRpbm9taXMx -FzAVBgNVBAsTDjAwMDIgNDMzOTk4OTAzMR0wGwYDVQQDExRDZXJ0aW5vbWlzIC0g -Um9vdCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANTMCQosP5L2 -fxSeC5yaah1AMGT9qt8OHgZbn1CF6s2Nq0Nn3rD6foCWnoR4kkjW4znuzuRZWJfl -LieY6pOod5tK8O90gC3rMB+12ceAnGInkYjwSond3IjmFPnVAy//ldu9n+ws+hQV -WZUKxkd8aRi5pwP5ynapz8dvtF4F/u7BUrJ1Mofs7SlmO/NKFoL21prbcpjp3vDF -TKWrteoB4owuZH9kb/2jJZOLyKIOSY008B/sWEUuNKqEUL3nskoTuLAPrjhdsKkb -5nPJWqHZZkCqqU2mNAKthH6yI8H7KsZn9DS2sJVqM09xRLWtwHkziOC/7aOgFLSc -CbAK42C++PhmiM1b8XcF4LVzbsF9Ri6OSyemzTUK/eVNfaoqoynHWmgE6OXWk6Ri -wsXm9E/G+Z8ajYJJGYrKWUM66A0ywfRMEwNvbqY/kXPLynNvEiCL7sCCeN5LLsJJ -wx3tFvYk9CcbXFcx3FXuqB5vbKziRcxXV4p1VxngtViZSTYxPDMBbRZKzbgqg4SG -m/lg0h9tkQPTYKbVPZrdd5A9NaSfD171UkRpucC63M9933zZxKyGIjK8e2uR73r4 -F2iw4lNVYC2vPsKD2NkJK/DAZNuHi5HMkesE/Xa0lZrmFAYb1TQdvtj/dBxThZng -WVJKYe2InmtJiUZ+IFrZ50rlau7SZRFDAgMBAAGjYzBhMA4GA1UdDwEB/wQEAwIB -BjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTvkUz1pcMw6C8I6tNxIqSSaHh0 -2TAfBgNVHSMEGDAWgBTvkUz1pcMw6C8I6tNxIqSSaHh02TANBgkqhkiG9w0BAQsF -AAOCAgEAfj1U2iJdGlg+O1QnurrMyOMaauo++RLrVl89UM7g6kgmJs95Vn6RHJk/ -0KGRHCwPT5iVWVO90CLYiF2cN/z7ZMF4jIuaYAnq1fohX9B0ZedQxb8uuQsLrbWw -F6YSjNRieOpWauwK0kDDPAUwPk2Ut59KA9N9J0u2/kTO+hkzGm2kQtHdzMjI1xZS -g081lLMSVX3l4kLr5JyTCcBMWwerx20RoFAXlCOotQqSD7J6wWAsOMwaplv/8gzj -qh8c3LigkyfeY+N/IZ865Z764BNqdeuWXGKRlI5nU7aJ+BIJy29SWwNyhlCVCNSN -h4YVH5Uk2KRvms6knZtt0rJ2BobGVgjF6wnaNsIbW0G+YSrjcOa4pvi2WsS9Iff/ -ql+hbHY5ZtbqTFXhADObE5hjyW/QASAJN1LnDE8+zbz1X5YnpyACleAu6AdBBR8V -btaw5BngDwKTACdyxYvRVB9dSsNAl35VpnzBMwQUAR1JIGkLGZOdblgi90AMRgwj -Y/M50n92Uaf0yKHxDHYiI0ZSKS3io0EHVmmY0gUJvGnHWmHNj4FgFU2A3ZDifcRQ -8ow7bkrHxuaAKzyBvBGAFhAn1/DNP3nMcyrDflOR1m749fPH0FFNjkulW+YZFzvW -gQncItzujrnEj1PhZ7szuIgVRs/taTX/dQ1G885x4cVrhkIGuUE= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDkjCCAnqgAwIBAgIRAIW9S/PY2uNp9pTXX8OlRCMwDQYJKoZIhvcNAQEFBQAw -PTELMAkGA1UEBhMCRlIxETAPBgNVBAoTCENlcnRwbHVzMRswGQYDVQQDExJDbGFz -cyAyIFByaW1hcnkgQ0EwHhcNOTkwNzA3MTcwNTAwWhcNMTkwNzA2MjM1OTU5WjA9 -MQswCQYDVQQGEwJGUjERMA8GA1UEChMIQ2VydHBsdXMxGzAZBgNVBAMTEkNsYXNz -IDIgUHJpbWFyeSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANxQ -ltAS+DXSCHh6tlJw/W/uz7kRy1134ezpfgSN1sxvc0NXYKwzCkTsA18cgCSR5aiR -VhKC9+Ar9NuuYS6JEI1rbLqzAr3VNsVINyPi8Fo3UjMXEuLRYE2+L0ER4/YXJQyL -kcAbmXuZVg2v7tK8R1fjeUl7NIknJITesezpWE7+Tt9avkGtrAjFGA7v0lPubNCd -EgETjdyAYveVqUSISnFOYFWe2yMZeVYHDD9jC1yw4r5+FfyUM1hBOHTE4Y+L3yas -H7WLO7dDWWuwJKZtkIvEcupdM5i3y95ee++U8Rs+yskhwcWYAqqi9lt3m/V+llU0 -HGdpwPFC40es/CgcZlUCAwEAAaOBjDCBiTAPBgNVHRMECDAGAQH/AgEKMAsGA1Ud -DwQEAwIBBjAdBgNVHQ4EFgQU43Mt38sOKAze3bOkynm4jrvoMIkwEQYJYIZIAYb4 -QgEBBAQDAgEGMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly93d3cuY2VydHBsdXMu -Y29tL0NSTC9jbGFzczIuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQCnVM+IRBnL39R/ -AN9WM2K191EBkOvDP9GIROkkXe/nFL0gt5o8AP5tn9uQ3Nf0YtaLcF3n5QRIqWh8 -yfFC82x/xXp8HVGIutIKPidd3i1RTtMTZGnkLuPT55sJmabglZvOGtd/vjzOUrMR -FcEPF80Du5wlFbqidon8BvEY0JNLDnyCt6X09l/+7UCmnYR0ObncHoUW2ikbhiMA -ybuJfm6AiB4vFLQDJKgybwOaRywwvlbGp0ICcBvqQNi6BQNwB6SW//1IMwrh3KWB -kJtN3X3n57LNXMhqlfil9o3EXXgIvnsG1knPGTZQIy4I5p4FTUcY1Rbpsda2ENW7 -l7+ijrRU ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFazCCA1OgAwIBAgISESBVg+QtPlRWhS2DN7cs3EYRMA0GCSqGSIb3DQEBDQUA -MD4xCzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2Vy -dHBsdXMgUm9vdCBDQSBHMTAeFw0xNDA1MjYwMDAwMDBaFw0zODAxMTUwMDAwMDBa -MD4xCzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2Vy -dHBsdXMgUm9vdCBDQSBHMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB -ANpQh7bauKk+nWT6VjOaVj0W5QOVsjQcmm1iBdTYj+eJZJ+622SLZOZ5KmHNr49a -iZFluVj8tANfkT8tEBXgfs+8/H9DZ6itXjYj2JizTfNDnjl8KvzsiNWI7nC9hRYt -6kuJPKNxQv4c/dMcLRC4hlTqQ7jbxofaqK6AJc96Jh2qkbBIb6613p7Y1/oA/caP -0FG7Yn2ksYyy/yARujVjBYZHYEMzkPZHogNPlk2dT8Hq6pyi/jQu3rfKG3akt62f -6ajUeD94/vI4CTYd0hYCyOwqaK/1jpTvLRN6HkJKHRUxrgwEV/xhc/MxVoYxgKDE -EW4wduOU8F8ExKyHcomYxZ3MVwia9Az8fXoFOvpHgDm2z4QTd28n6v+WZxcIbekN -1iNQMLAVdBM+5S//Ds3EC0pd8NgAM0lm66EYfFkuPSi5YXHLtaW6uOrc4nBvCGrc -h2c0798wct3zyT8j/zXhviEpIDCB5BmlIOklynMxdCm+4kLV87ImZsdo/Rmz5yCT -mehd4F6H50boJZwKKSTUzViGUkAksnsPmBIgJPaQbEfIDbsYIC7Z/fyL8inqh3SV -4EJQeIQEQWGw9CEjjy3LKCHyamz0GqbFFLQ3ZU+V/YDI+HLlJWvEYLF7bY5KinPO -WftwenMGE9nTdDckQQoRb5fc5+R+ob0V8rqHDz1oihYHAgMBAAGjYzBhMA4GA1Ud -DwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSowcCbkahDFXxd -Bie0KlHYlwuBsTAfBgNVHSMEGDAWgBSowcCbkahDFXxdBie0KlHYlwuBsTANBgkq -hkiG9w0BAQ0FAAOCAgEAnFZvAX7RvUz1isbwJh/k4DgYzDLDKTudQSk0YcbX8ACh -66Ryj5QXvBMsdbRX7gp8CXrc1cqh0DQT+Hern+X+2B50ioUHj3/MeXrKls3N/U/7 -/SMNkPX0XtPGYX2eEeAC7gkE2Qfdpoq3DIMku4NQkv5gdRE+2J2winq14J2by5BS -S7CTKtQ+FjPlnsZlFT5kOwQ/2wyPX1wdaR+v8+khjPPvl/aatxm2hHSco1S1cE5j -2FddUyGbQJJD+tZ3VTNPZNX70Cxqjm0lpu+F6ALEUz65noe8zDUa3qHpimOHZR4R -Kttjd5cUvpoUmRGywO6wT/gUITJDT5+rosuoD6o7BlXGEilXCNQ314cnrUlZp5Gr -RHpejXDbl85IULFzk/bwg2D5zfHhMf1bfHEhYxQUqq/F3pN+aLHsIqKqkHWetUNy -6mSjhEv9DKgma3GX7lZjZuhCVPnHHd/Qj1vfyDBviP4NxDMcU6ij/UgQ8uQKTuEV -V/xuZDDCVRHc6qnNSlSsKWNEz0pAoNZoWRsz+e86i9sgktxChL8Bq4fA1SCC28a5 -g4VCXA9DO2pJNdWY9BW/+mGBDAkgGNLQFwzLSABQ6XaCjGTXOqAHVcweMcDvOrRl -++O/QmueD6i9a5jc2NvLi6Td11n0bt3+qsOR0C5CB8AMTVPNJLFMWx5R9N/pkvo= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICHDCCAaKgAwIBAgISESDZkc6uo+jF5//pAq/Pc7xVMAoGCCqGSM49BAMDMD4x -CzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2VydHBs -dXMgUm9vdCBDQSBHMjAeFw0xNDA1MjYwMDAwMDBaFw0zODAxMTUwMDAwMDBaMD4x -CzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2VydHBs -dXMgUm9vdCBDQSBHMjB2MBAGByqGSM49AgEGBSuBBAAiA2IABM0PW1aC3/BFGtat -93nwHcmsltaeTpwftEIRyoa/bfuFo8XlGVzX7qY/aWfYeOKmycTbLXku54uNAm8x -Ik0G42ByRZ0OQneezs/lf4WbGOT8zC5y0xaTTsqZY1yhBSpsBqNjMGEwDgYDVR0P -AQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNqDYwJ5jtpMxjwj -FNiPwyCrKGBZMB8GA1UdIwQYMBaAFNqDYwJ5jtpMxjwjFNiPwyCrKGBZMAoGCCqG -SM49BAMDA2gAMGUCMHD+sAvZ94OX7PNVHdTcswYO/jOYnYs5kGuUIe22113WTNch -p+e/IQ8rzfcq3IUHnQIxAIYUFuXcsGXCwI4Un78kFmjlvPl5adytRSv3tjFzzAal -U5ORGpOucGpnutee5WEaXw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDDDCCAfSgAwIBAgIDAQAgMA0GCSqGSIb3DQEBBQUAMD4xCzAJBgNVBAYTAlBM -MRswGQYDVQQKExJVbml6ZXRvIFNwLiB6IG8uby4xEjAQBgNVBAMTCUNlcnR1bSBD -QTAeFw0wMjA2MTExMDQ2MzlaFw0yNzA2MTExMDQ2MzlaMD4xCzAJBgNVBAYTAlBM -MRswGQYDVQQKExJVbml6ZXRvIFNwLiB6IG8uby4xEjAQBgNVBAMTCUNlcnR1bSBD -QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM6xwS7TT3zNJc4YPk/E -jG+AanPIW1H4m9LcuwBcsaD8dQPugfCI7iNS6eYVM42sLQnFdvkrOYCJ5JdLkKWo -ePhzQ3ukYbDYWMzhbGZ+nPMJXlVjhNWo7/OxLjBos8Q82KxujZlakE403Daaj4GI -ULdtlkIJ89eVgw1BS7Bqa/j8D35in2fE7SZfECYPCE/wpFcozo+47UX2bu4lXapu -Ob7kky/ZR6By6/qmW6/KUz/iDsaWVhFu9+lmqSbYf5VT7QqFiLpPKaVCjF62/IUg -AKpoC6EahQGcxEZjgoi2IrHu/qpGWX7PNSzVttpd90gzFFS269lvzs2I1qsb2pY7 -HVkCAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEA -uI3O7+cUus/usESSbLQ5PqKEbq24IXfS1HeCh+YgQYHu4vgRt2PRFze+GXYkHAQa -TOs9qmdvLdTN/mUxcMUbpgIKumB7bVjCmkn+YzILa+M6wKyrO7Do0wlRjBCDxjTg -xSvgGrZgFCdsMneMvLJymM/NzD+5yCRCFNZX/OYmQ6kd5YCQzgNUKD73P9P4Te1q -CjqTE5s7FCMTY5w/0YcneeVMUeMBrYVdGjux1XMQpNPyvG5k9VpWkKjHDkx0Dy5x -O/fIR/RpbxXyEV6DHpx8Uq79AtoSqFlnGNu8cN2bsWntgM6JQEhqDjXKKWYVIZQs -6GAqm4VKQPNriiTsBhYscw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDuzCCAqOgAwIBAgIDBETAMA0GCSqGSIb3DQEBBQUAMH4xCzAJBgNVBAYTAlBM -MSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2llcyBTLkEuMScwJQYDVQQLEx5D -ZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxIjAgBgNVBAMTGUNlcnR1bSBU -cnVzdGVkIE5ldHdvcmsgQ0EwHhcNMDgxMDIyMTIwNzM3WhcNMjkxMjMxMTIwNzM3 -WjB+MQswCQYDVQQGEwJQTDEiMCAGA1UEChMZVW5pemV0byBUZWNobm9sb2dpZXMg -Uy5BLjEnMCUGA1UECxMeQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MSIw -IAYDVQQDExlDZXJ0dW0gVHJ1c3RlZCBOZXR3b3JrIENBMIIBIjANBgkqhkiG9w0B -AQEFAAOCAQ8AMIIBCgKCAQEA4/t9o3K6wvDJFIf1awFO4W5AB7ptJ11/91sts1rH -UV+rpDKmYYe2bg+G0jACl/jXaVehGDldamR5xgFZrDwxSjh80gTSSyjoIF87B6LM -TXPb865Px1bVWqeWifrzq2jUI4ZZJ88JJ7ysbnKDHDBy3+Ci6dLhdHUZvSqeexVU -BBvXQzmtVSjF4hq79MDkrjhJM8x2hZ85RdKknvISjFH4fOQtf/WsX+sWn7Et0brM -kUJ3TCXJkDhv2/DM+44el1k+1WBO5gUo7Ul5E0u6SNsv+XLTOcr+H9g0cvW0QM8x -AcPs3hEtF10fuFDRXhmnad4HMyjKUJX5p1TLVIZQRan5SQIDAQABo0IwQDAPBgNV -HRMBAf8EBTADAQH/MB0GA1UdDgQWBBQIds3LB/8k9sXN7buQvOKEN0Z19zAOBgNV -HQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQEFBQADggEBAKaorSLOAT2mo/9i0Eidi15y -sHhE49wcrwn9I0j6vSrEuVUEtRCjjSfeC4Jj0O7eDDd5QVsisrCaQVymcODU0HfL -I9MA4GxWL+FpDQ3Zqr8hgVDZBqWo/5U30Kr+4rP1mS1FhIrlQgnXdAIv94nYmem8 -J9RHjboNRhx3zxSkHLmkMcScKHQDNP8zGSal6Q10tz6XxnboJ5ajZt3hrvJBW8qY -VoNzcOSGGtIxQbovvi0TWnZvTuhOgQ4/WwMioBK+ZlgRSssDxLQqKi2WF+A5VLxI -03YnnZotBqbJ7DnSq9ufmgsnAjUpsUCV5/nonFWIGUbWtzT1fs45mtk48VH3Tyw= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF0jCCA7qgAwIBAgIQIdbQSk8lD8kyN/yqXhKN6TANBgkqhkiG9w0BAQ0FADCB -gDELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMu -QS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEkMCIG -A1UEAxMbQ2VydHVtIFRydXN0ZWQgTmV0d29yayBDQSAyMCIYDzIwMTExMDA2MDgz -OTU2WhgPMjA0NjEwMDYwODM5NTZaMIGAMQswCQYDVQQGEwJQTDEiMCAGA1UEChMZ -VW5pemV0byBUZWNobm9sb2dpZXMgUy5BLjEnMCUGA1UECxMeQ2VydHVtIENlcnRp -ZmljYXRpb24gQXV0aG9yaXR5MSQwIgYDVQQDExtDZXJ0dW0gVHJ1c3RlZCBOZXR3 -b3JrIENBIDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC9+Xj45tWA -DGSdhhuWZGc/IjoedQF97/tcZ4zJzFxrqZHmuULlIEub2pt7uZld2ZuAS9eEQCsn -0+i6MLs+CRqnSZXvK0AkwpfHp+6bJe+oCgCXhVqqndwpyeI1B+twTUrWwbNWuKFB -OJvR+zF/j+Bf4bE/D44WSWDXBo0Y+aomEKsq09DRZ40bRr5HMNUuctHFY9rnY3lE -fktjJImGLjQ/KUxSiyqnwOKRKIm5wFv5HdnnJ63/mgKXwcZQkpsCLL2puTRZCr+E -Sv/f/rOf69me4Jgj7KZrdxYq28ytOxykh9xGc14ZYmhFV+SQgkK7QtbwYeDBoz1m -o130GO6IyY0XRSmZMnUCMe4pJshrAua1YkV/NxVaI2iJ1D7eTiew8EAMvE0Xy02i -sx7QBlrd9pPPV3WZ9fqGGmd4s7+W/jTcvedSVuWz5XV710GRBdxdaeOVDUO5/IOW -OZV7bIBaTxNyxtd9KXpEulKkKtVBRgkg/iKgtlswjbyJDNXXcPiHUv3a76xRLgez -Tv7QCdpw75j6VuZt27VXS9zlLCUVyJ4ueE742pyehizKV/Ma5ciSixqClnrDvFAS -adgOWkaLOusm+iPJtrCBvkIApPjW/jAux9JG9uWOdf3yzLnQh1vMBhBgu4M1t15n -3kfsmUjxpKEV/q2MYo45VU85FrmxY53/twIDAQABo0IwQDAPBgNVHRMBAf8EBTAD -AQH/MB0GA1UdDgQWBBS2oVQ5AsOgP46KvPrU+Bym0ToO/TAOBgNVHQ8BAf8EBAMC -AQYwDQYJKoZIhvcNAQENBQADggIBAHGlDs7k6b8/ONWJWsQCYftMxRQXLYtPU2sQ -F/xlhMcQSZDe28cmk4gmb3DWAl45oPePq5a1pRNcgRRtDoGCERuKTsZPpd1iHkTf -CVn0W3cLN+mLIMb4Ck4uWBzrM9DPhmDJ2vuAL55MYIR4PSFk1vtBHxgP58l1cb29 -XN40hz5BsA72udY/CROWFC/emh1auVbONTqwX3BNXuMp8SMoclm2q8KMZiYcdywm -djWLKKdpoPk79SPdhRB0yZADVpHnr7pH1BKXESLjokmUbOe3lEu6LaTaM4tMpkT/ -WjzGHWTYtTHkpjx6qFcL2+1hGsvxznN3Y6SHb0xRONbkX8eftoEq5IVIeVheO/jb -AoJnwTnbw3RLPTYe+SmTiGhbqEQZIfCn6IENLOiTNrQ3ssqwGyZ6miUfmpqAnksq -P/ujmv5zMnHCnsZy4YpoJ/HkD7TETKVhk/iXEAcqMCWpuchxuO9ozC1+9eB+D4Ko -b7a6bINDd82Kkhehnlt4Fj1F4jNy3eFmypnTycUm/Q1oBEauttmbjL4ZvrHG8hnj -XALKLNhvSgfZyTXaQHXyxKcZb55CEJh15pWLYLztxRLXis7VmFxWlgPF7ncGNf/P -5O4/E2Hu29othfDNrp2yGAlFw5Khchf8R7agCyzxxN5DaAhqXzvwdmP7zAYspsbi -DrW5viSP ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIHTzCCBTegAwIBAgIJAKPaQn6ksa7aMA0GCSqGSIb3DQEBBQUAMIGuMQswCQYD -VQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0 -IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAGA1UEBRMJQTgyNzQzMjg3 -MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xKTAnBgNVBAMTIENoYW1iZXJz -IG9mIENvbW1lcmNlIFJvb3QgLSAyMDA4MB4XDTA4MDgwMTEyMjk1MFoXDTM4MDcz -MTEyMjk1MFowga4xCzAJBgNVBAYTAkVVMUMwQQYDVQQHEzpNYWRyaWQgKHNlZSBj -dXJyZW50IGFkZHJlc3MgYXQgd3d3LmNhbWVyZmlybWEuY29tL2FkZHJlc3MpMRIw -EAYDVQQFEwlBODI3NDMyODcxGzAZBgNVBAoTEkFDIENhbWVyZmlybWEgUy5BLjEp -MCcGA1UEAxMgQ2hhbWJlcnMgb2YgQ29tbWVyY2UgUm9vdCAtIDIwMDgwggIiMA0G -CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCvAMtwNyuAWko6bHiUfaN/Gh/2NdW9 -28sNRHI+JrKQUrpjOyhYb6WzbZSm891kDFX29ufyIiKAXuFixrYp4YFs8r/lfTJq -VKAyGVn+H4vXPWCGhSRv4xGzdz4gljUha7MI2XAuZPeEklPWDrCQiorjh40G072Q -DuKZoRuGDtqaCrsLYVAGUvGef3bsyw/QHg3PmTA9HMRFEFis1tPo1+XqxQEHd9ZR -5gN/ikilTWh1uem8nk4ZcfUyS5xtYBkL+8ydddy/Js2Pk3g5eXNeJQ7KXOt3EgfL -ZEFHcpOrUMPrCXZkNNI5t3YRCQ12RcSprj1qr7V9ZS+UWBDsXHyvfuK2GNnQm05a -Sd+pZgvMPMZ4fKecHePOjlO+Bd5gD2vlGts/4+EhySnB8esHnFIbAURRPHsl18Tl -UlRdJQfKFiC4reRB7noI/plvg6aRArBsNlVq5331lubKgdaX8ZSD6e2wsWsSaR6s -+12pxZjptFtYer49okQ6Y1nUCyXeG0+95QGezdIp1Z8XGQpvvwyQ0wlf2eOKNcx5 -Wk0ZN5K3xMGtr/R5JJqyAQuxr1yW84Ay+1w9mPGgP0revq+ULtlVmhduYJ1jbLhj -ya6BXBg14JC7vjxPNyK5fuvPnnchpj04gftI2jE9K+OJ9dC1vX7gUMQSibMjmhAx -hduub+84Mxh2EQIDAQABo4IBbDCCAWgwEgYDVR0TAQH/BAgwBgEB/wIBDDAdBgNV -HQ4EFgQU+SSsD7K1+HnA+mCIG8TZTQKeFxkwgeMGA1UdIwSB2zCB2IAU+SSsD7K1 -+HnA+mCIG8TZTQKeFxmhgbSkgbEwga4xCzAJBgNVBAYTAkVVMUMwQQYDVQQHEzpN -YWRyaWQgKHNlZSBjdXJyZW50IGFkZHJlc3MgYXQgd3d3LmNhbWVyZmlybWEuY29t -L2FkZHJlc3MpMRIwEAYDVQQFEwlBODI3NDMyODcxGzAZBgNVBAoTEkFDIENhbWVy -ZmlybWEgUy5BLjEpMCcGA1UEAxMgQ2hhbWJlcnMgb2YgQ29tbWVyY2UgUm9vdCAt -IDIwMDiCCQCj2kJ+pLGu2jAOBgNVHQ8BAf8EBAMCAQYwPQYDVR0gBDYwNDAyBgRV -HSAAMCowKAYIKwYBBQUHAgEWHGh0dHA6Ly9wb2xpY3kuY2FtZXJmaXJtYS5jb20w -DQYJKoZIhvcNAQEFBQADggIBAJASryI1wqM58C7e6bXpeHxIvj99RZJe6dqxGfwW -PJ+0W2aeaufDuV2I6A+tzyMP3iU6XsxPpcG1Lawk0lgH3qLPaYRgM+gQDROpI9CF -5Y57pp49chNyM/WqfcZjHwj0/gF/JM8rLFQJ3uIrbZLGOU8W6jx+ekbURWpGqOt1 -glanq6B8aBMz9p0w8G8nOSQjKpD9kCk18pPfNKXG9/jvjA9iSnyu0/VU+I22mlaH -FoI6M6taIgj3grrqLuBHmrS1RaMFO9ncLkVAO+rcf+g769HsJtg1pDDFOqxXnrN2 -pSB7+R5KBWIBpih1YJeSDW4+TTdDDZIVnBgizVGZoCkaPF+KMjNbMMeJL0eYD6MD -xvbxrN8y8NmBGuScvfaAFPDRLLmF9dijscilIeUcE5fuDr3fKanvNFNb0+RqE4QG -tjICxFKuItLcsiFCGtpA8CnJ7AoMXOLQusxI0zcKzBIKinmwPQN/aUv0NCB9szTq -jktk9T79syNnFQ0EuPAtwQlRPLJsFfClI9eDdOTlLsn+mCdCxqvGnrDQWzilm1De -fhiYtUU79nm06PcaewaD+9CL2rvHvRirCG88gGtAPxkZumWK5r7VXNM21+9AUiRg -OGcEMeyP84LG3rlV8zsxkVrctQgVrXYlCg17LofiDKYGvCYQbTed7N14jHyAxfDZ -d0jQ ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDkzCCAnugAwIBAgIQFBOWgxRVjOp7Y+X8NId3RDANBgkqhkiG9w0BAQUFADA0 -MRMwEQYDVQQDEwpDb21TaWduIENBMRAwDgYDVQQKEwdDb21TaWduMQswCQYDVQQG -EwJJTDAeFw0wNDAzMjQxMTMyMThaFw0yOTAzMTkxNTAyMThaMDQxEzARBgNVBAMT -CkNvbVNpZ24gQ0ExEDAOBgNVBAoTB0NvbVNpZ24xCzAJBgNVBAYTAklMMIIBIjAN -BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8ORUaSvTx49qROR+WCf4C9DklBKK -8Rs4OC8fMZwG1Cyn3gsqrhqg455qv588x26i+YtkbDqthVVRVKU4VbirgwTyP2Q2 -98CNQ0NqZtH3FyrV7zb6MBBC11PN+fozc0yz6YQgitZBJzXkOPqUm7h65HkfM/sb -2CEJKHxNGGleZIp6GZPKfuzzcuc3B1hZKKxC+cX/zT/npfo4sdAMx9lSGlPWgcxC -ejVb7Us6eva1jsz/D3zkYDaHL63woSV9/9JLEYhwVKZBqGdTUkJe5DSe5L6j7Kpi -Xd3DTKaCQeQzC6zJMw9kglcq/QytNuEMrkvF7zuZ2SOzW120V+x0cAwqTwIDAQAB -o4GgMIGdMAwGA1UdEwQFMAMBAf8wPQYDVR0fBDYwNDAyoDCgLoYsaHR0cDovL2Zl -ZGlyLmNvbXNpZ24uY28uaWwvY3JsL0NvbVNpZ25DQS5jcmwwDgYDVR0PAQH/BAQD -AgGGMB8GA1UdIwQYMBaAFEsBmz5WGmU2dst7l6qSBe4y5ygxMB0GA1UdDgQWBBRL -AZs+VhplNnbLe5eqkgXuMucoMTANBgkqhkiG9w0BAQUFAAOCAQEA0Nmlfv4pYEWd -foPPbrxHbvUanlR2QnG0PFg/LUAlQvaBnPGJEMgOqnhPOAlXsDzACPw1jvFIUY0M -cXS6hMTXcpuEfDhOZAYnKuGntewImbQKDdSFc8gS4TXt8QUxHXOZDOuWyt3T5oWq -8Ir7dcHyCTxlZWTzTNity4hp8+SDtwy9F1qWF8pb/627HOkthIDYIb6FUtnUdLlp -hbpN7Sgy6/lhSuTENh4Z3G+EER+V9YMoGKgzkkMn3V0TBEVPh9VGzT2ouvDzuFYk -Res3x+F2T3I5GN9+dHLHcy056mDmrRGiVod7w2ia/viMcKjfZTL0pECMocJEAw6U -AGegcQCCSA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEMjCCAxqgAwIBAgIBATANBgkqhkiG9w0BAQUFADB7MQswCQYDVQQGEwJHQjEb -MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow -GAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UEAwwYQUFBIENlcnRpZmlj -YXRlIFNlcnZpY2VzMB4XDTA0MDEwMTAwMDAwMFoXDTI4MTIzMTIzNTk1OVowezEL -MAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE -BwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxITAfBgNVBAMM -GEFBQSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczCCASIwDQYJKoZIhvcNAQEBBQADggEP -ADCCAQoCggEBAL5AnfRu4ep2hxxNRUSOvkbIgwadwSr+GB+O5AL686tdUIoWMQua -BtDFcCLNSS1UY8y2bmhGC1Pqy0wkwLxyTurxFa70VJoSCsN6sjNg4tqJVfMiWPPe -3M/vg4aijJRPn2jymJBGhCfHdr/jzDUsi14HZGWCwEiwqJH5YZ92IFCokcdmtet4 -YgNW8IoaE+oxox6gmf049vYnMlhvB/VruPsUK6+3qszWY19zjNoFmag4qMsXeDZR -rOme9Hg6jc8P2ULimAyrL58OAd7vn5lJ8S3frHRNG5i1R8XlKdH5kBjHYpy+g8cm -ez6KJcfA3Z3mNWgQIJ2P2N7Sw4ScDV7oL8kCAwEAAaOBwDCBvTAdBgNVHQ4EFgQU -oBEKIz6W8Qfs4q8p74Klf9AwpLQwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQF -MAMBAf8wewYDVR0fBHQwcjA4oDagNIYyaHR0cDovL2NybC5jb21vZG9jYS5jb20v -QUFBQ2VydGlmaWNhdGVTZXJ2aWNlcy5jcmwwNqA0oDKGMGh0dHA6Ly9jcmwuY29t -b2RvLm5ldC9BQUFDZXJ0aWZpY2F0ZVNlcnZpY2VzLmNybDANBgkqhkiG9w0BAQUF -AAOCAQEACFb8AvCb6P+k+tZ7xkSAzk/ExfYAWMymtrwUSWgEdujm7l3sAg9g1o1Q -GE8mTgHj5rCl7r+8dFRBv/38ErjHT1r0iWAFf2C3BUrz9vHCv8S5dIa2LX1rzNLz -Rt0vxuBqw8M0Ayx9lt1awg6nCpnBBYurDC/zXDrPbDdVCYfeU0BsWO/8tqtlbgT2 -G9w84FoVxp7Z8VlIMCFlA2zs6SFz7JsDoeA3raAVGI/6ugLOpyypEBMs1OUIJqsi -l2D4kF501KKaU73yqWjgom7C12yxow+ev+to51byrvLjKzg6CYG1a4XXvi3tPxq3 -smPi9WIsgtRqAEFQ8TmDn5XpNpaYbg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDoTCCAomgAwIBAgILBAAAAAABD4WqLUgwDQYJKoZIhvcNAQEFBQAwOzEYMBYG -A1UEChMPQ3liZXJ0cnVzdCwgSW5jMR8wHQYDVQQDExZDeWJlcnRydXN0IEdsb2Jh -bCBSb290MB4XDTA2MTIxNTA4MDAwMFoXDTIxMTIxNTA4MDAwMFowOzEYMBYGA1UE -ChMPQ3liZXJ0cnVzdCwgSW5jMR8wHQYDVQQDExZDeWJlcnRydXN0IEdsb2JhbCBS -b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+Mi8vRRQZhP/8NN5 -7CPytxrHjoXxEnOmGaoQ25yiZXRadz5RfVb23CO21O1fWLE3TdVJDm71aofW0ozS -J8bi/zafmGWgE07GKmSb1ZASzxQG9Dvj1Ci+6A74q05IlG2OlTEQXO2iLb3VOm2y -HLtgwEZLAfVJrn5GitB0jaEMAs7u/OePuGtm839EAL9mJRQr3RAwHQeWP032a7iP -t3sMpTjr3kfb1V05/Iin89cqdPHoWqI7n1C6poxFNcJQZZXcY4Lv3b93TZxiyWNz -FtApD0mpSPCzqrdsxacwOUBdrsTiXSZT8M4cIwhhqJQZugRiQOwfOHB3EgZxpzAY -XSUnpQIDAQABo4GlMIGiMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/ -MB0GA1UdDgQWBBS2CHsNesysIEyGVjJez6tuhS1wVzA/BgNVHR8EODA2MDSgMqAw -hi5odHRwOi8vd3d3Mi5wdWJsaWMtdHJ1c3QuY29tL2NybC9jdC9jdHJvb3QuY3Js -MB8GA1UdIwQYMBaAFLYIew16zKwgTIZWMl7Pq26FLXBXMA0GCSqGSIb3DQEBBQUA -A4IBAQBW7wojoFROlZfJ+InaRcHUowAl9B8Tq7ejhVhpwjCt2BWKLePJzYFa+HMj -Wqd8BfP9IjsO0QbE2zZMcwSO5bAi5MXzLqXZI+O4Tkogp24CJJ8iYGd7ix1yCcUx -XOl5n4BHPa2hCwcUPUf/A2kaDAtE52Mlp3+yybh2hO0j9n0Hq0V+09+zv+mKts2o -omcrUtW3ZfA5TGOgkXmTUg9U3YO7n9GPp1Nzw8v/MOx8BLjYRB+TX3EJIrduPuoc -A06dGiBh+4E37F78CkWr1+cXVdCg6mCbpvbjjFspwgZgFJ0tl0ypkxWdYcQBX0jW -WL1WMRJOEcgh4LMRkWXbtKaIOM5V ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEDjCCAvagAwIBAgIDD92sMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNVBAYTAkRF -MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxHzAdBgNVBAMMFkQtVFJVU1QgUm9vdCBD -QSAzIDIwMTMwHhcNMTMwOTIwMDgyNTUxWhcNMjgwOTIwMDgyNTUxWjBFMQswCQYD -VQQGEwJERTEVMBMGA1UECgwMRC1UcnVzdCBHbWJIMR8wHQYDVQQDDBZELVRSVVNU -IFJvb3QgQ0EgMyAyMDEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA -xHtCkoIf7O1UmI4SwMoJ35NuOpNcG+QQd55OaYhs9uFp8vabomGxvQcgdJhl8Ywm -CM2oNcqANtFjbehEeoLDbF7eu+g20sRoNoyfMr2EIuDcwu4QRjltr5M5rofmw7wJ -ySxrZ1vZm3Z1TAvgu8XXvD558l++0ZBX+a72Zl8xv9Ntj6e6SvMjZbu376Ml1wrq -WLbviPr6ebJSWNXwrIyhUXQplapRO5AyA58ccnSQ3j3tYdLl4/1kR+W5t0qp9x+u -loYErC/jpIF3t1oW/9gPP/a3eMykr/pbPBJbqFKJcu+I89VEgYaVI5973bzZNO98 -lDyqwEHC451QGsDkGSL8swIDAQABo4IBBTCCAQEwDwYDVR0TAQH/BAUwAwEB/zAd -BgNVHQ4EFgQUP5DIfccVb/Mkj6nDL0uiDyGyL+cwDgYDVR0PAQH/BAQDAgEGMIG+ -BgNVHR8EgbYwgbMwdKByoHCGbmxkYXA6Ly9kaXJlY3RvcnkuZC10cnVzdC5uZXQv -Q049RC1UUlVTVCUyMFJvb3QlMjBDQSUyMDMlMjAyMDEzLE89RC1UcnVzdCUyMEdt -YkgsQz1ERT9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0MDugOaA3hjVodHRwOi8v -Y3JsLmQtdHJ1c3QubmV0L2NybC9kLXRydXN0X3Jvb3RfY2FfM18yMDEzLmNybDAN -BgkqhkiG9w0BAQsFAAOCAQEADlkOWOR0SCNEzzQhtZwUGq2aS7eziG1cqRdw8Cqf -jXv5e4X6xznoEAiwNStfzwLS05zICx7uBVSuN5MECX1sj8J0vPgclL4xAUAt8yQg -t4RVLFzI9XRKEBmLo8ftNdYJSNMOwLo5qLBGArDbxohZwr78e7Erz35ih1WWzAFv -m2chlTWL+BD8cRu3SzdppjvW7IvuwbDzJcmPkn2h6sPKRL8mpXSSnON065102ctN -h9j8tGlsi6BDB2B4l+nZk3zCRrybN1Kj7Yo8E6l7U0tJmhEFLAtuVqwfLoJs4Gln -tQ5tLdnkwBXxP/oYcuEVbSdbLTAoK59ImmQrme/ydUlfXA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEMzCCAxugAwIBAgIDCYPzMA0GCSqGSIb3DQEBCwUAME0xCzAJBgNVBAYTAkRF -MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxJzAlBgNVBAMMHkQtVFJVU1QgUm9vdCBD -bGFzcyAzIENBIDIgMjAwOTAeFw0wOTExMDUwODM1NThaFw0yOTExMDUwODM1NTha -ME0xCzAJBgNVBAYTAkRFMRUwEwYDVQQKDAxELVRydXN0IEdtYkgxJzAlBgNVBAMM -HkQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgMjAwOTCCASIwDQYJKoZIhvcNAQEB -BQADggEPADCCAQoCggEBANOySs96R+91myP6Oi/WUEWJNTrGa9v+2wBoqOADER03 -UAifTUpolDWzU9GUY6cgVq/eUXjsKj3zSEhQPgrfRlWLJ23DEE0NkVJD2IfgXU42 -tSHKXzlABF9bfsyjxiupQB7ZNoTWSPOSHjRGICTBpFGOShrvUD9pXRl/RcPHAY9R -ySPocq60vFYJfxLLHLGvKZAKyVXMD9O0Gu1HNVpK7ZxzBCHQqr0ME7UAyiZsxGsM -lFqVlNpQmvH/pStmMaTJOKDfHR+4CS7zp+hnUquVH+BGPtikw8paxTGA6Eian5Rp -/hnd2HN8gcqW3o7tszIFZYQ05ub9VxC1X3a/L7AQDcUCAwEAAaOCARowggEWMA8G -A1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFP3aFMSfMN4hvR5COfyrYyNJ4PGEMA4G -A1UdDwEB/wQEAwIBBjCB0wYDVR0fBIHLMIHIMIGAoH6gfIZ6bGRhcDovL2RpcmVj -dG9yeS5kLXRydXN0Lm5ldC9DTj1ELVRSVVNUJTIwUm9vdCUyMENsYXNzJTIwMyUy -MENBJTIwMiUyMDIwMDksTz1ELVRydXN0JTIwR21iSCxDPURFP2NlcnRpZmljYXRl -cmV2b2NhdGlvbmxpc3QwQ6BBoD+GPWh0dHA6Ly93d3cuZC10cnVzdC5uZXQvY3Js -L2QtdHJ1c3Rfcm9vdF9jbGFzc18zX2NhXzJfMjAwOS5jcmwwDQYJKoZIhvcNAQEL -BQADggEBAH+X2zDI36ScfSF6gHDOFBJpiBSVYEQBrLLpME+bUMJm2H6NMLVwMeni -acfzcNsgFYbQDfC+rAF1hM5+n02/t2A7nPPKHeJeaNijnZflQGDSNiH+0LS4F9p0 -o3/U37CYAqxva2ssJSRyoWXuJVrl5jLn8t+rSfrzkGkj2wTZ51xY/GXUl77M/C4K -zCUqNQT4YJEVdT1B/yMfGchs64JTBKbkTCJNjYy6zltz7GRUUG3RnFX7acM2w4y8 -PIWmawomDeCTmGCufsYkl4phX5GOZpIJhzbNi5stPvZR1FDUWSi9g/LMKHtThm3Y -Johw1+qRzT65ysCQblrGXnRl11z+o+I= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEQzCCAyugAwIBAgIDCYP0MA0GCSqGSIb3DQEBCwUAMFAxCzAJBgNVBAYTAkRF -MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxKjAoBgNVBAMMIUQtVFJVU1QgUm9vdCBD -bGFzcyAzIENBIDIgRVYgMjAwOTAeFw0wOTExMDUwODUwNDZaFw0yOTExMDUwODUw -NDZaMFAxCzAJBgNVBAYTAkRFMRUwEwYDVQQKDAxELVRydXN0IEdtYkgxKjAoBgNV -BAMMIUQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgRVYgMjAwOTCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAJnxhDRwui+3MKCOvXwEz75ivJn9gpfSegpn -ljgJ9hBOlSJzmY3aFS3nBfwZcyK3jpgAvDw9rKFs+9Z5JUut8Mxk2og+KbgPCdM0 -3TP1YtHhzRnp7hhPTFiu4h7WDFsVWtg6uMQYZB7jM7K1iXdODL/ZlGsTl28So/6Z -qQTMFexgaDbtCHu39b+T7WYxg4zGcTSHThfqr4uRjRxWQa4iN1438h3Z0S0NL2lR -p75mpoo6Kr3HGrHhFPC+Oh25z1uxav60sUYgovseO3Dvk5h9jHOW8sXvhXCtKSb8 -HgQ+HKDYD8tSg2J87otTlZCpV6LqYQXY+U3EJ/pure3511H3a6UCAwEAAaOCASQw -ggEgMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNOUikxiEyoZLsyvcop9Ntea -HNxnMA4GA1UdDwEB/wQEAwIBBjCB3QYDVR0fBIHVMIHSMIGHoIGEoIGBhn9sZGFw -Oi8vZGlyZWN0b3J5LmQtdHJ1c3QubmV0L0NOPUQtVFJVU1QlMjBSb290JTIwQ2xh -c3MlMjAzJTIwQ0ElMjAyJTIwRVYlMjAyMDA5LE89RC1UcnVzdCUyMEdtYkgsQz1E -RT9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0MEagRKBChkBodHRwOi8vd3d3LmQt -dHJ1c3QubmV0L2NybC9kLXRydXN0X3Jvb3RfY2xhc3NfM19jYV8yX2V2XzIwMDku -Y3JsMA0GCSqGSIb3DQEBCwUAA4IBAQA07XtaPKSUiO8aEXUHL7P+PPoeUSbrh/Yp -3uDx1MYkCenBz1UbtDDZzhr+BlGmFaQt77JLvyAoJUnRpjZ3NOhk31KxEcdzes05 -nsKtjHEh8lprr988TlWvsoRlFIm5d8sqMb7Po23Pb0iUMkZv53GMoKaEGTcH8gNF -CSuGdXzfX2lXANtu2KZyIktQ1HWYVt+3GP9DQ1CuekR78HlR10M9p9OB0/DJT7na -xpeG0ILD5EJt/rDiZE4OJudANCa1CInXCGNjOCd1HjPqbqjdn5lPdE2BiYBL3ZqX -KVwvvoFBuYz/6n1gBp7N1z3TLqMVvKjmJuVvw9y4AyHqnxbxLFS1 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/ -MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT -DkRTVCBSb290IENBIFgzMB4XDTAwMDkzMDIxMTIxOVoXDTIxMDkzMDE0MDExNVow -PzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQD -Ew5EU1QgUm9vdCBDQSBYMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB -AN+v6ZdQCINXtMxiZfaQguzH0yxrMMpb7NnDfcdAwRgUi+DoM3ZJKuM/IUmTrE4O -rz5Iy2Xu/NMhD2XSKtkyj4zl93ewEnu1lcCJo6m67XMuegwGMoOifooUMM0RoOEq -OLl5CjH9UL2AZd+3UWODyOKIYepLYYHsUmu5ouJLGiifSKOeDNoJjj4XLh7dIN9b -xiqKqy69cK3FCxolkHRyxXtqqzTWMIn/5WgTe1QLyNau7Fqckh49ZLOMxt+/yUFw -7BZy1SbsOFU5Q9D8/RhcQPGX69Wam40dutolucbY38EVAjqr2m7xPi71XAicPNaD -aeQQmxkqtilX4+U9m5/wAl0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNV -HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMSnsaR7LHH62+FLkHX/xBVghYkQMA0GCSqG -SIb3DQEBBQUAA4IBAQCjGiybFwBcqR7uKGY3Or+Dxz9LwwmglSBd49lZRNI+DT69 -ikugdB/OEIKcdBodfpga3csTS7MgROSR6cz8faXbauX+5v3gTt23ADq1cEmv8uXr -AvHRAosZy5Q6XkjEGB5YGV8eAlrwDPGxrancWYaLbumR9YbK+rlmM6pZW87ipxZz -R8srzJmwN0jP41ZL9c8PDHIyh8bwRLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5 -JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubSfZGL+T0yjWW06XyxV3bqxbYo -Ob8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDnzCCAoegAwIBAgIBJjANBgkqhkiG9w0BAQUFADBxMQswCQYDVQQGEwJERTEc -MBoGA1UEChMTRGV1dHNjaGUgVGVsZWtvbSBBRzEfMB0GA1UECxMWVC1UZWxlU2Vj -IFRydXN0IENlbnRlcjEjMCEGA1UEAxMaRGV1dHNjaGUgVGVsZWtvbSBSb290IENB -IDIwHhcNOTkwNzA5MTIxMTAwWhcNMTkwNzA5MjM1OTAwWjBxMQswCQYDVQQGEwJE -RTEcMBoGA1UEChMTRGV1dHNjaGUgVGVsZWtvbSBBRzEfMB0GA1UECxMWVC1UZWxl -U2VjIFRydXN0IENlbnRlcjEjMCEGA1UEAxMaRGV1dHNjaGUgVGVsZWtvbSBSb290 -IENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrC6M14IspFLEU -ha88EOQ5bzVdSq7d6mGNlUn0b2SjGmBmpKlAIoTZ1KXleJMOaAGtuU1cOs7TuKhC -QN/Po7qCWWqSG6wcmtoIKyUn+WkjR/Hg6yx6m/UTAtB+NHzCnjwAWav12gz1Mjwr -rFDa1sPeg5TKqAyZMg4ISFZbavva4VhYAUlfckE8FQYBjl2tqriTtM2e66foai1S -NNs671x1Udrb8zH57nGYMsRUFUQM+ZtV7a3fGAigo4aKSe5TBY8ZTNXeWHmb0moc -QqvF1afPaA+W5OFhmHZhyJF81j4A4pFQh+GdCuatl9Idxjp9y7zaAzTVjlsB9WoH -txa2bkp/AgMBAAGjQjBAMB0GA1UdDgQWBBQxw3kbuvVT1xfgiXotF2wKsyudMzAP -BgNVHRMECDAGAQH/AgEFMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOC -AQEAlGRZrTlk5ynrE/5aw4sTV8gEJPB0d8Bg42f76Ymmg7+Wgnxu1MM9756Abrsp -tJh6sTtU6zkXR34ajgv8HzFZMQSyzhfzLMdiNlXiItiJVbSYSKpk+tYcNthEeFpa -IzpXl/V6ME+un2pMSyuOoAPjPuCp1NJ70rOo4nI8rZ7/gFnkm0W09juwzTkZmDLl -6iFhkOQxIY40sfcvNUqFENrnijchvllj4PKFiDFT1FQUhXB59C4Gdyd1Lx+4ivn+ -xbrYNuSD7Odlt79jWvNGr4GUN9RBjNYj1h7P9WgbRGOiWrqnNVmh5XAFmw4jV5mU -Cm26OWMohpLzGITY+9HPBVZkVw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDtzCCAp+gAwIBAgIQDOfg5RfYRv6P5WD8G/AwOTANBgkqhkiG9w0BAQUFADBl -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv -b3QgQ0EwHhcNMDYxMTEwMDAwMDAwWhcNMzExMTEwMDAwMDAwWjBlMQswCQYDVQQG -EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNl -cnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgQ0EwggEi -MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtDhXO5EOAXLGH87dg+XESpa7c -JpSIqvTO9SA5KFhgDPiA2qkVlTJhPLWxKISKityfCgyDF3qPkKyK53lTXDGEKvYP -mDI2dsze3Tyoou9q+yHyUmHfnyDXH+Kx2f4YZNISW1/5WBg1vEfNoTb5a3/UsDg+ -wRvDjDPZ2C8Y/igPs6eD1sNuRMBhNZYW/lmci3Zt1/GiSw0r/wty2p5g0I6QNcZ4 -VYcgoc/lbQrISXwxmDNsIumH0DJaoroTghHtORedmTpyoeb6pNnVFzF1roV9Iq4/ -AUaG9ih5yLHa5FcXxH4cDrC0kqZWs72yl+2qp/C3xag/lRbQ/6GW6whfGHdPAgMB -AAGjYzBhMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQW -BBRF66Kv9JLLgjEtUYunpyGd823IDzAfBgNVHSMEGDAWgBRF66Kv9JLLgjEtUYun -pyGd823IDzANBgkqhkiG9w0BAQUFAAOCAQEAog683+Lt8ONyc3pklL/3cmbYMuRC -dWKuh+vy1dneVrOfzM4UKLkNl2BcEkxY5NM9g0lFWJc1aRqoR+pWxnmrEthngYTf -fwk8lOa4JiwgvT2zKIn3X/8i4peEH+ll74fg38FnSbNd67IJKusm7Xi+fT8r87cm -NW1fiQG2SVufAQWbqz0lwcy2f8Lxb4bG+mRo64EtlOtCt/qMHt1i8b5QZ7dsvfPx -H2sMNgcWfzd8qVttevESRmCD1ycEvkvOl77DZypoEd+A5wwzZr8TDRRu838fYxAe -+o0bJW1sj6W3YQGx0qMmoRBxna3iw/nDmVG3KwcIzi7mULKn+gpFL6Lw8g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDljCCAn6gAwIBAgIQC5McOtY5Z+pnI7/Dr5r0SzANBgkqhkiG9w0BAQsFADBl -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv -b3QgRzIwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1MTIwMDAwWjBlMQswCQYDVQQG -EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNl -cnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgRzIwggEi -MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ5ygvUj82ckmIkzTz+GoeMVSA -n61UQbVH35ao1K+ALbkKz3X9iaV9JPrjIgwrvJUXCzO/GU1BBpAAvQxNEP4Htecc -biJVMWWXvdMX0h5i89vqbFCMP4QMls+3ywPgym2hFEwbid3tALBSfK+RbLE4E9Hp -EgjAALAcKxHad3A2m67OeYfcgnDmCXRwVWmvo2ifv922ebPynXApVfSr/5Vh88lA -bx3RvpO704gqu52/clpWcTs/1PPRCv4o76Pu2ZmvA9OPYLfykqGxvYmJHzDNw6Yu -YjOuFgJ3RFrngQo8p0Quebg/BLxcoIfhG69Rjs3sLPr4/m3wOnyqi+RnlTGNAgMB -AAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQW -BBTOw0q5mVXyuNtgv6l+vVa1lzan1jANBgkqhkiG9w0BAQsFAAOCAQEAyqVVjOPI -QW5pJ6d1Ee88hjZv0p3GeDgdaZaikmkuOGybfQTUiaWxMTeKySHMq2zNixya1r9I -0jJmwYrA8y8678Dj1JGG0VDjA9tzd29KOVPt3ibHtX2vK0LRdWLjSisCx1BL4Gni -lmwORGYQRI+tBev4eaymG+g3NJ1TyWGqolKvSnAWhsI6yLETcDbYz+70CjTVW0z9 -B5yiutkBclzzTcHdDrEcDcRjvq30FPuJ7KJBDkzMyFdA0G4Dqs0MjomZmWzwPDCv -ON9vvKO+KSAnq3T/EyJ43pdSVR6DtVQgA+6uwE9W3jfMw3+qBCe703e4YtsXfJwo -IhNzbM8m9Yop5w== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICRjCCAc2gAwIBAgIQC6Fa+h3foLVJRK/NJKBs7DAKBggqhkjOPQQDAzBlMQsw -CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu -ZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3Qg -RzMwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1MTIwMDAwWjBlMQswCQYDVQQGEwJV -UzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQu -Y29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgRzMwdjAQBgcq -hkjOPQIBBgUrgQQAIgNiAAQZ57ysRGXtzbg/WPuNsVepRC0FFfLvC/8QdJ+1YlJf -Zn4f5dwbRXkLzMZTCp2NXQLZqVneAlr2lSoOjThKiknGvMYDOAdfVdp+CW7if17Q -RSAPWXYQ1qAk8C3eNvJsKTmjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/ -BAQDAgGGMB0GA1UdDgQWBBTL0L2p4ZgFUaFNN6KDec6NHSrkhDAKBggqhkjOPQQD -AwNnADBkAjAlpIFFAmsSS3V0T8gj43DydXLefInwz5FyYZ5eEJJZVrmDxxDnOOlY -JjZ91eQ0hjkCMHw2U/Aw5WJjOpnitqM7mzT6HtoQknFekROn3aRukswy1vUhZscv -6pZjamVFkpUBtA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD -QTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT -MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j -b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG -9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB -CSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97 -nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt -43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P -T19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4 -gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO -BgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR -TLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw -DQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr -hMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg -06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF -PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls -YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk -CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDjjCCAnagAwIBAgIQAzrx5qcRqaC7KGSxHQn65TANBgkqhkiG9w0BAQsFADBh -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH -MjAeFw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAwMDBaMGExCzAJBgNVBAYTAlVT -MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j -b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEcyMIIBIjANBgkqhkiG -9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzfNNNx7a8myaJCtSnX/RrohCgiN9RlUyfuI -2/Ou8jqJkTx65qsGGmvPrC3oXgkkRLpimn7Wo6h+4FR1IAWsULecYxpsMNzaHxmx -1x7e/dfgy5SDN67sH0NO3Xss0r0upS/kqbitOtSZpLYl6ZtrAGCSYP9PIUkY92eQ -q2EGnI/yuum06ZIya7XzV+hdG82MHauVBJVJ8zUtluNJbd134/tJS7SsVQepj5Wz -tCO7TG1F8PapspUwtP1MVYwnSlcUfIKdzXOS0xZKBgyMUNGPHgm+F6HmIcr9g+UQ -vIOlCsRnKPZzFBQ9RnbDhxSJITRNrw9FDKZJobq7nMWxM4MphQIDAQABo0IwQDAP -BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUTiJUIBiV -5uNu5g/6+rkS7QYXjzkwDQYJKoZIhvcNAQELBQADggEBAGBnKJRvDkhj6zHd6mcY -1Yl9PMWLSn/pvtsrF9+wX3N3KjITOYFnQoQj8kVnNeyIv/iPsGEMNKSuIEyExtv4 -NeF22d+mQrvHRAiGfzZ0JFrabA0UWTW98kndth/Jsw1HKj2ZL7tcu7XUIOGZX1NG -Fdtom/DzMNU+MeKNhJ7jitralj41E6Vf8PlwUHBHQRFXGU7Aj64GxJUTFy8bJZ91 -8rGOmaFvE7FBcf6IKshPECBV1/MUReXgRPTqh5Uykw7+U0b6LJ3/iyK5S9kJRaTe -pLiaWN0bfVKfjllDiIGknibVb63dDcY3fe0Dkhvld1927jyNxF1WW6LZZm6zNTfl -MrY= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICPzCCAcWgAwIBAgIQBVVWvPJepDU1w6QP1atFcjAKBggqhkjOPQQDAzBhMQsw -CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu -ZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBHMzAe -Fw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAwMDBaMGExCzAJBgNVBAYTAlVTMRUw -EwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20x -IDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEczMHYwEAYHKoZIzj0CAQYF -K4EEACIDYgAE3afZu4q4C/sLfyHS8L6+c/MzXRq8NOrexpu80JX28MzQC7phW1FG -fp4tn+6OYwwX7Adw9c+ELkCDnOg/QW07rdOkFFk2eJ0DQ+4QE2xy3q6Ip6FrtUPO -Z9wj/wMco+I+o0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAd -BgNVHQ4EFgQUs9tIpPmhxdiuNkHMEWNpYim8S8YwCgYIKoZIzj0EAwMDaAAwZQIx -AK288mw/EkrRLTnDCgmXc/SINoyIJ7vmiI1Qhadj+Z4y3maTD/HMsQmP3Wyr+mt/ -oAIwOWZbwmSNuJ5Q3KjVSaLtx9zRSX8XAbjIho9OjIgrqJqpisXRAL34VOKa5Vt8 -sycX ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDxTCCAq2gAwIBAgIQAqxcJmoLQJuPC3nyrkYldzANBgkqhkiG9w0BAQUFADBs -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j -ZSBFViBSb290IENBMB4XDTA2MTExMDAwMDAwMFoXDTMxMTExMDAwMDAwMFowbDEL -MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3 -LmRpZ2ljZXJ0LmNvbTErMCkGA1UEAxMiRGlnaUNlcnQgSGlnaCBBc3N1cmFuY2Ug -RVYgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMbM5XPm -+9S75S0tMqbf5YE/yc0lSbZxKsPVlDRnogocsF9ppkCxxLeyj9CYpKlBWTrT3JTW -PNt0OKRKzE0lgvdKpVMSOO7zSW1xkX5jtqumX8OkhPhPYlG++MXs2ziS4wblCJEM -xChBVfvLWokVfnHoNb9Ncgk9vjo4UFt3MRuNs8ckRZqnrG0AFFoEt7oT61EKmEFB -Ik5lYYeBQVCmeVyJ3hlKV9Uu5l0cUyx+mM0aBhakaHPQNAQTXKFx01p8VdteZOE3 -hzBWBOURtCmAEvF5OYiiAhF8J2a3iLd48soKqDirCmTCv2ZdlYTBoSUeh10aUAsg -EsxBu24LUTi4S8sCAwEAAaNjMGEwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQF -MAMBAf8wHQYDVR0OBBYEFLE+w2kD+L9HAdSYJhoIAu9jZCvDMB8GA1UdIwQYMBaA -FLE+w2kD+L9HAdSYJhoIAu9jZCvDMA0GCSqGSIb3DQEBBQUAA4IBAQAcGgaX3Nec -nzyIZgYIVyHbIUf4KmeqvxgydkAQV8GK83rZEWWONfqe/EW1ntlMMUu4kehDLI6z -eM7b41N5cdblIZQB2lWHmiRk9opmzN6cN82oNLFpmyPInngiK3BD41VHMWEZ71jF -hS9OMPagMRYjyOfiZRYzy78aG6A9+MpeizGLYAiJLQwGXFK3xPkKmNEVX58Svnw2 -Yzi9RKR/5CYrCsSXaQ3pjOLAEFe4yHYSkVXySGnYvCoCWw9E1CAx2/S6cCZdkGCe -vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep -+OkuE6N36B9K ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFkDCCA3igAwIBAgIQBZsbV56OITLiOQe9p3d1XDANBgkqhkiG9w0BAQwFADBi -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSEwHwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3Qg -RzQwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1MTIwMDAwWjBiMQswCQYDVQQGEwJV -UzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQu -Y29tMSEwHwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3QgRzQwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQC/5pBzaN675F1KPDAiMGkz7MKnJS7JIT3y -ithZwuEppz1Yq3aaza57G4QNxDAf8xukOBbrVsaXbR2rsnnyyhHS5F/WBTxSD1If -xp4VpX6+n6lXFllVcq9ok3DCsrp1mWpzMpTREEQQLt+C8weE5nQ7bXHiLQwb7iDV -ySAdYyktzuxeTsiT+CFhmzTrBcZe7FsavOvJz82sNEBfsXpm7nfISKhmV1efVFiO -DCu3T6cw2Vbuyntd463JT17lNecxy9qTXtyOj4DatpGYQJB5w3jHtrHEtWoYOAMQ -jdjUN6QuBX2I9YI+EJFwq1WCQTLX2wRzKm6RAXwhTNS8rhsDdV14Ztk6MUSaM0C/ -CNdaSaTC5qmgZ92kJ7yhTzm1EVgX9yRcRo9k98FpiHaYdj1ZXUJ2h4mXaXpI8OCi -EhtmmnTK3kse5w5jrubU75KSOp493ADkRSWJtppEGSt+wJS00mFt6zPZxd9LBADM -fRyVw4/3IbKyEbe7f/LVjHAsQWCqsWMYRJUadmJ+9oCw++hkpjPRiQfhvbfmQ6QY -uKZ3AeEPlAwhHbJUKSWJbOUOUlFHdL4mrLZBdd56rF+NP8m800ERElvlEFDrMcXK -chYiCd98THU/Y+whX8QgUWtvsauGi0/C1kVfnSD8oR7FwI+isX4KJpn15GkvmB0t -9dmpsh3lGwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB -hjAdBgNVHQ4EFgQU7NfjgtJxXWRM3y5nP+e6mK4cD08wDQYJKoZIhvcNAQEMBQAD -ggIBALth2X2pbL4XxJEbw6GiAI3jZGgPVs93rnD5/ZpKmbnJeFwMDF/k5hQpVgs2 -SV1EY+CtnJYYZhsjDT156W1r1lT40jzBQ0CuHVD1UvyQO7uYmWlrx8GnqGikJ9yd -+SeuMIW59mdNOj6PWTkiU0TryF0Dyu1Qen1iIQqAyHNm0aAFYF/opbSnr6j3bTWc -fFqK1qI4mfN4i/RN0iAL3gTujJtHgXINwBQy7zBZLq7gcfJW5GqXb5JQbZaNaHqa -sjYUegbyJLkJEVDXCLG4iXqEI2FCKeWjzaIgQdfRnGTZ6iahixTXTBmyUEFxPT9N -cCOGDErcgdLMMpSEDQgJlxxPwO5rIHQw0uA5NBCFIRUBCOhVMt5xSdkoF1BN5r5N -0XWs0Mr7QbhDparTwwVETyw2m+L64kW4I1NsBm9nVX9GtUw/bihaeSbSpKhil9Ie -4u1Ki7wb/UdKDd9nZn6yW0HQO+T0O/QEY+nvwlQAUaCKKsnOeMzV6ocEGLPOr0mI -r/OSmbaz5mEP0oUA51Aa5BuVnRmhuZyxm7EAHu/QD09CbMkKvO5D+jpxpchNJqU1 -/YldvIViHTLSoCtU7ZpXwdv6EM8Zt4tKG48BtieVU+i2iW1bvGjUI+iLUaJW+fCm -gKDWHrO8Dw9TdSmq6hN35N6MgSGtBxBHEa2HPQfRdbzP82Z+ ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIGSzCCBDOgAwIBAgIIamg+nFGby1MwDQYJKoZIhvcNAQELBQAwgbIxCzAJBgNV -BAYTAlRSMQ8wDQYDVQQHDAZBbmthcmExQDA+BgNVBAoMN0UtVHXEn3JhIEVCRyBC -aWxpxZ9pbSBUZWtub2xvamlsZXJpIHZlIEhpem1ldGxlcmkgQS7Fni4xJjAkBgNV -BAsMHUUtVHVncmEgU2VydGlmaWthc3lvbiBNZXJrZXppMSgwJgYDVQQDDB9FLVR1 -Z3JhIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTEzMDMwNTEyMDk0OFoXDTIz -MDMwMzEyMDk0OFowgbIxCzAJBgNVBAYTAlRSMQ8wDQYDVQQHDAZBbmthcmExQDA+ -BgNVBAoMN0UtVHXEn3JhIEVCRyBCaWxpxZ9pbSBUZWtub2xvamlsZXJpIHZlIEhp -em1ldGxlcmkgQS7Fni4xJjAkBgNVBAsMHUUtVHVncmEgU2VydGlmaWthc3lvbiBN -ZXJrZXppMSgwJgYDVQQDDB9FLVR1Z3JhIENlcnRpZmljYXRpb24gQXV0aG9yaXR5 -MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA4vU/kwVRHoViVF56C/UY -B4Oufq9899SKa6VjQzm5S/fDxmSJPZQuVIBSOTkHS0vdhQd2h8y/L5VMzH2nPbxH -D5hw+IyFHnSOkm0bQNGZDbt1bsipa5rAhDGvykPL6ys06I+XawGb1Q5KCKpbknSF -Q9OArqGIW66z6l7LFpp3RMih9lRozt6Plyu6W0ACDGQXwLWTzeHxE2bODHnv0ZEo -q1+gElIwcxmOj+GMB6LDu0rw6h8VqO4lzKRG+Bsi77MOQ7osJLjFLFzUHPhdZL3D -k14opz8n8Y4e0ypQBaNV2cvnOVPAmJ6MVGKLJrD3fY185MaeZkJVgkfnsliNZvcH -fC425lAcP9tDJMW/hkd5s3kc91r0E+xs+D/iWR+V7kI+ua2oMoVJl0b+SzGPWsut -dEcf6ZG33ygEIqDUD13ieU/qbIWGvaimzuT6w+Gzrt48Ue7LE3wBf4QOXVGUnhMM -ti6lTPk5cDZvlsouDERVxcr6XQKj39ZkjFqzAQqptQpHF//vkUAqjqFGOjGY5RH8 -zLtJVor8udBhmm9lbObDyz51Sf6Pp+KJxWfXnUYTTjF2OySznhFlhqt/7x3U+Lzn -rFpct1pHXFXOVbQicVtbC/DP3KBhZOqp12gKY6fgDT+gr9Oq0n7vUaDmUStVkhUX -U8u3Zg5mTPj5dUyQ5xJwx0UCAwEAAaNjMGEwHQYDVR0OBBYEFC7j27JJ0JxUeVz6 -Jyr+zE7S6E5UMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAULuPbsknQnFR5 -XPonKv7MTtLoTlQwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4ICAQAF -Nzr0TbdF4kV1JI+2d1LoHNgQk2Xz8lkGpD4eKexd0dCrfOAKkEh47U6YA5n+KGCR -HTAduGN8qOY1tfrTYXbm1gdLymmasoR6d5NFFxWfJNCYExL/u6Au/U5Mh/jOXKqY -GwXgAEZKgoClM4so3O0409/lPun++1ndYYRP0lSWE2ETPo+Aab6TR7U1Q9Jauz1c -77NCR807VRMGsAnb/WP2OogKmW9+4c4bU2pEZiNRCHu8W1Ki/QY3OEBhj0qWuJA3 -+GbHeJAAFS6LrVE1Uweoa2iu+U48BybNCAVwzDk/dr2l02cmAYamU9JgO3xDf1WK -vJUawSg5TB9D0pH0clmKuVb8P7Sd2nCcdlqMQ1DujjByTd//SffGqWfZbawCEeI6 -FiWnWAjLb1NBnEg4R2gz0dfHj9R0IdTDBZB6/86WiLEVKV0jq9BgoRJP3vQXzTLl -yb/IQ639Lo7xr+L0mPoSHyDYwKcMhcWQ9DstliaxLL5Mq+ux0orJ23gTDx4JnW2P -AJ8C2sH6H3p6CcRK5ogql5+Ji/03X186zjhZhkuvcQu02PJwT58yE+Owp1fl2tpD -y4Q08ijE6m30Ku/Ba3ba+367hTzSU8JNvnHhRdH9I2cNE3X7z2VnIp2usAnRCf8d -NL/+I5c30jn6PQ0GC7TbO6Orb1wdtn7os4I07QZcJA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFVjCCBD6gAwIBAgIQ7is969Qh3hSoYqwE893EATANBgkqhkiG9w0BAQUFADCB -8zELMAkGA1UEBhMCRVMxOzA5BgNVBAoTMkFnZW5jaWEgQ2F0YWxhbmEgZGUgQ2Vy -dGlmaWNhY2lvIChOSUYgUS0wODAxMTc2LUkpMSgwJgYDVQQLEx9TZXJ2ZWlzIFB1 -YmxpY3MgZGUgQ2VydGlmaWNhY2lvMTUwMwYDVQQLEyxWZWdldSBodHRwczovL3d3 -dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbCAoYykwMzE1MDMGA1UECxMsSmVyYXJxdWlh -IEVudGl0YXRzIGRlIENlcnRpZmljYWNpbyBDYXRhbGFuZXMxDzANBgNVBAMTBkVD -LUFDQzAeFw0wMzAxMDcyMzAwMDBaFw0zMTAxMDcyMjU5NTlaMIHzMQswCQYDVQQG -EwJFUzE7MDkGA1UEChMyQWdlbmNpYSBDYXRhbGFuYSBkZSBDZXJ0aWZpY2FjaW8g -KE5JRiBRLTA4MDExNzYtSSkxKDAmBgNVBAsTH1NlcnZlaXMgUHVibGljcyBkZSBD -ZXJ0aWZpY2FjaW8xNTAzBgNVBAsTLFZlZ2V1IGh0dHBzOi8vd3d3LmNhdGNlcnQu -bmV0L3ZlcmFycmVsIChjKTAzMTUwMwYDVQQLEyxKZXJhcnF1aWEgRW50aXRhdHMg -ZGUgQ2VydGlmaWNhY2lvIENhdGFsYW5lczEPMA0GA1UEAxMGRUMtQUNDMIIBIjAN -BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyLHT+KXQpWIR4NA9h0X84NzJB5R -85iKw5K4/0CQBXCHYMkAqbWUZRkiFRfCQ2xmRJoNBD45b6VLeqpjt4pEndljkYRm -4CgPukLjbo73FCeTae6RDqNfDrHrZqJyTxIThmV6PttPB/SnCWDaOkKZx7J/sxaV -HMf5NLWUhdWZXqBIoH7nF2W4onW4HvPlQn2v7fOKSGRdghST2MDk/7NQcvJ29rNd -QlB50JQ+awwAvthrDk4q7D7SzIKiGGUzE3eeml0aE9jD2z3Il3rucO2n5nzbcc8t -lGLfbdb1OL4/pYUKGbio2Al1QnDE6u/LDsg0qBIimAy4E5S2S+zw0JDnJwIDAQAB -o4HjMIHgMB0GA1UdEQQWMBSBEmVjX2FjY0BjYXRjZXJ0Lm5ldDAPBgNVHRMBAf8E -BTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUoMOLRKo3pUW/l4Ba0fF4 -opvpXY0wfwYDVR0gBHgwdjB0BgsrBgEEAfV4AQMBCjBlMCwGCCsGAQUFBwIBFiBo -dHRwczovL3d3dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbDA1BggrBgEFBQcCAjApGidW -ZWdldSBodHRwczovL3d3dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbCAwDQYJKoZIhvcN -AQEFBQADggEBAKBIW4IB9k1IuDlVNZyAelOZ1Vr/sXE7zDkJlF7W2u++AVtd0x7Y -/X1PzaBB4DSTv8vihpw3kpBWHNzrKQXlxJ7HNd+KDM3FIUPpqojlNcAZQmNaAl6k -SBg6hW/cnbw/nZzBh7h6YQjpdwt/cKt63dmXLGQehb+8dJahw3oS7AwaboMMPOhy -Rp/7SNVel+axofjk70YllJyJ22k4vuxcDlbHZVHlUIiIv0LVKz3l+bqeLrPK9HOS -Agu+TGbrIP65y7WZf+a2E/rKS03Z7lNGBjvGTq2TWoF+bCpLagVFjPIhpDGQh2xl -nJ2lYJU6Un/10asIbvPuW/mIPX64b24D5EI= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEAzCCAuugAwIBAgIQVID5oHPtPwBMyonY43HmSjANBgkqhkiG9w0BAQUFADB1 -MQswCQYDVQQGEwJFRTEiMCAGA1UECgwZQVMgU2VydGlmaXRzZWVyaW1pc2tlc2t1 -czEoMCYGA1UEAwwfRUUgQ2VydGlmaWNhdGlvbiBDZW50cmUgUm9vdCBDQTEYMBYG -CSqGSIb3DQEJARYJcGtpQHNrLmVlMCIYDzIwMTAxMDMwMTAxMDMwWhgPMjAzMDEy -MTcyMzU5NTlaMHUxCzAJBgNVBAYTAkVFMSIwIAYDVQQKDBlBUyBTZXJ0aWZpdHNl -ZXJpbWlza2Vza3VzMSgwJgYDVQQDDB9FRSBDZXJ0aWZpY2F0aW9uIENlbnRyZSBS -b290IENBMRgwFgYJKoZIhvcNAQkBFglwa2lAc2suZWUwggEiMA0GCSqGSIb3DQEB -AQUAA4IBDwAwggEKAoIBAQDIIMDs4MVLqwd4lfNE7vsLDP90jmG7sWLqI9iroWUy -euuOF0+W2Ap7kaJjbMeMTC55v6kF/GlclY1i+blw7cNRfdCT5mzrMEvhvH2/UpvO -bntl8jixwKIy72KyaOBhU8E2lf/slLo2rpwcpzIP5Xy0xm90/XsY6KxX7QYgSzIw -WFv9zajmofxwvI6Sc9uXp3whrj3B9UiHbCe9nyV0gVWw93X2PaRka9ZP585ArQ/d -MtO8ihJTmMmJ+xAdTX7Nfh9WDSFwhfYggx/2uh8Ej+p3iDXE/+pOoYtNP2MbRMNE -1CV2yreN1x5KZmTNXMWcg+HCCIia7E6j8T4cLNlsHaFLAgMBAAGjgYowgYcwDwYD -VR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFBLyWj7qVhy/ -zQas8fElyalL1BSZMEUGA1UdJQQ+MDwGCCsGAQUFBwMCBggrBgEFBQcDAQYIKwYB -BQUHAwMGCCsGAQUFBwMEBggrBgEFBQcDCAYIKwYBBQUHAwkwDQYJKoZIhvcNAQEF -BQADggEBAHv25MANqhlHt01Xo/6tu7Fq1Q+e2+RjxY6hUFaTlrg4wCQiZrxTFGGV -v9DHKpY5P30osxBAIWrEr7BSdxjhlthWXePdNl4dp1BUoMUq5KqMlIpPnTX/dqQG -E5Gion0ARD9V04I8GtVbvFZMIi5GQ4okQC3zErg7cBqklrkar4dBGmoYDQZPxz5u -uSlNDUmJEYcyW+ZLBMjkXOZ0c5RdFpgTlf7727FE5TpwrDdr5rMzcijJs1eg9gIW -iAYLtqZLICjU3j2LrTcFU3T+bsy8QxdxXvnFzBqpYe73dgzzcvRyrc9yAjYHR8/v -GVCJYMzpJJUPwssd8m92kMfMdcGWxZ0= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEKjCCAxKgAwIBAgIEOGPe+DANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChML -RW50cnVzdC5uZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNfMjA0OCBp -bmNvcnAuIGJ5IHJlZi4gKGxpbWl0cyBsaWFiLikxJTAjBgNVBAsTHChjKSAxOTk5 -IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNVBAMTKkVudHJ1c3QubmV0IENlcnRp -ZmljYXRpb24gQXV0aG9yaXR5ICgyMDQ4KTAeFw05OTEyMjQxNzUwNTFaFw0yOTA3 -MjQxNDE1MTJaMIG0MRQwEgYDVQQKEwtFbnRydXN0Lm5ldDFAMD4GA1UECxQ3d3d3 -LmVudHJ1c3QubmV0L0NQU18yMDQ4IGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxp -YWIuKTElMCMGA1UECxMcKGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDEzMDEG -A1UEAxMqRW50cnVzdC5uZXQgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgKDIwNDgp -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArU1LqRKGsuqjIAcVFmQq -K0vRvwtKTY7tgHalZ7d4QMBzQshowNtTK91euHaYNZOLGp18EzoOH1u3Hs/lJBQe -sYGpjX24zGtLA/ECDNyrpUAkAH90lKGdCCmziAv1h3edVc3kw37XamSrhRSGlVuX -MlBvPci6Zgzj/L24ScF2iUkZ/cCovYmjZy/Gn7xxGWC4LeksyZB2ZnuU4q941mVT -XTzWnLLPKQP5L6RQstRIzgUyVYr9smRMDuSYB3Xbf9+5CFVghTAp+XtIpGmG4zU/ -HoZdenoVve8AjhUiVBcAkCaTvA5JaJG/+EfTnZVCwQ5N328mz8MYIWJmQ3DW1cAH -4QIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV -HQ4EFgQUVeSB0RGAvtiJuQijMfmhJAkWuXAwDQYJKoZIhvcNAQEFBQADggEBADub -j1abMOdTmXx6eadNl9cZlZD7Bh/KM3xGY4+WZiT6QBshJ8rmcnPyT/4xmf3IDExo -U8aAghOY+rat2l098c5u9hURlIIM7j+VrxGrD9cv3h8Dj1csHsm7mhpElesYT6Yf -zX1XEC+bBAlahLVu2B064dae0Wx5XnkcFMXj0EyTO2U87d89vqbllRrDtRnDvV5b -u/8j72gZyxKTJ1wDLW8w0B62GqzeWvfRqqgnpv55gcR5mTNXuhKwqeBCbJPKVt7+ -bYQLCIt+jerXmCHG8+c8eS9enNFMFY3h7CI3zJpDC5fcgJCNs2ebb0gIFVbPv/Er -fF6adulZkMV8gzURZVE= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEkTCCA3mgAwIBAgIERWtQVDANBgkqhkiG9w0BAQUFADCBsDELMAkGA1UEBhMC -VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xOTA3BgNVBAsTMHd3dy5lbnRydXN0 -Lm5ldC9DUFMgaXMgaW5jb3Jwb3JhdGVkIGJ5IHJlZmVyZW5jZTEfMB0GA1UECxMW -KGMpIDIwMDYgRW50cnVzdCwgSW5jLjEtMCsGA1UEAxMkRW50cnVzdCBSb290IENl -cnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA2MTEyNzIwMjM0MloXDTI2MTEyNzIw -NTM0MlowgbAxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMTkw -NwYDVQQLEzB3d3cuZW50cnVzdC5uZXQvQ1BTIGlzIGluY29ycG9yYXRlZCBieSBy -ZWZlcmVuY2UxHzAdBgNVBAsTFihjKSAyMDA2IEVudHJ1c3QsIEluYy4xLTArBgNV -BAMTJEVudHJ1c3QgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASIwDQYJ -KoZIhvcNAQEBBQADggEPADCCAQoCggEBALaVtkNC+sZtKm9I35RMOVcF7sN5EUFo -Nu3s/poBj6E4KPz3EEZmLk0eGrEaTsbRwJWIsMn/MYszA9u3g3s+IIRe7bJWKKf4 -4LlAcTfFy0cOlypowCKVYhXbR9n10Cv/gkvJrT7eTNuQgFA/CYqEAOwwCj0Yzfv9 -KlmaI5UXLEWeH25DeW0MXJj+SKfFI0dcXv1u5x609mhF0YaDW6KKjbHjKYD+JXGI -rb68j6xSlkuqUY3kEzEZ6E5Nn9uss2rVvDlUccp6en+Q3X0dgNmBu1kmwhH+5pPi -94DkZfs0Nw4pgHBNrziGLp5/V6+eF67rHMsoIV+2HNjnogQi+dPa2MsCAwEAAaOB -sDCBrTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zArBgNVHRAEJDAi -gA8yMDA2MTEyNzIwMjM0MlqBDzIwMjYxMTI3MjA1MzQyWjAfBgNVHSMEGDAWgBRo -kORnpKZTgMeGZqTx90tD+4S9bTAdBgNVHQ4EFgQUaJDkZ6SmU4DHhmak8fdLQ/uE -vW0wHQYJKoZIhvZ9B0EABBAwDhsIVjcuMTo0LjADAgSQMA0GCSqGSIb3DQEBBQUA -A4IBAQCT1DCw1wMgKtD5Y+iRDAUgqV8ZyntyTtSx29CW+1RaGSwMCPeyvIWonX9t -O1KzKtvn1ISMY/YPyyYBkVBs9F8U4pN0wBOeMDpQ47RgxRzwIkSNcUesyBrJ6Zua -AGAT/3B+XxFNSRuzFVJ7yVTav52Vr2ua2J7p8eRDjeIRRDq/r72DQnNSi6q7pynP -9WQcCk3RvKqsnyrQ/39/2n3qse0wJcGE2jTSW3iDVuycNsMm4hH2Z0kdkquM++v/ -eu6FSqdQgPCnXEqULl8FmTxSQeDNtGPPAUO6nIPcj2A781q0tHuu2guQOHXvgR1m -0vdXcDazv/wor3ElhVsT/h5/WrQ8 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIC+TCCAoCgAwIBAgINAKaLeSkAAAAAUNCR+TAKBggqhkjOPQQDAzCBvzELMAkG -A1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3 -d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDEyIEVu -dHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEzMDEGA1UEAxMq -RW50cnVzdCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRUMxMB4XDTEy -MTIxODE1MjUzNloXDTM3MTIxODE1NTUzNlowgb8xCzAJBgNVBAYTAlVTMRYwFAYD -VQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQLEx9TZWUgd3d3LmVudHJ1c3QubmV0 -L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykgMjAxMiBFbnRydXN0LCBJbmMuIC0g -Zm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxMzAxBgNVBAMTKkVudHJ1c3QgUm9vdCBD -ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEVDMTB2MBAGByqGSM49AgEGBSuBBAAi -A2IABIQTydC6bUF74mzQ61VfZgIaJPRbiWlH47jCffHyAsWfoPZb1YsGGYZPUxBt -ByQnoaD41UcZYUx9ypMn6nQM72+WCf5j7HBdNq1nd67JnXxVRDqiY1Ef9eNi1KlH -Bz7MIKNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O -BBYEFLdj5xrdjekIplWDpOBqUEFlEUJJMAoGCCqGSM49BAMDA2cAMGQCMGF52OVC -R98crlOZF7ZvHH3hvxGU0QOIdeSNiaSKd0bebWHvAvX7td/M/k7//qnmpwIwW5nX -hTcGtXsI/esni0qU+eH6p44mCOh8kmhtc9hvJqwhAriZtyZBWyVgrtBIGu4G ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEPjCCAyagAwIBAgIESlOMKDANBgkqhkiG9w0BAQsFADCBvjELMAkGA1UEBhMC -VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50 -cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDA5IEVudHJ1c3Qs -IEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEyMDAGA1UEAxMpRW50cnVz -dCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzIwHhcNMDkwNzA3MTcy -NTU0WhcNMzAxMjA3MTc1NTU0WjCBvjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVu -dHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwt -dGVybXMxOTA3BgNVBAsTMChjKSAyMDA5IEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0 -aG9yaXplZCB1c2Ugb25seTEyMDAGA1UEAxMpRW50cnVzdCBSb290IENlcnRpZmlj -YXRpb24gQXV0aG9yaXR5IC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK -AoIBAQC6hLZy254Ma+KZ6TABp3bqMriVQRrJ2mFOWHLP/vaCeb9zYQYKpSfYs1/T -RU4cctZOMvJyig/3gxnQaoCAAEUesMfnmr8SVycco2gvCoe9amsOXmXzHHfV1IWN -cCG0szLni6LVhjkCsbjSR87kyUnEO6fe+1R9V77w6G7CebI6C1XiUJgWMhNcL3hW -wcKUs/Ja5CeanyTXxuzQmyWC48zCxEXFjJd6BmsqEZ+pCm5IO2/b1BEZQvePB7/1 -U1+cPvQXLOZprE4yTGJ36rfo5bs0vBmLrpxR57d+tVOxMyLlbc9wPBr64ptntoP0 -jaWvYkxN4FisZDQSA/i2jZRjJKRxAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAP -BgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRqciZ60B7vfec7aVHUbI2fkBJmqzAN -BgkqhkiG9w0BAQsFAAOCAQEAeZ8dlsa2eT8ijYfThwMEYGprmi5ZiXMRrEPR9RP/ -jTkrwPK9T3CMqS/qF8QLVJ7UG5aYMzyorWKiAHarWWluBh1+xLlEjZivEtRh2woZ -Rkfz6/djwUAFQKXSt/S1mja/qYh2iARVBCuch38aNzx+LaUa2NSJXsq9rD1s2G2v -1fN2D807iDginWyTmsQ9v4IbZT+mD12q/OWyFcq1rca8PdCE6OoGcrBNOTJ4vz4R -nAuknZoh8/CbCzB428Hch0P+vGOaysXCHMnHjf87ElgI5rY97HosTvuDls4MPGmH -VHOkc8KT/1EQrBVUAdj8BbGJoX90g5pJ19xOe4pIb4tF9g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFiDCCA3CgAwIBAgIIfQmX/vBH6nowDQYJKoZIhvcNAQELBQAwYjELMAkGA1UE -BhMCQ04xMjAwBgNVBAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZ -IENPLixMVEQuMR8wHQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMB4XDTE0 -MTEyNjA1MTMxNVoXDTQwMTIzMTE1NTk1OVowYjELMAkGA1UEBhMCQ04xMjAwBgNV -BAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZIENPLixMVEQuMR8w -HQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMIICIjANBgkqhkiG9w0BAQEF -AAOCAg8AMIICCgKCAgEA2aMW8Mh0dHeb7zMNOwZ+Vfy1YI92hhJCfVZmPoiC7XJj -Dp6L3TQsAlFRwxn9WVSEyfFrs0yw6ehGXTjGoqcuEVe6ghWinI9tsJlKCvLriXBj -TnnEt1u9ol2x8kECK62pOqPseQrsXzrj/e+APK00mxqriCZ7VqKChh/rNYmDf1+u -KU49tm7srsHwJ5uu4/Ts765/94Y9cnrrpftZTqfrlYwiOXnhLQiPzLyRuEH3FMEj -qcOtmkVEs7LXLM3GKeJQEK5cy4KOFxg2fZfmiJqwTTQJ9Cy5WmYqsBebnh52nUpm -MUHfP/vFBu8btn4aRjb3ZGM74zkYI+dndRTVdVeSN72+ahsmUPI2JgaQxXABZG12 -ZuGR224HwGGALrIuL4xwp9E7PLOR5G62xDtw8mySlwnNR30YwPO7ng/Wi64HtloP -zgsMR6flPri9fcebNaBhlzpBdRfMK5Z3KpIhHtmVdiBnaM8Nvd/WHwlqmuLMc3Gk -L30SgLdTMEZeS1SZD2fJpcjyIMGC7J0R38IC+xo70e0gmu9lZJIQDSri3nDxGGeC -jGHeuLzRL5z7D9Ar7Rt2ueQ5Vfj4oR24qoAATILnsn8JuLwwoC8N9VKejveSswoA -HQBUlwbgsQfZxw9cZX08bVlX5O2ljelAU58VS6Bx9hoh49pwBiFYFIeFd3mqgnkC -AwEAAaNCMEAwHQYDVR0OBBYEFOLJQJ9NzuiaoXzPDj9lxSmIahlRMA8GA1UdEwEB -/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQDRSVfg -p8xoWLoBDysZzY2wYUWsEe1jUGn4H3++Fo/9nesLqjJHdtJnJO29fDMylyrHBYZm -DRd9FBUb1Ov9H5r2XpdptxolpAqzkT9fNqyL7FeoPueBihhXOYV0GkLH6VsTX4/5 -COmSdI31R9KrO9b7eGZONn356ZLpBN79SWP8bfsUcZNnL0dKt7n/HipzcEYwv1ry -L3ml4Y0M2fmyYzeMN2WFcGpcWwlyua1jPLHd+PwyvzeG5LuOmCd+uh8W4XAR8gPf -JWIyJyYYMoSf/wA6E7qaTfRPuBRwIrHKK5DOKcFw9C+df/KQHtZa37dG/OaG+svg -IHZ6uqbL9XzeYqWxi+7egmaKTjowHz+Ay60nugxe19CxVsp3cbK1daFQqUBDF8Io -2c9Si1vIY9RCPqAzekYu9wogRlR+ak8x8YF+QnQ4ZXMn7sZ8uI7XpTrXmKGcjBBV -09tL7ECQ8s1uV9JiDnxXk7Gnbc2dg7sq5+W2O3FYrf3RRbxake5TFW/TRQl1brqQ -XR4EzzffHqhmsYzmIGrv/EhOdJhCrylvLmrH+33RZjEizIYAfmaDDEL0vTSSwxrq -T8p+ck0LcIymSLumoRT2+1hEmRSuqguTaaApJUqlyyvdimYHFngVV3Eb7PVHhPOe -MTd61X8kreS8/f3MboPoDKi3QWwH3b08hpcv0g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT -MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i -YWwgQ0EwHhcNMDIwNTIxMDQwMDAwWhcNMjIwNTIxMDQwMDAwWjBCMQswCQYDVQQG -EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMSR2VvVHJ1c3Qg -R2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2swYYzD9 -9BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9mOSm9BXiLnTjoBbdq -fnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIuT8rxh0PBFpVXLVDv -iS2Aelet8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6cJmTM386DGXHKTubU -1XupGc1V3sjs0l44U+VcT4wt/lAjNvxm5suOpDkZALeVAjmRCw7+OC7RHQWa9k0+ -bw8HHa8sHo9gOeL6NlMTOdReJivbPagUvTLrGAMoUgRx5aszPeE4uwc2hGKceeoW -MPRfwCvocWvk+QIDAQABo1MwUTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTA -ephojYn7qwVkDBF9qn1luMrMTjAfBgNVHSMEGDAWgBTAephojYn7qwVkDBF9qn1l -uMrMTjANBgkqhkiG9w0BAQUFAAOCAQEANeMpauUvXVSOKVCUn5kaFOSPeCpilKIn -Z57QzxpeR+nBsqTP3UEaBU6bS+5Kb1VSsyShNwrrZHYqLizz/Tt1kL/6cdjHPTfS -tQWVYrmm3ok9Nns4d0iXrKYgjy6myQzCsplFAMfOEVEiIuCl6rYVSAlk6l5PdPcF -PseKUgzbFbS9bZvlxrFUaKnjaZC2mqUPuLk/IH2uSrW4nOQdtqvmlKXBx4Ot2/Un -hw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6pXE0zX5IJL4hmXXeXxx12E6nV -5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvmMw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDfDCCAmSgAwIBAgIQGKy1av1pthU6Y2yv2vrEoTANBgkqhkiG9w0BAQUFADBY -MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjExMC8GA1UEAxMo -R2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNjEx -MjcwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMFgxCzAJBgNVBAYTAlVTMRYwFAYDVQQK -Ew1HZW9UcnVzdCBJbmMuMTEwLwYDVQQDEyhHZW9UcnVzdCBQcmltYXJ5IENlcnRp -ZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC -AQEAvrgVe//UfH1nrYNke8hCUy3f9oQIIGHWAVlqnEQRr+92/ZV+zmEwu3qDXwK9 -AWbK7hWNb6EwnL2hhZ6UOvNWiAAxz9juapYC2e0DjPt1befquFUWBRaa9OBesYjA -ZIVcFU2Ix7e64HXprQU9nceJSOC7KMgD4TCTZF5SwFlwIjVXiIrxlQqD17wxcwE0 -7e9GceBrAqg1cmuXm2bgyxx5X9gaBGgeRwLmnWDiNpcB3841kt++Z8dtd1k7j53W -kBWUvEI0EME5+bEnPn7WinXFsq+W06Lem+SYvn3h6YGttm/81w7a4DSwDRp35+MI -mO9Y+pyEtzavwt+s0vQQBnBxNQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4G -A1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQULNVQQZcVi/CPNmFbSvtr2ZnJM5IwDQYJ -KoZIhvcNAQEFBQADggEBAFpwfyzdtzRP9YZRqSa+S7iq8XEN3GHHoOo0Hnp3DwQ1 -6CePbJC/kRYkRj5KTs4rFtULUh38H2eiAkUxT87z+gOneZ1TatnaYzr4gNfTmeGl -4b7UVXGYNTq+k+qurUKykG/g/CFNNWMziUnWm07Kx+dOCQD32sfvmWKZd7aVIl6K -oKv0uHiYyjgZmclynnjNS6yvGaBzEi38wkG6gZHaFloxt/m0cYASSJlyc1pZU8Fj -UjPtp8nSOQJw+uCxQmYpqptR7TBUIhRf2asdweSU8Pj1K/fqynhG1riR/aYNKxoU -AT6A8EKglQdebc3MS6RFjasS6LPeWuWgfOgPIh1a6Vk= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICrjCCAjWgAwIBAgIQPLL0SAoA4v7rJDteYD7DazAKBggqhkjOPQQDAzCBmDEL -MAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsTMChj -KSAyMDA3IEdlb1RydXN0IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTE2 -MDQGA1UEAxMtR2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0 -eSAtIEcyMB4XDTA3MTEwNTAwMDAwMFoXDTM4MDExODIzNTk1OVowgZgxCzAJBgNV -BAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMTkwNwYDVQQLEzAoYykgMjAw -NyBHZW9UcnVzdCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxNjA0BgNV -BAMTLUdlb1RydXN0IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBH -MjB2MBAGByqGSM49AgEGBSuBBAAiA2IABBWx6P0DFUPlrOuHNxFi79KDNlJ9RVcL -So17VDs6bl8VAsBQps8lL33KSLjHUGMcKiEIfJo22Av+0SbFWDEwKCXzXV2juLal -tJLtbCyf691DiaI8S0iRHVDsJt/WYC69IaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAO -BgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFBVfNVdRVfslsq0DafwBo/q+EVXVMAoG -CCqGSM49BAMDA2cAMGQCMGSWWaboCd6LuvpaiIjwH5HTRqjySkwCY/tsXzjbLkGT -qQ7mndwxHLKgpxgceeHHNgIwOlavmnRs9vuD4DPTCF+hnMJbn0bWtsuRBmOiBucz -rD6ogRLQy7rQkgu2npaqBA+K ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID/jCCAuagAwIBAgIQFaxulBmyeUtB9iepwxgPHzANBgkqhkiG9w0BAQsFADCB -mDELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsT -MChjKSAyMDA4IEdlb1RydXN0IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25s -eTE2MDQGA1UEAxMtR2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhv -cml0eSAtIEczMB4XDTA4MDQwMjAwMDAwMFoXDTM3MTIwMTIzNTk1OVowgZgxCzAJ -BgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMTkwNwYDVQQLEzAoYykg -MjAwOCBHZW9UcnVzdCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxNjA0 -BgNVBAMTLUdlb1RydXN0IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg -LSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANziXmJYHTNXOTIz -+uvLh4yn1ErdBojqZI4xmKU4kB6Yzy5jK/BGvESyiaHAKAxJcCGVn2TAppMSAmUm -hsalifD614SgcK9PGpc/BkTVyetyEH3kMSj7HGHmKAdEc5IiaacDiGydY8hS2pgn -5whMcD60yRLBxWeDXTPzAxHsatBT4tG6NmCUgLthY2xbF37fQJQeqw3CIShwiP/W -JmxsYAQlTlV+fe+/lEjetx3dcI0FX4ilm/LC7urRQEFtYjgdVgbFA0dRIBn8exAL -DmKudlW/X3e+PkkBUz2YJQN2JFodtNuJ6nnltrM7P7pMKEF/BqxqjsHQ9gUdfeZC -huOl1UcCAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw -HQYDVR0OBBYEFMR5yo6hTgMdHNxr2zFblD4/MH8tMA0GCSqGSIb3DQEBCwUAA4IB -AQAtxRPPVoB7eni9n64smefv2t+UXglpp+duaIy9cr5HqQ6XErhK8WTTOd8lNNTB -zU6B8A8ExCSzNJbGpqow32hhc9f5joWJ7w5elShKKiePEI4ufIbEAp7aDHdlDkQN -kv39sxY2+hENHYwOB4lqKVb3cvTdFZx3NWZXqxNT2I7BQMXXExZacse3aQHEerGD -AWh9jUGhlBjBJVz88P6DAod8DQ3PLghcSkANPuyBYeYk28rgDi0Hsj5W3I31QYUH -SJsMC8tJP33st/3LjWeJGqvtux6jAAgIFyqCXDFdRootD4abdNlF+9RAsXqqaC2G -spki4cErx5z481+oghLrGREt ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFaDCCA1CgAwIBAgIBATANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJVUzEW -MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEeMBwGA1UEAxMVR2VvVHJ1c3QgVW5pdmVy -c2FsIENBMB4XDTA0MDMwNDA1MDAwMFoXDTI5MDMwNDA1MDAwMFowRTELMAkGA1UE -BhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xHjAcBgNVBAMTFUdlb1RydXN0 -IFVuaXZlcnNhbCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKYV -VaCjxuAfjJ0hUNfBvitbtaSeodlyWL0AG0y/YckUHUWCq8YdgNY96xCcOq9tJPi8 -cQGeBvV8Xx7BDlXKg5pZMK4ZyzBIle0iN430SppyZj6tlcDgFgDgEB8rMQ7XlFTT -QjOgNB0eRXbdT8oYN+yFFXoZCPzVx5zw8qkuEKmS5j1YPakWaDwvdSEYfyh3peFh -F7em6fgemdtzbvQKoiFs7tqqhZJmr/Z6a4LauiIINQ/PQvE1+mrufislzDoR5G2v -c7J2Ha3QsnhnGqQ5HFELZ1aD/ThdDc7d8Lsrlh/eezJS/R27tQahsiFepdaVaH/w -mZ7cRQg+59IJDTWU3YBOU5fXtQlEIGQWFwMCTFMNaN7VqnJNk22CDtucvc+081xd -VHppCZbW2xHBjXWotM85yM48vCR85mLK4b19p71XZQvk/iXttmkQ3CgaRr0BHdCX -teGYO8A3ZNY9lO4L4fUorgtWv3GLIylBjobFS1J72HGrH4oVpjuDWtdYAVHGTEHZ -f9hBZ3KiKN9gg6meyHv8U3NyWfWTehd2Ds735VzZC1U0oqpbtWpU5xPKV+yXbfRe -Bi9Fi1jUIxaS5BZuKGNZMN9QAZxjiRqf2xeUgnA3wySemkfWWspOqGmJch+RbNt+ -nhutxx9z3SxPGWX9f5NAEC7S8O08ni4oPmkmM8V7AgMBAAGjYzBhMA8GA1UdEwEB -/wQFMAMBAf8wHQYDVR0OBBYEFNq7LqqwDLiIJlF0XG0D08DYj3rWMB8GA1UdIwQY -MBaAFNq7LqqwDLiIJlF0XG0D08DYj3rWMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG -9w0BAQUFAAOCAgEAMXjmx7XfuJRAyXHEqDXsRh3ChfMoWIawC/yOsjmPRFWrZIRc -aanQmjg8+uUfNeVE44B5lGiku8SfPeE0zTBGi1QrlaXv9z+ZhP015s8xxtxqv6fX -IwjhmF7DWgh2qaavdy+3YL1ERmrvl/9zlcGO6JP7/TG37FcREUWbMPEaiDnBTzyn -ANXH/KttgCJwpQzgXQQpAvvLoJHRfNbDflDVnVi+QTjruXU8FdmbyUqDWcDaU/0z -uzYYm4UPFd3uLax2k7nZAY1IEKj79TiG8dsKxr2EoyNB3tZ3b4XUhRxQ4K5RirqN -Pnbiucon8l+f725ZDQbYKxek0nxru18UGkiPGkzns0ccjkxFKyDuSN/n3QmOGKja -QI2SJhFTYXNd673nxE0pN2HrrDktZy4W1vUAg4WhzH92xH3kt0tm7wNFYGm2DFKW -koRepqO1pD4r2czYG0eq8kTaT/kD6PAUyz/zg97QwVTjt+gKN02LIFkDMBmhLMi9 -ER/frslKxfMnZmaGrGiR/9nmUxwPi1xpZQomyB40w11Re9epnAahNt3ViZS82eQt -DF4JbAiXfKM9fJP/P6EUp8+1Xevb2xzEdt+Iub1FBZUbrvxGakyvSOPOrg/Sfuvm -bJxPgWp6ZKy7PtXny3YuxadIwVyQD8vIP/rmMuGNG2+k5o7Y+SlIis5z/iw= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFbDCCA1SgAwIBAgIBATANBgkqhkiG9w0BAQUFADBHMQswCQYDVQQGEwJVUzEW -MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMXR2VvVHJ1c3QgVW5pdmVy -c2FsIENBIDIwHhcNMDQwMzA0MDUwMDAwWhcNMjkwMzA0MDUwMDAwWjBHMQswCQYD -VQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMXR2VvVHJ1 -c3QgVW5pdmVyc2FsIENBIDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC -AQCzVFLByT7y2dyxUxpZKeexw0Uo5dfR7cXFS6GqdHtXr0om/Nj1XqduGdt0DE81 -WzILAePb63p3NeqqWuDW6KFXlPCQo3RWlEQwAx5cTiuFJnSCegx2oG9NzkEtoBUG -FF+3Qs17j1hhNNwqCPkuwwGmIkQcTAeC5lvO0Ep8BNMZcyfwqph/Lq9O64ceJHdq -XbboW0W63MOhBW9Wjo8QJqVJwy7XQYci4E+GymC16qFjwAGXEHm9ADwSbSsVsaxL -se4YuU6W3Nx2/zu+z18DwPw76L5GG//aQMJS9/7jOvdqdzXQ2o3rXhhqMcceujwb -KNZrVMaqW9eiLBsZzKIC9ptZvTdrhrVtgrrY6slWvKk2WP0+GfPtDCapkzj4T8Fd -IgbQl+rhrcZV4IErKIM6+vR7IVEAvlI4zs1meaj0gVbi0IMJR1FbUGrP20gaXT73 -y/Zl92zxlfgCOzJWgjl6W70viRu/obTo/3+NjN8D8WBOWBFM66M/ECuDmgFz2ZRt -hAAnZqzwcEAJQpKtT5MNYQlRJNiS1QuUYbKHsu3/mjX/hVTK7URDrBs8FmtISgoc -QIgfksILAAX/8sgCSqSqqcyZlpwvWOB94b67B9xfBHJcMTTD7F8t4D1kkCLm0ey4 -Lt1ZrtmhN79UNdxzMk+MBB4zsslG8dhcyFVQyWi9qLo2CQIDAQABo2MwYTAPBgNV -HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR281Xh+qQ2+/CfXGJx7Tz0RzgQKzAfBgNV -HSMEGDAWgBR281Xh+qQ2+/CfXGJx7Tz0RzgQKzAOBgNVHQ8BAf8EBAMCAYYwDQYJ -KoZIhvcNAQEFBQADggIBAGbBxiPz2eAubl/oz66wsCVNK/g7WJtAJDday6sWSf+z -dXkzoS9tcBc0kf5nfo/sm+VegqlVHy/c1FEHEv6sFj4sNcZj/NwQ6w2jqtB8zNHQ -L1EuxBRa3ugZ4T7GzKQp5y6EqgYweHZUcyiYWTjgAA1i00J9IZ+uPTqM1fp3DRgr -Fg5fNuH8KrUwJM/gYwx7WBr+mbpCErGR9Hxo4sjoryzqyX6uuyo9DRXcNJW2GHSo -ag/HtPQTxORb7QrSpJdMKu0vbBKJPfEncKpqA1Ihn0CoZ1Dy81of398j9tx4TuaY -T1U6U+Pv8vSfx3zYWK8pIpe44L2RLrB27FcRz+8pRPPphXpgY+RdM4kX2TGq2tbz -GDVyz4crL2MjhF2EjD9XoIj8mZEoJmmZ1I+XRL6O1UixpCgp8RW04eWe3fiPpm8m -1wk8OhwRDqZsN/etRIcsKMfYdIKz0G9KV7s1KSegi+ghp4dkNl3M2Basx7InQJJV -OCiNUW7dFGdTbHFcJoRNdVq2fmBWqU2t+5sel/MN2dKXVHfaPRK34B7vCAas+YWH -6aLcr34YEoP9VhdBLtUpgn2Z9DH2canPLAEnpQW5qrJITirvn5NSUZU8UnOOVkwX -QMAJKOSLakhT2+zNVVXxxvjpoixMptEmX36vWkzaH6byHCx+rgIW0lbQL1dTR+iS ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB4TCCAYegAwIBAgIRKjikHJYKBN5CsiilC+g0mAIwCgYIKoZIzj0EAwIwUDEk -MCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI0MRMwEQYDVQQKEwpH -bG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWduMB4XDTEyMTExMzAwMDAwMFoX -DTM4MDExOTAzMTQwN1owUDEkMCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBD -QSAtIFI0MRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWdu -MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEuMZ5049sJQ6fLjkZHAOkrprlOQcJ -FspjsbmG+IpXwVfOQvpzofdlQv8ewQCybnMO/8ch5RikqtlxP6jUuc6MHaNCMEAw -DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFFSwe61F -uOJAf/sKbvu+M8k8o4TVMAoGCCqGSM49BAMCA0gAMEUCIQDckqGgE6bPA7DmxCGX -kPoUVy0D7O48027KqGx2vKLeuwIgJ6iFJzWbVsaj8kfSt24bAgAXqmemFZHe+pTs -ewv4n4Q= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICHjCCAaSgAwIBAgIRYFlJ4CYuu1X5CneKcflK2GwwCgYIKoZIzj0EAwMwUDEk -MCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI1MRMwEQYDVQQKEwpH -bG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWduMB4XDTEyMTExMzAwMDAwMFoX -DTM4MDExOTAzMTQwN1owUDEkMCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBD -QSAtIFI1MRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWdu -MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAER0UOlvt9Xb/pOdEh+J8LttV7HpI6SFkc -8GIxLcB6KP4ap1yztsyX50XUWPrRd21DosCHZTQKH3rd6zwzocWdTaRvQZU4f8ke -hOvRnkmSh5SHDDqFSmafnVmTTZdhBoZKo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYD -VR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUPeYpSJvqB8ohREom3m7e0oPQn1kwCgYI -KoZIzj0EAwMDaAAwZQIxAOVpEslu28YxuglB4Zf4+/2a4n0Sye18ZNPLBSWLVtmg -515dTguDnFt2KaAJJiFqYgIwcdK1j1zqO+F4CYWodZI7yFz9SO8NdCKoCOJuxUnO -xwy8p2Fp8fc74SrL+SvzZpA3 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG -A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv -b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw -MDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i -YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT -aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ -jc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp -xy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp -1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdG -snUOhugZitVtbNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJ -U26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N8 -9iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E -BTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0B -AQUFAAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOz -yj1hTdNGCbM+w6DjY1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE -38NflNUVyRRBnMRddWQVDf9VMOyGj/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymP -AbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad -DKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME -HMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4G -A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp -Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDYxMjE1MDgwMDAwWhcNMjExMjE1 -MDgwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEG -A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAKbPJA6+Lm8omUVCxKs+IVSbC9N/hHD6ErPL -v4dfxn+G07IwXNb9rfF73OX4YJYJkhD10FPe+3t+c4isUoh7SqbKSaZeqKeMWhG8 -eoLrvozps6yWJQeXSpkqBy+0Hne/ig+1AnwblrjFuTosvNYSuetZfeLQBoZfXklq -tTleiDTsvHgMCJiEbKjNS7SgfQx5TfC4LcshytVsW33hoCmEofnTlEnLJGKRILzd -C9XZzPnqJworc5HGnRusyMvo4KD0L5CLTfuwNhv2GXqF4G3yYROIXJ/gkwpRl4pa -zq+r1feqCapgvdzZX99yqWATXgAByUr6P6TqBwMhAo6CygPCm48CAwEAAaOBnDCB -mTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUm+IH -V2ccHsBqBt5ZtJot39wZhi4wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5n -bG9iYWxzaWduLm5ldC9yb290LXIyLmNybDAfBgNVHSMEGDAWgBSb4gdXZxwewGoG -3lm0mi3f3BmGLjANBgkqhkiG9w0BAQUFAAOCAQEAmYFThxxol4aR7OBKuEQLq4Gs -J0/WwbgcQ3izDJr86iw8bmEbTUsp9Z8FHSbBuOmDAGJFtqkIk7mpM0sYmsL4h4hO -291xNBrBVNpGP+DTKqttVCL1OmLNIG+6KYnX3ZHu01yiPqFbQfXf5WRDLenVOavS -ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd -AfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7 -TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDXzCCAkegAwIBAgILBAAAAAABIVhTCKIwDQYJKoZIhvcNAQELBQAwTDEgMB4G -A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbFNp -Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDkwMzE4MTAwMDAwWhcNMjkwMzE4 -MTAwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEG -A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAMwldpB5BngiFvXAg7aEyiie/QV2EcWtiHL8 -RgJDx7KKnQRfJMsuS+FggkbhUqsMgUdwbN1k0ev1LKMPgj0MK66X17YUhhB5uzsT -gHeMCOFJ0mpiLx9e+pZo34knlTifBtc+ycsmWQ1z3rDI6SYOgxXG71uL0gRgykmm -KPZpO/bLyCiR5Z2KYVc3rHQU3HTgOu5yLy6c+9C7v/U9AOEGM+iCK65TpjoWc4zd -QQ4gOsC0p6Hpsk+QLjJg6VfLuQSSaGjlOCZgdbKfd/+RFO+uIEn8rUAVSNECMWEZ -XriX7613t2Saer9fwRPvm2L7DWzgVGkWqQPabumDk3F2xmmFghcCAwEAAaNCMEAw -DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFI/wS3+o -LkUkrk1Q+mOai97i3Ru8MA0GCSqGSIb3DQEBCwUAA4IBAQBLQNvAUKr+yAzv95ZU -RUm7lgAJQayzE4aGKAczymvmdLm6AC2upArT9fHxD4q/c2dKg8dEe3jgr25sbwMp -jjM5RcOO5LlXbKr8EpbsU8Yt5CRsuZRj+9xTaGdWPoO4zzUhw8lo/s7awlOqzJCK -6fBdRoyV3XpYKBovHd7NADdBj+1EbddTKJd+82cEHhXXipa0095MJ6RMG3NzdvQX -mcIfeg7jLQitChws/zyrVQ4PkX4268NXSb7hLi18YIvDQVETI53O9zJrlAGomecs -Mx86OyXShkDOOyyGeMlhLxS67ttVb9+E7gUJTb0o2HLO02JQZR7rkpeDMdmztcpH -WD9f ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIHSTCCBTGgAwIBAgIJAMnN0+nVfSPOMA0GCSqGSIb3DQEBBQUAMIGsMQswCQYD -VQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0 -IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAGA1UEBRMJQTgyNzQzMjg3 -MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xJzAlBgNVBAMTHkdsb2JhbCBD -aGFtYmVyc2lnbiBSb290IC0gMjAwODAeFw0wODA4MDExMjMxNDBaFw0zODA3MzEx -MjMxNDBaMIGsMQswCQYDVQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3Vy -cmVudCBhZGRyZXNzIGF0IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAG -A1UEBRMJQTgyNzQzMjg3MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xJzAl -BgNVBAMTHkdsb2JhbCBDaGFtYmVyc2lnbiBSb290IC0gMjAwODCCAiIwDQYJKoZI -hvcNAQEBBQADggIPADCCAgoCggIBAMDfVtPkOpt2RbQT2//BthmLN0EYlVJH6xed -KYiONWwGMi5HYvNJBL99RDaxccy9Wglz1dmFRP+RVyXfXjaOcNFccUMd2drvXNL7 -G706tcuto8xEpw2uIRU/uXpbknXYpBI4iRmKt4DS4jJvVpyR1ogQC7N0ZJJ0YPP2 -zxhPYLIj0Mc7zmFLmY/CDNBAspjcDahOo7kKrmCgrUVSY7pmvWjg+b4aqIG7HkF4 -ddPB/gBVsIdU6CeQNR1MM62X/JcumIS/LMmjv9GYERTtY/jKmIhYF5ntRQOXfjyG -HoiMvvKRhI9lNNgATH23MRdaKXoKGCQwoze1eqkBfSbW+Q6OWfH9GzO1KTsXO0G2 -Id3UwD2ln58fQ1DJu7xsepeY7s2MH/ucUa6LcL0nn3HAa6x9kGbo1106DbDVwo3V -yJ2dwW3Q0L9R5OP4wzg2rtandeavhENdk5IMagfeOx2YItaswTXbo6Al/3K1dh3e -beksZixShNBFks4c5eUzHdwHU1SjqoI7mjcv3N2gZOnm3b2u/GSFHTynyQbehP9r -6GsaPMWis0L7iwk+XwhSx2LE1AVxv8Rk5Pihg+g+EpuoHtQ2TS9x9o0o9oOpE9Jh -wZG7SMA0j0GMS0zbaRL/UJScIINZc+18ofLx/d33SdNDWKBWY8o9PeU1VlnpDsog -zCtLkykPAgMBAAGjggFqMIIBZjASBgNVHRMBAf8ECDAGAQH/AgEMMB0GA1UdDgQW -BBS5CcqcHtvTbDprru1U8VuTBjUuXjCB4QYDVR0jBIHZMIHWgBS5CcqcHtvTbDpr -ru1U8VuTBjUuXqGBsqSBrzCBrDELMAkGA1UEBhMCRVUxQzBBBgNVBAcTOk1hZHJp -ZCAoc2VlIGN1cnJlbnQgYWRkcmVzcyBhdCB3d3cuY2FtZXJmaXJtYS5jb20vYWRk -cmVzcykxEjAQBgNVBAUTCUE4Mjc0MzI4NzEbMBkGA1UEChMSQUMgQ2FtZXJmaXJt -YSBTLkEuMScwJQYDVQQDEx5HbG9iYWwgQ2hhbWJlcnNpZ24gUm9vdCAtIDIwMDiC -CQDJzdPp1X0jzjAOBgNVHQ8BAf8EBAMCAQYwPQYDVR0gBDYwNDAyBgRVHSAAMCow -KAYIKwYBBQUHAgEWHGh0dHA6Ly9wb2xpY3kuY2FtZXJmaXJtYS5jb20wDQYJKoZI -hvcNAQEFBQADggIBAICIf3DekijZBZRG/5BXqfEv3xoNa/p8DhxJJHkn2EaqbylZ -UohwEurdPfWbU1Rv4WCiqAm57OtZfMY18dwY6fFn5a+6ReAJ3spED8IXDneRRXoz -X1+WLGiLwUePmJs9wOzL9dWCkoQ10b42OFZyMVtHLaoXpGNR6woBrX/sdZ7LoR/x -fxKxueRkf2fWIyr0uDldmOghp+G9PUIadJpwr2hsUF1Jz//7Dl3mLEfXgTpZALVz -a2Mg9jFFCDkO9HB+QHBaP9BrQql0PSgvAm11cpUJjUhjxsYjV5KTXjXBjfkK9yyd -Yhz2rXzdpjEetrHHfoUm+qRqtdpjMNHvkzeyZi99Bffnt0uYlDXA2TopwZ2yUDMd -SqlapskD7+3056huirRXhOukP9DuqqqHW2Pok+JrqNS4cnhrG+055F3Lm6qH1U9O -AP7Zap88MQ8oAgF9mOinsKJknnn4SPIVqczmyETrP3iZ8ntxPjzxmKfFGBI/5rso -M0LpRQp8bfKGeS/Fghl9CYl8slR2iK7ewfPM4W7bMdaTrpmg7yVqc5iJWzouE4ge -v8CSlDQb4ye3ix5vQv/n6TebUB0tovkC7stYWDpxvGjjqsGvHCgfotwjZT+B6q6Z -09gwzxMNTxXJhLynSC34MCN32EZLeW32jO06f2ARePTpm67VVMB0gNELQp/B ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEADCCAuigAwIBAgIBADANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEh -MB8GA1UEChMYVGhlIEdvIERhZGR5IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBE -YWRkeSBDbGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA0MDYyOTE3 -MDYyMFoXDTM0MDYyOTE3MDYyMFowYzELMAkGA1UEBhMCVVMxITAfBgNVBAoTGFRo -ZSBHbyBEYWRkeSBHcm91cCwgSW5jLjExMC8GA1UECxMoR28gRGFkZHkgQ2xhc3Mg -MiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASAwDQYJKoZIhvcNAQEBBQADggEN -ADCCAQgCggEBAN6d1+pXGEmhW+vXX0iG6r7d/+TvZxz0ZWizV3GgXne77ZtJ6XCA -PVYYYwhv2vLM0D9/AlQiVBDYsoHUwHU9S3/Hd8M+eKsaA7Ugay9qK7HFiH7Eux6w -wdhFJ2+qN1j3hybX2C32qRe3H3I2TqYXP2WYktsqbl2i/ojgC95/5Y0V4evLOtXi -EqITLdiOr18SPaAIBQi2XKVlOARFmR6jYGB0xUGlcmIbYsUfb18aQr4CUWWoriMY -avx4A6lNf4DD+qta/KFApMoZFv6yyO9ecw3ud72a9nmYvLEHZ6IVDd2gWMZEewo+ -YihfukEHU1jPEX44dMX4/7VpkI+EdOqXG68CAQOjgcAwgb0wHQYDVR0OBBYEFNLE -sNKR1EwRcbNhyz2h/t2oatTjMIGNBgNVHSMEgYUwgYKAFNLEsNKR1EwRcbNhyz2h -/t2oatTjoWekZTBjMQswCQYDVQQGEwJVUzEhMB8GA1UEChMYVGhlIEdvIERhZGR5 -IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBEYWRkeSBDbGFzcyAyIENlcnRpZmlj -YXRpb24gQXV0aG9yaXR5ggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQAD -ggEBADJL87LKPpH8EsahB4yOd6AzBhRckB4Y9wimPQoZ+YeAEW5p5JYXMP80kWNy -OO7MHAGjHZQopDH2esRU1/blMVgDoszOYtuURXO1v0XJJLXVggKtI3lpjbi2Tc7P -TMozI+gciKqdi0FuFskg5YmezTvacPd+mSYgFFQlq25zheabIZ0KbIIOqPjCDPoQ -HmyW74cNxA9hi63ugyuV+I6ShHI56yDqg+2DzZduCLzrTia2cyvk0/ZM/iZx4mER -dEr/VxqHD3VILs9RaRegAhJhldXRQLIQTO7ErBBDpqWeCtWVYpoNz4iCxTIM5Cuf -ReYNnyicsbkqWletNw+vHX/bvZ8= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDxTCCAq2gAwIBAgIBADANBgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhMCVVMx -EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoT -EUdvRGFkZHkuY29tLCBJbmMuMTEwLwYDVQQDEyhHbyBEYWRkeSBSb290IENlcnRp -ZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5MDkwMTAwMDAwMFoXDTM3MTIzMTIz -NTk1OVowgYMxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQH -EwpTY290dHNkYWxlMRowGAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjExMC8GA1UE -AxMoR28gRGFkZHkgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjCCASIw -DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL9xYgjx+lk09xvJGKP3gElY6SKD -E6bFIEMBO4Tx5oVJnyfq9oQbTqC023CYxzIBsQU+B07u9PpPL1kwIuerGVZr4oAH -/PMWdYA5UXvl+TW2dE6pjYIT5LY/qQOD+qK+ihVqf94Lw7YZFAXK6sOoBJQ7Rnwy -DfMAZiLIjWltNowRGLfTshxgtDj6AozO091GB94KPutdfMh8+7ArU6SSYmlRJQVh -GkSBjCypQ5Yj36w6gZoOKcUcqeldHraenjAKOc7xiID7S13MMuyFYkMlNAJWJwGR -tDtwKj9useiciAF9n9T521NtYJ2/LOdYq7hfRvzOxBsDPAnrSTFcaUaz4EcCAwEA -AaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYE -FDqahQcQZyi27/a9BUFuIMGU2g/eMA0GCSqGSIb3DQEBCwUAA4IBAQCZ21151fmX -WWcDYfF+OwYxdS2hII5PZYe096acvNjpL9DbWu7PdIxztDhC2gV7+AJ1uP2lsdeu -9tfeE8tTEH6KRtGX+rcuKxGrkLAngPnon1rpN5+r5N9ss4UXnT3ZJE95kTXWXwTr -gIOrmgIttRD02JDHBHNA7XIloKmf7J6raBKZV8aPEjoJpL1E/QYVN8Gb5DKj7Tjo -2GTzLH4U/ALqn83/B2gX2yKQOC16jdFU8WnjXzPKej17CuPKf1855eJ1usV2GDPO -LPAvTK33sefOT6jEm0pUBsV/fdUID+Ic/n4XuKxe9tQWskMJDE32p2u0mYRlynqI -4uJEvlz36hz1 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICwzCCAkqgAwIBAgIBADAKBggqhkjOPQQDAjCBqjELMAkGA1UEBhMCR1IxDzAN -BgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl -c2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRob3JpdHkxRDBCBgNVBAMTO0hl -bGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgRUNDIFJv -b3RDQSAyMDE1MB4XDTE1MDcwNzEwMzcxMloXDTQwMDYzMDEwMzcxMlowgaoxCzAJ -BgNVBAYTAkdSMQ8wDQYDVQQHEwZBdGhlbnMxRDBCBgNVBAoTO0hlbGxlbmljIEFj -YWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgQ2VydC4gQXV0aG9yaXR5 -MUQwQgYDVQQDEztIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0 -dXRpb25zIEVDQyBSb290Q0EgMjAxNTB2MBAGByqGSM49AgEGBSuBBAAiA2IABJKg -QehLgoRc4vgxEZmGZE4JJS+dQS8KrjVPdJWyUWRrjWvmP3CV8AVER6ZyOFB2lQJa -jq4onvktTpnvLEhvTCUp6NFxW98dwXU3tNf6e3pCnGoKVlp8aQuqgAkkbH7BRqNC -MEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFLQi -C4KZJAEOnLvkDv2/+5cgk5kqMAoGCCqGSM49BAMCA2cAMGQCMGfOFmI4oqxiRaep -lSTAGiecMjvAwNW6qef4BENThe5SId6d9SWDPp5YSy/XZxMOIQIwBeF1Ad5o7Sof -TUwJCA3sS61kFyjndc5FZXIhF8siQQ6ME5g4mlRtm8rifOoCWCKR ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEMTCCAxmgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBlTELMAkGA1UEBhMCR1Ix -RDBCBgNVBAoTO0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1 -dGlvbnMgQ2VydC4gQXV0aG9yaXR5MUAwPgYDVQQDEzdIZWxsZW5pYyBBY2FkZW1p -YyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIFJvb3RDQSAyMDExMB4XDTExMTIw -NjEzNDk1MloXDTMxMTIwMTEzNDk1MlowgZUxCzAJBgNVBAYTAkdSMUQwQgYDVQQK -EztIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIENl -cnQuIEF1dGhvcml0eTFAMD4GA1UEAxM3SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl -c2VhcmNoIEluc3RpdHV0aW9ucyBSb290Q0EgMjAxMTCCASIwDQYJKoZIhvcNAQEB -BQADggEPADCCAQoCggEBAKlTAOMupvaO+mDYLZU++CwqVE7NuYRhlFhPjz2L5EPz -dYmNUeTDN9KKiE15HrcS3UN4SoqS5tdI1Q+kOilENbgH9mgdVc04UfCMJDGFr4PJ -fel3r+0ae50X+bOdOFAPplp5kYCvN66m0zH7tSYJnTxa71HFK9+WXesyHgLacEns -bgzImjeN9/E2YEsmLIKe0HjzDQ9jpFEw4fkrJxIH2Oq9GGKYsFk3fb7u8yBRQlqD -75O6aRXxYp2fmTmCobd0LovUxQt7L/DICto9eQqakxylKHJzkUOap9FNhYS5qXSP -FEDH3N6sQWRstBmbAmNtJGSPRLIl6s5ddAxjMlyNh+UCAwEAAaOBiTCBhjAPBgNV -HRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQUppFC/RNhSiOeCKQp -5dgTBCPuQSUwRwYDVR0eBEAwPqA8MAWCAy5ncjAFggMuZXUwBoIELmVkdTAGggQu -b3JnMAWBAy5ncjAFgQMuZXUwBoEELmVkdTAGgQQub3JnMA0GCSqGSIb3DQEBBQUA -A4IBAQAf73lB4XtuP7KMhjdCSk4cNx6NZrokgclPEg8hwAOXhiVtXdMiKahsog2p -6z0GW5k6x8zDmjR/qw7IThzh+uTczQ2+vyT+bOdrwg3IBp5OjWEopmr95fZi6hg8 -TqBTnbI6nOulnJEWtk2C4AwFSKls9cz4y51JtPACpf1wA+2KIaWuE4ZJwzNzvoc7 -dIsXRSZMFpGD/md9zU1jZ/rzAxKWeAaNsWftjj++n08C9bMJL/NMh98qy5V8Acys -Nnq/onN694/BtZqhFLKPM58N7yLcZnuEvUUXBj08yrl3NI/K6s8/MT7jiOOASSXI -l7WdmplNsDz4SgCbZN2fOUvRJ9e4 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIGCzCCA/OgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBpjELMAkGA1UEBhMCR1Ix -DzANBgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNhZGVtaWMgYW5k -IFJlc2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRob3JpdHkxQDA+BgNVBAMT -N0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgUm9v -dENBIDIwMTUwHhcNMTUwNzA3MTAxMTIxWhcNNDAwNjMwMTAxMTIxWjCBpjELMAkG -A1UEBhMCR1IxDzANBgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNh -ZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRob3JpdHkx -QDA+BgNVBAMTN0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1 -dGlvbnMgUm9vdENBIDIwMTUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC -AQDC+Kk/G4n8PDwEXT2QNrCROnk8ZlrvbTkBSRq0t89/TSNTt5AA4xMqKKYx8ZEA -4yjsriFBzh/a/X0SWwGDD7mwX5nh8hKDgE0GPt+sr+ehiGsxr/CL0BgzuNtFajT0 -AoAkKAoCFZVedioNmToUW/bLy1O8E00BiDeUJRtCvCLYjqOWXjrZMts+6PAQZe10 -4S+nfK8nNLspfZu2zwnI5dMK/IhlZXQK3HMcXM1AsRzUtoSMTFDPaI6oWa7CJ06C -ojXdFPQf/7J31Ycvqm59JCfnxssm5uX+Zwdj2EUN3TpZZTlYepKZcj2chF6IIbjV -9Cz82XBST3i4vTwri5WY9bPRaM8gFH5MXF/ni+X1NYEZN9cRCLdmvtNKzoNXADrD -gfgXy5I2XdGj2HUb4Ysn6npIQf1FGQatJ5lOwXBH3bWfgVMS5bGMSF0xQxfjjMZ6 -Y5ZLKTBOhE5iGV48zpeQpX8B653g+IuJ3SWYPZK2fu/Z8VFRfS0myGlZYeCsargq -NhEEelC9MoS+L9xy1dcdFkfkR2YgP/SWxa+OAXqlD3pk9Q0Yh9muiNX6hME6wGko -LfINaFGq46V3xqSQDqE3izEjR8EJCOtu93ib14L8hCCZSRm2Ekax+0VVFqmjZayc -Bw/qa9wfLgZy7IaIEuQt218FL+TwA9MmM+eAws1CoRc0CwIDAQABo0IwQDAPBgNV -HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUcRVnyMjJvXVd -ctA4GGqd83EkVAswDQYJKoZIhvcNAQELBQADggIBAHW7bVRLqhBYRjTyYtcWNl0I -XtVsyIe9tC5G8jH4fOpCtZMWVdyhDBKg2mF+D1hYc2Ryx+hFjtyp8iY/xnmMsVMI -M4GwVhO+5lFc2JsKT0ucVlMC6U/2DWDqTUJV6HwbISHTGzrMd/K4kPFox/la/vot -9L/J9UUbzjgQKjeKeaO04wlshYaT/4mWJ3iBj2fjRnRUjtkNaeJK9E10A/+yd+2V -Z5fkscWrv2oj6NSU4kQoYsRL4vDY4ilrGnB+JGGTe08DMiUNRSQrlrRGar9KC/ea -j8GsGsVn82800vpzY4zvFrCopEYq+OsS7HK07/grfoxSwIuEVPkvPuNVqNxmsdnh -X9izjFk0WaSrT2y7HxjbdavYy5LNlDhhDgcGH0tGEPEVvo2FXDtKK4F5D7Rpn0lQ -l033DlZdwJVqwjbDG2jJ9SrcR5q+ss7FJej6A7na+RZukYT1HCjI/CbM1xyQVqdf -bzoEvM14iQuODy+jqk+iGxI9FghAD/FGTNeqewjBCvVtJ94Cj8rDtSvK6evIIVM4 -pcw72Hc3MKJP2W/R8kCtQXoXxdZKNYm3QdV8hn9VTYNKpXMgwDqvkPGaJI7ZjnHK -e7iG2rKPmT4dEw0SEe7Uq/DpFXYC5ODfqiAeW2GFZECpkJcNrVPSWh2HagCXZWK0 -vm9qp/UsQu0yrbYhnr68 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDMDCCAhigAwIBAgICA+gwDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UEBhMCSEsx -FjAUBgNVBAoTDUhvbmdrb25nIFBvc3QxIDAeBgNVBAMTF0hvbmdrb25nIFBvc3Qg -Um9vdCBDQSAxMB4XDTAzMDUxNTA1MTMxNFoXDTIzMDUxNTA0NTIyOVowRzELMAkG -A1UEBhMCSEsxFjAUBgNVBAoTDUhvbmdrb25nIFBvc3QxIDAeBgNVBAMTF0hvbmdr -b25nIFBvc3QgUm9vdCBDQSAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC -AQEArP84tulmAknjorThkPlAj3n54r15/gK97iSSHSL22oVyaf7XPwnU3ZG1ApzQ -jVrhVcNQhrkpJsLj2aDxaQMoIIBFIi1WpztUlVYiWR8o3x8gPW2iNr4joLFutbEn -PzlTCeqrauh0ssJlXI6/fMN4hM2eFvz1Lk8gKgifd/PFHsSaUmYeSF7jEAaPIpjh -ZY4bXSNmO7ilMlHIhqqhqZ5/dpTCpmy3QfDVyAY45tQM4vM7TG1QjMSDJ8EThFk9 -nnV0ttgCXjqQesBCNnLsak3c78QA3xMYV18meMjWCnl3v/evt3a5pQuEF10Q6m/h -q5URX208o1xNg1vysxmKgIsLhwIDAQABoyYwJDASBgNVHRMBAf8ECDAGAQH/AgED -MA4GA1UdDwEB/wQEAwIBxjANBgkqhkiG9w0BAQUFAAOCAQEADkbVPK7ih9legYsC -mEEIjEy82tvuJxuC52pF7BaLT4Wg87JwvVqWuspube5Gi27nKi6Wsxkz67SfqLI3 -7piol7Yutmcn1KZJ/RyTZXaeQi/cImyaT/JaFTmxcdcrUehtHJjA2Sr0oYJ71clB -oiMBdDhViw+5LmeiIAQ32pwL0xch4I+XeTRvhEgCIDMb5jREn5Fw9IBehEPCKdJs -EhTkYY2sEJCehFC78JZvRZ+K88psT/oROhUVRsPNH4NbLUES7VBnQRM9IauUiqpO -fMGx+6fWtScvl6tu4B3i0RwsH0Ti/L6RoZz71ilTc4afU9hDDl3WY4JxHYB0yvbi -AmvZWg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw -TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh -cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4 -WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu -ZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY -MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc -h77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+ -0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U -A5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW -T8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH -B5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC -B5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv -KBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn -OlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn -jh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw -qHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI -rU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV -HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq -hkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL -ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ -3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK -NFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5 -ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur -TkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC -jNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc -oyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq -4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA -mRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d -emyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFYDCCA0igAwIBAgIQCgFCgAAAAUUjyES1AAAAAjANBgkqhkiG9w0BAQsFADBK -MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MScwJQYDVQQDEx5JZGVu -VHJ1c3QgQ29tbWVyY2lhbCBSb290IENBIDEwHhcNMTQwMTE2MTgxMjIzWhcNMzQw -MTE2MTgxMjIzWjBKMQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MScw -JQYDVQQDEx5JZGVuVHJ1c3QgQ29tbWVyY2lhbCBSb290IENBIDEwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQCnUBneP5k91DNG8W9RYYKyqU+PZ4ldhNlT -3Qwo2dfw/66VQ3KZ+bVdfIrBQuExUHTRgQ18zZshq0PirK1ehm7zCYofWjK9ouuU -+ehcCuz/mNKvcbO0U59Oh++SvL3sTzIwiEsXXlfEU8L2ApeN2WIrvyQfYo3fw7gp -S0l4PJNgiCL8mdo2yMKi1CxUAGc1bnO/AljwpN3lsKImesrgNqUZFvX9t++uP0D1 -bVoE/c40yiTcdCMbXTMTEl3EASX2MN0CXZ/g1Ue9tOsbobtJSdifWwLziuQkkORi -T0/Br4sOdBeo0XKIanoBScy0RnnGF7HamB4HWfp1IYVl3ZBWzvurpWCdxJ35UrCL -vYf5jysjCiN2O/cz4ckA82n5S6LgTrx+kzmEB/dEcH7+B1rlsazRGMzyNeVJSQjK -Vsk9+w8YfYs7wRPCTY/JTw436R+hDmrfYi7LNQZReSzIJTj0+kuniVyc0uMNOYZK -dHzVWYfCP04MXFL0PfdSgvHqo6z9STQaKPNBiDoT7uje/5kdX7rL6B7yuVBgwDHT -c+XvvqDtMwt0viAgxGds8AgDelWAf0ZOlqf0Hj7h9tgJ4TNkK2PXMl6f+cB7D3hv -l7yTmvmcEpB4eoCHFddydJxVdHixuuFucAS6T6C6aMN7/zHwcz09lCqxC0EOoP5N -iGVreTO01wIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB -/zAdBgNVHQ4EFgQU7UQZwNPwBovupHu+QucmVMiONnYwDQYJKoZIhvcNAQELBQAD -ggIBAA2ukDL2pkt8RHYZYR4nKM1eVO8lvOMIkPkp165oCOGUAFjvLi5+U1KMtlwH -6oi6mYtQlNeCgN9hCQCTrQ0U5s7B8jeUeLBfnLOic7iPBZM4zY0+sLj7wM+x8uwt -LRvM7Kqas6pgghstO8OEPVeKlh6cdbjTMM1gCIOQ045U8U1mwF10A0Cj7oV+wh93 -nAbowacYXVKV7cndJZ5t+qntozo00Fl72u1Q8zW/7esUTTHHYPTa8Yec4kjixsU3 -+wYQ+nVZZjFHKdp2mhzpgq7vmrlR94gjmmmVYjzlVYA211QC//G5Xc7UI2/YRYRK -W2XviQzdFKcgyxilJbQN+QHwotL0AMh0jqEqSI5l2xPE4iUXfeu+h1sXIFRRk0pT -AwvsXcoz7WL9RccvW9xYoIA55vrX/hMUpu09lEpCdNTDd1lzzY9GvlU47/rokTLq -l1gEIt44w8y8bckzOmoKaT+gyOpyj4xjhiO9bTyWnpXgSUyqorkqG5w2gXjtw+hG -4iZZRHUe2XWJUc0QhJ1hYMtd+ZciTY6Y5uN/9lu7rs3KSoFrXgvzUeF0K+l+J6fZ -mUlO+KWA2yUPHGNiiskzZ2s8EIPGrd6ozRaOjfAHN3Gf8qv8QfXBi+wAN10J5U6A -7/qxXDgGpRtK4dw4LTzcqx+QGtVKnO7RcGzM7vRX+Bi6hG6H ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFZjCCA06gAwIBAgIQCgFCgAAAAUUjz0Z8AAAAAjANBgkqhkiG9w0BAQsFADBN -MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MSowKAYDVQQDEyFJZGVu -VHJ1c3QgUHVibGljIFNlY3RvciBSb290IENBIDEwHhcNMTQwMTE2MTc1MzMyWhcN -MzQwMTE2MTc1MzMyWjBNMQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0 -MSowKAYDVQQDEyFJZGVuVHJ1c3QgUHVibGljIFNlY3RvciBSb290IENBIDEwggIi -MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC2IpT8pEiv6EdrCvsnduTyP4o7 -ekosMSqMjbCpwzFrqHd2hCa2rIFCDQjrVVi7evi8ZX3yoG2LqEfpYnYeEe4IFNGy -RBb06tD6Hi9e28tzQa68ALBKK0CyrOE7S8ItneShm+waOh7wCLPQ5CQ1B5+ctMlS -bdsHyo+1W/CD80/HLaXIrcuVIKQxKFdYWuSNG5qrng0M8gozOSI5Cpcu81N3uURF -/YTLNiCBWS2ab21ISGHKTN9T0a9SvESfqy9rg3LvdYDaBjMbXcjaY8ZNzaxmMc3R -3j6HEDbhuaR672BQssvKplbgN6+rNBM5Jeg5ZuSYeqoSmJxZZoY+rfGwyj4GD3vw -EUs3oERte8uojHH01bWRNszwFcYr3lEXsZdMUD2xlVl8BX0tIdUAvwFnol57plzy -9yLxkA2T26pEUWbMfXYD62qoKjgZl3YNa4ph+bz27nb9cCvdKTz4Ch5bQhyLVi9V -GxyhLrXHFub4qjySjmm2AcG1hp2JDws4lFTo6tyePSW8Uybt1as5qsVATFSrsrTZ -2fjXctscvG29ZV/viDUqZi/u9rNl8DONfJhBaUYPQxxp+pu10GFqzcpL2UyQRqsV -WaFHVCkugyhfHMKiq3IXAAaOReyL4jM9f9oZRORicsPfIsbyVtTdX5Vy7W1f90gD -W/3FKqD2cyOEEBsB5wIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/ -BAUwAwEB/zAdBgNVHQ4EFgQU43HgntinQtnbcZFrlJPrw6PRFKMwDQYJKoZIhvcN -AQELBQADggIBAEf63QqwEZE4rU1d9+UOl1QZgkiHVIyqZJnYWv6IAcVYpZmxI1Qj -t2odIFflAWJBF9MJ23XLblSQdf4an4EKwt3X9wnQW3IV5B4Jaj0z8yGa5hV+rVHV -DRDtfULAj+7AmgjVQdZcDiFpboBhDhXAuM/FSRJSzL46zNQuOAXeNf0fb7iAaJg9 -TaDKQGXSc3z1i9kKlT/YPyNtGtEqJBnZhbMX73huqVjRI9PHE+1yJX9dsXNw0H8G -lwmEKYBhHfpe/3OsoOOJuBxxFcbeMX8S3OFtm6/n6J91eEyrRjuazr8FGF1NFTwW -mhlQBJqymm9li1JfPFgEKCXAZmExfrngdbkaqIHWchezxQMxNRF4eKLg6TCMf4Df -WN88uieW4oA0beOY02QnrEh+KHdcxiVhJfiFDGX6xDIvpZgF5PgLZxYWxoK4Mhn5 -+bl53B/N66+rDt0b20XkeucC4pVd/GnwU2lhlXV5C15V5jgclKlZM57IcXR5f1GJ -tshquDDIajjDbp7hNxbqBWJMWxJH7ae0s1hWx0nzfxJoCTFx8G34Tkf71oXuxVhA -GaQdp/lLQzfcaFpPz+vCZHTetBXZ9FRUGi8c15dxVJCO2SCdUyt/q4/i6jC8UDfv -8Ue1fXwsBOxonbRJRBD0ckscZOf85muQ3Wl9af0AVqW3rLatt8o+Ae+c ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF8TCCA9mgAwIBAgIQALC3WhZIX7/hy/WL1xnmfTANBgkqhkiG9w0BAQsFADA4 -MQswCQYDVQQGEwJFUzEUMBIGA1UECgwLSVpFTlBFIFMuQS4xEzARBgNVBAMMCkl6 -ZW5wZS5jb20wHhcNMDcxMjEzMTMwODI4WhcNMzcxMjEzMDgyNzI1WjA4MQswCQYD -VQQGEwJFUzEUMBIGA1UECgwLSVpFTlBFIFMuQS4xEzARBgNVBAMMCkl6ZW5wZS5j -b20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDJ03rKDx6sp4boFmVq -scIbRTJxldn+EFvMr+eleQGPicPK8lVx93e+d5TzcqQsRNiekpsUOqHnJJAKClaO -xdgmlOHZSOEtPtoKct2jmRXagaKH9HtuJneJWK3W6wyyQXpzbm3benhB6QiIEn6H -LmYRY2xU+zydcsC8Lv/Ct90NduM61/e0aL6i9eOBbsFGb12N4E3GVFWJGjMxCrFX -uaOKmMPsOzTFlUFpfnXCPCDFYbpRR6AgkJOhkEvzTnyFRVSa0QUmQbC1TR0zvsQD -yCV8wXDbO/QJLVQnSKwv4cSsPsjLkkxTOTcj7NMB+eAJRE1NZMDhDVqHIrytG6P+ -JrUV86f8hBnp7KGItERphIPzidF0BqnMC9bC3ieFUCbKF7jJeodWLBoBHmy+E60Q -rLUk9TiRodZL2vG70t5HtfG8gfZZa88ZU+mNFctKy6lvROUbQc/hhqfK0GqfvEyN -BjNaooXlkDWgYlwWTvDjovoDGrQscbNYLN57C9saD+veIR8GdwYDsMnvmfzAuU8L -hij+0rnq49qlw0dpEuDb8PYZi+17cNcC1u2HGCgsBCRMd+RIihrGO5rUD8r6ddIB -QFqNeb+Lz0vPqhbBleStTIo+F5HUsWLlguWABKQDfo2/2n+iD5dPDNMN+9fR5XJ+ -HMh3/1uaD7euBUbl8agW7EekFwIDAQABo4H2MIHzMIGwBgNVHREEgagwgaWBD2lu -Zm9AaXplbnBlLmNvbaSBkTCBjjFHMEUGA1UECgw+SVpFTlBFIFMuQS4gLSBDSUYg -QTAxMzM3MjYwLVJNZXJjLlZpdG9yaWEtR2FzdGVpeiBUMTA1NSBGNjIgUzgxQzBB -BgNVBAkMOkF2ZGEgZGVsIE1lZGl0ZXJyYW5lbyBFdG9yYmlkZWEgMTQgLSAwMTAx -MCBWaXRvcmlhLUdhc3RlaXowDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC -AQYwHQYDVR0OBBYEFB0cZQ6o8iV7tJHP5LGx5r1VdGwFMA0GCSqGSIb3DQEBCwUA -A4ICAQB4pgwWSp9MiDrAyw6lFn2fuUhfGI8NYjb2zRlrrKvV9pF9rnHzP7MOeIWb -laQnIUdCSnxIOvVFfLMMjlF4rJUT3sb9fbgakEyrkgPH7UIBzg/YsfqikuFgba56 -awmqxinuaElnMIAkejEWOVt+8Rwu3WwJrfIxwYJOubv5vr8qhT/AQKM6WfxZSzwo -JNu0FXWuDYi6LnPAvViH5ULy617uHjAimcs30cQhbIHsvm0m5hzkQiCeR7Csg1lw -LDXWrzY0tM07+DKo7+N4ifuNRSzanLh+QBxh5z6ikixL8s36mLYp//Pye6kfLqCT -VyvehQP5aTfLnnhqBbTFMXiJ7HqnheG5ezzevh55hM6fcA5ZwjUukCox2eRFekGk -LhObNA5me0mrZJfQRsN5nXJQY6aYWwa9SG3YOYNw6DXwBdGqvOPbyALqfP2C2sJb -UjWumDqtujWTI6cfSN01RpiyEGjkpTHCClguGYEQyVB1/OpaFs4R1+7vUIgtYf8/ -QnMFlEPVjjxOAToZpR9GTnfQXeWBIiGH/pR9hNiTrdZoQ0iy2+tzJOeRf1SktoA+ -naM8THLCV8Sg1Mw4J87VBp6iSNnpn86CcDaTmjvfliHjWbcM2pE38P1ZWrOZyGls -QyYBNWNgVYkDOnXYukrZVP/u3oDYLdE41V4tC5h9Pmzb/CaIxw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFwzCCA6ugAwIBAgIUCn6m30tEntpqJIWe5rgV0xZ/u7EwDQYJKoZIhvcNAQEL -BQAwRjELMAkGA1UEBhMCTFUxFjAUBgNVBAoMDUx1eFRydXN0IFMuQS4xHzAdBgNV -BAMMFkx1eFRydXN0IEdsb2JhbCBSb290IDIwHhcNMTUwMzA1MTMyMTU3WhcNMzUw -MzA1MTMyMTU3WjBGMQswCQYDVQQGEwJMVTEWMBQGA1UECgwNTHV4VHJ1c3QgUy5B -LjEfMB0GA1UEAwwWTHV4VHJ1c3QgR2xvYmFsIFJvb3QgMjCCAiIwDQYJKoZIhvcN -AQEBBQADggIPADCCAgoCggIBANeFl78RmOnwYoNMPIf5U2o3C/IPPIfOb9wmKb3F -ibrJgz337spbxm1Jc7TJRqMbNBM/wYlFV/TZsfs2ZUv7COJIcRHIbjuend+JZTem -hfY7RBi2xjcwYkSSl2l9QjAk5A0MiWtj3sXh306pFGxT4GHO9hcvHTy95iJMHZP1 -EMShduxq3sVs35a0VkBCwGKSMKEtFZSg0iAGCW5qbeXrt77U8PEVfIvmTroTzEsn -Xpk8F12PgX8zPU/TPxvsXD/wPEx1bvKm1Z3aLQdjAsZy6ZS8TEmVT4hSyNvoaYL4 -zDRbIvCGp4m9SAptZoFtyMhk+wHh9OHe2Z7d21vUKpkmFRseTJIpgp7VkoGSQXAZ -96Tlk0u8d2cx3Rz9MXANF5kM+Qw5GSoXtTBxVdUPrljhPS80m8+f9niFwpN6cj5m -j5wWEWCPnolvZ77gR1o7DJpni89Gxq44o/KnvObWhWszJHAiS8sIm7vI+AIpHb4g -DEa/a4ebsypmQjVGbKq6rfmYe+lQVRQxv7HaLe2ArWgk+2mr2HETMOZns4dA/Yl+ -8kPREd8vZS9kzl8UubG/Mb2HeFpZZYiq/FkySIbWTLkpS5XTdvN3JW1CHDiDTf2j -X5t/Lax5Gw5CMZdjpPuKadUiDTSQMC6otOBttpSsvItO13D8xTiOZCXhTTmQzsmH -hFhxAgMBAAGjgagwgaUwDwYDVR0TAQH/BAUwAwEB/zBCBgNVHSAEOzA5MDcGByuB -KwEBAQowLDAqBggrBgEFBQcCARYeaHR0cHM6Ly9yZXBvc2l0b3J5Lmx1eHRydXN0 -Lmx1MA4GA1UdDwEB/wQEAwIBBjAfBgNVHSMEGDAWgBT/GCh2+UgFLKGu8SsbK7JT -+Et8szAdBgNVHQ4EFgQU/xgodvlIBSyhrvErGyuyU/hLfLMwDQYJKoZIhvcNAQEL -BQADggIBAGoZFO1uecEsh9QNcH7X9njJCwROxLHOk3D+sFTAMs2ZMGQXvw/l4jP9 -BzZAcg4atmpZ1gDlaCDdLnINH2pkMSCEfUmmWjfrRcmF9dTHF5kH5ptV5AzoqbTO -jFu1EVzPig4N1qx3gf4ynCSecs5U89BvolbW7MM3LGVYvlcAGvI1+ut7MV3CwRI9 -loGIlonBWVx65n9wNOeD4rHh4bhY79SV5GCc8JaXcozrhAIuZY+kt9J/Z93I055c -qqmkoCUUBpvsT34tC38ddfEz2O3OuHVtPlu5mB0xDVbYQw8wkbIEa91WvpWAVWe+ -2M2D2RjuLg+GLZKecBPs3lHJQ3gCpU3I+V/EkVhGFndadKpAvAefMLmx9xIX3eP/ -JEAdemrRTxgKqpAd60Ae36EeRJIQmvKN4dFLRp7oRUKX6kWZ8+xm1QL68qZKJKre -zrnK+T+Tb/mjuuqlPpmt/f97mfVl7vBZKGfXkJWkE4SphMHozs51k2MavDzq1WQf -LSoSOcbDWjLtR5EWDrw4wVDej8oqkDQc7kGUnF4ZLvhFSZl0kbAEb+MEWrGrKqv+ -x9CWttrhSmQGbmBNvUJO/3jaJMobtNeWOWyu8Q6qp31IiyBMz2TWuJdGsE7RKlY6 -oJO9r4Ak4Ap+58rVyuiFVdw2KuGUaJPHZnJED4AhMmwlxyOAgwrr ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIECjCCAvKgAwIBAgIJAMJ+QwRORz8ZMA0GCSqGSIb3DQEBCwUAMIGCMQswCQYD -VQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0 -ZC4xJzAlBgNVBAMMHk1pY3Jvc2VjIGUtU3ppZ25vIFJvb3QgQ0EgMjAwOTEfMB0G -CSqGSIb3DQEJARYQaW5mb0BlLXN6aWduby5odTAeFw0wOTA2MTYxMTMwMThaFw0y -OTEyMzAxMTMwMThaMIGCMQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3Qx -FjAUBgNVBAoMDU1pY3Jvc2VjIEx0ZC4xJzAlBgNVBAMMHk1pY3Jvc2VjIGUtU3pp -Z25vIFJvb3QgQ0EgMjAwOTEfMB0GCSqGSIb3DQEJARYQaW5mb0BlLXN6aWduby5o -dTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOn4j/NjrdqG2KfgQvvP -kd6mJviZpWNwrZuuyjNAfW2WbqEORO7hE52UQlKavXWFdCyoDh2Tthi3jCyoz/tc -cbna7P7ofo/kLx2yqHWH2Leh5TvPmUpG0IMZfcChEhyVbUr02MelTTMuhTlAdX4U -fIASmFDHQWe4oIBhVKZsTh/gnQ4H6cm6M+f+wFUoLAKApxn1ntxVUwOXewdI/5n7 -N4okxFnMUBBjjqqpGrCEGob5X7uxUG6k0QrM1XF+H6cbfPVTbiJfyyvm1HxdrtbC -xkzlBQHZ7Vf8wSN5/PrIJIOV87VqUQHQd9bpEqH5GoP7ghu5sJf0dgYzQ0mg/wu1 -+rUCAwEAAaOBgDB+MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0G -A1UdDgQWBBTLD8bfQkPMPcu1SCOhGnqmKrs0aDAfBgNVHSMEGDAWgBTLD8bfQkPM -Pcu1SCOhGnqmKrs0aDAbBgNVHREEFDASgRBpbmZvQGUtc3ppZ25vLmh1MA0GCSqG -SIb3DQEBCwUAA4IBAQDJ0Q5eLtXMs3w+y/w9/w0olZMEyL/azXm4Q5DwpL7v8u8h -mLzU1F0G9u5C7DBsoKqpyvGvivo/C3NqPuouQH4frlRheesuCDfXI/OMn74dseGk -ddug4lQUsbocKaQY9hK6ohQU4zE1yED/t+AFdlfBHFny+L/k7SViXITwfn4fs775 -tyERzAMBVnCnEJIeGzSBHq2cGsMEPO0CYdYeBvNfOofyK/FFh+U9rNHHV4S9a67c -2Pm2G2JwCz02yULyMtd6YebS2z3PyKnJm9zbWETXbzivf3jTo60adbocwTZ8jx5t -HMN1Rq41Bab2XD0h7lbwyYIiLXpUq3DDfSJlgnCW ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEFTCCAv2gAwIBAgIGSUEs5AAQMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQG -EwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3 -MDUGA1UECwwuVGFuw7pzw610dsOhbnlraWFkw7NrIChDZXJ0aWZpY2F0aW9uIFNl -cnZpY2VzKTE1MDMGA1UEAwwsTmV0TG9jayBBcmFueSAoQ2xhc3MgR29sZCkgRsWR -dGFuw7pzw610dsOhbnkwHhcNMDgxMjExMTUwODIxWhcNMjgxMjA2MTUwODIxWjCB -pzELMAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRUwEwYDVQQKDAxOZXRM -b2NrIEtmdC4xNzA1BgNVBAsMLlRhbsO6c8OtdHbDoW55a2lhZMOzayAoQ2VydGlm -aWNhdGlvbiBTZXJ2aWNlcykxNTAzBgNVBAMMLE5ldExvY2sgQXJhbnkgKENsYXNz -IEdvbGQpIEbFkXRhbsO6c8OtdHbDoW55MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A -MIIBCgKCAQEAxCRec75LbRTDofTjl5Bu0jBFHjzuZ9lk4BqKf8owyoPjIMHj9DrT -lF8afFttvzBPhCf2nx9JvMaZCpDyD/V/Q4Q3Y1GLeqVw/HpYzY6b7cNGbIRwXdrz -AZAj/E4wqX7hJ2Pn7WQ8oLjJM2P+FpD/sLj916jAwJRDC7bVWaaeVtAkH3B5r9s5 -VA1lddkVQZQBr17s9o3x/61k/iCa11zr/qYfCGSji3ZVrR47KGAuhyXoqq8fxmRG -ILdwfzzeSNuWU7c5d+Qa4scWhHaXWy+7GRWF+GmF9ZmnqfI0p6m2pgP8b4Y9VHx2 -BJtr+UBdADTHLpl1neWIA6pN+APSQnbAGwIDAKiLo0UwQzASBgNVHRMBAf8ECDAG -AQH/AgEEMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUzPpnk/C2uNClwB7zU/2M -U9+D15YwDQYJKoZIhvcNAQELBQADggEBAKt/7hwWqZw8UQCgwBEIBaeZ5m8BiFRh -bvG5GK1Krf6BQCOUL/t1fC8oS2IkgYIL9WHxHG64YTjrgfpioTtaYtOUZcTh5m2C -+C8lcLIhJsFyUR+MLMOEkMNaj7rP9KdlpeuY0fsFskZ1FSNqb4VjMIDw1Z4fKRzC -bLBQWV2QWzuoDTDPv31/zvGdg73JRm4gpvlhUbohL3u+pRVjodSVh/GeufOJ8z2F -uLjbvrW5KfnaNwUASZQDhETnv0Mxz3WLJdH0pmT1kvarBes96aULNmLazAZfNou2 -XjG4Kvte9nHfRCaexOYNkbQudZWAUWpLMKawYqGT8ZvYzsRjdT9ZR7E= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID5jCCAs6gAwIBAgIQV8szb8JcFuZHFhfjkDFo4DANBgkqhkiG9w0BAQUFADBi -MQswCQYDVQQGEwJVUzEhMB8GA1UEChMYTmV0d29yayBTb2x1dGlvbnMgTC5MLkMu -MTAwLgYDVQQDEydOZXR3b3JrIFNvbHV0aW9ucyBDZXJ0aWZpY2F0ZSBBdXRob3Jp -dHkwHhcNMDYxMjAxMDAwMDAwWhcNMjkxMjMxMjM1OTU5WjBiMQswCQYDVQQGEwJV -UzEhMB8GA1UEChMYTmV0d29yayBTb2x1dGlvbnMgTC5MLkMuMTAwLgYDVQQDEydO -ZXR3b3JrIFNvbHV0aW9ucyBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkvH6SMG3G2I4rC7xGzuAnlt7e+foS0zwz -c7MEL7xxjOWftiJgPl9dzgn/ggwbmlFQGiaJ3dVhXRncEg8tCqJDXRfQNJIg6nPP -OCwGJgl6cvf6UDL4wpPTaaIjzkGxzOTVHzbRijr4jGPiFFlp7Q3Tf2vouAPlT2rl -mGNpSAW+Lv8ztumXWWn4Zxmuk2GWRBXTcrA/vGp97Eh/jcOrqnErU2lBUzS1sLnF -BgrEsEX1QV1uiUV7PTsmjHTC5dLRfbIR1PtYMiKagMnc/Qzpf14Dl847ABSHJ3A4 -qY5usyd2mFHgBeMhqxrVhSI8KbWaFsWAqPS7azCPL0YCorEMIuDTAgMBAAGjgZcw -gZQwHQYDVR0OBBYEFCEwyfsA106Y2oeqKtCnLrFAMadMMA4GA1UdDwEB/wQEAwIB -BjAPBgNVHRMBAf8EBTADAQH/MFIGA1UdHwRLMEkwR6BFoEOGQWh0dHA6Ly9jcmwu -bmV0c29sc3NsLmNvbS9OZXR3b3JrU29sdXRpb25zQ2VydGlmaWNhdGVBdXRob3Jp -dHkuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQC7rkvnt1frf6ott3NHhWrB5KUd5Oc8 -6fRZZXe1eltajSU24HqXLjjAV2CDmAaDn7l2em5Q4LqILPxFzBiwmZVRDuwduIj/ -h1AcgsLj4DKAv6ALR8jDMe+ZZzKATxcheQxpXN5eNK4CtSbqUN9/GGUsyfJj4akH -/nxxH2szJGoeBfcFaMBqEssuXmHLrijTfsK0ZpEmXzwuJF/LWA/rKOyvEZbz3Htv -wKeI8lN3s2Berq4o2jUsbzRF0ybh3uxbTydrFny9RAQYgrOJeRcQcT16ohZO9QHN -pGxlaKFJdlxDydi8NmdspZS11My5vWo1ViHe2MPr+8ukYEywVaCge1ey ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID8TCCAtmgAwIBAgIQQT1yx/RrH4FDffHSKFTfmjANBgkqhkiG9w0BAQUFADCB -ijELMAkGA1UEBhMCQ0gxEDAOBgNVBAoTB1dJU2VLZXkxGzAZBgNVBAsTEkNvcHly -aWdodCAoYykgMjAwNTEiMCAGA1UECxMZT0lTVEUgRm91bmRhdGlvbiBFbmRvcnNl -ZDEoMCYGA1UEAxMfT0lTVEUgV0lTZUtleSBHbG9iYWwgUm9vdCBHQSBDQTAeFw0w -NTEyMTExNjAzNDRaFw0zNzEyMTExNjA5NTFaMIGKMQswCQYDVQQGEwJDSDEQMA4G -A1UEChMHV0lTZUtleTEbMBkGA1UECxMSQ29weXJpZ2h0IChjKSAyMDA1MSIwIAYD -VQQLExlPSVNURSBGb3VuZGF0aW9uIEVuZG9yc2VkMSgwJgYDVQQDEx9PSVNURSBX -SVNlS2V5IEdsb2JhbCBSb290IEdBIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A -MIIBCgKCAQEAy0+zAJs9Nt350UlqaxBJH+zYK7LG+DKBKUOVTJoZIyEVRd7jyBxR -VVuuk+g3/ytr6dTqvirdqFEr12bDYVxgAsj1znJ7O7jyTmUIms2kahnBAbtzptf2 -w93NvKSLtZlhuAGio9RN1AU9ka34tAhxZK9w8RxrfvbDd50kc3vkDIzh2TbhmYsF -mQvtRTEJysIA2/dyoJaqlYfQjse2YXMNdmaM3Bu0Y6Kff5MTMPGhJ9vZ/yxViJGg -4E8HsChWjBgbl0SOid3gF27nKu+POQoxhILYQBRJLnpB5Kf+42TMwVlxSywhp1t9 -4B3RLoGbw9ho972WG6xwsRYUC9tguSYBBQIDAQABo1EwTzALBgNVHQ8EBAMCAYYw -DwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUswN+rja8sHnR3JQmthG+IbJphpQw -EAYJKwYBBAGCNxUBBAMCAQAwDQYJKoZIhvcNAQEFBQADggEBAEuh/wuHbrP5wUOx -SPMowB0uyQlB+pQAHKSkq0lPjz0e701vvbyk9vImMMkQyh2I+3QZH4VFvbBsUfk2 -ftv1TDI6QU9bR8/oCy22xBmddMVHxjtqD6wU2zz0c5ypBd8A3HR4+vg1YFkCExh8 -vPtNsCBtQ7tgMHpnM1zFmdH4LTlSc/uMqpclXHLZCB6rTjzjgTGfA6b7wP4piFXa -hNVQA7bihKOmNqoROgHhGEvWRGizPflTdISzRpFGlgC3gCy24eMQ4tui5yiPAZZi -Fj4A4xylNoEYokxSdsARo27mHbrjWr42U8U+dY+GaSlYU7Wcu2+fXMUY7N0v4ZjJ -/L7fCg0= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDtTCCAp2gAwIBAgIQdrEgUnTwhYdGs/gjGvbCwDANBgkqhkiG9w0BAQsFADBt -MQswCQYDVQQGEwJDSDEQMA4GA1UEChMHV0lTZUtleTEiMCAGA1UECxMZT0lTVEUg -Rm91bmRhdGlvbiBFbmRvcnNlZDEoMCYGA1UEAxMfT0lTVEUgV0lTZUtleSBHbG9i -YWwgUm9vdCBHQiBDQTAeFw0xNDEyMDExNTAwMzJaFw0zOTEyMDExNTEwMzFaMG0x -CzAJBgNVBAYTAkNIMRAwDgYDVQQKEwdXSVNlS2V5MSIwIAYDVQQLExlPSVNURSBG -b3VuZGF0aW9uIEVuZG9yc2VkMSgwJgYDVQQDEx9PSVNURSBXSVNlS2V5IEdsb2Jh -bCBSb290IEdCIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Be3 -HEokKtaXscriHvt9OO+Y9bI5mE4nuBFde9IllIiCFSZqGzG7qFshISvYD06fWvGx -WuR51jIjK+FTzJlFXHtPrby/h0oLS5daqPZI7H17Dc0hBt+eFf1Biki3IPShehtX -1F1Q/7pn2COZH8g/497/b1t3sWtuuMlk9+HKQUYOKXHQuSP8yYFfTvdv37+ErXNk -u7dCjmn21HYdfp2nuFeKUWdy19SouJVUQHMD9ur06/4oQnc/nSMbsrY9gBQHTC5P -99UKFg29ZkM3fiNDecNAhvVMKdqOmq0NpQSHiB6F4+lT1ZvIiwNjeOvgGUpuuy9r -M2RYk61pv48b74JIxwIDAQABo1EwTzALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUw -AwEB/zAdBgNVHQ4EFgQUNQ/INmNe4qPs+TtmFc5RUuORmj0wEAYJKwYBBAGCNxUB -BAMCAQAwDQYJKoZIhvcNAQELBQADggEBAEBM+4eymYGQfp3FsLAmzYh7KzKNbrgh -cViXfa43FK8+5/ea4n32cZiZBKpDdHij40lhPnOMTZTg+XHEthYOU3gf1qKHLwI5 -gSk8rxWYITD+KJAAjNHhy/peyP34EEY7onhCkRd0VQreUGdNZtGn//3ZwLWoo4rO -ZvUPQ82nK1d7Y0Zqqi5S2PTt4W2tKZB4SLrhI6qjiey1q5bAtEuiHZeeevJuQHHf -aPFlTc58Bd9TZaml8LGXBHAVRgOY1NK/VLSgWH1Sb9pWJmLU2NuJMW8c8CLC02Ic -Nc1MaRVUGpCY3useX8p3x8uOPUNpnJpY0CQ73xtAln41rYHHTnG6iBM= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFbzCCA1egAwIBAgISESCzkFU5fX82bWTCp59rY45nMA0GCSqGSIb3DQEBCwUA -MEAxCzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9w -ZW5UcnVzdCBSb290IENBIEcxMB4XDTE0MDUyNjA4NDU1MFoXDTM4MDExNTAwMDAw -MFowQDELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCU9wZW5UcnVzdDEdMBsGA1UEAwwU -T3BlblRydXN0IFJvb3QgQ0EgRzEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK -AoICAQD4eUbalsUwXopxAy1wpLuwxQjczeY1wICkES3d5oeuXT2R0odsN7faYp6b -wiTXj/HbpqbfRm9RpnHLPhsxZ2L3EVs0J9V5ToybWL0iEA1cJwzdMOWo010hOHQX -/uMftk87ay3bfWAfjH1MBcLrARYVmBSO0ZB3Ij/swjm4eTrwSSTilZHcYTSSjFR0 -77F9jAHiOH3BX2pfJLKOYheteSCtqx234LSWSE9mQxAGFiQD4eCcjsZGT44ameGP -uY4zbGneWK2gDqdkVBFpRGZPTBKnjix9xNRbxQA0MMHZmf4yzgeEtE7NCv82TWLx -p2NX5Ntqp66/K7nJ5rInieV+mhxNaMbBGN4zK1FGSxyO9z0M+Yo0FMT7MzUj8czx -Kselu7Cizv5Ta01BG2Yospb6p64KTrk5M0ScdMGTHPjgniQlQ/GbI4Kq3ywgsNw2 -TgOzfALU5nsaqocTvz6hdLubDuHAk5/XpGbKuxs74zD0M1mKB3IDVedzagMxbm+W -G+Oin6+Sx+31QrclTDsTBM8clq8cIqPQqwWyTBIjUtz9GVsnnB47ev1CI9sjgBPw -vFEVVJSmdz7QdFG9URQIOTfLHzSpMJ1ShC5VkLG631UAC9hWLbFJSXKAqWLXwPYY -EQRVzXR7z2FwefR7LFxckvzluFqrTJOVoSfupb7PcSNCupt2LQIDAQABo2MwYTAO -BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUl0YhVyE1 -2jZVx/PxN3DlCPaTKbYwHwYDVR0jBBgwFoAUl0YhVyE12jZVx/PxN3DlCPaTKbYw -DQYJKoZIhvcNAQELBQADggIBAB3dAmB84DWn5ph76kTOZ0BP8pNuZtQ5iSas000E -PLuHIT839HEl2ku6q5aCgZG27dmxpGWX4m9kWaSW7mDKHyP7Rbr/jyTwyqkxf3kf -gLMtMrpkZ2CvuVnN35pJ06iCsfmYlIrM4LvgBBuZYLFGZdwIorJGnkSI6pN+VxbS -FXJfLkur1J1juONI5f6ELlgKn0Md/rcYkoZDSw6cMoYsYPXpSOqV7XAp8dUv/TW0 -V8/bhUiZucJvbI/NeJWsZCj9VrDDb8O+WVLhX4SPgPL0DTatdrOjteFkdjpY3H1P -XlZs5VVZV6Xf8YpmMIzUUmI4d7S+KNfKNsSbBfD4Fdvb8e80nR14SohWZ25g/4/I -i+GOvUKpMwpZQhISKvqxnUOOBZuZ2mKtVzazHbYNeS2WuOvyDEsMpZTGMKcmGS3t -TAZQMPH9WD25SxdfGbRqhFS0OE85og2WaMMolP3tLR9Ka0OWLpABEPs4poEL0L91 -09S5zvE/bw4cHjdx5RiHdRk/ULlepEU0rbDK5uUTdg8xFKmOLZTW1YVNcxVPS/Ky -Pu1svf0OnWZzsD2097+o4BGkxK51CUpjAEggpsadCwmKtODmzj7HPiY46SvepghJ -AwSQiumPv+i2tCqjI40cHLI5kqiPAlxAOXXUc0ECd97N4EOH1uS6SsNsEn/+KuYj -1oxx ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFbzCCA1egAwIBAgISESChaRu/vbm9UpaPI+hIvyYRMA0GCSqGSIb3DQEBDQUA -MEAxCzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9w -ZW5UcnVzdCBSb290IENBIEcyMB4XDTE0MDUyNjAwMDAwMFoXDTM4MDExNTAwMDAw -MFowQDELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCU9wZW5UcnVzdDEdMBsGA1UEAwwU -T3BlblRydXN0IFJvb3QgQ0EgRzIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK -AoICAQDMtlelM5QQgTJT32F+D3Y5z1zCU3UdSXqWON2ic2rxb95eolq5cSG+Ntmh -/LzubKh8NBpxGuga2F8ORAbtp+Dz0mEL4DKiltE48MLaARf85KxP6O6JHnSrT78e -CbY2albz4e6WiWYkBuTNQjpK3eCasMSCRbP+yatcfD7J6xcvDH1urqWPyKwlCm/6 -1UWY0jUJ9gNDlP7ZvyCVeYCYitmJNbtRG6Q3ffyZO6v/v6wNj0OxmXsWEH4db0fE -FY8ElggGQgT4hNYdvJGmQr5J1WqIP7wtUdGejeBSzFfdNTVY27SPJIjki9/ca1TS -gSuyzpJLHB9G+h3Ykst2Z7UJmQnlrBcUVXDGPKBWCgOz3GIZ38i1MH/1PCZ1Eb3X -G7OHngevZXHloM8apwkQHZOJZlvoPGIytbU6bumFAYueQ4xncyhZW+vj3CzMpSZy -YhK05pyDRPZRpOLAeiRXyg6lPzq1O4vldu5w5pLeFlwoW5cZJ5L+epJUzpM5ChaH -vGOz9bGTXOBut9Dq+WIyiET7vycotjCVXRIouZW+j1MY5aIYFuJWpLIsEPUdN6b4 -t/bQWVyJ98LVtZR00dX+G7bw5tYee9I8y6jj9RjzIR9u701oBnstXW5DiabA+aC/ -gh7PU3+06yzbXfZqfUAkBXKJOAGTy3HCOV0GEfZvePg3DTmEJwIDAQABo2MwYTAO -BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUajn6QiL3 -5okATV59M4PLuG53hq8wHwYDVR0jBBgwFoAUajn6QiL35okATV59M4PLuG53hq8w -DQYJKoZIhvcNAQENBQADggIBAJjLq0A85TMCl38th6aP1F5Kr7ge57tx+4BkJamz -Gj5oXScmp7oq4fBXgwpkTx4idBvpkF/wrM//T2h6OKQQbA2xx6R3gBi2oihEdqc0 -nXGEL8pZ0keImUEiyTCYYW49qKgFbdEfwFFEVn8nNQLdXpgKQuswv42hm1GqO+qT -RmTFAHneIWv2V6CG1wZy7HBGS4tz3aAhdT7cHcCP009zHIXZ/n9iyJVvttN7jLpT -wm+bREx50B1ws9efAvSyB7DH5fitIw6mVskpEndI2S9G/Tvw/HRwkqWOOAgfZDC2 -t0v7NqwQjqBSM2OdAzVWxWm9xiNaJ5T2pBL4LTM8oValX9YZ6e18CL13zSdkzJTa -TkZQh+D5wVOAHrut+0dSixv9ovneDiK3PTNZbNTe9ZUGMg1RGUFcPk8G97krgCf2 -o6p6fAbhQ8MTOWIaNr3gKC6UAuQpLmBVrkA9sHSSXvAgZJY/X0VdiLWK2gKgW0VU -3jg9CcCoSmVGFvyqv1ROTVu+OEO3KMqLM6oaJbolXCkvW0pujOotnCr2BXbgd5eA -iN1nE28daCSLT7d0geX0YJ96Vdc+N9oWaz53rK4YcJUIeSkDiv7BO7M/Gg+kO14f -WKGVyasvc0rQLW6aWQ9VGHgtPFGml4vmu7JwqkwR3v98KzfUetF3NI/n+UL3PIEM -S1IK ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICITCCAaagAwIBAgISESDm+Ez8JLC+BUCs2oMbNGA/MAoGCCqGSM49BAMDMEAx -CzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9wZW5U -cnVzdCBSb290IENBIEczMB4XDTE0MDUyNjAwMDAwMFoXDTM4MDExNTAwMDAwMFow -QDELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCU9wZW5UcnVzdDEdMBsGA1UEAwwUT3Bl -blRydXN0IFJvb3QgQ0EgRzMwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAARK7liuTcpm -3gY6oxH84Bjwbhy6LTAMidnW7ptzg6kjFYwvWYpa3RTqnVkrQ7cG7DK2uu5Bta1d -oYXM6h0UZqNnfkbilPPntlahFVmhTzeXuSIevRHr9LIfXsMUmuXZl5mjYzBhMA4G -A1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRHd8MUi2I5 -DMlv4VBN0BBY3JWIbTAfBgNVHSMEGDAWgBRHd8MUi2I5DMlv4VBN0BBY3JWIbTAK -BggqhkjOPQQDAwNpADBmAjEAj6jcnboMBBf6Fek9LykBl7+BFjNAk2z8+e2AcG+q -j9uEwov1NcoG3GRvaBbhj5G5AjEA2Euly8LQCGzpGPta3U1fJAuwACEl74+nBCZx -4nxp5V2a+EEfOzmTk51V6s2N8fvB ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF0DCCBLigAwIBAgIEOrZQizANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJC -TTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDElMCMGA1UECxMcUm9vdCBDZXJ0 -aWZpY2F0aW9uIEF1dGhvcml0eTEuMCwGA1UEAxMlUXVvVmFkaXMgUm9vdCBDZXJ0 -aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wMTAzMTkxODMzMzNaFw0yMTAzMTcxODMz -MzNaMH8xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMSUw -IwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MS4wLAYDVQQDEyVR -dW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG -9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2G1lVO6V/z68mcLOhrfEYBklbTRvM16z/Yp -li4kVEAkOPcahdxYTMukJ0KX0J+DisPkBgNbAKVRHnAEdOLB1Dqr1607BxgFjv2D -rOpm2RgbaIr1VxqYuvXtdj182d6UajtLF8HVj71lODqV0D1VNk7feVcxKh7YWWVJ -WCCYfqtffp/p1k3sg3Spx2zY7ilKhSoGFPlU5tPaZQeLYzcS19Dsw3sgQUSj7cug -F+FxZc4dZjH3dgEZyH0DWLaVSR2mEiboxgx24ONmy+pdpibu5cxfvWenAScOospU -xbF6lR1xHkopigPcakXBpBlebzbNw6Kwt/5cOOJSvPhEQ+aQuwIDAQABo4ICUjCC -Ak4wPQYIKwYBBQUHAQEEMTAvMC0GCCsGAQUFBzABhiFodHRwczovL29jc3AucXVv -dmFkaXNvZmZzaG9yZS5jb20wDwYDVR0TAQH/BAUwAwEB/zCCARoGA1UdIASCAREw -ggENMIIBCQYJKwYBBAG+WAABMIH7MIHUBggrBgEFBQcCAjCBxxqBxFJlbGlhbmNl -IG9uIHRoZSBRdW9WYWRpcyBSb290IENlcnRpZmljYXRlIGJ5IGFueSBwYXJ0eSBh -c3N1bWVzIGFjY2VwdGFuY2Ugb2YgdGhlIHRoZW4gYXBwbGljYWJsZSBzdGFuZGFy -ZCB0ZXJtcyBhbmQgY29uZGl0aW9ucyBvZiB1c2UsIGNlcnRpZmljYXRpb24gcHJh -Y3RpY2VzLCBhbmQgdGhlIFF1b1ZhZGlzIENlcnRpZmljYXRlIFBvbGljeS4wIgYI -KwYBBQUHAgEWFmh0dHA6Ly93d3cucXVvdmFkaXMuYm0wHQYDVR0OBBYEFItLbe3T -KbkGGew5Oanwl4Rqy+/fMIGuBgNVHSMEgaYwgaOAFItLbe3TKbkGGew5Oanwl4Rq -y+/foYGEpIGBMH8xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1p -dGVkMSUwIwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MS4wLAYD -VQQDEyVRdW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggQ6tlCL -MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAitQUtf70mpKnGdSk -fnIYj9lofFIk3WdvOXrEql494liwTXCYhGHoG+NpGA7O+0dQoE7/8CQfvbLO9Sf8 -7C9TqnN7Az10buYWnuulLsS/VidQK2K6vkscPFVcQR0kvoIgR13VRH56FmjffU1R -cHhXHTMe/QKZnAzNCgVPx7uOpHX6Sm2xgI4JVrmcGmD+XcHXetwReNDWXcG31a0y -mQM6isxUJTkxgXsTIlG6Rmyhu576BGxJJnSP0nPrzDCi5upZIof4l/UO/erMkqQW -xFIY6iHOsfHmhIHluqmGKPJDWl0Snawe2ajlCmqnf6CHKc/yiU3U7MXi5nrQNiOK -SnQ2+Q== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFYDCCA0igAwIBAgIUeFhfLq0sGUvjNwc1NBMotZbUZZMwDQYJKoZIhvcNAQEL -BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc -BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMSBHMzAeFw0xMjAxMTIxNzI3NDRaFw00 -MjAxMTIxNzI3NDRaMEgxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM -aW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDEgRzMwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQCgvlAQjunybEC0BJyFuTHK3C3kEakEPBtV -wedYMB0ktMPvhd6MLOHBPd+C5k+tR4ds7FtJwUrVu4/sh6x/gpqG7D0DmVIB0jWe -rNrwU8lmPNSsAgHaJNM7qAJGr6Qc4/hzWHa39g6QDbXwz8z6+cZM5cOGMAqNF341 -68Xfuw6cwI2H44g4hWf6Pser4BOcBRiYz5P1sZK0/CPTz9XEJ0ngnjybCKOLXSoh -4Pw5qlPafX7PGglTvF0FBM+hSo+LdoINofjSxxR3W5A2B4GbPgb6Ul5jxaYA/qXp -UhtStZI5cgMJYr2wYBZupt0lwgNm3fME0UDiTouG9G/lg6AnhF4EwfWQvTA9xO+o -abw4m6SkltFi2mnAAZauy8RRNOoMqv8hjlmPSlzkYZqn0ukqeI1RPToV7qJZjqlc -3sX5kCLliEVx3ZGZbHqfPT2YfF72vhZooF6uCyP8Wg+qInYtyaEQHeTTRCOQiJ/G -KubX9ZqzWB4vMIkIG1SitZgj7Ah3HJVdYdHLiZxfokqRmu8hqkkWCKi9YSgxyXSt -hfbZxbGL0eUQMk1fiyA6PEkfM4VZDdvLCXVDaXP7a3F98N/ETH3Goy7IlXnLc6KO -Tk0k+17kBL5yG6YnLUlamXrXXAkgt3+UuU/xDRxeiEIbEbfnkduebPRq34wGmAOt -zCjvpUfzUwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB -BjAdBgNVHQ4EFgQUo5fW816iEOGrRZ88F2Q87gFwnMwwDQYJKoZIhvcNAQELBQAD -ggIBABj6W3X8PnrHX3fHyt/PX8MSxEBd1DKquGrX1RUVRpgjpeaQWxiZTOOtQqOC -MTaIzen7xASWSIsBx40Bz1szBpZGZnQdT+3Btrm0DWHMY37XLneMlhwqI2hrhVd2 -cDMT/uFPpiN3GPoajOi9ZcnPP/TJF9zrx7zABC4tRi9pZsMbj/7sPtPKlL92CiUN -qXsCHKnQO18LwIE6PWThv6ctTr1NxNgpxiIY0MWscgKCP6o6ojoilzHdCGPDdRS5 -YCgtW2jgFqlmgiNR9etT2DGbe+m3nUvriBbP+V04ikkwj+3x6xn0dxoxGE1nVGwv -b2X52z3sIexe9PSLymBlVNFxZPT5pqOBMzYzcfCkeF9OrYMh3jRJjehZrJ3ydlo2 -8hP0r+AJx2EqbPfgna67hkooby7utHnNkDPDs3b69fBsnQGQ+p6Q9pxyz0fawx/k -NSBT8lTR32GDpgLiJTjehTItXnOQUl1CxM49S+H5GYQd1aJQzEH7QRTDvdbJWqNj -ZgKAvQU6O0ec7AAmTPWIUb+oI38YB7AL7YsmoWTTYUrrXJ/es69nA7Mf3W1daWhp -q1467HxpvMc7hU6eFbm0FU/DlXpY18ls6Wy58yljXrQs8C097Vpl4KlbQMJImYFt -nh8GKjwStIsPm6Ik8KaN1nrgS7ZklmOVhMJKzRwuJIczYOXD ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFtzCCA5+gAwIBAgICBQkwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0x -GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJv -b3QgQ0EgMjAeFw0wNjExMjQxODI3MDBaFw0zMTExMjQxODIzMzNaMEUxCzAJBgNV -BAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMRswGQYDVQQDExJRdW9W -YWRpcyBSb290IENBIDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCa -GMpLlA0ALa8DKYrwD4HIrkwZhR0In6spRIXzL4GtMh6QRr+jhiYaHv5+HBg6XJxg -Fyo6dIMzMH1hVBHL7avg5tKifvVrbxi3Cgst/ek+7wrGsxDp3MJGF/hd/aTa/55J -WpzmM+Yklvc/ulsrHHo1wtZn/qtmUIttKGAr79dgw8eTvI02kfN/+NsRE8Scd3bB -rrcCaoF6qUWD4gXmuVbBlDePSHFjIuwXZQeVikvfj8ZaCuWw419eaxGrDPmF60Tp -+ARz8un+XJiM9XOva7R+zdRcAitMOeGylZUtQofX1bOQQ7dsE/He3fbE+Ik/0XX1 -ksOR1YqI0JDs3G3eicJlcZaLDQP9nL9bFqyS2+r+eXyt66/3FsvbzSUr5R/7mp/i -Ucw6UwxI5g69ybR2BlLmEROFcmMDBOAENisgGQLodKcftslWZvB1JdxnwQ5hYIiz -PtGo/KPaHbDRsSNU30R2be1B2MGyIrZTHN81Hdyhdyox5C315eXbyOD/5YDXC2Og -/zOhD7osFRXql7PSorW+8oyWHhqPHWykYTe5hnMz15eWniN9gqRMgeKh0bpnX5UH -oycR7hYQe7xFSkyyBNKr79X9DFHOUGoIMfmR2gyPZFwDwzqLID9ujWc9Otb+fVuI -yV77zGHcizN300QyNQliBJIWENieJ0f7OyHj+OsdWwIDAQABo4GwMIGtMA8GA1Ud -EwEB/wQFMAMBAf8wCwYDVR0PBAQDAgEGMB0GA1UdDgQWBBQahGK8SEwzJQTU7tD2 -A8QZRtGUazBuBgNVHSMEZzBlgBQahGK8SEwzJQTU7tD2A8QZRtGUa6FJpEcwRTEL -MAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMT -ElF1b1ZhZGlzIFJvb3QgQ0EgMoICBQkwDQYJKoZIhvcNAQEFBQADggIBAD4KFk2f -BluornFdLwUvZ+YTRYPENvbzwCYMDbVHZF34tHLJRqUDGCdViXh9duqWNIAXINzn -g/iN/Ae42l9NLmeyhP3ZRPx3UIHmfLTJDQtyU/h2BwdBR5YM++CCJpNVjP4iH2Bl -fF/nJrP3MpCYUNQ3cVX2kiF495V5+vgtJodmVjB3pjd4M1IQWK4/YY7yarHvGH5K -WWPKjaJW1acvvFYfzznB4vsKqBUsfU16Y8Zsl0Q80m/DShcK+JDSV6IZUaUtl0Ha -B0+pUNqQjZRG4T7wlP0QADj1O+hA4bRuVhogzG9Yje0uRY/W6ZM/57Es3zrWIozc -hLsib9D45MY56QSIPMO661V6bYCZJPVsAfv4l7CUW+v90m/xd2gNNWQjrLhVoQPR -TUIZ3Ph1WVaj+ahJefivDrkRoHy3au000LYmYjgahwz46P0u05B/B5EqHdZ+XIWD -mbA4CD/pXvk1B+TJYm5Xf6dQlfe6yJvmjqIBxdZmv3lh8zwc4bmCXF2gw+nYSL0Z -ohEUGW6yhhtoPkg3Goi3XZZenMfvJ2II4pEZXNLxId26F0KCl3GBUzGpn/Z9Yr9y -4aOTHcyKJloJONDO1w2AFrR4pTqHTI2KpdVGl/IsELm8VCLAAVBpQ570su9t+Oza -8eOx79+Rj1QqCyXBJhnEUhAFZdWCEOrCMc0u ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFYDCCA0igAwIBAgIURFc0JFuBiZs18s64KztbpybwdSgwDQYJKoZIhvcNAQEL -BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc -BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMiBHMzAeFw0xMjAxMTIxODU5MzJaFw00 -MjAxMTIxODU5MzJaMEgxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM -aW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDIgRzMwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQChriWyARjcV4g/Ruv5r+LrI3HimtFhZiFf -qq8nUeVuGxbULX1QsFN3vXg6YOJkApt8hpvWGo6t/x8Vf9WVHhLL5hSEBMHfNrMW -n4rjyduYNM7YMxcoRvynyfDStNVNCXJJ+fKH46nafaF9a7I6JaltUkSs+L5u+9ym -c5GQYaYDFCDy54ejiK2toIz/pgslUiXnFgHVy7g1gQyjO/Dh4fxaXc6AcW34Sas+ -O7q414AB+6XrW7PFXmAqMaCvN+ggOp+oMiwMzAkd056OXbxMmO7FGmh77FOm6RQ1 -o9/NgJ8MSPsc9PG/Srj61YxxSscfrf5BmrODXfKEVu+lV0POKa2Mq1W/xPtbAd0j -IaFYAI7D0GoT7RPjEiuA3GfmlbLNHiJuKvhB1PLKFAeNilUSxmn1uIZoL1NesNKq -IcGY5jDjZ1XHm26sGahVpkUG0CM62+tlXSoREfA7T8pt9DTEceT/AFr2XK4jYIVz -8eQQsSWu1ZK7E8EM4DnatDlXtas1qnIhO4M15zHfeiFuuDIIfR0ykRVKYnLP43eh -vNURG3YBZwjgQQvD6xVu+KQZ2aKrr+InUlYrAoosFCT5v0ICvybIxo/gbjh9Uy3l -7ZizlWNof/k19N+IxWA1ksB8aRxhlRbQ694Lrz4EEEVlWFA4r0jyWbYW8jwNkALG -cC4BrTwV1wIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB -BjAdBgNVHQ4EFgQU7edvdlq/YOxJW8ald7tyFnGbxD0wDQYJKoZIhvcNAQELBQAD -ggIBAJHfgD9DCX5xwvfrs4iP4VGyvD11+ShdyLyZm3tdquXK4Qr36LLTn91nMX66 -AarHakE7kNQIXLJgapDwyM4DYvmL7ftuKtwGTTwpD4kWilhMSA/ohGHqPHKmd+RC -roijQ1h5fq7KpVMNqT1wvSAZYaRsOPxDMuHBR//47PERIjKWnML2W2mWeyAMQ0Ga -W/ZZGYjeVYg3UQt4XAoeo0L9x52ID8DyeAIkVJOviYeIyUqAHerQbj5hLja7NQ4n -lv1mNDthcnPxFlxHBlRJAHpYErAK74X9sbgzdWqTHBLmYF5vHX/JHyPLhGGfHoJE -+V+tYlUkmlKY7VHnoX6XOuYvHxHaU4AshZ6rNRDbIl9qxV6XU/IyAgkwo1jwDQHV -csaxfGl7w/U2Rcxhbl5MlMVerugOXou/983g7aEOGzPuVBj+D77vfoRrQ+NwmNtd -dbINWQeFFSM51vHfqSYP1kjHs6Yi9TM3WpVHn3u6GBVv/9YUZINJ0gpnIdsPNWNg -KCLjsZWDzYWm3S8P52dSbrsvhXz1SnPnxT7AvSESBT/8twNJAlvIJebiVDj1eYeM -HVOyToV7BjjHLPj4sHKNJeV3UvQDHEimUF+IIDBu8oJDqz2XhOdT+yHBTw8imoa4 -WSr2Rz0ZiC3oheGe7IUIarFsNMkd7EgrO3jtZsSOeWmD3n+M ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIGnTCCBIWgAwIBAgICBcYwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0x -GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJv -b3QgQ0EgMzAeFw0wNjExMjQxOTExMjNaFw0zMTExMjQxOTA2NDRaMEUxCzAJBgNV -BAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMRswGQYDVQQDExJRdW9W -YWRpcyBSb290IENBIDMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDM -V0IWVJzmmNPTTe7+7cefQzlKZbPoFog02w1ZkXTPkrgEQK0CSzGrvI2RaNggDhoB -4hp7Thdd4oq3P5kazethq8Jlph+3t723j/z9cI8LoGe+AaJZz3HmDyl2/7FWeUUr -H556VOijKTVopAFPD6QuN+8bv+OPEKhyq1hX51SGyMnzW9os2l2ObjyjPtr7guXd -8lyyBTNvijbO0BNO/79KDDRMpsMhvVAEVeuxu537RR5kFd5VAYwCdrXLoT9Cabwv -vWhDFlaJKjdhkf2mrk7AyxRllDdLkgbvBNDInIjbC3uBr7E9KsRlOni27tyAsdLT -mZw67mtaa7ONt9XOnMK+pUsvFrGeaDsGb659n/je7Mwpp5ijJUMv7/FfJuGITfhe -btfZFG4ZM2mnO4SJk8RTVROhUXhA+LjJou57ulJCg54U7QVSWllWp5f8nT8KKdjc -T5EOE7zelaTfi5m+rJsziO+1ga8bxiJTyPbH7pcUsMV8eFLI8M5ud2CEpukqdiDt -WAEXMJPpGovgc2PZapKUSU60rUqFxKMiMPwJ7Wgic6aIDFUhWMXhOp8q3crhkODZ -c6tsgLjoC2SToJyMGf+z0gzskSaHirOi4XCPLArlzW1oUevaPwV/izLmE1xr/l9A -4iLItLRkT9a6fUg+qGkM17uGcclzuD87nSVL2v9A6wIDAQABo4IBlTCCAZEwDwYD -VR0TAQH/BAUwAwEB/zCB4QYDVR0gBIHZMIHWMIHTBgkrBgEEAb5YAAMwgcUwgZMG -CCsGAQUFBwICMIGGGoGDQW55IHVzZSBvZiB0aGlzIENlcnRpZmljYXRlIGNvbnN0 -aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFF1b1ZhZGlzIFJvb3QgQ0EgMyBDZXJ0 -aWZpY2F0ZSBQb2xpY3kgLyBDZXJ0aWZpY2F0aW9uIFByYWN0aWNlIFN0YXRlbWVu -dC4wLQYIKwYBBQUHAgEWIWh0dHA6Ly93d3cucXVvdmFkaXNnbG9iYWwuY29tL2Nw -czALBgNVHQ8EBAMCAQYwHQYDVR0OBBYEFPLAE+CCQz777i9nMpY1XNu4ywLQMG4G -A1UdIwRnMGWAFPLAE+CCQz777i9nMpY1XNu4ywLQoUmkRzBFMQswCQYDVQQGEwJC -TTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDEbMBkGA1UEAxMSUXVvVmFkaXMg -Um9vdCBDQSAzggIFxjANBgkqhkiG9w0BAQUFAAOCAgEAT62gLEz6wPJv92ZVqyM0 -7ucp2sNbtrCD2dDQ4iH782CnO11gUyeim/YIIirnv6By5ZwkajGxkHon24QRiSem -d1o417+shvzuXYO8BsbRd2sPbSQvS3pspweWyuOEn62Iix2rFo1bZhfZFvSLgNLd -+LJ2w/w4E6oM3kJpK27zPOuAJ9v1pkQNn1pVWQvVDVJIxa6f8i+AxeoyUDUSly7B -4f/xI4hROJ/yZlZ25w9Rl6VSDE1JUZU2Pb+iSwwQHYaZTKrzchGT5Or2m9qoXadN -t54CrnMAyNojA+j56hl0YgCUyyIgvpSnWbWCar6ZeXqp8kokUvd0/bpO5qgdAm6x -DYBEwa7TIzdfu4V8K5Iu6H6li92Z4b8nby1dqnuH/grdS/yO9SbkbnBCbjPsMZ57 -k8HkyWkaPcBrTiJt7qtYTcbQQcEr6k8Sh17rRdhs9ZgC06DYVYoGmRmioHfRMJ6s -zHXug/WwYjnPbFfiTNKRCw51KBuav/0aQ/HKd/s7j2G4aSgWQgRecCocIdiP4b0j -Wy10QJLZYxkNc91pvGJHvOB0K7Lrfb5BG7XARsWhIstfTsEokt4YutUqKLsRixeT -mJlglFwjz1onl14LBQaTNx47aTbrqZ5hHY8y2o4M1nQ+ewkk2gF3R8Q7zTSMmfXK -4SVhM7JZG+Ju1zdXtg2pEto= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFYDCCA0igAwIBAgIULvWbAiin23r/1aOp7r0DoM8Sah0wDQYJKoZIhvcNAQEL -BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc -BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMyBHMzAeFw0xMjAxMTIyMDI2MzJaFw00 -MjAxMTIyMDI2MzJaMEgxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM -aW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDMgRzMwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQCzyw4QZ47qFJenMioKVjZ/aEzHs286IxSR -/xl/pcqs7rN2nXrpixurazHb+gtTTK/FpRp5PIpM/6zfJd5O2YIyC0TeytuMrKNu -FoM7pmRLMon7FhY4futD4tN0SsJiCnMK3UmzV9KwCoWdcTzeo8vAMvMBOSBDGzXR -U7Ox7sWTaYI+FrUoRqHe6okJ7UO4BUaKhvVZR74bbwEhELn9qdIoyhA5CcoTNs+c -ra1AdHkrAj80//ogaX3T7mH1urPnMNA3I4ZyYUUpSFlob3emLoG+B01vr87ERROR -FHAGjx+f+IdpsQ7vw4kZ6+ocYfx6bIrc1gMLnia6Et3UVDmrJqMz6nWB2i3ND0/k -A9HvFZcba5DFApCTZgIhsUfei5pKgLlVj7WiL8DWM2fafsSntARE60f75li59wzw -eyuxwHApw0BiLTtIadwjPEjrewl5qW3aqDCYz4ByA4imW0aucnl8CAMhZa634Ryl -sSqiMd5mBPfAdOhx3v89WcyWJhKLhZVXGqtrdQtEPREoPHtht+KPZ0/l7DxMYIBp -VzgeAVuNVejH38DMdyM0SXV89pgR6y3e7UEuFAUCf+D+IOs15xGsIs5XPd7JMG0Q -A4XN8f+MFrXBsj6IbGB/kE+V9/YtrQE5BwT6dYB9v0lQ7e/JxHwc64B+27bQ3RP+ -ydOc17KXqQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB -BjAdBgNVHQ4EFgQUxhfQvKjqAkPyGwaZXSuQILnXnOQwDQYJKoZIhvcNAQELBQAD -ggIBADRh2Va1EodVTd2jNTFGu6QHcrxfYWLopfsLN7E8trP6KZ1/AvWkyaiTt3px -KGmPc+FSkNrVvjrlt3ZqVoAh313m6Tqe5T72omnHKgqwGEfcIHB9UqM+WXzBusnI -FUBhynLWcKzSt/Ac5IYp8M7vaGPQtSCKFWGafoaYtMnCdvvMujAWzKNhxnQT5Wvv -oxXqA/4Ti2Tk08HS6IT7SdEQTXlm66r99I0xHnAUrdzeZxNMgRVhvLfZkXdxGYFg -u/BYpbWcC/ePIlUnwEsBbTuZDdQdm2NnL9DuDcpmvJRPpq3t/O5jrFc/ZSXPsoaP -0Aj/uHYUbt7lJ+yreLVTubY/6CD50qi+YUbKh4yE8/nxoGibIh6BJpsQBJFxwAYf -3KDTuVan45gtf4Od34wrnDKOMpTwATwiKp9Dwi7DmDkHOHv8XgBCH/MyJnmDhPbl -8MFREsALHgQjDFSlTC9JxUrRtm5gDWv8a4uFJGS3iQ6rJUdbPM9+Sb3H6QrG2vd+ -DhcI00iX0HGS8A85PjRqHH3Y8iKuu2n0M7SmSFXRDw4m6Oy2Cy2nhTXN/VnIn9HN -PlopNLk9hM6xZdRZkZFWdSHBd575euFgndOtBBj0fOtek49TSiIp+EgrPk2GrFt/ -ywaZWWDYWGWVjUTR939+J399roD1B0y2PpxxVJkES/1Y+Zj0 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID2DCCAsCgAwIBAgIQYFbFSyNAW2TU7SXa2dYeHjANBgkqhkiG9w0BAQsFADCB -hTELMAkGA1UEBhMCREUxKTAnBgNVBAoTIERldXRzY2hlciBTcGFya2Fzc2VuIFZl -cmxhZyBHbWJIMScwJQYDVQQLEx5TLVRSVVNUIENlcnRpZmljYXRpb24gU2Vydmlj -ZXMxIjAgBgNVBAMTGVMtVFJVU1QgVW5pdmVyc2FsIFJvb3QgQ0EwHhcNMTMxMDIy -MDAwMDAwWhcNMzgxMDIxMjM1OTU5WjCBhTELMAkGA1UEBhMCREUxKTAnBgNVBAoT -IERldXRzY2hlciBTcGFya2Fzc2VuIFZlcmxhZyBHbWJIMScwJQYDVQQLEx5TLVRS -VVNUIENlcnRpZmljYXRpb24gU2VydmljZXMxIjAgBgNVBAMTGVMtVFJVU1QgVW5p -dmVyc2FsIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCo -4wvfETeFgpq1bGZ8YT/ARxodRuOwVWTluII5KAd+F//0m4rwkYHqOD8heGxI7Gsv -otOKcrKn19nqf7TASWswJYmM67fVQGGY4tw8IJLNZUpynxqOjPolFb/zIYMoDYuv -WRGCQ1ybTSVRf1gYY2A7s7WKi1hjN0hIkETCQN1d90NpKZhcEmVeq5CSS2bf1XUS -U1QYpt6K1rtXAzlZmRgFDPn9FcaQZEYXgtfCSkE9/QC+V3IYlHcbU1qJAfYzcg6T -OtzoHv0FBda8c+CI3KtP7LUYhk95hA5IKmYq3TLIeGXIC51YAQVx7YH1aBduyw20 -S9ih7K446xxYL6FlAzQvAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P -AQH/BAQDAgEGMB0GA1UdDgQWBBSafdfr639UmEUptCCrbQuWIxmkwjANBgkqhkiG -9w0BAQsFAAOCAQEATpYS2353XpInniEXGIJ22D+8pQkEZoiJrdtVszNqxmXEj03z -MjbceQSWqXcy0Zf1GGuMuu3OEdBEx5LxtESO7YhSSJ7V/Vn4ox5R+wFS5V/let2q -JE8ii912RvaloA812MoPmLkwXSBvwoEevb3A/hXTOCoJk5gnG5N70Cs0XmilFU/R -UsOgyqCDRR319bdZc11ZAY+qwkcvFHHVKeMQtUeTJcwjKdq3ctiR1OwbSIoi5MEq -9zpok59FGW5Dt8z+uJGaYRo2aWNkkijzb2GShROfyQcsi1fc65551cLeCNVUsldO -KjKNoeI60RAgIjl9NEVvcTvDHfz/sk+o4vYwHg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIClDCCAhqgAwIBAgIILCmcWxbtBZUwCgYIKoZIzj0EAwIwfzELMAkGA1UEBhMC -VVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQKDA9T -U0wgQ29ycG9yYXRpb24xNDAyBgNVBAMMK1NTTC5jb20gRVYgUm9vdCBDZXJ0aWZp -Y2F0aW9uIEF1dGhvcml0eSBFQ0MwHhcNMTYwMjEyMTgxNTIzWhcNNDEwMjEyMTgx -NTIzWjB/MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hv -dXN0b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjE0MDIGA1UEAwwrU1NMLmNv -bSBFViBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzB2MBAGByqGSM49 -AgEGBSuBBAAiA2IABKoSR5CYG/vvw0AHgyBO8TCCogbR8pKGYfL2IWjKAMTH6kMA -VIbc/R/fALhBYlzccBYy3h+Z1MzFB8gIH2EWB1E9fVwHU+M1OIzfzZ/ZLg1Kthku -WnBaBu2+8KGwytAJKaNjMGEwHQYDVR0OBBYEFFvKXuXe0oGqzagtZFG22XKbl+ZP -MA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUW8pe5d7SgarNqC1kUbbZcpuX -5k8wDgYDVR0PAQH/BAQDAgGGMAoGCCqGSM49BAMCA2gAMGUCMQCK5kCJN+vp1RPZ -ytRrJPOwPYdGWBrssd9v+1a6cGvHOMzosYxPD/fxZ3YOg9AeUY8CMD32IygmTMZg -h5Mmm7I1HrrW9zzRHM76JTymGoEVW/MSD2zuZYrJh6j5B+BimoxcSg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF6zCCA9OgAwIBAgIIVrYpzTS8ePYwDQYJKoZIhvcNAQELBQAwgYIxCzAJBgNV -BAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4GA1UEBwwHSG91c3RvbjEYMBYGA1UE -CgwPU1NMIENvcnBvcmF0aW9uMTcwNQYDVQQDDC5TU0wuY29tIEVWIFJvb3QgQ2Vy -dGlmaWNhdGlvbiBBdXRob3JpdHkgUlNBIFIyMB4XDTE3MDUzMTE4MTQzN1oXDTQy -MDUzMDE4MTQzN1owgYIxCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4G -A1UEBwwHSG91c3RvbjEYMBYGA1UECgwPU1NMIENvcnBvcmF0aW9uMTcwNQYDVQQD -DC5TU0wuY29tIEVWIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgUlNBIFIy -MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAjzZlQOHWTcDXtOlG2mvq -M0fNTPl9fb69LT3w23jhhqXZuglXaO1XPqDQCEGD5yhBJB/jchXQARr7XnAjssuf -OePPxU7Gkm0mxnu7s9onnQqG6YE3Bf7wcXHswxzpY6IXFJ3vG2fThVUCAtZJycxa -4bH3bzKfydQ7iEGonL3Lq9ttewkfokxykNorCPzPPFTOZw+oz12WGQvE43LrrdF9 -HSfvkusQv1vrO6/PgN3B0pYEW3p+pKk8OHakYo6gOV7qd89dAFmPZiw+B6KjBSYR -aZfqhbcPlgtLyEDhULouisv3D5oi53+aNxPN8k0TayHRwMwi8qFG9kRpnMphNQcA -b9ZhCBHqurj26bNg5U257J8UZslXWNvNh2n4ioYSA0e/ZhN2rHd9NCSFg83XqpyQ -Gp8hLH94t2S42Oim9HizVcuE0jLEeK6jj2HdzghTreyI/BXkmg3mnxp3zkyPuBQV -PWKchjgGAGYS5Fl2WlPAApiiECtoRHuOec4zSnaqW4EWG7WK2NAAe15itAnWhmMO -pgWVSbooi4iTsjQc2KRVbrcc0N6ZVTsj9CLg+SlmJuwgUHfbSguPvuUCYHBBXtSu -UDkiFCbLsjtzdFVHB3mBOagwE0TlBIqulhMlQg+5U8Sb/M3kHN48+qvWBkofZ6aY -MBzdLNvcGJVXZsb/XItW9XcCAwEAAaNjMGEwDwYDVR0TAQH/BAUwAwEB/zAfBgNV -HSMEGDAWgBT5YLvU49U09rj1BoAlp3PbRmmonjAdBgNVHQ4EFgQU+WC71OPVNPa4 -9QaAJadz20ZpqJ4wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQBW -s47LCp1Jjr+kxJG7ZhcFUZh1++VQLHqe8RT6q9OKPv+RKY9ji9i0qVQBDb6Thi/5 -Sm3HXvVX+cpVHBK+Rw82xd9qt9t1wkclf7nxY/hoLVUE0fKNsKTPvDxeH3jnpaAg -cLAExbf3cqfeIg29MyVGjGSSJuM+LmOW2puMPfgYCdcDzH2GguDKBAdRUNf/ktUM -79qGn5nX67evaOI5JpS6aLe/g9Pqemc9YmeuJeVy6OLk7K4S9ksrPJ/psEDzOFSz -/bdoyNrGj1E8svuR3Bznm53htw1yj+KkxKl4+esUrMZDBcJlOSgYAsOCsp0FvmXt -ll9ldDz7CTUue5wT/RsPXcdtgTpWD8w74a8CLyKsRspGPKAcTNZEtF4uXBVmCeEm -Kf7GUmG6sXP/wwyc5WxqlD8UykAWlYTzWamsX0xhk23RO8yilQwipmdnRC652dKK -QbNmC1r7fSOl8hqw/96bg5Qu0T/fkreRrwU7ZcegbLHNYhLDkBvjJc40vG93drEQ -w/cFGsDWr3RiSBd3kmmQYRzelYB0VI8YHMPzA9C/pEN1hlMYegouCRw2n5H9gooi -S9EOUCXdywMMF8mDAAhONU2Ki+3wApRmLER/y5UnlhetCTCstnEXbosX9hwJ1C07 -mKVx01QT2WDz9UtmT/rx7iASjbSsV7FFY6GsdqnC+w== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICjTCCAhSgAwIBAgIIdebfy8FoW6gwCgYIKoZIzj0EAwIwfDELMAkGA1UEBhMC -VVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQKDA9T -U0wgQ29ycG9yYXRpb24xMTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZpY2F0 -aW9uIEF1dGhvcml0eSBFQ0MwHhcNMTYwMjEyMTgxNDAzWhcNNDEwMjEyMTgxNDAz -WjB8MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0 -b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNvbSBS -b290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzB2MBAGByqGSM49AgEGBSuB -BAAiA2IABEVuqVDEpiM2nl8ojRfLliJkP9x6jh3MCLOicSS6jkm5BBtHllirLZXI -7Z4INcgn64mMU1jrYor+8FsPazFSY0E7ic3s7LaNGdM0B9y7xgZ/wkWV7Mt/qCPg -CemB+vNH06NjMGEwHQYDVR0OBBYEFILRhXMw5zUE044CkvvlpNHEIejNMA8GA1Ud -EwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUgtGFczDnNQTTjgKS++Wk0cQh6M0wDgYD -VR0PAQH/BAQDAgGGMAoGCCqGSM49BAMCA2cAMGQCMG/n61kRpGDPYbCWe+0F+S8T -kdzt5fxQaxFGRrMcIQBiu77D5+jNB5n5DQtdcj7EqgIwH7y6C+IwJPt8bYBVCpk+ -gA0z5Wajs6O7pdWLjwkspl1+4vAHCGht0nxpbl/f5Wpl ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF3TCCA8WgAwIBAgIIeyyb0xaAMpkwDQYJKoZIhvcNAQELBQAwfDELMAkGA1UE -BhMCVVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQK -DA9TU0wgQ29ycG9yYXRpb24xMTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZp -Y2F0aW9uIEF1dGhvcml0eSBSU0EwHhcNMTYwMjEyMTczOTM5WhcNNDEwMjEyMTcz -OTM5WjB8MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hv -dXN0b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNv -bSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFJTQTCCAiIwDQYJKoZIhvcN -AQEBBQADggIPADCCAgoCggIBAPkP3aMrfcvQKv7sZ4Wm5y4bunfh4/WvpOz6Sl2R -xFdHaxh3a3by/ZPkPQ/CFp4LZsNWlJ4Xg4XOVu/yFv0AYvUiCVToZRdOQbngT0aX -qhvIuG5iXmmxX9sqAn78bMrzQdjt0Oj8P2FI7bADFB0QDksZ4LtO7IZl/zbzXmcC -C52GVWH9ejjt/uIZALdvoVBidXQ8oPrIJZK0bnoix/geoeOy3ZExqysdBP+lSgQ3 -6YWkMyv94tZVNHwZpEpox7Ko07fKoZOI68GXvIz5HdkihCR0xwQ9aqkpk8zruFvh -/l8lqjRYyMEjVJ0bmBHDOJx+PYZspQ9AhnwC9FwCTyjLrnGfDzrIM/4RJTXq/LrF -YD3ZfBjVsqnTdXgDciLKOsMf7yzlLqn6niy2UUb9rwPW6mBo6oUWNmuF6R7As93E -JNyAKoFBbZQ+yODJgUEAnl6/f8UImKIYLEJAs/lvOCdLToD0PYFH4Ih86hzOtXVc -US4cK38acijnALXRdMbX5J+tB5O2UzU1/Dfkw/ZdFr4hc96SCvigY2q8lpJqPvi8 -ZVWb3vUNiSYE/CUapiVpy8JtynziWV+XrOvvLsi81xtZPCvM8hnIk2snYxnP/Okm -+Mpxm3+T/jRnhE6Z6/yzeAkzcLpmpnbtG3PrGqUNxCITIJRWCk4sbE6x/c+cCbqi -M+2HAgMBAAGjYzBhMB0GA1UdDgQWBBTdBAkHovV6fVJTEpKV7jiAJQ2mWTAPBgNV -HRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFN0ECQei9Xp9UlMSkpXuOIAlDaZZMA4G -A1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAIBgRlCn7Jp0cHh5wYfGV -cpNxJK1ok1iOMq8bs3AD/CUrdIWQPXhq9LmLpZc7tRiRux6n+UBbkflVma8eEdBc -Hadm47GUBwwyOabqG7B52B2ccETjit3E+ZUfijhDPwGFpUenPUayvOUiaPd7nNgs -PgohyC0zrL/FgZkxdMF1ccW+sfAjRfSda/wZY52jvATGGAslu1OJD7OAUN5F7kR/ -q5R4ZJjT9ijdh9hwZXT7DrkT66cPYakylszeu+1jTBi7qUD3oFRuIIhxdRjqerQ0 -cuAjJ3dctpDqhiVAq+8zD8ufgr6iIPv2tS0a5sKFsXQP+8hlAqRSAUfdSSLBv9jr -a6x+3uxjMxW3IwiPxg+NQVrdjsW5j+VFP3jbutIbQLH+cU0/4IGiul607BXgk90I -H37hVZkLId6Tngr75qNJvTYw/ud3sqB1l7UtgYgXZSD32pAAn8lSzDLKNXz1PQ/Y -K9f1JmzJBjSWFupwWRoyeXkLtoh/D1JIPb9s2KJELtFOt3JY04kTlf5Eq/jXixtu -nLwsoFvVagCvXzfh1foQC5ichucmj87w7G6KVwuA406ywKBjYZC6VWg3dGq2ktuf -oYYitmUnDuy2n0Jg5GfCtdpBC8TTi2EbvPofkSvXRAdeuims2cXp71NIWuuA8ShY -Ic2wBlX7Jz9TkHCpBB5XJ7k= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDcjCCAlqgAwIBAgIUPopdB+xV0jLVt+O2XwHrLdzk1uQwDQYJKoZIhvcNAQEL -BQAwUTELMAkGA1UEBhMCUEwxKDAmBgNVBAoMH0tyYWpvd2EgSXpiYSBSb3psaWN6 -ZW5pb3dhIFMuQS4xGDAWBgNVBAMMD1NaQUZJUiBST09UIENBMjAeFw0xNTEwMTkw -NzQzMzBaFw0zNTEwMTkwNzQzMzBaMFExCzAJBgNVBAYTAlBMMSgwJgYDVQQKDB9L -cmFqb3dhIEl6YmEgUm96bGljemVuaW93YSBTLkEuMRgwFgYDVQQDDA9TWkFGSVIg -Uk9PVCBDQTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3vD5QqEvN -QLXOYeeWyrSh2gwisPq1e3YAd4wLz32ohswmUeQgPYUM1ljj5/QqGJ3a0a4m7utT -3PSQ1hNKDJA8w/Ta0o4NkjrcsbH/ON7Dui1fgLkCvUqdGw+0w8LBZwPd3BucPbOw -3gAeqDRHu5rr/gsUvTaE2g0gv/pby6kWIK05YO4vdbbnl5z5Pv1+TW9NL++IDWr6 -3fE9biCloBK0TXC5ztdyO4mTp4CEHCdJckm1/zuVnsHMyAHs6A6KCpbns6aH5db5 -BSsNl0BwPLqsdVqc1U2dAgrSS5tmS0YHF2Wtn2yIANwiieDhZNRnvDF5YTy7ykHN -XGoAyDw4jlivAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD -AgEGMB0GA1UdDgQWBBQuFqlKGLXLzPVvUPMjX/hd56zwyDANBgkqhkiG9w0BAQsF -AAOCAQEAtXP4A9xZWx126aMqe5Aosk3AM0+qmrHUuOQn/6mWmc5G4G18TKI4pAZw -8PRBEew/R40/cof5O/2kbytTAOD/OblqBw7rHRz2onKQy4I9EYKL0rufKq8h5mOG -nXkZ7/e7DDWQw4rtTw/1zBLZpD67oPwglV9PJi8RI4NOdQcPv5vRtB3pEAT+ymCP -oky4rc/hkA/NrgrHXXu3UNLUYfrVFdvXn4dRVOul4+vJhaAlIDf7js4MNIThPIGy -d05DpYhfhmehPea0XGG2Ptv+tyjFogeutcrKjSoS75ftwjCkySp6+/NNIxuZMzSg -LvWpCz/UXeHPhJ/iGcJfitYgHuNztw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDbTCCAlWgAwIBAgIBATANBgkqhkiG9w0BAQUFADBYMQswCQYDVQQGEwJKUDEr -MCkGA1UEChMiSmFwYW4gQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcywgSW5jLjEcMBoG -A1UEAxMTU2VjdXJlU2lnbiBSb290Q0ExMTAeFw0wOTA0MDgwNDU2NDdaFw0yOTA0 -MDgwNDU2NDdaMFgxCzAJBgNVBAYTAkpQMSswKQYDVQQKEyJKYXBhbiBDZXJ0aWZp -Y2F0aW9uIFNlcnZpY2VzLCBJbmMuMRwwGgYDVQQDExNTZWN1cmVTaWduIFJvb3RD -QTExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/XeqpRyQBTvLTJsz -i1oURaTnkBbR31fSIRCkF/3frNYfp+TbfPfs37gD2pRY/V1yfIw/XwFndBWW4wI8 -h9uuywGOwvNmxoVF9ALGOrVisq/6nL+k5tSAMJjzDbaTj6nU2DbysPyKyiyhFTOV -MdrAG/LuYpmGYz+/3ZMqg6h2uRMft85OQoWPIucuGvKVCbIFtUROd6EgvanyTgp9 -UK31BQ1FT0Zx/Sg+U/sE2C3XZR1KG/rPO7AxmjVuyIsG0wCR8pQIZUyxNAYAeoni -8McDWc/V1uinMrPmmECGxc0nEovMe863ETxiYAcjPitAbpSACW22s293bzUIUPsC -h8U+iQIDAQABo0IwQDAdBgNVHQ4EFgQUW/hNT7KlhtQ60vFjmqC+CfZXt94wDgYD -VR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEB -AKChOBZmLqdWHyGcBvod7bkixTgm2E5P7KN/ed5GIaGHd48HCJqypMWvDzKYC3xm -KbabfSVSSUOrTC4rbnpwrxYO4wJs+0LmGJ1F2FXI6Dvd5+H0LgscNFxsWEr7jIhQ -X5Ucv+2rIrVls4W6ng+4reV6G4pQOh29Dbx7VFALuUKvVaAYga1lme++5Jy/xIWr -QbJUb9wlze144o4MjQlJ3WN7WmmWAiGovVJZ6X01y8hSyn+B/tlr0/cR7SXf+Of5 -pPpyl4RTDaXQMhhRdlkUbA/r7F+AjHVDg8OFmP9Mni0N5HeDk061lgeLKBObjBmN -QSdJQO7e5iNEOdyhIta6A/I= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDuDCCAqCgAwIBAgIQDPCOXAgWpa1Cf/DrJxhZ0DANBgkqhkiG9w0BAQUFADBI -MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24x -FzAVBgNVBAMTDlNlY3VyZVRydXN0IENBMB4XDTA2MTEwNzE5MzExOFoXDTI5MTIz -MTE5NDA1NVowSDELMAkGA1UEBhMCVVMxIDAeBgNVBAoTF1NlY3VyZVRydXN0IENv -cnBvcmF0aW9uMRcwFQYDVQQDEw5TZWN1cmVUcnVzdCBDQTCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBAKukgeWVzfX2FI7CT8rU4niVWJxB4Q2ZQCQXOZEz -Zum+4YOvYlyJ0fwkW2Gz4BERQRwdbvC4u/jep4G6pkjGnx29vo6pQT64lO0pGtSO -0gMdA+9tDWccV9cGrcrI9f4Or2YlSASWC12juhbDCE/RRvgUXPLIXgGZbf2IzIao -wW8xQmxSPmjL8xk037uHGFaAJsTQ3MBv396gwpEWoGQRS0S8Hvbn+mPeZqx2pHGj -7DaUaHp3pLHnDi+BeuK1cobvomuL8A/b01k/unK8RCSc43Oz969XL0Imnal0ugBS -8kvNU3xHCzaFDmapCJcWNFfBZveA4+1wVMeT4C4oFVmHursCAwEAAaOBnTCBmjAT -BgkrBgEEAYI3FAIEBh4EAEMAQTALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB -/zAdBgNVHQ4EFgQUQjK2FvoE/f5dS3rD/fdMQB1aQ68wNAYDVR0fBC0wKzApoCeg -JYYjaHR0cDovL2NybC5zZWN1cmV0cnVzdC5jb20vU1RDQS5jcmwwEAYJKwYBBAGC -NxUBBAMCAQAwDQYJKoZIhvcNAQEFBQADggEBADDtT0rhWDpSclu1pqNlGKa7UTt3 -6Z3q059c4EVlew3KW+JwULKUBRSuSceNQQcSc5R+DCMh/bwQf2AQWnL1mA6s7Ll/ -3XpvXdMc9P+IBWlCqQVxyLesJugutIxq/3HcuLHfmbx8IVQr5Fiiu1cprp6poxkm -D5kuCLDv/WnPmRoJjeOnnyvJNjR7JLN4TJUXpAYmHrZkUjZfYGfZnMUFdAvnZyPS -CPyI6a6Lf+Ew9Dd+/cYy2i2eRDAwbO4H3tI0/NL/QPZL9GZGBlSm8jIKYyYwa5vR -3ItHuuG51WLQoqD0ZwV4KWMabwTW+MZMo5qxN7SN5ShLHZ4swrhovO0C7jE= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDvDCCAqSgAwIBAgIQB1YipOjUiolN9BPI8PjqpTANBgkqhkiG9w0BAQUFADBK -MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24x -GTAXBgNVBAMTEFNlY3VyZSBHbG9iYWwgQ0EwHhcNMDYxMTA3MTk0MjI4WhcNMjkx -MjMxMTk1MjA2WjBKMQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3Qg -Q29ycG9yYXRpb24xGTAXBgNVBAMTEFNlY3VyZSBHbG9iYWwgQ0EwggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvNS7YrGxVaQZx5RNoJLNP2MwhR/jxYDiJ -iQPpvepeRlMJ3Fz1Wuj3RSoC6zFh1ykzTM7HfAo3fg+6MpjhHZevj8fcyTiW89sa -/FHtaMbQbqR8JNGuQsiWUGMu4P51/pinX0kuleM5M2SOHqRfkNJnPLLZ/kG5VacJ -jnIFHovdRIWCQtBJwB1g8NEXLJXr9qXBkqPFwqcIYA1gBBCWeZ4WNOaptvolRTnI -HmX5k/Wq8VLcmZg9pYYaDDUz+kulBAYVHDGA76oYa8J719rO+TMg1fW9ajMtgQT7 -sFzUnKPiXB3jqUJ1XnvUd+85VLrJChgbEplJL4hL/VBi0XPnj3pDAgMBAAGjgZ0w -gZowEwYJKwYBBAGCNxQCBAYeBABDAEEwCwYDVR0PBAQDAgGGMA8GA1UdEwEB/wQF -MAMBAf8wHQYDVR0OBBYEFK9EBMJBfkiD2045AuzshHrmzsmkMDQGA1UdHwQtMCsw -KaAnoCWGI2h0dHA6Ly9jcmwuc2VjdXJldHJ1c3QuY29tL1NHQ0EuY3JsMBAGCSsG -AQQBgjcVAQQDAgEAMA0GCSqGSIb3DQEBBQUAA4IBAQBjGghAfaReUw132HquHw0L -URYD7xh8yOOvaliTFGCRsoTciE6+OYo68+aCiV0BN7OrJKQVDpI1WkpEXk5X+nXO -H0jOZvQ8QCaSmGwb7iRGDBezUqXbpZGRzzfTb+cnCDpOGR86p1hcF895P4vkp9Mm -I50mD1hp/Ed+stCNi5O/KU9DaXR2Z0vPB4zmAve14bRDtUstFJ/53CYNv6ZHdAbY -iNE6KTCEztI5gGIbqMdXSbxqVVFnFUq+NQfk1XWYN3kwFNspnWzFacxHVaIw98xc -f8LDmBxrThaA63p4ZUWiABqvDA1VZDRIuJK58bRQKfJPIx/abKwfROHdI3hRW8cW ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDdzCCAl+gAwIBAgIBADANBgkqhkiG9w0BAQsFADBdMQswCQYDVQQGEwJKUDEl -MCMGA1UEChMcU0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4sTFRELjEnMCUGA1UECxMe -U2VjdXJpdHkgQ29tbXVuaWNhdGlvbiBSb290Q0EyMB4XDTA5MDUyOTA1MDAzOVoX -DTI5MDUyOTA1MDAzOVowXTELMAkGA1UEBhMCSlAxJTAjBgNVBAoTHFNFQ09NIFRy -dXN0IFN5c3RlbXMgQ08uLExURC4xJzAlBgNVBAsTHlNlY3VyaXR5IENvbW11bmlj -YXRpb24gUm9vdENBMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANAV -OVKxUrO6xVmCxF1SrjpDZYBLx/KWvNs2l9amZIyoXvDjChz335c9S672XewhtUGr -zbl+dp+++T42NKA7wfYxEUV0kz1XgMX5iZnK5atq1LXaQZAQwdbWQonCv/Q4EpVM -VAX3NuRFg3sUZdbcDE3R3n4MqzvEFb46VqZab3ZpUql6ucjrappdUtAtCms1FgkQ -hNBqyjoGADdH5H5XTz+L62e4iKrFvlNVspHEfbmwhRkGeC7bYRr6hfVKkaHnFtWO -ojnflLhwHyg/i/xAXmODPIMqGplrz95Zajv8bxbXH/1KEOtOghY6rCcMU/Gt1SSw -awNQwS08Ft1ENCcadfsCAwEAAaNCMEAwHQYDVR0OBBYEFAqFqXdlBZh8QIH4D5cs -OPEK7DzPMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3 -DQEBCwUAA4IBAQBMOqNErLlFsceTfsgLCkLfZOoc7llsCLqJX2rKSpWeeo8HxdpF -coJxDjrSzG+ntKEju/Ykn8sX/oymzsLS28yN/HH8AynBbF0zX2S2ZTuJbxh2ePXc -okgfGT+Ok+vx+hfuzU7jBBJV1uXk3fs+BXziHV7Gp7yXT2g69ekuCkO2r1dcYmh8 -t/2jioSgrGK+KwmHNPBqAbubKVY8/gA3zyNs8U6qtnRGEmyR7jTV7JqR50S+kDFy -1UkC9gLl9B/rfNmWVan/7Ir5mUf/NVoCqgTLiluHcSmRvaS0eg29mvVXIwAHIRc/ -SjnRBUkLp7Y3gaVdjKozXoEofKd9J+sAro03 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDWjCCAkKgAwIBAgIBADANBgkqhkiG9w0BAQUFADBQMQswCQYDVQQGEwJKUDEY -MBYGA1UEChMPU0VDT00gVHJ1c3QubmV0MScwJQYDVQQLEx5TZWN1cml0eSBDb21t -dW5pY2F0aW9uIFJvb3RDQTEwHhcNMDMwOTMwMDQyMDQ5WhcNMjMwOTMwMDQyMDQ5 -WjBQMQswCQYDVQQGEwJKUDEYMBYGA1UEChMPU0VDT00gVHJ1c3QubmV0MScwJQYD -VQQLEx5TZWN1cml0eSBDb21tdW5pY2F0aW9uIFJvb3RDQTEwggEiMA0GCSqGSIb3 -DQEBAQUAA4IBDwAwggEKAoIBAQCzs/5/022x7xZ8V6UMbXaKL0u/ZPtM7orw8yl8 -9f/uKuDp6bpbZCKamm8sOiZpUQWZJtzVHGpxxpp9Hp3dfGzGjGdnSj74cbAZJ6kJ -DKaVv0uMDPpVmDvY6CKhS3E4eayXkmmziX7qIWgGmBSWh9JhNrxtJ1aeV+7AwFb9 -Ms+k2Y7CI9eNqPPYJayX5HA49LY6tJ07lyZDo6G8SVlyTCMwhwFY9k6+HGhWZq/N -QV3Is00qVUarH9oe4kA92819uZKAnDfdDJZkndwi92SL32HeFZRSFaB9UslLqCHJ -xrHty8OVYNEP8Ktw+N/LTX7s1vqr2b1/VPKl6Xn62dZ2JChzAgMBAAGjPzA9MB0G -A1UdDgQWBBSgc0mZaNyFW2XjmygvV5+9M7wHSDALBgNVHQ8EBAMCAQYwDwYDVR0T -AQH/BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAaECpqLvkT115swW1F7NgE+vG -kl3g0dNq/vu+m22/xwVtWSDEHPC32oRYAmP6SBbvT6UL90qY8j+eG61Ha2POCEfr -Uj94nK9NrvjVT8+amCoQQTlSxN3Zmw7vkwGusi7KaEIkQmywszo+zenaSMQVy+n5 -Bw+SUEmK3TGXX8npN6o7WWWXlDLJs58+OmJYxUmtYg5xpTKqL8aJdkNAExNnPaJU -JRDL8Try2frbSVa7pv6nQTXD4IhhyYjH3zYQIphZ6rBK+1YWc26sTfcioU+tHXot -RSflMMFe8toTyyVCUZVHA4xsIcx0Qu1T/zOLjw9XARYvz6buyXAiFL39vmwLAw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDIDCCAgigAwIBAgIBHTANBgkqhkiG9w0BAQUFADA5MQswCQYDVQQGEwJGSTEP -MA0GA1UEChMGU29uZXJhMRkwFwYDVQQDExBTb25lcmEgQ2xhc3MyIENBMB4XDTAx -MDQwNjA3Mjk0MFoXDTIxMDQwNjA3Mjk0MFowOTELMAkGA1UEBhMCRkkxDzANBgNV -BAoTBlNvbmVyYTEZMBcGA1UEAxMQU29uZXJhIENsYXNzMiBDQTCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAJAXSjWdyvANlsdE+hY3/Ei9vX+ALTU74W+o -Z6m/AxxNjG8yR9VBaKQTBME1DJqEQ/xcHf+Js+gXGM2RX/uJ4+q/Tl18GybTdXnt -5oTjV+WtKcT0OijnpXuENmmz/V52vaMtmdOQTiMofRhj8VQ7Jp12W5dCsv+u8E7s -3TmVToMGf+dJQMjFAbJUWmYdPfz56TwKnoG4cPABi+QjVHzIrviQHgCWctRUz2Ej -vOr7nQKV0ba5cTppCD8PtOFCx4j1P5iop7oc4HFx71hXgVB6XGt0Rg6DA5jDjqhu -8nYybieDwnPz3BjotJPqdURrBGAgcVeHnfO+oJAjPYok4doh28MCAwEAAaMzMDEw -DwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4ECgQISqCqWITTXjwwCwYDVR0PBAQDAgEG -MA0GCSqGSIb3DQEBBQUAA4IBAQBazof5FnIVV0sd2ZvnoiYw7JNn39Yt0jSv9zil -zqsWuasvfDXLrNAPtEwr/IDva4yRXzZ299uzGxnq9LIR/WFxRL8oszodv7ND6J+/ -3DEIcbCdjdY0RzKQxmUk96BKfARzjzlvF4xytb1LyHr4e4PDKE6cCepnP7JnBBvD -FNr450kkkdAdavphOe9r5yF1BgfYErQhIHBCcYHaPJo2vqZbDWpsmh+Re/n570K6 -Tk6ezAyNlNzZRZxe7EJQY670XcSxEtzKO6gunRRaBXW37Ndj4ro1tgQIkejanZz2 -ZrUYrAqmVCY0M9IbwdR/GjqOC6oybtv8TyWf2TLHllpwrN9M ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFcDCCA1igAwIBAgIEAJiWjTANBgkqhkiG9w0BAQsFADBYMQswCQYDVQQGEwJO -TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSkwJwYDVQQDDCBTdGFh -dCBkZXIgTmVkZXJsYW5kZW4gRVYgUm9vdCBDQTAeFw0xMDEyMDgxMTE5MjlaFw0y -MjEyMDgxMTEwMjhaMFgxCzAJBgNVBAYTAk5MMR4wHAYDVQQKDBVTdGFhdCBkZXIg -TmVkZXJsYW5kZW4xKTAnBgNVBAMMIFN0YWF0IGRlciBOZWRlcmxhbmRlbiBFViBS -b290IENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA48d+ifkkSzrS -M4M1LGns3Amk41GoJSt5uAg94JG6hIXGhaTK5skuU6TJJB79VWZxXSzFYGgEt9nC -UiY4iKTWO0Cmws0/zZiTs1QUWJZV1VD+hq2kY39ch/aO5ieSZxeSAgMs3NZmdO3d -Z//BYY1jTw+bbRcwJu+r0h8QoPnFfxZpgQNH7R5ojXKhTbImxrpsX23Wr9GxE46p -rfNeaXUmGD5BKyF/7otdBwadQ8QpCiv8Kj6GyzyDOvnJDdrFmeK8eEEzduG/L13l -pJhQDBXd4Pqcfzho0LKmeqfRMb1+ilgnQ7O6M5HTp5gVXJrm0w912fxBmJc+qiXb -j5IusHsMX/FjqTf5m3VpTCgmJdrV8hJwRVXj33NeN/UhbJCONVrJ0yPr08C+eKxC -KFhmpUZtcALXEPlLVPxdhkqHz3/KRawRWrUgUY0viEeXOcDPusBCAUCZSCELa6fS -/ZbV0b5GnUngC6agIk440ME8MLxwjyx1zNDFjFE7PZQIZCZhfbnDZY8UnCHQqv0X -cgOPvZuM5l5Tnrmd74K74bzickFbIZTTRTeU0d8JOV3nI6qaHcptqAqGhYqCvkIH -1vI4gnPah1vlPNOePqc7nvQDs/nxfRN0Av+7oeX6AHkcpmZBiFxgV6YuCcS6/ZrP -px9Aw7vMWgpVSzs4dlG4Y4uElBbmVvMCAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB -/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFP6rAJCYniT8qcwaivsnuL8wbqg7 -MA0GCSqGSIb3DQEBCwUAA4ICAQDPdyxuVr5Os7aEAJSrR8kN0nbHhp8dB9O2tLsI -eK9p0gtJ3jPFrK3CiAJ9Brc1AsFgyb/E6JTe1NOpEyVa/m6irn0F3H3zbPB+po3u -2dfOWBfoqSmuc0iH55vKbimhZF8ZE/euBhD/UcabTVUlT5OZEAFTdfETzsemQUHS -v4ilf0X8rLiltTMMgsT7B/Zq5SWEXwbKwYY5EdtYzXc7LMJMD16a4/CrPmEbUCTC -wPTxGfARKbalGAKb12NMcIxHowNDXLldRqANb/9Zjr7dn3LDWyvfjFvO5QxGbJKy -CqNMVEIYFRIYvdr8unRu/8G2oGTYqV9Vrp9canaW2HNnh/tNf1zuacpzEPuKqf2e -vTY4SUmH9A4U8OmHuD+nT3pajnnUk+S7aFKErGzp85hwVXIy+TSrK0m1zSBi5Dp6 -Z2Orltxtrpfs/J92VoguZs9btsmksNcFuuEnL5O7Jiqik7Ab846+HUCjuTaPPoIa -Gl6I6lD4WeKDRikL40Rc4ZW2aZCaFG+XroHPaO+Zmr615+F/+PoTRxZMzG0IQOeL -eG9QgkRQP2YGiqtDhFZKDyAthg710tvSeopLzaXoTvFeJiUBWSOgftL2fiFX1ye8 -FVdMpEbB4IMeDExNH08GGeL5qPQ6gqGyeUN51q1veieQA6TqJIc/2b3Z6fJfUEkc -7uzXLg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFyjCCA7KgAwIBAgIEAJiWjDANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJO -TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSswKQYDVQQDDCJTdGFh -dCBkZXIgTmVkZXJsYW5kZW4gUm9vdCBDQSAtIEcyMB4XDTA4MDMyNjExMTgxN1oX -DTIwMDMyNTExMDMxMFowWjELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRl -ciBOZWRlcmxhbmRlbjErMCkGA1UEAwwiU3RhYXQgZGVyIE5lZGVybGFuZGVuIFJv -b3QgQ0EgLSBHMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMVZ5291 -qj5LnLW4rJ4L5PnZyqtdj7U5EILXr1HgO+EASGrP2uEGQxGZqhQlEq0i6ABtQ8Sp -uOUfiUtnvWFI7/3S4GCI5bkYYCjDdyutsDeqN95kWSpGV+RLufg3fNU254DBtvPU -Z5uW6M7XxgpT0GtJlvOjCwV3SPcl5XCsMBQgJeN/dVrlSPhOewMHBPqCYYdu8DvE -pMfQ9XQ+pV0aCPKbJdL2rAQmPlU6Yiile7Iwr/g3wtG61jj99O9JMDeZJiFIhQGp -5Rbn3JBV3w/oOM2ZNyFPXfUib2rFEhZgF1XyZWampzCROME4HYYEhLoaJXhena/M -UGDWE4dS7WMfbWV9whUYdMrhfmQpjHLYFhN9C0lK8SgbIHRrxT3dsKpICT0ugpTN -GmXZK4iambwYfp/ufWZ8Pr2UuIHOzZgweMFvZ9C+X+Bo7d7iscksWXiSqt8rYGPy -5V6548r6f1CGPqI0GAwJaCgRHOThuVw+R7oyPxjMW4T182t0xHJ04eOLoEq9jWYv -6q012iDTiIJh8BIitrzQ1aTsr1SIJSQ8p22xcik/Plemf1WvbibG/ufMQFxRRIEK -eN5KzlW/HdXZt1bv8Hb/C3m1r737qWmRRpdogBQ2HbN/uymYNqUg+oJgYjOk7Na6 -B6duxc8UpufWkjTYgfX8HV2qXB72o007uPc5AgMBAAGjgZcwgZQwDwYDVR0TAQH/ -BAUwAwEB/zBSBgNVHSAESzBJMEcGBFUdIAAwPzA9BggrBgEFBQcCARYxaHR0cDov -L3d3dy5wa2lvdmVyaGVpZC5ubC9wb2xpY2llcy9yb290LXBvbGljeS1HMjAOBgNV -HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFJFoMocVHYnitfGsNig0jQt8YojrMA0GCSqG -SIb3DQEBCwUAA4ICAQCoQUpnKpKBglBu4dfYszk78wIVCVBR7y29JHuIhjv5tLyS -CZa59sCrI2AGeYwRTlHSeYAz+51IvuxBQ4EffkdAHOV6CMqqi3WtFMTC6GY8ggen -5ieCWxjmD27ZUD6KQhgpxrRW/FYQoAUXvQwjf/ST7ZwaUb7dRUG/kSS0H4zpX897 -IZmflZ85OkYcbPnNe5yQzSipx6lVu6xiNGI1E0sUOlWDuYaNkqbG9AclVMwWVxJK -gnjIFNkXgiYtXSAfea7+1HAWFpWD2DU5/1JddRwWxRNVz0fMdWVSSt7wsKfkCpYL -+63C4iWEst3kvX5ZbJvw8NjnyvLplzh+ib7M+zkXYT9y2zqR2GUBGR2tUKRXCnxL -vJxxcypFURmFzI79R6d0lR2o0a9OF7FpJsKqeFdbxU2n5Z4FF5TKsl+gSRiNNOkm -bEgeqmiSBeGCc1qb3AdbCG19ndeNIdn8FCCqwkXfP+cAslHkwvgFuXkajDTznlvk -N1trSt8sV4pAWja63XVECDdCcAz+3F4hoKOKwJCcaNpQ5kUQR3i2TtJlycM33+FC -Y7BXN0Ute4qcvwXqZVUz9zkQxSgqIXobisQk+T8VyJoVIPVVYpbtbZNQvOSqeK3Z -ywplh6ZmwcSBo3c6WB4L7oOLnR7SUqTMHW+wmG2UMbX4cQrcufx9MmDm66+KAQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFdDCCA1ygAwIBAgIEAJiiOTANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJO -TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSswKQYDVQQDDCJTdGFh -dCBkZXIgTmVkZXJsYW5kZW4gUm9vdCBDQSAtIEczMB4XDTEzMTExNDExMjg0MloX -DTI4MTExMzIzMDAwMFowWjELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRl -ciBOZWRlcmxhbmRlbjErMCkGA1UEAwwiU3RhYXQgZGVyIE5lZGVybGFuZGVuIFJv -b3QgQ0EgLSBHMzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAL4yolQP -cPssXFnrbMSkUeiFKrPMSjTysF/zDsccPVMeiAho2G89rcKezIJnByeHaHE6n3WW -IkYFsO2tx1ueKt6c/DrGlaf1F2cY5y9JCAxcz+bMNO14+1Cx3Gsy8KL+tjzk7FqX -xz8ecAgwoNzFs21v0IJyEavSgWhZghe3eJJg+szeP4TrjTgzkApyI/o1zCZxMdFy -KJLZWyNtZrVtB0LrpjPOktvA9mxjeM3KTj215VKb8b475lRgsGYeCasH/lSJEULR -9yS6YHgamPfJEf0WwTUaVHXvQ9Plrk7O53vDxk5hUUurmkVLoR9BvUhTFXFkC4az -5S6+zqQbwSmEorXLCCN2QyIkHxcE1G6cxvx/K2Ya7Irl1s9N9WMJtxU51nus6+N8 -6U78dULI7ViVDAZCopz35HCz33JvWjdAidiFpNfxC95DGdRKWCyMijmev4SH8RY7 -Ngzp07TKbBlBUgmhHbBqv4LvcFEhMtwFdozL92TkA1CvjJFnq8Xy7ljY3r735zHP -bMk7ccHViLVlvMDoFxcHErVc0qsgk7TmgoNwNsXNo42ti+yjwUOH5kPiNL6VizXt -BznaqB16nzaeErAMZRKQFWDZJkBE41ZgpRDUajz9QdwOWke275dhdU/Z/seyHdTt -XUmzqWrLZoQT1Vyg3N9udwbRcXXIV2+vD3dbAgMBAAGjQjBAMA8GA1UdEwEB/wQF -MAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRUrfrHkleuyjWcLhL75Lpd -INyUVzANBgkqhkiG9w0BAQsFAAOCAgEAMJmdBTLIXg47mAE6iqTnB/d6+Oea31BD -U5cqPco8R5gu4RV78ZLzYdqQJRZlwJ9UXQ4DO1t3ApyEtg2YXzTdO2PCwyiBwpwp -LiniyMMB8jPqKqrMCQj3ZWfGzd/TtiunvczRDnBfuCPRy5FOCvTIeuXZYzbB1N/8 -Ipf3YF3qKS9Ysr1YvY2WTxB1v0h7PVGHoTx0IsL8B3+A3MSs/mrBcDCw6Y5p4ixp -gZQJut3+TcCDjJRYwEYgr5wfAvg1VUkvRtTA8KCWAg8zxXHzniN9lLf9OtMJgwYh -/WA9rjLA0u6NpvDntIJ8CsxwyXmA+P5M9zWEGYox+wrZ13+b8KKaa8MFSu1BYBQw -0aoRQm7TIwIEC8Zl3d1Sd9qBa7Ko+gE4uZbqKmxnl4mUnrzhVNXkanjvSr0rmj1A -fsbAddJu+2gw7OyLnflJNZoaLNmzlTnVHpL3prllL+U9bTpITAjc5CgSKL59NVzq -4BZ+Extq1z7XnvwtdbLBFNUjA9tbbws+eC8N3jONFrdI54OagQ97wUNNVQQXOEpR -1VmiiXTTn74eS9fGbbeIJG9gkaSChVtWQbzQRKtqE77RLFi3EjNYsjdj3BP1lB0/ -QFH1T/U67cjF68IeHRaVesd+QnGTbksVtzDfqu1XhUisHWrdOWnk4Xl4vs4Fv6EM -94B7IWcnMFk= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEDzCCAvegAwIBAgIBADANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJVUzEl -MCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMp -U3RhcmZpZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQw -NjI5MTczOTE2WhcNMzQwNjI5MTczOTE2WjBoMQswCQYDVQQGEwJVUzElMCMGA1UE -ChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMpU3RhcmZp -ZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggEgMA0GCSqGSIb3 -DQEBAQUAA4IBDQAwggEIAoIBAQC3Msj+6XGmBIWtDBFk385N78gDGIc/oav7PKaf -8MOh2tTYbitTkPskpD6E8J7oX+zlJ0T1KKY/e97gKvDIr1MvnsoFAZMej2YcOadN -+lq2cwQlZut3f+dZxkqZJRRU6ybH838Z1TBwj6+wRir/resp7defqgSHo9T5iaU0 -X9tDkYI22WY8sbi5gv2cOj4QyDvvBmVmepsZGD3/cVE8MC5fvj13c7JdBmzDI1aa -K4UmkhynArPkPw2vCHmCuDY96pzTNbO8acr1zJ3o/WSNF4Azbl5KXZnJHoe0nRrA -1W4TNSNe35tfPe/W93bC6j67eA0cQmdrBNj41tpvi/JEoAGrAgEDo4HFMIHCMB0G -A1UdDgQWBBS/X7fRzt0fhvRbVazc1xDCDqmI5zCBkgYDVR0jBIGKMIGHgBS/X7fR -zt0fhvRbVazc1xDCDqmI56FspGowaDELMAkGA1UEBhMCVVMxJTAjBgNVBAoTHFN0 -YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xMjAwBgNVBAsTKVN0YXJmaWVsZCBD -bGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMAwGA1UdEwQFMAMBAf8w -DQYJKoZIhvcNAQEFBQADggEBAAWdP4id0ckaVaGsafPzWdqbAYcaT1epoXkJKtv3 -L7IezMdeatiDh6GX70k1PncGQVhiv45YuApnP+yz3SFmH8lU+nLMPUxA2IGvd56D -eruix/U0F47ZEUD0/CwqTRV/p2JdLiXTAAsgGh1o+Re49L2L7ShZ3U0WixeDyLJl -xy16paq8U4Zt3VekyvggQQto8PT7dL5WXXp59fkdheMtlb71cZBDzI0fmgAKhynp -VSJYACPq4xJDKVtHCN2MQWplBqjlIapBtJUhlbl90TSrE9atvNziPTnNvT51cKEY -WQPJIrSPnNVeKtelttQKbfi3QBFGmh95DmK/D5fs4C8fF5Q= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID3TCCAsWgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBjzELMAkGA1UEBhMCVVMx -EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoT -HFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xMjAwBgNVBAMTKVN0YXJmaWVs -ZCBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5MDkwMTAwMDAw -MFoXDTM3MTIzMTIzNTk1OVowgY8xCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6 -b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFyZmllbGQgVGVj -aG5vbG9naWVzLCBJbmMuMTIwMAYDVQQDEylTdGFyZmllbGQgUm9vdCBDZXJ0aWZp -Y2F0ZSBBdXRob3JpdHkgLSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC -ggEBAL3twQP89o/8ArFvW59I2Z154qK3A2FWGMNHttfKPTUuiUP3oWmb3ooa/RMg -nLRJdzIpVv257IzdIvpy3Cdhl+72WoTsbhm5iSzchFvVdPtrX8WJpRBSiUZV9Lh1 -HOZ/5FSuS/hVclcCGfgXcVnrHigHdMWdSL5stPSksPNkN3mSwOxGXn/hbVNMYq/N -Hwtjuzqd+/x5AJhhdM8mgkBj87JyahkNmcrUDnXMN/uLicFZ8WJ/X7NfZTD4p7dN -dloedl40wOiWVpmKs/B/pM293DIxfJHP4F8R+GuqSVzRmZTRouNjWwl2tVZi4Ut0 -HZbUJtQIBFnQmA4O5t78w+wfkPECAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAO -BgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFHwMMh+n2TB/xH1oo2Kooc6rB1snMA0G -CSqGSIb3DQEBCwUAA4IBAQARWfolTwNvlJk7mh+ChTnUdgWUXuEok21iXQnCoKjU -sHU48TRqneSfioYmUeYs0cYtbpUgSpIB7LiKZ3sx4mcujJUDJi5DnUox9g61DLu3 -4jd/IroAow57UvtruzvE03lRTs2Q9GcHGcg8RnoNAX3FWOdt5oUwF5okxBDgBPfg -8n/Uqgr/Qh037ZTlZFkSIHc40zI+OIF1lnP6aI+xy84fxez6nH7PfrHxBy22/L/K -pL/QlwVKvOoYKAKQvVR4CSFx09F9HdkWsKlhPdAKACL8x3vLCWRFCztAgfd9fDL1 -mMpYjn0q7pBZc2T5NnReJaH1ZgUufzkVqSr7UIuOhWn0 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID7zCCAtegAwIBAgIBADANBgkqhkiG9w0BAQsFADCBmDELMAkGA1UEBhMCVVMx -EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoT -HFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xOzA5BgNVBAMTMlN0YXJmaWVs -ZCBTZXJ2aWNlcyBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5 -MDkwMTAwMDAwMFoXDTM3MTIzMTIzNTk1OVowgZgxCzAJBgNVBAYTAlVTMRAwDgYD -VQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFy -ZmllbGQgVGVjaG5vbG9naWVzLCBJbmMuMTswOQYDVQQDEzJTdGFyZmllbGQgU2Vy -dmljZXMgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBANUMOsQq+U7i9b4Zl1+OiFOxHz/Lz58gE20p -OsgPfTz3a3Y4Y9k2YKibXlwAgLIvWX/2h/klQ4bnaRtSmpDhcePYLQ1Ob/bISdm2 -8xpWriu2dBTrz/sm4xq6HZYuajtYlIlHVv8loJNwU4PahHQUw2eeBGg6345AWh1K -Ts9DkTvnVtYAcMtS7nt9rjrnvDH5RfbCYM8TWQIrgMw0R9+53pBlbQLPLJGmpufe -hRhJfGZOozptqbXuNC66DQO4M99H67FrjSXZm86B0UVGMpZwh94CDklDhbZsc7tk -6mFBrMnUVN+HL8cisibMn1lUaJ/8viovxFUcdUBgF4UCVTmLfwUCAwEAAaNCMEAw -DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFJxfAN+q -AdcwKziIorhtSpzyEZGDMA0GCSqGSIb3DQEBCwUAA4IBAQBLNqaEd2ndOxmfZyMI -bw5hyf2E3F/YNoHN2BtBLZ9g3ccaaNnRbobhiCPPE95Dz+I0swSdHynVv/heyNXB -ve6SbzJ08pGCL72CQnqtKrcgfU28elUSwhXqvfdqlS5sdJ/PHLTyxQGjhdByPq1z -qwubdQxtRbeOlKyWN7Wg0I8VRw7j6IPdj/3vQQF3zCepYoUz8jcI73HPdwbeyBkd -iEDPfUYd/x7H4c7/I9vG+o1VTqkC50cRRj70/b17KSa7qWFiNyi2LSr2EIZkyXCn -0q23KXB56jzaYyWf/Wi3MOxw+3WKt21gZ7IeyLnp2KhvAotnDU0mV3HaIPzBSlCN -sSi6 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFujCCA6KgAwIBAgIJALtAHEP1Xk+wMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV -BAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcxHzAdBgNVBAMTFlN3aXNzU2ln -biBHb2xkIENBIC0gRzIwHhcNMDYxMDI1MDgzMDM1WhcNMzYxMDI1MDgzMDM1WjBF -MQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dpc3NTaWduIEFHMR8wHQYDVQQDExZT -d2lzc1NpZ24gR29sZCBDQSAtIEcyMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC -CgKCAgEAr+TufoskDhJuqVAtFkQ7kpJcyrhdhJJCEyq8ZVeCQD5XJM1QiyUqt2/8 -76LQwB8CJEoTlo8jE+YoWACjR8cGp4QjK7u9lit/VcyLwVcfDmJlD909Vopz2q5+ -bbqBHH5CjCA12UNNhPqE21Is8w4ndwtrvxEvcnifLtg+5hg3Wipy+dpikJKVyh+c -6bM8K8vzARO/Ws/BtQpgvd21mWRTuKCWs2/iJneRjOBiEAKfNA+k1ZIzUd6+jbqE -emA8atufK+ze3gE/bk3lUIbLtK/tREDFylqM2tIrfKjuvqblCqoOpd8FUrdVxyJd -MmqXl2MT28nbeTZ7hTpKxVKJ+STnnXepgv9VHKVxaSvRAiTysybUa9oEVeXBCsdt -MDeQKuSeFDNeFhdVxVu1yzSJkvGdJo+hB9TGsnhQ2wwMC3wLjEHXuendjIj3o02y -MszYF9rNt85mndT9Xv+9lz4pded+p2JYryU0pUHHPbwNUMoDAw8IWh+Vc3hiv69y -FGkOpeUDDniOJihC8AcLYiAQZzlG+qkDzAQ4embvIIO1jEpWjpEA/I5cgt6IoMPi -aG59je883WX0XaxR7ySArqpWl2/5rX3aYT+YdzylkbYcjCbaZaIJbcHiVOO5ykxM -gI93e2CaHt+28kgeDrpOVG2Y4OGiGqJ3UM/EY5LsRxmd6+ZrzsECAwEAAaOBrDCB -qTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUWyV7 -lqRlUX64OfPAeGZe6Drn8O4wHwYDVR0jBBgwFoAUWyV7lqRlUX64OfPAeGZe6Drn -8O4wRgYDVR0gBD8wPTA7BglghXQBWQECAQEwLjAsBggrBgEFBQcCARYgaHR0cDov -L3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS8wDQYJKoZIhvcNAQEFBQADggIBACe6 -45R88a7A3hfm5djV9VSwg/S7zV4Fe0+fdWavPOhWfvxyeDgD2StiGwC5+OlgzczO -UYrHUDFu4Up+GC9pWbY9ZIEr44OE5iKHjn3g7gKZYbge9LgriBIWhMIxkziWMaa5 -O1M/wySTVltpkuzFwbs4AOPsF6m43Md8AYOfMke6UiI0HTJ6CVanfCU2qT1L2sCC -bwq7EsiHSycR+R4tx5M/nttfJmtS2S6K8RTGRI0Vqbe/vd6mGu6uLftIdxf+u+yv -GPUqUfA5hJeVbG4bwyvEdGB5JbAKJ9/fXtI5z0V9QkvfsywexcZdylU6oJxpmo/a -77KwPJ+HbBIrZXAVUjEaJM9vMSNQH4xPjyPDdEFjHFWoFN0+4FFQz/EbMFYOkrCC -hdiDyyJkvC24JdVUorgG6q2SpCSgwYa1ShNqR88uC1aVVMvOmttqtKay20EIhid3 -92qgQmwLOM7XdVAyksLfKzAiSNDVQTglXaTpXZ/GlHXQRf0wl0OPkKsKx4ZzYEpp -Ld6leNcG2mqeSz53OiATIgHQv2ieY2BrNU0LbbqhPcCT4H8js1WtciVORvnSFu+w -ZMEBnunKoGqYDs/YYPIvSbjkQuE4NRb0yG5P94FW6LqjviOvrv1vA+ACOzB2+htt -Qc8Bsem4yWb02ybzOqR08kkkW8mw0FfB+j564ZfJ ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFwTCCA6mgAwIBAgIITrIAZwwDXU8wDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE -BhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEjMCEGA1UEAxMaU3dpc3NTaWdu -IFBsYXRpbnVtIENBIC0gRzIwHhcNMDYxMDI1MDgzNjAwWhcNMzYxMDI1MDgzNjAw -WjBJMQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dpc3NTaWduIEFHMSMwIQYDVQQD -ExpTd2lzc1NpZ24gUGxhdGludW0gQ0EgLSBHMjCCAiIwDQYJKoZIhvcNAQEBBQAD -ggIPADCCAgoCggIBAMrfogLi2vj8Bxax3mCq3pZcZB/HL37PZ/pEQtZ2Y5Wu669y -IIpFR4ZieIbWIDkm9K6j/SPnpZy1IiEZtzeTIsBQnIJ71NUERFzLtMKfkr4k2Htn -IuJpX+UFeNSH2XFwMyVTtIc7KZAoNppVRDBopIOXfw0enHb/FZ1glwCNioUD7IC+ -6ixuEFGSzH7VozPY1kneWCqv9hbrS3uQMpe5up1Y8fhXSQQeol0GcN1x2/ndi5ob -jM89o03Oy3z2u5yg+gnOI2Ky6Q0f4nIoj5+saCB9bzuohTEJfwvH6GXp43gOCWcw -izSC+13gzJ2BbWLuCB4ELE6b7P6pT1/9aXjvCR+htL/68++QHkwFix7qepF6w9fl -+zC8bBsQWJj3Gl/QKTIDE0ZNYWqFTFJ0LwYfexHihJfGmfNtf9dng34TaNhxKFrY -zt3oEBSa/m0jh26OWnA81Y0JAKeqvLAxN23IhBQeW71FYyBrS3SMvds6DsHPWhaP -pZjydomyExI7C3d3rLvlPClKknLKYRorXkzig3R3+jVIeoVNjZpTxN94ypeRSCtF -KwH3HBqi7Ri6Cr2D+m+8jVeTO9TUps4e8aCxzqv9KyiaTxvXw3LbpMS/XUz13XuW -ae5ogObnmLo2t/5u7Su9IPhlGdpVCX4l3P5hYnL5fhgC72O00Puv5TtjjGePAgMB -AAGjgawwgakwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O -BBYEFFCvzAeHFUdvOMW0ZdHelarp35zMMB8GA1UdIwQYMBaAFFCvzAeHFUdvOMW0 -ZdHelarp35zMMEYGA1UdIAQ/MD0wOwYJYIV0AVkBAQEBMC4wLAYIKwYBBQUHAgEW -IGh0dHA6Ly9yZXBvc2l0b3J5LnN3aXNzc2lnbi5jb20vMA0GCSqGSIb3DQEBBQUA -A4ICAQAIhab1Fgz8RBrBY+D5VUYI/HAcQiiWjrfFwUF1TglxeeVtlspLpYhg0DB0 -uMoI3LQwnkAHFmtllXcBrqS3NQuB2nEVqXQXOHtYyvkv+8Bldo1bAbl93oI9ZLi+ -FHSjClTTLJUYFzX1UWs/j6KWYTl4a0vlpqD4U99REJNi54Av4tHgvI42Rncz7Lj7 -jposiU0xEQ8mngS7twSNC/K5/FqdOxa3L8iYq/6KUFkuozv8KV2LwUvJ4ooTHbG/ -u0IdUt1O2BReEMYxB+9xJ/cbOQncguqLs5WGXv312l0xpuAxtpTmREl0xRbl9x8D -YSjFyMsSoEJL+WuICI20MhjzdZ/EfwBPBZWcoxcCw7NTm6ogOSkrZvqdr16zktK1 -puEa+S1BaYEUtLS17Yk9zvupnTVCRLEcFHOBzyoBNZox1S2PbYTfgE1X4z/FhHXa -icYwu+uPyyIIoK6q8QNsOktNCaUOcsZWayFCTiMlFGiudgp8DAdwZPmaL/YFOSbG -DI8Zf0NebvRbFS/bYV3mZy8/CJT5YLSYMdp08YSTcU1f+2BY0fvEwW2JorsgH51x -kcsymxM9Pn2SUjWskpSi0xjCfMfqr3YFFt1nJ8J+HAciIfNAChs0B0QTwoRqjt8Z -Wr9/6x3iGjjRXK9HkmuAtTClyY3YqzGBH9/CZjfTk6mFhnll0g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFvTCCA6WgAwIBAgIITxvUL1S7L0swDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UE -BhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEhMB8GA1UEAxMYU3dpc3NTaWdu -IFNpbHZlciBDQSAtIEcyMB4XDTA2MTAyNTA4MzI0NloXDTM2MTAyNTA4MzI0Nlow -RzELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEhMB8GA1UEAxMY -U3dpc3NTaWduIFNpbHZlciBDQSAtIEcyMIICIjANBgkqhkiG9w0BAQEFAAOCAg8A -MIICCgKCAgEAxPGHf9N4Mfc4yfjDmUO8x/e8N+dOcbpLj6VzHVxumK4DV644N0Mv -Fz0fyM5oEMF4rhkDKxD6LHmD9ui5aLlV8gREpzn5/ASLHvGiTSf5YXu6t+WiE7br -YT7QbNHm+/pe7R20nqA1W6GSy/BJkv6FCgU+5tkL4k+73JU3/JHpMjUi0R86TieF -nbAVlDLaYQ1HTWBCrpJH6INaUFjpiou5XaHc3ZlKHzZnu0jkg7Y360g6rw9njxcH -6ATK72oxh9TAtvmUcXtnZLi2kUpCe2UuMGoM9ZDulebyzYLs2aFK7PayS+VFheZt -eJMELpyCbTapxDFkH4aDCyr0NQp4yVXPQbBH6TCfmb5hqAaEuSh6XzjZG6k4sIN/ -c8HDO0gqgg8hm7jMqDXDhBuDsz6+pJVpATqJAHgE2cn0mRmrVn5bi4Y5FZGkECwJ -MoBgs5PAKrYYC51+jUnyEEp/+dVGLxmSo5mnJqy7jDzmDrxHB9xzUfFwZC8I+bRH -HTBsROopN4WSaGa8gzj+ezku01DwH/teYLappvonQfGbGHLy9YR0SslnxFSuSGTf -jNFusB3hB48IHpmccelM2KX3RxIfdNFRnobzwqIjQAtz20um53MGjMGg6cFZrEb6 -5i/4z3GcRm25xBWNOHkDRUjvxF3XCO6HOSKGsg0PWEP3calILv3q1h8CAwEAAaOB -rDCBqTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU -F6DNweRBtjpbO8tFnb0cwpj6hlgwHwYDVR0jBBgwFoAUF6DNweRBtjpbO8tFnb0c -wpj6hlgwRgYDVR0gBD8wPTA7BglghXQBWQEDAQEwLjAsBggrBgEFBQcCARYgaHR0 -cDovL3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS8wDQYJKoZIhvcNAQEFBQADggIB -AHPGgeAn0i0P4JUw4ppBf1AsX19iYamGamkYDHRJ1l2E6kFSGG9YrVBWIGrGvShp -WJHckRE1qTodvBqlYJ7YH39FkWnZfrt4csEGDyrOj4VwYaygzQu4OSlWhDJOhrs9 -xCrZ1x9y7v5RoSJBsXECYxqCsGKrXlcSH9/L3XWgwF15kIwb4FDm3jH+mHtwX6WQ -2K34ArZv02DdQEsixT2tOnqfGhpHkXkzuoLcMmkDlm4fS/Bx/uNncqCxv1yL5PqZ -IseEuRuNI5c/7SXgz2W79WEE790eslpBIlqhn10s6FvJbakMDHiqYMZWjwFaDGi8 -aRl5xB9+lwW/xekkUV7U1UtT7dkjWjYDZaPBA61BMPNGG4WQr2W11bHkFlt4dR2X -em1ZqSqPe97Dh4kQmUlzeMg9vVE1dCrV8X5pGyq7O70luJpaPXJhkGaH7gzWTdQR -dAtq/gsD/KNVV4n+SsuuWxcFyPKNIzFTONItaj+CuY0IavdeQXRuwxF+B6wpYJE/ -OMpXEA29MC/HpeZBoNquBYeaoKRlbEwJDIm6uNO5wJOKMPqN5ZprFQFOZ6raYlY+ -hAhm0sQ2fac+EPyI4NSA5QC9qvNOBqN6avlicuMJT+ubDgEj8Z+7fNzcbBGXJbLy -tGMU0gYqZ4yD9c7qB9iaah7s5Aq7KkzrCWA5zspi2C5u ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF2TCCA8GgAwIBAgIQHp4o6Ejy5e/DfEoeWhhntjANBgkqhkiG9w0BAQsFADBk -MQswCQYDVQQGEwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0 -YWwgQ2VydGlmaWNhdGUgU2VydmljZXMxGzAZBgNVBAMTElN3aXNzY29tIFJvb3Qg -Q0EgMjAeFw0xMTA2MjQwODM4MTRaFw0zMTA2MjUwNzM4MTRaMGQxCzAJBgNVBAYT -AmNoMREwDwYDVQQKEwhTd2lzc2NvbTElMCMGA1UECxMcRGlnaXRhbCBDZXJ0aWZp -Y2F0ZSBTZXJ2aWNlczEbMBkGA1UEAxMSU3dpc3Njb20gUm9vdCBDQSAyMIICIjAN -BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAlUJOhJ1R5tMJ6HJaI2nbeHCOFvEr -jw0DzpPMLgAIe6szjPTpQOYXTKueuEcUMncy3SgM3hhLX3af+Dk7/E6J2HzFZ++r -0rk0X2s682Q2zsKwzxNoysjL67XiPS4h3+os1OD5cJZM/2pYmLcX5BtS5X4HAB1f -2uY+lQS3aYg5oUFgJWFLlTloYhyxCwWJwDaCFCE/rtuh/bxvHGCGtlOUSbkrRsVP -ACu/obvLP+DHVxxX6NZp+MEkUp2IVd3Chy50I9AU/SpHWrumnf2U5NGKpV+GY3aF -y6//SSj8gO1MedK75MDvAe5QQQg1I3ArqRa0jG6F6bYRzzHdUyYb3y1aSgJA/MTA -tukxGggo5WDDH8SQjhBiYEQN7Aq+VRhxLKX0srwVYv8c474d2h5Xszx+zYIdkeNL -6yxSNLCK/RJOlrDrcH+eOfdmQrGrrFLadkBXeyq96G4DsguAhYidDMfCd7Camlf0 -uPoTXGiTOmekl9AbmbeGMktg2M7v0Ax/lZ9vh0+Hio5fCHyqW/xavqGRn1V9TrAL -acywlKinh/LTSlDcX3KwFnUey7QYYpqwpzmqm59m2I2mbJYV4+by+PGDYmy7Velh -k6M99bFXi08jsJvllGov34zflVEpYKELKeRcVVi3qPyZ7iVNTA6z00yPhOgpD/0Q -VAKFyPnlw4vP5w8CAwEAAaOBhjCBgzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0hBBYw -FDASBgdghXQBUwIBBgdghXQBUwIBMBIGA1UdEwEB/wQIMAYBAf8CAQcwHQYDVR0O -BBYEFE0mICKJS9PVpAqhb97iEoHF8TwuMB8GA1UdIwQYMBaAFE0mICKJS9PVpAqh -b97iEoHF8TwuMA0GCSqGSIb3DQEBCwUAA4ICAQAyCrKkG8t9voJXiblqf/P0wS4R -fbgZPnm3qKhyN2abGu2sEzsOv2LwnN+ee6FTSA5BesogpxcbtnjsQJHzQq0Qw1zv -/2BZf82Fo4s9SBwlAjxnffUy6S8w5X2lejjQ82YqZh6NM4OKb3xuqFp1mrjX2lhI -REeoTPpMSQpKwhI3qEAMw8jh0FcNlzKVxzqfl9NX+Ave5XLzo9v/tdhZsnPdTSpx -srpJ9csc1fV5yJmz/MFMdOO0vSk3FQQoHt5FRnDsr7p4DooqzgB53MBfGWcsa0vv -aGgLQ+OswWIJ76bdZWGgr4RVSJFSHMYlkSrQwSIjYVmvRRGFHQEkNI/Ps/8XciAT -woCqISxxOQ7Qj1zB09GOInJGTB2Wrk9xseEFKZZZ9LuedT3PDTcNYtsmjGOpI99n -Bjx8Oto0QuFmtEYE3saWmA9LSHokMnWRn6z3aOkquVVlzl1h0ydw2Df+n7mvoC5W -t6NlUe07qxS/TFED6F+KBZvuim6c779o+sjaC+NCydAXFJy3SuCvkychVSa1ZC+N -8f+mQAWFBVzKBxlcCxMoTFh/wqXvRdpg065lYZ1Tg3TCrvJcwhbtkj6EPnNgiLx2 -9CzP0H1907he0ZESEOnN3col49XtmS++dYFLJPlFRpTJKSFTnCZFqhMX5OfNeOI5 -wSsSnqaeG8XmDtkx2Q== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICqDCCAi2gAwIBAgIQIW4zpcvTiKRvKQe0JzzE2DAKBggqhkjOPQQDAzCBlDEL -MAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYD -VQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRlYyBD -bGFzcyAxIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0g -RzQwHhcNMTExMDA1MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBlDELMAkGA1UEBhMC -VVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYDVQQLExZTeW1h -bnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRlYyBDbGFzcyAxIFB1 -YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzQwdjAQBgcq -hkjOPQIBBgUrgQQAIgNiAATXZrUb266zYO5G6ohjdTsqlG3zXxL24w+etgoUU0hS -yNw6s8tIICYSTvqJhNTfkeQpfSgB2dsYQ2mhH7XThhbcx39nI9/fMTGDAzVwsUu3 -yBe7UcvclBfb6gk7dhLeqrWjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E -BTADAQH/MB0GA1UdDgQWBBRlwI0l9Qy6l3eQP54u4Fr1ztXh5DAKBggqhkjOPQQD -AwNpADBmAjEApa7jRlP4mDbjIvouKEkN7jB+M/PsP3FezFWJeJmssv3cHFwzjim5 -axfIEWi13IMHAjEAnMhE2mnCNsNUGRCFAtqdR+9B52wmnQk9922Q0QVEL7C8g5No -8gxFSTm/mQQc0xCg ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID9jCCAt6gAwIBAgIQJDJ18h0v0gkz97RqytDzmDANBgkqhkiG9w0BAQsFADCB -lDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8w -HQYDVQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRl -YyBDbGFzcyAxIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5 -IC0gRzYwHhcNMTExMDE4MDAwMDAwWhcNMzcxMjAxMjM1OTU5WjCBlDELMAkGA1UE -BhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYDVQQLExZT -eW1hbnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRlYyBDbGFzcyAx -IFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzYwggEi -MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHOddJZKmZgiJM6kXZBxbje/SD -6Jlz+muxNuCad6BAwoGNAcfMjL2Pffd543pMA03Z+/2HOCgs3ZqLVAjbZ/sbjP4o -ki++t7JIp4Gh2F6Iw8w5QEFa0dzl2hCfL9oBTf0uRnz5LicKaTfukaMbasxEvxvH -w9QRslBglwm9LiL1QYRmn81ApqkAgMEflZKf3vNI79sdd2H8f9/ulqRy0LY+/3gn -r8uSFWkI22MQ4uaXrG7crPaizh5HmbmJtxLmodTNWRFnw2+F2EJOKL5ZVVkElauP -N4C/DfD8HzpkMViBeNfiNfYgPym4jxZuPkjctUwH4fIa6n4KedaovetdhitNAgMB -AAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQW -BBQzQejIORIVk0jyljIuWvXalF9TYDANBgkqhkiG9w0BAQsFAAOCAQEAFeNzV7EX -tl9JaUSm9l56Z6zS3nVJq/4lVcc6yUQVEG6/MWvL2QeTfxyFYwDjMhLgzMv7OWyP -4lPiPEAz2aSMR+atWPuJr+PehilWNCxFuBL6RIluLRQlKCQBZdbqUqwFblYSCT3Q -dPTXvQbKqDqNVkL6jXI+dPEDct+HG14OelWWLDi3mIXNTTNEyZSPWjEwN0ujOhKz -5zbRIWhLLTjmU64cJVYIVgNnhJ3Gw84kYsdMNs+wBkS39V8C3dlU6S+QTnrIToNA -DJqXPDe/v+z28LSFdyjBC8hnghAXOKK3Buqbvzr46SMHv3TgmDgVVXjucgBcGaP0 -0jPg/73RVDkpDw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICqDCCAi2gAwIBAgIQNBdlEkA7t1aALYDLeVWmHjAKBggqhkjOPQQDAzCBlDEL -MAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYD -VQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRlYyBD -bGFzcyAyIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0g -RzQwHhcNMTExMDA1MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBlDELMAkGA1UEBhMC -VVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYDVQQLExZTeW1h -bnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRlYyBDbGFzcyAyIFB1 -YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzQwdjAQBgcq -hkjOPQIBBgUrgQQAIgNiAATR2UqOTA2ESlG6fO/TzPo6mrWnYxM9AeBJPvrBR8mS -szrX/m+c95o6D/UOCgrDP8jnEhSO1dVtmCyzcTIK6yq99tdqIAtnRZzSsr9TImYJ -XdsR8/EFM1ij4rjPfM2Cm72jQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E -BTADAQH/MB0GA1UdDgQWBBQ9MvM6qQyQhPmijGkGYVQvh3L+BTAKBggqhkjOPQQD -AwNpADBmAjEAyKapr0F/tckRQhZoaUxcuCcYtpjxwH+QbYfTjEYX8D5P/OqwCMR6 -S7wIL8fip29lAjEA1lnehs5fDspU1cbQFQ78i5Ry1I4AWFPPfrFLDeVQhuuea9// -KabYR9mglhjb8kWz ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID9jCCAt6gAwIBAgIQZIKe/DcedF38l/+XyLH/QTANBgkqhkiG9w0BAQsFADCB -lDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8w -HQYDVQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRl -YyBDbGFzcyAyIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5 -IC0gRzYwHhcNMTExMDE4MDAwMDAwWhcNMzcxMjAxMjM1OTU5WjCBlDELMAkGA1UE -BhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYDVQQLExZT -eW1hbnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRlYyBDbGFzcyAy -IFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzYwggEi -MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNzOkFyGOFyz9AYxe9GPo15gRn -V2WYKaRPyVyPDzTS+NqoE2KquB5QZ3iwFkygOakVeq7t0qLA8JA3KRgmXOgNPLZs -ST/B4NzZS7YUGQum05bh1gnjGSYc+R9lS/kaQxwAg9bQqkmi1NvmYji6UBRDbfkx -+FYW2TgCkc/rbN27OU6Z4TBnRfHU8I3D3/7yOAchfQBeVkSz5GC9kSucq1sEcg+y -KNlyqwUgQiWpWwNqIBDMMfAr2jUs0Pual07wgksr2F82owstr2MNHSV/oW5cYqGN -KD6h/Bwg+AEvulWaEbAZ0shQeWsOagXXqgQ2sqPy4V93p3ec5R7c6d9qwWVdAgMB -AAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQW -BBSHjCCVyJhK0daABkqQNETfHE2/sDANBgkqhkiG9w0BAQsFAAOCAQEAgY6ypWaW -tyGltu9vI1pf24HFQqV4wWn99DzX+VxrcHIa/FqXTQCAiIiCisNxDY7FiZss7Y0L -0nJU9X3UXENX6fOupQIR9nYrgVfdfdp0MP1UR/bgFm6mtApI5ud1Bw8pGTnOefS2 -bMVfmdUfS/rfbSw8DVSAcPCIC4DPxmiiuB1w2XaM/O6lyc+tHc+ZJVdaYkXLFmu9 -Sc2lo4xpeSWuuExsi0BmSxY/zwIa3eFsawdhanYVKZl/G92IgMG/tY9zxaaWI4Sm -KIYkM2oBLldzJbZev4/mHWGoQClnHYebHX+bn5nNMdZUvmK7OaxoEkiRIKXLsd3+ -b/xa5IJVWa8xqQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUx -KzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAd -BgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNl -YyBHbG9iYWxSb290IENsYXNzIDIwHhcNMDgxMDAxMTA0MDE0WhcNMzMxMDAxMjM1 -OTU5WjCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnBy -aXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50 -ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDIwggEiMA0G -CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqX9obX+hzkeXaXPSi5kfl82hVYAUd -AqSzm1nzHoqvNK38DcLZSBnuaY/JIPwhqgcZ7bBcrGXHX+0CfHt8LRvWurmAwhiC -FoT6ZrAIxlQjgeTNuUk/9k9uN0goOA/FvudocP05l03Sx5iRUKrERLMjfTlH6VJi -1hKTXrcxlkIF+3anHqP1wvzpesVsqXFP6st4vGCvx9702cu+fjOlbpSD8DT6Iavq -jnKgP6TeMFvvhk1qlVtDRKgQFRzlAVfFmPHmBiiRqiDFt1MmUUOyCxGVWOHAD3bZ -wI18gfNycJ5v/hqO2V81xrJvNHy+SE/iWjnX2J14np+GPgNeGYtEotXHAgMBAAGj -QjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBS/ -WSA2AHmgoCJrjNXyYdK4LMuCSjANBgkqhkiG9w0BAQsFAAOCAQEAMQOiYQsfdOhy -NsZt+U2e+iKo4YFWz827n+qrkRk4r6p8FU3ztqONpfSO9kSpp+ghla0+AGIWiPAC -uvxhI+YzmzB6azZie60EI4RYZeLbK4rnJVM3YlNfvNoBYimipidx5joifsFvHZVw -IEoHNN/q/xWA5brXethbdXwFeilHfkCoMRN3zUA7tFFHei4R40cR3p1m0IvVVGb6 -g1XqfMIpiRvpb7PO4gWEyS8+eIVibslfwXhjdFjASBgMmTnrpMwatXlajRWc2BQN -9noHV8cigwUtPJslJj0Ys6lDfMjIq2SPDqO/nBudMNva0Bkuqjzx+zOAduTNrRlP -BSeOE6Fuwg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUx -KzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAd -BgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNl -YyBHbG9iYWxSb290IENsYXNzIDMwHhcNMDgxMDAxMTAyOTU2WhcNMzMxMDAxMjM1 -OTU5WjCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnBy -aXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50 -ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDMwggEiMA0G -CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9dZPwYiJvJK7genasfb3ZJNW4t/zN -8ELg63iIVl6bmlQdTQyK9tPPcPRStdiTBONGhnFBSivwKixVA9ZIw+A5OO3yXDw/ -RLyTPWGrTs0NvvAgJ1gORH8EGoel15YUNpDQSXuhdfsaa3Ox+M6pCSzyU9XDFES4 -hqX2iys52qMzVNn6chr3IhUciJFrf2blw2qAsCTz34ZFiP0Zf3WHHx+xGwpzJFu5 -ZeAsVMhg02YXP+HMVDNzkQI6pn97djmiH5a2OK61yJN0HZ65tOVgnS9W0eDrXltM -EnAMbEQgqxHY9Bn20pxSN+f6tsIxO0rUFJmtxxr1XV/6B7h8DR/Wgx6zAgMBAAGj -QjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBS1 -A/d2O2GCahKqGFPrAyGUv/7OyjANBgkqhkiG9w0BAQsFAAOCAQEAVj3vlNW92nOy -WL6ukK2YJ5f+AbGwUgC4TeQbIXQbfsDuXmkqJa9c1h3a0nnJ85cp4IaH3gRZD/FZ -1GSFS5mvJQQeyUapl96Cshtwn5z2r3Ex3XsFpSzTucpH9sry9uetuUg/vBa3wW30 -6gmv7PO15wWeph6KU1HWk4HMdJP2udqmJQV0eVp+QD6CSyYRMG7hP0HHRwA11fXT -91Q+gT3aSWqas+8QPebrb9HIIkfLzM8BMZLZGOMivgkeGj5asuRrDFR6fUNOuIml -e9eiPZaGzPImNC1qkp2aGtAw4l1OBLBfiyB+d8E9lYLRRpo7PHi4b6HQDWSieB4p -TpPDpFQUWw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEqjCCA5KgAwIBAgIOSkcAAQAC5aBd1j8AUb8wDQYJKoZIhvcNAQEFBQAwdjEL -MAkGA1UEBhMCREUxHDAaBgNVBAoTE1RDIFRydXN0Q2VudGVyIEdtYkgxIjAgBgNV -BAsTGVRDIFRydXN0Q2VudGVyIENsYXNzIDMgQ0ExJTAjBgNVBAMTHFRDIFRydXN0 -Q2VudGVyIENsYXNzIDMgQ0EgSUkwHhcNMDYwMTEyMTQ0MTU3WhcNMjUxMjMxMjI1 -OTU5WjB2MQswCQYDVQQGEwJERTEcMBoGA1UEChMTVEMgVHJ1c3RDZW50ZXIgR21i -SDEiMCAGA1UECxMZVEMgVHJ1c3RDZW50ZXIgQ2xhc3MgMyBDQTElMCMGA1UEAxMc -VEMgVHJ1c3RDZW50ZXIgQ2xhc3MgMyBDQSBJSTCCASIwDQYJKoZIhvcNAQEBBQAD -ggEPADCCAQoCggEBALTgu1G7OVyLBMVMeRwjhjEQY0NVJz/GRcekPewJDRoeIMJW -Ht4bNwcwIi9v8Qbxq63WyKthoy9DxLCyLfzDlml7forkzMA5EpBCYMnMNWju2l+Q -Vl/NHE1bWEnrDgFPZPosPIlY2C8u4rBo6SI7dYnWRBpl8huXJh0obazovVkdKyT2 -1oQDZogkAHhg8fir/gKya/si+zXmFtGt9i4S5Po1auUZuV3bOx4a+9P/FRQI2Alq -ukWdFHlgfa9Aigdzs5OW03Q0jTo3Kd5c7PXuLjHCINy+8U9/I1LZW+Jk2ZyqBwi1 -Rb3R0DHBq1SfqdLDYmAD8bs5SpJKPQq5ncWg/jcCAwEAAaOCATQwggEwMA8GA1Ud -EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBTUovyfs8PYA9NX -XAek0CSnwPIA1DCB7QYDVR0fBIHlMIHiMIHfoIHcoIHZhjVodHRwOi8vd3d3LnRy -dXN0Y2VudGVyLmRlL2NybC92Mi90Y19jbGFzc18zX2NhX0lJLmNybIaBn2xkYXA6 -Ly93d3cudHJ1c3RjZW50ZXIuZGUvQ049VEMlMjBUcnVzdENlbnRlciUyMENsYXNz -JTIwMyUyMENBJTIwSUksTz1UQyUyMFRydXN0Q2VudGVyJTIwR21iSCxPVT1yb290 -Y2VydHMsREM9dHJ1c3RjZW50ZXIsREM9ZGU/Y2VydGlmaWNhdGVSZXZvY2F0aW9u -TGlzdD9iYXNlPzANBgkqhkiG9w0BAQUFAAOCAQEANmDkcPcGIEPZIxpC8vijsrlN -irTzwppVMXzEO2eatN9NDoqTSheLG43KieHPOh6sHfGcMrSOWXaiQYUlN6AT0PV8 -TtXqluJucsG7Kv5sbviRmEb8yRtXW+rIGjs/sFGYPAfaLFkB2otE6OF0/ado3VS6 -g0bsyEa1+K+XwDsJHI/OcpY9M1ZwvJbL2NV9IJqDnxrcOfHFcqMRA/07QlIp2+gB -95tejNaNhk4Z+rwcvsUhpYeeeC422wlxo3I0+GzjBgnyXlal092Y+tTmBvTwtiBj -S+opvaqCZh77gaqnN60TGOaSw4HBM7uIHqHn4rS9MWwOUT1v+5ZWgOI2F9Hc5A== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEYzCCA0ugAwIBAgIBATANBgkqhkiG9w0BAQsFADCB0jELMAkGA1UEBhMCVFIx -GDAWBgNVBAcTD0dlYnplIC0gS29jYWVsaTFCMEAGA1UEChM5VHVya2l5ZSBCaWxp -bXNlbCB2ZSBUZWtub2xvamlrIEFyYXN0aXJtYSBLdXJ1bXUgLSBUVUJJVEFLMS0w -KwYDVQQLEyRLYW11IFNlcnRpZmlrYXN5b24gTWVya2V6aSAtIEthbXUgU00xNjA0 -BgNVBAMTLVRVQklUQUsgS2FtdSBTTSBTU0wgS29rIFNlcnRpZmlrYXNpIC0gU3Vy -dW0gMTAeFw0xMzExMjUwODI1NTVaFw00MzEwMjUwODI1NTVaMIHSMQswCQYDVQQG -EwJUUjEYMBYGA1UEBxMPR2ViemUgLSBLb2NhZWxpMUIwQAYDVQQKEzlUdXJraXll -IEJpbGltc2VsIHZlIFRla25vbG9qaWsgQXJhc3Rpcm1hIEt1cnVtdSAtIFRVQklU -QUsxLTArBgNVBAsTJEthbXUgU2VydGlmaWthc3lvbiBNZXJrZXppIC0gS2FtdSBT -TTE2MDQGA1UEAxMtVFVCSVRBSyBLYW11IFNNIFNTTCBLb2sgU2VydGlmaWthc2kg -LSBTdXJ1bSAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3UwM6q7 -a9OZLBI3hNmNe5eA027n/5tQlT6QlVZC1xl8JoSNkvoBHToP4mQ4t4y86Ij5iySr -LqP1N+RAjhgleYN1Hzv/bKjFxlb4tO2KRKOrbEz8HdDc72i9z+SqzvBV96I01INr -N3wcwv61A+xXzry0tcXtAA9TNypN9E8Mg/uGz8v+jE69h/mniyFXnHrfA2eJLJ2X -YacQuFWQfw4tJzh03+f92k4S400VIgLI4OD8D62K18lUUMw7D8oWgITQUVbDjlZ/ -iSIzL+aFCr2lqBs23tPcLG07xxO9WSMs5uWk99gL7eqQQESolbuT1dCANLZGeA4f -AJNG4e7p+exPFwIDAQABo0IwQDAdBgNVHQ4EFgQUZT/HiobGPN08VFw1+DrtUgxH -V8gwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEL -BQADggEBACo/4fEyjq7hmFxLXs9rHmoJ0iKpEsdeV31zVmSAhHqT5Am5EM2fKifh -AHe+SMg1qIGf5LgsyX8OsNJLN13qudULXjS99HMpw+0mFZx+CFOKWI3QSyjfwbPf -IPP54+M638yclNhOT8NrF7f3cuitZjO1JVOr4PhMqZ398g26rrnZqsZr+ZO7rqu4 -lzwDGrpDxpa5RXI4s6ehlj2Re37AIVNMh+3yC1SVUZPVIqUNivGTDj5UDrDYyU7c -8jEyVupk+eq1nRZmQnLzf9OxMUP8pI4X8W0jq5Rm+K37DwhuJi1/FwcJsoz7UMCf -lo3Ptv0AnVoUmr8CRPXBwp8iXqIPoeM= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFQTCCAymgAwIBAgICDL4wDQYJKoZIhvcNAQELBQAwUTELMAkGA1UEBhMCVFcx -EjAQBgNVBAoTCVRBSVdBTi1DQTEQMA4GA1UECxMHUm9vdCBDQTEcMBoGA1UEAxMT -VFdDQSBHbG9iYWwgUm9vdCBDQTAeFw0xMjA2MjcwNjI4MzNaFw0zMDEyMzExNTU5 -NTlaMFExCzAJBgNVBAYTAlRXMRIwEAYDVQQKEwlUQUlXQU4tQ0ExEDAOBgNVBAsT -B1Jvb3QgQ0ExHDAaBgNVBAMTE1RXQ0EgR2xvYmFsIFJvb3QgQ0EwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQCwBdvI64zEbooh745NnHEKH1Jw7W2CnJfF -10xORUnLQEK1EjRsGcJ0pDFfhQKX7EMzClPSnIyOt7h52yvVavKOZsTuKwEHktSz -0ALfUPZVr2YOy+BHYC8rMjk1Ujoog/h7FsYYuGLWRyWRzvAZEk2tY/XTP3VfKfCh -MBwqoJimFb3u/Rk28OKRQ4/6ytYQJ0lM793B8YVwm8rqqFpD/G2Gb3PpN0Wp8DbH -zIh1HrtsBv+baz4X7GGqcXzGHaL3SekVtTzWoWH1EfcFbx39Eb7QMAfCKbAJTibc -46KokWofwpFFiFzlmLhxpRUZyXx1EcxwdE8tmx2RRP1WKKD+u4ZqyPpcC1jcxkt2 -yKsi2XMPpfRaAok/T54igu6idFMqPVMnaR1sjjIsZAAmY2E2TqNGtz99sy2sbZCi -laLOz9qC5wc0GZbpuCGqKX6mOL6OKUohZnkfs8O1CWfe1tQHRvMq2uYiN2DLgbYP -oA/pyJV/v1WRBXrPPRXAb94JlAGD1zQbzECl8LibZ9WYkTunhHiVJqRaCPgrdLQA -BDzfuBSO6N+pjWxnkjMdwLfS7JLIvgm/LCkFbwJrnu+8vyq8W8BQj0FwcYeyTbcE -qYSjMq+u7msXi7Kx/mzhkIyIqJdIzshNy/MGz19qCkKxHh53L46g5pIOBvwFItIm -4TFRfTLcDwIDAQABoyMwITAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB -/zANBgkqhkiG9w0BAQsFAAOCAgEAXzSBdu+WHdXltdkCY4QWwa6gcFGn90xHNcgL -1yg9iXHZqjNB6hQbbCEAwGxCGX6faVsgQt+i0trEfJdLjbDorMjupWkEmQqSpqsn -LhpNgb+E1HAerUf+/UqdM+DyucRFCCEK2mlpc3INvjT+lIutwx4116KD7+U4x6WF -H6vPNOw/KP4M8VeGTslV9xzU2KV9Bnpv1d8Q34FOIWWxtuEXeZVFBs5fzNxGiWNo -RI2T9GRwoD2dKAXDOXC4Ynsg/eTb6QihuJ49CcdP+yz4k3ZB3lLg4VfSnQO8d57+ -nile98FRYB/e2guyLXW3Q0iT5/Z5xoRdgFlglPx4mI88k1HtQJAH32RjJMtOcQWh -15QaiDLxInQirqWm2BJpTGCjAu4r7NRjkgtevi92a6O2JryPA9gK8kxkRr05YuWW -6zRjESjMlfGt7+/cgFhI6Uu46mWs6fyAtbXIRfmswZ/ZuepiiI7E8UuDEq3mi4TW -nsLrgxifarsbJGAzcMzs9zLzXNl5fe+epP7JI8Mk7hWSsT2RTyaGvWZzJBPqpK5j -wa19hAM8EHiGG3njxPPyBJUgriOCxLM6AGK/5jYk4Ve6xx6QddVfP5VhK8E7zeWz -aGHQRiapIVJpLesux+t3zqY6tQMzT3bR51xUAV3LePTJDL/PEo4XLSNolOer/qmy -KwbQBM0= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDezCCAmOgAwIBAgIBATANBgkqhkiG9w0BAQUFADBfMQswCQYDVQQGEwJUVzES -MBAGA1UECgwJVEFJV0FOLUNBMRAwDgYDVQQLDAdSb290IENBMSowKAYDVQQDDCFU -V0NBIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDgwODI4MDcyNDMz -WhcNMzAxMjMxMTU1OTU5WjBfMQswCQYDVQQGEwJUVzESMBAGA1UECgwJVEFJV0FO -LUNBMRAwDgYDVQQLDAdSb290IENBMSowKAYDVQQDDCFUV0NBIFJvb3QgQ2VydGlm -aWNhdGlvbiBBdXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB -AQCwfnK4pAOU5qfeCTiRShFAh6d8WWQUe7UREN3+v9XAu1bihSX0NXIP+FPQQeFE -AcK0HMMxQhZHhTMidrIKbw/lJVBPhYa+v5guEGcevhEFhgWQxFnQfHgQsIBct+HH -K3XLfJ+utdGdIzdjp9xCoi2SBBtQwXu4PhvJVgSLL1KbralW6cH/ralYhzC2gfeX -RfwZVzsrb+RH9JlF/h3x+JejiB03HFyP4HYlmlD4oFT/RJB2I9IyxsOrBr/8+7/z -rX2SYgJbKdM1o5OaQ2RgXbL6Mv87BK9NQGr5x+PvI/1ry+UPizgN7gr8/g+YnzAx -3WxSZfmLgb4i4RxYA7qRG4kHAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV -HRMBAf8EBTADAQH/MB0GA1UdDgQWBBRqOFsmjd6LWvJPelSDGRjjCDWmujANBgkq -hkiG9w0BAQUFAAOCAQEAPNV3PdrfibqHDAhUaiBQkr6wQT25JmSDCi/oQMCXKCeC -MErJk/9q56YAf4lCmtYR5VPOL8zy2gXE/uJQxDqGfczafhAJO5I1KlOy/usrBdls -XebQ79NqZp4VKIV66IIArB6nCWlWQtNoURi+VJq/REG6Sb4gumlc7rh3zc5sH62D -lhh9DrUUOYTxKOkto557HnpyWoOzeW/vtPzQCqVYT0bf+215WfKEIlKuD8z7fDvn -aspHYcN6+NOSBB+4IIThNlQWx0DeO4pz3N/GCUzf7Nr/1FNCocnyYh0igzyXxfkZ -YiesZSLX0zzG5Y6yU8xJzrww/nsOM5D77dIUkR8Hrw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFcjCCA1qgAwIBAgIQH51ZWtcvwgZEpYAIaeNe9jANBgkqhkiG9w0BAQUFADA/ -MQswCQYDVQQGEwJUVzEwMC4GA1UECgwnR292ZXJubWVudCBSb290IENlcnRpZmlj -YXRpb24gQXV0aG9yaXR5MB4XDTAyMTIwNTEzMjMzM1oXDTMyMTIwNTEzMjMzM1ow -PzELMAkGA1UEBhMCVFcxMDAuBgNVBAoMJ0dvdmVybm1lbnQgUm9vdCBDZXJ0aWZp -Y2F0aW9uIEF1dGhvcml0eTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB -AJoluOzMonWoe/fOW1mKydGGEghU7Jzy50b2iPN86aXfTEc2pBsBHH8eV4qNw8XR -IePaJD9IK/ufLqGU5ywck9G/GwGHU5nOp/UKIXZ3/6m3xnOUT0b3EEk3+qhZSV1q -gQdW8or5BtD3cCJNtLdBuTK4sfCxw5w/cP1T3YGq2GN49thTbqGsaoQkclSGxtKy -yhwOeYHWtXBiCAEuTk8O1RGvqa/lmr/czIdtJuTJV6L7lvnM4T9TjGxMfptTCAts -F/tnyMKtsc2AtJfcdgEWFelq16TheEfOhtX7MfP6Mb40qij7cEwdScevLJ1tZqa2 -jWR+tSBqnTuBto9AAGdLiYa4zGX+FVPpBMHWXx1E1wovJ5pGfaENda1UhhXcSTvx -ls4Pm6Dso3pdvtUqdULle96ltqqvKKyskKw4t9VoNSZ63Pc78/1Fm9G7Q3hub/FC -VGqY8A2tl+lSXunVanLeavcbYBT0peS2cWeqH+riTcFCQP5nRhc4L0c/cZyu5SHK -YS1tB6iEfC3uUSXxY5Ce/eFXiGvviiNtsea9P63RPZYLhY3Naye7twWb7LuRqQoH -EgKXTiCQ8P8NHuJBO9NAOueNXdpm5AKwB1KYXA6OM5zCppX7VRluTI6uSw+9wThN -Xo+EHWbNxWCWtFJaBYmOlXqYwZE8lSOyDvR5tMl8wUohAgMBAAGjajBoMB0GA1Ud -DgQWBBTMzO/MKWCkO7GStjz6MmKPrCUVOzAMBgNVHRMEBTADAQH/MDkGBGcqBwAE -MTAvMC0CAQAwCQYFKw4DAhoFADAHBgVnKgMAAAQUA5vwIhP/lSg209yewDL7MTqK -UWUwDQYJKoZIhvcNAQEFBQADggIBAECASvomyc5eMN1PhnR2WPWus4MzeKR6dBcZ -TulStbngCnRiqmjKeKBMmo4sIy7VahIkv9Ro04rQ2JyftB8M3jh+Vzj8jeJPXgyf -qzvS/3WXy6TjZwj/5cAWtUgBfen5Cv8b5Wppv3ghqMKnI6mGq3ZW6A4M9hPdKmaK -ZEk9GhiHkASfQlK3T8v+R0F2Ne//AHY2RTKbxkaFXeIksB7jSJaYV0eUVXoPQbFE -JPPB/hprv4j9wabak2BegUqZIJxIZhm1AHlUD7gsL0u8qV1bYH+Mh6XgUmMqvtg7 -hUAV/h62ZT/FS9p+tXo1KaMuephgIqP0fSdOLeq0dDzpD6QzDxARvBMB1uUO07+1 -EqLhRSPAzAhuYbeJq4PjJB7mXQfnHyA+z2fI56wwbSdLaG5LKlwCCDTb+HbkZ6Mm -nD+iMsJKxYEYMRBWqoTvLQr/uB930r+lWKBi5NdLkXWNiYCYfm3LU05er/ayl4WX -udpVBrkk7tfGOB5jGxI7leFYrPLfhNVfmS8NVVvmONsuP3LpSIXLuykTjx44Vbnz -ssQwmSNOXfJIoRIM3BKQCZBUkQM8R+XVyWXgt0t97EfTsws+rZ7QdAAO671RrcDe -LMDDav7v3Aun+kbfYNucpllQdSNpc5Oy+fwC00fmcc4QAu4njIT/rEUNE1yDMuAl -pYYsfPQS ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFODCCAyCgAwIBAgIRAJW+FqD3LkbxezmCcvqLzZYwDQYJKoZIhvcNAQEFBQAw -NzEUMBIGA1UECgwLVGVsaWFTb25lcmExHzAdBgNVBAMMFlRlbGlhU29uZXJhIFJv -b3QgQ0EgdjEwHhcNMDcxMDE4MTIwMDUwWhcNMzIxMDE4MTIwMDUwWjA3MRQwEgYD -VQQKDAtUZWxpYVNvbmVyYTEfMB0GA1UEAwwWVGVsaWFTb25lcmEgUm9vdCBDQSB2 -MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMK+6yfwIaPzaSZVfp3F -VRaRXP3vIb9TgHot0pGMYzHw7CTww6XScnwQbfQ3t+XmfHnqjLWCi65ItqwA3GV1 -7CpNX8GH9SBlK4GoRz6JI5UwFpB/6FcHSOcZrr9FZ7E3GwYq/t75rH2D+1665I+X -Z75Ljo1kB1c4VWk0Nj0TSO9P4tNmHqTPGrdeNjPUtAa9GAH9d4RQAEX1jF3oI7x+ -/jXh7VB7qTCNGdMJjmhnXb88lxhTuylixcpecsHHltTbLaC0H2kD7OriUPEMPPCs -81Mt8Bz17Ww5OXOAFshSsCPN4D7c3TxHoLs1iuKYaIu+5b9y7tL6pe0S7fyYGKkm -dtwoSxAgHNN/Fnct7W+A90m7UwW7XWjH1Mh1Fj+JWov3F0fUTPHSiXk+TT2YqGHe -Oh7S+F4D4MHJHIzTjU3TlTazN19jY5szFPAtJmtTfImMMsJu7D0hADnJoWjiUIMu -sDor8zagrC/kb2HCUQk5PotTubtn2txTuXZZNp1D5SDgPTJghSJRt8czu90VL6R4 -pgd7gUY2BIbdeTXHlSw7sKMXNeVzH7RcWe/a6hBle3rQf5+ztCo3O3CLm1u5K7fs -slESl1MpWtTwEhDcTwK7EpIvYtQ/aUN8Ddb8WHUBiJ1YFkveupD/RwGJBmr2X7KQ -arMCpgKIv7NHfirZ1fpoeDVNAgMBAAGjPzA9MA8GA1UdEwEB/wQFMAMBAf8wCwYD -VR0PBAQDAgEGMB0GA1UdDgQWBBTwj1k4ALP1j5qWDNXr+nuqF+gTEjANBgkqhkiG -9w0BAQUFAAOCAgEAvuRcYk4k9AwI//DTDGjkk0kiP0Qnb7tt3oNmzqjMDfz1mgbl -dxSR651Be5kqhOX//CHBXfDkH1e3damhXwIm/9fH907eT/j3HEbAek9ALCI18Bmx -0GtnLLCo4MBANzX2hFxc469CeP6nyQ1Q6g2EdvZR74NTxnr/DlZJLo961gzmJ1Tj -TQpgcmLNkQfWpb/ImWvtxBnmq0wROMVvMeJuScg/doAmAyYp4Db29iBT4xdwNBed -Y2gea+zDTYa4EzAvXUYNR0PVG6pZDrlcjQZIrXSHX8f8MVRBE+LHIQ6e4B4N4cB7 -Q4WQxYpYxmUKeFfyxiMPAdkgS94P+5KFdSpcc41teyWRyu5FrgZLAMzTsVlQ2jqI -OylDRl6XK1TOU2+NSueW+r9xDkKLfP0ooNBIytrEgUy7onOTJsjrDNYmiLbAJM+7 -vVvrdX3pCI6GMyx5dwlppYn8s3CQh3aP0yK7Qs69cwsgJirQmz1wHiRszYd2qReW -t88NkvuOGKmYSdGe/mBEciG5Ge3C9THxOUiIkCR1VBatzvT4aRRkOfujuLpwQMcn -HL/EVlP6Y2XQ8xwOFvVrhlhNGNTkDY6lnVuR3HYkUD/GKvvZt5y11ubQ2egZixVx -SK236thZiNSQvxaz2emsWWFUyBy6ysHK4bkgTI86k4mloMy/0/Z1pHWWbVY= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEIDCCAwigAwIBAgIJAISCLF8cYtBAMA0GCSqGSIb3DQEBCwUAMIGcMQswCQYD -VQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEgQ2l0eTEk -MCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYDVQQLDB5U -cnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxFzAVBgNVBAMMDlRydXN0Q29y -IEVDQS0xMB4XDTE2MDIwNDEyMzIzM1oXDTI5MTIzMTE3MjgwN1owgZwxCzAJBgNV -BAYTAlBBMQ8wDQYDVQQIDAZQYW5hbWExFDASBgNVBAcMC1BhbmFtYSBDaXR5MSQw -IgYDVQQKDBtUcnVzdENvciBTeXN0ZW1zIFMuIGRlIFIuTC4xJzAlBgNVBAsMHlRy -dXN0Q29yIENlcnRpZmljYXRlIEF1dGhvcml0eTEXMBUGA1UEAwwOVHJ1c3RDb3Ig -RUNBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPj+ARtZ+odnbb -3w9U73NjKYKtR8aja+3+XzP4Q1HpGjORMRegdMTUpwHmspI+ap3tDvl0mEDTPwOA -BoJA6LHip1GnHYMma6ve+heRK9jGrB6xnhkB1Zem6g23xFUfJ3zSCNV2HykVh0A5 -3ThFEXXQmqc04L/NyFIduUd+Dbi7xgz2c1cWWn5DkR9VOsZtRASqnKmcp0yJF4Ou -owReUoCLHhIlERnXDH19MURB6tuvsBzvgdAsxZohmz3tQjtQJvLsznFhBmIhVE5/ -wZ0+fyCMgMsq2JdiyIMzkX2woloPV+g7zPIlstR8L+xNxqE6FXrntl019fZISjZF -ZtS6mFjBAgMBAAGjYzBhMB0GA1UdDgQWBBREnkj1zG1I1KBLf/5ZJC+Dl5mahjAf -BgNVHSMEGDAWgBREnkj1zG1I1KBLf/5ZJC+Dl5mahjAPBgNVHRMBAf8EBTADAQH/ -MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEABT41XBVwm8nHc2Fv -civUwo/yQ10CzsSUuZQRg2dd4mdsdXa/uwyqNsatR5Nj3B5+1t4u/ukZMjgDfxT2 -AHMsWbEhBuH7rBiVDKP/mZb3Kyeb1STMHd3BOuCYRLDE5D53sXOpZCz2HAF8P11F -hcCF5yWPldwX8zyfGm6wyuMdKulMY/okYWLW2n62HGz1Ah3UKt1VkOsqEUc8Ll50 -soIipX1TH0XsJ5F95yIW6MBoNtjG8U+ARDL54dHRHareqKucBK+tIA5kmE2la8BI -WJZpTdwHjFGTot+fDz2LYLSCjaoITmJF4PkL0uDgPFveXHEnJcLmA4GLEFPjx1Wi -tJ/X5g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEMDCCAxigAwIBAgIJANqb7HHzA7AZMA0GCSqGSIb3DQEBCwUAMIGkMQswCQYD -VQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEgQ2l0eTEk -MCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYDVQQLDB5U -cnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxHzAdBgNVBAMMFlRydXN0Q29y -IFJvb3RDZXJ0IENBLTEwHhcNMTYwMjA0MTIzMjE2WhcNMjkxMjMxMTcyMzE2WjCB -pDELMAkGA1UEBhMCUEExDzANBgNVBAgMBlBhbmFtYTEUMBIGA1UEBwwLUGFuYW1h -IENpdHkxJDAiBgNVBAoMG1RydXN0Q29yIFN5c3RlbXMgUy4gZGUgUi5MLjEnMCUG -A1UECwweVHJ1c3RDb3IgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MR8wHQYDVQQDDBZU -cnVzdENvciBSb290Q2VydCBDQS0xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB -CgKCAQEAv463leLCJhJrMxnHQFgKq1mqjQCj/IDHUHuO1CAmujIS2CNUSSUQIpid -RtLByZ5OGy4sDjjzGiVoHKZaBeYei0i/mJZ0PmnK6bV4pQa81QBeCQryJ3pS/C3V -seq0iWEk8xoT26nPUu0MJLq5nux+AHT6k61sKZKuUbS701e/s/OojZz0JEsq1pme -9J7+wH5COucLlVPat2gOkEz7cD+PSiyU8ybdY2mplNgQTsVHCJCZGxdNuWxu72CV -EY4hgLW9oHPY0LJ3xEXqWib7ZnZ2+AYfYW0PVcWDtxBWcgYHpfOxGgMFZA6dWorW -hnAbJN7+KIor0Gqw/Hqi3LJ5DotlDwIDAQABo2MwYTAdBgNVHQ4EFgQU7mtJPHo/ -DeOxCbeKyKsZn3MzUOcwHwYDVR0jBBgwFoAU7mtJPHo/DeOxCbeKyKsZn3MzUOcw -DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQAD -ggEBACUY1JGPE+6PHh0RU9otRCkZoB5rMZ5NDp6tPVxBb5UrJKF5mDo4Nvu7Zp5I -/5CQ7z3UuJu0h3U/IJvOcs+hVcFNZKIZBqEHMwwLKeXx6quj7LUKdJDHfXLy11yf -ke+Ri7fc7Waiz45mO7yfOgLgJ90WmMCV1Aqk5IGadZQ1nJBfiDcGrVmVCrDRZ9MZ -yonnMlo2HD6CqFqTvsbQZJG2z9m2GM/bftJlo6bEjhcxwft+dtvTheNYsnd6djts -L1Ac59v2Z3kf9YKVmgenFK+P3CghZwnS1k1aHBkcjndcw5QkPTJrS37UeJSDvjdN -zl/HHk484IkzlQsPpTLWPFp5LBk= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIGLzCCBBegAwIBAgIIJaHfyjPLWQIwDQYJKoZIhvcNAQELBQAwgaQxCzAJBgNV -BAYTAlBBMQ8wDQYDVQQIDAZQYW5hbWExFDASBgNVBAcMC1BhbmFtYSBDaXR5MSQw -IgYDVQQKDBtUcnVzdENvciBTeXN0ZW1zIFMuIGRlIFIuTC4xJzAlBgNVBAsMHlRy -dXN0Q29yIENlcnRpZmljYXRlIEF1dGhvcml0eTEfMB0GA1UEAwwWVHJ1c3RDb3Ig -Um9vdENlcnQgQ0EtMjAeFw0xNjAyMDQxMjMyMjNaFw0zNDEyMzExNzI2MzlaMIGk -MQswCQYDVQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEg -Q2l0eTEkMCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYD -VQQLDB5UcnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxHzAdBgNVBAMMFlRy -dXN0Q29yIFJvb3RDZXJ0IENBLTIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK -AoICAQCnIG7CKqJiJJWQdsg4foDSq8GbZQWU9MEKENUCrO2fk8eHyLAnK0IMPQo+ -QVqedd2NyuCb7GgypGmSaIwLgQ5WoD4a3SwlFIIvl9NkRvRUqdw6VC0xK5mC8tkq -1+9xALgxpL56JAfDQiDyitSSBBtlVkxs1Pu2YVpHI7TYabS3OtB0PAx1oYxOdqHp -2yqlO/rOsP9+aij9JxzIsekp8VduZLTQwRVtDr4uDkbIXvRR/u8OYzo7cbrPb1nK -DOObXUm4TOJXsZiKQlecdu/vvdFoqNL0Cbt3Nb4lggjEFixEIFapRBF37120Hape -az6LMvYHL1cEksr1/p3C6eizjkxLAjHZ5DxIgif3GIJ2SDpxsROhOdUuxTTCHWKF -3wP+TfSvPd9cW436cOGlfifHhi5qjxLGhF5DUVCcGZt45vz27Ud+ez1m7xMTiF88 -oWP7+ayHNZ/zgp6kPwqcMWmLmaSISo5uZk3vFsQPeSghYA2FFn3XVDjxklb9tTNM -g9zXEJ9L/cb4Qr26fHMC4P99zVvh1Kxhe1fVSntb1IVYJ12/+CtgrKAmrhQhJ8Z3 -mjOAPF5GP/fDsaOGM8boXg25NSyqRsGFAnWAoOsk+xWq5Gd/bnc/9ASKL3x74xdh -8N0JqSDIvgmk0H5Ew7IwSjiqqewYmgeCK9u4nBit2uBGF6zPXQIDAQABo2MwYTAd -BgNVHQ4EFgQU2f4hQG6UnrybPZx9mCAZ5YwwYrIwHwYDVR0jBBgwFoAU2f4hQG6U -nrybPZx9mCAZ5YwwYrIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYw -DQYJKoZIhvcNAQELBQADggIBAJ5Fngw7tu/hOsh80QA9z+LqBrWyOrsGS2h60COX -dKcs8AjYeVrXWoSK2BKaG9l9XE1wxaX5q+WjiYndAfrs3fnpkpfbsEZC89NiqpX+ -MWcUaViQCqoL7jcjx1BRtPV+nuN79+TMQjItSQzL/0kMmx40/W5ulop5A7Zv2wnL -/V9lFDfhOPXzYRZY5LVtDQsEGz9QLX+zx3oaFoBg+Iof6Rsqxvm6ARppv9JYx1RX -CI/hOWB3S6xZhBqI8d3LT3jX5+EzLfzuQfogsL7L9ziUwOHQhQ+77Sxzq+3+knYa -ZH9bDTMJBzN7Bj8RpFxwPIXAz+OQqIN3+tvmxYxoZxBnpVIt8MSZj3+/0WvitUfW -2dCFmU2Umw9Lje4AWkcdEQOsQRivh7dvDDqPys/cA8GiCcjl/YBeyGBCARsaU1q7 -N6a3vLqE6R5sGtRk2tRD/pOLS/IseRYQ1JMLiI+h2IYURpFHmygk71dSTlxCnKr3 -Sewn6EAes6aJInKc9Q0ztFijMDvd1GpUk74aTfOTlPf8hAs/hCBcNANExdqtvArB -As8e5ZTZ845b2EzwnexhF7sUMlQMAimTHpKG9n/v55IFDlndmQguLvqcAFLTxWYp -5KeXRKQOKIETNcX2b2TmQcTVL8w0RSXPQQCWPUouwpaYT05KnJe32x+SMsj/D1Fu -1uwJ ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDZzCCAk+gAwIBAgIQGx+ttiD5JNM2a/fH8YygWTANBgkqhkiG9w0BAQUFADBF -MQswCQYDVQQGEwJHQjEYMBYGA1UEChMPVHJ1c3RpcyBMaW1pdGVkMRwwGgYDVQQL -ExNUcnVzdGlzIEZQUyBSb290IENBMB4XDTAzMTIyMzEyMTQwNloXDTI0MDEyMTEx -MzY1NFowRTELMAkGA1UEBhMCR0IxGDAWBgNVBAoTD1RydXN0aXMgTGltaXRlZDEc -MBoGA1UECxMTVHJ1c3RpcyBGUFMgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQAD -ggEPADCCAQoCggEBAMVQe547NdDfxIzNjpvto8A2mfRC6qc+gIMPpqdZh8mQRUN+ -AOqGeSoDvT03mYlmt+WKVoaTnGhLaASMk5MCPjDSNzoiYYkchU59j9WvezX2fihH -iTHcDnlkH5nSW7r+f2C/revnPDgpai/lkQtV/+xvWNUtyd5MZnGPDNcE2gfmHhjj -vSkCqPoc4Vu5g6hBSLwacY3nYuUtsuvffM/bq1rKMfFMIvMFE/eC+XN5DL7XSxzA -0RU8k0Fk0ea+IxciAIleH2ulrG6nS4zto3Lmr2NNL4XSFDWaLk6M6jKYKIahkQlB -OrTh4/L68MkKokHdqeMDx4gVOxzUGpTXn2RZEm0CAwEAAaNTMFEwDwYDVR0TAQH/ -BAUwAwEB/zAfBgNVHSMEGDAWgBS6+nEleYtXQSUhhgtx67JkDoshZzAdBgNVHQ4E -FgQUuvpxJXmLV0ElIYYLceuyZA6LIWcwDQYJKoZIhvcNAQEFBQADggEBAH5Y//01 -GX2cGE+esCu8jowU/yyg2kdbw++BLa8F6nRIW/M+TgfHbcWzk88iNVy2P3UnXwmW -zaD+vkAMXBJV+JOCyinpXj9WV4s4NvdFGkwozZ5BuO1WTISkQMi4sKUraXAEasP4 -1BIy+Q7DsdwyhEQsb8tGD+pmQQ9P8Vilpg0ND2HepZ5dfWWhPBfnqFVO76DH7cZE -f1T1o+CP8HxVIo8ptoGj4W1OLBuAZ+ytIJ8MYmHVl/9D7S3B2l0pKoU/rGXuhg8F -jZBf3+6f9L/uHfuY5H+QK4R4EA5sSVPvFVtlRkpdr7r7OnIdzfYliB6XzCGcKQEN -ZetX2fNXlrtIzYE= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEJzCCAw+gAwIBAgIHAI4X/iQggTANBgkqhkiG9w0BAQsFADCBsTELMAkGA1UE -BhMCVFIxDzANBgNVBAcMBkFua2FyYTFNMEsGA1UECgxEVMOcUktUUlVTVCBCaWxn -aSDEsGxldGnFn2ltIHZlIEJpbGnFn2ltIEfDvHZlbmxpxJ9pIEhpem1ldGxlcmkg -QS7Fni4xQjBABgNVBAMMOVTDnFJLVFJVU1QgRWxla3Ryb25payBTZXJ0aWZpa2Eg -SGl6bWV0IFNhxJ9sYXnEsWPEsXPEsSBINTAeFw0xMzA0MzAwODA3MDFaFw0yMzA0 -MjgwODA3MDFaMIGxMQswCQYDVQQGEwJUUjEPMA0GA1UEBwwGQW5rYXJhMU0wSwYD -VQQKDERUw5xSS1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUgQmlsacWfaW0gR8O8 -dmVubGnEn2kgSGl6bWV0bGVyaSBBLsWeLjFCMEAGA1UEAww5VMOcUktUUlVTVCBF -bGVrdHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxIEg1MIIB -IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCUZ4WWe60ghUEoI5RHwWrom -/4NZzkQqL/7hzmAD/I0Dpe3/a6i6zDQGn1k19uwsu537jVJp45wnEFPzpALFp/kR -Gml1bsMdi9GYjZOHp3GXDSHHmflS0yxjXVW86B8BSLlg/kJK9siArs1mep5Fimh3 -4khon6La8eHBEJ/rPCmBp+EyCNSgBbGM+42WAA4+Jd9ThiI7/PS98wl+d+yG6w8z -5UNP9FR1bSmZLmZaQ9/LXMrI5Tjxfjs1nQ/0xVqhzPMggCTTV+wVunUlm+hkS7M0 -hO8EuPbJbKoCPrZV4jI3X/xml1/N1p7HIL9Nxqw/dV8c7TKcfGkAaZHjIxhT6QID -AQABo0IwQDAdBgNVHQ4EFgQUVpkHHtOsDGlktAxQR95DLL4gwPswDgYDVR0PAQH/ -BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAJ5FdnsX -SDLyOIspve6WSk6BGLFRRyDN0GSxDsnZAdkJzsiZ3GglE9Rc8qPoBP5yCccLqh0l -VX6Wmle3usURehnmp349hQ71+S4pL+f5bFgWV1Al9j4uPqrtd3GqqpmWRgqujuwq -URawXs3qZwQcWDD1YIq9pr1N5Za0/EKJAWv2cMhQOQwt1WbZyNKzMrcbGW3LM/nf -peYVhDfwwvJllpKQd/Ct9JDpEXjXk4nAPQu6KfTomZ1yju2dL+6SfaHx/126M2CF -Yv4HAqGEVka+lgqaE9chTLd8B59OTj+RdPsnnRHM3eaxynFNExc5JsUpISuTKWqW -+qtB4Uu2NQvAmxU= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICjzCCAhWgAwIBAgIQXIuZxVqUxdJxVt7NiYDMJjAKBggqhkjOPQQDAzCBiDEL -MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl -eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT -JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAwMjAx -MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgT -Ck5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVUaGUg -VVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBFQ0MgQ2VydGlm -aWNhdGlvbiBBdXRob3JpdHkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQarFRaqflo -I+d61SRvU8Za2EurxtW20eZzca7dnNYMYf3boIkDuAUU7FfO7l0/4iGzzvfUinng -o4N+LZfQYcTxmdwlkWOrfzCjtHDix6EznPO/LlxTsV+zfTJ/ijTjeXmjQjBAMB0G -A1UdDgQWBBQ64QmG1M8ZwpZ2dEl23OA1xmNjmjAOBgNVHQ8BAf8EBAMCAQYwDwYD -VR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjA2Z6EWCNzklwBBHU6+4WMB -zzuqQhFkoJ2UOQIReVx7Hfpkue4WQrO/isIJxOzksU0CMQDpKmFHjFJKS04YcPbW -RNZu9YO6bVi9JNlWSOrvxKJGgYhqOkbRqZtNyWHa0V1Xahg= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF3jCCA8agAwIBAgIQAf1tMPyjylGoG7xkDjUDLTANBgkqhkiG9w0BAQwFADCB -iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl -cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV -BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAw -MjAxMDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBiDELMAkGA1UEBhMCVVMxEzARBgNV -BAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVU -aGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBSU0EgQ2Vy -dGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK -AoICAQCAEmUXNg7D2wiz0KxXDXbtzSfTTK1Qg2HiqiBNCS1kCdzOiZ/MPans9s/B -3PHTsdZ7NygRK0faOca8Ohm0X6a9fZ2jY0K2dvKpOyuR+OJv0OwWIJAJPuLodMkY -tJHUYmTbf6MG8YgYapAiPLz+E/CHFHv25B+O1ORRxhFnRghRy4YUVD+8M/5+bJz/ -Fp0YvVGONaanZshyZ9shZrHUm3gDwFA66Mzw3LyeTP6vBZY1H1dat//O+T23LLb2 -VN3I5xI6Ta5MirdcmrS3ID3KfyI0rn47aGYBROcBTkZTmzNg95S+UzeQc0PzMsNT -79uq/nROacdrjGCT3sTHDN/hMq7MkztReJVni+49Vv4M0GkPGw/zJSZrM233bkf6 -c0Plfg6lZrEpfDKEY1WJxA3Bk1QwGROs0303p+tdOmw1XNtB1xLaqUkL39iAigmT -Yo61Zs8liM2EuLE/pDkP2QKe6xJMlXzzawWpXhaDzLhn4ugTncxbgtNMs+1b/97l -c6wjOy0AvzVVdAlJ2ElYGn+SNuZRkg7zJn0cTRe8yexDJtC/QV9AqURE9JnnV4ee -UB9XVKg+/XRjL7FQZQnmWEIuQxpMtPAlR1n6BB6T1CZGSlCBst6+eLf8ZxXhyVeE -Hg9j1uliutZfVS7qXMYoCAQlObgOK6nyTJccBz8NUvXt7y+CDwIDAQABo0IwQDAd -BgNVHQ4EFgQUU3m/WqorSs9UgOHYm8Cd8rIDZsswDgYDVR0PAQH/BAQDAgEGMA8G -A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEMBQADggIBAFzUfA3P9wF9QZllDHPF -Up/L+M+ZBn8b2kMVn54CVVeWFPFSPCeHlCjtHzoBN6J2/FNQwISbxmtOuowhT6KO -VWKR82kV2LyI48SqC/3vqOlLVSoGIG1VeCkZ7l8wXEskEVX/JJpuXior7gtNn3/3 -ATiUFJVDBwn7YKnuHKsSjKCaXqeYalltiz8I+8jRRa8YFWSQEg9zKC7F4iRO/Fjs -8PRF/iKz6y+O0tlFYQXBl2+odnKPi4w2r78NBc5xjeambx9spnFixdjQg3IM8WcR -iQycE0xyNN+81XHfqnHd4blsjDwSXWXavVcStkNr/+XeTWYRUc+ZruwXtuhxkYze -Sf7dNXGiFSeUHM9h4ya7b6NnJSFd5t0dCy5oGzuCr+yDZ4XUmFF0sbmZgIn/f3gZ -XHlKYC6SQK5MNyosycdiyA5d9zZbyuAlJQG03RoHnHcAP9Dc1ew91Pq7P8yF1m9/ -qS3fuQL39ZeatTXaw2ewh0qpKJ4jjv9cJ2vhsE/zB+4ALtRZh8tSQZXq9EfX7mRB -VXyNWQKV3WKdwrnuWih0hKWbt5DHDAff9Yk2dDLWKMGwsAvgnEzDHNb842m1R0aB -L6KCq9NjRHDEjf8tM7qtj3u1cIiuPhnPQCjY/MiQu12ZIvVS5ljFH4gxQ+6IHdfG -jjxDah2nGN59PRbxYvnKkKj9 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEojCCA4qgAwIBAgIQRL4Mi1AAJLQR0zYlJWfJiTANBgkqhkiG9w0BAQUFADCB -rjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug -Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho -dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xNjA0BgNVBAMTLVVUTi1VU0VSRmlyc3Qt -Q2xpZW50IEF1dGhlbnRpY2F0aW9uIGFuZCBFbWFpbDAeFw05OTA3MDkxNzI4NTBa -Fw0xOTA3MDkxNzM2NThaMIGuMQswCQYDVQQGEwJVUzELMAkGA1UECBMCVVQxFzAV -BgNVBAcTDlNhbHQgTGFrZSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5l -dHdvcmsxITAfBgNVBAsTGGh0dHA6Ly93d3cudXNlcnRydXN0LmNvbTE2MDQGA1UE -AxMtVVROLVVTRVJGaXJzdC1DbGllbnQgQXV0aGVudGljYXRpb24gYW5kIEVtYWls -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjmFpPJ9q0E7YkY3rs3B -YHW8OWX5ShpHornMSMxqmNVNNRm5pELlzkniii8efNIxB8dOtINknS4p1aJkxIW9 -hVE1eaROaJB7HHqkkqgX8pgV8pPMyaQylbsMTzC9mKALi+VuG6JG+ni8om+rWV6l -L8/K2m2qL+usobNqqrcuZzWLeeEeaYji5kbNoKXqvgvOdjp6Dpvq/NonWz1zHyLm -SGHGTPNpsaguG7bUMSAsvIKKjqQOpdeJQ/wWWq8dcdcRWdq6hw2v+vPhwvCkxWeM -1tZUOt4KpLoDd7NlyP0e03RiqhjKaJMeoYV+9Udly/hNVyh00jT/MLbu9mIwFIws -6wIDAQABo4G5MIG2MAsGA1UdDwQEAwIBxjAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud -DgQWBBSJgmd9xJ0mcABLtFBIfN49rgRufTBYBgNVHR8EUTBPME2gS6BJhkdodHRw -Oi8vY3JsLnVzZXJ0cnVzdC5jb20vVVROLVVTRVJGaXJzdC1DbGllbnRBdXRoZW50 -aWNhdGlvbmFuZEVtYWlsLmNybDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUH -AwQwDQYJKoZIhvcNAQEFBQADggEBALFtYV2mGn98q0rkMPxTbyUkxsrt4jFcKw7u -7mFVbwQ+zznexRtJlOTrIEy05p5QLnLZjfWqo7NK2lYcYJeA3IKirUq9iiv/Cwm0 -xtcgBEXkzYABurorbs6q15L+5K/r9CYdFip/bDCVNy8zEqx/3cfREYxRmLLQo5HQ -rfafnoOTHh1CuEava2bwm3/q4wMC5QJRwarVNZ1yQAOJujEdxRBoUp7fooXFXAim -eOZTT7Hot9MUnpOmw2TjrH5xzbyf6QMbzPvprDHBr3wVdAKZw7JHpsIyYdfHb0gk -USeh1YdV8nuPmD0Wnu51tvjQjvLzxq4oW6fw8zYX/MMF08oDSlQ= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDhDCCAwqgAwIBAgIQL4D+I4wOIg9IZxIokYesszAKBggqhkjOPQQDAzCByjEL -MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW -ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNyBWZXJpU2ln -biwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJp -U2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9y -aXR5IC0gRzQwHhcNMDcxMTA1MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCByjELMAkG -A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJp -U2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNyBWZXJpU2lnbiwg -SW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2ln -biBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5 -IC0gRzQwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASnVnp8Utpkmw4tXNherJI9/gHm -GUo9FANL+mAnINmDiWn6VMaaGF5VKmTeBvaNSjutEDxlPZCIBIngMGGzrl0Bp3ve -fLK+ymVhAIau2o970ImtTR1ZmkGxvEeA3J5iw/mjgbIwga8wDwYDVR0TAQH/BAUw -AwEB/zAOBgNVHQ8BAf8EBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJ -aW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYj -aHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFLMW -kf3upm7ktS5Jj4d4gYDs5bG1MAoGCCqGSM49BAMDA2gAMGUCMGYhDBgmYFo4e1ZC -4Kf8NoRRkSAsdk1DPcQdhCPQrNZ8NQbOzWm9kA3bbEhCHQ6qQgIxAJw9SDkjOVga -FRJZap7v1VmyHVIsmXHNxynfGyphe3HR3vPA5Q06Sqotp9iGKt0uEA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIE0zCCA7ugAwIBAgIQGNrRniZ96LtKIVjNzGs7SjANBgkqhkiG9w0BAQUFADCB -yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL -ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp -U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW -ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0 -aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCByjEL -MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW -ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2ln -biwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJp -U2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9y -aXR5IC0gRzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1 -nmAMqudLO07cfLw8RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbex -t0uz/o9+B1fs70PbZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIz -SdhDY2pSS9KP6HBRTdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQG -BO+QueQA5N06tRn/Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+ -rCpSx4/VBEnkjWNHiDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/ -NIeWiu5T6CUVAgMBAAGjgbIwga8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8E -BAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2UvZ2lmMCEwHzAH -BgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVy -aXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFH/TZafC3ey78DAJ80M5+gKv -MzEzMA0GCSqGSIb3DQEBBQUAA4IBAQCTJEowX2LP2BqYLz3q3JktvXf2pXkiOOzE -p6B4Eq1iDkVwZMXnl2YtmAl+X6/WzChl8gGqCBpH3vn5fJJaCGkgDdk+bW48DW7Y -5gaRQBi5+MHt39tBquCWIMnNZBU4gcmU7qKEKQsTb47bDN0lAtukixlE0kF6BWlK -WE9gyn6CagsCqiUXObXbf+eEZSqVir2G3l6BFoMtEMze/aiCKm0oHw0LxOXnGiYZ -4fQRbxC1lfznQgUy286dUV4otp6F01vvpX1FQHKOtw5rDgb7MzVIcbidJ4vEZV8N -hnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNq ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEuTCCA6GgAwIBAgIQQBrEZCGzEyEDDrvkEhrFHTANBgkqhkiG9w0BAQsFADCB -vTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL -ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwOCBWZXJp -U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MTgwNgYDVQQDEy9W -ZXJpU2lnbiBVbml2ZXJzYWwgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAe -Fw0wODA0MDIwMDAwMDBaFw0zNzEyMDEyMzU5NTlaMIG9MQswCQYDVQQGEwJVUzEX -MBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0 -IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAyMDA4IFZlcmlTaWduLCBJbmMuIC0gRm9y -IGF1dGhvcml6ZWQgdXNlIG9ubHkxODA2BgNVBAMTL1ZlcmlTaWduIFVuaXZlcnNh -bCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEF -AAOCAQ8AMIIBCgKCAQEAx2E3XrEBNNti1xWb/1hajCMj1mCOkdeQmIN65lgZOIzF -9uVkhbSicfvtvbnazU0AtMgtc6XHaXGVHzk8skQHnOgO+k1KxCHfKWGPMiJhgsWH -H26MfF8WIFFE0XBPV+rjHOPMee5Y2A7Cs0WTwCznmhcrewA3ekEzeOEz4vMQGn+H -LL729fdC4uW/h2KJXwBL38Xd5HVEMkE6HnFuacsLdUYI0crSK5XQz/u5QGtkjFdN -/BMReYTtXlT2NJ8IAfMQJQYXStrxHXpma5hgZqTZ79IugvHw7wnqRMkVauIDbjPT -rJ9VAMf2CGqUuV/c4DPxhGD5WycRtPwW8rtWaoAljQIDAQABo4GyMIGvMA8GA1Ud -EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMG0GCCsGAQUFBwEMBGEwX6FdoFsw -WTBXMFUWCWltYWdlL2dpZjAhMB8wBwYFKw4DAhoEFI/l0xqGrI2Oa8PPgGrUSBgs -exkuMCUWI2h0dHA6Ly9sb2dvLnZlcmlzaWduLmNvbS92c2xvZ28uZ2lmMB0GA1Ud -DgQWBBS2d/ppSEefUxLVwuoHMnYH0ZcHGTANBgkqhkiG9w0BAQsFAAOCAQEASvj4 -sAPmLGd75JR3Y8xuTPl9Dg3cyLk1uXBPY/ok+myDjEedO2Pzmvl2MpWRsXe8rJq+ -seQxIcaBlVZaDrHC1LGmWazxY8u4TB1ZkErvkBYoH1quEPuBUDgMbMzxPcP1Y+Oz -4yHJJDnp/RVmRvQbEdBNc6N9Rvk97ahfYtTxP/jgdFcrGJ2BtMQo2pSXpXDrrB2+ -BxHw1dvd5Yzw1TKwg+ZX4o+/vqGqvz0dtdQ46tewXDpPaj+PwGZsY6rp2aQW9IHR -lRQOfc2VNNnSj3BzgXucfr2YYdhFh5iQxeuGMMY1v/D/w1WIg0vvBZIGcfK4mJO3 -7M2CYfE45k+XmCpajQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEGjCCAwICEQCLW3VWhFSFCwDPrzhIzrGkMA0GCSqGSIb3DQEBBQUAMIHKMQsw -CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl -cmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWdu -LCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlT -aWduIENsYXNzIDEgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3Jp -dHkgLSBHMzAeFw05OTEwMDEwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMIHKMQswCQYD -VQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlT -aWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJ -bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWdu -IENsYXNzIDEgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg -LSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN2E1Lm0+afY8wR4 -nN493GwTFtl63SRRZsDHJlkNrAYIwpTRMx/wgzUfbhvI3qpuFU5UJ+/EbRrsC+MO -8ESlV8dAWB6jRx9x7GD2bZTIGDnt/kIYVt/kTEkQeE4BdjVjEjbdZrwBBDajVWjV -ojYJrKshJlQGrT/KFOCsyq0GHZXi+J3x4GD/wn91K0zM2v6HmSHquv4+VNfSWXjb -PG7PoBMAGrgnoeS+Z5bKoMWznN3JdZ7rMJpfo83ZrngZPyPpXNspva1VyBtUjGP2 -6KbqxzcSXKMpHgLZ2x87tNcPVkeBFQRKr4Mn0cVYiMHd9qqnoxjaaKptEVHhv2Vr -n5Z20T0CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAq2aN17O6x5q25lXQBfGfMY1a -qtmqRiYPce2lrVNWYgFHKkTp/j90CxObufRNG7LRX7K20ohcs5/Ny9Sn2WCVhDr4 -wTcdYcrnsMXlkdpUpqwxga6X3s0IrLjAl4B/bnKk52kTlWUfxJM8/XmPBNQ+T+r3 -ns7NZ3xPZQL/kYVUc8f/NveGLezQXk//EZ9yBta4GvFMDSZl4kSAHsef493oCtrs -pSCAaWihT37ha88HQfqDjrw43bAuEbFrskLMmrz5SCJ5ShkPshw+IHTZasO+8ih4 -E1Z5T21Q6huwtVexN2ZYI/PcD98Kh8TvhgXVOBRgmaNL3gaWcSzy27YfpO8/7g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEGTCCAwECEGFwy0mMX5hFKeewptlQW3owDQYJKoZIhvcNAQEFBQAwgcoxCzAJ -BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVy -aVNpZ24gVHJ1c3QgTmV0d29yazE6MDgGA1UECxMxKGMpIDE5OTkgVmVyaVNpZ24s -IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTFFMEMGA1UEAxM8VmVyaVNp -Z24gQ2xhc3MgMiBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0 -eSAtIEczMB4XDTk5MTAwMTAwMDAwMFoXDTM2MDcxNjIzNTk1OVowgcoxCzAJBgNV -BAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVyaVNp -Z24gVHJ1c3QgTmV0d29yazE6MDgGA1UECxMxKGMpIDE5OTkgVmVyaVNpZ24sIElu -Yy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTFFMEMGA1UEAxM8VmVyaVNpZ24g -Q2xhc3MgMiBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAt -IEczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwoNwtUs22e5LeWU -J92lvuCwTY+zYVY81nzD9M0+hsuiiOLh2KRpxbXiv8GmR1BeRjmL1Za6tW8UvxDO -JxOeBUebMXoT2B/Z0wI3i60sR/COgQanDTAM6/c8DyAd3HJG7qUCyFvDyVZpTMUY -wZF7C9UTAJu878NIPkZgIIUq1ZC2zYugzDLdt/1AVbJQHFauzI13TccgTacxdu9o -koqQHgiBVrKtaaNS0MscxCM9H5n+TOgWY47GCI72MfbS+uV23bUckqNJzc0BzWjN -qWm6o+sdDZykIKbBoMXRRkwXbdKsZj+WjOCE1Db/IlnF+RFgqF8EffIa9iVCYQ/E -Srg+iQIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQA0JhU8wI1NQ0kdvekhktdmnLfe -xbjQ5F1fdiLAJvmEOjr5jLX77GDx6M4EsMjdpwOPMPOY36TmpDHf0xwLRtxyID+u -7gU8pDM/CzmscHhzS5kr3zDCVLCoO1Wh/hYozUK9dG6A2ydEp85EXdQbkJgNHkKU -sQAsBNB0owIFImNjzYO1+8FtYmtpdf1dcEG59b98377BMnMiIYtYgXsVkXq642RI -sH/7NiXaldDxJBQX3RiAa0YjOVT1jmIJBB2UkKab5iXiQkWquJCtvgiPqQtCGJTP -cjnhsUPgKM+351psE2tJs//jGHyJizNdrDPXp/naOlXJWBD5qu9ats9LS98q ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEGjCCAwICEQCbfgZJoz5iudXukEhxKe9XMA0GCSqGSIb3DQEBBQUAMIHKMQsw -CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl -cmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWdu -LCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlT -aWduIENsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3Jp -dHkgLSBHMzAeFw05OTEwMDEwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMIHKMQswCQYD -VQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlT -aWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJ -bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWdu -IENsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg -LSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMu6nFL8eB8aHm8b -N3O9+MlrlBIwT/A2R/XQkQr1F8ilYcEWQE37imGQ5XYgwREGfassbqb1EUGO+i2t -KmFZpGcmTNDovFJbcCAEWNF6yaRpvIMXZK0Fi7zQWM6NjPXr8EJJC52XJ2cybuGu -kxUccLwgTS8Y3pKI6GyFVxEa6X7jJhFUokWWVYPKMIno3Nij7SqAP395ZVc+FSBm -CC+Vk7+qRy+oRpfwEuL+wgorUeZ25rdGt+INpsyow0xZVYnm6FNcHOqd8GIWC6fJ -Xwzw3sJ2zq/3avL6QaaiMxTJ5Xpj055iN9WFZZ4O5lMkdBteHRJTW8cs54NJOxWu -imi5V5cCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAERSWwauSCPc/L8my/uRan2Te -2yFPhpk0djZX3dAVL8WtfxUfN2JzPtTnX84XA9s1+ivbrmAJXx5fj267Cz3qWhMe -DGBvtcC1IyIuBwvLqXTLR7sdwdela8wv0kL9Sd2nic9TutoAWii/gt/4uhMdUIaC -/Y4wjylGsB49Ndo4YhYYSq3mtlFs3q9i6wHQHiT+eo8SGhJouPtmmRQURVyu565p -F4ErWjfJXir0xuKhXFSbplQAz/DxwceYMBo7Nhbbo27q/a2ywtrvAkcTisDxszGt -TxzhT5yvDwyd93gN2PQ1VoDat20Xj50egWTh/sVFuq1ruQp6Tk9LhO5L8X3dEQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDojCCAoqgAwIBAgIQE4Y1TR0/BvLB+WUF1ZAcYjANBgkqhkiG9w0BAQUFADBr -MQswCQYDVQQGEwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UECxMmVmlzYSBJbnRl -cm5hdGlvbmFsIFNlcnZpY2UgQXNzb2NpYXRpb24xHDAaBgNVBAMTE1Zpc2EgZUNv -bW1lcmNlIFJvb3QwHhcNMDIwNjI2MDIxODM2WhcNMjIwNjI0MDAxNjEyWjBrMQsw -CQYDVQQGEwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UECxMmVmlzYSBJbnRlcm5h -dGlvbmFsIFNlcnZpY2UgQXNzb2NpYXRpb24xHDAaBgNVBAMTE1Zpc2EgZUNvbW1l -cmNlIFJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvV95WHm6h -2mCxlCfLF9sHP4CFT8icttD0b0/Pmdjh28JIXDqsOTPHH2qLJj0rNfVIsZHBAk4E -lpF7sDPwsRROEW+1QK8bRaVK7362rPKgH1g/EkZgPI2h4H3PVz4zHvtH8aoVlwdV -ZqW1LS7YgFmypw23RuwhY/81q6UCzyr0TP579ZRdhE2o8mCP2w4lPJ9zcc+U30rq -299yOIzzlr3xF7zSujtFWsan9sYXiwGd/BmoKoMWuDpI/k4+oKsGGelT84ATB+0t -vz8KPFUgOSwsAGl0lUq8ILKpeeUYiZGo3BxN77t+Nwtd/jmliFKMAGzsGHxBvfaL -dXe6YJ2E5/4tAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD -AgEGMB0GA1UdDgQWBBQVOIMPPyw/cDMezUb+B4wg4NfDtzANBgkqhkiG9w0BAQUF -AAOCAQEAX/FBfXxcCLkr4NWSR/pnXKUTwwMhmytMiUbPWU3J/qVAtmPN3XEolWcR -zCSs00Rsca4BIGsDoo8Ytyk6feUWYFN4PMCvFYP3j1IzJL1kk5fui/fbGKhtcbP3 -LBfQdCVp9/5rPJS+TUtBjE7ic9DjkCJzQ83z7+pzzkWKsKZJ/0x9nXGIxHYdkFsd -7v3M9+79YKWxehZx0RbQfBI8bGmX265fOZpwLwU8GUYEmSA20GBuYQa7FkKMcPcw -++DbZqMAAb3mLNqRX6BGi01qnD093QVG/na/oAo85ADmJ7f/hC3euiInlhBx6yLt -398znM/jra6O1I7mT1GvFpLgXPYHDw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEMDCCAxigAwIBAgIQUJRs7Bjq1ZxN1ZfvdY+grTANBgkqhkiG9w0BAQUFADCB -gjELMAkGA1UEBhMCVVMxHjAcBgNVBAsTFXd3dy54cmFtcHNlY3VyaXR5LmNvbTEk -MCIGA1UEChMbWFJhbXAgU2VjdXJpdHkgU2VydmljZXMgSW5jMS0wKwYDVQQDEyRY -UmFtcCBHbG9iYWwgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQxMTAxMTcx -NDA0WhcNMzUwMTAxMDUzNzE5WjCBgjELMAkGA1UEBhMCVVMxHjAcBgNVBAsTFXd3 -dy54cmFtcHNlY3VyaXR5LmNvbTEkMCIGA1UEChMbWFJhbXAgU2VjdXJpdHkgU2Vy -dmljZXMgSW5jMS0wKwYDVQQDEyRYUmFtcCBHbG9iYWwgQ2VydGlmaWNhdGlvbiBB -dXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYJB69FbS6 -38eMpSe2OAtp87ZOqCwuIR1cRN8hXX4jdP5efrRKt6atH67gBhbim1vZZ3RrXYCP -KZ2GG9mcDZhtdhAoWORlsH9KmHmf4MMxfoArtYzAQDsRhtDLooY2YKTVMIJt2W7Q -DxIEM5dfT2Fa8OT5kavnHTu86M/0ay00fOJIYRyO82FEzG+gSqmUsE3a56k0enI4 -qEHMPJQRfevIpoy3hsvKMzvZPTeL+3o+hiznc9cKV6xkmxnr9A8ECIqsAxcZZPRa -JSKNNCyy9mgdEm3Tih4U2sSPpuIjhdV6Db1q4Ons7Be7QhtnqiXtRYMh/MHJfNVi -PvryxS3T/dRlAgMBAAGjgZ8wgZwwEwYJKwYBBAGCNxQCBAYeBABDAEEwCwYDVR0P -BAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFMZPoj0GY4QJnM5i5ASs -jVy16bYbMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwueHJhbXBzZWN1cml0 -eS5jb20vWEdDQS5jcmwwEAYJKwYBBAGCNxUBBAMCAQEwDQYJKoZIhvcNAQEFBQAD -ggEBAJEVOQMBG2f7Shz5CmBbodpNl2L5JFMn14JkTpAuw0kbK5rc/Kh4ZzXxHfAR -vbdI4xD2Dd8/0sm2qlWkSLoC295ZLhVbO50WfUfXN+pfTXYSNrsf16GBBEYgoyxt -qZ4Bfj8pzgCT3/3JknOJiWSe5yvkHJEs0rnOfc5vMZnT5r7SHpDwCRR5XCOrTdLa -IR9NmXmd4c8nnxCbHIgNsIpkQTG4DmyQJKSbXHGPurt+HBvbaoAPIbzp26a3QPSy -i6mx5O+aGtA9aZnuqCij4Tyz8LIRnM98QObd50N9otg6tamN8jSZxNQQ4Qb9CYQQ -O+7ETPTsJ3xCwnR8gooJybQDJbw= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDODCCAiCgAwIBAgIGIAYFFnACMA0GCSqGSIb3DQEBBQUAMDsxCzAJBgNVBAYT -AlJPMREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJR04gUk9PVCBD -QTAeFw0wNjA3MDQxNzIwMDRaFw0zMTA3MDQxNzIwMDRaMDsxCzAJBgNVBAYTAlJP -MREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJR04gUk9PVCBDQTCC -ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALczuX7IJUqOtdu0KBuqV5Do -0SLTZLrTk+jUrIZhQGpgV2hUhE28alQCBf/fm5oqrl0Hj0rDKH/v+yv6efHHrfAQ -UySQi2bJqIirr1qjAOm+ukbuW3N7LBeCgV5iLKECZbO9xSsAfsT8AzNXDe3i+s5d -RdY4zTW2ssHQnIFKquSyAVwdj1+ZxLGt24gh65AIgoDzMKND5pCCrlUoSe1b16kQ -OA7+j0xbm0bqQfWwCHTD0IgztnzXdN/chNFDDnU5oSVAKOp4yw4sLjmdjItuFhwv -JoIQ4uNllAoEwF73XVv4EOLQunpL+943AAAaWyjj0pxzPjKHmKHJUS/X3qwzs08C -AwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAcYwHQYDVR0O -BBYEFOCMm9slSbPxfIbWskKHC9BroNnkMA0GCSqGSIb3DQEBBQUAA4IBAQA+0hyJ -LjX8+HXd5n9liPRyTMks1zJO890ZeUe9jjtbkw9QSSQTaxQGcu8J06Gh40CEyecY -MnQ8SG4Pn0vU9x7Tk4ZkVJdjclDVVc/6IJMCopvDI5NOFlV2oHB5bc0hH88vLbwZ -44gx+FkagQnIl6Z0x2DEW8xXjrJ1/RsCCdtZb3KTafcxQdaIOL+Hsr0Wefmq5L6I -Jd1hJyMctTEHBDa0GpC9oHRxUIltvBTjD4au8as+x6AJzKNI0eDbZOeStc+vckNw -i/nDhDwTqn6Sm1dTk/pwwpEOMfmbZ13pljheX7NzTogVZ96edhBiIL5VaZVDADlN -9u6wWk5JRFRYX0KD ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFsDCCA5igAwIBAgIQFci9ZUdcr7iXAF7kBtK8nTANBgkqhkiG9w0BAQUFADBe -MQswCQYDVQQGEwJUVzEjMCEGA1UECgwaQ2h1bmdod2EgVGVsZWNvbSBDby4sIEx0 -ZC4xKjAoBgNVBAsMIWVQS0kgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAe -Fw0wNDEyMjAwMjMxMjdaFw0zNDEyMjAwMjMxMjdaMF4xCzAJBgNVBAYTAlRXMSMw -IQYDVQQKDBpDaHVuZ2h3YSBUZWxlY29tIENvLiwgTHRkLjEqMCgGA1UECwwhZVBL -SSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIICIjANBgkqhkiG9w0BAQEF -AAOCAg8AMIICCgKCAgEA4SUP7o3biDN1Z82tH306Tm2d0y8U82N0ywEhajfqhFAH -SyZbCUNsIZ5qyNUD9WBpj8zwIuQf5/dqIjG3LBXy4P4AakP/h2XGtRrBp0xtInAh -ijHyl3SJCRImHJ7K2RKilTza6We/CKBk49ZCt0Xvl/T29de1ShUCWH2YWEtgvM3X -DZoTM1PRYfl61dd4s5oz9wCGzh1NlDivqOx4UXCKXBCDUSH3ET00hl7lSM2XgYI1 -TBnsZfZrxQWh7kcT1rMhJ5QQCtkkO7q+RBNGMD+XPNjX12ruOzjjK9SXDrkb5wdJ -fzcq+Xd4z1TtW0ado4AOkUPB1ltfFLqfpo0kR0BZv3I4sjZsN/+Z0V0OWQqraffA -sgRFelQArr5T9rXn4fg8ozHSqf4hUmTFpmfwdQcGlBSBVcYn5AGPF8Fqcde+S/uU -WH1+ETOxQvdibBjWzwloPn9s9h6PYq2lY9sJpx8iQkEeb5mKPtf5P0B6ebClAZLS -nT0IFaUQAS2zMnaolQ2zepr7BxB4EW/hj8e6DyUadCrlHJhBmd8hh+iVBmoKs2pH -dmX2Os+PYhcZewoozRrSgx4hxyy/vv9haLdnG7t4TY3OZ+XkwY63I2binZB1NJip -NiuKmpS5nezMirH4JYlcWrYvjB9teSSnUmjDhDXiZo1jDiVN1Rmy5nk3pyKdVDEC -AwEAAaNqMGgwHQYDVR0OBBYEFB4M97Zn8uGSJglFwFU5Lnc/QkqiMAwGA1UdEwQF -MAMBAf8wOQYEZyoHAAQxMC8wLQIBADAJBgUrDgMCGgUAMAcGBWcqAwAABBRFsMLH -ClZ87lt4DJX5GFPBphzYEDANBgkqhkiG9w0BAQUFAAOCAgEACbODU1kBPpVJufGB -uvl2ICO1J2B01GqZNF5sAFPZn/KmsSQHRGoqxqWOeBLoR9lYGxMqXnmbnwoqZ6Yl -PwZpVnPDimZI+ymBV3QGypzqKOg4ZyYr8dW1P2WT+DZdjo2NQCCHGervJ8A9tDkP -JXtoUHRVnAxZfVo9QZQlUgjgRywVMRnVvwdVxrsStZf0X4OFunHB2WyBEXYKCrC/ -gpf36j36+uwtqSiUO1bd0lEursC9CBWMd1I0ltabrNMdjmEPNXubrjlpC2JgQCA2 -j6/7Nu4tCEoduL+bXPjqpRugc6bY+G7gMwRfaKonh+3ZwZCc7b3jajWvY9+rGNm6 -5ulK6lCKD2GTHuItGeIwlDWSXQ62B68ZgI9HkFFLLk3dheLSClIKF5r8GrBQAuUB -o2M3IUxExJtRmREOc5wGj1QupyheRDmHVi03vYVElOEMSyycw5KFNGHLD7ibSkNS -/jQ6fbjpKdx2qcgw+BRxgMYeNkh0IkFch4LoGHGLQYlE535YW6i4jRPpp2zDR+2z -Gp1iro2C6pSe3VkQw63d4k3jMdXH7OjysP6SHhYKGvzZ8/gntsm+HbRsZJB/9OTE -W9c3rkIO3aQab3yIVMUWbuF6aC74Or8NpDyJO3inTmODBCEIZ43ygknQW/2xzQ+D -hNQ+IIX3Sj0rnP0qCglN6oH4EZw= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEIDCCAwigAwIBAgIQNE7VVyDV7exJ9C/ON9srbTANBgkqhkiG9w0BAQUFADCB -qTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf -Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIw -MDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNV -BAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMDYxMTE3MDAwMDAwWhcNMzYw -NzE2MjM1OTU5WjCBqTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5j -LjEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYG -A1UECxMvKGMpIDIwMDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNl -IG9ubHkxHzAdBgNVBAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsoPD7gFnUnMekz52hWXMJEEUMDSxuaPFs -W0hoSVk3/AszGcJ3f8wQLZU0HObrTQmnHNK4yZc2AreJ1CRfBsDMRJSUjQJib+ta -3RGNKJpchJAQeg29dGYvajig4tVUROsdB58Hum/u6f1OCyn1PoSgAfGcq/gcfomk -6KHYcWUNo1F77rzSImANuVud37r8UVsLr5iy6S7pBOhih94ryNdOwUxkHt3Ph1i6 -Sk/KaAcdHJ1KxtUvkcx8cXIcxcBn6zL9yZJclNqFwJu/U30rCfSMnZEfl2pSy94J -NqR32HuHUETVPm4pafs5SSYeCaWAe0At6+gnhcn+Yf1+5nyXHdWdAgMBAAGjQjBA -MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBR7W0XP -r87Lev0xkhpqtvNG61dIUDANBgkqhkiG9w0BAQUFAAOCAQEAeRHAS7ORtvzw6WfU -DW5FvlXok9LOAz/t2iWwHVfLHjp2oEzsUHboZHIMpKnxuIvW1oeEuzLlQRHAd9mz -YJ3rG9XRbkREqaYB7FViHXe4XI5ISXycO1cRrK1zN44veFyQaEfZYGDm/Ac9IiAX -xPcW6cTYcvnIc3zfFi8VqT79aie2oetaupgf1eNNZAqdE8hhuvU5HIe6uL17In/2 -/qxAeeWsEG89jxt5dovEN7MhGITlNgDrYyCZuen+MwS7QcjBAvlEYyCegc5C09Y/ -LHbTY5xZ3Y+m4Q6gLkH3LpVHz7z9M/P2C2F+fpErgUfCJzDupxBdN49cOSvkBPB7 -jVaMaA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICiDCCAg2gAwIBAgIQNfwmXNmET8k9Jj1Xm67XVjAKBggqhkjOPQQDAzCBhDEL -MAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjE4MDYGA1UECxMvKGMp -IDIwMDcgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxJDAi -BgNVBAMTG3RoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EgLSBHMjAeFw0wNzExMDUwMDAw -MDBaFw0zODAxMTgyMzU5NTlaMIGEMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhh -d3RlLCBJbmMuMTgwNgYDVQQLEy8oYykgMjAwNyB0aGF3dGUsIEluYy4gLSBGb3Ig -YXV0aG9yaXplZCB1c2Ugb25seTEkMCIGA1UEAxMbdGhhd3RlIFByaW1hcnkgUm9v -dCBDQSAtIEcyMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEotWcgnuVnfFSeIf+iha/ -BebfowJPDQfGAFG6DAJSLSKkQjnE/o/qycG+1E3/n3qe4rF8mq2nhglzh9HnmuN6 -papu+7qzcMBniKI11KOasf2twu8x+qi58/sIxpHR+ymVo0IwQDAPBgNVHRMBAf8E -BTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUmtgAMADna3+FGO6Lts6K -DPgR4bswCgYIKoZIzj0EAwMDaQAwZgIxAN344FdHW6fmCsO99YCKlzUNG4k8VIZ3 -KMqh9HneteY4sPBlcIx/AlTCv//YoT7ZzwIxAMSNlPzcU9LcnXgWHxUzI1NS41ox -XZ3Krr0TKUQNJ1uo52icEvdYPy5yAlejj6EULg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEKjCCAxKgAwIBAgIQYAGXt0an6rS0mtZLL/eQ+zANBgkqhkiG9w0BAQsFADCB -rjELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf -Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIw -MDggdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxJDAiBgNV -BAMTG3RoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EgLSBHMzAeFw0wODA0MDIwMDAwMDBa -Fw0zNzEyMDEyMzU5NTlaMIGuMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3Rl -LCBJbmMuMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9u -MTgwNgYDVQQLEy8oYykgMjAwOCB0aGF3dGUsIEluYy4gLSBGb3IgYXV0aG9yaXpl -ZCB1c2Ugb25seTEkMCIGA1UEAxMbdGhhd3RlIFByaW1hcnkgUm9vdCBDQSAtIEcz -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsr8nLPvb2FvdeHsbnndm -gcs+vHyu86YnmjSjaDFxODNi5PNxZnmxqWWjpYvVj2AtP0LMqmsywCPLLEHd5N/8 -YZzic7IilRFDGF/Eth9XbAoFWCLINkw6fKXRz4aviKdEAhN0cXMKQlkC+BsUa0Lf -b1+6a4KinVvnSr0eAXLbS3ToO39/fR8EtCab4LRarEc9VbjXsCZSKAExQGbY2SS9 -9irY7CFJXJv2eul/VTV+lmuNk5Mny5K76qxAwJ/C+IDPXfRa3M50hqY+bAtTyr2S -zhkGcuYMXDhpxwTWvGzOW/b3aJzcJRVIiKHpqfiYnODz1TEoYRFsZ5aNOZnLwkUk -OQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNV -HQ4EFgQUrWyqlGCc7eT/+j4KdCtjA/e2Wb8wDQYJKoZIhvcNAQELBQADggEBABpA -2JVlrAmSicY59BDlqQ5mU1143vokkbvnRFHfxhY0Cu9qRFHqKweKA3rD6z8KLFIW -oCtDuSWQP3CpMyVtRRooOyfPqsMpQhvfO0zAMzRbQYi/aytlryjvsvXDqmbOe1bu -t8jLZ8HJnBoYuMTDSQPxYA5QzUbF83d597YV4Djbxy8ooAw/dyZ02SUS2jHaGh7c -KUGRIjxpp7sC8rZcJwOJ9Abqm+RyguOhCcHpABnTPtRwa7pxpqpYrvS76Wy274fM -m7v/OeZWYdMKp8RcTGB7BXcmer/YB1IsYvdwY9k5vG8cwnncdimvzsUsZAReiDZu -MdRAGmI0Nj81Aa6sY6A= ------END CERTIFICATE----- diff --git a/bitnami/argo-workflow-cli/3/debian-11/tags-info.yaml b/bitnami/argo-workflow-cli/3/debian-11/tags-info.yaml deleted file mode 100644 index 626ef4510f57..000000000000 --- a/bitnami/argo-workflow-cli/3/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "3" -- 3-debian-11 -- 3.5.4 -- latest diff --git a/bitnami/argo-workflow-controller/3/debian-11/Dockerfile b/bitnami/argo-workflow-controller/3/debian-11/Dockerfile deleted file mode 100644 index 4bbfff4a0c9e..000000000000 --- a/bitnami/argo-workflow-controller/3/debian-11/Dockerfile +++ /dev/null @@ -1,57 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye as builder - -ARG TARGETARCH - -ENV OS_ARCH="${TARGETARCH:-amd64}" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] - -# Install required system packages and dependencies -RUN install_packages ca-certificates curl tzdata -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "argo-workflow-controller-3.5.4-3-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done - -###### - -FROM scratch - -ARG TARGETARCH - -ENV OS_ARCH="${TARGETARCH:-amd64}" - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="scratch" \ - org.opencontainers.image.created="2024-02-19T21:20:27Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="3.5.4-debian-11-r5" \ - org.opencontainers.image.title="argo-workflow-controller" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="3.5.4" - -COPY prebuildfs / -COPY rootfs / -COPY --from=builder /opt/bitnami/../../usr/share/zoneinfo /usr/share/zoneinfo -COPY --from=builder /opt/bitnami/argo-workflow-controller/bin/workflow-controller /workflow-controller - -ENV APP_VERSION="3.5.4" \ - BITNAMI_APP_NAME="argo-workflow-controller" - -USER 1001 - -ENTRYPOINT [ "/workflow-controller" ] diff --git a/bitnami/argo-workflow-controller/3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/argo-workflow-controller/3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index d20c5950bddc..000000000000 --- a/bitnami/argo-workflow-controller/3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "argo-workflow-controller": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.5.4-3" - } -} \ No newline at end of file diff --git a/bitnami/argo-workflow-controller/3/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/argo-workflow-controller/3/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/argo-workflow-controller/3/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/argo-workflow-controller/3/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/argo-workflow-controller/3/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/argo-workflow-controller/3/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/argo-workflow-controller/3/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/argo-workflow-controller/3/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/argo-workflow-controller/3/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/argo-workflow-controller/3/debian-11/rootfs/etc/ssl/certs/ca-certificates.crt b/bitnami/argo-workflow-controller/3/debian-11/rootfs/etc/ssl/certs/ca-certificates.crt deleted file mode 100644 index 2d584626cce6..000000000000 --- a/bitnami/argo-workflow-controller/3/debian-11/rootfs/etc/ssl/certs/ca-certificates.crt +++ /dev/null @@ -1,3864 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIH0zCCBbugAwIBAgIIXsO3pkN/pOAwDQYJKoZIhvcNAQEFBQAwQjESMBAGA1UE -AwwJQUNDVlJBSVoxMRAwDgYDVQQLDAdQS0lBQ0NWMQ0wCwYDVQQKDARBQ0NWMQsw -CQYDVQQGEwJFUzAeFw0xMTA1MDUwOTM3MzdaFw0zMDEyMzEwOTM3MzdaMEIxEjAQ -BgNVBAMMCUFDQ1ZSQUlaMTEQMA4GA1UECwwHUEtJQUNDVjENMAsGA1UECgwEQUND -VjELMAkGA1UEBhMCRVMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCb -qau/YUqXry+XZpp0X9DZlv3P4uRm7x8fRzPCRKPfmt4ftVTdFXxpNRFvu8gMjmoY -HtiP2Ra8EEg2XPBjs5BaXCQ316PWywlxufEBcoSwfdtNgM3802/J+Nq2DoLSRYWo -G2ioPej0RGy9ocLLA76MPhMAhN9KSMDjIgro6TenGEyxCQ0jVn8ETdkXhBilyNpA -lHPrzg5XPAOBOp0KoVdDaaxXbXmQeOW1tDvYvEyNKKGno6e6Ak4l0Squ7a4DIrhr -IA8wKFSVf+DuzgpmndFALW4ir50awQUZ0m/A8p/4e7MCQvtQqR0tkw8jq8bBD5L/ -0KIV9VMJcRz/RROE5iZe+OCIHAr8Fraocwa48GOEAqDGWuzndN9wrqODJerWx5eH -k6fGioozl2A3ED6XPm4pFdahD9GILBKfb6qkxkLrQaLjlUPTAYVtjrs78yM2x/47 -4KElB0iryYl0/wiPgL/AlmXz7uxLaL2diMMxs0Dx6M/2OLuc5NF/1OVYm3z61PMO -m3WR5LpSLhl+0fXNWhn8ugb2+1KoS5kE3fj5tItQo05iifCHJPqDQsGH+tUtKSpa -cXpkatcnYGMN285J9Y0fkIkyF/hzQ7jSWpOGYdbhdQrqeWZ2iE9x6wQl1gpaepPl -uUsXQA+xtrn13k/c4LOsOxFwYIRKQ26ZIMApcQrAZQIDAQABo4ICyzCCAscwfQYI -KwYBBQUHAQEEcTBvMEwGCCsGAQUFBzAChkBodHRwOi8vd3d3LmFjY3YuZXMvZmls -ZWFkbWluL0FyY2hpdm9zL2NlcnRpZmljYWRvcy9yYWl6YWNjdjEuY3J0MB8GCCsG -AQUFBzABhhNodHRwOi8vb2NzcC5hY2N2LmVzMB0GA1UdDgQWBBTSh7Tj3zcnk1X2 -VuqB5TbMjB4/vTAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFNKHtOPfNyeT -VfZW6oHlNsyMHj+9MIIBcwYDVR0gBIIBajCCAWYwggFiBgRVHSAAMIIBWDCCASIG -CCsGAQUFBwICMIIBFB6CARAAQQB1AHQAbwByAGkAZABhAGQAIABkAGUAIABDAGUA -cgB0AGkAZgBpAGMAYQBjAGkA8wBuACAAUgBhAO0AegAgAGQAZQAgAGwAYQAgAEEA -QwBDAFYAIAAoAEEAZwBlAG4AYwBpAGEAIABkAGUAIABUAGUAYwBuAG8AbABvAGcA -7QBhACAAeQAgAEMAZQByAHQAaQBmAGkAYwBhAGMAaQDzAG4AIABFAGwAZQBjAHQA -cgDzAG4AaQBjAGEALAAgAEMASQBGACAAUQA0ADYAMAAxADEANQA2AEUAKQAuACAA -QwBQAFMAIABlAG4AIABoAHQAdABwADoALwAvAHcAdwB3AC4AYQBjAGMAdgAuAGUA -czAwBggrBgEFBQcCARYkaHR0cDovL3d3dy5hY2N2LmVzL2xlZ2lzbGFjaW9uX2Mu -aHRtMFUGA1UdHwROMEwwSqBIoEaGRGh0dHA6Ly93d3cuYWNjdi5lcy9maWxlYWRt -aW4vQXJjaGl2b3MvY2VydGlmaWNhZG9zL3JhaXphY2N2MV9kZXIuY3JsMA4GA1Ud -DwEB/wQEAwIBBjAXBgNVHREEEDAOgQxhY2N2QGFjY3YuZXMwDQYJKoZIhvcNAQEF -BQADggIBAJcxAp/n/UNnSEQU5CmH7UwoZtCPNdpNYbdKl02125DgBS4OxnnQ8pdp -D70ER9m+27Up2pvZrqmZ1dM8MJP1jaGo/AaNRPTKFpV8M9xii6g3+CfYCS0b78gU -JyCpZET/LtZ1qmxNYEAZSUNUY9rizLpm5U9EelvZaoErQNV/+QEnWCzI7UiRfD+m -AM/EKXMRNt6GGT6d7hmKG9Ww7Y49nCrADdg9ZuM8Db3VlFzi4qc1GwQA9j9ajepD -vV+JHanBsMyZ4k0ACtrJJ1vnE5Bc5PUzolVt3OAJTS+xJlsndQAJxGJ3KQhfnlms -tn6tn1QwIgPBHnFk/vk4CpYY3QIUrCPLBhwepH2NDd4nQeit2hW3sCPdK6jT2iWH -7ehVRE2I9DZ+hJp4rPcOVkkO1jMl1oRQQmwgEh0q1b688nCBpHBgvgW1m54ERL5h -I6zppSSMEYCUWqKiuUnSwdzRp+0xESyeGabu4VXhwOrPDYTkF7eifKXeVSUG7szA -h1xA2syVP1XgNce4hL60Xc16gwFy7ofmXx2utYXGJt/mwZrpHgJHnyqobalbz+xF -d3+YJ5oyXSrjhO7FmGYvliAd3djDJ9ew+f7Zfc3Qn48LFFhRny+Lwzgt3uiP1o2H -pPVWQxaZLPSkVrQ0uGE3ycJYgBugl6H8WY3pEfbRD0tVNEYqi4Y7 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFgzCCA2ugAwIBAgIPXZONMGc2yAYdGsdUhGkHMA0GCSqGSIb3DQEBCwUAMDsx -CzAJBgNVBAYTAkVTMREwDwYDVQQKDAhGTk1ULVJDTTEZMBcGA1UECwwQQUMgUkFJ -WiBGTk1ULVJDTTAeFw0wODEwMjkxNTU5NTZaFw0zMDAxMDEwMDAwMDBaMDsxCzAJ -BgNVBAYTAkVTMREwDwYDVQQKDAhGTk1ULVJDTTEZMBcGA1UECwwQQUMgUkFJWiBG -Tk1ULVJDTTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALpxgHpMhm5/ -yBNtwMZ9HACXjywMI7sQmkCpGreHiPibVmr75nuOi5KOpyVdWRHbNi63URcfqQgf -BBckWKo3Shjf5TnUV/3XwSyRAZHiItQDwFj8d0fsjz50Q7qsNI1NOHZnjrDIbzAz -WHFctPVrbtQBULgTfmxKo0nRIBnuvMApGGWn3v7v3QqQIecaZ5JCEJhfTzC8PhxF -tBDXaEAUwED653cXeuYLj2VbPNmaUtu1vZ5Gzz3rkQUCwJaydkxNEJY7kvqcfw+Z -374jNUUeAlz+taibmSXaXvMiwzn15Cou08YfxGyqxRxqAQVKL9LFwag0Jl1mpdIC -IfkYtwb1TplvqKtMUejPUBjFd8g5CSxJkjKZqLsXF3mwWsXmo8RZZUc1g16p6DUL -mbvkzSDGm0oGObVo/CK67lWMK07q87Hj/LaZmtVC+nFNCM+HHmpxffnTtOmlcYF7 -wk5HlqX2doWjKI/pgG6BU6VtX7hI+cL5NqYuSf+4lsKMB7ObiFj86xsc3i1w4peS -MKGJ47xVqCfWS+2QrYv6YyVZLag13cqXM7zlzced0ezvXg5KkAYmY6252TUtB7p2 -ZSysV4999AeU14ECll2jB0nVetBX+RvnU0Z1qrB5QstocQjpYL05ac70r8NWQMet -UqIJ5G+GR4of6ygnXYMgrwTJbFaai0b1AgMBAAGjgYMwgYAwDwYDVR0TAQH/BAUw -AwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFPd9xf3E6Jobd2Sn9R2gzL+H -YJptMD4GA1UdIAQ3MDUwMwYEVR0gADArMCkGCCsGAQUFBwIBFh1odHRwOi8vd3d3 -LmNlcnQuZm5tdC5lcy9kcGNzLzANBgkqhkiG9w0BAQsFAAOCAgEAB5BK3/MjTvDD -nFFlm5wioooMhfNzKWtN/gHiqQxjAb8EZ6WdmF/9ARP67Jpi6Yb+tmLSbkyU+8B1 -RXxlDPiyN8+sD8+Nb/kZ94/sHvJwnvDKuO+3/3Y3dlv2bojzr2IyIpMNOmqOFGYM -LVN0V2Ue1bLdI4E7pWYjJ2cJj+F3qkPNZVEI7VFY/uY5+ctHhKQV8Xa7pO6kO8Rf -77IzlhEYt8llvhjho6Tc+hj507wTmzl6NLrTQfv6MooqtyuGC2mDOL7Nii4LcK2N -JpLuHvUBKwrZ1pebbuCoGRw6IYsMHkCtA+fdZn71uSANA+iW+YJF1DngoABd15jm -fZ5nc8OaKveri6E6FO80vFIOiZiaBECEHX5FaZNXzuvO+FB8TxxuBEOb+dY7Ixjp -6o7RTUaN8Tvkasq6+yO3m/qZASlaWFot4/nUbQ4mrcFuNLwy+AwF+mWj2zs3gyLp -1txyM/1d8iC9djwj2ij3+RvrWWTV3F9yfiD8zYm1kGdNYno/Tq0dwzn+evQoFt9B -9kiABdcPUXmsEKvU7ANm5mqwujGSQkBqvjrTcuFqN1W8rB2Vt2lh8kORdOag0wok -RqEIr9baRRmW1FMdW4R58MD3R++Lj8UGrp1MYp3/RgT408m2ECVAdf4WqslKYIYv -uu8wd+RU4riEmViAqhOLUTpPSPaLtrM= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIGZjCCBE6gAwIBAgIPB35Sk3vgFeNX8GmMy+wMMA0GCSqGSIb3DQEBBQUAMHsx -CzAJBgNVBAYTAkNPMUcwRQYDVQQKDD5Tb2NpZWRhZCBDYW1lcmFsIGRlIENlcnRp -ZmljYWNpw7NuIERpZ2l0YWwgLSBDZXJ0aWPDoW1hcmEgUy5BLjEjMCEGA1UEAwwa -QUMgUmHDrXogQ2VydGljw6FtYXJhIFMuQS4wHhcNMDYxMTI3MjA0NjI5WhcNMzAw -NDAyMjE0MjAyWjB7MQswCQYDVQQGEwJDTzFHMEUGA1UECgw+U29jaWVkYWQgQ2Ft -ZXJhbCBkZSBDZXJ0aWZpY2FjacOzbiBEaWdpdGFsIC0gQ2VydGljw6FtYXJhIFMu -QS4xIzAhBgNVBAMMGkFDIFJhw616IENlcnRpY8OhbWFyYSBTLkEuMIICIjANBgkq -hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAq2uJo1PMSCMI+8PPUZYILrgIem08kBeG -qentLhM0R7LQcNzJPNCNyu5LF6vQhbCnIwTLqKL85XXbQMpiiY9QngE9JlsYhBzL -fDe3fezTf3MZsGqy2IiKLUV0qPezuMDU2s0iiXRNWhU5cxh0T7XrmafBHoi0wpOQ -Y5fzp6cSsgkiBzPZkc0OnB8OIMfuuzONj8LSWKdf/WU34ojC2I+GdV75LaeHM/J4 -Ny+LvB2GNzmxlPLYvEqcgxhaBvzz1NS6jBUJJfD5to0EfhcSM2tXSExP2yYe68yQ -54v5aHxwD6Mq0Do43zeX4lvegGHTgNiRg0JaTASJaBE8rF9ogEHMYELODVoqDA+b -MMCm8Ibbq0nXl21Ii/kDwFJnmxL3wvIumGVC2daa49AZMQyth9VXAnow6IYm+48j -ilSH5L887uvDdUhfHjlvgWJsxS3EF1QZtzeNnDeRyPYL1epjb4OsOMLzP96a++Ej -YfDIJss2yKHzMI+ko6Kh3VOz3vCaMh+DkXkwwakfU5tTohVTP92dsxA7SH2JD/zt -A/X7JWR1DhcZDY8AFmd5ekD8LVkH2ZD6mq093ICK5lw1omdMEWux+IBkAC1vImHF -rEsm5VoQgpukg3s0956JkSCXjrdCx2bD0Omk1vUgjcTDlaxECp1bczwmPS9KvqfJ -pxAe+59QafMCAwEAAaOB5jCB4zAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE -AwIBBjAdBgNVHQ4EFgQU0QnQ6dfOeXRU+Tows/RtLAMDG2gwgaAGA1UdIASBmDCB -lTCBkgYEVR0gADCBiTArBggrBgEFBQcCARYfaHR0cDovL3d3dy5jZXJ0aWNhbWFy -YS5jb20vZHBjLzBaBggrBgEFBQcCAjBOGkxMaW1pdGFjaW9uZXMgZGUgZ2FyYW50 -7WFzIGRlIGVzdGUgY2VydGlmaWNhZG8gc2UgcHVlZGVuIGVuY29udHJhciBlbiBs -YSBEUEMuMA0GCSqGSIb3DQEBBQUAA4ICAQBclLW4RZFNjmEfAygPU3zmpFmps4p6 -xbD/CHwso3EcIRNnoZUSQDWDg4902zNc8El2CoFS3UnUmjIz75uny3XlesuXEpBc -unvFm9+7OSPI/5jOCk0iAUgHforA1SBClETvv3eiiWdIG0ADBaGJ7M9i4z0ldma/ -Jre7Ir5v/zlXdLp6yQGVwZVR6Kss+LGGIOk/yzVb0hfpKv6DExdA7ohiZVvVO2Dp -ezy4ydV/NgIlqmjCMRW3MGXrfx1IebHPOeJCgBbT9ZMj/EyXyVo3bHwi2ErN0o42 -gzmRkBDI8ck1fj+404HGIGQatlDCIaR43NAvO2STdPCWkPHv+wlaNECW8DYSwaN0 -jJN+Qd53i+yG2dIPPy3RzECiiWZIHiCznCNZc6lEc7wkeZBWN7PGKX6jD/EpOe9+ -XCgycDWs2rjIdWb8m0w5R44bb5tNAlQiM+9hup4phO9OSzNHdpdqy35f/RWmnkJD -W2ZaiogN9xa5P1FlK2Zqi9E4UqLWRhH6/JocdJ6PlwsCT2TG9WjTSy3/pDceiz+/ -RL5hRqGEPQgnTIEgd4kI6mdAXmwIUV80WoyWaM3X94nCHNMyAK9Sy9NgWyo6R35r -MDOhYil/SrnhLecUIw4OGEfhefwVVdCx/CVxY3UzHCMrr1zZ7Ud3YA47Dx7SwNxk -BYn8eNZcLCZDqQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFuzCCA6OgAwIBAgIIVwoRl0LE48wwDQYJKoZIhvcNAQELBQAwazELMAkGA1UE -BhMCSVQxDjAMBgNVBAcMBU1pbGFuMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8w -MzM1ODUyMDk2NzEnMCUGA1UEAwweQWN0YWxpcyBBdXRoZW50aWNhdGlvbiBSb290 -IENBMB4XDTExMDkyMjExMjIwMloXDTMwMDkyMjExMjIwMlowazELMAkGA1UEBhMC -SVQxDjAMBgNVBAcMBU1pbGFuMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8wMzM1 -ODUyMDk2NzEnMCUGA1UEAwweQWN0YWxpcyBBdXRoZW50aWNhdGlvbiBSb290IENB -MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAp8bEpSmkLO/lGMWwUKNv -UTufClrJwkg4CsIcoBh/kbWHuUA/3R1oHwiD1S0eiKD4j1aPbZkCkpAW1V8IbInX -4ay8IMKx4INRimlNAJZaby/ARH6jDuSRzVju3PvHHkVH3Se5CAGfpiEd9UEtL0z9 -KK3giq0itFZljoZUj5NDKd45RnijMCO6zfB9E1fAXdKDa0hMxKufgFpbOr3JpyI/ -gCczWw63igxdBzcIy2zSekciRDXFzMwujt0q7bd9Zg1fYVEiVRvjRuPjPdA1Yprb -rxTIW6HMiRvhMCb8oJsfgadHHwTrozmSBp+Z07/T6k9QnBn+locePGX2oxgkg4YQ -51Q+qDp2JE+BIcXjDwL4k5RHILv+1A7TaLndxHqEguNTVHnd25zS8gebLra8Pu2F -be8lEfKXGkJh90qX6IuxEAf6ZYGyojnP9zz/GPvG8VqLWeICrHuS0E4UT1lF9gxe -KF+w6D9Fz8+vm2/7hNN3WpVvrJSEnu68wEqPSpP4RCHiMUVhUE4Q2OM1fEwZtN4F -v6MGn8i1zeQf1xcGDXqVdFUNaBr8EBtiZJ1t4JWgw5QHVw0U5r0F+7if5t+L4sbn -fpb2U8WANFAoWPASUHEXMLrmeGO89LKtmyuy/uE5jF66CyCU3nuDuP/jVo23Eek7 -jPKxwV2dpAtMK9myGPW1n0sCAwEAAaNjMGEwHQYDVR0OBBYEFFLYiDrIn3hm7Ynz -ezhwlMkCAjbQMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUUtiIOsifeGbt -ifN7OHCUyQICNtAwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4ICAQAL -e3KHwGCmSUyIWOYdiPcUZEim2FgKDk8TNd81HdTtBjHIgT5q1d07GjLukD0R0i70 -jsNjLiNmsGe+b7bAEzlgqqI0JZN1Ut6nna0Oh4lScWoWPBkdg/iaKWW+9D+a2fDz -WochcYBNy+A4mz+7+uAwTc+G02UQGRjRlwKxK3JCaKygvU5a2hi/a5iB0P2avl4V -SM0RFbnAKVy06Ij3Pjaut2L9HmLecHgQHEhb2rykOLpn7VU+Xlff1ANATIGk0k9j -pwlCCRT8AKnCgHNPLsBA2RF7SOp6AsDT6ygBJlh0wcBzIm2Tlf05fbsq4/aC4yyX -X04fkZT6/iyj2HYauE2yOE+b+h1IYHkm4vP9qdCa6HCPSXrW5b0KDtst842/6+Ok -fcvHlXHo2qN8xcL4dJIEG4aspCJTQLas/kx2z/uUMsA1n3Y/buWQbqCmJqK4LL7R -K4X9p2jIugErsWx0Hbhzlefut8cl8ABMALJ+tguLHPPAUJ4lueAI3jZm/zel0btU -ZCzJJ7VLkn5l/9Mt4blOvH+kQSGQQXemOR/qnuOf0GZvBeyqdn6/axag67XH/JJU -LysRJyU3eExRarDzzFhdFPFqSBX/wge2sY0PjlxQRrM9vwGYT7JZVEc+NHt4bVaT -LnPqZih4zR0Uv6CPLy64Lo7yFIrM6bV8+2ydDKXhlg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIENjCCAx6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBvMQswCQYDVQQGEwJTRTEU -MBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4dGVybmFs -IFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBFeHRlcm5hbCBDQSBSb290 -MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFowbzELMAkGA1UEBhMCU0Ux -FDASBgNVBAoTC0FkZFRydXN0IEFCMSYwJAYDVQQLEx1BZGRUcnVzdCBFeHRlcm5h -bCBUVFAgTmV0d29yazEiMCAGA1UEAxMZQWRkVHJ1c3QgRXh0ZXJuYWwgQ0EgUm9v -dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALf3GjPm8gAELTngTlvt -H7xsD821+iO2zt6bETOXpClMfZOfvUq8k+0DGuOPz+VtUFrWlymUWoCwSXrbLpX9 -uMq/NzgtHj6RQa1wVsfwTz/oMp50ysiQVOnGXw94nZpAPA6sYapeFI+eh6FqUNzX -mk6vBbOmcZSccbNQYArHE504B4YCqOmoaSYYkKtMsE8jqzpPhNjfzp/haW+710LX -a0Tkx63ubUFfclpxCDezeWWkWaCUN/cALw3CknLa0Dhy2xSoRcRdKn23tNbE7qzN -E0S3ySvdQwAl+mG5aWpYIxG3pzOPVnVZ9c0p10a3CitlttNCbxWyuHv77+ldU9U0 -WicCAwEAAaOB3DCB2TAdBgNVHQ4EFgQUrb2YejS0Jvf6xCZU7wO94CTLVBowCwYD -VR0PBAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wgZkGA1UdIwSBkTCBjoAUrb2YejS0 -Jvf6xCZU7wO94CTLVBqhc6RxMG8xCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRU -cnVzdCBBQjEmMCQGA1UECxMdQWRkVHJ1c3QgRXh0ZXJuYWwgVFRQIE5ldHdvcmsx -IjAgBgNVBAMTGUFkZFRydXN0IEV4dGVybmFsIENBIFJvb3SCAQEwDQYJKoZIhvcN -AQEFBQADggEBALCb4IUlwtYj4g+WBpKdQZic2YR5gdkeWxQHIzZlj7DYd7usQWxH -YINRsPkyPef89iYTx4AWpb9a/IfPeHmJIZriTAcKhjW88t5RxNKWt9x+Tu5w/Rw5 -6wwCURQtjr0W4MHfRnXnJK3s9EK0hZNwEGe6nQY1ShjTK3rMUUKhemPR5ruhxSvC -Nr4TDea9Y355e6cJDUCrat2PisP29owaQgVR1EX1n6diIWgVIEM8med8vSTYqZEX -c4g/VhsxOBi0cQ+azcgOno4uG+GMmIPLHzHxREzGBHNJdmAPx/i9F4BrLunMTA5a -mnkPIAou1Z5jJh5VkpTYghdae9C8x49OhgQ= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEGDCCAwCgAwIBAgIBATANBgkqhkiG9w0BAQUFADBlMQswCQYDVQQGEwJTRTEU -MBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3 -b3JrMSEwHwYDVQQDExhBZGRUcnVzdCBDbGFzcyAxIENBIFJvb3QwHhcNMDAwNTMw -MTAzODMxWhcNMjAwNTMwMTAzODMxWjBlMQswCQYDVQQGEwJTRTEUMBIGA1UEChML -QWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3b3JrMSEwHwYD -VQQDExhBZGRUcnVzdCBDbGFzcyAxIENBIFJvb3QwggEiMA0GCSqGSIb3DQEBAQUA -A4IBDwAwggEKAoIBAQCWltQhSWDia+hBBwzexODcEyPNwTXH+9ZOEQpnXvUGW2ul -CDtbKRY654eyNAbFvAWlA3yCyykQruGIgb3WntP+LVbBFc7jJp0VLhD7Bo8wBN6n -tGO0/7Gcrjyvd7ZWxbWroulpOj0OM3kyP3CCkplhbY0wCI9xP6ZIVxn4JdxLZlyl -dI+Yrsj5wAYi56xz36Uu+1LcsRVlIPo1Zmne3yzxbrww2ywkEtvrNTVokMsAsJch -PXQhI2U0K7t4WaPW4XY5mqRJjox0r26kmqPZm9I4XJuiGMx1I4S+6+JNM3GOGvDC -+Mcdoq0Dlyz4zyXG9rgkMbFjXZJ/Y/AlyVMuH79NAgMBAAGjgdIwgc8wHQYDVR0O -BBYEFJWxtPCUtr3H2tERCSG+wa9J/RB7MAsGA1UdDwQEAwIBBjAPBgNVHRMBAf8E -BTADAQH/MIGPBgNVHSMEgYcwgYSAFJWxtPCUtr3H2tERCSG+wa9J/RB7oWmkZzBl -MQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFk -ZFRydXN0IFRUUCBOZXR3b3JrMSEwHwYDVQQDExhBZGRUcnVzdCBDbGFzcyAxIENB -IFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBACxtZBsfzQ3duQH6lmM0MkhHma6X -7f1yFqZzR1r0693p9db7RcwpiURdv0Y5PejuvE1Uhh4dbOMXJ0PhiVYrqW9yTkkz -43J8KiOavD7/KCrto/8cI7pDVwlnTUtiBi34/2ydYB7YHEt9tTEv2dB8Xfjea4MY -eDdXL+gzB2ffHsdrKpV2ro9Xo/D0UrSpUwjP4E/TelOL/bscVjby/rK25Xa71SJl -pz/+0WatC7xrmYbvP33zGDLKe8bjq2RGlfgmadlVg3sslgf/WSxEo8bl6ancoWOA -WiFeIc9TVPC6b4nbqKqVz4vjccweGyBECMB6tkD9xOQ14R0WHNC8K47Wcdk= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDTDCCAjSgAwIBAgIId3cGJyapsXwwDQYJKoZIhvcNAQELBQAwRDELMAkGA1UE -BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVz -dCBDb21tZXJjaWFsMB4XDTEwMDEyOTE0MDYwNloXDTMwMTIzMTE0MDYwNlowRDEL -MAkGA1UEBhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZp -cm1UcnVzdCBDb21tZXJjaWFsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC -AQEA9htPZwcroRX1BiLLHwGy43NFBkRJLLtJJRTWzsO3qyxPxkEylFf6EqdbDuKP -Hx6GGaeqtS25Xw2Kwq+FNXkyLbscYjfysVtKPcrNcV/pQr6U6Mje+SJIZMblq8Yr -ba0F8PrVC8+a5fBQpIs7R6UjW3p6+DM/uO+Zl+MgwdYoic+U+7lF7eNAFxHUdPAL -MeIrJmqbTFeurCA+ukV6BfO9m2kVrn1OIGPENXY6BwLJN/3HR+7o8XYdcxXyl6S1 -yHp52UKqK39c/s4mT6NmgTWvRLpUHhwwMmWd5jyTXlBOeuM61G7MGvv50jeuJCqr -VwMiKA1JdX+3KNp1v47j3A55MQIDAQABo0IwQDAdBgNVHQ4EFgQUnZPGU4teyq8/ -nx4P5ZmVvCT2lI8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwDQYJ -KoZIhvcNAQELBQADggEBAFis9AQOzcAN/wr91LoWXym9e2iZWEnStB03TX8nfUYG -XUPGhi4+c7ImfU+TqbbEKpqrIZcUsd6M06uJFdhrJNTxFq7YpFzUf1GO7RgBsZNj -vbz4YYCanrHOQnDiqX0GJX0nof5v7LMeJNrjS1UaADs1tDvZ110w/YETifLCBivt -Z8SOyUOyXGsViQK8YvxO8rUzqrJv0wqiUOP2O+guRMLbZjipM1ZI8W0bM40NjD9g -N53Tym1+NH4Nn3J2ixufcv1SNUFFApYvHLKac0khsUlHRUe072o0EclNmsxZt9YC -nlpOZbWUrhvfKbAW8b8Angc6F2S1BLUjIZkKlTuXfO8= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDTDCCAjSgAwIBAgIIfE8EORzUmS0wDQYJKoZIhvcNAQEFBQAwRDELMAkGA1UE -BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVz -dCBOZXR3b3JraW5nMB4XDTEwMDEyOTE0MDgyNFoXDTMwMTIzMTE0MDgyNFowRDEL -MAkGA1UEBhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZp -cm1UcnVzdCBOZXR3b3JraW5nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC -AQEAtITMMxcua5Rsa2FSoOujz3mUTOWUgJnLVWREZY9nZOIG41w3SfYvm4SEHi3y -YJ0wTsyEheIszx6e/jarM3c1RNg1lho9Nuh6DtjVR6FqaYvZ/Ls6rnla1fTWcbua -kCNrmreIdIcMHl+5ni36q1Mr3Lt2PpNMCAiMHqIjHNRqrSK6mQEubWXLviRmVSRL -QESxG9fhwoXA3hA/Pe24/PHxI1Pcv2WXb9n5QHGNfb2V1M6+oF4nI979ptAmDgAp -6zxG8D1gvz9Q0twmQVGeFDdCBKNwV6gbh+0t+nvujArjqWaJGctB+d1ENmHP4ndG -yH329JKBNv3bNPFyfvMMFr20FQIDAQABo0IwQDAdBgNVHQ4EFgQUBx/S55zawm6i -QLSwelAQUHTEyL0wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwDQYJ -KoZIhvcNAQEFBQADggEBAIlXshZ6qML91tmbmzTCnLQyFE2npN/svqe++EPbkTfO -tDIuUFUaNU52Q3Eg75N3ThVwLofDwR1t3Mu1J9QsVtFSUzpE0nPIxBsFZVpikpzu -QY0x2+c06lkh1QF612S4ZDnNye2v7UsDSKegmQGA3GWjNq5lWUhPgkvIZfFXHeVZ -Lgo/bNjR9eUJtGxUAArgFU2HdW23WJZa3W3SAKD0m0i+wzekujbgfIeFlxoVot4u -olu9rxj5kFDNcFn4J2dHy8egBzp90SxdbBk6ZrV9/ZFvgrG+CJPbFEfxojfHRZ48 -x3evZKiT3/Zpg4Jg8klCNO1aAFSFHBY2kgxc+qatv9s= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFRjCCAy6gAwIBAgIIbYwURrGmCu4wDQYJKoZIhvcNAQEMBQAwQTELMAkGA1UE -BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MRwwGgYDVQQDDBNBZmZpcm1UcnVz -dCBQcmVtaXVtMB4XDTEwMDEyOTE0MTAzNloXDTQwMTIzMTE0MTAzNlowQTELMAkG -A1UEBhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MRwwGgYDVQQDDBNBZmZpcm1U -cnVzdCBQcmVtaXVtMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxBLf -qV/+Qd3d9Z+K4/as4Tx4mrzY8H96oDMq3I0gW64tb+eT2TZwamjPjlGjhVtnBKAQ -JG9dKILBl1fYSCkTtuG+kU3fhQxTGJoeJKJPj/CihQvL9Cl/0qRY7iZNyaqoe5rZ -+jjeRFcV5fiMyNlI4g0WJx0eyIOFJbe6qlVBzAMiSy2RjYvmia9mx+n/K+k8rNrS -s8PhaJyJ+HoAVt70VZVs+7pk3WKL3wt3MutizCaam7uqYoNMtAZ6MMgpv+0GTZe5 -HMQxK9VfvFMSF5yZVylmd2EhMQcuJUmdGPLu8ytxjLW6OQdJd/zvLpKQBY0tL3d7 -70O/Nbua2Plzpyzy0FfuKE4mX4+QaAkvuPjcBukumj5Rp9EixAqnOEhss/n/fauG -V+O61oV4d7pD6kh/9ti+I20ev9E2bFhc8e6kGVQa9QPSdubhjL08s9NIS+LI+H+S -qHZGnEJlPqQewQcDWkYtuJfzt9WyVSHvutxMAJf7FJUnM7/oQ0dG0giZFmA7mn7S -5u046uwBHjxIVkkJx0w3AJ6IDsBz4W9m6XJHMD4Q5QsDyZpCAGzFlH5hxIrff4Ia -C1nEWTJ3s7xgaVY5/bQGeyzWZDbZvUjthB9+pSKPKrhC9IK31FOQeE4tGv2Bb0TX -OwF0lkLgAOIua+rF7nKsu7/+6qqo+Nz2snmKtmcCAwEAAaNCMEAwHQYDVR0OBBYE -FJ3AZ6YMItkm9UWrpmVSESfYRaxjMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/ -BAQDAgEGMA0GCSqGSIb3DQEBDAUAA4ICAQCzV00QYk465KzquByvMiPIs0laUZx2 -KI15qldGF9X1Uva3ROgIRL8YhNILgM3FEv0AVQVhh0HctSSePMTYyPtwni94loMg -Nt58D2kTiKV1NpgIpsbfrM7jWNa3Pt668+s0QNiigfV4Py/VpfzZotReBA4Xrf5B -8OWycvpEgjNC6C1Y91aMYj+6QrCcDFx+LmUmXFNPALJ4fqENmS2NuB2OosSw/WDQ -MKSOyARiqcTtNd56l+0OOF6SL5Nwpamcb6d9Ex1+xghIsV5n61EIJenmJWtSKZGc -0jlzCFfemQa0W50QBuHCAKi4HEoCChTQwUHK+4w1IX2COPKpVJEZNZOUbWo6xbLQ -u4mGk+ibyQ86p3q4ofB4Rvr8Ny/lioTz3/4E2aFooC8k4gmVBtWVyuEklut89pMF -u+1z6S3RdTnX5yTb2E5fQ4+e0BQ5v1VwSJlXMbSc7kqYA5YwH2AG7hsj/oFgIxpH -YoWlzBk0gG+zrBrjn/B7SK3VAdlntqlyk+otZrWyuOQ9PLLvTIzq6we/qzWaVYa8 -GKa1qF60g2xraUDTn9zxw2lrueFtCfTxqlB2Cnp9ehehVZZCmTEJ3WARjQUwfuaO -RtGdFNrHF+QFlozEJLUbzxQHskD4o55BhrwE0GuWyCqANP2/7waj3VjFhT0+j/6e -KeC2uAloGRwYQw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB/jCCAYWgAwIBAgIIdJclisc/elQwCgYIKoZIzj0EAwMwRTELMAkGA1UEBhMC -VVMxFDASBgNVBAoMC0FmZmlybVRydXN0MSAwHgYDVQQDDBdBZmZpcm1UcnVzdCBQ -cmVtaXVtIEVDQzAeFw0xMDAxMjkxNDIwMjRaFw00MDEyMzExNDIwMjRaMEUxCzAJ -BgNVBAYTAlVTMRQwEgYDVQQKDAtBZmZpcm1UcnVzdDEgMB4GA1UEAwwXQWZmaXJt -VHJ1c3QgUHJlbWl1bSBFQ0MwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQNMF4bFZ0D -0KF5Nbc6PJJ6yhUczWLznCZcBz3lVPqj1swS6vQUX+iOGasvLkjmrBhDeKzQN8O9 -ss0s5kfiGuZjuD0uL3jET9v0D6RoTFVya5UdThhClXjMNzyR4ptlKymjQjBAMB0G -A1UdDgQWBBSaryl6wBE1NSZRMADDav5A1a7WPDAPBgNVHRMBAf8EBTADAQH/MA4G -A1UdDwEB/wQEAwIBBjAKBggqhkjOPQQDAwNnADBkAjAXCfOHiFBar8jAQr9HX/Vs -aobgxCd05DhT1wV/GzTjxi+zygk8N53X57hG8f2h4nECMEJZh0PUUd+60wkyWs6I -flc9nF9Ca/UHLbXwgpP5WW+uZPpY5Yse42O+tYHNbwKMeQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDQTCCAimgAwIBAgITBmyfz5m/jAo54vB4ikPmljZbyjANBgkqhkiG9w0BAQsF -ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6 -b24gUm9vdCBDQSAxMB4XDTE1MDUyNjAwMDAwMFoXDTM4MDExNzAwMDAwMFowOTEL -MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv -b3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALJ4gHHKeNXj -ca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgHFzZM -9O6II8c+6zf1tRn4SWiw3te5djgdYZ6k/oI2peVKVuRF4fn9tBb6dNqcmzU5L/qw -IFAGbHrQgLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6 -VOujw5H5SNz/0egwLX0tdHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L -93FcXmn/6pUCyziKrlA4b9v7LWIbxcceVOF34GfID5yHI9Y/QCB/IIDEgEw+OyQm -jgSubJrIqg0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC -AYYwHQYDVR0OBBYEFIQYzIU07LwMlJQuCFmcx7IQTgoIMA0GCSqGSIb3DQEBCwUA -A4IBAQCY8jdaQZChGsV2USggNiMOruYou6r4lK5IpDB/G/wkjUu0yKGX9rbxenDI -U5PMCCjjmCXPI6T53iHTfIUJrU6adTrCC2qJeHZERxhlbI1Bjjt/msv0tadQ1wUs -N+gDS63pYaACbvXy8MWy7Vu33PqUXHeeE6V/Uq2V8viTO96LXFvKWlJbYK8U90vv -o/ufQJVtMVT8QtPHRh8jrdkPSHCa2XV4cdFyQzR1bldZwgJcJmApzyMZFo6IQ6XU -5MsI+yMRQ+hDKXJioaldXgjUkK642M4UwtBV8ob2xJNDd2ZhwLnoQdeXeGADbkpy -rqXRfboQnoZsG4q5WTP468SQvvG5 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFQTCCAymgAwIBAgITBmyf0pY1hp8KD+WGePhbJruKNzANBgkqhkiG9w0BAQwF -ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6 -b24gUm9vdCBDQSAyMB4XDTE1MDUyNjAwMDAwMFoXDTQwMDUyNjAwMDAwMFowOTEL -MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv -b3QgQ0EgMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK2Wny2cSkxK -gXlRmeyKy2tgURO8TW0G/LAIjd0ZEGrHJgw12MBvIITplLGbhQPDW9tK6Mj4kHbZ -W0/jTOgGNk3Mmqw9DJArktQGGWCsN0R5hYGCrVo34A3MnaZMUnbqQ523BNFQ9lXg -1dKmSYXpN+nKfq5clU1Imj+uIFptiJXZNLhSGkOQsL9sBbm2eLfq0OQ6PBJTYv9K -8nu+NQWpEjTj82R0Yiw9AElaKP4yRLuH3WUnAnE72kr3H9rN9yFVkE8P7K6C4Z9r -2UXTu/Bfh+08LDmG2j/e7HJV63mjrdvdfLC6HM783k81ds8P+HgfajZRRidhW+me -z/CiVX18JYpvL7TFz4QuK/0NURBs+18bvBt+xa47mAExkv8LV/SasrlX6avvDXbR -8O70zoan4G7ptGmh32n2M8ZpLpcTnqWHsFcQgTfJU7O7f/aS0ZzQGPSSbtqDT6Zj -mUyl+17vIWR6IF9sZIUVyzfpYgwLKhbcAS4y2j5L9Z469hdAlO+ekQiG+r5jqFoz -7Mt0Q5X5bGlSNscpb/xVA1wf+5+9R+vnSUeVC06JIglJ4PVhHvG/LopyboBZ/1c6 -+XUyo05f7O0oYtlNc/LMgRdg7c3r3NunysV+Ar3yVAhU/bQtCSwXVEqY0VThUWcI -0u1ufm8/0i2BWSlmy5A5lREedCf+3euvAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMB -Af8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBSwDPBMMPQFWAJI/TPlUq9LhONm -UjANBgkqhkiG9w0BAQwFAAOCAgEAqqiAjw54o+Ci1M3m9Zh6O+oAA7CXDpO8Wqj2 -LIxyh6mx/H9z/WNxeKWHWc8w4Q0QshNabYL1auaAn6AFC2jkR2vHat+2/XcycuUY -+gn0oJMsXdKMdYV2ZZAMA3m3MSNjrXiDCYZohMr/+c8mmpJ5581LxedhpxfL86kS -k5Nrp+gvU5LEYFiwzAJRGFuFjWJZY7attN6a+yb3ACfAXVU3dJnJUH/jWS5E4ywl -7uxMMne0nxrpS10gxdr9HIcWxkPo1LsmmkVwXqkLN1PiRnsn/eBG8om3zEK2yygm -btmlyTrIQRNg91CMFa6ybRoVGld45pIq2WWQgj9sAq+uEjonljYE1x2igGOpm/Hl -urR8FLBOybEfdF849lHqm/osohHUqS0nGkWxr7JOcQ3AWEbWaQbLU8uz/mtBzUF+ -fUwPfHJ5elnNXkoOrJupmHN5fLT0zLm4BwyydFy4x2+IoZCn9Kr5v2c69BoVYh63 -n749sSmvZ6ES8lgQGVMDMBu4Gon2nL2XA46jCfMdiyHxtN/kHNGfZQIG6lzWE7OE -76KlXIx3KadowGuuQNKotOrN8I1LOJwZmhsoVLiJkO/KdYE+HvJkJMcYr07/R54H -9jVlpNMKVv/1F2Rs76giJUmTtt8AF9pYfl3uxRuw0dFfIRDH+fO6AgonB8Xx1sfT -4PsJYGw= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIBtjCCAVugAwIBAgITBmyf1XSXNmY/Owua2eiedgPySjAKBggqhkjOPQQDAjA5 -MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24g -Um9vdCBDQSAzMB4XDTE1MDUyNjAwMDAwMFoXDTQwMDUyNjAwMDAwMFowOTELMAkG -A1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJvb3Qg -Q0EgMzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABCmXp8ZBf8ANm+gBG1bG8lKl -ui2yEujSLtf6ycXYqm0fc4E7O5hrOXwzpcVOho6AF2hiRVd9RFgdszflZwjrZt6j -QjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBSr -ttvXBp43rDCGB5Fwx5zEGbF4wDAKBggqhkjOPQQDAgNJADBGAiEA4IWSoxe3jfkr -BqWTrBqYaGFy+uGh0PsceGCmQ5nFuMQCIQCcAu/xlJyzlvnrxir4tiz+OpAUFteM -YyRIHN8wfdVoOw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB8jCCAXigAwIBAgITBmyf18G7EEwpQ+Vxe3ssyBrBDjAKBggqhkjOPQQDAzA5 -MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24g -Um9vdCBDQSA0MB4XDTE1MDUyNjAwMDAwMFoXDTQwMDUyNjAwMDAwMFowOTELMAkG -A1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJvb3Qg -Q0EgNDB2MBAGByqGSM49AgEGBSuBBAAiA2IABNKrijdPo1MN/sGKe0uoe0ZLY7Bi -9i0b2whxIdIA6GO9mif78DluXeo9pcmBqqNbIJhFXRbb/egQbeOc4OO9X4Ri83Bk -M6DLJC9wuoihKqB1+IGuYgbEgds5bimwHvouXKNCMEAwDwYDVR0TAQH/BAUwAwEB -/zAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0OBBYEFNPsxzplbszh2naaVvuc84ZtV+WB -MAoGCCqGSM49BAMDA2gAMGUCMDqLIfG9fhGt0O9Yli/W651+kI0rz2ZVwyzjKKlw -CkcO8DdZEv8tmZQoTipPNU0zWgIxAOp1AE47xDqUEpHJWEadIRNyp4iciuRMStuW -1KyLa2tJElMzrdfkviT8tQp21KW8EA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDdzCCAl+gAwIBAgIIXDPLYixfszIwDQYJKoZIhvcNAQELBQAwPDEeMBwGA1UE -AwwVQXRvcyBUcnVzdGVkUm9vdCAyMDExMQ0wCwYDVQQKDARBdG9zMQswCQYDVQQG -EwJERTAeFw0xMTA3MDcxNDU4MzBaFw0zMDEyMzEyMzU5NTlaMDwxHjAcBgNVBAMM -FUF0b3MgVHJ1c3RlZFJvb3QgMjAxMTENMAsGA1UECgwEQXRvczELMAkGA1UEBhMC -REUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVhTuXbyo7LjvPpvMp -Nb7PGKw+qtn4TaA+Gke5vJrf8v7MPkfoepbCJI419KkM/IL9bcFyYie96mvr54rM -VD6QUM+A1JX76LWC1BTFtqlVJVfbsVD2sGBkWXppzwO3bw2+yj5vdHLqqjAqc2K+ -SZFhyBH+DgMq92og3AIVDV4VavzjgsG1xZ1kCWyjWZgHJ8cblithdHFsQ/H3NYkQ -4J7sVaE3IqKHBAUsR320HLliKWYoyrfhk/WklAOZuXCFteZI6o1Q/NnezG8HDt0L -cp2AMBYHlT8oDv3FdU9T1nSatCQujgKRz3bFmx5VdJx4IbHwLfELn8LVlhgf8FQi -eowHAgMBAAGjfTB7MB0GA1UdDgQWBBSnpQaxLKYJYO7Rl+lwrrw7GWzbITAPBgNV -HRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFKelBrEspglg7tGX6XCuvDsZbNshMBgG -A1UdIAQRMA8wDQYLKwYBBAGwLQMEAQEwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3 -DQEBCwUAA4IBAQAmdzTblEiGKkGdLD4GkGDEjKwLVLgfuXvTBznk+j57sj1O7Z8j -vZfza1zv7v1Apt+hk6EKhqzvINB5Ab149xnYJDE0BAGmuhWawyfc2E8PzBhj/5kP -DpFrdRbhIfzYJsdHt6bPWHJxfrrhTZVHO8mvbaG0weyJ9rQPOLXiZNwlz6bb65pc -maHFCN795trV1lpFDMS3wrUU77QR/w4VtfX128a961qn8FYiqTxlVMYVqL2Gns2D -lmh6cYGJ4Qvh6hEbaAjMaZ7snkGeRDImeuKHCnE96+RapNLbxc3G3mB/ufNPRJLv -KrcYPqcZ2Qt9sTdBQrC6YB3y/gkRsPCHe6ed ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIGFDCCA/ygAwIBAgIIU+w77vuySF8wDQYJKoZIhvcNAQEFBQAwUTELMAkGA1UE -BhMCRVMxQjBABgNVBAMMOUF1dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIEZpcm1h -cHJvZmVzaW9uYWwgQ0lGIEE2MjYzNDA2ODAeFw0wOTA1MjAwODM4MTVaFw0zMDEy -MzEwODM4MTVaMFExCzAJBgNVBAYTAkVTMUIwQAYDVQQDDDlBdXRvcmlkYWQgZGUg -Q2VydGlmaWNhY2lvbiBGaXJtYXByb2Zlc2lvbmFsIENJRiBBNjI2MzQwNjgwggIi -MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDKlmuO6vj78aI14H9M2uDDUtd9 -thDIAl6zQyrET2qyyhxdKJp4ERppWVevtSBC5IsP5t9bpgOSL/UR5GLXMnE42QQM -cas9UX4PB99jBVzpv5RvwSmCwLTaUbDBPLutN0pcyvFLNg4kq7/DhHf9qFD0sefG -L9ItWY16Ck6WaVICqjaY7Pz6FIMMNx/Jkjd/14Et5cS54D40/mf0PmbR0/RAz15i -NA9wBj4gGFrO93IbJWyTdBSTo3OxDqqHECNZXyAFGUftaI6SEspd/NYrspI8IM/h -X68gvqB2f3bl7BqGYTM+53u0P6APjqK5am+5hyZvQWyIplD9amML9ZMWGxmPsu2b -m8mQ9QEM3xk9Dz44I8kvjwzRAv4bVdZO0I08r0+k8/6vKtMFnXkIoctXMbScyJCy -Z/QYFpM6/EfY0XiWMR+6KwxfXZmtY4laJCB22N/9q06mIqqdXuYnin1oKaPnirja -EbsXLZmdEyRG98Xi2J+Of8ePdG1asuhy9azuJBCtLxTa/y2aRnFHvkLfuwHb9H/T -KI8xWVvTyQKmtFLKbpf7Q8UIJm+K9Lv9nyiqDdVF8xM6HdjAeI9BZzwelGSuewvF -6NkBiDkal4ZkQdU7hwxu+g/GvUgUvzlN1J5Bto+WHWOWk9mVBngxaJ43BjuAiUVh -OSPHG0SjFeUc+JIwuwIDAQABo4HvMIHsMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYD -VR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRlzeurNR4APn7VdMActHNHDhpkLzCBpgYD -VR0gBIGeMIGbMIGYBgRVHSAAMIGPMC8GCCsGAQUFBwIBFiNodHRwOi8vd3d3LmZp -cm1hcHJvZmVzaW9uYWwuY29tL2NwczBcBggrBgEFBQcCAjBQHk4AUABhAHMAZQBv -ACAAZABlACAAbABhACAAQgBvAG4AYQBuAG8AdgBhACAANAA3ACAAQgBhAHIAYwBl -AGwAbwBuAGEAIAAwADgAMAAxADcwDQYJKoZIhvcNAQEFBQADggIBABd9oPm03cXF -661LJLWhAqvdpYhKsg9VSytXjDvlMd3+xDLx51tkljYyGOylMnfX40S2wBEqgLk9 -am58m9Ot/MPWo+ZkKXzR4Tgegiv/J2Wv+xYVxC5xhOW1//qkR71kMrv2JYSiJ0L1 -ILDCExARzRAVukKQKtJE4ZYm6zFIEv0q2skGz3QeqUvVhyj5eTSSPi5E6PaPT481 -PyWzOdxjKpBrIF/EUhJOlywqrJ2X3kjyo2bbwtKDlaZmp54lD+kLM5FlClrD2VQS -3a/DTg4fJl4N3LON7NWBcN7STyQF82xO9UxJZo3R/9ILJUFI/lGExkKvgATP0H5k -SeTy36LssUzAKh3ntLFlosS88Zj0qnAHY7S42jtM+kAiMFsRpvAFDsYCA0irhpuF -3dvd6qJ2gHN99ZwExEWN57kci57q13XRcrHedUTnQn3iV2t93Jm8PYMo6oCTjcVM -ZcFwgbg4/EMxsvYDNEeyrPsiBsse3RdHHF9mudMaotoRsaS8I8nkvof/uZS2+F0g -StRf571oe2XyFR7SOqkt6dhrJKyXWERHrVkY8SFlcN7ONGCoQPHzPKTDKCOM/icz -Q0CgFzzr6juwcqajuUpLXhZI9LK8yIySxZ2frHI2vDSANGupi5LAuBft7HZT9SQB -jLMi6Et8Vcad+qMUu2WFbm5PEn4KPJ2V ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDdzCCAl+gAwIBAgIEAgAAuTANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJ -RTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYD -VQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTAwMDUxMjE4NDYwMFoX -DTI1MDUxMjIzNTkwMFowWjELMAkGA1UEBhMCSUUxEjAQBgNVBAoTCUJhbHRpbW9y -ZTETMBEGA1UECxMKQ3liZXJUcnVzdDEiMCAGA1UEAxMZQmFsdGltb3JlIEN5YmVy -VHJ1c3QgUm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKMEuyKr -mD1X6CZymrV51Cni4eiVgLGw41uOKymaZN+hXe2wCQVt2yguzmKiYv60iNoS6zjr -IZ3AQSsBUnuId9Mcj8e6uYi1agnnc+gRQKfRzMpijS3ljwumUNKoUMMo6vWrJYeK -mpYcqWe4PwzV9/lSEy/CG9VwcPCPwBLKBsua4dnKM3p31vjsufFoREJIE9LAwqSu -XmD+tqYF/LTdB1kC1FkYmGP1pWPgkAx9XbIGevOF6uvUA65ehD5f/xXtabz5OTZy -dc93Uk3zyZAsuT3lySNTPx8kmCFcB5kpvcY67Oduhjprl3RjM71oGDHweI12v/ye -jl0qhqdNkNwnGjkCAwEAAaNFMEMwHQYDVR0OBBYEFOWdWTCCR1jMrPoIVDaGezq1 -BE3wMBIGA1UdEwEB/wQIMAYBAf8CAQMwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3 -DQEBBQUAA4IBAQCFDF2O5G9RaEIFoN27TyclhAO992T9Ldcw46QQF+vaKSm2eT92 -9hkTI7gQCvlYpNRhcL0EYWoSihfVCr3FvDB81ukMJY2GQE/szKN+OMY3EU/t3Wgx -jkzSswF07r51XgdIGn9w/xZchMB5hbgF/X++ZRGjD8ACtPhSNzkE1akxehi/oCr0 -Epn3o0WC4zxe9Z2etciefC7IpJ5OCBRLbf1wbWsaY71k5h+3zvDyny67G7fyUIhz -ksLi4xaNmjICq44Y3ekQEe5+NauQrz4wlHrQMz2nZQ/1/I6eYs9HRCwBXbsdtTLS -R9I4LtD+gdwyah617jzV/OeBHRnDJELqYzmp ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFWTCCA0GgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJOTzEd -MBsGA1UECgwUQnV5cGFzcyBBUy05ODMxNjMzMjcxIDAeBgNVBAMMF0J1eXBhc3Mg -Q2xhc3MgMiBSb290IENBMB4XDTEwMTAyNjA4MzgwM1oXDTQwMTAyNjA4MzgwM1ow -TjELMAkGA1UEBhMCTk8xHTAbBgNVBAoMFEJ1eXBhc3MgQVMtOTgzMTYzMzI3MSAw -HgYDVQQDDBdCdXlwYXNzIENsYXNzIDIgUm9vdCBDQTCCAiIwDQYJKoZIhvcNAQEB -BQADggIPADCCAgoCggIBANfHXvfBB9R3+0Mh9PT1aeTuMgHbo4Yf5FkNuud1g1Lr -6hxhFUi7HQfKjK6w3Jad6sNgkoaCKHOcVgb/S2TwDCo3SbXlzwx87vFKu3MwZfPV -L4O2fuPn9Z6rYPnT8Z2SdIrkHJasW4DptfQxh6NR/Md+oW+OU3fUl8FVM5I+GC91 -1K2GScuVr1QGbNgGE41b/+EmGVnAJLqBcXmQRFBoJJRfuLMR8SlBYaNByyM21cHx -MlAQTn/0hpPshNOOvEu/XAFOBz3cFIqUCqTqc/sLUegTBxj6DvEr0VQVfTzh97QZ -QmdiXnfgolXsttlpF9U6r0TtSsWe5HonfOV116rLJeffawrbD02TTqigzXsu8lkB -arcNuAeBfos4GzjmCleZPe4h6KP1DBbdi+w0jpwqHAAVF41og9JwnxgIzRFo1clr -Us3ERo/ctfPYV3Me6ZQ5BL/T3jjetFPsaRyifsSP5BtwrfKi+fv3FmRmaZ9JUaLi -FRhnBkp/1Wy1TbMz4GHrXb7pmA8y1x1LPC5aAVKRCfLf6o3YBkBjqhHk/sM3nhRS -P/TizPJhk9H9Z2vXUq6/aKtAQ6BXNVN48FP4YUIHZMbXb5tMOA1jrGKvNouicwoN -9SG9dKpN6nIDSdvHXx1iY8f93ZHsM+71bbRuMGjeyNYmsHVee7QHIJihdjK4TWxP -AgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFMmAd+BikoL1Rpzz -uvdMw964o605MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEAU18h -9bqwOlI5LJKwbADJ784g7wbylp7ppHR/ehb8t/W2+xUbP6umwHJdELFx7rxP462s -A20ucS6vxOOto70MEae0/0qyexAQH6dXQbLArvQsWdZHEIjzIVEpMMpghq9Gqx3t -OluwlN5E40EIosHsHdb9T7bWR9AUC8rmyrV7d35BH16Dx7aMOZawP5aBQW9gkOLo -+fsicdl9sz1Gv7SEr5AcD48Saq/v7h56rgJKihcrdv6sVIkkLE8/trKnToyokZf7 -KcZ7XC25y2a2t6hbElGFtQl+Ynhw/qlqYLYdDnkM/crqJIByw5c/8nerQyIKx+u2 -DISCLIBrQYoIwOula9+ZEsuK1V6ADJHgJgg2SMX6OBE1/yWDLfJ6v9r9jv6ly0Us -H8SIU653DtmadsWOLB2jutXsMq7Aqqz30XpN69QH4kj3Io6wpJ9qzo6ysmD0oyLQ -I+uUWnpp3Q+/QFesa1lQ2aOZ4W7+jQF5JyMV3pKdewlNWudLSDBaGOYKbeaP4NK7 -5t98biGCwWg5TbSYWGZizEqQXsP6JwSxeRV0mcy+rSDeJmAc61ZRpqPq5KM/p/9h -3PFaTWwyI0PurKju7koSCTxdccK+efrCh2gdC/1cacwG0Jp9VJkqyTkaGa9LKkPz -Y11aWOIv4x3kqdbQCtCev9eBCfHJxyYNrJgWVqA= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFWTCCA0GgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJOTzEd -MBsGA1UECgwUQnV5cGFzcyBBUy05ODMxNjMzMjcxIDAeBgNVBAMMF0J1eXBhc3Mg -Q2xhc3MgMyBSb290IENBMB4XDTEwMTAyNjA4Mjg1OFoXDTQwMTAyNjA4Mjg1OFow -TjELMAkGA1UEBhMCTk8xHTAbBgNVBAoMFEJ1eXBhc3MgQVMtOTgzMTYzMzI3MSAw -HgYDVQQDDBdCdXlwYXNzIENsYXNzIDMgUm9vdCBDQTCCAiIwDQYJKoZIhvcNAQEB -BQADggIPADCCAgoCggIBAKXaCpUWUOOV8l6ddjEGMnqb8RB2uACatVI2zSRHsJ8Y -ZLya9vrVediQYkwiL944PdbgqOkcLNt4EemOaFEVcsfzM4fkoF0LXOBXByow9c3E -N3coTRiR5r/VUv1xLXA+58bEiuPwKAv0dpihi4dVsjoT/Lc+JzeOIuOoTyrvYLs9 -tznDDgFHmV0ST9tD+leh7fmdvhFHJlsTmKtdFoqwNxxXnUX/iJY2v7vKB3tvh2PX -0DJq1l1sDPGzbjniazEuOQAnFN44wOwZZoYS6J1yFhNkUsepNxz9gjDthBgd9K5c -/3ATAOux9TN6S9ZV+AWNS2mw9bMoNlwUxFFzTWsL8TQH2xc519woe2v1n/MuwU8X -KhDzzMro6/1rqy6any2CbgTUUgGTLT2G/H783+9CHaZr77kgxve9oKeV/afmiSTY -zIw0bOIjL9kSGiG5VZFvC5F5GQytQIgLcOJ60g7YaEi7ghM5EFjp2CoHxhLbWNvS -O1UQRwUVZ2J+GGOmRj8JDlQyXr8NYnon74Do29lLBlo3WiXQCBJ31G8JUJc9yB3D -34xFMFbG02SrZvPAXpacw8Tvw3xrizp5f7NJzz3iiZ+gMEuFuZyUJHmPfWupRWgP -K9Dx2hzLabjKSWJtyNBjYt1gD1iqj6G8BaVmos8bdrKEZLFMOVLAMLrwjEsCsLa3 -AgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFEe4zf/lb+74suwv -Tg75JbCOPGvDMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEAACAj -QTUEkMJAYmDv4jVM1z+s4jSQuKFvdvoWFqRINyzpkMLyPPgKn9iB5btb2iUspKdV -cSQy9sgL8rxq+JOssgfCX5/bzMiKqr5qb+FJEMwx14C7u8jYog5kV+qi9cKpMRXS -IGrs/CIBKM+GuIAeqcwRpTzyFrNHnfzSgCHEy9BHcEGhyoMZCCxt8l13nIoUE9Q2 -HJLw5QY33KbmkJs4j1xrG0aGQ0JfPgEHU1RdZX33inOhmlRaHylDFCfChQ+1iHsa -O5S3HWCntZznKWlXWpuTekMwGwPXYshApqr8ZORK15FTAaggiG6cX0S5y2CBNOxv -033aSF/rtJC8LakcC6wc1aJoIIAE1vyxjy+7SjENSoYc6+I2KSb12tjE8nVhz36u -dmNKekBlk4f4HoCMhuWG1o8O/FMsYOgWYRqiPkN7zTlgVGr18okmAWiDSKIz6MkE -kbIRNBE+6tBDGR8Dk5AM/1E9V/RBbuHLoL7ryWPNbczk+DaqaJ3tvV2XcEQNtg41 -3OEMXbugUZTLfhbrES+jkkXITHHZvMmZUldGL1DPvTVp9D0VzgalLA8+9oG6lLvD -u79leNKGef9JOxqDDPDeeOzI8k1MGt6CKfjBWtrt7uYnXuhF0J0cUahoq0Tj0Itq -4/g7u9xN12TyUb7mqqta6THuBrxzvxNiCp/HuZc= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFaTCCA1GgAwIBAgIJAJK4iNuwisFjMA0GCSqGSIb3DQEBCwUAMFIxCzAJBgNV -BAYTAlNLMRMwEQYDVQQHEwpCcmF0aXNsYXZhMRMwEQYDVQQKEwpEaXNpZyBhLnMu -MRkwFwYDVQQDExBDQSBEaXNpZyBSb290IFIyMB4XDTEyMDcxOTA5MTUzMFoXDTQy -MDcxOTA5MTUzMFowUjELMAkGA1UEBhMCU0sxEzARBgNVBAcTCkJyYXRpc2xhdmEx -EzARBgNVBAoTCkRpc2lnIGEucy4xGTAXBgNVBAMTEENBIERpc2lnIFJvb3QgUjIw -ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCio8QACdaFXS1tFPbCw3Oe -NcJxVX6B+6tGUODBfEl45qt5WDza/3wcn9iXAng+a0EE6UG9vgMsRfYvZNSrXaNH -PWSb6WiaxswbP7q+sos0Ai6YVRn8jG+qX9pMzk0DIaPY0jSTVpbLTAwAFjxfGs3I -x2ymrdMxp7zo5eFm1tL7A7RBZckQrg4FY8aAamkw/dLukO8NJ9+flXP04SXabBbe -QTg06ov80egEFGEtQX6sx3dOy1FU+16SGBsEWmjGycT6txOgmLcRK7fWV8x8nhfR -yyX+hk4kLlYMeE2eARKmK6cBZW58Yh2EhN/qwGu1pSqVg8NTEQxzHQuyRpDRQjrO -QG6Vrf/GlK1ul4SOfW+eioANSW1z4nuSHsPzwfPrLgVv2RvPN3YEyLRa5Beny912 -H9AZdugsBbPWnDTYltxhh5EF5EQIM8HauQhl1K6yNg3ruji6DOWbnuuNZt2Zz9aJ -QfYEkoopKW1rOhzndX0CcQ7zwOe9yxndnWCywmZgtrEE7snmhrmaZkCo5xHtgUUD -i/ZnWejBBhG93c+AAk9lQHhcR1DIm+YfgXvkRKhbhZri3lrVx/k6RGZL5DJUfORs -nLMOPReisjQS1n6yqEm70XooQL6iFh/f5DcfEXP7kAplQ6INfPgGAVUzfbANuPT1 -rqVCV3w2EYx7XsQDnYx5nQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud -DwEB/wQEAwIBBjAdBgNVHQ4EFgQUtZn4r7CU9eMg1gqtzk5WpC5uQu0wDQYJKoZI -hvcNAQELBQADggIBACYGXnDnZTPIgm7ZnBc6G3pmsgH2eDtpXi/q/075KMOYKmFM -tCQSin1tERT3nLXK5ryeJ45MGcipvXrA1zYObYVybqjGom32+nNjf7xueQgcnYqf -GopTpti72TVVsRHFqQOzVju5hJMiXn7B9hJSi+osZ7z+Nkz1uM/Rs0mSO9MpDpkb -lvdhuDvEK7Z4bLQjb/D907JedR+Zlais9trhxTF7+9FGs9K8Z7RiVLoJ92Owk6Ka -+elSLotgEqv89WBW7xBci8QaQtyDW2QOy7W81k/BfDxujRNt+3vrMNDcTa/F1bal -TFtxyegxvug4BkihGuLq0t4SOVga/4AOgnXmt8kHbA7v/zjxmHHEt38OFdAlab0i -nSvtBfZGR6ztwPDUO+Ls7pZbkBNOHlY667DvlruWIxG68kOGdGSVyCh13x01utI3 -gzhTODY7z2zp+WsO0PsE6E9312UBeIYMej4hYvF/Y3EMyZ9E26gnonW+boE+18Dr -G5gPcFw0sorMwIUY6256s/daoQe/qUKS82Ail+QUoQebTnbAjn39pCXHR+3/H3Os -zMOl6W8KjptlwlCFtaOgUxLMVYdh84GuEEZhvUQhuMI9dM9+JDX6HAcOmz0iyu8x -L4ysEr3vQCj8KWefshNPZiTEUxnpHikV7+ZtsH8tZ/3zbBt1RqPlShfppNcL ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFjTCCA3WgAwIBAgIEGErM1jANBgkqhkiG9w0BAQsFADBWMQswCQYDVQQGEwJD -TjEwMC4GA1UECgwnQ2hpbmEgRmluYW5jaWFsIENlcnRpZmljYXRpb24gQXV0aG9y -aXR5MRUwEwYDVQQDDAxDRkNBIEVWIFJPT1QwHhcNMTIwODA4MDMwNzAxWhcNMjkx -MjMxMDMwNzAxWjBWMQswCQYDVQQGEwJDTjEwMC4GA1UECgwnQ2hpbmEgRmluYW5j -aWFsIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRUwEwYDVQQDDAxDRkNBIEVWIFJP -T1QwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDXXWvNED8fBVnVBU03 -sQ7smCuOFR36k0sXgiFxEFLXUWRwFsJVaU2OFW2fvwwbwuCjZ9YMrM8irq93VCpL -TIpTUnrD7i7es3ElweldPe6hL6P3KjzJIx1qqx2hp/Hz7KDVRM8Vz3IvHWOX6Jn5 -/ZOkVIBMUtRSqy5J35DNuF++P96hyk0g1CXohClTt7GIH//62pCfCqktQT+x8Rgp -7hZZLDRJGqgG16iI0gNyejLi6mhNbiyWZXvKWfry4t3uMCz7zEasxGPrb382KzRz -EpR/38wmnvFyXVBlWY9ps4deMm/DGIq1lY+wejfeWkU7xzbh72fROdOXW3NiGUgt -hxwG+3SYIElz8AXSG7Ggo7cbcNOIabla1jj0Ytwli3i/+Oh+uFzJlU9fpy25IGvP -a931DfSCt/SyZi4QKPaXWnuWFo8BGS1sbn85WAZkgwGDg8NNkt0yxoekN+kWzqot -aK8KgWU6cMGbrU1tVMoqLUuFG7OA5nBFDWteNfB/O7ic5ARwiRIlk9oKmSJgamNg -TnYGmE69g60dWIolhdLHZR4tjsbftsbhf4oEIRUpdPA+nJCdDC7xij5aqgwJHsfV -PKPtl8MeNPo4+QgO48BdK4PRVmrJtqhUUy54Mmc9gn900PvhtgVguXDbjgv5E1hv -cWAQUhC5wUEJ73IfZzF4/5YFjQIDAQABo2MwYTAfBgNVHSMEGDAWgBTj/i39KNAL -tbq2osS/BqoFjJP7LzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAd -BgNVHQ4EFgQU4/4t/SjQC7W6tqLEvwaqBYyT+y8wDQYJKoZIhvcNAQELBQADggIB -ACXGumvrh8vegjmWPfBEp2uEcwPenStPuiB/vHiyz5ewG5zz13ku9Ui20vsXiObT -ej/tUxPQ4i9qecsAIyjmHjdXNYmEwnZPNDatZ8POQQaIxffu2Bq41gt/UP+TqhdL -jOztUmCypAbqTuv0axn96/Ua4CUqmtzHQTb3yHQFhDmVOdYLO6Qn+gjYXB74BGBS -ESgoA//vU2YApUo0FmZ8/Qmkrp5nGm9BC2sGE5uPhnEFtC+NiWYzKXZUmhH4J/qy -P5Hgzg0b8zAarb8iXRvTvyUFTeGSGn+ZnzxEk8rUQElsgIfXBDrDMlI1Dlb4pd19 -xIsNER9Tyx6yF7Zod1rg1MvIB671Oi6ON7fQAUtDKXeMOZePglr4UeWJoBjnaH9d -Ci77o0cOPaYjesYBx4/IXr9tgFa+iiS6M+qf4TIRnvHST4D2G0CvOJ4RUHlzEhLN -5mydLIhyPDCBBpEi6lmt2hkuIsKNuYyH4Ga8cyNfIWRjgEj1oDwYPZTISEEdQLpe -/v5WOaHIz16eGWRGENoXkbcFgKyLmZJ956LYBws2J+dIeWCKw9cTXPhyQN9Ky8+Z -AAoACxGV2lZFA4gKn2fQ1XmxqI1AbQ3CekD6819kR5LLU7m7Wc5P/dAVUwHY3+vZ -5nbv0CO7O6l5s9UCKc2Jo5YPSjXnTkLAdc0Hz+Ys63su ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEHTCCAwWgAwIBAgIQToEtioJl4AsC7j41AkblPTANBgkqhkiG9w0BAQUFADCB -gTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G -A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxJzAlBgNV -BAMTHkNPTU9ETyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNjEyMDEwMDAw -MDBaFw0yOTEyMzEyMzU5NTlaMIGBMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3Jl -YXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFDT01P -RE8gQ0EgTGltaXRlZDEnMCUGA1UEAxMeQ09NT0RPIENlcnRpZmljYXRpb24gQXV0 -aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ECLi3LjkRv3 -UcEbVASY06m/weaKXTuH+7uIzg3jLz8GlvCiKVCZrts7oVewdFFxze1CkU1B/qnI -2GqGd0S7WWaXUF601CxwRM/aN5VCaTwwxHGzUvAhTaHYujl8HJ6jJJ3ygxaYqhZ8 -Q5sVW7euNJH+1GImGEaaP+vB+fGQV+useg2L23IwambV4EajcNxo2f8ESIl33rXp -+2dtQem8Ob0y2WIC8bGoPW43nOIv4tOiJovGuFVDiOEjPqXSJDlqR6sA1KGzqSX+ -DT+nHbrTUcELpNqsOO9VUCQFZUaTNE8tja3G1CEZ0o7KBWFxB3NH5YoZEr0ETc5O -nKVIrLsm9wIDAQABo4GOMIGLMB0GA1UdDgQWBBQLWOWLxkwVN6RAqTCpIb5HNlpW -/zAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBJBgNVHR8EQjBAMD6g -PKA6hjhodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9DZXJ0aWZpY2F0aW9u -QXV0aG9yaXR5LmNybDANBgkqhkiG9w0BAQUFAAOCAQEAPpiem/Yb6dc5t3iuHXIY -SdOH5EOC6z/JqvWote9VfCFSZfnVDeFs9D6Mk3ORLgLETgdxb8CPOGEIqB6BCsAv -IC9Bi5HcSEW88cbeunZrM8gALTFGTO3nnc+IlP8zwFboJIYmuNg4ON8qa90SzMc/ -RxdMosIGlgnW2/4/PEZB31jiVg88O8EckzXZOFKs7sjsLjBOlDW0JB9LeGna8gI4 -zJVSk/BwJVmcIGfE7vmLV2H0knZ9P4SNVbfo5azV8fUZVqZa+5Acr5Pr5RzUZ5dd -BA6+C4OmF4O5MBKgxTMVBbkN+8cFduPYSo38NBejxiEovjBFMR7HeL5YYTisO+IB -ZQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICiTCCAg+gAwIBAgIQH0evqmIAcFBUTAGem2OZKjAKBggqhkjOPQQDAzCBhTEL -MAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE -BxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMT -IkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDgwMzA2MDAw -MDAwWhcNMzgwMTE4MjM1OTU5WjCBhTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdy -ZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09N -T0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlv -biBBdXRob3JpdHkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQDR3svdcmCFYX7deSR -FtSrYpn1PlILBs5BAH+X4QokPB0BBO490o0JlwzgdeT6+3eKKvUDYEs2ixYjFq0J -cfRK9ChQtP6IHG4/bC8vCVlbpVsLM5niwz2J+Wos77LTBumjQjBAMB0GA1UdDgQW -BBR1cacZSBm8nZ3qQUfflMRId5nTeTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/ -BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjEA7wNbeqy3eApyt4jf/7VGFAkK+qDm -fQjGGoe9GKhzvSbKYAydzpmfz1wPMOG+FDHqAjAU9JM8SaczepBGR7NjfRObTrdv -GDeAU/7dIOA1mjbRxwG55tzd8/8dLDoWV9mSOdY= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF2DCCA8CgAwIBAgIQTKr5yttjb+Af907YWwOGnTANBgkqhkiG9w0BAQwFADCB -hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G -A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNV -BAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAwMTE5 -MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBhTELMAkGA1UEBhMCR0IxGzAZBgNVBAgT -EkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR -Q09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNh -dGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCR -6FSS0gpWsawNJN3Fz0RndJkrN6N9I3AAcbxT38T6KhKPS38QVr2fcHK3YX/JSw8X -pz3jsARh7v8Rl8f0hj4K+j5c+ZPmNHrZFGvnnLOFoIJ6dq9xkNfs/Q36nGz637CC -9BR++b7Epi9Pf5l/tfxnQ3K9DADWietrLNPtj5gcFKt+5eNu/Nio5JIk2kNrYrhV -/erBvGy2i/MOjZrkm2xpmfh4SDBF1a3hDTxFYPwyllEnvGfDyi62a+pGx8cgoLEf -Zd5ICLqkTqnyg0Y3hOvozIFIQ2dOciqbXL1MGyiKXCJ7tKuY2e7gUYPDCUZObT6Z -+pUX2nwzV0E8jVHtC7ZcryxjGt9XyD+86V3Em69FmeKjWiS0uqlWPc9vqv9JWL7w -qP/0uK3pN/u6uPQLOvnoQ0IeidiEyxPx2bvhiWC4jChWrBQdnArncevPDt09qZah -SL0896+1DSJMwBGB7FY79tOi4lu3sgQiUpWAk2nojkxl8ZEDLXB0AuqLZxUpaVIC -u9ffUGpVRr+goyhhf3DQw6KqLCGqR84onAZFdr+CGCe01a60y1Dma/RMhnEw6abf -Fobg2P9A3fvQQoh/ozM6LlweQRGBY84YcWsr7KaKtzFcOmpH4MN5WdYgGq/yapiq -crxXStJLnbsQ/LBMQeXtHT1eKJ2czL+zUdqnR+WEUwIDAQABo0IwQDAdBgNVHQ4E -FgQUu69+Aj36pvE8hI6t7jiY7NkyMtQwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB -/wQFMAMBAf8wDQYJKoZIhvcNAQEMBQADggIBAArx1UaEt65Ru2yyTUEUAJNMnMvl -wFTPoCWOAvn9sKIN9SCYPBMtrFaisNZ+EZLpLrqeLppysb0ZRGxhNaKatBYSaVqM -4dc+pBroLwP0rmEdEBsqpIt6xf4FpuHA1sj+nq6PK7o9mfjYcwlYRm6mnPTXJ9OV -2jeDchzTc+CiR5kDOF3VSXkAKRzH7JsgHAckaVd4sjn8OoSgtZx8jb8uk2Intzna -FxiuvTwJaP+EmzzV1gsD41eeFPfR60/IvYcjt7ZJQ3mFXLrrkguhxuhoqEwWsRqZ -CuhTLJK7oQkYdQxlqHvLI7cawiiFwxv/0Cti76R7CZGYZ4wUAc1oBmpjIXUDgIiK -boHGhfKppC3n9KUkEEeDys30jXlYsQab5xoq2Z0B15R97QNKyvDb6KkBPvVWmcke -jkk9u+UJueBPSZI9FoJAzMxZxuY67RIuaTxslbH9qh17f4a+Hg4yRvv7E491f0yL -S0Zj/gA0QHDBw7mh3aZw4gSzQbzpgJHqZJx64SIDqZxubw5lT2yHh17zbqD5daWb -QOhTsiedSrnAdyGN/4fy3ryM7xfft0kL0fJuMAsaDk527RH89elWsn2/x20Kk4yl -0MC2Hb46TpSi125sC8KKfPog88Tk5c0NqMuRkrF8hey1FGlmDoLnzc7ILaZRfyHB -NVOFBkpdn627G190 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEvTCCA6WgAwIBAgIBADANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJFVTEn -MCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQL -ExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEiMCAGA1UEAxMZQ2hhbWJlcnMg -b2YgQ29tbWVyY2UgUm9vdDAeFw0wMzA5MzAxNjEzNDNaFw0zNzA5MzAxNjEzNDRa -MH8xCzAJBgNVBAYTAkVVMScwJQYDVQQKEx5BQyBDYW1lcmZpcm1hIFNBIENJRiBB -ODI3NDMyODcxIzAhBgNVBAsTGmh0dHA6Ly93d3cuY2hhbWJlcnNpZ24ub3JnMSIw -IAYDVQQDExlDaGFtYmVycyBvZiBDb21tZXJjZSBSb290MIIBIDANBgkqhkiG9w0B -AQEFAAOCAQ0AMIIBCAKCAQEAtzZV5aVdGDDg2olUkfzIx1L4L1DZ77F1c2VHfRtb -unXF/KGIJPov7coISjlUxFF6tdpg6jg8gbLL8bvZkSM/SAFwdakFKq0fcfPJVD0d -BmpAPrMMhe5cG3nCYsS4No41XQEMIwRHNaqbYE6gZj3LJgqcQKH0XZi/caulAGgq -7YN6D6IUtdQis4CwPAxaUWktWBiP7Zme8a7ileb2R6jWDA+wWFjbw2Y3npuRVDM3 -0pQcakjJyfKl2qUMI/cjDpwyVV5xnIQFUZot/eZOKjRa3spAN2cMVCFVd9oKDMyX -roDclDZK9D7ONhMeU+SsTjoF7Nuucpw4i9A5O4kKPnf+dQIBA6OCAUQwggFAMBIG -A1UdEwEB/wQIMAYBAf8CAQwwPAYDVR0fBDUwMzAxoC+gLYYraHR0cDovL2NybC5j -aGFtYmVyc2lnbi5vcmcvY2hhbWJlcnNyb290LmNybDAdBgNVHQ4EFgQU45T1sU3p -26EpW1eLTXYGduHRooowDgYDVR0PAQH/BAQDAgEGMBEGCWCGSAGG+EIBAQQEAwIA -BzAnBgNVHREEIDAegRxjaGFtYmVyc3Jvb3RAY2hhbWJlcnNpZ24ub3JnMCcGA1Ud -EgQgMB6BHGNoYW1iZXJzcm9vdEBjaGFtYmVyc2lnbi5vcmcwWAYDVR0gBFEwTzBN -BgsrBgEEAYGHLgoDATA+MDwGCCsGAQUFBwIBFjBodHRwOi8vY3BzLmNoYW1iZXJz -aWduLm9yZy9jcHMvY2hhbWJlcnNyb290Lmh0bWwwDQYJKoZIhvcNAQEFBQADggEB -AAxBl8IahsAifJ/7kPMa0QOx7xP5IV8EnNrJpY0nbJaHkb5BkAFyk+cefV/2icZd -p0AJPaxJRUXcLo0waLIJuvvDL8y6C98/d3tGfToSJI6WjzwFCm/SlCgdbQzALogi -1djPHRPH8EjX1wWnz8dHnjs8NMiAT9QUu/wNUPf6s+xCX6ndbcj0dc97wXImsQEc -XCz9ek60AcUFV7nnPKoF2YjpB0ZBzu9Bga5Y34OirsrXdx/nADydb47kMgkdTXg0 -eDQ8lJsm7U9xxhl6vSAiSFr+S30Dt+dYvsYyTnQeaN2oaFuzPu5ifdmA6Ap1erfu -tGWaIZDgqtCYvDi1czyL+Nw= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIExTCCA62gAwIBAgIBADANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJFVTEn -MCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQL -ExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEgMB4GA1UEAxMXR2xvYmFsIENo -YW1iZXJzaWduIFJvb3QwHhcNMDMwOTMwMTYxNDE4WhcNMzcwOTMwMTYxNDE4WjB9 -MQswCQYDVQQGEwJFVTEnMCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgy -NzQzMjg3MSMwIQYDVQQLExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEgMB4G -A1UEAxMXR2xvYmFsIENoYW1iZXJzaWduIFJvb3QwggEgMA0GCSqGSIb3DQEBAQUA -A4IBDQAwggEIAoIBAQCicKLQn0KuWxfH2H3PFIP8T8mhtxOviteePgQKkotgVvq0 -Mi+ITaFgCPS3CU6gSS9J1tPfnZdan5QEcOw/Wdm3zGaLmFIoCQLfxS+EjXqXd7/s -QJ0lcqu1PzKY+7e3/HKE5TWH+VX6ox8Oby4o3Wmg2UIQxvi1RMLQQ3/bvOSiPGpV -eAp3qdjqGTK3L/5cPxvusZjsyq16aUXjlg9V9ubtdepl6DJWk0aJqCWKZQbua795 -B9Dxt6/tLE2Su8CoX6dnfQTyFQhwrJLWfQTSM/tMtgsL+xrJxI0DqX5c8lCrEqWh -z0hQpe/SyBoT+rB/sYIcd2oPX9wLlY/vQ37mRQklAgEDo4IBUDCCAUwwEgYDVR0T -AQH/BAgwBgEB/wIBDDA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vY3JsLmNoYW1i -ZXJzaWduLm9yZy9jaGFtYmVyc2lnbnJvb3QuY3JsMB0GA1UdDgQWBBRDnDafsJ4w -TcbOX60Qq+UDpfqpFDAOBgNVHQ8BAf8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgAH -MCoGA1UdEQQjMCGBH2NoYW1iZXJzaWducm9vdEBjaGFtYmVyc2lnbi5vcmcwKgYD -VR0SBCMwIYEfY2hhbWJlcnNpZ25yb290QGNoYW1iZXJzaWduLm9yZzBbBgNVHSAE -VDBSMFAGCysGAQQBgYcuCgEBMEEwPwYIKwYBBQUHAgEWM2h0dHA6Ly9jcHMuY2hh -bWJlcnNpZ24ub3JnL2Nwcy9jaGFtYmVyc2lnbnJvb3QuaHRtbDANBgkqhkiG9w0B -AQUFAAOCAQEAPDtwkfkEVCeR4e3t/mh/YV3lQWVPMvEYBZRqHN4fcNs+ezICNLUM -bKGKfKX0j//U2K0X1S0E0T9YgOKBWYi+wONGkyT+kL0mojAt6JcmVzWJdJYY9hXi -ryQZVgICsroPFOrGimbBhkVVi76SvpykBMdJPJ7oKXqJ1/6v/2j1pReQvayZzKWG -VwlnRtvWFsJG8eSpUPWP0ZIV018+xgBJOm5YstHRJw0lyDL4IBHNfTIzSJRUTN3c -ecQwn+uOuFW114hcxWokPbLTBQNRxgfvzBRydD1ucs4YKIxKoHflCStFREest2d/ -AYoFWpO+ocH/+OcOZ6RHSXZddZAa9SaP8A== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDqDCCApCgAwIBAgIJAP7c4wEPyUj/MA0GCSqGSIb3DQEBBQUAMDQxCzAJBgNV -BAYTAkZSMRIwEAYDVQQKDAlEaGlteW90aXMxETAPBgNVBAMMCENlcnRpZ25hMB4X -DTA3MDYyOTE1MTMwNVoXDTI3MDYyOTE1MTMwNVowNDELMAkGA1UEBhMCRlIxEjAQ -BgNVBAoMCURoaW15b3RpczERMA8GA1UEAwwIQ2VydGlnbmEwggEiMA0GCSqGSIb3 -DQEBAQUAA4IBDwAwggEKAoIBAQDIaPHJ1tazNHUmgh7stL7qXOEm7RFHYeGifBZ4 -QCHkYJ5ayGPhxLGWkv8YbWkj4Sti993iNi+RB7lIzw7sebYs5zRLcAglozyHGxny -gQcPOJAZ0xH+hrTy0V4eHpbNgGzOOzGTtvKg0KmVEn2lmsxryIRWijOp5yIVUxbw -zBfsV1/pogqYCd7jX5xv3EjjhQsVWqa6n6xI4wmy9/Qy3l40vhx4XUJbzg4ij02Q -130yGLMLLGq/jj8UEYkgDncUtT2UCIf3JR7VsmAA7G8qKCVuKj4YYxclPz5EIBb2 -JsglrgVKtOdjLPOMFlN+XPsRGgjBRmKfIrjxwo1p3Po6WAbfAgMBAAGjgbwwgbkw -DwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUGu3+QTmQtCRZvgHyUtVF9lo53BEw -ZAYDVR0jBF0wW4AUGu3+QTmQtCRZvgHyUtVF9lo53BGhOKQ2MDQxCzAJBgNVBAYT -AkZSMRIwEAYDVQQKDAlEaGlteW90aXMxETAPBgNVBAMMCENlcnRpZ25hggkA/tzj -AQ/JSP8wDgYDVR0PAQH/BAQDAgEGMBEGCWCGSAGG+EIBAQQEAwIABzANBgkqhkiG -9w0BAQUFAAOCAQEAhQMeknH2Qq/ho2Ge6/PAD/Kl1NqV5ta+aDY9fm4fTIrv0Q8h -bV6lUmPOEvjvKtpv6zf+EwLHyzs+ImvaYS5/1HI93TDhHkxAGYwP15zRgzB7mFnc -fca5DClMoTOi62c6ZYTTluLtdkVwj7Ur3vkj1kluPBS1xp81HlDQwY9qcEQCYsuu -HWhBp6pX6FOqB9IG9tUUBguRA3UsbHK1YZWaDYu5Def131TN3ubY1gkIl2PlwS6w -t0QmwCbAr1UwnjvVNioZBPRcHv/PLLf/0P2HQBHVESO7SMAhqaQoLf0V+LBOK/Qw -WyH8EZE0vkHve52Xdf+XlcCWWC/qu0bXu+TZLg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFkjCCA3qgAwIBAgIBATANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJGUjET -MBEGA1UEChMKQ2VydGlub21pczEXMBUGA1UECxMOMDAwMiA0MzM5OTg5MDMxHTAb -BgNVBAMTFENlcnRpbm9taXMgLSBSb290IENBMB4XDTEzMTAyMTA5MTcxOFoXDTMz -MTAyMTA5MTcxOFowWjELMAkGA1UEBhMCRlIxEzARBgNVBAoTCkNlcnRpbm9taXMx -FzAVBgNVBAsTDjAwMDIgNDMzOTk4OTAzMR0wGwYDVQQDExRDZXJ0aW5vbWlzIC0g -Um9vdCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANTMCQosP5L2 -fxSeC5yaah1AMGT9qt8OHgZbn1CF6s2Nq0Nn3rD6foCWnoR4kkjW4znuzuRZWJfl -LieY6pOod5tK8O90gC3rMB+12ceAnGInkYjwSond3IjmFPnVAy//ldu9n+ws+hQV -WZUKxkd8aRi5pwP5ynapz8dvtF4F/u7BUrJ1Mofs7SlmO/NKFoL21prbcpjp3vDF -TKWrteoB4owuZH9kb/2jJZOLyKIOSY008B/sWEUuNKqEUL3nskoTuLAPrjhdsKkb -5nPJWqHZZkCqqU2mNAKthH6yI8H7KsZn9DS2sJVqM09xRLWtwHkziOC/7aOgFLSc -CbAK42C++PhmiM1b8XcF4LVzbsF9Ri6OSyemzTUK/eVNfaoqoynHWmgE6OXWk6Ri -wsXm9E/G+Z8ajYJJGYrKWUM66A0ywfRMEwNvbqY/kXPLynNvEiCL7sCCeN5LLsJJ -wx3tFvYk9CcbXFcx3FXuqB5vbKziRcxXV4p1VxngtViZSTYxPDMBbRZKzbgqg4SG -m/lg0h9tkQPTYKbVPZrdd5A9NaSfD171UkRpucC63M9933zZxKyGIjK8e2uR73r4 -F2iw4lNVYC2vPsKD2NkJK/DAZNuHi5HMkesE/Xa0lZrmFAYb1TQdvtj/dBxThZng -WVJKYe2InmtJiUZ+IFrZ50rlau7SZRFDAgMBAAGjYzBhMA4GA1UdDwEB/wQEAwIB -BjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTvkUz1pcMw6C8I6tNxIqSSaHh0 -2TAfBgNVHSMEGDAWgBTvkUz1pcMw6C8I6tNxIqSSaHh02TANBgkqhkiG9w0BAQsF -AAOCAgEAfj1U2iJdGlg+O1QnurrMyOMaauo++RLrVl89UM7g6kgmJs95Vn6RHJk/ -0KGRHCwPT5iVWVO90CLYiF2cN/z7ZMF4jIuaYAnq1fohX9B0ZedQxb8uuQsLrbWw -F6YSjNRieOpWauwK0kDDPAUwPk2Ut59KA9N9J0u2/kTO+hkzGm2kQtHdzMjI1xZS -g081lLMSVX3l4kLr5JyTCcBMWwerx20RoFAXlCOotQqSD7J6wWAsOMwaplv/8gzj -qh8c3LigkyfeY+N/IZ865Z764BNqdeuWXGKRlI5nU7aJ+BIJy29SWwNyhlCVCNSN -h4YVH5Uk2KRvms6knZtt0rJ2BobGVgjF6wnaNsIbW0G+YSrjcOa4pvi2WsS9Iff/ -ql+hbHY5ZtbqTFXhADObE5hjyW/QASAJN1LnDE8+zbz1X5YnpyACleAu6AdBBR8V -btaw5BngDwKTACdyxYvRVB9dSsNAl35VpnzBMwQUAR1JIGkLGZOdblgi90AMRgwj -Y/M50n92Uaf0yKHxDHYiI0ZSKS3io0EHVmmY0gUJvGnHWmHNj4FgFU2A3ZDifcRQ -8ow7bkrHxuaAKzyBvBGAFhAn1/DNP3nMcyrDflOR1m749fPH0FFNjkulW+YZFzvW -gQncItzujrnEj1PhZ7szuIgVRs/taTX/dQ1G885x4cVrhkIGuUE= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDkjCCAnqgAwIBAgIRAIW9S/PY2uNp9pTXX8OlRCMwDQYJKoZIhvcNAQEFBQAw -PTELMAkGA1UEBhMCRlIxETAPBgNVBAoTCENlcnRwbHVzMRswGQYDVQQDExJDbGFz -cyAyIFByaW1hcnkgQ0EwHhcNOTkwNzA3MTcwNTAwWhcNMTkwNzA2MjM1OTU5WjA9 -MQswCQYDVQQGEwJGUjERMA8GA1UEChMIQ2VydHBsdXMxGzAZBgNVBAMTEkNsYXNz -IDIgUHJpbWFyeSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANxQ -ltAS+DXSCHh6tlJw/W/uz7kRy1134ezpfgSN1sxvc0NXYKwzCkTsA18cgCSR5aiR -VhKC9+Ar9NuuYS6JEI1rbLqzAr3VNsVINyPi8Fo3UjMXEuLRYE2+L0ER4/YXJQyL -kcAbmXuZVg2v7tK8R1fjeUl7NIknJITesezpWE7+Tt9avkGtrAjFGA7v0lPubNCd -EgETjdyAYveVqUSISnFOYFWe2yMZeVYHDD9jC1yw4r5+FfyUM1hBOHTE4Y+L3yas -H7WLO7dDWWuwJKZtkIvEcupdM5i3y95ee++U8Rs+yskhwcWYAqqi9lt3m/V+llU0 -HGdpwPFC40es/CgcZlUCAwEAAaOBjDCBiTAPBgNVHRMECDAGAQH/AgEKMAsGA1Ud -DwQEAwIBBjAdBgNVHQ4EFgQU43Mt38sOKAze3bOkynm4jrvoMIkwEQYJYIZIAYb4 -QgEBBAQDAgEGMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly93d3cuY2VydHBsdXMu -Y29tL0NSTC9jbGFzczIuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQCnVM+IRBnL39R/ -AN9WM2K191EBkOvDP9GIROkkXe/nFL0gt5o8AP5tn9uQ3Nf0YtaLcF3n5QRIqWh8 -yfFC82x/xXp8HVGIutIKPidd3i1RTtMTZGnkLuPT55sJmabglZvOGtd/vjzOUrMR -FcEPF80Du5wlFbqidon8BvEY0JNLDnyCt6X09l/+7UCmnYR0ObncHoUW2ikbhiMA -ybuJfm6AiB4vFLQDJKgybwOaRywwvlbGp0ICcBvqQNi6BQNwB6SW//1IMwrh3KWB -kJtN3X3n57LNXMhqlfil9o3EXXgIvnsG1knPGTZQIy4I5p4FTUcY1Rbpsda2ENW7 -l7+ijrRU ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFazCCA1OgAwIBAgISESBVg+QtPlRWhS2DN7cs3EYRMA0GCSqGSIb3DQEBDQUA -MD4xCzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2Vy -dHBsdXMgUm9vdCBDQSBHMTAeFw0xNDA1MjYwMDAwMDBaFw0zODAxMTUwMDAwMDBa -MD4xCzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2Vy -dHBsdXMgUm9vdCBDQSBHMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB -ANpQh7bauKk+nWT6VjOaVj0W5QOVsjQcmm1iBdTYj+eJZJ+622SLZOZ5KmHNr49a -iZFluVj8tANfkT8tEBXgfs+8/H9DZ6itXjYj2JizTfNDnjl8KvzsiNWI7nC9hRYt -6kuJPKNxQv4c/dMcLRC4hlTqQ7jbxofaqK6AJc96Jh2qkbBIb6613p7Y1/oA/caP -0FG7Yn2ksYyy/yARujVjBYZHYEMzkPZHogNPlk2dT8Hq6pyi/jQu3rfKG3akt62f -6ajUeD94/vI4CTYd0hYCyOwqaK/1jpTvLRN6HkJKHRUxrgwEV/xhc/MxVoYxgKDE -EW4wduOU8F8ExKyHcomYxZ3MVwia9Az8fXoFOvpHgDm2z4QTd28n6v+WZxcIbekN -1iNQMLAVdBM+5S//Ds3EC0pd8NgAM0lm66EYfFkuPSi5YXHLtaW6uOrc4nBvCGrc -h2c0798wct3zyT8j/zXhviEpIDCB5BmlIOklynMxdCm+4kLV87ImZsdo/Rmz5yCT -mehd4F6H50boJZwKKSTUzViGUkAksnsPmBIgJPaQbEfIDbsYIC7Z/fyL8inqh3SV -4EJQeIQEQWGw9CEjjy3LKCHyamz0GqbFFLQ3ZU+V/YDI+HLlJWvEYLF7bY5KinPO -WftwenMGE9nTdDckQQoRb5fc5+R+ob0V8rqHDz1oihYHAgMBAAGjYzBhMA4GA1Ud -DwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSowcCbkahDFXxd -Bie0KlHYlwuBsTAfBgNVHSMEGDAWgBSowcCbkahDFXxdBie0KlHYlwuBsTANBgkq -hkiG9w0BAQ0FAAOCAgEAnFZvAX7RvUz1isbwJh/k4DgYzDLDKTudQSk0YcbX8ACh -66Ryj5QXvBMsdbRX7gp8CXrc1cqh0DQT+Hern+X+2B50ioUHj3/MeXrKls3N/U/7 -/SMNkPX0XtPGYX2eEeAC7gkE2Qfdpoq3DIMku4NQkv5gdRE+2J2winq14J2by5BS -S7CTKtQ+FjPlnsZlFT5kOwQ/2wyPX1wdaR+v8+khjPPvl/aatxm2hHSco1S1cE5j -2FddUyGbQJJD+tZ3VTNPZNX70Cxqjm0lpu+F6ALEUz65noe8zDUa3qHpimOHZR4R -Kttjd5cUvpoUmRGywO6wT/gUITJDT5+rosuoD6o7BlXGEilXCNQ314cnrUlZp5Gr -RHpejXDbl85IULFzk/bwg2D5zfHhMf1bfHEhYxQUqq/F3pN+aLHsIqKqkHWetUNy -6mSjhEv9DKgma3GX7lZjZuhCVPnHHd/Qj1vfyDBviP4NxDMcU6ij/UgQ8uQKTuEV -V/xuZDDCVRHc6qnNSlSsKWNEz0pAoNZoWRsz+e86i9sgktxChL8Bq4fA1SCC28a5 -g4VCXA9DO2pJNdWY9BW/+mGBDAkgGNLQFwzLSABQ6XaCjGTXOqAHVcweMcDvOrRl -++O/QmueD6i9a5jc2NvLi6Td11n0bt3+qsOR0C5CB8AMTVPNJLFMWx5R9N/pkvo= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICHDCCAaKgAwIBAgISESDZkc6uo+jF5//pAq/Pc7xVMAoGCCqGSM49BAMDMD4x -CzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2VydHBs -dXMgUm9vdCBDQSBHMjAeFw0xNDA1MjYwMDAwMDBaFw0zODAxMTUwMDAwMDBaMD4x -CzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2VydHBs -dXMgUm9vdCBDQSBHMjB2MBAGByqGSM49AgEGBSuBBAAiA2IABM0PW1aC3/BFGtat -93nwHcmsltaeTpwftEIRyoa/bfuFo8XlGVzX7qY/aWfYeOKmycTbLXku54uNAm8x -Ik0G42ByRZ0OQneezs/lf4WbGOT8zC5y0xaTTsqZY1yhBSpsBqNjMGEwDgYDVR0P -AQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNqDYwJ5jtpMxjwj -FNiPwyCrKGBZMB8GA1UdIwQYMBaAFNqDYwJ5jtpMxjwjFNiPwyCrKGBZMAoGCCqG -SM49BAMDA2gAMGUCMHD+sAvZ94OX7PNVHdTcswYO/jOYnYs5kGuUIe22113WTNch -p+e/IQ8rzfcq3IUHnQIxAIYUFuXcsGXCwI4Un78kFmjlvPl5adytRSv3tjFzzAal -U5ORGpOucGpnutee5WEaXw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDDDCCAfSgAwIBAgIDAQAgMA0GCSqGSIb3DQEBBQUAMD4xCzAJBgNVBAYTAlBM -MRswGQYDVQQKExJVbml6ZXRvIFNwLiB6IG8uby4xEjAQBgNVBAMTCUNlcnR1bSBD -QTAeFw0wMjA2MTExMDQ2MzlaFw0yNzA2MTExMDQ2MzlaMD4xCzAJBgNVBAYTAlBM -MRswGQYDVQQKExJVbml6ZXRvIFNwLiB6IG8uby4xEjAQBgNVBAMTCUNlcnR1bSBD -QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM6xwS7TT3zNJc4YPk/E -jG+AanPIW1H4m9LcuwBcsaD8dQPugfCI7iNS6eYVM42sLQnFdvkrOYCJ5JdLkKWo -ePhzQ3ukYbDYWMzhbGZ+nPMJXlVjhNWo7/OxLjBos8Q82KxujZlakE403Daaj4GI -ULdtlkIJ89eVgw1BS7Bqa/j8D35in2fE7SZfECYPCE/wpFcozo+47UX2bu4lXapu -Ob7kky/ZR6By6/qmW6/KUz/iDsaWVhFu9+lmqSbYf5VT7QqFiLpPKaVCjF62/IUg -AKpoC6EahQGcxEZjgoi2IrHu/qpGWX7PNSzVttpd90gzFFS269lvzs2I1qsb2pY7 -HVkCAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEA -uI3O7+cUus/usESSbLQ5PqKEbq24IXfS1HeCh+YgQYHu4vgRt2PRFze+GXYkHAQa -TOs9qmdvLdTN/mUxcMUbpgIKumB7bVjCmkn+YzILa+M6wKyrO7Do0wlRjBCDxjTg -xSvgGrZgFCdsMneMvLJymM/NzD+5yCRCFNZX/OYmQ6kd5YCQzgNUKD73P9P4Te1q -CjqTE5s7FCMTY5w/0YcneeVMUeMBrYVdGjux1XMQpNPyvG5k9VpWkKjHDkx0Dy5x -O/fIR/RpbxXyEV6DHpx8Uq79AtoSqFlnGNu8cN2bsWntgM6JQEhqDjXKKWYVIZQs -6GAqm4VKQPNriiTsBhYscw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDuzCCAqOgAwIBAgIDBETAMA0GCSqGSIb3DQEBBQUAMH4xCzAJBgNVBAYTAlBM -MSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2llcyBTLkEuMScwJQYDVQQLEx5D -ZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxIjAgBgNVBAMTGUNlcnR1bSBU -cnVzdGVkIE5ldHdvcmsgQ0EwHhcNMDgxMDIyMTIwNzM3WhcNMjkxMjMxMTIwNzM3 -WjB+MQswCQYDVQQGEwJQTDEiMCAGA1UEChMZVW5pemV0byBUZWNobm9sb2dpZXMg -Uy5BLjEnMCUGA1UECxMeQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MSIw -IAYDVQQDExlDZXJ0dW0gVHJ1c3RlZCBOZXR3b3JrIENBMIIBIjANBgkqhkiG9w0B -AQEFAAOCAQ8AMIIBCgKCAQEA4/t9o3K6wvDJFIf1awFO4W5AB7ptJ11/91sts1rH -UV+rpDKmYYe2bg+G0jACl/jXaVehGDldamR5xgFZrDwxSjh80gTSSyjoIF87B6LM -TXPb865Px1bVWqeWifrzq2jUI4ZZJ88JJ7ysbnKDHDBy3+Ci6dLhdHUZvSqeexVU -BBvXQzmtVSjF4hq79MDkrjhJM8x2hZ85RdKknvISjFH4fOQtf/WsX+sWn7Et0brM -kUJ3TCXJkDhv2/DM+44el1k+1WBO5gUo7Ul5E0u6SNsv+XLTOcr+H9g0cvW0QM8x -AcPs3hEtF10fuFDRXhmnad4HMyjKUJX5p1TLVIZQRan5SQIDAQABo0IwQDAPBgNV -HRMBAf8EBTADAQH/MB0GA1UdDgQWBBQIds3LB/8k9sXN7buQvOKEN0Z19zAOBgNV -HQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQEFBQADggEBAKaorSLOAT2mo/9i0Eidi15y -sHhE49wcrwn9I0j6vSrEuVUEtRCjjSfeC4Jj0O7eDDd5QVsisrCaQVymcODU0HfL -I9MA4GxWL+FpDQ3Zqr8hgVDZBqWo/5U30Kr+4rP1mS1FhIrlQgnXdAIv94nYmem8 -J9RHjboNRhx3zxSkHLmkMcScKHQDNP8zGSal6Q10tz6XxnboJ5ajZt3hrvJBW8qY -VoNzcOSGGtIxQbovvi0TWnZvTuhOgQ4/WwMioBK+ZlgRSssDxLQqKi2WF+A5VLxI -03YnnZotBqbJ7DnSq9ufmgsnAjUpsUCV5/nonFWIGUbWtzT1fs45mtk48VH3Tyw= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF0jCCA7qgAwIBAgIQIdbQSk8lD8kyN/yqXhKN6TANBgkqhkiG9w0BAQ0FADCB -gDELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMu -QS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEkMCIG -A1UEAxMbQ2VydHVtIFRydXN0ZWQgTmV0d29yayBDQSAyMCIYDzIwMTExMDA2MDgz -OTU2WhgPMjA0NjEwMDYwODM5NTZaMIGAMQswCQYDVQQGEwJQTDEiMCAGA1UEChMZ -VW5pemV0byBUZWNobm9sb2dpZXMgUy5BLjEnMCUGA1UECxMeQ2VydHVtIENlcnRp -ZmljYXRpb24gQXV0aG9yaXR5MSQwIgYDVQQDExtDZXJ0dW0gVHJ1c3RlZCBOZXR3 -b3JrIENBIDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC9+Xj45tWA -DGSdhhuWZGc/IjoedQF97/tcZ4zJzFxrqZHmuULlIEub2pt7uZld2ZuAS9eEQCsn -0+i6MLs+CRqnSZXvK0AkwpfHp+6bJe+oCgCXhVqqndwpyeI1B+twTUrWwbNWuKFB -OJvR+zF/j+Bf4bE/D44WSWDXBo0Y+aomEKsq09DRZ40bRr5HMNUuctHFY9rnY3lE -fktjJImGLjQ/KUxSiyqnwOKRKIm5wFv5HdnnJ63/mgKXwcZQkpsCLL2puTRZCr+E -Sv/f/rOf69me4Jgj7KZrdxYq28ytOxykh9xGc14ZYmhFV+SQgkK7QtbwYeDBoz1m -o130GO6IyY0XRSmZMnUCMe4pJshrAua1YkV/NxVaI2iJ1D7eTiew8EAMvE0Xy02i -sx7QBlrd9pPPV3WZ9fqGGmd4s7+W/jTcvedSVuWz5XV710GRBdxdaeOVDUO5/IOW -OZV7bIBaTxNyxtd9KXpEulKkKtVBRgkg/iKgtlswjbyJDNXXcPiHUv3a76xRLgez -Tv7QCdpw75j6VuZt27VXS9zlLCUVyJ4ueE742pyehizKV/Ma5ciSixqClnrDvFAS -adgOWkaLOusm+iPJtrCBvkIApPjW/jAux9JG9uWOdf3yzLnQh1vMBhBgu4M1t15n -3kfsmUjxpKEV/q2MYo45VU85FrmxY53/twIDAQABo0IwQDAPBgNVHRMBAf8EBTAD -AQH/MB0GA1UdDgQWBBS2oVQ5AsOgP46KvPrU+Bym0ToO/TAOBgNVHQ8BAf8EBAMC -AQYwDQYJKoZIhvcNAQENBQADggIBAHGlDs7k6b8/ONWJWsQCYftMxRQXLYtPU2sQ -F/xlhMcQSZDe28cmk4gmb3DWAl45oPePq5a1pRNcgRRtDoGCERuKTsZPpd1iHkTf -CVn0W3cLN+mLIMb4Ck4uWBzrM9DPhmDJ2vuAL55MYIR4PSFk1vtBHxgP58l1cb29 -XN40hz5BsA72udY/CROWFC/emh1auVbONTqwX3BNXuMp8SMoclm2q8KMZiYcdywm -djWLKKdpoPk79SPdhRB0yZADVpHnr7pH1BKXESLjokmUbOe3lEu6LaTaM4tMpkT/ -WjzGHWTYtTHkpjx6qFcL2+1hGsvxznN3Y6SHb0xRONbkX8eftoEq5IVIeVheO/jb -AoJnwTnbw3RLPTYe+SmTiGhbqEQZIfCn6IENLOiTNrQ3ssqwGyZ6miUfmpqAnksq -P/ujmv5zMnHCnsZy4YpoJ/HkD7TETKVhk/iXEAcqMCWpuchxuO9ozC1+9eB+D4Ko -b7a6bINDd82Kkhehnlt4Fj1F4jNy3eFmypnTycUm/Q1oBEauttmbjL4ZvrHG8hnj -XALKLNhvSgfZyTXaQHXyxKcZb55CEJh15pWLYLztxRLXis7VmFxWlgPF7ncGNf/P -5O4/E2Hu29othfDNrp2yGAlFw5Khchf8R7agCyzxxN5DaAhqXzvwdmP7zAYspsbi -DrW5viSP ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIHTzCCBTegAwIBAgIJAKPaQn6ksa7aMA0GCSqGSIb3DQEBBQUAMIGuMQswCQYD -VQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0 -IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAGA1UEBRMJQTgyNzQzMjg3 -MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xKTAnBgNVBAMTIENoYW1iZXJz -IG9mIENvbW1lcmNlIFJvb3QgLSAyMDA4MB4XDTA4MDgwMTEyMjk1MFoXDTM4MDcz -MTEyMjk1MFowga4xCzAJBgNVBAYTAkVVMUMwQQYDVQQHEzpNYWRyaWQgKHNlZSBj -dXJyZW50IGFkZHJlc3MgYXQgd3d3LmNhbWVyZmlybWEuY29tL2FkZHJlc3MpMRIw -EAYDVQQFEwlBODI3NDMyODcxGzAZBgNVBAoTEkFDIENhbWVyZmlybWEgUy5BLjEp -MCcGA1UEAxMgQ2hhbWJlcnMgb2YgQ29tbWVyY2UgUm9vdCAtIDIwMDgwggIiMA0G -CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCvAMtwNyuAWko6bHiUfaN/Gh/2NdW9 -28sNRHI+JrKQUrpjOyhYb6WzbZSm891kDFX29ufyIiKAXuFixrYp4YFs8r/lfTJq -VKAyGVn+H4vXPWCGhSRv4xGzdz4gljUha7MI2XAuZPeEklPWDrCQiorjh40G072Q -DuKZoRuGDtqaCrsLYVAGUvGef3bsyw/QHg3PmTA9HMRFEFis1tPo1+XqxQEHd9ZR -5gN/ikilTWh1uem8nk4ZcfUyS5xtYBkL+8ydddy/Js2Pk3g5eXNeJQ7KXOt3EgfL -ZEFHcpOrUMPrCXZkNNI5t3YRCQ12RcSprj1qr7V9ZS+UWBDsXHyvfuK2GNnQm05a -Sd+pZgvMPMZ4fKecHePOjlO+Bd5gD2vlGts/4+EhySnB8esHnFIbAURRPHsl18Tl -UlRdJQfKFiC4reRB7noI/plvg6aRArBsNlVq5331lubKgdaX8ZSD6e2wsWsSaR6s -+12pxZjptFtYer49okQ6Y1nUCyXeG0+95QGezdIp1Z8XGQpvvwyQ0wlf2eOKNcx5 -Wk0ZN5K3xMGtr/R5JJqyAQuxr1yW84Ay+1w9mPGgP0revq+ULtlVmhduYJ1jbLhj -ya6BXBg14JC7vjxPNyK5fuvPnnchpj04gftI2jE9K+OJ9dC1vX7gUMQSibMjmhAx -hduub+84Mxh2EQIDAQABo4IBbDCCAWgwEgYDVR0TAQH/BAgwBgEB/wIBDDAdBgNV -HQ4EFgQU+SSsD7K1+HnA+mCIG8TZTQKeFxkwgeMGA1UdIwSB2zCB2IAU+SSsD7K1 -+HnA+mCIG8TZTQKeFxmhgbSkgbEwga4xCzAJBgNVBAYTAkVVMUMwQQYDVQQHEzpN -YWRyaWQgKHNlZSBjdXJyZW50IGFkZHJlc3MgYXQgd3d3LmNhbWVyZmlybWEuY29t -L2FkZHJlc3MpMRIwEAYDVQQFEwlBODI3NDMyODcxGzAZBgNVBAoTEkFDIENhbWVy -ZmlybWEgUy5BLjEpMCcGA1UEAxMgQ2hhbWJlcnMgb2YgQ29tbWVyY2UgUm9vdCAt -IDIwMDiCCQCj2kJ+pLGu2jAOBgNVHQ8BAf8EBAMCAQYwPQYDVR0gBDYwNDAyBgRV -HSAAMCowKAYIKwYBBQUHAgEWHGh0dHA6Ly9wb2xpY3kuY2FtZXJmaXJtYS5jb20w -DQYJKoZIhvcNAQEFBQADggIBAJASryI1wqM58C7e6bXpeHxIvj99RZJe6dqxGfwW -PJ+0W2aeaufDuV2I6A+tzyMP3iU6XsxPpcG1Lawk0lgH3qLPaYRgM+gQDROpI9CF -5Y57pp49chNyM/WqfcZjHwj0/gF/JM8rLFQJ3uIrbZLGOU8W6jx+ekbURWpGqOt1 -glanq6B8aBMz9p0w8G8nOSQjKpD9kCk18pPfNKXG9/jvjA9iSnyu0/VU+I22mlaH -FoI6M6taIgj3grrqLuBHmrS1RaMFO9ncLkVAO+rcf+g769HsJtg1pDDFOqxXnrN2 -pSB7+R5KBWIBpih1YJeSDW4+TTdDDZIVnBgizVGZoCkaPF+KMjNbMMeJL0eYD6MD -xvbxrN8y8NmBGuScvfaAFPDRLLmF9dijscilIeUcE5fuDr3fKanvNFNb0+RqE4QG -tjICxFKuItLcsiFCGtpA8CnJ7AoMXOLQusxI0zcKzBIKinmwPQN/aUv0NCB9szTq -jktk9T79syNnFQ0EuPAtwQlRPLJsFfClI9eDdOTlLsn+mCdCxqvGnrDQWzilm1De -fhiYtUU79nm06PcaewaD+9CL2rvHvRirCG88gGtAPxkZumWK5r7VXNM21+9AUiRg -OGcEMeyP84LG3rlV8zsxkVrctQgVrXYlCg17LofiDKYGvCYQbTed7N14jHyAxfDZ -d0jQ ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDkzCCAnugAwIBAgIQFBOWgxRVjOp7Y+X8NId3RDANBgkqhkiG9w0BAQUFADA0 -MRMwEQYDVQQDEwpDb21TaWduIENBMRAwDgYDVQQKEwdDb21TaWduMQswCQYDVQQG -EwJJTDAeFw0wNDAzMjQxMTMyMThaFw0yOTAzMTkxNTAyMThaMDQxEzARBgNVBAMT -CkNvbVNpZ24gQ0ExEDAOBgNVBAoTB0NvbVNpZ24xCzAJBgNVBAYTAklMMIIBIjAN -BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8ORUaSvTx49qROR+WCf4C9DklBKK -8Rs4OC8fMZwG1Cyn3gsqrhqg455qv588x26i+YtkbDqthVVRVKU4VbirgwTyP2Q2 -98CNQ0NqZtH3FyrV7zb6MBBC11PN+fozc0yz6YQgitZBJzXkOPqUm7h65HkfM/sb -2CEJKHxNGGleZIp6GZPKfuzzcuc3B1hZKKxC+cX/zT/npfo4sdAMx9lSGlPWgcxC -ejVb7Us6eva1jsz/D3zkYDaHL63woSV9/9JLEYhwVKZBqGdTUkJe5DSe5L6j7Kpi -Xd3DTKaCQeQzC6zJMw9kglcq/QytNuEMrkvF7zuZ2SOzW120V+x0cAwqTwIDAQAB -o4GgMIGdMAwGA1UdEwQFMAMBAf8wPQYDVR0fBDYwNDAyoDCgLoYsaHR0cDovL2Zl -ZGlyLmNvbXNpZ24uY28uaWwvY3JsL0NvbVNpZ25DQS5jcmwwDgYDVR0PAQH/BAQD -AgGGMB8GA1UdIwQYMBaAFEsBmz5WGmU2dst7l6qSBe4y5ygxMB0GA1UdDgQWBBRL -AZs+VhplNnbLe5eqkgXuMucoMTANBgkqhkiG9w0BAQUFAAOCAQEA0Nmlfv4pYEWd -foPPbrxHbvUanlR2QnG0PFg/LUAlQvaBnPGJEMgOqnhPOAlXsDzACPw1jvFIUY0M -cXS6hMTXcpuEfDhOZAYnKuGntewImbQKDdSFc8gS4TXt8QUxHXOZDOuWyt3T5oWq -8Ir7dcHyCTxlZWTzTNity4hp8+SDtwy9F1qWF8pb/627HOkthIDYIb6FUtnUdLlp -hbpN7Sgy6/lhSuTENh4Z3G+EER+V9YMoGKgzkkMn3V0TBEVPh9VGzT2ouvDzuFYk -Res3x+F2T3I5GN9+dHLHcy056mDmrRGiVod7w2ia/viMcKjfZTL0pECMocJEAw6U -AGegcQCCSA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEMjCCAxqgAwIBAgIBATANBgkqhkiG9w0BAQUFADB7MQswCQYDVQQGEwJHQjEb -MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow -GAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UEAwwYQUFBIENlcnRpZmlj -YXRlIFNlcnZpY2VzMB4XDTA0MDEwMTAwMDAwMFoXDTI4MTIzMTIzNTk1OVowezEL -MAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE -BwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxITAfBgNVBAMM -GEFBQSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczCCASIwDQYJKoZIhvcNAQEBBQADggEP -ADCCAQoCggEBAL5AnfRu4ep2hxxNRUSOvkbIgwadwSr+GB+O5AL686tdUIoWMQua -BtDFcCLNSS1UY8y2bmhGC1Pqy0wkwLxyTurxFa70VJoSCsN6sjNg4tqJVfMiWPPe -3M/vg4aijJRPn2jymJBGhCfHdr/jzDUsi14HZGWCwEiwqJH5YZ92IFCokcdmtet4 -YgNW8IoaE+oxox6gmf049vYnMlhvB/VruPsUK6+3qszWY19zjNoFmag4qMsXeDZR -rOme9Hg6jc8P2ULimAyrL58OAd7vn5lJ8S3frHRNG5i1R8XlKdH5kBjHYpy+g8cm -ez6KJcfA3Z3mNWgQIJ2P2N7Sw4ScDV7oL8kCAwEAAaOBwDCBvTAdBgNVHQ4EFgQU -oBEKIz6W8Qfs4q8p74Klf9AwpLQwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQF -MAMBAf8wewYDVR0fBHQwcjA4oDagNIYyaHR0cDovL2NybC5jb21vZG9jYS5jb20v -QUFBQ2VydGlmaWNhdGVTZXJ2aWNlcy5jcmwwNqA0oDKGMGh0dHA6Ly9jcmwuY29t -b2RvLm5ldC9BQUFDZXJ0aWZpY2F0ZVNlcnZpY2VzLmNybDANBgkqhkiG9w0BAQUF -AAOCAQEACFb8AvCb6P+k+tZ7xkSAzk/ExfYAWMymtrwUSWgEdujm7l3sAg9g1o1Q -GE8mTgHj5rCl7r+8dFRBv/38ErjHT1r0iWAFf2C3BUrz9vHCv8S5dIa2LX1rzNLz -Rt0vxuBqw8M0Ayx9lt1awg6nCpnBBYurDC/zXDrPbDdVCYfeU0BsWO/8tqtlbgT2 -G9w84FoVxp7Z8VlIMCFlA2zs6SFz7JsDoeA3raAVGI/6ugLOpyypEBMs1OUIJqsi -l2D4kF501KKaU73yqWjgom7C12yxow+ev+to51byrvLjKzg6CYG1a4XXvi3tPxq3 -smPi9WIsgtRqAEFQ8TmDn5XpNpaYbg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDoTCCAomgAwIBAgILBAAAAAABD4WqLUgwDQYJKoZIhvcNAQEFBQAwOzEYMBYG -A1UEChMPQ3liZXJ0cnVzdCwgSW5jMR8wHQYDVQQDExZDeWJlcnRydXN0IEdsb2Jh -bCBSb290MB4XDTA2MTIxNTA4MDAwMFoXDTIxMTIxNTA4MDAwMFowOzEYMBYGA1UE -ChMPQ3liZXJ0cnVzdCwgSW5jMR8wHQYDVQQDExZDeWJlcnRydXN0IEdsb2JhbCBS -b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+Mi8vRRQZhP/8NN5 -7CPytxrHjoXxEnOmGaoQ25yiZXRadz5RfVb23CO21O1fWLE3TdVJDm71aofW0ozS -J8bi/zafmGWgE07GKmSb1ZASzxQG9Dvj1Ci+6A74q05IlG2OlTEQXO2iLb3VOm2y -HLtgwEZLAfVJrn5GitB0jaEMAs7u/OePuGtm839EAL9mJRQr3RAwHQeWP032a7iP -t3sMpTjr3kfb1V05/Iin89cqdPHoWqI7n1C6poxFNcJQZZXcY4Lv3b93TZxiyWNz -FtApD0mpSPCzqrdsxacwOUBdrsTiXSZT8M4cIwhhqJQZugRiQOwfOHB3EgZxpzAY -XSUnpQIDAQABo4GlMIGiMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/ -MB0GA1UdDgQWBBS2CHsNesysIEyGVjJez6tuhS1wVzA/BgNVHR8EODA2MDSgMqAw -hi5odHRwOi8vd3d3Mi5wdWJsaWMtdHJ1c3QuY29tL2NybC9jdC9jdHJvb3QuY3Js -MB8GA1UdIwQYMBaAFLYIew16zKwgTIZWMl7Pq26FLXBXMA0GCSqGSIb3DQEBBQUA -A4IBAQBW7wojoFROlZfJ+InaRcHUowAl9B8Tq7ejhVhpwjCt2BWKLePJzYFa+HMj -Wqd8BfP9IjsO0QbE2zZMcwSO5bAi5MXzLqXZI+O4Tkogp24CJJ8iYGd7ix1yCcUx -XOl5n4BHPa2hCwcUPUf/A2kaDAtE52Mlp3+yybh2hO0j9n0Hq0V+09+zv+mKts2o -omcrUtW3ZfA5TGOgkXmTUg9U3YO7n9GPp1Nzw8v/MOx8BLjYRB+TX3EJIrduPuoc -A06dGiBh+4E37F78CkWr1+cXVdCg6mCbpvbjjFspwgZgFJ0tl0ypkxWdYcQBX0jW -WL1WMRJOEcgh4LMRkWXbtKaIOM5V ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEDjCCAvagAwIBAgIDD92sMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNVBAYTAkRF -MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxHzAdBgNVBAMMFkQtVFJVU1QgUm9vdCBD -QSAzIDIwMTMwHhcNMTMwOTIwMDgyNTUxWhcNMjgwOTIwMDgyNTUxWjBFMQswCQYD -VQQGEwJERTEVMBMGA1UECgwMRC1UcnVzdCBHbWJIMR8wHQYDVQQDDBZELVRSVVNU -IFJvb3QgQ0EgMyAyMDEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA -xHtCkoIf7O1UmI4SwMoJ35NuOpNcG+QQd55OaYhs9uFp8vabomGxvQcgdJhl8Ywm -CM2oNcqANtFjbehEeoLDbF7eu+g20sRoNoyfMr2EIuDcwu4QRjltr5M5rofmw7wJ -ySxrZ1vZm3Z1TAvgu8XXvD558l++0ZBX+a72Zl8xv9Ntj6e6SvMjZbu376Ml1wrq -WLbviPr6ebJSWNXwrIyhUXQplapRO5AyA58ccnSQ3j3tYdLl4/1kR+W5t0qp9x+u -loYErC/jpIF3t1oW/9gPP/a3eMykr/pbPBJbqFKJcu+I89VEgYaVI5973bzZNO98 -lDyqwEHC451QGsDkGSL8swIDAQABo4IBBTCCAQEwDwYDVR0TAQH/BAUwAwEB/zAd -BgNVHQ4EFgQUP5DIfccVb/Mkj6nDL0uiDyGyL+cwDgYDVR0PAQH/BAQDAgEGMIG+ -BgNVHR8EgbYwgbMwdKByoHCGbmxkYXA6Ly9kaXJlY3RvcnkuZC10cnVzdC5uZXQv -Q049RC1UUlVTVCUyMFJvb3QlMjBDQSUyMDMlMjAyMDEzLE89RC1UcnVzdCUyMEdt -YkgsQz1ERT9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0MDugOaA3hjVodHRwOi8v -Y3JsLmQtdHJ1c3QubmV0L2NybC9kLXRydXN0X3Jvb3RfY2FfM18yMDEzLmNybDAN -BgkqhkiG9w0BAQsFAAOCAQEADlkOWOR0SCNEzzQhtZwUGq2aS7eziG1cqRdw8Cqf -jXv5e4X6xznoEAiwNStfzwLS05zICx7uBVSuN5MECX1sj8J0vPgclL4xAUAt8yQg -t4RVLFzI9XRKEBmLo8ftNdYJSNMOwLo5qLBGArDbxohZwr78e7Erz35ih1WWzAFv -m2chlTWL+BD8cRu3SzdppjvW7IvuwbDzJcmPkn2h6sPKRL8mpXSSnON065102ctN -h9j8tGlsi6BDB2B4l+nZk3zCRrybN1Kj7Yo8E6l7U0tJmhEFLAtuVqwfLoJs4Gln -tQ5tLdnkwBXxP/oYcuEVbSdbLTAoK59ImmQrme/ydUlfXA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEMzCCAxugAwIBAgIDCYPzMA0GCSqGSIb3DQEBCwUAME0xCzAJBgNVBAYTAkRF -MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxJzAlBgNVBAMMHkQtVFJVU1QgUm9vdCBD -bGFzcyAzIENBIDIgMjAwOTAeFw0wOTExMDUwODM1NThaFw0yOTExMDUwODM1NTha -ME0xCzAJBgNVBAYTAkRFMRUwEwYDVQQKDAxELVRydXN0IEdtYkgxJzAlBgNVBAMM -HkQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgMjAwOTCCASIwDQYJKoZIhvcNAQEB -BQADggEPADCCAQoCggEBANOySs96R+91myP6Oi/WUEWJNTrGa9v+2wBoqOADER03 -UAifTUpolDWzU9GUY6cgVq/eUXjsKj3zSEhQPgrfRlWLJ23DEE0NkVJD2IfgXU42 -tSHKXzlABF9bfsyjxiupQB7ZNoTWSPOSHjRGICTBpFGOShrvUD9pXRl/RcPHAY9R -ySPocq60vFYJfxLLHLGvKZAKyVXMD9O0Gu1HNVpK7ZxzBCHQqr0ME7UAyiZsxGsM -lFqVlNpQmvH/pStmMaTJOKDfHR+4CS7zp+hnUquVH+BGPtikw8paxTGA6Eian5Rp -/hnd2HN8gcqW3o7tszIFZYQ05ub9VxC1X3a/L7AQDcUCAwEAAaOCARowggEWMA8G -A1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFP3aFMSfMN4hvR5COfyrYyNJ4PGEMA4G -A1UdDwEB/wQEAwIBBjCB0wYDVR0fBIHLMIHIMIGAoH6gfIZ6bGRhcDovL2RpcmVj -dG9yeS5kLXRydXN0Lm5ldC9DTj1ELVRSVVNUJTIwUm9vdCUyMENsYXNzJTIwMyUy -MENBJTIwMiUyMDIwMDksTz1ELVRydXN0JTIwR21iSCxDPURFP2NlcnRpZmljYXRl -cmV2b2NhdGlvbmxpc3QwQ6BBoD+GPWh0dHA6Ly93d3cuZC10cnVzdC5uZXQvY3Js -L2QtdHJ1c3Rfcm9vdF9jbGFzc18zX2NhXzJfMjAwOS5jcmwwDQYJKoZIhvcNAQEL -BQADggEBAH+X2zDI36ScfSF6gHDOFBJpiBSVYEQBrLLpME+bUMJm2H6NMLVwMeni -acfzcNsgFYbQDfC+rAF1hM5+n02/t2A7nPPKHeJeaNijnZflQGDSNiH+0LS4F9p0 -o3/U37CYAqxva2ssJSRyoWXuJVrl5jLn8t+rSfrzkGkj2wTZ51xY/GXUl77M/C4K -zCUqNQT4YJEVdT1B/yMfGchs64JTBKbkTCJNjYy6zltz7GRUUG3RnFX7acM2w4y8 -PIWmawomDeCTmGCufsYkl4phX5GOZpIJhzbNi5stPvZR1FDUWSi9g/LMKHtThm3Y -Johw1+qRzT65ysCQblrGXnRl11z+o+I= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEQzCCAyugAwIBAgIDCYP0MA0GCSqGSIb3DQEBCwUAMFAxCzAJBgNVBAYTAkRF -MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxKjAoBgNVBAMMIUQtVFJVU1QgUm9vdCBD -bGFzcyAzIENBIDIgRVYgMjAwOTAeFw0wOTExMDUwODUwNDZaFw0yOTExMDUwODUw -NDZaMFAxCzAJBgNVBAYTAkRFMRUwEwYDVQQKDAxELVRydXN0IEdtYkgxKjAoBgNV -BAMMIUQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgRVYgMjAwOTCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAJnxhDRwui+3MKCOvXwEz75ivJn9gpfSegpn -ljgJ9hBOlSJzmY3aFS3nBfwZcyK3jpgAvDw9rKFs+9Z5JUut8Mxk2og+KbgPCdM0 -3TP1YtHhzRnp7hhPTFiu4h7WDFsVWtg6uMQYZB7jM7K1iXdODL/ZlGsTl28So/6Z -qQTMFexgaDbtCHu39b+T7WYxg4zGcTSHThfqr4uRjRxWQa4iN1438h3Z0S0NL2lR -p75mpoo6Kr3HGrHhFPC+Oh25z1uxav60sUYgovseO3Dvk5h9jHOW8sXvhXCtKSb8 -HgQ+HKDYD8tSg2J87otTlZCpV6LqYQXY+U3EJ/pure3511H3a6UCAwEAAaOCASQw -ggEgMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNOUikxiEyoZLsyvcop9Ntea -HNxnMA4GA1UdDwEB/wQEAwIBBjCB3QYDVR0fBIHVMIHSMIGHoIGEoIGBhn9sZGFw -Oi8vZGlyZWN0b3J5LmQtdHJ1c3QubmV0L0NOPUQtVFJVU1QlMjBSb290JTIwQ2xh -c3MlMjAzJTIwQ0ElMjAyJTIwRVYlMjAyMDA5LE89RC1UcnVzdCUyMEdtYkgsQz1E -RT9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0MEagRKBChkBodHRwOi8vd3d3LmQt -dHJ1c3QubmV0L2NybC9kLXRydXN0X3Jvb3RfY2xhc3NfM19jYV8yX2V2XzIwMDku -Y3JsMA0GCSqGSIb3DQEBCwUAA4IBAQA07XtaPKSUiO8aEXUHL7P+PPoeUSbrh/Yp -3uDx1MYkCenBz1UbtDDZzhr+BlGmFaQt77JLvyAoJUnRpjZ3NOhk31KxEcdzes05 -nsKtjHEh8lprr988TlWvsoRlFIm5d8sqMb7Po23Pb0iUMkZv53GMoKaEGTcH8gNF -CSuGdXzfX2lXANtu2KZyIktQ1HWYVt+3GP9DQ1CuekR78HlR10M9p9OB0/DJT7na -xpeG0ILD5EJt/rDiZE4OJudANCa1CInXCGNjOCd1HjPqbqjdn5lPdE2BiYBL3ZqX -KVwvvoFBuYz/6n1gBp7N1z3TLqMVvKjmJuVvw9y4AyHqnxbxLFS1 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/ -MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT -DkRTVCBSb290IENBIFgzMB4XDTAwMDkzMDIxMTIxOVoXDTIxMDkzMDE0MDExNVow -PzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQD -Ew5EU1QgUm9vdCBDQSBYMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB -AN+v6ZdQCINXtMxiZfaQguzH0yxrMMpb7NnDfcdAwRgUi+DoM3ZJKuM/IUmTrE4O -rz5Iy2Xu/NMhD2XSKtkyj4zl93ewEnu1lcCJo6m67XMuegwGMoOifooUMM0RoOEq -OLl5CjH9UL2AZd+3UWODyOKIYepLYYHsUmu5ouJLGiifSKOeDNoJjj4XLh7dIN9b -xiqKqy69cK3FCxolkHRyxXtqqzTWMIn/5WgTe1QLyNau7Fqckh49ZLOMxt+/yUFw -7BZy1SbsOFU5Q9D8/RhcQPGX69Wam40dutolucbY38EVAjqr2m7xPi71XAicPNaD -aeQQmxkqtilX4+U9m5/wAl0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNV -HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMSnsaR7LHH62+FLkHX/xBVghYkQMA0GCSqG -SIb3DQEBBQUAA4IBAQCjGiybFwBcqR7uKGY3Or+Dxz9LwwmglSBd49lZRNI+DT69 -ikugdB/OEIKcdBodfpga3csTS7MgROSR6cz8faXbauX+5v3gTt23ADq1cEmv8uXr -AvHRAosZy5Q6XkjEGB5YGV8eAlrwDPGxrancWYaLbumR9YbK+rlmM6pZW87ipxZz -R8srzJmwN0jP41ZL9c8PDHIyh8bwRLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5 -JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubSfZGL+T0yjWW06XyxV3bqxbYo -Ob8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDnzCCAoegAwIBAgIBJjANBgkqhkiG9w0BAQUFADBxMQswCQYDVQQGEwJERTEc -MBoGA1UEChMTRGV1dHNjaGUgVGVsZWtvbSBBRzEfMB0GA1UECxMWVC1UZWxlU2Vj -IFRydXN0IENlbnRlcjEjMCEGA1UEAxMaRGV1dHNjaGUgVGVsZWtvbSBSb290IENB -IDIwHhcNOTkwNzA5MTIxMTAwWhcNMTkwNzA5MjM1OTAwWjBxMQswCQYDVQQGEwJE -RTEcMBoGA1UEChMTRGV1dHNjaGUgVGVsZWtvbSBBRzEfMB0GA1UECxMWVC1UZWxl -U2VjIFRydXN0IENlbnRlcjEjMCEGA1UEAxMaRGV1dHNjaGUgVGVsZWtvbSBSb290 -IENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrC6M14IspFLEU -ha88EOQ5bzVdSq7d6mGNlUn0b2SjGmBmpKlAIoTZ1KXleJMOaAGtuU1cOs7TuKhC -QN/Po7qCWWqSG6wcmtoIKyUn+WkjR/Hg6yx6m/UTAtB+NHzCnjwAWav12gz1Mjwr -rFDa1sPeg5TKqAyZMg4ISFZbavva4VhYAUlfckE8FQYBjl2tqriTtM2e66foai1S -NNs671x1Udrb8zH57nGYMsRUFUQM+ZtV7a3fGAigo4aKSe5TBY8ZTNXeWHmb0moc -QqvF1afPaA+W5OFhmHZhyJF81j4A4pFQh+GdCuatl9Idxjp9y7zaAzTVjlsB9WoH -txa2bkp/AgMBAAGjQjBAMB0GA1UdDgQWBBQxw3kbuvVT1xfgiXotF2wKsyudMzAP -BgNVHRMECDAGAQH/AgEFMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOC -AQEAlGRZrTlk5ynrE/5aw4sTV8gEJPB0d8Bg42f76Ymmg7+Wgnxu1MM9756Abrsp -tJh6sTtU6zkXR34ajgv8HzFZMQSyzhfzLMdiNlXiItiJVbSYSKpk+tYcNthEeFpa -IzpXl/V6ME+un2pMSyuOoAPjPuCp1NJ70rOo4nI8rZ7/gFnkm0W09juwzTkZmDLl -6iFhkOQxIY40sfcvNUqFENrnijchvllj4PKFiDFT1FQUhXB59C4Gdyd1Lx+4ivn+ -xbrYNuSD7Odlt79jWvNGr4GUN9RBjNYj1h7P9WgbRGOiWrqnNVmh5XAFmw4jV5mU -Cm26OWMohpLzGITY+9HPBVZkVw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDtzCCAp+gAwIBAgIQDOfg5RfYRv6P5WD8G/AwOTANBgkqhkiG9w0BAQUFADBl -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv -b3QgQ0EwHhcNMDYxMTEwMDAwMDAwWhcNMzExMTEwMDAwMDAwWjBlMQswCQYDVQQG -EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNl -cnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgQ0EwggEi -MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtDhXO5EOAXLGH87dg+XESpa7c -JpSIqvTO9SA5KFhgDPiA2qkVlTJhPLWxKISKityfCgyDF3qPkKyK53lTXDGEKvYP -mDI2dsze3Tyoou9q+yHyUmHfnyDXH+Kx2f4YZNISW1/5WBg1vEfNoTb5a3/UsDg+ -wRvDjDPZ2C8Y/igPs6eD1sNuRMBhNZYW/lmci3Zt1/GiSw0r/wty2p5g0I6QNcZ4 -VYcgoc/lbQrISXwxmDNsIumH0DJaoroTghHtORedmTpyoeb6pNnVFzF1roV9Iq4/ -AUaG9ih5yLHa5FcXxH4cDrC0kqZWs72yl+2qp/C3xag/lRbQ/6GW6whfGHdPAgMB -AAGjYzBhMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQW -BBRF66Kv9JLLgjEtUYunpyGd823IDzAfBgNVHSMEGDAWgBRF66Kv9JLLgjEtUYun -pyGd823IDzANBgkqhkiG9w0BAQUFAAOCAQEAog683+Lt8ONyc3pklL/3cmbYMuRC -dWKuh+vy1dneVrOfzM4UKLkNl2BcEkxY5NM9g0lFWJc1aRqoR+pWxnmrEthngYTf -fwk8lOa4JiwgvT2zKIn3X/8i4peEH+ll74fg38FnSbNd67IJKusm7Xi+fT8r87cm -NW1fiQG2SVufAQWbqz0lwcy2f8Lxb4bG+mRo64EtlOtCt/qMHt1i8b5QZ7dsvfPx -H2sMNgcWfzd8qVttevESRmCD1ycEvkvOl77DZypoEd+A5wwzZr8TDRRu838fYxAe -+o0bJW1sj6W3YQGx0qMmoRBxna3iw/nDmVG3KwcIzi7mULKn+gpFL6Lw8g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDljCCAn6gAwIBAgIQC5McOtY5Z+pnI7/Dr5r0SzANBgkqhkiG9w0BAQsFADBl -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv -b3QgRzIwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1MTIwMDAwWjBlMQswCQYDVQQG -EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNl -cnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgRzIwggEi -MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ5ygvUj82ckmIkzTz+GoeMVSA -n61UQbVH35ao1K+ALbkKz3X9iaV9JPrjIgwrvJUXCzO/GU1BBpAAvQxNEP4Htecc -biJVMWWXvdMX0h5i89vqbFCMP4QMls+3ywPgym2hFEwbid3tALBSfK+RbLE4E9Hp -EgjAALAcKxHad3A2m67OeYfcgnDmCXRwVWmvo2ifv922ebPynXApVfSr/5Vh88lA -bx3RvpO704gqu52/clpWcTs/1PPRCv4o76Pu2ZmvA9OPYLfykqGxvYmJHzDNw6Yu -YjOuFgJ3RFrngQo8p0Quebg/BLxcoIfhG69Rjs3sLPr4/m3wOnyqi+RnlTGNAgMB -AAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQW -BBTOw0q5mVXyuNtgv6l+vVa1lzan1jANBgkqhkiG9w0BAQsFAAOCAQEAyqVVjOPI -QW5pJ6d1Ee88hjZv0p3GeDgdaZaikmkuOGybfQTUiaWxMTeKySHMq2zNixya1r9I -0jJmwYrA8y8678Dj1JGG0VDjA9tzd29KOVPt3ibHtX2vK0LRdWLjSisCx1BL4Gni -lmwORGYQRI+tBev4eaymG+g3NJ1TyWGqolKvSnAWhsI6yLETcDbYz+70CjTVW0z9 -B5yiutkBclzzTcHdDrEcDcRjvq30FPuJ7KJBDkzMyFdA0G4Dqs0MjomZmWzwPDCv -ON9vvKO+KSAnq3T/EyJ43pdSVR6DtVQgA+6uwE9W3jfMw3+qBCe703e4YtsXfJwo -IhNzbM8m9Yop5w== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICRjCCAc2gAwIBAgIQC6Fa+h3foLVJRK/NJKBs7DAKBggqhkjOPQQDAzBlMQsw -CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu -ZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3Qg -RzMwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1MTIwMDAwWjBlMQswCQYDVQQGEwJV -UzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQu -Y29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgRzMwdjAQBgcq -hkjOPQIBBgUrgQQAIgNiAAQZ57ysRGXtzbg/WPuNsVepRC0FFfLvC/8QdJ+1YlJf -Zn4f5dwbRXkLzMZTCp2NXQLZqVneAlr2lSoOjThKiknGvMYDOAdfVdp+CW7if17Q -RSAPWXYQ1qAk8C3eNvJsKTmjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/ -BAQDAgGGMB0GA1UdDgQWBBTL0L2p4ZgFUaFNN6KDec6NHSrkhDAKBggqhkjOPQQD -AwNnADBkAjAlpIFFAmsSS3V0T8gj43DydXLefInwz5FyYZ5eEJJZVrmDxxDnOOlY -JjZ91eQ0hjkCMHw2U/Aw5WJjOpnitqM7mzT6HtoQknFekROn3aRukswy1vUhZscv -6pZjamVFkpUBtA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD -QTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT -MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j -b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG -9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB -CSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97 -nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt -43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P -T19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4 -gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO -BgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR -TLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw -DQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr -hMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg -06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF -PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls -YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk -CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDjjCCAnagAwIBAgIQAzrx5qcRqaC7KGSxHQn65TANBgkqhkiG9w0BAQsFADBh -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH -MjAeFw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAwMDBaMGExCzAJBgNVBAYTAlVT -MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j -b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEcyMIIBIjANBgkqhkiG -9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzfNNNx7a8myaJCtSnX/RrohCgiN9RlUyfuI -2/Ou8jqJkTx65qsGGmvPrC3oXgkkRLpimn7Wo6h+4FR1IAWsULecYxpsMNzaHxmx -1x7e/dfgy5SDN67sH0NO3Xss0r0upS/kqbitOtSZpLYl6ZtrAGCSYP9PIUkY92eQ -q2EGnI/yuum06ZIya7XzV+hdG82MHauVBJVJ8zUtluNJbd134/tJS7SsVQepj5Wz -tCO7TG1F8PapspUwtP1MVYwnSlcUfIKdzXOS0xZKBgyMUNGPHgm+F6HmIcr9g+UQ -vIOlCsRnKPZzFBQ9RnbDhxSJITRNrw9FDKZJobq7nMWxM4MphQIDAQABo0IwQDAP -BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUTiJUIBiV -5uNu5g/6+rkS7QYXjzkwDQYJKoZIhvcNAQELBQADggEBAGBnKJRvDkhj6zHd6mcY -1Yl9PMWLSn/pvtsrF9+wX3N3KjITOYFnQoQj8kVnNeyIv/iPsGEMNKSuIEyExtv4 -NeF22d+mQrvHRAiGfzZ0JFrabA0UWTW98kndth/Jsw1HKj2ZL7tcu7XUIOGZX1NG -Fdtom/DzMNU+MeKNhJ7jitralj41E6Vf8PlwUHBHQRFXGU7Aj64GxJUTFy8bJZ91 -8rGOmaFvE7FBcf6IKshPECBV1/MUReXgRPTqh5Uykw7+U0b6LJ3/iyK5S9kJRaTe -pLiaWN0bfVKfjllDiIGknibVb63dDcY3fe0Dkhvld1927jyNxF1WW6LZZm6zNTfl -MrY= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICPzCCAcWgAwIBAgIQBVVWvPJepDU1w6QP1atFcjAKBggqhkjOPQQDAzBhMQsw -CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu -ZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBHMzAe -Fw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAwMDBaMGExCzAJBgNVBAYTAlVTMRUw -EwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20x -IDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEczMHYwEAYHKoZIzj0CAQYF -K4EEACIDYgAE3afZu4q4C/sLfyHS8L6+c/MzXRq8NOrexpu80JX28MzQC7phW1FG -fp4tn+6OYwwX7Adw9c+ELkCDnOg/QW07rdOkFFk2eJ0DQ+4QE2xy3q6Ip6FrtUPO -Z9wj/wMco+I+o0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAd -BgNVHQ4EFgQUs9tIpPmhxdiuNkHMEWNpYim8S8YwCgYIKoZIzj0EAwMDaAAwZQIx -AK288mw/EkrRLTnDCgmXc/SINoyIJ7vmiI1Qhadj+Z4y3maTD/HMsQmP3Wyr+mt/ -oAIwOWZbwmSNuJ5Q3KjVSaLtx9zRSX8XAbjIho9OjIgrqJqpisXRAL34VOKa5Vt8 -sycX ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDxTCCAq2gAwIBAgIQAqxcJmoLQJuPC3nyrkYldzANBgkqhkiG9w0BAQUFADBs -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j -ZSBFViBSb290IENBMB4XDTA2MTExMDAwMDAwMFoXDTMxMTExMDAwMDAwMFowbDEL -MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3 -LmRpZ2ljZXJ0LmNvbTErMCkGA1UEAxMiRGlnaUNlcnQgSGlnaCBBc3N1cmFuY2Ug -RVYgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMbM5XPm -+9S75S0tMqbf5YE/yc0lSbZxKsPVlDRnogocsF9ppkCxxLeyj9CYpKlBWTrT3JTW -PNt0OKRKzE0lgvdKpVMSOO7zSW1xkX5jtqumX8OkhPhPYlG++MXs2ziS4wblCJEM -xChBVfvLWokVfnHoNb9Ncgk9vjo4UFt3MRuNs8ckRZqnrG0AFFoEt7oT61EKmEFB -Ik5lYYeBQVCmeVyJ3hlKV9Uu5l0cUyx+mM0aBhakaHPQNAQTXKFx01p8VdteZOE3 -hzBWBOURtCmAEvF5OYiiAhF8J2a3iLd48soKqDirCmTCv2ZdlYTBoSUeh10aUAsg -EsxBu24LUTi4S8sCAwEAAaNjMGEwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQF -MAMBAf8wHQYDVR0OBBYEFLE+w2kD+L9HAdSYJhoIAu9jZCvDMB8GA1UdIwQYMBaA -FLE+w2kD+L9HAdSYJhoIAu9jZCvDMA0GCSqGSIb3DQEBBQUAA4IBAQAcGgaX3Nec -nzyIZgYIVyHbIUf4KmeqvxgydkAQV8GK83rZEWWONfqe/EW1ntlMMUu4kehDLI6z -eM7b41N5cdblIZQB2lWHmiRk9opmzN6cN82oNLFpmyPInngiK3BD41VHMWEZ71jF -hS9OMPagMRYjyOfiZRYzy78aG6A9+MpeizGLYAiJLQwGXFK3xPkKmNEVX58Svnw2 -Yzi9RKR/5CYrCsSXaQ3pjOLAEFe4yHYSkVXySGnYvCoCWw9E1CAx2/S6cCZdkGCe -vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep -+OkuE6N36B9K ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFkDCCA3igAwIBAgIQBZsbV56OITLiOQe9p3d1XDANBgkqhkiG9w0BAQwFADBi -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSEwHwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3Qg -RzQwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1MTIwMDAwWjBiMQswCQYDVQQGEwJV -UzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQu -Y29tMSEwHwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3QgRzQwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQC/5pBzaN675F1KPDAiMGkz7MKnJS7JIT3y -ithZwuEppz1Yq3aaza57G4QNxDAf8xukOBbrVsaXbR2rsnnyyhHS5F/WBTxSD1If -xp4VpX6+n6lXFllVcq9ok3DCsrp1mWpzMpTREEQQLt+C8weE5nQ7bXHiLQwb7iDV -ySAdYyktzuxeTsiT+CFhmzTrBcZe7FsavOvJz82sNEBfsXpm7nfISKhmV1efVFiO -DCu3T6cw2Vbuyntd463JT17lNecxy9qTXtyOj4DatpGYQJB5w3jHtrHEtWoYOAMQ -jdjUN6QuBX2I9YI+EJFwq1WCQTLX2wRzKm6RAXwhTNS8rhsDdV14Ztk6MUSaM0C/ -CNdaSaTC5qmgZ92kJ7yhTzm1EVgX9yRcRo9k98FpiHaYdj1ZXUJ2h4mXaXpI8OCi -EhtmmnTK3kse5w5jrubU75KSOp493ADkRSWJtppEGSt+wJS00mFt6zPZxd9LBADM -fRyVw4/3IbKyEbe7f/LVjHAsQWCqsWMYRJUadmJ+9oCw++hkpjPRiQfhvbfmQ6QY -uKZ3AeEPlAwhHbJUKSWJbOUOUlFHdL4mrLZBdd56rF+NP8m800ERElvlEFDrMcXK -chYiCd98THU/Y+whX8QgUWtvsauGi0/C1kVfnSD8oR7FwI+isX4KJpn15GkvmB0t -9dmpsh3lGwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB -hjAdBgNVHQ4EFgQU7NfjgtJxXWRM3y5nP+e6mK4cD08wDQYJKoZIhvcNAQEMBQAD -ggIBALth2X2pbL4XxJEbw6GiAI3jZGgPVs93rnD5/ZpKmbnJeFwMDF/k5hQpVgs2 -SV1EY+CtnJYYZhsjDT156W1r1lT40jzBQ0CuHVD1UvyQO7uYmWlrx8GnqGikJ9yd -+SeuMIW59mdNOj6PWTkiU0TryF0Dyu1Qen1iIQqAyHNm0aAFYF/opbSnr6j3bTWc -fFqK1qI4mfN4i/RN0iAL3gTujJtHgXINwBQy7zBZLq7gcfJW5GqXb5JQbZaNaHqa -sjYUegbyJLkJEVDXCLG4iXqEI2FCKeWjzaIgQdfRnGTZ6iahixTXTBmyUEFxPT9N -cCOGDErcgdLMMpSEDQgJlxxPwO5rIHQw0uA5NBCFIRUBCOhVMt5xSdkoF1BN5r5N -0XWs0Mr7QbhDparTwwVETyw2m+L64kW4I1NsBm9nVX9GtUw/bihaeSbSpKhil9Ie -4u1Ki7wb/UdKDd9nZn6yW0HQO+T0O/QEY+nvwlQAUaCKKsnOeMzV6ocEGLPOr0mI -r/OSmbaz5mEP0oUA51Aa5BuVnRmhuZyxm7EAHu/QD09CbMkKvO5D+jpxpchNJqU1 -/YldvIViHTLSoCtU7ZpXwdv6EM8Zt4tKG48BtieVU+i2iW1bvGjUI+iLUaJW+fCm -gKDWHrO8Dw9TdSmq6hN35N6MgSGtBxBHEa2HPQfRdbzP82Z+ ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIGSzCCBDOgAwIBAgIIamg+nFGby1MwDQYJKoZIhvcNAQELBQAwgbIxCzAJBgNV -BAYTAlRSMQ8wDQYDVQQHDAZBbmthcmExQDA+BgNVBAoMN0UtVHXEn3JhIEVCRyBC -aWxpxZ9pbSBUZWtub2xvamlsZXJpIHZlIEhpem1ldGxlcmkgQS7Fni4xJjAkBgNV -BAsMHUUtVHVncmEgU2VydGlmaWthc3lvbiBNZXJrZXppMSgwJgYDVQQDDB9FLVR1 -Z3JhIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTEzMDMwNTEyMDk0OFoXDTIz -MDMwMzEyMDk0OFowgbIxCzAJBgNVBAYTAlRSMQ8wDQYDVQQHDAZBbmthcmExQDA+ -BgNVBAoMN0UtVHXEn3JhIEVCRyBCaWxpxZ9pbSBUZWtub2xvamlsZXJpIHZlIEhp -em1ldGxlcmkgQS7Fni4xJjAkBgNVBAsMHUUtVHVncmEgU2VydGlmaWthc3lvbiBN -ZXJrZXppMSgwJgYDVQQDDB9FLVR1Z3JhIENlcnRpZmljYXRpb24gQXV0aG9yaXR5 -MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA4vU/kwVRHoViVF56C/UY -B4Oufq9899SKa6VjQzm5S/fDxmSJPZQuVIBSOTkHS0vdhQd2h8y/L5VMzH2nPbxH -D5hw+IyFHnSOkm0bQNGZDbt1bsipa5rAhDGvykPL6ys06I+XawGb1Q5KCKpbknSF -Q9OArqGIW66z6l7LFpp3RMih9lRozt6Plyu6W0ACDGQXwLWTzeHxE2bODHnv0ZEo -q1+gElIwcxmOj+GMB6LDu0rw6h8VqO4lzKRG+Bsi77MOQ7osJLjFLFzUHPhdZL3D -k14opz8n8Y4e0ypQBaNV2cvnOVPAmJ6MVGKLJrD3fY185MaeZkJVgkfnsliNZvcH -fC425lAcP9tDJMW/hkd5s3kc91r0E+xs+D/iWR+V7kI+ua2oMoVJl0b+SzGPWsut -dEcf6ZG33ygEIqDUD13ieU/qbIWGvaimzuT6w+Gzrt48Ue7LE3wBf4QOXVGUnhMM -ti6lTPk5cDZvlsouDERVxcr6XQKj39ZkjFqzAQqptQpHF//vkUAqjqFGOjGY5RH8 -zLtJVor8udBhmm9lbObDyz51Sf6Pp+KJxWfXnUYTTjF2OySznhFlhqt/7x3U+Lzn -rFpct1pHXFXOVbQicVtbC/DP3KBhZOqp12gKY6fgDT+gr9Oq0n7vUaDmUStVkhUX -U8u3Zg5mTPj5dUyQ5xJwx0UCAwEAAaNjMGEwHQYDVR0OBBYEFC7j27JJ0JxUeVz6 -Jyr+zE7S6E5UMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAULuPbsknQnFR5 -XPonKv7MTtLoTlQwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4ICAQAF -Nzr0TbdF4kV1JI+2d1LoHNgQk2Xz8lkGpD4eKexd0dCrfOAKkEh47U6YA5n+KGCR -HTAduGN8qOY1tfrTYXbm1gdLymmasoR6d5NFFxWfJNCYExL/u6Au/U5Mh/jOXKqY -GwXgAEZKgoClM4so3O0409/lPun++1ndYYRP0lSWE2ETPo+Aab6TR7U1Q9Jauz1c -77NCR807VRMGsAnb/WP2OogKmW9+4c4bU2pEZiNRCHu8W1Ki/QY3OEBhj0qWuJA3 -+GbHeJAAFS6LrVE1Uweoa2iu+U48BybNCAVwzDk/dr2l02cmAYamU9JgO3xDf1WK -vJUawSg5TB9D0pH0clmKuVb8P7Sd2nCcdlqMQ1DujjByTd//SffGqWfZbawCEeI6 -FiWnWAjLb1NBnEg4R2gz0dfHj9R0IdTDBZB6/86WiLEVKV0jq9BgoRJP3vQXzTLl -yb/IQ639Lo7xr+L0mPoSHyDYwKcMhcWQ9DstliaxLL5Mq+ux0orJ23gTDx4JnW2P -AJ8C2sH6H3p6CcRK5ogql5+Ji/03X186zjhZhkuvcQu02PJwT58yE+Owp1fl2tpD -y4Q08ijE6m30Ku/Ba3ba+367hTzSU8JNvnHhRdH9I2cNE3X7z2VnIp2usAnRCf8d -NL/+I5c30jn6PQ0GC7TbO6Orb1wdtn7os4I07QZcJA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFVjCCBD6gAwIBAgIQ7is969Qh3hSoYqwE893EATANBgkqhkiG9w0BAQUFADCB -8zELMAkGA1UEBhMCRVMxOzA5BgNVBAoTMkFnZW5jaWEgQ2F0YWxhbmEgZGUgQ2Vy -dGlmaWNhY2lvIChOSUYgUS0wODAxMTc2LUkpMSgwJgYDVQQLEx9TZXJ2ZWlzIFB1 -YmxpY3MgZGUgQ2VydGlmaWNhY2lvMTUwMwYDVQQLEyxWZWdldSBodHRwczovL3d3 -dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbCAoYykwMzE1MDMGA1UECxMsSmVyYXJxdWlh -IEVudGl0YXRzIGRlIENlcnRpZmljYWNpbyBDYXRhbGFuZXMxDzANBgNVBAMTBkVD -LUFDQzAeFw0wMzAxMDcyMzAwMDBaFw0zMTAxMDcyMjU5NTlaMIHzMQswCQYDVQQG -EwJFUzE7MDkGA1UEChMyQWdlbmNpYSBDYXRhbGFuYSBkZSBDZXJ0aWZpY2FjaW8g -KE5JRiBRLTA4MDExNzYtSSkxKDAmBgNVBAsTH1NlcnZlaXMgUHVibGljcyBkZSBD -ZXJ0aWZpY2FjaW8xNTAzBgNVBAsTLFZlZ2V1IGh0dHBzOi8vd3d3LmNhdGNlcnQu -bmV0L3ZlcmFycmVsIChjKTAzMTUwMwYDVQQLEyxKZXJhcnF1aWEgRW50aXRhdHMg -ZGUgQ2VydGlmaWNhY2lvIENhdGFsYW5lczEPMA0GA1UEAxMGRUMtQUNDMIIBIjAN -BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyLHT+KXQpWIR4NA9h0X84NzJB5R -85iKw5K4/0CQBXCHYMkAqbWUZRkiFRfCQ2xmRJoNBD45b6VLeqpjt4pEndljkYRm -4CgPukLjbo73FCeTae6RDqNfDrHrZqJyTxIThmV6PttPB/SnCWDaOkKZx7J/sxaV -HMf5NLWUhdWZXqBIoH7nF2W4onW4HvPlQn2v7fOKSGRdghST2MDk/7NQcvJ29rNd -QlB50JQ+awwAvthrDk4q7D7SzIKiGGUzE3eeml0aE9jD2z3Il3rucO2n5nzbcc8t -lGLfbdb1OL4/pYUKGbio2Al1QnDE6u/LDsg0qBIimAy4E5S2S+zw0JDnJwIDAQAB -o4HjMIHgMB0GA1UdEQQWMBSBEmVjX2FjY0BjYXRjZXJ0Lm5ldDAPBgNVHRMBAf8E -BTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUoMOLRKo3pUW/l4Ba0fF4 -opvpXY0wfwYDVR0gBHgwdjB0BgsrBgEEAfV4AQMBCjBlMCwGCCsGAQUFBwIBFiBo -dHRwczovL3d3dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbDA1BggrBgEFBQcCAjApGidW -ZWdldSBodHRwczovL3d3dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbCAwDQYJKoZIhvcN -AQEFBQADggEBAKBIW4IB9k1IuDlVNZyAelOZ1Vr/sXE7zDkJlF7W2u++AVtd0x7Y -/X1PzaBB4DSTv8vihpw3kpBWHNzrKQXlxJ7HNd+KDM3FIUPpqojlNcAZQmNaAl6k -SBg6hW/cnbw/nZzBh7h6YQjpdwt/cKt63dmXLGQehb+8dJahw3oS7AwaboMMPOhy -Rp/7SNVel+axofjk70YllJyJ22k4vuxcDlbHZVHlUIiIv0LVKz3l+bqeLrPK9HOS -Agu+TGbrIP65y7WZf+a2E/rKS03Z7lNGBjvGTq2TWoF+bCpLagVFjPIhpDGQh2xl -nJ2lYJU6Un/10asIbvPuW/mIPX64b24D5EI= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEAzCCAuugAwIBAgIQVID5oHPtPwBMyonY43HmSjANBgkqhkiG9w0BAQUFADB1 -MQswCQYDVQQGEwJFRTEiMCAGA1UECgwZQVMgU2VydGlmaXRzZWVyaW1pc2tlc2t1 -czEoMCYGA1UEAwwfRUUgQ2VydGlmaWNhdGlvbiBDZW50cmUgUm9vdCBDQTEYMBYG -CSqGSIb3DQEJARYJcGtpQHNrLmVlMCIYDzIwMTAxMDMwMTAxMDMwWhgPMjAzMDEy -MTcyMzU5NTlaMHUxCzAJBgNVBAYTAkVFMSIwIAYDVQQKDBlBUyBTZXJ0aWZpdHNl -ZXJpbWlza2Vza3VzMSgwJgYDVQQDDB9FRSBDZXJ0aWZpY2F0aW9uIENlbnRyZSBS -b290IENBMRgwFgYJKoZIhvcNAQkBFglwa2lAc2suZWUwggEiMA0GCSqGSIb3DQEB -AQUAA4IBDwAwggEKAoIBAQDIIMDs4MVLqwd4lfNE7vsLDP90jmG7sWLqI9iroWUy -euuOF0+W2Ap7kaJjbMeMTC55v6kF/GlclY1i+blw7cNRfdCT5mzrMEvhvH2/UpvO -bntl8jixwKIy72KyaOBhU8E2lf/slLo2rpwcpzIP5Xy0xm90/XsY6KxX7QYgSzIw -WFv9zajmofxwvI6Sc9uXp3whrj3B9UiHbCe9nyV0gVWw93X2PaRka9ZP585ArQ/d -MtO8ihJTmMmJ+xAdTX7Nfh9WDSFwhfYggx/2uh8Ej+p3iDXE/+pOoYtNP2MbRMNE -1CV2yreN1x5KZmTNXMWcg+HCCIia7E6j8T4cLNlsHaFLAgMBAAGjgYowgYcwDwYD -VR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFBLyWj7qVhy/ -zQas8fElyalL1BSZMEUGA1UdJQQ+MDwGCCsGAQUFBwMCBggrBgEFBQcDAQYIKwYB -BQUHAwMGCCsGAQUFBwMEBggrBgEFBQcDCAYIKwYBBQUHAwkwDQYJKoZIhvcNAQEF -BQADggEBAHv25MANqhlHt01Xo/6tu7Fq1Q+e2+RjxY6hUFaTlrg4wCQiZrxTFGGV -v9DHKpY5P30osxBAIWrEr7BSdxjhlthWXePdNl4dp1BUoMUq5KqMlIpPnTX/dqQG -E5Gion0ARD9V04I8GtVbvFZMIi5GQ4okQC3zErg7cBqklrkar4dBGmoYDQZPxz5u -uSlNDUmJEYcyW+ZLBMjkXOZ0c5RdFpgTlf7727FE5TpwrDdr5rMzcijJs1eg9gIW -iAYLtqZLICjU3j2LrTcFU3T+bsy8QxdxXvnFzBqpYe73dgzzcvRyrc9yAjYHR8/v -GVCJYMzpJJUPwssd8m92kMfMdcGWxZ0= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEKjCCAxKgAwIBAgIEOGPe+DANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChML -RW50cnVzdC5uZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNfMjA0OCBp -bmNvcnAuIGJ5IHJlZi4gKGxpbWl0cyBsaWFiLikxJTAjBgNVBAsTHChjKSAxOTk5 -IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNVBAMTKkVudHJ1c3QubmV0IENlcnRp -ZmljYXRpb24gQXV0aG9yaXR5ICgyMDQ4KTAeFw05OTEyMjQxNzUwNTFaFw0yOTA3 -MjQxNDE1MTJaMIG0MRQwEgYDVQQKEwtFbnRydXN0Lm5ldDFAMD4GA1UECxQ3d3d3 -LmVudHJ1c3QubmV0L0NQU18yMDQ4IGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxp -YWIuKTElMCMGA1UECxMcKGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDEzMDEG -A1UEAxMqRW50cnVzdC5uZXQgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgKDIwNDgp -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArU1LqRKGsuqjIAcVFmQq -K0vRvwtKTY7tgHalZ7d4QMBzQshowNtTK91euHaYNZOLGp18EzoOH1u3Hs/lJBQe -sYGpjX24zGtLA/ECDNyrpUAkAH90lKGdCCmziAv1h3edVc3kw37XamSrhRSGlVuX -MlBvPci6Zgzj/L24ScF2iUkZ/cCovYmjZy/Gn7xxGWC4LeksyZB2ZnuU4q941mVT -XTzWnLLPKQP5L6RQstRIzgUyVYr9smRMDuSYB3Xbf9+5CFVghTAp+XtIpGmG4zU/ -HoZdenoVve8AjhUiVBcAkCaTvA5JaJG/+EfTnZVCwQ5N328mz8MYIWJmQ3DW1cAH -4QIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV -HQ4EFgQUVeSB0RGAvtiJuQijMfmhJAkWuXAwDQYJKoZIhvcNAQEFBQADggEBADub -j1abMOdTmXx6eadNl9cZlZD7Bh/KM3xGY4+WZiT6QBshJ8rmcnPyT/4xmf3IDExo -U8aAghOY+rat2l098c5u9hURlIIM7j+VrxGrD9cv3h8Dj1csHsm7mhpElesYT6Yf -zX1XEC+bBAlahLVu2B064dae0Wx5XnkcFMXj0EyTO2U87d89vqbllRrDtRnDvV5b -u/8j72gZyxKTJ1wDLW8w0B62GqzeWvfRqqgnpv55gcR5mTNXuhKwqeBCbJPKVt7+ -bYQLCIt+jerXmCHG8+c8eS9enNFMFY3h7CI3zJpDC5fcgJCNs2ebb0gIFVbPv/Er -fF6adulZkMV8gzURZVE= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEkTCCA3mgAwIBAgIERWtQVDANBgkqhkiG9w0BAQUFADCBsDELMAkGA1UEBhMC -VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xOTA3BgNVBAsTMHd3dy5lbnRydXN0 -Lm5ldC9DUFMgaXMgaW5jb3Jwb3JhdGVkIGJ5IHJlZmVyZW5jZTEfMB0GA1UECxMW -KGMpIDIwMDYgRW50cnVzdCwgSW5jLjEtMCsGA1UEAxMkRW50cnVzdCBSb290IENl -cnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA2MTEyNzIwMjM0MloXDTI2MTEyNzIw -NTM0MlowgbAxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMTkw -NwYDVQQLEzB3d3cuZW50cnVzdC5uZXQvQ1BTIGlzIGluY29ycG9yYXRlZCBieSBy -ZWZlcmVuY2UxHzAdBgNVBAsTFihjKSAyMDA2IEVudHJ1c3QsIEluYy4xLTArBgNV -BAMTJEVudHJ1c3QgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASIwDQYJ -KoZIhvcNAQEBBQADggEPADCCAQoCggEBALaVtkNC+sZtKm9I35RMOVcF7sN5EUFo -Nu3s/poBj6E4KPz3EEZmLk0eGrEaTsbRwJWIsMn/MYszA9u3g3s+IIRe7bJWKKf4 -4LlAcTfFy0cOlypowCKVYhXbR9n10Cv/gkvJrT7eTNuQgFA/CYqEAOwwCj0Yzfv9 -KlmaI5UXLEWeH25DeW0MXJj+SKfFI0dcXv1u5x609mhF0YaDW6KKjbHjKYD+JXGI -rb68j6xSlkuqUY3kEzEZ6E5Nn9uss2rVvDlUccp6en+Q3X0dgNmBu1kmwhH+5pPi -94DkZfs0Nw4pgHBNrziGLp5/V6+eF67rHMsoIV+2HNjnogQi+dPa2MsCAwEAAaOB -sDCBrTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zArBgNVHRAEJDAi -gA8yMDA2MTEyNzIwMjM0MlqBDzIwMjYxMTI3MjA1MzQyWjAfBgNVHSMEGDAWgBRo -kORnpKZTgMeGZqTx90tD+4S9bTAdBgNVHQ4EFgQUaJDkZ6SmU4DHhmak8fdLQ/uE -vW0wHQYJKoZIhvZ9B0EABBAwDhsIVjcuMTo0LjADAgSQMA0GCSqGSIb3DQEBBQUA -A4IBAQCT1DCw1wMgKtD5Y+iRDAUgqV8ZyntyTtSx29CW+1RaGSwMCPeyvIWonX9t -O1KzKtvn1ISMY/YPyyYBkVBs9F8U4pN0wBOeMDpQ47RgxRzwIkSNcUesyBrJ6Zua -AGAT/3B+XxFNSRuzFVJ7yVTav52Vr2ua2J7p8eRDjeIRRDq/r72DQnNSi6q7pynP -9WQcCk3RvKqsnyrQ/39/2n3qse0wJcGE2jTSW3iDVuycNsMm4hH2Z0kdkquM++v/ -eu6FSqdQgPCnXEqULl8FmTxSQeDNtGPPAUO6nIPcj2A781q0tHuu2guQOHXvgR1m -0vdXcDazv/wor3ElhVsT/h5/WrQ8 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIC+TCCAoCgAwIBAgINAKaLeSkAAAAAUNCR+TAKBggqhkjOPQQDAzCBvzELMAkG -A1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3 -d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDEyIEVu -dHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEzMDEGA1UEAxMq -RW50cnVzdCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRUMxMB4XDTEy -MTIxODE1MjUzNloXDTM3MTIxODE1NTUzNlowgb8xCzAJBgNVBAYTAlVTMRYwFAYD -VQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQLEx9TZWUgd3d3LmVudHJ1c3QubmV0 -L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykgMjAxMiBFbnRydXN0LCBJbmMuIC0g -Zm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxMzAxBgNVBAMTKkVudHJ1c3QgUm9vdCBD -ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEVDMTB2MBAGByqGSM49AgEGBSuBBAAi -A2IABIQTydC6bUF74mzQ61VfZgIaJPRbiWlH47jCffHyAsWfoPZb1YsGGYZPUxBt -ByQnoaD41UcZYUx9ypMn6nQM72+WCf5j7HBdNq1nd67JnXxVRDqiY1Ef9eNi1KlH -Bz7MIKNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O -BBYEFLdj5xrdjekIplWDpOBqUEFlEUJJMAoGCCqGSM49BAMDA2cAMGQCMGF52OVC -R98crlOZF7ZvHH3hvxGU0QOIdeSNiaSKd0bebWHvAvX7td/M/k7//qnmpwIwW5nX -hTcGtXsI/esni0qU+eH6p44mCOh8kmhtc9hvJqwhAriZtyZBWyVgrtBIGu4G ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEPjCCAyagAwIBAgIESlOMKDANBgkqhkiG9w0BAQsFADCBvjELMAkGA1UEBhMC -VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50 -cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDA5IEVudHJ1c3Qs -IEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEyMDAGA1UEAxMpRW50cnVz -dCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzIwHhcNMDkwNzA3MTcy -NTU0WhcNMzAxMjA3MTc1NTU0WjCBvjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVu -dHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwt -dGVybXMxOTA3BgNVBAsTMChjKSAyMDA5IEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0 -aG9yaXplZCB1c2Ugb25seTEyMDAGA1UEAxMpRW50cnVzdCBSb290IENlcnRpZmlj -YXRpb24gQXV0aG9yaXR5IC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK -AoIBAQC6hLZy254Ma+KZ6TABp3bqMriVQRrJ2mFOWHLP/vaCeb9zYQYKpSfYs1/T -RU4cctZOMvJyig/3gxnQaoCAAEUesMfnmr8SVycco2gvCoe9amsOXmXzHHfV1IWN -cCG0szLni6LVhjkCsbjSR87kyUnEO6fe+1R9V77w6G7CebI6C1XiUJgWMhNcL3hW -wcKUs/Ja5CeanyTXxuzQmyWC48zCxEXFjJd6BmsqEZ+pCm5IO2/b1BEZQvePB7/1 -U1+cPvQXLOZprE4yTGJ36rfo5bs0vBmLrpxR57d+tVOxMyLlbc9wPBr64ptntoP0 -jaWvYkxN4FisZDQSA/i2jZRjJKRxAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAP -BgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRqciZ60B7vfec7aVHUbI2fkBJmqzAN -BgkqhkiG9w0BAQsFAAOCAQEAeZ8dlsa2eT8ijYfThwMEYGprmi5ZiXMRrEPR9RP/ -jTkrwPK9T3CMqS/qF8QLVJ7UG5aYMzyorWKiAHarWWluBh1+xLlEjZivEtRh2woZ -Rkfz6/djwUAFQKXSt/S1mja/qYh2iARVBCuch38aNzx+LaUa2NSJXsq9rD1s2G2v -1fN2D807iDginWyTmsQ9v4IbZT+mD12q/OWyFcq1rca8PdCE6OoGcrBNOTJ4vz4R -nAuknZoh8/CbCzB428Hch0P+vGOaysXCHMnHjf87ElgI5rY97HosTvuDls4MPGmH -VHOkc8KT/1EQrBVUAdj8BbGJoX90g5pJ19xOe4pIb4tF9g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFiDCCA3CgAwIBAgIIfQmX/vBH6nowDQYJKoZIhvcNAQELBQAwYjELMAkGA1UE -BhMCQ04xMjAwBgNVBAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZ -IENPLixMVEQuMR8wHQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMB4XDTE0 -MTEyNjA1MTMxNVoXDTQwMTIzMTE1NTk1OVowYjELMAkGA1UEBhMCQ04xMjAwBgNV -BAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZIENPLixMVEQuMR8w -HQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMIICIjANBgkqhkiG9w0BAQEF -AAOCAg8AMIICCgKCAgEA2aMW8Mh0dHeb7zMNOwZ+Vfy1YI92hhJCfVZmPoiC7XJj -Dp6L3TQsAlFRwxn9WVSEyfFrs0yw6ehGXTjGoqcuEVe6ghWinI9tsJlKCvLriXBj -TnnEt1u9ol2x8kECK62pOqPseQrsXzrj/e+APK00mxqriCZ7VqKChh/rNYmDf1+u -KU49tm7srsHwJ5uu4/Ts765/94Y9cnrrpftZTqfrlYwiOXnhLQiPzLyRuEH3FMEj -qcOtmkVEs7LXLM3GKeJQEK5cy4KOFxg2fZfmiJqwTTQJ9Cy5WmYqsBebnh52nUpm -MUHfP/vFBu8btn4aRjb3ZGM74zkYI+dndRTVdVeSN72+ahsmUPI2JgaQxXABZG12 -ZuGR224HwGGALrIuL4xwp9E7PLOR5G62xDtw8mySlwnNR30YwPO7ng/Wi64HtloP -zgsMR6flPri9fcebNaBhlzpBdRfMK5Z3KpIhHtmVdiBnaM8Nvd/WHwlqmuLMc3Gk -L30SgLdTMEZeS1SZD2fJpcjyIMGC7J0R38IC+xo70e0gmu9lZJIQDSri3nDxGGeC -jGHeuLzRL5z7D9Ar7Rt2ueQ5Vfj4oR24qoAATILnsn8JuLwwoC8N9VKejveSswoA -HQBUlwbgsQfZxw9cZX08bVlX5O2ljelAU58VS6Bx9hoh49pwBiFYFIeFd3mqgnkC -AwEAAaNCMEAwHQYDVR0OBBYEFOLJQJ9NzuiaoXzPDj9lxSmIahlRMA8GA1UdEwEB -/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQDRSVfg -p8xoWLoBDysZzY2wYUWsEe1jUGn4H3++Fo/9nesLqjJHdtJnJO29fDMylyrHBYZm -DRd9FBUb1Ov9H5r2XpdptxolpAqzkT9fNqyL7FeoPueBihhXOYV0GkLH6VsTX4/5 -COmSdI31R9KrO9b7eGZONn356ZLpBN79SWP8bfsUcZNnL0dKt7n/HipzcEYwv1ry -L3ml4Y0M2fmyYzeMN2WFcGpcWwlyua1jPLHd+PwyvzeG5LuOmCd+uh8W4XAR8gPf -JWIyJyYYMoSf/wA6E7qaTfRPuBRwIrHKK5DOKcFw9C+df/KQHtZa37dG/OaG+svg -IHZ6uqbL9XzeYqWxi+7egmaKTjowHz+Ay60nugxe19CxVsp3cbK1daFQqUBDF8Io -2c9Si1vIY9RCPqAzekYu9wogRlR+ak8x8YF+QnQ4ZXMn7sZ8uI7XpTrXmKGcjBBV -09tL7ECQ8s1uV9JiDnxXk7Gnbc2dg7sq5+W2O3FYrf3RRbxake5TFW/TRQl1brqQ -XR4EzzffHqhmsYzmIGrv/EhOdJhCrylvLmrH+33RZjEizIYAfmaDDEL0vTSSwxrq -T8p+ck0LcIymSLumoRT2+1hEmRSuqguTaaApJUqlyyvdimYHFngVV3Eb7PVHhPOe -MTd61X8kreS8/f3MboPoDKi3QWwH3b08hpcv0g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT -MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i -YWwgQ0EwHhcNMDIwNTIxMDQwMDAwWhcNMjIwNTIxMDQwMDAwWjBCMQswCQYDVQQG -EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMSR2VvVHJ1c3Qg -R2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2swYYzD9 -9BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9mOSm9BXiLnTjoBbdq -fnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIuT8rxh0PBFpVXLVDv -iS2Aelet8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6cJmTM386DGXHKTubU -1XupGc1V3sjs0l44U+VcT4wt/lAjNvxm5suOpDkZALeVAjmRCw7+OC7RHQWa9k0+ -bw8HHa8sHo9gOeL6NlMTOdReJivbPagUvTLrGAMoUgRx5aszPeE4uwc2hGKceeoW -MPRfwCvocWvk+QIDAQABo1MwUTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTA -ephojYn7qwVkDBF9qn1luMrMTjAfBgNVHSMEGDAWgBTAephojYn7qwVkDBF9qn1l -uMrMTjANBgkqhkiG9w0BAQUFAAOCAQEANeMpauUvXVSOKVCUn5kaFOSPeCpilKIn -Z57QzxpeR+nBsqTP3UEaBU6bS+5Kb1VSsyShNwrrZHYqLizz/Tt1kL/6cdjHPTfS -tQWVYrmm3ok9Nns4d0iXrKYgjy6myQzCsplFAMfOEVEiIuCl6rYVSAlk6l5PdPcF -PseKUgzbFbS9bZvlxrFUaKnjaZC2mqUPuLk/IH2uSrW4nOQdtqvmlKXBx4Ot2/Un -hw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6pXE0zX5IJL4hmXXeXxx12E6nV -5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvmMw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDfDCCAmSgAwIBAgIQGKy1av1pthU6Y2yv2vrEoTANBgkqhkiG9w0BAQUFADBY -MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjExMC8GA1UEAxMo -R2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNjEx -MjcwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMFgxCzAJBgNVBAYTAlVTMRYwFAYDVQQK -Ew1HZW9UcnVzdCBJbmMuMTEwLwYDVQQDEyhHZW9UcnVzdCBQcmltYXJ5IENlcnRp -ZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC -AQEAvrgVe//UfH1nrYNke8hCUy3f9oQIIGHWAVlqnEQRr+92/ZV+zmEwu3qDXwK9 -AWbK7hWNb6EwnL2hhZ6UOvNWiAAxz9juapYC2e0DjPt1befquFUWBRaa9OBesYjA -ZIVcFU2Ix7e64HXprQU9nceJSOC7KMgD4TCTZF5SwFlwIjVXiIrxlQqD17wxcwE0 -7e9GceBrAqg1cmuXm2bgyxx5X9gaBGgeRwLmnWDiNpcB3841kt++Z8dtd1k7j53W -kBWUvEI0EME5+bEnPn7WinXFsq+W06Lem+SYvn3h6YGttm/81w7a4DSwDRp35+MI -mO9Y+pyEtzavwt+s0vQQBnBxNQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4G -A1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQULNVQQZcVi/CPNmFbSvtr2ZnJM5IwDQYJ -KoZIhvcNAQEFBQADggEBAFpwfyzdtzRP9YZRqSa+S7iq8XEN3GHHoOo0Hnp3DwQ1 -6CePbJC/kRYkRj5KTs4rFtULUh38H2eiAkUxT87z+gOneZ1TatnaYzr4gNfTmeGl -4b7UVXGYNTq+k+qurUKykG/g/CFNNWMziUnWm07Kx+dOCQD32sfvmWKZd7aVIl6K -oKv0uHiYyjgZmclynnjNS6yvGaBzEi38wkG6gZHaFloxt/m0cYASSJlyc1pZU8Fj -UjPtp8nSOQJw+uCxQmYpqptR7TBUIhRf2asdweSU8Pj1K/fqynhG1riR/aYNKxoU -AT6A8EKglQdebc3MS6RFjasS6LPeWuWgfOgPIh1a6Vk= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICrjCCAjWgAwIBAgIQPLL0SAoA4v7rJDteYD7DazAKBggqhkjOPQQDAzCBmDEL -MAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsTMChj -KSAyMDA3IEdlb1RydXN0IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTE2 -MDQGA1UEAxMtR2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0 -eSAtIEcyMB4XDTA3MTEwNTAwMDAwMFoXDTM4MDExODIzNTk1OVowgZgxCzAJBgNV -BAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMTkwNwYDVQQLEzAoYykgMjAw -NyBHZW9UcnVzdCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxNjA0BgNV -BAMTLUdlb1RydXN0IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBH -MjB2MBAGByqGSM49AgEGBSuBBAAiA2IABBWx6P0DFUPlrOuHNxFi79KDNlJ9RVcL -So17VDs6bl8VAsBQps8lL33KSLjHUGMcKiEIfJo22Av+0SbFWDEwKCXzXV2juLal -tJLtbCyf691DiaI8S0iRHVDsJt/WYC69IaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAO -BgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFBVfNVdRVfslsq0DafwBo/q+EVXVMAoG -CCqGSM49BAMDA2cAMGQCMGSWWaboCd6LuvpaiIjwH5HTRqjySkwCY/tsXzjbLkGT -qQ7mndwxHLKgpxgceeHHNgIwOlavmnRs9vuD4DPTCF+hnMJbn0bWtsuRBmOiBucz -rD6ogRLQy7rQkgu2npaqBA+K ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID/jCCAuagAwIBAgIQFaxulBmyeUtB9iepwxgPHzANBgkqhkiG9w0BAQsFADCB -mDELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsT -MChjKSAyMDA4IEdlb1RydXN0IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25s -eTE2MDQGA1UEAxMtR2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhv -cml0eSAtIEczMB4XDTA4MDQwMjAwMDAwMFoXDTM3MTIwMTIzNTk1OVowgZgxCzAJ -BgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMTkwNwYDVQQLEzAoYykg -MjAwOCBHZW9UcnVzdCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxNjA0 -BgNVBAMTLUdlb1RydXN0IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg -LSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANziXmJYHTNXOTIz -+uvLh4yn1ErdBojqZI4xmKU4kB6Yzy5jK/BGvESyiaHAKAxJcCGVn2TAppMSAmUm -hsalifD614SgcK9PGpc/BkTVyetyEH3kMSj7HGHmKAdEc5IiaacDiGydY8hS2pgn -5whMcD60yRLBxWeDXTPzAxHsatBT4tG6NmCUgLthY2xbF37fQJQeqw3CIShwiP/W -JmxsYAQlTlV+fe+/lEjetx3dcI0FX4ilm/LC7urRQEFtYjgdVgbFA0dRIBn8exAL -DmKudlW/X3e+PkkBUz2YJQN2JFodtNuJ6nnltrM7P7pMKEF/BqxqjsHQ9gUdfeZC -huOl1UcCAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw -HQYDVR0OBBYEFMR5yo6hTgMdHNxr2zFblD4/MH8tMA0GCSqGSIb3DQEBCwUAA4IB -AQAtxRPPVoB7eni9n64smefv2t+UXglpp+duaIy9cr5HqQ6XErhK8WTTOd8lNNTB -zU6B8A8ExCSzNJbGpqow32hhc9f5joWJ7w5elShKKiePEI4ufIbEAp7aDHdlDkQN -kv39sxY2+hENHYwOB4lqKVb3cvTdFZx3NWZXqxNT2I7BQMXXExZacse3aQHEerGD -AWh9jUGhlBjBJVz88P6DAod8DQ3PLghcSkANPuyBYeYk28rgDi0Hsj5W3I31QYUH -SJsMC8tJP33st/3LjWeJGqvtux6jAAgIFyqCXDFdRootD4abdNlF+9RAsXqqaC2G -spki4cErx5z481+oghLrGREt ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFaDCCA1CgAwIBAgIBATANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJVUzEW -MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEeMBwGA1UEAxMVR2VvVHJ1c3QgVW5pdmVy -c2FsIENBMB4XDTA0MDMwNDA1MDAwMFoXDTI5MDMwNDA1MDAwMFowRTELMAkGA1UE -BhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xHjAcBgNVBAMTFUdlb1RydXN0 -IFVuaXZlcnNhbCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKYV -VaCjxuAfjJ0hUNfBvitbtaSeodlyWL0AG0y/YckUHUWCq8YdgNY96xCcOq9tJPi8 -cQGeBvV8Xx7BDlXKg5pZMK4ZyzBIle0iN430SppyZj6tlcDgFgDgEB8rMQ7XlFTT -QjOgNB0eRXbdT8oYN+yFFXoZCPzVx5zw8qkuEKmS5j1YPakWaDwvdSEYfyh3peFh -F7em6fgemdtzbvQKoiFs7tqqhZJmr/Z6a4LauiIINQ/PQvE1+mrufislzDoR5G2v -c7J2Ha3QsnhnGqQ5HFELZ1aD/ThdDc7d8Lsrlh/eezJS/R27tQahsiFepdaVaH/w -mZ7cRQg+59IJDTWU3YBOU5fXtQlEIGQWFwMCTFMNaN7VqnJNk22CDtucvc+081xd -VHppCZbW2xHBjXWotM85yM48vCR85mLK4b19p71XZQvk/iXttmkQ3CgaRr0BHdCX -teGYO8A3ZNY9lO4L4fUorgtWv3GLIylBjobFS1J72HGrH4oVpjuDWtdYAVHGTEHZ -f9hBZ3KiKN9gg6meyHv8U3NyWfWTehd2Ds735VzZC1U0oqpbtWpU5xPKV+yXbfRe -Bi9Fi1jUIxaS5BZuKGNZMN9QAZxjiRqf2xeUgnA3wySemkfWWspOqGmJch+RbNt+ -nhutxx9z3SxPGWX9f5NAEC7S8O08ni4oPmkmM8V7AgMBAAGjYzBhMA8GA1UdEwEB -/wQFMAMBAf8wHQYDVR0OBBYEFNq7LqqwDLiIJlF0XG0D08DYj3rWMB8GA1UdIwQY -MBaAFNq7LqqwDLiIJlF0XG0D08DYj3rWMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG -9w0BAQUFAAOCAgEAMXjmx7XfuJRAyXHEqDXsRh3ChfMoWIawC/yOsjmPRFWrZIRc -aanQmjg8+uUfNeVE44B5lGiku8SfPeE0zTBGi1QrlaXv9z+ZhP015s8xxtxqv6fX -IwjhmF7DWgh2qaavdy+3YL1ERmrvl/9zlcGO6JP7/TG37FcREUWbMPEaiDnBTzyn -ANXH/KttgCJwpQzgXQQpAvvLoJHRfNbDflDVnVi+QTjruXU8FdmbyUqDWcDaU/0z -uzYYm4UPFd3uLax2k7nZAY1IEKj79TiG8dsKxr2EoyNB3tZ3b4XUhRxQ4K5RirqN -Pnbiucon8l+f725ZDQbYKxek0nxru18UGkiPGkzns0ccjkxFKyDuSN/n3QmOGKja -QI2SJhFTYXNd673nxE0pN2HrrDktZy4W1vUAg4WhzH92xH3kt0tm7wNFYGm2DFKW -koRepqO1pD4r2czYG0eq8kTaT/kD6PAUyz/zg97QwVTjt+gKN02LIFkDMBmhLMi9 -ER/frslKxfMnZmaGrGiR/9nmUxwPi1xpZQomyB40w11Re9epnAahNt3ViZS82eQt -DF4JbAiXfKM9fJP/P6EUp8+1Xevb2xzEdt+Iub1FBZUbrvxGakyvSOPOrg/Sfuvm -bJxPgWp6ZKy7PtXny3YuxadIwVyQD8vIP/rmMuGNG2+k5o7Y+SlIis5z/iw= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFbDCCA1SgAwIBAgIBATANBgkqhkiG9w0BAQUFADBHMQswCQYDVQQGEwJVUzEW -MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMXR2VvVHJ1c3QgVW5pdmVy -c2FsIENBIDIwHhcNMDQwMzA0MDUwMDAwWhcNMjkwMzA0MDUwMDAwWjBHMQswCQYD -VQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMXR2VvVHJ1 -c3QgVW5pdmVyc2FsIENBIDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC -AQCzVFLByT7y2dyxUxpZKeexw0Uo5dfR7cXFS6GqdHtXr0om/Nj1XqduGdt0DE81 -WzILAePb63p3NeqqWuDW6KFXlPCQo3RWlEQwAx5cTiuFJnSCegx2oG9NzkEtoBUG -FF+3Qs17j1hhNNwqCPkuwwGmIkQcTAeC5lvO0Ep8BNMZcyfwqph/Lq9O64ceJHdq -XbboW0W63MOhBW9Wjo8QJqVJwy7XQYci4E+GymC16qFjwAGXEHm9ADwSbSsVsaxL -se4YuU6W3Nx2/zu+z18DwPw76L5GG//aQMJS9/7jOvdqdzXQ2o3rXhhqMcceujwb -KNZrVMaqW9eiLBsZzKIC9ptZvTdrhrVtgrrY6slWvKk2WP0+GfPtDCapkzj4T8Fd -IgbQl+rhrcZV4IErKIM6+vR7IVEAvlI4zs1meaj0gVbi0IMJR1FbUGrP20gaXT73 -y/Zl92zxlfgCOzJWgjl6W70viRu/obTo/3+NjN8D8WBOWBFM66M/ECuDmgFz2ZRt -hAAnZqzwcEAJQpKtT5MNYQlRJNiS1QuUYbKHsu3/mjX/hVTK7URDrBs8FmtISgoc -QIgfksILAAX/8sgCSqSqqcyZlpwvWOB94b67B9xfBHJcMTTD7F8t4D1kkCLm0ey4 -Lt1ZrtmhN79UNdxzMk+MBB4zsslG8dhcyFVQyWi9qLo2CQIDAQABo2MwYTAPBgNV -HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR281Xh+qQ2+/CfXGJx7Tz0RzgQKzAfBgNV -HSMEGDAWgBR281Xh+qQ2+/CfXGJx7Tz0RzgQKzAOBgNVHQ8BAf8EBAMCAYYwDQYJ -KoZIhvcNAQEFBQADggIBAGbBxiPz2eAubl/oz66wsCVNK/g7WJtAJDday6sWSf+z -dXkzoS9tcBc0kf5nfo/sm+VegqlVHy/c1FEHEv6sFj4sNcZj/NwQ6w2jqtB8zNHQ -L1EuxBRa3ugZ4T7GzKQp5y6EqgYweHZUcyiYWTjgAA1i00J9IZ+uPTqM1fp3DRgr -Fg5fNuH8KrUwJM/gYwx7WBr+mbpCErGR9Hxo4sjoryzqyX6uuyo9DRXcNJW2GHSo -ag/HtPQTxORb7QrSpJdMKu0vbBKJPfEncKpqA1Ihn0CoZ1Dy81of398j9tx4TuaY -T1U6U+Pv8vSfx3zYWK8pIpe44L2RLrB27FcRz+8pRPPphXpgY+RdM4kX2TGq2tbz -GDVyz4crL2MjhF2EjD9XoIj8mZEoJmmZ1I+XRL6O1UixpCgp8RW04eWe3fiPpm8m -1wk8OhwRDqZsN/etRIcsKMfYdIKz0G9KV7s1KSegi+ghp4dkNl3M2Basx7InQJJV -OCiNUW7dFGdTbHFcJoRNdVq2fmBWqU2t+5sel/MN2dKXVHfaPRK34B7vCAas+YWH -6aLcr34YEoP9VhdBLtUpgn2Z9DH2canPLAEnpQW5qrJITirvn5NSUZU8UnOOVkwX -QMAJKOSLakhT2+zNVVXxxvjpoixMptEmX36vWkzaH6byHCx+rgIW0lbQL1dTR+iS ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB4TCCAYegAwIBAgIRKjikHJYKBN5CsiilC+g0mAIwCgYIKoZIzj0EAwIwUDEk -MCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI0MRMwEQYDVQQKEwpH -bG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWduMB4XDTEyMTExMzAwMDAwMFoX -DTM4MDExOTAzMTQwN1owUDEkMCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBD -QSAtIFI0MRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWdu -MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEuMZ5049sJQ6fLjkZHAOkrprlOQcJ -FspjsbmG+IpXwVfOQvpzofdlQv8ewQCybnMO/8ch5RikqtlxP6jUuc6MHaNCMEAw -DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFFSwe61F -uOJAf/sKbvu+M8k8o4TVMAoGCCqGSM49BAMCA0gAMEUCIQDckqGgE6bPA7DmxCGX -kPoUVy0D7O48027KqGx2vKLeuwIgJ6iFJzWbVsaj8kfSt24bAgAXqmemFZHe+pTs -ewv4n4Q= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICHjCCAaSgAwIBAgIRYFlJ4CYuu1X5CneKcflK2GwwCgYIKoZIzj0EAwMwUDEk -MCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI1MRMwEQYDVQQKEwpH -bG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWduMB4XDTEyMTExMzAwMDAwMFoX -DTM4MDExOTAzMTQwN1owUDEkMCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBD -QSAtIFI1MRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWdu -MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAER0UOlvt9Xb/pOdEh+J8LttV7HpI6SFkc -8GIxLcB6KP4ap1yztsyX50XUWPrRd21DosCHZTQKH3rd6zwzocWdTaRvQZU4f8ke -hOvRnkmSh5SHDDqFSmafnVmTTZdhBoZKo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYD -VR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUPeYpSJvqB8ohREom3m7e0oPQn1kwCgYI -KoZIzj0EAwMDaAAwZQIxAOVpEslu28YxuglB4Zf4+/2a4n0Sye18ZNPLBSWLVtmg -515dTguDnFt2KaAJJiFqYgIwcdK1j1zqO+F4CYWodZI7yFz9SO8NdCKoCOJuxUnO -xwy8p2Fp8fc74SrL+SvzZpA3 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG -A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv -b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw -MDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i -YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT -aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ -jc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp -xy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp -1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdG -snUOhugZitVtbNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJ -U26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N8 -9iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E -BTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0B -AQUFAAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOz -yj1hTdNGCbM+w6DjY1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE -38NflNUVyRRBnMRddWQVDf9VMOyGj/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymP -AbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad -DKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME -HMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4G -A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp -Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDYxMjE1MDgwMDAwWhcNMjExMjE1 -MDgwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEG -A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAKbPJA6+Lm8omUVCxKs+IVSbC9N/hHD6ErPL -v4dfxn+G07IwXNb9rfF73OX4YJYJkhD10FPe+3t+c4isUoh7SqbKSaZeqKeMWhG8 -eoLrvozps6yWJQeXSpkqBy+0Hne/ig+1AnwblrjFuTosvNYSuetZfeLQBoZfXklq -tTleiDTsvHgMCJiEbKjNS7SgfQx5TfC4LcshytVsW33hoCmEofnTlEnLJGKRILzd -C9XZzPnqJworc5HGnRusyMvo4KD0L5CLTfuwNhv2GXqF4G3yYROIXJ/gkwpRl4pa -zq+r1feqCapgvdzZX99yqWATXgAByUr6P6TqBwMhAo6CygPCm48CAwEAAaOBnDCB -mTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUm+IH -V2ccHsBqBt5ZtJot39wZhi4wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5n -bG9iYWxzaWduLm5ldC9yb290LXIyLmNybDAfBgNVHSMEGDAWgBSb4gdXZxwewGoG -3lm0mi3f3BmGLjANBgkqhkiG9w0BAQUFAAOCAQEAmYFThxxol4aR7OBKuEQLq4Gs -J0/WwbgcQ3izDJr86iw8bmEbTUsp9Z8FHSbBuOmDAGJFtqkIk7mpM0sYmsL4h4hO -291xNBrBVNpGP+DTKqttVCL1OmLNIG+6KYnX3ZHu01yiPqFbQfXf5WRDLenVOavS -ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd -AfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7 -TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDXzCCAkegAwIBAgILBAAAAAABIVhTCKIwDQYJKoZIhvcNAQELBQAwTDEgMB4G -A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbFNp -Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDkwMzE4MTAwMDAwWhcNMjkwMzE4 -MTAwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEG -A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAMwldpB5BngiFvXAg7aEyiie/QV2EcWtiHL8 -RgJDx7KKnQRfJMsuS+FggkbhUqsMgUdwbN1k0ev1LKMPgj0MK66X17YUhhB5uzsT -gHeMCOFJ0mpiLx9e+pZo34knlTifBtc+ycsmWQ1z3rDI6SYOgxXG71uL0gRgykmm -KPZpO/bLyCiR5Z2KYVc3rHQU3HTgOu5yLy6c+9C7v/U9AOEGM+iCK65TpjoWc4zd -QQ4gOsC0p6Hpsk+QLjJg6VfLuQSSaGjlOCZgdbKfd/+RFO+uIEn8rUAVSNECMWEZ -XriX7613t2Saer9fwRPvm2L7DWzgVGkWqQPabumDk3F2xmmFghcCAwEAAaNCMEAw -DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFI/wS3+o -LkUkrk1Q+mOai97i3Ru8MA0GCSqGSIb3DQEBCwUAA4IBAQBLQNvAUKr+yAzv95ZU -RUm7lgAJQayzE4aGKAczymvmdLm6AC2upArT9fHxD4q/c2dKg8dEe3jgr25sbwMp -jjM5RcOO5LlXbKr8EpbsU8Yt5CRsuZRj+9xTaGdWPoO4zzUhw8lo/s7awlOqzJCK -6fBdRoyV3XpYKBovHd7NADdBj+1EbddTKJd+82cEHhXXipa0095MJ6RMG3NzdvQX -mcIfeg7jLQitChws/zyrVQ4PkX4268NXSb7hLi18YIvDQVETI53O9zJrlAGomecs -Mx86OyXShkDOOyyGeMlhLxS67ttVb9+E7gUJTb0o2HLO02JQZR7rkpeDMdmztcpH -WD9f ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIHSTCCBTGgAwIBAgIJAMnN0+nVfSPOMA0GCSqGSIb3DQEBBQUAMIGsMQswCQYD -VQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0 -IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAGA1UEBRMJQTgyNzQzMjg3 -MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xJzAlBgNVBAMTHkdsb2JhbCBD -aGFtYmVyc2lnbiBSb290IC0gMjAwODAeFw0wODA4MDExMjMxNDBaFw0zODA3MzEx -MjMxNDBaMIGsMQswCQYDVQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3Vy -cmVudCBhZGRyZXNzIGF0IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAG -A1UEBRMJQTgyNzQzMjg3MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xJzAl -BgNVBAMTHkdsb2JhbCBDaGFtYmVyc2lnbiBSb290IC0gMjAwODCCAiIwDQYJKoZI -hvcNAQEBBQADggIPADCCAgoCggIBAMDfVtPkOpt2RbQT2//BthmLN0EYlVJH6xed -KYiONWwGMi5HYvNJBL99RDaxccy9Wglz1dmFRP+RVyXfXjaOcNFccUMd2drvXNL7 -G706tcuto8xEpw2uIRU/uXpbknXYpBI4iRmKt4DS4jJvVpyR1ogQC7N0ZJJ0YPP2 -zxhPYLIj0Mc7zmFLmY/CDNBAspjcDahOo7kKrmCgrUVSY7pmvWjg+b4aqIG7HkF4 -ddPB/gBVsIdU6CeQNR1MM62X/JcumIS/LMmjv9GYERTtY/jKmIhYF5ntRQOXfjyG -HoiMvvKRhI9lNNgATH23MRdaKXoKGCQwoze1eqkBfSbW+Q6OWfH9GzO1KTsXO0G2 -Id3UwD2ln58fQ1DJu7xsepeY7s2MH/ucUa6LcL0nn3HAa6x9kGbo1106DbDVwo3V -yJ2dwW3Q0L9R5OP4wzg2rtandeavhENdk5IMagfeOx2YItaswTXbo6Al/3K1dh3e -beksZixShNBFks4c5eUzHdwHU1SjqoI7mjcv3N2gZOnm3b2u/GSFHTynyQbehP9r -6GsaPMWis0L7iwk+XwhSx2LE1AVxv8Rk5Pihg+g+EpuoHtQ2TS9x9o0o9oOpE9Jh -wZG7SMA0j0GMS0zbaRL/UJScIINZc+18ofLx/d33SdNDWKBWY8o9PeU1VlnpDsog -zCtLkykPAgMBAAGjggFqMIIBZjASBgNVHRMBAf8ECDAGAQH/AgEMMB0GA1UdDgQW -BBS5CcqcHtvTbDprru1U8VuTBjUuXjCB4QYDVR0jBIHZMIHWgBS5CcqcHtvTbDpr -ru1U8VuTBjUuXqGBsqSBrzCBrDELMAkGA1UEBhMCRVUxQzBBBgNVBAcTOk1hZHJp -ZCAoc2VlIGN1cnJlbnQgYWRkcmVzcyBhdCB3d3cuY2FtZXJmaXJtYS5jb20vYWRk -cmVzcykxEjAQBgNVBAUTCUE4Mjc0MzI4NzEbMBkGA1UEChMSQUMgQ2FtZXJmaXJt -YSBTLkEuMScwJQYDVQQDEx5HbG9iYWwgQ2hhbWJlcnNpZ24gUm9vdCAtIDIwMDiC -CQDJzdPp1X0jzjAOBgNVHQ8BAf8EBAMCAQYwPQYDVR0gBDYwNDAyBgRVHSAAMCow -KAYIKwYBBQUHAgEWHGh0dHA6Ly9wb2xpY3kuY2FtZXJmaXJtYS5jb20wDQYJKoZI -hvcNAQEFBQADggIBAICIf3DekijZBZRG/5BXqfEv3xoNa/p8DhxJJHkn2EaqbylZ -UohwEurdPfWbU1Rv4WCiqAm57OtZfMY18dwY6fFn5a+6ReAJ3spED8IXDneRRXoz -X1+WLGiLwUePmJs9wOzL9dWCkoQ10b42OFZyMVtHLaoXpGNR6woBrX/sdZ7LoR/x -fxKxueRkf2fWIyr0uDldmOghp+G9PUIadJpwr2hsUF1Jz//7Dl3mLEfXgTpZALVz -a2Mg9jFFCDkO9HB+QHBaP9BrQql0PSgvAm11cpUJjUhjxsYjV5KTXjXBjfkK9yyd -Yhz2rXzdpjEetrHHfoUm+qRqtdpjMNHvkzeyZi99Bffnt0uYlDXA2TopwZ2yUDMd -SqlapskD7+3056huirRXhOukP9DuqqqHW2Pok+JrqNS4cnhrG+055F3Lm6qH1U9O -AP7Zap88MQ8oAgF9mOinsKJknnn4SPIVqczmyETrP3iZ8ntxPjzxmKfFGBI/5rso -M0LpRQp8bfKGeS/Fghl9CYl8slR2iK7ewfPM4W7bMdaTrpmg7yVqc5iJWzouE4ge -v8CSlDQb4ye3ix5vQv/n6TebUB0tovkC7stYWDpxvGjjqsGvHCgfotwjZT+B6q6Z -09gwzxMNTxXJhLynSC34MCN32EZLeW32jO06f2ARePTpm67VVMB0gNELQp/B ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEADCCAuigAwIBAgIBADANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEh -MB8GA1UEChMYVGhlIEdvIERhZGR5IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBE -YWRkeSBDbGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA0MDYyOTE3 -MDYyMFoXDTM0MDYyOTE3MDYyMFowYzELMAkGA1UEBhMCVVMxITAfBgNVBAoTGFRo -ZSBHbyBEYWRkeSBHcm91cCwgSW5jLjExMC8GA1UECxMoR28gRGFkZHkgQ2xhc3Mg -MiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASAwDQYJKoZIhvcNAQEBBQADggEN -ADCCAQgCggEBAN6d1+pXGEmhW+vXX0iG6r7d/+TvZxz0ZWizV3GgXne77ZtJ6XCA -PVYYYwhv2vLM0D9/AlQiVBDYsoHUwHU9S3/Hd8M+eKsaA7Ugay9qK7HFiH7Eux6w -wdhFJ2+qN1j3hybX2C32qRe3H3I2TqYXP2WYktsqbl2i/ojgC95/5Y0V4evLOtXi -EqITLdiOr18SPaAIBQi2XKVlOARFmR6jYGB0xUGlcmIbYsUfb18aQr4CUWWoriMY -avx4A6lNf4DD+qta/KFApMoZFv6yyO9ecw3ud72a9nmYvLEHZ6IVDd2gWMZEewo+ -YihfukEHU1jPEX44dMX4/7VpkI+EdOqXG68CAQOjgcAwgb0wHQYDVR0OBBYEFNLE -sNKR1EwRcbNhyz2h/t2oatTjMIGNBgNVHSMEgYUwgYKAFNLEsNKR1EwRcbNhyz2h -/t2oatTjoWekZTBjMQswCQYDVQQGEwJVUzEhMB8GA1UEChMYVGhlIEdvIERhZGR5 -IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBEYWRkeSBDbGFzcyAyIENlcnRpZmlj -YXRpb24gQXV0aG9yaXR5ggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQAD -ggEBADJL87LKPpH8EsahB4yOd6AzBhRckB4Y9wimPQoZ+YeAEW5p5JYXMP80kWNy -OO7MHAGjHZQopDH2esRU1/blMVgDoszOYtuURXO1v0XJJLXVggKtI3lpjbi2Tc7P -TMozI+gciKqdi0FuFskg5YmezTvacPd+mSYgFFQlq25zheabIZ0KbIIOqPjCDPoQ -HmyW74cNxA9hi63ugyuV+I6ShHI56yDqg+2DzZduCLzrTia2cyvk0/ZM/iZx4mER -dEr/VxqHD3VILs9RaRegAhJhldXRQLIQTO7ErBBDpqWeCtWVYpoNz4iCxTIM5Cuf -ReYNnyicsbkqWletNw+vHX/bvZ8= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDxTCCAq2gAwIBAgIBADANBgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhMCVVMx -EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoT -EUdvRGFkZHkuY29tLCBJbmMuMTEwLwYDVQQDEyhHbyBEYWRkeSBSb290IENlcnRp -ZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5MDkwMTAwMDAwMFoXDTM3MTIzMTIz -NTk1OVowgYMxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQH -EwpTY290dHNkYWxlMRowGAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjExMC8GA1UE -AxMoR28gRGFkZHkgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjCCASIw -DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL9xYgjx+lk09xvJGKP3gElY6SKD -E6bFIEMBO4Tx5oVJnyfq9oQbTqC023CYxzIBsQU+B07u9PpPL1kwIuerGVZr4oAH -/PMWdYA5UXvl+TW2dE6pjYIT5LY/qQOD+qK+ihVqf94Lw7YZFAXK6sOoBJQ7Rnwy -DfMAZiLIjWltNowRGLfTshxgtDj6AozO091GB94KPutdfMh8+7ArU6SSYmlRJQVh -GkSBjCypQ5Yj36w6gZoOKcUcqeldHraenjAKOc7xiID7S13MMuyFYkMlNAJWJwGR -tDtwKj9useiciAF9n9T521NtYJ2/LOdYq7hfRvzOxBsDPAnrSTFcaUaz4EcCAwEA -AaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYE -FDqahQcQZyi27/a9BUFuIMGU2g/eMA0GCSqGSIb3DQEBCwUAA4IBAQCZ21151fmX -WWcDYfF+OwYxdS2hII5PZYe096acvNjpL9DbWu7PdIxztDhC2gV7+AJ1uP2lsdeu -9tfeE8tTEH6KRtGX+rcuKxGrkLAngPnon1rpN5+r5N9ss4UXnT3ZJE95kTXWXwTr -gIOrmgIttRD02JDHBHNA7XIloKmf7J6raBKZV8aPEjoJpL1E/QYVN8Gb5DKj7Tjo -2GTzLH4U/ALqn83/B2gX2yKQOC16jdFU8WnjXzPKej17CuPKf1855eJ1usV2GDPO -LPAvTK33sefOT6jEm0pUBsV/fdUID+Ic/n4XuKxe9tQWskMJDE32p2u0mYRlynqI -4uJEvlz36hz1 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICwzCCAkqgAwIBAgIBADAKBggqhkjOPQQDAjCBqjELMAkGA1UEBhMCR1IxDzAN -BgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl -c2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRob3JpdHkxRDBCBgNVBAMTO0hl -bGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgRUNDIFJv -b3RDQSAyMDE1MB4XDTE1MDcwNzEwMzcxMloXDTQwMDYzMDEwMzcxMlowgaoxCzAJ -BgNVBAYTAkdSMQ8wDQYDVQQHEwZBdGhlbnMxRDBCBgNVBAoTO0hlbGxlbmljIEFj -YWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgQ2VydC4gQXV0aG9yaXR5 -MUQwQgYDVQQDEztIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0 -dXRpb25zIEVDQyBSb290Q0EgMjAxNTB2MBAGByqGSM49AgEGBSuBBAAiA2IABJKg -QehLgoRc4vgxEZmGZE4JJS+dQS8KrjVPdJWyUWRrjWvmP3CV8AVER6ZyOFB2lQJa -jq4onvktTpnvLEhvTCUp6NFxW98dwXU3tNf6e3pCnGoKVlp8aQuqgAkkbH7BRqNC -MEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFLQi -C4KZJAEOnLvkDv2/+5cgk5kqMAoGCCqGSM49BAMCA2cAMGQCMGfOFmI4oqxiRaep -lSTAGiecMjvAwNW6qef4BENThe5SId6d9SWDPp5YSy/XZxMOIQIwBeF1Ad5o7Sof -TUwJCA3sS61kFyjndc5FZXIhF8siQQ6ME5g4mlRtm8rifOoCWCKR ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEMTCCAxmgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBlTELMAkGA1UEBhMCR1Ix -RDBCBgNVBAoTO0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1 -dGlvbnMgQ2VydC4gQXV0aG9yaXR5MUAwPgYDVQQDEzdIZWxsZW5pYyBBY2FkZW1p -YyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIFJvb3RDQSAyMDExMB4XDTExMTIw -NjEzNDk1MloXDTMxMTIwMTEzNDk1MlowgZUxCzAJBgNVBAYTAkdSMUQwQgYDVQQK -EztIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIENl -cnQuIEF1dGhvcml0eTFAMD4GA1UEAxM3SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl -c2VhcmNoIEluc3RpdHV0aW9ucyBSb290Q0EgMjAxMTCCASIwDQYJKoZIhvcNAQEB -BQADggEPADCCAQoCggEBAKlTAOMupvaO+mDYLZU++CwqVE7NuYRhlFhPjz2L5EPz -dYmNUeTDN9KKiE15HrcS3UN4SoqS5tdI1Q+kOilENbgH9mgdVc04UfCMJDGFr4PJ -fel3r+0ae50X+bOdOFAPplp5kYCvN66m0zH7tSYJnTxa71HFK9+WXesyHgLacEns -bgzImjeN9/E2YEsmLIKe0HjzDQ9jpFEw4fkrJxIH2Oq9GGKYsFk3fb7u8yBRQlqD -75O6aRXxYp2fmTmCobd0LovUxQt7L/DICto9eQqakxylKHJzkUOap9FNhYS5qXSP -FEDH3N6sQWRstBmbAmNtJGSPRLIl6s5ddAxjMlyNh+UCAwEAAaOBiTCBhjAPBgNV -HRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQUppFC/RNhSiOeCKQp -5dgTBCPuQSUwRwYDVR0eBEAwPqA8MAWCAy5ncjAFggMuZXUwBoIELmVkdTAGggQu -b3JnMAWBAy5ncjAFgQMuZXUwBoEELmVkdTAGgQQub3JnMA0GCSqGSIb3DQEBBQUA -A4IBAQAf73lB4XtuP7KMhjdCSk4cNx6NZrokgclPEg8hwAOXhiVtXdMiKahsog2p -6z0GW5k6x8zDmjR/qw7IThzh+uTczQ2+vyT+bOdrwg3IBp5OjWEopmr95fZi6hg8 -TqBTnbI6nOulnJEWtk2C4AwFSKls9cz4y51JtPACpf1wA+2KIaWuE4ZJwzNzvoc7 -dIsXRSZMFpGD/md9zU1jZ/rzAxKWeAaNsWftjj++n08C9bMJL/NMh98qy5V8Acys -Nnq/onN694/BtZqhFLKPM58N7yLcZnuEvUUXBj08yrl3NI/K6s8/MT7jiOOASSXI -l7WdmplNsDz4SgCbZN2fOUvRJ9e4 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIGCzCCA/OgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBpjELMAkGA1UEBhMCR1Ix -DzANBgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNhZGVtaWMgYW5k -IFJlc2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRob3JpdHkxQDA+BgNVBAMT -N0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgUm9v -dENBIDIwMTUwHhcNMTUwNzA3MTAxMTIxWhcNNDAwNjMwMTAxMTIxWjCBpjELMAkG -A1UEBhMCR1IxDzANBgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNh -ZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRob3JpdHkx -QDA+BgNVBAMTN0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1 -dGlvbnMgUm9vdENBIDIwMTUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC -AQDC+Kk/G4n8PDwEXT2QNrCROnk8ZlrvbTkBSRq0t89/TSNTt5AA4xMqKKYx8ZEA -4yjsriFBzh/a/X0SWwGDD7mwX5nh8hKDgE0GPt+sr+ehiGsxr/CL0BgzuNtFajT0 -AoAkKAoCFZVedioNmToUW/bLy1O8E00BiDeUJRtCvCLYjqOWXjrZMts+6PAQZe10 -4S+nfK8nNLspfZu2zwnI5dMK/IhlZXQK3HMcXM1AsRzUtoSMTFDPaI6oWa7CJ06C -ojXdFPQf/7J31Ycvqm59JCfnxssm5uX+Zwdj2EUN3TpZZTlYepKZcj2chF6IIbjV -9Cz82XBST3i4vTwri5WY9bPRaM8gFH5MXF/ni+X1NYEZN9cRCLdmvtNKzoNXADrD -gfgXy5I2XdGj2HUb4Ysn6npIQf1FGQatJ5lOwXBH3bWfgVMS5bGMSF0xQxfjjMZ6 -Y5ZLKTBOhE5iGV48zpeQpX8B653g+IuJ3SWYPZK2fu/Z8VFRfS0myGlZYeCsargq -NhEEelC9MoS+L9xy1dcdFkfkR2YgP/SWxa+OAXqlD3pk9Q0Yh9muiNX6hME6wGko -LfINaFGq46V3xqSQDqE3izEjR8EJCOtu93ib14L8hCCZSRm2Ekax+0VVFqmjZayc -Bw/qa9wfLgZy7IaIEuQt218FL+TwA9MmM+eAws1CoRc0CwIDAQABo0IwQDAPBgNV -HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUcRVnyMjJvXVd -ctA4GGqd83EkVAswDQYJKoZIhvcNAQELBQADggIBAHW7bVRLqhBYRjTyYtcWNl0I -XtVsyIe9tC5G8jH4fOpCtZMWVdyhDBKg2mF+D1hYc2Ryx+hFjtyp8iY/xnmMsVMI -M4GwVhO+5lFc2JsKT0ucVlMC6U/2DWDqTUJV6HwbISHTGzrMd/K4kPFox/la/vot -9L/J9UUbzjgQKjeKeaO04wlshYaT/4mWJ3iBj2fjRnRUjtkNaeJK9E10A/+yd+2V -Z5fkscWrv2oj6NSU4kQoYsRL4vDY4ilrGnB+JGGTe08DMiUNRSQrlrRGar9KC/ea -j8GsGsVn82800vpzY4zvFrCopEYq+OsS7HK07/grfoxSwIuEVPkvPuNVqNxmsdnh -X9izjFk0WaSrT2y7HxjbdavYy5LNlDhhDgcGH0tGEPEVvo2FXDtKK4F5D7Rpn0lQ -l033DlZdwJVqwjbDG2jJ9SrcR5q+ss7FJej6A7na+RZukYT1HCjI/CbM1xyQVqdf -bzoEvM14iQuODy+jqk+iGxI9FghAD/FGTNeqewjBCvVtJ94Cj8rDtSvK6evIIVM4 -pcw72Hc3MKJP2W/R8kCtQXoXxdZKNYm3QdV8hn9VTYNKpXMgwDqvkPGaJI7ZjnHK -e7iG2rKPmT4dEw0SEe7Uq/DpFXYC5ODfqiAeW2GFZECpkJcNrVPSWh2HagCXZWK0 -vm9qp/UsQu0yrbYhnr68 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDMDCCAhigAwIBAgICA+gwDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UEBhMCSEsx -FjAUBgNVBAoTDUhvbmdrb25nIFBvc3QxIDAeBgNVBAMTF0hvbmdrb25nIFBvc3Qg -Um9vdCBDQSAxMB4XDTAzMDUxNTA1MTMxNFoXDTIzMDUxNTA0NTIyOVowRzELMAkG -A1UEBhMCSEsxFjAUBgNVBAoTDUhvbmdrb25nIFBvc3QxIDAeBgNVBAMTF0hvbmdr -b25nIFBvc3QgUm9vdCBDQSAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC -AQEArP84tulmAknjorThkPlAj3n54r15/gK97iSSHSL22oVyaf7XPwnU3ZG1ApzQ -jVrhVcNQhrkpJsLj2aDxaQMoIIBFIi1WpztUlVYiWR8o3x8gPW2iNr4joLFutbEn -PzlTCeqrauh0ssJlXI6/fMN4hM2eFvz1Lk8gKgifd/PFHsSaUmYeSF7jEAaPIpjh -ZY4bXSNmO7ilMlHIhqqhqZ5/dpTCpmy3QfDVyAY45tQM4vM7TG1QjMSDJ8EThFk9 -nnV0ttgCXjqQesBCNnLsak3c78QA3xMYV18meMjWCnl3v/evt3a5pQuEF10Q6m/h -q5URX208o1xNg1vysxmKgIsLhwIDAQABoyYwJDASBgNVHRMBAf8ECDAGAQH/AgED -MA4GA1UdDwEB/wQEAwIBxjANBgkqhkiG9w0BAQUFAAOCAQEADkbVPK7ih9legYsC -mEEIjEy82tvuJxuC52pF7BaLT4Wg87JwvVqWuspube5Gi27nKi6Wsxkz67SfqLI3 -7piol7Yutmcn1KZJ/RyTZXaeQi/cImyaT/JaFTmxcdcrUehtHJjA2Sr0oYJ71clB -oiMBdDhViw+5LmeiIAQ32pwL0xch4I+XeTRvhEgCIDMb5jREn5Fw9IBehEPCKdJs -EhTkYY2sEJCehFC78JZvRZ+K88psT/oROhUVRsPNH4NbLUES7VBnQRM9IauUiqpO -fMGx+6fWtScvl6tu4B3i0RwsH0Ti/L6RoZz71ilTc4afU9hDDl3WY4JxHYB0yvbi -AmvZWg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw -TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh -cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4 -WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu -ZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY -MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc -h77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+ -0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U -A5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW -T8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH -B5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC -B5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv -KBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn -OlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn -jh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw -qHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI -rU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV -HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq -hkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL -ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ -3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK -NFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5 -ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur -TkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC -jNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc -oyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq -4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA -mRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d -emyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFYDCCA0igAwIBAgIQCgFCgAAAAUUjyES1AAAAAjANBgkqhkiG9w0BAQsFADBK -MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MScwJQYDVQQDEx5JZGVu -VHJ1c3QgQ29tbWVyY2lhbCBSb290IENBIDEwHhcNMTQwMTE2MTgxMjIzWhcNMzQw -MTE2MTgxMjIzWjBKMQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MScw -JQYDVQQDEx5JZGVuVHJ1c3QgQ29tbWVyY2lhbCBSb290IENBIDEwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQCnUBneP5k91DNG8W9RYYKyqU+PZ4ldhNlT -3Qwo2dfw/66VQ3KZ+bVdfIrBQuExUHTRgQ18zZshq0PirK1ehm7zCYofWjK9ouuU -+ehcCuz/mNKvcbO0U59Oh++SvL3sTzIwiEsXXlfEU8L2ApeN2WIrvyQfYo3fw7gp -S0l4PJNgiCL8mdo2yMKi1CxUAGc1bnO/AljwpN3lsKImesrgNqUZFvX9t++uP0D1 -bVoE/c40yiTcdCMbXTMTEl3EASX2MN0CXZ/g1Ue9tOsbobtJSdifWwLziuQkkORi -T0/Br4sOdBeo0XKIanoBScy0RnnGF7HamB4HWfp1IYVl3ZBWzvurpWCdxJ35UrCL -vYf5jysjCiN2O/cz4ckA82n5S6LgTrx+kzmEB/dEcH7+B1rlsazRGMzyNeVJSQjK -Vsk9+w8YfYs7wRPCTY/JTw436R+hDmrfYi7LNQZReSzIJTj0+kuniVyc0uMNOYZK -dHzVWYfCP04MXFL0PfdSgvHqo6z9STQaKPNBiDoT7uje/5kdX7rL6B7yuVBgwDHT -c+XvvqDtMwt0viAgxGds8AgDelWAf0ZOlqf0Hj7h9tgJ4TNkK2PXMl6f+cB7D3hv -l7yTmvmcEpB4eoCHFddydJxVdHixuuFucAS6T6C6aMN7/zHwcz09lCqxC0EOoP5N -iGVreTO01wIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB -/zAdBgNVHQ4EFgQU7UQZwNPwBovupHu+QucmVMiONnYwDQYJKoZIhvcNAQELBQAD -ggIBAA2ukDL2pkt8RHYZYR4nKM1eVO8lvOMIkPkp165oCOGUAFjvLi5+U1KMtlwH -6oi6mYtQlNeCgN9hCQCTrQ0U5s7B8jeUeLBfnLOic7iPBZM4zY0+sLj7wM+x8uwt -LRvM7Kqas6pgghstO8OEPVeKlh6cdbjTMM1gCIOQ045U8U1mwF10A0Cj7oV+wh93 -nAbowacYXVKV7cndJZ5t+qntozo00Fl72u1Q8zW/7esUTTHHYPTa8Yec4kjixsU3 -+wYQ+nVZZjFHKdp2mhzpgq7vmrlR94gjmmmVYjzlVYA211QC//G5Xc7UI2/YRYRK -W2XviQzdFKcgyxilJbQN+QHwotL0AMh0jqEqSI5l2xPE4iUXfeu+h1sXIFRRk0pT -AwvsXcoz7WL9RccvW9xYoIA55vrX/hMUpu09lEpCdNTDd1lzzY9GvlU47/rokTLq -l1gEIt44w8y8bckzOmoKaT+gyOpyj4xjhiO9bTyWnpXgSUyqorkqG5w2gXjtw+hG -4iZZRHUe2XWJUc0QhJ1hYMtd+ZciTY6Y5uN/9lu7rs3KSoFrXgvzUeF0K+l+J6fZ -mUlO+KWA2yUPHGNiiskzZ2s8EIPGrd6ozRaOjfAHN3Gf8qv8QfXBi+wAN10J5U6A -7/qxXDgGpRtK4dw4LTzcqx+QGtVKnO7RcGzM7vRX+Bi6hG6H ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFZjCCA06gAwIBAgIQCgFCgAAAAUUjz0Z8AAAAAjANBgkqhkiG9w0BAQsFADBN -MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MSowKAYDVQQDEyFJZGVu -VHJ1c3QgUHVibGljIFNlY3RvciBSb290IENBIDEwHhcNMTQwMTE2MTc1MzMyWhcN -MzQwMTE2MTc1MzMyWjBNMQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0 -MSowKAYDVQQDEyFJZGVuVHJ1c3QgUHVibGljIFNlY3RvciBSb290IENBIDEwggIi -MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC2IpT8pEiv6EdrCvsnduTyP4o7 -ekosMSqMjbCpwzFrqHd2hCa2rIFCDQjrVVi7evi8ZX3yoG2LqEfpYnYeEe4IFNGy -RBb06tD6Hi9e28tzQa68ALBKK0CyrOE7S8ItneShm+waOh7wCLPQ5CQ1B5+ctMlS -bdsHyo+1W/CD80/HLaXIrcuVIKQxKFdYWuSNG5qrng0M8gozOSI5Cpcu81N3uURF -/YTLNiCBWS2ab21ISGHKTN9T0a9SvESfqy9rg3LvdYDaBjMbXcjaY8ZNzaxmMc3R -3j6HEDbhuaR672BQssvKplbgN6+rNBM5Jeg5ZuSYeqoSmJxZZoY+rfGwyj4GD3vw -EUs3oERte8uojHH01bWRNszwFcYr3lEXsZdMUD2xlVl8BX0tIdUAvwFnol57plzy -9yLxkA2T26pEUWbMfXYD62qoKjgZl3YNa4ph+bz27nb9cCvdKTz4Ch5bQhyLVi9V -GxyhLrXHFub4qjySjmm2AcG1hp2JDws4lFTo6tyePSW8Uybt1as5qsVATFSrsrTZ -2fjXctscvG29ZV/viDUqZi/u9rNl8DONfJhBaUYPQxxp+pu10GFqzcpL2UyQRqsV -WaFHVCkugyhfHMKiq3IXAAaOReyL4jM9f9oZRORicsPfIsbyVtTdX5Vy7W1f90gD -W/3FKqD2cyOEEBsB5wIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/ -BAUwAwEB/zAdBgNVHQ4EFgQU43HgntinQtnbcZFrlJPrw6PRFKMwDQYJKoZIhvcN -AQELBQADggIBAEf63QqwEZE4rU1d9+UOl1QZgkiHVIyqZJnYWv6IAcVYpZmxI1Qj -t2odIFflAWJBF9MJ23XLblSQdf4an4EKwt3X9wnQW3IV5B4Jaj0z8yGa5hV+rVHV -DRDtfULAj+7AmgjVQdZcDiFpboBhDhXAuM/FSRJSzL46zNQuOAXeNf0fb7iAaJg9 -TaDKQGXSc3z1i9kKlT/YPyNtGtEqJBnZhbMX73huqVjRI9PHE+1yJX9dsXNw0H8G -lwmEKYBhHfpe/3OsoOOJuBxxFcbeMX8S3OFtm6/n6J91eEyrRjuazr8FGF1NFTwW -mhlQBJqymm9li1JfPFgEKCXAZmExfrngdbkaqIHWchezxQMxNRF4eKLg6TCMf4Df -WN88uieW4oA0beOY02QnrEh+KHdcxiVhJfiFDGX6xDIvpZgF5PgLZxYWxoK4Mhn5 -+bl53B/N66+rDt0b20XkeucC4pVd/GnwU2lhlXV5C15V5jgclKlZM57IcXR5f1GJ -tshquDDIajjDbp7hNxbqBWJMWxJH7ae0s1hWx0nzfxJoCTFx8G34Tkf71oXuxVhA -GaQdp/lLQzfcaFpPz+vCZHTetBXZ9FRUGi8c15dxVJCO2SCdUyt/q4/i6jC8UDfv -8Ue1fXwsBOxonbRJRBD0ckscZOf85muQ3Wl9af0AVqW3rLatt8o+Ae+c ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF8TCCA9mgAwIBAgIQALC3WhZIX7/hy/WL1xnmfTANBgkqhkiG9w0BAQsFADA4 -MQswCQYDVQQGEwJFUzEUMBIGA1UECgwLSVpFTlBFIFMuQS4xEzARBgNVBAMMCkl6 -ZW5wZS5jb20wHhcNMDcxMjEzMTMwODI4WhcNMzcxMjEzMDgyNzI1WjA4MQswCQYD -VQQGEwJFUzEUMBIGA1UECgwLSVpFTlBFIFMuQS4xEzARBgNVBAMMCkl6ZW5wZS5j -b20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDJ03rKDx6sp4boFmVq -scIbRTJxldn+EFvMr+eleQGPicPK8lVx93e+d5TzcqQsRNiekpsUOqHnJJAKClaO -xdgmlOHZSOEtPtoKct2jmRXagaKH9HtuJneJWK3W6wyyQXpzbm3benhB6QiIEn6H -LmYRY2xU+zydcsC8Lv/Ct90NduM61/e0aL6i9eOBbsFGb12N4E3GVFWJGjMxCrFX -uaOKmMPsOzTFlUFpfnXCPCDFYbpRR6AgkJOhkEvzTnyFRVSa0QUmQbC1TR0zvsQD -yCV8wXDbO/QJLVQnSKwv4cSsPsjLkkxTOTcj7NMB+eAJRE1NZMDhDVqHIrytG6P+ -JrUV86f8hBnp7KGItERphIPzidF0BqnMC9bC3ieFUCbKF7jJeodWLBoBHmy+E60Q -rLUk9TiRodZL2vG70t5HtfG8gfZZa88ZU+mNFctKy6lvROUbQc/hhqfK0GqfvEyN -BjNaooXlkDWgYlwWTvDjovoDGrQscbNYLN57C9saD+veIR8GdwYDsMnvmfzAuU8L -hij+0rnq49qlw0dpEuDb8PYZi+17cNcC1u2HGCgsBCRMd+RIihrGO5rUD8r6ddIB -QFqNeb+Lz0vPqhbBleStTIo+F5HUsWLlguWABKQDfo2/2n+iD5dPDNMN+9fR5XJ+ -HMh3/1uaD7euBUbl8agW7EekFwIDAQABo4H2MIHzMIGwBgNVHREEgagwgaWBD2lu -Zm9AaXplbnBlLmNvbaSBkTCBjjFHMEUGA1UECgw+SVpFTlBFIFMuQS4gLSBDSUYg -QTAxMzM3MjYwLVJNZXJjLlZpdG9yaWEtR2FzdGVpeiBUMTA1NSBGNjIgUzgxQzBB -BgNVBAkMOkF2ZGEgZGVsIE1lZGl0ZXJyYW5lbyBFdG9yYmlkZWEgMTQgLSAwMTAx -MCBWaXRvcmlhLUdhc3RlaXowDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC -AQYwHQYDVR0OBBYEFB0cZQ6o8iV7tJHP5LGx5r1VdGwFMA0GCSqGSIb3DQEBCwUA -A4ICAQB4pgwWSp9MiDrAyw6lFn2fuUhfGI8NYjb2zRlrrKvV9pF9rnHzP7MOeIWb -laQnIUdCSnxIOvVFfLMMjlF4rJUT3sb9fbgakEyrkgPH7UIBzg/YsfqikuFgba56 -awmqxinuaElnMIAkejEWOVt+8Rwu3WwJrfIxwYJOubv5vr8qhT/AQKM6WfxZSzwo -JNu0FXWuDYi6LnPAvViH5ULy617uHjAimcs30cQhbIHsvm0m5hzkQiCeR7Csg1lw -LDXWrzY0tM07+DKo7+N4ifuNRSzanLh+QBxh5z6ikixL8s36mLYp//Pye6kfLqCT -VyvehQP5aTfLnnhqBbTFMXiJ7HqnheG5ezzevh55hM6fcA5ZwjUukCox2eRFekGk -LhObNA5me0mrZJfQRsN5nXJQY6aYWwa9SG3YOYNw6DXwBdGqvOPbyALqfP2C2sJb -UjWumDqtujWTI6cfSN01RpiyEGjkpTHCClguGYEQyVB1/OpaFs4R1+7vUIgtYf8/ -QnMFlEPVjjxOAToZpR9GTnfQXeWBIiGH/pR9hNiTrdZoQ0iy2+tzJOeRf1SktoA+ -naM8THLCV8Sg1Mw4J87VBp6iSNnpn86CcDaTmjvfliHjWbcM2pE38P1ZWrOZyGls -QyYBNWNgVYkDOnXYukrZVP/u3oDYLdE41V4tC5h9Pmzb/CaIxw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFwzCCA6ugAwIBAgIUCn6m30tEntpqJIWe5rgV0xZ/u7EwDQYJKoZIhvcNAQEL -BQAwRjELMAkGA1UEBhMCTFUxFjAUBgNVBAoMDUx1eFRydXN0IFMuQS4xHzAdBgNV -BAMMFkx1eFRydXN0IEdsb2JhbCBSb290IDIwHhcNMTUwMzA1MTMyMTU3WhcNMzUw -MzA1MTMyMTU3WjBGMQswCQYDVQQGEwJMVTEWMBQGA1UECgwNTHV4VHJ1c3QgUy5B -LjEfMB0GA1UEAwwWTHV4VHJ1c3QgR2xvYmFsIFJvb3QgMjCCAiIwDQYJKoZIhvcN -AQEBBQADggIPADCCAgoCggIBANeFl78RmOnwYoNMPIf5U2o3C/IPPIfOb9wmKb3F -ibrJgz337spbxm1Jc7TJRqMbNBM/wYlFV/TZsfs2ZUv7COJIcRHIbjuend+JZTem -hfY7RBi2xjcwYkSSl2l9QjAk5A0MiWtj3sXh306pFGxT4GHO9hcvHTy95iJMHZP1 -EMShduxq3sVs35a0VkBCwGKSMKEtFZSg0iAGCW5qbeXrt77U8PEVfIvmTroTzEsn -Xpk8F12PgX8zPU/TPxvsXD/wPEx1bvKm1Z3aLQdjAsZy6ZS8TEmVT4hSyNvoaYL4 -zDRbIvCGp4m9SAptZoFtyMhk+wHh9OHe2Z7d21vUKpkmFRseTJIpgp7VkoGSQXAZ -96Tlk0u8d2cx3Rz9MXANF5kM+Qw5GSoXtTBxVdUPrljhPS80m8+f9niFwpN6cj5m -j5wWEWCPnolvZ77gR1o7DJpni89Gxq44o/KnvObWhWszJHAiS8sIm7vI+AIpHb4g -DEa/a4ebsypmQjVGbKq6rfmYe+lQVRQxv7HaLe2ArWgk+2mr2HETMOZns4dA/Yl+ -8kPREd8vZS9kzl8UubG/Mb2HeFpZZYiq/FkySIbWTLkpS5XTdvN3JW1CHDiDTf2j -X5t/Lax5Gw5CMZdjpPuKadUiDTSQMC6otOBttpSsvItO13D8xTiOZCXhTTmQzsmH -hFhxAgMBAAGjgagwgaUwDwYDVR0TAQH/BAUwAwEB/zBCBgNVHSAEOzA5MDcGByuB -KwEBAQowLDAqBggrBgEFBQcCARYeaHR0cHM6Ly9yZXBvc2l0b3J5Lmx1eHRydXN0 -Lmx1MA4GA1UdDwEB/wQEAwIBBjAfBgNVHSMEGDAWgBT/GCh2+UgFLKGu8SsbK7JT -+Et8szAdBgNVHQ4EFgQU/xgodvlIBSyhrvErGyuyU/hLfLMwDQYJKoZIhvcNAQEL -BQADggIBAGoZFO1uecEsh9QNcH7X9njJCwROxLHOk3D+sFTAMs2ZMGQXvw/l4jP9 -BzZAcg4atmpZ1gDlaCDdLnINH2pkMSCEfUmmWjfrRcmF9dTHF5kH5ptV5AzoqbTO -jFu1EVzPig4N1qx3gf4ynCSecs5U89BvolbW7MM3LGVYvlcAGvI1+ut7MV3CwRI9 -loGIlonBWVx65n9wNOeD4rHh4bhY79SV5GCc8JaXcozrhAIuZY+kt9J/Z93I055c -qqmkoCUUBpvsT34tC38ddfEz2O3OuHVtPlu5mB0xDVbYQw8wkbIEa91WvpWAVWe+ -2M2D2RjuLg+GLZKecBPs3lHJQ3gCpU3I+V/EkVhGFndadKpAvAefMLmx9xIX3eP/ -JEAdemrRTxgKqpAd60Ae36EeRJIQmvKN4dFLRp7oRUKX6kWZ8+xm1QL68qZKJKre -zrnK+T+Tb/mjuuqlPpmt/f97mfVl7vBZKGfXkJWkE4SphMHozs51k2MavDzq1WQf -LSoSOcbDWjLtR5EWDrw4wVDej8oqkDQc7kGUnF4ZLvhFSZl0kbAEb+MEWrGrKqv+ -x9CWttrhSmQGbmBNvUJO/3jaJMobtNeWOWyu8Q6qp31IiyBMz2TWuJdGsE7RKlY6 -oJO9r4Ak4Ap+58rVyuiFVdw2KuGUaJPHZnJED4AhMmwlxyOAgwrr ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIECjCCAvKgAwIBAgIJAMJ+QwRORz8ZMA0GCSqGSIb3DQEBCwUAMIGCMQswCQYD -VQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0 -ZC4xJzAlBgNVBAMMHk1pY3Jvc2VjIGUtU3ppZ25vIFJvb3QgQ0EgMjAwOTEfMB0G -CSqGSIb3DQEJARYQaW5mb0BlLXN6aWduby5odTAeFw0wOTA2MTYxMTMwMThaFw0y -OTEyMzAxMTMwMThaMIGCMQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3Qx -FjAUBgNVBAoMDU1pY3Jvc2VjIEx0ZC4xJzAlBgNVBAMMHk1pY3Jvc2VjIGUtU3pp -Z25vIFJvb3QgQ0EgMjAwOTEfMB0GCSqGSIb3DQEJARYQaW5mb0BlLXN6aWduby5o -dTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOn4j/NjrdqG2KfgQvvP -kd6mJviZpWNwrZuuyjNAfW2WbqEORO7hE52UQlKavXWFdCyoDh2Tthi3jCyoz/tc -cbna7P7ofo/kLx2yqHWH2Leh5TvPmUpG0IMZfcChEhyVbUr02MelTTMuhTlAdX4U -fIASmFDHQWe4oIBhVKZsTh/gnQ4H6cm6M+f+wFUoLAKApxn1ntxVUwOXewdI/5n7 -N4okxFnMUBBjjqqpGrCEGob5X7uxUG6k0QrM1XF+H6cbfPVTbiJfyyvm1HxdrtbC -xkzlBQHZ7Vf8wSN5/PrIJIOV87VqUQHQd9bpEqH5GoP7ghu5sJf0dgYzQ0mg/wu1 -+rUCAwEAAaOBgDB+MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0G -A1UdDgQWBBTLD8bfQkPMPcu1SCOhGnqmKrs0aDAfBgNVHSMEGDAWgBTLD8bfQkPM -Pcu1SCOhGnqmKrs0aDAbBgNVHREEFDASgRBpbmZvQGUtc3ppZ25vLmh1MA0GCSqG -SIb3DQEBCwUAA4IBAQDJ0Q5eLtXMs3w+y/w9/w0olZMEyL/azXm4Q5DwpL7v8u8h -mLzU1F0G9u5C7DBsoKqpyvGvivo/C3NqPuouQH4frlRheesuCDfXI/OMn74dseGk -ddug4lQUsbocKaQY9hK6ohQU4zE1yED/t+AFdlfBHFny+L/k7SViXITwfn4fs775 -tyERzAMBVnCnEJIeGzSBHq2cGsMEPO0CYdYeBvNfOofyK/FFh+U9rNHHV4S9a67c -2Pm2G2JwCz02yULyMtd6YebS2z3PyKnJm9zbWETXbzivf3jTo60adbocwTZ8jx5t -HMN1Rq41Bab2XD0h7lbwyYIiLXpUq3DDfSJlgnCW ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEFTCCAv2gAwIBAgIGSUEs5AAQMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQG -EwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3 -MDUGA1UECwwuVGFuw7pzw610dsOhbnlraWFkw7NrIChDZXJ0aWZpY2F0aW9uIFNl -cnZpY2VzKTE1MDMGA1UEAwwsTmV0TG9jayBBcmFueSAoQ2xhc3MgR29sZCkgRsWR -dGFuw7pzw610dsOhbnkwHhcNMDgxMjExMTUwODIxWhcNMjgxMjA2MTUwODIxWjCB -pzELMAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRUwEwYDVQQKDAxOZXRM -b2NrIEtmdC4xNzA1BgNVBAsMLlRhbsO6c8OtdHbDoW55a2lhZMOzayAoQ2VydGlm -aWNhdGlvbiBTZXJ2aWNlcykxNTAzBgNVBAMMLE5ldExvY2sgQXJhbnkgKENsYXNz -IEdvbGQpIEbFkXRhbsO6c8OtdHbDoW55MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A -MIIBCgKCAQEAxCRec75LbRTDofTjl5Bu0jBFHjzuZ9lk4BqKf8owyoPjIMHj9DrT -lF8afFttvzBPhCf2nx9JvMaZCpDyD/V/Q4Q3Y1GLeqVw/HpYzY6b7cNGbIRwXdrz -AZAj/E4wqX7hJ2Pn7WQ8oLjJM2P+FpD/sLj916jAwJRDC7bVWaaeVtAkH3B5r9s5 -VA1lddkVQZQBr17s9o3x/61k/iCa11zr/qYfCGSji3ZVrR47KGAuhyXoqq8fxmRG -ILdwfzzeSNuWU7c5d+Qa4scWhHaXWy+7GRWF+GmF9ZmnqfI0p6m2pgP8b4Y9VHx2 -BJtr+UBdADTHLpl1neWIA6pN+APSQnbAGwIDAKiLo0UwQzASBgNVHRMBAf8ECDAG -AQH/AgEEMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUzPpnk/C2uNClwB7zU/2M -U9+D15YwDQYJKoZIhvcNAQELBQADggEBAKt/7hwWqZw8UQCgwBEIBaeZ5m8BiFRh -bvG5GK1Krf6BQCOUL/t1fC8oS2IkgYIL9WHxHG64YTjrgfpioTtaYtOUZcTh5m2C -+C8lcLIhJsFyUR+MLMOEkMNaj7rP9KdlpeuY0fsFskZ1FSNqb4VjMIDw1Z4fKRzC -bLBQWV2QWzuoDTDPv31/zvGdg73JRm4gpvlhUbohL3u+pRVjodSVh/GeufOJ8z2F -uLjbvrW5KfnaNwUASZQDhETnv0Mxz3WLJdH0pmT1kvarBes96aULNmLazAZfNou2 -XjG4Kvte9nHfRCaexOYNkbQudZWAUWpLMKawYqGT8ZvYzsRjdT9ZR7E= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID5jCCAs6gAwIBAgIQV8szb8JcFuZHFhfjkDFo4DANBgkqhkiG9w0BAQUFADBi -MQswCQYDVQQGEwJVUzEhMB8GA1UEChMYTmV0d29yayBTb2x1dGlvbnMgTC5MLkMu -MTAwLgYDVQQDEydOZXR3b3JrIFNvbHV0aW9ucyBDZXJ0aWZpY2F0ZSBBdXRob3Jp -dHkwHhcNMDYxMjAxMDAwMDAwWhcNMjkxMjMxMjM1OTU5WjBiMQswCQYDVQQGEwJV -UzEhMB8GA1UEChMYTmV0d29yayBTb2x1dGlvbnMgTC5MLkMuMTAwLgYDVQQDEydO -ZXR3b3JrIFNvbHV0aW9ucyBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkvH6SMG3G2I4rC7xGzuAnlt7e+foS0zwz -c7MEL7xxjOWftiJgPl9dzgn/ggwbmlFQGiaJ3dVhXRncEg8tCqJDXRfQNJIg6nPP -OCwGJgl6cvf6UDL4wpPTaaIjzkGxzOTVHzbRijr4jGPiFFlp7Q3Tf2vouAPlT2rl -mGNpSAW+Lv8ztumXWWn4Zxmuk2GWRBXTcrA/vGp97Eh/jcOrqnErU2lBUzS1sLnF -BgrEsEX1QV1uiUV7PTsmjHTC5dLRfbIR1PtYMiKagMnc/Qzpf14Dl847ABSHJ3A4 -qY5usyd2mFHgBeMhqxrVhSI8KbWaFsWAqPS7azCPL0YCorEMIuDTAgMBAAGjgZcw -gZQwHQYDVR0OBBYEFCEwyfsA106Y2oeqKtCnLrFAMadMMA4GA1UdDwEB/wQEAwIB -BjAPBgNVHRMBAf8EBTADAQH/MFIGA1UdHwRLMEkwR6BFoEOGQWh0dHA6Ly9jcmwu -bmV0c29sc3NsLmNvbS9OZXR3b3JrU29sdXRpb25zQ2VydGlmaWNhdGVBdXRob3Jp -dHkuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQC7rkvnt1frf6ott3NHhWrB5KUd5Oc8 -6fRZZXe1eltajSU24HqXLjjAV2CDmAaDn7l2em5Q4LqILPxFzBiwmZVRDuwduIj/ -h1AcgsLj4DKAv6ALR8jDMe+ZZzKATxcheQxpXN5eNK4CtSbqUN9/GGUsyfJj4akH -/nxxH2szJGoeBfcFaMBqEssuXmHLrijTfsK0ZpEmXzwuJF/LWA/rKOyvEZbz3Htv -wKeI8lN3s2Berq4o2jUsbzRF0ybh3uxbTydrFny9RAQYgrOJeRcQcT16ohZO9QHN -pGxlaKFJdlxDydi8NmdspZS11My5vWo1ViHe2MPr+8ukYEywVaCge1ey ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID8TCCAtmgAwIBAgIQQT1yx/RrH4FDffHSKFTfmjANBgkqhkiG9w0BAQUFADCB -ijELMAkGA1UEBhMCQ0gxEDAOBgNVBAoTB1dJU2VLZXkxGzAZBgNVBAsTEkNvcHly -aWdodCAoYykgMjAwNTEiMCAGA1UECxMZT0lTVEUgRm91bmRhdGlvbiBFbmRvcnNl -ZDEoMCYGA1UEAxMfT0lTVEUgV0lTZUtleSBHbG9iYWwgUm9vdCBHQSBDQTAeFw0w -NTEyMTExNjAzNDRaFw0zNzEyMTExNjA5NTFaMIGKMQswCQYDVQQGEwJDSDEQMA4G -A1UEChMHV0lTZUtleTEbMBkGA1UECxMSQ29weXJpZ2h0IChjKSAyMDA1MSIwIAYD -VQQLExlPSVNURSBGb3VuZGF0aW9uIEVuZG9yc2VkMSgwJgYDVQQDEx9PSVNURSBX -SVNlS2V5IEdsb2JhbCBSb290IEdBIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A -MIIBCgKCAQEAy0+zAJs9Nt350UlqaxBJH+zYK7LG+DKBKUOVTJoZIyEVRd7jyBxR -VVuuk+g3/ytr6dTqvirdqFEr12bDYVxgAsj1znJ7O7jyTmUIms2kahnBAbtzptf2 -w93NvKSLtZlhuAGio9RN1AU9ka34tAhxZK9w8RxrfvbDd50kc3vkDIzh2TbhmYsF -mQvtRTEJysIA2/dyoJaqlYfQjse2YXMNdmaM3Bu0Y6Kff5MTMPGhJ9vZ/yxViJGg -4E8HsChWjBgbl0SOid3gF27nKu+POQoxhILYQBRJLnpB5Kf+42TMwVlxSywhp1t9 -4B3RLoGbw9ho972WG6xwsRYUC9tguSYBBQIDAQABo1EwTzALBgNVHQ8EBAMCAYYw -DwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUswN+rja8sHnR3JQmthG+IbJphpQw -EAYJKwYBBAGCNxUBBAMCAQAwDQYJKoZIhvcNAQEFBQADggEBAEuh/wuHbrP5wUOx -SPMowB0uyQlB+pQAHKSkq0lPjz0e701vvbyk9vImMMkQyh2I+3QZH4VFvbBsUfk2 -ftv1TDI6QU9bR8/oCy22xBmddMVHxjtqD6wU2zz0c5ypBd8A3HR4+vg1YFkCExh8 -vPtNsCBtQ7tgMHpnM1zFmdH4LTlSc/uMqpclXHLZCB6rTjzjgTGfA6b7wP4piFXa -hNVQA7bihKOmNqoROgHhGEvWRGizPflTdISzRpFGlgC3gCy24eMQ4tui5yiPAZZi -Fj4A4xylNoEYokxSdsARo27mHbrjWr42U8U+dY+GaSlYU7Wcu2+fXMUY7N0v4ZjJ -/L7fCg0= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDtTCCAp2gAwIBAgIQdrEgUnTwhYdGs/gjGvbCwDANBgkqhkiG9w0BAQsFADBt -MQswCQYDVQQGEwJDSDEQMA4GA1UEChMHV0lTZUtleTEiMCAGA1UECxMZT0lTVEUg -Rm91bmRhdGlvbiBFbmRvcnNlZDEoMCYGA1UEAxMfT0lTVEUgV0lTZUtleSBHbG9i -YWwgUm9vdCBHQiBDQTAeFw0xNDEyMDExNTAwMzJaFw0zOTEyMDExNTEwMzFaMG0x -CzAJBgNVBAYTAkNIMRAwDgYDVQQKEwdXSVNlS2V5MSIwIAYDVQQLExlPSVNURSBG -b3VuZGF0aW9uIEVuZG9yc2VkMSgwJgYDVQQDEx9PSVNURSBXSVNlS2V5IEdsb2Jh -bCBSb290IEdCIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Be3 -HEokKtaXscriHvt9OO+Y9bI5mE4nuBFde9IllIiCFSZqGzG7qFshISvYD06fWvGx -WuR51jIjK+FTzJlFXHtPrby/h0oLS5daqPZI7H17Dc0hBt+eFf1Biki3IPShehtX -1F1Q/7pn2COZH8g/497/b1t3sWtuuMlk9+HKQUYOKXHQuSP8yYFfTvdv37+ErXNk -u7dCjmn21HYdfp2nuFeKUWdy19SouJVUQHMD9ur06/4oQnc/nSMbsrY9gBQHTC5P -99UKFg29ZkM3fiNDecNAhvVMKdqOmq0NpQSHiB6F4+lT1ZvIiwNjeOvgGUpuuy9r -M2RYk61pv48b74JIxwIDAQABo1EwTzALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUw -AwEB/zAdBgNVHQ4EFgQUNQ/INmNe4qPs+TtmFc5RUuORmj0wEAYJKwYBBAGCNxUB -BAMCAQAwDQYJKoZIhvcNAQELBQADggEBAEBM+4eymYGQfp3FsLAmzYh7KzKNbrgh -cViXfa43FK8+5/ea4n32cZiZBKpDdHij40lhPnOMTZTg+XHEthYOU3gf1qKHLwI5 -gSk8rxWYITD+KJAAjNHhy/peyP34EEY7onhCkRd0VQreUGdNZtGn//3ZwLWoo4rO -ZvUPQ82nK1d7Y0Zqqi5S2PTt4W2tKZB4SLrhI6qjiey1q5bAtEuiHZeeevJuQHHf -aPFlTc58Bd9TZaml8LGXBHAVRgOY1NK/VLSgWH1Sb9pWJmLU2NuJMW8c8CLC02Ic -Nc1MaRVUGpCY3useX8p3x8uOPUNpnJpY0CQ73xtAln41rYHHTnG6iBM= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFbzCCA1egAwIBAgISESCzkFU5fX82bWTCp59rY45nMA0GCSqGSIb3DQEBCwUA -MEAxCzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9w -ZW5UcnVzdCBSb290IENBIEcxMB4XDTE0MDUyNjA4NDU1MFoXDTM4MDExNTAwMDAw -MFowQDELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCU9wZW5UcnVzdDEdMBsGA1UEAwwU -T3BlblRydXN0IFJvb3QgQ0EgRzEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK -AoICAQD4eUbalsUwXopxAy1wpLuwxQjczeY1wICkES3d5oeuXT2R0odsN7faYp6b -wiTXj/HbpqbfRm9RpnHLPhsxZ2L3EVs0J9V5ToybWL0iEA1cJwzdMOWo010hOHQX -/uMftk87ay3bfWAfjH1MBcLrARYVmBSO0ZB3Ij/swjm4eTrwSSTilZHcYTSSjFR0 -77F9jAHiOH3BX2pfJLKOYheteSCtqx234LSWSE9mQxAGFiQD4eCcjsZGT44ameGP -uY4zbGneWK2gDqdkVBFpRGZPTBKnjix9xNRbxQA0MMHZmf4yzgeEtE7NCv82TWLx -p2NX5Ntqp66/K7nJ5rInieV+mhxNaMbBGN4zK1FGSxyO9z0M+Yo0FMT7MzUj8czx -Kselu7Cizv5Ta01BG2Yospb6p64KTrk5M0ScdMGTHPjgniQlQ/GbI4Kq3ywgsNw2 -TgOzfALU5nsaqocTvz6hdLubDuHAk5/XpGbKuxs74zD0M1mKB3IDVedzagMxbm+W -G+Oin6+Sx+31QrclTDsTBM8clq8cIqPQqwWyTBIjUtz9GVsnnB47ev1CI9sjgBPw -vFEVVJSmdz7QdFG9URQIOTfLHzSpMJ1ShC5VkLG631UAC9hWLbFJSXKAqWLXwPYY -EQRVzXR7z2FwefR7LFxckvzluFqrTJOVoSfupb7PcSNCupt2LQIDAQABo2MwYTAO -BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUl0YhVyE1 -2jZVx/PxN3DlCPaTKbYwHwYDVR0jBBgwFoAUl0YhVyE12jZVx/PxN3DlCPaTKbYw -DQYJKoZIhvcNAQELBQADggIBAB3dAmB84DWn5ph76kTOZ0BP8pNuZtQ5iSas000E -PLuHIT839HEl2ku6q5aCgZG27dmxpGWX4m9kWaSW7mDKHyP7Rbr/jyTwyqkxf3kf -gLMtMrpkZ2CvuVnN35pJ06iCsfmYlIrM4LvgBBuZYLFGZdwIorJGnkSI6pN+VxbS -FXJfLkur1J1juONI5f6ELlgKn0Md/rcYkoZDSw6cMoYsYPXpSOqV7XAp8dUv/TW0 -V8/bhUiZucJvbI/NeJWsZCj9VrDDb8O+WVLhX4SPgPL0DTatdrOjteFkdjpY3H1P -XlZs5VVZV6Xf8YpmMIzUUmI4d7S+KNfKNsSbBfD4Fdvb8e80nR14SohWZ25g/4/I -i+GOvUKpMwpZQhISKvqxnUOOBZuZ2mKtVzazHbYNeS2WuOvyDEsMpZTGMKcmGS3t -TAZQMPH9WD25SxdfGbRqhFS0OE85og2WaMMolP3tLR9Ka0OWLpABEPs4poEL0L91 -09S5zvE/bw4cHjdx5RiHdRk/ULlepEU0rbDK5uUTdg8xFKmOLZTW1YVNcxVPS/Ky -Pu1svf0OnWZzsD2097+o4BGkxK51CUpjAEggpsadCwmKtODmzj7HPiY46SvepghJ -AwSQiumPv+i2tCqjI40cHLI5kqiPAlxAOXXUc0ECd97N4EOH1uS6SsNsEn/+KuYj -1oxx ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFbzCCA1egAwIBAgISESChaRu/vbm9UpaPI+hIvyYRMA0GCSqGSIb3DQEBDQUA -MEAxCzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9w -ZW5UcnVzdCBSb290IENBIEcyMB4XDTE0MDUyNjAwMDAwMFoXDTM4MDExNTAwMDAw -MFowQDELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCU9wZW5UcnVzdDEdMBsGA1UEAwwU -T3BlblRydXN0IFJvb3QgQ0EgRzIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK -AoICAQDMtlelM5QQgTJT32F+D3Y5z1zCU3UdSXqWON2ic2rxb95eolq5cSG+Ntmh -/LzubKh8NBpxGuga2F8ORAbtp+Dz0mEL4DKiltE48MLaARf85KxP6O6JHnSrT78e -CbY2albz4e6WiWYkBuTNQjpK3eCasMSCRbP+yatcfD7J6xcvDH1urqWPyKwlCm/6 -1UWY0jUJ9gNDlP7ZvyCVeYCYitmJNbtRG6Q3ffyZO6v/v6wNj0OxmXsWEH4db0fE -FY8ElggGQgT4hNYdvJGmQr5J1WqIP7wtUdGejeBSzFfdNTVY27SPJIjki9/ca1TS -gSuyzpJLHB9G+h3Ykst2Z7UJmQnlrBcUVXDGPKBWCgOz3GIZ38i1MH/1PCZ1Eb3X -G7OHngevZXHloM8apwkQHZOJZlvoPGIytbU6bumFAYueQ4xncyhZW+vj3CzMpSZy -YhK05pyDRPZRpOLAeiRXyg6lPzq1O4vldu5w5pLeFlwoW5cZJ5L+epJUzpM5ChaH -vGOz9bGTXOBut9Dq+WIyiET7vycotjCVXRIouZW+j1MY5aIYFuJWpLIsEPUdN6b4 -t/bQWVyJ98LVtZR00dX+G7bw5tYee9I8y6jj9RjzIR9u701oBnstXW5DiabA+aC/ -gh7PU3+06yzbXfZqfUAkBXKJOAGTy3HCOV0GEfZvePg3DTmEJwIDAQABo2MwYTAO -BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUajn6QiL3 -5okATV59M4PLuG53hq8wHwYDVR0jBBgwFoAUajn6QiL35okATV59M4PLuG53hq8w -DQYJKoZIhvcNAQENBQADggIBAJjLq0A85TMCl38th6aP1F5Kr7ge57tx+4BkJamz -Gj5oXScmp7oq4fBXgwpkTx4idBvpkF/wrM//T2h6OKQQbA2xx6R3gBi2oihEdqc0 -nXGEL8pZ0keImUEiyTCYYW49qKgFbdEfwFFEVn8nNQLdXpgKQuswv42hm1GqO+qT -RmTFAHneIWv2V6CG1wZy7HBGS4tz3aAhdT7cHcCP009zHIXZ/n9iyJVvttN7jLpT -wm+bREx50B1ws9efAvSyB7DH5fitIw6mVskpEndI2S9G/Tvw/HRwkqWOOAgfZDC2 -t0v7NqwQjqBSM2OdAzVWxWm9xiNaJ5T2pBL4LTM8oValX9YZ6e18CL13zSdkzJTa -TkZQh+D5wVOAHrut+0dSixv9ovneDiK3PTNZbNTe9ZUGMg1RGUFcPk8G97krgCf2 -o6p6fAbhQ8MTOWIaNr3gKC6UAuQpLmBVrkA9sHSSXvAgZJY/X0VdiLWK2gKgW0VU -3jg9CcCoSmVGFvyqv1ROTVu+OEO3KMqLM6oaJbolXCkvW0pujOotnCr2BXbgd5eA -iN1nE28daCSLT7d0geX0YJ96Vdc+N9oWaz53rK4YcJUIeSkDiv7BO7M/Gg+kO14f -WKGVyasvc0rQLW6aWQ9VGHgtPFGml4vmu7JwqkwR3v98KzfUetF3NI/n+UL3PIEM -S1IK ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICITCCAaagAwIBAgISESDm+Ez8JLC+BUCs2oMbNGA/MAoGCCqGSM49BAMDMEAx -CzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9wZW5U -cnVzdCBSb290IENBIEczMB4XDTE0MDUyNjAwMDAwMFoXDTM4MDExNTAwMDAwMFow -QDELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCU9wZW5UcnVzdDEdMBsGA1UEAwwUT3Bl -blRydXN0IFJvb3QgQ0EgRzMwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAARK7liuTcpm -3gY6oxH84Bjwbhy6LTAMidnW7ptzg6kjFYwvWYpa3RTqnVkrQ7cG7DK2uu5Bta1d -oYXM6h0UZqNnfkbilPPntlahFVmhTzeXuSIevRHr9LIfXsMUmuXZl5mjYzBhMA4G -A1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRHd8MUi2I5 -DMlv4VBN0BBY3JWIbTAfBgNVHSMEGDAWgBRHd8MUi2I5DMlv4VBN0BBY3JWIbTAK -BggqhkjOPQQDAwNpADBmAjEAj6jcnboMBBf6Fek9LykBl7+BFjNAk2z8+e2AcG+q -j9uEwov1NcoG3GRvaBbhj5G5AjEA2Euly8LQCGzpGPta3U1fJAuwACEl74+nBCZx -4nxp5V2a+EEfOzmTk51V6s2N8fvB ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF0DCCBLigAwIBAgIEOrZQizANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJC -TTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDElMCMGA1UECxMcUm9vdCBDZXJ0 -aWZpY2F0aW9uIEF1dGhvcml0eTEuMCwGA1UEAxMlUXVvVmFkaXMgUm9vdCBDZXJ0 -aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wMTAzMTkxODMzMzNaFw0yMTAzMTcxODMz -MzNaMH8xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMSUw -IwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MS4wLAYDVQQDEyVR -dW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG -9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2G1lVO6V/z68mcLOhrfEYBklbTRvM16z/Yp -li4kVEAkOPcahdxYTMukJ0KX0J+DisPkBgNbAKVRHnAEdOLB1Dqr1607BxgFjv2D -rOpm2RgbaIr1VxqYuvXtdj182d6UajtLF8HVj71lODqV0D1VNk7feVcxKh7YWWVJ -WCCYfqtffp/p1k3sg3Spx2zY7ilKhSoGFPlU5tPaZQeLYzcS19Dsw3sgQUSj7cug -F+FxZc4dZjH3dgEZyH0DWLaVSR2mEiboxgx24ONmy+pdpibu5cxfvWenAScOospU -xbF6lR1xHkopigPcakXBpBlebzbNw6Kwt/5cOOJSvPhEQ+aQuwIDAQABo4ICUjCC -Ak4wPQYIKwYBBQUHAQEEMTAvMC0GCCsGAQUFBzABhiFodHRwczovL29jc3AucXVv -dmFkaXNvZmZzaG9yZS5jb20wDwYDVR0TAQH/BAUwAwEB/zCCARoGA1UdIASCAREw -ggENMIIBCQYJKwYBBAG+WAABMIH7MIHUBggrBgEFBQcCAjCBxxqBxFJlbGlhbmNl -IG9uIHRoZSBRdW9WYWRpcyBSb290IENlcnRpZmljYXRlIGJ5IGFueSBwYXJ0eSBh -c3N1bWVzIGFjY2VwdGFuY2Ugb2YgdGhlIHRoZW4gYXBwbGljYWJsZSBzdGFuZGFy -ZCB0ZXJtcyBhbmQgY29uZGl0aW9ucyBvZiB1c2UsIGNlcnRpZmljYXRpb24gcHJh -Y3RpY2VzLCBhbmQgdGhlIFF1b1ZhZGlzIENlcnRpZmljYXRlIFBvbGljeS4wIgYI -KwYBBQUHAgEWFmh0dHA6Ly93d3cucXVvdmFkaXMuYm0wHQYDVR0OBBYEFItLbe3T -KbkGGew5Oanwl4Rqy+/fMIGuBgNVHSMEgaYwgaOAFItLbe3TKbkGGew5Oanwl4Rq -y+/foYGEpIGBMH8xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1p -dGVkMSUwIwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MS4wLAYD -VQQDEyVRdW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggQ6tlCL -MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAitQUtf70mpKnGdSk -fnIYj9lofFIk3WdvOXrEql494liwTXCYhGHoG+NpGA7O+0dQoE7/8CQfvbLO9Sf8 -7C9TqnN7Az10buYWnuulLsS/VidQK2K6vkscPFVcQR0kvoIgR13VRH56FmjffU1R -cHhXHTMe/QKZnAzNCgVPx7uOpHX6Sm2xgI4JVrmcGmD+XcHXetwReNDWXcG31a0y -mQM6isxUJTkxgXsTIlG6Rmyhu576BGxJJnSP0nPrzDCi5upZIof4l/UO/erMkqQW -xFIY6iHOsfHmhIHluqmGKPJDWl0Snawe2ajlCmqnf6CHKc/yiU3U7MXi5nrQNiOK -SnQ2+Q== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFYDCCA0igAwIBAgIUeFhfLq0sGUvjNwc1NBMotZbUZZMwDQYJKoZIhvcNAQEL -BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc -BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMSBHMzAeFw0xMjAxMTIxNzI3NDRaFw00 -MjAxMTIxNzI3NDRaMEgxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM -aW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDEgRzMwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQCgvlAQjunybEC0BJyFuTHK3C3kEakEPBtV -wedYMB0ktMPvhd6MLOHBPd+C5k+tR4ds7FtJwUrVu4/sh6x/gpqG7D0DmVIB0jWe -rNrwU8lmPNSsAgHaJNM7qAJGr6Qc4/hzWHa39g6QDbXwz8z6+cZM5cOGMAqNF341 -68Xfuw6cwI2H44g4hWf6Pser4BOcBRiYz5P1sZK0/CPTz9XEJ0ngnjybCKOLXSoh -4Pw5qlPafX7PGglTvF0FBM+hSo+LdoINofjSxxR3W5A2B4GbPgb6Ul5jxaYA/qXp -UhtStZI5cgMJYr2wYBZupt0lwgNm3fME0UDiTouG9G/lg6AnhF4EwfWQvTA9xO+o -abw4m6SkltFi2mnAAZauy8RRNOoMqv8hjlmPSlzkYZqn0ukqeI1RPToV7qJZjqlc -3sX5kCLliEVx3ZGZbHqfPT2YfF72vhZooF6uCyP8Wg+qInYtyaEQHeTTRCOQiJ/G -KubX9ZqzWB4vMIkIG1SitZgj7Ah3HJVdYdHLiZxfokqRmu8hqkkWCKi9YSgxyXSt -hfbZxbGL0eUQMk1fiyA6PEkfM4VZDdvLCXVDaXP7a3F98N/ETH3Goy7IlXnLc6KO -Tk0k+17kBL5yG6YnLUlamXrXXAkgt3+UuU/xDRxeiEIbEbfnkduebPRq34wGmAOt -zCjvpUfzUwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB -BjAdBgNVHQ4EFgQUo5fW816iEOGrRZ88F2Q87gFwnMwwDQYJKoZIhvcNAQELBQAD -ggIBABj6W3X8PnrHX3fHyt/PX8MSxEBd1DKquGrX1RUVRpgjpeaQWxiZTOOtQqOC -MTaIzen7xASWSIsBx40Bz1szBpZGZnQdT+3Btrm0DWHMY37XLneMlhwqI2hrhVd2 -cDMT/uFPpiN3GPoajOi9ZcnPP/TJF9zrx7zABC4tRi9pZsMbj/7sPtPKlL92CiUN -qXsCHKnQO18LwIE6PWThv6ctTr1NxNgpxiIY0MWscgKCP6o6ojoilzHdCGPDdRS5 -YCgtW2jgFqlmgiNR9etT2DGbe+m3nUvriBbP+V04ikkwj+3x6xn0dxoxGE1nVGwv -b2X52z3sIexe9PSLymBlVNFxZPT5pqOBMzYzcfCkeF9OrYMh3jRJjehZrJ3ydlo2 -8hP0r+AJx2EqbPfgna67hkooby7utHnNkDPDs3b69fBsnQGQ+p6Q9pxyz0fawx/k -NSBT8lTR32GDpgLiJTjehTItXnOQUl1CxM49S+H5GYQd1aJQzEH7QRTDvdbJWqNj -ZgKAvQU6O0ec7AAmTPWIUb+oI38YB7AL7YsmoWTTYUrrXJ/es69nA7Mf3W1daWhp -q1467HxpvMc7hU6eFbm0FU/DlXpY18ls6Wy58yljXrQs8C097Vpl4KlbQMJImYFt -nh8GKjwStIsPm6Ik8KaN1nrgS7ZklmOVhMJKzRwuJIczYOXD ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFtzCCA5+gAwIBAgICBQkwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0x -GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJv -b3QgQ0EgMjAeFw0wNjExMjQxODI3MDBaFw0zMTExMjQxODIzMzNaMEUxCzAJBgNV -BAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMRswGQYDVQQDExJRdW9W -YWRpcyBSb290IENBIDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCa -GMpLlA0ALa8DKYrwD4HIrkwZhR0In6spRIXzL4GtMh6QRr+jhiYaHv5+HBg6XJxg -Fyo6dIMzMH1hVBHL7avg5tKifvVrbxi3Cgst/ek+7wrGsxDp3MJGF/hd/aTa/55J -WpzmM+Yklvc/ulsrHHo1wtZn/qtmUIttKGAr79dgw8eTvI02kfN/+NsRE8Scd3bB -rrcCaoF6qUWD4gXmuVbBlDePSHFjIuwXZQeVikvfj8ZaCuWw419eaxGrDPmF60Tp -+ARz8un+XJiM9XOva7R+zdRcAitMOeGylZUtQofX1bOQQ7dsE/He3fbE+Ik/0XX1 -ksOR1YqI0JDs3G3eicJlcZaLDQP9nL9bFqyS2+r+eXyt66/3FsvbzSUr5R/7mp/i -Ucw6UwxI5g69ybR2BlLmEROFcmMDBOAENisgGQLodKcftslWZvB1JdxnwQ5hYIiz -PtGo/KPaHbDRsSNU30R2be1B2MGyIrZTHN81Hdyhdyox5C315eXbyOD/5YDXC2Og -/zOhD7osFRXql7PSorW+8oyWHhqPHWykYTe5hnMz15eWniN9gqRMgeKh0bpnX5UH -oycR7hYQe7xFSkyyBNKr79X9DFHOUGoIMfmR2gyPZFwDwzqLID9ujWc9Otb+fVuI -yV77zGHcizN300QyNQliBJIWENieJ0f7OyHj+OsdWwIDAQABo4GwMIGtMA8GA1Ud -EwEB/wQFMAMBAf8wCwYDVR0PBAQDAgEGMB0GA1UdDgQWBBQahGK8SEwzJQTU7tD2 -A8QZRtGUazBuBgNVHSMEZzBlgBQahGK8SEwzJQTU7tD2A8QZRtGUa6FJpEcwRTEL -MAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMT -ElF1b1ZhZGlzIFJvb3QgQ0EgMoICBQkwDQYJKoZIhvcNAQEFBQADggIBAD4KFk2f -BluornFdLwUvZ+YTRYPENvbzwCYMDbVHZF34tHLJRqUDGCdViXh9duqWNIAXINzn -g/iN/Ae42l9NLmeyhP3ZRPx3UIHmfLTJDQtyU/h2BwdBR5YM++CCJpNVjP4iH2Bl -fF/nJrP3MpCYUNQ3cVX2kiF495V5+vgtJodmVjB3pjd4M1IQWK4/YY7yarHvGH5K -WWPKjaJW1acvvFYfzznB4vsKqBUsfU16Y8Zsl0Q80m/DShcK+JDSV6IZUaUtl0Ha -B0+pUNqQjZRG4T7wlP0QADj1O+hA4bRuVhogzG9Yje0uRY/W6ZM/57Es3zrWIozc -hLsib9D45MY56QSIPMO661V6bYCZJPVsAfv4l7CUW+v90m/xd2gNNWQjrLhVoQPR -TUIZ3Ph1WVaj+ahJefivDrkRoHy3au000LYmYjgahwz46P0u05B/B5EqHdZ+XIWD -mbA4CD/pXvk1B+TJYm5Xf6dQlfe6yJvmjqIBxdZmv3lh8zwc4bmCXF2gw+nYSL0Z -ohEUGW6yhhtoPkg3Goi3XZZenMfvJ2II4pEZXNLxId26F0KCl3GBUzGpn/Z9Yr9y -4aOTHcyKJloJONDO1w2AFrR4pTqHTI2KpdVGl/IsELm8VCLAAVBpQ570su9t+Oza -8eOx79+Rj1QqCyXBJhnEUhAFZdWCEOrCMc0u ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFYDCCA0igAwIBAgIURFc0JFuBiZs18s64KztbpybwdSgwDQYJKoZIhvcNAQEL -BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc -BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMiBHMzAeFw0xMjAxMTIxODU5MzJaFw00 -MjAxMTIxODU5MzJaMEgxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM -aW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDIgRzMwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQChriWyARjcV4g/Ruv5r+LrI3HimtFhZiFf -qq8nUeVuGxbULX1QsFN3vXg6YOJkApt8hpvWGo6t/x8Vf9WVHhLL5hSEBMHfNrMW -n4rjyduYNM7YMxcoRvynyfDStNVNCXJJ+fKH46nafaF9a7I6JaltUkSs+L5u+9ym -c5GQYaYDFCDy54ejiK2toIz/pgslUiXnFgHVy7g1gQyjO/Dh4fxaXc6AcW34Sas+ -O7q414AB+6XrW7PFXmAqMaCvN+ggOp+oMiwMzAkd056OXbxMmO7FGmh77FOm6RQ1 -o9/NgJ8MSPsc9PG/Srj61YxxSscfrf5BmrODXfKEVu+lV0POKa2Mq1W/xPtbAd0j -IaFYAI7D0GoT7RPjEiuA3GfmlbLNHiJuKvhB1PLKFAeNilUSxmn1uIZoL1NesNKq -IcGY5jDjZ1XHm26sGahVpkUG0CM62+tlXSoREfA7T8pt9DTEceT/AFr2XK4jYIVz -8eQQsSWu1ZK7E8EM4DnatDlXtas1qnIhO4M15zHfeiFuuDIIfR0ykRVKYnLP43eh -vNURG3YBZwjgQQvD6xVu+KQZ2aKrr+InUlYrAoosFCT5v0ICvybIxo/gbjh9Uy3l -7ZizlWNof/k19N+IxWA1ksB8aRxhlRbQ694Lrz4EEEVlWFA4r0jyWbYW8jwNkALG -cC4BrTwV1wIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB -BjAdBgNVHQ4EFgQU7edvdlq/YOxJW8ald7tyFnGbxD0wDQYJKoZIhvcNAQELBQAD -ggIBAJHfgD9DCX5xwvfrs4iP4VGyvD11+ShdyLyZm3tdquXK4Qr36LLTn91nMX66 -AarHakE7kNQIXLJgapDwyM4DYvmL7ftuKtwGTTwpD4kWilhMSA/ohGHqPHKmd+RC -roijQ1h5fq7KpVMNqT1wvSAZYaRsOPxDMuHBR//47PERIjKWnML2W2mWeyAMQ0Ga -W/ZZGYjeVYg3UQt4XAoeo0L9x52ID8DyeAIkVJOviYeIyUqAHerQbj5hLja7NQ4n -lv1mNDthcnPxFlxHBlRJAHpYErAK74X9sbgzdWqTHBLmYF5vHX/JHyPLhGGfHoJE -+V+tYlUkmlKY7VHnoX6XOuYvHxHaU4AshZ6rNRDbIl9qxV6XU/IyAgkwo1jwDQHV -csaxfGl7w/U2Rcxhbl5MlMVerugOXou/983g7aEOGzPuVBj+D77vfoRrQ+NwmNtd -dbINWQeFFSM51vHfqSYP1kjHs6Yi9TM3WpVHn3u6GBVv/9YUZINJ0gpnIdsPNWNg -KCLjsZWDzYWm3S8P52dSbrsvhXz1SnPnxT7AvSESBT/8twNJAlvIJebiVDj1eYeM -HVOyToV7BjjHLPj4sHKNJeV3UvQDHEimUF+IIDBu8oJDqz2XhOdT+yHBTw8imoa4 -WSr2Rz0ZiC3oheGe7IUIarFsNMkd7EgrO3jtZsSOeWmD3n+M ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIGnTCCBIWgAwIBAgICBcYwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0x -GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJv -b3QgQ0EgMzAeFw0wNjExMjQxOTExMjNaFw0zMTExMjQxOTA2NDRaMEUxCzAJBgNV -BAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMRswGQYDVQQDExJRdW9W -YWRpcyBSb290IENBIDMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDM -V0IWVJzmmNPTTe7+7cefQzlKZbPoFog02w1ZkXTPkrgEQK0CSzGrvI2RaNggDhoB -4hp7Thdd4oq3P5kazethq8Jlph+3t723j/z9cI8LoGe+AaJZz3HmDyl2/7FWeUUr -H556VOijKTVopAFPD6QuN+8bv+OPEKhyq1hX51SGyMnzW9os2l2ObjyjPtr7guXd -8lyyBTNvijbO0BNO/79KDDRMpsMhvVAEVeuxu537RR5kFd5VAYwCdrXLoT9Cabwv -vWhDFlaJKjdhkf2mrk7AyxRllDdLkgbvBNDInIjbC3uBr7E9KsRlOni27tyAsdLT -mZw67mtaa7ONt9XOnMK+pUsvFrGeaDsGb659n/je7Mwpp5ijJUMv7/FfJuGITfhe -btfZFG4ZM2mnO4SJk8RTVROhUXhA+LjJou57ulJCg54U7QVSWllWp5f8nT8KKdjc -T5EOE7zelaTfi5m+rJsziO+1ga8bxiJTyPbH7pcUsMV8eFLI8M5ud2CEpukqdiDt -WAEXMJPpGovgc2PZapKUSU60rUqFxKMiMPwJ7Wgic6aIDFUhWMXhOp8q3crhkODZ -c6tsgLjoC2SToJyMGf+z0gzskSaHirOi4XCPLArlzW1oUevaPwV/izLmE1xr/l9A -4iLItLRkT9a6fUg+qGkM17uGcclzuD87nSVL2v9A6wIDAQABo4IBlTCCAZEwDwYD -VR0TAQH/BAUwAwEB/zCB4QYDVR0gBIHZMIHWMIHTBgkrBgEEAb5YAAMwgcUwgZMG -CCsGAQUFBwICMIGGGoGDQW55IHVzZSBvZiB0aGlzIENlcnRpZmljYXRlIGNvbnN0 -aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFF1b1ZhZGlzIFJvb3QgQ0EgMyBDZXJ0 -aWZpY2F0ZSBQb2xpY3kgLyBDZXJ0aWZpY2F0aW9uIFByYWN0aWNlIFN0YXRlbWVu -dC4wLQYIKwYBBQUHAgEWIWh0dHA6Ly93d3cucXVvdmFkaXNnbG9iYWwuY29tL2Nw -czALBgNVHQ8EBAMCAQYwHQYDVR0OBBYEFPLAE+CCQz777i9nMpY1XNu4ywLQMG4G -A1UdIwRnMGWAFPLAE+CCQz777i9nMpY1XNu4ywLQoUmkRzBFMQswCQYDVQQGEwJC -TTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDEbMBkGA1UEAxMSUXVvVmFkaXMg -Um9vdCBDQSAzggIFxjANBgkqhkiG9w0BAQUFAAOCAgEAT62gLEz6wPJv92ZVqyM0 -7ucp2sNbtrCD2dDQ4iH782CnO11gUyeim/YIIirnv6By5ZwkajGxkHon24QRiSem -d1o417+shvzuXYO8BsbRd2sPbSQvS3pspweWyuOEn62Iix2rFo1bZhfZFvSLgNLd -+LJ2w/w4E6oM3kJpK27zPOuAJ9v1pkQNn1pVWQvVDVJIxa6f8i+AxeoyUDUSly7B -4f/xI4hROJ/yZlZ25w9Rl6VSDE1JUZU2Pb+iSwwQHYaZTKrzchGT5Or2m9qoXadN -t54CrnMAyNojA+j56hl0YgCUyyIgvpSnWbWCar6ZeXqp8kokUvd0/bpO5qgdAm6x -DYBEwa7TIzdfu4V8K5Iu6H6li92Z4b8nby1dqnuH/grdS/yO9SbkbnBCbjPsMZ57 -k8HkyWkaPcBrTiJt7qtYTcbQQcEr6k8Sh17rRdhs9ZgC06DYVYoGmRmioHfRMJ6s -zHXug/WwYjnPbFfiTNKRCw51KBuav/0aQ/HKd/s7j2G4aSgWQgRecCocIdiP4b0j -Wy10QJLZYxkNc91pvGJHvOB0K7Lrfb5BG7XARsWhIstfTsEokt4YutUqKLsRixeT -mJlglFwjz1onl14LBQaTNx47aTbrqZ5hHY8y2o4M1nQ+ewkk2gF3R8Q7zTSMmfXK -4SVhM7JZG+Ju1zdXtg2pEto= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFYDCCA0igAwIBAgIULvWbAiin23r/1aOp7r0DoM8Sah0wDQYJKoZIhvcNAQEL -BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc -BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMyBHMzAeFw0xMjAxMTIyMDI2MzJaFw00 -MjAxMTIyMDI2MzJaMEgxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM -aW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDMgRzMwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQCzyw4QZ47qFJenMioKVjZ/aEzHs286IxSR -/xl/pcqs7rN2nXrpixurazHb+gtTTK/FpRp5PIpM/6zfJd5O2YIyC0TeytuMrKNu -FoM7pmRLMon7FhY4futD4tN0SsJiCnMK3UmzV9KwCoWdcTzeo8vAMvMBOSBDGzXR -U7Ox7sWTaYI+FrUoRqHe6okJ7UO4BUaKhvVZR74bbwEhELn9qdIoyhA5CcoTNs+c -ra1AdHkrAj80//ogaX3T7mH1urPnMNA3I4ZyYUUpSFlob3emLoG+B01vr87ERROR -FHAGjx+f+IdpsQ7vw4kZ6+ocYfx6bIrc1gMLnia6Et3UVDmrJqMz6nWB2i3ND0/k -A9HvFZcba5DFApCTZgIhsUfei5pKgLlVj7WiL8DWM2fafsSntARE60f75li59wzw -eyuxwHApw0BiLTtIadwjPEjrewl5qW3aqDCYz4ByA4imW0aucnl8CAMhZa634Ryl -sSqiMd5mBPfAdOhx3v89WcyWJhKLhZVXGqtrdQtEPREoPHtht+KPZ0/l7DxMYIBp -VzgeAVuNVejH38DMdyM0SXV89pgR6y3e7UEuFAUCf+D+IOs15xGsIs5XPd7JMG0Q -A4XN8f+MFrXBsj6IbGB/kE+V9/YtrQE5BwT6dYB9v0lQ7e/JxHwc64B+27bQ3RP+ -ydOc17KXqQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB -BjAdBgNVHQ4EFgQUxhfQvKjqAkPyGwaZXSuQILnXnOQwDQYJKoZIhvcNAQELBQAD -ggIBADRh2Va1EodVTd2jNTFGu6QHcrxfYWLopfsLN7E8trP6KZ1/AvWkyaiTt3px -KGmPc+FSkNrVvjrlt3ZqVoAh313m6Tqe5T72omnHKgqwGEfcIHB9UqM+WXzBusnI -FUBhynLWcKzSt/Ac5IYp8M7vaGPQtSCKFWGafoaYtMnCdvvMujAWzKNhxnQT5Wvv -oxXqA/4Ti2Tk08HS6IT7SdEQTXlm66r99I0xHnAUrdzeZxNMgRVhvLfZkXdxGYFg -u/BYpbWcC/ePIlUnwEsBbTuZDdQdm2NnL9DuDcpmvJRPpq3t/O5jrFc/ZSXPsoaP -0Aj/uHYUbt7lJ+yreLVTubY/6CD50qi+YUbKh4yE8/nxoGibIh6BJpsQBJFxwAYf -3KDTuVan45gtf4Od34wrnDKOMpTwATwiKp9Dwi7DmDkHOHv8XgBCH/MyJnmDhPbl -8MFREsALHgQjDFSlTC9JxUrRtm5gDWv8a4uFJGS3iQ6rJUdbPM9+Sb3H6QrG2vd+ -DhcI00iX0HGS8A85PjRqHH3Y8iKuu2n0M7SmSFXRDw4m6Oy2Cy2nhTXN/VnIn9HN -PlopNLk9hM6xZdRZkZFWdSHBd575euFgndOtBBj0fOtek49TSiIp+EgrPk2GrFt/ -ywaZWWDYWGWVjUTR939+J399roD1B0y2PpxxVJkES/1Y+Zj0 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID2DCCAsCgAwIBAgIQYFbFSyNAW2TU7SXa2dYeHjANBgkqhkiG9w0BAQsFADCB -hTELMAkGA1UEBhMCREUxKTAnBgNVBAoTIERldXRzY2hlciBTcGFya2Fzc2VuIFZl -cmxhZyBHbWJIMScwJQYDVQQLEx5TLVRSVVNUIENlcnRpZmljYXRpb24gU2Vydmlj -ZXMxIjAgBgNVBAMTGVMtVFJVU1QgVW5pdmVyc2FsIFJvb3QgQ0EwHhcNMTMxMDIy -MDAwMDAwWhcNMzgxMDIxMjM1OTU5WjCBhTELMAkGA1UEBhMCREUxKTAnBgNVBAoT -IERldXRzY2hlciBTcGFya2Fzc2VuIFZlcmxhZyBHbWJIMScwJQYDVQQLEx5TLVRS -VVNUIENlcnRpZmljYXRpb24gU2VydmljZXMxIjAgBgNVBAMTGVMtVFJVU1QgVW5p -dmVyc2FsIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCo -4wvfETeFgpq1bGZ8YT/ARxodRuOwVWTluII5KAd+F//0m4rwkYHqOD8heGxI7Gsv -otOKcrKn19nqf7TASWswJYmM67fVQGGY4tw8IJLNZUpynxqOjPolFb/zIYMoDYuv -WRGCQ1ybTSVRf1gYY2A7s7WKi1hjN0hIkETCQN1d90NpKZhcEmVeq5CSS2bf1XUS -U1QYpt6K1rtXAzlZmRgFDPn9FcaQZEYXgtfCSkE9/QC+V3IYlHcbU1qJAfYzcg6T -OtzoHv0FBda8c+CI3KtP7LUYhk95hA5IKmYq3TLIeGXIC51YAQVx7YH1aBduyw20 -S9ih7K446xxYL6FlAzQvAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P -AQH/BAQDAgEGMB0GA1UdDgQWBBSafdfr639UmEUptCCrbQuWIxmkwjANBgkqhkiG -9w0BAQsFAAOCAQEATpYS2353XpInniEXGIJ22D+8pQkEZoiJrdtVszNqxmXEj03z -MjbceQSWqXcy0Zf1GGuMuu3OEdBEx5LxtESO7YhSSJ7V/Vn4ox5R+wFS5V/let2q -JE8ii912RvaloA812MoPmLkwXSBvwoEevb3A/hXTOCoJk5gnG5N70Cs0XmilFU/R -UsOgyqCDRR319bdZc11ZAY+qwkcvFHHVKeMQtUeTJcwjKdq3ctiR1OwbSIoi5MEq -9zpok59FGW5Dt8z+uJGaYRo2aWNkkijzb2GShROfyQcsi1fc65551cLeCNVUsldO -KjKNoeI60RAgIjl9NEVvcTvDHfz/sk+o4vYwHg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIClDCCAhqgAwIBAgIILCmcWxbtBZUwCgYIKoZIzj0EAwIwfzELMAkGA1UEBhMC -VVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQKDA9T -U0wgQ29ycG9yYXRpb24xNDAyBgNVBAMMK1NTTC5jb20gRVYgUm9vdCBDZXJ0aWZp -Y2F0aW9uIEF1dGhvcml0eSBFQ0MwHhcNMTYwMjEyMTgxNTIzWhcNNDEwMjEyMTgx -NTIzWjB/MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hv -dXN0b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjE0MDIGA1UEAwwrU1NMLmNv -bSBFViBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzB2MBAGByqGSM49 -AgEGBSuBBAAiA2IABKoSR5CYG/vvw0AHgyBO8TCCogbR8pKGYfL2IWjKAMTH6kMA -VIbc/R/fALhBYlzccBYy3h+Z1MzFB8gIH2EWB1E9fVwHU+M1OIzfzZ/ZLg1Kthku -WnBaBu2+8KGwytAJKaNjMGEwHQYDVR0OBBYEFFvKXuXe0oGqzagtZFG22XKbl+ZP -MA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUW8pe5d7SgarNqC1kUbbZcpuX -5k8wDgYDVR0PAQH/BAQDAgGGMAoGCCqGSM49BAMCA2gAMGUCMQCK5kCJN+vp1RPZ -ytRrJPOwPYdGWBrssd9v+1a6cGvHOMzosYxPD/fxZ3YOg9AeUY8CMD32IygmTMZg -h5Mmm7I1HrrW9zzRHM76JTymGoEVW/MSD2zuZYrJh6j5B+BimoxcSg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF6zCCA9OgAwIBAgIIVrYpzTS8ePYwDQYJKoZIhvcNAQELBQAwgYIxCzAJBgNV -BAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4GA1UEBwwHSG91c3RvbjEYMBYGA1UE -CgwPU1NMIENvcnBvcmF0aW9uMTcwNQYDVQQDDC5TU0wuY29tIEVWIFJvb3QgQ2Vy -dGlmaWNhdGlvbiBBdXRob3JpdHkgUlNBIFIyMB4XDTE3MDUzMTE4MTQzN1oXDTQy -MDUzMDE4MTQzN1owgYIxCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4G -A1UEBwwHSG91c3RvbjEYMBYGA1UECgwPU1NMIENvcnBvcmF0aW9uMTcwNQYDVQQD -DC5TU0wuY29tIEVWIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgUlNBIFIy -MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAjzZlQOHWTcDXtOlG2mvq -M0fNTPl9fb69LT3w23jhhqXZuglXaO1XPqDQCEGD5yhBJB/jchXQARr7XnAjssuf -OePPxU7Gkm0mxnu7s9onnQqG6YE3Bf7wcXHswxzpY6IXFJ3vG2fThVUCAtZJycxa -4bH3bzKfydQ7iEGonL3Lq9ttewkfokxykNorCPzPPFTOZw+oz12WGQvE43LrrdF9 -HSfvkusQv1vrO6/PgN3B0pYEW3p+pKk8OHakYo6gOV7qd89dAFmPZiw+B6KjBSYR -aZfqhbcPlgtLyEDhULouisv3D5oi53+aNxPN8k0TayHRwMwi8qFG9kRpnMphNQcA -b9ZhCBHqurj26bNg5U257J8UZslXWNvNh2n4ioYSA0e/ZhN2rHd9NCSFg83XqpyQ -Gp8hLH94t2S42Oim9HizVcuE0jLEeK6jj2HdzghTreyI/BXkmg3mnxp3zkyPuBQV -PWKchjgGAGYS5Fl2WlPAApiiECtoRHuOec4zSnaqW4EWG7WK2NAAe15itAnWhmMO -pgWVSbooi4iTsjQc2KRVbrcc0N6ZVTsj9CLg+SlmJuwgUHfbSguPvuUCYHBBXtSu -UDkiFCbLsjtzdFVHB3mBOagwE0TlBIqulhMlQg+5U8Sb/M3kHN48+qvWBkofZ6aY -MBzdLNvcGJVXZsb/XItW9XcCAwEAAaNjMGEwDwYDVR0TAQH/BAUwAwEB/zAfBgNV -HSMEGDAWgBT5YLvU49U09rj1BoAlp3PbRmmonjAdBgNVHQ4EFgQU+WC71OPVNPa4 -9QaAJadz20ZpqJ4wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQBW -s47LCp1Jjr+kxJG7ZhcFUZh1++VQLHqe8RT6q9OKPv+RKY9ji9i0qVQBDb6Thi/5 -Sm3HXvVX+cpVHBK+Rw82xd9qt9t1wkclf7nxY/hoLVUE0fKNsKTPvDxeH3jnpaAg -cLAExbf3cqfeIg29MyVGjGSSJuM+LmOW2puMPfgYCdcDzH2GguDKBAdRUNf/ktUM -79qGn5nX67evaOI5JpS6aLe/g9Pqemc9YmeuJeVy6OLk7K4S9ksrPJ/psEDzOFSz -/bdoyNrGj1E8svuR3Bznm53htw1yj+KkxKl4+esUrMZDBcJlOSgYAsOCsp0FvmXt -ll9ldDz7CTUue5wT/RsPXcdtgTpWD8w74a8CLyKsRspGPKAcTNZEtF4uXBVmCeEm -Kf7GUmG6sXP/wwyc5WxqlD8UykAWlYTzWamsX0xhk23RO8yilQwipmdnRC652dKK -QbNmC1r7fSOl8hqw/96bg5Qu0T/fkreRrwU7ZcegbLHNYhLDkBvjJc40vG93drEQ -w/cFGsDWr3RiSBd3kmmQYRzelYB0VI8YHMPzA9C/pEN1hlMYegouCRw2n5H9gooi -S9EOUCXdywMMF8mDAAhONU2Ki+3wApRmLER/y5UnlhetCTCstnEXbosX9hwJ1C07 -mKVx01QT2WDz9UtmT/rx7iASjbSsV7FFY6GsdqnC+w== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICjTCCAhSgAwIBAgIIdebfy8FoW6gwCgYIKoZIzj0EAwIwfDELMAkGA1UEBhMC -VVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQKDA9T -U0wgQ29ycG9yYXRpb24xMTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZpY2F0 -aW9uIEF1dGhvcml0eSBFQ0MwHhcNMTYwMjEyMTgxNDAzWhcNNDEwMjEyMTgxNDAz -WjB8MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0 -b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNvbSBS -b290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzB2MBAGByqGSM49AgEGBSuB -BAAiA2IABEVuqVDEpiM2nl8ojRfLliJkP9x6jh3MCLOicSS6jkm5BBtHllirLZXI -7Z4INcgn64mMU1jrYor+8FsPazFSY0E7ic3s7LaNGdM0B9y7xgZ/wkWV7Mt/qCPg -CemB+vNH06NjMGEwHQYDVR0OBBYEFILRhXMw5zUE044CkvvlpNHEIejNMA8GA1Ud -EwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUgtGFczDnNQTTjgKS++Wk0cQh6M0wDgYD -VR0PAQH/BAQDAgGGMAoGCCqGSM49BAMCA2cAMGQCMG/n61kRpGDPYbCWe+0F+S8T -kdzt5fxQaxFGRrMcIQBiu77D5+jNB5n5DQtdcj7EqgIwH7y6C+IwJPt8bYBVCpk+ -gA0z5Wajs6O7pdWLjwkspl1+4vAHCGht0nxpbl/f5Wpl ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF3TCCA8WgAwIBAgIIeyyb0xaAMpkwDQYJKoZIhvcNAQELBQAwfDELMAkGA1UE -BhMCVVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQK -DA9TU0wgQ29ycG9yYXRpb24xMTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZp -Y2F0aW9uIEF1dGhvcml0eSBSU0EwHhcNMTYwMjEyMTczOTM5WhcNNDEwMjEyMTcz -OTM5WjB8MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hv -dXN0b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNv -bSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFJTQTCCAiIwDQYJKoZIhvcN -AQEBBQADggIPADCCAgoCggIBAPkP3aMrfcvQKv7sZ4Wm5y4bunfh4/WvpOz6Sl2R -xFdHaxh3a3by/ZPkPQ/CFp4LZsNWlJ4Xg4XOVu/yFv0AYvUiCVToZRdOQbngT0aX -qhvIuG5iXmmxX9sqAn78bMrzQdjt0Oj8P2FI7bADFB0QDksZ4LtO7IZl/zbzXmcC -C52GVWH9ejjt/uIZALdvoVBidXQ8oPrIJZK0bnoix/geoeOy3ZExqysdBP+lSgQ3 -6YWkMyv94tZVNHwZpEpox7Ko07fKoZOI68GXvIz5HdkihCR0xwQ9aqkpk8zruFvh -/l8lqjRYyMEjVJ0bmBHDOJx+PYZspQ9AhnwC9FwCTyjLrnGfDzrIM/4RJTXq/LrF -YD3ZfBjVsqnTdXgDciLKOsMf7yzlLqn6niy2UUb9rwPW6mBo6oUWNmuF6R7As93E -JNyAKoFBbZQ+yODJgUEAnl6/f8UImKIYLEJAs/lvOCdLToD0PYFH4Ih86hzOtXVc -US4cK38acijnALXRdMbX5J+tB5O2UzU1/Dfkw/ZdFr4hc96SCvigY2q8lpJqPvi8 -ZVWb3vUNiSYE/CUapiVpy8JtynziWV+XrOvvLsi81xtZPCvM8hnIk2snYxnP/Okm -+Mpxm3+T/jRnhE6Z6/yzeAkzcLpmpnbtG3PrGqUNxCITIJRWCk4sbE6x/c+cCbqi -M+2HAgMBAAGjYzBhMB0GA1UdDgQWBBTdBAkHovV6fVJTEpKV7jiAJQ2mWTAPBgNV -HRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFN0ECQei9Xp9UlMSkpXuOIAlDaZZMA4G -A1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAIBgRlCn7Jp0cHh5wYfGV -cpNxJK1ok1iOMq8bs3AD/CUrdIWQPXhq9LmLpZc7tRiRux6n+UBbkflVma8eEdBc -Hadm47GUBwwyOabqG7B52B2ccETjit3E+ZUfijhDPwGFpUenPUayvOUiaPd7nNgs -PgohyC0zrL/FgZkxdMF1ccW+sfAjRfSda/wZY52jvATGGAslu1OJD7OAUN5F7kR/ -q5R4ZJjT9ijdh9hwZXT7DrkT66cPYakylszeu+1jTBi7qUD3oFRuIIhxdRjqerQ0 -cuAjJ3dctpDqhiVAq+8zD8ufgr6iIPv2tS0a5sKFsXQP+8hlAqRSAUfdSSLBv9jr -a6x+3uxjMxW3IwiPxg+NQVrdjsW5j+VFP3jbutIbQLH+cU0/4IGiul607BXgk90I -H37hVZkLId6Tngr75qNJvTYw/ud3sqB1l7UtgYgXZSD32pAAn8lSzDLKNXz1PQ/Y -K9f1JmzJBjSWFupwWRoyeXkLtoh/D1JIPb9s2KJELtFOt3JY04kTlf5Eq/jXixtu -nLwsoFvVagCvXzfh1foQC5ichucmj87w7G6KVwuA406ywKBjYZC6VWg3dGq2ktuf -oYYitmUnDuy2n0Jg5GfCtdpBC8TTi2EbvPofkSvXRAdeuims2cXp71NIWuuA8ShY -Ic2wBlX7Jz9TkHCpBB5XJ7k= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDcjCCAlqgAwIBAgIUPopdB+xV0jLVt+O2XwHrLdzk1uQwDQYJKoZIhvcNAQEL -BQAwUTELMAkGA1UEBhMCUEwxKDAmBgNVBAoMH0tyYWpvd2EgSXpiYSBSb3psaWN6 -ZW5pb3dhIFMuQS4xGDAWBgNVBAMMD1NaQUZJUiBST09UIENBMjAeFw0xNTEwMTkw -NzQzMzBaFw0zNTEwMTkwNzQzMzBaMFExCzAJBgNVBAYTAlBMMSgwJgYDVQQKDB9L -cmFqb3dhIEl6YmEgUm96bGljemVuaW93YSBTLkEuMRgwFgYDVQQDDA9TWkFGSVIg -Uk9PVCBDQTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3vD5QqEvN -QLXOYeeWyrSh2gwisPq1e3YAd4wLz32ohswmUeQgPYUM1ljj5/QqGJ3a0a4m7utT -3PSQ1hNKDJA8w/Ta0o4NkjrcsbH/ON7Dui1fgLkCvUqdGw+0w8LBZwPd3BucPbOw -3gAeqDRHu5rr/gsUvTaE2g0gv/pby6kWIK05YO4vdbbnl5z5Pv1+TW9NL++IDWr6 -3fE9biCloBK0TXC5ztdyO4mTp4CEHCdJckm1/zuVnsHMyAHs6A6KCpbns6aH5db5 -BSsNl0BwPLqsdVqc1U2dAgrSS5tmS0YHF2Wtn2yIANwiieDhZNRnvDF5YTy7ykHN -XGoAyDw4jlivAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD -AgEGMB0GA1UdDgQWBBQuFqlKGLXLzPVvUPMjX/hd56zwyDANBgkqhkiG9w0BAQsF -AAOCAQEAtXP4A9xZWx126aMqe5Aosk3AM0+qmrHUuOQn/6mWmc5G4G18TKI4pAZw -8PRBEew/R40/cof5O/2kbytTAOD/OblqBw7rHRz2onKQy4I9EYKL0rufKq8h5mOG -nXkZ7/e7DDWQw4rtTw/1zBLZpD67oPwglV9PJi8RI4NOdQcPv5vRtB3pEAT+ymCP -oky4rc/hkA/NrgrHXXu3UNLUYfrVFdvXn4dRVOul4+vJhaAlIDf7js4MNIThPIGy -d05DpYhfhmehPea0XGG2Ptv+tyjFogeutcrKjSoS75ftwjCkySp6+/NNIxuZMzSg -LvWpCz/UXeHPhJ/iGcJfitYgHuNztw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDbTCCAlWgAwIBAgIBATANBgkqhkiG9w0BAQUFADBYMQswCQYDVQQGEwJKUDEr -MCkGA1UEChMiSmFwYW4gQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcywgSW5jLjEcMBoG -A1UEAxMTU2VjdXJlU2lnbiBSb290Q0ExMTAeFw0wOTA0MDgwNDU2NDdaFw0yOTA0 -MDgwNDU2NDdaMFgxCzAJBgNVBAYTAkpQMSswKQYDVQQKEyJKYXBhbiBDZXJ0aWZp -Y2F0aW9uIFNlcnZpY2VzLCBJbmMuMRwwGgYDVQQDExNTZWN1cmVTaWduIFJvb3RD -QTExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/XeqpRyQBTvLTJsz -i1oURaTnkBbR31fSIRCkF/3frNYfp+TbfPfs37gD2pRY/V1yfIw/XwFndBWW4wI8 -h9uuywGOwvNmxoVF9ALGOrVisq/6nL+k5tSAMJjzDbaTj6nU2DbysPyKyiyhFTOV -MdrAG/LuYpmGYz+/3ZMqg6h2uRMft85OQoWPIucuGvKVCbIFtUROd6EgvanyTgp9 -UK31BQ1FT0Zx/Sg+U/sE2C3XZR1KG/rPO7AxmjVuyIsG0wCR8pQIZUyxNAYAeoni -8McDWc/V1uinMrPmmECGxc0nEovMe863ETxiYAcjPitAbpSACW22s293bzUIUPsC -h8U+iQIDAQABo0IwQDAdBgNVHQ4EFgQUW/hNT7KlhtQ60vFjmqC+CfZXt94wDgYD -VR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEB -AKChOBZmLqdWHyGcBvod7bkixTgm2E5P7KN/ed5GIaGHd48HCJqypMWvDzKYC3xm -KbabfSVSSUOrTC4rbnpwrxYO4wJs+0LmGJ1F2FXI6Dvd5+H0LgscNFxsWEr7jIhQ -X5Ucv+2rIrVls4W6ng+4reV6G4pQOh29Dbx7VFALuUKvVaAYga1lme++5Jy/xIWr -QbJUb9wlze144o4MjQlJ3WN7WmmWAiGovVJZ6X01y8hSyn+B/tlr0/cR7SXf+Of5 -pPpyl4RTDaXQMhhRdlkUbA/r7F+AjHVDg8OFmP9Mni0N5HeDk061lgeLKBObjBmN -QSdJQO7e5iNEOdyhIta6A/I= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDuDCCAqCgAwIBAgIQDPCOXAgWpa1Cf/DrJxhZ0DANBgkqhkiG9w0BAQUFADBI -MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24x -FzAVBgNVBAMTDlNlY3VyZVRydXN0IENBMB4XDTA2MTEwNzE5MzExOFoXDTI5MTIz -MTE5NDA1NVowSDELMAkGA1UEBhMCVVMxIDAeBgNVBAoTF1NlY3VyZVRydXN0IENv -cnBvcmF0aW9uMRcwFQYDVQQDEw5TZWN1cmVUcnVzdCBDQTCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBAKukgeWVzfX2FI7CT8rU4niVWJxB4Q2ZQCQXOZEz -Zum+4YOvYlyJ0fwkW2Gz4BERQRwdbvC4u/jep4G6pkjGnx29vo6pQT64lO0pGtSO -0gMdA+9tDWccV9cGrcrI9f4Or2YlSASWC12juhbDCE/RRvgUXPLIXgGZbf2IzIao -wW8xQmxSPmjL8xk037uHGFaAJsTQ3MBv396gwpEWoGQRS0S8Hvbn+mPeZqx2pHGj -7DaUaHp3pLHnDi+BeuK1cobvomuL8A/b01k/unK8RCSc43Oz969XL0Imnal0ugBS -8kvNU3xHCzaFDmapCJcWNFfBZveA4+1wVMeT4C4oFVmHursCAwEAAaOBnTCBmjAT -BgkrBgEEAYI3FAIEBh4EAEMAQTALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB -/zAdBgNVHQ4EFgQUQjK2FvoE/f5dS3rD/fdMQB1aQ68wNAYDVR0fBC0wKzApoCeg -JYYjaHR0cDovL2NybC5zZWN1cmV0cnVzdC5jb20vU1RDQS5jcmwwEAYJKwYBBAGC -NxUBBAMCAQAwDQYJKoZIhvcNAQEFBQADggEBADDtT0rhWDpSclu1pqNlGKa7UTt3 -6Z3q059c4EVlew3KW+JwULKUBRSuSceNQQcSc5R+DCMh/bwQf2AQWnL1mA6s7Ll/ -3XpvXdMc9P+IBWlCqQVxyLesJugutIxq/3HcuLHfmbx8IVQr5Fiiu1cprp6poxkm -D5kuCLDv/WnPmRoJjeOnnyvJNjR7JLN4TJUXpAYmHrZkUjZfYGfZnMUFdAvnZyPS -CPyI6a6Lf+Ew9Dd+/cYy2i2eRDAwbO4H3tI0/NL/QPZL9GZGBlSm8jIKYyYwa5vR -3ItHuuG51WLQoqD0ZwV4KWMabwTW+MZMo5qxN7SN5ShLHZ4swrhovO0C7jE= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDvDCCAqSgAwIBAgIQB1YipOjUiolN9BPI8PjqpTANBgkqhkiG9w0BAQUFADBK -MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24x -GTAXBgNVBAMTEFNlY3VyZSBHbG9iYWwgQ0EwHhcNMDYxMTA3MTk0MjI4WhcNMjkx -MjMxMTk1MjA2WjBKMQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3Qg -Q29ycG9yYXRpb24xGTAXBgNVBAMTEFNlY3VyZSBHbG9iYWwgQ0EwggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvNS7YrGxVaQZx5RNoJLNP2MwhR/jxYDiJ -iQPpvepeRlMJ3Fz1Wuj3RSoC6zFh1ykzTM7HfAo3fg+6MpjhHZevj8fcyTiW89sa -/FHtaMbQbqR8JNGuQsiWUGMu4P51/pinX0kuleM5M2SOHqRfkNJnPLLZ/kG5VacJ -jnIFHovdRIWCQtBJwB1g8NEXLJXr9qXBkqPFwqcIYA1gBBCWeZ4WNOaptvolRTnI -HmX5k/Wq8VLcmZg9pYYaDDUz+kulBAYVHDGA76oYa8J719rO+TMg1fW9ajMtgQT7 -sFzUnKPiXB3jqUJ1XnvUd+85VLrJChgbEplJL4hL/VBi0XPnj3pDAgMBAAGjgZ0w -gZowEwYJKwYBBAGCNxQCBAYeBABDAEEwCwYDVR0PBAQDAgGGMA8GA1UdEwEB/wQF -MAMBAf8wHQYDVR0OBBYEFK9EBMJBfkiD2045AuzshHrmzsmkMDQGA1UdHwQtMCsw -KaAnoCWGI2h0dHA6Ly9jcmwuc2VjdXJldHJ1c3QuY29tL1NHQ0EuY3JsMBAGCSsG -AQQBgjcVAQQDAgEAMA0GCSqGSIb3DQEBBQUAA4IBAQBjGghAfaReUw132HquHw0L -URYD7xh8yOOvaliTFGCRsoTciE6+OYo68+aCiV0BN7OrJKQVDpI1WkpEXk5X+nXO -H0jOZvQ8QCaSmGwb7iRGDBezUqXbpZGRzzfTb+cnCDpOGR86p1hcF895P4vkp9Mm -I50mD1hp/Ed+stCNi5O/KU9DaXR2Z0vPB4zmAve14bRDtUstFJ/53CYNv6ZHdAbY -iNE6KTCEztI5gGIbqMdXSbxqVVFnFUq+NQfk1XWYN3kwFNspnWzFacxHVaIw98xc -f8LDmBxrThaA63p4ZUWiABqvDA1VZDRIuJK58bRQKfJPIx/abKwfROHdI3hRW8cW ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDdzCCAl+gAwIBAgIBADANBgkqhkiG9w0BAQsFADBdMQswCQYDVQQGEwJKUDEl -MCMGA1UEChMcU0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4sTFRELjEnMCUGA1UECxMe -U2VjdXJpdHkgQ29tbXVuaWNhdGlvbiBSb290Q0EyMB4XDTA5MDUyOTA1MDAzOVoX -DTI5MDUyOTA1MDAzOVowXTELMAkGA1UEBhMCSlAxJTAjBgNVBAoTHFNFQ09NIFRy -dXN0IFN5c3RlbXMgQ08uLExURC4xJzAlBgNVBAsTHlNlY3VyaXR5IENvbW11bmlj -YXRpb24gUm9vdENBMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANAV -OVKxUrO6xVmCxF1SrjpDZYBLx/KWvNs2l9amZIyoXvDjChz335c9S672XewhtUGr -zbl+dp+++T42NKA7wfYxEUV0kz1XgMX5iZnK5atq1LXaQZAQwdbWQonCv/Q4EpVM -VAX3NuRFg3sUZdbcDE3R3n4MqzvEFb46VqZab3ZpUql6ucjrappdUtAtCms1FgkQ -hNBqyjoGADdH5H5XTz+L62e4iKrFvlNVspHEfbmwhRkGeC7bYRr6hfVKkaHnFtWO -ojnflLhwHyg/i/xAXmODPIMqGplrz95Zajv8bxbXH/1KEOtOghY6rCcMU/Gt1SSw -awNQwS08Ft1ENCcadfsCAwEAAaNCMEAwHQYDVR0OBBYEFAqFqXdlBZh8QIH4D5cs -OPEK7DzPMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3 -DQEBCwUAA4IBAQBMOqNErLlFsceTfsgLCkLfZOoc7llsCLqJX2rKSpWeeo8HxdpF -coJxDjrSzG+ntKEju/Ykn8sX/oymzsLS28yN/HH8AynBbF0zX2S2ZTuJbxh2ePXc -okgfGT+Ok+vx+hfuzU7jBBJV1uXk3fs+BXziHV7Gp7yXT2g69ekuCkO2r1dcYmh8 -t/2jioSgrGK+KwmHNPBqAbubKVY8/gA3zyNs8U6qtnRGEmyR7jTV7JqR50S+kDFy -1UkC9gLl9B/rfNmWVan/7Ir5mUf/NVoCqgTLiluHcSmRvaS0eg29mvVXIwAHIRc/ -SjnRBUkLp7Y3gaVdjKozXoEofKd9J+sAro03 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDWjCCAkKgAwIBAgIBADANBgkqhkiG9w0BAQUFADBQMQswCQYDVQQGEwJKUDEY -MBYGA1UEChMPU0VDT00gVHJ1c3QubmV0MScwJQYDVQQLEx5TZWN1cml0eSBDb21t -dW5pY2F0aW9uIFJvb3RDQTEwHhcNMDMwOTMwMDQyMDQ5WhcNMjMwOTMwMDQyMDQ5 -WjBQMQswCQYDVQQGEwJKUDEYMBYGA1UEChMPU0VDT00gVHJ1c3QubmV0MScwJQYD -VQQLEx5TZWN1cml0eSBDb21tdW5pY2F0aW9uIFJvb3RDQTEwggEiMA0GCSqGSIb3 -DQEBAQUAA4IBDwAwggEKAoIBAQCzs/5/022x7xZ8V6UMbXaKL0u/ZPtM7orw8yl8 -9f/uKuDp6bpbZCKamm8sOiZpUQWZJtzVHGpxxpp9Hp3dfGzGjGdnSj74cbAZJ6kJ -DKaVv0uMDPpVmDvY6CKhS3E4eayXkmmziX7qIWgGmBSWh9JhNrxtJ1aeV+7AwFb9 -Ms+k2Y7CI9eNqPPYJayX5HA49LY6tJ07lyZDo6G8SVlyTCMwhwFY9k6+HGhWZq/N -QV3Is00qVUarH9oe4kA92819uZKAnDfdDJZkndwi92SL32HeFZRSFaB9UslLqCHJ -xrHty8OVYNEP8Ktw+N/LTX7s1vqr2b1/VPKl6Xn62dZ2JChzAgMBAAGjPzA9MB0G -A1UdDgQWBBSgc0mZaNyFW2XjmygvV5+9M7wHSDALBgNVHQ8EBAMCAQYwDwYDVR0T -AQH/BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAaECpqLvkT115swW1F7NgE+vG -kl3g0dNq/vu+m22/xwVtWSDEHPC32oRYAmP6SBbvT6UL90qY8j+eG61Ha2POCEfr -Uj94nK9NrvjVT8+amCoQQTlSxN3Zmw7vkwGusi7KaEIkQmywszo+zenaSMQVy+n5 -Bw+SUEmK3TGXX8npN6o7WWWXlDLJs58+OmJYxUmtYg5xpTKqL8aJdkNAExNnPaJU -JRDL8Try2frbSVa7pv6nQTXD4IhhyYjH3zYQIphZ6rBK+1YWc26sTfcioU+tHXot -RSflMMFe8toTyyVCUZVHA4xsIcx0Qu1T/zOLjw9XARYvz6buyXAiFL39vmwLAw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDIDCCAgigAwIBAgIBHTANBgkqhkiG9w0BAQUFADA5MQswCQYDVQQGEwJGSTEP -MA0GA1UEChMGU29uZXJhMRkwFwYDVQQDExBTb25lcmEgQ2xhc3MyIENBMB4XDTAx -MDQwNjA3Mjk0MFoXDTIxMDQwNjA3Mjk0MFowOTELMAkGA1UEBhMCRkkxDzANBgNV -BAoTBlNvbmVyYTEZMBcGA1UEAxMQU29uZXJhIENsYXNzMiBDQTCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAJAXSjWdyvANlsdE+hY3/Ei9vX+ALTU74W+o -Z6m/AxxNjG8yR9VBaKQTBME1DJqEQ/xcHf+Js+gXGM2RX/uJ4+q/Tl18GybTdXnt -5oTjV+WtKcT0OijnpXuENmmz/V52vaMtmdOQTiMofRhj8VQ7Jp12W5dCsv+u8E7s -3TmVToMGf+dJQMjFAbJUWmYdPfz56TwKnoG4cPABi+QjVHzIrviQHgCWctRUz2Ej -vOr7nQKV0ba5cTppCD8PtOFCx4j1P5iop7oc4HFx71hXgVB6XGt0Rg6DA5jDjqhu -8nYybieDwnPz3BjotJPqdURrBGAgcVeHnfO+oJAjPYok4doh28MCAwEAAaMzMDEw -DwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4ECgQISqCqWITTXjwwCwYDVR0PBAQDAgEG -MA0GCSqGSIb3DQEBBQUAA4IBAQBazof5FnIVV0sd2ZvnoiYw7JNn39Yt0jSv9zil -zqsWuasvfDXLrNAPtEwr/IDva4yRXzZ299uzGxnq9LIR/WFxRL8oszodv7ND6J+/ -3DEIcbCdjdY0RzKQxmUk96BKfARzjzlvF4xytb1LyHr4e4PDKE6cCepnP7JnBBvD -FNr450kkkdAdavphOe9r5yF1BgfYErQhIHBCcYHaPJo2vqZbDWpsmh+Re/n570K6 -Tk6ezAyNlNzZRZxe7EJQY670XcSxEtzKO6gunRRaBXW37Ndj4ro1tgQIkejanZz2 -ZrUYrAqmVCY0M9IbwdR/GjqOC6oybtv8TyWf2TLHllpwrN9M ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFcDCCA1igAwIBAgIEAJiWjTANBgkqhkiG9w0BAQsFADBYMQswCQYDVQQGEwJO -TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSkwJwYDVQQDDCBTdGFh -dCBkZXIgTmVkZXJsYW5kZW4gRVYgUm9vdCBDQTAeFw0xMDEyMDgxMTE5MjlaFw0y -MjEyMDgxMTEwMjhaMFgxCzAJBgNVBAYTAk5MMR4wHAYDVQQKDBVTdGFhdCBkZXIg -TmVkZXJsYW5kZW4xKTAnBgNVBAMMIFN0YWF0IGRlciBOZWRlcmxhbmRlbiBFViBS -b290IENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA48d+ifkkSzrS -M4M1LGns3Amk41GoJSt5uAg94JG6hIXGhaTK5skuU6TJJB79VWZxXSzFYGgEt9nC -UiY4iKTWO0Cmws0/zZiTs1QUWJZV1VD+hq2kY39ch/aO5ieSZxeSAgMs3NZmdO3d -Z//BYY1jTw+bbRcwJu+r0h8QoPnFfxZpgQNH7R5ojXKhTbImxrpsX23Wr9GxE46p -rfNeaXUmGD5BKyF/7otdBwadQ8QpCiv8Kj6GyzyDOvnJDdrFmeK8eEEzduG/L13l -pJhQDBXd4Pqcfzho0LKmeqfRMb1+ilgnQ7O6M5HTp5gVXJrm0w912fxBmJc+qiXb -j5IusHsMX/FjqTf5m3VpTCgmJdrV8hJwRVXj33NeN/UhbJCONVrJ0yPr08C+eKxC -KFhmpUZtcALXEPlLVPxdhkqHz3/KRawRWrUgUY0viEeXOcDPusBCAUCZSCELa6fS -/ZbV0b5GnUngC6agIk440ME8MLxwjyx1zNDFjFE7PZQIZCZhfbnDZY8UnCHQqv0X -cgOPvZuM5l5Tnrmd74K74bzickFbIZTTRTeU0d8JOV3nI6qaHcptqAqGhYqCvkIH -1vI4gnPah1vlPNOePqc7nvQDs/nxfRN0Av+7oeX6AHkcpmZBiFxgV6YuCcS6/ZrP -px9Aw7vMWgpVSzs4dlG4Y4uElBbmVvMCAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB -/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFP6rAJCYniT8qcwaivsnuL8wbqg7 -MA0GCSqGSIb3DQEBCwUAA4ICAQDPdyxuVr5Os7aEAJSrR8kN0nbHhp8dB9O2tLsI -eK9p0gtJ3jPFrK3CiAJ9Brc1AsFgyb/E6JTe1NOpEyVa/m6irn0F3H3zbPB+po3u -2dfOWBfoqSmuc0iH55vKbimhZF8ZE/euBhD/UcabTVUlT5OZEAFTdfETzsemQUHS -v4ilf0X8rLiltTMMgsT7B/Zq5SWEXwbKwYY5EdtYzXc7LMJMD16a4/CrPmEbUCTC -wPTxGfARKbalGAKb12NMcIxHowNDXLldRqANb/9Zjr7dn3LDWyvfjFvO5QxGbJKy -CqNMVEIYFRIYvdr8unRu/8G2oGTYqV9Vrp9canaW2HNnh/tNf1zuacpzEPuKqf2e -vTY4SUmH9A4U8OmHuD+nT3pajnnUk+S7aFKErGzp85hwVXIy+TSrK0m1zSBi5Dp6 -Z2Orltxtrpfs/J92VoguZs9btsmksNcFuuEnL5O7Jiqik7Ab846+HUCjuTaPPoIa -Gl6I6lD4WeKDRikL40Rc4ZW2aZCaFG+XroHPaO+Zmr615+F/+PoTRxZMzG0IQOeL -eG9QgkRQP2YGiqtDhFZKDyAthg710tvSeopLzaXoTvFeJiUBWSOgftL2fiFX1ye8 -FVdMpEbB4IMeDExNH08GGeL5qPQ6gqGyeUN51q1veieQA6TqJIc/2b3Z6fJfUEkc -7uzXLg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFyjCCA7KgAwIBAgIEAJiWjDANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJO -TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSswKQYDVQQDDCJTdGFh -dCBkZXIgTmVkZXJsYW5kZW4gUm9vdCBDQSAtIEcyMB4XDTA4MDMyNjExMTgxN1oX -DTIwMDMyNTExMDMxMFowWjELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRl -ciBOZWRlcmxhbmRlbjErMCkGA1UEAwwiU3RhYXQgZGVyIE5lZGVybGFuZGVuIFJv -b3QgQ0EgLSBHMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMVZ5291 -qj5LnLW4rJ4L5PnZyqtdj7U5EILXr1HgO+EASGrP2uEGQxGZqhQlEq0i6ABtQ8Sp -uOUfiUtnvWFI7/3S4GCI5bkYYCjDdyutsDeqN95kWSpGV+RLufg3fNU254DBtvPU -Z5uW6M7XxgpT0GtJlvOjCwV3SPcl5XCsMBQgJeN/dVrlSPhOewMHBPqCYYdu8DvE -pMfQ9XQ+pV0aCPKbJdL2rAQmPlU6Yiile7Iwr/g3wtG61jj99O9JMDeZJiFIhQGp -5Rbn3JBV3w/oOM2ZNyFPXfUib2rFEhZgF1XyZWampzCROME4HYYEhLoaJXhena/M -UGDWE4dS7WMfbWV9whUYdMrhfmQpjHLYFhN9C0lK8SgbIHRrxT3dsKpICT0ugpTN -GmXZK4iambwYfp/ufWZ8Pr2UuIHOzZgweMFvZ9C+X+Bo7d7iscksWXiSqt8rYGPy -5V6548r6f1CGPqI0GAwJaCgRHOThuVw+R7oyPxjMW4T182t0xHJ04eOLoEq9jWYv -6q012iDTiIJh8BIitrzQ1aTsr1SIJSQ8p22xcik/Plemf1WvbibG/ufMQFxRRIEK -eN5KzlW/HdXZt1bv8Hb/C3m1r737qWmRRpdogBQ2HbN/uymYNqUg+oJgYjOk7Na6 -B6duxc8UpufWkjTYgfX8HV2qXB72o007uPc5AgMBAAGjgZcwgZQwDwYDVR0TAQH/ -BAUwAwEB/zBSBgNVHSAESzBJMEcGBFUdIAAwPzA9BggrBgEFBQcCARYxaHR0cDov -L3d3dy5wa2lvdmVyaGVpZC5ubC9wb2xpY2llcy9yb290LXBvbGljeS1HMjAOBgNV -HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFJFoMocVHYnitfGsNig0jQt8YojrMA0GCSqG -SIb3DQEBCwUAA4ICAQCoQUpnKpKBglBu4dfYszk78wIVCVBR7y29JHuIhjv5tLyS -CZa59sCrI2AGeYwRTlHSeYAz+51IvuxBQ4EffkdAHOV6CMqqi3WtFMTC6GY8ggen -5ieCWxjmD27ZUD6KQhgpxrRW/FYQoAUXvQwjf/ST7ZwaUb7dRUG/kSS0H4zpX897 -IZmflZ85OkYcbPnNe5yQzSipx6lVu6xiNGI1E0sUOlWDuYaNkqbG9AclVMwWVxJK -gnjIFNkXgiYtXSAfea7+1HAWFpWD2DU5/1JddRwWxRNVz0fMdWVSSt7wsKfkCpYL -+63C4iWEst3kvX5ZbJvw8NjnyvLplzh+ib7M+zkXYT9y2zqR2GUBGR2tUKRXCnxL -vJxxcypFURmFzI79R6d0lR2o0a9OF7FpJsKqeFdbxU2n5Z4FF5TKsl+gSRiNNOkm -bEgeqmiSBeGCc1qb3AdbCG19ndeNIdn8FCCqwkXfP+cAslHkwvgFuXkajDTznlvk -N1trSt8sV4pAWja63XVECDdCcAz+3F4hoKOKwJCcaNpQ5kUQR3i2TtJlycM33+FC -Y7BXN0Ute4qcvwXqZVUz9zkQxSgqIXobisQk+T8VyJoVIPVVYpbtbZNQvOSqeK3Z -ywplh6ZmwcSBo3c6WB4L7oOLnR7SUqTMHW+wmG2UMbX4cQrcufx9MmDm66+KAQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFdDCCA1ygAwIBAgIEAJiiOTANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJO -TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSswKQYDVQQDDCJTdGFh -dCBkZXIgTmVkZXJsYW5kZW4gUm9vdCBDQSAtIEczMB4XDTEzMTExNDExMjg0MloX -DTI4MTExMzIzMDAwMFowWjELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRl -ciBOZWRlcmxhbmRlbjErMCkGA1UEAwwiU3RhYXQgZGVyIE5lZGVybGFuZGVuIFJv -b3QgQ0EgLSBHMzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAL4yolQP -cPssXFnrbMSkUeiFKrPMSjTysF/zDsccPVMeiAho2G89rcKezIJnByeHaHE6n3WW -IkYFsO2tx1ueKt6c/DrGlaf1F2cY5y9JCAxcz+bMNO14+1Cx3Gsy8KL+tjzk7FqX -xz8ecAgwoNzFs21v0IJyEavSgWhZghe3eJJg+szeP4TrjTgzkApyI/o1zCZxMdFy -KJLZWyNtZrVtB0LrpjPOktvA9mxjeM3KTj215VKb8b475lRgsGYeCasH/lSJEULR -9yS6YHgamPfJEf0WwTUaVHXvQ9Plrk7O53vDxk5hUUurmkVLoR9BvUhTFXFkC4az -5S6+zqQbwSmEorXLCCN2QyIkHxcE1G6cxvx/K2Ya7Irl1s9N9WMJtxU51nus6+N8 -6U78dULI7ViVDAZCopz35HCz33JvWjdAidiFpNfxC95DGdRKWCyMijmev4SH8RY7 -Ngzp07TKbBlBUgmhHbBqv4LvcFEhMtwFdozL92TkA1CvjJFnq8Xy7ljY3r735zHP -bMk7ccHViLVlvMDoFxcHErVc0qsgk7TmgoNwNsXNo42ti+yjwUOH5kPiNL6VizXt -BznaqB16nzaeErAMZRKQFWDZJkBE41ZgpRDUajz9QdwOWke275dhdU/Z/seyHdTt -XUmzqWrLZoQT1Vyg3N9udwbRcXXIV2+vD3dbAgMBAAGjQjBAMA8GA1UdEwEB/wQF -MAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRUrfrHkleuyjWcLhL75Lpd -INyUVzANBgkqhkiG9w0BAQsFAAOCAgEAMJmdBTLIXg47mAE6iqTnB/d6+Oea31BD -U5cqPco8R5gu4RV78ZLzYdqQJRZlwJ9UXQ4DO1t3ApyEtg2YXzTdO2PCwyiBwpwp -LiniyMMB8jPqKqrMCQj3ZWfGzd/TtiunvczRDnBfuCPRy5FOCvTIeuXZYzbB1N/8 -Ipf3YF3qKS9Ysr1YvY2WTxB1v0h7PVGHoTx0IsL8B3+A3MSs/mrBcDCw6Y5p4ixp -gZQJut3+TcCDjJRYwEYgr5wfAvg1VUkvRtTA8KCWAg8zxXHzniN9lLf9OtMJgwYh -/WA9rjLA0u6NpvDntIJ8CsxwyXmA+P5M9zWEGYox+wrZ13+b8KKaa8MFSu1BYBQw -0aoRQm7TIwIEC8Zl3d1Sd9qBa7Ko+gE4uZbqKmxnl4mUnrzhVNXkanjvSr0rmj1A -fsbAddJu+2gw7OyLnflJNZoaLNmzlTnVHpL3prllL+U9bTpITAjc5CgSKL59NVzq -4BZ+Extq1z7XnvwtdbLBFNUjA9tbbws+eC8N3jONFrdI54OagQ97wUNNVQQXOEpR -1VmiiXTTn74eS9fGbbeIJG9gkaSChVtWQbzQRKtqE77RLFi3EjNYsjdj3BP1lB0/ -QFH1T/U67cjF68IeHRaVesd+QnGTbksVtzDfqu1XhUisHWrdOWnk4Xl4vs4Fv6EM -94B7IWcnMFk= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEDzCCAvegAwIBAgIBADANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJVUzEl -MCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMp -U3RhcmZpZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQw -NjI5MTczOTE2WhcNMzQwNjI5MTczOTE2WjBoMQswCQYDVQQGEwJVUzElMCMGA1UE -ChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMpU3RhcmZp -ZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggEgMA0GCSqGSIb3 -DQEBAQUAA4IBDQAwggEIAoIBAQC3Msj+6XGmBIWtDBFk385N78gDGIc/oav7PKaf -8MOh2tTYbitTkPskpD6E8J7oX+zlJ0T1KKY/e97gKvDIr1MvnsoFAZMej2YcOadN -+lq2cwQlZut3f+dZxkqZJRRU6ybH838Z1TBwj6+wRir/resp7defqgSHo9T5iaU0 -X9tDkYI22WY8sbi5gv2cOj4QyDvvBmVmepsZGD3/cVE8MC5fvj13c7JdBmzDI1aa -K4UmkhynArPkPw2vCHmCuDY96pzTNbO8acr1zJ3o/WSNF4Azbl5KXZnJHoe0nRrA -1W4TNSNe35tfPe/W93bC6j67eA0cQmdrBNj41tpvi/JEoAGrAgEDo4HFMIHCMB0G -A1UdDgQWBBS/X7fRzt0fhvRbVazc1xDCDqmI5zCBkgYDVR0jBIGKMIGHgBS/X7fR -zt0fhvRbVazc1xDCDqmI56FspGowaDELMAkGA1UEBhMCVVMxJTAjBgNVBAoTHFN0 -YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xMjAwBgNVBAsTKVN0YXJmaWVsZCBD -bGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMAwGA1UdEwQFMAMBAf8w -DQYJKoZIhvcNAQEFBQADggEBAAWdP4id0ckaVaGsafPzWdqbAYcaT1epoXkJKtv3 -L7IezMdeatiDh6GX70k1PncGQVhiv45YuApnP+yz3SFmH8lU+nLMPUxA2IGvd56D -eruix/U0F47ZEUD0/CwqTRV/p2JdLiXTAAsgGh1o+Re49L2L7ShZ3U0WixeDyLJl -xy16paq8U4Zt3VekyvggQQto8PT7dL5WXXp59fkdheMtlb71cZBDzI0fmgAKhynp -VSJYACPq4xJDKVtHCN2MQWplBqjlIapBtJUhlbl90TSrE9atvNziPTnNvT51cKEY -WQPJIrSPnNVeKtelttQKbfi3QBFGmh95DmK/D5fs4C8fF5Q= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID3TCCAsWgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBjzELMAkGA1UEBhMCVVMx -EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoT -HFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xMjAwBgNVBAMTKVN0YXJmaWVs -ZCBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5MDkwMTAwMDAw -MFoXDTM3MTIzMTIzNTk1OVowgY8xCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6 -b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFyZmllbGQgVGVj -aG5vbG9naWVzLCBJbmMuMTIwMAYDVQQDEylTdGFyZmllbGQgUm9vdCBDZXJ0aWZp -Y2F0ZSBBdXRob3JpdHkgLSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC -ggEBAL3twQP89o/8ArFvW59I2Z154qK3A2FWGMNHttfKPTUuiUP3oWmb3ooa/RMg -nLRJdzIpVv257IzdIvpy3Cdhl+72WoTsbhm5iSzchFvVdPtrX8WJpRBSiUZV9Lh1 -HOZ/5FSuS/hVclcCGfgXcVnrHigHdMWdSL5stPSksPNkN3mSwOxGXn/hbVNMYq/N -Hwtjuzqd+/x5AJhhdM8mgkBj87JyahkNmcrUDnXMN/uLicFZ8WJ/X7NfZTD4p7dN -dloedl40wOiWVpmKs/B/pM293DIxfJHP4F8R+GuqSVzRmZTRouNjWwl2tVZi4Ut0 -HZbUJtQIBFnQmA4O5t78w+wfkPECAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAO -BgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFHwMMh+n2TB/xH1oo2Kooc6rB1snMA0G -CSqGSIb3DQEBCwUAA4IBAQARWfolTwNvlJk7mh+ChTnUdgWUXuEok21iXQnCoKjU -sHU48TRqneSfioYmUeYs0cYtbpUgSpIB7LiKZ3sx4mcujJUDJi5DnUox9g61DLu3 -4jd/IroAow57UvtruzvE03lRTs2Q9GcHGcg8RnoNAX3FWOdt5oUwF5okxBDgBPfg -8n/Uqgr/Qh037ZTlZFkSIHc40zI+OIF1lnP6aI+xy84fxez6nH7PfrHxBy22/L/K -pL/QlwVKvOoYKAKQvVR4CSFx09F9HdkWsKlhPdAKACL8x3vLCWRFCztAgfd9fDL1 -mMpYjn0q7pBZc2T5NnReJaH1ZgUufzkVqSr7UIuOhWn0 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID7zCCAtegAwIBAgIBADANBgkqhkiG9w0BAQsFADCBmDELMAkGA1UEBhMCVVMx -EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoT -HFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xOzA5BgNVBAMTMlN0YXJmaWVs -ZCBTZXJ2aWNlcyBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5 -MDkwMTAwMDAwMFoXDTM3MTIzMTIzNTk1OVowgZgxCzAJBgNVBAYTAlVTMRAwDgYD -VQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFy -ZmllbGQgVGVjaG5vbG9naWVzLCBJbmMuMTswOQYDVQQDEzJTdGFyZmllbGQgU2Vy -dmljZXMgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBANUMOsQq+U7i9b4Zl1+OiFOxHz/Lz58gE20p -OsgPfTz3a3Y4Y9k2YKibXlwAgLIvWX/2h/klQ4bnaRtSmpDhcePYLQ1Ob/bISdm2 -8xpWriu2dBTrz/sm4xq6HZYuajtYlIlHVv8loJNwU4PahHQUw2eeBGg6345AWh1K -Ts9DkTvnVtYAcMtS7nt9rjrnvDH5RfbCYM8TWQIrgMw0R9+53pBlbQLPLJGmpufe -hRhJfGZOozptqbXuNC66DQO4M99H67FrjSXZm86B0UVGMpZwh94CDklDhbZsc7tk -6mFBrMnUVN+HL8cisibMn1lUaJ/8viovxFUcdUBgF4UCVTmLfwUCAwEAAaNCMEAw -DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFJxfAN+q -AdcwKziIorhtSpzyEZGDMA0GCSqGSIb3DQEBCwUAA4IBAQBLNqaEd2ndOxmfZyMI -bw5hyf2E3F/YNoHN2BtBLZ9g3ccaaNnRbobhiCPPE95Dz+I0swSdHynVv/heyNXB -ve6SbzJ08pGCL72CQnqtKrcgfU28elUSwhXqvfdqlS5sdJ/PHLTyxQGjhdByPq1z -qwubdQxtRbeOlKyWN7Wg0I8VRw7j6IPdj/3vQQF3zCepYoUz8jcI73HPdwbeyBkd -iEDPfUYd/x7H4c7/I9vG+o1VTqkC50cRRj70/b17KSa7qWFiNyi2LSr2EIZkyXCn -0q23KXB56jzaYyWf/Wi3MOxw+3WKt21gZ7IeyLnp2KhvAotnDU0mV3HaIPzBSlCN -sSi6 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFujCCA6KgAwIBAgIJALtAHEP1Xk+wMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV -BAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcxHzAdBgNVBAMTFlN3aXNzU2ln -biBHb2xkIENBIC0gRzIwHhcNMDYxMDI1MDgzMDM1WhcNMzYxMDI1MDgzMDM1WjBF -MQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dpc3NTaWduIEFHMR8wHQYDVQQDExZT -d2lzc1NpZ24gR29sZCBDQSAtIEcyMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC -CgKCAgEAr+TufoskDhJuqVAtFkQ7kpJcyrhdhJJCEyq8ZVeCQD5XJM1QiyUqt2/8 -76LQwB8CJEoTlo8jE+YoWACjR8cGp4QjK7u9lit/VcyLwVcfDmJlD909Vopz2q5+ -bbqBHH5CjCA12UNNhPqE21Is8w4ndwtrvxEvcnifLtg+5hg3Wipy+dpikJKVyh+c -6bM8K8vzARO/Ws/BtQpgvd21mWRTuKCWs2/iJneRjOBiEAKfNA+k1ZIzUd6+jbqE -emA8atufK+ze3gE/bk3lUIbLtK/tREDFylqM2tIrfKjuvqblCqoOpd8FUrdVxyJd -MmqXl2MT28nbeTZ7hTpKxVKJ+STnnXepgv9VHKVxaSvRAiTysybUa9oEVeXBCsdt -MDeQKuSeFDNeFhdVxVu1yzSJkvGdJo+hB9TGsnhQ2wwMC3wLjEHXuendjIj3o02y -MszYF9rNt85mndT9Xv+9lz4pded+p2JYryU0pUHHPbwNUMoDAw8IWh+Vc3hiv69y -FGkOpeUDDniOJihC8AcLYiAQZzlG+qkDzAQ4embvIIO1jEpWjpEA/I5cgt6IoMPi -aG59je883WX0XaxR7ySArqpWl2/5rX3aYT+YdzylkbYcjCbaZaIJbcHiVOO5ykxM -gI93e2CaHt+28kgeDrpOVG2Y4OGiGqJ3UM/EY5LsRxmd6+ZrzsECAwEAAaOBrDCB -qTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUWyV7 -lqRlUX64OfPAeGZe6Drn8O4wHwYDVR0jBBgwFoAUWyV7lqRlUX64OfPAeGZe6Drn -8O4wRgYDVR0gBD8wPTA7BglghXQBWQECAQEwLjAsBggrBgEFBQcCARYgaHR0cDov -L3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS8wDQYJKoZIhvcNAQEFBQADggIBACe6 -45R88a7A3hfm5djV9VSwg/S7zV4Fe0+fdWavPOhWfvxyeDgD2StiGwC5+OlgzczO -UYrHUDFu4Up+GC9pWbY9ZIEr44OE5iKHjn3g7gKZYbge9LgriBIWhMIxkziWMaa5 -O1M/wySTVltpkuzFwbs4AOPsF6m43Md8AYOfMke6UiI0HTJ6CVanfCU2qT1L2sCC -bwq7EsiHSycR+R4tx5M/nttfJmtS2S6K8RTGRI0Vqbe/vd6mGu6uLftIdxf+u+yv -GPUqUfA5hJeVbG4bwyvEdGB5JbAKJ9/fXtI5z0V9QkvfsywexcZdylU6oJxpmo/a -77KwPJ+HbBIrZXAVUjEaJM9vMSNQH4xPjyPDdEFjHFWoFN0+4FFQz/EbMFYOkrCC -hdiDyyJkvC24JdVUorgG6q2SpCSgwYa1ShNqR88uC1aVVMvOmttqtKay20EIhid3 -92qgQmwLOM7XdVAyksLfKzAiSNDVQTglXaTpXZ/GlHXQRf0wl0OPkKsKx4ZzYEpp -Ld6leNcG2mqeSz53OiATIgHQv2ieY2BrNU0LbbqhPcCT4H8js1WtciVORvnSFu+w -ZMEBnunKoGqYDs/YYPIvSbjkQuE4NRb0yG5P94FW6LqjviOvrv1vA+ACOzB2+htt -Qc8Bsem4yWb02ybzOqR08kkkW8mw0FfB+j564ZfJ ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFwTCCA6mgAwIBAgIITrIAZwwDXU8wDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE -BhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEjMCEGA1UEAxMaU3dpc3NTaWdu -IFBsYXRpbnVtIENBIC0gRzIwHhcNMDYxMDI1MDgzNjAwWhcNMzYxMDI1MDgzNjAw -WjBJMQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dpc3NTaWduIEFHMSMwIQYDVQQD -ExpTd2lzc1NpZ24gUGxhdGludW0gQ0EgLSBHMjCCAiIwDQYJKoZIhvcNAQEBBQAD -ggIPADCCAgoCggIBAMrfogLi2vj8Bxax3mCq3pZcZB/HL37PZ/pEQtZ2Y5Wu669y -IIpFR4ZieIbWIDkm9K6j/SPnpZy1IiEZtzeTIsBQnIJ71NUERFzLtMKfkr4k2Htn -IuJpX+UFeNSH2XFwMyVTtIc7KZAoNppVRDBopIOXfw0enHb/FZ1glwCNioUD7IC+ -6ixuEFGSzH7VozPY1kneWCqv9hbrS3uQMpe5up1Y8fhXSQQeol0GcN1x2/ndi5ob -jM89o03Oy3z2u5yg+gnOI2Ky6Q0f4nIoj5+saCB9bzuohTEJfwvH6GXp43gOCWcw -izSC+13gzJ2BbWLuCB4ELE6b7P6pT1/9aXjvCR+htL/68++QHkwFix7qepF6w9fl -+zC8bBsQWJj3Gl/QKTIDE0ZNYWqFTFJ0LwYfexHihJfGmfNtf9dng34TaNhxKFrY -zt3oEBSa/m0jh26OWnA81Y0JAKeqvLAxN23IhBQeW71FYyBrS3SMvds6DsHPWhaP -pZjydomyExI7C3d3rLvlPClKknLKYRorXkzig3R3+jVIeoVNjZpTxN94ypeRSCtF -KwH3HBqi7Ri6Cr2D+m+8jVeTO9TUps4e8aCxzqv9KyiaTxvXw3LbpMS/XUz13XuW -ae5ogObnmLo2t/5u7Su9IPhlGdpVCX4l3P5hYnL5fhgC72O00Puv5TtjjGePAgMB -AAGjgawwgakwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O -BBYEFFCvzAeHFUdvOMW0ZdHelarp35zMMB8GA1UdIwQYMBaAFFCvzAeHFUdvOMW0 -ZdHelarp35zMMEYGA1UdIAQ/MD0wOwYJYIV0AVkBAQEBMC4wLAYIKwYBBQUHAgEW -IGh0dHA6Ly9yZXBvc2l0b3J5LnN3aXNzc2lnbi5jb20vMA0GCSqGSIb3DQEBBQUA -A4ICAQAIhab1Fgz8RBrBY+D5VUYI/HAcQiiWjrfFwUF1TglxeeVtlspLpYhg0DB0 -uMoI3LQwnkAHFmtllXcBrqS3NQuB2nEVqXQXOHtYyvkv+8Bldo1bAbl93oI9ZLi+ -FHSjClTTLJUYFzX1UWs/j6KWYTl4a0vlpqD4U99REJNi54Av4tHgvI42Rncz7Lj7 -jposiU0xEQ8mngS7twSNC/K5/FqdOxa3L8iYq/6KUFkuozv8KV2LwUvJ4ooTHbG/ -u0IdUt1O2BReEMYxB+9xJ/cbOQncguqLs5WGXv312l0xpuAxtpTmREl0xRbl9x8D -YSjFyMsSoEJL+WuICI20MhjzdZ/EfwBPBZWcoxcCw7NTm6ogOSkrZvqdr16zktK1 -puEa+S1BaYEUtLS17Yk9zvupnTVCRLEcFHOBzyoBNZox1S2PbYTfgE1X4z/FhHXa -icYwu+uPyyIIoK6q8QNsOktNCaUOcsZWayFCTiMlFGiudgp8DAdwZPmaL/YFOSbG -DI8Zf0NebvRbFS/bYV3mZy8/CJT5YLSYMdp08YSTcU1f+2BY0fvEwW2JorsgH51x -kcsymxM9Pn2SUjWskpSi0xjCfMfqr3YFFt1nJ8J+HAciIfNAChs0B0QTwoRqjt8Z -Wr9/6x3iGjjRXK9HkmuAtTClyY3YqzGBH9/CZjfTk6mFhnll0g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFvTCCA6WgAwIBAgIITxvUL1S7L0swDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UE -BhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEhMB8GA1UEAxMYU3dpc3NTaWdu -IFNpbHZlciBDQSAtIEcyMB4XDTA2MTAyNTA4MzI0NloXDTM2MTAyNTA4MzI0Nlow -RzELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEhMB8GA1UEAxMY -U3dpc3NTaWduIFNpbHZlciBDQSAtIEcyMIICIjANBgkqhkiG9w0BAQEFAAOCAg8A -MIICCgKCAgEAxPGHf9N4Mfc4yfjDmUO8x/e8N+dOcbpLj6VzHVxumK4DV644N0Mv -Fz0fyM5oEMF4rhkDKxD6LHmD9ui5aLlV8gREpzn5/ASLHvGiTSf5YXu6t+WiE7br -YT7QbNHm+/pe7R20nqA1W6GSy/BJkv6FCgU+5tkL4k+73JU3/JHpMjUi0R86TieF -nbAVlDLaYQ1HTWBCrpJH6INaUFjpiou5XaHc3ZlKHzZnu0jkg7Y360g6rw9njxcH -6ATK72oxh9TAtvmUcXtnZLi2kUpCe2UuMGoM9ZDulebyzYLs2aFK7PayS+VFheZt -eJMELpyCbTapxDFkH4aDCyr0NQp4yVXPQbBH6TCfmb5hqAaEuSh6XzjZG6k4sIN/ -c8HDO0gqgg8hm7jMqDXDhBuDsz6+pJVpATqJAHgE2cn0mRmrVn5bi4Y5FZGkECwJ -MoBgs5PAKrYYC51+jUnyEEp/+dVGLxmSo5mnJqy7jDzmDrxHB9xzUfFwZC8I+bRH -HTBsROopN4WSaGa8gzj+ezku01DwH/teYLappvonQfGbGHLy9YR0SslnxFSuSGTf -jNFusB3hB48IHpmccelM2KX3RxIfdNFRnobzwqIjQAtz20um53MGjMGg6cFZrEb6 -5i/4z3GcRm25xBWNOHkDRUjvxF3XCO6HOSKGsg0PWEP3calILv3q1h8CAwEAAaOB -rDCBqTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU -F6DNweRBtjpbO8tFnb0cwpj6hlgwHwYDVR0jBBgwFoAUF6DNweRBtjpbO8tFnb0c -wpj6hlgwRgYDVR0gBD8wPTA7BglghXQBWQEDAQEwLjAsBggrBgEFBQcCARYgaHR0 -cDovL3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS8wDQYJKoZIhvcNAQEFBQADggIB -AHPGgeAn0i0P4JUw4ppBf1AsX19iYamGamkYDHRJ1l2E6kFSGG9YrVBWIGrGvShp -WJHckRE1qTodvBqlYJ7YH39FkWnZfrt4csEGDyrOj4VwYaygzQu4OSlWhDJOhrs9 -xCrZ1x9y7v5RoSJBsXECYxqCsGKrXlcSH9/L3XWgwF15kIwb4FDm3jH+mHtwX6WQ -2K34ArZv02DdQEsixT2tOnqfGhpHkXkzuoLcMmkDlm4fS/Bx/uNncqCxv1yL5PqZ -IseEuRuNI5c/7SXgz2W79WEE790eslpBIlqhn10s6FvJbakMDHiqYMZWjwFaDGi8 -aRl5xB9+lwW/xekkUV7U1UtT7dkjWjYDZaPBA61BMPNGG4WQr2W11bHkFlt4dR2X -em1ZqSqPe97Dh4kQmUlzeMg9vVE1dCrV8X5pGyq7O70luJpaPXJhkGaH7gzWTdQR -dAtq/gsD/KNVV4n+SsuuWxcFyPKNIzFTONItaj+CuY0IavdeQXRuwxF+B6wpYJE/ -OMpXEA29MC/HpeZBoNquBYeaoKRlbEwJDIm6uNO5wJOKMPqN5ZprFQFOZ6raYlY+ -hAhm0sQ2fac+EPyI4NSA5QC9qvNOBqN6avlicuMJT+ubDgEj8Z+7fNzcbBGXJbLy -tGMU0gYqZ4yD9c7qB9iaah7s5Aq7KkzrCWA5zspi2C5u ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF2TCCA8GgAwIBAgIQHp4o6Ejy5e/DfEoeWhhntjANBgkqhkiG9w0BAQsFADBk -MQswCQYDVQQGEwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0 -YWwgQ2VydGlmaWNhdGUgU2VydmljZXMxGzAZBgNVBAMTElN3aXNzY29tIFJvb3Qg -Q0EgMjAeFw0xMTA2MjQwODM4MTRaFw0zMTA2MjUwNzM4MTRaMGQxCzAJBgNVBAYT -AmNoMREwDwYDVQQKEwhTd2lzc2NvbTElMCMGA1UECxMcRGlnaXRhbCBDZXJ0aWZp -Y2F0ZSBTZXJ2aWNlczEbMBkGA1UEAxMSU3dpc3Njb20gUm9vdCBDQSAyMIICIjAN -BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAlUJOhJ1R5tMJ6HJaI2nbeHCOFvEr -jw0DzpPMLgAIe6szjPTpQOYXTKueuEcUMncy3SgM3hhLX3af+Dk7/E6J2HzFZ++r -0rk0X2s682Q2zsKwzxNoysjL67XiPS4h3+os1OD5cJZM/2pYmLcX5BtS5X4HAB1f -2uY+lQS3aYg5oUFgJWFLlTloYhyxCwWJwDaCFCE/rtuh/bxvHGCGtlOUSbkrRsVP -ACu/obvLP+DHVxxX6NZp+MEkUp2IVd3Chy50I9AU/SpHWrumnf2U5NGKpV+GY3aF -y6//SSj8gO1MedK75MDvAe5QQQg1I3ArqRa0jG6F6bYRzzHdUyYb3y1aSgJA/MTA -tukxGggo5WDDH8SQjhBiYEQN7Aq+VRhxLKX0srwVYv8c474d2h5Xszx+zYIdkeNL -6yxSNLCK/RJOlrDrcH+eOfdmQrGrrFLadkBXeyq96G4DsguAhYidDMfCd7Camlf0 -uPoTXGiTOmekl9AbmbeGMktg2M7v0Ax/lZ9vh0+Hio5fCHyqW/xavqGRn1V9TrAL -acywlKinh/LTSlDcX3KwFnUey7QYYpqwpzmqm59m2I2mbJYV4+by+PGDYmy7Velh -k6M99bFXi08jsJvllGov34zflVEpYKELKeRcVVi3qPyZ7iVNTA6z00yPhOgpD/0Q -VAKFyPnlw4vP5w8CAwEAAaOBhjCBgzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0hBBYw -FDASBgdghXQBUwIBBgdghXQBUwIBMBIGA1UdEwEB/wQIMAYBAf8CAQcwHQYDVR0O -BBYEFE0mICKJS9PVpAqhb97iEoHF8TwuMB8GA1UdIwQYMBaAFE0mICKJS9PVpAqh -b97iEoHF8TwuMA0GCSqGSIb3DQEBCwUAA4ICAQAyCrKkG8t9voJXiblqf/P0wS4R -fbgZPnm3qKhyN2abGu2sEzsOv2LwnN+ee6FTSA5BesogpxcbtnjsQJHzQq0Qw1zv -/2BZf82Fo4s9SBwlAjxnffUy6S8w5X2lejjQ82YqZh6NM4OKb3xuqFp1mrjX2lhI -REeoTPpMSQpKwhI3qEAMw8jh0FcNlzKVxzqfl9NX+Ave5XLzo9v/tdhZsnPdTSpx -srpJ9csc1fV5yJmz/MFMdOO0vSk3FQQoHt5FRnDsr7p4DooqzgB53MBfGWcsa0vv -aGgLQ+OswWIJ76bdZWGgr4RVSJFSHMYlkSrQwSIjYVmvRRGFHQEkNI/Ps/8XciAT -woCqISxxOQ7Qj1zB09GOInJGTB2Wrk9xseEFKZZZ9LuedT3PDTcNYtsmjGOpI99n -Bjx8Oto0QuFmtEYE3saWmA9LSHokMnWRn6z3aOkquVVlzl1h0ydw2Df+n7mvoC5W -t6NlUe07qxS/TFED6F+KBZvuim6c779o+sjaC+NCydAXFJy3SuCvkychVSa1ZC+N -8f+mQAWFBVzKBxlcCxMoTFh/wqXvRdpg065lYZ1Tg3TCrvJcwhbtkj6EPnNgiLx2 -9CzP0H1907he0ZESEOnN3col49XtmS++dYFLJPlFRpTJKSFTnCZFqhMX5OfNeOI5 -wSsSnqaeG8XmDtkx2Q== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICqDCCAi2gAwIBAgIQIW4zpcvTiKRvKQe0JzzE2DAKBggqhkjOPQQDAzCBlDEL -MAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYD -VQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRlYyBD -bGFzcyAxIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0g -RzQwHhcNMTExMDA1MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBlDELMAkGA1UEBhMC -VVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYDVQQLExZTeW1h -bnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRlYyBDbGFzcyAxIFB1 -YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzQwdjAQBgcq -hkjOPQIBBgUrgQQAIgNiAATXZrUb266zYO5G6ohjdTsqlG3zXxL24w+etgoUU0hS -yNw6s8tIICYSTvqJhNTfkeQpfSgB2dsYQ2mhH7XThhbcx39nI9/fMTGDAzVwsUu3 -yBe7UcvclBfb6gk7dhLeqrWjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E -BTADAQH/MB0GA1UdDgQWBBRlwI0l9Qy6l3eQP54u4Fr1ztXh5DAKBggqhkjOPQQD -AwNpADBmAjEApa7jRlP4mDbjIvouKEkN7jB+M/PsP3FezFWJeJmssv3cHFwzjim5 -axfIEWi13IMHAjEAnMhE2mnCNsNUGRCFAtqdR+9B52wmnQk9922Q0QVEL7C8g5No -8gxFSTm/mQQc0xCg ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID9jCCAt6gAwIBAgIQJDJ18h0v0gkz97RqytDzmDANBgkqhkiG9w0BAQsFADCB -lDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8w -HQYDVQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRl -YyBDbGFzcyAxIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5 -IC0gRzYwHhcNMTExMDE4MDAwMDAwWhcNMzcxMjAxMjM1OTU5WjCBlDELMAkGA1UE -BhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYDVQQLExZT -eW1hbnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRlYyBDbGFzcyAx -IFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzYwggEi -MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHOddJZKmZgiJM6kXZBxbje/SD -6Jlz+muxNuCad6BAwoGNAcfMjL2Pffd543pMA03Z+/2HOCgs3ZqLVAjbZ/sbjP4o -ki++t7JIp4Gh2F6Iw8w5QEFa0dzl2hCfL9oBTf0uRnz5LicKaTfukaMbasxEvxvH -w9QRslBglwm9LiL1QYRmn81ApqkAgMEflZKf3vNI79sdd2H8f9/ulqRy0LY+/3gn -r8uSFWkI22MQ4uaXrG7crPaizh5HmbmJtxLmodTNWRFnw2+F2EJOKL5ZVVkElauP -N4C/DfD8HzpkMViBeNfiNfYgPym4jxZuPkjctUwH4fIa6n4KedaovetdhitNAgMB -AAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQW -BBQzQejIORIVk0jyljIuWvXalF9TYDANBgkqhkiG9w0BAQsFAAOCAQEAFeNzV7EX -tl9JaUSm9l56Z6zS3nVJq/4lVcc6yUQVEG6/MWvL2QeTfxyFYwDjMhLgzMv7OWyP -4lPiPEAz2aSMR+atWPuJr+PehilWNCxFuBL6RIluLRQlKCQBZdbqUqwFblYSCT3Q -dPTXvQbKqDqNVkL6jXI+dPEDct+HG14OelWWLDi3mIXNTTNEyZSPWjEwN0ujOhKz -5zbRIWhLLTjmU64cJVYIVgNnhJ3Gw84kYsdMNs+wBkS39V8C3dlU6S+QTnrIToNA -DJqXPDe/v+z28LSFdyjBC8hnghAXOKK3Buqbvzr46SMHv3TgmDgVVXjucgBcGaP0 -0jPg/73RVDkpDw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICqDCCAi2gAwIBAgIQNBdlEkA7t1aALYDLeVWmHjAKBggqhkjOPQQDAzCBlDEL -MAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYD -VQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRlYyBD -bGFzcyAyIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0g -RzQwHhcNMTExMDA1MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBlDELMAkGA1UEBhMC -VVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYDVQQLExZTeW1h -bnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRlYyBDbGFzcyAyIFB1 -YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzQwdjAQBgcq -hkjOPQIBBgUrgQQAIgNiAATR2UqOTA2ESlG6fO/TzPo6mrWnYxM9AeBJPvrBR8mS -szrX/m+c95o6D/UOCgrDP8jnEhSO1dVtmCyzcTIK6yq99tdqIAtnRZzSsr9TImYJ -XdsR8/EFM1ij4rjPfM2Cm72jQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E -BTADAQH/MB0GA1UdDgQWBBQ9MvM6qQyQhPmijGkGYVQvh3L+BTAKBggqhkjOPQQD -AwNpADBmAjEAyKapr0F/tckRQhZoaUxcuCcYtpjxwH+QbYfTjEYX8D5P/OqwCMR6 -S7wIL8fip29lAjEA1lnehs5fDspU1cbQFQ78i5Ry1I4AWFPPfrFLDeVQhuuea9// -KabYR9mglhjb8kWz ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID9jCCAt6gAwIBAgIQZIKe/DcedF38l/+XyLH/QTANBgkqhkiG9w0BAQsFADCB -lDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8w -HQYDVQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRl -YyBDbGFzcyAyIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5 -IC0gRzYwHhcNMTExMDE4MDAwMDAwWhcNMzcxMjAxMjM1OTU5WjCBlDELMAkGA1UE -BhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYDVQQLExZT -eW1hbnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRlYyBDbGFzcyAy -IFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzYwggEi -MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNzOkFyGOFyz9AYxe9GPo15gRn -V2WYKaRPyVyPDzTS+NqoE2KquB5QZ3iwFkygOakVeq7t0qLA8JA3KRgmXOgNPLZs -ST/B4NzZS7YUGQum05bh1gnjGSYc+R9lS/kaQxwAg9bQqkmi1NvmYji6UBRDbfkx -+FYW2TgCkc/rbN27OU6Z4TBnRfHU8I3D3/7yOAchfQBeVkSz5GC9kSucq1sEcg+y -KNlyqwUgQiWpWwNqIBDMMfAr2jUs0Pual07wgksr2F82owstr2MNHSV/oW5cYqGN -KD6h/Bwg+AEvulWaEbAZ0shQeWsOagXXqgQ2sqPy4V93p3ec5R7c6d9qwWVdAgMB -AAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQW -BBSHjCCVyJhK0daABkqQNETfHE2/sDANBgkqhkiG9w0BAQsFAAOCAQEAgY6ypWaW -tyGltu9vI1pf24HFQqV4wWn99DzX+VxrcHIa/FqXTQCAiIiCisNxDY7FiZss7Y0L -0nJU9X3UXENX6fOupQIR9nYrgVfdfdp0MP1UR/bgFm6mtApI5ud1Bw8pGTnOefS2 -bMVfmdUfS/rfbSw8DVSAcPCIC4DPxmiiuB1w2XaM/O6lyc+tHc+ZJVdaYkXLFmu9 -Sc2lo4xpeSWuuExsi0BmSxY/zwIa3eFsawdhanYVKZl/G92IgMG/tY9zxaaWI4Sm -KIYkM2oBLldzJbZev4/mHWGoQClnHYebHX+bn5nNMdZUvmK7OaxoEkiRIKXLsd3+ -b/xa5IJVWa8xqQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUx -KzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAd -BgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNl -YyBHbG9iYWxSb290IENsYXNzIDIwHhcNMDgxMDAxMTA0MDE0WhcNMzMxMDAxMjM1 -OTU5WjCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnBy -aXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50 -ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDIwggEiMA0G -CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqX9obX+hzkeXaXPSi5kfl82hVYAUd -AqSzm1nzHoqvNK38DcLZSBnuaY/JIPwhqgcZ7bBcrGXHX+0CfHt8LRvWurmAwhiC -FoT6ZrAIxlQjgeTNuUk/9k9uN0goOA/FvudocP05l03Sx5iRUKrERLMjfTlH6VJi -1hKTXrcxlkIF+3anHqP1wvzpesVsqXFP6st4vGCvx9702cu+fjOlbpSD8DT6Iavq -jnKgP6TeMFvvhk1qlVtDRKgQFRzlAVfFmPHmBiiRqiDFt1MmUUOyCxGVWOHAD3bZ -wI18gfNycJ5v/hqO2V81xrJvNHy+SE/iWjnX2J14np+GPgNeGYtEotXHAgMBAAGj -QjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBS/ -WSA2AHmgoCJrjNXyYdK4LMuCSjANBgkqhkiG9w0BAQsFAAOCAQEAMQOiYQsfdOhy -NsZt+U2e+iKo4YFWz827n+qrkRk4r6p8FU3ztqONpfSO9kSpp+ghla0+AGIWiPAC -uvxhI+YzmzB6azZie60EI4RYZeLbK4rnJVM3YlNfvNoBYimipidx5joifsFvHZVw -IEoHNN/q/xWA5brXethbdXwFeilHfkCoMRN3zUA7tFFHei4R40cR3p1m0IvVVGb6 -g1XqfMIpiRvpb7PO4gWEyS8+eIVibslfwXhjdFjASBgMmTnrpMwatXlajRWc2BQN -9noHV8cigwUtPJslJj0Ys6lDfMjIq2SPDqO/nBudMNva0Bkuqjzx+zOAduTNrRlP -BSeOE6Fuwg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUx -KzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAd -BgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNl -YyBHbG9iYWxSb290IENsYXNzIDMwHhcNMDgxMDAxMTAyOTU2WhcNMzMxMDAxMjM1 -OTU5WjCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnBy -aXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50 -ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDMwggEiMA0G -CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9dZPwYiJvJK7genasfb3ZJNW4t/zN -8ELg63iIVl6bmlQdTQyK9tPPcPRStdiTBONGhnFBSivwKixVA9ZIw+A5OO3yXDw/ -RLyTPWGrTs0NvvAgJ1gORH8EGoel15YUNpDQSXuhdfsaa3Ox+M6pCSzyU9XDFES4 -hqX2iys52qMzVNn6chr3IhUciJFrf2blw2qAsCTz34ZFiP0Zf3WHHx+xGwpzJFu5 -ZeAsVMhg02YXP+HMVDNzkQI6pn97djmiH5a2OK61yJN0HZ65tOVgnS9W0eDrXltM -EnAMbEQgqxHY9Bn20pxSN+f6tsIxO0rUFJmtxxr1XV/6B7h8DR/Wgx6zAgMBAAGj -QjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBS1 -A/d2O2GCahKqGFPrAyGUv/7OyjANBgkqhkiG9w0BAQsFAAOCAQEAVj3vlNW92nOy -WL6ukK2YJ5f+AbGwUgC4TeQbIXQbfsDuXmkqJa9c1h3a0nnJ85cp4IaH3gRZD/FZ -1GSFS5mvJQQeyUapl96Cshtwn5z2r3Ex3XsFpSzTucpH9sry9uetuUg/vBa3wW30 -6gmv7PO15wWeph6KU1HWk4HMdJP2udqmJQV0eVp+QD6CSyYRMG7hP0HHRwA11fXT -91Q+gT3aSWqas+8QPebrb9HIIkfLzM8BMZLZGOMivgkeGj5asuRrDFR6fUNOuIml -e9eiPZaGzPImNC1qkp2aGtAw4l1OBLBfiyB+d8E9lYLRRpo7PHi4b6HQDWSieB4p -TpPDpFQUWw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEqjCCA5KgAwIBAgIOSkcAAQAC5aBd1j8AUb8wDQYJKoZIhvcNAQEFBQAwdjEL -MAkGA1UEBhMCREUxHDAaBgNVBAoTE1RDIFRydXN0Q2VudGVyIEdtYkgxIjAgBgNV -BAsTGVRDIFRydXN0Q2VudGVyIENsYXNzIDMgQ0ExJTAjBgNVBAMTHFRDIFRydXN0 -Q2VudGVyIENsYXNzIDMgQ0EgSUkwHhcNMDYwMTEyMTQ0MTU3WhcNMjUxMjMxMjI1 -OTU5WjB2MQswCQYDVQQGEwJERTEcMBoGA1UEChMTVEMgVHJ1c3RDZW50ZXIgR21i -SDEiMCAGA1UECxMZVEMgVHJ1c3RDZW50ZXIgQ2xhc3MgMyBDQTElMCMGA1UEAxMc -VEMgVHJ1c3RDZW50ZXIgQ2xhc3MgMyBDQSBJSTCCASIwDQYJKoZIhvcNAQEBBQAD -ggEPADCCAQoCggEBALTgu1G7OVyLBMVMeRwjhjEQY0NVJz/GRcekPewJDRoeIMJW -Ht4bNwcwIi9v8Qbxq63WyKthoy9DxLCyLfzDlml7forkzMA5EpBCYMnMNWju2l+Q -Vl/NHE1bWEnrDgFPZPosPIlY2C8u4rBo6SI7dYnWRBpl8huXJh0obazovVkdKyT2 -1oQDZogkAHhg8fir/gKya/si+zXmFtGt9i4S5Po1auUZuV3bOx4a+9P/FRQI2Alq -ukWdFHlgfa9Aigdzs5OW03Q0jTo3Kd5c7PXuLjHCINy+8U9/I1LZW+Jk2ZyqBwi1 -Rb3R0DHBq1SfqdLDYmAD8bs5SpJKPQq5ncWg/jcCAwEAAaOCATQwggEwMA8GA1Ud -EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBTUovyfs8PYA9NX -XAek0CSnwPIA1DCB7QYDVR0fBIHlMIHiMIHfoIHcoIHZhjVodHRwOi8vd3d3LnRy -dXN0Y2VudGVyLmRlL2NybC92Mi90Y19jbGFzc18zX2NhX0lJLmNybIaBn2xkYXA6 -Ly93d3cudHJ1c3RjZW50ZXIuZGUvQ049VEMlMjBUcnVzdENlbnRlciUyMENsYXNz -JTIwMyUyMENBJTIwSUksTz1UQyUyMFRydXN0Q2VudGVyJTIwR21iSCxPVT1yb290 -Y2VydHMsREM9dHJ1c3RjZW50ZXIsREM9ZGU/Y2VydGlmaWNhdGVSZXZvY2F0aW9u -TGlzdD9iYXNlPzANBgkqhkiG9w0BAQUFAAOCAQEANmDkcPcGIEPZIxpC8vijsrlN -irTzwppVMXzEO2eatN9NDoqTSheLG43KieHPOh6sHfGcMrSOWXaiQYUlN6AT0PV8 -TtXqluJucsG7Kv5sbviRmEb8yRtXW+rIGjs/sFGYPAfaLFkB2otE6OF0/ado3VS6 -g0bsyEa1+K+XwDsJHI/OcpY9M1ZwvJbL2NV9IJqDnxrcOfHFcqMRA/07QlIp2+gB -95tejNaNhk4Z+rwcvsUhpYeeeC422wlxo3I0+GzjBgnyXlal092Y+tTmBvTwtiBj -S+opvaqCZh77gaqnN60TGOaSw4HBM7uIHqHn4rS9MWwOUT1v+5ZWgOI2F9Hc5A== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEYzCCA0ugAwIBAgIBATANBgkqhkiG9w0BAQsFADCB0jELMAkGA1UEBhMCVFIx -GDAWBgNVBAcTD0dlYnplIC0gS29jYWVsaTFCMEAGA1UEChM5VHVya2l5ZSBCaWxp -bXNlbCB2ZSBUZWtub2xvamlrIEFyYXN0aXJtYSBLdXJ1bXUgLSBUVUJJVEFLMS0w -KwYDVQQLEyRLYW11IFNlcnRpZmlrYXN5b24gTWVya2V6aSAtIEthbXUgU00xNjA0 -BgNVBAMTLVRVQklUQUsgS2FtdSBTTSBTU0wgS29rIFNlcnRpZmlrYXNpIC0gU3Vy -dW0gMTAeFw0xMzExMjUwODI1NTVaFw00MzEwMjUwODI1NTVaMIHSMQswCQYDVQQG -EwJUUjEYMBYGA1UEBxMPR2ViemUgLSBLb2NhZWxpMUIwQAYDVQQKEzlUdXJraXll -IEJpbGltc2VsIHZlIFRla25vbG9qaWsgQXJhc3Rpcm1hIEt1cnVtdSAtIFRVQklU -QUsxLTArBgNVBAsTJEthbXUgU2VydGlmaWthc3lvbiBNZXJrZXppIC0gS2FtdSBT -TTE2MDQGA1UEAxMtVFVCSVRBSyBLYW11IFNNIFNTTCBLb2sgU2VydGlmaWthc2kg -LSBTdXJ1bSAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3UwM6q7 -a9OZLBI3hNmNe5eA027n/5tQlT6QlVZC1xl8JoSNkvoBHToP4mQ4t4y86Ij5iySr -LqP1N+RAjhgleYN1Hzv/bKjFxlb4tO2KRKOrbEz8HdDc72i9z+SqzvBV96I01INr -N3wcwv61A+xXzry0tcXtAA9TNypN9E8Mg/uGz8v+jE69h/mniyFXnHrfA2eJLJ2X -YacQuFWQfw4tJzh03+f92k4S400VIgLI4OD8D62K18lUUMw7D8oWgITQUVbDjlZ/ -iSIzL+aFCr2lqBs23tPcLG07xxO9WSMs5uWk99gL7eqQQESolbuT1dCANLZGeA4f -AJNG4e7p+exPFwIDAQABo0IwQDAdBgNVHQ4EFgQUZT/HiobGPN08VFw1+DrtUgxH -V8gwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEL -BQADggEBACo/4fEyjq7hmFxLXs9rHmoJ0iKpEsdeV31zVmSAhHqT5Am5EM2fKifh -AHe+SMg1qIGf5LgsyX8OsNJLN13qudULXjS99HMpw+0mFZx+CFOKWI3QSyjfwbPf -IPP54+M638yclNhOT8NrF7f3cuitZjO1JVOr4PhMqZ398g26rrnZqsZr+ZO7rqu4 -lzwDGrpDxpa5RXI4s6ehlj2Re37AIVNMh+3yC1SVUZPVIqUNivGTDj5UDrDYyU7c -8jEyVupk+eq1nRZmQnLzf9OxMUP8pI4X8W0jq5Rm+K37DwhuJi1/FwcJsoz7UMCf -lo3Ptv0AnVoUmr8CRPXBwp8iXqIPoeM= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFQTCCAymgAwIBAgICDL4wDQYJKoZIhvcNAQELBQAwUTELMAkGA1UEBhMCVFcx -EjAQBgNVBAoTCVRBSVdBTi1DQTEQMA4GA1UECxMHUm9vdCBDQTEcMBoGA1UEAxMT -VFdDQSBHbG9iYWwgUm9vdCBDQTAeFw0xMjA2MjcwNjI4MzNaFw0zMDEyMzExNTU5 -NTlaMFExCzAJBgNVBAYTAlRXMRIwEAYDVQQKEwlUQUlXQU4tQ0ExEDAOBgNVBAsT -B1Jvb3QgQ0ExHDAaBgNVBAMTE1RXQ0EgR2xvYmFsIFJvb3QgQ0EwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQCwBdvI64zEbooh745NnHEKH1Jw7W2CnJfF -10xORUnLQEK1EjRsGcJ0pDFfhQKX7EMzClPSnIyOt7h52yvVavKOZsTuKwEHktSz -0ALfUPZVr2YOy+BHYC8rMjk1Ujoog/h7FsYYuGLWRyWRzvAZEk2tY/XTP3VfKfCh -MBwqoJimFb3u/Rk28OKRQ4/6ytYQJ0lM793B8YVwm8rqqFpD/G2Gb3PpN0Wp8DbH -zIh1HrtsBv+baz4X7GGqcXzGHaL3SekVtTzWoWH1EfcFbx39Eb7QMAfCKbAJTibc -46KokWofwpFFiFzlmLhxpRUZyXx1EcxwdE8tmx2RRP1WKKD+u4ZqyPpcC1jcxkt2 -yKsi2XMPpfRaAok/T54igu6idFMqPVMnaR1sjjIsZAAmY2E2TqNGtz99sy2sbZCi -laLOz9qC5wc0GZbpuCGqKX6mOL6OKUohZnkfs8O1CWfe1tQHRvMq2uYiN2DLgbYP -oA/pyJV/v1WRBXrPPRXAb94JlAGD1zQbzECl8LibZ9WYkTunhHiVJqRaCPgrdLQA -BDzfuBSO6N+pjWxnkjMdwLfS7JLIvgm/LCkFbwJrnu+8vyq8W8BQj0FwcYeyTbcE -qYSjMq+u7msXi7Kx/mzhkIyIqJdIzshNy/MGz19qCkKxHh53L46g5pIOBvwFItIm -4TFRfTLcDwIDAQABoyMwITAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB -/zANBgkqhkiG9w0BAQsFAAOCAgEAXzSBdu+WHdXltdkCY4QWwa6gcFGn90xHNcgL -1yg9iXHZqjNB6hQbbCEAwGxCGX6faVsgQt+i0trEfJdLjbDorMjupWkEmQqSpqsn -LhpNgb+E1HAerUf+/UqdM+DyucRFCCEK2mlpc3INvjT+lIutwx4116KD7+U4x6WF -H6vPNOw/KP4M8VeGTslV9xzU2KV9Bnpv1d8Q34FOIWWxtuEXeZVFBs5fzNxGiWNo -RI2T9GRwoD2dKAXDOXC4Ynsg/eTb6QihuJ49CcdP+yz4k3ZB3lLg4VfSnQO8d57+ -nile98FRYB/e2guyLXW3Q0iT5/Z5xoRdgFlglPx4mI88k1HtQJAH32RjJMtOcQWh -15QaiDLxInQirqWm2BJpTGCjAu4r7NRjkgtevi92a6O2JryPA9gK8kxkRr05YuWW -6zRjESjMlfGt7+/cgFhI6Uu46mWs6fyAtbXIRfmswZ/ZuepiiI7E8UuDEq3mi4TW -nsLrgxifarsbJGAzcMzs9zLzXNl5fe+epP7JI8Mk7hWSsT2RTyaGvWZzJBPqpK5j -wa19hAM8EHiGG3njxPPyBJUgriOCxLM6AGK/5jYk4Ve6xx6QddVfP5VhK8E7zeWz -aGHQRiapIVJpLesux+t3zqY6tQMzT3bR51xUAV3LePTJDL/PEo4XLSNolOer/qmy -KwbQBM0= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDezCCAmOgAwIBAgIBATANBgkqhkiG9w0BAQUFADBfMQswCQYDVQQGEwJUVzES -MBAGA1UECgwJVEFJV0FOLUNBMRAwDgYDVQQLDAdSb290IENBMSowKAYDVQQDDCFU -V0NBIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDgwODI4MDcyNDMz -WhcNMzAxMjMxMTU1OTU5WjBfMQswCQYDVQQGEwJUVzESMBAGA1UECgwJVEFJV0FO -LUNBMRAwDgYDVQQLDAdSb290IENBMSowKAYDVQQDDCFUV0NBIFJvb3QgQ2VydGlm -aWNhdGlvbiBBdXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB -AQCwfnK4pAOU5qfeCTiRShFAh6d8WWQUe7UREN3+v9XAu1bihSX0NXIP+FPQQeFE -AcK0HMMxQhZHhTMidrIKbw/lJVBPhYa+v5guEGcevhEFhgWQxFnQfHgQsIBct+HH -K3XLfJ+utdGdIzdjp9xCoi2SBBtQwXu4PhvJVgSLL1KbralW6cH/ralYhzC2gfeX -RfwZVzsrb+RH9JlF/h3x+JejiB03HFyP4HYlmlD4oFT/RJB2I9IyxsOrBr/8+7/z -rX2SYgJbKdM1o5OaQ2RgXbL6Mv87BK9NQGr5x+PvI/1ry+UPizgN7gr8/g+YnzAx -3WxSZfmLgb4i4RxYA7qRG4kHAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV -HRMBAf8EBTADAQH/MB0GA1UdDgQWBBRqOFsmjd6LWvJPelSDGRjjCDWmujANBgkq -hkiG9w0BAQUFAAOCAQEAPNV3PdrfibqHDAhUaiBQkr6wQT25JmSDCi/oQMCXKCeC -MErJk/9q56YAf4lCmtYR5VPOL8zy2gXE/uJQxDqGfczafhAJO5I1KlOy/usrBdls -XebQ79NqZp4VKIV66IIArB6nCWlWQtNoURi+VJq/REG6Sb4gumlc7rh3zc5sH62D -lhh9DrUUOYTxKOkto557HnpyWoOzeW/vtPzQCqVYT0bf+215WfKEIlKuD8z7fDvn -aspHYcN6+NOSBB+4IIThNlQWx0DeO4pz3N/GCUzf7Nr/1FNCocnyYh0igzyXxfkZ -YiesZSLX0zzG5Y6yU8xJzrww/nsOM5D77dIUkR8Hrw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFcjCCA1qgAwIBAgIQH51ZWtcvwgZEpYAIaeNe9jANBgkqhkiG9w0BAQUFADA/ -MQswCQYDVQQGEwJUVzEwMC4GA1UECgwnR292ZXJubWVudCBSb290IENlcnRpZmlj -YXRpb24gQXV0aG9yaXR5MB4XDTAyMTIwNTEzMjMzM1oXDTMyMTIwNTEzMjMzM1ow -PzELMAkGA1UEBhMCVFcxMDAuBgNVBAoMJ0dvdmVybm1lbnQgUm9vdCBDZXJ0aWZp -Y2F0aW9uIEF1dGhvcml0eTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB -AJoluOzMonWoe/fOW1mKydGGEghU7Jzy50b2iPN86aXfTEc2pBsBHH8eV4qNw8XR -IePaJD9IK/ufLqGU5ywck9G/GwGHU5nOp/UKIXZ3/6m3xnOUT0b3EEk3+qhZSV1q -gQdW8or5BtD3cCJNtLdBuTK4sfCxw5w/cP1T3YGq2GN49thTbqGsaoQkclSGxtKy -yhwOeYHWtXBiCAEuTk8O1RGvqa/lmr/czIdtJuTJV6L7lvnM4T9TjGxMfptTCAts -F/tnyMKtsc2AtJfcdgEWFelq16TheEfOhtX7MfP6Mb40qij7cEwdScevLJ1tZqa2 -jWR+tSBqnTuBto9AAGdLiYa4zGX+FVPpBMHWXx1E1wovJ5pGfaENda1UhhXcSTvx -ls4Pm6Dso3pdvtUqdULle96ltqqvKKyskKw4t9VoNSZ63Pc78/1Fm9G7Q3hub/FC -VGqY8A2tl+lSXunVanLeavcbYBT0peS2cWeqH+riTcFCQP5nRhc4L0c/cZyu5SHK -YS1tB6iEfC3uUSXxY5Ce/eFXiGvviiNtsea9P63RPZYLhY3Naye7twWb7LuRqQoH -EgKXTiCQ8P8NHuJBO9NAOueNXdpm5AKwB1KYXA6OM5zCppX7VRluTI6uSw+9wThN -Xo+EHWbNxWCWtFJaBYmOlXqYwZE8lSOyDvR5tMl8wUohAgMBAAGjajBoMB0GA1Ud -DgQWBBTMzO/MKWCkO7GStjz6MmKPrCUVOzAMBgNVHRMEBTADAQH/MDkGBGcqBwAE -MTAvMC0CAQAwCQYFKw4DAhoFADAHBgVnKgMAAAQUA5vwIhP/lSg209yewDL7MTqK -UWUwDQYJKoZIhvcNAQEFBQADggIBAECASvomyc5eMN1PhnR2WPWus4MzeKR6dBcZ -TulStbngCnRiqmjKeKBMmo4sIy7VahIkv9Ro04rQ2JyftB8M3jh+Vzj8jeJPXgyf -qzvS/3WXy6TjZwj/5cAWtUgBfen5Cv8b5Wppv3ghqMKnI6mGq3ZW6A4M9hPdKmaK -ZEk9GhiHkASfQlK3T8v+R0F2Ne//AHY2RTKbxkaFXeIksB7jSJaYV0eUVXoPQbFE -JPPB/hprv4j9wabak2BegUqZIJxIZhm1AHlUD7gsL0u8qV1bYH+Mh6XgUmMqvtg7 -hUAV/h62ZT/FS9p+tXo1KaMuephgIqP0fSdOLeq0dDzpD6QzDxARvBMB1uUO07+1 -EqLhRSPAzAhuYbeJq4PjJB7mXQfnHyA+z2fI56wwbSdLaG5LKlwCCDTb+HbkZ6Mm -nD+iMsJKxYEYMRBWqoTvLQr/uB930r+lWKBi5NdLkXWNiYCYfm3LU05er/ayl4WX -udpVBrkk7tfGOB5jGxI7leFYrPLfhNVfmS8NVVvmONsuP3LpSIXLuykTjx44Vbnz -ssQwmSNOXfJIoRIM3BKQCZBUkQM8R+XVyWXgt0t97EfTsws+rZ7QdAAO671RrcDe -LMDDav7v3Aun+kbfYNucpllQdSNpc5Oy+fwC00fmcc4QAu4njIT/rEUNE1yDMuAl -pYYsfPQS ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFODCCAyCgAwIBAgIRAJW+FqD3LkbxezmCcvqLzZYwDQYJKoZIhvcNAQEFBQAw -NzEUMBIGA1UECgwLVGVsaWFTb25lcmExHzAdBgNVBAMMFlRlbGlhU29uZXJhIFJv -b3QgQ0EgdjEwHhcNMDcxMDE4MTIwMDUwWhcNMzIxMDE4MTIwMDUwWjA3MRQwEgYD -VQQKDAtUZWxpYVNvbmVyYTEfMB0GA1UEAwwWVGVsaWFTb25lcmEgUm9vdCBDQSB2 -MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMK+6yfwIaPzaSZVfp3F -VRaRXP3vIb9TgHot0pGMYzHw7CTww6XScnwQbfQ3t+XmfHnqjLWCi65ItqwA3GV1 -7CpNX8GH9SBlK4GoRz6JI5UwFpB/6FcHSOcZrr9FZ7E3GwYq/t75rH2D+1665I+X -Z75Ljo1kB1c4VWk0Nj0TSO9P4tNmHqTPGrdeNjPUtAa9GAH9d4RQAEX1jF3oI7x+ -/jXh7VB7qTCNGdMJjmhnXb88lxhTuylixcpecsHHltTbLaC0H2kD7OriUPEMPPCs -81Mt8Bz17Ww5OXOAFshSsCPN4D7c3TxHoLs1iuKYaIu+5b9y7tL6pe0S7fyYGKkm -dtwoSxAgHNN/Fnct7W+A90m7UwW7XWjH1Mh1Fj+JWov3F0fUTPHSiXk+TT2YqGHe -Oh7S+F4D4MHJHIzTjU3TlTazN19jY5szFPAtJmtTfImMMsJu7D0hADnJoWjiUIMu -sDor8zagrC/kb2HCUQk5PotTubtn2txTuXZZNp1D5SDgPTJghSJRt8czu90VL6R4 -pgd7gUY2BIbdeTXHlSw7sKMXNeVzH7RcWe/a6hBle3rQf5+ztCo3O3CLm1u5K7fs -slESl1MpWtTwEhDcTwK7EpIvYtQ/aUN8Ddb8WHUBiJ1YFkveupD/RwGJBmr2X7KQ -arMCpgKIv7NHfirZ1fpoeDVNAgMBAAGjPzA9MA8GA1UdEwEB/wQFMAMBAf8wCwYD -VR0PBAQDAgEGMB0GA1UdDgQWBBTwj1k4ALP1j5qWDNXr+nuqF+gTEjANBgkqhkiG -9w0BAQUFAAOCAgEAvuRcYk4k9AwI//DTDGjkk0kiP0Qnb7tt3oNmzqjMDfz1mgbl -dxSR651Be5kqhOX//CHBXfDkH1e3damhXwIm/9fH907eT/j3HEbAek9ALCI18Bmx -0GtnLLCo4MBANzX2hFxc469CeP6nyQ1Q6g2EdvZR74NTxnr/DlZJLo961gzmJ1Tj -TQpgcmLNkQfWpb/ImWvtxBnmq0wROMVvMeJuScg/doAmAyYp4Db29iBT4xdwNBed -Y2gea+zDTYa4EzAvXUYNR0PVG6pZDrlcjQZIrXSHX8f8MVRBE+LHIQ6e4B4N4cB7 -Q4WQxYpYxmUKeFfyxiMPAdkgS94P+5KFdSpcc41teyWRyu5FrgZLAMzTsVlQ2jqI -OylDRl6XK1TOU2+NSueW+r9xDkKLfP0ooNBIytrEgUy7onOTJsjrDNYmiLbAJM+7 -vVvrdX3pCI6GMyx5dwlppYn8s3CQh3aP0yK7Qs69cwsgJirQmz1wHiRszYd2qReW -t88NkvuOGKmYSdGe/mBEciG5Ge3C9THxOUiIkCR1VBatzvT4aRRkOfujuLpwQMcn -HL/EVlP6Y2XQ8xwOFvVrhlhNGNTkDY6lnVuR3HYkUD/GKvvZt5y11ubQ2egZixVx -SK236thZiNSQvxaz2emsWWFUyBy6ysHK4bkgTI86k4mloMy/0/Z1pHWWbVY= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEIDCCAwigAwIBAgIJAISCLF8cYtBAMA0GCSqGSIb3DQEBCwUAMIGcMQswCQYD -VQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEgQ2l0eTEk -MCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYDVQQLDB5U -cnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxFzAVBgNVBAMMDlRydXN0Q29y -IEVDQS0xMB4XDTE2MDIwNDEyMzIzM1oXDTI5MTIzMTE3MjgwN1owgZwxCzAJBgNV -BAYTAlBBMQ8wDQYDVQQIDAZQYW5hbWExFDASBgNVBAcMC1BhbmFtYSBDaXR5MSQw -IgYDVQQKDBtUcnVzdENvciBTeXN0ZW1zIFMuIGRlIFIuTC4xJzAlBgNVBAsMHlRy -dXN0Q29yIENlcnRpZmljYXRlIEF1dGhvcml0eTEXMBUGA1UEAwwOVHJ1c3RDb3Ig -RUNBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPj+ARtZ+odnbb -3w9U73NjKYKtR8aja+3+XzP4Q1HpGjORMRegdMTUpwHmspI+ap3tDvl0mEDTPwOA -BoJA6LHip1GnHYMma6ve+heRK9jGrB6xnhkB1Zem6g23xFUfJ3zSCNV2HykVh0A5 -3ThFEXXQmqc04L/NyFIduUd+Dbi7xgz2c1cWWn5DkR9VOsZtRASqnKmcp0yJF4Ou -owReUoCLHhIlERnXDH19MURB6tuvsBzvgdAsxZohmz3tQjtQJvLsznFhBmIhVE5/ -wZ0+fyCMgMsq2JdiyIMzkX2woloPV+g7zPIlstR8L+xNxqE6FXrntl019fZISjZF -ZtS6mFjBAgMBAAGjYzBhMB0GA1UdDgQWBBREnkj1zG1I1KBLf/5ZJC+Dl5mahjAf -BgNVHSMEGDAWgBREnkj1zG1I1KBLf/5ZJC+Dl5mahjAPBgNVHRMBAf8EBTADAQH/ -MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEABT41XBVwm8nHc2Fv -civUwo/yQ10CzsSUuZQRg2dd4mdsdXa/uwyqNsatR5Nj3B5+1t4u/ukZMjgDfxT2 -AHMsWbEhBuH7rBiVDKP/mZb3Kyeb1STMHd3BOuCYRLDE5D53sXOpZCz2HAF8P11F -hcCF5yWPldwX8zyfGm6wyuMdKulMY/okYWLW2n62HGz1Ah3UKt1VkOsqEUc8Ll50 -soIipX1TH0XsJ5F95yIW6MBoNtjG8U+ARDL54dHRHareqKucBK+tIA5kmE2la8BI -WJZpTdwHjFGTot+fDz2LYLSCjaoITmJF4PkL0uDgPFveXHEnJcLmA4GLEFPjx1Wi -tJ/X5g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEMDCCAxigAwIBAgIJANqb7HHzA7AZMA0GCSqGSIb3DQEBCwUAMIGkMQswCQYD -VQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEgQ2l0eTEk -MCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYDVQQLDB5U -cnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxHzAdBgNVBAMMFlRydXN0Q29y -IFJvb3RDZXJ0IENBLTEwHhcNMTYwMjA0MTIzMjE2WhcNMjkxMjMxMTcyMzE2WjCB -pDELMAkGA1UEBhMCUEExDzANBgNVBAgMBlBhbmFtYTEUMBIGA1UEBwwLUGFuYW1h -IENpdHkxJDAiBgNVBAoMG1RydXN0Q29yIFN5c3RlbXMgUy4gZGUgUi5MLjEnMCUG -A1UECwweVHJ1c3RDb3IgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MR8wHQYDVQQDDBZU -cnVzdENvciBSb290Q2VydCBDQS0xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB -CgKCAQEAv463leLCJhJrMxnHQFgKq1mqjQCj/IDHUHuO1CAmujIS2CNUSSUQIpid -RtLByZ5OGy4sDjjzGiVoHKZaBeYei0i/mJZ0PmnK6bV4pQa81QBeCQryJ3pS/C3V -seq0iWEk8xoT26nPUu0MJLq5nux+AHT6k61sKZKuUbS701e/s/OojZz0JEsq1pme -9J7+wH5COucLlVPat2gOkEz7cD+PSiyU8ybdY2mplNgQTsVHCJCZGxdNuWxu72CV -EY4hgLW9oHPY0LJ3xEXqWib7ZnZ2+AYfYW0PVcWDtxBWcgYHpfOxGgMFZA6dWorW -hnAbJN7+KIor0Gqw/Hqi3LJ5DotlDwIDAQABo2MwYTAdBgNVHQ4EFgQU7mtJPHo/ -DeOxCbeKyKsZn3MzUOcwHwYDVR0jBBgwFoAU7mtJPHo/DeOxCbeKyKsZn3MzUOcw -DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQAD -ggEBACUY1JGPE+6PHh0RU9otRCkZoB5rMZ5NDp6tPVxBb5UrJKF5mDo4Nvu7Zp5I -/5CQ7z3UuJu0h3U/IJvOcs+hVcFNZKIZBqEHMwwLKeXx6quj7LUKdJDHfXLy11yf -ke+Ri7fc7Waiz45mO7yfOgLgJ90WmMCV1Aqk5IGadZQ1nJBfiDcGrVmVCrDRZ9MZ -yonnMlo2HD6CqFqTvsbQZJG2z9m2GM/bftJlo6bEjhcxwft+dtvTheNYsnd6djts -L1Ac59v2Z3kf9YKVmgenFK+P3CghZwnS1k1aHBkcjndcw5QkPTJrS37UeJSDvjdN -zl/HHk484IkzlQsPpTLWPFp5LBk= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIGLzCCBBegAwIBAgIIJaHfyjPLWQIwDQYJKoZIhvcNAQELBQAwgaQxCzAJBgNV -BAYTAlBBMQ8wDQYDVQQIDAZQYW5hbWExFDASBgNVBAcMC1BhbmFtYSBDaXR5MSQw -IgYDVQQKDBtUcnVzdENvciBTeXN0ZW1zIFMuIGRlIFIuTC4xJzAlBgNVBAsMHlRy -dXN0Q29yIENlcnRpZmljYXRlIEF1dGhvcml0eTEfMB0GA1UEAwwWVHJ1c3RDb3Ig -Um9vdENlcnQgQ0EtMjAeFw0xNjAyMDQxMjMyMjNaFw0zNDEyMzExNzI2MzlaMIGk -MQswCQYDVQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEg -Q2l0eTEkMCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYD -VQQLDB5UcnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxHzAdBgNVBAMMFlRy -dXN0Q29yIFJvb3RDZXJ0IENBLTIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK -AoICAQCnIG7CKqJiJJWQdsg4foDSq8GbZQWU9MEKENUCrO2fk8eHyLAnK0IMPQo+ -QVqedd2NyuCb7GgypGmSaIwLgQ5WoD4a3SwlFIIvl9NkRvRUqdw6VC0xK5mC8tkq -1+9xALgxpL56JAfDQiDyitSSBBtlVkxs1Pu2YVpHI7TYabS3OtB0PAx1oYxOdqHp -2yqlO/rOsP9+aij9JxzIsekp8VduZLTQwRVtDr4uDkbIXvRR/u8OYzo7cbrPb1nK -DOObXUm4TOJXsZiKQlecdu/vvdFoqNL0Cbt3Nb4lggjEFixEIFapRBF37120Hape -az6LMvYHL1cEksr1/p3C6eizjkxLAjHZ5DxIgif3GIJ2SDpxsROhOdUuxTTCHWKF -3wP+TfSvPd9cW436cOGlfifHhi5qjxLGhF5DUVCcGZt45vz27Ud+ez1m7xMTiF88 -oWP7+ayHNZ/zgp6kPwqcMWmLmaSISo5uZk3vFsQPeSghYA2FFn3XVDjxklb9tTNM -g9zXEJ9L/cb4Qr26fHMC4P99zVvh1Kxhe1fVSntb1IVYJ12/+CtgrKAmrhQhJ8Z3 -mjOAPF5GP/fDsaOGM8boXg25NSyqRsGFAnWAoOsk+xWq5Gd/bnc/9ASKL3x74xdh -8N0JqSDIvgmk0H5Ew7IwSjiqqewYmgeCK9u4nBit2uBGF6zPXQIDAQABo2MwYTAd -BgNVHQ4EFgQU2f4hQG6UnrybPZx9mCAZ5YwwYrIwHwYDVR0jBBgwFoAU2f4hQG6U -nrybPZx9mCAZ5YwwYrIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYw -DQYJKoZIhvcNAQELBQADggIBAJ5Fngw7tu/hOsh80QA9z+LqBrWyOrsGS2h60COX -dKcs8AjYeVrXWoSK2BKaG9l9XE1wxaX5q+WjiYndAfrs3fnpkpfbsEZC89NiqpX+ -MWcUaViQCqoL7jcjx1BRtPV+nuN79+TMQjItSQzL/0kMmx40/W5ulop5A7Zv2wnL -/V9lFDfhOPXzYRZY5LVtDQsEGz9QLX+zx3oaFoBg+Iof6Rsqxvm6ARppv9JYx1RX -CI/hOWB3S6xZhBqI8d3LT3jX5+EzLfzuQfogsL7L9ziUwOHQhQ+77Sxzq+3+knYa -ZH9bDTMJBzN7Bj8RpFxwPIXAz+OQqIN3+tvmxYxoZxBnpVIt8MSZj3+/0WvitUfW -2dCFmU2Umw9Lje4AWkcdEQOsQRivh7dvDDqPys/cA8GiCcjl/YBeyGBCARsaU1q7 -N6a3vLqE6R5sGtRk2tRD/pOLS/IseRYQ1JMLiI+h2IYURpFHmygk71dSTlxCnKr3 -Sewn6EAes6aJInKc9Q0ztFijMDvd1GpUk74aTfOTlPf8hAs/hCBcNANExdqtvArB -As8e5ZTZ845b2EzwnexhF7sUMlQMAimTHpKG9n/v55IFDlndmQguLvqcAFLTxWYp -5KeXRKQOKIETNcX2b2TmQcTVL8w0RSXPQQCWPUouwpaYT05KnJe32x+SMsj/D1Fu -1uwJ ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDZzCCAk+gAwIBAgIQGx+ttiD5JNM2a/fH8YygWTANBgkqhkiG9w0BAQUFADBF -MQswCQYDVQQGEwJHQjEYMBYGA1UEChMPVHJ1c3RpcyBMaW1pdGVkMRwwGgYDVQQL -ExNUcnVzdGlzIEZQUyBSb290IENBMB4XDTAzMTIyMzEyMTQwNloXDTI0MDEyMTEx -MzY1NFowRTELMAkGA1UEBhMCR0IxGDAWBgNVBAoTD1RydXN0aXMgTGltaXRlZDEc -MBoGA1UECxMTVHJ1c3RpcyBGUFMgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQAD -ggEPADCCAQoCggEBAMVQe547NdDfxIzNjpvto8A2mfRC6qc+gIMPpqdZh8mQRUN+ -AOqGeSoDvT03mYlmt+WKVoaTnGhLaASMk5MCPjDSNzoiYYkchU59j9WvezX2fihH -iTHcDnlkH5nSW7r+f2C/revnPDgpai/lkQtV/+xvWNUtyd5MZnGPDNcE2gfmHhjj -vSkCqPoc4Vu5g6hBSLwacY3nYuUtsuvffM/bq1rKMfFMIvMFE/eC+XN5DL7XSxzA -0RU8k0Fk0ea+IxciAIleH2ulrG6nS4zto3Lmr2NNL4XSFDWaLk6M6jKYKIahkQlB -OrTh4/L68MkKokHdqeMDx4gVOxzUGpTXn2RZEm0CAwEAAaNTMFEwDwYDVR0TAQH/ -BAUwAwEB/zAfBgNVHSMEGDAWgBS6+nEleYtXQSUhhgtx67JkDoshZzAdBgNVHQ4E -FgQUuvpxJXmLV0ElIYYLceuyZA6LIWcwDQYJKoZIhvcNAQEFBQADggEBAH5Y//01 -GX2cGE+esCu8jowU/yyg2kdbw++BLa8F6nRIW/M+TgfHbcWzk88iNVy2P3UnXwmW -zaD+vkAMXBJV+JOCyinpXj9WV4s4NvdFGkwozZ5BuO1WTISkQMi4sKUraXAEasP4 -1BIy+Q7DsdwyhEQsb8tGD+pmQQ9P8Vilpg0ND2HepZ5dfWWhPBfnqFVO76DH7cZE -f1T1o+CP8HxVIo8ptoGj4W1OLBuAZ+ytIJ8MYmHVl/9D7S3B2l0pKoU/rGXuhg8F -jZBf3+6f9L/uHfuY5H+QK4R4EA5sSVPvFVtlRkpdr7r7OnIdzfYliB6XzCGcKQEN -ZetX2fNXlrtIzYE= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEJzCCAw+gAwIBAgIHAI4X/iQggTANBgkqhkiG9w0BAQsFADCBsTELMAkGA1UE -BhMCVFIxDzANBgNVBAcMBkFua2FyYTFNMEsGA1UECgxEVMOcUktUUlVTVCBCaWxn -aSDEsGxldGnFn2ltIHZlIEJpbGnFn2ltIEfDvHZlbmxpxJ9pIEhpem1ldGxlcmkg -QS7Fni4xQjBABgNVBAMMOVTDnFJLVFJVU1QgRWxla3Ryb25payBTZXJ0aWZpa2Eg -SGl6bWV0IFNhxJ9sYXnEsWPEsXPEsSBINTAeFw0xMzA0MzAwODA3MDFaFw0yMzA0 -MjgwODA3MDFaMIGxMQswCQYDVQQGEwJUUjEPMA0GA1UEBwwGQW5rYXJhMU0wSwYD -VQQKDERUw5xSS1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUgQmlsacWfaW0gR8O8 -dmVubGnEn2kgSGl6bWV0bGVyaSBBLsWeLjFCMEAGA1UEAww5VMOcUktUUlVTVCBF -bGVrdHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxIEg1MIIB -IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCUZ4WWe60ghUEoI5RHwWrom -/4NZzkQqL/7hzmAD/I0Dpe3/a6i6zDQGn1k19uwsu537jVJp45wnEFPzpALFp/kR -Gml1bsMdi9GYjZOHp3GXDSHHmflS0yxjXVW86B8BSLlg/kJK9siArs1mep5Fimh3 -4khon6La8eHBEJ/rPCmBp+EyCNSgBbGM+42WAA4+Jd9ThiI7/PS98wl+d+yG6w8z -5UNP9FR1bSmZLmZaQ9/LXMrI5Tjxfjs1nQ/0xVqhzPMggCTTV+wVunUlm+hkS7M0 -hO8EuPbJbKoCPrZV4jI3X/xml1/N1p7HIL9Nxqw/dV8c7TKcfGkAaZHjIxhT6QID -AQABo0IwQDAdBgNVHQ4EFgQUVpkHHtOsDGlktAxQR95DLL4gwPswDgYDVR0PAQH/ -BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAJ5FdnsX -SDLyOIspve6WSk6BGLFRRyDN0GSxDsnZAdkJzsiZ3GglE9Rc8qPoBP5yCccLqh0l -VX6Wmle3usURehnmp349hQ71+S4pL+f5bFgWV1Al9j4uPqrtd3GqqpmWRgqujuwq -URawXs3qZwQcWDD1YIq9pr1N5Za0/EKJAWv2cMhQOQwt1WbZyNKzMrcbGW3LM/nf -peYVhDfwwvJllpKQd/Ct9JDpEXjXk4nAPQu6KfTomZ1yju2dL+6SfaHx/126M2CF -Yv4HAqGEVka+lgqaE9chTLd8B59OTj+RdPsnnRHM3eaxynFNExc5JsUpISuTKWqW -+qtB4Uu2NQvAmxU= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICjzCCAhWgAwIBAgIQXIuZxVqUxdJxVt7NiYDMJjAKBggqhkjOPQQDAzCBiDEL -MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl -eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT -JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAwMjAx -MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgT -Ck5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVUaGUg -VVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBFQ0MgQ2VydGlm -aWNhdGlvbiBBdXRob3JpdHkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQarFRaqflo -I+d61SRvU8Za2EurxtW20eZzca7dnNYMYf3boIkDuAUU7FfO7l0/4iGzzvfUinng -o4N+LZfQYcTxmdwlkWOrfzCjtHDix6EznPO/LlxTsV+zfTJ/ijTjeXmjQjBAMB0G -A1UdDgQWBBQ64QmG1M8ZwpZ2dEl23OA1xmNjmjAOBgNVHQ8BAf8EBAMCAQYwDwYD -VR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjA2Z6EWCNzklwBBHU6+4WMB -zzuqQhFkoJ2UOQIReVx7Hfpkue4WQrO/isIJxOzksU0CMQDpKmFHjFJKS04YcPbW -RNZu9YO6bVi9JNlWSOrvxKJGgYhqOkbRqZtNyWHa0V1Xahg= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF3jCCA8agAwIBAgIQAf1tMPyjylGoG7xkDjUDLTANBgkqhkiG9w0BAQwFADCB -iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl -cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV -BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAw -MjAxMDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBiDELMAkGA1UEBhMCVVMxEzARBgNV -BAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVU -aGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBSU0EgQ2Vy -dGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK -AoICAQCAEmUXNg7D2wiz0KxXDXbtzSfTTK1Qg2HiqiBNCS1kCdzOiZ/MPans9s/B -3PHTsdZ7NygRK0faOca8Ohm0X6a9fZ2jY0K2dvKpOyuR+OJv0OwWIJAJPuLodMkY -tJHUYmTbf6MG8YgYapAiPLz+E/CHFHv25B+O1ORRxhFnRghRy4YUVD+8M/5+bJz/ -Fp0YvVGONaanZshyZ9shZrHUm3gDwFA66Mzw3LyeTP6vBZY1H1dat//O+T23LLb2 -VN3I5xI6Ta5MirdcmrS3ID3KfyI0rn47aGYBROcBTkZTmzNg95S+UzeQc0PzMsNT -79uq/nROacdrjGCT3sTHDN/hMq7MkztReJVni+49Vv4M0GkPGw/zJSZrM233bkf6 -c0Plfg6lZrEpfDKEY1WJxA3Bk1QwGROs0303p+tdOmw1XNtB1xLaqUkL39iAigmT -Yo61Zs8liM2EuLE/pDkP2QKe6xJMlXzzawWpXhaDzLhn4ugTncxbgtNMs+1b/97l -c6wjOy0AvzVVdAlJ2ElYGn+SNuZRkg7zJn0cTRe8yexDJtC/QV9AqURE9JnnV4ee -UB9XVKg+/XRjL7FQZQnmWEIuQxpMtPAlR1n6BB6T1CZGSlCBst6+eLf8ZxXhyVeE -Hg9j1uliutZfVS7qXMYoCAQlObgOK6nyTJccBz8NUvXt7y+CDwIDAQABo0IwQDAd -BgNVHQ4EFgQUU3m/WqorSs9UgOHYm8Cd8rIDZsswDgYDVR0PAQH/BAQDAgEGMA8G -A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEMBQADggIBAFzUfA3P9wF9QZllDHPF -Up/L+M+ZBn8b2kMVn54CVVeWFPFSPCeHlCjtHzoBN6J2/FNQwISbxmtOuowhT6KO -VWKR82kV2LyI48SqC/3vqOlLVSoGIG1VeCkZ7l8wXEskEVX/JJpuXior7gtNn3/3 -ATiUFJVDBwn7YKnuHKsSjKCaXqeYalltiz8I+8jRRa8YFWSQEg9zKC7F4iRO/Fjs -8PRF/iKz6y+O0tlFYQXBl2+odnKPi4w2r78NBc5xjeambx9spnFixdjQg3IM8WcR -iQycE0xyNN+81XHfqnHd4blsjDwSXWXavVcStkNr/+XeTWYRUc+ZruwXtuhxkYze -Sf7dNXGiFSeUHM9h4ya7b6NnJSFd5t0dCy5oGzuCr+yDZ4XUmFF0sbmZgIn/f3gZ -XHlKYC6SQK5MNyosycdiyA5d9zZbyuAlJQG03RoHnHcAP9Dc1ew91Pq7P8yF1m9/ -qS3fuQL39ZeatTXaw2ewh0qpKJ4jjv9cJ2vhsE/zB+4ALtRZh8tSQZXq9EfX7mRB -VXyNWQKV3WKdwrnuWih0hKWbt5DHDAff9Yk2dDLWKMGwsAvgnEzDHNb842m1R0aB -L6KCq9NjRHDEjf8tM7qtj3u1cIiuPhnPQCjY/MiQu12ZIvVS5ljFH4gxQ+6IHdfG -jjxDah2nGN59PRbxYvnKkKj9 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEojCCA4qgAwIBAgIQRL4Mi1AAJLQR0zYlJWfJiTANBgkqhkiG9w0BAQUFADCB -rjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug -Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho -dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xNjA0BgNVBAMTLVVUTi1VU0VSRmlyc3Qt -Q2xpZW50IEF1dGhlbnRpY2F0aW9uIGFuZCBFbWFpbDAeFw05OTA3MDkxNzI4NTBa -Fw0xOTA3MDkxNzM2NThaMIGuMQswCQYDVQQGEwJVUzELMAkGA1UECBMCVVQxFzAV -BgNVBAcTDlNhbHQgTGFrZSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5l -dHdvcmsxITAfBgNVBAsTGGh0dHA6Ly93d3cudXNlcnRydXN0LmNvbTE2MDQGA1UE -AxMtVVROLVVTRVJGaXJzdC1DbGllbnQgQXV0aGVudGljYXRpb24gYW5kIEVtYWls -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjmFpPJ9q0E7YkY3rs3B -YHW8OWX5ShpHornMSMxqmNVNNRm5pELlzkniii8efNIxB8dOtINknS4p1aJkxIW9 -hVE1eaROaJB7HHqkkqgX8pgV8pPMyaQylbsMTzC9mKALi+VuG6JG+ni8om+rWV6l -L8/K2m2qL+usobNqqrcuZzWLeeEeaYji5kbNoKXqvgvOdjp6Dpvq/NonWz1zHyLm -SGHGTPNpsaguG7bUMSAsvIKKjqQOpdeJQ/wWWq8dcdcRWdq6hw2v+vPhwvCkxWeM -1tZUOt4KpLoDd7NlyP0e03RiqhjKaJMeoYV+9Udly/hNVyh00jT/MLbu9mIwFIws -6wIDAQABo4G5MIG2MAsGA1UdDwQEAwIBxjAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud -DgQWBBSJgmd9xJ0mcABLtFBIfN49rgRufTBYBgNVHR8EUTBPME2gS6BJhkdodHRw -Oi8vY3JsLnVzZXJ0cnVzdC5jb20vVVROLVVTRVJGaXJzdC1DbGllbnRBdXRoZW50 -aWNhdGlvbmFuZEVtYWlsLmNybDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUH -AwQwDQYJKoZIhvcNAQEFBQADggEBALFtYV2mGn98q0rkMPxTbyUkxsrt4jFcKw7u -7mFVbwQ+zznexRtJlOTrIEy05p5QLnLZjfWqo7NK2lYcYJeA3IKirUq9iiv/Cwm0 -xtcgBEXkzYABurorbs6q15L+5K/r9CYdFip/bDCVNy8zEqx/3cfREYxRmLLQo5HQ -rfafnoOTHh1CuEava2bwm3/q4wMC5QJRwarVNZ1yQAOJujEdxRBoUp7fooXFXAim -eOZTT7Hot9MUnpOmw2TjrH5xzbyf6QMbzPvprDHBr3wVdAKZw7JHpsIyYdfHb0gk -USeh1YdV8nuPmD0Wnu51tvjQjvLzxq4oW6fw8zYX/MMF08oDSlQ= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDhDCCAwqgAwIBAgIQL4D+I4wOIg9IZxIokYesszAKBggqhkjOPQQDAzCByjEL -MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW -ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNyBWZXJpU2ln -biwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJp -U2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9y -aXR5IC0gRzQwHhcNMDcxMTA1MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCByjELMAkG -A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJp -U2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNyBWZXJpU2lnbiwg -SW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2ln -biBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5 -IC0gRzQwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASnVnp8Utpkmw4tXNherJI9/gHm -GUo9FANL+mAnINmDiWn6VMaaGF5VKmTeBvaNSjutEDxlPZCIBIngMGGzrl0Bp3ve -fLK+ymVhAIau2o970ImtTR1ZmkGxvEeA3J5iw/mjgbIwga8wDwYDVR0TAQH/BAUw -AwEB/zAOBgNVHQ8BAf8EBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJ -aW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYj -aHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFLMW -kf3upm7ktS5Jj4d4gYDs5bG1MAoGCCqGSM49BAMDA2gAMGUCMGYhDBgmYFo4e1ZC -4Kf8NoRRkSAsdk1DPcQdhCPQrNZ8NQbOzWm9kA3bbEhCHQ6qQgIxAJw9SDkjOVga -FRJZap7v1VmyHVIsmXHNxynfGyphe3HR3vPA5Q06Sqotp9iGKt0uEA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIE0zCCA7ugAwIBAgIQGNrRniZ96LtKIVjNzGs7SjANBgkqhkiG9w0BAQUFADCB -yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL -ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp -U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW -ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0 -aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCByjEL -MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW -ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2ln -biwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJp -U2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9y -aXR5IC0gRzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1 -nmAMqudLO07cfLw8RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbex -t0uz/o9+B1fs70PbZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIz -SdhDY2pSS9KP6HBRTdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQG -BO+QueQA5N06tRn/Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+ -rCpSx4/VBEnkjWNHiDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/ -NIeWiu5T6CUVAgMBAAGjgbIwga8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8E -BAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2UvZ2lmMCEwHzAH -BgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVy -aXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFH/TZafC3ey78DAJ80M5+gKv -MzEzMA0GCSqGSIb3DQEBBQUAA4IBAQCTJEowX2LP2BqYLz3q3JktvXf2pXkiOOzE -p6B4Eq1iDkVwZMXnl2YtmAl+X6/WzChl8gGqCBpH3vn5fJJaCGkgDdk+bW48DW7Y -5gaRQBi5+MHt39tBquCWIMnNZBU4gcmU7qKEKQsTb47bDN0lAtukixlE0kF6BWlK -WE9gyn6CagsCqiUXObXbf+eEZSqVir2G3l6BFoMtEMze/aiCKm0oHw0LxOXnGiYZ -4fQRbxC1lfznQgUy286dUV4otp6F01vvpX1FQHKOtw5rDgb7MzVIcbidJ4vEZV8N -hnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNq ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEuTCCA6GgAwIBAgIQQBrEZCGzEyEDDrvkEhrFHTANBgkqhkiG9w0BAQsFADCB -vTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL -ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwOCBWZXJp -U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MTgwNgYDVQQDEy9W -ZXJpU2lnbiBVbml2ZXJzYWwgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAe -Fw0wODA0MDIwMDAwMDBaFw0zNzEyMDEyMzU5NTlaMIG9MQswCQYDVQQGEwJVUzEX -MBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0 -IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAyMDA4IFZlcmlTaWduLCBJbmMuIC0gRm9y -IGF1dGhvcml6ZWQgdXNlIG9ubHkxODA2BgNVBAMTL1ZlcmlTaWduIFVuaXZlcnNh -bCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEF -AAOCAQ8AMIIBCgKCAQEAx2E3XrEBNNti1xWb/1hajCMj1mCOkdeQmIN65lgZOIzF -9uVkhbSicfvtvbnazU0AtMgtc6XHaXGVHzk8skQHnOgO+k1KxCHfKWGPMiJhgsWH -H26MfF8WIFFE0XBPV+rjHOPMee5Y2A7Cs0WTwCznmhcrewA3ekEzeOEz4vMQGn+H -LL729fdC4uW/h2KJXwBL38Xd5HVEMkE6HnFuacsLdUYI0crSK5XQz/u5QGtkjFdN -/BMReYTtXlT2NJ8IAfMQJQYXStrxHXpma5hgZqTZ79IugvHw7wnqRMkVauIDbjPT -rJ9VAMf2CGqUuV/c4DPxhGD5WycRtPwW8rtWaoAljQIDAQABo4GyMIGvMA8GA1Ud -EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMG0GCCsGAQUFBwEMBGEwX6FdoFsw -WTBXMFUWCWltYWdlL2dpZjAhMB8wBwYFKw4DAhoEFI/l0xqGrI2Oa8PPgGrUSBgs -exkuMCUWI2h0dHA6Ly9sb2dvLnZlcmlzaWduLmNvbS92c2xvZ28uZ2lmMB0GA1Ud -DgQWBBS2d/ppSEefUxLVwuoHMnYH0ZcHGTANBgkqhkiG9w0BAQsFAAOCAQEASvj4 -sAPmLGd75JR3Y8xuTPl9Dg3cyLk1uXBPY/ok+myDjEedO2Pzmvl2MpWRsXe8rJq+ -seQxIcaBlVZaDrHC1LGmWazxY8u4TB1ZkErvkBYoH1quEPuBUDgMbMzxPcP1Y+Oz -4yHJJDnp/RVmRvQbEdBNc6N9Rvk97ahfYtTxP/jgdFcrGJ2BtMQo2pSXpXDrrB2+ -BxHw1dvd5Yzw1TKwg+ZX4o+/vqGqvz0dtdQ46tewXDpPaj+PwGZsY6rp2aQW9IHR -lRQOfc2VNNnSj3BzgXucfr2YYdhFh5iQxeuGMMY1v/D/w1WIg0vvBZIGcfK4mJO3 -7M2CYfE45k+XmCpajQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEGjCCAwICEQCLW3VWhFSFCwDPrzhIzrGkMA0GCSqGSIb3DQEBBQUAMIHKMQsw -CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl -cmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWdu -LCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlT -aWduIENsYXNzIDEgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3Jp -dHkgLSBHMzAeFw05OTEwMDEwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMIHKMQswCQYD -VQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlT -aWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJ -bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWdu -IENsYXNzIDEgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg -LSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN2E1Lm0+afY8wR4 -nN493GwTFtl63SRRZsDHJlkNrAYIwpTRMx/wgzUfbhvI3qpuFU5UJ+/EbRrsC+MO -8ESlV8dAWB6jRx9x7GD2bZTIGDnt/kIYVt/kTEkQeE4BdjVjEjbdZrwBBDajVWjV -ojYJrKshJlQGrT/KFOCsyq0GHZXi+J3x4GD/wn91K0zM2v6HmSHquv4+VNfSWXjb -PG7PoBMAGrgnoeS+Z5bKoMWznN3JdZ7rMJpfo83ZrngZPyPpXNspva1VyBtUjGP2 -6KbqxzcSXKMpHgLZ2x87tNcPVkeBFQRKr4Mn0cVYiMHd9qqnoxjaaKptEVHhv2Vr -n5Z20T0CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAq2aN17O6x5q25lXQBfGfMY1a -qtmqRiYPce2lrVNWYgFHKkTp/j90CxObufRNG7LRX7K20ohcs5/Ny9Sn2WCVhDr4 -wTcdYcrnsMXlkdpUpqwxga6X3s0IrLjAl4B/bnKk52kTlWUfxJM8/XmPBNQ+T+r3 -ns7NZ3xPZQL/kYVUc8f/NveGLezQXk//EZ9yBta4GvFMDSZl4kSAHsef493oCtrs -pSCAaWihT37ha88HQfqDjrw43bAuEbFrskLMmrz5SCJ5ShkPshw+IHTZasO+8ih4 -E1Z5T21Q6huwtVexN2ZYI/PcD98Kh8TvhgXVOBRgmaNL3gaWcSzy27YfpO8/7g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEGTCCAwECEGFwy0mMX5hFKeewptlQW3owDQYJKoZIhvcNAQEFBQAwgcoxCzAJ -BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVy -aVNpZ24gVHJ1c3QgTmV0d29yazE6MDgGA1UECxMxKGMpIDE5OTkgVmVyaVNpZ24s -IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTFFMEMGA1UEAxM8VmVyaVNp -Z24gQ2xhc3MgMiBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0 -eSAtIEczMB4XDTk5MTAwMTAwMDAwMFoXDTM2MDcxNjIzNTk1OVowgcoxCzAJBgNV -BAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVyaVNp -Z24gVHJ1c3QgTmV0d29yazE6MDgGA1UECxMxKGMpIDE5OTkgVmVyaVNpZ24sIElu -Yy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTFFMEMGA1UEAxM8VmVyaVNpZ24g -Q2xhc3MgMiBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAt -IEczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwoNwtUs22e5LeWU -J92lvuCwTY+zYVY81nzD9M0+hsuiiOLh2KRpxbXiv8GmR1BeRjmL1Za6tW8UvxDO -JxOeBUebMXoT2B/Z0wI3i60sR/COgQanDTAM6/c8DyAd3HJG7qUCyFvDyVZpTMUY -wZF7C9UTAJu878NIPkZgIIUq1ZC2zYugzDLdt/1AVbJQHFauzI13TccgTacxdu9o -koqQHgiBVrKtaaNS0MscxCM9H5n+TOgWY47GCI72MfbS+uV23bUckqNJzc0BzWjN -qWm6o+sdDZykIKbBoMXRRkwXbdKsZj+WjOCE1Db/IlnF+RFgqF8EffIa9iVCYQ/E -Srg+iQIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQA0JhU8wI1NQ0kdvekhktdmnLfe -xbjQ5F1fdiLAJvmEOjr5jLX77GDx6M4EsMjdpwOPMPOY36TmpDHf0xwLRtxyID+u -7gU8pDM/CzmscHhzS5kr3zDCVLCoO1Wh/hYozUK9dG6A2ydEp85EXdQbkJgNHkKU -sQAsBNB0owIFImNjzYO1+8FtYmtpdf1dcEG59b98377BMnMiIYtYgXsVkXq642RI -sH/7NiXaldDxJBQX3RiAa0YjOVT1jmIJBB2UkKab5iXiQkWquJCtvgiPqQtCGJTP -cjnhsUPgKM+351psE2tJs//jGHyJizNdrDPXp/naOlXJWBD5qu9ats9LS98q ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEGjCCAwICEQCbfgZJoz5iudXukEhxKe9XMA0GCSqGSIb3DQEBBQUAMIHKMQsw -CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl -cmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWdu -LCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlT -aWduIENsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3Jp -dHkgLSBHMzAeFw05OTEwMDEwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMIHKMQswCQYD -VQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlT -aWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJ -bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWdu -IENsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg -LSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMu6nFL8eB8aHm8b -N3O9+MlrlBIwT/A2R/XQkQr1F8ilYcEWQE37imGQ5XYgwREGfassbqb1EUGO+i2t -KmFZpGcmTNDovFJbcCAEWNF6yaRpvIMXZK0Fi7zQWM6NjPXr8EJJC52XJ2cybuGu -kxUccLwgTS8Y3pKI6GyFVxEa6X7jJhFUokWWVYPKMIno3Nij7SqAP395ZVc+FSBm -CC+Vk7+qRy+oRpfwEuL+wgorUeZ25rdGt+INpsyow0xZVYnm6FNcHOqd8GIWC6fJ -Xwzw3sJ2zq/3avL6QaaiMxTJ5Xpj055iN9WFZZ4O5lMkdBteHRJTW8cs54NJOxWu -imi5V5cCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAERSWwauSCPc/L8my/uRan2Te -2yFPhpk0djZX3dAVL8WtfxUfN2JzPtTnX84XA9s1+ivbrmAJXx5fj267Cz3qWhMe -DGBvtcC1IyIuBwvLqXTLR7sdwdela8wv0kL9Sd2nic9TutoAWii/gt/4uhMdUIaC -/Y4wjylGsB49Ndo4YhYYSq3mtlFs3q9i6wHQHiT+eo8SGhJouPtmmRQURVyu565p -F4ErWjfJXir0xuKhXFSbplQAz/DxwceYMBo7Nhbbo27q/a2ywtrvAkcTisDxszGt -TxzhT5yvDwyd93gN2PQ1VoDat20Xj50egWTh/sVFuq1ruQp6Tk9LhO5L8X3dEQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDojCCAoqgAwIBAgIQE4Y1TR0/BvLB+WUF1ZAcYjANBgkqhkiG9w0BAQUFADBr -MQswCQYDVQQGEwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UECxMmVmlzYSBJbnRl -cm5hdGlvbmFsIFNlcnZpY2UgQXNzb2NpYXRpb24xHDAaBgNVBAMTE1Zpc2EgZUNv -bW1lcmNlIFJvb3QwHhcNMDIwNjI2MDIxODM2WhcNMjIwNjI0MDAxNjEyWjBrMQsw -CQYDVQQGEwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UECxMmVmlzYSBJbnRlcm5h -dGlvbmFsIFNlcnZpY2UgQXNzb2NpYXRpb24xHDAaBgNVBAMTE1Zpc2EgZUNvbW1l -cmNlIFJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvV95WHm6h -2mCxlCfLF9sHP4CFT8icttD0b0/Pmdjh28JIXDqsOTPHH2qLJj0rNfVIsZHBAk4E -lpF7sDPwsRROEW+1QK8bRaVK7362rPKgH1g/EkZgPI2h4H3PVz4zHvtH8aoVlwdV -ZqW1LS7YgFmypw23RuwhY/81q6UCzyr0TP579ZRdhE2o8mCP2w4lPJ9zcc+U30rq -299yOIzzlr3xF7zSujtFWsan9sYXiwGd/BmoKoMWuDpI/k4+oKsGGelT84ATB+0t -vz8KPFUgOSwsAGl0lUq8ILKpeeUYiZGo3BxN77t+Nwtd/jmliFKMAGzsGHxBvfaL -dXe6YJ2E5/4tAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD -AgEGMB0GA1UdDgQWBBQVOIMPPyw/cDMezUb+B4wg4NfDtzANBgkqhkiG9w0BAQUF -AAOCAQEAX/FBfXxcCLkr4NWSR/pnXKUTwwMhmytMiUbPWU3J/qVAtmPN3XEolWcR -zCSs00Rsca4BIGsDoo8Ytyk6feUWYFN4PMCvFYP3j1IzJL1kk5fui/fbGKhtcbP3 -LBfQdCVp9/5rPJS+TUtBjE7ic9DjkCJzQ83z7+pzzkWKsKZJ/0x9nXGIxHYdkFsd -7v3M9+79YKWxehZx0RbQfBI8bGmX265fOZpwLwU8GUYEmSA20GBuYQa7FkKMcPcw -++DbZqMAAb3mLNqRX6BGi01qnD093QVG/na/oAo85ADmJ7f/hC3euiInlhBx6yLt -398znM/jra6O1I7mT1GvFpLgXPYHDw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEMDCCAxigAwIBAgIQUJRs7Bjq1ZxN1ZfvdY+grTANBgkqhkiG9w0BAQUFADCB -gjELMAkGA1UEBhMCVVMxHjAcBgNVBAsTFXd3dy54cmFtcHNlY3VyaXR5LmNvbTEk -MCIGA1UEChMbWFJhbXAgU2VjdXJpdHkgU2VydmljZXMgSW5jMS0wKwYDVQQDEyRY -UmFtcCBHbG9iYWwgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQxMTAxMTcx -NDA0WhcNMzUwMTAxMDUzNzE5WjCBgjELMAkGA1UEBhMCVVMxHjAcBgNVBAsTFXd3 -dy54cmFtcHNlY3VyaXR5LmNvbTEkMCIGA1UEChMbWFJhbXAgU2VjdXJpdHkgU2Vy -dmljZXMgSW5jMS0wKwYDVQQDEyRYUmFtcCBHbG9iYWwgQ2VydGlmaWNhdGlvbiBB -dXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYJB69FbS6 -38eMpSe2OAtp87ZOqCwuIR1cRN8hXX4jdP5efrRKt6atH67gBhbim1vZZ3RrXYCP -KZ2GG9mcDZhtdhAoWORlsH9KmHmf4MMxfoArtYzAQDsRhtDLooY2YKTVMIJt2W7Q -DxIEM5dfT2Fa8OT5kavnHTu86M/0ay00fOJIYRyO82FEzG+gSqmUsE3a56k0enI4 -qEHMPJQRfevIpoy3hsvKMzvZPTeL+3o+hiznc9cKV6xkmxnr9A8ECIqsAxcZZPRa -JSKNNCyy9mgdEm3Tih4U2sSPpuIjhdV6Db1q4Ons7Be7QhtnqiXtRYMh/MHJfNVi -PvryxS3T/dRlAgMBAAGjgZ8wgZwwEwYJKwYBBAGCNxQCBAYeBABDAEEwCwYDVR0P -BAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFMZPoj0GY4QJnM5i5ASs -jVy16bYbMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwueHJhbXBzZWN1cml0 -eS5jb20vWEdDQS5jcmwwEAYJKwYBBAGCNxUBBAMCAQEwDQYJKoZIhvcNAQEFBQAD -ggEBAJEVOQMBG2f7Shz5CmBbodpNl2L5JFMn14JkTpAuw0kbK5rc/Kh4ZzXxHfAR -vbdI4xD2Dd8/0sm2qlWkSLoC295ZLhVbO50WfUfXN+pfTXYSNrsf16GBBEYgoyxt -qZ4Bfj8pzgCT3/3JknOJiWSe5yvkHJEs0rnOfc5vMZnT5r7SHpDwCRR5XCOrTdLa -IR9NmXmd4c8nnxCbHIgNsIpkQTG4DmyQJKSbXHGPurt+HBvbaoAPIbzp26a3QPSy -i6mx5O+aGtA9aZnuqCij4Tyz8LIRnM98QObd50N9otg6tamN8jSZxNQQ4Qb9CYQQ -O+7ETPTsJ3xCwnR8gooJybQDJbw= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDODCCAiCgAwIBAgIGIAYFFnACMA0GCSqGSIb3DQEBBQUAMDsxCzAJBgNVBAYT -AlJPMREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJR04gUk9PVCBD -QTAeFw0wNjA3MDQxNzIwMDRaFw0zMTA3MDQxNzIwMDRaMDsxCzAJBgNVBAYTAlJP -MREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJR04gUk9PVCBDQTCC -ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALczuX7IJUqOtdu0KBuqV5Do -0SLTZLrTk+jUrIZhQGpgV2hUhE28alQCBf/fm5oqrl0Hj0rDKH/v+yv6efHHrfAQ -UySQi2bJqIirr1qjAOm+ukbuW3N7LBeCgV5iLKECZbO9xSsAfsT8AzNXDe3i+s5d -RdY4zTW2ssHQnIFKquSyAVwdj1+ZxLGt24gh65AIgoDzMKND5pCCrlUoSe1b16kQ -OA7+j0xbm0bqQfWwCHTD0IgztnzXdN/chNFDDnU5oSVAKOp4yw4sLjmdjItuFhwv -JoIQ4uNllAoEwF73XVv4EOLQunpL+943AAAaWyjj0pxzPjKHmKHJUS/X3qwzs08C -AwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAcYwHQYDVR0O -BBYEFOCMm9slSbPxfIbWskKHC9BroNnkMA0GCSqGSIb3DQEBBQUAA4IBAQA+0hyJ -LjX8+HXd5n9liPRyTMks1zJO890ZeUe9jjtbkw9QSSQTaxQGcu8J06Gh40CEyecY -MnQ8SG4Pn0vU9x7Tk4ZkVJdjclDVVc/6IJMCopvDI5NOFlV2oHB5bc0hH88vLbwZ -44gx+FkagQnIl6Z0x2DEW8xXjrJ1/RsCCdtZb3KTafcxQdaIOL+Hsr0Wefmq5L6I -Jd1hJyMctTEHBDa0GpC9oHRxUIltvBTjD4au8as+x6AJzKNI0eDbZOeStc+vckNw -i/nDhDwTqn6Sm1dTk/pwwpEOMfmbZ13pljheX7NzTogVZ96edhBiIL5VaZVDADlN -9u6wWk5JRFRYX0KD ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFsDCCA5igAwIBAgIQFci9ZUdcr7iXAF7kBtK8nTANBgkqhkiG9w0BAQUFADBe -MQswCQYDVQQGEwJUVzEjMCEGA1UECgwaQ2h1bmdod2EgVGVsZWNvbSBDby4sIEx0 -ZC4xKjAoBgNVBAsMIWVQS0kgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAe -Fw0wNDEyMjAwMjMxMjdaFw0zNDEyMjAwMjMxMjdaMF4xCzAJBgNVBAYTAlRXMSMw -IQYDVQQKDBpDaHVuZ2h3YSBUZWxlY29tIENvLiwgTHRkLjEqMCgGA1UECwwhZVBL -SSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIICIjANBgkqhkiG9w0BAQEF -AAOCAg8AMIICCgKCAgEA4SUP7o3biDN1Z82tH306Tm2d0y8U82N0ywEhajfqhFAH -SyZbCUNsIZ5qyNUD9WBpj8zwIuQf5/dqIjG3LBXy4P4AakP/h2XGtRrBp0xtInAh -ijHyl3SJCRImHJ7K2RKilTza6We/CKBk49ZCt0Xvl/T29de1ShUCWH2YWEtgvM3X -DZoTM1PRYfl61dd4s5oz9wCGzh1NlDivqOx4UXCKXBCDUSH3ET00hl7lSM2XgYI1 -TBnsZfZrxQWh7kcT1rMhJ5QQCtkkO7q+RBNGMD+XPNjX12ruOzjjK9SXDrkb5wdJ -fzcq+Xd4z1TtW0ado4AOkUPB1ltfFLqfpo0kR0BZv3I4sjZsN/+Z0V0OWQqraffA -sgRFelQArr5T9rXn4fg8ozHSqf4hUmTFpmfwdQcGlBSBVcYn5AGPF8Fqcde+S/uU -WH1+ETOxQvdibBjWzwloPn9s9h6PYq2lY9sJpx8iQkEeb5mKPtf5P0B6ebClAZLS -nT0IFaUQAS2zMnaolQ2zepr7BxB4EW/hj8e6DyUadCrlHJhBmd8hh+iVBmoKs2pH -dmX2Os+PYhcZewoozRrSgx4hxyy/vv9haLdnG7t4TY3OZ+XkwY63I2binZB1NJip -NiuKmpS5nezMirH4JYlcWrYvjB9teSSnUmjDhDXiZo1jDiVN1Rmy5nk3pyKdVDEC -AwEAAaNqMGgwHQYDVR0OBBYEFB4M97Zn8uGSJglFwFU5Lnc/QkqiMAwGA1UdEwQF -MAMBAf8wOQYEZyoHAAQxMC8wLQIBADAJBgUrDgMCGgUAMAcGBWcqAwAABBRFsMLH -ClZ87lt4DJX5GFPBphzYEDANBgkqhkiG9w0BAQUFAAOCAgEACbODU1kBPpVJufGB -uvl2ICO1J2B01GqZNF5sAFPZn/KmsSQHRGoqxqWOeBLoR9lYGxMqXnmbnwoqZ6Yl -PwZpVnPDimZI+ymBV3QGypzqKOg4ZyYr8dW1P2WT+DZdjo2NQCCHGervJ8A9tDkP -JXtoUHRVnAxZfVo9QZQlUgjgRywVMRnVvwdVxrsStZf0X4OFunHB2WyBEXYKCrC/ -gpf36j36+uwtqSiUO1bd0lEursC9CBWMd1I0ltabrNMdjmEPNXubrjlpC2JgQCA2 -j6/7Nu4tCEoduL+bXPjqpRugc6bY+G7gMwRfaKonh+3ZwZCc7b3jajWvY9+rGNm6 -5ulK6lCKD2GTHuItGeIwlDWSXQ62B68ZgI9HkFFLLk3dheLSClIKF5r8GrBQAuUB -o2M3IUxExJtRmREOc5wGj1QupyheRDmHVi03vYVElOEMSyycw5KFNGHLD7ibSkNS -/jQ6fbjpKdx2qcgw+BRxgMYeNkh0IkFch4LoGHGLQYlE535YW6i4jRPpp2zDR+2z -Gp1iro2C6pSe3VkQw63d4k3jMdXH7OjysP6SHhYKGvzZ8/gntsm+HbRsZJB/9OTE -W9c3rkIO3aQab3yIVMUWbuF6aC74Or8NpDyJO3inTmODBCEIZ43ygknQW/2xzQ+D -hNQ+IIX3Sj0rnP0qCglN6oH4EZw= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEIDCCAwigAwIBAgIQNE7VVyDV7exJ9C/ON9srbTANBgkqhkiG9w0BAQUFADCB -qTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf -Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIw -MDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNV -BAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMDYxMTE3MDAwMDAwWhcNMzYw -NzE2MjM1OTU5WjCBqTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5j -LjEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYG -A1UECxMvKGMpIDIwMDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNl -IG9ubHkxHzAdBgNVBAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsoPD7gFnUnMekz52hWXMJEEUMDSxuaPFs -W0hoSVk3/AszGcJ3f8wQLZU0HObrTQmnHNK4yZc2AreJ1CRfBsDMRJSUjQJib+ta -3RGNKJpchJAQeg29dGYvajig4tVUROsdB58Hum/u6f1OCyn1PoSgAfGcq/gcfomk -6KHYcWUNo1F77rzSImANuVud37r8UVsLr5iy6S7pBOhih94ryNdOwUxkHt3Ph1i6 -Sk/KaAcdHJ1KxtUvkcx8cXIcxcBn6zL9yZJclNqFwJu/U30rCfSMnZEfl2pSy94J -NqR32HuHUETVPm4pafs5SSYeCaWAe0At6+gnhcn+Yf1+5nyXHdWdAgMBAAGjQjBA -MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBR7W0XP -r87Lev0xkhpqtvNG61dIUDANBgkqhkiG9w0BAQUFAAOCAQEAeRHAS7ORtvzw6WfU -DW5FvlXok9LOAz/t2iWwHVfLHjp2oEzsUHboZHIMpKnxuIvW1oeEuzLlQRHAd9mz -YJ3rG9XRbkREqaYB7FViHXe4XI5ISXycO1cRrK1zN44veFyQaEfZYGDm/Ac9IiAX -xPcW6cTYcvnIc3zfFi8VqT79aie2oetaupgf1eNNZAqdE8hhuvU5HIe6uL17In/2 -/qxAeeWsEG89jxt5dovEN7MhGITlNgDrYyCZuen+MwS7QcjBAvlEYyCegc5C09Y/ -LHbTY5xZ3Y+m4Q6gLkH3LpVHz7z9M/P2C2F+fpErgUfCJzDupxBdN49cOSvkBPB7 -jVaMaA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICiDCCAg2gAwIBAgIQNfwmXNmET8k9Jj1Xm67XVjAKBggqhkjOPQQDAzCBhDEL -MAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjE4MDYGA1UECxMvKGMp -IDIwMDcgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxJDAi -BgNVBAMTG3RoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EgLSBHMjAeFw0wNzExMDUwMDAw -MDBaFw0zODAxMTgyMzU5NTlaMIGEMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhh -d3RlLCBJbmMuMTgwNgYDVQQLEy8oYykgMjAwNyB0aGF3dGUsIEluYy4gLSBGb3Ig -YXV0aG9yaXplZCB1c2Ugb25seTEkMCIGA1UEAxMbdGhhd3RlIFByaW1hcnkgUm9v -dCBDQSAtIEcyMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEotWcgnuVnfFSeIf+iha/ -BebfowJPDQfGAFG6DAJSLSKkQjnE/o/qycG+1E3/n3qe4rF8mq2nhglzh9HnmuN6 -papu+7qzcMBniKI11KOasf2twu8x+qi58/sIxpHR+ymVo0IwQDAPBgNVHRMBAf8E -BTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUmtgAMADna3+FGO6Lts6K -DPgR4bswCgYIKoZIzj0EAwMDaQAwZgIxAN344FdHW6fmCsO99YCKlzUNG4k8VIZ3 -KMqh9HneteY4sPBlcIx/AlTCv//YoT7ZzwIxAMSNlPzcU9LcnXgWHxUzI1NS41ox -XZ3Krr0TKUQNJ1uo52icEvdYPy5yAlejj6EULg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEKjCCAxKgAwIBAgIQYAGXt0an6rS0mtZLL/eQ+zANBgkqhkiG9w0BAQsFADCB -rjELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf -Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIw -MDggdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxJDAiBgNV -BAMTG3RoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EgLSBHMzAeFw0wODA0MDIwMDAwMDBa -Fw0zNzEyMDEyMzU5NTlaMIGuMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3Rl -LCBJbmMuMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9u -MTgwNgYDVQQLEy8oYykgMjAwOCB0aGF3dGUsIEluYy4gLSBGb3IgYXV0aG9yaXpl -ZCB1c2Ugb25seTEkMCIGA1UEAxMbdGhhd3RlIFByaW1hcnkgUm9vdCBDQSAtIEcz -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsr8nLPvb2FvdeHsbnndm -gcs+vHyu86YnmjSjaDFxODNi5PNxZnmxqWWjpYvVj2AtP0LMqmsywCPLLEHd5N/8 -YZzic7IilRFDGF/Eth9XbAoFWCLINkw6fKXRz4aviKdEAhN0cXMKQlkC+BsUa0Lf -b1+6a4KinVvnSr0eAXLbS3ToO39/fR8EtCab4LRarEc9VbjXsCZSKAExQGbY2SS9 -9irY7CFJXJv2eul/VTV+lmuNk5Mny5K76qxAwJ/C+IDPXfRa3M50hqY+bAtTyr2S -zhkGcuYMXDhpxwTWvGzOW/b3aJzcJRVIiKHpqfiYnODz1TEoYRFsZ5aNOZnLwkUk -OQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNV -HQ4EFgQUrWyqlGCc7eT/+j4KdCtjA/e2Wb8wDQYJKoZIhvcNAQELBQADggEBABpA -2JVlrAmSicY59BDlqQ5mU1143vokkbvnRFHfxhY0Cu9qRFHqKweKA3rD6z8KLFIW -oCtDuSWQP3CpMyVtRRooOyfPqsMpQhvfO0zAMzRbQYi/aytlryjvsvXDqmbOe1bu -t8jLZ8HJnBoYuMTDSQPxYA5QzUbF83d597YV4Djbxy8ooAw/dyZ02SUS2jHaGh7c -KUGRIjxpp7sC8rZcJwOJ9Abqm+RyguOhCcHpABnTPtRwa7pxpqpYrvS76Wy274fM -m7v/OeZWYdMKp8RcTGB7BXcmer/YB1IsYvdwY9k5vG8cwnncdimvzsUsZAReiDZu -MdRAGmI0Nj81Aa6sY6A= ------END CERTIFICATE----- diff --git a/bitnami/argo-workflow-controller/3/debian-11/tags-info.yaml b/bitnami/argo-workflow-controller/3/debian-11/tags-info.yaml deleted file mode 100644 index 626ef4510f57..000000000000 --- a/bitnami/argo-workflow-controller/3/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "3" -- 3-debian-11 -- 3.5.4 -- latest diff --git a/bitnami/argo-workflow-exec/3/debian-11/Dockerfile b/bitnami/argo-workflow-exec/3/debian-11/Dockerfile deleted file mode 100644 index 0282ce93f235..000000000000 --- a/bitnami/argo-workflow-exec/3/debian-11/Dockerfile +++ /dev/null @@ -1,53 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T21:29:49Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="3.5.4-debian-11-r23" \ - org.opencontainers.image.title="argo-workflow-exec" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="3.5.4" - -ENV OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl jq procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "kubectl-1.26.14-0-linux-${OS_ARCH}-debian-11" \ - "argo-workflow-exec-3.5.4-3-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/argo-workflow-exec/postunpack.sh -ENV APP_VERSION="3.5.4" \ - BITNAMI_APP_NAME="argo-workflow-exec" \ - PATH="/opt/bitnami/kubectl/bin:/opt/bitnami/argo-workflow-exec/bin:/opt/bitnami/argo-workflow-exec/hack:$PATH" - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/argo-workflow-exec/bin/argoexec" ] -CMD [ "help" ] diff --git a/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 2a0362a9ff13..000000000000 --- a/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "argo-workflow-exec": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.5.4-3" - }, - "kubectl": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.26.14-0" - } -} \ No newline at end of file diff --git a/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/argo-workflow-exec/3/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/argo-workflow-exec/3/debian-11/rootfs/opt/bitnami/scripts/argo-workflow-exec/postunpack.sh b/bitnami/argo-workflow-exec/3/debian-11/rootfs/opt/bitnami/scripts/argo-workflow-exec/postunpack.sh deleted file mode 100755 index 094d12ce69a9..000000000000 --- a/bitnami/argo-workflow-exec/3/debian-11/rootfs/opt/bitnami/scripts/argo-workflow-exec/postunpack.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh - -# Apply hacks -# Ref: https://github.com/argoproj/argo-workflows/blob/9936cf680d56b88ea9c16411500924724fb2f06d/Dockerfile#L63 -ensure_dir_exists /etc/ssh/ -mv /opt/bitnami/argo-workflow-exec/hack/ssh_known_hosts /etc/ssh/ -mv /opt/bitnami/argo-workflow-exec/hack/nsswitch.conf /etc/ diff --git a/bitnami/argo-workflow-exec/3/debian-11/tags-info.yaml b/bitnami/argo-workflow-exec/3/debian-11/tags-info.yaml deleted file mode 100644 index 626ef4510f57..000000000000 --- a/bitnami/argo-workflow-exec/3/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "3" -- 3-debian-11 -- 3.5.4 -- latest diff --git a/bitnami/aspnet-core/6/debian-11/Dockerfile b/bitnami/aspnet-core/6/debian-11/Dockerfile deleted file mode 100644 index 799c50e2d66a..000000000000 --- a/bitnami/aspnet-core/6/debian-11/Dockerfile +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T21:35:52Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="6.0.27-debian-11-r9" \ - org.opencontainers.image.title="aspnet-core" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="6.0.27" - -ENV HOME="/app" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages build-essential ca-certificates curl git libcap2-bin libgcc-s1 libicu-dev liblttng-ust-dev libsqlite3-dev libssl-dev libstdc++6 pkg-config procps unzip wget zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "aspnet-core-6.0.27-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN sed -i 's/^PASS_MAX_DAYS.*/PASS_MAX_DAYS 90/' /etc/login.defs && \ - sed -i 's/^PASS_MIN_DAYS.*/PASS_MIN_DAYS 0/' /etc/login.defs && \ - sed -i 's/sha512/sha512 minlen=8/' /etc/pam.d/common-password - -COPY rootfs / -RUN /opt/bitnami/scripts/aspnet-core/postunpack.sh -ENV APP_VERSION="6.0.27" \ - BITNAMI_APP_NAME="aspnet-core" \ - DOTNET_CLI_HOME="/app" \ - DOTNET_ROOT="/opt/bitnami/aspnet-core/bin" \ - PATH="/opt/bitnami/aspnet-core/bin:$PATH" - -WORKDIR /app -ENTRYPOINT [ "/opt/bitnami/scripts/aspnet-core/entrypoint.sh" ] -CMD [ "/bin/bash" ] diff --git a/bitnami/aspnet-core/6/debian-11/docker-compose.yml b/bitnami/aspnet-core/6/debian-11/docker-compose.yml deleted file mode 100644 index 9b0ca47e5090..000000000000 --- a/bitnami/aspnet-core/6/debian-11/docker-compose.yml +++ /dev/null @@ -1,13 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' -services: - aspnet-core: - image: docker.io/bitnami/aspnet-core:6 - command: ["tail", "-f", "/dev/null"] # To keep the container running - volumes: - - aspnet-core_data:/app -volumes: - aspnet-core_data: - driver: local diff --git a/bitnami/aspnet-core/6/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/aspnet-core/6/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 4ab8c59a3011..000000000000 --- a/bitnami/aspnet-core/6/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "aspnet-core": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "6.0.27-1" - } -} \ No newline at end of file diff --git a/bitnami/aspnet-core/6/debian-11/prebuildfs/opt/bitnami/base/functions b/bitnami/aspnet-core/6/debian-11/prebuildfs/opt/bitnami/base/functions deleted file mode 100644 index 76899b6c85ae..000000000000 --- a/bitnami/aspnet-core/6/debian-11/prebuildfs/opt/bitnami/base/functions +++ /dev/null @@ -1,122 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -[[ ${BASH_DEBUG:-false} = true ]] && set -x - -# Constants -MODULE="$(basename "$0")" -BITNAMI_PREFIX=/opt/bitnami - -# Color Palette -RESET='\033[0m' -BOLD='\033[1m' - -## Foreground -BLACK='\033[38;5;0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -BLUE='\033[38;5;4m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' -WHITE='\033[38;5;7m' - -## Background -ON_BLACK='\033[48;5;0m' -ON_RED='\033[48;5;1m' -ON_GREEN='\033[48;5;2m' -ON_YELLOW='\033[48;5;3m' -ON_BLUE='\033[48;5;4m' -ON_MAGENTA='\033[48;5;5m' -ON_CYAN='\033[48;5;6m' -ON_WHITE='\033[48;5;7m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - printf "%b\\n" "${*}" >&2 -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${NAMI_DEBUG:+${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")}${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - log "" - log "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - log "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - log "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - log "" -} diff --git a/bitnami/aspnet-core/6/debian-11/prebuildfs/opt/bitnami/base/helpers b/bitnami/aspnet-core/6/debian-11/prebuildfs/opt/bitnami/base/helpers deleted file mode 100644 index 387769aabbf3..000000000000 --- a/bitnami/aspnet-core/6/debian-11/prebuildfs/opt/bitnami/base/helpers +++ /dev/null @@ -1,42 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -. /opt/bitnami/base/functions - -######################## -# Helper function to initialize a single nami module -# Arguments: -# Module to initialize -# Returns: -# None -# Description: -# Initialize an unpacked nami module with the `nami initialize` command. -# Command arguments can be specified as function argumnts after the module name. -# `--log-level trace` flag is added to the command if `NAMI_DEBUG` env variable exists. -# The log level can be overridden using the `NAMI_LOG_LEVEL` env variable. -######################### -nami_initialize_one() { - local module="${1:?module not specified}" - if nami inspect $module | grep -q '"lifecycle": "unpacked"'; then - local inputs= - if [[ -f "/${module}-inputs.json" ]]; then - inputs="--inputs-file=/${module}-inputs.json" - fi - nami ${NAMI_DEBUG:+--log-level ${NAMI_LOG_LEVEL:-trace}} initialize $module $inputs "${@:2}" - fi -} - -######################## -# Helper function to initialize one or more nami modules -# Arguments: -# Module to initialize -# Returns: -# None -######################### -nami_initialize() { - local module="${1:?module not specified}" - for module in "${@}"; do - nami_initialize_one $module - done -} diff --git a/bitnami/aspnet-core/6/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/aspnet-core/6/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/aspnet-core/6/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/aspnet-core/6/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/aspnet-core/6/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/aspnet-core/6/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/aspnet-core/6/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/aspnet-core/6/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/aspnet-core/6/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/aspnet-core/6/debian-11/rootfs/opt/bitnami/scripts/aspnet-core/entrypoint.sh b/bitnami/aspnet-core/6/debian-11/rootfs/opt/bitnami/scripts/aspnet-core/entrypoint.sh deleted file mode 100755 index eef346858223..000000000000 --- a/bitnami/aspnet-core/6/debian-11/rootfs/opt/bitnami/scripts/aspnet-core/entrypoint.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/bash -e -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -. /opt/bitnami/base/functions -. /opt/bitnami/base/helpers - -print_welcome_page - -exec "$@" diff --git a/bitnami/aspnet-core/6/debian-11/rootfs/opt/bitnami/scripts/aspnet-core/postunpack.sh b/bitnami/aspnet-core/6/debian-11/rootfs/opt/bitnami/scripts/aspnet-core/postunpack.sh deleted file mode 100755 index dd8e0a30de13..000000000000 --- a/bitnami/aspnet-core/6/debian-11/rootfs/opt/bitnami/scripts/aspnet-core/postunpack.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purpose -mkdir /app -chmod g+rwx /app -setcap CAP_NET_BIND_SERVICE=+eip /opt/bitnami/aspnet-core/bin/dotnet diff --git a/bitnami/aspnet-core/6/debian-11/tags-info.yaml b/bitnami/aspnet-core/6/debian-11/tags-info.yaml deleted file mode 100644 index 64054a812ce0..000000000000 --- a/bitnami/aspnet-core/6/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "6" -- 6-debian-11 -- 6.0.27 diff --git a/bitnami/aspnet-core/7/debian-11/Dockerfile b/bitnami/aspnet-core/7/debian-11/Dockerfile deleted file mode 100644 index ce9a8a6f6208..000000000000 --- a/bitnami/aspnet-core/7/debian-11/Dockerfile +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T21:41:25Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="7.0.16-debian-11-r10" \ - org.opencontainers.image.title="aspnet-core" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="7.0.16" - -ENV HOME="/app" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages build-essential ca-certificates curl git libcap2-bin libgcc-s1 libicu-dev liblttng-ust-dev libsqlite3-dev libssl-dev libstdc++6 pkg-config procps unzip wget zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "aspnet-core-7.0.16-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN sed -i 's/^PASS_MAX_DAYS.*/PASS_MAX_DAYS 90/' /etc/login.defs && \ - sed -i 's/^PASS_MIN_DAYS.*/PASS_MIN_DAYS 0/' /etc/login.defs && \ - sed -i 's/sha512/sha512 minlen=8/' /etc/pam.d/common-password - -COPY rootfs / -RUN /opt/bitnami/scripts/aspnet-core/postunpack.sh -ENV APP_VERSION="7.0.16" \ - BITNAMI_APP_NAME="aspnet-core" \ - DOTNET_CLI_HOME="/app" \ - DOTNET_ROOT="/opt/bitnami/aspnet-core/bin" \ - PATH="/opt/bitnami/aspnet-core/bin:$PATH" - -WORKDIR /app -ENTRYPOINT [ "/opt/bitnami/scripts/aspnet-core/entrypoint.sh" ] -CMD [ "/bin/bash" ] diff --git a/bitnami/aspnet-core/7/debian-11/docker-compose.yml b/bitnami/aspnet-core/7/debian-11/docker-compose.yml deleted file mode 100644 index 3a7388bf0bfd..000000000000 --- a/bitnami/aspnet-core/7/debian-11/docker-compose.yml +++ /dev/null @@ -1,13 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' -services: - aspnet-core: - image: docker.io/bitnami/aspnet-core:7 - command: ["tail", "-f", "/dev/null"] # To keep the container running - volumes: - - aspnet-core_data:/app -volumes: - aspnet-core_data: - driver: local diff --git a/bitnami/aspnet-core/7/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/aspnet-core/7/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index a4750987e1c6..000000000000 --- a/bitnami/aspnet-core/7/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "aspnet-core": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "7.0.16-1" - } -} \ No newline at end of file diff --git a/bitnami/aspnet-core/7/debian-11/prebuildfs/opt/bitnami/base/functions b/bitnami/aspnet-core/7/debian-11/prebuildfs/opt/bitnami/base/functions deleted file mode 100644 index 76899b6c85ae..000000000000 --- a/bitnami/aspnet-core/7/debian-11/prebuildfs/opt/bitnami/base/functions +++ /dev/null @@ -1,122 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -[[ ${BASH_DEBUG:-false} = true ]] && set -x - -# Constants -MODULE="$(basename "$0")" -BITNAMI_PREFIX=/opt/bitnami - -# Color Palette -RESET='\033[0m' -BOLD='\033[1m' - -## Foreground -BLACK='\033[38;5;0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -BLUE='\033[38;5;4m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' -WHITE='\033[38;5;7m' - -## Background -ON_BLACK='\033[48;5;0m' -ON_RED='\033[48;5;1m' -ON_GREEN='\033[48;5;2m' -ON_YELLOW='\033[48;5;3m' -ON_BLUE='\033[48;5;4m' -ON_MAGENTA='\033[48;5;5m' -ON_CYAN='\033[48;5;6m' -ON_WHITE='\033[48;5;7m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - printf "%b\\n" "${*}" >&2 -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${NAMI_DEBUG:+${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")}${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - log "" - log "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - log "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - log "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - log "" -} diff --git a/bitnami/aspnet-core/7/debian-11/prebuildfs/opt/bitnami/base/helpers b/bitnami/aspnet-core/7/debian-11/prebuildfs/opt/bitnami/base/helpers deleted file mode 100644 index 387769aabbf3..000000000000 --- a/bitnami/aspnet-core/7/debian-11/prebuildfs/opt/bitnami/base/helpers +++ /dev/null @@ -1,42 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -. /opt/bitnami/base/functions - -######################## -# Helper function to initialize a single nami module -# Arguments: -# Module to initialize -# Returns: -# None -# Description: -# Initialize an unpacked nami module with the `nami initialize` command. -# Command arguments can be specified as function argumnts after the module name. -# `--log-level trace` flag is added to the command if `NAMI_DEBUG` env variable exists. -# The log level can be overridden using the `NAMI_LOG_LEVEL` env variable. -######################### -nami_initialize_one() { - local module="${1:?module not specified}" - if nami inspect $module | grep -q '"lifecycle": "unpacked"'; then - local inputs= - if [[ -f "/${module}-inputs.json" ]]; then - inputs="--inputs-file=/${module}-inputs.json" - fi - nami ${NAMI_DEBUG:+--log-level ${NAMI_LOG_LEVEL:-trace}} initialize $module $inputs "${@:2}" - fi -} - -######################## -# Helper function to initialize one or more nami modules -# Arguments: -# Module to initialize -# Returns: -# None -######################### -nami_initialize() { - local module="${1:?module not specified}" - for module in "${@}"; do - nami_initialize_one $module - done -} diff --git a/bitnami/aspnet-core/7/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/aspnet-core/7/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/aspnet-core/7/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/aspnet-core/7/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/aspnet-core/7/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/aspnet-core/7/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/aspnet-core/7/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/aspnet-core/7/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/aspnet-core/7/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/aspnet-core/7/debian-11/rootfs/opt/bitnami/scripts/aspnet-core/entrypoint.sh b/bitnami/aspnet-core/7/debian-11/rootfs/opt/bitnami/scripts/aspnet-core/entrypoint.sh deleted file mode 100755 index eef346858223..000000000000 --- a/bitnami/aspnet-core/7/debian-11/rootfs/opt/bitnami/scripts/aspnet-core/entrypoint.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/bash -e -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -. /opt/bitnami/base/functions -. /opt/bitnami/base/helpers - -print_welcome_page - -exec "$@" diff --git a/bitnami/aspnet-core/7/debian-11/rootfs/opt/bitnami/scripts/aspnet-core/postunpack.sh b/bitnami/aspnet-core/7/debian-11/rootfs/opt/bitnami/scripts/aspnet-core/postunpack.sh deleted file mode 100755 index dd8e0a30de13..000000000000 --- a/bitnami/aspnet-core/7/debian-11/rootfs/opt/bitnami/scripts/aspnet-core/postunpack.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purpose -mkdir /app -chmod g+rwx /app -setcap CAP_NET_BIND_SERVICE=+eip /opt/bitnami/aspnet-core/bin/dotnet diff --git a/bitnami/aspnet-core/7/debian-11/tags-info.yaml b/bitnami/aspnet-core/7/debian-11/tags-info.yaml deleted file mode 100644 index 141bd8bf93b8..000000000000 --- a/bitnami/aspnet-core/7/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "7" -- 7-debian-11 -- 7.0.16 diff --git a/bitnami/aspnet-core/8/debian-11/Dockerfile b/bitnami/aspnet-core/8/debian-11/Dockerfile deleted file mode 100644 index 2e5067ad355b..000000000000 --- a/bitnami/aspnet-core/8/debian-11/Dockerfile +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T21:44:59Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="8.0.2-debian-11-r10" \ - org.opencontainers.image.title="aspnet-core" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="8.0.2" - -ENV HOME="/app" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages build-essential ca-certificates curl git libcap2-bin libgcc-s1 libicu-dev liblttng-ust-dev libsqlite3-dev libssl-dev libstdc++6 pkg-config procps unzip wget zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "aspnet-core-8.0.2-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN sed -i 's/^PASS_MAX_DAYS.*/PASS_MAX_DAYS 90/' /etc/login.defs && \ - sed -i 's/^PASS_MIN_DAYS.*/PASS_MIN_DAYS 0/' /etc/login.defs && \ - sed -i 's/sha512/sha512 minlen=8/' /etc/pam.d/common-password - -COPY rootfs / -RUN /opt/bitnami/scripts/aspnet-core/postunpack.sh -ENV APP_VERSION="8.0.2" \ - BITNAMI_APP_NAME="aspnet-core" \ - DOTNET_CLI_HOME="/app" \ - DOTNET_ROOT="/opt/bitnami/aspnet-core/bin" \ - PATH="/opt/bitnami/aspnet-core/bin:$PATH" - -WORKDIR /app -ENTRYPOINT [ "/opt/bitnami/scripts/aspnet-core/entrypoint.sh" ] -CMD [ "/bin/bash" ] diff --git a/bitnami/aspnet-core/8/debian-11/docker-compose.yml b/bitnami/aspnet-core/8/debian-11/docker-compose.yml deleted file mode 100644 index 2e1d93a7e216..000000000000 --- a/bitnami/aspnet-core/8/debian-11/docker-compose.yml +++ /dev/null @@ -1,13 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' -services: - aspnet-core: - image: docker.io/bitnami/aspnet-core:8 - command: ["tail", "-f", "/dev/null"] # To keep the container running - volumes: - - aspnet-core_data:/app -volumes: - aspnet-core_data: - driver: local diff --git a/bitnami/aspnet-core/8/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/aspnet-core/8/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 45f61a3a0c9e..000000000000 --- a/bitnami/aspnet-core/8/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "aspnet-core": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "8.0.2-1" - } -} \ No newline at end of file diff --git a/bitnami/aspnet-core/8/debian-11/prebuildfs/opt/bitnami/base/functions b/bitnami/aspnet-core/8/debian-11/prebuildfs/opt/bitnami/base/functions deleted file mode 100644 index 76899b6c85ae..000000000000 --- a/bitnami/aspnet-core/8/debian-11/prebuildfs/opt/bitnami/base/functions +++ /dev/null @@ -1,122 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -[[ ${BASH_DEBUG:-false} = true ]] && set -x - -# Constants -MODULE="$(basename "$0")" -BITNAMI_PREFIX=/opt/bitnami - -# Color Palette -RESET='\033[0m' -BOLD='\033[1m' - -## Foreground -BLACK='\033[38;5;0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -BLUE='\033[38;5;4m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' -WHITE='\033[38;5;7m' - -## Background -ON_BLACK='\033[48;5;0m' -ON_RED='\033[48;5;1m' -ON_GREEN='\033[48;5;2m' -ON_YELLOW='\033[48;5;3m' -ON_BLUE='\033[48;5;4m' -ON_MAGENTA='\033[48;5;5m' -ON_CYAN='\033[48;5;6m' -ON_WHITE='\033[48;5;7m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - printf "%b\\n" "${*}" >&2 -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${NAMI_DEBUG:+${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")}${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - log "" - log "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - log "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - log "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - log "" -} diff --git a/bitnami/aspnet-core/8/debian-11/prebuildfs/opt/bitnami/base/helpers b/bitnami/aspnet-core/8/debian-11/prebuildfs/opt/bitnami/base/helpers deleted file mode 100644 index 387769aabbf3..000000000000 --- a/bitnami/aspnet-core/8/debian-11/prebuildfs/opt/bitnami/base/helpers +++ /dev/null @@ -1,42 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -. /opt/bitnami/base/functions - -######################## -# Helper function to initialize a single nami module -# Arguments: -# Module to initialize -# Returns: -# None -# Description: -# Initialize an unpacked nami module with the `nami initialize` command. -# Command arguments can be specified as function argumnts after the module name. -# `--log-level trace` flag is added to the command if `NAMI_DEBUG` env variable exists. -# The log level can be overridden using the `NAMI_LOG_LEVEL` env variable. -######################### -nami_initialize_one() { - local module="${1:?module not specified}" - if nami inspect $module | grep -q '"lifecycle": "unpacked"'; then - local inputs= - if [[ -f "/${module}-inputs.json" ]]; then - inputs="--inputs-file=/${module}-inputs.json" - fi - nami ${NAMI_DEBUG:+--log-level ${NAMI_LOG_LEVEL:-trace}} initialize $module $inputs "${@:2}" - fi -} - -######################## -# Helper function to initialize one or more nami modules -# Arguments: -# Module to initialize -# Returns: -# None -######################### -nami_initialize() { - local module="${1:?module not specified}" - for module in "${@}"; do - nami_initialize_one $module - done -} diff --git a/bitnami/aspnet-core/8/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/aspnet-core/8/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/aspnet-core/8/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/aspnet-core/8/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/aspnet-core/8/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/aspnet-core/8/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/aspnet-core/8/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/aspnet-core/8/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/aspnet-core/8/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/aspnet-core/8/debian-11/rootfs/opt/bitnami/scripts/aspnet-core/entrypoint.sh b/bitnami/aspnet-core/8/debian-11/rootfs/opt/bitnami/scripts/aspnet-core/entrypoint.sh deleted file mode 100755 index eef346858223..000000000000 --- a/bitnami/aspnet-core/8/debian-11/rootfs/opt/bitnami/scripts/aspnet-core/entrypoint.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/bash -e -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -. /opt/bitnami/base/functions -. /opt/bitnami/base/helpers - -print_welcome_page - -exec "$@" diff --git a/bitnami/aspnet-core/8/debian-11/rootfs/opt/bitnami/scripts/aspnet-core/postunpack.sh b/bitnami/aspnet-core/8/debian-11/rootfs/opt/bitnami/scripts/aspnet-core/postunpack.sh deleted file mode 100755 index dd8e0a30de13..000000000000 --- a/bitnami/aspnet-core/8/debian-11/rootfs/opt/bitnami/scripts/aspnet-core/postunpack.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purpose -mkdir /app -chmod g+rwx /app -setcap CAP_NET_BIND_SERVICE=+eip /opt/bitnami/aspnet-core/bin/dotnet diff --git a/bitnami/aspnet-core/8/debian-11/tags-info.yaml b/bitnami/aspnet-core/8/debian-11/tags-info.yaml deleted file mode 100644 index f27c6c60800d..000000000000 --- a/bitnami/aspnet-core/8/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "8" -- 8-debian-11 -- 8.0.2 -- latest diff --git a/bitnami/attu/2/debian-11/Dockerfile b/bitnami/attu/2/debian-11/Dockerfile deleted file mode 100644 index 8b0db30fe0d1..000000000000 --- a/bitnami/attu/2/debian-11/Dockerfile +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T21:48:05Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="2.3.8-debian-11-r19" \ - org.opencontainers.image.title="attu" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="2.3.8" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libbz2-1.0 libcom-err2 libcrypt1 libffi7 libgcc-s1 libgssapi-krb5-2 libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 liblzma5 libncursesw6 libnsl2 libreadline8 libsqlite3-0 libssl1.1 libstdc++6 libtinfo6 libtirpc3 procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "python-3.11.8-0-linux-${OS_ARCH}-debian-11" \ - "node-18.19.1-0-linux-${OS_ARCH}-debian-11" \ - "attu-2.3.8-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN useradd -r -u 1001 -g root attu -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN ln -s /opt/bitnami/attu /app && mkdir -p /.cache/yarn && chmod g+rwX /.cache/yarn && mkdir -p /.yarn && chmod g+rwX /.yarn && mkdir /.npm && chmod g+rwX /.npm - -ENV APP_VERSION="2.3.8" \ - BITNAMI_APP_NAME="attu" \ - PATH="/opt/bitnami/python/bin:/opt/bitnami/node/bin:$PATH" - -EXPOSE 3000 - -WORKDIR /opt/bitnami/attu -USER 1001 -ENTRYPOINT [ "/opt/bitnami/node/bin/yarn" ] -CMD [ "start:prod" ] diff --git a/bitnami/attu/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/attu/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index b8c397391e00..000000000000 --- a/bitnami/attu/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "attu": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.3.8-1" - }, - "node": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "18.19.1-0" - }, - "python": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.11.8-0" - } -} \ No newline at end of file diff --git a/bitnami/attu/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/attu/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/attu/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/attu/2/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/attu/2/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/attu/2/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/attu/2/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/attu/2/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/attu/2/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/attu/2/debian-11/tags-info.yaml b/bitnami/attu/2/debian-11/tags-info.yaml deleted file mode 100644 index e353867cdf2d..000000000000 --- a/bitnami/attu/2/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "2" -- 2-debian-11 -- 2.3.8 -- latest diff --git a/bitnami/aws-cli/1/debian-11/Dockerfile b/bitnami/aws-cli/1/debian-11/Dockerfile deleted file mode 100644 index ee59be5b52e5..000000000000 --- a/bitnami/aws-cli/1/debian-11/Dockerfile +++ /dev/null @@ -1,54 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T21:58:10Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.32.40-debian-11-r12" \ - org.opencontainers.image.title="aws-cli" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="1.32.40" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl groff-base libbz2-1.0 libcom-err2 libcrypt1 libffi7 libgssapi-krb5-2 libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 liblzma5 libncursesw6 libnsl2 libreadline8 libsqlite3-0 libssl1.1 libtinfo6 libtirpc3 procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "python-3.11.8-0-linux-${OS_ARCH}-debian-11" \ - "aws-cli-1.32.40-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="1.32.40" \ - AWS_CA_BUNDLE="/etc/ssl/certs/ca-certificates.crt" \ - BITNAMI_APP_NAME="aws-cli" \ - PATH="/opt/bitnami/python/bin:/opt/bitnami/aws-cli/bin:/opt/bitnami/aws-cli/venv/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "aws" ] -CMD [ "--help" ] diff --git a/bitnami/aws-cli/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/aws-cli/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 80291ba88ed4..000000000000 --- a/bitnami/aws-cli/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "aws-cli": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.32.40-1" - }, - "python": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.11.8-0" - } -} \ No newline at end of file diff --git a/bitnami/aws-cli/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/aws-cli/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/aws-cli/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/aws-cli/1/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/aws-cli/1/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/aws-cli/1/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/aws-cli/1/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/aws-cli/1/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/aws-cli/1/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/aws-cli/1/debian-11/tags-info.yaml b/bitnami/aws-cli/1/debian-11/tags-info.yaml deleted file mode 100644 index dd93b452e8f9..000000000000 --- a/bitnami/aws-cli/1/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "1" -- 1-debian-11 -- 1.32.40 diff --git a/bitnami/aws-cli/2/debian-11/Dockerfile b/bitnami/aws-cli/2/debian-11/Dockerfile deleted file mode 100644 index 8b06f7eefdba..000000000000 --- a/bitnami/aws-cli/2/debian-11/Dockerfile +++ /dev/null @@ -1,54 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T09:23:44Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="2.15.20-debian-11-r5" \ - org.opencontainers.image.title="aws-cli" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="2.15.20" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl groff-base libbz2-1.0 libcom-err2 libcrypt1 libffi7 libgcc-s1 libgssapi-krb5-2 libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 liblzma5 libncursesw6 libnsl2 libreadline8 libsqlite3-0 libssl1.1 libtinfo6 libtirpc3 procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "python-3.11.8-0-linux-${OS_ARCH}-debian-11" \ - "aws-cli-2.15.20-0-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="2.15.20" \ - AWS_CA_BUNDLE="/etc/ssl/certs/ca-certificates.crt" \ - BITNAMI_APP_NAME="aws-cli" \ - PATH="/opt/bitnami/python/bin:/opt/bitnami/aws-cli/bin:/opt/bitnami/aws-cli/venv/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "aws" ] -CMD [ "--help" ] diff --git a/bitnami/aws-cli/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/aws-cli/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 08e1fa164ceb..000000000000 --- a/bitnami/aws-cli/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "aws-cli": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.15.20-0" - }, - "python": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.11.8-0" - } -} \ No newline at end of file diff --git a/bitnami/aws-cli/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/aws-cli/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/aws-cli/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/aws-cli/2/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/aws-cli/2/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/aws-cli/2/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/aws-cli/2/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/aws-cli/2/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/aws-cli/2/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/aws-cli/2/debian-11/tags-info.yaml b/bitnami/aws-cli/2/debian-11/tags-info.yaml deleted file mode 100644 index 81e27d9a6bd9..000000000000 --- a/bitnami/aws-cli/2/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "2" -- 2-debian-11 -- 2.15.20 -- latest diff --git a/bitnami/azure-cli/2/debian-11/Dockerfile b/bitnami/azure-cli/2/debian-11/Dockerfile deleted file mode 100644 index 11ce6f6531a5..000000000000 --- a/bitnami/azure-cli/2/debian-11/Dockerfile +++ /dev/null @@ -1,54 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T22:06:53Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="2.57.0-debian-11-r19" \ - org.opencontainers.image.title="azure-cli" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="2.57.0" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libbz2-1.0 libcom-err2 libcrypt1 libffi7 libgcc-s1 libgssapi-krb5-2 libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 liblzma5 libncursesw6 libnsl2 libreadline8 libsqlite3-0 libssl1.1 libtinfo6 libtirpc3 procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "python-3.11.8-0-linux-${OS_ARCH}-debian-11" \ - "azure-cli-2.57.0-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN mkdir /.azure /.azcopy && chmod g+rwX /.azure /.azcopy /bin - -ENV APP_VERSION="2.57.0" \ - BITNAMI_APP_NAME="azure-cli" \ - PATH="/opt/bitnami/python/bin:/opt/bitnami/azure-cli/bin:/opt/bitnami/azure-cli/venv/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "az" ] -CMD [ "help" ] diff --git a/bitnami/azure-cli/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/azure-cli/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index a31c92b8bc2a..000000000000 --- a/bitnami/azure-cli/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "azure-cli": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.57.0-1" - }, - "python": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.11.8-0" - } -} \ No newline at end of file diff --git a/bitnami/azure-cli/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/azure-cli/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/azure-cli/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/azure-cli/2/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/azure-cli/2/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/azure-cli/2/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/azure-cli/2/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/azure-cli/2/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/azure-cli/2/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/azure-cli/2/debian-11/tags-info.yaml b/bitnami/azure-cli/2/debian-11/tags-info.yaml deleted file mode 100644 index 3959f5f0248a..000000000000 --- a/bitnami/azure-cli/2/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "2" -- 2-debian-11 -- 2.57.0 -- latest diff --git a/bitnami/blackbox-exporter/0/debian-11/Dockerfile b/bitnami/blackbox-exporter/0/debian-11/Dockerfile deleted file mode 100644 index 263b0e733131..000000000000 --- a/bitnami/blackbox-exporter/0/debian-11/Dockerfile +++ /dev/null @@ -1,54 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T22:11:45Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="0.24.0-debian-11-r168" \ - org.opencontainers.image.title="blackbox-exporter" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="0.24.0" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "blackbox-exporter-0.24.0-14-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="0.24.0" \ - BITNAMI_APP_NAME="blackbox-exporter" \ - PATH="/opt/bitnami/blackbox-exporter/bin:$PATH" - -EXPOSE 9115 - -WORKDIR /opt/bitnami/blackbox-exporter -USER 1001 -ENTRYPOINT [ "/opt/bitnami/blackbox-exporter/bin/blackbox_exporter" ] diff --git a/bitnami/blackbox-exporter/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/blackbox-exporter/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 2e1f1beb7975..000000000000 --- a/bitnami/blackbox-exporter/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "blackbox-exporter": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "0.24.0-14" - } -} \ No newline at end of file diff --git a/bitnami/blackbox-exporter/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/blackbox-exporter/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/blackbox-exporter/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/blackbox-exporter/0/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/blackbox-exporter/0/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/blackbox-exporter/0/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/blackbox-exporter/0/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/blackbox-exporter/0/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/blackbox-exporter/0/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/blackbox-exporter/0/debian-11/tags-info.yaml b/bitnami/blackbox-exporter/0/debian-11/tags-info.yaml deleted file mode 100644 index f5cd149084f4..000000000000 --- a/bitnami/blackbox-exporter/0/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "0" -- 0-debian-11 -- 0.24.0 -- latest diff --git a/bitnami/cainjector/1/debian-11/Dockerfile b/bitnami/cainjector/1/debian-11/Dockerfile deleted file mode 100644 index 31a209afa207..000000000000 --- a/bitnami/cainjector/1/debian-11/Dockerfile +++ /dev/null @@ -1,52 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T22:18:08Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.14.2-debian-11-r19" \ - org.opencontainers.image.title="cainjector" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="1.14.2" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "cainjector-1.14.2-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="1.14.2" \ - BITNAMI_APP_NAME="cainjector" \ - PATH="/opt/bitnami/cainjector/bin:$PATH" - -WORKDIR /opt/bitnami/cainjector -USER 1001 -ENTRYPOINT [ "/opt/bitnami/cainjector/bin/cainjector" ] diff --git a/bitnami/cainjector/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/cainjector/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index ec346b4851e3..000000000000 --- a/bitnami/cainjector/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "cainjector": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.14.2-1" - } -} \ No newline at end of file diff --git a/bitnami/cainjector/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/cainjector/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/cainjector/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/cainjector/1/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/cainjector/1/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/cainjector/1/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/cainjector/1/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/cainjector/1/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/cainjector/1/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/cainjector/1/debian-11/tags-info.yaml b/bitnami/cainjector/1/debian-11/tags-info.yaml deleted file mode 100644 index 0df37b435b01..000000000000 --- a/bitnami/cainjector/1/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "1" -- 1-debian-11 -- 1.14.2 -- latest diff --git a/bitnami/cassandra-exporter/2/debian-11/Dockerfile b/bitnami/cassandra-exporter/2/debian-11/Dockerfile deleted file mode 100644 index a24209a39d57..000000000000 --- a/bitnami/cassandra-exporter/2/debian-11/Dockerfile +++ /dev/null @@ -1,55 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T22:24:20Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="2.3.8-debian-11-r456" \ - org.opencontainers.image.title="cassandra-exporter" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="2.3.8" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "java-17.0.10-13-1-linux-${OS_ARCH}-debian-11" \ - "cassandra-exporter-2.3.8-166-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="2.3.8" \ - BITNAMI_APP_NAME="cassandra-exporter" \ - PATH="/opt/bitnami/java/bin:$PATH" - -EXPOSE 8080 - -WORKDIR /opt/bitnami/cassandra-exporter -USER 1001 -ENTRYPOINT [ "java", "-jar", "./cassandra_exporter.jar", "./config.yml" ] diff --git a/bitnami/cassandra-exporter/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/cassandra-exporter/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 741436bb2e00..000000000000 --- a/bitnami/cassandra-exporter/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "cassandra-exporter": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.3.8-166" - }, - "java": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "17.0.10-13-1" - } -} \ No newline at end of file diff --git a/bitnami/cassandra-exporter/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/cassandra-exporter/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/cassandra-exporter/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/cassandra-exporter/2/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/cassandra-exporter/2/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/cassandra-exporter/2/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/cassandra-exporter/2/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/cassandra-exporter/2/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/cassandra-exporter/2/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/cassandra-exporter/2/debian-11/tags-info.yaml b/bitnami/cassandra-exporter/2/debian-11/tags-info.yaml deleted file mode 100644 index e353867cdf2d..000000000000 --- a/bitnami/cassandra-exporter/2/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "2" -- 2-debian-11 -- 2.3.8 -- latest diff --git a/bitnami/cassandra/4.0/debian-11/Dockerfile b/bitnami/cassandra/4.0/debian-11/Dockerfile deleted file mode 100644 index 1e1043575176..000000000000 --- a/bitnami/cassandra/4.0/debian-11/Dockerfile +++ /dev/null @@ -1,63 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG JAVA_EXTRA_SECURITY_DIR="/bitnami/java/extra-security" -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T22:27:53Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="4.0.12-debian-11-r21" \ - org.opencontainers.image.title="cassandra" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="4.0.12" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libbz2-1.0 libcom-err2 libcrypt1 libffi7 libgssapi-krb5-2 libjemalloc2 libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 liblzma5 libncursesw6 libnsl2 libreadline8 libsqlite3-0 libssl1.1 libtinfo6 libtirpc3 procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "python-3.11.8-0-linux-${OS_ARCH}-debian-11" \ - "java-11.0.22-12-1-linux-${OS_ARCH}-debian-11" \ - "cassandra-4.0.12-2-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN ln -s /opt/bitnami/scripts/cassandra/entrypoint.sh /entrypoint.sh -RUN ln -s /opt/bitnami/scripts/cassandra/run.sh /run.sh -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/cassandra/postunpack.sh -RUN /opt/bitnami/scripts/java/postunpack.sh -ENV APP_VERSION="4.0.12" \ - BITNAMI_APP_NAME="cassandra" \ - JAVA_HOME="/opt/bitnami/java" \ - PATH="/opt/bitnami/python/bin:/opt/bitnami/java/bin:/opt/bitnami/cassandra/bin:$PATH" - -EXPOSE 7000 9042 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/cassandra/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/cassandra/run.sh" ] diff --git a/bitnami/cassandra/4.0/debian-11/docker-compose.yml b/bitnami/cassandra/4.0/debian-11/docker-compose.yml deleted file mode 100644 index 3de515c9e310..000000000000 --- a/bitnami/cassandra/4.0/debian-11/docker-compose.yml +++ /dev/null @@ -1,20 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' - -services: - cassandra: - image: docker.io/bitnami/cassandra:4.0 - ports: - - '7000:7000' - - '9042:9042' - volumes: - - 'cassandra_data:/bitnami' - environment: - - CASSANDRA_SEEDS=cassandra - - CASSANDRA_PASSWORD_SEEDER=yes - - CASSANDRA_PASSWORD=cassandra -volumes: - cassandra_data: - driver: local diff --git a/bitnami/cassandra/4.0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/cassandra/4.0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index fddf996ab169..000000000000 --- a/bitnami/cassandra/4.0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "cassandra": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "4.0.12-2" - }, - "java": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "11.0.22-12-1" - }, - "python": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.11.8-0" - } -} \ No newline at end of file diff --git a/bitnami/cassandra/4.0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/cassandra/4.0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/cassandra/4.0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/cassandra/4.0/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/cassandra/4.0/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/cassandra/4.0/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/cassandra/4.0/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/cassandra/4.0/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/cassandra/4.0/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/cassandra/4.0/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/cassandra/4.0/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/cassandra/4.0/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/cassandra/4.0/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/cassandra/4.0/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/cassandra/4.0/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/cassandra/4.0/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/cassandra/4.0/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/cassandra/4.0/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/cassandra/4.0/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/cassandra/4.0/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/cassandra/4.0/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/cassandra/4.0/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/cassandra/4.0/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/cassandra/4.0/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/cassandra/4.0/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/cassandra/4.0/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/cassandra/4.0/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/cassandra/4.0/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/cassandra/4.0/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/cassandra/4.0/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/cassandra/4.0/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/cassandra/4.0/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/cassandra/4.0/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/cassandra/4.0/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/cassandra/4.0/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/cassandra/4.0/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/cassandra/4.0/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/cassandra/4.0/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/cassandra/4.0/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/cassandra/4.0/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/cassandra/4.0/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/cassandra/4.0/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/cassandra/4.0/debian-11/rootfs/opt/bitnami/scripts/cassandra-env.sh b/bitnami/cassandra/4.0/debian-11/rootfs/opt/bitnami/scripts/cassandra-env.sh deleted file mode 100644 index c9dc3792ac12..000000000000 --- a/bitnami/cassandra/4.0/debian-11/rootfs/opt/bitnami/scripts/cassandra-env.sh +++ /dev/null @@ -1,176 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for cassandra - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-cassandra}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -cassandra_env_vars=( - CASSANDRA_VOLUME_DIR - CASSANDRA_DATA_DIR - CASSANDRA_COMMITLOG_DIR - CASSANDRA_MOUNTED_CONF_DIR - CASSANDRA_CLIENT_ENCRYPTION - CASSANDRA_CLUSTER_NAME - CASSANDRA_DATACENTER - CASSANDRA_ENABLE_REMOTE_CONNECTIONS - CASSANDRA_ENABLE_RPC - CASSANDRA_ENABLE_USER_DEFINED_FUNCTIONS - CASSANDRA_ENABLE_SCRIPTED_USER_DEFINED_FUNCTIONS - CASSANDRA_ENDPOINT_SNITCH - CASSANDRA_HOST - CASSANDRA_INTERNODE_ENCRYPTION - CASSANDRA_NUM_TOKENS - CASSANDRA_PASSWORD_SEEDER - CASSANDRA_SEEDS - CASSANDRA_PEERS - CASSANDRA_PEERS - CASSANDRA_NODES - CASSANDRA_RACK - CASSANDRA_BROADCAST_ADDRESS - CASSANDRA_AUTOMATIC_SSTABLE_UPGRADE - CASSANDRA_STARTUP_CQL - CASSANDRA_IGNORE_INITDB_SCRIPTS - CASSANDRA_CQL_PORT_NUMBER - CASSANDRA_JMX_PORT_NUMBER - CASSANDRA_TRANSPORT_PORT_NUMBER - CASSANDRA_CQL_MAX_RETRIES - CASSANDRA_CQL_SLEEP_TIME - CASSANDRA_INIT_MAX_RETRIES - CASSANDRA_INIT_SLEEP_TIME - CASSANDRA_PEER_CQL_MAX_RETRIES - CASSANDRA_PEER_CQL_SLEEP_TIME - CASSANDRA_DELAY_START_TIME - CASSANDRA_AUTO_SNAPSHOT_TTL - ALLOW_EMPTY_PASSWORD - CASSANDRA_AUTHORIZER - CASSANDRA_AUTHENTICATOR - CASSANDRA_USER - CASSANDRA_PASSWORD - CASSANDRA_KEYSTORE_PASSWORD - CASSANDRA_TRUSTSTORE_PASSWORD - CASSANDRA_KEYSTORE_LOCATION - CASSANDRA_TRUSTSTORE_LOCATION - CASSANDRA_SSL_VALIDATE - SSL_VERSION -) -for env_var in "${cassandra_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset cassandra_env_vars - -# Paths -export CASSANDRA_BASE_DIR="${BITNAMI_ROOT_DIR}/cassandra" -export CASSANDRA_BIN_DIR="${CASSANDRA_BASE_DIR}/bin" -export CASSANDRA_CONF_DIR="${CASSANDRA_BASE_DIR}/conf" -export CASSANDRA_VOLUME_DIR="${CASSANDRA_VOLUME_DIR:-/bitnami/cassandra}" -export CASSANDRA_DATA_DIR="${CASSANDRA_DATA_DIR:-${CASSANDRA_VOLUME_DIR}/data}" -export CASSANDRA_COMMITLOG_DIR="${CASSANDRA_COMMITLOG_DIR:-${CASSANDRA_DATA_DIR}/commitlog}" -export CASSANDRA_DEFAULT_CONF_DIR="${CASSANDRA_BASE_DIR}/conf.default" -export CASSANDRA_INITSCRIPTS_DIR="/docker-entrypoint-initdb.d" -export CASSANDRA_LOG_DIR="${CASSANDRA_BASE_DIR}/logs" -export CASSANDRA_MOUNTED_CONF_DIR="${CASSANDRA_MOUNTED_CONF_DIR:-${CASSANDRA_VOLUME_DIR}/conf}" -export CASSANDRA_TMP_DIR="${CASSANDRA_BASE_DIR}/tmp" -export JAVA_BASE_DIR="${BITNAMI_ROOT_DIR}/java" -export JAVA_BIN_DIR="${JAVA_BASE_DIR}/bin" -export PYTHON_BASE_DIR="${BITNAMI_ROOT_DIR}/python" -export PYTHON_BIN_DIR="${PYTHON_BASE_DIR}/bin" -export CASSANDRA_CONF_FILE="${CASSANDRA_CONF_DIR}/cassandra.yaml" -export CASSANDRA_LOG_FILE="${CASSANDRA_LOG_DIR}/cassandra.log" -export CASSANDRA_FIRST_BOOT_LOG_FILE="${CASSANDRA_LOG_DIR}/cassandra_first_boot.log" -export CASSANDRA_INITSCRIPTS_BOOT_LOG_FILE="${CASSANDRA_LOG_DIR}/cassandra_init_scripts_boot.log" -export CASSANDRA_PID_FILE="${CASSANDRA_TMP_DIR}/cassandra.pid" -export PATH="${CASSANDRA_BIN_DIR}:${JAVA_BIN_DIR}:${PYTHON_BIN_DIR}:${BITNAMI_ROOT_DIR}/common/bin:${PATH}" - -# System users (when running with a privileged user) -export CASSANDRA_DAEMON_USER="cassandra" -export CASSANDRA_DAEMON_GROUP="cassandra" - -# Cassandra cluster serttings -export CASSANDRA_CLIENT_ENCRYPTION="${CASSANDRA_CLIENT_ENCRYPTION:-false}" -export CASSANDRA_CLUSTER_NAME="${CASSANDRA_CLUSTER_NAME:-My Cluster}" -export CASSANDRA_DATACENTER="${CASSANDRA_DATACENTER:-dc1}" -export CASSANDRA_ENABLE_REMOTE_CONNECTIONS="${CASSANDRA_ENABLE_REMOTE_CONNECTIONS:-true}" -export CASSANDRA_ENABLE_RPC="${CASSANDRA_ENABLE_RPC:-true}" -export CASSANDRA_ENABLE_USER_DEFINED_FUNCTIONS="${CASSANDRA_ENABLE_USER_DEFINED_FUNCTIONS:-false}" -export CASSANDRA_ENABLE_SCRIPTED_USER_DEFINED_FUNCTIONS="${CASSANDRA_ENABLE_SCRIPTED_USER_DEFINED_FUNCTIONS:-false}" -export CASSANDRA_ENDPOINT_SNITCH="${CASSANDRA_ENDPOINT_SNITCH:-SimpleSnitch}" -export CASSANDRA_HOST="${CASSANDRA_HOST:-}" -export CASSANDRA_INTERNODE_ENCRYPTION="${CASSANDRA_INTERNODE_ENCRYPTION:-none}" -export CASSANDRA_NUM_TOKENS="${CASSANDRA_NUM_TOKENS:-256}" -export CASSANDRA_PASSWORD_SEEDER="${CASSANDRA_PASSWORD_SEEDER:-no}" -export CASSANDRA_SEEDS="${CASSANDRA_SEEDS:-$CASSANDRA_HOST}" -export CASSANDRA_PEERS="${CASSANDRA_PEERS:-$CASSANDRA_SEEDS}" -export CASSANDRA_PEERS="${CASSANDRA_PEERS:-$CASSANDRA_SEEDS}" -export CASSANDRA_NODES="${CASSANDRA_NODES:-}" -export CASSANDRA_RACK="${CASSANDRA_RACK:-rack1}" -export CASSANDRA_BROADCAST_ADDRESS="${CASSANDRA_BROADCAST_ADDRESS:-}" -export CASSANDRA_AUTOMATIC_SSTABLE_UPGRADE="${CASSANDRA_AUTOMATIC_SSTABLE_UPGRADE:-false}" - -# Database initialization settings -export CASSANDRA_STARTUP_CQL="${CASSANDRA_STARTUP_CQL:-}" -export CASSANDRA_IGNORE_INITDB_SCRIPTS="${CASSANDRA_IGNORE_INITDB_SCRIPTS:-no}" - -# Port configuration -export CASSANDRA_CQL_PORT_NUMBER="${CASSANDRA_CQL_PORT_NUMBER:-9042}" -export CASSANDRA_JMX_PORT_NUMBER="${CASSANDRA_JMX_PORT_NUMBER:-7199}" -export CASSANDRA_TRANSPORT_PORT_NUMBER="${CASSANDRA_TRANSPORT_PORT_NUMBER:-7000}" - -# Retries and sleep time configuration -export CASSANDRA_CQL_MAX_RETRIES="${CASSANDRA_CQL_MAX_RETRIES:-20}" -export CASSANDRA_CQL_SLEEP_TIME="${CASSANDRA_CQL_SLEEP_TIME:-5}" -export CASSANDRA_INIT_MAX_RETRIES="${CASSANDRA_INIT_MAX_RETRIES:-100}" -export CASSANDRA_INIT_SLEEP_TIME="${CASSANDRA_INIT_SLEEP_TIME:-5}" -export CASSANDRA_PEER_CQL_MAX_RETRIES="${CASSANDRA_PEER_CQL_MAX_RETRIES:-100}" -export CASSANDRA_PEER_CQL_SLEEP_TIME="${CASSANDRA_PEER_CQL_SLEEP_TIME:-10}" -export CASSANDRA_DELAY_START_TIME="${CASSANDRA_DELAY_START_TIME:-0}" - -# Snapshot settings -export CASSANDRA_AUTO_SNAPSHOT_TTL="${CASSANDRA_AUTO_SNAPSHOT_TTL:-30d}" - -# Authentication, Authorization and Credentials -export ALLOW_EMPTY_PASSWORD="${ALLOW_EMPTY_PASSWORD:-no}" -export CASSANDRA_AUTHORIZER="${CASSANDRA_AUTHORIZER:-CassandraAuthorizer}" -export CASSANDRA_AUTHENTICATOR="${CASSANDRA_AUTHENTICATOR:-PasswordAuthenticator}" -export CASSANDRA_USER="${CASSANDRA_USER:-cassandra}" -export CASSANDRA_PASSWORD="${CASSANDRA_PASSWORD:-}" -export CASSANDRA_KEYSTORE_PASSWORD="${CASSANDRA_KEYSTORE_PASSWORD:-cassandra}" -export CASSANDRA_TRUSTSTORE_PASSWORD="${CASSANDRA_TRUSTSTORE_PASSWORD:-cassandra}" -export CASSANDRA_KEYSTORE_LOCATION="${CASSANDRA_KEYSTORE_LOCATION:-${CASSANDRA_VOLUME_DIR}/secrets/keystore}" -export CASSANDRA_TRUSTSTORE_LOCATION="${CASSANDRA_TRUSTSTORE_LOCATION:-${CASSANDRA_VOLUME_DIR}/secrets/truststore}" -export CASSANDRA_TMP_P12_FILE="${CASSANDRA_TMP_DIR}/keystore.p12" -export CASSANDRA_SSL_CERT_FILE="${CASSANDRA_VOLUME_DIR}/client.cer.pem" -export SSL_CERTFILE="$CASSANDRA_SSL_CERT_FILE" -export CASSANDRA_SSL_VALIDATE="${CASSANDRA_SSL_VALIDATE:-false}" -export SSL_VALIDATE="$CASSANDRA_SSL_VALIDATE" - -# cqlsh settings -export SSL_VERSION="${SSL_VERSION:-TLSv1_2}" - -# Custom environment variables may be defined below diff --git a/bitnami/cassandra/4.0/debian-11/rootfs/opt/bitnami/scripts/cassandra/entrypoint.sh b/bitnami/cassandra/4.0/debian-11/rootfs/opt/bitnami/scripts/cassandra/entrypoint.sh deleted file mode 100755 index 8904b32f82a6..000000000000 --- a/bitnami/cassandra/4.0/debian-11/rootfs/opt/bitnami/scripts/cassandra/entrypoint.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -#set -o xtrace - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/libcassandra.sh - -# Load Cassandra environment variables -. /opt/bitnami/scripts/cassandra-env.sh - -print_welcome_page - -if is_positive_int "$CASSANDRA_DELAY_START_TIME" && [[ "$CASSANDRA_DELAY_START_TIME" -gt 0 ]]; then - info "** Delaying Cassandra start by ${CASSANDRA_DELAY_START_TIME} seconds **" - sleep "$CASSANDRA_DELAY_START_TIME" -fi - -if [[ "$*" = *"/opt/bitnami/scripts/cassandra/run.sh"* || "$*" = *"/run.sh"* ]]; then - info "** Starting Cassandra setup **" - /opt/bitnami/scripts/cassandra/setup.sh - info "** Cassandra setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/cassandra/4.0/debian-11/rootfs/opt/bitnami/scripts/cassandra/postunpack.sh b/bitnami/cassandra/4.0/debian-11/rootfs/opt/bitnami/scripts/cassandra/postunpack.sh deleted file mode 100755 index e4287dd36b70..000000000000 --- a/bitnami/cassandra/4.0/debian-11/rootfs/opt/bitnami/scripts/cassandra/postunpack.sh +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libcassandra.sh - -# Load Cassandra environment variables -. /opt/bitnami/scripts/cassandra-env.sh - -for dir in "$CASSANDRA_INITSCRIPTS_DIR" "$CASSANDRA_TMP_DIR" "$CASSANDRA_CONF_DIR" "$CASSANDRA_LOG_DIR" "$CASSANDRA_MOUNTED_CONF_DIR" "$CASSANDRA_VOLUME_DIR"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" -done - -# Create wrapper for cqlsh -cat <"${CASSANDRA_BIN_DIR}/cqlsh" -#!/bin/sh -exec "${PYTHON_BIN_DIR}/python" "${CASSANDRA_BIN_DIR}/cqlsh.py" "\$@" -EOF - -chmod +x "${CASSANDRA_BIN_DIR}/cqlsh" - -ensure_dir_exists "${HOME}/.cassandra" -chmod -R g+rwX "${HOME}/.cassandra" diff --git a/bitnami/cassandra/4.0/debian-11/rootfs/opt/bitnami/scripts/cassandra/run.sh b/bitnami/cassandra/4.0/debian-11/rootfs/opt/bitnami/scripts/cassandra/run.sh deleted file mode 100755 index c09caa5602ed..000000000000 --- a/bitnami/cassandra/4.0/debian-11/rootfs/opt/bitnami/scripts/cassandra/run.sh +++ /dev/null @@ -1,68 +0,0 @@ -#!/bin/bash - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libcassandra.sh -. /opt/bitnami/scripts/libos.sh - -# Load Cassandra environment variables -. /opt/bitnami/scripts/cassandra-env.sh - -# As we cannot use "local" we will use "readonly" for read-only variables. -# The scope of "readonly" is global, so we attach "__run_" to avoid conflicts -# with other variables in libcassandra.sh - -info "** Starting Cassandra **" - -# During the startup logic, we bootstap Cassandra. This is because Cassandra seeder nodes -# need to be able to connect to each other, and after that authentication can be configured. -# However, some applications may detect at this point that the database is ready. -# While in other bitnami containers we would stop the database and run it in foreground, -# we prefer keeping it running in this case. -# So, in this run.sh script, we first check if Cassandra was already running in -# one of the two cases: -# -# 1) Initial cluster initialization -# 2) Init scripts -# -# If none of the two cases apply, we assume it is an error and exit -if is_cassandra_running; then - __run_pid="$(get_pid_from_file "$CASSANDRA_PID_FILE")" - running_log_file="" - - if [[ -f "$CASSANDRA_FIRST_BOOT_LOG_FILE" ]]; then - running_log_file="$CASSANDRA_FIRST_BOOT_LOG_FILE" - info "Cassandra already running with PID $__run_pid because of the initial cluster setup" - elif [[ -f "$CASSANDRA_INITSCRIPTS_BOOT_LOG_FILE" ]]; then - running_log_file="$CASSANDRA_INITSCRIPTS_BOOT_LOG_FILE" - info "Cassandra already running PID $__run_pid because of the init scripts execution" - else - error "Cassandra is already running for an unexpected reason. Exiting" - exit 1 - fi - - info "Tailing $running_log_file" - __run_tail_cmd="$(which tail)" - readonly __run_tail_flags=("--pid=${__run_pid}" "-n" "1000" "-f" "$running_log_file") - - if am_i_root; then - exec_as_user "$CASSANDRA_DAEMON_USER" "${__run_tail_cmd}" "${__run_tail_flags[@]}" - else - exec "${__run_tail_cmd}" "${__run_tail_flags[@]}" - fi -else - readonly __run_cmd="${CASSANDRA_BIN_DIR}/cassandra" - readonly __run_flags=("-p $CASSANDRA_PID_FILE" "-R" "-f") - if am_i_root; then - exec_as_user "$CASSANDRA_DAEMON_USER" "${__run_cmd}" "${__run_flags[@]}" - else - exec "${__run_cmd}" "${__run_flags[@]}" - fi -fi diff --git a/bitnami/cassandra/4.0/debian-11/rootfs/opt/bitnami/scripts/cassandra/setup.sh b/bitnami/cassandra/4.0/debian-11/rootfs/opt/bitnami/scripts/cassandra/setup.sh deleted file mode 100755 index 325b9473326e..000000000000 --- a/bitnami/cassandra/4.0/debian-11/rootfs/opt/bitnami/scripts/cassandra/setup.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Cassandra setup - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libcassandra.sh - -# Load Cassandra environment variables -. /opt/bitnami/scripts/cassandra-env.sh - -# Set default Cassandra host environment variable -cassandra_set_default_host -# Ensure Cassandra environment variables settings are valid -cassandra_validate -# Ensure 'daemon' user exists when running as 'root' -am_i_root && ensure_user_exists "$CASSANDRA_DAEMON_USER" --group "$CASSANDRA_DAEMON_GROUP" -# Ensure Cassandra is initialized -cassandra_initialize - -# Allow running custom initialization scripts -if ! is_boolean_yes "$CASSANDRA_IGNORE_INITDB_SCRIPTS"; then - cassandra_custom_init_scripts -fi diff --git a/bitnami/cassandra/4.0/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh b/bitnami/cassandra/4.0/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh deleted file mode 100755 index c3a1e2383fa1..000000000000 --- a/bitnami/cassandra/4.0/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -print_welcome_page - -echo "" -exec "$@" diff --git a/bitnami/cassandra/4.0/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh b/bitnami/cassandra/4.0/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh deleted file mode 100755 index 52dbf4f13673..000000000000 --- a/bitnami/cassandra/4.0/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh - -# -# Java post-unpack operations -# - -# Override default files in the Java security directory. This is used for -# custom base images (with custom CA certificates or block lists is used) - -if [[ -n "${JAVA_EXTRA_SECURITY_DIR:-}" ]] && ! is_dir_empty "$JAVA_EXTRA_SECURITY_DIR"; then - info "Adding custom CAs to the Java security folder" - cp -Lr "${JAVA_EXTRA_SECURITY_DIR}/." /opt/bitnami/java/lib/security -fi diff --git a/bitnami/cassandra/4.0/debian-11/rootfs/opt/bitnami/scripts/libcassandra.sh b/bitnami/cassandra/4.0/debian-11/rootfs/opt/bitnami/scripts/libcassandra.sh deleted file mode 100644 index 9185044e3f49..000000000000 --- a/bitnami/cassandra/4.0/debian-11/rootfs/opt/bitnami/scripts/libcassandra.sh +++ /dev/null @@ -1,1210 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Cassandra library - -# shellcheck disable=SC1090,SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libvalidations.sh - -######################## -# Change a Cassandra configuration yaml file by setting a property -# Globals: -# CASSANDRA_* -# Arguments: -# $1 - property -# $2 - value -# $3 - Use quotes in value (default: yes) -# $4 - Path to configuration file (default: $CASSANDRA_CONF_FILE) -# Returns: -# None -######################### -cassandra_yaml_set() { - local -r property="${1:?missing property}" - local -r value="${2:?missing value}" - local -r use_quotes="${3:-yes}" - local -r conf_file="${4:-$CASSANDRA_CONF_FILE}" - - if is_boolean_yes "$use_quotes"; then - replace_in_file "$conf_file" "^(#\s)?(\s*)(\-\s*)?${property}:.*" "\2\3${property}: '${value}'" - else - replace_in_file "$conf_file" "^(#\s)?(\s*)(\-\s*)?${property}:.*" "\2\3${property}: ${value}" - fi -} - -######################### -# Set default Cassandra settings if not set -# Globals: -# CASSANDRA_* -# Arguments: -# None -# Returns: -# None -######################### -cassandra_set_default_host() { - if [[ -z "${CASSANDRA_HOST:-}" ]]; then - warn "CASSANDRA_HOST not set, defaulting to system hostname" - local -r host="$(hostname)" - export CASSANDRA_HOST="$host" - export CASSANDRA_SEEDS="${CASSANDRA_SEEDS:-$CASSANDRA_HOST}" - export CASSANDRA_PEERS="${CASSANDRA_PEERS:-$CASSANDRA_SEEDS}" - fi -} - -######################## -# Change a Cassandra configuration yaml file by setting a property as an array -# Globals: -# CASSANDRA_* -# Arguments: -# $1 - property -# $2 - comma-separated string with the different values -# $3 - Use quotes in value (default: no) -# $4 - Path to configuration file (default: $CASSANDRA_CONF_FILE) -# Returns: -# None -######################### -cassandra_yaml_set_as_array() { - local -r property="${1:?missing property}" - local -r array="${2:?missing value}" - local -r use_quotes="${3:-no}" - local -r conf_file="${4:-$CASSANDRA_CONF_FILE}" - local substitution="\2${property}:" - - for value in "${array[@]}"; do - if is_boolean_yes "$use_quotes"; then - substitution+="\n\2 - '${value}'" - else - substitution+="\n\2 - ${value}" - fi - done - replace_in_file "$conf_file" "^(#\s)?(\s*)${property}:.*" "${substitution}" -} - -######################## -# Validate settings in CASSANDRA_* environment variables -# Globals: -# CASSANDRA_* -# Arguments: -# None -# Returns: -# None -######################### -cassandra_validate() { - info "Validating settings in CASSANDRA_* env vars.." - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - empty_password_enabled_warn() { - warn "You set the environment variable ALLOW_EMPTY_PASSWORD=${ALLOW_EMPTY_PASSWORD}. For safety reasons, do not use this flag in a production environment." - } - - empty_password_warn() { - warn "You've not provided a password. Default password \"cassandra\" will be used. For safety reasons, please provide a secure password in a production environment." - } - - empty_password_error() { - print_validation_error "The $1 environment variable is empty or not set. Set the environment variable ALLOW_EMPTY_PASSWORD=yes to allow the container to be started with blank passwords. This is recommended only for development." - } - - check_default_password() { - if [[ "${!1}" = "cassandra" ]]; then - warn "You set the environment variable $1=cassandra. This is the default value when bootstrapping Cassandra and should not be used in production environments." - fi - } - - check_yes_no_value() { - if ! is_yes_no_value "${!1}"; then - print_validation_error "The allowed values for $1 are [yes, no]" - fi - } - - check_true_false_value() { - if ! is_true_false_value "${!1}"; then - print_validation_error "The allowed values for $1 are [true, false]" - fi - } - - check_conflicting_ports() { - local -r total="$#" - for i in $(seq 1 "$((total - 1))"); do - for j in $(seq "$((i + 1))" "$total"); do - if (("${!i}" == "${!j}")); then - print_validation_error "${!i} and ${!j} are bound to the same port" - fi - done - done - } - - check_allowed_port() { - local validate_port_args=() - ! am_i_root && validate_port_args+=("-unprivileged") - validate_port_args+=("${!1}") - if ! err=$(validate_port "${validate_port_args[@]}"); then - print_validation_error "An invalid port was specified in the environment variable $1: $err" - fi - } - - check_resolved_hostname() { - if ! is_hostname_resolved "$1"; then - warn "Hostname $1 could not be resolved. This could lead to connection issues" - fi - } - - check_positive_value() { - if ! is_positive_int "${!1}"; then - print_validation_error "The variable $1 must be positive integer" - fi - } - - check_empty_value() { - if is_empty_value "${!1}"; then - print_validation_error "The $1 environment variable is empty or not set." - fi - } - - check_password_file() { - if [[ -n "${!1:-}" ]] && ! [[ -f "${!1:-}" ]]; then - print_validation_error "The variable $1 is defined but the file ${!1} is not accessible or does not exist" - fi - } - - check_password_file CASSANDRA_PASSWORD_FILE - check_password_file CASSANDRA_TRUSTSTORE_PASSWORD_FILE - check_password_file CASSANDRA_KEYSTORE_PASSWORD_FILE - - check_empty_value CASSANDRA_RACK - check_empty_value CASSANDRA_DATACENTER - - if [[ -z $CASSANDRA_PASSWORD ]]; then - if ! is_boolean_yes "$ALLOW_EMPTY_PASSWORD"; then - empty_password_warn - export CASSANDRA_PASSWORD="cassandra" - else - empty_password_enabled_warn - fi - fi - - check_default_password CASSANDRA_PASSWORD - - if is_boolean_yes "$CASSANDRA_CLIENT_ENCRYPTION" || is_boolean_yes "$CASSANDRA_INTERNODE_ENCRYPTION"; then - check_empty_value CASSANDRA_KEYSTORE_PASSWORD - check_empty_value CASSANDRA_TRUSTSTORE_PASSWORD - check_default_password CASSANDRA_KEYSTORE_PASSWORD - check_default_password CASSANDRA_TRUSTSTORE_PASSWORD - fi - - check_yes_no_value CASSANDRA_PASSWORD_SEEDER - check_true_false_value CASSANDRA_ENABLE_REMOTE_CONNECTIONS - check_true_false_value CASSANDRA_CLIENT_ENCRYPTION - check_true_false_value CASSANDRA_ENABLE_USER_DEFINED_FUNCTIONS - check_true_false_value CASSANDRA_ENABLE_SCRIPTED_USER_DEFINED_FUNCTIONS - check_positive_value CASSANDRA_NUM_TOKENS - check_positive_value CASSANDRA_INIT_MAX_RETRIES - check_positive_value CASSANDRA_CQL_MAX_RETRIES - check_positive_value CASSANDRA_PEER_CQL_MAX_RETRIES - check_positive_value CASSANDRA_INIT_SLEEP_TIME - check_positive_value CASSANDRA_CQL_SLEEP_TIME - check_positive_value CASSANDRA_PEER_CQL_SLEEP_TIME - check_positive_value CASSANDRA_CQL_PORT_NUMBER - check_positive_value CASSANDRA_JMX_PORT_NUMBER - check_positive_value CASSANDRA_TRANSPORT_PORT_NUMBER - - check_conflicting_ports CASSANDRA_CQL_PORT_NUMBER CASSANDRA_JMX_PORT_NUMBER CASSANDRA_TRANSPORT_PORT_NUMBER - - check_allowed_port CASSANDRA_CQL_PORT_NUMBER - check_allowed_port CASSANDRA_TRANSPORT_PORT_NUMBER - check_allowed_port CASSANDRA_JMX_PORT_NUMBER - - check_resolved_hostname "$CASSANDRA_HOST" - for peer in ${CASSANDRA_PEERS//,/ }; do - check_resolved_hostname "$peer" - done - for seed in ${CASSANDRA_SEEDS//,/ }; do - check_resolved_hostname "$seed" - done - - if [[ ! ${CASSANDRA_AUTO_SNAPSHOT_TTL} =~ ([1-9]{1}[0-9]{0,}[d|h|m]) ]]; then - print_validation_error "CASSANDRA_AUTO_SNAPSHOT_TTL accepted units: d (days), h (hours) or m (minutes)" - fi - - check_true_false_value CASSANDRA_SSL_VALIDATE - check_true_false_value CASSANDRA_AUTOMATIC_SSTABLE_UPGRADE - - if ((${#CASSANDRA_PASSWORD} > 512)); then - print_validation_error "The password cannot be longer than 512 characters. Set the environment variable CASSANDRA_PASSWORD with a shorter value" - fi - - [[ "$error_code" -eq 0 ]] || exit "$error_code" -} - -######################## -# Check if a given configuration file was mounted externally -# Globals: -# CASSANDRA_* -# Arguments: -# $1 - Filename -# Returns: -# true if the file was mounted externally, false otherwise -######################### -cassandra_is_file_external() { - local -r filename="${1:?file_is_missing}" - if [[ -f "${CASSANDRA_MOUNTED_CONF_DIR}/${filename}" ]]; then - true - else - false - fi -} - -######################## -# Copy mounted configuration files -# Globals: -# CASSANDRA_* -# Arguments: -# None -# Returns: -# None -######################### -cassandra_copy_mounted_config() { - if ! is_dir_empty "$CASSANDRA_MOUNTED_CONF_DIR"; then - cp -Lr "$CASSANDRA_MOUNTED_CONF_DIR"/* "$CASSANDRA_CONF_DIR" - fi -} - -######################## -# Copy default configuration files in case there are no mounted ones -# Globals: -# CASSANDRA_* -# Arguments: -# None -# Returns: -# None -######################### -cassandra_copy_default_config() { - local -r tmp_file_list=/tmp/conf_file_list - find "$CASSANDRA_DEFAULT_CONF_DIR" -type f >$tmp_file_list - while read -r f; do - filename="${f#"${CASSANDRA_DEFAULT_CONF_DIR}/"}" # Get path with subfolder - dest="${f//$CASSANDRA_DEFAULT_CONF_DIR/$CASSANDRA_CONF_DIR}" - if [[ -f "$dest" ]]; then - debug "Found ${filename}. Skipping default" - else - debug "No injected ${filename} file found. Creating default ${filename} file" - # There are conf files in subfolders. We may need to create them - mkdir -p "$(dirname "$dest")" - cp "$f" "$dest" - fi - done <$tmp_file_list - rm "$tmp_file_list" -} - -######################## -# Configure the path to the different data directories (ignored if cassandra.yaml is mounted) -# Globals: -# CASSANDRA_* -# Arguments: -# None -# Returns: -# None -######################### -cassandra_setup_data_dirs() { - if ! cassandra_is_file_external "cassandra.yaml"; then - cassandra_yaml_set_as_array data_file_directories "${CASSANDRA_DATA_DIR}/data" "$CASSANDRA_CONF_FILE" - - cassandra_yaml_set commitlog_directory "$CASSANDRA_COMMITLOG_DIR" - cassandra_yaml_set hints_directory "${CASSANDRA_DATA_DIR}/hints" - cassandra_yaml_set cdc_raw_directory "${CASSANDRA_DATA_DIR}/cdc_raw" - cassandra_yaml_set saved_caches_directory "${CASSANDRA_DATA_DIR}/saved_caches" - else - debug "cassandra.yaml mounted. Skipping data directory configuration" - fi -} - -######################## -# Enable password-based authentication (ignored if cassandra.yaml is mounted) -# Globals: -# CASSANDRA_* -# Arguments: -# None -# Returns: -# None -######################### -cassandra_enable_auth() { - if ! cassandra_is_file_external "cassandra.yaml"; then - if [[ "$ALLOW_EMPTY_PASSWORD" = "yes" ]] && [[ -z $CASSANDRA_PASSWORD ]]; then - cassandra_yaml_set "authenticator" "AllowAllAuthenticator" - cassandra_yaml_set "authorizer" "AllowAllAuthorizer" - else - cassandra_yaml_set "authenticator" "${CASSANDRA_AUTHENTICATOR}" - cassandra_yaml_set "authorizer" "${CASSANDRA_AUTHORIZER}" - fi - else - debug "cassandra.yaml mounted. Skipping authentication method configuration" - fi -} - -######################## -# Configure logging settings (ignored if logback.xml is mounted) -# Globals: -# CASSANDRA_* -# Arguments: -# None -# Returns: -# None -######################### -cassandra_setup_logging() { - if ! cassandra_is_file_external "logback.xml"; then - replace_in_file "${CASSANDRA_CONF_DIR}/logback.xml" "system[.]log" "cassandra.log" - if [[ "$BITNAMI_DEBUG" = "false" ]]; then - replace_in_file "${CASSANDRA_CONF_DIR}/logback.xml" "()" "" - fi - else - debug "logback.xml mounted. Skipping logging configuration" - fi -} - -######################## -# Configure cluster settings (modifies cassandra.yaml and cassandra-env.sh if not mounted) -# Globals: -# CASSANDRA_* -# Arguments: -# None -# Returns: -# None -######################### -cassandra_setup_cluster() { - local host="127.0.0.1" - local rpc_address="127.0.0.1" - local cassandra_config - - if [[ "$CASSANDRA_ENABLE_REMOTE_CONNECTIONS" = "true" ]]; then - host="$CASSANDRA_HOST" - rpc_address="0.0.0.0" - fi - # cassandra.yaml changes - if ! cassandra_is_file_external "cassandra.yaml"; then - cassandra_yaml_set "num_tokens" "$CASSANDRA_NUM_TOKENS" "no" - cassandra_yaml_set "cluster_name" "$CASSANDRA_CLUSTER_NAME" - cassandra_yaml_set "listen_address" "$host" - cassandra_yaml_set "seeds" "$CASSANDRA_SEEDS" - cassandra_yaml_set "start_rpc" "$CASSANDRA_ENABLE_RPC" "no" - cassandra_yaml_set "enable_user_defined_functions" "$CASSANDRA_ENABLE_USER_DEFINED_FUNCTIONS" "no" - cassandra_yaml_set "enable_scripted_user_defined_functions" "$CASSANDRA_ENABLE_SCRIPTED_USER_DEFINED_FUNCTIONS" "no" - cassandra_yaml_set "rpc_address" "$rpc_address" - cassandra_yaml_set "broadcast_rpc_address" "$host" - cassandra_yaml_set "endpoint_snitch" "$CASSANDRA_ENDPOINT_SNITCH" - cassandra_yaml_set "internode_encryption" "$CASSANDRA_INTERNODE_ENCRYPTION" - cassandra_yaml_set "keystore" "$CASSANDRA_KEYSTORE_LOCATION" - cassandra_yaml_set "keystore_password" "$CASSANDRA_KEYSTORE_PASSWORD" - cassandra_yaml_set "truststore" "$CASSANDRA_TRUSTSTORE_LOCATION" - cassandra_yaml_set "truststore_password" "$CASSANDRA_TRUSTSTORE_PASSWORD" - cassandra_yaml_set "auto_snapshot_ttl" "$CASSANDRA_AUTO_SNAPSHOT_TTL" - - if [[ -n "$CASSANDRA_BROADCAST_ADDRESS" ]]; then - cassandra_yaml_set "broadcast_address" "$CASSANDRA_BROADCAST_ADDRESS" - fi - - if [[ -n "$CASSANDRA_AUTOMATIC_SSTABLE_UPGRADE" ]]; then - cassandra_yaml_set "automatic_sstable_upgrade" "$CASSANDRA_AUTOMATIC_SSTABLE_UPGRADE" - fi - - cassandra_config="$(sed -E "/client_encryption_options:.*/ {N;N; s/client_encryption_options:[^\n]*(\n\s+#.*)?(\n\s+enabled:).*/client_encryption_options:\1\2 $CASSANDRA_CLIENT_ENCRYPTION/g}" "$CASSANDRA_CONF_FILE")" - echo "$cassandra_config" >"$CASSANDRA_CONF_FILE" - else - debug "cassandra.yaml mounted. Skipping cluster configuration" - fi - - # cassandra-env.sh changes - if ! cassandra_is_file_external "cassandra-env.sh"; then - replace_in_file "${CASSANDRA_CONF_DIR}/cassandra-env.sh" "#\s*JVM_OPTS=\"\$JVM_OPTS -Djava[.]rmi[.]server[.]hostname=[^\"]*" "JVM_OPTS=\"\$JVM_OPTS -Djava.rmi.server.hostname=${host}" - else - debug "cassandra-env.sh mounted. Skipping setting server hostname" - fi -} - -######################## -# Configure java path (ignored if cassandra-env.sh is mounted) -# Globals: -# CASSANDRA_* -# Arguments: -# None -# Returns: -# None -######################### -cassandra_setup_java() { - if ! cassandra_is_file_external "cassandra-env.sh"; then - replace_in_file "${CASSANDRA_CONF_DIR}/cassandra-env.sh" "(calculate_heap_sizes\(\))" "\nJAVA_HOME=$JAVA_BASE_DIR\nJAVA=$JAVA_BIN_DIR/java\n\n\1" - else - debug "cassandra-env.sh mounted. Skipping JAVA_HOME configuration" - fi -} - -######################## -# Configure jemalloc path (ignored if cassandra-env.sh is mounted) -# Globals: -# CASSANDRA_* -# Arguments: -# None -# Returns: -# None -######################### -cassandra_setup_jemalloc() { - if ! cassandra_is_file_external "cassandra-env.sh"; then - if [[ -n "$(find_jemalloc_lib)" ]]; then - echo "JVM_OPTS=\"\$JVM_OPTS -Dcassandra.libjemalloc=$(find_jemalloc_lib)\"" >>"${CASSANDRA_CONF_DIR}/cassandra-env.sh" - else - warn "Couldn't find jemalloc installed. Skipping jemalloc configuration." - fi - else - debug "cassandra-env.sh mounted. Skipping jemalloc configuration." - fi -} - -######################## -# Change the password for the cassandra user -# Globals: -# CASSANDRA_* -# Arguments: -# 1 - Old password (default: cassandra) -# 2 - New Password (default: $CASSANDRA_PASSWORD) -# 3 - Maximum number of retries (default: $CASSANDRA_CQL_MAX_RETRIES) -# 4 - Sleep time between retries (default: $CASSANDRA_CQL_SLEEP_TIME) -# Returns: -# None -######################### -cassandra_change_cassandra_password() { - local -r old_password="${1:-cassandra}" - local -r new_password="${2:-$CASSANDRA_PASSWORD}" - local -r retries="${3:-$CASSANDRA_CQL_MAX_RETRIES}" - local -r sleep_time="${4:-$CASSANDRA_CQL_SLEEP_TIME}" - - info 'Updating the password for the "cassandra" user...' - local -r user="cassandra" - local -r escaped_password="${new_password//\'/\'\'}" - - if (echo "ALTER USER cassandra WITH PASSWORD \$\$${escaped_password}\$\$;" | cassandra_execute_with_retries "$retries" "$sleep_time" "$user" "$old_password"); then - debug "ALTER USER command executed. Trying to log in" - wait_for_cql_access "$user" "$new_password" "" "$retries" "$sleep_time" - info "Password updated successfully" - fi -} - -######################## -# Create a new admin user -# Globals: -# CASSANDRA_* -# Arguments: -# 1 - New username (default: $CASSANDRA_USER) -# 2 - New user password (default: $CASSANDRA_PASSWORD) -# 3 - Admin username (which will create the new user) (default: cassandra) -# 4 - Admin password (default: cassandra) -# 5 - Maximum number of retries (default: $CASSANDRA_CQL_MAX_RETRIES) -# 6 - Sleep time between retries (default: $CASSANDRA_CQL_SLEEP_TIME) -# Returns: -# None -######################### -cassandra_create_admin_user() { - local -r new_user="${1:-$CASSANDRA_USER}" - local -r password="${2:-$CASSANDRA_PASSWORD}" - local -r admin_user="${3:-cassandra}" - local -r admin_user_password="${4:-cassandra}" - local -r retries="${5:-$CASSANDRA_CQL_MAX_RETRIES}" - local -r sleep_time="${6:-$CASSANDRA_CQL_SLEEP_TIME}" - - info "Creating super-user $new_user" - local -r escaped_password="${password//\'/\'\'}" - - echo "CREATE USER '${new_user}' WITH PASSWORD \$\$${escaped_password}\$\$ SUPERUSER;" | cassandra_execute_with_retries "$retries" "$sleep_time" "$admin_user" "$admin_user_password" -} - -######################## -# Configure port binding (modifies cassandra.yaml and cassandra-env.sh if not mounted) -# Globals: -# CASSANDRA_* -# Arguments: -# None -# Returns: -# None -######################### -cassandra_setup_ports() { - if ! cassandra_is_file_external "cassandra.yaml"; then - cassandra_yaml_set "native_transport_port" "$CASSANDRA_CQL_PORT_NUMBER" "no" - cassandra_yaml_set "storage_port" "$CASSANDRA_TRANSPORT_PORT_NUMBER" "no" - else - debug "cassandra.yaml mounted. Skipping native and storage ports configuration" - fi - - if ! cassandra_is_file_external "cassandra-env.sh"; then - replace_in_file "${CASSANDRA_CONF_DIR}/cassandra-env.sh" "JMX_PORT=.*" "JMX_PORT=$CASSANDRA_JMX_PORT_NUMBER" - else - debug "cassandra-env.sh mounted. Skipping JMX port configuration" - fi -} - -######################## -# Configure rack and datacenter (ignored if cassandra-rackdc.properties is mounted) -# Globals: -# CASSANDRA_* -# Arguments: -# None -# Returns: -# None -######################### -cassandra_setup_rack_dc() { - if ! cassandra_is_file_external "cassandra-rackdc.properties"; then - replace_in_file "${CASSANDRA_CONF_DIR}/cassandra-rackdc.properties" "dc=.*" "dc=${CASSANDRA_DATACENTER}" - replace_in_file "${CASSANDRA_CONF_DIR}/cassandra-rackdc.properties" "rack=.*" "rack=${CASSANDRA_RACK}" - else - debug "cassandra-rackdc.properties mounted. Skipping rack and datacenter configuration" - fi -} - -######################## -# Remove PIDs, log files and conf files from a previous run (case of container restart) -# Globals: -# CASSANDRA_* -# Arguments: -# None -# Returns: -# None -######################### -cassandra_clean_from_restart() { - rm -f "$CASSANDRA_PID_FILE" - rm -f "$CASSANDRA_FIRST_BOOT_LOG_FILE" "$CASSANDRA_INITSCRIPTS_BOOT_LOG_FILE" - if ! is_dir_empty "$CASSANDRA_CONF_DIR"; then - rm -rf "${CASSANDRA_CONF_DIR:?}"/* - fi -} - -######################## -# Generate the client configurartion if ssl is configured in the server -# Globals: -# CASSANDRA_* -# Arguments: -# None -# Returns: -# None -######################### -cassandra_setup_client_ssl() { - info "Configuring client for SSL" - - # The key is store in a jks keystore and needs to be converted to pks12 to be extracted - keytool -importkeystore -srckeystore "${CASSANDRA_KEYSTORE_LOCATION}" \ - -destkeystore "${CASSANDRA_TMP_P12_FILE}" \ - -deststoretype PKCS12 \ - -srcstorepass "${CASSANDRA_KEYSTORE_PASSWORD}" \ - -deststorepass "${CASSANDRA_KEYSTORE_PASSWORD}" - - openssl pkcs12 -in "${CASSANDRA_TMP_P12_FILE}" -nokeys \ - -out "${CASSANDRA_SSL_CERT_FILE}" -passin pass:"${CASSANDRA_KEYSTORE_PASSWORD}" - rm "${CASSANDRA_TMP_P12_FILE}" -} - -######################## -# Ensure Cassandra is initialized -# Globals: -# CASSANDRA_* -# Arguments: -# None -# Returns: -# None -######################### -cassandra_initialize() { - info "Initializing Cassandra database..." - - cassandra_clean_from_restart - cassandra_copy_mounted_config - cassandra_copy_default_config - cassandra_enable_auth - cassandra_setup_java - cassandra_setup_jemalloc - cassandra_setup_logging - cassandra_setup_ports - cassandra_setup_rack_dc - cassandra_setup_data_dirs - cassandra_setup_cluster - cassandra_setup_from_environment_variables # Give priority to users configuration - - is_boolean_yes "$CASSANDRA_CLIENT_ENCRYPTION" && cassandra_setup_client_ssl - - debug "Ensuring expected directories/files exist..." - for dir in "$CASSANDRA_DATA_DIR" "$CASSANDRA_TMP_DIR" "$CASSANDRA_LOG_DIR"; do - ensure_dir_exists "$dir" - am_i_root && chown -R "$CASSANDRA_DAEMON_USER:$CASSANDRA_DAEMON_GROUP" "$dir" - done - - if ! is_dir_empty "$CASSANDRA_DATA_DIR"; then - info "Deploying Cassandra with persisted data" - else - info "Deploying Cassandra from scratch" - cassandra_start_bg "$CASSANDRA_FIRST_BOOT_LOG_FILE" - if is_boolean_yes "$CASSANDRA_PASSWORD_SEEDER"; then - info "Password seeder node" - # Check that all peers are ready - for peer in ${CASSANDRA_PEERS//,/ }; do - wait_for_cql_access "cassandra" "cassandra" "$peer" "$CASSANDRA_PEER_CQL_MAX_RETRIES" "$CASSANDRA_PEER_CQL_SLEEP_TIME" - done - # Setup user - if [[ "$CASSANDRA_USER" = "cassandra" ]]; then - cassandra_change_cassandra_password "cassandra" "$CASSANDRA_PASSWORD" "$CASSANDRA_CQL_MAX_RETRIES" "$CASSANDRA_CQL_SLEEP_TIME" - else - cassandra_create_admin_user "$CASSANDRA_USER" "$CASSANDRA_PASSWORD" "cassandra" "cassandra" "$CASSANDRA_CQL_MAX_RETRIES" "$CASSANDRA_CQL_SLEEP_TIME" - fi - - cassandra_execute_startup_cql - else - info "Non-seeder node. Waiting for synchronization" - wait_for_cql_access "$CASSANDRA_USER" "$CASSANDRA_PASSWORD" "" "$CASSANDRA_PEER_CQL_MAX_RETRIES" "$CASSANDRA_PEER_CQL_SLEEP_TIME" - fi - fi -} - -######################## -# Execute Cassandra startup cql (defined in CASSANDRA_STARTUP_CQL) -# Globals: -# CASSANDRA_* -# Arguments: -# None -# Returns: -# None -######################### -cassandra_execute_startup_cql() { - if [[ -n "$CASSANDRA_STARTUP_CQL" ]]; then - info "Executing Startup CQL" - if ! (echo "$CASSANDRA_STARTUP_CQL" | cassandra_execute_with_retries "$CASSANDRA_CQL_MAX_RETRIES" "$CASSANDRA_CQL_SLEEP_TIME" "$CASSANDRA_USER" "$CASSANDRA_PASSWORD"); then - error "Failed executing startup CQL command" - exit 1 - fi - info "Startup CQL commands executed successfully" - fi -} - -######################## -# Run custom initialization scripts -# Globals: -# CASSANDRA_* -# Arguments: -# None -# Returns: -# None -######################### -cassandra_custom_init_scripts() { - if [[ -n "$(find "$CASSANDRA_INITSCRIPTS_DIR/" \( -type f -o -type l \) -regex ".*\.\(sh\|cql\|cql.gz\)" ! -path "*/.*/*")" ]] && [[ ! -f "$CASSANDRA_VOLUME_DIR/.user_scripts_initialized" ]]; then - info "Loading user's custom files from $CASSANDRA_INITSCRIPTS_DIR ..." - local -r tmp_file="/tmp/filelist" - if ! is_cassandra_running; then - cassandra_start_bg "$CASSANDRA_INITSCRIPTS_BOOT_LOG_FILE" - wait_for_cql_access - fi - find "${CASSANDRA_INITSCRIPTS_DIR}/" \( -type f -o -type l \) -regex ".*\.\(sh\|cql\|cql.gz\)" ! -path "*/.*/*" | sort >"$tmp_file" - while read -r f; do - case "$f" in - *.sh) - if [[ -x "$f" ]]; then - debug "Executing $f" - "$f" - else - debug "Sourcing $f" - . "$f" - fi - ;; - *.cql) - debug "Executing $f" - cassandra_execute "$CASSANDRA_USER" "$CASSANDRA_PASSWORD" <"$f" - ;; - *.cql.gz) - debug "Executing $f" - gunzip -c "$f" | cassandra_execute "$CASSANDRA_USER" "$CASSANDRA_PASSWORD" - ;; - *) debug "Ignoring $f" ;; - esac - done <$tmp_file - rm -f "$tmp_file" - touch "$CASSANDRA_VOLUME_DIR"/.user_scripts_initialized - fi -} - -######################## -# Execute an arbitrary query/queries against the running Cassandra service -# Stdin: -# Query/queries to execute -# Globals: -# BITNAMI_DEBUG -# CASSANDRA_* -# Arguments: -# $1 - User to run queries -# $2 - Password -# $3 - Keyspace -# $4 - Host (default: localhost) -# $5 - Extra flags -# Returns: -# None -####################### -cassandra_execute() { - local -r user="${1:-$CASSANDRA_USER}" - local -r pass="${2:-$CASSANDRA_PASSWORD}" - local -r keyspace="${3:-}" - local -r host="${4:-localhost}" - local -r extra_args="${5:-}" - local -r port="${CASSANDRA_CQL_PORT_NUMBER}" - local -r cmd=("${CASSANDRA_BIN_DIR}/cqlsh") - local args=("-u" "$user" "-p" "$pass") - - is_boolean_yes "$CASSANDRA_CLIENT_ENCRYPTION" && args+=("--ssl") - [[ -n "$keyspace" ]] && args+=("-k" "$keyspace") - if [[ -n "$extra_args" ]]; then - local extra_args_array=() - read -r -a extra_args_array <<<"$extra_args" - [[ "${#extra_args[@]}" -gt 0 ]] && args+=("${extra_args_array[@]}") - fi - args+=("$host") - args+=("$port") - if [[ "${BITNAMI_DEBUG}" = true ]]; then - local -r command="$(cat)" - debug "Executing CQL \"$command\"" - echo "$command" | "${cmd[@]}" "${args[@]}" - else - "${cmd[@]}" "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Execute an arbitrary query/queries against the running Cassandra service with retries (in case Cassandra is still initializing or performing consistency operations) -# Stdin: -# Query/queries to execute -# Globals: -# BITNAMI_DEBUG -# CASSANDRA_* -# Arguments: -# $1 - Maximum number of retries (default: $CASSANDRA_CQL_MAX_RETRIES) -# $2 - Sleep time between retries (default: $CASSANDRA_CQL_SLEEP_TIME) -# $3 - User to run queries -# $4 - Password -# $5 - Keyspace -# $6 - Host (default: localhost) -# $7 - Extra flags -# Returns: -# None -####################### -cassandra_execute_with_retries() { - local -r retries="${1:-$CASSANDRA_CQL_MAX_RETRIES}" - local -r sleep_time="${2:-$CASSANDRA_CQL_SLEEP_TIME}" - local -r user="${3:-$CASSANDRA_USER}" - local -r pass="${4:-$CASSANDRA_PASSWORD}" - local -r keyspace="${5:-}" - local -r host="${6:-localhost}" - local -r extra_args="${7:-}" - - local success=no - - # Get command from stdin as we will retry it several times - local -r command="$(cat)" - - for i in $(seq 1 "$retries"); do - if (echo "$command" | cassandra_execute "$user" "$pass" "$keyspace" "$host" "$extra_args"); then - success=yes - break - fi - sleep "$sleep_time" - done - if is_boolean_yes "$success"; then - true - else - error "CQL command failed $retries times" - false - fi -} - -######################## -# Wait until nodetool checks the node is ready -# Globals: -# BITNAMI_DEBUG -# CASSANDRA_* -# Arguments: -# $1 - Maximum number of retries (default $CASSANDRA_INIT_MAX_RETRIES) -# $2 - Sleep time during retries (default $CASSANDRA_INIT_SLEEP_TIME) -# Returns: -# None -######################### -wait_for_nodetool_up() { - local -r retries="${1:-$CASSANDRA_INIT_MAX_RETRIES}" - local -r sleep_time="${2:-$CASSANDRA_INIT_SLEEP_TIME}" - - debug "Checking status with nodetool" - - check_function_nodetool_node_ip() { - # Using legacy RMI URL parsing to avoid URISyntaxException: 'Malformed IPv6 address at index 7: rmi://[127.0.0.1]:7199' error - # https://community.datastax.com/questions/13764/java-version-for-cassandra-3113.html - local -r check_cmd=("${CASSANDRA_BIN_DIR}/nodetool" "-Dcom.sun.jndi.rmiURLParsing=legacy") - local -r check_args=("status" "--port" "$CASSANDRA_JMX_PORT_NUMBER") - local -r machine_ip="$(dns_lookup "${CASSANDRA_BROADCAST_ADDRESS:-$CASSANDRA_HOST}" "v4")" - local -r check_regex="UN\s*(${CASSANDRA_HOST}|${machine_ip}|127.0.0.1)" - - local output="/dev/null" - if [[ "$BITNAMI_DEBUG" = "true" ]]; then - output="/dev/stdout" - fi - - "${check_cmd[@]}" "${check_args[@]}" | grep -E "${check_regex}" >"${output}" - } - - check_function_nodetool_node_count() { - # Using legacy RMI URL parsing to avoid URISyntaxException: 'Malformed IPv6 address at index 7: rmi://[127.0.0.1]:7199' error - # https://community.datastax.com/questions/13764/java-version-for-cassandra-3113.html - local -r check_cmd=("${CASSANDRA_BIN_DIR}/nodetool" "-Dcom.sun.jndi.rmiURLParsing=legacy") - local -r check_args=("status" "--port" "$CASSANDRA_JMX_PORT_NUMBER") - local -r machine_ip="$(dns_lookup "${CASSANDRA_BROADCAST_ADDRESS:-$CASSANDRA_HOST}" "v4")" - local -r check_regex="UN\s*" - read -r -a host_list <<<"$(tr ',;' ' ' <<<"$CASSANDRA_NODES")" - local -r expected_node_count="${#host_list[@]}" - local actual_node_count - - local output="/dev/null" - if [[ "$BITNAMI_DEBUG" = "true" ]]; then - output="/dev/stdout" - fi - - actual_node_count=$("${check_cmd[@]}" "${check_args[@]}" | grep -c "${check_regex}" || true) - if [[ "$expected_node_count" != "$actual_node_count" ]]; then - false - fi - } - - if retry_while check_function_nodetool_node_ip "$retries" "$sleep_time"; then - info "Nodetool reported the successful startup of Cassandra" - true - else - error "Cassandra failed to start up" - if [[ "$BITNAMI_DEBUG" = "true" ]]; then - error "Nodetool output" - "${check_cmd[@]}" "${check_args[@]}" - fi - exit 1 - fi - - if [[ -n "$CASSANDRA_NODES" ]]; then - if retry_while check_function_nodetool_node_count "$retries" "$sleep_time"; then - info "All nodes reached the UN status (Up/Normal)" - true - else - error "Some nodes did not reach the UN status (Up/Normal)" - if [[ "$BITNAMI_DEBUG" = "true" ]]; then - error "Nodetool output" - "${check_cmd[@]}" "${check_args[@]}" - fi - exit 1 - fi - fi -} - -######################## -# Wait until the log file shows that CQL is ready -# Globals: -# BITNAMI_DEBUG -# CASSANDRA_* -# Arguments: -# $1 - Log file to check -# $1 - Maximum number of retries (default $CASSANDRA_INIT_MAX_RETRIES) -# $2 - Sleep time during retries (default $CASSANDRA_INIT_SLEEP_TIME) -# Returns: -# None -######################### -wait_for_cql_log_entry() { - local -r logger="${1:-/dev/stdout}" - local -r retries="${2:-$CASSANDRA_INIT_MAX_RETRIES}" - local -r sleep_time="${3:-$CASSANDRA_INIT_SLEEP_TIME}" - - debug "Checking that log $logger contains entry \"Starting listening for CQL clients\"" - - check_function_log_entry() { - local -r check_cmd=("cat") - local -r check_args=("$logger") - local -r check_regex="Starting listening for CQL clients" - - local output="/dev/null" - if [[ "$BITNAMI_DEBUG" = "true" ]]; then - output="/dev/stdout" - fi - "${check_cmd[@]}" "${check_args[@]}" | grep -E "${check_regex}" >"${output}" - } - - if retry_while check_function_log_entry "$retries" "$sleep_time"; then - info "Found CQL startup log line" - else - error "Cassandra failed to start up" - if [[ "$BITNAMI_DEBUG" = "true" ]]; then - error "Log content" - cat "$logger" - fi - exit 1 - fi -} - -######################## -# Poll until the CQL command DESCRIBE KEYSPACES works successfully -# Globals: -# CASSANDRA_* -# Arguments: -# 1 - Username (default: $CASSANDRA_USER) -# 2 - Password (default: $CASSANDRA_PASSWORD) -# 3 - Hostname (default: $CASSANDRA_HOST) -# 4 - Maximum number of retries (default: $CASSANDRA_CQL_MAX_RETRIES) -# 5 - Sleep time between retries (default: $CASSANDRA_CQL_SLEEP_TIME) -# Returns: -# None -######################### -wait_for_cql_access() { - local -r user="${1:-$CASSANDRA_USER}" - local -r password="${2:-$CASSANDRA_PASSWORD}" - local -r host="${3:-$CASSANDRA_HOST}" - local -r max_retries="${4:-$CASSANDRA_CQL_MAX_RETRIES}" - local -r sleep_time="${5:-$CASSANDRA_CQL_SLEEP_TIME}" - - info "Trying to access CQL server @ $host" - if (echo "DESCRIBE KEYSPACES" | cassandra_execute_with_retries "$max_retries" "$sleep_time" "$user" "$password" "" "$host"); then - info "Accessed CQL server successfully" - else - error "Could not access CQL server" - exit 1 - fi -} - -######################## -# Start Cassandra and wait until it is ready -# Globals: -# CASSANDRA_* -# Arguments: -# $1 - Log file to write (default /dev/stdout) -# $2 - Maximum number of retries (default $CASSANDRA_INIT_MAX_RETRIES) -# $3 - Sleep time during retries (default $CASSANDRA_INIT_SLEEP_TIME) -# Returns: -# None -######################### -cassandra_start_bg() { - local -r logger="${1:-/dev/stdout}" - local -r retries="${2:-$CASSANDRA_INIT_MAX_RETRIES}" - local -r sleep_time="${3:-$CASSANDRA_INIT_SLEEP_TIME}" - - info "Starting Cassandra" - local -r cmd=("$CASSANDRA_BIN_DIR/cassandra") - local -r args=("-p" "$CASSANDRA_PID_FILE" "-R" "-f") - - if am_i_root; then - run_as_user "$CASSANDRA_DAEMON_USER" "${cmd[@]}" "${args[@]}" >"$logger" 2>&1 & - else - "${cmd[@]}" "${args[@]}" >"$logger" 2>&1 & - fi - - # Even though we set the pid, cassandra is not creating the proper file, so we create it manually - echo $! >"$CASSANDRA_PID_FILE" - - info "Checking that it started up correctly" - - if [[ "$logger" != "/dev/stdout" ]]; then - am_i_root && chown "$CASSANDRA_DAEMON_USER":"$CASSANDRA_DAEMON_GROUP" "$logger" - wait_for_cql_log_entry "$logger" "$retries" "$sleep_time" - fi - wait_for_nodetool_up "$retries" "$sleep_time" -} - -######################## -# Stop Cassandra -# Globals: -# CASSANDRA_* -# Arguments: -# None -# Returns: -# None -######################### -cassandra_stop() { - ! is_cassandra_running && return - info "Stopping Cassandra..." - stop_cassandra() { - # Using legacy RMI URL parsing to avoid URISyntaxException: 'Malformed IPv6 address at index 7: rmi://[127.0.0.1]:7199' error - # https://community.datastax.com/questions/13764/java-version-for-cassandra-3113.html - "${CASSANDRA_BIN_DIR}/nodetool" "-Dcom.sun.jndi.rmiURLParsing=legacy" stopdaemon - is_cassandra_not_running - } - - if ! retry_while "stop_cassandra" "$CASSANDRA_INIT_MAX_RETRIES" "$CASSANDRA_INIT_SLEEP_TIME"; then - error "Cassandra failed to stop" - exit 1 - fi - # Manually remove PID file - rm -f "$CASSANDRA_PID_FILE" -} - -######################## -# Check if Cassandra is running -# Globals: -# CASSANDRA_* -# Arguments: -# None -# Returns: -# Boolean -######################### -is_cassandra_running() { - local -r pid="$(get_pid_from_file "$CASSANDRA_PID_FILE")" - - if [[ -z "$pid" ]]; then - false - else - is_service_running "$pid" - fi -} - -######################## -# Return true if cassandra is not running -# Globals: -# KONG_* -# Arguments: -# None -# Returns: -# None -######################### -is_cassandra_not_running() { - ! is_cassandra_running -} - -######################## -# Set a configuration setting value to a file -# Globals: -# None -# Arguments: -# $1 - file -# $2 - key -# $3 - values (array) -# Returns: -# None -######################### -cassandra_common_conf_set() { - local -r file="${1:?missing file}" - local -r key="${2:?missing key}" - shift 2 - local values=("$@") - - if [[ "${#values[@]}" -eq 0 ]]; then - stderr_print "missing value" - return 1 - elif [[ "${#values[@]}" -ne 1 ]]; then - for i in "${!values[@]}"; do - cassandra_common_conf_set "$file" "${key[$i]}" "${values[$i]}" - done - else - value="${values[0]}" - # Check if the value was set before - if grep -q "^[#\\s]*$key\s*=.*" "$file"; then - # Update the existing key - replace_in_file "$file" "^[#\\s]*${key}\s*=.*" "${key}=${value}" false - else - # Add a new key - printf '\n%s=%s' "$key" "$value" >>"$file" - fi - fi -} - -######################## -# Set a configuration setting value to cassandra-env.sh -# Globals: -# CASSANDRA_CONF_DIR -# Arguments: -# $1 - key -# $2 - values (array) -# Returns: -# None -######################### -cassandra_env_conf_set() { - cassandra_common_conf_set "${CASSANDRA_CONF_DIR}/cassandra-env.sh" "$@" -} - -######################## -# Set a configuration setting value to cassandra-rackdc.properties -# Globals: -# CASSANDRA_CONF_DIR -# Arguments: -# $1 - key -# $2 - values (array) -# Returns: -# None -######################### -cassandra_rackdc_conf_set() { - cassandra_common_conf_set "${CASSANDRA_CONF_DIR}/cassandra-rackdc.properties" "$@" -} - -######################## -# Set a configuration setting value to commitlog_archiving.properties -# Globals: -# CASSANDRA_CONF_DIR -# Arguments: -# $1 - key -# $2 - values (array) -# Returns: -# None -######################### -cassandra_commitlog_conf_set() { - cassandra_common_conf_set "${CASSANDRA_CONF_DIR}/commitlog_archiving.properties" "$@" -} - -######################## -# Configure Cassandra configuration files from environment variables -# Globals: -# CASSANDRA_* -# Arguments: -# None -# Returns: -# None -######################### -cassandra_setup_from_environment_variables() { - # Map environment variables to config properties for cassandra-env.sh - for var in "${!CASSANDRA_CFG_ENV_@}"; do - # shellcheck disable=SC2001 - key="$(echo "$var" | sed -e 's/^CASSANDRA_CFG_ENV_//g')" - value="${!var}" - cassandra_env_conf_set "$key" "$value" - done - # Map environment variables to config properties for cassandra-rackdc.properties - for var in "${!CASSANDRA_CFG_RACKDC_@}"; do - key="$(echo "$var" | sed -e 's/^CASSANDRA_CFG_RACKDC_//g' | tr '[:upper:]' '[:lower:]')" - value="${!var}" - cassandra_rackdc_conf_set "$key" "$value" - done - # Map environment variables to config properties for commitlog_archiving.properties - for var in "${!CASSANDRA_CFG_COMMITLOG_@}"; do - key="$(echo "$var" | sed -e 's/^CASSANDRA_CFG_COMMITLOG_//g' | tr '[:upper:]' '[:lower:]')" - value="${!var}" - cassandra_commitlog_conf_set "$key" "$value" - done -} - -######################## -# Find the path to the libjemalloc library file -# Globals: -# None -# Arguments: -# None -# Returns: -# Path to a libjemalloc shared object file -######################### -find_jemalloc_lib() { - local -a locations=("/usr/lib" "/usr/lib64") - local -r pattern='libjemalloc.so.[0-9]' - local path - for dir in "${locations[@]}"; do - # Find the first element matching the pattern and quit - [[ ! -d "$dir" ]] && continue - path="$(find "$dir" -name "$pattern" -print -quit)" - [[ -n "$path" ]] && break - done - echo "${path:-}" -} diff --git a/bitnami/cassandra/4.0/debian-11/tags-info.yaml b/bitnami/cassandra/4.0/debian-11/tags-info.yaml deleted file mode 100644 index 877aa38d8eee..000000000000 --- a/bitnami/cassandra/4.0/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "4.0" -- 4.0-debian-11 -- 4.0.12 diff --git a/bitnami/cassandra/4.1/debian-11/Dockerfile b/bitnami/cassandra/4.1/debian-11/Dockerfile deleted file mode 100644 index 240732187a8d..000000000000 --- a/bitnami/cassandra/4.1/debian-11/Dockerfile +++ /dev/null @@ -1,63 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG JAVA_EXTRA_SECURITY_DIR="/bitnami/java/extra-security" -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T15:10:23Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="4.1.4-debian-11-r7" \ - org.opencontainers.image.title="cassandra" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="4.1.4" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libbz2-1.0 libcom-err2 libcrypt1 libffi7 libgssapi-krb5-2 libjemalloc2 libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 liblzma5 libncursesw6 libnsl2 libreadline8 libsqlite3-0 libssl1.1 libtinfo6 libtirpc3 procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "python-3.11.8-0-linux-${OS_ARCH}-debian-11" \ - "java-11.0.22-12-1-linux-${OS_ARCH}-debian-11" \ - "cassandra-4.1.4-0-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN ln -s /opt/bitnami/scripts/cassandra/entrypoint.sh /entrypoint.sh -RUN ln -s /opt/bitnami/scripts/cassandra/run.sh /run.sh -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/cassandra/postunpack.sh -RUN /opt/bitnami/scripts/java/postunpack.sh -ENV APP_VERSION="4.1.4" \ - BITNAMI_APP_NAME="cassandra" \ - JAVA_HOME="/opt/bitnami/java" \ - PATH="/opt/bitnami/python/bin:/opt/bitnami/java/bin:/opt/bitnami/cassandra/bin:$PATH" - -EXPOSE 7000 9042 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/cassandra/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/cassandra/run.sh" ] diff --git a/bitnami/cassandra/4.1/debian-11/docker-compose.yml b/bitnami/cassandra/4.1/debian-11/docker-compose.yml deleted file mode 100644 index af3d31b2f806..000000000000 --- a/bitnami/cassandra/4.1/debian-11/docker-compose.yml +++ /dev/null @@ -1,20 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' - -services: - cassandra: - image: docker.io/bitnami/cassandra:4.1 - ports: - - '7000:7000' - - '9042:9042' - volumes: - - 'cassandra_data:/bitnami' - environment: - - CASSANDRA_SEEDS=cassandra - - CASSANDRA_PASSWORD_SEEDER=yes - - CASSANDRA_PASSWORD=cassandra -volumes: - cassandra_data: - driver: local diff --git a/bitnami/cassandra/4.1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/cassandra/4.1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 89b9d3645b0b..000000000000 --- a/bitnami/cassandra/4.1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "cassandra": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "4.1.4-0" - }, - "java": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "11.0.22-12-1" - }, - "python": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.11.8-0" - } -} \ No newline at end of file diff --git a/bitnami/cassandra/4.1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/cassandra/4.1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/cassandra/4.1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/cassandra/4.1/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/cassandra/4.1/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/cassandra/4.1/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/cassandra/4.1/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/cassandra/4.1/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/cassandra/4.1/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/cassandra/4.1/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/cassandra/4.1/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/cassandra/4.1/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/cassandra/4.1/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/cassandra/4.1/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/cassandra/4.1/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/cassandra/4.1/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/cassandra/4.1/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/cassandra/4.1/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/cassandra/4.1/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/cassandra/4.1/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/cassandra/4.1/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/cassandra/4.1/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/cassandra/4.1/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/cassandra/4.1/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/cassandra/4.1/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/cassandra/4.1/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/cassandra/4.1/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/cassandra/4.1/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/cassandra/4.1/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/cassandra/4.1/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/cassandra/4.1/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/cassandra/4.1/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/cassandra/4.1/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/cassandra/4.1/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/cassandra/4.1/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/cassandra/4.1/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/cassandra/4.1/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/cassandra/4.1/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/cassandra/4.1/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/cassandra/4.1/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/cassandra/4.1/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/cassandra/4.1/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/cassandra/4.1/debian-11/rootfs/opt/bitnami/scripts/cassandra-env.sh b/bitnami/cassandra/4.1/debian-11/rootfs/opt/bitnami/scripts/cassandra-env.sh deleted file mode 100644 index c9dc3792ac12..000000000000 --- a/bitnami/cassandra/4.1/debian-11/rootfs/opt/bitnami/scripts/cassandra-env.sh +++ /dev/null @@ -1,176 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for cassandra - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-cassandra}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -cassandra_env_vars=( - CASSANDRA_VOLUME_DIR - CASSANDRA_DATA_DIR - CASSANDRA_COMMITLOG_DIR - CASSANDRA_MOUNTED_CONF_DIR - CASSANDRA_CLIENT_ENCRYPTION - CASSANDRA_CLUSTER_NAME - CASSANDRA_DATACENTER - CASSANDRA_ENABLE_REMOTE_CONNECTIONS - CASSANDRA_ENABLE_RPC - CASSANDRA_ENABLE_USER_DEFINED_FUNCTIONS - CASSANDRA_ENABLE_SCRIPTED_USER_DEFINED_FUNCTIONS - CASSANDRA_ENDPOINT_SNITCH - CASSANDRA_HOST - CASSANDRA_INTERNODE_ENCRYPTION - CASSANDRA_NUM_TOKENS - CASSANDRA_PASSWORD_SEEDER - CASSANDRA_SEEDS - CASSANDRA_PEERS - CASSANDRA_PEERS - CASSANDRA_NODES - CASSANDRA_RACK - CASSANDRA_BROADCAST_ADDRESS - CASSANDRA_AUTOMATIC_SSTABLE_UPGRADE - CASSANDRA_STARTUP_CQL - CASSANDRA_IGNORE_INITDB_SCRIPTS - CASSANDRA_CQL_PORT_NUMBER - CASSANDRA_JMX_PORT_NUMBER - CASSANDRA_TRANSPORT_PORT_NUMBER - CASSANDRA_CQL_MAX_RETRIES - CASSANDRA_CQL_SLEEP_TIME - CASSANDRA_INIT_MAX_RETRIES - CASSANDRA_INIT_SLEEP_TIME - CASSANDRA_PEER_CQL_MAX_RETRIES - CASSANDRA_PEER_CQL_SLEEP_TIME - CASSANDRA_DELAY_START_TIME - CASSANDRA_AUTO_SNAPSHOT_TTL - ALLOW_EMPTY_PASSWORD - CASSANDRA_AUTHORIZER - CASSANDRA_AUTHENTICATOR - CASSANDRA_USER - CASSANDRA_PASSWORD - CASSANDRA_KEYSTORE_PASSWORD - CASSANDRA_TRUSTSTORE_PASSWORD - CASSANDRA_KEYSTORE_LOCATION - CASSANDRA_TRUSTSTORE_LOCATION - CASSANDRA_SSL_VALIDATE - SSL_VERSION -) -for env_var in "${cassandra_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset cassandra_env_vars - -# Paths -export CASSANDRA_BASE_DIR="${BITNAMI_ROOT_DIR}/cassandra" -export CASSANDRA_BIN_DIR="${CASSANDRA_BASE_DIR}/bin" -export CASSANDRA_CONF_DIR="${CASSANDRA_BASE_DIR}/conf" -export CASSANDRA_VOLUME_DIR="${CASSANDRA_VOLUME_DIR:-/bitnami/cassandra}" -export CASSANDRA_DATA_DIR="${CASSANDRA_DATA_DIR:-${CASSANDRA_VOLUME_DIR}/data}" -export CASSANDRA_COMMITLOG_DIR="${CASSANDRA_COMMITLOG_DIR:-${CASSANDRA_DATA_DIR}/commitlog}" -export CASSANDRA_DEFAULT_CONF_DIR="${CASSANDRA_BASE_DIR}/conf.default" -export CASSANDRA_INITSCRIPTS_DIR="/docker-entrypoint-initdb.d" -export CASSANDRA_LOG_DIR="${CASSANDRA_BASE_DIR}/logs" -export CASSANDRA_MOUNTED_CONF_DIR="${CASSANDRA_MOUNTED_CONF_DIR:-${CASSANDRA_VOLUME_DIR}/conf}" -export CASSANDRA_TMP_DIR="${CASSANDRA_BASE_DIR}/tmp" -export JAVA_BASE_DIR="${BITNAMI_ROOT_DIR}/java" -export JAVA_BIN_DIR="${JAVA_BASE_DIR}/bin" -export PYTHON_BASE_DIR="${BITNAMI_ROOT_DIR}/python" -export PYTHON_BIN_DIR="${PYTHON_BASE_DIR}/bin" -export CASSANDRA_CONF_FILE="${CASSANDRA_CONF_DIR}/cassandra.yaml" -export CASSANDRA_LOG_FILE="${CASSANDRA_LOG_DIR}/cassandra.log" -export CASSANDRA_FIRST_BOOT_LOG_FILE="${CASSANDRA_LOG_DIR}/cassandra_first_boot.log" -export CASSANDRA_INITSCRIPTS_BOOT_LOG_FILE="${CASSANDRA_LOG_DIR}/cassandra_init_scripts_boot.log" -export CASSANDRA_PID_FILE="${CASSANDRA_TMP_DIR}/cassandra.pid" -export PATH="${CASSANDRA_BIN_DIR}:${JAVA_BIN_DIR}:${PYTHON_BIN_DIR}:${BITNAMI_ROOT_DIR}/common/bin:${PATH}" - -# System users (when running with a privileged user) -export CASSANDRA_DAEMON_USER="cassandra" -export CASSANDRA_DAEMON_GROUP="cassandra" - -# Cassandra cluster serttings -export CASSANDRA_CLIENT_ENCRYPTION="${CASSANDRA_CLIENT_ENCRYPTION:-false}" -export CASSANDRA_CLUSTER_NAME="${CASSANDRA_CLUSTER_NAME:-My Cluster}" -export CASSANDRA_DATACENTER="${CASSANDRA_DATACENTER:-dc1}" -export CASSANDRA_ENABLE_REMOTE_CONNECTIONS="${CASSANDRA_ENABLE_REMOTE_CONNECTIONS:-true}" -export CASSANDRA_ENABLE_RPC="${CASSANDRA_ENABLE_RPC:-true}" -export CASSANDRA_ENABLE_USER_DEFINED_FUNCTIONS="${CASSANDRA_ENABLE_USER_DEFINED_FUNCTIONS:-false}" -export CASSANDRA_ENABLE_SCRIPTED_USER_DEFINED_FUNCTIONS="${CASSANDRA_ENABLE_SCRIPTED_USER_DEFINED_FUNCTIONS:-false}" -export CASSANDRA_ENDPOINT_SNITCH="${CASSANDRA_ENDPOINT_SNITCH:-SimpleSnitch}" -export CASSANDRA_HOST="${CASSANDRA_HOST:-}" -export CASSANDRA_INTERNODE_ENCRYPTION="${CASSANDRA_INTERNODE_ENCRYPTION:-none}" -export CASSANDRA_NUM_TOKENS="${CASSANDRA_NUM_TOKENS:-256}" -export CASSANDRA_PASSWORD_SEEDER="${CASSANDRA_PASSWORD_SEEDER:-no}" -export CASSANDRA_SEEDS="${CASSANDRA_SEEDS:-$CASSANDRA_HOST}" -export CASSANDRA_PEERS="${CASSANDRA_PEERS:-$CASSANDRA_SEEDS}" -export CASSANDRA_PEERS="${CASSANDRA_PEERS:-$CASSANDRA_SEEDS}" -export CASSANDRA_NODES="${CASSANDRA_NODES:-}" -export CASSANDRA_RACK="${CASSANDRA_RACK:-rack1}" -export CASSANDRA_BROADCAST_ADDRESS="${CASSANDRA_BROADCAST_ADDRESS:-}" -export CASSANDRA_AUTOMATIC_SSTABLE_UPGRADE="${CASSANDRA_AUTOMATIC_SSTABLE_UPGRADE:-false}" - -# Database initialization settings -export CASSANDRA_STARTUP_CQL="${CASSANDRA_STARTUP_CQL:-}" -export CASSANDRA_IGNORE_INITDB_SCRIPTS="${CASSANDRA_IGNORE_INITDB_SCRIPTS:-no}" - -# Port configuration -export CASSANDRA_CQL_PORT_NUMBER="${CASSANDRA_CQL_PORT_NUMBER:-9042}" -export CASSANDRA_JMX_PORT_NUMBER="${CASSANDRA_JMX_PORT_NUMBER:-7199}" -export CASSANDRA_TRANSPORT_PORT_NUMBER="${CASSANDRA_TRANSPORT_PORT_NUMBER:-7000}" - -# Retries and sleep time configuration -export CASSANDRA_CQL_MAX_RETRIES="${CASSANDRA_CQL_MAX_RETRIES:-20}" -export CASSANDRA_CQL_SLEEP_TIME="${CASSANDRA_CQL_SLEEP_TIME:-5}" -export CASSANDRA_INIT_MAX_RETRIES="${CASSANDRA_INIT_MAX_RETRIES:-100}" -export CASSANDRA_INIT_SLEEP_TIME="${CASSANDRA_INIT_SLEEP_TIME:-5}" -export CASSANDRA_PEER_CQL_MAX_RETRIES="${CASSANDRA_PEER_CQL_MAX_RETRIES:-100}" -export CASSANDRA_PEER_CQL_SLEEP_TIME="${CASSANDRA_PEER_CQL_SLEEP_TIME:-10}" -export CASSANDRA_DELAY_START_TIME="${CASSANDRA_DELAY_START_TIME:-0}" - -# Snapshot settings -export CASSANDRA_AUTO_SNAPSHOT_TTL="${CASSANDRA_AUTO_SNAPSHOT_TTL:-30d}" - -# Authentication, Authorization and Credentials -export ALLOW_EMPTY_PASSWORD="${ALLOW_EMPTY_PASSWORD:-no}" -export CASSANDRA_AUTHORIZER="${CASSANDRA_AUTHORIZER:-CassandraAuthorizer}" -export CASSANDRA_AUTHENTICATOR="${CASSANDRA_AUTHENTICATOR:-PasswordAuthenticator}" -export CASSANDRA_USER="${CASSANDRA_USER:-cassandra}" -export CASSANDRA_PASSWORD="${CASSANDRA_PASSWORD:-}" -export CASSANDRA_KEYSTORE_PASSWORD="${CASSANDRA_KEYSTORE_PASSWORD:-cassandra}" -export CASSANDRA_TRUSTSTORE_PASSWORD="${CASSANDRA_TRUSTSTORE_PASSWORD:-cassandra}" -export CASSANDRA_KEYSTORE_LOCATION="${CASSANDRA_KEYSTORE_LOCATION:-${CASSANDRA_VOLUME_DIR}/secrets/keystore}" -export CASSANDRA_TRUSTSTORE_LOCATION="${CASSANDRA_TRUSTSTORE_LOCATION:-${CASSANDRA_VOLUME_DIR}/secrets/truststore}" -export CASSANDRA_TMP_P12_FILE="${CASSANDRA_TMP_DIR}/keystore.p12" -export CASSANDRA_SSL_CERT_FILE="${CASSANDRA_VOLUME_DIR}/client.cer.pem" -export SSL_CERTFILE="$CASSANDRA_SSL_CERT_FILE" -export CASSANDRA_SSL_VALIDATE="${CASSANDRA_SSL_VALIDATE:-false}" -export SSL_VALIDATE="$CASSANDRA_SSL_VALIDATE" - -# cqlsh settings -export SSL_VERSION="${SSL_VERSION:-TLSv1_2}" - -# Custom environment variables may be defined below diff --git a/bitnami/cassandra/4.1/debian-11/rootfs/opt/bitnami/scripts/cassandra/entrypoint.sh b/bitnami/cassandra/4.1/debian-11/rootfs/opt/bitnami/scripts/cassandra/entrypoint.sh deleted file mode 100755 index 8904b32f82a6..000000000000 --- a/bitnami/cassandra/4.1/debian-11/rootfs/opt/bitnami/scripts/cassandra/entrypoint.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -#set -o xtrace - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/libcassandra.sh - -# Load Cassandra environment variables -. /opt/bitnami/scripts/cassandra-env.sh - -print_welcome_page - -if is_positive_int "$CASSANDRA_DELAY_START_TIME" && [[ "$CASSANDRA_DELAY_START_TIME" -gt 0 ]]; then - info "** Delaying Cassandra start by ${CASSANDRA_DELAY_START_TIME} seconds **" - sleep "$CASSANDRA_DELAY_START_TIME" -fi - -if [[ "$*" = *"/opt/bitnami/scripts/cassandra/run.sh"* || "$*" = *"/run.sh"* ]]; then - info "** Starting Cassandra setup **" - /opt/bitnami/scripts/cassandra/setup.sh - info "** Cassandra setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/cassandra/4.1/debian-11/rootfs/opt/bitnami/scripts/cassandra/postunpack.sh b/bitnami/cassandra/4.1/debian-11/rootfs/opt/bitnami/scripts/cassandra/postunpack.sh deleted file mode 100755 index e4287dd36b70..000000000000 --- a/bitnami/cassandra/4.1/debian-11/rootfs/opt/bitnami/scripts/cassandra/postunpack.sh +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libcassandra.sh - -# Load Cassandra environment variables -. /opt/bitnami/scripts/cassandra-env.sh - -for dir in "$CASSANDRA_INITSCRIPTS_DIR" "$CASSANDRA_TMP_DIR" "$CASSANDRA_CONF_DIR" "$CASSANDRA_LOG_DIR" "$CASSANDRA_MOUNTED_CONF_DIR" "$CASSANDRA_VOLUME_DIR"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" -done - -# Create wrapper for cqlsh -cat <"${CASSANDRA_BIN_DIR}/cqlsh" -#!/bin/sh -exec "${PYTHON_BIN_DIR}/python" "${CASSANDRA_BIN_DIR}/cqlsh.py" "\$@" -EOF - -chmod +x "${CASSANDRA_BIN_DIR}/cqlsh" - -ensure_dir_exists "${HOME}/.cassandra" -chmod -R g+rwX "${HOME}/.cassandra" diff --git a/bitnami/cassandra/4.1/debian-11/rootfs/opt/bitnami/scripts/cassandra/run.sh b/bitnami/cassandra/4.1/debian-11/rootfs/opt/bitnami/scripts/cassandra/run.sh deleted file mode 100755 index c09caa5602ed..000000000000 --- a/bitnami/cassandra/4.1/debian-11/rootfs/opt/bitnami/scripts/cassandra/run.sh +++ /dev/null @@ -1,68 +0,0 @@ -#!/bin/bash - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libcassandra.sh -. /opt/bitnami/scripts/libos.sh - -# Load Cassandra environment variables -. /opt/bitnami/scripts/cassandra-env.sh - -# As we cannot use "local" we will use "readonly" for read-only variables. -# The scope of "readonly" is global, so we attach "__run_" to avoid conflicts -# with other variables in libcassandra.sh - -info "** Starting Cassandra **" - -# During the startup logic, we bootstap Cassandra. This is because Cassandra seeder nodes -# need to be able to connect to each other, and after that authentication can be configured. -# However, some applications may detect at this point that the database is ready. -# While in other bitnami containers we would stop the database and run it in foreground, -# we prefer keeping it running in this case. -# So, in this run.sh script, we first check if Cassandra was already running in -# one of the two cases: -# -# 1) Initial cluster initialization -# 2) Init scripts -# -# If none of the two cases apply, we assume it is an error and exit -if is_cassandra_running; then - __run_pid="$(get_pid_from_file "$CASSANDRA_PID_FILE")" - running_log_file="" - - if [[ -f "$CASSANDRA_FIRST_BOOT_LOG_FILE" ]]; then - running_log_file="$CASSANDRA_FIRST_BOOT_LOG_FILE" - info "Cassandra already running with PID $__run_pid because of the initial cluster setup" - elif [[ -f "$CASSANDRA_INITSCRIPTS_BOOT_LOG_FILE" ]]; then - running_log_file="$CASSANDRA_INITSCRIPTS_BOOT_LOG_FILE" - info "Cassandra already running PID $__run_pid because of the init scripts execution" - else - error "Cassandra is already running for an unexpected reason. Exiting" - exit 1 - fi - - info "Tailing $running_log_file" - __run_tail_cmd="$(which tail)" - readonly __run_tail_flags=("--pid=${__run_pid}" "-n" "1000" "-f" "$running_log_file") - - if am_i_root; then - exec_as_user "$CASSANDRA_DAEMON_USER" "${__run_tail_cmd}" "${__run_tail_flags[@]}" - else - exec "${__run_tail_cmd}" "${__run_tail_flags[@]}" - fi -else - readonly __run_cmd="${CASSANDRA_BIN_DIR}/cassandra" - readonly __run_flags=("-p $CASSANDRA_PID_FILE" "-R" "-f") - if am_i_root; then - exec_as_user "$CASSANDRA_DAEMON_USER" "${__run_cmd}" "${__run_flags[@]}" - else - exec "${__run_cmd}" "${__run_flags[@]}" - fi -fi diff --git a/bitnami/cassandra/4.1/debian-11/rootfs/opt/bitnami/scripts/cassandra/setup.sh b/bitnami/cassandra/4.1/debian-11/rootfs/opt/bitnami/scripts/cassandra/setup.sh deleted file mode 100755 index 325b9473326e..000000000000 --- a/bitnami/cassandra/4.1/debian-11/rootfs/opt/bitnami/scripts/cassandra/setup.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Cassandra setup - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libcassandra.sh - -# Load Cassandra environment variables -. /opt/bitnami/scripts/cassandra-env.sh - -# Set default Cassandra host environment variable -cassandra_set_default_host -# Ensure Cassandra environment variables settings are valid -cassandra_validate -# Ensure 'daemon' user exists when running as 'root' -am_i_root && ensure_user_exists "$CASSANDRA_DAEMON_USER" --group "$CASSANDRA_DAEMON_GROUP" -# Ensure Cassandra is initialized -cassandra_initialize - -# Allow running custom initialization scripts -if ! is_boolean_yes "$CASSANDRA_IGNORE_INITDB_SCRIPTS"; then - cassandra_custom_init_scripts -fi diff --git a/bitnami/cassandra/4.1/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh b/bitnami/cassandra/4.1/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh deleted file mode 100755 index c3a1e2383fa1..000000000000 --- a/bitnami/cassandra/4.1/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -print_welcome_page - -echo "" -exec "$@" diff --git a/bitnami/cassandra/4.1/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh b/bitnami/cassandra/4.1/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh deleted file mode 100755 index 52dbf4f13673..000000000000 --- a/bitnami/cassandra/4.1/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh - -# -# Java post-unpack operations -# - -# Override default files in the Java security directory. This is used for -# custom base images (with custom CA certificates or block lists is used) - -if [[ -n "${JAVA_EXTRA_SECURITY_DIR:-}" ]] && ! is_dir_empty "$JAVA_EXTRA_SECURITY_DIR"; then - info "Adding custom CAs to the Java security folder" - cp -Lr "${JAVA_EXTRA_SECURITY_DIR}/." /opt/bitnami/java/lib/security -fi diff --git a/bitnami/cassandra/4.1/debian-11/rootfs/opt/bitnami/scripts/libcassandra.sh b/bitnami/cassandra/4.1/debian-11/rootfs/opt/bitnami/scripts/libcassandra.sh deleted file mode 100644 index 9185044e3f49..000000000000 --- a/bitnami/cassandra/4.1/debian-11/rootfs/opt/bitnami/scripts/libcassandra.sh +++ /dev/null @@ -1,1210 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Cassandra library - -# shellcheck disable=SC1090,SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libvalidations.sh - -######################## -# Change a Cassandra configuration yaml file by setting a property -# Globals: -# CASSANDRA_* -# Arguments: -# $1 - property -# $2 - value -# $3 - Use quotes in value (default: yes) -# $4 - Path to configuration file (default: $CASSANDRA_CONF_FILE) -# Returns: -# None -######################### -cassandra_yaml_set() { - local -r property="${1:?missing property}" - local -r value="${2:?missing value}" - local -r use_quotes="${3:-yes}" - local -r conf_file="${4:-$CASSANDRA_CONF_FILE}" - - if is_boolean_yes "$use_quotes"; then - replace_in_file "$conf_file" "^(#\s)?(\s*)(\-\s*)?${property}:.*" "\2\3${property}: '${value}'" - else - replace_in_file "$conf_file" "^(#\s)?(\s*)(\-\s*)?${property}:.*" "\2\3${property}: ${value}" - fi -} - -######################### -# Set default Cassandra settings if not set -# Globals: -# CASSANDRA_* -# Arguments: -# None -# Returns: -# None -######################### -cassandra_set_default_host() { - if [[ -z "${CASSANDRA_HOST:-}" ]]; then - warn "CASSANDRA_HOST not set, defaulting to system hostname" - local -r host="$(hostname)" - export CASSANDRA_HOST="$host" - export CASSANDRA_SEEDS="${CASSANDRA_SEEDS:-$CASSANDRA_HOST}" - export CASSANDRA_PEERS="${CASSANDRA_PEERS:-$CASSANDRA_SEEDS}" - fi -} - -######################## -# Change a Cassandra configuration yaml file by setting a property as an array -# Globals: -# CASSANDRA_* -# Arguments: -# $1 - property -# $2 - comma-separated string with the different values -# $3 - Use quotes in value (default: no) -# $4 - Path to configuration file (default: $CASSANDRA_CONF_FILE) -# Returns: -# None -######################### -cassandra_yaml_set_as_array() { - local -r property="${1:?missing property}" - local -r array="${2:?missing value}" - local -r use_quotes="${3:-no}" - local -r conf_file="${4:-$CASSANDRA_CONF_FILE}" - local substitution="\2${property}:" - - for value in "${array[@]}"; do - if is_boolean_yes "$use_quotes"; then - substitution+="\n\2 - '${value}'" - else - substitution+="\n\2 - ${value}" - fi - done - replace_in_file "$conf_file" "^(#\s)?(\s*)${property}:.*" "${substitution}" -} - -######################## -# Validate settings in CASSANDRA_* environment variables -# Globals: -# CASSANDRA_* -# Arguments: -# None -# Returns: -# None -######################### -cassandra_validate() { - info "Validating settings in CASSANDRA_* env vars.." - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - empty_password_enabled_warn() { - warn "You set the environment variable ALLOW_EMPTY_PASSWORD=${ALLOW_EMPTY_PASSWORD}. For safety reasons, do not use this flag in a production environment." - } - - empty_password_warn() { - warn "You've not provided a password. Default password \"cassandra\" will be used. For safety reasons, please provide a secure password in a production environment." - } - - empty_password_error() { - print_validation_error "The $1 environment variable is empty or not set. Set the environment variable ALLOW_EMPTY_PASSWORD=yes to allow the container to be started with blank passwords. This is recommended only for development." - } - - check_default_password() { - if [[ "${!1}" = "cassandra" ]]; then - warn "You set the environment variable $1=cassandra. This is the default value when bootstrapping Cassandra and should not be used in production environments." - fi - } - - check_yes_no_value() { - if ! is_yes_no_value "${!1}"; then - print_validation_error "The allowed values for $1 are [yes, no]" - fi - } - - check_true_false_value() { - if ! is_true_false_value "${!1}"; then - print_validation_error "The allowed values for $1 are [true, false]" - fi - } - - check_conflicting_ports() { - local -r total="$#" - for i in $(seq 1 "$((total - 1))"); do - for j in $(seq "$((i + 1))" "$total"); do - if (("${!i}" == "${!j}")); then - print_validation_error "${!i} and ${!j} are bound to the same port" - fi - done - done - } - - check_allowed_port() { - local validate_port_args=() - ! am_i_root && validate_port_args+=("-unprivileged") - validate_port_args+=("${!1}") - if ! err=$(validate_port "${validate_port_args[@]}"); then - print_validation_error "An invalid port was specified in the environment variable $1: $err" - fi - } - - check_resolved_hostname() { - if ! is_hostname_resolved "$1"; then - warn "Hostname $1 could not be resolved. This could lead to connection issues" - fi - } - - check_positive_value() { - if ! is_positive_int "${!1}"; then - print_validation_error "The variable $1 must be positive integer" - fi - } - - check_empty_value() { - if is_empty_value "${!1}"; then - print_validation_error "The $1 environment variable is empty or not set." - fi - } - - check_password_file() { - if [[ -n "${!1:-}" ]] && ! [[ -f "${!1:-}" ]]; then - print_validation_error "The variable $1 is defined but the file ${!1} is not accessible or does not exist" - fi - } - - check_password_file CASSANDRA_PASSWORD_FILE - check_password_file CASSANDRA_TRUSTSTORE_PASSWORD_FILE - check_password_file CASSANDRA_KEYSTORE_PASSWORD_FILE - - check_empty_value CASSANDRA_RACK - check_empty_value CASSANDRA_DATACENTER - - if [[ -z $CASSANDRA_PASSWORD ]]; then - if ! is_boolean_yes "$ALLOW_EMPTY_PASSWORD"; then - empty_password_warn - export CASSANDRA_PASSWORD="cassandra" - else - empty_password_enabled_warn - fi - fi - - check_default_password CASSANDRA_PASSWORD - - if is_boolean_yes "$CASSANDRA_CLIENT_ENCRYPTION" || is_boolean_yes "$CASSANDRA_INTERNODE_ENCRYPTION"; then - check_empty_value CASSANDRA_KEYSTORE_PASSWORD - check_empty_value CASSANDRA_TRUSTSTORE_PASSWORD - check_default_password CASSANDRA_KEYSTORE_PASSWORD - check_default_password CASSANDRA_TRUSTSTORE_PASSWORD - fi - - check_yes_no_value CASSANDRA_PASSWORD_SEEDER - check_true_false_value CASSANDRA_ENABLE_REMOTE_CONNECTIONS - check_true_false_value CASSANDRA_CLIENT_ENCRYPTION - check_true_false_value CASSANDRA_ENABLE_USER_DEFINED_FUNCTIONS - check_true_false_value CASSANDRA_ENABLE_SCRIPTED_USER_DEFINED_FUNCTIONS - check_positive_value CASSANDRA_NUM_TOKENS - check_positive_value CASSANDRA_INIT_MAX_RETRIES - check_positive_value CASSANDRA_CQL_MAX_RETRIES - check_positive_value CASSANDRA_PEER_CQL_MAX_RETRIES - check_positive_value CASSANDRA_INIT_SLEEP_TIME - check_positive_value CASSANDRA_CQL_SLEEP_TIME - check_positive_value CASSANDRA_PEER_CQL_SLEEP_TIME - check_positive_value CASSANDRA_CQL_PORT_NUMBER - check_positive_value CASSANDRA_JMX_PORT_NUMBER - check_positive_value CASSANDRA_TRANSPORT_PORT_NUMBER - - check_conflicting_ports CASSANDRA_CQL_PORT_NUMBER CASSANDRA_JMX_PORT_NUMBER CASSANDRA_TRANSPORT_PORT_NUMBER - - check_allowed_port CASSANDRA_CQL_PORT_NUMBER - check_allowed_port CASSANDRA_TRANSPORT_PORT_NUMBER - check_allowed_port CASSANDRA_JMX_PORT_NUMBER - - check_resolved_hostname "$CASSANDRA_HOST" - for peer in ${CASSANDRA_PEERS//,/ }; do - check_resolved_hostname "$peer" - done - for seed in ${CASSANDRA_SEEDS//,/ }; do - check_resolved_hostname "$seed" - done - - if [[ ! ${CASSANDRA_AUTO_SNAPSHOT_TTL} =~ ([1-9]{1}[0-9]{0,}[d|h|m]) ]]; then - print_validation_error "CASSANDRA_AUTO_SNAPSHOT_TTL accepted units: d (days), h (hours) or m (minutes)" - fi - - check_true_false_value CASSANDRA_SSL_VALIDATE - check_true_false_value CASSANDRA_AUTOMATIC_SSTABLE_UPGRADE - - if ((${#CASSANDRA_PASSWORD} > 512)); then - print_validation_error "The password cannot be longer than 512 characters. Set the environment variable CASSANDRA_PASSWORD with a shorter value" - fi - - [[ "$error_code" -eq 0 ]] || exit "$error_code" -} - -######################## -# Check if a given configuration file was mounted externally -# Globals: -# CASSANDRA_* -# Arguments: -# $1 - Filename -# Returns: -# true if the file was mounted externally, false otherwise -######################### -cassandra_is_file_external() { - local -r filename="${1:?file_is_missing}" - if [[ -f "${CASSANDRA_MOUNTED_CONF_DIR}/${filename}" ]]; then - true - else - false - fi -} - -######################## -# Copy mounted configuration files -# Globals: -# CASSANDRA_* -# Arguments: -# None -# Returns: -# None -######################### -cassandra_copy_mounted_config() { - if ! is_dir_empty "$CASSANDRA_MOUNTED_CONF_DIR"; then - cp -Lr "$CASSANDRA_MOUNTED_CONF_DIR"/* "$CASSANDRA_CONF_DIR" - fi -} - -######################## -# Copy default configuration files in case there are no mounted ones -# Globals: -# CASSANDRA_* -# Arguments: -# None -# Returns: -# None -######################### -cassandra_copy_default_config() { - local -r tmp_file_list=/tmp/conf_file_list - find "$CASSANDRA_DEFAULT_CONF_DIR" -type f >$tmp_file_list - while read -r f; do - filename="${f#"${CASSANDRA_DEFAULT_CONF_DIR}/"}" # Get path with subfolder - dest="${f//$CASSANDRA_DEFAULT_CONF_DIR/$CASSANDRA_CONF_DIR}" - if [[ -f "$dest" ]]; then - debug "Found ${filename}. Skipping default" - else - debug "No injected ${filename} file found. Creating default ${filename} file" - # There are conf files in subfolders. We may need to create them - mkdir -p "$(dirname "$dest")" - cp "$f" "$dest" - fi - done <$tmp_file_list - rm "$tmp_file_list" -} - -######################## -# Configure the path to the different data directories (ignored if cassandra.yaml is mounted) -# Globals: -# CASSANDRA_* -# Arguments: -# None -# Returns: -# None -######################### -cassandra_setup_data_dirs() { - if ! cassandra_is_file_external "cassandra.yaml"; then - cassandra_yaml_set_as_array data_file_directories "${CASSANDRA_DATA_DIR}/data" "$CASSANDRA_CONF_FILE" - - cassandra_yaml_set commitlog_directory "$CASSANDRA_COMMITLOG_DIR" - cassandra_yaml_set hints_directory "${CASSANDRA_DATA_DIR}/hints" - cassandra_yaml_set cdc_raw_directory "${CASSANDRA_DATA_DIR}/cdc_raw" - cassandra_yaml_set saved_caches_directory "${CASSANDRA_DATA_DIR}/saved_caches" - else - debug "cassandra.yaml mounted. Skipping data directory configuration" - fi -} - -######################## -# Enable password-based authentication (ignored if cassandra.yaml is mounted) -# Globals: -# CASSANDRA_* -# Arguments: -# None -# Returns: -# None -######################### -cassandra_enable_auth() { - if ! cassandra_is_file_external "cassandra.yaml"; then - if [[ "$ALLOW_EMPTY_PASSWORD" = "yes" ]] && [[ -z $CASSANDRA_PASSWORD ]]; then - cassandra_yaml_set "authenticator" "AllowAllAuthenticator" - cassandra_yaml_set "authorizer" "AllowAllAuthorizer" - else - cassandra_yaml_set "authenticator" "${CASSANDRA_AUTHENTICATOR}" - cassandra_yaml_set "authorizer" "${CASSANDRA_AUTHORIZER}" - fi - else - debug "cassandra.yaml mounted. Skipping authentication method configuration" - fi -} - -######################## -# Configure logging settings (ignored if logback.xml is mounted) -# Globals: -# CASSANDRA_* -# Arguments: -# None -# Returns: -# None -######################### -cassandra_setup_logging() { - if ! cassandra_is_file_external "logback.xml"; then - replace_in_file "${CASSANDRA_CONF_DIR}/logback.xml" "system[.]log" "cassandra.log" - if [[ "$BITNAMI_DEBUG" = "false" ]]; then - replace_in_file "${CASSANDRA_CONF_DIR}/logback.xml" "()" "" - fi - else - debug "logback.xml mounted. Skipping logging configuration" - fi -} - -######################## -# Configure cluster settings (modifies cassandra.yaml and cassandra-env.sh if not mounted) -# Globals: -# CASSANDRA_* -# Arguments: -# None -# Returns: -# None -######################### -cassandra_setup_cluster() { - local host="127.0.0.1" - local rpc_address="127.0.0.1" - local cassandra_config - - if [[ "$CASSANDRA_ENABLE_REMOTE_CONNECTIONS" = "true" ]]; then - host="$CASSANDRA_HOST" - rpc_address="0.0.0.0" - fi - # cassandra.yaml changes - if ! cassandra_is_file_external "cassandra.yaml"; then - cassandra_yaml_set "num_tokens" "$CASSANDRA_NUM_TOKENS" "no" - cassandra_yaml_set "cluster_name" "$CASSANDRA_CLUSTER_NAME" - cassandra_yaml_set "listen_address" "$host" - cassandra_yaml_set "seeds" "$CASSANDRA_SEEDS" - cassandra_yaml_set "start_rpc" "$CASSANDRA_ENABLE_RPC" "no" - cassandra_yaml_set "enable_user_defined_functions" "$CASSANDRA_ENABLE_USER_DEFINED_FUNCTIONS" "no" - cassandra_yaml_set "enable_scripted_user_defined_functions" "$CASSANDRA_ENABLE_SCRIPTED_USER_DEFINED_FUNCTIONS" "no" - cassandra_yaml_set "rpc_address" "$rpc_address" - cassandra_yaml_set "broadcast_rpc_address" "$host" - cassandra_yaml_set "endpoint_snitch" "$CASSANDRA_ENDPOINT_SNITCH" - cassandra_yaml_set "internode_encryption" "$CASSANDRA_INTERNODE_ENCRYPTION" - cassandra_yaml_set "keystore" "$CASSANDRA_KEYSTORE_LOCATION" - cassandra_yaml_set "keystore_password" "$CASSANDRA_KEYSTORE_PASSWORD" - cassandra_yaml_set "truststore" "$CASSANDRA_TRUSTSTORE_LOCATION" - cassandra_yaml_set "truststore_password" "$CASSANDRA_TRUSTSTORE_PASSWORD" - cassandra_yaml_set "auto_snapshot_ttl" "$CASSANDRA_AUTO_SNAPSHOT_TTL" - - if [[ -n "$CASSANDRA_BROADCAST_ADDRESS" ]]; then - cassandra_yaml_set "broadcast_address" "$CASSANDRA_BROADCAST_ADDRESS" - fi - - if [[ -n "$CASSANDRA_AUTOMATIC_SSTABLE_UPGRADE" ]]; then - cassandra_yaml_set "automatic_sstable_upgrade" "$CASSANDRA_AUTOMATIC_SSTABLE_UPGRADE" - fi - - cassandra_config="$(sed -E "/client_encryption_options:.*/ {N;N; s/client_encryption_options:[^\n]*(\n\s+#.*)?(\n\s+enabled:).*/client_encryption_options:\1\2 $CASSANDRA_CLIENT_ENCRYPTION/g}" "$CASSANDRA_CONF_FILE")" - echo "$cassandra_config" >"$CASSANDRA_CONF_FILE" - else - debug "cassandra.yaml mounted. Skipping cluster configuration" - fi - - # cassandra-env.sh changes - if ! cassandra_is_file_external "cassandra-env.sh"; then - replace_in_file "${CASSANDRA_CONF_DIR}/cassandra-env.sh" "#\s*JVM_OPTS=\"\$JVM_OPTS -Djava[.]rmi[.]server[.]hostname=[^\"]*" "JVM_OPTS=\"\$JVM_OPTS -Djava.rmi.server.hostname=${host}" - else - debug "cassandra-env.sh mounted. Skipping setting server hostname" - fi -} - -######################## -# Configure java path (ignored if cassandra-env.sh is mounted) -# Globals: -# CASSANDRA_* -# Arguments: -# None -# Returns: -# None -######################### -cassandra_setup_java() { - if ! cassandra_is_file_external "cassandra-env.sh"; then - replace_in_file "${CASSANDRA_CONF_DIR}/cassandra-env.sh" "(calculate_heap_sizes\(\))" "\nJAVA_HOME=$JAVA_BASE_DIR\nJAVA=$JAVA_BIN_DIR/java\n\n\1" - else - debug "cassandra-env.sh mounted. Skipping JAVA_HOME configuration" - fi -} - -######################## -# Configure jemalloc path (ignored if cassandra-env.sh is mounted) -# Globals: -# CASSANDRA_* -# Arguments: -# None -# Returns: -# None -######################### -cassandra_setup_jemalloc() { - if ! cassandra_is_file_external "cassandra-env.sh"; then - if [[ -n "$(find_jemalloc_lib)" ]]; then - echo "JVM_OPTS=\"\$JVM_OPTS -Dcassandra.libjemalloc=$(find_jemalloc_lib)\"" >>"${CASSANDRA_CONF_DIR}/cassandra-env.sh" - else - warn "Couldn't find jemalloc installed. Skipping jemalloc configuration." - fi - else - debug "cassandra-env.sh mounted. Skipping jemalloc configuration." - fi -} - -######################## -# Change the password for the cassandra user -# Globals: -# CASSANDRA_* -# Arguments: -# 1 - Old password (default: cassandra) -# 2 - New Password (default: $CASSANDRA_PASSWORD) -# 3 - Maximum number of retries (default: $CASSANDRA_CQL_MAX_RETRIES) -# 4 - Sleep time between retries (default: $CASSANDRA_CQL_SLEEP_TIME) -# Returns: -# None -######################### -cassandra_change_cassandra_password() { - local -r old_password="${1:-cassandra}" - local -r new_password="${2:-$CASSANDRA_PASSWORD}" - local -r retries="${3:-$CASSANDRA_CQL_MAX_RETRIES}" - local -r sleep_time="${4:-$CASSANDRA_CQL_SLEEP_TIME}" - - info 'Updating the password for the "cassandra" user...' - local -r user="cassandra" - local -r escaped_password="${new_password//\'/\'\'}" - - if (echo "ALTER USER cassandra WITH PASSWORD \$\$${escaped_password}\$\$;" | cassandra_execute_with_retries "$retries" "$sleep_time" "$user" "$old_password"); then - debug "ALTER USER command executed. Trying to log in" - wait_for_cql_access "$user" "$new_password" "" "$retries" "$sleep_time" - info "Password updated successfully" - fi -} - -######################## -# Create a new admin user -# Globals: -# CASSANDRA_* -# Arguments: -# 1 - New username (default: $CASSANDRA_USER) -# 2 - New user password (default: $CASSANDRA_PASSWORD) -# 3 - Admin username (which will create the new user) (default: cassandra) -# 4 - Admin password (default: cassandra) -# 5 - Maximum number of retries (default: $CASSANDRA_CQL_MAX_RETRIES) -# 6 - Sleep time between retries (default: $CASSANDRA_CQL_SLEEP_TIME) -# Returns: -# None -######################### -cassandra_create_admin_user() { - local -r new_user="${1:-$CASSANDRA_USER}" - local -r password="${2:-$CASSANDRA_PASSWORD}" - local -r admin_user="${3:-cassandra}" - local -r admin_user_password="${4:-cassandra}" - local -r retries="${5:-$CASSANDRA_CQL_MAX_RETRIES}" - local -r sleep_time="${6:-$CASSANDRA_CQL_SLEEP_TIME}" - - info "Creating super-user $new_user" - local -r escaped_password="${password//\'/\'\'}" - - echo "CREATE USER '${new_user}' WITH PASSWORD \$\$${escaped_password}\$\$ SUPERUSER;" | cassandra_execute_with_retries "$retries" "$sleep_time" "$admin_user" "$admin_user_password" -} - -######################## -# Configure port binding (modifies cassandra.yaml and cassandra-env.sh if not mounted) -# Globals: -# CASSANDRA_* -# Arguments: -# None -# Returns: -# None -######################### -cassandra_setup_ports() { - if ! cassandra_is_file_external "cassandra.yaml"; then - cassandra_yaml_set "native_transport_port" "$CASSANDRA_CQL_PORT_NUMBER" "no" - cassandra_yaml_set "storage_port" "$CASSANDRA_TRANSPORT_PORT_NUMBER" "no" - else - debug "cassandra.yaml mounted. Skipping native and storage ports configuration" - fi - - if ! cassandra_is_file_external "cassandra-env.sh"; then - replace_in_file "${CASSANDRA_CONF_DIR}/cassandra-env.sh" "JMX_PORT=.*" "JMX_PORT=$CASSANDRA_JMX_PORT_NUMBER" - else - debug "cassandra-env.sh mounted. Skipping JMX port configuration" - fi -} - -######################## -# Configure rack and datacenter (ignored if cassandra-rackdc.properties is mounted) -# Globals: -# CASSANDRA_* -# Arguments: -# None -# Returns: -# None -######################### -cassandra_setup_rack_dc() { - if ! cassandra_is_file_external "cassandra-rackdc.properties"; then - replace_in_file "${CASSANDRA_CONF_DIR}/cassandra-rackdc.properties" "dc=.*" "dc=${CASSANDRA_DATACENTER}" - replace_in_file "${CASSANDRA_CONF_DIR}/cassandra-rackdc.properties" "rack=.*" "rack=${CASSANDRA_RACK}" - else - debug "cassandra-rackdc.properties mounted. Skipping rack and datacenter configuration" - fi -} - -######################## -# Remove PIDs, log files and conf files from a previous run (case of container restart) -# Globals: -# CASSANDRA_* -# Arguments: -# None -# Returns: -# None -######################### -cassandra_clean_from_restart() { - rm -f "$CASSANDRA_PID_FILE" - rm -f "$CASSANDRA_FIRST_BOOT_LOG_FILE" "$CASSANDRA_INITSCRIPTS_BOOT_LOG_FILE" - if ! is_dir_empty "$CASSANDRA_CONF_DIR"; then - rm -rf "${CASSANDRA_CONF_DIR:?}"/* - fi -} - -######################## -# Generate the client configurartion if ssl is configured in the server -# Globals: -# CASSANDRA_* -# Arguments: -# None -# Returns: -# None -######################### -cassandra_setup_client_ssl() { - info "Configuring client for SSL" - - # The key is store in a jks keystore and needs to be converted to pks12 to be extracted - keytool -importkeystore -srckeystore "${CASSANDRA_KEYSTORE_LOCATION}" \ - -destkeystore "${CASSANDRA_TMP_P12_FILE}" \ - -deststoretype PKCS12 \ - -srcstorepass "${CASSANDRA_KEYSTORE_PASSWORD}" \ - -deststorepass "${CASSANDRA_KEYSTORE_PASSWORD}" - - openssl pkcs12 -in "${CASSANDRA_TMP_P12_FILE}" -nokeys \ - -out "${CASSANDRA_SSL_CERT_FILE}" -passin pass:"${CASSANDRA_KEYSTORE_PASSWORD}" - rm "${CASSANDRA_TMP_P12_FILE}" -} - -######################## -# Ensure Cassandra is initialized -# Globals: -# CASSANDRA_* -# Arguments: -# None -# Returns: -# None -######################### -cassandra_initialize() { - info "Initializing Cassandra database..." - - cassandra_clean_from_restart - cassandra_copy_mounted_config - cassandra_copy_default_config - cassandra_enable_auth - cassandra_setup_java - cassandra_setup_jemalloc - cassandra_setup_logging - cassandra_setup_ports - cassandra_setup_rack_dc - cassandra_setup_data_dirs - cassandra_setup_cluster - cassandra_setup_from_environment_variables # Give priority to users configuration - - is_boolean_yes "$CASSANDRA_CLIENT_ENCRYPTION" && cassandra_setup_client_ssl - - debug "Ensuring expected directories/files exist..." - for dir in "$CASSANDRA_DATA_DIR" "$CASSANDRA_TMP_DIR" "$CASSANDRA_LOG_DIR"; do - ensure_dir_exists "$dir" - am_i_root && chown -R "$CASSANDRA_DAEMON_USER:$CASSANDRA_DAEMON_GROUP" "$dir" - done - - if ! is_dir_empty "$CASSANDRA_DATA_DIR"; then - info "Deploying Cassandra with persisted data" - else - info "Deploying Cassandra from scratch" - cassandra_start_bg "$CASSANDRA_FIRST_BOOT_LOG_FILE" - if is_boolean_yes "$CASSANDRA_PASSWORD_SEEDER"; then - info "Password seeder node" - # Check that all peers are ready - for peer in ${CASSANDRA_PEERS//,/ }; do - wait_for_cql_access "cassandra" "cassandra" "$peer" "$CASSANDRA_PEER_CQL_MAX_RETRIES" "$CASSANDRA_PEER_CQL_SLEEP_TIME" - done - # Setup user - if [[ "$CASSANDRA_USER" = "cassandra" ]]; then - cassandra_change_cassandra_password "cassandra" "$CASSANDRA_PASSWORD" "$CASSANDRA_CQL_MAX_RETRIES" "$CASSANDRA_CQL_SLEEP_TIME" - else - cassandra_create_admin_user "$CASSANDRA_USER" "$CASSANDRA_PASSWORD" "cassandra" "cassandra" "$CASSANDRA_CQL_MAX_RETRIES" "$CASSANDRA_CQL_SLEEP_TIME" - fi - - cassandra_execute_startup_cql - else - info "Non-seeder node. Waiting for synchronization" - wait_for_cql_access "$CASSANDRA_USER" "$CASSANDRA_PASSWORD" "" "$CASSANDRA_PEER_CQL_MAX_RETRIES" "$CASSANDRA_PEER_CQL_SLEEP_TIME" - fi - fi -} - -######################## -# Execute Cassandra startup cql (defined in CASSANDRA_STARTUP_CQL) -# Globals: -# CASSANDRA_* -# Arguments: -# None -# Returns: -# None -######################### -cassandra_execute_startup_cql() { - if [[ -n "$CASSANDRA_STARTUP_CQL" ]]; then - info "Executing Startup CQL" - if ! (echo "$CASSANDRA_STARTUP_CQL" | cassandra_execute_with_retries "$CASSANDRA_CQL_MAX_RETRIES" "$CASSANDRA_CQL_SLEEP_TIME" "$CASSANDRA_USER" "$CASSANDRA_PASSWORD"); then - error "Failed executing startup CQL command" - exit 1 - fi - info "Startup CQL commands executed successfully" - fi -} - -######################## -# Run custom initialization scripts -# Globals: -# CASSANDRA_* -# Arguments: -# None -# Returns: -# None -######################### -cassandra_custom_init_scripts() { - if [[ -n "$(find "$CASSANDRA_INITSCRIPTS_DIR/" \( -type f -o -type l \) -regex ".*\.\(sh\|cql\|cql.gz\)" ! -path "*/.*/*")" ]] && [[ ! -f "$CASSANDRA_VOLUME_DIR/.user_scripts_initialized" ]]; then - info "Loading user's custom files from $CASSANDRA_INITSCRIPTS_DIR ..." - local -r tmp_file="/tmp/filelist" - if ! is_cassandra_running; then - cassandra_start_bg "$CASSANDRA_INITSCRIPTS_BOOT_LOG_FILE" - wait_for_cql_access - fi - find "${CASSANDRA_INITSCRIPTS_DIR}/" \( -type f -o -type l \) -regex ".*\.\(sh\|cql\|cql.gz\)" ! -path "*/.*/*" | sort >"$tmp_file" - while read -r f; do - case "$f" in - *.sh) - if [[ -x "$f" ]]; then - debug "Executing $f" - "$f" - else - debug "Sourcing $f" - . "$f" - fi - ;; - *.cql) - debug "Executing $f" - cassandra_execute "$CASSANDRA_USER" "$CASSANDRA_PASSWORD" <"$f" - ;; - *.cql.gz) - debug "Executing $f" - gunzip -c "$f" | cassandra_execute "$CASSANDRA_USER" "$CASSANDRA_PASSWORD" - ;; - *) debug "Ignoring $f" ;; - esac - done <$tmp_file - rm -f "$tmp_file" - touch "$CASSANDRA_VOLUME_DIR"/.user_scripts_initialized - fi -} - -######################## -# Execute an arbitrary query/queries against the running Cassandra service -# Stdin: -# Query/queries to execute -# Globals: -# BITNAMI_DEBUG -# CASSANDRA_* -# Arguments: -# $1 - User to run queries -# $2 - Password -# $3 - Keyspace -# $4 - Host (default: localhost) -# $5 - Extra flags -# Returns: -# None -####################### -cassandra_execute() { - local -r user="${1:-$CASSANDRA_USER}" - local -r pass="${2:-$CASSANDRA_PASSWORD}" - local -r keyspace="${3:-}" - local -r host="${4:-localhost}" - local -r extra_args="${5:-}" - local -r port="${CASSANDRA_CQL_PORT_NUMBER}" - local -r cmd=("${CASSANDRA_BIN_DIR}/cqlsh") - local args=("-u" "$user" "-p" "$pass") - - is_boolean_yes "$CASSANDRA_CLIENT_ENCRYPTION" && args+=("--ssl") - [[ -n "$keyspace" ]] && args+=("-k" "$keyspace") - if [[ -n "$extra_args" ]]; then - local extra_args_array=() - read -r -a extra_args_array <<<"$extra_args" - [[ "${#extra_args[@]}" -gt 0 ]] && args+=("${extra_args_array[@]}") - fi - args+=("$host") - args+=("$port") - if [[ "${BITNAMI_DEBUG}" = true ]]; then - local -r command="$(cat)" - debug "Executing CQL \"$command\"" - echo "$command" | "${cmd[@]}" "${args[@]}" - else - "${cmd[@]}" "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Execute an arbitrary query/queries against the running Cassandra service with retries (in case Cassandra is still initializing or performing consistency operations) -# Stdin: -# Query/queries to execute -# Globals: -# BITNAMI_DEBUG -# CASSANDRA_* -# Arguments: -# $1 - Maximum number of retries (default: $CASSANDRA_CQL_MAX_RETRIES) -# $2 - Sleep time between retries (default: $CASSANDRA_CQL_SLEEP_TIME) -# $3 - User to run queries -# $4 - Password -# $5 - Keyspace -# $6 - Host (default: localhost) -# $7 - Extra flags -# Returns: -# None -####################### -cassandra_execute_with_retries() { - local -r retries="${1:-$CASSANDRA_CQL_MAX_RETRIES}" - local -r sleep_time="${2:-$CASSANDRA_CQL_SLEEP_TIME}" - local -r user="${3:-$CASSANDRA_USER}" - local -r pass="${4:-$CASSANDRA_PASSWORD}" - local -r keyspace="${5:-}" - local -r host="${6:-localhost}" - local -r extra_args="${7:-}" - - local success=no - - # Get command from stdin as we will retry it several times - local -r command="$(cat)" - - for i in $(seq 1 "$retries"); do - if (echo "$command" | cassandra_execute "$user" "$pass" "$keyspace" "$host" "$extra_args"); then - success=yes - break - fi - sleep "$sleep_time" - done - if is_boolean_yes "$success"; then - true - else - error "CQL command failed $retries times" - false - fi -} - -######################## -# Wait until nodetool checks the node is ready -# Globals: -# BITNAMI_DEBUG -# CASSANDRA_* -# Arguments: -# $1 - Maximum number of retries (default $CASSANDRA_INIT_MAX_RETRIES) -# $2 - Sleep time during retries (default $CASSANDRA_INIT_SLEEP_TIME) -# Returns: -# None -######################### -wait_for_nodetool_up() { - local -r retries="${1:-$CASSANDRA_INIT_MAX_RETRIES}" - local -r sleep_time="${2:-$CASSANDRA_INIT_SLEEP_TIME}" - - debug "Checking status with nodetool" - - check_function_nodetool_node_ip() { - # Using legacy RMI URL parsing to avoid URISyntaxException: 'Malformed IPv6 address at index 7: rmi://[127.0.0.1]:7199' error - # https://community.datastax.com/questions/13764/java-version-for-cassandra-3113.html - local -r check_cmd=("${CASSANDRA_BIN_DIR}/nodetool" "-Dcom.sun.jndi.rmiURLParsing=legacy") - local -r check_args=("status" "--port" "$CASSANDRA_JMX_PORT_NUMBER") - local -r machine_ip="$(dns_lookup "${CASSANDRA_BROADCAST_ADDRESS:-$CASSANDRA_HOST}" "v4")" - local -r check_regex="UN\s*(${CASSANDRA_HOST}|${machine_ip}|127.0.0.1)" - - local output="/dev/null" - if [[ "$BITNAMI_DEBUG" = "true" ]]; then - output="/dev/stdout" - fi - - "${check_cmd[@]}" "${check_args[@]}" | grep -E "${check_regex}" >"${output}" - } - - check_function_nodetool_node_count() { - # Using legacy RMI URL parsing to avoid URISyntaxException: 'Malformed IPv6 address at index 7: rmi://[127.0.0.1]:7199' error - # https://community.datastax.com/questions/13764/java-version-for-cassandra-3113.html - local -r check_cmd=("${CASSANDRA_BIN_DIR}/nodetool" "-Dcom.sun.jndi.rmiURLParsing=legacy") - local -r check_args=("status" "--port" "$CASSANDRA_JMX_PORT_NUMBER") - local -r machine_ip="$(dns_lookup "${CASSANDRA_BROADCAST_ADDRESS:-$CASSANDRA_HOST}" "v4")" - local -r check_regex="UN\s*" - read -r -a host_list <<<"$(tr ',;' ' ' <<<"$CASSANDRA_NODES")" - local -r expected_node_count="${#host_list[@]}" - local actual_node_count - - local output="/dev/null" - if [[ "$BITNAMI_DEBUG" = "true" ]]; then - output="/dev/stdout" - fi - - actual_node_count=$("${check_cmd[@]}" "${check_args[@]}" | grep -c "${check_regex}" || true) - if [[ "$expected_node_count" != "$actual_node_count" ]]; then - false - fi - } - - if retry_while check_function_nodetool_node_ip "$retries" "$sleep_time"; then - info "Nodetool reported the successful startup of Cassandra" - true - else - error "Cassandra failed to start up" - if [[ "$BITNAMI_DEBUG" = "true" ]]; then - error "Nodetool output" - "${check_cmd[@]}" "${check_args[@]}" - fi - exit 1 - fi - - if [[ -n "$CASSANDRA_NODES" ]]; then - if retry_while check_function_nodetool_node_count "$retries" "$sleep_time"; then - info "All nodes reached the UN status (Up/Normal)" - true - else - error "Some nodes did not reach the UN status (Up/Normal)" - if [[ "$BITNAMI_DEBUG" = "true" ]]; then - error "Nodetool output" - "${check_cmd[@]}" "${check_args[@]}" - fi - exit 1 - fi - fi -} - -######################## -# Wait until the log file shows that CQL is ready -# Globals: -# BITNAMI_DEBUG -# CASSANDRA_* -# Arguments: -# $1 - Log file to check -# $1 - Maximum number of retries (default $CASSANDRA_INIT_MAX_RETRIES) -# $2 - Sleep time during retries (default $CASSANDRA_INIT_SLEEP_TIME) -# Returns: -# None -######################### -wait_for_cql_log_entry() { - local -r logger="${1:-/dev/stdout}" - local -r retries="${2:-$CASSANDRA_INIT_MAX_RETRIES}" - local -r sleep_time="${3:-$CASSANDRA_INIT_SLEEP_TIME}" - - debug "Checking that log $logger contains entry \"Starting listening for CQL clients\"" - - check_function_log_entry() { - local -r check_cmd=("cat") - local -r check_args=("$logger") - local -r check_regex="Starting listening for CQL clients" - - local output="/dev/null" - if [[ "$BITNAMI_DEBUG" = "true" ]]; then - output="/dev/stdout" - fi - "${check_cmd[@]}" "${check_args[@]}" | grep -E "${check_regex}" >"${output}" - } - - if retry_while check_function_log_entry "$retries" "$sleep_time"; then - info "Found CQL startup log line" - else - error "Cassandra failed to start up" - if [[ "$BITNAMI_DEBUG" = "true" ]]; then - error "Log content" - cat "$logger" - fi - exit 1 - fi -} - -######################## -# Poll until the CQL command DESCRIBE KEYSPACES works successfully -# Globals: -# CASSANDRA_* -# Arguments: -# 1 - Username (default: $CASSANDRA_USER) -# 2 - Password (default: $CASSANDRA_PASSWORD) -# 3 - Hostname (default: $CASSANDRA_HOST) -# 4 - Maximum number of retries (default: $CASSANDRA_CQL_MAX_RETRIES) -# 5 - Sleep time between retries (default: $CASSANDRA_CQL_SLEEP_TIME) -# Returns: -# None -######################### -wait_for_cql_access() { - local -r user="${1:-$CASSANDRA_USER}" - local -r password="${2:-$CASSANDRA_PASSWORD}" - local -r host="${3:-$CASSANDRA_HOST}" - local -r max_retries="${4:-$CASSANDRA_CQL_MAX_RETRIES}" - local -r sleep_time="${5:-$CASSANDRA_CQL_SLEEP_TIME}" - - info "Trying to access CQL server @ $host" - if (echo "DESCRIBE KEYSPACES" | cassandra_execute_with_retries "$max_retries" "$sleep_time" "$user" "$password" "" "$host"); then - info "Accessed CQL server successfully" - else - error "Could not access CQL server" - exit 1 - fi -} - -######################## -# Start Cassandra and wait until it is ready -# Globals: -# CASSANDRA_* -# Arguments: -# $1 - Log file to write (default /dev/stdout) -# $2 - Maximum number of retries (default $CASSANDRA_INIT_MAX_RETRIES) -# $3 - Sleep time during retries (default $CASSANDRA_INIT_SLEEP_TIME) -# Returns: -# None -######################### -cassandra_start_bg() { - local -r logger="${1:-/dev/stdout}" - local -r retries="${2:-$CASSANDRA_INIT_MAX_RETRIES}" - local -r sleep_time="${3:-$CASSANDRA_INIT_SLEEP_TIME}" - - info "Starting Cassandra" - local -r cmd=("$CASSANDRA_BIN_DIR/cassandra") - local -r args=("-p" "$CASSANDRA_PID_FILE" "-R" "-f") - - if am_i_root; then - run_as_user "$CASSANDRA_DAEMON_USER" "${cmd[@]}" "${args[@]}" >"$logger" 2>&1 & - else - "${cmd[@]}" "${args[@]}" >"$logger" 2>&1 & - fi - - # Even though we set the pid, cassandra is not creating the proper file, so we create it manually - echo $! >"$CASSANDRA_PID_FILE" - - info "Checking that it started up correctly" - - if [[ "$logger" != "/dev/stdout" ]]; then - am_i_root && chown "$CASSANDRA_DAEMON_USER":"$CASSANDRA_DAEMON_GROUP" "$logger" - wait_for_cql_log_entry "$logger" "$retries" "$sleep_time" - fi - wait_for_nodetool_up "$retries" "$sleep_time" -} - -######################## -# Stop Cassandra -# Globals: -# CASSANDRA_* -# Arguments: -# None -# Returns: -# None -######################### -cassandra_stop() { - ! is_cassandra_running && return - info "Stopping Cassandra..." - stop_cassandra() { - # Using legacy RMI URL parsing to avoid URISyntaxException: 'Malformed IPv6 address at index 7: rmi://[127.0.0.1]:7199' error - # https://community.datastax.com/questions/13764/java-version-for-cassandra-3113.html - "${CASSANDRA_BIN_DIR}/nodetool" "-Dcom.sun.jndi.rmiURLParsing=legacy" stopdaemon - is_cassandra_not_running - } - - if ! retry_while "stop_cassandra" "$CASSANDRA_INIT_MAX_RETRIES" "$CASSANDRA_INIT_SLEEP_TIME"; then - error "Cassandra failed to stop" - exit 1 - fi - # Manually remove PID file - rm -f "$CASSANDRA_PID_FILE" -} - -######################## -# Check if Cassandra is running -# Globals: -# CASSANDRA_* -# Arguments: -# None -# Returns: -# Boolean -######################### -is_cassandra_running() { - local -r pid="$(get_pid_from_file "$CASSANDRA_PID_FILE")" - - if [[ -z "$pid" ]]; then - false - else - is_service_running "$pid" - fi -} - -######################## -# Return true if cassandra is not running -# Globals: -# KONG_* -# Arguments: -# None -# Returns: -# None -######################### -is_cassandra_not_running() { - ! is_cassandra_running -} - -######################## -# Set a configuration setting value to a file -# Globals: -# None -# Arguments: -# $1 - file -# $2 - key -# $3 - values (array) -# Returns: -# None -######################### -cassandra_common_conf_set() { - local -r file="${1:?missing file}" - local -r key="${2:?missing key}" - shift 2 - local values=("$@") - - if [[ "${#values[@]}" -eq 0 ]]; then - stderr_print "missing value" - return 1 - elif [[ "${#values[@]}" -ne 1 ]]; then - for i in "${!values[@]}"; do - cassandra_common_conf_set "$file" "${key[$i]}" "${values[$i]}" - done - else - value="${values[0]}" - # Check if the value was set before - if grep -q "^[#\\s]*$key\s*=.*" "$file"; then - # Update the existing key - replace_in_file "$file" "^[#\\s]*${key}\s*=.*" "${key}=${value}" false - else - # Add a new key - printf '\n%s=%s' "$key" "$value" >>"$file" - fi - fi -} - -######################## -# Set a configuration setting value to cassandra-env.sh -# Globals: -# CASSANDRA_CONF_DIR -# Arguments: -# $1 - key -# $2 - values (array) -# Returns: -# None -######################### -cassandra_env_conf_set() { - cassandra_common_conf_set "${CASSANDRA_CONF_DIR}/cassandra-env.sh" "$@" -} - -######################## -# Set a configuration setting value to cassandra-rackdc.properties -# Globals: -# CASSANDRA_CONF_DIR -# Arguments: -# $1 - key -# $2 - values (array) -# Returns: -# None -######################### -cassandra_rackdc_conf_set() { - cassandra_common_conf_set "${CASSANDRA_CONF_DIR}/cassandra-rackdc.properties" "$@" -} - -######################## -# Set a configuration setting value to commitlog_archiving.properties -# Globals: -# CASSANDRA_CONF_DIR -# Arguments: -# $1 - key -# $2 - values (array) -# Returns: -# None -######################### -cassandra_commitlog_conf_set() { - cassandra_common_conf_set "${CASSANDRA_CONF_DIR}/commitlog_archiving.properties" "$@" -} - -######################## -# Configure Cassandra configuration files from environment variables -# Globals: -# CASSANDRA_* -# Arguments: -# None -# Returns: -# None -######################### -cassandra_setup_from_environment_variables() { - # Map environment variables to config properties for cassandra-env.sh - for var in "${!CASSANDRA_CFG_ENV_@}"; do - # shellcheck disable=SC2001 - key="$(echo "$var" | sed -e 's/^CASSANDRA_CFG_ENV_//g')" - value="${!var}" - cassandra_env_conf_set "$key" "$value" - done - # Map environment variables to config properties for cassandra-rackdc.properties - for var in "${!CASSANDRA_CFG_RACKDC_@}"; do - key="$(echo "$var" | sed -e 's/^CASSANDRA_CFG_RACKDC_//g' | tr '[:upper:]' '[:lower:]')" - value="${!var}" - cassandra_rackdc_conf_set "$key" "$value" - done - # Map environment variables to config properties for commitlog_archiving.properties - for var in "${!CASSANDRA_CFG_COMMITLOG_@}"; do - key="$(echo "$var" | sed -e 's/^CASSANDRA_CFG_COMMITLOG_//g' | tr '[:upper:]' '[:lower:]')" - value="${!var}" - cassandra_commitlog_conf_set "$key" "$value" - done -} - -######################## -# Find the path to the libjemalloc library file -# Globals: -# None -# Arguments: -# None -# Returns: -# Path to a libjemalloc shared object file -######################### -find_jemalloc_lib() { - local -a locations=("/usr/lib" "/usr/lib64") - local -r pattern='libjemalloc.so.[0-9]' - local path - for dir in "${locations[@]}"; do - # Find the first element matching the pattern and quit - [[ ! -d "$dir" ]] && continue - path="$(find "$dir" -name "$pattern" -print -quit)" - [[ -n "$path" ]] && break - done - echo "${path:-}" -} diff --git a/bitnami/cassandra/4.1/debian-11/tags-info.yaml b/bitnami/cassandra/4.1/debian-11/tags-info.yaml deleted file mode 100644 index 8a9623945e59..000000000000 --- a/bitnami/cassandra/4.1/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "4.1" -- 4.1-debian-11 -- 4.1.4 -- latest diff --git a/bitnami/cert-manager-webhook/1/debian-11/Dockerfile b/bitnami/cert-manager-webhook/1/debian-11/Dockerfile deleted file mode 100644 index 52673ea7e05a..000000000000 --- a/bitnami/cert-manager-webhook/1/debian-11/Dockerfile +++ /dev/null @@ -1,52 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T22:34:09Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.14.2-debian-11-r19" \ - org.opencontainers.image.title="cert-manager-webhook" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="1.14.2" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "cert-manager-webhook-1.14.2-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="1.14.2" \ - BITNAMI_APP_NAME="cert-manager-webhook" \ - PATH="/opt/bitnami/cert-manager-webhook/bin:$PATH" - -WORKDIR /opt/bitnami/cert-manager-webhook -USER 1001 -ENTRYPOINT [ "/opt/bitnami/cert-manager-webhook/bin/cert-manager-webhook" ] diff --git a/bitnami/cert-manager-webhook/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/cert-manager-webhook/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index c59453923016..000000000000 --- a/bitnami/cert-manager-webhook/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "cert-manager-webhook": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.14.2-1" - } -} \ No newline at end of file diff --git a/bitnami/cert-manager-webhook/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/cert-manager-webhook/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/cert-manager-webhook/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/cert-manager-webhook/1/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/cert-manager-webhook/1/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/cert-manager-webhook/1/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/cert-manager-webhook/1/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/cert-manager-webhook/1/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/cert-manager-webhook/1/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/cert-manager-webhook/1/debian-11/tags-info.yaml b/bitnami/cert-manager-webhook/1/debian-11/tags-info.yaml deleted file mode 100644 index 0df37b435b01..000000000000 --- a/bitnami/cert-manager-webhook/1/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "1" -- 1-debian-11 -- 1.14.2 -- latest diff --git a/bitnami/cert-manager/1/debian-11/Dockerfile b/bitnami/cert-manager/1/debian-11/Dockerfile deleted file mode 100644 index 9786e5dd9992..000000000000 --- a/bitnami/cert-manager/1/debian-11/Dockerfile +++ /dev/null @@ -1,52 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T22:43:29Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.14.2-debian-11-r19" \ - org.opencontainers.image.title="cert-manager" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="1.14.2" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "cert-manager-1.14.2-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="1.14.2" \ - BITNAMI_APP_NAME="cert-manager" \ - PATH="/opt/bitnami/cert-manager/bin:$PATH" - -WORKDIR /opt/bitnami/cert-manager -USER 1001 -ENTRYPOINT [ "/opt/bitnami/cert-manager/bin/cert-manager" ] diff --git a/bitnami/cert-manager/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/cert-manager/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index cc0fa50d0228..000000000000 --- a/bitnami/cert-manager/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "cert-manager": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.14.2-1" - } -} \ No newline at end of file diff --git a/bitnami/cert-manager/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/cert-manager/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/cert-manager/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/cert-manager/1/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/cert-manager/1/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/cert-manager/1/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/cert-manager/1/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/cert-manager/1/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/cert-manager/1/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/cert-manager/1/debian-11/tags-info.yaml b/bitnami/cert-manager/1/debian-11/tags-info.yaml deleted file mode 100644 index 0df37b435b01..000000000000 --- a/bitnami/cert-manager/1/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "1" -- 1-debian-11 -- 1.14.2 -- latest diff --git a/bitnami/clickhouse/23.3/debian-11/Dockerfile b/bitnami/clickhouse/23.3/debian-11/Dockerfile deleted file mode 100644 index 4bbec3430d9e..000000000000 --- a/bitnami/clickhouse/23.3/debian-11/Dockerfile +++ /dev/null @@ -1,57 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T22:46:25Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="23.3.19-debian-11-r25" \ - org.opencontainers.image.title="clickhouse" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="23.3.19" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps xmlstarlet -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "clickhouse-23.3.19-2-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/clickhouse/postunpack.sh -ENV APP_VERSION="23.3.19" \ - BITNAMI_APP_NAME="clickhouse" \ - PATH="/opt/bitnami/clickhouse/bin:/opt/bitnami/common/bin:$PATH" \ - clickhouseCTL_API="3" - -EXPOSE 8123 9000 9004 9005 9009 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/clickhouse/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/clickhouse/run.sh", "--", "--listen_host=0.0.0.0" ] diff --git a/bitnami/clickhouse/23.3/debian-11/docker-compose.yml b/bitnami/clickhouse/23.3/debian-11/docker-compose.yml deleted file mode 100644 index bffef93d6252..000000000000 --- a/bitnami/clickhouse/23.3/debian-11/docker-compose.yml +++ /dev/null @@ -1,16 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' -services: - clickhouse: - image: docker.io/bitnami/clickhouse:23.3 - environment: - - ALLOW_EMPTY_PASSWORD=yes - ports: - - '8123:8123' - volumes: - - clickhouse_data:/bitnami/clickhouse -volumes: - clickhouse_data: - driver: local diff --git a/bitnami/clickhouse/23.3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/clickhouse/23.3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 84876451e502..000000000000 --- a/bitnami/clickhouse/23.3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "clickhouse": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "23.3.19-2" - } -} \ No newline at end of file diff --git a/bitnami/clickhouse/23.3/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/clickhouse/23.3/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/clickhouse/23.3/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/clickhouse/23.3/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/clickhouse/23.3/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/clickhouse/23.3/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/clickhouse/23.3/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/clickhouse/23.3/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/clickhouse/23.3/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/clickhouse/23.3/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/clickhouse/23.3/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/clickhouse/23.3/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/clickhouse/23.3/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/clickhouse/23.3/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/clickhouse/23.3/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/clickhouse/23.3/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/clickhouse/23.3/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/clickhouse/23.3/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/clickhouse/23.3/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/clickhouse/23.3/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/clickhouse/23.3/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/clickhouse/23.3/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/clickhouse/23.3/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/clickhouse/23.3/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/clickhouse/23.3/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/clickhouse/23.3/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/clickhouse/23.3/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/clickhouse/23.3/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/clickhouse/23.3/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/clickhouse/23.3/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/clickhouse/23.3/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/clickhouse/23.3/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/clickhouse/23.3/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/clickhouse/23.3/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/clickhouse/23.3/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/clickhouse/23.3/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/clickhouse/23.3/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/clickhouse/23.3/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/clickhouse/23.3/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/clickhouse/23.3/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/clickhouse/23.3/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/clickhouse/23.3/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/clickhouse/23.3/debian-11/rootfs/opt/bitnami/scripts/clickhouse-env.sh b/bitnami/clickhouse/23.3/debian-11/rootfs/opt/bitnami/scripts/clickhouse-env.sh deleted file mode 100644 index 4d8154d88637..000000000000 --- a/bitnami/clickhouse/23.3/debian-11/rootfs/opt/bitnami/scripts/clickhouse-env.sh +++ /dev/null @@ -1,83 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for clickhouse - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-clickhouse}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -clickhouse_env_vars=( - ALLOW_EMPTY_PASSWORD - CLICKHOUSE_ADMIN_USER - CLICKHOUSE_ADMIN_PASSWORD - CLICKHOUSE_HTTP_PORT - CLICKHOUSE_TCP_PORT - CLICKHOUSE_MYSQL_PORT - CLICKHOUSE_POSTGRESQL_PORT - CLICKHOUSE_INTERSERVER_HTTP_PORT - CLICKHOUSE_USER - CLICKHOUSE_PASSWORD -) -for env_var in "${clickhouse_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset clickhouse_env_vars - -# Paths -export CLICKHOUSE_BASE_DIR="${BITNAMI_ROOT_DIR}/clickhouse" -export CLICKHOUSE_VOLUME_DIR="/bitnami/clickhouse" -export CLICKHOUSE_CONF_DIR="${CLICKHOUSE_BASE_DIR}/etc" -export CLICKHOUSE_DEFAULT_CONF_DIR="${CLICKHOUSE_BASE_DIR}/etc.default" -export CLICKHOUSE_MOUNTED_CONF_DIR="${CLICKHOUSE_VOLUME_DIR}/etc" -export CLICKHOUSE_DATA_DIR="${CLICKHOUSE_VOLUME_DIR}/data" -export CLICKHOUSE_LOG_DIR="${CLICKHOUSE_BASE_DIR}/logs" -export CLICKHOUSE_CONF_FILE="${CLICKHOUSE_CONF_DIR}/config.xml" -export CLICKHOUSE_LOG_FILE="${CLICKHOUSE_LOG_DIR}/clickhouse.log" -export CLICKHOUSE_ERROR_LOG_FILE="${CLICKHOUSE_LOG_DIR}/clickhouse_error.log" -export CLICKHOUSE_TMP_DIR="${CLICKHOUSE_BASE_DIR}/tmp" -export CLICKHOUSE_PID_FILE="${CLICKHOUSE_TMP_DIR}/clickhouse.pid" -export CLICKHOUSE_INITSCRIPTS_DIR="/docker-entrypoint-initdb.d" - -# ClickHouse configuration parameters -export ALLOW_EMPTY_PASSWORD="${ALLOW_EMPTY_PASSWORD:-no}" -CLICKHOUSE_ADMIN_USER="${CLICKHOUSE_ADMIN_USER:-"${CLICKHOUSE_USER:-}"}" -export CLICKHOUSE_ADMIN_USER="${CLICKHOUSE_ADMIN_USER:-default}" -CLICKHOUSE_ADMIN_PASSWORD="${CLICKHOUSE_ADMIN_PASSWORD:-"${CLICKHOUSE_PASSWORD:-}"}" -export CLICKHOUSE_ADMIN_PASSWORD="${CLICKHOUSE_ADMIN_PASSWORD:-}" -export CLICKHOUSE_HTTP_PORT="${CLICKHOUSE_HTTP_PORT:-8123}" -export CLICKHOUSE_TCP_PORT="${CLICKHOUSE_TCP_PORT:-9000}" -export CLICKHOUSE_MYSQL_PORT="${CLICKHOUSE_MYSQL_PORT:-9004}" -export CLICKHOUSE_POSTGRESQL_PORT="${CLICKHOUSE_POSTGRESQL_PORT:-9005}" -export CLICKHOUSE_INTERSERVER_HTTP_PORT="${CLICKHOUSE_INTERSERVER_HTTP_PORT:-9009}" - -# ClickHouse system parameters -export CLICKHOUSE_DAEMON_USER="clickhouse" -export CLICKHOUSE_DAEMON_GROUP="clickhouse" -export PATH="${CLICKHOUSE_BASE_DIR}/bin:${BITNAMI_ROOT_DIR}/common/bin:$PATH" - -# Custom environment variables may be defined below diff --git a/bitnami/clickhouse/23.3/debian-11/rootfs/opt/bitnami/scripts/clickhouse/entrypoint.sh b/bitnami/clickhouse/23.3/debian-11/rootfs/opt/bitnami/scripts/clickhouse/entrypoint.sh deleted file mode 100755 index bdfeae779b2b..000000000000 --- a/bitnami/clickhouse/23.3/debian-11/rootfs/opt/bitnami/scripts/clickhouse/entrypoint.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -# Load ClickHouse environment variables -. /opt/bitnami/scripts/clickhouse-env.sh - -print_welcome_page - -# We add the copy from default config in the entrypoint to not break users -# bypassing the setup.sh logic. If the file already exists do not overwrite (in -# case someone mounts a configuration file in /opt/bitnami/clickhouse/etc) -debug "Copying files from $CLICKHOUSE_DEFAULT_CONF_DIR to $CLICKHOUSE_CONF_DIR" -cp -nr "$CLICKHOUSE_DEFAULT_CONF_DIR"/. "$CLICKHOUSE_CONF_DIR" - -if [[ "$1" = "/opt/bitnami/scripts/clickhouse/run.sh" ]]; then - info "** Starting ClickHouse setup **" - /opt/bitnami/scripts/clickhouse/setup.sh - info "** ClickHouse setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/clickhouse/23.3/debian-11/rootfs/opt/bitnami/scripts/clickhouse/postunpack.sh b/bitnami/clickhouse/23.3/debian-11/rootfs/opt/bitnami/scripts/clickhouse/postunpack.sh deleted file mode 100755 index c097a84005ea..000000000000 --- a/bitnami/clickhouse/23.3/debian-11/rootfs/opt/bitnami/scripts/clickhouse/postunpack.sh +++ /dev/null @@ -1,84 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libclickhouse.sh - -# Load ClickHouse environment variables -. /opt/bitnami/scripts/clickhouse-env.sh - -# System User -ensure_user_exists "$CLICKHOUSE_DAEMON_USER" --group "$CLICKHOUSE_DAEMON_GROUP" --system - -# Create directories -for dir in "$CLICKHOUSE_DATA_DIR" "$CLICKHOUSE_CONF_DIR" "${CLICKHOUSE_CONF_DIR}/conf.d" "${CLICKHOUSE_CONF_DIR}/users.d" "$CLICKHOUSE_DEFAULT_CONF_DIR" "$CLICKHOUSE_LOG_DIR" "$CLICKHOUSE_TMP_DIR" "$CLICKHOUSE_MOUNTED_CONF_DIR" "/docker-entrypoint-startdb.d" "/docker-entrypoint-initdb.d"; do - ensure_dir_exists "$dir" - configure_permissions_ownership "$dir" -d "775" -f "664" -u "$CLICKHOUSE_DAEMON_USER" -g "root" -done - -# Set default settings in the configuration file - -# Delete default cluster configurations (it contains example configurations that adds noise) and add an empty one -xmlstarlet ed -L -d "/clickhouse/remote_servers" "$CLICKHOUSE_CONF_FILE" - -# Set paths -clickhouse_conf_set "/clickhouse/path" "$CLICKHOUSE_DATA_DIR" -clickhouse_conf_set "/clickhouse/logger/log" "$CLICKHOUSE_LOG_FILE" -clickhouse_conf_set "/clickhouse/logger/errorlog" "$CLICKHOUSE_ERROR_LOG_FILE" - -# ClickHouse allow making settings point to environment variables. This change -# will simplify the container logic substantially because we won't need to modify -# the xml files at runtime -# Source: https://clickhouse.com/docs/en/operations/server-configuration-parameters/settings/ -env_vars_mapping=( - "http_port=CLICKHOUSE_HTTP_PORT" - "tcp_port=CLICKHOUSE_TCP_PORT" - "mysql_port=CLICKHOUSE_MYSQL_PORT" - "postgresql_port=CLICKHOUSE_POSTGRESQL_PORT" - "interserver_http_port=CLICKHOUSE_INTERSERVER_HTTP_PORT" -) - -for pair in "${env_vars_mapping[@]}"; do - setting="${pair%=*}" - env_var="${pair#*=}" - # Delete the existing node - xmlstarlet ed -L -d "/clickhouse/${setting}" "$CLICKHOUSE_CONF_FILE" - # Recreate the node so it has the following structure - # - clickhouse_conf_set "/clickhouse/${setting}" - xmlstarlet ed -L --insert "/clickhouse/${setting}" -type attr -n "from_env" -v "${env_var}" "$CLICKHOUSE_CONF_FILE" -done - -# Set default password to point to the CLICKHOUSE_ADMIN_PASSWORD variable -xmlstarlet ed -L --insert "/clickhouse/users/default/password" -type attr -n "from_env" -v "CLICKHOUSE_ADMIN_PASSWORD" "${CLICKHOUSE_CONF_DIR}/users.xml" - -# Add symlinks to the default paths to make a similar UX as the upstream ClickHouse configuration -# https://github.com/ClickHouse/ClickHouse/blob/master/programs/server/config.xml -ln -s "$CLICKHOUSE_DATA_DIR" "/var/lib/clickhouse" -ln -s "$CLICKHOUSE_CONF_DIR" "/etc/clickhouse-server" -ln -s "$CLICKHOUSE_LOG_DIR" "/var/log/clickhouse-server" -ln -s "$CLICKHOUSE_TMP_DIR" "/var/lib/clickhouse/tmp" - -ln -s /dev/stdout "$CLICKHOUSE_LOG_FILE" -ln -s /dev/stderr "$CLICKHOUSE_ERROR_LOG_FILE" - -touch /.clickhouse-client-history -chmod g+rw /.clickhouse-client-history - -# Set logging to console -xmlstarlet ed -L -d "/clickhouse/logger/log" "$CLICKHOUSE_CONF_FILE" -xmlstarlet ed -L -d "/clickhouse/logger/errorlog" "$CLICKHOUSE_CONF_FILE" -clickhouse_conf_set "/clickhouse/logger/console" "1" - -# Copy all initially generated configuration files to the default directory -# (this is to avoid breaking when entrypoint is being overridden) -cp -r "${CLICKHOUSE_CONF_DIR}/"* "$CLICKHOUSE_DEFAULT_CONF_DIR" \ No newline at end of file diff --git a/bitnami/clickhouse/23.3/debian-11/rootfs/opt/bitnami/scripts/clickhouse/run.sh b/bitnami/clickhouse/23.3/debian-11/rootfs/opt/bitnami/scripts/clickhouse/run.sh deleted file mode 100755 index be327f2bdc28..000000000000 --- a/bitnami/clickhouse/23.3/debian-11/rootfs/opt/bitnami/scripts/clickhouse/run.sh +++ /dev/null @@ -1,30 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libclickhouse.sh - -# Load ClickHouse environment variables -. /opt/bitnami/scripts/clickhouse-env.sh - -declare -a cmd=("${CLICKHOUSE_BASE_DIR}/bin/clickhouse-server") -declare -a args=("--config-file=${CLICKHOUSE_CONF_FILE}" "--pid-file=${CLICKHOUSE_PID_FILE}") -args+=("$@") - -info "** Starting ClickHouse **" -if am_i_root; then - exec_as_user "$CLICKHOUSE_DAEMON_USER" "${cmd[@]}" "${args[@]}" -else - exec "${cmd[@]}" "${args[@]}" -fi diff --git a/bitnami/clickhouse/23.3/debian-11/rootfs/opt/bitnami/scripts/clickhouse/setup.sh b/bitnami/clickhouse/23.3/debian-11/rootfs/opt/bitnami/scripts/clickhouse/setup.sh deleted file mode 100755 index 89328840b4f7..000000000000 --- a/bitnami/clickhouse/23.3/debian-11/rootfs/opt/bitnami/scripts/clickhouse/setup.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libclickhouse.sh - -# Load ClickHouse environment settings -. /opt/bitnami/scripts/clickhouse-env.sh - -# Ensure ClickHouse environment settings are valid -clickhouse_validate -# Ensure ClickHouse is stopped when this script ends. -trap "clickhouse_stop" EXIT -# Ensure 'daemon' user exists when running as 'root' -am_i_root && ensure_user_exists "$CLICKHOUSE_DAEMON_USER" --group "$CLICKHOUSE_DAEMON_GROUP" -# Ensure is initialized -clickhouse_initialize -# Allow running custom initialization scripts -clickhouse_custom_scripts 'init' -# Allow running custom start scripts -clickhouse_custom_scripts 'start' -# Stop ClickHouse before flagging it as fully initialized. -# Relying only on the trap defined above could produce a race condition. -clickhouse_stop diff --git a/bitnami/clickhouse/23.3/debian-11/rootfs/opt/bitnami/scripts/libclickhouse.sh b/bitnami/clickhouse/23.3/debian-11/rootfs/opt/bitnami/scripts/libclickhouse.sh deleted file mode 100644 index 851811ba771c..000000000000 --- a/bitnami/clickhouse/23.3/debian-11/rootfs/opt/bitnami/scripts/libclickhouse.sh +++ /dev/null @@ -1,284 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami ClickHouse library - -# shellcheck disable=SC1090 -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libservice.sh - -######################## -# Validate settings in CLICKHOUSE_* env vars -# Globals: -# CLICKHOUSE_* -# Arguments: -# None -# Returns: -# 0 if the validation succeeded, 1 otherwise -######################### -clickhouse_validate() { - debug "Validating settings in CLICKHOUSE_* environment variables..." - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - check_empty_value() { - if is_empty_value "${!1}"; then - print_validation_error "${1} must be set" - fi - } - check_valid_port() { - local port_var="${1:?missing port variable}" - local err - if ! err="$(validate_port "${!port_var}")"; then - print_validation_error "An invalid port was specified in the environment variable ${port_var}: ${err}." - fi - } - - # Validate user inputs - ! is_empty_value "$CLICKHOUSE_HTTP_PORT" && check_valid_port "CLICKHOUSE_HTTP_PORT" - ! is_empty_value "$CLICKHOUSE_TCP_PORT" && check_valid_port "CLICKHOUSE_TCP_PORT" - ! is_empty_value "$CLICKHOUSE_MYSQL_PORT" && check_valid_port "CLICKHOUSE_MYSQL_PORT" - ! is_empty_value "$CLICKHOUSE_POSTGRESQL_PORT" && check_valid_port "CLICKHOUSE_POSTGRESQL_PORT" - ! is_empty_value "$CLICKHOUSE_INTERSERVER_HTTP_PORT" && check_valid_port "CLICKHOUSE_INTERSERVER_HTTP_PORT" - - # Validate credentials - if is_boolean_yes "${ALLOW_EMPTY_PASSWORD:-}"; then - warn "You set the environment variable ALLOW_EMPTY_PASSWORD=${ALLOW_EMPTY_PASSWORD:-}. For safety reasons, do not use this flag in a production environment." - elif is_empty_value "$CLICKHOUSE_ADMIN_PASSWORD"; then - print_validation_error "The CLICKHOUSE_ADMIN_PASSWORD environment variable is empty or not set. Set the environment variable ALLOW_EMPTY_PASSWORD=yes to allow a blank password. This is only recommended for development environments." - fi - - return "$error_code" -} - -######################## -# Copy configuration from the mounted folder to the etc folder -# In charts mounting directly in the configuration folder would not -# allow the use of multiple ConfigMaps and Secrets -# Globals: -# CLICKHOUSE_* -# Arguments: -# None -# Returns: -# None -######################### -clickhouse_copy_mounted_configuration() { - if [[ -w "$CLICKHOUSE_CONF_DIR" ]]; then - if ! is_mounted_dir_empty "$CLICKHOUSE_MOUNTED_CONF_DIR"; then - info "Copying mounted configuration from $CLICKHOUSE_MOUNTED_CONF_DIR" - # Copy first the files at the base of the mounted folder to go to ClickHouse - # base etc folder - find "$CLICKHOUSE_MOUNTED_CONF_DIR" -maxdepth 1 \( -type f -o -type l \) -exec cp -L {} "$CLICKHOUSE_CONF_DIR" \; - - # The ClickHouse override directories (etc/conf.d and etc/users.d) do not support subfolders. That means we cannot - # copy directly with cp -RL because we need all override xml files to have at the root of these subfolders. In the helm - # chart we want to allow overrides from different ConfigMaps and Secrets so we need to use the find command - if [[ -d "${CLICKHOUSE_MOUNTED_CONF_DIR}/conf.d" ]]; then - find "${CLICKHOUSE_MOUNTED_CONF_DIR}/conf.d" \( -type f -o -type l \) -exec cp -L {} "${CLICKHOUSE_CONF_DIR}/conf.d" \; - fi - if [[ -d "${CLICKHOUSE_MOUNTED_CONF_DIR}/users.d" ]]; then - find "${CLICKHOUSE_MOUNTED_CONF_DIR}/users.d" \( -type f -o -type l \) -exec cp -L {} "${CLICKHOUSE_CONF_DIR}/users.d" \; - fi - fi - else - warn "The folder $CLICKHOUSE_CONF_DIR is not writable. This is likely because a read-only filesystem was mounted in that folder. Using $CLICKHOUSE_MOUNTED_DIR is recommended" - fi -} - -######################## -# Add or modify an entry in the ClickHouse configuration file -# Globals: -# CLICKHOUSE_* -# Arguments: -# $1 - XPath expression -# $2 - Value to assign to the variable -# $3 - Configuration file -# Returns: -# None -######################### -clickhouse_conf_set() { - local -r xpath="${1:?key missing}" - # We allow empty values - local -r value="${2:-}" - local -r config_file="${3:-$CLICKHOUSE_CONF_FILE}" - debug "Setting ${xpath} to '${value}' in ClickHouse configuration file $config_file" - # Check if the entry exists in the XML file - if xmlstarlet --quiet sel -t -v "$xpath" "$config_file"; then - # Base case - # It exists, so replace the entry - if ! is_empty_value "$value"; then - xmlstarlet ed -L -u "$xpath" -v "$value" "$config_file" - fi - else - # It does not exist, so add the subnode - local -r parentNode="$(dirname "$xpath")" - local -r newNode="$(basename "$xpath")" - # Recursive call to add parent nodes - clickhouse_conf_set "$parentNode" - if is_empty_value "$value"; then - xmlstarlet ed -L --subnode "${parentNode}" -t "elem" -n "${newNode}" "$config_file" - else - xmlstarlet ed -L --subnode "${parentNode}" -t "elem" -n "${newNode}" -v "$value" "$config_file" - fi - fi -} - -######################## -# Check if ClickHouse daemon is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_clickhouse_running() { - pid="$(get_pid_from_file "$CLICKHOUSE_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if ClickHouse daemon is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_clickhouse_not_running() { - ! is_clickhouse_running -} - -######################## -# Stop ClickHouse daemons -# Arguments: -# None -# Returns: -# None -######################### -clickhouse_stop() { - ! is_clickhouse_running && return - stop_service_using_pid "$CLICKHOUSE_PID_FILE" -} - -######################## -# Initialize ClickHouse -# Arguments: -# None -# Returns: -# None -######################### -clickhouse_initialize() { - # Logic based on the upstream ClickHouse container - # For the container itself we keep the logic simple. In the helm chart we rely on the mounting of configuration files with overrides - # Source: https://github.com/ClickHouse/ClickHouse/blob/master/docker/server/entrypoint.sh - - # This fixes an issue where the trap would kill the entrypoint.sh, if a PID was left over from a previous run - # Exec replaces the process without creating a new one, and when the container is restarted it may have the same PID - rm -f "$CLICKHOUSE_PID_FILE" - - clickhouse_copy_mounted_configuration - if [[ "$CLICKHOUSE_ADMIN_USER" != "default" ]]; then - # If we need to set an admin user different from default, we create a configuration override - local -r admin_user_override="${CLICKHOUSE_CONF_DIR}/users.d/__bitnami_default_user.xml" - cat <"${admin_user_override}" - - - - - - - - <${CLICKHOUSE_ADMIN_USER}> - default - - - ::/0 - - default - 1 - - - -EOF - fi - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Start ClickHouse daemon -# Arguments: -# $1 - Log file to check the startup message -# Returns: -# None -######################### -clickhouse_start_bg() { - local -r log_file="${1:-$CLICKHOUSE_LOG_FILE}" - info "Starting ClickHouse in background" - is_clickhouse_running && return - # This function is meant to be called for internal operations like the init scripts - local -r cmd=("${CLICKHOUSE_BASE_DIR}/bin/clickhouse-server") - local -r args=("--config-file=${CLICKHOUSE_CONF_FILE}" "--pid-file=${CLICKHOUSE_PID_FILE}" "--" "--listen_host=127.0.0.1") - if am_i_root; then - run_as_user "$CLICKHOUSE_DAEMON_USER" "${cmd[@]}" "${args[@]}" >"$log_file" 2>&1 & - else - "${cmd[@]}" "${args[@]}" >"$log_file" 2>&1 & - fi - if ! retry_while is_clickhouse_running; then - error "ClickHouse failed to start" - exit 1 - fi - wait_for_log_entry "Application: Ready for connections" "$log_file" - info "ClickHouse started successfully" -} - -######################## -# Run custom scripts -# Globals: -# CLICKHOUSE_* -# Arguments: -# $1 - 'init' or 'start' ('init' runs on first container start, 'start' runs everytime the container starts) -# Returns: -# None -######################### -clickhouse_custom_scripts() { - if [[ -n $(find /docker-entrypoint-"$1"db.d/ -type f -regex ".*\.sh") ]] && { [[ ! -f "$CLICKHOUSE_DATA_DIR/.user_scripts_initialized" ]] || [[ $1 == start ]]; }; then - clickhouse_start_bg "$CLICKHOUSE_LOG_DIR/clickhouse_init_scripts.log" - info "Loading user's custom files from /docker-entrypoint-$1db.d" - for f in /docker-entrypoint-"$1"db.d/*; do - debug "Executing $f" - case "$f" in - *.sh) - if [[ -x "$f" ]]; then - if ! "$f"; then - error "Failed executing $f" - return 1 - fi - else - warn "Sourcing $f as it is not executable by the current user, any error may cause initialization to fail" - . "$f" - fi - ;; - *) - warn "Skipping $f, supported formats are: .sh" - ;; - esac - done - touch "${CLICKHOUSE_DATA_DIR}/.user_scripts_initialized" - fi -} diff --git a/bitnami/clickhouse/23.3/debian-11/tags-info.yaml b/bitnami/clickhouse/23.3/debian-11/tags-info.yaml deleted file mode 100644 index 907670174121..000000000000 --- a/bitnami/clickhouse/23.3/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "23.3" -- 23.3-debian-11 -- 23.3.19 diff --git a/bitnami/clickhouse/23.8/debian-11/Dockerfile b/bitnami/clickhouse/23.8/debian-11/Dockerfile deleted file mode 100644 index cc445a7bf9e7..000000000000 --- a/bitnami/clickhouse/23.8/debian-11/Dockerfile +++ /dev/null @@ -1,57 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T22:48:56Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="23.8.9-debian-11-r25" \ - org.opencontainers.image.title="clickhouse" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="23.8.9" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps xmlstarlet -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "clickhouse-23.8.9-2-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/clickhouse/postunpack.sh -ENV APP_VERSION="23.8.9" \ - BITNAMI_APP_NAME="clickhouse" \ - PATH="/opt/bitnami/clickhouse/bin:/opt/bitnami/common/bin:$PATH" \ - clickhouseCTL_API="3" - -EXPOSE 8123 9000 9004 9005 9009 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/clickhouse/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/clickhouse/run.sh", "--", "--listen_host=0.0.0.0" ] diff --git a/bitnami/clickhouse/23.8/debian-11/docker-compose.yml b/bitnami/clickhouse/23.8/debian-11/docker-compose.yml deleted file mode 100644 index 5b0f2b3be77c..000000000000 --- a/bitnami/clickhouse/23.8/debian-11/docker-compose.yml +++ /dev/null @@ -1,16 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' -services: - clickhouse: - image: docker.io/bitnami/clickhouse:23.8 - environment: - - ALLOW_EMPTY_PASSWORD=yes - ports: - - '8123:8123' - volumes: - - clickhouse_data:/bitnami/clickhouse -volumes: - clickhouse_data: - driver: local diff --git a/bitnami/clickhouse/23.8/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/clickhouse/23.8/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 78e36850f262..000000000000 --- a/bitnami/clickhouse/23.8/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "clickhouse": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "23.8.9-2" - } -} \ No newline at end of file diff --git a/bitnami/clickhouse/23.8/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/clickhouse/23.8/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/clickhouse/23.8/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/clickhouse/23.8/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/clickhouse/23.8/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/clickhouse/23.8/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/clickhouse/23.8/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/clickhouse/23.8/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/clickhouse/23.8/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/clickhouse/23.8/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/clickhouse/23.8/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/clickhouse/23.8/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/clickhouse/23.8/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/clickhouse/23.8/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/clickhouse/23.8/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/clickhouse/23.8/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/clickhouse/23.8/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/clickhouse/23.8/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/clickhouse/23.8/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/clickhouse/23.8/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/clickhouse/23.8/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/clickhouse/23.8/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/clickhouse/23.8/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/clickhouse/23.8/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/clickhouse/23.8/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/clickhouse/23.8/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/clickhouse/23.8/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/clickhouse/23.8/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/clickhouse/23.8/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/clickhouse/23.8/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/clickhouse/23.8/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/clickhouse/23.8/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/clickhouse/23.8/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/clickhouse/23.8/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/clickhouse/23.8/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/clickhouse/23.8/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/clickhouse/23.8/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/clickhouse/23.8/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/clickhouse/23.8/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/clickhouse/23.8/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/clickhouse/23.8/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/clickhouse/23.8/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/clickhouse/23.8/debian-11/rootfs/opt/bitnami/scripts/clickhouse-env.sh b/bitnami/clickhouse/23.8/debian-11/rootfs/opt/bitnami/scripts/clickhouse-env.sh deleted file mode 100644 index 4d8154d88637..000000000000 --- a/bitnami/clickhouse/23.8/debian-11/rootfs/opt/bitnami/scripts/clickhouse-env.sh +++ /dev/null @@ -1,83 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for clickhouse - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-clickhouse}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -clickhouse_env_vars=( - ALLOW_EMPTY_PASSWORD - CLICKHOUSE_ADMIN_USER - CLICKHOUSE_ADMIN_PASSWORD - CLICKHOUSE_HTTP_PORT - CLICKHOUSE_TCP_PORT - CLICKHOUSE_MYSQL_PORT - CLICKHOUSE_POSTGRESQL_PORT - CLICKHOUSE_INTERSERVER_HTTP_PORT - CLICKHOUSE_USER - CLICKHOUSE_PASSWORD -) -for env_var in "${clickhouse_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset clickhouse_env_vars - -# Paths -export CLICKHOUSE_BASE_DIR="${BITNAMI_ROOT_DIR}/clickhouse" -export CLICKHOUSE_VOLUME_DIR="/bitnami/clickhouse" -export CLICKHOUSE_CONF_DIR="${CLICKHOUSE_BASE_DIR}/etc" -export CLICKHOUSE_DEFAULT_CONF_DIR="${CLICKHOUSE_BASE_DIR}/etc.default" -export CLICKHOUSE_MOUNTED_CONF_DIR="${CLICKHOUSE_VOLUME_DIR}/etc" -export CLICKHOUSE_DATA_DIR="${CLICKHOUSE_VOLUME_DIR}/data" -export CLICKHOUSE_LOG_DIR="${CLICKHOUSE_BASE_DIR}/logs" -export CLICKHOUSE_CONF_FILE="${CLICKHOUSE_CONF_DIR}/config.xml" -export CLICKHOUSE_LOG_FILE="${CLICKHOUSE_LOG_DIR}/clickhouse.log" -export CLICKHOUSE_ERROR_LOG_FILE="${CLICKHOUSE_LOG_DIR}/clickhouse_error.log" -export CLICKHOUSE_TMP_DIR="${CLICKHOUSE_BASE_DIR}/tmp" -export CLICKHOUSE_PID_FILE="${CLICKHOUSE_TMP_DIR}/clickhouse.pid" -export CLICKHOUSE_INITSCRIPTS_DIR="/docker-entrypoint-initdb.d" - -# ClickHouse configuration parameters -export ALLOW_EMPTY_PASSWORD="${ALLOW_EMPTY_PASSWORD:-no}" -CLICKHOUSE_ADMIN_USER="${CLICKHOUSE_ADMIN_USER:-"${CLICKHOUSE_USER:-}"}" -export CLICKHOUSE_ADMIN_USER="${CLICKHOUSE_ADMIN_USER:-default}" -CLICKHOUSE_ADMIN_PASSWORD="${CLICKHOUSE_ADMIN_PASSWORD:-"${CLICKHOUSE_PASSWORD:-}"}" -export CLICKHOUSE_ADMIN_PASSWORD="${CLICKHOUSE_ADMIN_PASSWORD:-}" -export CLICKHOUSE_HTTP_PORT="${CLICKHOUSE_HTTP_PORT:-8123}" -export CLICKHOUSE_TCP_PORT="${CLICKHOUSE_TCP_PORT:-9000}" -export CLICKHOUSE_MYSQL_PORT="${CLICKHOUSE_MYSQL_PORT:-9004}" -export CLICKHOUSE_POSTGRESQL_PORT="${CLICKHOUSE_POSTGRESQL_PORT:-9005}" -export CLICKHOUSE_INTERSERVER_HTTP_PORT="${CLICKHOUSE_INTERSERVER_HTTP_PORT:-9009}" - -# ClickHouse system parameters -export CLICKHOUSE_DAEMON_USER="clickhouse" -export CLICKHOUSE_DAEMON_GROUP="clickhouse" -export PATH="${CLICKHOUSE_BASE_DIR}/bin:${BITNAMI_ROOT_DIR}/common/bin:$PATH" - -# Custom environment variables may be defined below diff --git a/bitnami/clickhouse/23.8/debian-11/rootfs/opt/bitnami/scripts/clickhouse/entrypoint.sh b/bitnami/clickhouse/23.8/debian-11/rootfs/opt/bitnami/scripts/clickhouse/entrypoint.sh deleted file mode 100755 index bdfeae779b2b..000000000000 --- a/bitnami/clickhouse/23.8/debian-11/rootfs/opt/bitnami/scripts/clickhouse/entrypoint.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -# Load ClickHouse environment variables -. /opt/bitnami/scripts/clickhouse-env.sh - -print_welcome_page - -# We add the copy from default config in the entrypoint to not break users -# bypassing the setup.sh logic. If the file already exists do not overwrite (in -# case someone mounts a configuration file in /opt/bitnami/clickhouse/etc) -debug "Copying files from $CLICKHOUSE_DEFAULT_CONF_DIR to $CLICKHOUSE_CONF_DIR" -cp -nr "$CLICKHOUSE_DEFAULT_CONF_DIR"/. "$CLICKHOUSE_CONF_DIR" - -if [[ "$1" = "/opt/bitnami/scripts/clickhouse/run.sh" ]]; then - info "** Starting ClickHouse setup **" - /opt/bitnami/scripts/clickhouse/setup.sh - info "** ClickHouse setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/clickhouse/23.8/debian-11/rootfs/opt/bitnami/scripts/clickhouse/postunpack.sh b/bitnami/clickhouse/23.8/debian-11/rootfs/opt/bitnami/scripts/clickhouse/postunpack.sh deleted file mode 100755 index c097a84005ea..000000000000 --- a/bitnami/clickhouse/23.8/debian-11/rootfs/opt/bitnami/scripts/clickhouse/postunpack.sh +++ /dev/null @@ -1,84 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libclickhouse.sh - -# Load ClickHouse environment variables -. /opt/bitnami/scripts/clickhouse-env.sh - -# System User -ensure_user_exists "$CLICKHOUSE_DAEMON_USER" --group "$CLICKHOUSE_DAEMON_GROUP" --system - -# Create directories -for dir in "$CLICKHOUSE_DATA_DIR" "$CLICKHOUSE_CONF_DIR" "${CLICKHOUSE_CONF_DIR}/conf.d" "${CLICKHOUSE_CONF_DIR}/users.d" "$CLICKHOUSE_DEFAULT_CONF_DIR" "$CLICKHOUSE_LOG_DIR" "$CLICKHOUSE_TMP_DIR" "$CLICKHOUSE_MOUNTED_CONF_DIR" "/docker-entrypoint-startdb.d" "/docker-entrypoint-initdb.d"; do - ensure_dir_exists "$dir" - configure_permissions_ownership "$dir" -d "775" -f "664" -u "$CLICKHOUSE_DAEMON_USER" -g "root" -done - -# Set default settings in the configuration file - -# Delete default cluster configurations (it contains example configurations that adds noise) and add an empty one -xmlstarlet ed -L -d "/clickhouse/remote_servers" "$CLICKHOUSE_CONF_FILE" - -# Set paths -clickhouse_conf_set "/clickhouse/path" "$CLICKHOUSE_DATA_DIR" -clickhouse_conf_set "/clickhouse/logger/log" "$CLICKHOUSE_LOG_FILE" -clickhouse_conf_set "/clickhouse/logger/errorlog" "$CLICKHOUSE_ERROR_LOG_FILE" - -# ClickHouse allow making settings point to environment variables. This change -# will simplify the container logic substantially because we won't need to modify -# the xml files at runtime -# Source: https://clickhouse.com/docs/en/operations/server-configuration-parameters/settings/ -env_vars_mapping=( - "http_port=CLICKHOUSE_HTTP_PORT" - "tcp_port=CLICKHOUSE_TCP_PORT" - "mysql_port=CLICKHOUSE_MYSQL_PORT" - "postgresql_port=CLICKHOUSE_POSTGRESQL_PORT" - "interserver_http_port=CLICKHOUSE_INTERSERVER_HTTP_PORT" -) - -for pair in "${env_vars_mapping[@]}"; do - setting="${pair%=*}" - env_var="${pair#*=}" - # Delete the existing node - xmlstarlet ed -L -d "/clickhouse/${setting}" "$CLICKHOUSE_CONF_FILE" - # Recreate the node so it has the following structure - # - clickhouse_conf_set "/clickhouse/${setting}" - xmlstarlet ed -L --insert "/clickhouse/${setting}" -type attr -n "from_env" -v "${env_var}" "$CLICKHOUSE_CONF_FILE" -done - -# Set default password to point to the CLICKHOUSE_ADMIN_PASSWORD variable -xmlstarlet ed -L --insert "/clickhouse/users/default/password" -type attr -n "from_env" -v "CLICKHOUSE_ADMIN_PASSWORD" "${CLICKHOUSE_CONF_DIR}/users.xml" - -# Add symlinks to the default paths to make a similar UX as the upstream ClickHouse configuration -# https://github.com/ClickHouse/ClickHouse/blob/master/programs/server/config.xml -ln -s "$CLICKHOUSE_DATA_DIR" "/var/lib/clickhouse" -ln -s "$CLICKHOUSE_CONF_DIR" "/etc/clickhouse-server" -ln -s "$CLICKHOUSE_LOG_DIR" "/var/log/clickhouse-server" -ln -s "$CLICKHOUSE_TMP_DIR" "/var/lib/clickhouse/tmp" - -ln -s /dev/stdout "$CLICKHOUSE_LOG_FILE" -ln -s /dev/stderr "$CLICKHOUSE_ERROR_LOG_FILE" - -touch /.clickhouse-client-history -chmod g+rw /.clickhouse-client-history - -# Set logging to console -xmlstarlet ed -L -d "/clickhouse/logger/log" "$CLICKHOUSE_CONF_FILE" -xmlstarlet ed -L -d "/clickhouse/logger/errorlog" "$CLICKHOUSE_CONF_FILE" -clickhouse_conf_set "/clickhouse/logger/console" "1" - -# Copy all initially generated configuration files to the default directory -# (this is to avoid breaking when entrypoint is being overridden) -cp -r "${CLICKHOUSE_CONF_DIR}/"* "$CLICKHOUSE_DEFAULT_CONF_DIR" \ No newline at end of file diff --git a/bitnami/clickhouse/23.8/debian-11/rootfs/opt/bitnami/scripts/clickhouse/run.sh b/bitnami/clickhouse/23.8/debian-11/rootfs/opt/bitnami/scripts/clickhouse/run.sh deleted file mode 100755 index be327f2bdc28..000000000000 --- a/bitnami/clickhouse/23.8/debian-11/rootfs/opt/bitnami/scripts/clickhouse/run.sh +++ /dev/null @@ -1,30 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libclickhouse.sh - -# Load ClickHouse environment variables -. /opt/bitnami/scripts/clickhouse-env.sh - -declare -a cmd=("${CLICKHOUSE_BASE_DIR}/bin/clickhouse-server") -declare -a args=("--config-file=${CLICKHOUSE_CONF_FILE}" "--pid-file=${CLICKHOUSE_PID_FILE}") -args+=("$@") - -info "** Starting ClickHouse **" -if am_i_root; then - exec_as_user "$CLICKHOUSE_DAEMON_USER" "${cmd[@]}" "${args[@]}" -else - exec "${cmd[@]}" "${args[@]}" -fi diff --git a/bitnami/clickhouse/23.8/debian-11/rootfs/opt/bitnami/scripts/clickhouse/setup.sh b/bitnami/clickhouse/23.8/debian-11/rootfs/opt/bitnami/scripts/clickhouse/setup.sh deleted file mode 100755 index 89328840b4f7..000000000000 --- a/bitnami/clickhouse/23.8/debian-11/rootfs/opt/bitnami/scripts/clickhouse/setup.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libclickhouse.sh - -# Load ClickHouse environment settings -. /opt/bitnami/scripts/clickhouse-env.sh - -# Ensure ClickHouse environment settings are valid -clickhouse_validate -# Ensure ClickHouse is stopped when this script ends. -trap "clickhouse_stop" EXIT -# Ensure 'daemon' user exists when running as 'root' -am_i_root && ensure_user_exists "$CLICKHOUSE_DAEMON_USER" --group "$CLICKHOUSE_DAEMON_GROUP" -# Ensure is initialized -clickhouse_initialize -# Allow running custom initialization scripts -clickhouse_custom_scripts 'init' -# Allow running custom start scripts -clickhouse_custom_scripts 'start' -# Stop ClickHouse before flagging it as fully initialized. -# Relying only on the trap defined above could produce a race condition. -clickhouse_stop diff --git a/bitnami/clickhouse/23.8/debian-11/rootfs/opt/bitnami/scripts/libclickhouse.sh b/bitnami/clickhouse/23.8/debian-11/rootfs/opt/bitnami/scripts/libclickhouse.sh deleted file mode 100644 index 851811ba771c..000000000000 --- a/bitnami/clickhouse/23.8/debian-11/rootfs/opt/bitnami/scripts/libclickhouse.sh +++ /dev/null @@ -1,284 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami ClickHouse library - -# shellcheck disable=SC1090 -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libservice.sh - -######################## -# Validate settings in CLICKHOUSE_* env vars -# Globals: -# CLICKHOUSE_* -# Arguments: -# None -# Returns: -# 0 if the validation succeeded, 1 otherwise -######################### -clickhouse_validate() { - debug "Validating settings in CLICKHOUSE_* environment variables..." - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - check_empty_value() { - if is_empty_value "${!1}"; then - print_validation_error "${1} must be set" - fi - } - check_valid_port() { - local port_var="${1:?missing port variable}" - local err - if ! err="$(validate_port "${!port_var}")"; then - print_validation_error "An invalid port was specified in the environment variable ${port_var}: ${err}." - fi - } - - # Validate user inputs - ! is_empty_value "$CLICKHOUSE_HTTP_PORT" && check_valid_port "CLICKHOUSE_HTTP_PORT" - ! is_empty_value "$CLICKHOUSE_TCP_PORT" && check_valid_port "CLICKHOUSE_TCP_PORT" - ! is_empty_value "$CLICKHOUSE_MYSQL_PORT" && check_valid_port "CLICKHOUSE_MYSQL_PORT" - ! is_empty_value "$CLICKHOUSE_POSTGRESQL_PORT" && check_valid_port "CLICKHOUSE_POSTGRESQL_PORT" - ! is_empty_value "$CLICKHOUSE_INTERSERVER_HTTP_PORT" && check_valid_port "CLICKHOUSE_INTERSERVER_HTTP_PORT" - - # Validate credentials - if is_boolean_yes "${ALLOW_EMPTY_PASSWORD:-}"; then - warn "You set the environment variable ALLOW_EMPTY_PASSWORD=${ALLOW_EMPTY_PASSWORD:-}. For safety reasons, do not use this flag in a production environment." - elif is_empty_value "$CLICKHOUSE_ADMIN_PASSWORD"; then - print_validation_error "The CLICKHOUSE_ADMIN_PASSWORD environment variable is empty or not set. Set the environment variable ALLOW_EMPTY_PASSWORD=yes to allow a blank password. This is only recommended for development environments." - fi - - return "$error_code" -} - -######################## -# Copy configuration from the mounted folder to the etc folder -# In charts mounting directly in the configuration folder would not -# allow the use of multiple ConfigMaps and Secrets -# Globals: -# CLICKHOUSE_* -# Arguments: -# None -# Returns: -# None -######################### -clickhouse_copy_mounted_configuration() { - if [[ -w "$CLICKHOUSE_CONF_DIR" ]]; then - if ! is_mounted_dir_empty "$CLICKHOUSE_MOUNTED_CONF_DIR"; then - info "Copying mounted configuration from $CLICKHOUSE_MOUNTED_CONF_DIR" - # Copy first the files at the base of the mounted folder to go to ClickHouse - # base etc folder - find "$CLICKHOUSE_MOUNTED_CONF_DIR" -maxdepth 1 \( -type f -o -type l \) -exec cp -L {} "$CLICKHOUSE_CONF_DIR" \; - - # The ClickHouse override directories (etc/conf.d and etc/users.d) do not support subfolders. That means we cannot - # copy directly with cp -RL because we need all override xml files to have at the root of these subfolders. In the helm - # chart we want to allow overrides from different ConfigMaps and Secrets so we need to use the find command - if [[ -d "${CLICKHOUSE_MOUNTED_CONF_DIR}/conf.d" ]]; then - find "${CLICKHOUSE_MOUNTED_CONF_DIR}/conf.d" \( -type f -o -type l \) -exec cp -L {} "${CLICKHOUSE_CONF_DIR}/conf.d" \; - fi - if [[ -d "${CLICKHOUSE_MOUNTED_CONF_DIR}/users.d" ]]; then - find "${CLICKHOUSE_MOUNTED_CONF_DIR}/users.d" \( -type f -o -type l \) -exec cp -L {} "${CLICKHOUSE_CONF_DIR}/users.d" \; - fi - fi - else - warn "The folder $CLICKHOUSE_CONF_DIR is not writable. This is likely because a read-only filesystem was mounted in that folder. Using $CLICKHOUSE_MOUNTED_DIR is recommended" - fi -} - -######################## -# Add or modify an entry in the ClickHouse configuration file -# Globals: -# CLICKHOUSE_* -# Arguments: -# $1 - XPath expression -# $2 - Value to assign to the variable -# $3 - Configuration file -# Returns: -# None -######################### -clickhouse_conf_set() { - local -r xpath="${1:?key missing}" - # We allow empty values - local -r value="${2:-}" - local -r config_file="${3:-$CLICKHOUSE_CONF_FILE}" - debug "Setting ${xpath} to '${value}' in ClickHouse configuration file $config_file" - # Check if the entry exists in the XML file - if xmlstarlet --quiet sel -t -v "$xpath" "$config_file"; then - # Base case - # It exists, so replace the entry - if ! is_empty_value "$value"; then - xmlstarlet ed -L -u "$xpath" -v "$value" "$config_file" - fi - else - # It does not exist, so add the subnode - local -r parentNode="$(dirname "$xpath")" - local -r newNode="$(basename "$xpath")" - # Recursive call to add parent nodes - clickhouse_conf_set "$parentNode" - if is_empty_value "$value"; then - xmlstarlet ed -L --subnode "${parentNode}" -t "elem" -n "${newNode}" "$config_file" - else - xmlstarlet ed -L --subnode "${parentNode}" -t "elem" -n "${newNode}" -v "$value" "$config_file" - fi - fi -} - -######################## -# Check if ClickHouse daemon is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_clickhouse_running() { - pid="$(get_pid_from_file "$CLICKHOUSE_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if ClickHouse daemon is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_clickhouse_not_running() { - ! is_clickhouse_running -} - -######################## -# Stop ClickHouse daemons -# Arguments: -# None -# Returns: -# None -######################### -clickhouse_stop() { - ! is_clickhouse_running && return - stop_service_using_pid "$CLICKHOUSE_PID_FILE" -} - -######################## -# Initialize ClickHouse -# Arguments: -# None -# Returns: -# None -######################### -clickhouse_initialize() { - # Logic based on the upstream ClickHouse container - # For the container itself we keep the logic simple. In the helm chart we rely on the mounting of configuration files with overrides - # Source: https://github.com/ClickHouse/ClickHouse/blob/master/docker/server/entrypoint.sh - - # This fixes an issue where the trap would kill the entrypoint.sh, if a PID was left over from a previous run - # Exec replaces the process without creating a new one, and when the container is restarted it may have the same PID - rm -f "$CLICKHOUSE_PID_FILE" - - clickhouse_copy_mounted_configuration - if [[ "$CLICKHOUSE_ADMIN_USER" != "default" ]]; then - # If we need to set an admin user different from default, we create a configuration override - local -r admin_user_override="${CLICKHOUSE_CONF_DIR}/users.d/__bitnami_default_user.xml" - cat <"${admin_user_override}" - - - - - - - - <${CLICKHOUSE_ADMIN_USER}> - default - - - ::/0 - - default - 1 - - - -EOF - fi - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Start ClickHouse daemon -# Arguments: -# $1 - Log file to check the startup message -# Returns: -# None -######################### -clickhouse_start_bg() { - local -r log_file="${1:-$CLICKHOUSE_LOG_FILE}" - info "Starting ClickHouse in background" - is_clickhouse_running && return - # This function is meant to be called for internal operations like the init scripts - local -r cmd=("${CLICKHOUSE_BASE_DIR}/bin/clickhouse-server") - local -r args=("--config-file=${CLICKHOUSE_CONF_FILE}" "--pid-file=${CLICKHOUSE_PID_FILE}" "--" "--listen_host=127.0.0.1") - if am_i_root; then - run_as_user "$CLICKHOUSE_DAEMON_USER" "${cmd[@]}" "${args[@]}" >"$log_file" 2>&1 & - else - "${cmd[@]}" "${args[@]}" >"$log_file" 2>&1 & - fi - if ! retry_while is_clickhouse_running; then - error "ClickHouse failed to start" - exit 1 - fi - wait_for_log_entry "Application: Ready for connections" "$log_file" - info "ClickHouse started successfully" -} - -######################## -# Run custom scripts -# Globals: -# CLICKHOUSE_* -# Arguments: -# $1 - 'init' or 'start' ('init' runs on first container start, 'start' runs everytime the container starts) -# Returns: -# None -######################### -clickhouse_custom_scripts() { - if [[ -n $(find /docker-entrypoint-"$1"db.d/ -type f -regex ".*\.sh") ]] && { [[ ! -f "$CLICKHOUSE_DATA_DIR/.user_scripts_initialized" ]] || [[ $1 == start ]]; }; then - clickhouse_start_bg "$CLICKHOUSE_LOG_DIR/clickhouse_init_scripts.log" - info "Loading user's custom files from /docker-entrypoint-$1db.d" - for f in /docker-entrypoint-"$1"db.d/*; do - debug "Executing $f" - case "$f" in - *.sh) - if [[ -x "$f" ]]; then - if ! "$f"; then - error "Failed executing $f" - return 1 - fi - else - warn "Sourcing $f as it is not executable by the current user, any error may cause initialization to fail" - . "$f" - fi - ;; - *) - warn "Skipping $f, supported formats are: .sh" - ;; - esac - done - touch "${CLICKHOUSE_DATA_DIR}/.user_scripts_initialized" - fi -} diff --git a/bitnami/clickhouse/23.8/debian-11/tags-info.yaml b/bitnami/clickhouse/23.8/debian-11/tags-info.yaml deleted file mode 100644 index 3042f64056b5..000000000000 --- a/bitnami/clickhouse/23.8/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "23.8" -- 23.8-debian-11 -- 23.8.9 diff --git a/bitnami/clickhouse/24/debian-11/Dockerfile b/bitnami/clickhouse/24/debian-11/Dockerfile deleted file mode 100644 index 730db4b93206..000000000000 --- a/bitnami/clickhouse/24/debian-11/Dockerfile +++ /dev/null @@ -1,57 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T15:10:26Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="24.1.5-debian-11-r6" \ - org.opencontainers.image.title="clickhouse" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="24.1.5" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps xmlstarlet -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "clickhouse-24.1.5-0-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/clickhouse/postunpack.sh -ENV APP_VERSION="24.1.5" \ - BITNAMI_APP_NAME="clickhouse" \ - PATH="/opt/bitnami/clickhouse/bin:/opt/bitnami/common/bin:$PATH" \ - clickhouseCTL_API="3" - -EXPOSE 8123 9000 9004 9005 9009 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/clickhouse/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/clickhouse/run.sh", "--", "--listen_host=0.0.0.0" ] diff --git a/bitnami/clickhouse/24/debian-11/docker-compose.yml b/bitnami/clickhouse/24/debian-11/docker-compose.yml deleted file mode 100644 index a9c7a08639bc..000000000000 --- a/bitnami/clickhouse/24/debian-11/docker-compose.yml +++ /dev/null @@ -1,16 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' -services: - clickhouse: - image: docker.io/bitnami/clickhouse:24 - environment: - - ALLOW_EMPTY_PASSWORD=yes - ports: - - '8123:8123' - volumes: - - clickhouse_data:/bitnami/clickhouse -volumes: - clickhouse_data: - driver: local diff --git a/bitnami/clickhouse/24/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/clickhouse/24/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index a285c11fc931..000000000000 --- a/bitnami/clickhouse/24/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "clickhouse": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "24.1.5-0" - } -} \ No newline at end of file diff --git a/bitnami/clickhouse/24/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/clickhouse/24/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/clickhouse/24/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/clickhouse/24/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/clickhouse/24/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/clickhouse/24/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/clickhouse/24/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/clickhouse/24/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/clickhouse/24/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/clickhouse/24/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/clickhouse/24/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/clickhouse/24/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/clickhouse/24/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/clickhouse/24/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/clickhouse/24/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/clickhouse/24/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/clickhouse/24/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/clickhouse/24/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/clickhouse/24/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/clickhouse/24/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/clickhouse/24/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/clickhouse/24/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/clickhouse/24/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/clickhouse/24/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/clickhouse/24/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/clickhouse/24/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/clickhouse/24/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/clickhouse/24/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/clickhouse/24/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/clickhouse/24/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/clickhouse/24/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/clickhouse/24/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/clickhouse/24/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/clickhouse/24/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/clickhouse/24/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/clickhouse/24/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/clickhouse/24/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/clickhouse/24/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/clickhouse/24/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/clickhouse/24/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/clickhouse/24/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/clickhouse/24/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/clickhouse/24/debian-11/rootfs/opt/bitnami/scripts/clickhouse-env.sh b/bitnami/clickhouse/24/debian-11/rootfs/opt/bitnami/scripts/clickhouse-env.sh deleted file mode 100644 index 4d8154d88637..000000000000 --- a/bitnami/clickhouse/24/debian-11/rootfs/opt/bitnami/scripts/clickhouse-env.sh +++ /dev/null @@ -1,83 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for clickhouse - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-clickhouse}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -clickhouse_env_vars=( - ALLOW_EMPTY_PASSWORD - CLICKHOUSE_ADMIN_USER - CLICKHOUSE_ADMIN_PASSWORD - CLICKHOUSE_HTTP_PORT - CLICKHOUSE_TCP_PORT - CLICKHOUSE_MYSQL_PORT - CLICKHOUSE_POSTGRESQL_PORT - CLICKHOUSE_INTERSERVER_HTTP_PORT - CLICKHOUSE_USER - CLICKHOUSE_PASSWORD -) -for env_var in "${clickhouse_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset clickhouse_env_vars - -# Paths -export CLICKHOUSE_BASE_DIR="${BITNAMI_ROOT_DIR}/clickhouse" -export CLICKHOUSE_VOLUME_DIR="/bitnami/clickhouse" -export CLICKHOUSE_CONF_DIR="${CLICKHOUSE_BASE_DIR}/etc" -export CLICKHOUSE_DEFAULT_CONF_DIR="${CLICKHOUSE_BASE_DIR}/etc.default" -export CLICKHOUSE_MOUNTED_CONF_DIR="${CLICKHOUSE_VOLUME_DIR}/etc" -export CLICKHOUSE_DATA_DIR="${CLICKHOUSE_VOLUME_DIR}/data" -export CLICKHOUSE_LOG_DIR="${CLICKHOUSE_BASE_DIR}/logs" -export CLICKHOUSE_CONF_FILE="${CLICKHOUSE_CONF_DIR}/config.xml" -export CLICKHOUSE_LOG_FILE="${CLICKHOUSE_LOG_DIR}/clickhouse.log" -export CLICKHOUSE_ERROR_LOG_FILE="${CLICKHOUSE_LOG_DIR}/clickhouse_error.log" -export CLICKHOUSE_TMP_DIR="${CLICKHOUSE_BASE_DIR}/tmp" -export CLICKHOUSE_PID_FILE="${CLICKHOUSE_TMP_DIR}/clickhouse.pid" -export CLICKHOUSE_INITSCRIPTS_DIR="/docker-entrypoint-initdb.d" - -# ClickHouse configuration parameters -export ALLOW_EMPTY_PASSWORD="${ALLOW_EMPTY_PASSWORD:-no}" -CLICKHOUSE_ADMIN_USER="${CLICKHOUSE_ADMIN_USER:-"${CLICKHOUSE_USER:-}"}" -export CLICKHOUSE_ADMIN_USER="${CLICKHOUSE_ADMIN_USER:-default}" -CLICKHOUSE_ADMIN_PASSWORD="${CLICKHOUSE_ADMIN_PASSWORD:-"${CLICKHOUSE_PASSWORD:-}"}" -export CLICKHOUSE_ADMIN_PASSWORD="${CLICKHOUSE_ADMIN_PASSWORD:-}" -export CLICKHOUSE_HTTP_PORT="${CLICKHOUSE_HTTP_PORT:-8123}" -export CLICKHOUSE_TCP_PORT="${CLICKHOUSE_TCP_PORT:-9000}" -export CLICKHOUSE_MYSQL_PORT="${CLICKHOUSE_MYSQL_PORT:-9004}" -export CLICKHOUSE_POSTGRESQL_PORT="${CLICKHOUSE_POSTGRESQL_PORT:-9005}" -export CLICKHOUSE_INTERSERVER_HTTP_PORT="${CLICKHOUSE_INTERSERVER_HTTP_PORT:-9009}" - -# ClickHouse system parameters -export CLICKHOUSE_DAEMON_USER="clickhouse" -export CLICKHOUSE_DAEMON_GROUP="clickhouse" -export PATH="${CLICKHOUSE_BASE_DIR}/bin:${BITNAMI_ROOT_DIR}/common/bin:$PATH" - -# Custom environment variables may be defined below diff --git a/bitnami/clickhouse/24/debian-11/rootfs/opt/bitnami/scripts/clickhouse/entrypoint.sh b/bitnami/clickhouse/24/debian-11/rootfs/opt/bitnami/scripts/clickhouse/entrypoint.sh deleted file mode 100755 index bdfeae779b2b..000000000000 --- a/bitnami/clickhouse/24/debian-11/rootfs/opt/bitnami/scripts/clickhouse/entrypoint.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -# Load ClickHouse environment variables -. /opt/bitnami/scripts/clickhouse-env.sh - -print_welcome_page - -# We add the copy from default config in the entrypoint to not break users -# bypassing the setup.sh logic. If the file already exists do not overwrite (in -# case someone mounts a configuration file in /opt/bitnami/clickhouse/etc) -debug "Copying files from $CLICKHOUSE_DEFAULT_CONF_DIR to $CLICKHOUSE_CONF_DIR" -cp -nr "$CLICKHOUSE_DEFAULT_CONF_DIR"/. "$CLICKHOUSE_CONF_DIR" - -if [[ "$1" = "/opt/bitnami/scripts/clickhouse/run.sh" ]]; then - info "** Starting ClickHouse setup **" - /opt/bitnami/scripts/clickhouse/setup.sh - info "** ClickHouse setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/clickhouse/24/debian-11/rootfs/opt/bitnami/scripts/clickhouse/postunpack.sh b/bitnami/clickhouse/24/debian-11/rootfs/opt/bitnami/scripts/clickhouse/postunpack.sh deleted file mode 100755 index c097a84005ea..000000000000 --- a/bitnami/clickhouse/24/debian-11/rootfs/opt/bitnami/scripts/clickhouse/postunpack.sh +++ /dev/null @@ -1,84 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libclickhouse.sh - -# Load ClickHouse environment variables -. /opt/bitnami/scripts/clickhouse-env.sh - -# System User -ensure_user_exists "$CLICKHOUSE_DAEMON_USER" --group "$CLICKHOUSE_DAEMON_GROUP" --system - -# Create directories -for dir in "$CLICKHOUSE_DATA_DIR" "$CLICKHOUSE_CONF_DIR" "${CLICKHOUSE_CONF_DIR}/conf.d" "${CLICKHOUSE_CONF_DIR}/users.d" "$CLICKHOUSE_DEFAULT_CONF_DIR" "$CLICKHOUSE_LOG_DIR" "$CLICKHOUSE_TMP_DIR" "$CLICKHOUSE_MOUNTED_CONF_DIR" "/docker-entrypoint-startdb.d" "/docker-entrypoint-initdb.d"; do - ensure_dir_exists "$dir" - configure_permissions_ownership "$dir" -d "775" -f "664" -u "$CLICKHOUSE_DAEMON_USER" -g "root" -done - -# Set default settings in the configuration file - -# Delete default cluster configurations (it contains example configurations that adds noise) and add an empty one -xmlstarlet ed -L -d "/clickhouse/remote_servers" "$CLICKHOUSE_CONF_FILE" - -# Set paths -clickhouse_conf_set "/clickhouse/path" "$CLICKHOUSE_DATA_DIR" -clickhouse_conf_set "/clickhouse/logger/log" "$CLICKHOUSE_LOG_FILE" -clickhouse_conf_set "/clickhouse/logger/errorlog" "$CLICKHOUSE_ERROR_LOG_FILE" - -# ClickHouse allow making settings point to environment variables. This change -# will simplify the container logic substantially because we won't need to modify -# the xml files at runtime -# Source: https://clickhouse.com/docs/en/operations/server-configuration-parameters/settings/ -env_vars_mapping=( - "http_port=CLICKHOUSE_HTTP_PORT" - "tcp_port=CLICKHOUSE_TCP_PORT" - "mysql_port=CLICKHOUSE_MYSQL_PORT" - "postgresql_port=CLICKHOUSE_POSTGRESQL_PORT" - "interserver_http_port=CLICKHOUSE_INTERSERVER_HTTP_PORT" -) - -for pair in "${env_vars_mapping[@]}"; do - setting="${pair%=*}" - env_var="${pair#*=}" - # Delete the existing node - xmlstarlet ed -L -d "/clickhouse/${setting}" "$CLICKHOUSE_CONF_FILE" - # Recreate the node so it has the following structure - # - clickhouse_conf_set "/clickhouse/${setting}" - xmlstarlet ed -L --insert "/clickhouse/${setting}" -type attr -n "from_env" -v "${env_var}" "$CLICKHOUSE_CONF_FILE" -done - -# Set default password to point to the CLICKHOUSE_ADMIN_PASSWORD variable -xmlstarlet ed -L --insert "/clickhouse/users/default/password" -type attr -n "from_env" -v "CLICKHOUSE_ADMIN_PASSWORD" "${CLICKHOUSE_CONF_DIR}/users.xml" - -# Add symlinks to the default paths to make a similar UX as the upstream ClickHouse configuration -# https://github.com/ClickHouse/ClickHouse/blob/master/programs/server/config.xml -ln -s "$CLICKHOUSE_DATA_DIR" "/var/lib/clickhouse" -ln -s "$CLICKHOUSE_CONF_DIR" "/etc/clickhouse-server" -ln -s "$CLICKHOUSE_LOG_DIR" "/var/log/clickhouse-server" -ln -s "$CLICKHOUSE_TMP_DIR" "/var/lib/clickhouse/tmp" - -ln -s /dev/stdout "$CLICKHOUSE_LOG_FILE" -ln -s /dev/stderr "$CLICKHOUSE_ERROR_LOG_FILE" - -touch /.clickhouse-client-history -chmod g+rw /.clickhouse-client-history - -# Set logging to console -xmlstarlet ed -L -d "/clickhouse/logger/log" "$CLICKHOUSE_CONF_FILE" -xmlstarlet ed -L -d "/clickhouse/logger/errorlog" "$CLICKHOUSE_CONF_FILE" -clickhouse_conf_set "/clickhouse/logger/console" "1" - -# Copy all initially generated configuration files to the default directory -# (this is to avoid breaking when entrypoint is being overridden) -cp -r "${CLICKHOUSE_CONF_DIR}/"* "$CLICKHOUSE_DEFAULT_CONF_DIR" \ No newline at end of file diff --git a/bitnami/clickhouse/24/debian-11/rootfs/opt/bitnami/scripts/clickhouse/run.sh b/bitnami/clickhouse/24/debian-11/rootfs/opt/bitnami/scripts/clickhouse/run.sh deleted file mode 100755 index be327f2bdc28..000000000000 --- a/bitnami/clickhouse/24/debian-11/rootfs/opt/bitnami/scripts/clickhouse/run.sh +++ /dev/null @@ -1,30 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libclickhouse.sh - -# Load ClickHouse environment variables -. /opt/bitnami/scripts/clickhouse-env.sh - -declare -a cmd=("${CLICKHOUSE_BASE_DIR}/bin/clickhouse-server") -declare -a args=("--config-file=${CLICKHOUSE_CONF_FILE}" "--pid-file=${CLICKHOUSE_PID_FILE}") -args+=("$@") - -info "** Starting ClickHouse **" -if am_i_root; then - exec_as_user "$CLICKHOUSE_DAEMON_USER" "${cmd[@]}" "${args[@]}" -else - exec "${cmd[@]}" "${args[@]}" -fi diff --git a/bitnami/clickhouse/24/debian-11/rootfs/opt/bitnami/scripts/clickhouse/setup.sh b/bitnami/clickhouse/24/debian-11/rootfs/opt/bitnami/scripts/clickhouse/setup.sh deleted file mode 100755 index 89328840b4f7..000000000000 --- a/bitnami/clickhouse/24/debian-11/rootfs/opt/bitnami/scripts/clickhouse/setup.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libclickhouse.sh - -# Load ClickHouse environment settings -. /opt/bitnami/scripts/clickhouse-env.sh - -# Ensure ClickHouse environment settings are valid -clickhouse_validate -# Ensure ClickHouse is stopped when this script ends. -trap "clickhouse_stop" EXIT -# Ensure 'daemon' user exists when running as 'root' -am_i_root && ensure_user_exists "$CLICKHOUSE_DAEMON_USER" --group "$CLICKHOUSE_DAEMON_GROUP" -# Ensure is initialized -clickhouse_initialize -# Allow running custom initialization scripts -clickhouse_custom_scripts 'init' -# Allow running custom start scripts -clickhouse_custom_scripts 'start' -# Stop ClickHouse before flagging it as fully initialized. -# Relying only on the trap defined above could produce a race condition. -clickhouse_stop diff --git a/bitnami/clickhouse/24/debian-11/rootfs/opt/bitnami/scripts/libclickhouse.sh b/bitnami/clickhouse/24/debian-11/rootfs/opt/bitnami/scripts/libclickhouse.sh deleted file mode 100644 index 851811ba771c..000000000000 --- a/bitnami/clickhouse/24/debian-11/rootfs/opt/bitnami/scripts/libclickhouse.sh +++ /dev/null @@ -1,284 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami ClickHouse library - -# shellcheck disable=SC1090 -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libservice.sh - -######################## -# Validate settings in CLICKHOUSE_* env vars -# Globals: -# CLICKHOUSE_* -# Arguments: -# None -# Returns: -# 0 if the validation succeeded, 1 otherwise -######################### -clickhouse_validate() { - debug "Validating settings in CLICKHOUSE_* environment variables..." - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - check_empty_value() { - if is_empty_value "${!1}"; then - print_validation_error "${1} must be set" - fi - } - check_valid_port() { - local port_var="${1:?missing port variable}" - local err - if ! err="$(validate_port "${!port_var}")"; then - print_validation_error "An invalid port was specified in the environment variable ${port_var}: ${err}." - fi - } - - # Validate user inputs - ! is_empty_value "$CLICKHOUSE_HTTP_PORT" && check_valid_port "CLICKHOUSE_HTTP_PORT" - ! is_empty_value "$CLICKHOUSE_TCP_PORT" && check_valid_port "CLICKHOUSE_TCP_PORT" - ! is_empty_value "$CLICKHOUSE_MYSQL_PORT" && check_valid_port "CLICKHOUSE_MYSQL_PORT" - ! is_empty_value "$CLICKHOUSE_POSTGRESQL_PORT" && check_valid_port "CLICKHOUSE_POSTGRESQL_PORT" - ! is_empty_value "$CLICKHOUSE_INTERSERVER_HTTP_PORT" && check_valid_port "CLICKHOUSE_INTERSERVER_HTTP_PORT" - - # Validate credentials - if is_boolean_yes "${ALLOW_EMPTY_PASSWORD:-}"; then - warn "You set the environment variable ALLOW_EMPTY_PASSWORD=${ALLOW_EMPTY_PASSWORD:-}. For safety reasons, do not use this flag in a production environment." - elif is_empty_value "$CLICKHOUSE_ADMIN_PASSWORD"; then - print_validation_error "The CLICKHOUSE_ADMIN_PASSWORD environment variable is empty or not set. Set the environment variable ALLOW_EMPTY_PASSWORD=yes to allow a blank password. This is only recommended for development environments." - fi - - return "$error_code" -} - -######################## -# Copy configuration from the mounted folder to the etc folder -# In charts mounting directly in the configuration folder would not -# allow the use of multiple ConfigMaps and Secrets -# Globals: -# CLICKHOUSE_* -# Arguments: -# None -# Returns: -# None -######################### -clickhouse_copy_mounted_configuration() { - if [[ -w "$CLICKHOUSE_CONF_DIR" ]]; then - if ! is_mounted_dir_empty "$CLICKHOUSE_MOUNTED_CONF_DIR"; then - info "Copying mounted configuration from $CLICKHOUSE_MOUNTED_CONF_DIR" - # Copy first the files at the base of the mounted folder to go to ClickHouse - # base etc folder - find "$CLICKHOUSE_MOUNTED_CONF_DIR" -maxdepth 1 \( -type f -o -type l \) -exec cp -L {} "$CLICKHOUSE_CONF_DIR" \; - - # The ClickHouse override directories (etc/conf.d and etc/users.d) do not support subfolders. That means we cannot - # copy directly with cp -RL because we need all override xml files to have at the root of these subfolders. In the helm - # chart we want to allow overrides from different ConfigMaps and Secrets so we need to use the find command - if [[ -d "${CLICKHOUSE_MOUNTED_CONF_DIR}/conf.d" ]]; then - find "${CLICKHOUSE_MOUNTED_CONF_DIR}/conf.d" \( -type f -o -type l \) -exec cp -L {} "${CLICKHOUSE_CONF_DIR}/conf.d" \; - fi - if [[ -d "${CLICKHOUSE_MOUNTED_CONF_DIR}/users.d" ]]; then - find "${CLICKHOUSE_MOUNTED_CONF_DIR}/users.d" \( -type f -o -type l \) -exec cp -L {} "${CLICKHOUSE_CONF_DIR}/users.d" \; - fi - fi - else - warn "The folder $CLICKHOUSE_CONF_DIR is not writable. This is likely because a read-only filesystem was mounted in that folder. Using $CLICKHOUSE_MOUNTED_DIR is recommended" - fi -} - -######################## -# Add or modify an entry in the ClickHouse configuration file -# Globals: -# CLICKHOUSE_* -# Arguments: -# $1 - XPath expression -# $2 - Value to assign to the variable -# $3 - Configuration file -# Returns: -# None -######################### -clickhouse_conf_set() { - local -r xpath="${1:?key missing}" - # We allow empty values - local -r value="${2:-}" - local -r config_file="${3:-$CLICKHOUSE_CONF_FILE}" - debug "Setting ${xpath} to '${value}' in ClickHouse configuration file $config_file" - # Check if the entry exists in the XML file - if xmlstarlet --quiet sel -t -v "$xpath" "$config_file"; then - # Base case - # It exists, so replace the entry - if ! is_empty_value "$value"; then - xmlstarlet ed -L -u "$xpath" -v "$value" "$config_file" - fi - else - # It does not exist, so add the subnode - local -r parentNode="$(dirname "$xpath")" - local -r newNode="$(basename "$xpath")" - # Recursive call to add parent nodes - clickhouse_conf_set "$parentNode" - if is_empty_value "$value"; then - xmlstarlet ed -L --subnode "${parentNode}" -t "elem" -n "${newNode}" "$config_file" - else - xmlstarlet ed -L --subnode "${parentNode}" -t "elem" -n "${newNode}" -v "$value" "$config_file" - fi - fi -} - -######################## -# Check if ClickHouse daemon is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_clickhouse_running() { - pid="$(get_pid_from_file "$CLICKHOUSE_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if ClickHouse daemon is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_clickhouse_not_running() { - ! is_clickhouse_running -} - -######################## -# Stop ClickHouse daemons -# Arguments: -# None -# Returns: -# None -######################### -clickhouse_stop() { - ! is_clickhouse_running && return - stop_service_using_pid "$CLICKHOUSE_PID_FILE" -} - -######################## -# Initialize ClickHouse -# Arguments: -# None -# Returns: -# None -######################### -clickhouse_initialize() { - # Logic based on the upstream ClickHouse container - # For the container itself we keep the logic simple. In the helm chart we rely on the mounting of configuration files with overrides - # Source: https://github.com/ClickHouse/ClickHouse/blob/master/docker/server/entrypoint.sh - - # This fixes an issue where the trap would kill the entrypoint.sh, if a PID was left over from a previous run - # Exec replaces the process without creating a new one, and when the container is restarted it may have the same PID - rm -f "$CLICKHOUSE_PID_FILE" - - clickhouse_copy_mounted_configuration - if [[ "$CLICKHOUSE_ADMIN_USER" != "default" ]]; then - # If we need to set an admin user different from default, we create a configuration override - local -r admin_user_override="${CLICKHOUSE_CONF_DIR}/users.d/__bitnami_default_user.xml" - cat <"${admin_user_override}" - - - - - - - - <${CLICKHOUSE_ADMIN_USER}> - default - - - ::/0 - - default - 1 - - - -EOF - fi - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Start ClickHouse daemon -# Arguments: -# $1 - Log file to check the startup message -# Returns: -# None -######################### -clickhouse_start_bg() { - local -r log_file="${1:-$CLICKHOUSE_LOG_FILE}" - info "Starting ClickHouse in background" - is_clickhouse_running && return - # This function is meant to be called for internal operations like the init scripts - local -r cmd=("${CLICKHOUSE_BASE_DIR}/bin/clickhouse-server") - local -r args=("--config-file=${CLICKHOUSE_CONF_FILE}" "--pid-file=${CLICKHOUSE_PID_FILE}" "--" "--listen_host=127.0.0.1") - if am_i_root; then - run_as_user "$CLICKHOUSE_DAEMON_USER" "${cmd[@]}" "${args[@]}" >"$log_file" 2>&1 & - else - "${cmd[@]}" "${args[@]}" >"$log_file" 2>&1 & - fi - if ! retry_while is_clickhouse_running; then - error "ClickHouse failed to start" - exit 1 - fi - wait_for_log_entry "Application: Ready for connections" "$log_file" - info "ClickHouse started successfully" -} - -######################## -# Run custom scripts -# Globals: -# CLICKHOUSE_* -# Arguments: -# $1 - 'init' or 'start' ('init' runs on first container start, 'start' runs everytime the container starts) -# Returns: -# None -######################### -clickhouse_custom_scripts() { - if [[ -n $(find /docker-entrypoint-"$1"db.d/ -type f -regex ".*\.sh") ]] && { [[ ! -f "$CLICKHOUSE_DATA_DIR/.user_scripts_initialized" ]] || [[ $1 == start ]]; }; then - clickhouse_start_bg "$CLICKHOUSE_LOG_DIR/clickhouse_init_scripts.log" - info "Loading user's custom files from /docker-entrypoint-$1db.d" - for f in /docker-entrypoint-"$1"db.d/*; do - debug "Executing $f" - case "$f" in - *.sh) - if [[ -x "$f" ]]; then - if ! "$f"; then - error "Failed executing $f" - return 1 - fi - else - warn "Sourcing $f as it is not executable by the current user, any error may cause initialization to fail" - . "$f" - fi - ;; - *) - warn "Skipping $f, supported formats are: .sh" - ;; - esac - done - touch "${CLICKHOUSE_DATA_DIR}/.user_scripts_initialized" - fi -} diff --git a/bitnami/clickhouse/24/debian-11/tags-info.yaml b/bitnami/clickhouse/24/debian-11/tags-info.yaml deleted file mode 100644 index f5c006f0c6a9..000000000000 --- a/bitnami/clickhouse/24/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "24" -- 24-debian-11 -- 24.1.5 -- latest diff --git a/bitnami/cluster-autoscaler/1/debian-11/Dockerfile b/bitnami/cluster-autoscaler/1/debian-11/Dockerfile deleted file mode 100644 index 36970d389d32..000000000000 --- a/bitnami/cluster-autoscaler/1/debian-11/Dockerfile +++ /dev/null @@ -1,55 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T22:52:24Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.29.0-debian-11-r24" \ - org.opencontainers.image.title="cluster-autoscaler" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="1.29.0" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "cluster-autoscaler-1.29.0-5-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN ln -sf /opt/bitnami/cluster-autoscaler/bin/cluster-autoscaler /opt/bitnami/cluster-autoscaler/cluster-autoscaler -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN chmod -R g+rwX /opt/bitnami/cluster-autoscaler/ -ENV APP_VERSION="1.29.0" \ - BITNAMI_APP_NAME="cluster-autoscaler" \ - PATH="/opt/bitnami/cluster-autoscaler/bin:$PATH" - -WORKDIR /opt/bitnami/cluster-autoscaler -USER 1001 -CMD [ "/run.sh" ] diff --git a/bitnami/cluster-autoscaler/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/cluster-autoscaler/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index c046e0aecaaa..000000000000 --- a/bitnami/cluster-autoscaler/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "cluster-autoscaler": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.29.0-5" - } -} \ No newline at end of file diff --git a/bitnami/cluster-autoscaler/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/cluster-autoscaler/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/cluster-autoscaler/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/cluster-autoscaler/1/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/cluster-autoscaler/1/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/cluster-autoscaler/1/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/cluster-autoscaler/1/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/cluster-autoscaler/1/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/cluster-autoscaler/1/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/cluster-autoscaler/1/debian-11/rootfs/run.sh b/bitnami/cluster-autoscaler/1/debian-11/rootfs/run.sh deleted file mode 100755 index 71a24dec28d4..000000000000 --- a/bitnami/cluster-autoscaler/1/debian-11/rootfs/run.sh +++ /dev/null @@ -1,36 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# Copyright 2017 The Kubernetes Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# A wrapper script trapping SIGTERM (docker stop) and passing the signal to -# cluster-autoscaler binary. - -if [ -z "$LOG_OUTPUT" ]; then - LOG_OUTPUT="/opt/bitnami/cluster-autoscaler/log/cluster_autoscaler.log" -fi - -/opt/bitnami/cluster-autoscaler/bin/cluster-autoscaler "$@" 1>>"$LOG_OUTPUT" 2>&1 & -pid="$!" -# shellcheck disable=SC2064 -trap "kill -15 $pid" 15 - -# We need a loop here, because receiving signal breaks out of wait. -# kill -0 doesn't send any signal, but it still checks if the process is running. -while kill -0 $pid > /dev/null 2>&1; do - wait $pid -done -exit "$?" diff --git a/bitnami/cluster-autoscaler/1/debian-11/tags-info.yaml b/bitnami/cluster-autoscaler/1/debian-11/tags-info.yaml deleted file mode 100644 index 3736856745d6..000000000000 --- a/bitnami/cluster-autoscaler/1/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "1" -- 1-debian-11 -- 1.29.0 -- latest diff --git a/bitnami/concourse/7/debian-11/Dockerfile b/bitnami/concourse/7/debian-11/Dockerfile deleted file mode 100644 index e2215afcaa7f..000000000000 --- a/bitnami/concourse/7/debian-11/Dockerfile +++ /dev/null @@ -1,50 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T22:53:23Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="7.11.2-debian-11-r18" \ - org.opencontainers.image.title="concourse" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="7.11.2" - -ENV OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl iproute2 iptables libseccomp2 procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "concourse-7.11.2-2-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN touch /.flyrc && chmod g+rwX /.flyrc -RUN update-alternatives --set iptables /usr/sbin/iptables-legacy && \ - update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy - -ENV APP_VERSION="7.11.2" \ - BITNAMI_APP_NAME="concourse" \ - PATH="/opt/bitnami/concourse/bin:$PATH" - -CMD [ "/opt/bitnami/concourse/bin/concourse", "--help" ] diff --git a/bitnami/concourse/7/debian-11/concourse_keys/authorized_worker_keys b/bitnami/concourse/7/debian-11/concourse_keys/authorized_worker_keys deleted file mode 100644 index ec3b27111c4c..000000000000 --- a/bitnami/concourse/7/debian-11/concourse_keys/authorized_worker_keys +++ /dev/null @@ -1 +0,0 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCvUdadCJME1nH1OnH2HuS5LxmyQ/rjvfLVkiDbXyvvXwtD0aJ84eKsPHE9m5nJpscy5XYBO/jqp/1YRiYeeB8OKK5SlNMUDf3tdzyq3WPYzIHdFOiXsfkoe+fXGjL4aUhxOUNa7EIVgKBoyX9LhXM3vYdUiBX3w+Qh9F7oj2Ox6ox5bERcY02RGxKF2DoapuzoED4S9iUt+2EKVKDeHoSNml7Ujf6P61cpoRfkYG1ml99jGQQG6GEVWryeT/m47LIUi1jhLDyTRrz2bxGnSspOSuZzTC2D6Fgdr1VwiyDSbmmuZB0yeiAZLITgDRPAUskonyJg/IRtEELLWTBO/8LNd2rMus66NlFo/bwAo0wpYQOxty6MuJqwgvazebGP0qshp8m0u8Vu5f+d6eHZSAe0vF03ykOlIEAEg/j02Vs2ZNRs4zFNGfJUnfqmyH5z3Ux2wwBgFMmz/aUMmSYlsnGNf88oczgtGoNSsoMxNP4Apyv8jFf8FHTXF8i2yhGGxzGOvVDyBXm7mhHaVxwe2HYyZe3Oevkcb3uAxsNkhR0a0N2aD3ENYecRnz5NGKVrO4yXE9ygm/y8M7Of2uNh/RmLNnb32dgHBjqiinRQZMqt6wsX7xws7qfbx6ZcOzlqfGnYbelaSE5vnVthpO67NBaqRtx16fseFhS73Nv2Gvdl9w== diff --git a/bitnami/concourse/7/debian-11/concourse_keys/session_signing_key b/bitnami/concourse/7/debian-11/concourse_keys/session_signing_key deleted file mode 100644 index 8a285e68af6e..000000000000 --- a/bitnami/concourse/7/debian-11/concourse_keys/session_signing_key +++ /dev/null @@ -1,51 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIJKAIBAAKCAgEAw8qaUipseQ9QSzU60Ai1q3klzQAYOWkeYB5pmPY1LTd5NW2X -l3V+37G2//0dJqC4HCcMBQBXrKccfYOMyijLbFWAK3iJSDgxJDUfG8Ean8E8gaDc -p/Li2NYdaueIHE5thP+KglNFa7mr1Hx36hFTrGA8VRiJLmu55oMDgdQL4XCU9NzC -6NHcfWOq/q+8lHgWFBG5hvAXvc2mds9rswJLe2ebDqdYzSFwygRIKGokod+8FHqZ -9rtY82Du9P2e3ARFlEjFJ3qjdjsa2v74C4Ul8vKqcGjosPHS98cTzhm394hbwYOU -TH3NPaxriPudvh0OGgD9akzUV7z2FVQWxCdNx/5cuG0rwKClOGEKwFoHYgljtpv0 -8NIgaCGhNVEl8GjsqrQG1MnxeONNNeMvSEmbJ1i+KFKzIQIS6M73/r5PaAqWGD3s -u+y2Kg2X/37ZCqL9vPuaW+TOWEVsPQycZ2/j1A8H6TBeHrNqjzhLd6A/rhK2Mn9a -toOaLw1dlEMR/fCV88QY75xBnKJvAemR2cKHDLiryr9QHEABtgPkMJ2z6W9JiTHw -RxQyypsItIC2wjJQZURERIVysDRcuigPz5BuJmcpvkZJkuOlEbW21dZ0H6KgKnuh -OtpimjgW/cMoWxdKPTNLAIXljQ/1F/KSxZY4zoWbWfuNO9solT8kNmCsLw8CAwEA -AQKCAgAZvwiwCVgeSz85xJQpSxvoopOv83U8B3CxHw6vyKCRg5vyxKiMiCzY6Zuw -6e3taHENcq0H81WUJJ2Ae84Fv3uQkWW7UaxrzMfZhQrEMY54t4ZnXWnmw+/Ep9NS -fYPOhRmtxZTHMoAMfGv2EzAJnaGtJzKH1iQj8JKPl2bcqa+uQ4my8VzIFOCztGmF -+EIKHAh7NyF4dxYIJYTgVsJI1eJrJeKj+Kmav+z/A7Uha2PJzYwD/WNFqLk3t+V0 -Xe2H7R/hMfiLCnt4TqlnZuPjT+z/l52GDqWarxIY9xrJnWQtrsayGcVkkZ5tn8C8 -UKobl+KE1OB+HABIUVbi0x3zSV/W08Q7JNJ3sCuFVgpOaWTSfAVzaqZ8SVxjWFNm -aOztU4HzmG6EEVQSNcTZatNClVd6jsQutUtWBLHCdEKMqvcSMMoTtcd60FJ0+s99 -J5kbg04MAxMvtlBGlp8I/VzLKICCAJiGv70ZEab0avTtjKXMS88rBcQ2wd6ULAWU -Q0JA9B/ZamcUSIVFlevbjYtewVStPXP2ifdGuj1k7Er00FtFNmNJIIr2q0j1cvdP -vQQV2BJQKcRiKVcPEYqsR6bpp5l25bF/wI0apnI4xP4GnnFMPy5XTViS7CKaWmDy -1oKT+1hoXPXYTTF3dFQMe1l6sg0sanTctSIWsPm2pcT9ZRdsIQKCAQEA7gj2Z6CJ -4id1BFWx3IwZD/MsQ1m/wbvjrGOWwTVTpWOMUlDCevp/DSg0J6VojgNGx6xCPlmp -GbBtMUlnFNYqq8w5qW48gJV4OT6RMWwzhh+15dIT3caXp2ZCI5kUVaSy22R0gcYh -ZjgnQPOHA7LX9doIXMSwDvySppixS23iTnP1yMADS3hkwg1PYVsgmY8Aq8+fglFO -bPVvKKYI4HsZTEQkbTTGUAm4ERWyPOqyYt/JYjDgg94YVTU9+4MyDYlpvUbu8gLo -bhEHlOv/Q25wcuZ2bILOxTCkWPVjeViHr3Nab3GtZkc474V6jygn0p8kNKF0SUrB -ywXEvzCcGqqhRwKCAQEA0pF1WcyrSeRSBRZbjfYH5RBP4hXJhBq1ZBu7yFcWiuEh -4CIvEVoWHuQYYK4DXHmj5rfJ4AHq7PdFq6xOqS8uC+ck3fMaXvXSK6s9fn2PoTAI -1YYiUQ5hLWRlH9r4KnnAvuGPK9XuP5dXsLlMeQrCOMyD0TdeYXIfBwG261PlvJsk -1C5dYr2/toOEgbXpjw2YnJkJBRhy4ZmUdLQrzKqJoGwCkWYnSV6yxXS9k5c4Yg93 -OXPQ6fVNLMCIKlDPOQNRkknI6U/Hhj8qSuQKMCphKooKsFzazY9mEaalageZAeEc -8lx3NtrZRZUUKvpFBMcKg1F+Q0HUGQkZ0+jQkoCn+QKCAQAv/3CoPq/vAWPQJvOB -dGKNW8x+HDfVeeyT01UPyo/+Vo9x/cTphV9fKM8ze2AU2sZH9w04g13cxz2NZa66 -feEG2Vx7NLZQe1NNv7cJTzcogXZtTCojWyszXyRRB0oZZueF48C2dlw/v2zy5OhB -r6tqcLek9ShHLVjo7Ps7KYIrrahO/aDsc+9lTcfG6tgs/q/09R3F6l01DVyHxssd -cNUOEuOBfdXLR9ps34IcVHr6AwQZn592F6+yZtUDxVWvcxj2SLpf5IQ3xYlQ1zGW -yEs2cBBLGylUi9Vn9rtDOb3KfCktNa/wYsYxTioDeeZlyx9C2ZeYO9HN/XDJ2KRx -oBx7AoIBAFBegIHz4nTjloKmk+9NNpoxbawHUNEBOLaq9zNyOgJsB3f61Cg1UDge -K0fLYzEKpIpNH9pGIRqtDoSF0cg1X8ffQ20Lesc/4CYWx/PdjNKi+Nw2xCZX7LNc -nFRaSVo8+lpg0TqT/sl6xFeJgiy49ISlWrKiBX4ABuOvvdd4QDmKpbXutGoZrnDF -JfA0NJ8LO3KZ3p15RW/iJI2erxEBDmKSlzBT4y7X3DgNZMZOc5DKAmGFWPnTTM+F -9PLhwRYrtBi33N1gO/F7bnMDMvhLVKbd5VKHPmQzFWwrRPuBRt82wsumi0H+qesr -CXWV7H30Uojos96L455ioN8G/4TLYlECggEBAOP9+76a/kPRja+0Gyes0RiZ6ioQ -x/W9R5qr3olvsa1wXy2hCPpqkruLWOZP+sBlPdl4uEq6uTLEUuPAjOJD7DfVLM6g -B+ZnaykYH9nn701IgrmdKAQ+1sCW1ba99rS/lLnewu2Mtj4E9LhLTWg7sNZnEgrl -u0W1MoNHje3WiaNZJ3L3qujEqMKKnu21KGnJad2x/YytQwZTeDd9NF27MApdpJHw -v9SyURD9VXpIkCWjzCxgY7bmImx/vSpqTRvzDGcaps77nbv2mylbIcJsHAQg06M+ -LZVDTOFriGKT2abAyV/B6jT9tYNbCN6+XqE5TItJvslCmc4pBaSkRebifqE= ------END PRIVATE KEY----- diff --git a/bitnami/concourse/7/debian-11/concourse_keys/tsa_host_key b/bitnami/concourse/7/debian-11/concourse_keys/tsa_host_key deleted file mode 100644 index 9100970fcede..000000000000 --- a/bitnami/concourse/7/debian-11/concourse_keys/tsa_host_key +++ /dev/null @@ -1,51 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIJKQIBAAKCAgEAvXwUGW6gKQ0oL33FxbqkLlOIkF4Ukh7UfRKFhadSxiD3TN1k -WR6a5tE3baupfhiC5XSWsPSiHna083ThHqeIAoCOe/EPoabvX2YWMz08t+ZAdiI0 -UkrIdQ6vW4dXkqG9051/9zXunkzt9TH/Qg/H9Te1N0tGRrGulkS0eeKDNXM9iUjm -KANPrHG36nMNMS+R63wY7LocBkNvOTbdJAG95dSwMhtP71PNVxMjswe4Tf3zBnT1 -4qsfs3ecqStl/b/WOhlI+mBc3F29d4NUvaPb+pDiLkJLa8V/8jstqlAB7EMxZHgo -oM5nr89XArOECf9xD3mTijuDpBHxaLrL7tzCA33WeD24bn7Iz/81S7H4GeQEano3 -xdpWwES9xRXLuyKWR3P18pjILcS8uHhY4zhKeAQORq0+y8OWofu2YeOwaYSi2HwN -mfvTBqJngfuLV25XgURbZ1X8Xbxkj0/VCHlcJKIS+ao+K6lWA5GhG30Nix4vDLTB -Pzc7mIwc3GiDWtMqFBr4CF4Az+FRNx2H3ozJLlljJ37MoPG/7KETRkFNprSbeT2p -t/5YC7C7jtrt+svJ8VTUrEyHkHiXyYGQHWFSI7eRuOBHwr2D3xiiqGL3ZHOpQfn5 -oIfKFvk6ZE9cE4/weIVLbF+X74AyDjfT9Jw0tU+PnBeYe5W5H0oHX2MZj4MCAwEA -AQKCAgEAm9nCbmifMySvOOCqGsg44iGy4YuAP+87tuPVDulhG7VhsscmEmcp4U+T -15CqCB0BDNmoWEPeVFAu5U/tGdmR9PzoNOlBgiRcHotJFzv3BQtNWd0oS8dWuXEq -qo3XabO+/p888Yhai7mav2IwIZX5UahQVPqFAwCCKPa5usakRQJUSua6545RqfSe -4SdgYmROEPIxTgSFqGEuylBl84e7OZ6GjbAJP0AeVNBZPJfM79lAWr84vwchO+vV -3w7jBKMVARRrAgTgXCB+Bh7vREvSU3V3k7TTdAEuC37BQKQt8LYTmh96y0j535Ea -cA5XPCHuTFwjDj+FNx3LAekic4T/zZJXwTy3vLL3gPM8wWjGle6WejnFCRZ9uBwb -gxlfLagxfiPK8RzuwkPJT6hHJiGD4BCkldp7U0X1JvPdXJHoJK3A5gYN9MXyhyrQ -LM/1yTRYMaskXzywGvOEmfUwyHEuFWQjkILe4B0xXvWJQTOPJd9rvQ9S8lLmqDDK -GMPcyg1VrImrjV01o4o967XbpuX7tuHcEn66kIEDYibCxRPvJwTUSq1Fw2+l993d -C5qZ7R1coEDl5ZGiDOkkd9zenV63HdtwjRJI97NTZxupv5w691YBV1hvKWl7YqxS -1RG9e2OA2UFUYemD/k3GuJF5Syh46mKYbLqGgyC4zmZVCRRL1oECggEBAMLKALGk -vKDj0BGHMRhkdrao03jo7SBVxeiZ9N7kpKNmyKxWD4qpqaKAB3rd6+k5Robzhoyx -Z9HlStnraXQqVvzgYXvUA9kT4igKI3CjNkifCqXyKq+vjFoq7XyvxmJmHm2NoFSO -9ES/6xDzqZ2Qp5VTO/ITIusywMnhrjNexNjRHorAV+vq0uJ8BvXuUVI4BFy3jlzB -gDXMPbWCGPLYN6AaoHl+kykfKASB1tc5pNlmMy/5iDmz7FgbFRFgFf//pSsc4i1h -Efz2fGDAMV82K9ROLPdx+PgCK/HOvdmFRVS0w0hvy3CDrs039E/890UVQN7POLNd -a5k47QkBRG+Tsc0CggEBAPkHW93fS4ma5NN5uhH6YL1yMS5yn3QjtezNRJpvTJCD -vBN+DKiZ7DlIOZtsw5i6GtK4PZYFw6568slS1UHVS6T89PRGrkfyEUQTPu5v81rn -n2hugbd56vldgowy3v5Pbf4lz7EZggfgDJ2qX5NFcxSqvp9/hdCqQys7+JIMbpGQ -FDBvgZiY1Y8MjeeVdrqXtrnwktnLOfucSISBZDaUKBbhlJk7245IIIUlFNWN2YWH -siZYt3PTa4oaOJK7HL7DzqBy0pUCdEi+f+bXKlDBWzEiLjDtUPiyND5orhz/jFiV -AgzYa/siC5NrI7641rsGvtpcKijLJROLS2jmktB4No8CggEATsNnrG00aMo1ZCEK -VRaqegmiGQ32dFC6iedXAJnriLcTBbx25FbeZProC2KY9eFXB1KJYXKKzHCu55ct -OO+15OLGCFAejjRgClivI+ibFppYr+lQIWIWmo8pIHXi/f7U5u+RmR+E3hfMcTpV -p4TKfrL9VlEumXQYSImc6uCzMAi/FNPZuWdmhnYoSmFnOJu2B9ehFRiZQyem/DHy -7J9JPtAFe5sW3lXe1JO7z6NbaRzOLeP0lYCPXMD2r+PugWlZ3Cj9u+O4ZlU0zdpp -HFrHNj22KQhI59/Y7Rnv4njlI+9D15J87K4SjKDHhWCAi8qgRHf+MWjhDT/bePyu -M3/BMQKCAQEAlza7tt8nLBhtCGiq7s29Pmv/pzec0VX52x/Nn4Uj1cDYTHHG1/4X -LbVInbMOlkezj+6mHtnDN8iaclsk+YO+GiIrz8S3gSJhD5gsJ3a9K57n8e7gP3v9 -jYwVgHJHa97paGCnW9+kUIngv0A8Jt4OAien9ovlwo4QmUkiJ/T6ktMNH1gmNnXf -f6xc4pmkbatAHmoRkcRQohMFCcjUBDw0l6hEpkNtj1kGvjKFEyO+SNHcAGLwipl/ -fG1tmtOZodCeQFlYu3ixCZb7bT2MCVtPt2cM61K/TzROevLvftZB72wTwZ8M+oJy -ywJMwzvTz99JtqguRXUNP2/ey4Tu8z17ywKCAQAVEoFsGcmKYy//Gt72UvXu+qLg -rZdJ+X9r/3F2yHfta91KXpnqE8tEiBlgMjG8eHsR0xQj1UM9NWanKDAFYSloFWBN -cEhdMYePLIasI+UDQkotmxmbsbNyME/CYj823HFw79F7c0xkZoYROr/+acygDTPO -GgD+e1k3+CJEPYIz8eu0emKHUi8l7uDHHueW/aq6btvyeorUSZsH+qYqdEfwkkKd -UNjEz0aMYhh0nvIloC3iixwL0J/njC48qJMAIO72rauc6fHTt91JxPIwCAAq5nT+ -cqFigN5MM6JFd7zrguA/7X64EX4u/HmuaYRD/bwmCQLxpMke+s0sjoqQIM5b ------END PRIVATE KEY----- diff --git a/bitnami/concourse/7/debian-11/concourse_keys/tsa_host_key.pub b/bitnami/concourse/7/debian-11/concourse_keys/tsa_host_key.pub deleted file mode 100644 index c63435762e21..000000000000 --- a/bitnami/concourse/7/debian-11/concourse_keys/tsa_host_key.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC9fBQZbqApDSgvfcXFuqQuU4iQXhSSHtR9EoWFp1LGIPdM3WRZHprm0Tdtq6l+GILldJaw9KIedrTzdOEep4gCgI578Q+hpu9fZhYzPTy35kB2IjRSSsh1Dq9bh1eSob3TnX/3Ne6eTO31Mf9CD8f1N7U3S0ZGsa6WRLR54oM1cz2JSOYoA0+scbfqcw0xL5HrfBjsuhwGQ285Nt0kAb3l1LAyG0/vU81XEyOzB7hN/fMGdPXiqx+zd5ypK2X9v9Y6GUj6YFzcXb13g1S9o9v6kOIuQktrxX/yOy2qUAHsQzFkeCigzmevz1cCs4QJ/3EPeZOKO4OkEfFousvu3MIDfdZ4PbhufsjP/zVLsfgZ5ARqejfF2lbARL3FFcu7IpZHc/XymMgtxLy4eFjjOEp4BA5GrT7Lw5ah+7Zh47BphKLYfA2Z+9MGomeB+4tXbleBRFtnVfxdvGSPT9UIeVwkohL5qj4rqVYDkaEbfQ2LHi8MtME/NzuYjBzcaINa0yoUGvgIXgDP4VE3HYfejMkuWWMnfsyg8b/soRNGQU2mtJt5Pam3/lgLsLuO2u36y8nxVNSsTIeQeJfJgZAdYVIjt5G44EfCvYPfGKKoYvdkc6lB+fmgh8oW+TpkT1wTj/B4hUtsX5fvgDION9P0nDS1T4+cF5h7lbkfSgdfYxmPgw== diff --git a/bitnami/concourse/7/debian-11/concourse_keys/worker_key b/bitnami/concourse/7/debian-11/concourse_keys/worker_key deleted file mode 100644 index 2d31df5655f7..000000000000 --- a/bitnami/concourse/7/debian-11/concourse_keys/worker_key +++ /dev/null @@ -1,51 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIJJgIBAAKCAgEAr1HWnQiTBNZx9Tpx9h7kuS8ZskP6473y1ZIg218r718LQ9Gi -fOHirDxxPZuZyabHMuV2ATv46qf9WEYmHngfDiiuUpTTFA397Xc8qt1j2MyB3RTo -l7H5KHvn1xoy+GlIcTlDWuxCFYCgaMl/S4VzN72HVIgV98PkIfRe6I9jseqMeWxE -XGNNkRsShdg6Gqbs6BA+EvYlLfthClSg3h6EjZpe1I3+j+tXKaEX5GBtZpffYxkE -BuhhFVq8nk/5uOyyFItY4Sw8k0a89m8Rp0rKTkrmc0wtg+hYHa9VcIsg0m5prmQd -MnogGSyE4A0TwFLJKJ8iYPyEbRBCy1kwTv/CzXdqzLrOujZRaP28AKNMKWEDsbcu -jLiasIL2s3mxj9KrIafJtLvFbuX/nenh2UgHtLxdN8pDpSBABIP49NlbNmTUbOMx -TRnyVJ36psh+c91MdsMAYBTJs/2lDJkmJbJxjX/PKHM4LRqDUrKDMTT+AKcr/IxX -/BR01xfItsoRhscxjr1Q8gV5u5oR2lccHth2MmXtznr5HG97gMbDZIUdGtDdmg9x -DWHnEZ8+TRilazuMlxPcoJv8vDOzn9rjYf0ZizZ299nYBwY6oop0UGTKresLF+8c -LO6n28emXDs5anxp2G3pWkhOb51bYaTuuzQWqkbcden7HhYUu9zb9hr3ZfcCAwEA -AQKCAgEAmz19Ktm/zQXSLJIO/R+H6k5Bk69MRkMY9nIJdBaGwdPIFspW9fvSii6P -Gz1f5MYwFupGHnurQqVz2Kls8Yft/8yX53numhB1q8LsTmPxGLSlvUzZVBF8jZOB -y99gCMS5J8DL2oPfVEjsQT1C4W2Og2nonjpOMXEc3dAUBhuJ7K3Cq3Xp5mDr+zQc -p7W6ZYUvu6E+Re39KAUyfUJIm8YsG3L4y3/cTDXYnX0OueOEm9aZMJejEDbOWGlb -IVexyUSVv0lQbzqLfOGjSxc4a4j3MHJ0Mt3eY7Hl7IsnvZsEejDYlVoC3IJ1T7Uz -B22s8pybkMOwXm7bF/PRIVydQSaJp4tDihlrKc/7BuLRxmWTa3poTeGW/nA/a/Ar -hoSp86A7002DYyzSCGO49zPCyK8Ix+5FLIQ4Id7n0cB75RkwUU4D3F3sMNpz6mKB -ffGMKAVTAVwdwktyHEOWEKeTFXLEJHE5XmrvXb0LspIAM9hTyLfKiXugA5O7gLeh -jw/llqrcCL4nlNMi/bAN+kyISdPYzCRR1N93xJfWQYl0rySaI8i8lsS26GHdFITa -J6WZ0z1dDp0qxxWXq3uy8wQpkSBA7ybo5eRcc8KwAZ5u1ZS9Z5I5qIaPX+go/b6n -7Z4yCzNPzKuGJK4gZN3eQWhYyird/DCLXo/cdZ8rt10n5xflXzECggEBAOl9UqyY -sxcBhbfy5uFkVfSytGOd9VHR/ytgdqE/Y4eUKYqE3a5It472O05OpuK2Fn7c27sJ -B6Iy4gRnX/xfAstTjiOsM84OFvoXUDs47Zhh5CvZforHBNTeO/0EIrd9LlFPsQVL -GAz+Lh5pc7dwRKhheGSFst6pArERDFszvq6j3fubppjA9gFD8wqirjzQAOx6y+Ll -POPQb19GLXcjjBESuVTlrbzrstJ2JvyY5TZ1eJGx/C3sG48fNaszYbiFv0My7r5Z -0sqquCdGPJW5PofLVqE85iK80Op14KdUz3RvUKRZzI5owie1x9ZzrqMhEyU9rBV/ -xcJsvqz8CFrpSdkCggEBAMA42DRdSL8GPU1F87z3L64izPE4otbbaf9vflCUncEu -jgWw71CNpXYmIWPoOs8myaPET1Ss4lvwZVEmEV3mETTkHMvBOScq2dajQpA+lBDo -5u6gLjD5At88jhZIQRgN4LenmVNVvZXhSmdLawVO8joXxuL5cORiAHUoxZsCOfY/ -P4FmuP9GXdFTOW7YfvLwnl7DvRGKDQd68SYsJLps5/dzLkIhnisyopT5ZVt9+j4j -Pw4XVjWK1S+VCJ0Y692kAKQg+W/UTAykpwJ3UgQx8Qzb4Hu2OwHAVxT6U6UU2Oin -LSqNKEVR/LbY7BclG47NLUx1DkW8iz2kQ25MvXWI/E8CggEALSWOVtEvz8L7mBXf -jrVX6XikaJ6iUK/KJxj/1y3qkMyVO7N1Kb3lwD7cOMf8fNm4f880rXWRhEtSaIeU -h7fXUnlVgpBJdA5FYxYe7VSUnGJRPClRzoOs63wNHV8vV0tdKVu/XsamX9zGDhtV -xKJwpB40qTsw2tzTKGmjef8HX71Prtbp359v8c6xr9zE0/1kMFWOFtE8dNBYuJNZ -NzAoZSS5sTC350+rxAYUg8MMjvsn1QQVPsvoiEQAnJnSy1sRIG04vJWhrI5WDUIH -dOvcq2Ul2wdreEwKGUuxpKlBc8ISVbUHWIHpCMSdX1n+6ov6p7jFDWMnWfCs7cXN -18ZEAQKCAQBf1vfVg/1VYSMHeC1CtmxLgoZ0byyhu9xpw4lTXAYb375oEAQCQd2R -vwk+6vcHeetnf+Wd7mUeOgoKH9Tg4GkL2gCRhtGcOb1LSzNRACKLG9Sofa0KNd28 -uFCPw47RE3pLl4DXEBTqud2DCxNdHjOfy2MaoAwtkr9vqth7pOyJXpenSTRL8yWr -zLcCEWeacWZFEYsfR5mfdSjvQ2s8mDhAJGmYB3L5TtHJPV/P8kvm12QE/pW5NHN+ -uewFh/tyEudO7jHwFAWm+CFdFWkLNmtdYfPXOtDI2sGQcA9sa6yKs2/Nm3vMtEgw -Uo/EKnhHBv3i9SockxlJrrEAObrs81P5AoH/HodLOX6nd0Kpvt2GNfD6ZimPOFAY -HB84IK54xRDgx/i8ahh17GaGE/+ZeBse275sweYcPxl98RDhn8gB1SbJdPR9bEUu -jJjoucecg36qj0jYEQKgYeWFCSDU0DZyIo5t9Sot9LaEvDYloasfzi4bxcJHxOAm -hA1EZPdrsW9qt/5sFIPQp+LI2yEOtCouSvR7O7qmw7KLpFZDs3M/fqUdHbP0Gv6U -0xv52GQqKOnu8FqaBsxops/c/2D2dW/lU3EyVyITZlIcyeVXoVMh+59GdUX0MHJQ -d4vI8DTn9wtSboB/cz5adr/f9QtuS3p4hxXZfcHwi/ReKJ52nTcw2b/d ------END PRIVATE KEY----- diff --git a/bitnami/concourse/7/debian-11/concourse_keys/worker_key.pub b/bitnami/concourse/7/debian-11/concourse_keys/worker_key.pub deleted file mode 100644 index ec3b27111c4c..000000000000 --- a/bitnami/concourse/7/debian-11/concourse_keys/worker_key.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCvUdadCJME1nH1OnH2HuS5LxmyQ/rjvfLVkiDbXyvvXwtD0aJ84eKsPHE9m5nJpscy5XYBO/jqp/1YRiYeeB8OKK5SlNMUDf3tdzyq3WPYzIHdFOiXsfkoe+fXGjL4aUhxOUNa7EIVgKBoyX9LhXM3vYdUiBX3w+Qh9F7oj2Ox6ox5bERcY02RGxKF2DoapuzoED4S9iUt+2EKVKDeHoSNml7Ujf6P61cpoRfkYG1ml99jGQQG6GEVWryeT/m47LIUi1jhLDyTRrz2bxGnSspOSuZzTC2D6Fgdr1VwiyDSbmmuZB0yeiAZLITgDRPAUskonyJg/IRtEELLWTBO/8LNd2rMus66NlFo/bwAo0wpYQOxty6MuJqwgvazebGP0qshp8m0u8Vu5f+d6eHZSAe0vF03ykOlIEAEg/j02Vs2ZNRs4zFNGfJUnfqmyH5z3Ux2wwBgFMmz/aUMmSYlsnGNf88oczgtGoNSsoMxNP4Apyv8jFf8FHTXF8i2yhGGxzGOvVDyBXm7mhHaVxwe2HYyZe3Oevkcb3uAxsNkhR0a0N2aD3ENYecRnz5NGKVrO4yXE9ygm/y8M7Of2uNh/RmLNnb32dgHBjqiinRQZMqt6wsX7xws7qfbx6ZcOzlqfGnYbelaSE5vnVthpO67NBaqRtx16fseFhS73Nv2Gvdl9w== diff --git a/bitnami/concourse/7/debian-11/docker-compose.yml b/bitnami/concourse/7/debian-11/docker-compose.yml deleted file mode 100644 index 6d3d35d5cf43..000000000000 --- a/bitnami/concourse/7/debian-11/docker-compose.yml +++ /dev/null @@ -1,52 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' -services: - postgresql: - image: docker.io/bitnami/postgresql:15 - environment: - - POSTGRESQL_DATABASE=bitnami_concourse - - POSTGRESQL_USERNAME=bn_concourse - - POSTGRESQL_PASSWORD=bitnami1 - - ALLOW_EMPTY_PASSWORD=yes - volumes: - - 'postgresql_data:/bitnami/postgresql' - concourse: - image: docker.io/bitnami/concourse:7 - command: concourse web - environment: - - CONCOURSE_RUNTIME=containerd - - CONCOURSE_POSTGRES_DATABASE=bitnami_concourse - - CONCOURSE_POSTGRES_USER=bn_concourse - - CONCOURSE_POSTGRES_PASSWORD=bitnami1 - - CONCOURSE_LOG_LEVEL=debug - - CONCOURSE_POSTGRES_HOST=postgresql - - CONCOURSE_EXTERNAL_URL=http://localhost:8080 - - CONCOURSE_ADD_LOCAL_USER=user:bitnami,guest:guest - - CONCOURSE_MAIN_TEAM_LOCAL_USER=user - - CONCOURSE_CLUSTER_NAME=dev - - CONCOURSE_ENABLE_PIPELINE_INSTANCES=true - - CONCOURSE_ENABLE_ACROSS_STEP=true - - CONCOURSE_ENABLE_CACHE_STREAMED_VOLUMES=true - volumes: - - 'concourse_web_data:/bitnami/concourse' - concourse_worker: - image: docker.io/bitnami/concourse:7 - command: concourse worker - privileged: true - environment: - - CONCOURSE_RUNTIME=containerd - - CONCOURSE_LOG_LEVEL=debug - - CONCOURSE_TSA_HOST=concourse:2222 - - CONCOURSE_BIND_IP=0.0.0.0 - - CONCOURSE_BAGGAGECLAIM_BIND_IP=0.0.0.0 - - CONCOURSE_BAGGAGECLAIM_DRIVER=overlay - - CONCOURSE_CONTAINERD_DNS_PROXY_ENABLE=true - - CONCOURSE_WEB_PUBLIC_DIR=/opt/bitnami/concourse/web/public - - CONCOURSE_WORK_DIR=/opt/bitnami/concourse -volumes: - postgresql_data: - driver: local - concourse_web_data: - driver: local diff --git a/bitnami/concourse/7/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/concourse/7/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index d797ebc4af5d..000000000000 --- a/bitnami/concourse/7/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "concourse": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "7.11.2-2" - } -} \ No newline at end of file diff --git a/bitnami/concourse/7/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/concourse/7/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/concourse/7/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/concourse/7/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/concourse/7/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/concourse/7/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/concourse/7/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/concourse/7/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/concourse/7/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/concourse/7/debian-11/tags-info.yaml b/bitnami/concourse/7/debian-11/tags-info.yaml deleted file mode 100644 index d3ad17ff9eba..000000000000 --- a/bitnami/concourse/7/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "7" -- 7-debian-11 -- 7.11.2 -- latest diff --git a/bitnami/configmap-reload/0/debian-11/Dockerfile b/bitnami/configmap-reload/0/debian-11/Dockerfile deleted file mode 100644 index b2eb575da99a..000000000000 --- a/bitnami/configmap-reload/0/debian-11/Dockerfile +++ /dev/null @@ -1,55 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T22:55:43Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="0.12.0-debian-11-r35" \ - org.opencontainers.image.title="configmap-reload" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="0.12.0" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "configmap-reload-0.12.0-10-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN ln -sf /opt/bitnami/configmap-reload/bin/configmap-reload /bin/configmap-reload -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="0.12.0" \ - BITNAMI_APP_NAME="configmap-reload" \ - PATH="/opt/bitnami/configmap-reload/bin:$PATH" - -EXPOSE 8080 - -WORKDIR /opt/bitnami/configmap-reload -USER 1001 -ENTRYPOINT [ "configmap-reload" ] diff --git a/bitnami/configmap-reload/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/configmap-reload/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index ea5b61a4bc3a..000000000000 --- a/bitnami/configmap-reload/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "configmap-reload": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "0.12.0-10" - } -} \ No newline at end of file diff --git a/bitnami/configmap-reload/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/configmap-reload/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/configmap-reload/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/configmap-reload/0/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/configmap-reload/0/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/configmap-reload/0/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/configmap-reload/0/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/configmap-reload/0/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/configmap-reload/0/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/configmap-reload/0/debian-11/tags-info.yaml b/bitnami/configmap-reload/0/debian-11/tags-info.yaml deleted file mode 100644 index e38fc19bff7f..000000000000 --- a/bitnami/configmap-reload/0/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "0" -- 0-debian-11 -- 0.12.0 -- latest diff --git a/bitnami/configurable-http-proxy/4/debian-11/Dockerfile b/bitnami/configurable-http-proxy/4/debian-11/Dockerfile deleted file mode 100644 index e141223333ea..000000000000 --- a/bitnami/configurable-http-proxy/4/debian-11/Dockerfile +++ /dev/null @@ -1,55 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T22:58:07Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="4.6.1-debian-11-r24" \ - org.opencontainers.image.title="configurable-http-proxy" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="4.6.1" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libbz2-1.0 libcom-err2 libcrypt1 libffi7 libgcc-s1 libgssapi-krb5-2 libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 liblzma5 libncursesw6 libnsl2 libreadline8 libsqlite3-0 libssl1.1 libstdc++6 libtinfo6 libtirpc3 procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "python-3.11.8-0-linux-${OS_ARCH}-debian-11" \ - "node-18.19.1-0-linux-${OS_ARCH}-debian-11" \ - "configurable-http-proxy-4.6.1-2-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="4.6.1" \ - BITNAMI_APP_NAME="configurable-http-proxy" \ - PATH="/opt/bitnami/python/bin:/opt/bitnami/node/bin:/opt/bitnami/configurable-http-proxy/bin:$PATH" - -EXPOSE 3000 - -USER 1001 -ENTRYPOINT [ "configurable-http-proxy" ] diff --git a/bitnami/configurable-http-proxy/4/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/configurable-http-proxy/4/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 99706e0595ec..000000000000 --- a/bitnami/configurable-http-proxy/4/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "configurable-http-proxy": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "4.6.1-2" - }, - "node": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "18.19.1-0" - }, - "python": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.11.8-0" - } -} \ No newline at end of file diff --git a/bitnami/configurable-http-proxy/4/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/configurable-http-proxy/4/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/configurable-http-proxy/4/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/configurable-http-proxy/4/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/configurable-http-proxy/4/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/configurable-http-proxy/4/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/configurable-http-proxy/4/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/configurable-http-proxy/4/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/configurable-http-proxy/4/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/configurable-http-proxy/4/debian-11/tags-info.yaml b/bitnami/configurable-http-proxy/4/debian-11/tags-info.yaml deleted file mode 100644 index 1dfeebd960e3..000000000000 --- a/bitnami/configurable-http-proxy/4/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "4" -- 4-debian-11 -- 4.6.1 -- latest diff --git a/bitnami/consul-exporter/0/debian-11/Dockerfile b/bitnami/consul-exporter/0/debian-11/Dockerfile deleted file mode 100644 index ff5343a9a506..000000000000 --- a/bitnami/consul-exporter/0/debian-11/Dockerfile +++ /dev/null @@ -1,55 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T22:58:51Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="0.11.0-debian-11-r25" \ - org.opencontainers.image.title="consul-exporter" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="0.11.0" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "consul-exporter-0.11.0-5-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN ln -sf /opt/bitnami/consul-exporter/bin/consul_exporter /bin/consul_exporter -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="0.11.0" \ - BITNAMI_APP_NAME="consul-exporter" \ - PATH="/opt/bitnami/consul-exporter/bin:$PATH" - -EXPOSE 9107 - -WORKDIR /opt/bitnami/consul-exporter -USER 1001 -ENTRYPOINT [ "consul_exporter" ] diff --git a/bitnami/consul-exporter/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/consul-exporter/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 62b7dc88ef04..000000000000 --- a/bitnami/consul-exporter/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "consul-exporter": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "0.11.0-5" - } -} \ No newline at end of file diff --git a/bitnami/consul-exporter/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/consul-exporter/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/consul-exporter/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/consul-exporter/0/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/consul-exporter/0/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/consul-exporter/0/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/consul-exporter/0/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/consul-exporter/0/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/consul-exporter/0/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/consul-exporter/0/debian-11/tags-info.yaml b/bitnami/consul-exporter/0/debian-11/tags-info.yaml deleted file mode 100644 index 6bbc3aee39ef..000000000000 --- a/bitnami/consul-exporter/0/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "0" -- 0-debian-11 -- 0.11.0 -- latest diff --git a/bitnami/consul/1/debian-11/Dockerfile b/bitnami/consul/1/debian-11/Dockerfile deleted file mode 100644 index 6b96c9b821ed..000000000000 --- a/bitnami/consul/1/debian-11/Dockerfile +++ /dev/null @@ -1,59 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T23:19:41Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.17.3-debian-11-r9" \ - org.opencontainers.image.title="consul" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="1.17.3" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl iproute2 procps zlib1g-dev -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "render-template-1.0.6-9-linux-${OS_ARCH}-debian-11" \ - "consul-1.17.3-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/consul/postunpack.sh -ENV APP_VERSION="1.17.3" \ - BITNAMI_APP_NAME="consul" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/consul/bin:$PATH" - -EXPOSE 8300 8301 8500 8600 - -EXPOSE 8301/udp 8600/udp - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/consul/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/consul/run.sh" ] diff --git a/bitnami/consul/1/debian-11/docker-compose.yml b/bitnami/consul/1/debian-11/docker-compose.yml deleted file mode 100644 index 5269e3c6a077..000000000000 --- a/bitnami/consul/1/debian-11/docker-compose.yml +++ /dev/null @@ -1,20 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' - -services: - consul: - image: docker.io/bitnami/consul:1 - volumes: - - consul_data:/bitnami/consul - ports: - - '8300:8300' - - '8301:8301' - - '8301:8301/udp' - - '8500:8500' - - '8600:8600' - - '8600:8600/udp' -volumes: - consul_data: - driver: local diff --git a/bitnami/consul/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/consul/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 502d0d184050..000000000000 --- a/bitnami/consul/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "consul": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.17.3-1" - }, - "render-template": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.6-9" - } -} \ No newline at end of file diff --git a/bitnami/consul/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/consul/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/consul/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/consul/1/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/consul/1/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/consul/1/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/consul/1/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/consul/1/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/consul/1/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/consul/1/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/consul/1/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/consul/1/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/consul/1/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/consul/1/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/consul/1/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/consul/1/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/consul/1/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/consul/1/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/consul/1/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/consul/1/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/consul/1/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/consul/1/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/consul/1/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/consul/1/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/consul/1/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/consul/1/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/consul/1/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/consul/1/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/consul/1/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/consul/1/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/consul/1/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/consul/1/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/consul/1/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/consul/1/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/consul/1/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/consul/1/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/consul/1/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/consul/1/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/consul/1/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/consul/1/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/consul/1/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/consul/1/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/consul/1/debian-11/rootfs/opt/bitnami/consul/templates/consul.json.tpl b/bitnami/consul/1/debian-11/rootfs/opt/bitnami/consul/templates/consul.json.tpl deleted file mode 100755 index 96d1dbf2294c..000000000000 --- a/bitnami/consul/1/debian-11/rootfs/opt/bitnami/consul/templates/consul.json.tpl +++ /dev/null @@ -1,24 +0,0 @@ -{ - "node_name": "{{CONSUL_NODE_NAME}}", - "datacenter": "{{CONSUL_DATACENTER}}", - "domain": "{{CONSUL_DOMAIN}}", - "data_dir": "{{CONSUL_DATA_DIR}}", - "pid_file": "{{CONSUL_PID_FILE}}", - "ui": {{CONSUL_ENABLE_UI}}, - "bootstrap_expect": {{CONSUL_BOOTSTRAP_EXPECT}}, - "performance": { - "raft_multiplier": {{CONSUL_RAFT_MULTIPLIER}} - }, - "addresses": { - "http": "{{CONSUL_CLIENT_LAN_ADDRESS}}" - }, - "retry_join": ["{{CONSUL_RETRY_JOIN_ADDRESS}}"], - "retry_join_wan": ["{{CONSUL_RETRY_JOIN_WAN_ADDRESS}}"], - "ports": { - "http": {{CONSUL_HTTP_PORT_NUMBER}}, - "dns": {{CONSUL_DNS_PORT_NUMBER}}, - "serf_lan": {{CONSUL_SERF_LAN_PORT_NUMBER}}, - "server": {{CONSUL_RPC_PORT_NUMBER}} - }, - "serf_lan": "{{CONSUL_SERF_LAN_ADDRESS}}" -} diff --git a/bitnami/consul/1/debian-11/rootfs/opt/bitnami/consul/templates/encrypt.json.tpl b/bitnami/consul/1/debian-11/rootfs/opt/bitnami/consul/templates/encrypt.json.tpl deleted file mode 100755 index 598009f04a13..000000000000 --- a/bitnami/consul/1/debian-11/rootfs/opt/bitnami/consul/templates/encrypt.json.tpl +++ /dev/null @@ -1,3 +0,0 @@ -{ - "encrypt": "{{CONSUL_GOSSIP_ENCRYPTION_KEY}}" -} diff --git a/bitnami/consul/1/debian-11/rootfs/opt/bitnami/scripts/consul-env.sh b/bitnami/consul/1/debian-11/rootfs/opt/bitnami/scripts/consul-env.sh deleted file mode 100644 index f29e8ba3eb0c..000000000000 --- a/bitnami/consul/1/debian-11/rootfs/opt/bitnami/scripts/consul-env.sh +++ /dev/null @@ -1,122 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for consul - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-consul}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -consul_env_vars=( - CONSUL_RPC_PORT_NUMBER - CONSUL_HTTP_PORT_NUMBER - CONSUL_DNS_PORT_NUMBER - CONSUL_DNS_PORT_NUMBER - CONSUL_AGENT_MODE - CONSUL_DISABLE_KEYRING_FILE - CONSUL_SERF_LAN_ADDRESS - CONSUL_SERF_LAN_PORT_NUMBER - CONSUL_CLIENT_LAN_ADDRESS - CONSUL_RETRY_JOIN_ADDRESS - CONSUL_RETRY_JOIN_WAN_ADDRESS - CONSUL_BIND_INTERFACE - CONSUL_BIND_ADDR - CONSUL_ENABLE_UI - CONSUL_BOOTSTRAP_EXPECT - CONSUL_RAFT_MULTIPLIER - CONSUL_LOCAL_CONFIG - CONSUL_GOSSIP_ENCRYPTION - CONSUL_GOSSIP_ENCRYPTION_KEY - CONSUL_DATACENTER - CONSUL_DOMAIN - CONSUL_NODE_NAME - CONSUL_DISABLE_HOST_NODE_ID - CONSUL_SERVER_MODE - CONSUL_RETRY_JOIN - CONSUL_UI -) -for env_var in "${consul_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset consul_env_vars - -# Paths -export PATH="${BITNAMI_ROOT_DIR}/common/bin:${PATH}" -export CONSUL_BASE_DIR="${BITNAMI_ROOT_DIR}/consul" -export CONSUL_CONF_DIR="${CONSUL_BASE_DIR}/conf" -export CONSUL_BIN_DIR="${CONSUL_BASE_DIR}/bin" -export CONSUL_CONF_FILE="${CONSUL_CONF_DIR}/consul.json" -export CONSUL_ENCRYPT_FILE="${CONSUL_CONF_DIR}/encrypt.json" -export CONSUL_LOCAL_FILE="${CONSUL_CONF_DIR}/local.json" -export CONSUL_LOG_DIR="${CONSUL_BASE_DIR}/logs" -export CONSUL_LOG_FILE="${CONSUL_LOG_DIR}/consul.log" -export CONSUL_VOLUME_DIR="/bitnami/consul" -export CONSUL_DATA_DIR="${CONSUL_VOLUME_DIR}" -export CONSUL_SSL_DIR="${CONSUL_BASE_DIR}/certificates" -export CONSUL_TMP_DIR="${CONSUL_BASE_DIR}/tmp" -export CONSUL_PID_FILE="${CONSUL_TMP_DIR}/consul.pid" -export CONSUL_TEMPLATES_DIR="${CONSUL_BASE_DIR}/templates" -export CONSUL_CONFIG_TEMPLATE_FILE="${CONSUL_TEMPLATES_DIR}/consul.json.tpl" -export CONSUL_ENCRYPT_TEMPLATE_FILE="${CONSUL_TEMPLATES_DIR}/encrypt.json.tpl" -export CONSUL_LOCAL_TEMPLATE_FILE="${CONSUL_TEMPLATES_DIR}/local.json.tpl" -export CONSUL_INITSCRIPTS_DIR="/docker-entrypoint-initdb.d" - -# System users (when running with a privileged user) -export CONSUL_DAEMON_USER="consul" -export CONSUL_SYSTEM_USER="$CONSUL_DAEMON_USER" -export CONSUL_DAEMON_GROUP="consul" -export CONSUL_SYSTEM_GROUP="$CONSUL_DAEMON_GROUP" - -# Consul runtime settings -export CONSUL_RPC_PORT_NUMBER="${CONSUL_RPC_PORT_NUMBER:-8300}" -export CONSUL_HTTP_PORT_NUMBER="${CONSUL_HTTP_PORT_NUMBER:-8500}" -export CONSUL_DNS_PORT_NUMBER="${CONSUL_DNS_PORT_NUMBER:-8600}" -export CONSUL_DNS_PORT_NUMBER="${CONSUL_DNS_PORT_NUMBER:-8600}" -CONSUL_AGENT_MODE="${CONSUL_AGENT_MODE:-"${CONSUL_SERVER_MODE:-}"}" -export CONSUL_AGENT_MODE="${CONSUL_AGENT_MODE:-server}" -export CONSUL_DISABLE_KEYRING_FILE="${CONSUL_DISABLE_KEYRING_FILE:-false}" -export CONSUL_SERF_LAN_ADDRESS="${CONSUL_SERF_LAN_ADDRESS:-0.0.0.0}" -export CONSUL_SERF_LAN_PORT_NUMBER="${CONSUL_SERF_LAN_PORT_NUMBER:-8301}" -export CONSUL_CLIENT_LAN_ADDRESS="${CONSUL_CLIENT_LAN_ADDRESS:-0.0.0.0}" -CONSUL_RETRY_JOIN_ADDRESS="${CONSUL_RETRY_JOIN_ADDRESS:-"${CONSUL_RETRY_JOIN:-}"}" -export CONSUL_RETRY_JOIN_ADDRESS="${CONSUL_RETRY_JOIN_ADDRESS:-127.0.0.1}" -export CONSUL_RETRY_JOIN_WAN_ADDRESS="${CONSUL_RETRY_JOIN_WAN_ADDRESS:-127.0.0.1}" -export CONSUL_BIND_INTERFACE="${CONSUL_BIND_INTERFACE:-}" -export CONSUL_BIND_ADDR="${CONSUL_BIND_ADDR:-}" -CONSUL_ENABLE_UI="${CONSUL_ENABLE_UI:-"${CONSUL_UI:-}"}" -export CONSUL_ENABLE_UI="${CONSUL_ENABLE_UI:-true}" -export CONSUL_BOOTSTRAP_EXPECT="${CONSUL_BOOTSTRAP_EXPECT:-1}" -export CONSUL_RAFT_MULTIPLIER="${CONSUL_RAFT_MULTIPLIER:-1}" -export CONSUL_LOCAL_CONFIG="${CONSUL_LOCAL_CONFIG:-}" -export CONSUL_GOSSIP_ENCRYPTION="${CONSUL_GOSSIP_ENCRYPTION:-no}" -export CONSUL_GOSSIP_ENCRYPTION_KEY="${CONSUL_GOSSIP_ENCRYPTION_KEY:-}" -export CONSUL_DATACENTER="${CONSUL_DATACENTER:-dc1}" -export CONSUL_DOMAIN="${CONSUL_DOMAIN:-consul}" -export CONSUL_NODE_NAME="${CONSUL_NODE_NAME:-}" -export CONSUL_DISABLE_HOST_NODE_ID="${CONSUL_DISABLE_HOST_NODE_ID:-true}" - -# Custom environment variables may be defined below diff --git a/bitnami/consul/1/debian-11/rootfs/opt/bitnami/scripts/consul/entrypoint.sh b/bitnami/consul/1/debian-11/rootfs/opt/bitnami/scripts/consul/entrypoint.sh deleted file mode 100755 index fefaf67d9f4d..000000000000 --- a/bitnami/consul/1/debian-11/rootfs/opt/bitnami/scripts/consul/entrypoint.sh +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/libconsul.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Consul env. variables -. /opt/bitnami/scripts/consul-env.sh - -print_welcome_page - -if [[ "$*" = "/opt/bitnami/scripts/consul/run.sh" ]]; then - info "** Starting Consul setup **" - /opt/bitnami/scripts/consul/setup.sh - info "** Consul setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/consul/1/debian-11/rootfs/opt/bitnami/scripts/consul/postunpack.sh b/bitnami/consul/1/debian-11/rootfs/opt/bitnami/scripts/consul/postunpack.sh deleted file mode 100755 index aaa4fdefcfad..000000000000 --- a/bitnami/consul/1/debian-11/rootfs/opt/bitnami/scripts/consul/postunpack.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libconsul.sh - -# Load Consul env. variables -. /opt/bitnami/scripts/consul-env.sh - -for dir in ${CONSUL_CONF_DIR} ${CONSUL_DATA_DIR} ${CONSUL_LOG_DIR} ${CONSUL_TMP_DIR} ${CONSUL_SSL_DIR} ${CONSUL_EXTRA_DIR}; do - ensure_dir_exists "${dir}" - chmod -R g+rwX "${dir}" -done diff --git a/bitnami/consul/1/debian-11/rootfs/opt/bitnami/scripts/consul/run.sh b/bitnami/consul/1/debian-11/rootfs/opt/bitnami/scripts/consul/run.sh deleted file mode 100755 index bb80c60c048a..000000000000 --- a/bitnami/consul/1/debian-11/rootfs/opt/bitnami/scripts/consul/run.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail - -. /opt/bitnami/scripts/libconsul.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Consul env. variables -. /opt/bitnami/scripts/consul-env.sh - -EXEC="${CONSUL_BASE_DIR}/bin/consul" -flags=("agent" "-config-dir" "${CONSUL_CONF_DIR}" "-log-file" "${CONSUL_LOG_FILE}" "-disable-host-node-id=${CONSUL_DISABLE_HOST_NODE_ID}") - -if [[ "${CONSUL_AGENT_MODE}" = "server" ]]; then - flags+=("-server") -fi - -if [[ -n "${CONSUL_BIND_ADDR}" ]]; then - flags+=("-bind" "${CONSUL_BIND_ADDR}") -fi - -info "** Starting Consul **" -if am_i_root; then - exec_as_user "${CONSUL_DAEMON_USER}" "${EXEC}" "${flags[@]}" -else - exec "${EXEC}" "${flags[@]}" -fi diff --git a/bitnami/consul/1/debian-11/rootfs/opt/bitnami/scripts/consul/setup.sh b/bitnami/consul/1/debian-11/rootfs/opt/bitnami/scripts/consul/setup.sh deleted file mode 100755 index cbb3c7776b26..000000000000 --- a/bitnami/consul/1/debian-11/rootfs/opt/bitnami/scripts/consul/setup.sh +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libconsul.sh - -# Load Consul env. variables -. /opt/bitnami/scripts/consul-env.sh - -if am_i_root; then - ensure_user_exists "${CONSUL_DAEMON_USER}" --group "${CONSUL_DAEMON_GROUP}" - chown -R "$CONSUL_DAEMON_USER":"$CONSUL_DAEMON_GROUP" \ - "${CONSUL_CONF_DIR}" "${CONSUL_DATA_DIR}" "${CONSUL_LOG_DIR}" \ - "${CONSUL_TMP_DIR}" "${CONSUL_SSL_DIR}" -fi - -consul_validate -consul_initialize -consul_custom_init_scripts diff --git a/bitnami/consul/1/debian-11/rootfs/opt/bitnami/scripts/libconsul.sh b/bitnami/consul/1/debian-11/rootfs/opt/bitnami/scripts/libconsul.sh deleted file mode 100644 index 8d3e465b831f..000000000000 --- a/bitnami/consul/1/debian-11/rootfs/opt/bitnami/scripts/libconsul.sh +++ /dev/null @@ -1,250 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091,SC1090 - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Bitnami Consul library - -######################## -# Validate settings in CONSUL_* env. variables -# Globals: -# CONSUL_* -# Arguments: -# None -# Returns: -# None -######################### -consul_validate() { - info "Validating settings in CONSUL_* env vars.." - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - check_boolean_value() { - if ! is_true_false_value "${!1}"; then - print_validation_error "The allowed values for $1 are [true, false]" - fi - } - - check_int_value() { - if ! is_int "${!1}"; then - print_validation_error "The value for $1 should be an integer" - fi - } - - check_ip_value() { - if ! validate_ipv4 "${!1}"; then - if ! is_hostname_resolved "${!1}"; then - print_validation_error "The value for $1 should be an IPv4 address or it must be a resolvable hostname" - else - debug "Hostname resolvable for $1" - fi - fi - } - - check_boolean_value CONSUL_ENABLE_UI - check_boolean_value CONSUL_DISABLE_KEYRING_FILE - check_int_value CONSUL_BOOTSTRAP_EXPECT - check_int_value CONSUL_RAFT_MULTIPLIER - check_ip_value CONSUL_RETRY_JOIN_ADDRESS - check_ip_value CONSUL_RETRY_JOIN_WAN_ADDRESS - check_ip_value CONSUL_CLIENT_LAN_ADDRESS - check_ip_value CONSUL_SERF_LAN_ADDRESS - - for var in "CONSUL_RPC_PORT_NUMBER" "CONSUL_HTTP_PORT_NUMBER" "CONSUL_DNS_PORT_NUMBER" "CONSUL_SERF_LAN_PORT_NUMBER"; do - if ! err=$(validate_port -unprivileged "${!var}"); then - print_validation_error "An invalid port was specified in the environment variable $var: $err" - fi - done - - if ! [[ "$CONSUL_AGENT_MODE" =~ ^(client|server)$ ]]; then - print_validation_error "CONSUL_AGENT_MODE must be server or client, provided value: ${CONSUL_AGENT_MODE}" - fi - - [[ "$error_code" -eq 0 ]] || exit "$error_code" -} - -######################## -# Determine the bind IP address for internal cluster communications from the given interface -# Globals: -# CONSUL_BIND_INTERFACE -# Arguments: -# None -# Returns: -# The ip address of the given interface or "" (will be bound to all addresses) -######################## -get_bind_addr() { - if [[ -n "$CONSUL_BIND_INTERFACE" ]]; then - local -r bind_address=$(ip -o -4 addr list "$CONSUL_BIND_INTERFACE" | head -n1 | awk '{print $4}' | cut -d/ -f1) - echo "$bind_address" - fi -} - -######################## -# Create Consul Encryption file -# Globals: -# CONSUL_* -# Arguments: -# None -# Returns: -# None -######################### -consul_configure_encryption() { - # Configure the gossip encryption key - if is_boolean_yes "$CONSUL_GOSSIP_ENCRYPTION"; then - info "Configuring encryption key..." - - if [[ -z ${CONSUL_GOSSIP_ENCRYPTION_KEY} ]]; then - CONSUL_GOSSIP_ENCRYPTION_KEY=$("${CONSUL_BASE_DIR}/bin/consul" "keygen") - fi - - # In case the node name was not set, we automatically set - render-template "${CONSUL_ENCRYPT_TEMPLATE_FILE}" >"${CONSUL_ENCRYPT_FILE}" - fi -} - -######################## -# Initialize Consul service -# Globals: -# CONSUL_* -# Arguments: -# None -# Returns: -# None -######################### -consul_initialize() { - - info "Initializing Consul..." - - if [[ -z "${CONSUL_NODE_NAME:-}" ]]; then - warn "The variable CONSUL_NODE_NAME was not set, defaulting it to the machine ip" - local -r machine_ip="$(get_machine_ip)" - export CONSUL_NODE_NAME="$machine_ip" - fi - - if [[ -n "$CONSUL_BIND_INTERFACE" ]] && [[ -z "${CONSUL_BIND_ADDR:-}" ]]; then - info "CONSUL_BIND_INTERFACE was set to $CONSUL_BIND_INTERFACE and CONSUL_BIND_ADDR was not set, obtaining bind address" - local -r bind_address=$(ip -o -4 addr list "$CONSUL_BIND_INTERFACE" | head -n1 | awk '{print $4}' | cut -d/ -f1) - export CONSUL_BIND_ADDR="$bind_address" - fi - - if is_dir_empty "${CONSUL_DATA_DIR}"; then - info "Deploying consul from scratch..." - else - info "Deploying consul with persisted data..." - fi - - if [[ -f "${CONSUL_CONF_FILE}" ]]; then - info "Configuration files found. Skipping default configuration..." - else - info "No injected configuration files found. Creating default config files..." - debug "Creating main configuration file..." - render-template "${CONSUL_CONFIG_TEMPLATE_FILE}" >"${CONSUL_CONF_FILE}" - fi - - # Create an extra config file with the contents of the CONSUL_LOCAL_CONFIG env var - if [[ -n ${CONSUL_LOCAL_CONFIG} ]]; then - info "Configuring local config..." - cat >"${CONSUL_LOCAL_FILE}" <<<"${CONSUL_LOCAL_CONFIG}" - fi - - consul_configure_encryption -} - -######################## -# Stop Consul -# Globals: -# CONSUL_PID_FILE -# Arguments: -# None -# Returns: -# None -######################### -consul_stop() { - ! is_consul_running && return - debug "Stopping Consul..." - stop_service_using_pid "$CONSUL_PID_FILE" -} - -######################## -# Check if Consul is running -# Globals: -# CONSUL_PID_FILE -# Arguments: -# None -# Returns: -# Boolean -######################### -is_consul_running() { - local pid - pid="$(get_pid_from_file "$CONSUL_PID_FILE")" - - if [[ -z "$pid" ]]; then - false - else - is_service_running "$pid" - fi -} - -######################## -# Check if Consul is not running -# Globals: -# CONSUL_PID_FILE -# Arguments: -# None -# Returns: -# Boolean -######################### -is_consul_not_running() { - ! is_consul_running - return "$?" -} - -######################## -# Run custom initialization scripts -# Globals: -# CONSUL_* -# Arguments: -# None -# Returns: -# None -######################### -consul_custom_init_scripts() { - if [[ -n $(find "${CONSUL_INITSCRIPTS_DIR}/" -type f -regex ".*\.sh") ]]; then - info "Loading user's custom files from $CONSUL_INITSCRIPTS_DIR ..." - local -r tmp_file="/tmp/filelist" - find "${CONSUL_INITSCRIPTS_DIR}/" -type f -regex ".*\.sh" | sort >"$tmp_file" - while read -r f; do - case "$f" in - *.sh) - if [[ -x "$f" ]]; then - debug "Executing $f" - "$f" - else - debug "Sourcing $f" - . "$f" - fi - ;; - *) - debug "Ignoring $f" - ;; - esac - done <$tmp_file - consul_stop - rm -f "$tmp_file" - else - info "No custom scripts in $CONSUL_INITSCRIPTS_DIR" - fi -} diff --git a/bitnami/consul/1/debian-11/tags-info.yaml b/bitnami/consul/1/debian-11/tags-info.yaml deleted file mode 100644 index c6b2f915ec6f..000000000000 --- a/bitnami/consul/1/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "1" -- 1-debian-11 -- 1.17.3 -- latest diff --git a/bitnami/contour/1.25/debian-11/Dockerfile b/bitnami/contour/1.25/debian-11/Dockerfile deleted file mode 100644 index 51e572ac310b..000000000000 --- a/bitnami/contour/1.25/debian-11/Dockerfile +++ /dev/null @@ -1,52 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T23:04:17Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.25.3-debian-11-r30" \ - org.opencontainers.image.title="contour" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="1.25.3" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "contour-1.25.3-8-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN ln -s /opt/bitnami/contour/bin/contour /bin/contour - -ENV APP_VERSION="1.25.3" \ - BITNAMI_APP_NAME="contour" \ - PATH="/opt/bitnami/contour/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "contour" ] diff --git a/bitnami/contour/1.25/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/contour/1.25/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 92fe55aa2cfa..000000000000 --- a/bitnami/contour/1.25/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "contour": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.25.3-8" - } -} \ No newline at end of file diff --git a/bitnami/contour/1.25/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/contour/1.25/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/contour/1.25/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/contour/1.25/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/contour/1.25/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/contour/1.25/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/contour/1.25/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/contour/1.25/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/contour/1.25/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/contour/1.25/debian-11/tags-info.yaml b/bitnami/contour/1.25/debian-11/tags-info.yaml deleted file mode 100644 index 8be9a3c1fffe..000000000000 --- a/bitnami/contour/1.25/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "1.25" -- 1.25-debian-11 -- 1.25.3 diff --git a/bitnami/contour/1.26/debian-11/Dockerfile b/bitnami/contour/1.26/debian-11/Dockerfile deleted file mode 100644 index f2f3b7b23d53..000000000000 --- a/bitnami/contour/1.26/debian-11/Dockerfile +++ /dev/null @@ -1,52 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T23:07:33Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.26.2-debian-11-r11" \ - org.opencontainers.image.title="contour" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="1.26.2" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "contour-1.26.2-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN ln -s /opt/bitnami/contour/bin/contour /bin/contour - -ENV APP_VERSION="1.26.2" \ - BITNAMI_APP_NAME="contour" \ - PATH="/opt/bitnami/contour/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "contour" ] diff --git a/bitnami/contour/1.26/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/contour/1.26/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index c750baa09191..000000000000 --- a/bitnami/contour/1.26/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "contour": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.26.2-1" - } -} \ No newline at end of file diff --git a/bitnami/contour/1.26/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/contour/1.26/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/contour/1.26/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/contour/1.26/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/contour/1.26/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/contour/1.26/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/contour/1.26/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/contour/1.26/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/contour/1.26/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/contour/1.26/debian-11/tags-info.yaml b/bitnami/contour/1.26/debian-11/tags-info.yaml deleted file mode 100644 index d2f5c507748f..000000000000 --- a/bitnami/contour/1.26/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "1.26" -- 1.26-debian-11 -- 1.26.2 diff --git a/bitnami/contour/1.27/debian-11/Dockerfile b/bitnami/contour/1.27/debian-11/Dockerfile deleted file mode 100644 index 771439a7d2c0..000000000000 --- a/bitnami/contour/1.27/debian-11/Dockerfile +++ /dev/null @@ -1,52 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T23:11:01Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.27.1-debian-11-r11" \ - org.opencontainers.image.title="contour" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="1.27.1" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "contour-1.27.1-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN ln -s /opt/bitnami/contour/bin/contour /bin/contour - -ENV APP_VERSION="1.27.1" \ - BITNAMI_APP_NAME="contour" \ - PATH="/opt/bitnami/contour/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "contour" ] diff --git a/bitnami/contour/1.27/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/contour/1.27/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 152ac3d113aa..000000000000 --- a/bitnami/contour/1.27/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "contour": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.27.1-1" - } -} \ No newline at end of file diff --git a/bitnami/contour/1.27/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/contour/1.27/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/contour/1.27/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/contour/1.27/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/contour/1.27/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/contour/1.27/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/contour/1.27/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/contour/1.27/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/contour/1.27/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/contour/1.27/debian-11/tags-info.yaml b/bitnami/contour/1.27/debian-11/tags-info.yaml deleted file mode 100644 index 17e650ea57bf..000000000000 --- a/bitnami/contour/1.27/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "1.27" -- 1.27-debian-11 -- 1.27.1 -- latest diff --git a/bitnami/cosign/2/debian-11/Dockerfile b/bitnami/cosign/2/debian-11/Dockerfile deleted file mode 100644 index 3f1695b2f6e3..000000000000 --- a/bitnami/cosign/2/debian-11/Dockerfile +++ /dev/null @@ -1,56 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T23:18:06Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="2.2.3-debian-11-r21" \ - org.opencontainers.image.title="cosign" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="2.2.3" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "cosign-2.2.3-2-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN mkdir -p "/cosign-keys" && chmod -R 777 "/cosign-keys" -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN mkdir "/.docker" && chmod g+rwX "/.docker" -RUN mkdir "/.sigstore" && chmod g+rwX "/.sigstore" - -ENV APP_VERSION="2.2.3" \ - BITNAMI_APP_NAME="cosign" \ - PATH="/opt/bitnami/cosign/bin:$PATH" - -WORKDIR /cosign-keys -USER 1001 -ENTRYPOINT [ "cosign" ] -CMD [ "--help" ] diff --git a/bitnami/cosign/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/cosign/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 6a643dae561e..000000000000 --- a/bitnami/cosign/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "cosign": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.2.3-2" - } -} \ No newline at end of file diff --git a/bitnami/cosign/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/cosign/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/cosign/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/cosign/2/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/cosign/2/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/cosign/2/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/cosign/2/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/cosign/2/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/cosign/2/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/cosign/2/debian-11/tags-info.yaml b/bitnami/cosign/2/debian-11/tags-info.yaml deleted file mode 100644 index 7b92fcdee728..000000000000 --- a/bitnami/cosign/2/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "2" -- 2-debian-11 -- 2.2.3 -- latest diff --git a/bitnami/couchdb/3/debian-11/Dockerfile b/bitnami/couchdb/3/debian-11/Dockerfile deleted file mode 100644 index fc75fb18852a..000000000000 --- a/bitnami/couchdb/3/debian-11/Dockerfile +++ /dev/null @@ -1,61 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T23:23:29Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="3.3.3-debian-11-r24" \ - org.opencontainers.image.title="couchdb" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="3.3.3" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libgcc-s1 libicu67 libssl1.1 libstdc++6 libtinfo6 procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "wait-for-port-1.0.7-9-linux-${OS_ARCH}-debian-11" \ - "ini-file-1.4.6-9-linux-${OS_ARCH}-debian-11" \ - "erlang-25.3.2-9-1-linux-${OS_ARCH}-debian-11" \ - "couchdb-3.3.3-3-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/couchdb/postunpack.sh -ENV APP_VERSION="3.3.3" \ - BITNAMI_APP_NAME="couchdb" \ - LD_LIBRARY_PATH="/opt/bitnami/common/lib:$LD_LIBRARY_PATH" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/erlang/bin:/opt/bitnami/couchdb/bin:$PATH" - -VOLUME [ "/bitnami/couchdb" ] - -EXPOSE 4369 5984 9100 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/couchdb/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/couchdb/run.sh" ] diff --git a/bitnami/couchdb/3/debian-11/docker-compose.yml b/bitnami/couchdb/3/debian-11/docker-compose.yml deleted file mode 100644 index 7e0472eda2c3..000000000000 --- a/bitnami/couchdb/3/debian-11/docker-compose.yml +++ /dev/null @@ -1,19 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' -services: - couchdb: - image: docker.io/bitnami/couchdb:3 - environment: - - COUCHDB_USER=admin - - COUCHDB_PASSWORD=couchdb - ports: - - '5984:5984' - - '4369:4369' - - '9100:9100' - volumes: - - couchdb_data:/bitnami/couchdb -volumes: - couchdb_data: - driver: local diff --git a/bitnami/couchdb/3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/couchdb/3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 38968aa97fc7..000000000000 --- a/bitnami/couchdb/3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,26 +0,0 @@ -{ - "couchdb": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.3.3-3" - }, - "erlang": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "25.3.2-9-1" - }, - "ini-file": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.4.6-9" - }, - "wait-for-port": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.7-9" - } -} \ No newline at end of file diff --git a/bitnami/couchdb/3/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/couchdb/3/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/couchdb/3/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/couchdb/3/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/couchdb/3/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/couchdb/3/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/couchdb/3/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/couchdb/3/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/couchdb/3/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/couchdb/3/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/couchdb/3/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/couchdb/3/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/couchdb/3/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/couchdb/3/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/couchdb/3/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/couchdb/3/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/couchdb/3/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/couchdb/3/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/couchdb/3/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/couchdb/3/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/couchdb/3/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/couchdb/3/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/couchdb/3/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/couchdb/3/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/couchdb/3/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/couchdb/3/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/couchdb/3/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/couchdb/3/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/couchdb/3/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/couchdb/3/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/couchdb/3/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/couchdb/3/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/couchdb/3/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/couchdb/3/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/couchdb/3/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/couchdb/3/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/couchdb/3/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/couchdb/3/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/couchdb/3/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/couchdb/3/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/couchdb/3/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/couchdb/3/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/couchdb/3/debian-11/rootfs/opt/bitnami/couchdb/etc/default.d/10-bitnami.ini b/bitnami/couchdb/3/debian-11/rootfs/opt/bitnami/couchdb/etc/default.d/10-bitnami.ini deleted file mode 100644 index 15b8b2a5b056..000000000000 --- a/bitnami/couchdb/3/debian-11/rootfs/opt/bitnami/couchdb/etc/default.d/10-bitnami.ini +++ /dev/null @@ -1,11 +0,0 @@ -[couchdb] -database_dir=/bitnami/couchdb/data -view_index_dir=/bitnami/couchdb/data - -[chttpd] -port=5984 -bind_address=0.0.0.0 - -[httpd] -; Prevent changes in the configuration via the config API so the changes are not lost after a restart/redeploy -config_whitelist=[{httpd,config_whitelist}] diff --git a/bitnami/couchdb/3/debian-11/rootfs/opt/bitnami/scripts/couchdb-env.sh b/bitnami/couchdb/3/debian-11/rootfs/opt/bitnami/scripts/couchdb-env.sh deleted file mode 100644 index 1305df60eccf..000000000000 --- a/bitnami/couchdb/3/debian-11/rootfs/opt/bitnami/scripts/couchdb-env.sh +++ /dev/null @@ -1,72 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for couchdb - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-couchdb}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -couchdb_env_vars=( - COUCHDB_NODENAME - COUCHDB_PORT_NUMBER - COUCHDB_CLUSTER_PORT_NUMBER - COUCHDB_BIND_ADDRESS - COUCHDB_CREATE_DATABASES - COUCHDB_USER - COUCHDB_PASSWORD - COUCHDB_SECRET -) -for env_var in "${couchdb_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset couchdb_env_vars - -# Paths -export COUCHDB_BASE_DIR="${BITNAMI_ROOT_DIR}/couchdb" -export COUCHDB_VOLUME_DIR="/bitnami/couchdb" -export COUCHDB_BIN_DIR="${COUCHDB_BASE_DIR}/bin" -export COUCHDB_CONF_DIR="${COUCHDB_BASE_DIR}/etc" -export COUCHDB_CONF_FILE="${COUCHDB_CONF_DIR}/default.d/10-bitnami.ini" -export COUCHDB_DATA_DIR="${COUCHDB_VOLUME_DIR}/data" - -# System users (when running with a privileged user) -export COUCHDB_DAEMON_USER="couchdb" -export COUCHDB_DAEMON_GROUP="couchdb" -export PATH="${COUCHDB_BIN_DIR}:${BITNAMI_ROOT_DIR}/common/bin:${PATH}" - -# CouchDB settings -export COUCHDB_NODENAME="${COUCHDB_NODENAME:-}" -export COUCHDB_PORT_NUMBER="${COUCHDB_PORT_NUMBER:-}" -export COUCHDB_CLUSTER_PORT_NUMBER="${COUCHDB_CLUSTER_PORT_NUMBER:-}" -export COUCHDB_BIND_ADDRESS="${COUCHDB_BIND_ADDRESS:-}" -export COUCHDB_CREATE_DATABASES="${COUCHDB_CREATE_DATABASES:-yes}" -export COUCHDB_USER="${COUCHDB_USER:-admin}" -export COUCHDB_PASSWORD="${COUCHDB_PASSWORD:-couchdb}" -export COUCHDB_SECRET="${COUCHDB_SECRET:-bitnami}" - -# Custom environment variables may be defined below diff --git a/bitnami/couchdb/3/debian-11/rootfs/opt/bitnami/scripts/couchdb/entrypoint.sh b/bitnami/couchdb/3/debian-11/rootfs/opt/bitnami/scripts/couchdb/entrypoint.sh deleted file mode 100755 index 5d3f012791e7..000000000000 --- a/bitnami/couchdb/3/debian-11/rootfs/opt/bitnami/scripts/couchdb/entrypoint.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/libcouchdb.sh - -# Load environment -. /opt/bitnami/scripts/couchdb-env.sh - -print_welcome_page - -if [[ "$*" = *"/opt/bitnami/scripts/couchdb/run.sh"* ]]; then - info "** Starting CouchDB setup **" - /opt/bitnami/scripts/couchdb/setup.sh - info "** CouchDB setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/couchdb/3/debian-11/rootfs/opt/bitnami/scripts/couchdb/postunpack.sh b/bitnami/couchdb/3/debian-11/rootfs/opt/bitnami/scripts/couchdb/postunpack.sh deleted file mode 100755 index 4ae51d727606..000000000000 --- a/bitnami/couchdb/3/debian-11/rootfs/opt/bitnami/scripts/couchdb/postunpack.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libcouchdb.sh - -# Load environment -. /opt/bitnami/scripts/couchdb-env.sh - -# Ensure directories used by CouchDB exist -for dir in "$COUCHDB_DATA_DIR" "$COUCHDB_CONF_DIR" "$(dirname "$COUCHDB_CONF_FILE")"; do - ensure_dir_exists "$dir" -done - -# Add default configuration to vm.args -echo -e "\n# Set a well-known cluster port" >> "${COUCHDB_CONF_DIR}/vm.args" -couchdb_vm_args_set "-kernel inet_dist_listen_min" "9100" -couchdb_vm_args_set "-kernel inet_dist_listen_max" "9100" -couchdb_vm_args_set "-name" "couchdb@127.0.0.1" - -# Ensure directories used by CouchDB have proper permissions -for dir in "$COUCHDB_DATA_DIR" "$COUCHDB_CONF_DIR"; do - chmod -R g+rwX "$dir" -done diff --git a/bitnami/couchdb/3/debian-11/rootfs/opt/bitnami/scripts/couchdb/run.sh b/bitnami/couchdb/3/debian-11/rootfs/opt/bitnami/scripts/couchdb/run.sh deleted file mode 100755 index 2ae85bd9c827..000000000000 --- a/bitnami/couchdb/3/debian-11/rootfs/opt/bitnami/scripts/couchdb/run.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libcouchdb.sh - -# Load environment -. /opt/bitnami/scripts/couchdb-env.sh - -info "** Starting CouchDB **" -if am_i_root; then - exec_as_user "$COUCHDB_DAEMON_USER" "${COUCHDB_BIN_DIR}/couchdb" -else - exec "${COUCHDB_BIN_DIR}/couchdb" -fi diff --git a/bitnami/couchdb/3/debian-11/rootfs/opt/bitnami/scripts/couchdb/setup.sh b/bitnami/couchdb/3/debian-11/rootfs/opt/bitnami/scripts/couchdb/setup.sh deleted file mode 100755 index 61461be74512..000000000000 --- a/bitnami/couchdb/3/debian-11/rootfs/opt/bitnami/scripts/couchdb/setup.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libcouchdb.sh - -# Load environment -. /opt/bitnami/scripts/couchdb-env.sh - -# Ensure CouchDB environment variables are valid -couchdb_validate -# Ensure CouchDB user and group exist when running as 'root' -if am_i_root; then - info "Creating CouchDB daemon user" - ensure_user_exists "$COUCHDB_DAEMON_USER" --group "$COUCHDB_DAEMON_GROUP" -fi -# Ensure directories used by CouchDB exist and have proper ownership and permissions -for dir in "$COUCHDB_DATA_DIR" "$COUCHDB_CONF_DIR"; do - ensure_dir_exists "$dir" - am_i_root && chown -R "${COUCHDB_DAEMON_USER}:${COUCHDB_DAEMON_GROUP}" "$dir" -done -# Ensure CouchDB is initialized -couchdb_initialize diff --git a/bitnami/couchdb/3/debian-11/rootfs/opt/bitnami/scripts/libcouchdb.sh b/bitnami/couchdb/3/debian-11/rootfs/opt/bitnami/scripts/libcouchdb.sh deleted file mode 100644 index 2aa06b51f768..000000000000 --- a/bitnami/couchdb/3/debian-11/rootfs/opt/bitnami/scripts/libcouchdb.sh +++ /dev/null @@ -1,269 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami CouchDB library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Validate settings in COUCHDB_* env vars -# Globals: -# COUCHDB_* -# Arguments: -# None -# Returns: -# None -######################### -couchdb_validate() { - local error_code=0 - debug "Validating settings in COUCHDB_* env vars..." - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - check_password_file() { - if ! is_empty_value "${!1:-}" && ! [[ -f "${!1:-}" ]]; then - print_validation_error "The variable $1 is defined but the file ${!1} is not accessible or does not exist." - fi - } - - # CouchDB secret files validations - check_password_file COUCHDB_PASSWORD_FILE - check_password_file COUCHDB_SECRET_FILE - - # CouchDB authentication validations - if is_boolean_yes "${ALLOW_ANONYMOUS_LOGIN:-}"; then - print_validation_error "The usage of 'ALLOW_ANONYMOUS_LOGIN' is deprecated. Please, specify a password for the admin user '${COUCHDB_USER}' by setting the 'COUCHDB_PASSWORD' environment variable." - elif ! is_empty_value "${ALLOW_ANONYMOUS_LOGIN:-}"; then - warn "The usage of 'ALLOW_ANONYMOUS_LOGIN' is deprecated. It won't be taken into account." - fi - if [[ "$COUCHDB_PASSWORD" = "couchdb" ]]; then - warn "You set the environment variable COUCHDB_PASSWORD=couchdb. This is the default value when bootstrapping CouchDB and should not be used in production environments." - fi - - # CouchDB port validations - for p in COUCHDB_PORT_NUMBER COUCHDB_CLUSTER_PORT_NUMBER; do - if ! is_empty_value "${!p}" && ! err=$(validate_port -unprivileged "${!p}"); then - print_validation_error "An invalid port was specified in the environment variable ${p}: ${err}" - fi - done - - # CouchDB create database validations - if ! is_yes_no_value "$COUCHDB_CREATE_DATABASES"; then - print_validation_error "The allowed values for COUCHDB_CREATE_DATABASES are [yes, no]" - fi - [[ "$error_code" -eq 0 ]] || exit "$error_code" -} - -######################## -# Ensure CouchDB is initialized -# Globals: -# COUCHDB_* -# Arguments: -# None -# Returns: -# None -######################### -couchdb_initialize() { - info "Initializing CouchDB..." - if [[ -w "$COUCHDB_CONF_FILE" ]]; then - info "Updating '${COUCHDB_CONF_FILE}' based on user configuration..." - couchdb_update_conf_file - else - warn "'${COUCHDB_CONF_FILE}' is not writable by the current user. Skipping modifications..." - fi - if [[ -w "${COUCHDB_CONF_DIR}/vm.args" ]]; then - info "Updating '${COUCHDB_CONF_DIR}/vm.args' based on user configuration..." - couchdb_update_vm_args_file - else - warn "'${COUCHDB_CONF_DIR}/vm.args' is not writable by the current user. Skipping modifications..." - fi - - if is_dir_empty "$COUCHDB_DATA_DIR"; then - info "Deploying CouchDB from scratch" - if is_boolean_yes "$COUCHDB_CREATE_DATABASES"; then - couchdb_start_bg - couchdb_create_initial_databases - couchdb_stop - fi - else - info "Deploying CouchDB with persisted data" - fi -} - -######################## -# Update the CouchDB configuration file with the user inputs -# Globals: -# COUCHDB_* -# Arguments: -# None -# Returns: -# None -######################### -couchdb_update_conf_file() { - is_empty_value "$COUCHDB_PORT_NUMBER" || couchdb_conf_set "chttpd" "port" "$COUCHDB_PORT_NUMBER" - is_empty_value "$COUCHDB_BIND_ADDRESS" || couchdb_conf_set "chttpd" "bind_address" "$COUCHDB_BIND_ADDRESS" - couchdb_conf_set "admins" "$COUCHDB_USER" "$COUCHDB_PASSWORD" "${COUCHDB_CONF_DIR}/local.ini" - couchdb_conf_set "chttpd" "require_valid_user" "true" - couchdb_conf_set "couch_httpd_auth" "require_valid_user" "true" - couchdb_conf_set "httpd" "WWW-Authenticate" 'Basic realm="administrator"' - is_empty_value "$COUCHDB_SECRET" || couchdb_conf_set "couch_httpd_auth" "secret" "$COUCHDB_SECRET" -} - -######################## -# Update the Erlang configuration file with the user inputs -# Globals: -# COUCHDB_* -# Arguments: -# None -# Returns: -# None -######################### -couchdb_update_vm_args_file() { # TODO Confirm that works - couchdb_vm_args_set "-name" "$COUCHDB_NODENAME" - couchdb_vm_args_set "-kernel inet_dist_listen_min" "$COUCHDB_CLUSTER_PORT_NUMBER" - couchdb_vm_args_set "-kernel inet_dist_listen_max" "$COUCHDB_CLUSTER_PORT_NUMBER" - couchdb_vm_args_set "-setcookie" "$COUCHDB_SECRET" -} - -######################## -# Set property in the Erlang configuration file -# Globals: -# COUCHDB_* -# Arguments: -# - key -# - value -# Returns: -# None -######################### -couchdb_vm_args_set() { - local -r key="${1:?key is required}" - local -r value="${2:-}" - local vm_args_content - - if ! is_empty_value "$value"; then - if grep -q -E "^\s*${key}\s+.*$" "${COUCHDB_CONF_DIR}/vm.args"; then - vm_args_content="$(sed -E "s/^\s*${key}\s+.*$/${key} ${value}/" "${COUCHDB_CONF_DIR}/vm.args")" - echo "$vm_args_content" >"${COUCHDB_CONF_DIR}/vm.args" - else - echo "${key} ${value}" >>"${COUCHDB_CONF_DIR}/vm.args" - fi - fi -} - -######################## -# Set property in the configuration file -# Globals: -# COUCHDB_* -# Arguments: -# $1 - section -# $2 - key -# $3 - value -# $4 - file -# Returns: -# None -######################### -couchdb_conf_set() { - local -r section="${1:?section is required}" - local -r key="${2:?key is required}" - local -r value="${3:?value is required}" - local -r file="${4:-${COUCHDB_CONF_FILE}}" - - ini-file set --section "$section" --key "$key" --value "$value" "$file" -} - -######################## -# Start CouchDB in background mode and waits until it's ready -# Globals: -# COUCHDB_* -# Arguments: -# None -# Returns: -# None -######################### -couchdb_start_bg() { - info "Starting CouchDB in background..." - local start_command=("${COUCHDB_BIN_DIR}/couchdb") - am_i_root && start_command=("run_as_user" "$COUCHDB_DAEMON_USER" "${start_command[@]}") - debug_execute "${start_command[@]}" & - wait-for-port "${COUCHDB_PORT_NUMBER:-5984}" - wait-for-port "${COUCHDB_CLUSTER_PORT_NUMBER:-9100}" -} - -######################## -# Stop CouchDB -# Globals: -# COUCHDB_* -# Arguments: -# None -# Returns: -# None -######################### -couchdb_stop() { - info "Stopping CouchDB..." - pkill --full --signal TERM "$COUCHDB_BASE_DIR" - wait-for-port --state free "${COUCHDB_PORT_NUMBER:-5984}" - wait-for-port --state free "${COUCHDB_CLUSTER_PORT_NUMBER:-9100}" -} - -######################## -# Create initial databases for CouchDB -# Globals: -# COUCHDB_* -# Arguments: -# None -# Returns: -# None -######################### -couchdb_create_initial_databases() { - info "Creating initial databases..." - for db in _users _replicator _global_changes; do - local query=("curl" "--request" "PUT" "http://127.0.0.1:${COUCHDB_PORT_NUMBER:-5984}/${db}" "--user" "${COUCHDB_USER}:${COUCHDB_PASSWORD}") - debug "Creating database '${db}'" - debug_execute "${query[@]}" - done -} - -######################## -# Check if CouchDB is running -# Globals: -# COUCHDB_PID_FILE -# Arguments: -# None -# Returns: -# Whether CouchDB is running -######################## -is_couchdb_running() { - local pid - pid="$(get_pid_from_file "$COUCHDB_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if CouchDB is not running -# Globals: -# COUCHDB_PID_FILE -# Arguments: -# None -# Returns: -# Whether CouchDB is not running -######################## -is_couchdb_not_running() { - ! is_couchdb_running -} diff --git a/bitnami/couchdb/3/debian-11/tags-info.yaml b/bitnami/couchdb/3/debian-11/tags-info.yaml deleted file mode 100644 index 12f725a4aaef..000000000000 --- a/bitnami/couchdb/3/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "3" -- 3-debian-11 -- 3.3.3 -- latest diff --git a/bitnami/deepspeed/0/debian-11/Dockerfile b/bitnami/deepspeed/0/debian-11/Dockerfile deleted file mode 100644 index 5e934906787f..000000000000 --- a/bitnami/deepspeed/0/debian-11/Dockerfile +++ /dev/null @@ -1,65 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T00:50:50Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="0.13.2-debian-11-r13" \ - org.opencontainers.image.title="deepspeed" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="0.13.2" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages build-essential ca-certificates curl git jq libbz2-1.0 libcom-err2 libcrypt1 libffi7 libgcc-s1 libgomp1 libgssapi-krb5-2 libjemalloc2 libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 liblzma5 libncursesw6 libnsl2 libreadline8 libsqlite3-0 libssl1.1 libstdc++6 libtinfo6 libtirpc3 libuuid1 numactl openssh-server pkg-config procps unzip zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "render-template-1.0.6-9-linux-${OS_ARCH}-debian-11" \ - "python-3.10.13-15-linux-${OS_ARCH}-debian-11" \ - "deepspeed-0.13.2-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN useradd -r -u 1001 -g root deepspeed -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN mkdir /.local && chmod g+rwX /.local - -COPY rootfs / -RUN mkdir /app /.cache && mkdir -p /home/deepspeed/.local && mkdir -p /home/deepspeed/.ssh && mkdir /home/deepspeed/.cache && ln -s /home/deepspeed/.local /opt/bitnami/deepspeed && ln -s /home/deepspeed/.ssh /opt/bitnami/deepspeed && ln -s /home/deepspeed/.cache /opt/bitnami/deepspeed && chmod g+rwX /app /.cache /home/deepspeed/.cache /home/deepspeed/.local -ENV APP_VERSION="0.13.2" \ - BITNAMI_APP_NAME="deepspeed" \ - CFLAGS="-s -I/opt/bitnami/python/include -I/opt/bitnami/common/include" \ - CPLUS_INCLUDE_PATH="/opt/bitnami/common/include" \ - CPPFLAGS="-I/opt/bitnami/python/include -I/opt/bitnami/common/include" \ - C_INCLUDE_PATH="/opt/bitnami/common/include" \ - LDFLAGS="-Wl,-rpath: /opt/bitnami/python/lib -L/opt/bitnami/python/lib -Wl,-rpath: /opt/bitnami/common/lib -L/opt/bitnami/common/lib" \ - LD_LIBRARY_PATH="/opt/bitnami/python/lib:/opt/bitnami/common/lib:${LD_LIBRARY_PATH}" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/python/bin:$PATH" \ - TRITON_CACHE_DIR="/opt/bitnami/deepspeed" - -WORKDIR /app -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/deepspeed/entrypoint.sh" ] -CMD [ "python" ] diff --git a/bitnami/deepspeed/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/deepspeed/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index cfdd017464e2..000000000000 --- a/bitnami/deepspeed/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "deepspeed": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "0.13.2-1" - }, - "python": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.10.13-15" - }, - "render-template": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.6-9" - } -} \ No newline at end of file diff --git a/bitnami/deepspeed/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/deepspeed/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/deepspeed/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/deepspeed/0/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/deepspeed/0/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/deepspeed/0/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/deepspeed/0/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/deepspeed/0/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/deepspeed/0/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/deepspeed/0/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/deepspeed/0/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/deepspeed/0/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/deepspeed/0/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/deepspeed/0/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/deepspeed/0/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/deepspeed/0/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/deepspeed/0/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/deepspeed/0/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/deepspeed/0/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/deepspeed/0/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/deepspeed/0/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/deepspeed/0/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/deepspeed/0/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/deepspeed/0/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/deepspeed/0/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/deepspeed/0/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/deepspeed/0/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/deepspeed/0/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/deepspeed/0/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/deepspeed/0/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/deepspeed/0/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/deepspeed/0/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/deepspeed/0/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/deepspeed/0/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/deepspeed/0/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/deepspeed/0/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/deepspeed/0/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/deepspeed/0/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/deepspeed/0/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/deepspeed/0/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/deepspeed/0/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/deepspeed/0/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/deepspeed/0/debian-11/rootfs/opt/bitnami/deepspeed/nss-wrapper/nss_group b/bitnami/deepspeed/0/debian-11/rootfs/opt/bitnami/deepspeed/nss-wrapper/nss_group deleted file mode 100644 index bcb285303fa8..000000000000 --- a/bitnami/deepspeed/0/debian-11/rootfs/opt/bitnami/deepspeed/nss-wrapper/nss_group +++ /dev/null @@ -1 +0,0 @@ -deepspeed:x:0: diff --git a/bitnami/deepspeed/0/debian-11/rootfs/opt/bitnami/deepspeed/nss-wrapper/nss_passwd b/bitnami/deepspeed/0/debian-11/rootfs/opt/bitnami/deepspeed/nss-wrapper/nss_passwd deleted file mode 100644 index 01fe077121ff..000000000000 --- a/bitnami/deepspeed/0/debian-11/rootfs/opt/bitnami/deepspeed/nss-wrapper/nss_passwd +++ /dev/null @@ -1 +0,0 @@ -deepspeed:x:1001:0:deepspeed:/opt/bitnami/deepspeed:/bin/false diff --git a/bitnami/deepspeed/0/debian-11/rootfs/opt/bitnami/scripts/deepspeed/entrypoint.sh b/bitnami/deepspeed/0/debian-11/rootfs/opt/bitnami/scripts/deepspeed/entrypoint.sh deleted file mode 100755 index ae107820a37a..000000000000 --- a/bitnami/deepspeed/0/debian-11/rootfs/opt/bitnami/scripts/deepspeed/entrypoint.sh +++ /dev/null @@ -1,41 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -print_welcome_page - -# Set nss_wrapper vars only when running as non-root -# Configure libnss_wrapper based on the UID/GID used to run the container -# This container supports arbitrary UIDs, therefore we have do it dynamically -if ! am_i_root; then - export LNAME="deepspeed" - export LD_PRELOAD="/opt/bitnami/common/lib/libnss_wrapper.so" - if [[ -f "$LD_PRELOAD" ]]; then - info "Configuring libnss_wrapper" - NSS_WRAPPER_PASSWD="$(mktemp)" - export NSS_WRAPPER_PASSWD - NSS_WRAPPER_GROUP="$(mktemp)" - export NSS_WRAPPER_GROUP - if [[ "$HOME" == "/" ]]; then - export HOME=/home/deepspeed - fi - echo "deepspeed:x:$(id -u):$(id -g):deepspeed:${HOME}:/bin/sh" >"$NSS_WRAPPER_PASSWD" - echo "deepspeed:x:$(id -g):" >"$NSS_WRAPPER_GROUP" - chmod 400 "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP" - fi -fi - -echo "" -[[ "$#" -eq 0 ]] || exec "$@" diff --git a/bitnami/deepspeed/0/debian-11/tags-info.yaml b/bitnami/deepspeed/0/debian-11/tags-info.yaml deleted file mode 100644 index 5acc5c5ce125..000000000000 --- a/bitnami/deepspeed/0/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "0" -- 0-debian-11 -- 0.13.2 -- latest diff --git a/bitnami/dex/2/debian-11/Dockerfile b/bitnami/dex/2/debian-11/Dockerfile deleted file mode 100644 index a466bb810810..000000000000 --- a/bitnami/dex/2/debian-11/Dockerfile +++ /dev/null @@ -1,51 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T23:24:10Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="2.38.0-debian-11-r20" \ - org.opencontainers.image.title="dex" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="2.38.0" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "dex-2.38.0-2-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN useradd -r -u 1001 -g root dex -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="2.38.0" \ - BITNAMI_APP_NAME="dex" \ - DEX_FRONTEND_DIR="/opt/bitnami/dex/web" \ - PATH="/opt/bitnami/dex/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/dex/bin/dex" ] diff --git a/bitnami/dex/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/dex/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 4c2b114fbd17..000000000000 --- a/bitnami/dex/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "dex": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.38.0-2" - } -} \ No newline at end of file diff --git a/bitnami/dex/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/dex/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/dex/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/dex/2/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/dex/2/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/dex/2/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/dex/2/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/dex/2/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/dex/2/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/dex/2/debian-11/tags-info.yaml b/bitnami/dex/2/debian-11/tags-info.yaml deleted file mode 100644 index 01233ede6663..000000000000 --- a/bitnami/dex/2/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "2" -- 2-debian-11 -- 2.38.0 -- latest diff --git a/bitnami/discourse/3/debian-11/Dockerfile b/bitnami/discourse/3/debian-11/Dockerfile deleted file mode 100644 index ffb75302ce9c..000000000000 --- a/bitnami/discourse/3/debian-11/Dockerfile +++ /dev/null @@ -1,60 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-17T03:51:38Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="3.2.0-debian-11-r2" \ - org.opencontainers.image.title="discourse" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="3.2.0" - -ENV OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages acl advancecomp ca-certificates curl file gifsicle git hostname imagemagick jhead jpegoptim libbrotli1 libbsd0 libbz2-1.0 libcom-err2 libcrypt1 libcurl4 libedit2 libffi7 libgcc-s1 libgcrypt20 libgmp10 libgnutls30 libgpg-error0 libgssapi-krb5-2 libhogweed6 libicu67 libidn2-0 libjpeg-turbo-progs libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 libldap-2.4-2 liblz4-1 liblzma5 libmd0 libncursesw6 libnettle8 libnghttp2-14 libnsl2 libp11-kit0 libpcre2-8-0 libpq5 libpsl5 libreadline-dev libreadline8 librtmp1 libsasl2-2 libsqlite3-0 libssh2-1 libssl-dev libssl1.1 libstdc++6 libtasn1-6 libtinfo6 libtirpc3 libunistring2 libuuid1 libxml2 libxslt1.1 libyaml-0-2 libyaml-dev optipng pngcrush pngquant procps rsync sqlite3 zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "python-3.11.8-0-linux-${OS_ARCH}-debian-11" \ - "wait-for-port-1.0.7-8-linux-${OS_ARCH}-debian-11" \ - "ruby-3.2.3-1-linux-${OS_ARCH}-debian-11" \ - "postgresql-client-16.2.0-0-linux-${OS_ARCH}-debian-11" \ - "node-18.19.1-0-linux-${OS_ARCH}-debian-11" \ - "brotli-1.1.0-1-linux-${OS_ARCH}-debian-11" \ - "discourse-3.2.0-0-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN /opt/bitnami/ruby/bin/gem install --force bundler -v '< 2' - -COPY rootfs / -RUN /opt/bitnami/scripts/discourse/postunpack.sh -ENV APP_VERSION="3.2.0" \ - BITNAMI_APP_NAME="discourse" \ - PATH="/opt/bitnami/python/bin:/opt/bitnami/common/bin:/opt/bitnami/ruby/bin:/opt/bitnami/postgresql/bin:/opt/bitnami/node/bin:/opt/bitnami/brotli/bin:/opt/bitnami/discourse/app/assets/javascripts/node_modules/ember-cli/bin:$PATH" - -EXPOSE 3000 - -ENTRYPOINT [ "/opt/bitnami/scripts/discourse/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/discourse/run.sh" ] diff --git a/bitnami/discourse/3/debian-11/docker-compose.yml b/bitnami/discourse/3/debian-11/docker-compose.yml deleted file mode 100644 index cd0fbac68f00..000000000000 --- a/bitnami/discourse/3/debian-11/docker-compose.yml +++ /dev/null @@ -1,69 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' -services: - postgresql: - image: docker.io/bitnami/postgresql:16 - volumes: - - 'postgresql_data:/bitnami/postgresql' - environment: - # ALLOW_EMPTY_PASSWORD is recommended only for development. - - ALLOW_EMPTY_PASSWORD=yes - - POSTGRESQL_USERNAME=bn_discourse - - POSTGRESQL_DATABASE=bitnami_discourse - redis: - image: docker.io/bitnami/redis:7.0 - environment: - # ALLOW_EMPTY_PASSWORD is recommended only for development. - - ALLOW_EMPTY_PASSWORD=yes - volumes: - - 'redis_data:/bitnami/redis' - discourse: - image: docker.io/bitnami/discourse:3 - ports: - - '80:3000' - volumes: - - 'discourse_data:/bitnami/discourse' - depends_on: - - postgresql - - redis - environment: - # ALLOW_EMPTY_PASSWORD is recommended only for development. - - ALLOW_EMPTY_PASSWORD=yes - - DISCOURSE_HOST=www.example.com - - DISCOURSE_DATABASE_HOST=postgresql - - DISCOURSE_DATABASE_PORT_NUMBER=5432 - - DISCOURSE_DATABASE_USER=bn_discourse - - DISCOURSE_DATABASE_NAME=bitnami_discourse - - DISCOURSE_REDIS_HOST=redis - - DISCOURSE_REDIS_PORT_NUMBER=6379 - - POSTGRESQL_CLIENT_POSTGRES_USER=postgres - - POSTGRESQL_CLIENT_CREATE_DATABASE_NAME=bitnami_discourse - - POSTGRESQL_CLIENT_CREATE_DATABASE_EXTENSIONS=hstore,pg_trgm - sidekiq: - image: docker.io/bitnami/discourse:3 - depends_on: - - discourse - volumes: - - 'sidekiq_data:/bitnami/discourse' - command: /opt/bitnami/scripts/discourse-sidekiq/run.sh - environment: - # ALLOW_EMPTY_PASSWORD is recommended only for development. - - ALLOW_EMPTY_PASSWORD=yes - - DISCOURSE_HOST=www.example.com - - DISCOURSE_DATABASE_HOST=postgresql - - DISCOURSE_DATABASE_PORT_NUMBER=5432 - - DISCOURSE_DATABASE_USER=bn_discourse - - DISCOURSE_DATABASE_NAME=bitnami_discourse - - DISCOURSE_REDIS_HOST=redis - - DISCOURSE_REDIS_PORT_NUMBER=6379 -volumes: - postgresql_data: - driver: local - redis_data: - driver: local - discourse_data: - driver: local - sidekiq_data: - driver: local diff --git a/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index e307e395a052..000000000000 --- a/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,44 +0,0 @@ -{ - "brotli": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.1.0-1" - }, - "discourse": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.2.0-0" - }, - "node": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "18.19.1-0" - }, - "postgresql-client": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "16.2.0-0" - }, - "python": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.11.8-0" - }, - "ruby": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.2.3-1" - }, - "wait-for-port": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.7-8" - } -} \ No newline at end of file diff --git a/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/discourse/3/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/discourse/3/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/discourse/3/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/discourse/3/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/discourse/3/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/discourse/3/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/discourse/3/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/discourse/3/debian-11/rootfs/opt/bitnami/scripts/discourse-env.sh b/bitnami/discourse/3/debian-11/rootfs/opt/bitnami/scripts/discourse-env.sh deleted file mode 100644 index 68ed47747e10..000000000000 --- a/bitnami/discourse/3/debian-11/rootfs/opt/bitnami/scripts/discourse-env.sh +++ /dev/null @@ -1,178 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for discourse - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-discourse}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -discourse_env_vars=( - DISCOURSE_DATA_TO_PERSIST - DISCOURSE_ENABLE_HTTPS - DISCOURSE_EXTERNAL_HTTP_PORT_NUMBER - DISCOURSE_EXTERNAL_HTTPS_PORT_NUMBER - DISCOURSE_HOST - DISCOURSE_PORT_NUMBER - DISCOURSE_SKIP_BOOTSTRAP - DISCOURSE_SITE_NAME - DISCOURSE_ENV - DISCOURSE_PRECOMPILE_ASSETS - DISCOURSE_ENABLE_CONF_PERSISTENCE - DISCOURSE_EXTRA_CONF_CONTENT - DISCOURSE_PASSENGER_SPAWN_METHOD - DISCOURSE_PASSENGER_EXTRA_FLAGS - DISCOURSE_USERNAME - DISCOURSE_PASSWORD - DISCOURSE_EMAIL - DISCOURSE_FIRST_NAME - DISCOURSE_LAST_NAME - DISCOURSE_SMTP_HOST - DISCOURSE_SMTP_PORT_NUMBER - DISCOURSE_SMTP_USER - DISCOURSE_SMTP_PASSWORD - DISCOURSE_SMTP_PROTOCOL - DISCOURSE_SMTP_AUTH - DISCOURSE_SMTP_OPEN_TIMEOUT - DISCOURSE_SMTP_READ_TIMEOUT - DISCOURSE_DATABASE_HOST - DISCOURSE_DATABASE_PORT_NUMBER - DISCOURSE_DATABASE_NAME - DISCOURSE_DATABASE_USER - DISCOURSE_DATABASE_PASSWORD - DISCOURSE_DB_BACKUP_HOST - DISCOURSE_DB_BACKUP_PORT - DISCOURSE_REDIS_HOST - DISCOURSE_REDIS_PORT_NUMBER - DISCOURSE_REDIS_PASSWORD - DISCOURSE_REDIS_USE_SSL - DISCOURSE_HOSTNAME - DISCOURSE_SKIP_INSTALL - SMTP_HOST - SMTP_PORT - DISCOURSE_SMTP_PORT - SMTP_USER - SMTP_PASSWORD - SMTP_PROTOCOL - SMTP_AUTH - POSTGRESQL_HOST - POSTGRESQL_PORT_NUMBER - DISCOURSE_POSTGRESQL_NAME - DISCOURSE_POSTGRESQL_USERNAME - DISCOURSE_POSTGRESQL_PASSWORD - REDIS_HOST - REDIS_PORT_NUMBER - REDIS_PASSWORD - REDIS_USE_SSL -) -for env_var in "${discourse_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset discourse_env_vars - -# Paths -export DISCOURSE_BASE_DIR="${BITNAMI_ROOT_DIR}/discourse" -export DISCOURSE_CONF_FILE="${DISCOURSE_BASE_DIR}/config/discourse.conf" -export PATH="${BITNAMI_ROOT_DIR}/common/bin:${BITNAMI_ROOT_DIR}/brotli/bin:${BITNAMI_ROOT_DIR}/git/bin:${PATH}" -export YARN_CACHE_FOLDER="${DISCOURSE_BASE_DIR}/tmp/cache" - -# Discourse persistence configuration -export DISCOURSE_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/discourse" -export DISCOURSE_DATA_TO_PERSIST="${DISCOURSE_DATA_TO_PERSIST:-plugins public/backups public/uploads}" - -# System users (when running with a privileged user) -export DISCOURSE_DAEMON_USER="discourse" -export DISCOURSE_DAEMON_GROUP="discourse" - -# Discourse configuration -export DISCOURSE_ENABLE_HTTPS="${DISCOURSE_ENABLE_HTTPS:-no}" -export DISCOURSE_EXTERNAL_HTTP_PORT_NUMBER="${DISCOURSE_EXTERNAL_HTTP_PORT_NUMBER:-80}" -export DISCOURSE_EXTERNAL_HTTPS_PORT_NUMBER="${DISCOURSE_EXTERNAL_HTTPS_PORT_NUMBER:-443}" -DISCOURSE_HOST="${DISCOURSE_HOST:-"${DISCOURSE_HOSTNAME:-}"}" -export DISCOURSE_HOST="${DISCOURSE_HOST:-www.example.com}" -export DISCOURSE_PORT_NUMBER="${DISCOURSE_PORT_NUMBER:-3000}" -DISCOURSE_SKIP_BOOTSTRAP="${DISCOURSE_SKIP_BOOTSTRAP:-"${DISCOURSE_SKIP_INSTALL:-}"}" -export DISCOURSE_SKIP_BOOTSTRAP="${DISCOURSE_SKIP_BOOTSTRAP:-}" # only used during the first initialization -export DISCOURSE_SITE_NAME="${DISCOURSE_SITE_NAME:-My site!}" # only used during the first initialization -export DISCOURSE_ENV="${DISCOURSE_ENV:-production}" -export DISCOURSE_PRECOMPILE_ASSETS="${DISCOURSE_PRECOMPILE_ASSETS:-yes}" -export DISCOURSE_ENABLE_CONF_PERSISTENCE="${DISCOURSE_ENABLE_CONF_PERSISTENCE:-no}" -export DISCOURSE_EXTRA_CONF_CONTENT="${DISCOURSE_EXTRA_CONF_CONTENT:-yes}" -export DISCOURSE_PASSENGER_SPAWN_METHOD="${DISCOURSE_PASSENGER_SPAWN_METHOD:-direct}" -export DISCOURSE_PASSENGER_EXTRA_FLAGS="${DISCOURSE_PASSENGER_EXTRA_FLAGS:-}" - -# Discourse credentials -export DISCOURSE_USERNAME="${DISCOURSE_USERNAME:-user}" # only used during the first initialization -export DISCOURSE_PASSWORD="${DISCOURSE_PASSWORD:-bitnami123}" # only used during the first initialization -export DISCOURSE_EMAIL="${DISCOURSE_EMAIL:-user@example.com}" # only used during the first initialization -export DISCOURSE_FIRST_NAME="${DISCOURSE_FIRST_NAME:-UserName}" # only used during the first initialization -export DISCOURSE_LAST_NAME="${DISCOURSE_LAST_NAME:-LastName}" # only used during the first initialization - -# Discourse SMTP credentials -DISCOURSE_SMTP_HOST="${DISCOURSE_SMTP_HOST:-"${SMTP_HOST:-}"}" -export DISCOURSE_SMTP_HOST="${DISCOURSE_SMTP_HOST:-}" -DISCOURSE_SMTP_PORT_NUMBER="${DISCOURSE_SMTP_PORT_NUMBER:-"${SMTP_PORT:-}"}" -DISCOURSE_SMTP_PORT_NUMBER="${DISCOURSE_SMTP_PORT_NUMBER:-"${DISCOURSE_SMTP_PORT:-}"}" -export DISCOURSE_SMTP_PORT_NUMBER="${DISCOURSE_SMTP_PORT_NUMBER:-}" -DISCOURSE_SMTP_USER="${DISCOURSE_SMTP_USER:-"${SMTP_USER:-}"}" -export DISCOURSE_SMTP_USER="${DISCOURSE_SMTP_USER:-}" -DISCOURSE_SMTP_PASSWORD="${DISCOURSE_SMTP_PASSWORD:-"${SMTP_PASSWORD:-}"}" -export DISCOURSE_SMTP_PASSWORD="${DISCOURSE_SMTP_PASSWORD:-}" -DISCOURSE_SMTP_PROTOCOL="${DISCOURSE_SMTP_PROTOCOL:-"${SMTP_PROTOCOL:-}"}" -export DISCOURSE_SMTP_PROTOCOL="${DISCOURSE_SMTP_PROTOCOL:-}" -DISCOURSE_SMTP_AUTH="${DISCOURSE_SMTP_AUTH:-"${SMTP_AUTH:-}"}" -export DISCOURSE_SMTP_AUTH="${DISCOURSE_SMTP_AUTH:-login}" -export DISCOURSE_SMTP_OPEN_TIMEOUT="${DISCOURSE_SMTP_OPEN_TIMEOUT:-}" -export DISCOURSE_SMTP_READ_TIMEOUT="${DISCOURSE_SMTP_READ_TIMEOUT:-}" - -# Database configuration -export DISCOURSE_DEFAULT_DATABASE_HOST="postgresql" # only used at build time -DISCOURSE_DATABASE_HOST="${DISCOURSE_DATABASE_HOST:-"${POSTGRESQL_HOST:-}"}" -export DISCOURSE_DATABASE_HOST="${DISCOURSE_DATABASE_HOST:-$DISCOURSE_DEFAULT_DATABASE_HOST}" -DISCOURSE_DATABASE_PORT_NUMBER="${DISCOURSE_DATABASE_PORT_NUMBER:-"${POSTGRESQL_PORT_NUMBER:-}"}" -export DISCOURSE_DATABASE_PORT_NUMBER="${DISCOURSE_DATABASE_PORT_NUMBER:-5432}" -DISCOURSE_DATABASE_NAME="${DISCOURSE_DATABASE_NAME:-"${DISCOURSE_POSTGRESQL_NAME:-}"}" -export DISCOURSE_DATABASE_NAME="${DISCOURSE_DATABASE_NAME:-bitnami_discourse}" -DISCOURSE_DATABASE_USER="${DISCOURSE_DATABASE_USER:-"${DISCOURSE_POSTGRESQL_USERNAME:-}"}" -export DISCOURSE_DATABASE_USER="${DISCOURSE_DATABASE_USER:-bn_discourse}" -DISCOURSE_DATABASE_PASSWORD="${DISCOURSE_DATABASE_PASSWORD:-"${DISCOURSE_POSTGRESQL_PASSWORD:-}"}" -export DISCOURSE_DATABASE_PASSWORD="${DISCOURSE_DATABASE_PASSWORD:-}" -export DISCOURSE_DB_BACKUP_HOST="${DISCOURSE_DB_BACKUP_HOST:-$DISCOURSE_DATABASE_HOST}" -export DISCOURSE_DB_BACKUP_PORT="${DISCOURSE_DB_BACKUP_PORT:-$DISCOURSE_DATABASE_PORT_NUMBER}" - -# Redis configuration -export DISCOURSE_DEFAULT_REDIS_HOST="redis" # only used at build time -DISCOURSE_REDIS_HOST="${DISCOURSE_REDIS_HOST:-"${REDIS_HOST:-}"}" -export DISCOURSE_REDIS_HOST="${DISCOURSE_REDIS_HOST:-$DISCOURSE_DEFAULT_REDIS_HOST}" -DISCOURSE_REDIS_PORT_NUMBER="${DISCOURSE_REDIS_PORT_NUMBER:-"${REDIS_PORT_NUMBER:-}"}" -export DISCOURSE_REDIS_PORT_NUMBER="${DISCOURSE_REDIS_PORT_NUMBER:-6379}" -DISCOURSE_REDIS_PASSWORD="${DISCOURSE_REDIS_PASSWORD:-"${REDIS_PASSWORD:-}"}" -export DISCOURSE_REDIS_PASSWORD="${DISCOURSE_REDIS_PASSWORD:-}" -DISCOURSE_REDIS_USE_SSL="${DISCOURSE_REDIS_USE_SSL:-"${REDIS_USE_SSL:-}"}" -export DISCOURSE_REDIS_USE_SSL="${DISCOURSE_REDIS_USE_SSL:-no}" - -# Custom environment variables may be defined below diff --git a/bitnami/discourse/3/debian-11/rootfs/opt/bitnami/scripts/discourse-sidekiq/run.sh b/bitnami/discourse/3/debian-11/rootfs/opt/bitnami/scripts/discourse-sidekiq/run.sh deleted file mode 100755 index a952aa4a96de..000000000000 --- a/bitnami/discourse/3/debian-11/rootfs/opt/bitnami/scripts/discourse-sidekiq/run.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load Discourse environment -. /opt/bitnami/scripts/discourse-env.sh - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libdiscourse.sh - -cd "$DISCOURSE_BASE_DIR" - -# Based on https://github.com/discourse/discourse/blob/master/bin/docker/sidekiq -START_CMD=( - "bundle" "exec" "sidekiq" - "-q" "critical" "-q" "low" "-q" "default" "-q" "ultra_low" # Queues; the order is important - "-e" "$DISCOURSE_ENV" -) - -info "** Starting Sidekiq **" -if am_i_root; then - exec_as_user "$DISCOURSE_DAEMON_USER" "${START_CMD[@]}" "$@" -else - exec "${START_CMD[@]}" "$@" -fi diff --git a/bitnami/discourse/3/debian-11/rootfs/opt/bitnami/scripts/discourse-sidekiq/setup.sh b/bitnami/discourse/3/debian-11/rootfs/opt/bitnami/scripts/discourse-sidekiq/setup.sh deleted file mode 100755 index f3d3acf8c135..000000000000 --- a/bitnami/discourse/3/debian-11/rootfs/opt/bitnami/scripts/discourse-sidekiq/setup.sh +++ /dev/null @@ -1,30 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load Discourse environment -. /opt/bitnami/scripts/discourse-env.sh - -# Load PostgreSQL Client environment for 'postgresql_remote_execute' (after 'discourse-env.sh' so that MODULE is not set to a wrong value) -if [[ -f /opt/bitnami/scripts/postgresql-client-env.sh ]]; then - . /opt/bitnami/scripts/postgresql-client-env.sh -elif [[ -f /opt/bitnami/scripts/postgresql-env.sh ]]; then - . /opt/bitnami/scripts/postgresql-env.sh -fi - -# Load libraries -. /opt/bitnami/scripts/libdiscourse.sh -. /opt/bitnami/scripts/libdiscoursesidekiq.sh - -# Ensure Discourse environment variables are valid -discourse_validate - -# Ensure Discourse is initialized -discourse_sidekiq_initialize diff --git a/bitnami/discourse/3/debian-11/rootfs/opt/bitnami/scripts/discourse/entrypoint.sh b/bitnami/discourse/3/debian-11/rootfs/opt/bitnami/scripts/discourse/entrypoint.sh deleted file mode 100755 index 034372f2ffcf..000000000000 --- a/bitnami/discourse/3/debian-11/rootfs/opt/bitnami/scripts/discourse/entrypoint.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load Discourse environment -. /opt/bitnami/scripts/discourse-env.sh - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -print_welcome_page - -if [[ "$1" = "/opt/bitnami/scripts/discourse/run.sh" ]]; then - /opt/bitnami/scripts/postgresql-client/setup.sh - /opt/bitnami/scripts/discourse/setup.sh - /post-init.sh - info "** Discourse setup finished! **" -elif [[ "$1" = "/opt/bitnami/scripts/discourse-sidekiq/run.sh" ]]; then - /opt/bitnami/scripts/discourse-sidekiq/setup.sh - /post-init.sh - info "** Sidekiq setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/discourse/3/debian-11/rootfs/opt/bitnami/scripts/discourse/postunpack.sh b/bitnami/discourse/3/debian-11/rootfs/opt/bitnami/scripts/discourse/postunpack.sh deleted file mode 100755 index 3aea1bb3ac86..000000000000 --- a/bitnami/discourse/3/debian-11/rootfs/opt/bitnami/scripts/discourse/postunpack.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load Discourse environment -. /opt/bitnami/scripts/discourse-env.sh - -# Load libraries -. /opt/bitnami/scripts/libdiscourse.sh -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh - -# Ensure the Discourse base directory exists and has proper permissions -info "Configuring file permissions for Discourse" -ensure_user_exists "$DISCOURSE_DAEMON_USER" --group "$DISCOURSE_DAEMON_GROUP" --system -# The backups and uploads directories are created at runtime after persistence logic, making it fail, so we create them here -declare -a writable_dirs=( - # Skipping DISCOURSE BASE_DIR intentionally because it contains a lot of files/folders that should not be writable - "$DISCOURSE_VOLUME_DIR" - # Folders to persist - "${DISCOURSE_BASE_DIR}/plugins" - "${DISCOURSE_BASE_DIR}/public/backups" - "${DISCOURSE_BASE_DIR}/public/uploads" - # Folders that need to be writable for the app to work - "${DISCOURSE_BASE_DIR}/app/assets" - "${DISCOURSE_BASE_DIR}/log" - "${DISCOURSE_BASE_DIR}/public" - "${DISCOURSE_BASE_DIR}/tmp" - "/home/${DISCOURSE_DAEMON_USER}" - # Avoid Bundle usage warnings by creating a .bundler folder in the home directory - "$(su "$DISCOURSE_DAEMON_USER" -s "$SHELL" -c "echo ~/.bundle")" -) -for dir in "${writable_dirs[@]}"; do - ensure_dir_exists "$dir" - # Use daemon:root ownership for compatibility when running as a non-root user - configure_permissions_ownership "$dir" -d "775" -f "664" -u "$DISCOURSE_DAEMON_USER" -g "root" -done - -# Gem 'sprockets' purposely includes a broken symlink, which causes permissions change to fail -# We need to remove the broken symlink for chown to succeed -find "${DISCOURSE_BASE_DIR}/vendor/bundle/ruby" -wholename "*/sprockets-*/test/fixtures/errors/symlink" -type l -exec rm -f {} \; - -# Required for running as non-root users, for persistence logic to work properly -# Using g+rwx/g+rw instead of explicit 775/664 permissions because Discourse includes executable binaries in different subfolders -configure_permissions_ownership "$DISCOURSE_BASE_DIR" -d "g+rwx" -f "g+rw" -u "$DISCOURSE_DAEMON_USER" -g "root" diff --git a/bitnami/discourse/3/debian-11/rootfs/opt/bitnami/scripts/discourse/run.sh b/bitnami/discourse/3/debian-11/rootfs/opt/bitnami/scripts/discourse/run.sh deleted file mode 100755 index 4e879de3b4e0..000000000000 --- a/bitnami/discourse/3/debian-11/rootfs/opt/bitnami/scripts/discourse/run.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load Discourse environment -. /opt/bitnami/scripts/discourse-env.sh - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libdiscourse.sh - -cd "$DISCOURSE_BASE_DIR" - -declare -a cmd=( - "bundle" "exec" "passenger" "start" - "--user" "$DISCOURSE_DAEMON_USER" - "-e" "$DISCOURSE_ENV" - "-p" "$DISCOURSE_PORT_NUMBER" - "--spawn-method" "$DISCOURSE_PASSENGER_SPAWN_METHOD" -) - -# Append extra flags specified via environment variables -if [[ -n "$DISCOURSE_PASSENGER_EXTRA_FLAGS" ]]; then - declare -a passenger_extra_flags - read -r -a passenger_extra_flags <<< "$DISCOURSE_PASSENGER_EXTRA_FLAGS" - [[ "${#passenger_extra_flags[@]}" -gt 0 ]] && cmd+=("${passenger_extra_flags[@]}") -fi - -info "** Starting Discourse **" -exec "${cmd[@]}" "$@" diff --git a/bitnami/discourse/3/debian-11/rootfs/opt/bitnami/scripts/discourse/setup.sh b/bitnami/discourse/3/debian-11/rootfs/opt/bitnami/scripts/discourse/setup.sh deleted file mode 100755 index b8f55b79be75..000000000000 --- a/bitnami/discourse/3/debian-11/rootfs/opt/bitnami/scripts/discourse/setup.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load Discourse environment -. /opt/bitnami/scripts/discourse-env.sh - -# Load PostgreSQL Client environment for 'postgresql_remote_execute' (after 'discourse-env.sh' so that MODULE is not set to a wrong value) -if [[ -f /opt/bitnami/scripts/postgresql-client-env.sh ]]; then - . /opt/bitnami/scripts/postgresql-client-env.sh -elif [[ -f /opt/bitnami/scripts/postgresql-env.sh ]]; then - . /opt/bitnami/scripts/postgresql-env.sh -fi - -# Load libraries -. /opt/bitnami/scripts/libdiscourse.sh - -# Ensure Discourse environment variables are valid -discourse_validate - -# Ensure Discourse is initialized -discourse_initialize diff --git a/bitnami/discourse/3/debian-11/rootfs/opt/bitnami/scripts/discourse/updatehost.sh b/bitnami/discourse/3/debian-11/rootfs/opt/bitnami/scripts/discourse/updatehost.sh deleted file mode 100755 index 9bad6ec5677e..000000000000 --- a/bitnami/discourse/3/debian-11/rootfs/opt/bitnami/scripts/discourse/updatehost.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load Discourse environment -. /opt/bitnami/scripts/discourse-env.sh - -# Load libraries -. /opt/bitnami/scripts/libdiscourse.sh - -# If DISCOURSE_HOST is not provided via user-data, force value from CLI args -if [[ -z "$DISCOURSE_HOST" || "$DISCOURSE_HOST" = "www.example.com" ]]; then - DISCOURSE_DOMAIN="${1:?missing host}" -else - DISCOURSE_DOMAIN="$DISCOURSE_HOST" -fi - -info "Updating configuration file" -discourse_set_hostname "$DISCOURSE_DOMAIN" diff --git a/bitnami/discourse/3/debian-11/rootfs/opt/bitnami/scripts/libdiscourse.sh b/bitnami/discourse/3/debian-11/rootfs/opt/bitnami/scripts/libdiscourse.sh deleted file mode 100644 index c88fc65e57cc..000000000000 --- a/bitnami/discourse/3/debian-11/rootfs/opt/bitnami/scripts/libdiscourse.sh +++ /dev/null @@ -1,461 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Discourse library - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libpersistence.sh -. /opt/bitnami/scripts/libservice.sh - -# Load database library -if [[ -f /opt/bitnami/scripts/libpostgresqlclient.sh ]]; then - . /opt/bitnami/scripts/libpostgresqlclient.sh -elif [[ -f /opt/bitnami/scripts/libpostgresql.sh ]]; then - . /opt/bitnami/scripts/libpostgresql.sh -fi - -######################## -# Validate settings in DISCOURSE_* env vars -# Globals: -# DISCOURSE_* -# Arguments: -# None -# Returns: -# 0 if the validation succeeded, 1 otherwise -######################### -discourse_validate() { - debug "Validating settings in DISCOURSE_* environment variables..." - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - check_empty_value() { - if is_empty_value "${!1}"; then - print_validation_error "${1} must be set" - fi - } - check_yes_no_value() { - if ! is_yes_no_value "${!1}" && ! is_true_false_value "${!1}"; then - print_validation_error "The allowed values for ${1} are: yes no" - fi - } - check_multi_value() { - if [[ " ${2} " != *" ${!1} "* ]]; then - print_validation_error "The allowed values for ${1} are: ${2}" - fi - } - check_resolved_hostname() { - if ! is_hostname_resolved "$1"; then - warn "Hostname ${1} could not be resolved, this could lead to connection issues" - fi - } - check_password_length() { - local password_var="${1:?missing password_var}" - local length="${2:?missing length}" - local password="${!1}" - if [[ "${#password}" -lt "$length" ]]; then - print_validation_error "${password_var} must be at least ${length} characters" - fi - } - check_valid_port() { - local port_var="${1:?missing port variable}" - local err - if ! err="$(validate_port "${!port_var}")"; then - print_validation_error "An invalid port was specified in the environment variable ${port_var}: ${err}." - fi - } - - # Warn users in case the configuration file is not writable - is_file_writable "$DISCOURSE_CONF_FILE" || warn "The Discourse configuration file '${DISCOURSE_CONF_FILE}' is not writable. Configurations based on environment variables will not be applied for this file." - - # Validate user inputs - check_empty_value "DISCOURSE_HOST" - check_multi_value "DISCOURSE_ENV" "development production test" - check_multi_value "DISCOURSE_PASSENGER_SPAWN_METHOD" "direct smart" - check_password_length "DISCOURSE_PASSWORD" 10 - ! is_empty_value "$DISCOURSE_ENABLE_HTTPS" && check_yes_no_value "DISCOURSE_ENABLE_HTTPS" - ! is_empty_value "$DISCOURSE_SKIP_BOOTSTRAP" && check_yes_no_value "DISCOURSE_SKIP_BOOTSTRAP" - ! is_empty_value "$DISCOURSE_DATABASE_HOST" && check_resolved_hostname "$DISCOURSE_DATABASE_HOST" - ! is_empty_value "$DISCOURSE_DATABASE_PORT_NUMBER" && check_valid_port "DISCOURSE_DATABASE_PORT_NUMBER" - ! is_empty_value "$DISCOURSE_REDIS_HOST" && check_resolved_hostname "$DISCOURSE_REDIS_HOST" - ! is_empty_value "$DISCOURSE_REDIS_PORT_NUMBER" && check_valid_port "DISCOURSE_REDIS_PORT_NUMBER" - ! is_empty_value "$DISCOURSE_REDIS_USE_SSL" && check_yes_no_value "DISCOURSE_REDIS_USE_SSL" - if ! is_file_writable "$DISCOURSE_CONF_FILE"; then - warn "The Discourse configuration file ${DISCOURSE_CONF_FILE} is not writable. Configurations specified via environment variables will not be applied to this file." - is_boolean_yes "$DISCOURSE_ENABLE_CONF_PERSISTENCE" && warn "The DISCOURSE_ENABLE_CONF_PERSISTENCE configuration is enabled but the ${DISCOURSE_CONF_FILE} file is not writable. The file will not be persisted." - fi - - # Validate credentials - if is_boolean_yes "${ALLOW_EMPTY_PASSWORD:-}"; then - warn "You set the environment variable ALLOW_EMPTY_PASSWORD=${ALLOW_EMPTY_PASSWORD:-}. For safety reasons, do not use this flag in a production environment." - else - # Do not throw an error yet, since the option did not exist before and it would break upgrades - for empty_env_var in "DISCOURSE_DATABASE_PASSWORD" "DISCOURSE_REDIS_PASSWORD"; do - is_empty_value "${!empty_env_var}" && warn "The ${empty_env_var} environment variable is empty or not set. Set the environment variable ALLOW_EMPTY_PASSWORD=yes to allow a blank password. This is only recommended for development environments." - done - fi - - # Validate SMTP credentials - if ! is_empty_value "$DISCOURSE_SMTP_HOST"; then - for empty_env_var in "DISCOURSE_SMTP_USER" "DISCOURSE_SMTP_PASSWORD"; do - is_empty_value "${!empty_env_var}" && warn "The ${empty_env_var} environment variable is empty or not set." - done - is_empty_value "$DISCOURSE_SMTP_PORT_NUMBER" && print_validation_error "The DISCOURSE_SMTP_PORT_NUMBER environment variable is empty or not set." - ! is_empty_value "$DISCOURSE_SMTP_PORT_NUMBER" && check_valid_port "DISCOURSE_SMTP_PORT_NUMBER" - ! is_empty_value "$DISCOURSE_SMTP_PROTOCOL" && check_multi_value "DISCOURSE_SMTP_PROTOCOL" "ssl tls" - check_multi_value "DISCOURSE_SMTP_AUTH" "plain login cram_md5" - fi - - return "$error_code" -} - -######################## -# Ensure Discourse is initialized -# Globals: -# DISCOURSE_* -# Arguments: -# None -# Returns: -# None -######################### -discourse_initialize() { - local -a postgresql_remote_execute_args=("$DISCOURSE_DATABASE_HOST" "$DISCOURSE_DATABASE_PORT_NUMBER" "$DISCOURSE_DATABASE_NAME" "$DISCOURSE_DATABASE_USER" "$DISCOURSE_DATABASE_PASSWORD") - - if ! is_dir_empty "${DISCOURSE_BASE_DIR}/mounted-conf"; then - info "Detected mounted configuration files, copying to Discourse config directory" - cp -r "${DISCOURSE_BASE_DIR}/mounted-conf/"* "$DISCOURSE_CONF_DIR" - fi - - if is_file_writable "$DISCOURSE_CONF_FILE"; then - if is_boolean_yes "$DISCOURSE_ENABLE_CONF_PERSISTENCE"; then - DISCOURSE_DATA_TO_PERSIST+=" ${DISCOURSE_CONF_FILE}" - # Avoid restarts causing config file recreation due to symlink still being present - rm -f "$DISCOURSE_CONF_FILE" - fi - info "Creating Discourse configuration file" - discourse_create_conf_file - fi - - # Check if Discourse has already been initialized and persisted in a previous run - local -r app_name="discourse" - if ! is_app_initialized "$app_name"; then - # Ensure Discourse persisted directories exist (i.e. when a volume has been mounted to /bitnami) - info "Ensuring Discourse directories exist" - ensure_dir_exists "$DISCOURSE_VOLUME_DIR" - # Use daemon:root ownership for compatibility when running as a non-root user - am_i_root && configure_permissions_ownership "$DISCOURSE_VOLUME_DIR" -d "775" -f "664" -u "$DISCOURSE_DAEMON_USER" -g "root" - - info "Trying to connect to the database server" - discourse_wait_for_postgresql_connection "${postgresql_remote_execute_args[@]}" - - # The below steps are used to install Discourse, based on the below installation template: - # https://github.com/discourse/discourse_docker/blob/master/templates/web.template.yml - # Some things like auto-updates for plugins and themes are intentionally skipped since pre-installation is not yet supported - - # Populate database - info "Populating database" - discourse_rake_execute db:migrate - - if is_boolean_yes "$DISCOURSE_SKIP_BOOTSTRAP"; then - info "An already initialized Discourse database was provided, configuration will be skipped" - else - info "Creating admin user" - discourse_ensure_admin_user_exists "$DISCOURSE_USERNAME" "$DISCOURSE_PASSWORD" "$DISCOURSE_EMAIL" "${DISCOURSE_FIRST_NAME} ${DISCOURSE_LAST_NAME}" - fi - - info "Persisting Discourse installation" - persist_app "$app_name" "$DISCOURSE_DATA_TO_PERSIST" - else - info "Restoring persisted Discourse installation" - restore_persisted_app "$app_name" "$DISCOURSE_DATA_TO_PERSIST" - - info "Trying to connect to the database server" - discourse_wait_for_postgresql_connection "${postgresql_remote_execute_args[@]}" - - info "Running database migrations" - discourse_rake_execute db:migrate - fi - - # Set execution permissions to ember's binary (required for assets precompile) - # Add symlink to discourse/bin for simplicity - chmod +x "${DISCOURSE_BASE_DIR}/app/assets/javascripts/node_modules/ember-cli/bin/ember" - ln -sf "${DISCOURSE_BASE_DIR}/app/assets/javascripts/node_modules/ember-cli/bin/ember" "${DISCOURSE_BASE_DIR}/bin/ember" - if is_boolean_yes "$DISCOURSE_PRECOMPILE_ASSETS"; then - info "Precompiling assets, this may take some time..." - discourse_rake_execute assets:precompile - else - # The precompilation of CSS assets also populates the 'stylesheet_cache' table, requiring also a DB connection - # And since the DB is not available at build time, it is impossible to build CSS assets at build time - # Note: The info log is intentionally misleading, to avoid confusion for users when disabling DISCOURSE_PRECOMPILE_ASSETS - info "Populating CSS cache in database" - discourse_rake_execute assets:precompile:css - fi - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Add or modify an entry in the Discourse configuration file -# Globals: -# DISCOURSE_* -# Arguments: -# $1 - Variable name -# $2 - Value to assign to the variable -# Returns: -# None -######################### -discourse_conf_set() { - local -r key="${1:?key missing}" - local -r value="${2:-}" - debug "Setting ${key} to '${value}' in Discourse configuration" - # Sanitize key (sed does not support fixed string substitutions) - local sanitized_pattern - sanitized_pattern="^\s*(#\s*)?$(sed 's/[]\[^$.*/]/\\&/g' <<< "$key")\s*=\s*(.*)" - local entry="${key} = ${value}" - # Check if the configuration exists in the file - if grep -q -E "$sanitized_pattern" "$DISCOURSE_CONF_FILE"; then - # It exists, so replace the line - replace_in_file "$DISCOURSE_CONF_FILE" "$sanitized_pattern" "$entry" - else - echo "$entry" >> "$DISCOURSE_CONF_FILE" - fi -} - -######################## -# Create and populate the Discourse configuration for the current environment -# Globals: -# DISCOURSE_* -# Arguments: -# None -# Returns: -# None -######################### -discourse_create_conf_file() { - # Based on: https://github.com/discourse/discourse/blob/master/config/discourse_defaults.conf - touch "$DISCOURSE_CONF_FILE" - discourse_set_hostname "$DISCOURSE_HOST" - # Database credentials - discourse_conf_set "db_host" "$DISCOURSE_DATABASE_HOST" - discourse_conf_set "db_port" "$DISCOURSE_DATABASE_PORT_NUMBER" - discourse_conf_set "db_username" "$DISCOURSE_DATABASE_USER" - discourse_conf_set "db_password" "$DISCOURSE_DATABASE_PASSWORD" - discourse_conf_set "db_name" "$DISCOURSE_DATABASE_NAME" - # Database backup settings - discourse_conf_set "db_backup_host" "$DISCOURSE_DB_BACKUP_HOST" - discourse_conf_set "db_backup_port" "$DISCOURSE_DB_BACKUP_PORT" - # Redis credentials - discourse_conf_set "redis_host" "$DISCOURSE_REDIS_HOST" - discourse_conf_set "redis_port" "$DISCOURSE_REDIS_PORT_NUMBER" - discourse_conf_set "redis_password" "$DISCOURSE_REDIS_PASSWORD" - is_boolean_yes "$DISCOURSE_REDIS_USE_SSL" && discourse_conf_set "redis_use_ssl" true - # SMTP credentials - if ! is_empty_value "$DISCOURSE_SMTP_HOST"; then - info "Enabling SMTP" - discourse_conf_set "smtp_address" "$DISCOURSE_SMTP_HOST" - discourse_conf_set "smtp_port" "$DISCOURSE_SMTP_PORT_NUMBER" - discourse_conf_set "smtp_user_name" "$DISCOURSE_SMTP_USER" - discourse_conf_set "smtp_password" "$DISCOURSE_SMTP_PASSWORD" - discourse_conf_set "smtp_enable_start_tls" "$([[ "$DISCOURSE_SMTP_PROTOCOL" = "tls" ]] && echo "true" || echo "false")" - discourse_conf_set "smtp_authentication" "$DISCOURSE_SMTP_AUTH" - ! is_empty_value "$DISCOURSE_SMTP_OPEN_TIMEOUT" && discourse_conf_set "smtp_open_timeout" "$DISCOURSE_SMTP_OPEN_TIMEOUT" - ! is_empty_value "$DISCOURSE_SMTP_READ_TIMEOUT" && discourse_conf_set "smtp_read_timeout" "$DISCOURSE_SMTP_READ_TIMEOUT" - fi - # Extra configuration - ! is_empty_value "$DISCOURSE_EXTRA_CONF_CONTENT" && echo "$DISCOURSE_EXTRA_CONF_CONTENT" >> "$DISCOURSE_CONF_FILE" -} - -######################## -# Wait until the database is accessible with the currently-known credentials -# Globals: -# * -# Arguments: -# $1 - database host -# $2 - database port -# $3 - database name -# $4 - database username -# $5 - database user password (optional) -# Returns: -# true if the database connection succeeded, false otherwise -######################### -discourse_wait_for_postgresql_connection() { - local -r db_host="${1:?missing database host}" - local -r db_port="${2:?missing database port}" - local -r db_name="${3:?missing database name}" - local -r db_user="${4:?missing database user}" - local -r db_pass="${5:-}" - check_postgresql_connection() { - echo "SELECT 1" | postgresql_remote_execute "$db_host" "$db_port" "$db_name" "$db_user" "$db_pass" - } - if ! retry_while "check_postgresql_connection"; then - error "Could not connect to the database" - return 1 - fi -} - -######################## -# Wait until Redis is accessible -# Globals: -# * -# Arguments: -# $1 - Redis host -# $2 - Redis port -# Returns: -# true if the Redis connection succeeded, false otherwise -######################### -discourse_wait_for_redis_connection() { - local -r redis_host="${1:?missing Redis host}" - local -r redis_port="${2:?missing Redis port}" - if ! retry_while "debug_execute wait-for-port --timeout 5 --host ${redis_host} ${redis_port}"; then - error "Could not connect to Redis" - return 1 - fi -} - -######################## -# Executes Bundler with the proper environment and the specified arguments and print result to stdout -# Globals: -# DISCOURSE_* -# Arguments: -# $1..$n - Arguments to pass to the CLI call -# Returns: -# None -######################### -discourse_bundle_execute_print_output() { - # Avoid creating unnecessary cache files at initialization time - local -a cmd=("bundle" "exec" "$@") - # Run as application user to avoid having to change permissions/ownership afterwards - am_i_root && cmd=("run_as_user" "$DISCOURSE_DAEMON_USER" "${cmd[@]}") - ( - export RAILS_ENV="$DISCOURSE_ENV" - cd "$DISCOURSE_BASE_DIR" || false - "${cmd[@]}" - ) -} - -######################## -# Executes Bundler with the proper environment and the specified arguments -# Globals: -# DISCOURSE_* -# Arguments: -# $1..$n - Arguments to pass to the CLI call -# Returns: -# None -######################### -discourse_bundle_execute() { - debug_execute discourse_bundle_execute_print_output "$@" -} - -######################## -# Executes the 'rake' CLI with the proper Bundler environment and the specified arguments and print result to stdout -# Globals: -# DISCOURSE_* -# Arguments: -# $1..$n - Arguments to pass to the CLI call -# Returns: -# None -######################### -discourse_rake_execute_print_output() { - discourse_bundle_execute_print_output "rake" "$@" -} - -######################## -# Executes the 'rake' CLI with the proper Bundler environment and the specified arguments -# Globals: -# DISCOURSE_* -# Arguments: -# $1..$n - Arguments to pass to the CLI call -# Returns: -# None -######################### -discourse_rake_execute() { - debug_execute discourse_rake_execute_print_output "$@" -} - -######################## -# Executes the commands specified via stdin in the Rails console for Discourse -# Globals: -# DISCOURSE_* -# Arguments: -# None -# Returns: -# None -######################### -discourse_console_execute() { - local rails_cmd - rails_cmd="$( "$DISCOURSE_SIDEKIQ_PID_FILE" - - pid="$(get_pid_from_file "$DISCOURSE_SIDEKIQ_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if sidekiq daemons are not running -# Arguments: -# None -# Returns: -# Boolean -######################### -discourse_is_sidekiq_not_running() { - ! discourse_is_sidekiq_running -} - -######################## -# Stop sidekiq daemons -# Arguments: -# None -# Returns: -# None -######################### -discourse_sidekiq_stop() { - ! discourse_is_sidekiq_running && return - stop_service_using_pid "$DISCOURSE_SIDEKIQ_PID_FILE" -} diff --git a/bitnami/discourse/3/debian-11/rootfs/opt/bitnami/scripts/libpostgresqlclient.sh b/bitnami/discourse/3/debian-11/rootfs/opt/bitnami/scripts/libpostgresqlclient.sh deleted file mode 100644 index 0c921ff1d2ef..000000000000 --- a/bitnami/discourse/3/debian-11/rootfs/opt/bitnami/scripts/libpostgresqlclient.sh +++ /dev/null @@ -1,424 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami PostgreSQL Client library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh - -######################## -# Validate settings in POSTGRESQL_CLIENT_* environment variables -# Globals: -# POSTGRESQL_CLIENT_* -# Arguments: -# None -# Returns: -# None -######################### -postgresql_client_validate() { - info "Validating settings in POSTGRESQL_CLIENT_* env vars" - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - empty_password_enabled_warn() { - warn "You set the environment variable ALLOW_EMPTY_PASSWORD=${ALLOW_EMPTY_PASSWORD}. For safety reasons, do not use this flag in a production environment." - } - empty_password_error() { - print_validation_error "The $1 environment variable is empty or not set. Set the environment variable ALLOW_EMPTY_PASSWORD=yes to allow the container to be started with blank passwords. This is recommended only for development." - } - - # Only validate environment variables if any action needs to be performed - local -a database_names - read -r -a database_names <<< "$(tr ',;' ' ' <<< "$POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES")" - if [[ -n "$POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME" || "${#database_names[@]}" -gt 0 ]]; then - if is_boolean_yes "$ALLOW_EMPTY_PASSWORD"; then - empty_password_enabled_warn - else - if [[ -z "$POSTGRESQL_CLIENT_POSTGRES_PASSWORD" ]]; then - empty_password_error "POSTGRESQL_CLIENT_POSTGRES_PASSWORD" - fi - if [[ -n "$POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME" ]] && [[ -z "$POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD" ]]; then - empty_password_error "POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD" - fi - fi - fi - # When enabling extensions, the DB name must be provided - local -a extensions - read -r -a extensions <<< "$(tr ',;' ' ' <<< "$POSTGRESQL_CLIENT_CREATE_DATABASE_EXTENSIONS")" - if [[ "${#database_names[@]}" -le 0 && "${#extensions[@]}" -gt 0 ]]; then - print_validation_error "POSTGRESQL_CLIENT_CREATE_DATABASE_EXTENSIONS requires POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES to be set." - fi - return "$error_code" -} - -######################## -# Perform actions to a database -# Globals: -# POSTGRESQL_CLIENT_* -# Arguments: -# None -# Returns: -# None -######################### -postgresql_client_initialize() { - local -a database_names - read -r -a database_names <<< "$(tr ',;' ' ' <<< "$POSTGRESQL_CLIENT_CREATE_DATABASE_NAMES")" - # Wait for the database to be accessible if any action needs to be performed - if [[ -n "$POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME" || "${#database_names[@]}" -gt 0 ]]; then - info "Trying to connect to the database server" - check_postgresql_connection() { - echo "SELECT 1" | postgresql_remote_execute "$POSTGRESQL_CLIENT_DATABASE_HOST" "$POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER" "postgres" "$POSTGRESQL_CLIENT_POSTGRES_USER" "$POSTGRESQL_CLIENT_POSTGRES_PASSWORD" - } - if ! retry_while "check_postgresql_connection"; then - error "Could not connect to the database server" - return 1 - fi - fi - # Ensure a database user exists in the server - if [[ -n "$POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME" ]]; then - info "Creating database user ${POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME}" - local -a args=("$POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME" "--host" "$POSTGRESQL_CLIENT_DATABASE_HOST" "--port" "$POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER") - [[ -n "$POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD" ]] && args+=("-p" "$POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD") - postgresql_ensure_user_exists "${args[@]}" - fi - # Ensure a database exists in the server (and that the user has write privileges, if specified) - if [[ "${#database_names[@]}" -gt 0 ]]; then - local -a createdb_args extensions - read -r -a extensions <<< "$(tr ',;' ' ' <<< "$POSTGRESQL_CLIENT_CREATE_DATABASE_EXTENSIONS")" - for database_name in "${database_names[@]}"; do - info "Creating database ${database_name}" - createdb_args=("$database_name" "--host" "$POSTGRESQL_CLIENT_DATABASE_HOST" "--port" "$POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER") - [[ -n "$POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME" ]] && createdb_args+=("-u" "$POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME") - postgresql_ensure_database_exists "${createdb_args[@]}" - # Ensure the list of extensions are enabled in the specified database - if [[ "${#extensions[@]}" -gt 0 ]]; then - for extension_to_create in "${extensions[@]}"; do - echo "CREATE EXTENSION IF NOT EXISTS ${extension_to_create}" | postgresql_remote_execute "$POSTGRESQL_CLIENT_DATABASE_HOST" "$POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER" "$database_name" "$POSTGRESQL_CLIENT_POSTGRES_USER" "$POSTGRESQL_CLIENT_POSTGRES_PASSWORD" - done - fi - done - fi - # Execute a custom SQL script - if [[ -n "$POSTGRESQL_CLIENT_EXECUTE_SQL" ]]; then - info "Executing custom SQL script" - echo "$POSTGRESQL_CLIENT_EXECUTE_SQL" | postgresql_remote_execute "$POSTGRESQL_CLIENT_DATABASE_HOST" "$POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER" "postgres" "$POSTGRESQL_CLIENT_POSTGRES_USER" "$POSTGRESQL_CLIENT_POSTGRES_PASSWORD" - fi - # Avoid exit code of previous commands to affect the result of this function - true -} - -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC2148 - -######################## -# Return PostgreSQL major version -# Globals: -# POSTGRESQL_* -# Arguments: -# None -# Returns: -# String -######################### -postgresql_get_major_version() { - psql --version | grep -oE "[0-9]+\.[0-9]+" | grep -oE "^[0-9]+" -} - -######################## -# Gets an environment variable name based on the suffix -# Arguments: -# $1 - environment variable suffix -# Returns: -# environment variable name -######################### -get_env_var_value() { - local env_var_suffix="${1:?missing suffix}" - local env_var_name - for env_var_prefix in POSTGRESQL POSTGRESQL_CLIENT; do - env_var_name="${env_var_prefix}_${env_var_suffix}" - if [[ -n "${!env_var_name:-}" ]]; then - echo "${!env_var_name}" - break - fi - done -} - -######################## -# Execute an arbitrary query/queries against the running PostgreSQL service and print the output -# Stdin: -# Query/queries to execute -# Globals: -# BITNAMI_DEBUG -# POSTGRESQL_* -# Arguments: -# $1 - Database where to run the queries -# $2 - User to run queries -# $3 - Password -# $4 - Extra options (eg. -tA) -# Returns: -# None -######################### -postgresql_execute_print_output() { - local -r db="${1:-}" - local -r user="${2:-postgres}" - local -r pass="${3:-}" - local opts - read -r -a opts <<<"${@:4}" - - local args=("-U" "$user" "-p" "${POSTGRESQL_PORT_NUMBER:-5432}") - [[ -n "$db" ]] && args+=("-d" "$db") - [[ "${#opts[@]}" -gt 0 ]] && args+=("${opts[@]}") - - # Execute the Query/queries from stdin - PGPASSWORD=$pass psql "${args[@]}" -} - -######################## -# Execute an arbitrary query/queries against the running PostgreSQL service -# Stdin: -# Query/queries to execute -# Globals: -# BITNAMI_DEBUG -# POSTGRESQL_* -# Arguments: -# $1 - Database where to run the queries -# $2 - User to run queries -# $3 - Password -# $4 - Extra options (eg. -tA) -# Returns: -# None -######################### -postgresql_execute() { - if [[ "${BITNAMI_DEBUG:-false}" = true ]]; then - "postgresql_execute_print_output" "$@" - elif [[ "${NO_ERRORS:-false}" = true ]]; then - "postgresql_execute_print_output" "$@" 2>/dev/null - else - "postgresql_execute_print_output" "$@" >/dev/null 2>&1 - fi -} - -######################## -# Execute an arbitrary query/queries against a remote PostgreSQL service and print to stdout -# Stdin: -# Query/queries to execute -# Globals: -# BITNAMI_DEBUG -# DB_* -# Arguments: -# $1 - Remote PostgreSQL service hostname -# $2 - Remote PostgreSQL service port -# $3 - Database where to run the queries -# $4 - User to run queries -# $5 - Password -# $6 - Extra options (eg. -tA) -# Returns: -# None -postgresql_remote_execute_print_output() { - local -r hostname="${1:?hostname is required}" - local -r port="${2:?port is required}" - local -a args=("-h" "$hostname" "-p" "$port") - shift 2 - "postgresql_execute_print_output" "$@" "${args[@]}" -} - -######################## -# Execute an arbitrary query/queries against a remote PostgreSQL service -# Stdin: -# Query/queries to execute -# Globals: -# BITNAMI_DEBUG -# DB_* -# Arguments: -# $1 - Remote PostgreSQL service hostname -# $2 - Remote PostgreSQL service port -# $3 - Database where to run the queries -# $4 - User to run queries -# $5 - Password -# $6 - Extra options (eg. -tA) -# Returns: -# None -postgresql_remote_execute() { - if [[ "${BITNAMI_DEBUG:-false}" = true ]]; then - "postgresql_remote_execute_print_output" "$@" - elif [[ "${NO_ERRORS:-false}" = true ]]; then - "postgresql_remote_execute_print_output" "$@" 2>/dev/null - else - "postgresql_remote_execute_print_output" "$@" >/dev/null 2>&1 - fi -} - -######################## -# Optionally create the given database user -# Flags: -# -p|--password - database password -# --host - database host -# --port - database port -# Arguments: -# $1 - user -# Returns: -# None -######################### -postgresql_ensure_user_exists() { - local -r user="${1:?user is missing}" - local password="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -p | --password) - shift - password="${1:?missing password}" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - local -a postgresql_execute_cmd=("postgresql_execute") - [[ -n "$db_host" && -n "$db_port" ]] && postgresql_execute_cmd=("postgresql_remote_execute" "$db_host" "$db_port") - local -a postgresql_execute_flags=("postgres" "$(get_env_var_value POSTGRES_USER)" "$(get_env_var_value POSTGRES_PASSWORD)") - - "${postgresql_execute_cmd[@]}" "${postgresql_execute_flags[@]}" <&2 - return 1 - ;; - esac - shift - done - - local -a postgresql_execute_cmd=("postgresql_execute") - [[ -n "$db_host" && -n "$db_port" ]] && postgresql_execute_cmd=("postgresql_remote_execute" "$db_host" "$db_port") - local -a postgresql_execute_flags=("postgres" "$(get_env_var_value POSTGRES_USER)" "$(get_env_var_value POSTGRES_PASSWORD)") - - "${postgresql_execute_cmd[@]}" "${postgresql_execute_flags[@]}" < "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/dokuwiki/20230404/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/dokuwiki/20230404/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/dokuwiki/20230404/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/dokuwiki/20230404/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/dokuwiki/20230404/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/dokuwiki/20230404/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/dokuwiki/20230404/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/dokuwiki/20230404/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/dokuwiki/20230404/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/dokuwiki/20230404/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/dokuwiki/20230404/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/dokuwiki/20230404/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/dokuwiki/20230404/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/dokuwiki/20230404/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/dokuwiki/20230404/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/dokuwiki/20230404/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/dokuwiki/20230404/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/dokuwiki/20230404/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/dokuwiki/20230404/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/dokuwiki/20230404/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/dokuwiki/20230404/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/dokuwiki/20230404/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/apache/conf/deflate.conf b/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/apache/conf/deflate.conf deleted file mode 100644 index ca9bc1d6e4b6..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/apache/conf/deflate.conf +++ /dev/null @@ -1,5 +0,0 @@ - - AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css - AddOutputFilterByType DEFLATE application/x-javascript application/javascript application/ecmascript - AddOutputFilterByType DEFLATE application/rss+xml - diff --git a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/apache/conf/vhosts/00_status-vhost.conf b/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/apache/conf/vhosts/00_status-vhost.conf deleted file mode 100644 index c0838da2a4e5..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/apache/conf/vhosts/00_status-vhost.conf +++ /dev/null @@ -1,7 +0,0 @@ - - ServerName status.localhost - - Require local - SetHandler server-status - - diff --git a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache-env.sh b/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache-env.sh deleted file mode 100644 index 449481062e54..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache-env.sh +++ /dev/null @@ -1,80 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for apache - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-apache}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -apache_env_vars=( - APACHE_HTTP_PORT_NUMBER - APACHE_HTTPS_PORT_NUMBER - APACHE_SERVER_TOKENS - APACHE_HTTP_PORT - APACHE_HTTPS_PORT -) -for env_var in "${apache_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset apache_env_vars -export WEB_SERVER_TYPE="apache" - -# Paths -export APACHE_BASE_DIR="${BITNAMI_ROOT_DIR}/apache" -export APACHE_BIN_DIR="${APACHE_BASE_DIR}/bin" -export APACHE_CONF_DIR="${APACHE_BASE_DIR}/conf" -export APACHE_HTDOCS_DIR="${APACHE_BASE_DIR}/htdocs" -export APACHE_TMP_DIR="${APACHE_BASE_DIR}/var/run" -export APACHE_LOGS_DIR="${APACHE_BASE_DIR}/logs" -export APACHE_VHOSTS_DIR="${APACHE_CONF_DIR}/vhosts" -export APACHE_HTACCESS_DIR="${APACHE_VHOSTS_DIR}/htaccess" -export APACHE_CONF_FILE="${APACHE_CONF_DIR}/httpd.conf" -export APACHE_PID_FILE="${APACHE_TMP_DIR}/httpd.pid" -export PATH="${APACHE_BIN_DIR}:${BITNAMI_ROOT_DIR}/common/bin:${PATH}" - -# System users (when running with a privileged user) -export APACHE_DAEMON_USER="daemon" -export WEB_SERVER_DAEMON_USER="$APACHE_DAEMON_USER" -export APACHE_DAEMON_GROUP="daemon" -export WEB_SERVER_DAEMON_GROUP="$APACHE_DAEMON_GROUP" -export WEB_SERVER_GROUP="$APACHE_DAEMON_GROUP" - -# Apache configuration -export APACHE_DEFAULT_HTTP_PORT_NUMBER="8080" -export WEB_SERVER_DEFAULT_HTTP_PORT_NUMBER="$APACHE_DEFAULT_HTTP_PORT_NUMBER" # only used at build time -export APACHE_DEFAULT_HTTPS_PORT_NUMBER="8443" -export WEB_SERVER_DEFAULT_HTTPS_PORT_NUMBER="$APACHE_DEFAULT_HTTPS_PORT_NUMBER" # only used at build time -APACHE_HTTP_PORT_NUMBER="${APACHE_HTTP_PORT_NUMBER:-"${APACHE_HTTP_PORT:-}"}" -export APACHE_HTTP_PORT_NUMBER="${APACHE_HTTP_PORT_NUMBER:-}" -export WEB_SERVER_HTTP_PORT_NUMBER="$APACHE_HTTP_PORT_NUMBER" -APACHE_HTTPS_PORT_NUMBER="${APACHE_HTTPS_PORT_NUMBER:-"${APACHE_HTTPS_PORT:-}"}" -export APACHE_HTTPS_PORT_NUMBER="${APACHE_HTTPS_PORT_NUMBER:-}" -export WEB_SERVER_HTTPS_PORT_NUMBER="$APACHE_HTTPS_PORT_NUMBER" -export APACHE_SERVER_TOKENS="${APACHE_SERVER_TOKENS:-Prod}" - -# Custom environment variables may be defined below diff --git a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache-modphp/postunpack.sh b/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache-modphp/postunpack.sh deleted file mode 100755 index a415969338cc..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache-modphp/postunpack.sh +++ /dev/null @@ -1,39 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libversion.sh -. /opt/bitnami/scripts/libapache.sh - -# Load Apache environment -. /opt/bitnami/scripts/apache-env.sh -. /opt/bitnami/scripts/php-env.sh - -# Enable required Apache modules -apache_enable_module "mpm_prefork_module" -php_version="$("${PHP_BIN_DIR}/php" -v | grep ^PHP | cut -d' ' -f2))" -php_major_version="$(get_sematic_version "$php_version" 1)" -if [[ "$php_major_version" -eq "8" ]]; then - apache_enable_module "php_module" "modules/libphp.so" -else - apache_enable_module "php${php_major_version}_module" "modules/libphp${php_major_version}.so" -fi - -# Disable incompatible Apache modules -apache_disable_module "mpm_event_module" - -# Write Apache configuration -apache_php_conf_file="${APACHE_CONF_DIR}/bitnami/php.conf" -cat > "$apache_php_conf_file" < - {{server_name_configuration}} - {{additional_http_configuration}} - {{additional_configuration}} - diff --git a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-https-vhost.conf.tpl b/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-https-vhost.conf.tpl deleted file mode 100644 index 589538513c9c..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-https-vhost.conf.tpl +++ /dev/null @@ -1,10 +0,0 @@ -{{https_listen_configuration}} -{{before_vhost_configuration}} - - {{server_name_configuration}} - SSLEngine on - SSLCertificateFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.crt" - SSLCertificateKeyFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.key" - {{additional_https_configuration}} - {{additional_configuration}} - diff --git a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-prefix.conf.tpl b/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-prefix.conf.tpl deleted file mode 100644 index c895e537502a..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-prefix.conf.tpl +++ /dev/null @@ -1 +0,0 @@ -{{additional_configuration}} diff --git a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-http-vhost.conf.tpl b/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-http-vhost.conf.tpl deleted file mode 100644 index 96be8f822771..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-http-vhost.conf.tpl +++ /dev/null @@ -1,15 +0,0 @@ -{{http_listen_configuration}} -{{before_vhost_configuration}} - - {{server_name_configuration}} - DocumentRoot {{document_root}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - {{extra_directory_configuration}} - - {{additional_http_configuration}} - {{additional_configuration}} - {{htaccess_include}} - diff --git a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-https-vhost.conf.tpl b/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-https-vhost.conf.tpl deleted file mode 100644 index 1ad938929726..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-https-vhost.conf.tpl +++ /dev/null @@ -1,18 +0,0 @@ -{{https_listen_configuration}} -{{before_vhost_configuration}} - - {{server_name_configuration}} - SSLEngine on - SSLCertificateFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.crt" - SSLCertificateKeyFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.key" - DocumentRoot {{document_root}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - {{extra_directory_configuration}} - - {{additional_https_configuration}} - {{additional_configuration}} - {{htaccess_include}} - diff --git a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-prefix.conf.tpl b/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-prefix.conf.tpl deleted file mode 100644 index fc0f6c218196..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-prefix.conf.tpl +++ /dev/null @@ -1,9 +0,0 @@ -{{prefix_conf}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - {{extra_directory_configuration}} - -{{additional_configuration}} -{{htaccess_include}} diff --git a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-http-vhost.conf.tpl b/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-http-vhost.conf.tpl deleted file mode 100644 index 9440b89d28bf..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-http-vhost.conf.tpl +++ /dev/null @@ -1,11 +0,0 @@ -{{http_listen_configuration}} -{{before_vhost_configuration}} - - {{server_name_configuration}} - {{proxy_configuration}} - {{proxy_http_configuration}} - ProxyPass / {{proxy_address}} - ProxyPassReverse / {{proxy_address}} - {{additional_http_configuration}} - {{additional_configuration}} - diff --git a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-https-vhost.conf.tpl b/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-https-vhost.conf.tpl deleted file mode 100644 index 577cd461eb9d..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-https-vhost.conf.tpl +++ /dev/null @@ -1,14 +0,0 @@ -{{https_listen_configuration}} -{{before_vhost_configuration}} - - {{server_name_configuration}} - SSLEngine on - SSLCertificateFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.crt" - SSLCertificateKeyFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.key" - {{proxy_configuration}} - {{proxy_https_configuration}} - ProxyPass / {{proxy_address}} - ProxyPassReverse / {{proxy_address}} - {{additional_https_configuration}} - {{additional_configuration}} - diff --git a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-prefix.conf.tpl b/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-prefix.conf.tpl deleted file mode 100644 index 7ac08b131680..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-prefix.conf.tpl +++ /dev/null @@ -1,11 +0,0 @@ -{{prefix_conf}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - {{proxy_configuration}} - ProxyPass / {{proxy_address}} - ProxyPassReverse / {{proxy_address}} - {{extra_directory_configuration}} - -{{additional_configuration}} diff --git a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-http-vhost.conf.tpl b/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-http-vhost.conf.tpl deleted file mode 100644 index f518c7d42aab..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-http-vhost.conf.tpl +++ /dev/null @@ -1,16 +0,0 @@ -{{http_listen_configuration}} -{{before_vhost_configuration}} -PassengerPreStart http://localhost:{{http_port}}/ - - {{server_name_configuration}} - DocumentRoot {{document_root}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - PassengerEnabled on - {{extra_directory_configuration}} - - {{additional_http_configuration}} - {{additional_configuration}} - diff --git a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-https-vhost.conf.tpl b/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-https-vhost.conf.tpl deleted file mode 100644 index 5aae54c37d3b..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-https-vhost.conf.tpl +++ /dev/null @@ -1,19 +0,0 @@ -{{https_listen_configuration}} -{{before_vhost_configuration}} -PassengerPreStart https://localhost:{{https_port}}/ - - {{server_name_configuration}} - SSLEngine on - SSLCertificateFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.crt" - SSLCertificateKeyFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.key" - DocumentRoot {{document_root}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - PassengerEnabled on - {{extra_directory_configuration}} - - {{additional_https_configuration}} - {{additional_configuration}} - diff --git a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-prefix.conf.tpl b/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-prefix.conf.tpl deleted file mode 100644 index 2242d656b5a8..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-prefix.conf.tpl +++ /dev/null @@ -1,9 +0,0 @@ -{{prefix_conf}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - PassengerEnabled on - {{extra_directory_configuration}} - -{{additional_configuration}} diff --git a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami-ssl.conf.tpl b/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami-ssl.conf.tpl deleted file mode 100644 index f1d31ed3ecc3..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami-ssl.conf.tpl +++ /dev/null @@ -1,29 +0,0 @@ -# Default SSL Virtual Host configuration. - - - LoadModule ssl_module modules/mod_ssl.so - - -Listen 443 -SSLProtocol all -SSLv2 -SSLv3 -SSLHonorCipherOrder on -SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !EDH !RC4" -SSLPassPhraseDialog builtin -SSLSessionCache "shmcb:{{APACHE_LOGS_DIR}}/ssl_scache(512000)" -SSLSessionCacheTimeout 300 - - - DocumentRoot "{{APACHE_BASE_DIR}}/htdocs" - SSLEngine on - SSLCertificateFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.crt" - SSLCertificateKeyFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.key" - - - Options Indexes FollowSymLinks - AllowOverride All - Require all granted - - - # Error Documents - ErrorDocument 503 /503.html - diff --git a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami.conf.tpl b/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami.conf.tpl deleted file mode 100644 index 75a255c3efee..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami.conf.tpl +++ /dev/null @@ -1,17 +0,0 @@ -# Default Virtual Host configuration. - -# Let Apache know we're behind a SSL reverse proxy -SetEnvIf X-Forwarded-Proto https HTTPS=on - - - DocumentRoot "{{APACHE_BASE_DIR}}/htdocs" - - Options Indexes FollowSymLinks - AllowOverride All - Require all granted - - - # Error Documents - ErrorDocument 503 /503.html - - diff --git a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/entrypoint.sh b/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/entrypoint.sh deleted file mode 100755 index dad82feba389..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/entrypoint.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -#set -o xtrace - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Apache environment -. /opt/bitnami/scripts/apache-env.sh - -print_welcome_page - -if [[ "$*" == *"/opt/bitnami/scripts/apache/run.sh"* ]]; then - info "** Starting Apache setup **" - /opt/bitnami/scripts/apache/setup.sh - info "** Apache setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/postunpack.sh b/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/postunpack.sh deleted file mode 100755 index 6a480ad4ddde..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/postunpack.sh +++ /dev/null @@ -1,127 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh - -######################## -# Sets up the default Bitnami configuration -# Globals: -# APACHE_* -# Arguments: -# None -# Returns: -# None -######################### -apache_setup_bitnami_config() { - local template_dir="${BITNAMI_ROOT_DIR}/scripts/apache/bitnami-templates" - - # Enable Apache modules - local -a modules_to_enable=( - "deflate_module" - "negotiation_module" - "proxy[^\s]*_module" - "rewrite_module" - "slotmem_shm_module" - "socache_shmcb_module" - "ssl_module" - "status_module" - "version_module" - ) - for module in "${modules_to_enable[@]}"; do - apache_enable_module "$module" - done - - # Disable Apache modules - local -a modules_to_disable=( - "http2_module" - "proxy_hcheck_module" - "proxy_html_module" - "proxy_http2_module" - ) - for module in "${modules_to_disable[@]}"; do - apache_disable_module "$module" - done - - # Bitnami customizations - ensure_dir_exists "${APACHE_CONF_DIR}/bitnami" - render-template "${template_dir}/bitnami.conf.tpl" > "${APACHE_CONF_DIR}/bitnami/bitnami.conf" - render-template "${template_dir}/bitnami-ssl.conf.tpl" > "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf" - - # Add new configuration only once, to avoid a second postunpack run breaking Apache - local apache_conf_add - apache_conf_add="$(cat <>"$APACHE_CONF_FILE" < - RequestHeader unset Proxy - -EOF - fi -} - -# Load Apache environment -. /opt/bitnami/scripts/apache-env.sh - -apache_setup_bitnami_config - -# Ensure non-root user has write permissions on a set of directories -for dir in "$APACHE_TMP_DIR" "$APACHE_CONF_DIR" "$APACHE_LOGS_DIR" "$APACHE_VHOSTS_DIR" "$APACHE_HTACCESS_DIR" "$APACHE_HTDOCS_DIR"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" -done - -# Create 'apache2' symlink pointing to the 'apache' directory, for compatibility with Bitnami Docs guides -ln -sf apache "${BITNAMI_ROOT_DIR}/apache2" - -ln -sf "/dev/stdout" "${APACHE_LOGS_DIR}/access_log" -ln -sf "/dev/stderr" "${APACHE_LOGS_DIR}/error_log" - -# This file is necessary for avoiding the error -# "unable to write random state" -# Source: https://stackoverflow.com/questions/94445/using-openssl-what-does-unable-to-write-random-state-mean - -touch /.rnd && chmod g+rw /.rnd diff --git a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/reload.sh b/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/reload.sh deleted file mode 100755 index 759c76157cc5..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/reload.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Apache environment -. /opt/bitnami/scripts/apache-env.sh - -info "** Reloading Apache configuration **" -exec "${APACHE_BIN_DIR}/apachectl" -k graceful diff --git a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/restart.sh b/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/restart.sh deleted file mode 100755 index a58851df0bab..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/restart.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh - -# Load Apache environment variables -. /opt/bitnami/scripts/apache-env.sh - -/opt/bitnami/scripts/apache/stop.sh -/opt/bitnami/scripts/apache/start.sh diff --git a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/run.sh b/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/run.sh deleted file mode 100755 index 01872e16a58a..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/run.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Apache environment -. /opt/bitnami/scripts/apache-env.sh - -info "** Starting Apache **" -exec "${APACHE_BIN_DIR}/httpd" -f "$APACHE_CONF_FILE" -D "FOREGROUND" diff --git a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/setup.sh b/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/setup.sh deleted file mode 100755 index ab451b6c1442..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/setup.sh +++ /dev/null @@ -1,91 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libapache.sh - -# Load Apache environment -. /opt/bitnami/scripts/apache-env.sh - -# Ensure Apache environment variables are valid -apache_validate - -# Ensure Apache daemon user exists when running as 'root' -am_i_root && ensure_user_exists "$APACHE_DAEMON_USER" --group "$APACHE_DAEMON_GROUP" - -# Generate SSL certs (without a passphrase) -ensure_dir_exists "${APACHE_CONF_DIR}/bitnami/certs" -if [[ ! -f "${APACHE_CONF_DIR}/bitnami/certs/server.crt" ]]; then - info "Generating sample certificates" - SSL_KEY_FILE="${APACHE_CONF_DIR}/bitnami/certs/server.key" - SSL_CERT_FILE="${APACHE_CONF_DIR}/bitnami/certs/server.crt" - SSL_CSR_FILE="${APACHE_CONF_DIR}/bitnami/certs/server.csr" - SSL_SUBJ="/CN=example.com" - SSL_EXT="subjectAltName=DNS:example.com,DNS:www.example.com,IP:127.0.0.1" - rm -f "$SSL_KEY_FILE" "$SSL_CERT_FILE" - openssl genrsa -out "$SSL_KEY_FILE" 4096 - # OpenSSL version 1.0.x does not use the same parameters as OpenSSL >= 1.1.x - if [[ "$(openssl version | grep -oE "[0-9]+\.[0-9]+")" == "1.0" ]]; then - openssl req -new -sha256 -out "$SSL_CSR_FILE" -key "$SSL_KEY_FILE" -nodes -subj "$SSL_SUBJ" - else - openssl req -new -sha256 -out "$SSL_CSR_FILE" -key "$SSL_KEY_FILE" -nodes -subj "$SSL_SUBJ" -addext "$SSL_EXT" - fi - openssl x509 -req -sha256 -in "$SSL_CSR_FILE" -signkey "$SSL_KEY_FILE" -out "$SSL_CERT_FILE" -days 1825 -extfile <(echo -n "$SSL_EXT") - rm -f "$SSL_CSR_FILE" -fi -# Load SSL configuration -if [[ -f "${APACHE_CONF_DIR}/bitnami/bitnami.conf" ]] && [[ -f "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf" ]]; then - ensure_apache_configuration_exists "Include \"${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf\"" "bitnami-ssl\.conf" "${APACHE_CONF_DIR}/bitnami/bitnami.conf" -fi - -# Copy vhosts files -if ! is_dir_empty "/vhosts"; then - info "Found mounted virtual hosts in '/vhosts'. Copying them to '${APACHE_BASE_DIR}/conf/vhosts'" - cp -Lr "/vhosts/." "${APACHE_VHOSTS_DIR}" -fi - -# Mount certificate files -if ! is_dir_empty "${APACHE_BASE_DIR}/certs"; then - warn "The directory '${APACHE_BASE_DIR}/certs' was externally mounted. This is a legacy configuration and will be deprecated soon. Please mount certificate files at '/certs' instead. Find an example at: https://github.com/bitnami/containers/tree/main/bitnami/apache#using-custom-ssl-certificates" - warn "Restoring certificates at '${APACHE_BASE_DIR}/certs' to '${APACHE_CONF_DIR}/bitnami/certs'" - rm -rf "${APACHE_CONF_DIR}/bitnami/certs" - ln -sf "${APACHE_BASE_DIR}/certs" "${APACHE_CONF_DIR}/bitnami/certs" -elif ! is_dir_empty "/certs"; then - info "Mounting certificates files from '/certs'" - rm -rf "${APACHE_CONF_DIR}/bitnami/certs" - ln -sf "/certs" "${APACHE_CONF_DIR}/bitnami/certs" -fi - -# Mount application files -if ! is_dir_empty "/app"; then - info "Mounting application files from '/app'" - rm -rf "$APACHE_HTDOCS_DIR" - ln -sf "/app" "$APACHE_HTDOCS_DIR" -fi - -# Restore persisted configuration files (deprecated) -if ! is_dir_empty "/bitnami/apache/conf"; then - warn "The directory '/bitnami/apache/conf' was externally mounted. This is a legacy configuration and will be deprecated soon. Please mount certificate files at '${APACHE_CONF_DIR}' instead. Find an example at: https://github.com/bitnami/containers/tree/main/bitnami/apache#full-configuration" - warn "Restoring configuration at '/bitnami/apache/conf' to '${APACHE_CONF_DIR}'" - rm -rf "$APACHE_CONF_DIR" - ln -sf "/bitnami/apache/conf" "$APACHE_CONF_DIR" -fi - -# Update ports in configuration -[[ -n "$APACHE_HTTP_PORT_NUMBER" ]] && info "Configuring the HTTP port" && apache_configure_http_port "$APACHE_HTTP_PORT_NUMBER" -[[ -n "$APACHE_HTTPS_PORT_NUMBER" ]] && info "Configuring the HTTPS port" && apache_configure_https_port "$APACHE_HTTPS_PORT_NUMBER" - -# Configure ServerTokens with user values -[[ -n "$APACHE_SERVER_TOKENS" ]] && info "Configuring Apache ServerTokens directive" && apache_configure_server_tokens "$APACHE_SERVER_TOKENS" - -# Fix logging issue when running as root -! am_i_root || chmod o+w "$(readlink /dev/stdout)" "$(readlink /dev/stderr)" diff --git a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/start.sh b/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/start.sh deleted file mode 100755 index 28425368c332..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/start.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Apache environment variables -. /opt/bitnami/scripts/apache-env.sh - -error_code=0 - -if is_apache_not_running; then - "${APACHE_BIN_DIR}/httpd" -f "$APACHE_CONF_FILE" - if ! retry_while "is_apache_running"; then - error "apache did not start" - error_code=1 - else - info "apache started" - fi -else - info "apache is already running" -fi - -exit "$error_code" diff --git a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/status.sh b/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/status.sh deleted file mode 100755 index 825fe8d37620..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/status.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Apache environment variables -. /opt/bitnami/scripts/apache-env.sh - -if is_apache_running; then - info "apache is already running" -else - info "apache is not running" -fi diff --git a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/stop.sh b/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/stop.sh deleted file mode 100755 index 8cca0a07ac64..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/apache/stop.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Apache environment variables -. /opt/bitnami/scripts/apache-env.sh - -error_code=0 - -if is_apache_running; then - BITNAMI_QUIET=1 apache_stop - if ! retry_while "is_apache_not_running"; then - error "apache could not be stopped" - error_code=1 - else - info "apache stopped" - fi -else - info "apache is not running" -fi - -exit "$error_code" diff --git a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/dokuwiki-env.sh b/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/dokuwiki-env.sh deleted file mode 100644 index 7bcea444ccd9..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/dokuwiki-env.sh +++ /dev/null @@ -1,64 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for dokuwiki - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-dokuwiki}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -dokuwiki_env_vars=( - DOKUWIKI_DATA_TO_PERSIST - DOKUWIKI_USERNAME - DOKUWIKI_FULL_NAME - DOKUWIKI_EMAIL - DOKUWIKI_PASSWORD - DOKUWIKI_WIKI_NAME -) -for env_var in "${dokuwiki_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset dokuwiki_env_vars - -# Paths -export DOKUWIKI_BASE_DIR="${BITNAMI_ROOT_DIR}/dokuwiki" - -# DokuWiki persistence configuration -export DOKUWIKI_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/dokuwiki" -export DOKUWIKI_DATA_TO_PERSIST="${DOKUWIKI_DATA_TO_PERSIST:-data conf lib/plugins lib/tpl lib/images/smileys/local lib/images/interwiki}" - -# DokuWiki configuration -export DOKUWIKI_USERNAME="${DOKUWIKI_USERNAME:-user}" -export DOKUWIKI_FULL_NAME="${DOKUWIKI_FULL_NAME:-FirstName LastName}" -export DOKUWIKI_EMAIL="${DOKUWIKI_EMAIL:-user@example.com}" -export DOKUWIKI_PASSWORD="${DOKUWIKI_PASSWORD:-bitnami1}" -export DOKUWIKI_WIKI_NAME="${DOKUWIKI_WIKI_NAME:-Bitnami DokuWiki}" - -# PHP configuration -export PHP_DEFAULT_MEMORY_LIMIT="256M" # only used at build time - -# Custom environment variables may be defined below diff --git a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/dokuwiki/entrypoint.sh b/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/dokuwiki/entrypoint.sh deleted file mode 100755 index 0fbc05256f2d..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/dokuwiki/entrypoint.sh +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load DokuWiki environment -. /opt/bitnami/scripts/dokuwiki-env.sh - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libwebserver.sh - -print_welcome_page - -if [[ "$1" = "/opt/bitnami/scripts/$(web_server_type)/run.sh" || "$1" = "/opt/bitnami/scripts/nginx-php-fpm/run.sh" ]]; then - info "** Starting DokuWiki setup **" - /opt/bitnami/scripts/"$(web_server_type)"/setup.sh - /opt/bitnami/scripts/php/setup.sh - /opt/bitnami/scripts/dokuwiki/setup.sh - /post-init.sh - info "** DokuWiki setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/dokuwiki/postunpack.sh b/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/dokuwiki/postunpack.sh deleted file mode 100755 index 890657ac2a4c..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/dokuwiki/postunpack.sh +++ /dev/null @@ -1,59 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load DokuWiki environment -. /opt/bitnami/scripts/dokuwiki-env.sh - -# Load PHP environment for 'php_conf_set' (after 'dokuwiki-env.sh' so that MODULE is not set to a wrong value) -. /opt/bitnami/scripts/php-env.sh - -# Load libraries -. /opt/bitnami/scripts/libdokuwiki.sh -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libphp.sh -. /opt/bitnami/scripts/libwebserver.sh - -# Load web server environment and functions (after DokuWiki environment file so MODULE is not set to a wrong value) -. "/opt/bitnami/scripts/$(web_server_type)-env.sh" - -# Ensure the DokuWiki base directory exists and has proper permissions -info "Configuring file permissions for DokuWiki" -ensure_user_exists "$WEB_SERVER_DAEMON_USER" --group "$WEB_SERVER_DAEMON_GROUP" -for dir in "$DOKUWIKI_BASE_DIR" "$DOKUWIKI_VOLUME_DIR" "${DOKUWIKI_BASE_DIR}/lib/images/smileys/local" "${DOKUWIKI_BASE_DIR}/uploads"; do - ensure_dir_exists "$dir" - # Use daemon:root ownership for compatibility when running as a non-root user - configure_permissions_ownership "$dir" -d "775" -f "664" -u "$WEB_SERVER_DAEMON_USER" -g "root" -done - -# Configure memory limit for PHP -info "Configuring default PHP options for DokuWiki" -php_conf_set memory_limit "$PHP_DEFAULT_MEMORY_LIMIT" - -# Enable default web server configuration for DokuWiki -info "Creating default web server configuration for DokuWiki" -web_server_validate -# shellcheck disable=SC2016 -ensure_web_server_app_configuration_exists "dokuwiki" --type php --apache-extra-directory-configuration ' -# Enable DokuWiki friendly URLs - Based on https://www.dokuwiki.org/rewrite -RewriteEngine on -RewriteRule ^_media/(.*) lib/exe/fetch.php?media=$1 [QSA,L] -RewriteRule ^_detail/(.*) lib/exe/detail.php?media=$1 [QSA,L] -RewriteRule ^_export/([^/]+)/(.*) doku.php?do=export_$1&id=$2 [QSA,L] -RewriteRule ^$ doku.php [L] -RewriteCond %{REQUEST_FILENAME} !-f -RewriteCond %{REQUEST_FILENAME} !-d -# Fix: DokuWiki rewrite rule affects Apache server-status page and makes it return a DokuWiki 404 page instead -RewriteCond %{REQUEST_URI} !^/server-status$ -RewriteRule (.*) doku.php?id=$1 [QSA,L] -RewriteRule ^index.php$ doku.php -' diff --git a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/dokuwiki/setup.sh b/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/dokuwiki/setup.sh deleted file mode 100755 index 86a6a77fa6cc..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/dokuwiki/setup.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load DokuWiki environment -. /opt/bitnami/scripts/dokuwiki-env.sh - -# Load libraries -. /opt/bitnami/scripts/libdokuwiki.sh -. /opt/bitnami/scripts/libwebserver.sh - -# Load web server environment and functions (after DokuWiki environment file so MODULE is not set to a wrong value) -. "/opt/bitnami/scripts/$(web_server_type)-env.sh" - -# Ensure DokuWiki environment variables are valid -dokuwiki_validate - -# Update web server configuration with runtime environment (needs to happen before the initialization) -web_server_update_app_configuration "dokuwiki" - -# Ensure DokuWiki is initialized -dokuwiki_initialize diff --git a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/libapache.sh b/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/libapache.sh deleted file mode 100644 index c83892a10c5f..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/libapache.sh +++ /dev/null @@ -1,808 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Apache library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libservice.sh - -######################## -# Validate settings in APACHE_* env vars -# Globals: -# APACHE_* -# Arguments: -# None -# Returns: -# None -######################### -apache_validate() { - debug "Validating settings in APACHE_* environment variables" - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - check_allowed_port() { - local port_var="${1:?missing port variable}" - local -a validate_port_args=() - ! am_i_root && validate_port_args+=("-unprivileged") - validate_port_args+=("${!port_var}") - if ! err=$(validate_port "${validate_port_args[@]}"); then - print_validation_error "An invalid port was specified in the environment variable ${port_var}: ${err}." - fi - } - - [[ -w "$APACHE_CONF_FILE" ]] || warn "The Apache configuration file '${APACHE_CONF_FILE}' is not writable. Configurations based on environment variables will not be applied." - - if [[ -n "$APACHE_HTTP_PORT_NUMBER" ]] && [[ -n "$APACHE_HTTPS_PORT_NUMBER" ]]; then - if [[ "$APACHE_HTTP_PORT_NUMBER" -eq "$APACHE_HTTPS_PORT_NUMBER" ]]; then - print_validation_error "APACHE_HTTP_PORT_NUMBER and APACHE_HTTPS_PORT_NUMBER are bound to the same port!" - fi - fi - - [[ -n "$APACHE_HTTP_PORT_NUMBER" ]] && check_allowed_port APACHE_HTTP_PORT_NUMBER - [[ -n "$APACHE_HTTPS_PORT_NUMBER" ]] && check_allowed_port APACHE_HTTPS_PORT_NUMBER - - [[ "$error_code" -eq 0 ]] || exit "$error_code" -} - -######################## -# Configure Apache's HTTP port -# Globals: -# APACHE_CONF_FILE, APACHE_CONF_DIR -# Arguments: -# None -# Returns: -# None -######################### -apache_configure_http_port() { - local -r port=${1:?missing port} - local -r listen_exp="s|^\s*Listen\s+([^:]*:)?[0-9]+\s*$|Listen ${port}|" - local -r server_name_exp="s|^\s*#?\s*ServerName\s+([^:\s]+)(:[0-9]+)?$|ServerName \1:${port}|" - local -r vhost_exp="s|VirtualHost\s+([^:>]+)(:[0-9]+)|VirtualHost \1:${port}|" - local apache_configuration - - if [[ -w "$APACHE_CONF_FILE" ]]; then - debug "Configuring port ${port} on file ${APACHE_CONF_FILE}" - apache_configuration="$(sed -E -e "$listen_exp" -e "$server_name_exp" "$APACHE_CONF_FILE")" - echo "$apache_configuration" > "$APACHE_CONF_FILE" - fi - - if [[ -w "${APACHE_CONF_DIR}/bitnami/bitnami.conf" ]]; then - debug "Configuring port ${port} on file ${APACHE_CONF_DIR}/bitnami/bitnami.conf" - apache_configuration="$(sed -E "$vhost_exp" "${APACHE_CONF_DIR}/bitnami/bitnami.conf")" - echo "$apache_configuration" > "${APACHE_CONF_DIR}/bitnami/bitnami.conf" - fi - - if [[ -w "${APACHE_VHOSTS_DIR}/00_status-vhost.conf" ]]; then - debug "Configuring port ${port} on file ${APACHE_VHOSTS_DIR}/00_status-vhost.conf" - apache_configuration="$(sed -E "$vhost_exp" "${APACHE_VHOSTS_DIR}/00_status-vhost.conf")" - echo "$apache_configuration" > "${APACHE_VHOSTS_DIR}/00_status-vhost.conf" - fi -} - -######################## -# Configure Apache's HTTPS port -# Globals: -# APACHE_CONF_DIR -# Arguments: -# None -# Returns: -# None -######################### -apache_configure_https_port() { - local -r port=${1:?missing port} - local -r listen_exp="s|^\s*Listen\s+([^:]*:)?[0-9]+\s*$|Listen ${port}|" - local -r vhost_exp="s|VirtualHost\s+([^:>]+)(:[0-9]+)|VirtualHost \1:${port}|" - local apache_configuration - - if [[ -w "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf" ]]; then - debug "Configuring port ${port} on file ${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf" - apache_configuration="$(sed -E -e "$listen_exp" -e "$vhost_exp" "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf")" - echo "$apache_configuration" > "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf" - fi -} - -######################## -# Configure Apache's ServerTokens directive -# Globals: -# APACHE_CONF_DIR -# Arguments: -# $1 - Value for ServerTokens directive -# Returns: -# None -######################### -apache_configure_server_tokens() { - local -r value=${1:?missing value} - local -r server_tokens_exp="s|^\s*ServerTokens\s+\w+\s*$|ServerTokens ${value}|" - local apache_configuration - - if [[ -w "$APACHE_CONF_FILE" ]]; then - debug "Configuring ServerTokens ${value} on file ${APACHE_CONF_FILE}" - apache_configuration="$(sed -E -e "$server_tokens_exp" "$APACHE_CONF_FILE")" - echo "$apache_configuration" > "$APACHE_CONF_FILE" - fi -} - -######################## -# Enable a module in the Apache configuration file -# Globals: -# APACHE_CONF_FILE -# Arguments: -# $1 - Module to enable -# $2 - Path to module .so file (optional if already defined in httpd.conf) -# Returns: -# None -######################### -apache_enable_module() { - local -r name="${1:?missing name}" - local -r file="${2:-}" - local -r regex="[#\s]*(LoadModule\s+${name}\s+.*)$" - local apache_configuration - - if [[ -w "$APACHE_CONF_FILE" ]]; then - debug "Enabling module '${name}'" - if grep -q -E "$regex" "$APACHE_CONF_FILE"; then - # Uncomment line if the module was already defined - replace_in_file "$APACHE_CONF_FILE" "$regex" "\1" - elif [[ -n "$file" ]]; then - # Add right after the last LoadModule, so all Apache modules are organized in the same section of the file - append_file_after_last_match "$APACHE_CONF_FILE" "^[#\s]*LoadModule" "LoadModule ${name} ${file}" - else - error "Module ${name} was not defined in ${APACHE_CONF_FILE}. Please specify the 'file' parameter for 'apache_enable_module'." - fi - fi -} - -######################## -# Disable a module in the Apache configuration file -# Globals: -# APACHE_CONF_FILE -# Arguments: -# $1 - Module to disable -# Returns: -# None -######################### -apache_disable_module() { - local -r name="${1:?missing name}" - local -r file="${2:-}" - local -r regex="[#\s]*(LoadModule\s+${name}\s+.*)$" - local apache_configuration - - if [[ -w "$APACHE_CONF_FILE" ]]; then - debug "Disabling module '${name}'" - replace_in_file "$APACHE_CONF_FILE" "$regex" "#\1" - fi -} - -######################## -# Stop Apache -# Globals: -# APACHE_* -# Arguments: -# None -# Returns: -# None -######################### -apache_stop() { - is_apache_not_running && return - stop_service_using_pid "$APACHE_PID_FILE" -} - -######################## -# Check if Apache is running -# Globals: -# APACHE_PID_FILE -# Arguments: -# None -# Returns: -# Whether Apache is running -######################## -is_apache_running() { - local pid - pid="$(get_pid_from_file "$APACHE_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if Apache is running -# Globals: -# APACHE_PID_FILE -# Arguments: -# None -# Returns: -# Whether Apache is not running -######################## -is_apache_not_running() { - ! is_apache_running -} - -######################## -# Ensure configuration gets added to the main Apache configuration file -# Globals: -# APACHE_* -# Arguments: -# $1 - configuration string -# $2 - pattern to use for checking if the configuration already exists (default: $1) -# $3 - Apache configuration file (default: $APACHE_CONF_FILE) -# Returns: -# None -######################## -ensure_apache_configuration_exists() { - local -r conf="${1:?conf missing}" - local -r pattern="${2:-"$conf"}" - local -r conf_file="${3:-"$APACHE_CONF_FILE"}" - # Enable configuration by appending to httpd.conf - if ! grep -E -q "$pattern" "$conf_file"; then - if is_file_writable "$conf_file"; then - cat >> "$conf_file" <<< "$conf" - else - error "Could not add the following configuration to '${conf_file}:" - error "" - error "$(indent "$conf" 4)" - error "" - error "Include the configuration manually and try again." - return 1 - fi - fi -} - -######################## -# Collect all the .htaccess files from /opt/bitnami/$name and write the result in the 'htaccess' directory -# Globals: -# APACHE_* -# Arguments: -# $1 - App name -# $2 - Overwrite the original .htaccess with the explanation text (defaults to 'yes') -# Flags: -# --document-root - Path to document root directory -# Returns: -# None -######################## -apache_replace_htaccess_files() { - local -r app="${1:?missing app}" - local -r result_file="${APACHE_HTACCESS_DIR}/${app}-htaccess.conf" - # Default options - local document_root="${BITNAMI_ROOT_DIR}/${app}" - local overwrite="yes" - local -a htaccess_files - local htaccess_dir - local htaccess_contents - # Validate arguments - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --document-root) - shift - document_root="$1" - ;; - --overwrite) - shift - overwrite="$1" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - if is_file_writable "$result_file"; then - # Locate all .htaccess files inside the document root - read -r -a htaccess_files <<< "$(find "$document_root" -name .htaccess -print0 | xargs -0)" - [[ "${#htaccess_files[@]}" = 0 ]] && return - # Create file with root group write privileges, so it can be modified in non-root containers - [[ ! -f "$result_file" ]] && touch "$result_file" && chmod g+rw "$result_file" - for htaccess_file in "${htaccess_files[@]}"; do - htaccess_dir="$(dirname "$htaccess_file")" - htaccess_contents="$(indent "$(< "$htaccess_file")" 2)" - # Skip if it was already included to the resulting htaccess file - if grep -q "^" <<< "$htaccess_contents"; then - continue - fi - # Add to the htaccess file - cat >> "$result_file" < -${htaccess_contents} - -EOF - # Overwrite the original .htaccess with the explanation text - if is_boolean_yes "$overwrite"; then - echo "# This configuration has been moved to the ${result_file} config file for performance and security reasons" > "$htaccess_file" - fi - done - elif [[ ! -f "$result_file" ]]; then - error "Could not create htaccess for ${app} at '${result_file}'. Check permissions and ownership for parent directories." - return 1 - else - warn "The ${app} htaccess file '${result_file}' is not writable. Configurations based on environment variables will not be applied for this file." - return - fi -} - -######################## -# Ensure an Apache application configuration exists (in virtual host format) -# Globals: -# APACHE_* -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on what configuration template will be used, allowed values: php, (empty) -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases (defaults to '*') -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render the app's virtual hosts with a .disabled prefix -# --disable-http - Whether to render the app's HTTP virtual host with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS virtual host with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# --additional-configuration - Additional vhost configuration (no default) -# --additional-http-configuration - Additional HTTP vhost configuration (no default) -# --additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --before-vhost-configuration - Configuration to add before the directive (no default) -# --allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --document-root - Path to document root directory -# --extra-directory-configuration - Extra configuration for the document root directory -# --proxy-address - Address where to proxy requests -# --proxy-configuration - Extra configuration for the proxy -# --proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_apache_app_configuration_exists() { - local -r app="${1:?missing app}" - # Default options - local type="" - local -a hosts=("127.0.0.1" "_default_") - local server_name="www.example.com" # Default ServerName in httpd.conf - local -a server_aliases=("*") - local allow_remote_connections="yes" - local disable="no" - local disable_http="no" - local disable_https="no" - local move_htaccess="yes" - # Template variables defaults - export additional_configuration="" - export additional_http_configuration="" - export additional_https_configuration="" - export before_vhost_configuration="" - export allow_override="All" - export document_root="${BITNAMI_ROOT_DIR}/${app}" - export extra_directory_configuration="" - export default_http_port="${APACHE_HTTP_PORT_NUMBER:-"$APACHE_DEFAULT_HTTP_PORT_NUMBER"}" - export default_https_port="${APACHE_HTTPS_PORT_NUMBER:-"$APACHE_DEFAULT_HTTPS_PORT_NUMBER"}" - export http_port="$default_http_port" - export https_port="$default_https_port" - export proxy_address="" - export proxy_configuration="" - export proxy_http_configuration="" - export proxy_https_configuration="" - # Validate arguments - local var_name - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --hosts \ - | --server-aliases) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - read -r -a "${var_name?}" <<< "$1" - ;; - --disable \ - | --disable-http \ - | --disable-https \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - export "${var_name}=yes" - ;; - --type \ - | --server-name \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --move-htaccess \ - | --additional-configuration \ - | --additional-http-configuration \ - | --additional-https-configuration \ - | --before-vhost-configuration \ - | --allow-override \ - | --document-root \ - | --extra-directory-configuration \ - | --proxy-address \ - | --proxy-configuration \ - | --proxy-http-configuration \ - | --proxy-https-configuration \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - export "${var_name}=${1}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Construct listen ports configuration (only to add when using non-standard ports) - export http_listen_configuration="" - export https_listen_configuration="" - [[ "$http_port" != "$default_http_port" ]] && http_listen_configuration="Listen ${http_port}" - [[ "$https_port" != "$default_https_port" ]] && https_listen_configuration="Listen ${https_port}" - # Construct host string in the format of "host1:port1[ host2:port2[ ...]]" - export http_listen_addresses="" - export https_listen_addresses="" - for host in "${hosts[@]}"; do - http_listen="${host}:${http_port}" - https_listen="${host}:${https_port}" - [[ -z "${http_listen_addresses:-}" ]] && http_listen_addresses="$http_listen" || http_listen_addresses="${http_listen_addresses} ${http_listen}" - [[ -z "${https_listen_addresses:-}" ]] && https_listen_addresses="$https_listen" || https_listen_addresses="${https_listen_addresses} ${https_listen}" - done - # Construct ServerName/ServerAlias block - export server_name_configuration="" - if ! is_empty_value "${server_name:-}"; then - server_name_configuration="ServerName ${server_name}" - fi - if [[ "${#server_aliases[@]}" -gt 0 ]]; then - server_name_configuration+=$'\n'"ServerAlias ${server_aliases[*]}" - fi - # App .htaccess support (only when type is not defined) - export htaccess_include - [[ -z "$type" || "$type" = "php" ]] && is_boolean_yes "$move_htaccess" && apache_replace_htaccess_files "$app" --document-root "$document_root" - if [[ -z "$type" || "$type" = "php" ]] && [[ -f "${APACHE_HTACCESS_DIR}/${app}-htaccess.conf" ]]; then - allow_override="None" - htaccess_include="Include \"${APACHE_HTACCESS_DIR}/${app}-htaccess.conf\"" - else - # allow_override is already set to the expected value - htaccess_include="" - fi - # ACL configuration - export acl_configuration - if is_boolean_yes "$allow_remote_connections"; then - acl_configuration="Require all granted" - else - acl_configuration="$(cat < "$http_vhost" - elif [[ ! -f "$http_vhost" ]]; then - error "Could not create virtual host for ${app} at '${http_vhost}'. Check permissions and ownership for parent directories." - return 1 - else - warn "The ${app} virtual host file '${http_vhost}' is not writable. Configurations based on environment variables will not be applied for this file." - fi - if is_file_writable "$https_vhost"; then - # Create file with root group write privileges, so it can be modified in non-root containers - [[ ! -f "$https_vhost" ]] && touch "$https_vhost" && chmod g+rw "$https_vhost" - render-template "${template_dir}/${template_name}-https-vhost.conf.tpl" | sed '/^\s*$/d' > "$https_vhost" - elif [[ ! -f "$https_vhost" ]]; then - error "Could not create virtual host for ${app} at '${https_vhost}'. Check permissions and ownership for parent directories." - return 1 - else - warn "The ${app} virtual host file '${https_vhost}' is not writable. Configurations based on environment variables will not be applied for this file." - fi -} - -######################## -# Ensure an Apache application configuration does not exist anymore (in virtual hosts format) -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_apache_app_configuration_not_exists() { - local -r app="${1:?missing app}" - local -r http_vhost="${APACHE_VHOSTS_DIR}/${app}-vhost.conf" - local -r https_vhost="${APACHE_VHOSTS_DIR}/${app}-https-vhost.conf" - local -r disable_suffix=".disabled" - # Note that 'rm -f' will not fail if the files don't exist - # However if we lack permissions to remove the file, it will result in a non-zero exit code, as expected by this function - rm -f "$http_vhost" "$https_vhost" "${http_vhost}${disable_suffix}" "${https_vhost}${disable_suffix}" -} - -######################## -# Ensure Apache loads the configuration for an application in a URL prefix -# Globals: -# APACHE_* -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on what configuration template will be used, allowed values: php, (empty) -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --additional-configuration - Additional vhost configuration (no default) -# --allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --document-root - Path to document root directory -# --extra-directory-configuration - Extra configuration for the document root directory -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_apache_prefix_configuration_exists() { - local -r app="${1:?missing app}" - # Default options - local type="" - local allow_remote_connections="yes" - local move_htaccess="yes" - local prefix="/${app}" - # Template variables defaults - export additional_configuration="" - export allow_override="All" - export document_root="${BITNAMI_ROOT_DIR}/${app}" - export extra_directory_configuration="" - # Validate arguments - local var_name - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --type \ - | --allow-remote-connections \ - | --move-htaccess \ - | --prefix \ - | --additional-configuration \ - | --allow-override \ - | --document-root \ - | --extra-directory-configuration \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "${var_name}=${1}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # App .htaccess support (only when type is not defined) - export htaccess_include - [[ -z "$type" || "$type" = "php" ]] && is_boolean_yes "$move_htaccess" && apache_replace_htaccess_files "$app" --document-root "$document_root" - if [[ -z "$type" || "$type" = "php" ]] && [[ -f "${APACHE_HTACCESS_DIR}/${app}-htaccess.conf" ]]; then - allow_override="None" - htaccess_include="Include \"${APACHE_HTACCESS_DIR}/${app}-htaccess.conf\"" - else - # allow_override is already set to the expected value - htaccess_include="" - fi - # ACL configuration - export acl_configuration - if is_boolean_yes "$allow_remote_connections"; then - acl_configuration="Require all granted" - else - acl_configuration="$(cat < "$prefix_file" - ensure_apache_configuration_exists "Include \"$prefix_file\"" - elif [[ ! -f "$prefix_file" ]]; then - error "Could not create web server configuration file for ${app} at '${prefix_file}'. Check permissions and ownership for parent directories." - return 1 - else - warn "The ${app} web server configuration file '${prefix_file}' is not writable. Configurations based on environment variables will not be applied for this file." - fi -} - -######################## -# Ensure Apache application configuration is updated with the runtime configuration (i.e. ports) -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -apache_update_app_configuration() { - local -r app="${1:?missing app}" - # Default options - local -a hosts=("127.0.0.1" "_default_") - local server_name="www.example.com" # Default ServerName in httpd.conf - local -a server_aliases=() - local enable_http="no" - local enable_https="no" - local disable_http="no" - local disable_https="no" - export default_http_port="${APACHE_HTTP_PORT_NUMBER:-"$APACHE_DEFAULT_HTTP_PORT_NUMBER"}" - export default_https_port="${APACHE_HTTPS_PORT_NUMBER:-"$APACHE_DEFAULT_HTTPS_PORT_NUMBER"}" - export http_port="$default_http_port" - export https_port="$default_https_port" - local var_name - # Validate arguments - local var_name - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --hosts \ - | --server-aliases) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - read -r -a "${var_name?}" <<< "$1" - ;; - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - declare "${var_name}=yes" - ;; - --server-name \ - | --http-port \ - | --https-port \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "${var_name}=${1}" - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Construct host string in the format of "host1:port1[ host2:port2[ ...]]" - export http_listen_addresses="" - export https_listen_addresses="" - for host in "${hosts[@]}"; do - http_listen="${host}:${http_port}" - https_listen="${host}:${https_port}" - [[ -z "${http_listen_addresses:-}" ]] && http_listen_addresses="$http_listen" || http_listen_addresses="${http_listen_addresses} ${http_listen}" - [[ -z "${https_listen_addresses:-}" ]] && https_listen_addresses="$https_listen" || https_listen_addresses="${https_listen_addresses} ${https_listen}" - done - # Update configuration - local -r http_vhost="${APACHE_VHOSTS_DIR}/${app}-vhost.conf" - local -r https_vhost="${APACHE_VHOSTS_DIR}/${app}-https-vhost.conf" - local -r disable_suffix=".disabled" - # Helper function to avoid duplicating code - update_common_vhost_config() { - local -r vhost_file="${1:?missing virtual host}" - # Update ServerName - if ! is_empty_value "${server_name:-}"; then - replace_in_file "$vhost_file" "^(\s*ServerName\s+).*" "\1${server_name}" - fi - # Update ServerAlias - if [[ "${#server_aliases[@]}" -gt 0 ]]; then - replace_in_file "$vhost_file" "^(\s*ServerAlias\s+).*" "\1${server_aliases[*]}" - fi - } - # Disable and enable configuration files - rename_conf_file() { - local -r origin="$1" - local -r destination="$2" - if is_file_writable "$origin" && is_file_writable "$destination"; then - warn "Could not rename virtual host file '${origin}' to '${destination}' due to lack of permissions." - else - mv "$origin" "$destination" - fi - } - is_boolean_yes "$disable_http" && [[ -e "$http_vhost" ]] && rename_conf_file "${http_vhost}${disable_suffix}" "$http_vhost" - is_boolean_yes "$disable_https" && [[ -e "$https_vhost" ]] && rename_conf_file "${https_vhost}${disable_suffix}" "$https_vhost" - is_boolean_yes "$enable_http" && [[ -e "${http_vhost}${disable_suffix}" ]] && rename_conf_file "${http_vhost}${disable_suffix}" "$http_vhost" - is_boolean_yes "$enable_https" && [[ -e "${https_vhost}${disable_suffix}" ]] && rename_conf_file "${https_vhost}${disable_suffix}" "$https_vhost" - # Update only configuration files without the '.disabled' suffix - if [[ -e "$http_vhost" ]]; then - if is_file_writable "$http_vhost"; then - update_common_vhost_config "$http_vhost" - # Update vhost-specific config (listen port and addresses) - replace_in_file "$http_vhost" "^Listen .*" "Listen ${http_port}" - replace_in_file "$http_vhost" "^$" "" - else - warn "The ${app} virtual host file '${http_vhost}' is not writable. Configurations based on environment variables will not be applied for this file." - fi - fi - if [[ -e "$https_vhost" ]]; then - if is_file_writable "$https_vhost"; then - update_common_vhost_config "$https_vhost" - # Update vhost-specific config (listen port and addresses) - replace_in_file "$https_vhost" "^Listen .*" "Listen ${https_port}" - replace_in_file "$https_vhost" "^$" "" - else - warn "The ${app} virtual host file '${https_vhost}' is not writable. Configurations based on environment variables will not be applied for this file." - fi - fi -} - -######################## -# Create a password file for basic authentication and restrict its permissions -# Globals: -# * -# Arguments: -# $1 - file -# $2 - username -# $3 - password -# Returns: -# true if the configuration was updated, false otherwise -######################## -apache_create_password_file() { - local -r file="${1:?missing file}" - local -r username="${2:?missing username}" - local -r password="${3:?missing password}" - - "${APACHE_BIN_DIR}/htpasswd" -bc "$file" "$username" "$password" - am_i_root && configure_permissions_ownership "$file" --file-mode "600" --user "$APACHE_DAEMON_USER" --group "$APACHE_DAEMON_GROUP" -} diff --git a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/libdokuwiki.sh b/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/libdokuwiki.sh deleted file mode 100644 index db91ff9edf49..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/libdokuwiki.sh +++ /dev/null @@ -1,148 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami DokuWiki library - -# shellcheck disable=SC1091 -. /opt/bitnami/scripts/php-env.sh - -# Load generic libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libpersistence.sh -. /opt/bitnami/scripts/libphp.sh -. /opt/bitnami/scripts/libwebserver.sh - -######################## -# Validate settings in DOKUWIKI_* env vars -# Globals: -# DOKUWIKI_* -# Arguments: -# None -# Returns: -# 0 if the validation succeeded, 1 otherwise -######################### -dokuwiki_validate() { - debug "Validating settings in DOKUWIKI_* environment variables..." - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - # Check that the web server is properly set up - web_server_validate || print_validation_error "Web server validation failed" - - return "$error_code" -} - -######################## -# Ensure DokuWiki is initialized -# Globals: -# DOKUWIKI_* -# Arguments: -# None -# Returns: -# None -######################### -dokuwiki_initialize() { - # Check if dokuwiki has already been initialized and persisted in a previous run - local -r app_name="dokuwiki" - if ! is_app_initialized "$app_name"; then - # Ensure the DokuWikiWiki base directory exists and has proper permissions - info "Configuring file permissions for DokuWiki" - ensure_dir_exists "$DOKUWIKI_VOLUME_DIR" - # Use daemon:root ownership for compatibility when running as a non-root user - am_i_root && configure_permissions_ownership "$DOKUWIKI_VOLUME_DIR" -d "775" -f "664" -u "$WEB_SERVER_DAEMON_USER" -g "root" - - if ! is_boolean_yes "${DOKUWIKI_SKIP_BOOTSTRAP:-}"; then - web_server_start - dokuwiki_pass_wizard - web_server_stop - dokuwiki_enable_friendly_urls - fi - - info "Persisting DokuWiki installation" - persist_app "$app_name" "$DOKUWIKI_DATA_TO_PERSIST" - else - info "Restoring persisted DokuWiki installation" - restore_persisted_app "$app_name" "$DOKUWIKI_DATA_TO_PERSIST" - fi - dokuwiki_configure_DOKU_INC - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Pass Dokiwiki wizzard -# Globals: -# DOKUWIKI_* -# Arguments: -# None -# Returns: -# None -######################### -dokuwiki_pass_wizard() { - local -r port="${APACHE_HTTP_PORT_NUMBER:-"$APACHE_DEFAULT_HTTP_PORT_NUMBER"}" - local wizard_url curl_output - local -a curl_opts curl_data_opts - wizard_url="http://127.0.0.1:${port}/install.php" - curl_opts=("--location" "--silent") - curl_data_opts=( - "--data-urlencode" "l=en" - "--data-urlencode" "d[acl]=on" - "--data-urlencode" "d[policy]=0" - "--data-urlencode" "d[allowreg]=on" - "--data-urlencode" "d[license]=cc-by-sa" - "--data-urlencode" "d[pop]=on" - "--data-urlencode" "submit=" - "--data-urlencode" "d[title]=${DOKUWIKI_WIKI_NAME}" - "--data-urlencode" "d[superuser]=${DOKUWIKI_USERNAME}" - "--data-urlencode" "d[fullname]=${DOKUWIKI_FULL_NAME}" - "--data-urlencode" "d[email]=${DOKUWIKI_EMAIL}" - "--data-urlencode" "d[password]=${DOKUWIKI_PASSWORD}" - "--data-urlencode" "d[confirm]=${DOKUWIKI_PASSWORD}" - ) - curl_output="$(curl "${curl_opts[@]}" "${curl_data_opts[@]}" "${wizard_url}" 2>&1)" - if [[ "$curl_output" != *"The configuration was finished successfully."* ]]; then - error "An error occurred while installing DokuWiki" - return 1 - fi -} - -######################## -# Enable DokuWiki friendly URLs -# Globals: -# DOKUWIKI_* -# Arguments: -# None -# Returns: -# None -######################### -dokuwiki_enable_friendly_urls() { - # Based on: https://www.dokuwiki.org/rewrite - echo "\$conf['userewrite'] = 1; // URL rewriting is handled by the webserver" >>"${DOKUWIKI_BASE_DIR}/conf/local.php" -} - -######################## -# Configure DOKU_INC -# Globals: -# DOKUWIKI_* -# Arguments: -# None -# Returns: -# None -######################### -dokuwiki_configure_DOKU_INC() { - # Based on: https://github.com/bitnami/containers/pull/12535 - # Fix DOKU_INC, since we split application from state, DokuWiki's plugins and templates need to know where they live - info "Fix DOKU_INC variable" - auto_prepend_file="$DOKUWIKI_BASE_DIR/conf/auto_prepend.php" - printf '"$auto_prepend_file" - php_conf_set auto_prepend_file "$auto_prepend_file" -} diff --git a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/libldapclient.sh b/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/libldapclient.sh deleted file mode 100644 index 3ab5431883a1..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/libldapclient.sh +++ /dev/null @@ -1,222 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami LDAP library - -# shellcheck disable=SC1090,SC1091 - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -######################## -# Loads global variables used on LDAP configuration. -# Globals: -# LDAP_* -# Arguments: -# None -# Returns: -# Series of exports to be used as 'eval' arguments -######################### -ldap_env() { - cat <<"EOF" -export LDAP_NSLCD_USER="nslcd" -export LDAP_URI="${LDAP_URI:-}" -export LDAP_BASE="${LDAP_BASE:-}" -export LDAP_BIND_DN="${LDAP_BIND_DN:-}" -export LDAP_BIND_PASSWORD="${LDAP_BIND_PASSWORD:-}" -export LDAP_BASE_LOOKUP="${LDAP_BASE_LOOKUP:-}" -export LDAP_NSS_INITGROUPS_IGNOREUSERS="${LDAP_NSS_INITGROUPS_IGNOREUSERS:-root,nslcd}" -export LDAP_SCOPE="${LDAP_SCOPE:-}" -export LDAP_TLS_REQCERT="${LDAP_TLS_REQCERT:-}" -export LDAP_SEARCH_FILTER="${LDAP_SEARCH_FILTER:-}" -export LDAP_SEARCH_MAP="${LDAP_SEARCH_MAP:-}" - -EOF - if [[ "$OS_FLAVOUR" =~ ^debian-.*$ ]]; then - cat <<"EOF" -export LDAP_NSLCD_GROUP="nslcd" -EOF - elif [[ "$OS_FLAVOUR" =~ ^(photon)-.*$ ]]; then - cat <<"EOF" -export LDAP_NSLCD_GROUP="ldap" -EOF - fi -} - -######################## -# Return LDAP config file path depending on distro -# Globals: -# OS_FLAVOUR -# Arguments: -# None -# Returns: -# (String) LDAP config file path -######################### -ldap_openldap_config_path() { - local openldap_config - case "$OS_FLAVOUR" in - debian-* | ubuntu-*) openldap_config=/etc/ldap/ldap.conf ;; - photon-* | redhatubi-*) openldap_config=/etc/openldap/ldap.conf ;; - *) error "Unsupported OS flavor ${OS_FLAVOUR}" && exit 1 ;; - esac - echo "$openldap_config" -} - -######################## -# Configure LDAP permissions (to be used at postunpack leve). -# Globals: -# LDAP_* -# Arguments: -# None -# Returns: -# None -######################### -ldap_configure_permissions() { - ensure_dir_exists "/var/run/nslcd" && configure_permissions_ownership "/var/run/nslcd" -u "root" -g "root" -d "775" - # The nslcd.conf file may not exist in distros like UBI, so we need to create it first - touch "/etc/nslcd.conf" - configure_permissions_ownership "/etc/nslcd.conf" -u "root" -g "root" -f "660" - configure_permissions_ownership "$(ldap_openldap_config_path)" -u "root" -g "root" -f "660" -} - -######################## -# Create nslcd.conf file -# Globals: -# LDAP_* -# Arguments: -# None -# Returns: -# None -######################### -ldap_create_nslcd_config() { - if am_i_root; then - chown "root:${LDAP_NSLCD_GROUP}" "/etc/nslcd.conf" - chown -R "${LDAP_NSLCD_USER}:${LDAP_NSLCD_GROUP}" "/var/run/nslcd" - cat >"/etc/nslcd.conf" <"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"$(ldap_openldap_config_path)" <"/etc/pam.d/${filename}" <> "$file" <<< "$entry" - fi - else - warn "The PHP configuration file '${file}' is not writable. The '${key}' option will not be configured." - fi -} - -######################## -# Ensure PHP is initialized -# Globals: -# PHP_* -# Arguments: -# None -# Returns: -# None -######################### -php_initialize() { - # Configure PHP options based on the runtime environment - info "Configuring PHP options" - php_set_runtime_config "$PHP_CONF_FILE" - - # PHP-FPM configuration - ! is_empty_value "$PHP_FPM_LISTEN_ADDRESS" && info "Setting PHP-FPM listen option" && php_conf_set "listen" "$PHP_FPM_LISTEN_ADDRESS" "${PHP_CONF_DIR}/php-fpm.d/www.conf" - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Set PHP runtime options, based on user-provided environment variables -# Globals: -# PHP_* -# Arguments: -# None -# Returns: -# None -######################### -php_set_runtime_config() { - local -r conf_file="${1:?missing conf file}" - - ! is_empty_value "$PHP_DATE_TIMEZONE" && info "Setting PHP date.timezone option" && php_conf_set date.timezone "$PHP_DATE_TIMEZONE" "$conf_file" - ! is_empty_value "$PHP_ENABLE_OPCACHE" && info "Setting PHP opcache.enable option" && php_conf_set opcache.enable "$PHP_ENABLE_OPCACHE" "$conf_file" - ! is_empty_value "$PHP_EXPOSE_PHP" && info "Setting PHP expose_php option" && php_conf_set expose_php "$PHP_EXPOSE_PHP" "$conf_file" - ! is_empty_value "$PHP_MAX_EXECUTION_TIME" && info "Setting PHP max_execution_time option" && php_conf_set max_execution_time "$PHP_MAX_EXECUTION_TIME" "$conf_file" - ! is_empty_value "$PHP_MAX_INPUT_TIME" && info "Setting PHP max_input_time option" && php_conf_set max_input_time "$PHP_MAX_INPUT_TIME" "$conf_file" - ! is_empty_value "$PHP_MAX_INPUT_VARS" && info "Setting PHP max_input_vars option" && php_conf_set max_input_vars "$PHP_MAX_INPUT_VARS" "$conf_file" - ! is_empty_value "$PHP_MEMORY_LIMIT" && info "Setting PHP memory_limit option" && php_conf_set memory_limit "$PHP_MEMORY_LIMIT" "$conf_file" - ! is_empty_value "$PHP_POST_MAX_SIZE" && info "Setting PHP post_max_size option" && php_conf_set post_max_size "$PHP_POST_MAX_SIZE" "$conf_file" - ! is_empty_value "$PHP_UPLOAD_MAX_FILESIZE" && info "Setting PHP upload_max_filesize option" && php_conf_set upload_max_filesize "$PHP_UPLOAD_MAX_FILESIZE" "$conf_file" - ! is_empty_value "$PHP_OUTPUT_BUFFERING" && info "Setting PHP output_buffering option" && php_conf_set output_buffering "$PHP_OUTPUT_BUFFERING" "$conf_file" - - true -} - -######################## -# Convert a yes/no value to a PHP boolean -# Globals: -# None -# Arguments: -# $1 - yes/no value -# Returns: -# None -######################### -php_convert_to_boolean() { - local -r value="${1:?missing value}" - is_boolean_yes "$value" && echo "true" || echo "false" -} - -######################## -# Execute/run PHP code and print to stdout -# Globals: -# None -# Stdin: -# Code to execute -# Arguments: -# $1..$n - Input arguments to script -# Returns: -# None -######################### -php_execute_print_output() { - local php_cmd - # Obtain the command specified via stdin - php_cmd="$(/dev/null 2>&1 & - if ! retry_while "is_php_fpm_running"; then - error "php-fpm did not start" - error_code=1 - else - info "php-fpm started" - fi -else - info "php-fpm is already running" -fi - -exit "$error_code" diff --git a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/php/status.sh b/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/php/status.sh deleted file mode 100755 index fcb71cf40410..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/php/status.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libphp.sh -. /opt/bitnami/scripts/liblog.sh - -# Load PHP-FPM environment variables -. /opt/bitnami/scripts/php-env.sh - -if is_php_fpm_running; then - info "php-fpm is already running" -else - info "php-fpm is not running" -fi diff --git a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/php/stop.sh b/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/php/stop.sh deleted file mode 100755 index 153f256030eb..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/rootfs/opt/bitnami/scripts/php/stop.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libphp.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh - -# Load PHP-FPM environment variables -. /opt/bitnami/scripts/php-env.sh - -error_code=0 - -if is_php_fpm_running; then - BITNAMI_QUIET=1 php_fpm_stop - if ! retry_while "is_php_fpm_not_running"; then - error "php-fpm could not be stopped" - error_code=1 - else - info "php-fpm stopped" - fi -else - info "php-fpm is not running" -fi - -exit "$error_code" diff --git a/bitnami/dokuwiki/20230404/debian-11/rootfs/post-init.d/php.sh b/bitnami/dokuwiki/20230404/debian-11/rootfs/post-init.d/php.sh deleted file mode 100755 index 75fbeb8b58bc..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/rootfs/post-init.d/php.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Executes custom PHP init scripts - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries with logging functions -if [[ -f /opt/bitnami/base/functions ]]; then - . /opt/bitnami/base/functions -else - . /opt/bitnami/scripts/liblog.sh -fi - -# Loop through all input files passed via stdin -read -r -a custom_init_scripts <<< "$@" -failure=0 -if [[ "${#custom_init_scripts[@]}" -gt 0 ]]; then - for custom_init_script in "${custom_init_scripts[@]}"; do - [[ "$custom_init_script" != *".php" ]] && continue - info "Executing ${custom_init_script} with PHP interpreter" - php "$custom_init_script" || failure=1 - [[ "$failure" -ne 0 ]] && error "Failed to execute ${custom_init_script}" - done -fi - -exit "$failure" diff --git a/bitnami/dokuwiki/20230404/debian-11/rootfs/post-init.d/shell.sh b/bitnami/dokuwiki/20230404/debian-11/rootfs/post-init.d/shell.sh deleted file mode 100755 index 15ec2defbee7..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/rootfs/post-init.d/shell.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Executes custom Bash init scripts - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries with logging functions -if [[ -f /opt/bitnami/base/functions ]]; then - . /opt/bitnami/base/functions -else - . /opt/bitnami/scripts/liblog.sh -fi - -# Loop through all input files passed via stdin -read -r -a custom_init_scripts <<< "$@" -failure=0 -if [[ "${#custom_init_scripts[@]}" -gt 0 ]]; then - for custom_init_script in "${custom_init_scripts[@]}"; do - [[ "$custom_init_script" != *".sh" ]] && continue - if [[ -x "$custom_init_script" ]]; then - info "Executing ${custom_init_script}" - "$custom_init_script" || failure="1" - else - info "Sourcing ${custom_init_script} as it is not executable by the current user, any error may cause initialization to fail" - . "$custom_init_script" - fi - [[ "$failure" -ne 0 ]] && error "Failed to execute ${custom_init_script}" - done -fi - -exit "$failure" diff --git a/bitnami/dokuwiki/20230404/debian-11/rootfs/post-init.sh b/bitnami/dokuwiki/20230404/debian-11/rootfs/post-init.sh deleted file mode 100755 index 3e8546cfafaf..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/rootfs/post-init.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Only execute init scripts once -if [[ ! -f "/bitnami/dokuwiki/.user_scripts_initialized" && -d "/docker-entrypoint-init.d" ]]; then - read -r -a init_scripts <<< "$(find "/docker-entrypoint-init.d" -type f -print0 | sort -z | xargs -0)" - if [[ "${#init_scripts[@]}" -gt 0 ]] && [[ ! -f "/bitnami/dokuwiki/.user_scripts_initialized" ]]; then - mkdir -p "/bitnami/dokuwiki" - for init_script in "${init_scripts[@]}"; do - for init_script_type_handler in /post-init.d/*.sh; do - "$init_script_type_handler" "$init_script" - done - done - fi - - touch "/bitnami/dokuwiki/.user_scripts_initialized" -fi diff --git a/bitnami/dokuwiki/20230404/debian-11/tags-info.yaml b/bitnami/dokuwiki/20230404/debian-11/tags-info.yaml deleted file mode 100644 index 38dc892e918d..000000000000 --- a/bitnami/dokuwiki/20230404/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "20230404" -- 20230404-debian-11 -- 20230404.1.0 -- latest diff --git a/bitnami/dotnet-sdk/6/debian-11/Dockerfile b/bitnami/dotnet-sdk/6/debian-11/Dockerfile deleted file mode 100644 index bf0592799975..000000000000 --- a/bitnami/dotnet-sdk/6/debian-11/Dockerfile +++ /dev/null @@ -1,57 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T23:26:11Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="6.0.419-debian-11-r9" \ - org.opencontainers.image.title="dotnet-sdk" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="6.0.419" - -ENV HOME="/app" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages build-essential ca-certificates curl git libcap2-bin libgcc-s1 libicu-dev liblttng-ust-dev libsqlite3-dev libssl-dev libstdc++6 pkg-config procps unzip wget zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "dotnet-sdk-6.0.419-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN sed -i 's/^PASS_MAX_DAYS.*/PASS_MAX_DAYS 90/' /etc/login.defs && \ - sed -i 's/^PASS_MIN_DAYS.*/PASS_MIN_DAYS 0/' /etc/login.defs && \ - sed -i 's/sha512/sha512 minlen=8/' /etc/pam.d/common-password - -COPY rootfs / -RUN /opt/bitnami/scripts/dotnet-sdk/postunpack.sh -ENV APP_VERSION="6.0.419" \ - BITNAMI_APP_NAME="dotnet-sdk" \ - DOTNET_CLI_HOME="/app" \ - DOTNET_ROOT="/opt/bitnami/dotnet-sdk/bin" \ - PATH="/opt/bitnami/dotnet-sdk/bin:$PATH" - -WORKDIR /app -ENTRYPOINT [ "/opt/bitnami/scripts/dotnet-sdk/entrypoint.sh" ] -CMD [ "/bin/bash" ] diff --git a/bitnami/dotnet-sdk/6/debian-11/docker-compose.yml b/bitnami/dotnet-sdk/6/debian-11/docker-compose.yml deleted file mode 100644 index 34e87346f4c9..000000000000 --- a/bitnami/dotnet-sdk/6/debian-11/docker-compose.yml +++ /dev/null @@ -1,13 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' -services: - dotnet-sdk: - image: docker.io/bitnami/dotnet-sdk:6 - command: ["tail", "-f", "/dev/null"] # To keep the container running - volumes: - - dotnet_data:/app -volumes: - dotnet_data: - driver: local diff --git a/bitnami/dotnet-sdk/6/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/dotnet-sdk/6/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index bdbb2703bd03..000000000000 --- a/bitnami/dotnet-sdk/6/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "dotnet-sdk": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "6.0.419-1" - } -} \ No newline at end of file diff --git a/bitnami/dotnet-sdk/6/debian-11/prebuildfs/opt/bitnami/base/functions b/bitnami/dotnet-sdk/6/debian-11/prebuildfs/opt/bitnami/base/functions deleted file mode 100644 index 76899b6c85ae..000000000000 --- a/bitnami/dotnet-sdk/6/debian-11/prebuildfs/opt/bitnami/base/functions +++ /dev/null @@ -1,122 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -[[ ${BASH_DEBUG:-false} = true ]] && set -x - -# Constants -MODULE="$(basename "$0")" -BITNAMI_PREFIX=/opt/bitnami - -# Color Palette -RESET='\033[0m' -BOLD='\033[1m' - -## Foreground -BLACK='\033[38;5;0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -BLUE='\033[38;5;4m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' -WHITE='\033[38;5;7m' - -## Background -ON_BLACK='\033[48;5;0m' -ON_RED='\033[48;5;1m' -ON_GREEN='\033[48;5;2m' -ON_YELLOW='\033[48;5;3m' -ON_BLUE='\033[48;5;4m' -ON_MAGENTA='\033[48;5;5m' -ON_CYAN='\033[48;5;6m' -ON_WHITE='\033[48;5;7m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - printf "%b\\n" "${*}" >&2 -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${NAMI_DEBUG:+${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")}${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - log "" - log "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - log "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - log "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - log "" -} diff --git a/bitnami/dotnet-sdk/6/debian-11/prebuildfs/opt/bitnami/base/helpers b/bitnami/dotnet-sdk/6/debian-11/prebuildfs/opt/bitnami/base/helpers deleted file mode 100644 index 387769aabbf3..000000000000 --- a/bitnami/dotnet-sdk/6/debian-11/prebuildfs/opt/bitnami/base/helpers +++ /dev/null @@ -1,42 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -. /opt/bitnami/base/functions - -######################## -# Helper function to initialize a single nami module -# Arguments: -# Module to initialize -# Returns: -# None -# Description: -# Initialize an unpacked nami module with the `nami initialize` command. -# Command arguments can be specified as function argumnts after the module name. -# `--log-level trace` flag is added to the command if `NAMI_DEBUG` env variable exists. -# The log level can be overridden using the `NAMI_LOG_LEVEL` env variable. -######################### -nami_initialize_one() { - local module="${1:?module not specified}" - if nami inspect $module | grep -q '"lifecycle": "unpacked"'; then - local inputs= - if [[ -f "/${module}-inputs.json" ]]; then - inputs="--inputs-file=/${module}-inputs.json" - fi - nami ${NAMI_DEBUG:+--log-level ${NAMI_LOG_LEVEL:-trace}} initialize $module $inputs "${@:2}" - fi -} - -######################## -# Helper function to initialize one or more nami modules -# Arguments: -# Module to initialize -# Returns: -# None -######################### -nami_initialize() { - local module="${1:?module not specified}" - for module in "${@}"; do - nami_initialize_one $module - done -} diff --git a/bitnami/dotnet-sdk/6/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/dotnet-sdk/6/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/dotnet-sdk/6/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/dotnet-sdk/6/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/dotnet-sdk/6/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/dotnet-sdk/6/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/dotnet-sdk/6/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/dotnet-sdk/6/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/dotnet-sdk/6/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/dotnet-sdk/6/debian-11/rootfs/opt/bitnami/scripts/dotnet-sdk/entrypoint.sh b/bitnami/dotnet-sdk/6/debian-11/rootfs/opt/bitnami/scripts/dotnet-sdk/entrypoint.sh deleted file mode 100755 index eef346858223..000000000000 --- a/bitnami/dotnet-sdk/6/debian-11/rootfs/opt/bitnami/scripts/dotnet-sdk/entrypoint.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/bash -e -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -. /opt/bitnami/base/functions -. /opt/bitnami/base/helpers - -print_welcome_page - -exec "$@" diff --git a/bitnami/dotnet-sdk/6/debian-11/rootfs/opt/bitnami/scripts/dotnet-sdk/postunpack.sh b/bitnami/dotnet-sdk/6/debian-11/rootfs/opt/bitnami/scripts/dotnet-sdk/postunpack.sh deleted file mode 100755 index 91dc11ec089e..000000000000 --- a/bitnami/dotnet-sdk/6/debian-11/rootfs/opt/bitnami/scripts/dotnet-sdk/postunpack.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purpose -mkdir /app -chmod g+rwx /app -setcap CAP_NET_BIND_SERVICE=+eip /opt/bitnami/dotnet-sdk/bin/dotnet diff --git a/bitnami/dotnet-sdk/6/debian-11/tags-info.yaml b/bitnami/dotnet-sdk/6/debian-11/tags-info.yaml deleted file mode 100644 index 56dbb9d82b5d..000000000000 --- a/bitnami/dotnet-sdk/6/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "6" -- 6-debian-11 -- 6.0.419 diff --git a/bitnami/dotnet-sdk/7/debian-11/Dockerfile b/bitnami/dotnet-sdk/7/debian-11/Dockerfile deleted file mode 100644 index b1704f436fbb..000000000000 --- a/bitnami/dotnet-sdk/7/debian-11/Dockerfile +++ /dev/null @@ -1,57 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T23:26:38Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="7.0.406-debian-11-r9" \ - org.opencontainers.image.title="dotnet-sdk" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="7.0.406" - -ENV HOME="/app" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages build-essential ca-certificates curl git libcap2-bin libgcc-s1 libicu-dev liblttng-ust-dev libsqlite3-dev libssl-dev libstdc++6 pkg-config procps unzip wget zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "dotnet-sdk-7.0.406-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN sed -i 's/^PASS_MAX_DAYS.*/PASS_MAX_DAYS 90/' /etc/login.defs && \ - sed -i 's/^PASS_MIN_DAYS.*/PASS_MIN_DAYS 0/' /etc/login.defs && \ - sed -i 's/sha512/sha512 minlen=8/' /etc/pam.d/common-password - -COPY rootfs / -RUN /opt/bitnami/scripts/dotnet-sdk/postunpack.sh -ENV APP_VERSION="7.0.406" \ - BITNAMI_APP_NAME="dotnet-sdk" \ - DOTNET_CLI_HOME="/app" \ - DOTNET_ROOT="/opt/bitnami/dotnet-sdk/bin" \ - PATH="/opt/bitnami/dotnet-sdk/bin:$PATH" - -WORKDIR /app -ENTRYPOINT [ "/opt/bitnami/scripts/dotnet-sdk/entrypoint.sh" ] -CMD [ "/bin/bash" ] diff --git a/bitnami/dotnet-sdk/7/debian-11/docker-compose.yml b/bitnami/dotnet-sdk/7/debian-11/docker-compose.yml deleted file mode 100644 index 8e52db815b8e..000000000000 --- a/bitnami/dotnet-sdk/7/debian-11/docker-compose.yml +++ /dev/null @@ -1,13 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' -services: - dotnet-sdk: - image: docker.io/bitnami/dotnet-sdk:7 - command: ["tail", "-f", "/dev/null"] # To keep the container running - volumes: - - dotnet_data:/app -volumes: - dotnet_data: - driver: local diff --git a/bitnami/dotnet-sdk/7/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/dotnet-sdk/7/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 9c7b1e370321..000000000000 --- a/bitnami/dotnet-sdk/7/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "dotnet-sdk": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "7.0.406-1" - } -} \ No newline at end of file diff --git a/bitnami/dotnet-sdk/7/debian-11/prebuildfs/opt/bitnami/base/functions b/bitnami/dotnet-sdk/7/debian-11/prebuildfs/opt/bitnami/base/functions deleted file mode 100644 index 76899b6c85ae..000000000000 --- a/bitnami/dotnet-sdk/7/debian-11/prebuildfs/opt/bitnami/base/functions +++ /dev/null @@ -1,122 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -[[ ${BASH_DEBUG:-false} = true ]] && set -x - -# Constants -MODULE="$(basename "$0")" -BITNAMI_PREFIX=/opt/bitnami - -# Color Palette -RESET='\033[0m' -BOLD='\033[1m' - -## Foreground -BLACK='\033[38;5;0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -BLUE='\033[38;5;4m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' -WHITE='\033[38;5;7m' - -## Background -ON_BLACK='\033[48;5;0m' -ON_RED='\033[48;5;1m' -ON_GREEN='\033[48;5;2m' -ON_YELLOW='\033[48;5;3m' -ON_BLUE='\033[48;5;4m' -ON_MAGENTA='\033[48;5;5m' -ON_CYAN='\033[48;5;6m' -ON_WHITE='\033[48;5;7m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - printf "%b\\n" "${*}" >&2 -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${NAMI_DEBUG:+${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")}${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - log "" - log "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - log "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - log "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - log "" -} diff --git a/bitnami/dotnet-sdk/7/debian-11/prebuildfs/opt/bitnami/base/helpers b/bitnami/dotnet-sdk/7/debian-11/prebuildfs/opt/bitnami/base/helpers deleted file mode 100644 index 387769aabbf3..000000000000 --- a/bitnami/dotnet-sdk/7/debian-11/prebuildfs/opt/bitnami/base/helpers +++ /dev/null @@ -1,42 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -. /opt/bitnami/base/functions - -######################## -# Helper function to initialize a single nami module -# Arguments: -# Module to initialize -# Returns: -# None -# Description: -# Initialize an unpacked nami module with the `nami initialize` command. -# Command arguments can be specified as function argumnts after the module name. -# `--log-level trace` flag is added to the command if `NAMI_DEBUG` env variable exists. -# The log level can be overridden using the `NAMI_LOG_LEVEL` env variable. -######################### -nami_initialize_one() { - local module="${1:?module not specified}" - if nami inspect $module | grep -q '"lifecycle": "unpacked"'; then - local inputs= - if [[ -f "/${module}-inputs.json" ]]; then - inputs="--inputs-file=/${module}-inputs.json" - fi - nami ${NAMI_DEBUG:+--log-level ${NAMI_LOG_LEVEL:-trace}} initialize $module $inputs "${@:2}" - fi -} - -######################## -# Helper function to initialize one or more nami modules -# Arguments: -# Module to initialize -# Returns: -# None -######################### -nami_initialize() { - local module="${1:?module not specified}" - for module in "${@}"; do - nami_initialize_one $module - done -} diff --git a/bitnami/dotnet-sdk/7/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/dotnet-sdk/7/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/dotnet-sdk/7/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/dotnet-sdk/7/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/dotnet-sdk/7/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/dotnet-sdk/7/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/dotnet-sdk/7/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/dotnet-sdk/7/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/dotnet-sdk/7/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/dotnet-sdk/7/debian-11/rootfs/opt/bitnami/scripts/dotnet-sdk/entrypoint.sh b/bitnami/dotnet-sdk/7/debian-11/rootfs/opt/bitnami/scripts/dotnet-sdk/entrypoint.sh deleted file mode 100755 index eef346858223..000000000000 --- a/bitnami/dotnet-sdk/7/debian-11/rootfs/opt/bitnami/scripts/dotnet-sdk/entrypoint.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/bash -e -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -. /opt/bitnami/base/functions -. /opt/bitnami/base/helpers - -print_welcome_page - -exec "$@" diff --git a/bitnami/dotnet-sdk/7/debian-11/rootfs/opt/bitnami/scripts/dotnet-sdk/postunpack.sh b/bitnami/dotnet-sdk/7/debian-11/rootfs/opt/bitnami/scripts/dotnet-sdk/postunpack.sh deleted file mode 100755 index 91dc11ec089e..000000000000 --- a/bitnami/dotnet-sdk/7/debian-11/rootfs/opt/bitnami/scripts/dotnet-sdk/postunpack.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purpose -mkdir /app -chmod g+rwx /app -setcap CAP_NET_BIND_SERVICE=+eip /opt/bitnami/dotnet-sdk/bin/dotnet diff --git a/bitnami/dotnet-sdk/7/debian-11/tags-info.yaml b/bitnami/dotnet-sdk/7/debian-11/tags-info.yaml deleted file mode 100644 index 871331706625..000000000000 --- a/bitnami/dotnet-sdk/7/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "7" -- 7-debian-11 -- 7.0.406 diff --git a/bitnami/dotnet-sdk/8/debian-11/Dockerfile b/bitnami/dotnet-sdk/8/debian-11/Dockerfile deleted file mode 100644 index 49db0be31d2f..000000000000 --- a/bitnami/dotnet-sdk/8/debian-11/Dockerfile +++ /dev/null @@ -1,57 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T23:27:02Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="8.0.200-debian-11-r10" \ - org.opencontainers.image.title="dotnet-sdk" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="8.0.200" - -ENV HOME="/app" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages build-essential ca-certificates curl git libcap2-bin libgcc-s1 libicu-dev liblttng-ust-dev libsqlite3-dev libssl-dev libstdc++6 pkg-config procps unzip wget zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "dotnet-sdk-8.0.200-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN sed -i 's/^PASS_MAX_DAYS.*/PASS_MAX_DAYS 90/' /etc/login.defs && \ - sed -i 's/^PASS_MIN_DAYS.*/PASS_MIN_DAYS 0/' /etc/login.defs && \ - sed -i 's/sha512/sha512 minlen=8/' /etc/pam.d/common-password - -COPY rootfs / -RUN /opt/bitnami/scripts/dotnet-sdk/postunpack.sh -ENV APP_VERSION="8.0.200" \ - BITNAMI_APP_NAME="dotnet-sdk" \ - DOTNET_CLI_HOME="/app" \ - DOTNET_ROOT="/opt/bitnami/dotnet-sdk/bin" \ - PATH="/opt/bitnami/dotnet-sdk/bin:$PATH" - -WORKDIR /app -ENTRYPOINT [ "/opt/bitnami/scripts/dotnet-sdk/entrypoint.sh" ] -CMD [ "/bin/bash" ] diff --git a/bitnami/dotnet-sdk/8/debian-11/docker-compose.yml b/bitnami/dotnet-sdk/8/debian-11/docker-compose.yml deleted file mode 100644 index f7a2bb405eda..000000000000 --- a/bitnami/dotnet-sdk/8/debian-11/docker-compose.yml +++ /dev/null @@ -1,13 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' -services: - dotnet-sdk: - image: docker.io/bitnami/dotnet-sdk:8 - command: ["tail", "-f", "/dev/null"] # To keep the container running - volumes: - - dotnet_data:/app -volumes: - dotnet_data: - driver: local diff --git a/bitnami/dotnet-sdk/8/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/dotnet-sdk/8/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 93d890e7b6ad..000000000000 --- a/bitnami/dotnet-sdk/8/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "dotnet-sdk": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "8.0.200-1" - } -} \ No newline at end of file diff --git a/bitnami/dotnet-sdk/8/debian-11/prebuildfs/opt/bitnami/base/functions b/bitnami/dotnet-sdk/8/debian-11/prebuildfs/opt/bitnami/base/functions deleted file mode 100644 index 76899b6c85ae..000000000000 --- a/bitnami/dotnet-sdk/8/debian-11/prebuildfs/opt/bitnami/base/functions +++ /dev/null @@ -1,122 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -[[ ${BASH_DEBUG:-false} = true ]] && set -x - -# Constants -MODULE="$(basename "$0")" -BITNAMI_PREFIX=/opt/bitnami - -# Color Palette -RESET='\033[0m' -BOLD='\033[1m' - -## Foreground -BLACK='\033[38;5;0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -BLUE='\033[38;5;4m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' -WHITE='\033[38;5;7m' - -## Background -ON_BLACK='\033[48;5;0m' -ON_RED='\033[48;5;1m' -ON_GREEN='\033[48;5;2m' -ON_YELLOW='\033[48;5;3m' -ON_BLUE='\033[48;5;4m' -ON_MAGENTA='\033[48;5;5m' -ON_CYAN='\033[48;5;6m' -ON_WHITE='\033[48;5;7m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - printf "%b\\n" "${*}" >&2 -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${NAMI_DEBUG:+${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")}${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - log "" - log "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - log "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - log "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - log "" -} diff --git a/bitnami/dotnet-sdk/8/debian-11/prebuildfs/opt/bitnami/base/helpers b/bitnami/dotnet-sdk/8/debian-11/prebuildfs/opt/bitnami/base/helpers deleted file mode 100644 index 387769aabbf3..000000000000 --- a/bitnami/dotnet-sdk/8/debian-11/prebuildfs/opt/bitnami/base/helpers +++ /dev/null @@ -1,42 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -. /opt/bitnami/base/functions - -######################## -# Helper function to initialize a single nami module -# Arguments: -# Module to initialize -# Returns: -# None -# Description: -# Initialize an unpacked nami module with the `nami initialize` command. -# Command arguments can be specified as function argumnts after the module name. -# `--log-level trace` flag is added to the command if `NAMI_DEBUG` env variable exists. -# The log level can be overridden using the `NAMI_LOG_LEVEL` env variable. -######################### -nami_initialize_one() { - local module="${1:?module not specified}" - if nami inspect $module | grep -q '"lifecycle": "unpacked"'; then - local inputs= - if [[ -f "/${module}-inputs.json" ]]; then - inputs="--inputs-file=/${module}-inputs.json" - fi - nami ${NAMI_DEBUG:+--log-level ${NAMI_LOG_LEVEL:-trace}} initialize $module $inputs "${@:2}" - fi -} - -######################## -# Helper function to initialize one or more nami modules -# Arguments: -# Module to initialize -# Returns: -# None -######################### -nami_initialize() { - local module="${1:?module not specified}" - for module in "${@}"; do - nami_initialize_one $module - done -} diff --git a/bitnami/dotnet-sdk/8/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/dotnet-sdk/8/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/dotnet-sdk/8/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/dotnet-sdk/8/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/dotnet-sdk/8/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/dotnet-sdk/8/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/dotnet-sdk/8/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/dotnet-sdk/8/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/dotnet-sdk/8/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/dotnet-sdk/8/debian-11/rootfs/opt/bitnami/scripts/dotnet-sdk/entrypoint.sh b/bitnami/dotnet-sdk/8/debian-11/rootfs/opt/bitnami/scripts/dotnet-sdk/entrypoint.sh deleted file mode 100755 index eef346858223..000000000000 --- a/bitnami/dotnet-sdk/8/debian-11/rootfs/opt/bitnami/scripts/dotnet-sdk/entrypoint.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/bash -e -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -. /opt/bitnami/base/functions -. /opt/bitnami/base/helpers - -print_welcome_page - -exec "$@" diff --git a/bitnami/dotnet-sdk/8/debian-11/rootfs/opt/bitnami/scripts/dotnet-sdk/postunpack.sh b/bitnami/dotnet-sdk/8/debian-11/rootfs/opt/bitnami/scripts/dotnet-sdk/postunpack.sh deleted file mode 100755 index 91dc11ec089e..000000000000 --- a/bitnami/dotnet-sdk/8/debian-11/rootfs/opt/bitnami/scripts/dotnet-sdk/postunpack.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purpose -mkdir /app -chmod g+rwx /app -setcap CAP_NET_BIND_SERVICE=+eip /opt/bitnami/dotnet-sdk/bin/dotnet diff --git a/bitnami/dotnet-sdk/8/debian-11/tags-info.yaml b/bitnami/dotnet-sdk/8/debian-11/tags-info.yaml deleted file mode 100644 index 11e188bae413..000000000000 --- a/bitnami/dotnet-sdk/8/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "8" -- 8-debian-11 -- 8.0.200 -- latest diff --git a/bitnami/dotnet/6/debian-11/Dockerfile b/bitnami/dotnet/6/debian-11/Dockerfile deleted file mode 100644 index 317be48ae9cc..000000000000 --- a/bitnami/dotnet/6/debian-11/Dockerfile +++ /dev/null @@ -1,57 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T23:27:40Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="6.0.27-debian-11-r9" \ - org.opencontainers.image.title="dotnet" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="6.0.27" - -ENV HOME="/app" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages build-essential ca-certificates curl git libcap2-bin libgcc-s1 libicu-dev liblttng-ust-dev libsqlite3-dev libssl-dev libstdc++6 pkg-config procps unzip wget zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "dotnet-6.0.27-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN sed -i 's/^PASS_MAX_DAYS.*/PASS_MAX_DAYS 90/' /etc/login.defs && \ - sed -i 's/^PASS_MIN_DAYS.*/PASS_MIN_DAYS 0/' /etc/login.defs && \ - sed -i 's/sha512/sha512 minlen=8/' /etc/pam.d/common-password - -COPY rootfs / -RUN /opt/bitnami/scripts/dotnet/postunpack.sh -ENV APP_VERSION="6.0.27" \ - BITNAMI_APP_NAME="dotnet" \ - DOTNET_CLI_HOME="/app" \ - DOTNET_ROOT="/opt/bitnami/dotnet/bin" \ - PATH="/opt/bitnami/dotnet/bin:$PATH" - -WORKDIR /app -ENTRYPOINT [ "/opt/bitnami/scripts/dotnet/entrypoint.sh" ] -CMD [ "/bin/bash" ] diff --git a/bitnami/dotnet/6/debian-11/docker-compose.yml b/bitnami/dotnet/6/debian-11/docker-compose.yml deleted file mode 100644 index a913fda5fc73..000000000000 --- a/bitnami/dotnet/6/debian-11/docker-compose.yml +++ /dev/null @@ -1,13 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' -services: - dotnet: - image: docker.io/bitnami/dotnet:6 - command: ["tail", "-f", "/dev/null"] # To keep the container running - volumes: - - dotnet_data:/app -volumes: - dotnet_data: - driver: local diff --git a/bitnami/dotnet/6/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/dotnet/6/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index ca2947fedda9..000000000000 --- a/bitnami/dotnet/6/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "dotnet": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "6.0.27-1" - } -} \ No newline at end of file diff --git a/bitnami/dotnet/6/debian-11/prebuildfs/opt/bitnami/base/functions b/bitnami/dotnet/6/debian-11/prebuildfs/opt/bitnami/base/functions deleted file mode 100644 index 76899b6c85ae..000000000000 --- a/bitnami/dotnet/6/debian-11/prebuildfs/opt/bitnami/base/functions +++ /dev/null @@ -1,122 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -[[ ${BASH_DEBUG:-false} = true ]] && set -x - -# Constants -MODULE="$(basename "$0")" -BITNAMI_PREFIX=/opt/bitnami - -# Color Palette -RESET='\033[0m' -BOLD='\033[1m' - -## Foreground -BLACK='\033[38;5;0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -BLUE='\033[38;5;4m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' -WHITE='\033[38;5;7m' - -## Background -ON_BLACK='\033[48;5;0m' -ON_RED='\033[48;5;1m' -ON_GREEN='\033[48;5;2m' -ON_YELLOW='\033[48;5;3m' -ON_BLUE='\033[48;5;4m' -ON_MAGENTA='\033[48;5;5m' -ON_CYAN='\033[48;5;6m' -ON_WHITE='\033[48;5;7m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - printf "%b\\n" "${*}" >&2 -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${NAMI_DEBUG:+${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")}${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - log "" - log "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - log "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - log "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - log "" -} diff --git a/bitnami/dotnet/6/debian-11/prebuildfs/opt/bitnami/base/helpers b/bitnami/dotnet/6/debian-11/prebuildfs/opt/bitnami/base/helpers deleted file mode 100644 index 387769aabbf3..000000000000 --- a/bitnami/dotnet/6/debian-11/prebuildfs/opt/bitnami/base/helpers +++ /dev/null @@ -1,42 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -. /opt/bitnami/base/functions - -######################## -# Helper function to initialize a single nami module -# Arguments: -# Module to initialize -# Returns: -# None -# Description: -# Initialize an unpacked nami module with the `nami initialize` command. -# Command arguments can be specified as function argumnts after the module name. -# `--log-level trace` flag is added to the command if `NAMI_DEBUG` env variable exists. -# The log level can be overridden using the `NAMI_LOG_LEVEL` env variable. -######################### -nami_initialize_one() { - local module="${1:?module not specified}" - if nami inspect $module | grep -q '"lifecycle": "unpacked"'; then - local inputs= - if [[ -f "/${module}-inputs.json" ]]; then - inputs="--inputs-file=/${module}-inputs.json" - fi - nami ${NAMI_DEBUG:+--log-level ${NAMI_LOG_LEVEL:-trace}} initialize $module $inputs "${@:2}" - fi -} - -######################## -# Helper function to initialize one or more nami modules -# Arguments: -# Module to initialize -# Returns: -# None -######################### -nami_initialize() { - local module="${1:?module not specified}" - for module in "${@}"; do - nami_initialize_one $module - done -} diff --git a/bitnami/dotnet/6/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/dotnet/6/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/dotnet/6/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/dotnet/6/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/dotnet/6/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/dotnet/6/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/dotnet/6/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/dotnet/6/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/dotnet/6/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/dotnet/6/debian-11/rootfs/opt/bitnami/scripts/dotnet/entrypoint.sh b/bitnami/dotnet/6/debian-11/rootfs/opt/bitnami/scripts/dotnet/entrypoint.sh deleted file mode 100755 index eef346858223..000000000000 --- a/bitnami/dotnet/6/debian-11/rootfs/opt/bitnami/scripts/dotnet/entrypoint.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/bash -e -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -. /opt/bitnami/base/functions -. /opt/bitnami/base/helpers - -print_welcome_page - -exec "$@" diff --git a/bitnami/dotnet/6/debian-11/rootfs/opt/bitnami/scripts/dotnet/postunpack.sh b/bitnami/dotnet/6/debian-11/rootfs/opt/bitnami/scripts/dotnet/postunpack.sh deleted file mode 100755 index 24cac1c50af7..000000000000 --- a/bitnami/dotnet/6/debian-11/rootfs/opt/bitnami/scripts/dotnet/postunpack.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purpose -mkdir /app -chmod g+rwx /app -setcap CAP_NET_BIND_SERVICE=+eip /opt/bitnami/dotnet/bin/dotnet diff --git a/bitnami/dotnet/6/debian-11/tags-info.yaml b/bitnami/dotnet/6/debian-11/tags-info.yaml deleted file mode 100644 index 64054a812ce0..000000000000 --- a/bitnami/dotnet/6/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "6" -- 6-debian-11 -- 6.0.27 diff --git a/bitnami/dotnet/7/debian-11/Dockerfile b/bitnami/dotnet/7/debian-11/Dockerfile deleted file mode 100644 index 46af3425e1ab..000000000000 --- a/bitnami/dotnet/7/debian-11/Dockerfile +++ /dev/null @@ -1,57 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T23:29:18Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="7.0.16-debian-11-r10" \ - org.opencontainers.image.title="dotnet" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="7.0.16" - -ENV HOME="/app" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages build-essential ca-certificates curl git libcap2-bin libgcc-s1 libicu-dev liblttng-ust-dev libsqlite3-dev libssl-dev libstdc++6 pkg-config procps unzip wget zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "dotnet-7.0.16-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN sed -i 's/^PASS_MAX_DAYS.*/PASS_MAX_DAYS 90/' /etc/login.defs && \ - sed -i 's/^PASS_MIN_DAYS.*/PASS_MIN_DAYS 0/' /etc/login.defs && \ - sed -i 's/sha512/sha512 minlen=8/' /etc/pam.d/common-password - -COPY rootfs / -RUN /opt/bitnami/scripts/dotnet/postunpack.sh -ENV APP_VERSION="7.0.16" \ - BITNAMI_APP_NAME="dotnet" \ - DOTNET_CLI_HOME="/app" \ - DOTNET_ROOT="/opt/bitnami/dotnet/bin" \ - PATH="/opt/bitnami/dotnet/bin:$PATH" - -WORKDIR /app -ENTRYPOINT [ "/opt/bitnami/scripts/dotnet/entrypoint.sh" ] -CMD [ "/bin/bash" ] diff --git a/bitnami/dotnet/7/debian-11/docker-compose.yml b/bitnami/dotnet/7/debian-11/docker-compose.yml deleted file mode 100644 index 79cccee478c2..000000000000 --- a/bitnami/dotnet/7/debian-11/docker-compose.yml +++ /dev/null @@ -1,13 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' -services: - dotnet: - image: docker.io/bitnami/dotnet:7 - command: ["tail", "-f", "/dev/null"] # To keep the container running - volumes: - - dotnet_data:/app -volumes: - dotnet_data: - driver: local diff --git a/bitnami/dotnet/7/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/dotnet/7/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 11936ee362ab..000000000000 --- a/bitnami/dotnet/7/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "dotnet": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "7.0.16-1" - } -} \ No newline at end of file diff --git a/bitnami/dotnet/7/debian-11/prebuildfs/opt/bitnami/base/functions b/bitnami/dotnet/7/debian-11/prebuildfs/opt/bitnami/base/functions deleted file mode 100644 index 76899b6c85ae..000000000000 --- a/bitnami/dotnet/7/debian-11/prebuildfs/opt/bitnami/base/functions +++ /dev/null @@ -1,122 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -[[ ${BASH_DEBUG:-false} = true ]] && set -x - -# Constants -MODULE="$(basename "$0")" -BITNAMI_PREFIX=/opt/bitnami - -# Color Palette -RESET='\033[0m' -BOLD='\033[1m' - -## Foreground -BLACK='\033[38;5;0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -BLUE='\033[38;5;4m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' -WHITE='\033[38;5;7m' - -## Background -ON_BLACK='\033[48;5;0m' -ON_RED='\033[48;5;1m' -ON_GREEN='\033[48;5;2m' -ON_YELLOW='\033[48;5;3m' -ON_BLUE='\033[48;5;4m' -ON_MAGENTA='\033[48;5;5m' -ON_CYAN='\033[48;5;6m' -ON_WHITE='\033[48;5;7m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - printf "%b\\n" "${*}" >&2 -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${NAMI_DEBUG:+${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")}${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - log "" - log "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - log "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - log "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - log "" -} diff --git a/bitnami/dotnet/7/debian-11/prebuildfs/opt/bitnami/base/helpers b/bitnami/dotnet/7/debian-11/prebuildfs/opt/bitnami/base/helpers deleted file mode 100644 index 387769aabbf3..000000000000 --- a/bitnami/dotnet/7/debian-11/prebuildfs/opt/bitnami/base/helpers +++ /dev/null @@ -1,42 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -. /opt/bitnami/base/functions - -######################## -# Helper function to initialize a single nami module -# Arguments: -# Module to initialize -# Returns: -# None -# Description: -# Initialize an unpacked nami module with the `nami initialize` command. -# Command arguments can be specified as function argumnts after the module name. -# `--log-level trace` flag is added to the command if `NAMI_DEBUG` env variable exists. -# The log level can be overridden using the `NAMI_LOG_LEVEL` env variable. -######################### -nami_initialize_one() { - local module="${1:?module not specified}" - if nami inspect $module | grep -q '"lifecycle": "unpacked"'; then - local inputs= - if [[ -f "/${module}-inputs.json" ]]; then - inputs="--inputs-file=/${module}-inputs.json" - fi - nami ${NAMI_DEBUG:+--log-level ${NAMI_LOG_LEVEL:-trace}} initialize $module $inputs "${@:2}" - fi -} - -######################## -# Helper function to initialize one or more nami modules -# Arguments: -# Module to initialize -# Returns: -# None -######################### -nami_initialize() { - local module="${1:?module not specified}" - for module in "${@}"; do - nami_initialize_one $module - done -} diff --git a/bitnami/dotnet/7/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/dotnet/7/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/dotnet/7/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/dotnet/7/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/dotnet/7/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/dotnet/7/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/dotnet/7/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/dotnet/7/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/dotnet/7/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/dotnet/7/debian-11/rootfs/opt/bitnami/scripts/dotnet/entrypoint.sh b/bitnami/dotnet/7/debian-11/rootfs/opt/bitnami/scripts/dotnet/entrypoint.sh deleted file mode 100755 index eef346858223..000000000000 --- a/bitnami/dotnet/7/debian-11/rootfs/opt/bitnami/scripts/dotnet/entrypoint.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/bash -e -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -. /opt/bitnami/base/functions -. /opt/bitnami/base/helpers - -print_welcome_page - -exec "$@" diff --git a/bitnami/dotnet/7/debian-11/rootfs/opt/bitnami/scripts/dotnet/postunpack.sh b/bitnami/dotnet/7/debian-11/rootfs/opt/bitnami/scripts/dotnet/postunpack.sh deleted file mode 100755 index 24cac1c50af7..000000000000 --- a/bitnami/dotnet/7/debian-11/rootfs/opt/bitnami/scripts/dotnet/postunpack.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purpose -mkdir /app -chmod g+rwx /app -setcap CAP_NET_BIND_SERVICE=+eip /opt/bitnami/dotnet/bin/dotnet diff --git a/bitnami/dotnet/7/debian-11/tags-info.yaml b/bitnami/dotnet/7/debian-11/tags-info.yaml deleted file mode 100644 index 141bd8bf93b8..000000000000 --- a/bitnami/dotnet/7/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "7" -- 7-debian-11 -- 7.0.16 diff --git a/bitnami/dotnet/8/debian-11/Dockerfile b/bitnami/dotnet/8/debian-11/Dockerfile deleted file mode 100644 index c7dd66d4b375..000000000000 --- a/bitnami/dotnet/8/debian-11/Dockerfile +++ /dev/null @@ -1,57 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T23:31:14Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="8.0.2-debian-11-r9" \ - org.opencontainers.image.title="dotnet" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="8.0.2" - -ENV HOME="/app" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages build-essential ca-certificates curl git libcap2-bin libgcc-s1 libicu-dev liblttng-ust-dev libsqlite3-dev libssl-dev libstdc++6 pkg-config procps unzip wget zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "dotnet-8.0.2-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN sed -i 's/^PASS_MAX_DAYS.*/PASS_MAX_DAYS 90/' /etc/login.defs && \ - sed -i 's/^PASS_MIN_DAYS.*/PASS_MIN_DAYS 0/' /etc/login.defs && \ - sed -i 's/sha512/sha512 minlen=8/' /etc/pam.d/common-password - -COPY rootfs / -RUN /opt/bitnami/scripts/dotnet/postunpack.sh -ENV APP_VERSION="8.0.2" \ - BITNAMI_APP_NAME="dotnet" \ - DOTNET_CLI_HOME="/app" \ - DOTNET_ROOT="/opt/bitnami/dotnet/bin" \ - PATH="/opt/bitnami/dotnet/bin:$PATH" - -WORKDIR /app -ENTRYPOINT [ "/opt/bitnami/scripts/dotnet/entrypoint.sh" ] -CMD [ "/bin/bash" ] diff --git a/bitnami/dotnet/8/debian-11/docker-compose.yml b/bitnami/dotnet/8/debian-11/docker-compose.yml deleted file mode 100644 index 2b622cb7be16..000000000000 --- a/bitnami/dotnet/8/debian-11/docker-compose.yml +++ /dev/null @@ -1,13 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' -services: - dotnet: - image: docker.io/bitnami/dotnet:8 - command: ["tail", "-f", "/dev/null"] # To keep the container running - volumes: - - dotnet_data:/app -volumes: - dotnet_data: - driver: local diff --git a/bitnami/dotnet/8/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/dotnet/8/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 66027a54592a..000000000000 --- a/bitnami/dotnet/8/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "dotnet": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "8.0.2-1" - } -} \ No newline at end of file diff --git a/bitnami/dotnet/8/debian-11/prebuildfs/opt/bitnami/base/functions b/bitnami/dotnet/8/debian-11/prebuildfs/opt/bitnami/base/functions deleted file mode 100644 index 76899b6c85ae..000000000000 --- a/bitnami/dotnet/8/debian-11/prebuildfs/opt/bitnami/base/functions +++ /dev/null @@ -1,122 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -[[ ${BASH_DEBUG:-false} = true ]] && set -x - -# Constants -MODULE="$(basename "$0")" -BITNAMI_PREFIX=/opt/bitnami - -# Color Palette -RESET='\033[0m' -BOLD='\033[1m' - -## Foreground -BLACK='\033[38;5;0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -BLUE='\033[38;5;4m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' -WHITE='\033[38;5;7m' - -## Background -ON_BLACK='\033[48;5;0m' -ON_RED='\033[48;5;1m' -ON_GREEN='\033[48;5;2m' -ON_YELLOW='\033[48;5;3m' -ON_BLUE='\033[48;5;4m' -ON_MAGENTA='\033[48;5;5m' -ON_CYAN='\033[48;5;6m' -ON_WHITE='\033[48;5;7m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - printf "%b\\n" "${*}" >&2 -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${NAMI_DEBUG:+${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")}${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - log "" - log "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - log "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - log "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - log "" -} diff --git a/bitnami/dotnet/8/debian-11/prebuildfs/opt/bitnami/base/helpers b/bitnami/dotnet/8/debian-11/prebuildfs/opt/bitnami/base/helpers deleted file mode 100644 index 387769aabbf3..000000000000 --- a/bitnami/dotnet/8/debian-11/prebuildfs/opt/bitnami/base/helpers +++ /dev/null @@ -1,42 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -. /opt/bitnami/base/functions - -######################## -# Helper function to initialize a single nami module -# Arguments: -# Module to initialize -# Returns: -# None -# Description: -# Initialize an unpacked nami module with the `nami initialize` command. -# Command arguments can be specified as function argumnts after the module name. -# `--log-level trace` flag is added to the command if `NAMI_DEBUG` env variable exists. -# The log level can be overridden using the `NAMI_LOG_LEVEL` env variable. -######################### -nami_initialize_one() { - local module="${1:?module not specified}" - if nami inspect $module | grep -q '"lifecycle": "unpacked"'; then - local inputs= - if [[ -f "/${module}-inputs.json" ]]; then - inputs="--inputs-file=/${module}-inputs.json" - fi - nami ${NAMI_DEBUG:+--log-level ${NAMI_LOG_LEVEL:-trace}} initialize $module $inputs "${@:2}" - fi -} - -######################## -# Helper function to initialize one or more nami modules -# Arguments: -# Module to initialize -# Returns: -# None -######################### -nami_initialize() { - local module="${1:?module not specified}" - for module in "${@}"; do - nami_initialize_one $module - done -} diff --git a/bitnami/dotnet/8/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/dotnet/8/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/dotnet/8/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/dotnet/8/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/dotnet/8/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/dotnet/8/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/dotnet/8/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/dotnet/8/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/dotnet/8/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/dotnet/8/debian-11/rootfs/opt/bitnami/scripts/dotnet/entrypoint.sh b/bitnami/dotnet/8/debian-11/rootfs/opt/bitnami/scripts/dotnet/entrypoint.sh deleted file mode 100755 index eef346858223..000000000000 --- a/bitnami/dotnet/8/debian-11/rootfs/opt/bitnami/scripts/dotnet/entrypoint.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/bash -e -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -. /opt/bitnami/base/functions -. /opt/bitnami/base/helpers - -print_welcome_page - -exec "$@" diff --git a/bitnami/dotnet/8/debian-11/rootfs/opt/bitnami/scripts/dotnet/postunpack.sh b/bitnami/dotnet/8/debian-11/rootfs/opt/bitnami/scripts/dotnet/postunpack.sh deleted file mode 100755 index 24cac1c50af7..000000000000 --- a/bitnami/dotnet/8/debian-11/rootfs/opt/bitnami/scripts/dotnet/postunpack.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purpose -mkdir /app -chmod g+rwx /app -setcap CAP_NET_BIND_SERVICE=+eip /opt/bitnami/dotnet/bin/dotnet diff --git a/bitnami/dotnet/8/debian-11/tags-info.yaml b/bitnami/dotnet/8/debian-11/tags-info.yaml deleted file mode 100644 index f27c6c60800d..000000000000 --- a/bitnami/dotnet/8/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "8" -- 8-debian-11 -- 8.0.2 -- latest diff --git a/bitnami/drupal/10/debian-11/Dockerfile b/bitnami/drupal/10/debian-11/Dockerfile deleted file mode 100644 index 1013ba2404fb..000000000000 --- a/bitnami/drupal/10/debian-11/Dockerfile +++ /dev/null @@ -1,67 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T23:34:25Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="10.2.3-debian-11-r19" \ - org.opencontainers.image.title="drupal" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="10.2.3" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages acl ca-certificates curl gnupg libaudit1 libbrotli1 libbsd0 libbz2-1.0 libcap-ng0 libcom-err2 libcrypt1 libcurl4 libexpat1 libffi7 libfftw3-double3 libfontconfig1 libfreetype6 libgcc-s1 libgcrypt20 libglib2.0-0 libgmp10 libgnutls30 libgomp1 libgpg-error0 libgssapi-krb5-2 libhogweed6 libicu67 libidn2-0 libjpeg62-turbo libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 liblcms2-2 libldap-2.4-2 liblqr-1-0 libltdl7 liblzma5 libmagickcore-6.q16-6 libmagickwand-6.q16-6 libmd0 libmemcached11 libncurses6 libnettle8 libnghttp2-14 libonig5 libp11-kit0 libpam0g libpcre2-8-0 libpcre3 libpng16-16 libpq5 libpsl5 libreadline8 librtmp1 libsasl2-2 libsodium23 libsqlite3-0 libssh2-1 libssl1.1 libstdc++6 libsybdb5 libtasn1-6 libtidy5deb1 libtinfo6 libunistring2 libuuid1 libwebp6 libx11-6 libxau6 libxcb1 libxdmcp6 libxext6 libxml2 libxslt1.1 libzip4 openssl procps unzip zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "render-template-1.0.6-9-linux-${OS_ARCH}-debian-11" \ - "php-8.2.16-0-linux-${OS_ARCH}-debian-11" \ - "apache-2.4.58-7-linux-${OS_ARCH}-debian-11" \ - "mysql-client-11.2.3-0-linux-${OS_ARCH}-debian-11" \ - "libphp-8.2.16-0-linux-${OS_ARCH}-debian-11" \ - "drupal-10.2.3-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/apache/postunpack.sh -RUN /opt/bitnami/scripts/php/postunpack.sh -RUN /opt/bitnami/scripts/apache-modphp/postunpack.sh -RUN /opt/bitnami/scripts/drupal/postunpack.sh -RUN /opt/bitnami/scripts/mysql-client/postunpack.sh -ENV APACHE_HTTPS_PORT_NUMBER="" \ - APACHE_HTTP_PORT_NUMBER="" \ - APP_VERSION="10.2.3" \ - BITNAMI_APP_NAME="drupal" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/php/bin:/opt/bitnami/php/sbin:/opt/bitnami/apache/bin:/opt/bitnami/mysql/bin:/opt/bitnami/drupal/vendor/bin:$PATH" - -EXPOSE 8080 8443 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/drupal/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/apache/run.sh" ] diff --git a/bitnami/drupal/10/debian-11/docker-compose.yml b/bitnami/drupal/10/debian-11/docker-compose.yml deleted file mode 100644 index ed655c72e4c1..000000000000 --- a/bitnami/drupal/10/debian-11/docker-compose.yml +++ /dev/null @@ -1,35 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' -services: - mariadb: - image: docker.io/bitnami/mariadb:11.2 - environment: - # ALLOW_EMPTY_PASSWORD is recommended only for development. - - ALLOW_EMPTY_PASSWORD=yes - - MARIADB_USER=bn_drupal - - MARIADB_DATABASE=bitnami_drupal - volumes: - - 'mariadb_data:/bitnami/mariadb' - drupal: - image: docker.io/bitnami/drupal:10 - ports: - - '80:8080' - - '443:8443' - environment: - - DRUPAL_DATABASE_HOST=mariadb - - DRUPAL_DATABASE_PORT_NUMBER=3306 - - DRUPAL_DATABASE_USER=bn_drupal - - DRUPAL_DATABASE_NAME=bitnami_drupal - # ALLOW_EMPTY_PASSWORD is recommended only for development. - - ALLOW_EMPTY_PASSWORD=yes - volumes: - - 'drupal_data:/bitnami/drupal' - depends_on: - - mariadb -volumes: - mariadb_data: - driver: local - drupal_data: - driver: local diff --git a/bitnami/drupal/10/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/drupal/10/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 962f1cbe8692..000000000000 --- a/bitnami/drupal/10/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,38 +0,0 @@ -{ - "apache": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.4.58-7" - }, - "drupal": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "10.2.3-1" - }, - "libphp": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "8.2.16-0" - }, - "mysql-client": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "11.2.3-0" - }, - "php": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "8.2.16-0" - }, - "render-template": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.6-9" - } -} \ No newline at end of file diff --git a/bitnami/drupal/10/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/drupal/10/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/drupal/10/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/drupal/10/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/drupal/10/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/drupal/10/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/drupal/10/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/drupal/10/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/drupal/10/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/drupal/10/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/drupal/10/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/drupal/10/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/drupal/10/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/drupal/10/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/drupal/10/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/drupal/10/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/drupal/10/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/drupal/10/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/drupal/10/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/drupal/10/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/drupal/10/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/drupal/10/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/drupal/10/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/drupal/10/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/drupal/10/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/drupal/10/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/drupal/10/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/drupal/10/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/drupal/10/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/drupal/10/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/drupal/10/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/drupal/10/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/drupal/10/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/drupal/10/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/drupal/10/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/drupal/10/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/drupal/10/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/drupal/10/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/drupal/10/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/drupal/10/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/drupal/10/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/drupal/10/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/apache/conf/deflate.conf b/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/apache/conf/deflate.conf deleted file mode 100644 index ca9bc1d6e4b6..000000000000 --- a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/apache/conf/deflate.conf +++ /dev/null @@ -1,5 +0,0 @@ - - AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css - AddOutputFilterByType DEFLATE application/x-javascript application/javascript application/ecmascript - AddOutputFilterByType DEFLATE application/rss+xml - diff --git a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/apache/conf/vhosts/00_status-vhost.conf b/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/apache/conf/vhosts/00_status-vhost.conf deleted file mode 100644 index c0838da2a4e5..000000000000 --- a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/apache/conf/vhosts/00_status-vhost.conf +++ /dev/null @@ -1,7 +0,0 @@ - - ServerName status.localhost - - Require local - SetHandler server-status - - diff --git a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache-env.sh b/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache-env.sh deleted file mode 100644 index 449481062e54..000000000000 --- a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache-env.sh +++ /dev/null @@ -1,80 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for apache - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-apache}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -apache_env_vars=( - APACHE_HTTP_PORT_NUMBER - APACHE_HTTPS_PORT_NUMBER - APACHE_SERVER_TOKENS - APACHE_HTTP_PORT - APACHE_HTTPS_PORT -) -for env_var in "${apache_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset apache_env_vars -export WEB_SERVER_TYPE="apache" - -# Paths -export APACHE_BASE_DIR="${BITNAMI_ROOT_DIR}/apache" -export APACHE_BIN_DIR="${APACHE_BASE_DIR}/bin" -export APACHE_CONF_DIR="${APACHE_BASE_DIR}/conf" -export APACHE_HTDOCS_DIR="${APACHE_BASE_DIR}/htdocs" -export APACHE_TMP_DIR="${APACHE_BASE_DIR}/var/run" -export APACHE_LOGS_DIR="${APACHE_BASE_DIR}/logs" -export APACHE_VHOSTS_DIR="${APACHE_CONF_DIR}/vhosts" -export APACHE_HTACCESS_DIR="${APACHE_VHOSTS_DIR}/htaccess" -export APACHE_CONF_FILE="${APACHE_CONF_DIR}/httpd.conf" -export APACHE_PID_FILE="${APACHE_TMP_DIR}/httpd.pid" -export PATH="${APACHE_BIN_DIR}:${BITNAMI_ROOT_DIR}/common/bin:${PATH}" - -# System users (when running with a privileged user) -export APACHE_DAEMON_USER="daemon" -export WEB_SERVER_DAEMON_USER="$APACHE_DAEMON_USER" -export APACHE_DAEMON_GROUP="daemon" -export WEB_SERVER_DAEMON_GROUP="$APACHE_DAEMON_GROUP" -export WEB_SERVER_GROUP="$APACHE_DAEMON_GROUP" - -# Apache configuration -export APACHE_DEFAULT_HTTP_PORT_NUMBER="8080" -export WEB_SERVER_DEFAULT_HTTP_PORT_NUMBER="$APACHE_DEFAULT_HTTP_PORT_NUMBER" # only used at build time -export APACHE_DEFAULT_HTTPS_PORT_NUMBER="8443" -export WEB_SERVER_DEFAULT_HTTPS_PORT_NUMBER="$APACHE_DEFAULT_HTTPS_PORT_NUMBER" # only used at build time -APACHE_HTTP_PORT_NUMBER="${APACHE_HTTP_PORT_NUMBER:-"${APACHE_HTTP_PORT:-}"}" -export APACHE_HTTP_PORT_NUMBER="${APACHE_HTTP_PORT_NUMBER:-}" -export WEB_SERVER_HTTP_PORT_NUMBER="$APACHE_HTTP_PORT_NUMBER" -APACHE_HTTPS_PORT_NUMBER="${APACHE_HTTPS_PORT_NUMBER:-"${APACHE_HTTPS_PORT:-}"}" -export APACHE_HTTPS_PORT_NUMBER="${APACHE_HTTPS_PORT_NUMBER:-}" -export WEB_SERVER_HTTPS_PORT_NUMBER="$APACHE_HTTPS_PORT_NUMBER" -export APACHE_SERVER_TOKENS="${APACHE_SERVER_TOKENS:-Prod}" - -# Custom environment variables may be defined below diff --git a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache-modphp/postunpack.sh b/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache-modphp/postunpack.sh deleted file mode 100755 index a415969338cc..000000000000 --- a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache-modphp/postunpack.sh +++ /dev/null @@ -1,39 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libversion.sh -. /opt/bitnami/scripts/libapache.sh - -# Load Apache environment -. /opt/bitnami/scripts/apache-env.sh -. /opt/bitnami/scripts/php-env.sh - -# Enable required Apache modules -apache_enable_module "mpm_prefork_module" -php_version="$("${PHP_BIN_DIR}/php" -v | grep ^PHP | cut -d' ' -f2))" -php_major_version="$(get_sematic_version "$php_version" 1)" -if [[ "$php_major_version" -eq "8" ]]; then - apache_enable_module "php_module" "modules/libphp.so" -else - apache_enable_module "php${php_major_version}_module" "modules/libphp${php_major_version}.so" -fi - -# Disable incompatible Apache modules -apache_disable_module "mpm_event_module" - -# Write Apache configuration -apache_php_conf_file="${APACHE_CONF_DIR}/bitnami/php.conf" -cat > "$apache_php_conf_file" < - {{server_name_configuration}} - {{additional_http_configuration}} - {{additional_configuration}} - diff --git a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-https-vhost.conf.tpl b/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-https-vhost.conf.tpl deleted file mode 100644 index 589538513c9c..000000000000 --- a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-https-vhost.conf.tpl +++ /dev/null @@ -1,10 +0,0 @@ -{{https_listen_configuration}} -{{before_vhost_configuration}} - - {{server_name_configuration}} - SSLEngine on - SSLCertificateFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.crt" - SSLCertificateKeyFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.key" - {{additional_https_configuration}} - {{additional_configuration}} - diff --git a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-prefix.conf.tpl b/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-prefix.conf.tpl deleted file mode 100644 index c895e537502a..000000000000 --- a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-prefix.conf.tpl +++ /dev/null @@ -1 +0,0 @@ -{{additional_configuration}} diff --git a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-http-vhost.conf.tpl b/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-http-vhost.conf.tpl deleted file mode 100644 index 96be8f822771..000000000000 --- a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-http-vhost.conf.tpl +++ /dev/null @@ -1,15 +0,0 @@ -{{http_listen_configuration}} -{{before_vhost_configuration}} - - {{server_name_configuration}} - DocumentRoot {{document_root}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - {{extra_directory_configuration}} - - {{additional_http_configuration}} - {{additional_configuration}} - {{htaccess_include}} - diff --git a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-https-vhost.conf.tpl b/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-https-vhost.conf.tpl deleted file mode 100644 index 1ad938929726..000000000000 --- a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-https-vhost.conf.tpl +++ /dev/null @@ -1,18 +0,0 @@ -{{https_listen_configuration}} -{{before_vhost_configuration}} - - {{server_name_configuration}} - SSLEngine on - SSLCertificateFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.crt" - SSLCertificateKeyFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.key" - DocumentRoot {{document_root}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - {{extra_directory_configuration}} - - {{additional_https_configuration}} - {{additional_configuration}} - {{htaccess_include}} - diff --git a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-prefix.conf.tpl b/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-prefix.conf.tpl deleted file mode 100644 index fc0f6c218196..000000000000 --- a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-prefix.conf.tpl +++ /dev/null @@ -1,9 +0,0 @@ -{{prefix_conf}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - {{extra_directory_configuration}} - -{{additional_configuration}} -{{htaccess_include}} diff --git a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-http-vhost.conf.tpl b/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-http-vhost.conf.tpl deleted file mode 100644 index 9440b89d28bf..000000000000 --- a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-http-vhost.conf.tpl +++ /dev/null @@ -1,11 +0,0 @@ -{{http_listen_configuration}} -{{before_vhost_configuration}} - - {{server_name_configuration}} - {{proxy_configuration}} - {{proxy_http_configuration}} - ProxyPass / {{proxy_address}} - ProxyPassReverse / {{proxy_address}} - {{additional_http_configuration}} - {{additional_configuration}} - diff --git a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-https-vhost.conf.tpl b/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-https-vhost.conf.tpl deleted file mode 100644 index 577cd461eb9d..000000000000 --- a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-https-vhost.conf.tpl +++ /dev/null @@ -1,14 +0,0 @@ -{{https_listen_configuration}} -{{before_vhost_configuration}} - - {{server_name_configuration}} - SSLEngine on - SSLCertificateFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.crt" - SSLCertificateKeyFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.key" - {{proxy_configuration}} - {{proxy_https_configuration}} - ProxyPass / {{proxy_address}} - ProxyPassReverse / {{proxy_address}} - {{additional_https_configuration}} - {{additional_configuration}} - diff --git a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-prefix.conf.tpl b/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-prefix.conf.tpl deleted file mode 100644 index 7ac08b131680..000000000000 --- a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-prefix.conf.tpl +++ /dev/null @@ -1,11 +0,0 @@ -{{prefix_conf}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - {{proxy_configuration}} - ProxyPass / {{proxy_address}} - ProxyPassReverse / {{proxy_address}} - {{extra_directory_configuration}} - -{{additional_configuration}} diff --git a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-http-vhost.conf.tpl b/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-http-vhost.conf.tpl deleted file mode 100644 index f518c7d42aab..000000000000 --- a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-http-vhost.conf.tpl +++ /dev/null @@ -1,16 +0,0 @@ -{{http_listen_configuration}} -{{before_vhost_configuration}} -PassengerPreStart http://localhost:{{http_port}}/ - - {{server_name_configuration}} - DocumentRoot {{document_root}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - PassengerEnabled on - {{extra_directory_configuration}} - - {{additional_http_configuration}} - {{additional_configuration}} - diff --git a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-https-vhost.conf.tpl b/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-https-vhost.conf.tpl deleted file mode 100644 index 5aae54c37d3b..000000000000 --- a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-https-vhost.conf.tpl +++ /dev/null @@ -1,19 +0,0 @@ -{{https_listen_configuration}} -{{before_vhost_configuration}} -PassengerPreStart https://localhost:{{https_port}}/ - - {{server_name_configuration}} - SSLEngine on - SSLCertificateFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.crt" - SSLCertificateKeyFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.key" - DocumentRoot {{document_root}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - PassengerEnabled on - {{extra_directory_configuration}} - - {{additional_https_configuration}} - {{additional_configuration}} - diff --git a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-prefix.conf.tpl b/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-prefix.conf.tpl deleted file mode 100644 index 2242d656b5a8..000000000000 --- a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-prefix.conf.tpl +++ /dev/null @@ -1,9 +0,0 @@ -{{prefix_conf}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - PassengerEnabled on - {{extra_directory_configuration}} - -{{additional_configuration}} diff --git a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami-ssl.conf.tpl b/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami-ssl.conf.tpl deleted file mode 100644 index f1d31ed3ecc3..000000000000 --- a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami-ssl.conf.tpl +++ /dev/null @@ -1,29 +0,0 @@ -# Default SSL Virtual Host configuration. - - - LoadModule ssl_module modules/mod_ssl.so - - -Listen 443 -SSLProtocol all -SSLv2 -SSLv3 -SSLHonorCipherOrder on -SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !EDH !RC4" -SSLPassPhraseDialog builtin -SSLSessionCache "shmcb:{{APACHE_LOGS_DIR}}/ssl_scache(512000)" -SSLSessionCacheTimeout 300 - - - DocumentRoot "{{APACHE_BASE_DIR}}/htdocs" - SSLEngine on - SSLCertificateFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.crt" - SSLCertificateKeyFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.key" - - - Options Indexes FollowSymLinks - AllowOverride All - Require all granted - - - # Error Documents - ErrorDocument 503 /503.html - diff --git a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami.conf.tpl b/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami.conf.tpl deleted file mode 100644 index 75a255c3efee..000000000000 --- a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami.conf.tpl +++ /dev/null @@ -1,17 +0,0 @@ -# Default Virtual Host configuration. - -# Let Apache know we're behind a SSL reverse proxy -SetEnvIf X-Forwarded-Proto https HTTPS=on - - - DocumentRoot "{{APACHE_BASE_DIR}}/htdocs" - - Options Indexes FollowSymLinks - AllowOverride All - Require all granted - - - # Error Documents - ErrorDocument 503 /503.html - - diff --git a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/entrypoint.sh b/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/entrypoint.sh deleted file mode 100755 index dad82feba389..000000000000 --- a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/entrypoint.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -#set -o xtrace - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Apache environment -. /opt/bitnami/scripts/apache-env.sh - -print_welcome_page - -if [[ "$*" == *"/opt/bitnami/scripts/apache/run.sh"* ]]; then - info "** Starting Apache setup **" - /opt/bitnami/scripts/apache/setup.sh - info "** Apache setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/postunpack.sh b/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/postunpack.sh deleted file mode 100755 index 6a480ad4ddde..000000000000 --- a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/postunpack.sh +++ /dev/null @@ -1,127 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh - -######################## -# Sets up the default Bitnami configuration -# Globals: -# APACHE_* -# Arguments: -# None -# Returns: -# None -######################### -apache_setup_bitnami_config() { - local template_dir="${BITNAMI_ROOT_DIR}/scripts/apache/bitnami-templates" - - # Enable Apache modules - local -a modules_to_enable=( - "deflate_module" - "negotiation_module" - "proxy[^\s]*_module" - "rewrite_module" - "slotmem_shm_module" - "socache_shmcb_module" - "ssl_module" - "status_module" - "version_module" - ) - for module in "${modules_to_enable[@]}"; do - apache_enable_module "$module" - done - - # Disable Apache modules - local -a modules_to_disable=( - "http2_module" - "proxy_hcheck_module" - "proxy_html_module" - "proxy_http2_module" - ) - for module in "${modules_to_disable[@]}"; do - apache_disable_module "$module" - done - - # Bitnami customizations - ensure_dir_exists "${APACHE_CONF_DIR}/bitnami" - render-template "${template_dir}/bitnami.conf.tpl" > "${APACHE_CONF_DIR}/bitnami/bitnami.conf" - render-template "${template_dir}/bitnami-ssl.conf.tpl" > "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf" - - # Add new configuration only once, to avoid a second postunpack run breaking Apache - local apache_conf_add - apache_conf_add="$(cat <>"$APACHE_CONF_FILE" < - RequestHeader unset Proxy - -EOF - fi -} - -# Load Apache environment -. /opt/bitnami/scripts/apache-env.sh - -apache_setup_bitnami_config - -# Ensure non-root user has write permissions on a set of directories -for dir in "$APACHE_TMP_DIR" "$APACHE_CONF_DIR" "$APACHE_LOGS_DIR" "$APACHE_VHOSTS_DIR" "$APACHE_HTACCESS_DIR" "$APACHE_HTDOCS_DIR"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" -done - -# Create 'apache2' symlink pointing to the 'apache' directory, for compatibility with Bitnami Docs guides -ln -sf apache "${BITNAMI_ROOT_DIR}/apache2" - -ln -sf "/dev/stdout" "${APACHE_LOGS_DIR}/access_log" -ln -sf "/dev/stderr" "${APACHE_LOGS_DIR}/error_log" - -# This file is necessary for avoiding the error -# "unable to write random state" -# Source: https://stackoverflow.com/questions/94445/using-openssl-what-does-unable-to-write-random-state-mean - -touch /.rnd && chmod g+rw /.rnd diff --git a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/reload.sh b/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/reload.sh deleted file mode 100755 index 759c76157cc5..000000000000 --- a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/reload.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Apache environment -. /opt/bitnami/scripts/apache-env.sh - -info "** Reloading Apache configuration **" -exec "${APACHE_BIN_DIR}/apachectl" -k graceful diff --git a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/restart.sh b/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/restart.sh deleted file mode 100755 index a58851df0bab..000000000000 --- a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/restart.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh - -# Load Apache environment variables -. /opt/bitnami/scripts/apache-env.sh - -/opt/bitnami/scripts/apache/stop.sh -/opt/bitnami/scripts/apache/start.sh diff --git a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/run.sh b/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/run.sh deleted file mode 100755 index 01872e16a58a..000000000000 --- a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/run.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Apache environment -. /opt/bitnami/scripts/apache-env.sh - -info "** Starting Apache **" -exec "${APACHE_BIN_DIR}/httpd" -f "$APACHE_CONF_FILE" -D "FOREGROUND" diff --git a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/setup.sh b/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/setup.sh deleted file mode 100755 index ab451b6c1442..000000000000 --- a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/setup.sh +++ /dev/null @@ -1,91 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libapache.sh - -# Load Apache environment -. /opt/bitnami/scripts/apache-env.sh - -# Ensure Apache environment variables are valid -apache_validate - -# Ensure Apache daemon user exists when running as 'root' -am_i_root && ensure_user_exists "$APACHE_DAEMON_USER" --group "$APACHE_DAEMON_GROUP" - -# Generate SSL certs (without a passphrase) -ensure_dir_exists "${APACHE_CONF_DIR}/bitnami/certs" -if [[ ! -f "${APACHE_CONF_DIR}/bitnami/certs/server.crt" ]]; then - info "Generating sample certificates" - SSL_KEY_FILE="${APACHE_CONF_DIR}/bitnami/certs/server.key" - SSL_CERT_FILE="${APACHE_CONF_DIR}/bitnami/certs/server.crt" - SSL_CSR_FILE="${APACHE_CONF_DIR}/bitnami/certs/server.csr" - SSL_SUBJ="/CN=example.com" - SSL_EXT="subjectAltName=DNS:example.com,DNS:www.example.com,IP:127.0.0.1" - rm -f "$SSL_KEY_FILE" "$SSL_CERT_FILE" - openssl genrsa -out "$SSL_KEY_FILE" 4096 - # OpenSSL version 1.0.x does not use the same parameters as OpenSSL >= 1.1.x - if [[ "$(openssl version | grep -oE "[0-9]+\.[0-9]+")" == "1.0" ]]; then - openssl req -new -sha256 -out "$SSL_CSR_FILE" -key "$SSL_KEY_FILE" -nodes -subj "$SSL_SUBJ" - else - openssl req -new -sha256 -out "$SSL_CSR_FILE" -key "$SSL_KEY_FILE" -nodes -subj "$SSL_SUBJ" -addext "$SSL_EXT" - fi - openssl x509 -req -sha256 -in "$SSL_CSR_FILE" -signkey "$SSL_KEY_FILE" -out "$SSL_CERT_FILE" -days 1825 -extfile <(echo -n "$SSL_EXT") - rm -f "$SSL_CSR_FILE" -fi -# Load SSL configuration -if [[ -f "${APACHE_CONF_DIR}/bitnami/bitnami.conf" ]] && [[ -f "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf" ]]; then - ensure_apache_configuration_exists "Include \"${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf\"" "bitnami-ssl\.conf" "${APACHE_CONF_DIR}/bitnami/bitnami.conf" -fi - -# Copy vhosts files -if ! is_dir_empty "/vhosts"; then - info "Found mounted virtual hosts in '/vhosts'. Copying them to '${APACHE_BASE_DIR}/conf/vhosts'" - cp -Lr "/vhosts/." "${APACHE_VHOSTS_DIR}" -fi - -# Mount certificate files -if ! is_dir_empty "${APACHE_BASE_DIR}/certs"; then - warn "The directory '${APACHE_BASE_DIR}/certs' was externally mounted. This is a legacy configuration and will be deprecated soon. Please mount certificate files at '/certs' instead. Find an example at: https://github.com/bitnami/containers/tree/main/bitnami/apache#using-custom-ssl-certificates" - warn "Restoring certificates at '${APACHE_BASE_DIR}/certs' to '${APACHE_CONF_DIR}/bitnami/certs'" - rm -rf "${APACHE_CONF_DIR}/bitnami/certs" - ln -sf "${APACHE_BASE_DIR}/certs" "${APACHE_CONF_DIR}/bitnami/certs" -elif ! is_dir_empty "/certs"; then - info "Mounting certificates files from '/certs'" - rm -rf "${APACHE_CONF_DIR}/bitnami/certs" - ln -sf "/certs" "${APACHE_CONF_DIR}/bitnami/certs" -fi - -# Mount application files -if ! is_dir_empty "/app"; then - info "Mounting application files from '/app'" - rm -rf "$APACHE_HTDOCS_DIR" - ln -sf "/app" "$APACHE_HTDOCS_DIR" -fi - -# Restore persisted configuration files (deprecated) -if ! is_dir_empty "/bitnami/apache/conf"; then - warn "The directory '/bitnami/apache/conf' was externally mounted. This is a legacy configuration and will be deprecated soon. Please mount certificate files at '${APACHE_CONF_DIR}' instead. Find an example at: https://github.com/bitnami/containers/tree/main/bitnami/apache#full-configuration" - warn "Restoring configuration at '/bitnami/apache/conf' to '${APACHE_CONF_DIR}'" - rm -rf "$APACHE_CONF_DIR" - ln -sf "/bitnami/apache/conf" "$APACHE_CONF_DIR" -fi - -# Update ports in configuration -[[ -n "$APACHE_HTTP_PORT_NUMBER" ]] && info "Configuring the HTTP port" && apache_configure_http_port "$APACHE_HTTP_PORT_NUMBER" -[[ -n "$APACHE_HTTPS_PORT_NUMBER" ]] && info "Configuring the HTTPS port" && apache_configure_https_port "$APACHE_HTTPS_PORT_NUMBER" - -# Configure ServerTokens with user values -[[ -n "$APACHE_SERVER_TOKENS" ]] && info "Configuring Apache ServerTokens directive" && apache_configure_server_tokens "$APACHE_SERVER_TOKENS" - -# Fix logging issue when running as root -! am_i_root || chmod o+w "$(readlink /dev/stdout)" "$(readlink /dev/stderr)" diff --git a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/start.sh b/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/start.sh deleted file mode 100755 index 28425368c332..000000000000 --- a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/start.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Apache environment variables -. /opt/bitnami/scripts/apache-env.sh - -error_code=0 - -if is_apache_not_running; then - "${APACHE_BIN_DIR}/httpd" -f "$APACHE_CONF_FILE" - if ! retry_while "is_apache_running"; then - error "apache did not start" - error_code=1 - else - info "apache started" - fi -else - info "apache is already running" -fi - -exit "$error_code" diff --git a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/status.sh b/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/status.sh deleted file mode 100755 index 825fe8d37620..000000000000 --- a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/status.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Apache environment variables -. /opt/bitnami/scripts/apache-env.sh - -if is_apache_running; then - info "apache is already running" -else - info "apache is not running" -fi diff --git a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/stop.sh b/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/stop.sh deleted file mode 100755 index 8cca0a07ac64..000000000000 --- a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/apache/stop.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Apache environment variables -. /opt/bitnami/scripts/apache-env.sh - -error_code=0 - -if is_apache_running; then - BITNAMI_QUIET=1 apache_stop - if ! retry_while "is_apache_not_running"; then - error "apache could not be stopped" - error_code=1 - else - info "apache stopped" - fi -else - info "apache is not running" -fi - -exit "$error_code" diff --git a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/drupal-env.sh b/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/drupal-env.sh deleted file mode 100644 index d5ba3ac86026..000000000000 --- a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/drupal-env.sh +++ /dev/null @@ -1,120 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for drupal - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-drupal}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -drupal_env_vars=( - DRUPAL_DATA_TO_PERSIST - DRUPAL_PROFILE - DRUPAL_SITE_NAME - DRUPAL_SKIP_BOOTSTRAP - DRUPAL_ENABLE_MODULES - DRUPAL_CONFIG_SYNC_DIR - DRUPAL_HASH_SALT - DRUPAL_USERNAME - DRUPAL_PASSWORD - DRUPAL_EMAIL - DRUPAL_SMTP_HOST - DRUPAL_SMTP_PORT_NUMBER - DRUPAL_SMTP_USER - DRUPAL_SMTP_PASSWORD - DRUPAL_SMTP_PROTOCOL - DRUPAL_DATABASE_HOST - DRUPAL_DATABASE_PORT_NUMBER - DRUPAL_DATABASE_NAME - DRUPAL_DATABASE_USER - DRUPAL_DATABASE_PASSWORD - DRUPAL_DATABASE_TLS_CA_FILE - SMTP_HOST - SMTP_PORT - DRUPAL_SMTP_PORT - SMTP_USER - SMTP_PASSWORD - SMTP_PROTOCOL - MARIADB_HOST - MARIADB_PORT_NUMBER -) -for env_var in "${drupal_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset drupal_env_vars - -# Paths -export DRUPAL_BASE_DIR="${BITNAMI_ROOT_DIR}/drupal" -export DRUPAL_CONF_FILE="${DRUPAL_BASE_DIR}/sites/default/settings.php" -export DRUPAL_MODULES_DIR="${DRUPAL_BASE_DIR}/modules" - -# Drupal persistence configuration -export DRUPAL_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/drupal" -export DRUPAL_MOUNTED_CONF_FILE="${DRUPAL_VOLUME_DIR}/settings.php" -export DRUPAL_DATA_TO_PERSIST="${DRUPAL_DATA_TO_PERSIST:-sites/ themes/ modules/ profiles/}" - -# Drupal configuration -export DRUPAL_PROFILE="${DRUPAL_PROFILE:-standard}" # only used during the first initialization -export DRUPAL_SITE_NAME="${DRUPAL_SITE_NAME:-My blog}" # only used during the first initialization -export DRUPAL_SKIP_BOOTSTRAP="${DRUPAL_SKIP_BOOTSTRAP:-}" # only used during the first initialization -export DRUPAL_ENABLE_MODULES="${DRUPAL_ENABLE_MODULES:-}" # only used during the first initialization -export DRUPAL_CONFIG_SYNC_DIR="${DRUPAL_CONFIG_SYNC_DIR:-}" # only used during the first initialization -export DRUPAL_HASH_SALT="${DRUPAL_HASH_SALT:-}" # only used during the first initialization - -# Drupal credentials -export DRUPAL_USERNAME="${DRUPAL_USERNAME:-user}" # only used during the first initialization -export DRUPAL_PASSWORD="${DRUPAL_PASSWORD:-bitnami}" # only used during the first initialization -export DRUPAL_EMAIL="${DRUPAL_EMAIL:-user@example.com}" # only used during the first initialization - -# Drupal SMTP credentials -DRUPAL_SMTP_HOST="${DRUPAL_SMTP_HOST:-"${SMTP_HOST:-}"}" -export DRUPAL_SMTP_HOST="${DRUPAL_SMTP_HOST:-}" # only used during the first initialization -DRUPAL_SMTP_PORT_NUMBER="${DRUPAL_SMTP_PORT_NUMBER:-"${SMTP_PORT:-}"}" -DRUPAL_SMTP_PORT_NUMBER="${DRUPAL_SMTP_PORT_NUMBER:-"${DRUPAL_SMTP_PORT:-}"}" -export DRUPAL_SMTP_PORT_NUMBER="${DRUPAL_SMTP_PORT_NUMBER:-25}" # only used during the first initialization -DRUPAL_SMTP_USER="${DRUPAL_SMTP_USER:-"${SMTP_USER:-}"}" -export DRUPAL_SMTP_USER="${DRUPAL_SMTP_USER:-}" # only used during the first initialization -DRUPAL_SMTP_PASSWORD="${DRUPAL_SMTP_PASSWORD:-"${SMTP_PASSWORD:-}"}" -export DRUPAL_SMTP_PASSWORD="${DRUPAL_SMTP_PASSWORD:-}" # only used during the first initialization -DRUPAL_SMTP_PROTOCOL="${DRUPAL_SMTP_PROTOCOL:-"${SMTP_PROTOCOL:-}"}" -export DRUPAL_SMTP_PROTOCOL="${DRUPAL_SMTP_PROTOCOL:-standard}" # only used during the first initialization - -# Database configuration -export DRUPAL_DEFAULT_DATABASE_HOST="mariadb" # only used at build time -DRUPAL_DATABASE_HOST="${DRUPAL_DATABASE_HOST:-"${MARIADB_HOST:-}"}" -export DRUPAL_DATABASE_HOST="${DRUPAL_DATABASE_HOST:-$DRUPAL_DEFAULT_DATABASE_HOST}" # only used during the first initialization -DRUPAL_DATABASE_PORT_NUMBER="${DRUPAL_DATABASE_PORT_NUMBER:-"${MARIADB_PORT_NUMBER:-}"}" -export DRUPAL_DATABASE_PORT_NUMBER="${DRUPAL_DATABASE_PORT_NUMBER:-3306}" # only used during the first initialization -export DRUPAL_DATABASE_NAME="${DRUPAL_DATABASE_NAME:-bitnami_drupal}" # only used during the first initialization -export DRUPAL_DATABASE_USER="${DRUPAL_DATABASE_USER:-bn_drupal}" # only used during the first initialization -export DRUPAL_DATABASE_PASSWORD="${DRUPAL_DATABASE_PASSWORD:-}" # only used during the first initialization -export DRUPAL_DATABASE_TLS_CA_FILE="${DRUPAL_DATABASE_TLS_CA_FILE:-}" # only used during the first initialization - -# PHP configuration -export PHP_DEFAULT_MEMORY_LIMIT="256M" # only used at build time - -# Custom environment variables may be defined below diff --git a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/drupal/entrypoint.sh b/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/drupal/entrypoint.sh deleted file mode 100755 index 80eacb9f40d4..000000000000 --- a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/drupal/entrypoint.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load Drupal environment -. /opt/bitnami/scripts/drupal-env.sh - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libwebserver.sh - -print_welcome_page - -if [[ "$1" = "/opt/bitnami/scripts/$(web_server_type)/run.sh" ]]; then - info "** Starting Drupal setup **" - /opt/bitnami/scripts/"$(web_server_type)"/setup.sh - /opt/bitnami/scripts/php/setup.sh - /opt/bitnami/scripts/mysql-client/setup.sh - /opt/bitnami/scripts/drupal/setup.sh - /post-init.sh - info "** Drupal setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/drupal/postunpack.sh b/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/drupal/postunpack.sh deleted file mode 100755 index d27387a63c26..000000000000 --- a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/drupal/postunpack.sh +++ /dev/null @@ -1,64 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load Drupal environment -. /opt/bitnami/scripts/drupal-env.sh - -# Load PHP environment for 'php_conf_set' (after 'drupal-env.sh' so that MODULE is not set to a wrong value) -. /opt/bitnami/scripts/php-env.sh - -# Load libraries -. /opt/bitnami/scripts/libdrupal.sh -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libphp.sh -. /opt/bitnami/scripts/libwebserver.sh - -# Load web server environment and functions (after Drupal environment file so MODULE is not set to a wrong value) -. "/opt/bitnami/scripts/$(web_server_type)-env.sh" - -# Enable Drupal configuration file -[[ ! -f "$DRUPAL_CONF_FILE" ]] && cp "${DRUPAL_BASE_DIR}/sites/default/default.settings.php" "$DRUPAL_CONF_FILE" - -# Create .htaccess file to avoid warning in Drupal administration panel -drupal_fix_htaccess_warning_protection - -# Ensure the Drupal base directory exists and has proper permissions -info "Configuring file permissions for Drupal" -for dir in "$DRUPAL_BASE_DIR" "${DRUPAL_BASE_DIR}/sites/default/files" "$DRUPAL_VOLUME_DIR" "${HOME}/.drush"; do - ensure_dir_exists "$dir" - configure_permissions_ownership "$dir" -d "775" -f "664" -done -for dir in "${DRUPAL_BASE_DIR}/themes" "${DRUPAL_BASE_DIR}/modules" "${DRUPAL_BASE_DIR}/sites/default/files"; do - ensure_dir_exists "$dir" - configure_permissions_ownership "$dir" -u "$WEB_SERVER_DAEMON_USER" -g "root" -done -chown "$WEB_SERVER_DAEMON_USER" "${DRUPAL_BASE_DIR}/sites/default" -chown "$WEB_SERVER_DAEMON_USER" "$DRUPAL_CONF_FILE" -for script in "${DRUPAL_BASE_DIR}/vendor/bin/drush" "${DRUPAL_BASE_DIR}/vendor/drush/drush/drush" "${DRUPAL_BASE_DIR}/vendor/drush/drush/drush.launcher" "${DRUPAL_BASE_DIR}/vendor/bin/drush.launcher"; do - [[ -f "$script" ]] && chmod +x "$script" -done - -# Configure Drupal based on build-time defaults -drupal_conf_set "\$settings['trusted_host_patterns']" "array('^.*$')" yes - -# Configure required PHP options for application to work properly, based on build-time defaults -info "Configuring default PHP options for Drupal" -php_conf_set memory_limit "$PHP_DEFAULT_MEMORY_LIMIT" - -# Enable default web server configuration for Drupal -info "Creating default web server configuration for Drupal" -web_server_validate -ensure_web_server_app_configuration_exists "drupal" --type php - -# Re-create .htaccess file after being moved into 'apache/conf/vhosts/htaccess' directory, to avoid Drupal warning -drupal_fix_htaccess_warning_protection diff --git a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/drupal/setup.sh b/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/drupal/setup.sh deleted file mode 100755 index 270c64aaafc8..000000000000 --- a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/drupal/setup.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load Drupal environment -. /opt/bitnami/scripts/drupal-env.sh - -# Load MySQL Client environment for 'mysql_remote_execute' (after 'drupal-env.sh' so that MODULE is not set to a wrong value) -if [[ -f /opt/bitnami/scripts/mysql-client-env.sh ]]; then - . /opt/bitnami/scripts/mysql-client-env.sh -elif [[ -f /opt/bitnami/scripts/mysql-env.sh ]]; then - . /opt/bitnami/scripts/mysql-env.sh -elif [[ -f /opt/bitnami/scripts/mariadb-env.sh ]]; then - . /opt/bitnami/scripts/mariadb-env.sh -fi - -# Load libraries -. /opt/bitnami/scripts/libdrupal.sh -. /opt/bitnami/scripts/libwebserver.sh - -# Load web server environment and functions (after Drupal environment file so MODULE is not set to a wrong value) -. "/opt/bitnami/scripts/$(web_server_type)-env.sh" - -# Ensure Drupal environment variables are valid -drupal_validate - -# Update web server configuration with runtime environment (needs to happen before the initialization) -web_server_update_app_configuration "drupal" - -# Ensure Drupal is initialized -drupal_initialize diff --git a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/libapache.sh b/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/libapache.sh deleted file mode 100644 index c83892a10c5f..000000000000 --- a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/libapache.sh +++ /dev/null @@ -1,808 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Apache library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libservice.sh - -######################## -# Validate settings in APACHE_* env vars -# Globals: -# APACHE_* -# Arguments: -# None -# Returns: -# None -######################### -apache_validate() { - debug "Validating settings in APACHE_* environment variables" - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - check_allowed_port() { - local port_var="${1:?missing port variable}" - local -a validate_port_args=() - ! am_i_root && validate_port_args+=("-unprivileged") - validate_port_args+=("${!port_var}") - if ! err=$(validate_port "${validate_port_args[@]}"); then - print_validation_error "An invalid port was specified in the environment variable ${port_var}: ${err}." - fi - } - - [[ -w "$APACHE_CONF_FILE" ]] || warn "The Apache configuration file '${APACHE_CONF_FILE}' is not writable. Configurations based on environment variables will not be applied." - - if [[ -n "$APACHE_HTTP_PORT_NUMBER" ]] && [[ -n "$APACHE_HTTPS_PORT_NUMBER" ]]; then - if [[ "$APACHE_HTTP_PORT_NUMBER" -eq "$APACHE_HTTPS_PORT_NUMBER" ]]; then - print_validation_error "APACHE_HTTP_PORT_NUMBER and APACHE_HTTPS_PORT_NUMBER are bound to the same port!" - fi - fi - - [[ -n "$APACHE_HTTP_PORT_NUMBER" ]] && check_allowed_port APACHE_HTTP_PORT_NUMBER - [[ -n "$APACHE_HTTPS_PORT_NUMBER" ]] && check_allowed_port APACHE_HTTPS_PORT_NUMBER - - [[ "$error_code" -eq 0 ]] || exit "$error_code" -} - -######################## -# Configure Apache's HTTP port -# Globals: -# APACHE_CONF_FILE, APACHE_CONF_DIR -# Arguments: -# None -# Returns: -# None -######################### -apache_configure_http_port() { - local -r port=${1:?missing port} - local -r listen_exp="s|^\s*Listen\s+([^:]*:)?[0-9]+\s*$|Listen ${port}|" - local -r server_name_exp="s|^\s*#?\s*ServerName\s+([^:\s]+)(:[0-9]+)?$|ServerName \1:${port}|" - local -r vhost_exp="s|VirtualHost\s+([^:>]+)(:[0-9]+)|VirtualHost \1:${port}|" - local apache_configuration - - if [[ -w "$APACHE_CONF_FILE" ]]; then - debug "Configuring port ${port} on file ${APACHE_CONF_FILE}" - apache_configuration="$(sed -E -e "$listen_exp" -e "$server_name_exp" "$APACHE_CONF_FILE")" - echo "$apache_configuration" > "$APACHE_CONF_FILE" - fi - - if [[ -w "${APACHE_CONF_DIR}/bitnami/bitnami.conf" ]]; then - debug "Configuring port ${port} on file ${APACHE_CONF_DIR}/bitnami/bitnami.conf" - apache_configuration="$(sed -E "$vhost_exp" "${APACHE_CONF_DIR}/bitnami/bitnami.conf")" - echo "$apache_configuration" > "${APACHE_CONF_DIR}/bitnami/bitnami.conf" - fi - - if [[ -w "${APACHE_VHOSTS_DIR}/00_status-vhost.conf" ]]; then - debug "Configuring port ${port} on file ${APACHE_VHOSTS_DIR}/00_status-vhost.conf" - apache_configuration="$(sed -E "$vhost_exp" "${APACHE_VHOSTS_DIR}/00_status-vhost.conf")" - echo "$apache_configuration" > "${APACHE_VHOSTS_DIR}/00_status-vhost.conf" - fi -} - -######################## -# Configure Apache's HTTPS port -# Globals: -# APACHE_CONF_DIR -# Arguments: -# None -# Returns: -# None -######################### -apache_configure_https_port() { - local -r port=${1:?missing port} - local -r listen_exp="s|^\s*Listen\s+([^:]*:)?[0-9]+\s*$|Listen ${port}|" - local -r vhost_exp="s|VirtualHost\s+([^:>]+)(:[0-9]+)|VirtualHost \1:${port}|" - local apache_configuration - - if [[ -w "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf" ]]; then - debug "Configuring port ${port} on file ${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf" - apache_configuration="$(sed -E -e "$listen_exp" -e "$vhost_exp" "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf")" - echo "$apache_configuration" > "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf" - fi -} - -######################## -# Configure Apache's ServerTokens directive -# Globals: -# APACHE_CONF_DIR -# Arguments: -# $1 - Value for ServerTokens directive -# Returns: -# None -######################### -apache_configure_server_tokens() { - local -r value=${1:?missing value} - local -r server_tokens_exp="s|^\s*ServerTokens\s+\w+\s*$|ServerTokens ${value}|" - local apache_configuration - - if [[ -w "$APACHE_CONF_FILE" ]]; then - debug "Configuring ServerTokens ${value} on file ${APACHE_CONF_FILE}" - apache_configuration="$(sed -E -e "$server_tokens_exp" "$APACHE_CONF_FILE")" - echo "$apache_configuration" > "$APACHE_CONF_FILE" - fi -} - -######################## -# Enable a module in the Apache configuration file -# Globals: -# APACHE_CONF_FILE -# Arguments: -# $1 - Module to enable -# $2 - Path to module .so file (optional if already defined in httpd.conf) -# Returns: -# None -######################### -apache_enable_module() { - local -r name="${1:?missing name}" - local -r file="${2:-}" - local -r regex="[#\s]*(LoadModule\s+${name}\s+.*)$" - local apache_configuration - - if [[ -w "$APACHE_CONF_FILE" ]]; then - debug "Enabling module '${name}'" - if grep -q -E "$regex" "$APACHE_CONF_FILE"; then - # Uncomment line if the module was already defined - replace_in_file "$APACHE_CONF_FILE" "$regex" "\1" - elif [[ -n "$file" ]]; then - # Add right after the last LoadModule, so all Apache modules are organized in the same section of the file - append_file_after_last_match "$APACHE_CONF_FILE" "^[#\s]*LoadModule" "LoadModule ${name} ${file}" - else - error "Module ${name} was not defined in ${APACHE_CONF_FILE}. Please specify the 'file' parameter for 'apache_enable_module'." - fi - fi -} - -######################## -# Disable a module in the Apache configuration file -# Globals: -# APACHE_CONF_FILE -# Arguments: -# $1 - Module to disable -# Returns: -# None -######################### -apache_disable_module() { - local -r name="${1:?missing name}" - local -r file="${2:-}" - local -r regex="[#\s]*(LoadModule\s+${name}\s+.*)$" - local apache_configuration - - if [[ -w "$APACHE_CONF_FILE" ]]; then - debug "Disabling module '${name}'" - replace_in_file "$APACHE_CONF_FILE" "$regex" "#\1" - fi -} - -######################## -# Stop Apache -# Globals: -# APACHE_* -# Arguments: -# None -# Returns: -# None -######################### -apache_stop() { - is_apache_not_running && return - stop_service_using_pid "$APACHE_PID_FILE" -} - -######################## -# Check if Apache is running -# Globals: -# APACHE_PID_FILE -# Arguments: -# None -# Returns: -# Whether Apache is running -######################## -is_apache_running() { - local pid - pid="$(get_pid_from_file "$APACHE_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if Apache is running -# Globals: -# APACHE_PID_FILE -# Arguments: -# None -# Returns: -# Whether Apache is not running -######################## -is_apache_not_running() { - ! is_apache_running -} - -######################## -# Ensure configuration gets added to the main Apache configuration file -# Globals: -# APACHE_* -# Arguments: -# $1 - configuration string -# $2 - pattern to use for checking if the configuration already exists (default: $1) -# $3 - Apache configuration file (default: $APACHE_CONF_FILE) -# Returns: -# None -######################## -ensure_apache_configuration_exists() { - local -r conf="${1:?conf missing}" - local -r pattern="${2:-"$conf"}" - local -r conf_file="${3:-"$APACHE_CONF_FILE"}" - # Enable configuration by appending to httpd.conf - if ! grep -E -q "$pattern" "$conf_file"; then - if is_file_writable "$conf_file"; then - cat >> "$conf_file" <<< "$conf" - else - error "Could not add the following configuration to '${conf_file}:" - error "" - error "$(indent "$conf" 4)" - error "" - error "Include the configuration manually and try again." - return 1 - fi - fi -} - -######################## -# Collect all the .htaccess files from /opt/bitnami/$name and write the result in the 'htaccess' directory -# Globals: -# APACHE_* -# Arguments: -# $1 - App name -# $2 - Overwrite the original .htaccess with the explanation text (defaults to 'yes') -# Flags: -# --document-root - Path to document root directory -# Returns: -# None -######################## -apache_replace_htaccess_files() { - local -r app="${1:?missing app}" - local -r result_file="${APACHE_HTACCESS_DIR}/${app}-htaccess.conf" - # Default options - local document_root="${BITNAMI_ROOT_DIR}/${app}" - local overwrite="yes" - local -a htaccess_files - local htaccess_dir - local htaccess_contents - # Validate arguments - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --document-root) - shift - document_root="$1" - ;; - --overwrite) - shift - overwrite="$1" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - if is_file_writable "$result_file"; then - # Locate all .htaccess files inside the document root - read -r -a htaccess_files <<< "$(find "$document_root" -name .htaccess -print0 | xargs -0)" - [[ "${#htaccess_files[@]}" = 0 ]] && return - # Create file with root group write privileges, so it can be modified in non-root containers - [[ ! -f "$result_file" ]] && touch "$result_file" && chmod g+rw "$result_file" - for htaccess_file in "${htaccess_files[@]}"; do - htaccess_dir="$(dirname "$htaccess_file")" - htaccess_contents="$(indent "$(< "$htaccess_file")" 2)" - # Skip if it was already included to the resulting htaccess file - if grep -q "^" <<< "$htaccess_contents"; then - continue - fi - # Add to the htaccess file - cat >> "$result_file" < -${htaccess_contents} - -EOF - # Overwrite the original .htaccess with the explanation text - if is_boolean_yes "$overwrite"; then - echo "# This configuration has been moved to the ${result_file} config file for performance and security reasons" > "$htaccess_file" - fi - done - elif [[ ! -f "$result_file" ]]; then - error "Could not create htaccess for ${app} at '${result_file}'. Check permissions and ownership for parent directories." - return 1 - else - warn "The ${app} htaccess file '${result_file}' is not writable. Configurations based on environment variables will not be applied for this file." - return - fi -} - -######################## -# Ensure an Apache application configuration exists (in virtual host format) -# Globals: -# APACHE_* -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on what configuration template will be used, allowed values: php, (empty) -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases (defaults to '*') -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render the app's virtual hosts with a .disabled prefix -# --disable-http - Whether to render the app's HTTP virtual host with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS virtual host with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# --additional-configuration - Additional vhost configuration (no default) -# --additional-http-configuration - Additional HTTP vhost configuration (no default) -# --additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --before-vhost-configuration - Configuration to add before the directive (no default) -# --allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --document-root - Path to document root directory -# --extra-directory-configuration - Extra configuration for the document root directory -# --proxy-address - Address where to proxy requests -# --proxy-configuration - Extra configuration for the proxy -# --proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_apache_app_configuration_exists() { - local -r app="${1:?missing app}" - # Default options - local type="" - local -a hosts=("127.0.0.1" "_default_") - local server_name="www.example.com" # Default ServerName in httpd.conf - local -a server_aliases=("*") - local allow_remote_connections="yes" - local disable="no" - local disable_http="no" - local disable_https="no" - local move_htaccess="yes" - # Template variables defaults - export additional_configuration="" - export additional_http_configuration="" - export additional_https_configuration="" - export before_vhost_configuration="" - export allow_override="All" - export document_root="${BITNAMI_ROOT_DIR}/${app}" - export extra_directory_configuration="" - export default_http_port="${APACHE_HTTP_PORT_NUMBER:-"$APACHE_DEFAULT_HTTP_PORT_NUMBER"}" - export default_https_port="${APACHE_HTTPS_PORT_NUMBER:-"$APACHE_DEFAULT_HTTPS_PORT_NUMBER"}" - export http_port="$default_http_port" - export https_port="$default_https_port" - export proxy_address="" - export proxy_configuration="" - export proxy_http_configuration="" - export proxy_https_configuration="" - # Validate arguments - local var_name - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --hosts \ - | --server-aliases) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - read -r -a "${var_name?}" <<< "$1" - ;; - --disable \ - | --disable-http \ - | --disable-https \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - export "${var_name}=yes" - ;; - --type \ - | --server-name \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --move-htaccess \ - | --additional-configuration \ - | --additional-http-configuration \ - | --additional-https-configuration \ - | --before-vhost-configuration \ - | --allow-override \ - | --document-root \ - | --extra-directory-configuration \ - | --proxy-address \ - | --proxy-configuration \ - | --proxy-http-configuration \ - | --proxy-https-configuration \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - export "${var_name}=${1}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Construct listen ports configuration (only to add when using non-standard ports) - export http_listen_configuration="" - export https_listen_configuration="" - [[ "$http_port" != "$default_http_port" ]] && http_listen_configuration="Listen ${http_port}" - [[ "$https_port" != "$default_https_port" ]] && https_listen_configuration="Listen ${https_port}" - # Construct host string in the format of "host1:port1[ host2:port2[ ...]]" - export http_listen_addresses="" - export https_listen_addresses="" - for host in "${hosts[@]}"; do - http_listen="${host}:${http_port}" - https_listen="${host}:${https_port}" - [[ -z "${http_listen_addresses:-}" ]] && http_listen_addresses="$http_listen" || http_listen_addresses="${http_listen_addresses} ${http_listen}" - [[ -z "${https_listen_addresses:-}" ]] && https_listen_addresses="$https_listen" || https_listen_addresses="${https_listen_addresses} ${https_listen}" - done - # Construct ServerName/ServerAlias block - export server_name_configuration="" - if ! is_empty_value "${server_name:-}"; then - server_name_configuration="ServerName ${server_name}" - fi - if [[ "${#server_aliases[@]}" -gt 0 ]]; then - server_name_configuration+=$'\n'"ServerAlias ${server_aliases[*]}" - fi - # App .htaccess support (only when type is not defined) - export htaccess_include - [[ -z "$type" || "$type" = "php" ]] && is_boolean_yes "$move_htaccess" && apache_replace_htaccess_files "$app" --document-root "$document_root" - if [[ -z "$type" || "$type" = "php" ]] && [[ -f "${APACHE_HTACCESS_DIR}/${app}-htaccess.conf" ]]; then - allow_override="None" - htaccess_include="Include \"${APACHE_HTACCESS_DIR}/${app}-htaccess.conf\"" - else - # allow_override is already set to the expected value - htaccess_include="" - fi - # ACL configuration - export acl_configuration - if is_boolean_yes "$allow_remote_connections"; then - acl_configuration="Require all granted" - else - acl_configuration="$(cat < "$http_vhost" - elif [[ ! -f "$http_vhost" ]]; then - error "Could not create virtual host for ${app} at '${http_vhost}'. Check permissions and ownership for parent directories." - return 1 - else - warn "The ${app} virtual host file '${http_vhost}' is not writable. Configurations based on environment variables will not be applied for this file." - fi - if is_file_writable "$https_vhost"; then - # Create file with root group write privileges, so it can be modified in non-root containers - [[ ! -f "$https_vhost" ]] && touch "$https_vhost" && chmod g+rw "$https_vhost" - render-template "${template_dir}/${template_name}-https-vhost.conf.tpl" | sed '/^\s*$/d' > "$https_vhost" - elif [[ ! -f "$https_vhost" ]]; then - error "Could not create virtual host for ${app} at '${https_vhost}'. Check permissions and ownership for parent directories." - return 1 - else - warn "The ${app} virtual host file '${https_vhost}' is not writable. Configurations based on environment variables will not be applied for this file." - fi -} - -######################## -# Ensure an Apache application configuration does not exist anymore (in virtual hosts format) -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_apache_app_configuration_not_exists() { - local -r app="${1:?missing app}" - local -r http_vhost="${APACHE_VHOSTS_DIR}/${app}-vhost.conf" - local -r https_vhost="${APACHE_VHOSTS_DIR}/${app}-https-vhost.conf" - local -r disable_suffix=".disabled" - # Note that 'rm -f' will not fail if the files don't exist - # However if we lack permissions to remove the file, it will result in a non-zero exit code, as expected by this function - rm -f "$http_vhost" "$https_vhost" "${http_vhost}${disable_suffix}" "${https_vhost}${disable_suffix}" -} - -######################## -# Ensure Apache loads the configuration for an application in a URL prefix -# Globals: -# APACHE_* -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on what configuration template will be used, allowed values: php, (empty) -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --additional-configuration - Additional vhost configuration (no default) -# --allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --document-root - Path to document root directory -# --extra-directory-configuration - Extra configuration for the document root directory -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_apache_prefix_configuration_exists() { - local -r app="${1:?missing app}" - # Default options - local type="" - local allow_remote_connections="yes" - local move_htaccess="yes" - local prefix="/${app}" - # Template variables defaults - export additional_configuration="" - export allow_override="All" - export document_root="${BITNAMI_ROOT_DIR}/${app}" - export extra_directory_configuration="" - # Validate arguments - local var_name - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --type \ - | --allow-remote-connections \ - | --move-htaccess \ - | --prefix \ - | --additional-configuration \ - | --allow-override \ - | --document-root \ - | --extra-directory-configuration \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "${var_name}=${1}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # App .htaccess support (only when type is not defined) - export htaccess_include - [[ -z "$type" || "$type" = "php" ]] && is_boolean_yes "$move_htaccess" && apache_replace_htaccess_files "$app" --document-root "$document_root" - if [[ -z "$type" || "$type" = "php" ]] && [[ -f "${APACHE_HTACCESS_DIR}/${app}-htaccess.conf" ]]; then - allow_override="None" - htaccess_include="Include \"${APACHE_HTACCESS_DIR}/${app}-htaccess.conf\"" - else - # allow_override is already set to the expected value - htaccess_include="" - fi - # ACL configuration - export acl_configuration - if is_boolean_yes "$allow_remote_connections"; then - acl_configuration="Require all granted" - else - acl_configuration="$(cat < "$prefix_file" - ensure_apache_configuration_exists "Include \"$prefix_file\"" - elif [[ ! -f "$prefix_file" ]]; then - error "Could not create web server configuration file for ${app} at '${prefix_file}'. Check permissions and ownership for parent directories." - return 1 - else - warn "The ${app} web server configuration file '${prefix_file}' is not writable. Configurations based on environment variables will not be applied for this file." - fi -} - -######################## -# Ensure Apache application configuration is updated with the runtime configuration (i.e. ports) -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -apache_update_app_configuration() { - local -r app="${1:?missing app}" - # Default options - local -a hosts=("127.0.0.1" "_default_") - local server_name="www.example.com" # Default ServerName in httpd.conf - local -a server_aliases=() - local enable_http="no" - local enable_https="no" - local disable_http="no" - local disable_https="no" - export default_http_port="${APACHE_HTTP_PORT_NUMBER:-"$APACHE_DEFAULT_HTTP_PORT_NUMBER"}" - export default_https_port="${APACHE_HTTPS_PORT_NUMBER:-"$APACHE_DEFAULT_HTTPS_PORT_NUMBER"}" - export http_port="$default_http_port" - export https_port="$default_https_port" - local var_name - # Validate arguments - local var_name - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --hosts \ - | --server-aliases) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - read -r -a "${var_name?}" <<< "$1" - ;; - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - declare "${var_name}=yes" - ;; - --server-name \ - | --http-port \ - | --https-port \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "${var_name}=${1}" - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Construct host string in the format of "host1:port1[ host2:port2[ ...]]" - export http_listen_addresses="" - export https_listen_addresses="" - for host in "${hosts[@]}"; do - http_listen="${host}:${http_port}" - https_listen="${host}:${https_port}" - [[ -z "${http_listen_addresses:-}" ]] && http_listen_addresses="$http_listen" || http_listen_addresses="${http_listen_addresses} ${http_listen}" - [[ -z "${https_listen_addresses:-}" ]] && https_listen_addresses="$https_listen" || https_listen_addresses="${https_listen_addresses} ${https_listen}" - done - # Update configuration - local -r http_vhost="${APACHE_VHOSTS_DIR}/${app}-vhost.conf" - local -r https_vhost="${APACHE_VHOSTS_DIR}/${app}-https-vhost.conf" - local -r disable_suffix=".disabled" - # Helper function to avoid duplicating code - update_common_vhost_config() { - local -r vhost_file="${1:?missing virtual host}" - # Update ServerName - if ! is_empty_value "${server_name:-}"; then - replace_in_file "$vhost_file" "^(\s*ServerName\s+).*" "\1${server_name}" - fi - # Update ServerAlias - if [[ "${#server_aliases[@]}" -gt 0 ]]; then - replace_in_file "$vhost_file" "^(\s*ServerAlias\s+).*" "\1${server_aliases[*]}" - fi - } - # Disable and enable configuration files - rename_conf_file() { - local -r origin="$1" - local -r destination="$2" - if is_file_writable "$origin" && is_file_writable "$destination"; then - warn "Could not rename virtual host file '${origin}' to '${destination}' due to lack of permissions." - else - mv "$origin" "$destination" - fi - } - is_boolean_yes "$disable_http" && [[ -e "$http_vhost" ]] && rename_conf_file "${http_vhost}${disable_suffix}" "$http_vhost" - is_boolean_yes "$disable_https" && [[ -e "$https_vhost" ]] && rename_conf_file "${https_vhost}${disable_suffix}" "$https_vhost" - is_boolean_yes "$enable_http" && [[ -e "${http_vhost}${disable_suffix}" ]] && rename_conf_file "${http_vhost}${disable_suffix}" "$http_vhost" - is_boolean_yes "$enable_https" && [[ -e "${https_vhost}${disable_suffix}" ]] && rename_conf_file "${https_vhost}${disable_suffix}" "$https_vhost" - # Update only configuration files without the '.disabled' suffix - if [[ -e "$http_vhost" ]]; then - if is_file_writable "$http_vhost"; then - update_common_vhost_config "$http_vhost" - # Update vhost-specific config (listen port and addresses) - replace_in_file "$http_vhost" "^Listen .*" "Listen ${http_port}" - replace_in_file "$http_vhost" "^$" "" - else - warn "The ${app} virtual host file '${http_vhost}' is not writable. Configurations based on environment variables will not be applied for this file." - fi - fi - if [[ -e "$https_vhost" ]]; then - if is_file_writable "$https_vhost"; then - update_common_vhost_config "$https_vhost" - # Update vhost-specific config (listen port and addresses) - replace_in_file "$https_vhost" "^Listen .*" "Listen ${https_port}" - replace_in_file "$https_vhost" "^$" "" - else - warn "The ${app} virtual host file '${https_vhost}' is not writable. Configurations based on environment variables will not be applied for this file." - fi - fi -} - -######################## -# Create a password file for basic authentication and restrict its permissions -# Globals: -# * -# Arguments: -# $1 - file -# $2 - username -# $3 - password -# Returns: -# true if the configuration was updated, false otherwise -######################## -apache_create_password_file() { - local -r file="${1:?missing file}" - local -r username="${2:?missing username}" - local -r password="${3:?missing password}" - - "${APACHE_BIN_DIR}/htpasswd" -bc "$file" "$username" "$password" - am_i_root && configure_permissions_ownership "$file" --file-mode "600" --user "$APACHE_DAEMON_USER" --group "$APACHE_DAEMON_GROUP" -} diff --git a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/libdrupal.sh b/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/libdrupal.sh deleted file mode 100644 index 2ee0d89de4ed..000000000000 --- a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/libdrupal.sh +++ /dev/null @@ -1,543 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Drupal library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libphp.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libversion.sh -. /opt/bitnami/scripts/libpersistence.sh -. /opt/bitnami/scripts/libwebserver.sh - -# Load database library -if [[ -f /opt/bitnami/scripts/libmysqlclient.sh ]]; then - . /opt/bitnami/scripts/libmysqlclient.sh -elif [[ -f /opt/bitnami/scripts/libmysql.sh ]]; then - . /opt/bitnami/scripts/libmysql.sh -elif [[ -f /opt/bitnami/scripts/libmariadb.sh ]]; then - . /opt/bitnami/scripts/libmariadb.sh -fi - -######################## -# Validate settings in DRUPAL_* env vars -# Globals: -# DRUPAL_* -# Arguments: -# None -# Returns: -# 0 if the validation succeeded, 1 otherwise -######################### -drupal_validate() { - debug "Validating settings in DRUPAL_* environment variables..." - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - check_multi_value() { - if [[ " ${2} " != *" ${!1} "* ]]; then - print_validation_error "The allowed values for ${1} are: ${2}" - fi - } - - check_yes_no_value() { - if ! is_yes_no_value "${!1}" && ! is_true_false_value "${!1}"; then - print_validation_error "The allowed values for ${1} are: yes no" - fi - } - - check_resolved_hostname() { - if ! is_hostname_resolved "$1"; then - warn "Hostname $1 could not be resolved. This could lead to connection issues" - fi - } - - check_mounted_file() { - if [[ -n "${!1:-}" ]] && ! [[ -f "${!1:-}" ]]; then - print_validation_error "The variable ${1} is defined but the file ${!1} is not accessible or does not exist" - fi - } - check_valid_port() { - local port_var="${1:?missing port variable}" - local err - if ! err="$(validate_port "${!port_var}")"; then - print_validation_error "An invalid port was specified in the environment variable ${port_var}: ${err}." - fi - } - - # Warn users in case the configuration file is not writable - is_file_writable "$DRUPAL_CONF_FILE" || warn "The Drupal configuration file '${DRUPAL_CONF_FILE}' is not writable. Configurations based on environment variables will not be applied for this file." - - # Validate user inputs - ! is_empty_value "$DRUPAL_SKIP_BOOTSTRAP" && check_yes_no_value "DRUPAL_SKIP_BOOTSTRAP" - ! is_empty_value "$DRUPAL_DATABASE_PORT_NUMBER" && check_valid_port "DRUPAL_DATABASE_PORT_NUMBER" - ! is_empty_value "$DRUPAL_DATABASE_HOST" && check_resolved_hostname "$DRUPAL_DATABASE_HOST" - check_mounted_file "DRUPAL_DATABASE_TLS_CA_FILE" - - # Validate database credentials - if is_boolean_yes "$ALLOW_EMPTY_PASSWORD"; then - warn "You set the environment variable ALLOW_EMPTY_PASSWORD=${ALLOW_EMPTY_PASSWORD}. For safety reasons, do not use this flag in a production environment." - else - for empty_env_var in "DRUPAL_DATABASE_PASSWORD" "DRUPAL_PASSWORD"; do - is_empty_value "${!empty_env_var}" && print_validation_error "The ${empty_env_var} environment variable is empty or not set. Set the environment variable ALLOW_EMPTY_PASSWORD=yes to allow a blank password. This is only recommended for development environments." - done - fi - - # Validate SMTP credentials - if ! is_empty_value "$DRUPAL_SMTP_HOST"; then - for empty_env_var in "DRUPAL_SMTP_USER" "DRUPAL_SMTP_PASSWORD"; do - is_empty_value "${!empty_env_var}" && warn "The ${empty_env_var} environment variable is empty or not set." - done - is_empty_value "$DRUPAL_SMTP_PORT_NUMBER" && print_validation_error "The DRUPAL_SMTP_PORT_NUMBER environment variable is empty or not set." - ! is_empty_value "$DRUPAL_SMTP_PORT_NUMBER" && check_valid_port "DRUPAL_SMTP_PORT_NUMBER" - ! is_empty_value "$DRUPAL_SMTP_PROTOCOL" && check_multi_value "DRUPAL_SMTP_PROTOCOL" "standard tls ssl" - fi - - # Check that the web server is properly set up - web_server_validate || print_validation_error "Web server validation failed" - - return "$error_code" -} - -######################## -# Ensure Drupal is initialized -# Globals: -# DRUPAL_* -# Arguments: -# None -# Returns: -# None -######################### -drupal_initialize() { - # Update Drupal configuration via mounted configuration files and environment variables - if is_file_writable "$DRUPAL_CONF_FILE"; then - # Enable mounted configuration files - if [[ -f "$DRUPAL_MOUNTED_CONF_FILE" ]]; then - info "Found mounted Drupal configuration file '${DRUPAL_MOUNTED_CONF_FILE}', copying to '${DRUPAL_CONF_FILE}'" - cp "$DRUPAL_MOUNTED_CONF_FILE" "$DRUPAL_CONF_FILE" - return - fi - fi - - # Check if Drupal has already been initialized and persisted in a previous run - local -r app_name="drupal" - if ! is_app_initialized "$app_name"; then - info "Trying to connect to the database server" - drupal_wait_for_db_connection "$DRUPAL_DATABASE_HOST" "$DRUPAL_DATABASE_PORT_NUMBER" "$DRUPAL_DATABASE_NAME" "$DRUPAL_DATABASE_USER" "$DRUPAL_DATABASE_PASSWORD" - - # Ensure the Drupal base directory exists and has proper permissions - info "Configuring file permissions for Drupal" - ensure_dir_exists "$DRUPAL_VOLUME_DIR" - # Use daemon:root ownership for compatibility when running as a non-root user - am_i_root && configure_permissions_ownership "$DRUPAL_VOLUME_DIR" -d "775" -f "664" -u "$WEB_SERVER_DAEMON_USER" -g "root" - - if ! is_boolean_yes "$DRUPAL_SKIP_BOOTSTRAP"; then - # Perform initial bootstrapping for Drupal - info "Installing Drupal site" - drupal_site_install - if ! is_empty_value "$DRUPAL_ENABLE_MODULES"; then - info "Enabling Drupal modules" - drupal_enable_modules - fi - if ! is_empty_value "$DRUPAL_SMTP_HOST"; then - info "Configuring SMTP" - drupal_configure_smtp - fi - info "Flushing Drupal cache" - drupal_flush_cache - else - info "An already initialized Drupal database was provided, configuration will be skipped" - if is_empty_value "$DRUPAL_DATABASE_TLS_CA_FILE"; then - drupal_set_database_settings - else - drupal_set_database_ssl_settings - fi - - # Drupal expects a directory for storing site configuration - # For more info see https://www.drupal.org/docs/configuration-management - drupal_create_config_directory - - # Drupal needs a hash value to build one-time login links, cancel links, form tokens, etc. - drupal_set_hash_salt - drupal_update_database - fi - - info "Persisting Drupal installation" - persist_app "$app_name" "$DRUPAL_DATA_TO_PERSIST" - else - info "Restoring persisted Drupal installation" - restore_persisted_app "$app_name" "$DRUPAL_DATA_TO_PERSIST" - info "Trying to connect to the database server" - db_host="$(drupal_database_conf_get 'host')" - db_port="$(drupal_database_conf_get 'port')" - db_name="$(drupal_database_conf_get 'database')" - db_user="$(drupal_database_conf_get 'username')" - db_pass="$(drupal_database_conf_get 'password')" - drupal_wait_for_db_connection "$db_host" "$db_port" "$db_name" "$db_user" "$db_pass" - drupal_update_database - fi - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Get a database entry from the Drupal configuration file (settings.php) -# Globals: -# DRUPAL_* -# Arguments: -# $1 - Key -# Returns: -# None -######################### -drupal_database_conf_get() { - local -r key="${1:?key missing}" - debug "Getting ${key} from Drupal database configuration" - grep -E "^\s*'${key}' =>" "$DRUPAL_CONF_FILE" | grep -E -o "=> '.*'" | cut -f2 -d\' -} - -######################## -# Add or modify an entry in the Drupal configuration file (settings.php) -# Globals: -# DRUPAL_* -# Arguments: -# $1 - PHP variable name -# $2 - Value to assign to the PHP variable -# $3 - Whether the value is a literal, or if instead it should be quoted (default: no) -# Returns: -# None -######################### -drupal_conf_set() { - local -r key="${1:?key missing}" - local -r value="${2:?value missing}" - local -r is_literal="${3:-no}" - debug "Setting ${key} to '${value}' in Drupal configuration (literal: ${is_literal})" - # Sanitize key (sed does not support fixed string substitutions) - local sanitized_pattern - sanitized_pattern="^(#\s*)?$(sed 's/[]\[^$.*/]/\\&/g' <<< "$key")\s*=.*" - local entry - is_boolean_yes "$is_literal" && entry="${key} = $value;" || entry="${key} = '$value';" - # Check if the configuration exists in the file - if grep -q -E "$sanitized_pattern" "$DRUPAL_CONF_FILE"; then - # It exists, so replace the line - replace_in_file "$DRUPAL_CONF_FILE" "$sanitized_pattern" "$entry" - else - echo "$entry" >> "$DRUPAL_CONF_FILE" - fi -} - -######################## -# Wait until the database is accessible with the currently-known credentials -# Globals: -# * -# Arguments: -# $1 - database host -# $2 - database port -# $3 - database name -# $4 - database username -# $5 - database user password (optional) -# Returns: -# true if the database connection succeeded, false otherwise -######################### -drupal_wait_for_db_connection() { - local -r db_host="${1:?missing database host}" - local -r db_port="${2:?missing database port}" - local -r db_name="${3:?missing database name}" - local -r db_user="${4:?missing database user}" - local -r db_pass="${5:-}" - check_mysql_connection() { - echo "SELECT 1" | mysql_remote_execute "$db_host" "$db_port" "$db_name" "$db_user" "$db_pass" - } - if ! retry_while "check_mysql_connection"; then - error "Could not connect to the database" - return 1 - fi -} - -######################## -# Drupal Site Install -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -drupal_site_install() { - is_empty_value "$DRUPAL_DATABASE_TLS_CA_FILE" || drupal_set_database_ssl_settings - - ( - # Unfortunately there is no way to disable mail sending via sendmail when installing Drupal - # The "hack" consists of overriding the sendmail path to an executable that does nothing (i.e. "/bin/true") - # This is also what Drush is doing in their CI - PHP_OPTIONS="-d sendmail_path=$(which true)" - export PHP_OPTIONS - - drush_execute "site:install" \ - "--db-url=mysql://${DRUPAL_DATABASE_USER}:${DRUPAL_DATABASE_PASSWORD}@${DRUPAL_DATABASE_HOST}:${DRUPAL_DATABASE_PORT_NUMBER}/${DRUPAL_DATABASE_NAME}" \ - "--account-name=${DRUPAL_USERNAME}" \ - "--account-mail=${DRUPAL_EMAIL}" \ - "--account-pass=${DRUPAL_PASSWORD}" \ - "--site-name=${DRUPAL_SITE_NAME}" \ - "--site-mail=${DRUPAL_EMAIL}" \ - "-y" "$DRUPAL_PROFILE" - ) - - # When Drupal settings are patched to allow SSL database connections, the database settings block is duplicated - # after the installation with Drush - is_empty_value "$DRUPAL_DATABASE_TLS_CA_FILE" || drupal_remove_duplicated_database_settings - # Restrict permissions of the configuration file to keep the site secure - if am_i_root; then - configure_permissions_ownership "$DRUPAL_CONF_FILE" -u "root" -g "$WEB_SERVER_DAEMON_USER" -f "644" - fi -} - -######################## -# Create Drupal sync configuration directory (DRUPAL_SKIP_BOOTSTRAP only) -# Globals: -# DRUPAL_BASE_DIR -# Arguments: -# None -# Returns: -# None -######################### -drupal_create_config_directory() { - local config_sync_dir="${DRUPAL_CONFIG_SYNC_DIR:-}" - if is_empty_value "$config_sync_dir"; then - config_sync_dir="${DRUPAL_BASE_DIR}/sites/default/files/config_$(generate_random_string -t alphanumeric -c 16)" - fi - ensure_dir_exists "$config_sync_dir" - drupal_conf_set "\$settings['config_sync_directory']" "$config_sync_dir" -} - -######################## -# Create Drupal hash salt value (DRUPAL_SKIP_BOOTSTRAP only) -# Globals: -# DRUPAL_HASH_SALT -# Arguments: -# None -# Returns: -# None -######################### -drupal_set_hash_salt() { - local hash_salt="${DRUPAL_HASH_SALT:-}" - if is_empty_value "$hash_salt"; then - hash_salt="$(generate_random_string -t alphanumeric -c 32)" - fi - drupal_conf_set "\$settings['hash_salt']" "$hash_salt" -} - -######################## -# Execute Drush Tool -# Globals: -# * -# Arguments: -# $@ - Arguments to pass to the Drush tool -# Returns: -# None -######################### -drush_execute() { - if am_i_root; then - debug_execute run_as_user "$WEB_SERVER_DAEMON_USER" drush "--root=${DRUPAL_BASE_DIR}" "$@" - else - debug_execute drush "--root=${DRUPAL_BASE_DIR}" "$@" - fi -} - -######################## -# Execute Drush Tool to set a config option -# Globals: -# * -# Arguments: -# $1 - config group -# $2 - config key -# $3 - config value -# Returns: -# None -######################### -drush_config_set() { - local -r group="${1:?missing config group}" - local -r key="${2:?missing config key}" - local -r value="${3:-}" - - drush_execute "config-set" "--yes" "$group" "$key" "$value" -} - -######################## -# Drupal enable modules -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -drupal_enable_modules() { - local -a modules - read -r -a modules <<< "${DRUPAL_ENABLE_MODULES/,/ }" - [[ "${#modules[@]}" -gt 0 ]] || return 0 - drush_execute "pm:enable" "--yes" "${modules[@]}" -} - -######################## -# Drupal configure SMTP -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -drupal_configure_smtp() { - drush_execute "pm:enable" "--yes" "smtp" - - drush_config_set "system.mail" "interface.default" "SMTPMailSystem" - drush_config_set "smtp.settings" "smtp_on" "1" - drush_config_set "smtp.settings" "smtp_host" "$DRUPAL_SMTP_HOST" - drush_config_set "smtp.settings" "smtp_port" "$DRUPAL_SMTP_PORT_NUMBER" - drush_config_set "smtp.settings" "smtp_protocol" "$DRUPAL_SMTP_PROTOCOL" - drush_config_set "smtp.settings" "smtp_username" "$DRUPAL_SMTP_USER" - drush_config_set "smtp.settings" "smtp_password" "$DRUPAL_SMTP_PASSWORD" - drush_config_set "smtp.settings" "smtp_from" "$DRUPAL_EMAIL" - drush_config_set "smtp.settings" "smtp_fromname" "$DRUPAL_SITE_NAME" -} - -######################## -# Drupal flush cache -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -drupal_flush_cache() { - drush_execute "cache:rebuild" -} - -######################## -# Drupal update database -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -drupal_update_database() { - debug 'Upgrading Drupal database with drush...' - drush_execute "updatedb" -} - -######################## -# Drupal set database SSL settings -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -drupal_set_database_ssl_settings() { - cat >>"$DRUPAL_CONF_FILE" < '${DRUPAL_DATABASE_NAME}', - 'username' => '${DRUPAL_DATABASE_USER}', - 'password' => '${DRUPAL_DATABASE_PASSWORD}', - 'prefix' => '', - 'host' => '${DRUPAL_DATABASE_HOST}', - 'port' => '${DRUPAL_DATABASE_PORT_NUMBER}', - 'namespace' => 'Drupal\\Core\\Database\\Driver\\mysql', - 'driver' => 'mysql', - 'pdo' => array ( - PDO::MYSQL_ATTR_SSL_CA => '${DRUPAL_DATABASE_TLS_CA_FILE}', - PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT => 0 - ) -); -EOF -} - -######################## -# Drupal set database non-SSL settings (DRUPAL_SKIP_BOOTSTRAP only) -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -drupal_set_database_settings() { - cat >>"$DRUPAL_CONF_FILE" < '${DRUPAL_DATABASE_NAME}', - 'username' => '${DRUPAL_DATABASE_USER}', - 'password' => '${DRUPAL_DATABASE_PASSWORD}', - 'prefix' => '', - 'host' => '${DRUPAL_DATABASE_HOST}', - 'port' => '${DRUPAL_DATABASE_PORT_NUMBER}', - 'namespace' => 'Drupal\\Core\\Database\\Driver\\mysql', - 'driver' => 'mysql', -); -EOF -} - -######################## -# Drupal remove duplicated database block from settings file -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -drupal_remove_duplicated_database_settings() { - local -r first_line_block=$'\$databases\[\'default\'\]\[\'default\'\] = array \($' - local -r last_line_block='\);' - - remove_in_file "$DRUPAL_CONF_FILE" "${first_line_block}/,/${last_line_block}" -} - -######################## -# Drupal fix htaccess warning protection. -# Drupal checks for the htaccess file to prevent malicious attacks -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -drupal_fix_htaccess_warning_protection() { - local -r files_dir="${DRUPAL_BASE_DIR}/sites/default/files/" - local -r htaccess_file="${files_dir}/.htaccess" - - ensure_dir_exists "$files_dir" - cat <"$htaccess_file" -# Recommended protections: https://www.drupal.org/forum/newsletters/security-advisories-for-drupal-core/2013-11-20/sa-core-2013-003-drupal-core - -# Turn off all options we don\'t need. -Options -Indexes -ExecCGI -Includes -MultiViews - -# Set the catch-all handler to prevent scripts from being executed. -SetHandler Drupal_Security_Do_Not_Remove_See_SA_2006_006 - - # Override the handler again if we\'re run later in the evaluation list. - SetHandler Drupal_Security_Do_Not_Remove_See_SA_2013_003 - - -# If we know how to do it safely, disable the PHP engine entirely. - - php_flag engine off - -EOF -} diff --git a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/libmysqlclient.sh b/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/libmysqlclient.sh deleted file mode 100644 index fc8e6ee12d28..000000000000 --- a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/libmysqlclient.sh +++ /dev/null @@ -1,1094 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami MySQL Client library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh - -######################## -# Validate settings in MYSQL_CLIENT_* environment variables -# Globals: -# MYSQL_CLIENT_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_client_validate() { - info "Validating settings in MYSQL_CLIENT_* env vars" - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - empty_password_enabled_warn() { - warn "You set the environment variable ALLOW_EMPTY_PASSWORD=${ALLOW_EMPTY_PASSWORD}. For safety reasons, do not use this flag in a production environment." - } - empty_password_error() { - print_validation_error "The $1 environment variable is empty or not set. Set the environment variable ALLOW_EMPTY_PASSWORD=yes to allow the container to be started with blank passwords. This is recommended only for development." - } - backslash_password_error() { - print_validation_error "The password cannot contain backslashes ('\'). Set the environment variable $1 with no backslashes (more info at https://dev.mysql.com/doc/refman/8.0/en/string-comparison-functions.html)" - } - - check_yes_no_value() { - if ! is_yes_no_value "${!1}" && ! is_true_false_value "${!1}"; then - print_validation_error "The allowed values for ${1} are: yes no" - fi - } - - check_multi_value() { - if [[ " ${2} " != *" ${!1} "* ]]; then - print_validation_error "The allowed values for ${1} are: ${2}" - fi - } - - # Only validate environment variables if any action needs to be performed - check_yes_no_value "MYSQL_CLIENT_ENABLE_SSL_WRAPPER" - check_multi_value "MYSQL_CLIENT_FLAVOR" "mariadb mysql" - - if [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_USER" || -n "$MYSQL_CLIENT_CREATE_DATABASE_NAME" ]]; then - if is_boolean_yes "$ALLOW_EMPTY_PASSWORD"; then - empty_password_enabled_warn - else - if [[ -z "$MYSQL_CLIENT_DATABASE_ROOT_PASSWORD" ]]; then - empty_password_error "MYSQL_CLIENT_DATABASE_ROOT_PASSWORD" - fi - if [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_USER" ]] && [[ -z "$MYSQL_CLIENT_CREATE_DATABASE_PASSWORD" ]]; then - empty_password_error "MYSQL_CLIENT_CREATE_DATABASE_PASSWORD" - fi - fi - if [[ "${MYSQL_CLIENT_DATABASE_ROOT_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "MYSQL_CLIENT_DATABASE_ROOT_PASSWORD" - fi - if [[ "${MYSQL_CLIENT_CREATE_DATABASE_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "MYSQL_CLIENT_CREATE_DATABASE_PASSWORD" - fi - fi - return "$error_code" -} - -######################## -# Perform actions to a database -# Globals: -# DB_* -# MYSQL_CLIENT_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_client_initialize() { - # Wrap binary to force the usage of SSL - if is_boolean_yes "$MYSQL_CLIENT_ENABLE_SSL_WRAPPER"; then - mysql_client_wrap_binary_for_ssl - fi - # Wait for the database to be accessible if any action needs to be performed - if [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_USER" || -n "$MYSQL_CLIENT_CREATE_DATABASE_NAME" ]]; then - info "Trying to connect to the database server" - check_mysql_connection() { - echo "SELECT 1" | mysql_execute "mysql" "$MYSQL_CLIENT_DATABASE_ROOT_USER" "$MYSQL_CLIENT_DATABASE_ROOT_PASSWORD" "-h" "$MYSQL_CLIENT_DATABASE_HOST" "-P" "$MYSQL_CLIENT_DATABASE_PORT_NUMBER" - } - if ! retry_while "check_mysql_connection"; then - error "Could not connect to the database server" - return 1 - fi - fi - # Ensure a database user exists in the server - if [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_USER" ]]; then - info "Creating database user ${MYSQL_CLIENT_CREATE_DATABASE_USER}" - local -a args=("$MYSQL_CLIENT_CREATE_DATABASE_USER" "--host" "$MYSQL_CLIENT_DATABASE_HOST" "--port" "$MYSQL_CLIENT_DATABASE_PORT_NUMBER") - [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_PASSWORD" ]] && args+=("-p" "$MYSQL_CLIENT_CREATE_DATABASE_PASSWORD") - [[ -n "$MYSQL_CLIENT_DATABASE_AUTHENTICATION_PLUGIN" ]] && args+=("--auth-plugin" "$MYSQL_CLIENT_DATABASE_AUTHENTICATION_PLUGIN") - mysql_ensure_optional_user_exists "${args[@]}" - fi - # Ensure a database exists in the server (and that the user has write privileges, if specified) - if [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_NAME" ]]; then - info "Creating database ${MYSQL_CLIENT_CREATE_DATABASE_NAME}" - local -a createdb_args=("$MYSQL_CLIENT_CREATE_DATABASE_NAME" "--host" "$MYSQL_CLIENT_DATABASE_HOST" "--port" "$MYSQL_CLIENT_DATABASE_PORT_NUMBER") - [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_USER" ]] && createdb_args+=("-u" "$MYSQL_CLIENT_CREATE_DATABASE_USER") - [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_CHARACTER_SET" ]] && createdb_args+=("--character-set" "$MYSQL_CLIENT_CREATE_DATABASE_CHARACTER_SET") - [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_COLLATE" ]] && createdb_args+=("--collate" "$MYSQL_CLIENT_CREATE_DATABASE_COLLATE") - [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_PRIVILEGES" ]] && createdb_args+=("--privileges" "$MYSQL_CLIENT_CREATE_DATABASE_PRIVILEGES") - mysql_ensure_optional_database_exists "${createdb_args[@]}" - fi -} - -######################## -# Wrap binary to force the usage of SSL -# Globals: -# DB_* -# MYSQL_CLIENT_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_client_wrap_binary_for_ssl() { - local wrapper_file="${DB_BIN_DIR}/mysql" - # In MySQL Client 10.6, mysql is a link to the mariadb binary - if [[ -f "${DB_BIN_DIR}/mariadb" ]]; then - wrapper_file="${DB_BIN_DIR}/mariadb" - fi - local -r wrapped_binary_file="${DB_BASE_DIR}/.bin/mysql" - local -a ssl_opts=() - read -r -a ssl_opts <<<"$(mysql_client_extra_opts)" - - mv "$wrapper_file" "$wrapped_binary_file" - cat >"$wrapper_file" <> "$custom_conf_file" - cat "$old_custom_conf_file" >> "$custom_conf_file" - fi - if am_i_root; then - [[ -e "$DB_VOLUME_DIR/.initialized" ]] && rm "$DB_VOLUME_DIR/.initialized" - rm -rf "$DB_VOLUME_DIR/conf" - else - warn "Old custom configuration migrated, please manually remove the 'conf' directory from the volume use to persist data" - fi -} - -######################## -# Ensure a db user exists with the given password for the '%' host -# Globals: -# DB_* -# Flags: -# -p|--password - database password -# -u|--user - database user -# --auth-plugin - authentication plugin -# --use-ldap - authenticate user via LDAP -# --host - database host -# --port - database host -# Arguments: -# $1 - database user -# Returns: -# None -######################### -mysql_ensure_user_exists() { - local -r user="${1:?user is required}" - local password="" - local auth_plugin="" - local use_ldap="no" - local hosts - local auth_string="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -p|--password) - shift - password="${1:?missing database password}" - ;; - --auth-plugin) - shift - auth_plugin="${1:?missing authentication plugin}" - ;; - --use-ldap) - use_ldap="yes" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if is_boolean_yes "$use_ldap"; then - auth_string="identified via pam using '$DB_FLAVOR'" - elif [[ -n "$password" ]]; then - if [[ -n "$auth_plugin" ]]; then - auth_string="identified with $auth_plugin by '$password'" - else - auth_string="identified by '$password'" - fi - fi - debug "creating database user \'$user\'" - - local -a mysql_execute_cmd=("mysql_execute") - local -a mysql_execute_print_output_cmd=("mysql_execute_print_output") - if [[ -n "$db_host" && -n "$db_port" ]]; then - mysql_execute_cmd=("mysql_remote_execute" "$db_host" "$db_port") - mysql_execute_print_output_cmd=("mysql_remote_execute_print_output" "$db_host" "$db_port") - fi - - local mysql_create_user_cmd - [[ "$DB_FLAVOR" = "mariadb" ]] && mysql_create_user_cmd="create or replace user" || mysql_create_user_cmd="create user if not exists" - "${mysql_execute_cmd[@]}" "mysql" "$DB_ROOT_USER" "$DB_ROOT_PASSWORD" <=10.4, the mysql.user table was replaced with a view: https://mariadb.com/kb/en/mysqluser-table/ - # Views have a definer user, in this case set to 'root', which needs to exist for the view to work - # In MySQL, to avoid issues when renaming the root user, they use the 'mysql.sys' user as a definer: https://dev.mysql.com/doc/refman/5.7/en/sys-schema.html - # However, for MariaDB that is not the case, so when the 'root' user is renamed the 'mysql.user' table stops working and the view needs to be fixed - if [[ "$user" != "root" && ! "$(mysql_get_version)" =~ ^10.[0123]. ]]; then - alter_view_str="$(mysql_execute_print_output "mysql" "$user" "$password" "-s" <&2 - return 1 - ;; - esac - shift - done - - local -a mysql_execute_cmd=("mysql_execute") - [[ -n "$db_host" && -n "$db_port" ]] && mysql_execute_cmd=("mysql_remote_execute" "$db_host" "$db_port") - - local -a create_database_args=() - [[ -n "$character_set" ]] && create_database_args+=("character set = '${character_set}'") - [[ -n "$collate" ]] && create_database_args+=("collate = '${collate}'") - - debug "Creating database $database" - "${mysql_execute_cmd[@]}" "mysql" "$DB_ROOT_USER" "$DB_ROOT_PASSWORD" <&2 - return 1 - ;; - esac - shift - done - - local -a flags=("$user") - [[ -n "$db_host" ]] && flags+=("--host" "${db_host}") - [[ -n "$db_port" ]] && flags+=("--port" "${db_port}") - if is_boolean_yes "$use_ldap"; then - flags+=("--use-ldap") - elif [[ -n "$password" ]]; then - flags+=("-p" "$password") - [[ -n "$auth_plugin" ]] && flags=("${flags[@]}" "--auth-plugin" "$auth_plugin") - fi - mysql_ensure_user_exists "${flags[@]}" -} - -######################## -# Optionally create the given database, and then optionally give a user -# full privileges on the database. -# Flags: -# -u|--user - database user -# --character-set - character set -# --collation - collation -# --host - database host -# --port - database port -# Arguments: -# $1 - database name -# Returns: -# None -######################### -mysql_ensure_optional_database_exists() { - local -r database="${1:?database is missing}" - local character_set="" - local collate="" - local user="" - local privileges="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - --character-set) - shift - character_set="${1:?missing character set}" - ;; - --collate) - shift - collate="${1:?missing collate}" - ;; - -u|--user) - shift - user="${1:?missing database user}" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - --privileges) - shift - privileges="${1:?missing privileges}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - local -a flags=("$database") - [[ -n "$character_set" ]] && flags+=("--character-set" "$character_set") - [[ -n "$collate" ]] && flags+=("--collate" "$collate") - [[ -n "$db_host" ]] && flags+=("--host" "$db_host") - [[ -n "$db_port" ]] && flags+=("--port" "$db_port") - mysql_ensure_database_exists "${flags[@]}" - - if [[ -n "$user" ]]; then - mysql_ensure_user_has_database_privileges "$user" "$database" "$privileges" "$db_host" "$db_port" - fi -} - -######################## -# Add or modify an entry in the MySQL configuration file ("$DB_CONF_FILE") -# Globals: -# DB_* -# Arguments: -# $1 - MySQL variable name -# $2 - Value to assign to the MySQL variable -# $3 - Section in the MySQL configuration file the key is located (default: mysqld) -# $4 - Configuration file (default: "$BD_CONF_FILE") -# Returns: -# None -######################### -mysql_conf_set() { - local -r key="${1:?key missing}" - local -r value="${2:?value missing}" - read -r -a sections <<<"${3:-mysqld}" - local -r ignore_inline_comments="${4:-no}" - local -r file="${5:-"$DB_CONF_FILE"}" - info "Setting ${key} option" - debug "Setting ${key} to '${value}' in ${DB_FLAVOR} configuration file ${file}" - # Check if the configuration exists in the file - for section in "${sections[@]}"; do - if is_boolean_yes "$ignore_inline_comments"; then - ini-file set --ignore-inline-comments --section "$section" --key "$key" --value "$value" "$file" - else - ini-file set --section "$section" --key "$key" --value "$value" "$file" - fi - done -} - -######################## -# Update MySQL/MariaDB configuration file with user custom inputs -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_update_custom_config() { - # Persisted configuration files from old versions - ! is_dir_empty "$DB_VOLUME_DIR" && [[ -d "$DB_VOLUME_DIR/conf" ]] && mysql_migrate_old_configuration - - # User injected custom configuration - if [[ -f "$DB_CONF_DIR/my_custom.cnf" ]]; then - debug "Injecting custom configuration from my_custom.conf" - cat "$DB_CONF_DIR/my_custom.cnf" > "$DB_CONF_DIR/bitnami/my_custom.cnf" - fi - - ! is_empty_value "$DB_USER" && mysql_conf_set "user" "$DB_USER" "mysqladmin" - ! is_empty_value "$DB_PORT_NUMBER" && mysql_conf_set "port" "$DB_PORT_NUMBER" "mysqld client manager" - ! is_empty_value "$DB_CHARACTER_SET" && mysql_conf_set "character_set_server" "$DB_CHARACTER_SET" - ! is_empty_value "$DB_COLLATE" && mysql_conf_set "collation_server" "$DB_COLLATE" - ! is_empty_value "$DB_BIND_ADDRESS" && mysql_conf_set "bind_address" "$DB_BIND_ADDRESS" - ! is_empty_value "$DB_AUTHENTICATION_PLUGIN" && mysql_conf_set "default_authentication_plugin" "$DB_AUTHENTICATION_PLUGIN" - ! is_empty_value "$DB_SQL_MODE" && mysql_conf_set "sql_mode" "$DB_SQL_MODE" - ! is_empty_value "$DB_ENABLE_SLOW_QUERY" && mysql_conf_set "slow_query_log" "$DB_ENABLE_SLOW_QUERY" - ! is_empty_value "$DB_LONG_QUERY_TIME" && mysql_conf_set "long_query_time" "$DB_LONG_QUERY_TIME" - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Find the path to the libjemalloc library file -# Globals: -# None -# Arguments: -# None -# Returns: -# Path to a libjemalloc shared object file -######################### -find_jemalloc_lib() { - local -a locations=( "/usr/lib" "/usr/lib64" ) - local -r pattern='libjemalloc.so.[0-9]' - local path - for dir in "${locations[@]}"; do - # Find the first element matching the pattern and quit - [[ ! -d "$dir" ]] && continue - path="$(find "$dir" -name "$pattern" -print -quit)" - [[ -n "$path" ]] && break - done - echo "${path:-}" -} - -######################## -# Execute a reliable health check against the current mysql instance -# Globals: -# DB_ROOT_PASSWORD, DB_MASTER_ROOT_PASSWORD -# Arguments: -# None -# Returns: -# mysqladmin output -######################### -mysql_healthcheck() { - local args=("-uroot" "-h0.0.0.0") - local root_password - - root_password="$(get_master_env_var_value ROOT_PASSWORD)" - if [[ -n "$root_password" ]]; then - args+=("-p${root_password}") - fi - - mysqladmin "${args[@]}" ping && mysqladmin "${args[@]}" status -} - -######################## -# Prints flavor of 'mysql' client (useful to determine proper CLI flags that can be used) -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# mysql client flavor -######################### -mysql_client_flavor() { - if "${DB_BIN_DIR}/mysql" "--version" 2>&1 | grep -q MariaDB; then - echo "mariadb" - else - echo "mysql" - fi -} - -######################## -# Prints extra options for MySQL client calls (i.e. SSL options) -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# List of options to pass to "mysql" CLI -######################### -mysql_client_extra_opts() { - # Helper to get the proper value for the MySQL client environment variable - mysql_client_env_value() { - local env_name="MYSQL_CLIENT_${1:?missing name}" - if [[ -n "${!env_name:-}" ]]; then - echo "${!env_name:-}" - else - env_name="DB_CLIENT_${1}" - echo "${!env_name:-}" - fi - } - local -a opts=() - local key value - if is_boolean_yes "${DB_ENABLE_SSL:-no}"; then - if [[ "$(mysql_client_flavor)" = "mysql" ]]; then - opts+=("--ssl-mode=REQUIRED") - else - opts+=("--ssl=TRUE") - fi - # Add "--ssl-ca", "--ssl-key" and "--ssl-cert" options if the env vars are defined - for key in ca key cert; do - value="$(mysql_client_env_value "SSL_${key^^}_FILE")" - [[ -n "${value}" ]] && opts+=("--ssl-${key}=${value}") - done - fi - echo "${opts[@]:-}" -} diff --git a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/libphp.sh b/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/libphp.sh deleted file mode 100644 index a107519847f5..000000000000 --- a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/libphp.sh +++ /dev/null @@ -1,260 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami PHP library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libwebserver.sh - -######################## -# Add or modify an entry in the main PHP configuration file (php.ini) -# Globals: -# PHP_CONF_FILE -# Arguments: -# $1 - Key -# $2 - Value -# $3 - File to modify (default: $PHP_CONF_FILE) -# Returns: -# None -######################### -php_conf_set() { - local -r key="${1:?key missing}" - local -r value="${2:?value missing}" - local -r file="${3:-"$PHP_CONF_FILE"}" - local pattern="^[; ]*${key}\s*=.*$" - if [[ "$key" = "extension" || "$key" = "zend_extension" ]]; then - # The "extension" property works a bit different for PHP, as there is one per module to be included, meaning it is additive unlike other configurations - # Because of that, we first check if the extension was defined in the file to replace the proper entry - pattern="^[; ]*${key}\s*=\s*[\"]?${value}(\.so)?[\"]?\s*$" - fi - local -r entry="${key} = ${value}" - if is_file_writable "$file"; then - # Not using the ini-file tool since it does not play well with php.ini - if grep -q -E "$pattern" "$file"; then - replace_in_file "$file" "$pattern" "$entry" - else - cat >> "$file" <<< "$entry" - fi - else - warn "The PHP configuration file '${file}' is not writable. The '${key}' option will not be configured." - fi -} - -######################## -# Ensure PHP is initialized -# Globals: -# PHP_* -# Arguments: -# None -# Returns: -# None -######################### -php_initialize() { - # Configure PHP options based on the runtime environment - info "Configuring PHP options" - php_set_runtime_config "$PHP_CONF_FILE" - - # PHP-FPM configuration - ! is_empty_value "$PHP_FPM_LISTEN_ADDRESS" && info "Setting PHP-FPM listen option" && php_conf_set "listen" "$PHP_FPM_LISTEN_ADDRESS" "${PHP_CONF_DIR}/php-fpm.d/www.conf" - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Set PHP runtime options, based on user-provided environment variables -# Globals: -# PHP_* -# Arguments: -# None -# Returns: -# None -######################### -php_set_runtime_config() { - local -r conf_file="${1:?missing conf file}" - - ! is_empty_value "$PHP_DATE_TIMEZONE" && info "Setting PHP date.timezone option" && php_conf_set date.timezone "$PHP_DATE_TIMEZONE" "$conf_file" - ! is_empty_value "$PHP_ENABLE_OPCACHE" && info "Setting PHP opcache.enable option" && php_conf_set opcache.enable "$PHP_ENABLE_OPCACHE" "$conf_file" - ! is_empty_value "$PHP_EXPOSE_PHP" && info "Setting PHP expose_php option" && php_conf_set expose_php "$PHP_EXPOSE_PHP" "$conf_file" - ! is_empty_value "$PHP_MAX_EXECUTION_TIME" && info "Setting PHP max_execution_time option" && php_conf_set max_execution_time "$PHP_MAX_EXECUTION_TIME" "$conf_file" - ! is_empty_value "$PHP_MAX_INPUT_TIME" && info "Setting PHP max_input_time option" && php_conf_set max_input_time "$PHP_MAX_INPUT_TIME" "$conf_file" - ! is_empty_value "$PHP_MAX_INPUT_VARS" && info "Setting PHP max_input_vars option" && php_conf_set max_input_vars "$PHP_MAX_INPUT_VARS" "$conf_file" - ! is_empty_value "$PHP_MEMORY_LIMIT" && info "Setting PHP memory_limit option" && php_conf_set memory_limit "$PHP_MEMORY_LIMIT" "$conf_file" - ! is_empty_value "$PHP_POST_MAX_SIZE" && info "Setting PHP post_max_size option" && php_conf_set post_max_size "$PHP_POST_MAX_SIZE" "$conf_file" - ! is_empty_value "$PHP_UPLOAD_MAX_FILESIZE" && info "Setting PHP upload_max_filesize option" && php_conf_set upload_max_filesize "$PHP_UPLOAD_MAX_FILESIZE" "$conf_file" - ! is_empty_value "$PHP_OUTPUT_BUFFERING" && info "Setting PHP output_buffering option" && php_conf_set output_buffering "$PHP_OUTPUT_BUFFERING" "$conf_file" - - true -} - -######################## -# Convert a yes/no value to a PHP boolean -# Globals: -# None -# Arguments: -# $1 - yes/no value -# Returns: -# None -######################### -php_convert_to_boolean() { - local -r value="${1:?missing value}" - is_boolean_yes "$value" && echo "true" || echo "false" -} - -######################## -# Execute/run PHP code and print to stdout -# Globals: -# None -# Stdin: -# Code to execute -# Arguments: -# $1..$n - Input arguments to script -# Returns: -# None -######################### -php_execute_print_output() { - local php_cmd - # Obtain the command specified via stdin - php_cmd="$(/dev/null 2>&1 & - if ! retry_while "is_php_fpm_running"; then - error "php-fpm did not start" - error_code=1 - else - info "php-fpm started" - fi -else - info "php-fpm is already running" -fi - -exit "$error_code" diff --git a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/php/status.sh b/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/php/status.sh deleted file mode 100755 index fcb71cf40410..000000000000 --- a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/php/status.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libphp.sh -. /opt/bitnami/scripts/liblog.sh - -# Load PHP-FPM environment variables -. /opt/bitnami/scripts/php-env.sh - -if is_php_fpm_running; then - info "php-fpm is already running" -else - info "php-fpm is not running" -fi diff --git a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/php/stop.sh b/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/php/stop.sh deleted file mode 100755 index 153f256030eb..000000000000 --- a/bitnami/drupal/10/debian-11/rootfs/opt/bitnami/scripts/php/stop.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libphp.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh - -# Load PHP-FPM environment variables -. /opt/bitnami/scripts/php-env.sh - -error_code=0 - -if is_php_fpm_running; then - BITNAMI_QUIET=1 php_fpm_stop - if ! retry_while "is_php_fpm_not_running"; then - error "php-fpm could not be stopped" - error_code=1 - else - info "php-fpm stopped" - fi -else - info "php-fpm is not running" -fi - -exit "$error_code" diff --git a/bitnami/drupal/10/debian-11/rootfs/post-init.d/php.sh b/bitnami/drupal/10/debian-11/rootfs/post-init.d/php.sh deleted file mode 100755 index 75fbeb8b58bc..000000000000 --- a/bitnami/drupal/10/debian-11/rootfs/post-init.d/php.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Executes custom PHP init scripts - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries with logging functions -if [[ -f /opt/bitnami/base/functions ]]; then - . /opt/bitnami/base/functions -else - . /opt/bitnami/scripts/liblog.sh -fi - -# Loop through all input files passed via stdin -read -r -a custom_init_scripts <<< "$@" -failure=0 -if [[ "${#custom_init_scripts[@]}" -gt 0 ]]; then - for custom_init_script in "${custom_init_scripts[@]}"; do - [[ "$custom_init_script" != *".php" ]] && continue - info "Executing ${custom_init_script} with PHP interpreter" - php "$custom_init_script" || failure=1 - [[ "$failure" -ne 0 ]] && error "Failed to execute ${custom_init_script}" - done -fi - -exit "$failure" diff --git a/bitnami/drupal/10/debian-11/rootfs/post-init.d/shell.sh b/bitnami/drupal/10/debian-11/rootfs/post-init.d/shell.sh deleted file mode 100755 index 15ec2defbee7..000000000000 --- a/bitnami/drupal/10/debian-11/rootfs/post-init.d/shell.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Executes custom Bash init scripts - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries with logging functions -if [[ -f /opt/bitnami/base/functions ]]; then - . /opt/bitnami/base/functions -else - . /opt/bitnami/scripts/liblog.sh -fi - -# Loop through all input files passed via stdin -read -r -a custom_init_scripts <<< "$@" -failure=0 -if [[ "${#custom_init_scripts[@]}" -gt 0 ]]; then - for custom_init_script in "${custom_init_scripts[@]}"; do - [[ "$custom_init_script" != *".sh" ]] && continue - if [[ -x "$custom_init_script" ]]; then - info "Executing ${custom_init_script}" - "$custom_init_script" || failure="1" - else - info "Sourcing ${custom_init_script} as it is not executable by the current user, any error may cause initialization to fail" - . "$custom_init_script" - fi - [[ "$failure" -ne 0 ]] && error "Failed to execute ${custom_init_script}" - done -fi - -exit "$failure" diff --git a/bitnami/drupal/10/debian-11/rootfs/post-init.d/sql-mysql.sh b/bitnami/drupal/10/debian-11/rootfs/post-init.d/sql-mysql.sh deleted file mode 100755 index 3618812a8335..000000000000 --- a/bitnami/drupal/10/debian-11/rootfs/post-init.d/sql-mysql.sh +++ /dev/null @@ -1,48 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Executes custom MySQL (.sql or .sql.gz) init scripts - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries with logging functions -if [[ -f /opt/bitnami/base/functions ]]; then - . /opt/bitnami/base/functions -else - . /opt/bitnami/scripts/liblog.sh -fi - -mysql_execute() { - local -r sql_file="${1:?missing file}" - local failure=0 - mysql_cmd=("mysql" "-h" "$MARIADB_HOST" "-P" "$MARIADB_PORT_NUMBER" "-u" "$MARIADB_ROOT_USER") - if [[ "${ALLOW_EMPTY_PASSWORD:-no}" != "yes" ]]; then - mysql_cmd+=("-p${MARIADB_ROOT_PASSWORD}") - fi - if [[ "$sql_file" == *".sql" ]]; then - "${mysql_cmd[@]}" < "$sql_file" || failure=$? - elif [[ "$sql_file" == *".sql.gz" ]]; then - gunzip -c "$sql_file" | "${mysql_cmd[@]}" || failure=$? - fi - return "$failure" -} - -# Loop through all input files passed via stdin -read -r -a custom_init_scripts <<< "$@" -failure=0 -if [[ "${#custom_init_scripts[@]}" -gt 0 ]]; then - for custom_init_script in "${custom_init_scripts[@]}"; do - [[ ! "$custom_init_script" =~ ^.*(\.sql|\.sql\.gz)$ ]] && continue - info "Executing ${custom_init_script}" - mysql_execute "$custom_init_script" || failure=1 - [[ "$failure" -ne 0 ]] && error "Failed to execute ${custom_init_script}" - done -fi - -exit "$failure" diff --git a/bitnami/drupal/10/debian-11/rootfs/post-init.sh b/bitnami/drupal/10/debian-11/rootfs/post-init.sh deleted file mode 100755 index 797987212cc5..000000000000 --- a/bitnami/drupal/10/debian-11/rootfs/post-init.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Only execute init scripts once -if [[ ! -f "/bitnami/drupal/.user_scripts_initialized" && -d "/docker-entrypoint-init.d" ]]; then - read -r -a init_scripts <<< "$(find "/docker-entrypoint-init.d" -type f -print0 | sort -z | xargs -0)" - if [[ "${#init_scripts[@]}" -gt 0 ]] && [[ ! -f "/bitnami/drupal/.user_scripts_initialized" ]]; then - mkdir -p "/bitnami/drupal" - for init_script in "${init_scripts[@]}"; do - for init_script_type_handler in /post-init.d/*.sh; do - "$init_script_type_handler" "$init_script" - done - done - fi - - touch "/bitnami/drupal/.user_scripts_initialized" -fi diff --git a/bitnami/drupal/10/debian-11/tags-info.yaml b/bitnami/drupal/10/debian-11/tags-info.yaml deleted file mode 100644 index ec6e6154f4bb..000000000000 --- a/bitnami/drupal/10/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "10" -- 10-debian-11 -- 10.2.3 -- latest diff --git a/bitnami/ejbca/8/debian-11/Dockerfile b/bitnami/ejbca/8/debian-11/Dockerfile deleted file mode 100644 index 7108cf6579bd..000000000000 --- a/bitnami/ejbca/8/debian-11/Dockerfile +++ /dev/null @@ -1,62 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG JAVA_EXTRA_SECURITY_DIR="/bitnami/java/extra-security" -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T01:44:31Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="8.2.0-1-debian-11-r21" \ - org.opencontainers.image.title="ejbca" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="8.2.0-1" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages acl ca-certificates curl libaio1 libaudit1 libcap-ng0 libgcc-s1 libicu67 liblzma5 libncurses6 libpam0g libssl1.1 libstdc++6 libtinfo6 libxml2 procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "java-11.0.22-12-2-linux-${OS_ARCH}-debian-11" \ - "wildfly-26.1.3-20-linux-${OS_ARCH}-debian-11" \ - "mysql-client-10.11.7-0-linux-${OS_ARCH}-debian-11" \ - "ejbca-8.2.0-1-2-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/ejbca/postunpack.sh -RUN /opt/bitnami/scripts/java/postunpack.sh -ENV APP_VERSION="8.2.0-1" \ - BITNAMI_APP_NAME="ejbca" \ - JAVA_HOME="/opt/bitnami/java" \ - PATH="/opt/bitnami/java/bin:/opt/bitnami/wildfly/bin:/opt/bitnami/mysql/bin:/opt/bitnami/ejbca/bin:$PATH" - -EXPOSE 8009 8080 9990 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/ejbca/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/ejbca/run.sh" ] diff --git a/bitnami/ejbca/8/debian-11/docker-compose.yml b/bitnami/ejbca/8/debian-11/docker-compose.yml deleted file mode 100644 index 83d95634f10f..000000000000 --- a/bitnami/ejbca/8/debian-11/docker-compose.yml +++ /dev/null @@ -1,33 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: "2" -services: - mariadb: - image: docker.io/bitnami/mariadb:10.11 - volumes: - - "mariadb_data:/bitnami/mariadb" - environment: - # ALLOW_EMPTY_PASSWORD is recommended only for development. - - ALLOW_EMPTY_PASSWORD=yes - - MARIADB_USER=bn_ejbca - - MARIADB_DATABASE=bitnami_ejbca - - MARIADB_PASSWORD=Bitnami1234 - ejbca: - image: docker.io/bitnami/ejbca:8 - ports: - - 8080:8080 - - 8443:8443 - - 8009:8009 - volumes: - - "wildfly_data:/bitnami/wildfly" - environment: - - EJBCA_DATABASE_HOST=mariadb - - EJBCA_DATABASE_NAME=bitnami_ejbca - - EJBCA_DATABASE_USERNAME=bn_ejbca - - EJBCA_DATABASE_PASSWORD=Bitnami1234 -volumes: - mariadb_data: - driver: local - wildfly_data: - driver: local diff --git a/bitnami/ejbca/8/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/ejbca/8/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 1333779a252c..000000000000 --- a/bitnami/ejbca/8/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,26 +0,0 @@ -{ - "ejbca": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "8.2.0-1-2" - }, - "java": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "11.0.22-12-2" - }, - "mysql-client": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "10.11.7-0" - }, - "wildfly": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "26.1.3-20" - } -} \ No newline at end of file diff --git a/bitnami/ejbca/8/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/ejbca/8/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/ejbca/8/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/ejbca/8/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/ejbca/8/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/ejbca/8/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/ejbca/8/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/ejbca/8/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/ejbca/8/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/ejbca/8/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/ejbca/8/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/ejbca/8/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/ejbca/8/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/ejbca/8/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/ejbca/8/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/ejbca/8/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/ejbca/8/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/ejbca/8/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/ejbca/8/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/ejbca/8/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/ejbca/8/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/ejbca/8/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/ejbca/8/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/ejbca/8/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/ejbca/8/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/ejbca/8/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/ejbca/8/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/ejbca/8/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/ejbca/8/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/ejbca/8/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/ejbca/8/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/ejbca/8/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/ejbca/8/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/ejbca/8/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/ejbca/8/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/ejbca/8/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/ejbca/8/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/ejbca/8/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/ejbca/8/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/ejbca/8/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/ejbca/8/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/ejbca/8/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/ejbca/8/debian-11/rootfs/opt/bitnami/scripts/ejbca-env.sh b/bitnami/ejbca/8/debian-11/rootfs/opt/bitnami/scripts/ejbca-env.sh deleted file mode 100644 index b73171fe27a6..000000000000 --- a/bitnami/ejbca/8/debian-11/rootfs/opt/bitnami/scripts/ejbca-env.sh +++ /dev/null @@ -1,138 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for ejbca - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-ejbca}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -ejbca_env_vars=( - EJBCA_WILDFLY_ADMIN_USER - EJBCA_WILDFLY_ADMIN_PASSWORD - EJBCA_SERVER_CERT_FILE - EJBCA_SERVER_CERT_PASSWORD - EJBCA_HTTP_PORT_NUMBER - EJBCA_HTTPS_PORT_NUMBER - EJBCA_HTTPS_ADVERTISED_PORT_NUMBER - EJBCA_ADMIN_USERNAME - EJBCA_ADMIN_PASSWORD - EJBCA_DATABASE_HOST - EJBCA_DATABASE_PORT - EJBCA_DATABASE_NAME - EJBCA_DATABASE_USERNAME - EJBCA_DATABASE_PASSWORD - EJBCA_CA_NAME - JAVA_OPTS - EJBCA_SMTP_HOST - EJBCA_SMTP_PORT - EJBCA_SMTP_FROM_ADDRESS - EJBCA_SMTP_TLS - EJBCA_SMTP_USERNAME - EJBCA_SMTP_PASSWORD -) -for env_var in "${ejbca_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset ejbca_env_vars - -# Paths -export BITNAMI_VOLUME_DIR="/bitnami" -export EJBCA_BASE_DIR="${BITNAMI_ROOT_DIR}/ejbca" -export EJBCA_BIN_DIR="${EJBCA_BASE_DIR}/bin" -export EJBCA_TMP_DIR="${EJBCA_BASE_DIR}/tmp" -export EJBCA_INITSCRIPTS_DIR="/docker-entrypoint-initdb.d" -export EJBCA_DATABASE_SCRIPTS_DIR="${EJBCA_BASE_DIR}/sql-scripts" - -# Persistence -export EJBCA_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/ejbca" -export EJBCA_WILDFLY_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/wildfly" -export EJBCA_DATA_DIR="${EJBCA_VOLUME_DIR}/tls" - -# DB scripts -export EJBCA_DB_SCRIPT_INDEXES="${EJBCA_DATABASE_SCRIPTS_DIR}/create-index-ejbca.sql" -export EJBCA_DB_SCRIPT_TABLES="${EJBCA_DATABASE_SCRIPTS_DIR}/create-tables-ejbca-mysql.sql" - -# EJBA deployment -export EJBCA_EAR_FILE="${EJBCA_BASE_DIR}/dist/ejbca.ear" - -# Wildfly -export EJBCA_WILDFLY_BASE_DIR="${BITNAMI_ROOT_DIR}/wildfly" -export EJBCA_WILDFLY_TMP_DIR="${EJBCA_WILDFLY_BASE_DIR}/tmp" -export EJBCA_WILDFLY_BIN_DIR="${EJBCA_WILDFLY_BASE_DIR}/bin" -export EJBCA_WILDFLY_CONF_DIR="${EJBCA_WILDFLY_BASE_DIR}/standalone/configuration" -export EJBCA_WILDFLY_PID_DIR="${EJBCA_TMP_DIR}" -export EJBCA_WILDFLY_PID_FILE="${EJBCA_WILDFLY_PID_DIR}/wildfly.pid" -export EJBCA_WILDFLY_DEPLOY_DIR="${EJBCA_WILDFLY_BASE_DIR}/standalone/deployments" -export EJBCA_WILDFLY_ADMIN_USER="${EJBCA_WILDFLY_ADMIN_USER:-admin}" -export EJBCA_WILDFLY_ADMIN_PASSWORD="${EJBCA_WILDFLY_ADMIN_PASSWORD:-}" -export EJBCA_WILDFLY_TRUSTSTORE_FILE="${EJBCA_WILDFLY_CONF_DIR}/truststore.jks" -export EJBCA_WILDFLY_KEYSTORE_FILE="${EJBCA_WILDFLY_CONF_DIR}/keystore.jks" -export EJBCA_WILDFLY_STANDALONE_CONF_FILE="${EJBCA_WILDFLY_BIN_DIR}/standalone.conf" -export EJBCA_WILDFLY_STANDALONE_XML_FILE="${EJBCA_WILDFLY_CONF_DIR}/standalone.xml" - -# Users -export EJBCA_DAEMON_USER="wildfly" -export EJBCA_DAEMON_GROUP="wildfly" - -# Keystores -export EJBCA_WILDFLY_KEYSTORE_PASSWORD_FILE="${EJBCA_WILDFLY_TMP_DIR}/keystore.pwd" -export EJBCA_WILDFLY_TRUSTSTORE_PASSWORD_FILE="${EJBCA_WILDFLY_TMP_DIR}/truststore.pwd" -export EJBCA_WILDFLY_ADMIN_PASSWORD_FILE="${EJBCA_WILDFLY_TMP_DIR}/wildfly_admin.pwd" -export EJBCA_SERVER_CERT_FILE="${EJBCA_SERVER_CERT_FILE:-}" -export EJBCA_SERVER_CERT_PASSWORD="${EJBCA_SERVER_CERT_PASSWORD:-}" -export EJBCA_TEMP_CERT="${EJBCA_TMP_DIR}/cacert.der" - -# Settings -export EJBCA_HTTP_PORT_NUMBER="${EJBCA_HTTP_PORT_NUMBER:-8080}" -export EJBCA_HTTPS_PORT_NUMBER="${EJBCA_HTTPS_PORT_NUMBER:-8443}" -export EJBCA_HTTPS_ADVERTISED_PORT_NUMBER="${EJBCA_HTTPS_ADVERTISED_PORT_NUMBER:-$EJBCA_HTTPS_PORT_NUMBER}" -export EJBCA_ADMIN_USERNAME="${EJBCA_ADMIN_USERNAME:-superadmin}" -export EJBCA_ADMIN_PASSWORD="${EJBCA_ADMIN_PASSWORD:-Bitnami1234}" -export EJBCA_DATABASE_HOST="${EJBCA_DATABASE_HOST:-}" -export EJBCA_DATABASE_PORT="${EJBCA_DATABASE_PORT:-3306}" -export EJBCA_DATABASE_NAME="${EJBCA_DATABASE_NAME:-}" -export EJBCA_DATABASE_USERNAME="${EJBCA_DATABASE_USERNAME:-}" -export EJBCA_DATABASE_PASSWORD="${EJBCA_DATABASE_PASSWORD:-}" -export EJBCA_CA_NAME="${EJBCA_CA_NAME:-ManagementCA}" -export JAVA_OPTS="${JAVA_OPTS:--Xms2048m -Xmx2048m -Djava.net.preferIPv4Stack=true -Dhibernate.dialect=org.hibernate.dialect.MySQL5Dialect -Dhibernate.dialect.storage_engine=innodb}" -export EJBCA_SMTP_HOST="${EJBCA_SMTP_HOST:-localhost}" -export EJBCA_SMTP_PORT="${EJBCA_SMTP_PORT:-25}" -export EJBCA_SMTP_FROM_ADDRESS="${EJBCA_SMTP_FROM_ADDRESS:-user@example.com}" -export EJBCA_SMTP_TLS="${EJBCA_SMTP_TLS:-false}" -export EJBCA_SMTP_USERNAME="${EJBCA_SMTP_USERNAME:-}" -export EJBCA_SMTP_PASSWORD="${EJBCA_SMTP_PASSWORD:-}" - -# EJBCA environment variables. -export EJBCA_HOME="${EJBCA_BASE_DIR}" -export JAVA_HOME="/opt/bitnami/java" -export JBOSS_HOME="${EJBCA_WILDFLY_BASE_DIR}" -export LAUNCH_JBOSS_IN_BACKGROUND="true" -export JBOSS_PIDFILE="${EJBCA_WILDFLY_PID_FILE}" -export EJBCA_WILDFLY_DATA_TO_PERSIST="${EJBCA_WILDFLY_CONF_DIR},${EJBCA_WILDFLY_ADMIN_PASSWORD_FILE},${EJBCA_WILDFLY_BASE_DIR}/standalone/data,${EJBCA_WILDFLY_KEYSTORE_PASSWORD_FILE},${EJBCA_WILDFLY_TRUSTSTORE_PASSWORD_FILE}" - -# Custom environment variables may be defined below diff --git a/bitnami/ejbca/8/debian-11/rootfs/opt/bitnami/scripts/ejbca/entrypoint.sh b/bitnami/ejbca/8/debian-11/rootfs/opt/bitnami/scripts/ejbca/entrypoint.sh deleted file mode 100755 index 2293e100892d..000000000000 --- a/bitnami/ejbca/8/debian-11/rootfs/opt/bitnami/scripts/ejbca/entrypoint.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -#set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libejbca.sh - -# Load ejbca environment variables -. /opt/bitnami/scripts/ejbca-env.sh - -print_welcome_page - -if [[ "$*" = *"/opt/bitnami/scripts/ejbca/run.sh"* ]]; then - info "** Starting ejbca setup **" - /opt/bitnami/scripts/ejbca/setup.sh - info "** ejbca setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/ejbca/8/debian-11/rootfs/opt/bitnami/scripts/ejbca/postunpack.sh b/bitnami/ejbca/8/debian-11/rootfs/opt/bitnami/scripts/ejbca/postunpack.sh deleted file mode 100755 index ae9e7862391f..000000000000 --- a/bitnami/ejbca/8/debian-11/rootfs/opt/bitnami/scripts/ejbca/postunpack.sh +++ /dev/null @@ -1,30 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libejbca.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh - -# Load ejbca environment variables -. /opt/bitnami/scripts/ejbca-env.sh - -ensure_user_exists "$EJBCA_DAEMON_USER" --group "$EJBCA_DAEMON_GROUP" --system - -for dir in "$EJBCA_BASE_DIR" "$EJBCA_WILDFLY_BASE_DIR" "$EJBCA_TMP_DIR" "$EJBCA_VOLUME_DIR" \ - "$EJBCA_WILDFLY_VOLUME_DIR" "${EJBCA_WILDFLY_BASE_DIR}/standalone" \ - "${EJBCA_WILDFLY_BASE_DIR}/domain" "$EJBCA_WILDFLY_TMP_DIR"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" - chown -R "${EJBCA_DAEMON_USER}:root" "$dir" -done - -chmod g+rw "$EJBCA_WILDFLY_STANDALONE_CONF_FILE" diff --git a/bitnami/ejbca/8/debian-11/rootfs/opt/bitnami/scripts/ejbca/run.sh b/bitnami/ejbca/8/debian-11/rootfs/opt/bitnami/scripts/ejbca/run.sh deleted file mode 100755 index 2cbf78f6b7ff..000000000000 --- a/bitnami/ejbca/8/debian-11/rootfs/opt/bitnami/scripts/ejbca/run.sh +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libejbca.sh -. /opt/bitnami/scripts/libos.sh - -# Load ejbca environment variables -. /opt/bitnami/scripts/ejbca-env.sh - -info "** Starting ejbca **" -start_command=("${EJBCA_WILDFLY_BIN_DIR}/standalone.sh" "-b" "0.0.0.0") - -if am_i_root; then - exec_as_user "$EJBCA_DAEMON_USER" "${start_command[@]}" -else - exec "${start_command[@]}" -fi diff --git a/bitnami/ejbca/8/debian-11/rootfs/opt/bitnami/scripts/ejbca/setup.sh b/bitnami/ejbca/8/debian-11/rootfs/opt/bitnami/scripts/ejbca/setup.sh deleted file mode 100755 index 0800c8aa90a4..000000000000 --- a/bitnami/ejbca/8/debian-11/rootfs/opt/bitnami/scripts/ejbca/setup.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libejbca.sh - -# Load ejbca environment variables -. /opt/bitnami/scripts/ejbca-env.sh - -# Ensure ejbca environment variables are valid -ejbca_validate - -# Ensure ejbca is initialized -ejbca_initialize - -# Launch init scripts -ejbca_custom_init_scripts diff --git a/bitnami/ejbca/8/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh b/bitnami/ejbca/8/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh deleted file mode 100755 index c3a1e2383fa1..000000000000 --- a/bitnami/ejbca/8/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -print_welcome_page - -echo "" -exec "$@" diff --git a/bitnami/ejbca/8/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh b/bitnami/ejbca/8/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh deleted file mode 100755 index 52dbf4f13673..000000000000 --- a/bitnami/ejbca/8/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh - -# -# Java post-unpack operations -# - -# Override default files in the Java security directory. This is used for -# custom base images (with custom CA certificates or block lists is used) - -if [[ -n "${JAVA_EXTRA_SECURITY_DIR:-}" ]] && ! is_dir_empty "$JAVA_EXTRA_SECURITY_DIR"; then - info "Adding custom CAs to the Java security folder" - cp -Lr "${JAVA_EXTRA_SECURITY_DIR}/." /opt/bitnami/java/lib/security -fi diff --git a/bitnami/ejbca/8/debian-11/rootfs/opt/bitnami/scripts/libejbca.sh b/bitnami/ejbca/8/debian-11/rootfs/opt/bitnami/scripts/libejbca.sh deleted file mode 100644 index aacdbcb5623c..000000000000 --- a/bitnami/ejbca/8/debian-11/rootfs/opt/bitnami/scripts/libejbca.sh +++ /dev/null @@ -1,738 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami EBJCA library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libpersistence.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libfile.sh - -######################## -# Validate settings in EJBCA_* env. variables -# Globals: -# EJBCA_* -# Arguments: -# None -# Returns: -# None -######################### -ejbca_validate() { - info "Validating settings in EJBCA_* env vars..." - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$EJBCA_ADMIN_USERNAME" ]] || [[ -z "$EJBCA_ADMIN_PASSWORD" ]]; then - print_validation_error "The EJBCA administrator user's credentials are mandatory. Set the environment variables EJBCA_ADMIN_USERNAME and EJBCA_ADMIN_PASSWORD with the EJBCA administrator user's credentials." - fi - - if [[ -n "$EJBCA_SERVER_CERT_FILE" ]] && [[ -z "$EJBCA_SERVER_CERT_PASSWORD" ]]; then - print_validation_error "If you indicate a Certificate file, you need to provide its password in EJBCA_SERVER_CERT_PASSWORD." - fi - - if [[ -z "$EJBCA_DATABASE_HOST" ]]; then - print_validation_error "The EJBCA database host is mandatory. Set the environment variables EJBCA_DATABASE_HOST." - fi - - if [[ -z "$EJBCA_DATABASE_PORT" ]]; then - print_validation_error "The EJBCA database port is mandatory. Set the environment variables EJBCA_DATABASE_PORT." - fi - - if [[ -z "$EJBCA_DATABASE_USERNAME" ]]; then - print_validation_error "The EJBCA database username is mandatory. Set the environment variables EJBCA_DATABASE_USERNAME." - fi - - if [[ -z "$EJBCA_DATABASE_PASSWORD" ]]; then - print_validation_error "The EJBCA database password is mandatory. Set the environment variables EJBCA_DATABASE_PASSWORD." - fi - - [[ "$error_code" -eq 0 ]] || exit "$error_code" -} - -######################## -# Run wildfly CLI and print output -# Globals: -# EJBCA_* -# Arguments: -# None -# Returns: -# None -######################### -ejbca_wildfly_command_print_output() { - local -r cmd="${EJBCA_WILDFLY_BIN_DIR}/jboss-cli.sh" - local -r -a args=("--connect" "-u=${EJBCA_WILDFLY_ADMIN_USER}" "-p=${EJBCA_WILDFLY_ADMIN_PASSWORD}" "$@") - if am_i_root; then - run_as_user "$EJBCA_DAEMON_USER" "$cmd" "${args[@]}" - else - "$cmd" "${args[@]}" - fi -} - -######################## -# Run wildfly CLI -# Globals: -# EJBCA_* -# Arguments: -# None -# Returns: -# None -######################### -ejbca_wildfly_command() { - debug_execute ejbca_wildfly_command_print_output "$@" -} - -######################## -# Wait until wildfly is ready -# Globals: -# EJBCA_* -# Arguments: -# None -# Returns: -# None -######################### -wait_for_wildfly() { - local -r retries="30" - local -r sleep_time="5" - - if ! retry_while wildfly_not_ready "$retries" "$sleep_time"; then - error "Timeout waiting for Wildfly to be ready" - return 1 - fi -} - -######################## -# Check if the console is not ready -# Globals: -# EJBCA_* -# Arguments: -# None -# Returns: -# None -######################### -wildfly_not_ready() { - local status - - status=$(ejbca_wildfly_command_print_output ":read-attribute(name=server-state)" | grep "result") - [[ "$status" =~ "running" ]] && return 0 || return 1 -} - -######################## -# Configure Wildfly -# Globals: -# EJBCA_* -# Arguments: -# None -# Returns: -# None -######################### -ejbca_configure_wildfly() { - # The configuration of Wildfly in EJBCA https://doc.primekey.com/ejbca790/ejbca-installation/application-servers/wildfly-24 - info "Creating data source" - local -r pluginJar="$(basename "$EJBCA_WILDFLY_DEPLOY_DIR"/mariadb*)" - ejbca_wildfly_command "data-source add --name=ejbcads --driver-name=\"${pluginJar}\" --connection-url=\"jdbc:mysql://${EJBCA_DATABASE_HOST}:${EJBCA_DATABASE_PORT}/${EJBCA_DATABASE_NAME}\" --jndi-name=\"java:/EjbcaDS\" --use-ccm=true --driver-class=\"org.mariadb.jdbc.Driver\" --user-name=\"${EJBCA_DATABASE_USERNAME}\" --password=\"${EJBCA_DATABASE_PASSWORD}\" --validate-on-match=true --background-validation=false --prepared-statements-cache-size=50 --share-prepared-statements=true --min-pool-size=5 --max-pool-size=150 --pool-prefill=true --transaction-isolation=TRANSACTION_READ_COMMITTED --check-valid-connection-sql=\"select 1;\"" - ejbca_wildfly_command ":reload" - wait_for_wildfly - - info "Configure WildFly Remoting" - ejbca_wildfly_command '/subsystem=remoting/http-connector=http-remoting-connector:write-attribute(name=connector-ref,value=remoting)' - ejbca_wildfly_command '/socket-binding-group=standard-sockets/socket-binding=remoting:add(port=4447,interface=management)' - ejbca_wildfly_command '/subsystem=undertow/server=default-server/http-listener=remoting:add(socket-binding=remoting,enable-http2=true)' - ejbca_wildfly_command ':reload' - wait_for_wildfly - - info "Configure logging" - ejbca_wildfly_command '/subsystem=logging/logger=org.cesecore.audit.impl.log4j.Log4jDevice:add(level=INFO)' - ejbca_wildfly_command '/subsystem=logging/logger=org.ejbca:add(level=INFO)' - ejbca_wildfly_command '/subsystem=logging/logger=org.cesecore:add(level=INFO)' - ejbca_wildfly_command '/subsystem=undertow/server=default-server/host=default-host/setting=access-log:add(pattern="%h %t \"%r\" %s \"%{i,User-Agent}\"", relative-to=jboss.server.log.dir, directory=access-logs)' - ejbca_wildfly_command '/subsystem=logging/logger=io.undertow.accesslog:add(level=INFO)' - - info "Remove the ExampleDS DataSource" - ejbca_wildfly_command '/subsystem=ee/service=default-bindings:remove()' - ejbca_wildfly_command 'data-source remove --name=ExampleDS' - ejbca_wildfly_command ':reload' - wait_for_wildfly - - info "Configure email" - ejbca_wildfly_command "/socket-binding-group=standard-sockets/remote-destination-outbound-socket-binding=ejbca-mail-smtp:add(port=\"${EJBCA_SMTP_PORT}\", host=\"${EJBCA_SMTP_HOST}\")" - ejbca_wildfly_command "/subsystem=mail/mail-session=\"java:/EjbcaMail\":add(jndi-name=java:/EjbcaMail, from=\"${EJBCA_SMTP_FROM_ADDRESS}\")" - if [[ -n "$EJBCA_SMTP_USERNAME" ]]; then - ejbca_wildfly_command "/subsystem=mail/mail-session=\"java:/EjbcaMail\"/server=smtp:add(outbound-socket-binding-ref=ejbca-mail-smtp, tls=${EJBCA_SMTP_TLS}, username=\"${EJBCA_SMTP_USERNAME}\", password=\"${EJBCA_SMTP_PASSWORD}\")" - else - ejbca_wildfly_command "/subsystem=mail/mail-session=\"java:/EjbcaMail\"/server=smtp:add(outbound-socket-binding-ref=ejbca-mail-smtp, tls=${EJBCA_SMTP_TLS})" - fi - ejbca_wildfly_command ':reload' - wait_for_wildfly - - info "Configure redirection" - ejbca_wildfly_command '/subsystem=undertow/server=default-server/host=default-host/location="\/":remove()' - ejbca_wildfly_command '/subsystem=undertow/configuration=handler/file=welcome-content:remove()' - ejbca_wildfly_command ':reload' - ejbca_wildfly_command '/subsystem=undertow/configuration=filter/rewrite=redirect-to-app:add(redirect=true,target="/ejbca/")' - ejbca_wildfly_command "/subsystem=undertow/server=default-server/host=default-host/filter-ref=redirect-to-app:add(predicate=\"method(GET) and not path-prefix('/ejbca/','/crls','/certificates','/.well-known/') and not equals({%{LOCAL_PORT}, 4447})\")" - ejbca_wildfly_command ':reload' - wait_for_wildfly -} - -######################## -# Configure wildfly https parameters -# Globals: -# EJBCA_* -# Arguments: -# None -# Returns: -# None -######################### -ejbca_configure_wildfly_https() { - info "HTTP(S) Listener Configuration" - ejbca_wildfly_command "/subsystem=undertow/server=default-server/http-listener=default:remove()" - ejbca_wildfly_command "/subsystem=undertow/server=default-server/https-listener=https:remove()" - ejbca_wildfly_command "/socket-binding-group=standard-sockets/socket-binding=http:remove()" - ejbca_wildfly_command "/socket-binding-group=standard-sockets/socket-binding=https:remove()" - ejbca_wildfly_command ":reload" - wait_for_wildfly - - info "Add New Interfaces and Sockets" - ejbca_wildfly_command '/interface=http:add(inet-address="0.0.0.0")' - ejbca_wildfly_command '/interface=httpspub:add(inet-address="0.0.0.0")' - ejbca_wildfly_command '/interface=httpspriv:add(inet-address="0.0.0.0")' - ejbca_wildfly_command "/socket-binding-group=standard-sockets/socket-binding=http:add(port=\"$EJBCA_HTTP_PORT_NUMBER\",interface=\"http\")" - ejbca_wildfly_command '/socket-binding-group=standard-sockets/socket-binding=httpspub:add(port="8442",interface="httpspub")' - ejbca_wildfly_command "/socket-binding-group=standard-sockets/socket-binding=httpspriv:add(port=\"$EJBCA_HTTPS_PORT_NUMBER\",interface=\"httpspriv\")" - - info "Configure TLS" - ejbca_wildfly_command "/subsystem=elytron/key-store=httpsKS:add(path=\"keystore.jks\",relative-to=jboss.server.config.dir,credential-reference={clear-text=\"$EJBCA_KEYSTORE_PASSWORD\"},type=JKS)" - ejbca_wildfly_command "/subsystem=elytron/key-store=httpsTS:add(path=\"truststore.jks\",relative-to=jboss.server.config.dir,credential-reference={clear-text=\"$EJBCA_TRUSTSTORE_PASSWORD\"},type=JKS)" - ejbca_wildfly_command "/subsystem=elytron/key-manager=httpsKM:add(key-store=httpsKS,algorithm=\"SunX509\",credential-reference={clear-text=\"$EJBCA_KEYSTORE_PASSWORD\"})" - ejbca_wildfly_command '/subsystem=elytron/trust-manager=httpsTM:add(key-store=httpsTS)' - ejbca_wildfly_command '/subsystem=elytron/server-ssl-context=httpspub:add(key-manager=httpsKM,protocols=["TLSv1.2"])' - ejbca_wildfly_command '/subsystem=elytron/server-ssl-context=httpspriv:add(key-manager=httpsKM,protocols=["TLSv1.2"],trust-manager=httpsTM,need-client-auth=false,authentication-optional=true,want-client-auth=true)' - - info "Add HTTP(S) and AJP Listeners" - ejbca_wildfly_command '/subsystem=undertow/server=default-server/http-listener=http:add(socket-binding="http", redirect-socket="httpspriv")' - ejbca_wildfly_command '/subsystem=undertow/server=default-server/https-listener=httpspub:add(socket-binding="httpspub", ssl-context="httpspub", max-parameters=2048)' - ejbca_wildfly_command '/subsystem=undertow/server=default-server/https-listener=httpspriv:add(socket-binding="httpspriv", ssl-context="httpspriv", max-parameters=2048)' - ejbca_wildfly_command "/subsystem=undertow/server=default-server/ajp-listener=ajp-listener:add(socket-binding=ajp, scheme=https, enabled=true)" - ejbca_wildfly_command ':reload' - wait_for_wildfly - - info "HTTP Protocol Behavior Configuration" - ejbca_wildfly_command '/system-property=org.apache.catalina.connector.URI_ENCODING:add(value="UTF-8")' - ejbca_wildfly_command '/system-property=org.apache.catalina.connector.USE_BODY_ENCODING_FOR_QUERY_STRING:add(value=true)' - ejbca_wildfly_command '/system-property=org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH:add(value=true)' - ejbca_wildfly_command '/system-property=org.apache.tomcat.util.http.Parameters.MAX_COUNT:add(value=2048)' - ejbca_wildfly_command '/system-property=org.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH:add(value=true)' - ejbca_wildfly_command '/subsystem=webservices:write-attribute(name=wsdl-host, value=jbossws.undefined.host)' - ejbca_wildfly_command '/subsystem=webservices:write-attribute(name=modify-wsdl-address, value=true)' - ejbca_wildfly_command ':reload' - wait_for_wildfly -} - -######################## -# Start wildfly in background -# Globals: -# EJBCA_* -# Arguments: -# None -# Returns: -# None -######################### -ejbca_start_wildfly_bg() { - local -r exec="$EJBCA_WILDFLY_BIN_DIR"/standalone.sh - local args=("-b" "127.0.0.1") - - info "Starting wildfly..." - - if ! is_wildfly_running; then - if am_i_root; then - debug_execute run_as_user "$EJBCA_DAEMON_USER" "${exec}" "${args[@]}" & - else - debug_execute "${exec}" "${args[@]}" & - fi - fi -} - -###################### -# Stop wildfly -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -ejbca_stop_wildfly() { - info "Stopping wildfly..." - ejbca_wildfly_command ":shutdown" - local counter=10 - local pid - pid="$(get_pid_from_file "$EJBCA_WILDFLY_PID_FILE")" - kill "$pid" - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -####################### -# Create wildfly management user -# Globals: -# EJBCA_* -# Arguments: -# None -# Returns: -# None -######################### -ejbca_create_management_user() { - info "Creating wildfly management user..." - local -r cmd="${EJBCA_WILDFLY_BIN_DIR}/add-user.sh" - local -r -a args=("-u" "$EJBCA_WILDFLY_ADMIN_USER" "-p" "$EJBCA_WILDFLY_ADMIN_PASSWORD" "-s") - - if am_i_root; then - debug_execute run_as_user "$EJBCA_DAEMON_USER" "$cmd" "${args[@]}" - else - debug_execute "$cmd" "${args[@]}" - fi -} - -####################### -# Deploy package in wildfly -# Globals: -# EJBCA_* -# Arguments: -# None -# Returns: -# None -######################### -ejbca_wildfly_deploy() { - local -r file_to_deploy="${1:?Missing file to deploy}" - deployed_file="${EJBCA_WILDFLY_DEPLOY_DIR}/$(basename "$file_to_deploy").deployed" - local -r retries="30" - local -r sleep_time="5" - - if [[ ! -f "$deployed_file" ]]; then - cp "$file_to_deploy" "$EJBCA_WILDFLY_DEPLOY_DIR"/ - if ! retry_while "test -f ${deployed_file}" "$retries" "$sleep_time" 2>/dev/null; then - error "Timeout deploying ${file_to_deploy} to WildFly: File ${deployed_file} was not generated" - return 1 - fi - info "Deployment done" - else - info "Already deployed" - fi -} - -######################## -# Wait for mysql connection -# Globals: -# EJBCA_* -# Arguments: -# None -# Returns: -# None -######################### -wait_for_mysql_connection() { - database_not_ready() { - echo "select 1" | debug_execute mysql -u"$EJBCA_DATABASE_USERNAME" -p"$EJBCA_DATABASE_PASSWORD" -h"$EJBCA_DATABASE_HOST" -P"$EJBCA_DATABASE_PORT" "$EJBCA_DATABASE_NAME" - } - - if ! retry_while database_not_ready; then - error "Timeout waiting for database to be ready" - return 1 - fi -} - -######################## -# Check if the console is not ready -# Globals: -# EJBCA_* -# Arguments: -# None -# Returns: -# None -######################### -ejbca_create_database() { - info "Creating database tables and indexes" - # Create database structure - mysql -u"$EJBCA_DATABASE_USERNAME" -p"$EJBCA_DATABASE_PASSWORD" -h"$EJBCA_DATABASE_HOST" -P"$EJBCA_DATABASE_PORT" "$EJBCA_DATABASE_NAME" <"$EJBCA_DB_SCRIPT_TABLES" - mysql -u"$EJBCA_DATABASE_USERNAME" -p"$EJBCA_DATABASE_PASSWORD" -h"$EJBCA_DATABASE_HOST" -P"$EJBCA_DATABASE_PORT" "$EJBCA_DATABASE_NAME" <"$EJBCA_DB_SCRIPT_INDEXES" -} - -######################## -# Generate CA -# Globals: -# EJBCA_* -# Arguments: -# None -# Returns: -# None -######################### -ejbca_generate_ca() { - local ejbca_ca - local existing_management_ca - local instance_hostname - local end_entity_name - local -r instance_hostname="$(hostname --fqdn)" - - info "Generating CA" - ejbca_ca="$(ejbca_execute_command_print_output ca listcas 2>&1)" - if ! grep -q 'CA Name: ' <<<"$ejbca_ca"; then - info "Init CA" - ejbca_execute_command ca init \ - --dn "CN=$EJBCA_CA_NAME,$EJBCA_BASE_DN" \ - --caname "$EJBCA_CA_NAME" \ - --tokenType "soft" \ - --tokenPass "null" \ - --keytype "$EJBCA_CA_KEYTYPE" \ - --keyspec "$EJBCA_CA_KEYSPEC" \ - -v "$EJBCA_CA_CERT_VALIDITY" \ - --policy "$EJBCA_CA_CERT_POLICY_ID" \ - -s "$EJBCA_CA_CERT_SIGNATURE_ALGORITHM" \ - -type "x509" - - info "Add superadmin user" - ejbca_execute_command ra addendentity \ - --username "$EJBCA_ADMIN_USERNAME" \ - --dn "\"CN=SuperAdmin,$EJBCA_BASE_DN\"" \ - --caname "$EJBCA_CA_NAME" \ - --type 1 \ - --token P12 \ - --password "$EJBCA_ADMIN_PASSWORD" - fi - - ejbca_ca="$(ejbca_execute_command_print_output ca listcas 2>&1)" - if grep -q "CA Name: $EJBCA_CA_NAME" <<<"$ejbca_ca"; then - existing_management_ca="$(grep "CA Name: $EJBCA_CA_NAME" <<<"$ejbca_ca" | sed 's/.*CA Name: //g')" - - if [[ "$existing_management_ca" == "$EJBCA_CA_NAME" ]]; then - - end_entity_name="$instance_hostname" - if [ "$instance_hostname" == "ejbca" ]; then - # Avoid conflicts with the default EJBCA EJB CLI end entity "ejbca" - end_entity_name="ejbca-instance-tls" - fi - - info "Add RA Entity" - ejbca_execute_command ra addendentity \ - --username "$end_entity_name" \ - --dn "\"CN=$instance_hostname,$EJBCA_BASE_DN\"" \ - --caname "$EJBCA_CA_NAME" \ - --type 1 \ - --token JKS \ - --password "$EJBCA_KEYSTORE_PASSWORD" \ - --altname "dnsName=$instance_hostname" \ - --certprofile SERVER - - info "Set RA status to new" - ejbca_execute_command ra setendentitystatus \ - --username "$end_entity_name" \ - -S 10 - - info "Set RA entity password" - ejbca_execute_command ra setclearpwd \ - --username "$end_entity_name" \ - --password "$EJBCA_KEYSTORE_PASSWORD" - - info "Export entity certificate" - ejbca_execute_command batch \ - --username "$end_entity_name" \ - -dir "$EJBCA_TMP_DIR/" - - mv "$EJBCA_TMP_DIR/$end_entity_name.jks" "$EJBCA_WILDFLY_KEYSTORE_FILE" - - ejbca_execute_command roles addrolemember \ - --namespace "" \ - --role "Super Administrator Role" \ - --caname "$EJBCA_CA_NAME" \ - --with "CertificateAuthenticationToken:WITH_COMMONNAME" \ - --value "SuperAdmin" \ - --description "Initial RoleMember." - fi - fi -} - -######################## -# EJBCA CLI and print output -# Globals: -# EJBCA_* -# Arguments: -# None -# Returns: -# None -######################### -ejbca_execute_command_print_output() { - if am_i_root; then - run_as_user "$EJBCA_DAEMON_USER" "$EJBCA_BIN_DIR"/ejbca.sh "$@" 2>&1 - else - "$EJBCA_BIN_DIR"/ejbca.sh "$@" 2>&1 - fi -} - -######################## -# EJBCA CLI -# Globals: -# EJBCA_* -# Arguments: -# None -# Returns: -# None -######################### -ejbca_execute_command() { - debug_execute ejbca_execute_command_print_output "$@" -} - -######################## -# Keytool wrapper -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -ejbca_keytool_command() { - keytool "$@" 2>&1 -} - -######################## -# Generate keystores -# Globals: -# EJBCA_* -# Arguments: -# None -# Returns: -# None -######################### -ejbca_create_truststore() { - local line - local ejbca_ca - local ca_list - - info "Load the CAs in the trustkeystore" - ejbca_ca="$(ejbca_execute_command_print_output ca listcas 2>&1)" - if grep -q 'CA Name: ' <<<"$ejbca_ca"; then - ca_list=("$(grep 'CA Name: ' <<<"$ejbca_ca" | sed 's/.*CA Name: //g')") - for line in "${ca_list[@]}"; do - ejbca_execute_command ca getcacert \ - --caname "$line" \ - -f "$EJBCA_TEMP_CERT" \ - -der - - if [[ -f "$EJBCA_TEMP_CERT" ]]; then - ejbca_keytool_command -alias "$line" \ - -import -trustcacerts \ - -file "$EJBCA_TEMP_CERT" \ - -keystore "$EJBCA_WILDFLY_TRUSTSTORE_FILE" \ - -storepass "$EJBCA_TRUSTSTORE_PASSWORD" \ - -noprompt - rm "$EJBCA_TEMP_CERT" - fi - done - fi -} - -######################## -# Run custom initialization scripts -# Globals: -# EJBCA_* -# Arguments: -# None -# Returns: -# None -######################### -ejbca_custom_init_scripts() { - if [[ -n $(find "${EJBCA_INITSCRIPTS_DIR}/" -type f -regex ".*\.sh") ]]; then - info "Loading user's custom files from $EJBCA_INITSCRIPTS_DIR ..." - local -r tmp_file="/tmp/filelist" - ejbca_start_wildfly_bg - find "${EJBCA_INITSCRIPTS_DIR}/" -type f -regex ".*\.sh" | sort >"$tmp_file" - while read -r f; do - case "$f" in - *.sh) - if [[ -x "$f" ]]; then - debug "Executing $f" - "$f" - else - debug "Sourcing $f" - # shellcheck disable=SC1090 - . "$f" - fi - ;; - *) - debug "Ignoring $f" - ;; - esac - done <$tmp_file - ejbca_stop - rm -f "$tmp_file" - else - info "No custom scripts in $EJBCA_INITSCRIPTS_DIR" - fi -} - -######################## -# Sets java_opts -# Globals: -# EJBCA_* -# Arguments: -# None -# Returns: -# None -######################### -ejba_set_java_opts() { - cat >>"$EJBCA_WILDFLY_STANDALONE_CONF_FILE" <"$EJBCA_WILDFLY_KEYSTORE_PASSWORD_FILE" - echo "$EJBCA_TRUSTSTORE_PASSWORD" >"$EJBCA_WILDFLY_TRUSTSTORE_PASSWORD_FILE" - echo "$EJBCA_WILDFLY_ADMIN_PASSWORD" >"$EJBCA_WILDFLY_ADMIN_PASSWORD_FILE" - - ejbca_configure_wildfly_https - - ejbca_stop_wildfly - - persist_app "wildfly" "$EJBCA_WILDFLY_DATA_TO_PERSIST" - else - info "Persisted data detected" - restore_persisted_app "wildfly" "$EJBCA_WILDFLY_DATA_TO_PERSIST" - - # Load keystores passwords - read -r EJBCA_KEYSTORE_PASSWORD <"$EJBCA_WILDFLY_KEYSTORE_PASSWORD_FILE" - read -r EJBCA_TRUSTSTORE_PASSWORD <"$EJBCA_WILDFLY_TRUSTSTORE_PASSWORD_FILE" - read -r EJBCA_WILDFLY_ADMIN_PASSWORD <"$EJBCA_WILDFLY_ADMIN_PASSWORD_FILE" - - # Adapt the MariaDB driver version to the new one - local -r pluginJar="$(basename "$EJBCA_WILDFLY_DEPLOY_DIR"/mariadb*)" - replace_in_file "${EJBCA_WILDFLY_STANDALONE_XML_FILE}" "mariadb-java-client-.*.jar" "${pluginJar}" - - ejbca_start_wildfly_bg - wait_for_wildfly - - info "Deploying EJBCA application" - ejbca_wildfly_deploy "$EJBCA_EAR_FILE" - - ejbca_stop_wildfly - wait_for_mysql_connection - fi -} - -######################## -# Check if Wildfly is running is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_wildfly_running() { - local pid - pid="$(get_pid_from_file "$EJBCA_WILDFLY_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if WildFly is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_wildfly_not_running() { - ! is_wildfly_running -} - -######################## -# Stop WildFly -# Arguments: -# None -# Returns: -# None -######################### -wildfly_stop() { - is_wildfly_not_running && return - info "Stopping ejbca" - stop_service_using_pid "$EJBCA_WILDFLY_PID_FILE" -} diff --git a/bitnami/ejbca/8/debian-11/tags-info.yaml b/bitnami/ejbca/8/debian-11/tags-info.yaml deleted file mode 100644 index e99a72c0a82e..000000000000 --- a/bitnami/ejbca/8/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "8" -- 8-debian-11 -- 8.2.0-1 -- latest diff --git a/bitnami/elasticsearch-exporter/1/debian-11/Dockerfile b/bitnami/elasticsearch-exporter/1/debian-11/Dockerfile deleted file mode 100644 index c19192951408..000000000000 --- a/bitnami/elasticsearch-exporter/1/debian-11/Dockerfile +++ /dev/null @@ -1,54 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T23:39:49Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.7.0-debian-11-r24" \ - org.opencontainers.image.title="elasticsearch-exporter" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="1.7.0" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "elasticsearch-exporter-1.7.0-5-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="1.7.0" \ - BITNAMI_APP_NAME="elasticsearch-exporter" \ - PATH="/opt/bitnami/elasticsearch-exporter/bin:$PATH" - -EXPOSE 9114 - -WORKDIR /opt/bitnami/elasticsearch-exporter -USER 1001 -ENTRYPOINT [ "/opt/bitnami/elasticsearch-exporter/bin/elasticsearch_exporter" ] diff --git a/bitnami/elasticsearch-exporter/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/elasticsearch-exporter/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 1995df1dc3bf..000000000000 --- a/bitnami/elasticsearch-exporter/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "elasticsearch-exporter": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.7.0-5" - } -} \ No newline at end of file diff --git a/bitnami/elasticsearch-exporter/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/elasticsearch-exporter/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/elasticsearch-exporter/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/elasticsearch-exporter/1/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/elasticsearch-exporter/1/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/elasticsearch-exporter/1/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/elasticsearch-exporter/1/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/elasticsearch-exporter/1/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/elasticsearch-exporter/1/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/elasticsearch-exporter/1/debian-11/tags-info.yaml b/bitnami/elasticsearch-exporter/1/debian-11/tags-info.yaml deleted file mode 100644 index c12a7a21c494..000000000000 --- a/bitnami/elasticsearch-exporter/1/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "1" -- 1-debian-11 -- 1.7.0 -- latest diff --git a/bitnami/elasticsearch/7/debian-11/Dockerfile b/bitnami/elasticsearch/7/debian-11/Dockerfile deleted file mode 100644 index ab041c519a4c..000000000000 --- a/bitnami/elasticsearch/7/debian-11/Dockerfile +++ /dev/null @@ -1,63 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG ELASTICSEARCH_PLUGINS -ARG JAVA_EXTRA_SECURITY_DIR="/bitnami/java/extra-security" -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T08:27:25Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="7.17.18-debian-11-r18" \ - org.opencontainers.image.title="elasticsearch" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="7.17.18" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/java/bin:/opt/bitnami/elasticsearch/bin:$PATH" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libasound2-dev libc6 libfreetype6 libfreetype6-dev libgcc1 procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "yq-4.41.1-0-linux-${OS_ARCH}-debian-11" \ - "java-17.0.10-13-1-linux-${OS_ARCH}-debian-11" \ - "elasticsearch-7.17.18-0-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/elasticsearch/postunpack.sh -RUN /opt/bitnami/scripts/java/postunpack.sh -ENV APP_VERSION="7.17.18" \ - BITNAMI_APP_NAME="elasticsearch" \ - ES_JAVA_HOME="/opt/bitnami/java" \ - JAVA_HOME="/opt/bitnami/java" \ - LD_LIBRARY_PATH="/opt/bitnami/elasticsearch/jdk/lib:/opt/bitnami/elasticsearch/jdk/lib/server:$LD_LIBRARY_PATH" - -EXPOSE 9200 9300 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/elasticsearch/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/elasticsearch/run.sh" ] diff --git a/bitnami/elasticsearch/7/debian-11/docker-compose.yml b/bitnami/elasticsearch/7/debian-11/docker-compose.yml deleted file mode 100644 index df84adbab13a..000000000000 --- a/bitnami/elasticsearch/7/debian-11/docker-compose.yml +++ /dev/null @@ -1,16 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' - -services: - elasticsearch: - image: docker.io/bitnami/elasticsearch:7 - ports: - - '9200:9200' - - '9300:9300' - volumes: - - 'elasticsearch_data:/bitnami/elasticsearch/data' -volumes: - elasticsearch_data: - driver: local diff --git a/bitnami/elasticsearch/7/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/elasticsearch/7/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 042940ff86b9..000000000000 --- a/bitnami/elasticsearch/7/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "elasticsearch": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "7.17.18-0" - }, - "java": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "17.0.10-13-1" - }, - "yq": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "4.41.1-0" - } -} \ No newline at end of file diff --git a/bitnami/elasticsearch/7/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/elasticsearch/7/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/elasticsearch/7/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/elasticsearch/7/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/elasticsearch/7/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/elasticsearch/7/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/elasticsearch/7/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/elasticsearch/7/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/elasticsearch/7/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/elasticsearch/7/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/elasticsearch/7/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/elasticsearch/7/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/elasticsearch/7/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/elasticsearch/7/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/elasticsearch/7/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/elasticsearch/7/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/elasticsearch/7/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/elasticsearch/7/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/elasticsearch/7/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/elasticsearch/7/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/elasticsearch/7/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/elasticsearch/7/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/elasticsearch/7/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/elasticsearch/7/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/elasticsearch/7/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/elasticsearch/7/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/elasticsearch/7/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/elasticsearch/7/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/elasticsearch/7/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/elasticsearch/7/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/elasticsearch/7/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/elasticsearch/7/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/elasticsearch/7/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/elasticsearch/7/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/elasticsearch/7/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/elasticsearch/7/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/elasticsearch/7/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/elasticsearch/7/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/elasticsearch/7/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/elasticsearch/7/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/elasticsearch/7/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/elasticsearch/7/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/elasticsearch/7/debian-11/rootfs/opt/bitnami/scripts/elasticsearch-env.sh b/bitnami/elasticsearch/7/debian-11/rootfs/opt/bitnami/scripts/elasticsearch-env.sh deleted file mode 100644 index 07d6f54ec130..000000000000 --- a/bitnami/elasticsearch/7/debian-11/rootfs/opt/bitnami/scripts/elasticsearch-env.sh +++ /dev/null @@ -1,254 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for elasticsearch - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-elasticsearch}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -elasticsearch_env_vars=( - ELASTICSEARCH_CERTS_DIR - ELASTICSEARCH_DATA_DIR_LIST - ELASTICSEARCH_BIND_ADDRESS - ELASTICSEARCH_ADVERTISED_HOSTNAME - ELASTICSEARCH_CLUSTER_HOSTS - ELASTICSEARCH_CLUSTER_MASTER_HOSTS - ELASTICSEARCH_CLUSTER_NAME - ELASTICSEARCH_HEAP_SIZE - ELASTICSEARCH_MAX_ALLOWED_MEMORY_PERCENTAGE - ELASTICSEARCH_MAX_ALLOWED_MEMORY - ELASTICSEARCH_MAX_TIMEOUT - ELASTICSEARCH_LOCK_ALL_MEMORY - ELASTICSEARCH_DISABLE_JVM_HEAP_DUMP - ELASTICSEARCH_DISABLE_GC_LOGS - ELASTICSEARCH_IS_DEDICATED_NODE - ELASTICSEARCH_MINIMUM_MASTER_NODES - ELASTICSEARCH_NODE_NAME - ELASTICSEARCH_FS_SNAPSHOT_REPO_PATH - ELASTICSEARCH_NODE_ROLES - ELASTICSEARCH_PLUGINS - ELASTICSEARCH_TRANSPORT_PORT_NUMBER - ELASTICSEARCH_HTTP_PORT_NUMBER - ELASTICSEARCH_ENABLE_SECURITY - ELASTICSEARCH_PASSWORD - ELASTICSEARCH_TLS_VERIFICATION_MODE - ELASTICSEARCH_TLS_USE_PEM - ELASTICSEARCH_KEYSTORE_PASSWORD - ELASTICSEARCH_TRUSTSTORE_PASSWORD - ELASTICSEARCH_KEY_PASSWORD - ELASTICSEARCH_KEYSTORE_LOCATION - ELASTICSEARCH_TRUSTSTORE_LOCATION - ELASTICSEARCH_NODE_CERT_LOCATION - ELASTICSEARCH_NODE_KEY_LOCATION - ELASTICSEARCH_CA_CERT_LOCATION - ELASTICSEARCH_SKIP_TRANSPORT_TLS - ELASTICSEARCH_TRANSPORT_TLS_USE_PEM - ELASTICSEARCH_TRANSPORT_TLS_KEYSTORE_PASSWORD - ELASTICSEARCH_TRANSPORT_TLS_TRUSTSTORE_PASSWORD - ELASTICSEARCH_TRANSPORT_TLS_KEY_PASSWORD - ELASTICSEARCH_TRANSPORT_TLS_KEYSTORE_LOCATION - ELASTICSEARCH_TRANSPORT_TLS_TRUSTSTORE_LOCATION - ELASTICSEARCH_TRANSPORT_TLS_NODE_CERT_LOCATION - ELASTICSEARCH_TRANSPORT_TLS_NODE_KEY_LOCATION - ELASTICSEARCH_TRANSPORT_TLS_CA_CERT_LOCATION - ELASTICSEARCH_ENABLE_REST_TLS - ELASTICSEARCH_HTTP_TLS_USE_PEM - ELASTICSEARCH_HTTP_TLS_KEYSTORE_PASSWORD - ELASTICSEARCH_HTTP_TLS_TRUSTSTORE_PASSWORD - ELASTICSEARCH_HTTP_TLS_KEY_PASSWORD - ELASTICSEARCH_HTTP_TLS_KEYSTORE_LOCATION - ELASTICSEARCH_HTTP_TLS_TRUSTSTORE_LOCATION - ELASTICSEARCH_HTTP_TLS_NODE_CERT_LOCATION - ELASTICSEARCH_HTTP_TLS_NODE_KEY_LOCATION - ELASTICSEARCH_HTTP_TLS_CA_CERT_LOCATION - ELASTICSEARCH_ENABLE_FIPS_MODE - ELASTICSEARCH_KEYS - ELASTICSEARCH_ACTION_DESTRUCTIVE_REQUIRES_NAME - DB_MINIMUM_MANAGER_NODES -) -for env_var in "${elasticsearch_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset elasticsearch_env_vars -export DB_FLAVOR="elasticsearch" - -# Paths -export ELASTICSEARCH_VOLUME_DIR="/bitnami/elasticsearch" -export DB_VOLUME_DIR="$ELASTICSEARCH_VOLUME_DIR" -export ELASTICSEARCH_BASE_DIR="/opt/bitnami/elasticsearch" -export DB_BASE_DIR="$ELASTICSEARCH_BASE_DIR" -export ELASTICSEARCH_CONF_DIR="${DB_BASE_DIR}/config" -export DB_CONF_DIR="$ELASTICSEARCH_CONF_DIR" -export ELASTICSEARCH_CERTS_DIR="${ELASTICSEARCH_CERTS_DIR:-${DB_CONF_DIR}/certs}" -export DB_CERTS_DIR="$ELASTICSEARCH_CERTS_DIR" -export ELASTICSEARCH_LOGS_DIR="${DB_BASE_DIR}/logs" -export DB_LOGS_DIR="$ELASTICSEARCH_LOGS_DIR" -export ELASTICSEARCH_PLUGINS_DIR="${DB_BASE_DIR}/plugins" -export DB_PLUGINS_DIR="$ELASTICSEARCH_PLUGINS_DIR" -export ELASTICSEARCH_DATA_DIR="${DB_VOLUME_DIR}/data" -export DB_DATA_DIR="$ELASTICSEARCH_DATA_DIR" -export ELASTICSEARCH_DATA_DIR_LIST="${ELASTICSEARCH_DATA_DIR_LIST:-}" -export DB_DATA_DIR_LIST="$ELASTICSEARCH_DATA_DIR_LIST" -export ELASTICSEARCH_TMP_DIR="${DB_BASE_DIR}/tmp" -export DB_TMP_DIR="$ELASTICSEARCH_TMP_DIR" -export ELASTICSEARCH_BIN_DIR="${DB_BASE_DIR}/bin" -export DB_BIN_DIR="$ELASTICSEARCH_BIN_DIR" -export ELASTICSEARCH_MOUNTED_PLUGINS_DIR="${DB_VOLUME_DIR}/plugins" -export DB_MOUNTED_PLUGINS_DIR="$ELASTICSEARCH_MOUNTED_PLUGINS_DIR" -export ELASTICSEARCH_CONF_FILE="${DB_CONF_DIR}/elasticsearch.yml" -export DB_CONF_FILE="$ELASTICSEARCH_CONF_FILE" -export ELASTICSEARCH_LOG_FILE="${DB_LOGS_DIR}/elasticsearch.log" -export DB_LOG_FILE="$ELASTICSEARCH_LOG_FILE" -export ELASTICSEARCH_PID_FILE="${DB_TMP_DIR}/elasticsearch.pid" -export DB_PID_FILE="$ELASTICSEARCH_PID_FILE" -export ELASTICSEARCH_INITSCRIPTS_DIR="/docker-entrypoint-initdb.d" -export DB_INITSCRIPTS_DIR="$ELASTICSEARCH_INITSCRIPTS_DIR" -export PATH="${DB_BIN_DIR}:${BITNAMI_ROOT_DIR}/common/bin:$PATH" - -# System users (when running with a privileged user) -export ELASTICSEARCH_DAEMON_USER="elasticsearch" -export DB_DAEMON_USER="$ELASTICSEARCH_DAEMON_USER" -export ELASTICSEARCH_DAEMON_GROUP="elasticsearch" -export DB_DAEMON_GROUP="$ELASTICSEARCH_DAEMON_GROUP" - -# Elasticsearch configuration -export ELASTICSEARCH_BIND_ADDRESS="${ELASTICSEARCH_BIND_ADDRESS:-}" -export DB_BIND_ADDRESS="$ELASTICSEARCH_BIND_ADDRESS" -export ELASTICSEARCH_ADVERTISED_HOSTNAME="${ELASTICSEARCH_ADVERTISED_HOSTNAME:-}" -export DB_ADVERTISED_HOSTNAME="$ELASTICSEARCH_ADVERTISED_HOSTNAME" -export ELASTICSEARCH_CLUSTER_HOSTS="${ELASTICSEARCH_CLUSTER_HOSTS:-}" -export DB_CLUSTER_HOSTS="$ELASTICSEARCH_CLUSTER_HOSTS" -export ELASTICSEARCH_CLUSTER_MASTER_HOSTS="${ELASTICSEARCH_CLUSTER_MASTER_HOSTS:-}" -export DB_CLUSTER_MASTER_HOSTS="$ELASTICSEARCH_CLUSTER_MASTER_HOSTS" -export ELASTICSEARCH_CLUSTER_NAME="${ELASTICSEARCH_CLUSTER_NAME:-}" -export DB_CLUSTER_NAME="$ELASTICSEARCH_CLUSTER_NAME" -export ELASTICSEARCH_HEAP_SIZE="${ELASTICSEARCH_HEAP_SIZE:-1024m}" -export DB_HEAP_SIZE="$ELASTICSEARCH_HEAP_SIZE" -export ELASTICSEARCH_MAX_ALLOWED_MEMORY_PERCENTAGE="${ELASTICSEARCH_MAX_ALLOWED_MEMORY_PERCENTAGE:-100}" -export DB_MAX_ALLOWED_MEMORY_PERCENTAGE="$ELASTICSEARCH_MAX_ALLOWED_MEMORY_PERCENTAGE" -export ELASTICSEARCH_MAX_ALLOWED_MEMORY="${ELASTICSEARCH_MAX_ALLOWED_MEMORY:-}" -export DB_MAX_ALLOWED_MEMORY="$ELASTICSEARCH_MAX_ALLOWED_MEMORY" -export ELASTICSEARCH_MAX_TIMEOUT="${ELASTICSEARCH_MAX_TIMEOUT:-60}" -export DB_MAX_TIMEOUT="$ELASTICSEARCH_MAX_TIMEOUT" -export ELASTICSEARCH_LOCK_ALL_MEMORY="${ELASTICSEARCH_LOCK_ALL_MEMORY:-no}" -export DB_LOCK_ALL_MEMORY="$ELASTICSEARCH_LOCK_ALL_MEMORY" -export ELASTICSEARCH_DISABLE_JVM_HEAP_DUMP="${ELASTICSEARCH_DISABLE_JVM_HEAP_DUMP:-no}" -export DB_DISABLE_JVM_HEAP_DUMP="$ELASTICSEARCH_DISABLE_JVM_HEAP_DUMP" -export ELASTICSEARCH_DISABLE_GC_LOGS="${ELASTICSEARCH_DISABLE_GC_LOGS:-no}" -export DB_DISABLE_GC_LOGS="$ELASTICSEARCH_DISABLE_GC_LOGS" -export ELASTICSEARCH_IS_DEDICATED_NODE="${ELASTICSEARCH_IS_DEDICATED_NODE:-no}" -export DB_IS_DEDICATED_NODE="$ELASTICSEARCH_IS_DEDICATED_NODE" -ELASTICSEARCH_MINIMUM_MASTER_NODES="${ELASTICSEARCH_MINIMUM_MASTER_NODES:-"${DB_MINIMUM_MANAGER_NODES:-}"}" -export ELASTICSEARCH_MINIMUM_MASTER_NODES="${ELASTICSEARCH_MINIMUM_MASTER_NODES:-}" -export DB_MINIMUM_MASTER_NODES="$ELASTICSEARCH_MINIMUM_MASTER_NODES" -export ELASTICSEARCH_NODE_NAME="${ELASTICSEARCH_NODE_NAME:-}" -export DB_NODE_NAME="$ELASTICSEARCH_NODE_NAME" -export ELASTICSEARCH_FS_SNAPSHOT_REPO_PATH="${ELASTICSEARCH_FS_SNAPSHOT_REPO_PATH:-}" -export DB_FS_SNAPSHOT_REPO_PATH="$ELASTICSEARCH_FS_SNAPSHOT_REPO_PATH" -export ELASTICSEARCH_NODE_ROLES="${ELASTICSEARCH_NODE_ROLES:-}" -export DB_NODE_ROLES="$ELASTICSEARCH_NODE_ROLES" -export ELASTICSEARCH_PLUGINS="${ELASTICSEARCH_PLUGINS:-}" -export DB_PLUGINS="$ELASTICSEARCH_PLUGINS" -export ELASTICSEARCH_TRANSPORT_PORT_NUMBER="${ELASTICSEARCH_TRANSPORT_PORT_NUMBER:-9300}" -export DB_TRANSPORT_PORT_NUMBER="$ELASTICSEARCH_TRANSPORT_PORT_NUMBER" -export ELASTICSEARCH_HTTP_PORT_NUMBER="${ELASTICSEARCH_HTTP_PORT_NUMBER:-9200}" -export DB_HTTP_PORT_NUMBER="$ELASTICSEARCH_HTTP_PORT_NUMBER" - -# Elasticsearch Security configuration -export ELASTICSEARCH_ENABLE_SECURITY="${ELASTICSEARCH_ENABLE_SECURITY:-false}" -export DB_ENABLE_SECURITY="$ELASTICSEARCH_ENABLE_SECURITY" -export ELASTICSEARCH_PASSWORD="${ELASTICSEARCH_PASSWORD:-bitnami}" -export DB_PASSWORD="$ELASTICSEARCH_PASSWORD" -export ELASTICSEARCH_USERNAME="elastic" -export DB_USERNAME="$ELASTICSEARCH_USERNAME" -export ELASTICSEARCH_TLS_VERIFICATION_MODE="${ELASTICSEARCH_TLS_VERIFICATION_MODE:-full}" -export DB_TLS_VERIFICATION_MODE="$ELASTICSEARCH_TLS_VERIFICATION_MODE" -export ELASTICSEARCH_TLS_USE_PEM="${ELASTICSEARCH_TLS_USE_PEM:-false}" -export DB_TLS_USE_PEM="$ELASTICSEARCH_TLS_USE_PEM" -export ELASTICSEARCH_KEYSTORE_PASSWORD="${ELASTICSEARCH_KEYSTORE_PASSWORD:-}" -export DB_KEYSTORE_PASSWORD="$ELASTICSEARCH_KEYSTORE_PASSWORD" -export ELASTICSEARCH_TRUSTSTORE_PASSWORD="${ELASTICSEARCH_TRUSTSTORE_PASSWORD:-}" -export DB_TRUSTSTORE_PASSWORD="$ELASTICSEARCH_TRUSTSTORE_PASSWORD" -export ELASTICSEARCH_KEY_PASSWORD="${ELASTICSEARCH_KEY_PASSWORD:-}" -export DB_KEY_PASSWORD="$ELASTICSEARCH_KEY_PASSWORD" -export ELASTICSEARCH_KEYSTORE_LOCATION="${ELASTICSEARCH_KEYSTORE_LOCATION:-${DB_CERTS_DIR}/elasticsearch.keystore.jks}" -export DB_KEYSTORE_LOCATION="$ELASTICSEARCH_KEYSTORE_LOCATION" -export ELASTICSEARCH_TRUSTSTORE_LOCATION="${ELASTICSEARCH_TRUSTSTORE_LOCATION:-${DB_CERTS_DIR}/elasticsearch.truststore.jks}" -export DB_TRUSTSTORE_LOCATION="$ELASTICSEARCH_TRUSTSTORE_LOCATION" -export ELASTICSEARCH_NODE_CERT_LOCATION="${ELASTICSEARCH_NODE_CERT_LOCATION:-${DB_CERTS_DIR}/tls.crt}" -export DB_NODE_CERT_LOCATION="$ELASTICSEARCH_NODE_CERT_LOCATION" -export ELASTICSEARCH_NODE_KEY_LOCATION="${ELASTICSEARCH_NODE_KEY_LOCATION:-${DB_CERTS_DIR}/tls.key}" -export DB_NODE_KEY_LOCATION="$ELASTICSEARCH_NODE_KEY_LOCATION" -export ELASTICSEARCH_CA_CERT_LOCATION="${ELASTICSEARCH_CA_CERT_LOCATION:-${DB_CERTS_DIR}/ca.crt}" -export DB_CA_CERT_LOCATION="$ELASTICSEARCH_CA_CERT_LOCATION" -export ELASTICSEARCH_SKIP_TRANSPORT_TLS="${ELASTICSEARCH_SKIP_TRANSPORT_TLS:-false}" -export DB_SKIP_TRANSPORT_TLS="$ELASTICSEARCH_SKIP_TRANSPORT_TLS" -export ELASTICSEARCH_TRANSPORT_TLS_USE_PEM="${ELASTICSEARCH_TRANSPORT_TLS_USE_PEM:-$DB_TLS_USE_PEM}" -export DB_TRANSPORT_TLS_USE_PEM="$ELASTICSEARCH_TRANSPORT_TLS_USE_PEM" -export ELASTICSEARCH_TRANSPORT_TLS_KEYSTORE_PASSWORD="${ELASTICSEARCH_TRANSPORT_TLS_KEYSTORE_PASSWORD:-$DB_KEYSTORE_PASSWORD}" -export DB_TRANSPORT_TLS_KEYSTORE_PASSWORD="$ELASTICSEARCH_TRANSPORT_TLS_KEYSTORE_PASSWORD" -export ELASTICSEARCH_TRANSPORT_TLS_TRUSTSTORE_PASSWORD="${ELASTICSEARCH_TRANSPORT_TLS_TRUSTSTORE_PASSWORD:-$DB_TRUSTSTORE_PASSWORD}" -export DB_TRANSPORT_TLS_TRUSTSTORE_PASSWORD="$ELASTICSEARCH_TRANSPORT_TLS_TRUSTSTORE_PASSWORD" -export ELASTICSEARCH_TRANSPORT_TLS_KEY_PASSWORD="${ELASTICSEARCH_TRANSPORT_TLS_KEY_PASSWORD:-$DB_KEY_PASSWORD}" -export DB_TRANSPORT_TLS_KEY_PASSWORD="$ELASTICSEARCH_TRANSPORT_TLS_KEY_PASSWORD" -export ELASTICSEARCH_TRANSPORT_TLS_KEYSTORE_LOCATION="${ELASTICSEARCH_TRANSPORT_TLS_KEYSTORE_LOCATION:-$DB_KEYSTORE_LOCATION}" -export DB_TRANSPORT_TLS_KEYSTORE_LOCATION="$ELASTICSEARCH_TRANSPORT_TLS_KEYSTORE_LOCATION" -export ELASTICSEARCH_TRANSPORT_TLS_TRUSTSTORE_LOCATION="${ELASTICSEARCH_TRANSPORT_TLS_TRUSTSTORE_LOCATION:-$DB_TRUSTSTORE_LOCATION}" -export DB_TRANSPORT_TLS_TRUSTSTORE_LOCATION="$ELASTICSEARCH_TRANSPORT_TLS_TRUSTSTORE_LOCATION" -export ELASTICSEARCH_TRANSPORT_TLS_NODE_CERT_LOCATION="${ELASTICSEARCH_TRANSPORT_TLS_NODE_CERT_LOCATION:-$DB_NODE_CERT_LOCATION}" -export DB_TRANSPORT_TLS_NODE_CERT_LOCATION="$ELASTICSEARCH_TRANSPORT_TLS_NODE_CERT_LOCATION" -export ELASTICSEARCH_TRANSPORT_TLS_NODE_KEY_LOCATION="${ELASTICSEARCH_TRANSPORT_TLS_NODE_KEY_LOCATION:-$DB_NODE_KEY_LOCATION}" -export DB_TRANSPORT_TLS_NODE_KEY_LOCATION="$ELASTICSEARCH_TRANSPORT_TLS_NODE_KEY_LOCATION" -export ELASTICSEARCH_TRANSPORT_TLS_CA_CERT_LOCATION="${ELASTICSEARCH_TRANSPORT_TLS_CA_CERT_LOCATION:-$DB_CA_CERT_LOCATION}" -export DB_TRANSPORT_TLS_CA_CERT_LOCATION="$ELASTICSEARCH_TRANSPORT_TLS_CA_CERT_LOCATION" -export ELASTICSEARCH_ENABLE_REST_TLS="${ELASTICSEARCH_ENABLE_REST_TLS:-true}" -export DB_ENABLE_REST_TLS="$ELASTICSEARCH_ENABLE_REST_TLS" -export ELASTICSEARCH_HTTP_TLS_USE_PEM="${ELASTICSEARCH_HTTP_TLS_USE_PEM:-$DB_TLS_USE_PEM}" -export DB_HTTP_TLS_USE_PEM="$ELASTICSEARCH_HTTP_TLS_USE_PEM" -export ELASTICSEARCH_HTTP_TLS_KEYSTORE_PASSWORD="${ELASTICSEARCH_HTTP_TLS_KEYSTORE_PASSWORD:-$DB_KEYSTORE_PASSWORD}" -export DB_HTTP_TLS_KEYSTORE_PASSWORD="$ELASTICSEARCH_HTTP_TLS_KEYSTORE_PASSWORD" -export ELASTICSEARCH_HTTP_TLS_TRUSTSTORE_PASSWORD="${ELASTICSEARCH_HTTP_TLS_TRUSTSTORE_PASSWORD:-$DB_TRUSTSTORE_PASSWORD}" -export DB_HTTP_TLS_TRUSTSTORE_PASSWORD="$ELASTICSEARCH_HTTP_TLS_TRUSTSTORE_PASSWORD" -export ELASTICSEARCH_HTTP_TLS_KEY_PASSWORD="${ELASTICSEARCH_HTTP_TLS_KEY_PASSWORD:-$DB_KEY_PASSWORD}" -export DB_HTTP_TLS_KEY_PASSWORD="$ELASTICSEARCH_HTTP_TLS_KEY_PASSWORD" -export ELASTICSEARCH_HTTP_TLS_KEYSTORE_LOCATION="${ELASTICSEARCH_HTTP_TLS_KEYSTORE_LOCATION:-$DB_KEYSTORE_LOCATION}" -export DB_HTTP_TLS_KEYSTORE_LOCATION="$ELASTICSEARCH_HTTP_TLS_KEYSTORE_LOCATION" -export ELASTICSEARCH_HTTP_TLS_TRUSTSTORE_LOCATION="${ELASTICSEARCH_HTTP_TLS_TRUSTSTORE_LOCATION:-$DB_TRUSTSTORE_LOCATION}" -export DB_HTTP_TLS_TRUSTSTORE_LOCATION="$ELASTICSEARCH_HTTP_TLS_TRUSTSTORE_LOCATION" -export ELASTICSEARCH_HTTP_TLS_NODE_CERT_LOCATION="${ELASTICSEARCH_HTTP_TLS_NODE_CERT_LOCATION:-$DB_NODE_CERT_LOCATION}" -export DB_HTTP_TLS_NODE_CERT_LOCATION="$ELASTICSEARCH_HTTP_TLS_NODE_CERT_LOCATION" -export ELASTICSEARCH_HTTP_TLS_NODE_KEY_LOCATION="${ELASTICSEARCH_HTTP_TLS_NODE_KEY_LOCATION:-$DB_NODE_KEY_LOCATION}" -export DB_HTTP_TLS_NODE_KEY_LOCATION="$ELASTICSEARCH_HTTP_TLS_NODE_KEY_LOCATION" -export ELASTICSEARCH_HTTP_TLS_CA_CERT_LOCATION="${ELASTICSEARCH_HTTP_TLS_CA_CERT_LOCATION:-$DB_CA_CERT_LOCATION}" -export DB_HTTP_TLS_CA_CERT_LOCATION="$ELASTICSEARCH_HTTP_TLS_CA_CERT_LOCATION" -export ELASTICSEARCH_ENABLE_FIPS_MODE="${ELASTICSEARCH_ENABLE_FIPS_MODE:-false}" -export ELASTICSEARCH_KEYS="${ELASTICSEARCH_KEYS:-}" -export ELASTICSEARCH_ACTION_DESTRUCTIVE_REQUIRES_NAME="${ELASTICSEARCH_ACTION_DESTRUCTIVE_REQUIRES_NAME:-}" -export DB_ACTION_DESTRUCTIVE_REQUIRES_NAME="$ELASTICSEARCH_ACTION_DESTRUCTIVE_REQUIRES_NAME" - -# Custom environment variables may be defined below diff --git a/bitnami/elasticsearch/7/debian-11/rootfs/opt/bitnami/scripts/elasticsearch/entrypoint.sh b/bitnami/elasticsearch/7/debian-11/rootfs/opt/bitnami/scripts/elasticsearch/entrypoint.sh deleted file mode 100755 index de23359666e1..000000000000 --- a/bitnami/elasticsearch/7/debian-11/rootfs/opt/bitnami/scripts/elasticsearch/entrypoint.sh +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -#set -o xtrace - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/libelasticsearch.sh - -# Load environment -. /opt/bitnami/scripts/elasticsearch-env.sh - -print_welcome_page - -if [[ "$1" = "/opt/bitnami/scripts/elasticsearch/run.sh" ]]; then - info "** Starting Elasticsearch setup **" - /opt/bitnami/scripts/elasticsearch/setup.sh - info "** Elasticsearch setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/elasticsearch/7/debian-11/rootfs/opt/bitnami/scripts/elasticsearch/healthcheck.sh b/bitnami/elasticsearch/7/debian-11/rootfs/opt/bitnami/scripts/elasticsearch/healthcheck.sh deleted file mode 100755 index e1e213dd0306..000000000000 --- a/bitnami/elasticsearch/7/debian-11/rootfs/opt/bitnami/scripts/elasticsearch/healthcheck.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libelasticsearch.sh - -# Load Elasticsearch environment variables -. /opt/bitnami/scripts/elasticsearch-env.sh - -elasticsearch_healthcheck diff --git a/bitnami/elasticsearch/7/debian-11/rootfs/opt/bitnami/scripts/elasticsearch/postunpack.sh b/bitnami/elasticsearch/7/debian-11/rootfs/opt/bitnami/scripts/elasticsearch/postunpack.sh deleted file mode 100755 index 9fbf3d00c888..000000000000 --- a/bitnami/elasticsearch/7/debian-11/rootfs/opt/bitnami/scripts/elasticsearch/postunpack.sh +++ /dev/null @@ -1,35 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -# Load libraries -. /opt/bitnami/scripts/libelasticsearch.sh -. /opt/bitnami/scripts/libfs.sh - -# Load environment -. /opt/bitnami/scripts/elasticsearch-env.sh - -for dir in "$DB_TMP_DIR" "$DB_DATA_DIR" "$DB_LOGS_DIR" "${DB_BASE_DIR}/plugins" "${DB_BASE_DIR}/modules" "$DB_CONF_DIR" "$DB_VOLUME_DIR" "$DB_INITSCRIPTS_DIR" "$DB_MOUNTED_PLUGINS_DIR"; do - ensure_dir_exists "$dir" - chmod -R ug+rwX "$dir" -done - -elasticsearch_configure_logging - -for dir in "$DB_TMP_DIR" "$DB_DATA_DIR" "$DB_LOGS_DIR" "${DB_BASE_DIR}/plugins" "${DB_BASE_DIR}/modules" "$DB_CONF_DIR" "$DB_VOLUME_DIR" "$DB_INITSCRIPTS_DIR" "$DB_MOUNTED_PLUGINS_DIR"; do - # `elasticsearch-plugin install` command complains about being unable to create the a plugin's directory - # even when having the proper permissions. - # The reason: the code is checking trying to check the permissions by consulting the parent directory owner, - # instead of checking if the ES user actually has writing permissions. - # - # As a workaround, we will ensure the container works (at least) with the non-root user 1001. However, - # until we can avoid this hack, we can't guarantee this container to work on K8s distributions - # where containers are exectued with non-privileged users with random user IDs. - # - # Issue reported at: https://github.com/bitnami/bitnami-docker-elasticsearch/issues/50 - chown -R 1001:0 "$dir" -done - -elasticsearch_install_plugins diff --git a/bitnami/elasticsearch/7/debian-11/rootfs/opt/bitnami/scripts/elasticsearch/run.sh b/bitnami/elasticsearch/7/debian-11/rootfs/opt/bitnami/scripts/elasticsearch/run.sh deleted file mode 100755 index 531b4cc42f07..000000000000 --- a/bitnami/elasticsearch/7/debian-11/rootfs/opt/bitnami/scripts/elasticsearch/run.sh +++ /dev/null @@ -1,35 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -#set -o xtrace - -# Load libraries -. /opt/bitnami/scripts/libelasticsearch.sh -. /opt/bitnami/scripts/libos.sh - -# Load environment -. /opt/bitnami/scripts/elasticsearch-env.sh - -# Constants -EXEC=$(command -v elasticsearch) -ARGS=("-p" "$DB_PID_FILE") -[[ -z "${DB_EXTRA_FLAGS:-}" ]] || ARGS=("${ARGS[@]}" "${DB_EXTRA_FLAGS[@]}") -# JAVA_HOME to be deprecated, see warning: -# warning: usage of JAVA_HOME is deprecated, use ES_JAVA_HOME -export JAVA_HOME=/opt/bitnami/java -export ES_JAVA_HOME=/opt/bitnami/java - -ARGS+=("$@") - -info "** Starting Elasticsearch **" -if am_i_root; then - exec_as_user "$DB_DAEMON_USER" "$EXEC" "${ARGS[@]}" -else - exec "$EXEC" "${ARGS[@]}" -fi diff --git a/bitnami/elasticsearch/7/debian-11/rootfs/opt/bitnami/scripts/elasticsearch/setup.sh b/bitnami/elasticsearch/7/debian-11/rootfs/opt/bitnami/scripts/elasticsearch/setup.sh deleted file mode 100755 index cdea7cf9f84c..000000000000 --- a/bitnami/elasticsearch/7/debian-11/rootfs/opt/bitnami/scripts/elasticsearch/setup.sh +++ /dev/null @@ -1,35 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -#set -o xtrace - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libelasticsearch.sh - -# Load environment -. /opt/bitnami/scripts/elasticsearch-env.sh - -# Ensure Elasticsearch environment variables settings are valid -elasticsearch_validate -# Ensure Elasticsearch is stopped when this script ends -trap "elasticsearch_stop" EXIT -# Ensure 'daemon' user exists when running as 'root' -am_i_root && ensure_user_exists "$DB_DAEMON_USER" --group "$DB_DAEMON_GROUP" -# Ensure Elasticsearch is initialized -elasticsearch_initialize -# Ensure kernel settings are valid -elasticsearch_validate_kernel -# Install Elasticsearch plugins -elasticsearch_install_plugins -# Ensure custom initialization scripts are executed -elasticsearch_custom_init_scripts -# Ensure all the required keys are added after plugins are installed -elasticsearch_set_keys diff --git a/bitnami/elasticsearch/7/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh b/bitnami/elasticsearch/7/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh deleted file mode 100755 index c3a1e2383fa1..000000000000 --- a/bitnami/elasticsearch/7/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -print_welcome_page - -echo "" -exec "$@" diff --git a/bitnami/elasticsearch/7/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh b/bitnami/elasticsearch/7/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh deleted file mode 100755 index 52dbf4f13673..000000000000 --- a/bitnami/elasticsearch/7/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh - -# -# Java post-unpack operations -# - -# Override default files in the Java security directory. This is used for -# custom base images (with custom CA certificates or block lists is used) - -if [[ -n "${JAVA_EXTRA_SECURITY_DIR:-}" ]] && ! is_dir_empty "$JAVA_EXTRA_SECURITY_DIR"; then - info "Adding custom CAs to the Java security folder" - cp -Lr "${JAVA_EXTRA_SECURITY_DIR}/." /opt/bitnami/java/lib/security -fi diff --git a/bitnami/elasticsearch/7/debian-11/rootfs/opt/bitnami/scripts/libelasticsearch.sh b/bitnami/elasticsearch/7/debian-11/rootfs/opt/bitnami/scripts/libelasticsearch.sh deleted file mode 100644 index 4713bb5da79b..000000000000 --- a/bitnami/elasticsearch/7/debian-11/rootfs/opt/bitnami/scripts/libelasticsearch.sh +++ /dev/null @@ -1,929 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Elasticsearch library - -# shellcheck disable=SC1090,SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libversion.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Configure TLS settings -# Globals: -# ELASTICSEARCH_* -# Arguments: -# None -# Returns: -# None -######################### -elasticsearch_transport_tls_configuration() { - info "Configuring Elasticsearch Transport TLS settings..." - elasticsearch_conf_set xpack.security.transport.ssl.enabled "true" - elasticsearch_conf_set xpack.security.transport.ssl.verification_mode "$DB_TLS_VERIFICATION_MODE" - - if is_boolean_yes "$DB_TRANSPORT_TLS_USE_PEM"; then - debug "Configuring Transport Layer TLS settings using PEM certificates..." - ! is_empty_value "$DB_TRANSPORT_TLS_KEY_PASSWORD" && elasticsearch_set_key_value "xpack.security.transport.ssl.secure_key_passphrase" "$DB_TRANSPORT_TLS_KEY_PASSWORD" - elasticsearch_conf_set xpack.security.transport.ssl.key "$DB_TRANSPORT_TLS_NODE_KEY_LOCATION" - elasticsearch_conf_set xpack.security.transport.ssl.certificate "$DB_TRANSPORT_TLS_NODE_CERT_LOCATION" - elasticsearch_conf_set xpack.security.transport.ssl.certificate_authorities "$DB_TRANSPORT_TLS_CA_CERT_LOCATION" - else - debug "Configuring Transport Layer TLS settings using JKS/PKCS certificates..." - ! is_empty_value "$DB_TRANSPORT_TLS_KEYSTORE_PASSWORD" && elasticsearch_set_key_value "xpack.security.transport.ssl.keystore.secure_password" "$DB_TRANSPORT_TLS_KEYSTORE_PASSWORD" - ! is_empty_value "$DB_TRANSPORT_TLS_TRUSTSTORE_PASSWORD" && elasticsearch_set_key_value "xpack.security.transport.ssl.truststore.secure_password" "$DB_TRANSPORT_TLS_TRUSTSTORE_PASSWORD" - elasticsearch_conf_set xpack.security.transport.ssl.keystore.path "$DB_TRANSPORT_TLS_KEYSTORE_LOCATION" - elasticsearch_conf_set xpack.security.transport.ssl.truststore.path "$DB_TRANSPORT_TLS_TRUSTSTORE_LOCATION" - fi -} - -######################## -# Configure TLS settings -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -elasticsearch_http_tls_configuration() { - info "Configuring Elasticsearch HTTP TLS settings..." - elasticsearch_conf_set xpack.security.http.ssl.enabled "true" - if is_boolean_yes "$DB_HTTP_TLS_USE_PEM"; then - debug "Configuring REST API TLS settings using PEM certificates..." - ! is_empty_value "$DB_HTTP_TLS_KEY_PASSWORD" && elasticsearch_set_key_value "xpack.security.http.ssl.secure_key_passphrase" "$DB_HTTP_TLS_KEY_PASSWORD" - elasticsearch_conf_set xpack.security.http.ssl.key "$DB_HTTP_TLS_NODE_KEY_LOCATION" - elasticsearch_conf_set xpack.security.http.ssl.certificate "$DB_HTTP_TLS_NODE_CERT_LOCATION" - elasticsearch_conf_set xpack.security.http.ssl.certificate_authorities "$DB_HTTP_TLS_CA_CERT_LOCATION" - else - debug "Configuring REST API TLS settings using JKS/PKCS certificates..." - ! is_empty_value "$DB_HTTP_TLS_KEYSTORE_PASSWORD" && elasticsearch_set_key_value "xpack.security.http.ssl.keystore.secure_password" "$DB_HTTP_TLS_KEYSTORE_PASSWORD" - ! is_empty_value "$DB_HTTP_TLS_TRUSTSTORE_PASSWORD" && elasticsearch_set_key_value "xpack.security.http.ssl.truststore.secure_password" "$DB_HTTP_TLS_TRUSTSTORE_PASSWORD" - elasticsearch_conf_set xpack.security.http.ssl.keystore.path "$DB_HTTP_TLS_KEYSTORE_LOCATION" - elasticsearch_conf_set xpack.security.http.ssl.truststore.path "$DB_HTTP_TLS_TRUSTSTORE_LOCATION" - fi -} - -######################## -# Migrate old Elasticsearch data -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -migrate_old_data() { - warn "Persisted data follows old structure. Migrating to new one..." - warn "Custom configuration files won't be persisted any longer!" - local old_data_dir="${DB_DATA_DIR}/elasticsearch" - local old_custom_conf_file="${old_data_dir}/conf/elasticsearch_custom.yml" - local custom_conf_file="${DB_CONF_DIR}/elasticsearch_custom.yml" - if [[ -f "$old_custom_conf_file" ]]; then - debug "Adding old custom configuration to user configuration" - echo "" >>"$custom_conf_file" - cat "$old_custom_conf_file" >>"$custom_conf_file" - fi - debug "Adapting data to new file structure" - find "${old_data_dir}/data" -maxdepth 1 -mindepth 1 -exec mv {} "$DB_DATA_DIR" \; - debug "Removing data that is not persisted anymore from persisted directory" - rm -rf "$old_data_dir" "${DB_DATA_DIR}/java" -} - -######################## -# Set Elasticsearch keystore values -# Globals: -# ELASTICSEARCH_KEYS -# Arguments: -# None -# Returns: -# None -######################### -elasticsearch_set_keys() { - read -r -a keys_list <<<"$(tr ',;' ' ' <<<"$ELASTICSEARCH_KEYS")" - if [[ "${#keys_list[@]}" -gt 0 ]]; then - for key_value in "${keys_list[@]}"; do - read -r -a key_value <<<"$(tr '=' ' ' <<<"$key_value")" - local key="${key_value[0]}" - local value="${key_value[1]}" - - elasticsearch_set_key_value "$key" "$value" - done - fi -} - -######################## -# Set Elasticsearch keystore values -# Globals: -# ELASTICSEARCH_* -# Arguments: -# None -# Returns: -# None -######################### -elasticsearch_set_key_value() { - local key="${1:?missing key}" - local value="${2:?missing value}" - - debug "Storing key: ${key}" - elasticsearch-keystore add --stdin --force "$key" <<<"$value" - - am_i_root && chown "$DB_DAEMON_USER:$DB_DAEMON_GROUP" "${DB_CONF_DIR}/elasticsearch.keystore" - # Avoid exit code of previous commands to affect the result of this function - true -} - -#!/bin/bash -# -# Bitnami Elasticsearch/Opensearch common library - -# shellcheck disable=SC1090,SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libversion.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Write a configuration setting value -# Globals: -# DB_CONF_FILE -# Arguments: -# $1 - key -# $2 - value -# $3 - YAML type (string, int or bool) -# Returns: -# None -######################### -elasticsearch_conf_write() { - local -r key="${1:?Missing key}" - local -r value="${2:-}" - local -r type="${3:-string}" - local -r tempfile=$(mktemp) - - case "$type" in - string) - yq eval "(.${key}) |= \"${value}\"" "$DB_CONF_FILE" >"$tempfile" - ;; - int) - yq eval "(.${key}) |= ${value}" "$DB_CONF_FILE" >"$tempfile" - ;; - bool) - yq eval "(.${key}) |= (\"${value}\" | test(\"true\"))" "$DB_CONF_FILE" >"$tempfile" - ;; - *) - error "Type unknown: ${type}" - return 1 - ;; - esac - cp "$tempfile" "$DB_CONF_FILE" -} - -######################## -# Set a configuration setting value -# Globals: -# DB_CONF_FILE -# Arguments: -# $1 - key -# $2 - values (array) -# Returns: -# None -######################### -elasticsearch_conf_set() { - local key="${1:?missing key}" - shift - local values=("${@}") - - if [[ "${#values[@]}" -eq 0 ]]; then - stderr_print "$key" - stderr_print "missing values" - return 1 - elif [[ "${#values[@]}" -eq 1 ]] && [[ -n "${values[0]}" ]]; then - elasticsearch_conf_write "$key" "${values[0]}" - else - for i in "${!values[@]}"; do - if [[ -n "${values[$i]}" ]]; then - elasticsearch_conf_write "${key}[$i]" "${values[$i]}" - fi - done - fi -} - -######################## -# Check if Elasticsearch is running -# Globals: -# DB_TMP_DIR -# Arguments: -# None -# Returns: -# Boolean -######################### -is_elasticsearch_running() { - local pid - pid="$(get_pid_from_file "$DB_PID_FILE")" - - if [[ -z "$pid" ]]; then - false - else - is_service_running "$pid" - fi -} - -######################## -# Check if Elasticsearch is not running -# Globals: -# DB_TMP_DIR -# Arguments: -# None -# Returns: -# Boolean -######################### -is_elasticsearch_not_running() { - ! is_elasticsearch_running - return "$?" -} - -######################## -# Stop Elasticsearch -# Globals: -# DB_TMP_DIR -# Arguments: -# None -# Returns: -# None -######################### -elasticsearch_stop() { - ! is_elasticsearch_running && return - debug "Stopping ${DB_FLAVOR^}..." - stop_service_using_pid "$DB_PID_FILE" -} - -######################## -# Start Elasticsearch and wait until it's ready -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -elasticsearch_start() { - is_elasticsearch_running && return - - debug "Starting ${DB_FLAVOR^}..." - local command=("${DB_BASE_DIR}/bin/${DB_FLAVOR}" "-d" "-p" "$DB_PID_FILE") - am_i_root && command=("run_as_user" "$DB_DAEMON_USER" "${command[@]}") - if [[ "$BITNAMI_DEBUG" = true ]]; then - "${command[@]}" & - else - "${command[@]}" >/dev/null 2>&1 & - fi - - local retries=50 - local seconds=2 - # Check the process is running - retry_while "is_elasticsearch_running" "$retries" "$seconds" - # Check Elasticsearch API is reachable - retry_while "elasticsearch_healthcheck" "$retries" "$seconds" -} - -######################## -# Validate kernel settings -# Arguments: -# None -# Returns: -# None -######################### -elasticsearch_validate_kernel() { - # Auxiliary functions - validate_sysctl_key() { - local key="${1:?key is missing}" - local value="${2:?value is missing}" - local current_value - current_value="$(sysctl -n "$key")" - if [[ "$current_value" -lt "$value" ]]; then - error "Invalid kernel settings. ${DB_FLAVOR^} requires at least: $key = $value" - exit 1 - fi - } - - debug "Validating Kernel settings..." - if [[ $(yq eval .index.store.type "$DB_CONF_FILE") ]]; then - debug "Custom index.store.type found in the config file. Skipping kernel validation..." - else - validate_sysctl_key "fs.file-max" 65536 - fi - if [[ $(yq eval .node.store.allow_mmap "$DB_CONF_FILE") ]]; then - debug "Custom node.store.allow_mmap found in the config file. Skipping kernel validation..." - else - validate_sysctl_key "vm.max_map_count" 262144 - fi -} - -######################## -# Validate settings in DB_* env vars -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -elasticsearch_validate() { - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - validate_node_roles() { - if [ -n "$DB_NODE_ROLES" ]; then - read -r -a roles_list <<<"$(get_elasticsearch_roles)" - local master_role="master" - [[ "$DB_FLAVOR" = "opensearch" && "$APP_VERSION" =~ ^2\. ]] && master_role="cluster_manager" - if [[ "${#roles_list[@]}" -le 0 ]]; then - warn "Setting ${DB_FLAVOR^^}_NODE_ROLES is empty and ${DB_FLAVOR^^}_IS_DEDICATED_NODE is set to true, ${DB_FLAVOR^} will be configured as coordinating-only node." - fi - for role in "${roles_list[@]}"; do - case "$role" in - "$master_role" | data | data_content | data_hot | data_warm | data_cold | data_frozen | ingest | ml | remote_cluster_client | transform) ;; - - *) - print_validation_error "Invalid node role '$role'. Supported roles are '${master_role},data,data_content,data_hot,data_warm,data_cold,data_frozen,ingest,ml,remote_cluster_client,transform'" - ;; - esac - done - fi - } - - debug "Ensuring expected directories/files exist..." - am_i_root && ensure_user_exists "$DB_DAEMON_USER" --group "$DB_DAEMON_GROUP" - for dir in "$DB_TMP_DIR" "$DB_LOGS_DIR" "$DB_PLUGINS_DIR" "$DB_BASE_DIR/modules" "$DB_CONF_DIR"; do - ensure_dir_exists "$dir" - am_i_root && chown -R "$DB_DAEMON_USER:$DB_DAEMON_GROUP" "$dir" - done - - debug "Validating settings in DB_* env vars..." - for var in "DB_HTTP_PORT_NUMBER" "DB_TRANSPORT_PORT_NUMBER"; do - if ! err=$(validate_port "${!var}"); then - print_validation_error "An invalid port was specified in the environment variable $var: $err" - fi - done - - if ! is_boolean_yes "$DB_IS_DEDICATED_NODE"; then - warn "Setting ${DB_FLAVOR^^}_IS_DEDICATED_NODE is disabled." - warn "${DB_FLAVOR^^}_NODE_ROLES will be ignored and ${DB_FLAVOR^} will asume all different roles." - else - validate_node_roles - fi - - if [[ -n "$DB_BIND_ADDRESS" ]] && ! validate_ipv4 "$DB_BIND_ADDRESS"; then - print_validation_error "The Bind Address specified in the environment variable ${DB_FLAVOR^^}_BIND_ADDRESS is not a valid IPv4" - fi - - if is_boolean_yes "$DB_ENABLE_SECURITY"; then - if [[ "$DB_FLAVOR" = "opensearch" ]]; then - if [[ ! -f "$OPENSEARCH_SECURITY_ADMIN_KEY_LOCATION" ]] || [[ ! -f "$OPENSEARCH_SECURITY_ADMIN_CERT_LOCATION" ]]; then - print_validation_error "In order to enable Opensearch Security, you must provide a valid admin PEM key and certificate." - fi - if is_empty_value "$OPENSEARCH_SECURITY_NODES_DN"; then - print_validation_error "The variable OPENSEARCH_SECURITY_NODES_DN is required." - fi - if is_empty_value "$OPENSEARCH_SECURITY_ADMIN_DN"; then - print_validation_error "The variable OPENSEARCH_SECURITY_ADMIN_DN is required." - fi - if ! is_boolean_yes "$OPENSEARCH_ENABLE_REST_TLS"; then - print_validation_error "Opensearch does not support plaintext conections (HTTP) when Security is enabled." - fi - fi - if ! is_boolean_yes "$DB_SKIP_TRANSPORT_TLS"; then - if is_boolean_yes "$DB_TRANSPORT_TLS_USE_PEM"; then - if [[ ! -f "$DB_TRANSPORT_TLS_NODE_CERT_LOCATION" ]] || [[ ! -f "$DB_TRANSPORT_TLS_NODE_KEY_LOCATION" ]] || [[ ! -f "$DB_TRANSPORT_TLS_CA_CERT_LOCATION" ]]; then - print_validation_error "In order to configure the TLS encryption for ${DB_FLAVOR^} Transport you must provide your node key, certificate and a valid certification_authority certificate." - fi - elif [[ ! -f "$DB_TRANSPORT_TLS_KEYSTORE_LOCATION" ]] || [[ ! -f "$DB_TRANSPORT_TLS_TRUSTSTORE_LOCATION" ]]; then - print_validation_error "In order to configure the TLS encryption for ${DB_FLAVOR^} Transport with JKS/PKCS12 certs you must mount a valid keystore and truststore." - fi - fi - if is_boolean_yes "$DB_HTTP_TLS_USE_PEM"; then - if is_boolean_yes "$DB_HTTP_TLS_USE_PEM"; then - if [[ ! -f "$DB_HTTP_TLS_NODE_CERT_LOCATION" ]] || [[ ! -f "$DB_HTTP_TLS_NODE_KEY_LOCATION" ]] || [[ ! -f "$DB_HTTP_TLS_CA_CERT_LOCATION" ]]; then - print_validation_error "In order to configure the TLS encryption for ${DB_FLAVOR^} you must provide your node key, certificate and a valid certification_authority certificate." - fi - elif [[ ! -f "$DB_HTTP_TLS_KEYSTORE_LOCATION" ]] || [[ ! -f "$DB_HTTP_TLS_TRUSTSTORE_LOCATION" ]]; then - print_validation_error "In order to configure the TLS encryption for ${DB_FLAVOR^} with JKS/PKCS12 certs you must mount a valid keystore and truststore." - fi - fi - fi - - [[ "$error_code" -eq 0 ]] || exit "$error_code" -} - -######################## -# Determine the hostname by which Elasticsearch can be contacted -# Returns: -# The value of $DB_ADVERTISED_HOSTNAME or the current host address -######################## -get_elasticsearch_hostname() { - if [[ -n "$DB_ADVERTISED_HOSTNAME" ]]; then - echo "$DB_ADVERTISED_HOSTNAME" - else - get_machine_ip - fi -} - -######################## -# Evaluates the env variable DB_NODE_ROLES and replaces master with -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# Array of node roles -######################### -get_elasticsearch_roles() { - read -r -a roles_list_tmp <<<"$(tr ',;' ' ' <<<"$DB_NODE_ROLES")" - roles_list=("${roles_list_tmp[@]}") - for i in "${!roles_list[@]}"; do - if [[ ${roles_list[$i]} == "master" ]] && [[ "$DB_FLAVOR" = "opensearch" && "$APP_VERSION" =~ ^2\. ]]; then - roles_list[i]="cluster_manager" - fi - done - echo "${roles_list[@]}" -} - -######################## -# Configure cluster settings -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -elasticsearch_cluster_configuration() { - # Auxiliary functions - bind_address() { - if [[ -n "$DB_BIND_ADDRESS" ]]; then - echo "$DB_BIND_ADDRESS" - else - echo "0.0.0.0" - fi - } - - is_node_master() { - if is_boolean_yes "$DB_IS_DEDICATED_NODE"; then - if [ -n "$DB_NODE_ROLES" ]; then - read -r -a roles_list <<<"$(get_elasticsearch_roles)" - if [[ " ${roles_list[*]} " = *" master "* ]]; then - true - elif [[ "$DB_FLAVOR" = "opensearch" && " ${roles_list[*]} " = *" cluster_manager "* ]]; then - true - else - false - fi - else - false - fi - else - true - fi - } - - info "Configuring ${DB_FLAVOR^} cluster settings..." - elasticsearch_conf_set network.host "$(get_elasticsearch_hostname)" - elasticsearch_conf_set network.publish_host "$(get_elasticsearch_hostname)" - elasticsearch_conf_set network.bind_host "$(bind_address)" - elasticsearch_conf_set cluster.name "$DB_CLUSTER_NAME" - elasticsearch_conf_set node.name "${DB_NODE_NAME:-$(hostname)}" - - if [[ -n "$DB_CLUSTER_HOSTS" ]]; then - read -r -a host_list <<<"$(tr ',;' ' ' <<<"$DB_CLUSTER_HOSTS")" - master_list=("${host_list[@]}") - if [[ -n "$DB_CLUSTER_MASTER_HOSTS" ]]; then - read -r -a master_list <<<"$(tr ',;' ' ' <<<"$DB_CLUSTER_MASTER_HOSTS")" - fi - elasticsearch_conf_set discovery.seed_hosts "${host_list[@]}" - if is_node_master; then - if [[ "$DB_FLAVOR" = "opensearch" && "$APP_VERSION" =~ ^2\. ]]; then - elasticsearch_conf_set cluster.initial_cluster_manager_nodes "${master_list[@]}" - else - elasticsearch_conf_set cluster.initial_master_nodes "${master_list[@]}" - fi - fi - elasticsearch_conf_set discovery.initial_state_timeout "10m" - else - elasticsearch_conf_set "discovery.type" "single-node" - fi -} - -######################## -# Extend cluster settings with custom, user-provided config -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -elasticsearch_custom_configuration() { - local custom_conf_file="${DB_CONF_DIR}/my_${DB_FLAVOR}.yml" - local -r tempfile=$(mktemp) - [[ ! -s "$custom_conf_file" ]] && return - info "Adding custom configuration" - yq eval-all 'select(fileIndex == 0) * select(fileIndex == 1)' "$DB_CONF_FILE" "$custom_conf_file" >"$tempfile" - cp "$tempfile" "$DB_CONF_FILE" -} - -######################## -# Configure node roles. -# There are 3 scenarios: -# * If DB_IS_DEDICATED_NODE is disabled, 'node.roles' is omitted and assumes all the roles (check docs). -# * Otherwise, 'node.roles' with a list of roles provided with DB_NODE_ROLES. -# * In addition, if DB_NODE_ROLES is empty, node.roles will be configured empty, meaning that the role is 'coordinating-only'. -# -# Docs ref: https://www.elastic.co/guide/en/opensearch/reference/current/modules-node.html -# -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -elasticsearch_configure_node_roles() { - debug "Configure ${DB_FLAVOR^} Node roles..." - - local set_repo_path="no" - if is_boolean_yes "$DB_IS_DEDICATED_NODE"; then - read -r -a roles_list <<<"$(get_elasticsearch_roles)" - if [[ "${#roles_list[@]}" -eq 0 ]]; then - elasticsearch_conf_write node.roles "[]" int - else - elasticsearch_conf_set node.roles "${roles_list[@]}" - for role in "${roles_list[@]}"; do - case "$role" in - cluster_manager | master | data | data_content | data_hot | data_warm | data_cold | data_frozen) - set_repo_path="yes" - ;; - *) ;; - esac - done - fi - else - set_repo_path="yes" - fi - - if is_boolean_yes "$set_repo_path" && [[ -n "$DB_FS_SNAPSHOT_REPO_PATH" ]]; then - # Configure path.repo to restore snapshots from system repository - # It must be set on every cluster_manager an data node - # ref: https://www.elastic.co/guide/en/opensearch/reference/current/snapshots-register-repository.html#snapshots-filesystem-repository - elasticsearch_conf_set path.repo "$DB_FS_SNAPSHOT_REPO_PATH" - fi -} - -######################## -# Configure Heap Size -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -elasticsearch_set_heap_size() { - local heap_size - - # Remove heap.options if it already exists - rm -f "${DB_CONF_DIR}/jvm.options.d/heap.options" - - if [[ -n "$DB_HEAP_SIZE" ]]; then - debug "Using specified values for Xmx and Xms heap options..." - heap_size="$DB_HEAP_SIZE" - else - debug "Calculating appropriate Xmx and Xms values..." - local machine_mem="" - machine_mem="$(get_total_memory)" - if [[ "$machine_mem" -lt 65536 ]]; then - local max_allowed_memory - local calculated_heap_size - calculated_heap_size="$((machine_mem / 2))" - max_allowed_memory="$((DB_MAX_ALLOWED_MEMORY_PERCENTAGE * machine_mem))" - max_allowed_memory="$((max_allowed_memory / 100))" - # Allow for absolute memory limit when calculating limit from percentage - if [[ -n "$DB_MAX_ALLOWED_MEMORY" && "$max_allowed_memory" -gt "$DB_MAX_ALLOWED_MEMORY" ]]; then - max_allowed_memory="$DB_MAX_ALLOWED_MEMORY" - fi - if [[ "$calculated_heap_size" -gt "$max_allowed_memory" ]]; then - info "Calculated Java heap size of ${calculated_heap_size} will be limited to ${max_allowed_memory}" - calculated_heap_size="$max_allowed_memory" - fi - heap_size="${calculated_heap_size}m" - - else - heap_size=32768m - fi - fi - debug "Setting '-Xmx${heap_size} -Xms${heap_size}' heap options..." - cat >"${DB_CONF_DIR}/jvm.options.d/heap.options" < plugin - # get_plugin_name file://plugin.zip -> plugin - # get_plugin_name http://plugin-0.1.2.zip -> plugin - get_plugin_name() { - local plugin="${1:?missing plugin}" - # Remove any paths, and strip both the .zip extension and the version - basename "$plugin" | sed -E -e 's/.zip$//' -e 's/-[0-9]+\.[0-9]+(\.[0-9]+){0,}$//' - } - - # Collect plugins that should be installed offline - read -r -a mounted_plugins <<<"$(find "$DB_MOUNTED_PLUGINS_DIR" -type f -name "*.zip" -print0 | xargs -0)" - if [[ "${#mounted_plugins[@]}" -gt 0 ]]; then - for plugin in "${mounted_plugins[@]}"; do - plugins_list+=("file://${plugin}") - done - fi - - # Skip if there isn't any plugin to install - [[ -z "${plugins_list[*]:-}" ]] && return - - # Install plugins - debug "Installing plugins: ${plugins_list[*]}" - for plugin in "${plugins_list[@]}"; do - plugin_name="$(get_plugin_name "$plugin")" - [[ -n "$mandatory_plugins" ]] && mandatory_plugins="${mandatory_plugins},${plugin_name}" || mandatory_plugins="$plugin_name" - - # Check if the plugin was already installed - if [[ -d "${DB_PLUGINS_DIR}/${plugin_name}" ]]; then - debug "Plugin already installed: ${plugin}" - continue - fi - - debug "Installing plugin: ${plugin}" - if [[ "${BITNAMI_DEBUG:-false}" = true ]]; then - "$cmd" install -b -v "$plugin" - else - "$cmd" install -b -v "$plugin" >/dev/null 2>&1 - fi - done - - # Mark plugins as mandatory - elasticsearch_conf_set plugin.mandatory "$mandatory_plugins" -} - -######################## -# Run custom initialization scripts -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -elasticsearch_custom_init_scripts() { - read -r -a init_scripts <<<"$(find "$DB_INITSCRIPTS_DIR" -type f -name "*.sh" -print0 | xargs -0)" - if [[ "${#init_scripts[@]}" -gt 0 ]] && [[ ! -f "$DB_VOLUME_DIR"/.user_scripts_initialized ]]; then - info "Loading user's custom files from $DB_INITSCRIPTS_DIR" - for f in "${init_scripts[@]}"; do - debug "Executing $f" - case "$f" in - *.sh) - if [[ -x "$f" ]]; then - if ! "$f"; then - error "Failed executing $f" - return 1 - fi - else - warn "Sourcing $f as it is not executable by the current user, any error may cause initialization to fail" - . "$f" - fi - ;; - *) - warn "Skipping $f, supported formats are: .sh" - ;; - esac - done - touch "$DB_VOLUME_DIR"/.user_scripts_initialized - fi -} - -######################## -# Modify log4j2.properties to send events to stdout instead of a logfile -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -elasticsearch_configure_logging() { - # Back up the original file for users who'd like to use logfile logging - cp "${DB_CONF_DIR}/log4j2.properties" "${DB_CONF_DIR}/log4j2.file.properties" - - # Replace RollingFile with Console - replace_in_file "${DB_CONF_DIR}/log4j2.properties" "RollingFile" "Console" - - local -a delete_patterns=( - # Remove RollingFile specific settings - "^.*\.policies\..*$" "^.*\.filePattern.*$" "^.*\.fileName.*$" "^.*\.strategy\..*$" - # Remove headers - "^###.*$" - # Remove .log and .json because of multiline configurations (filename) - "^\s\s.*\.log" "^\s\s.*\.json" - # Remove default rolling logger and references - "^appender\.rolling" "appenderRef\.rolling" - # Remove _old loggers - "_old\." - # Remove .filePermissions config - "\.filePermissions" - ) - for pattern in "${delete_patterns[@]}"; do - remove_in_file "${DB_CONF_DIR}/log4j2.properties" "$pattern" - done -} - -######################## -# Check Elasticsearch/Opensearch health -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# 0 when healthy (or waiting for Opensearch security bootstrap) -# 1 when unhealthy -######################### -elasticsearch_healthcheck() { - info "Checking ${DB_FLAVOR^} health..." - local -r cmd="curl" - local command_args=("--silent" "--write-out" "%{http_code}") - local protocol="http" - local host - - host=$(get_elasticsearch_hostname) - - if is_boolean_yes "$DB_ENABLE_SECURITY"; then - command_args+=("-k" "--user" "${DB_USERNAME}:${DB_PASSWORD}") - is_boolean_yes "$DB_ENABLE_REST_TLS" && protocol="https" - fi - - # Combination of --silent, --output and --write-out allows us to obtain both the status code and the request body - output=$(mktemp) - command_args+=("-o" "$output" "${protocol}://${host}:${DB_HTTP_PORT_NUMBER}/_cluster/health?local=true") - HTTP_CODE=$("$cmd" "${command_args[@]}") - if [[ ${HTTP_CODE} -ge 200 && ${HTTP_CODE} -le 299 ]] || ([[ "$DB_FLAVOR" = "opensearch" ]] && [[ ${HTTP_CODE} -eq 503 ]] && grep -q "OpenSearch Security not initialized" "$output" ); then - rm "$output" - return 0 - else - rm "$output" - return 1 - fi -} diff --git a/bitnami/elasticsearch/7/debian-11/tags-info.yaml b/bitnami/elasticsearch/7/debian-11/tags-info.yaml deleted file mode 100644 index 8f5f9baf2f60..000000000000 --- a/bitnami/elasticsearch/7/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "7" -- 7-debian-11 -- 7.17.18 diff --git a/bitnami/elasticsearch/8/debian-11/Dockerfile b/bitnami/elasticsearch/8/debian-11/Dockerfile deleted file mode 100644 index 0eab2ae4646d..000000000000 --- a/bitnami/elasticsearch/8/debian-11/Dockerfile +++ /dev/null @@ -1,63 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG ELASTICSEARCH_PLUGINS -ARG JAVA_EXTRA_SECURITY_DIR="/bitnami/java/extra-security" -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T00:37:53Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="8.12.1-debian-11-r20" \ - org.opencontainers.image.title="elasticsearch" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="8.12.1" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/java/bin:/opt/bitnami/elasticsearch/bin:$PATH" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libasound2-dev libc6 libfreetype6 libfreetype6-dev libgcc1 procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "yq-4.41.1-0-linux-${OS_ARCH}-debian-11" \ - "java-17.0.10-13-2-linux-${OS_ARCH}-debian-11" \ - "elasticsearch-8.12.1-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/elasticsearch/postunpack.sh -RUN /opt/bitnami/scripts/java/postunpack.sh -ENV APP_VERSION="8.12.1" \ - BITNAMI_APP_NAME="elasticsearch" \ - ES_JAVA_HOME="/opt/bitnami/java" \ - JAVA_HOME="/opt/bitnami/java" \ - LD_LIBRARY_PATH="/opt/bitnami/elasticsearch/jdk/lib:/opt/bitnami/elasticsearch/jdk/lib/server:$LD_LIBRARY_PATH" - -EXPOSE 9200 9300 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/elasticsearch/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/elasticsearch/run.sh" ] diff --git a/bitnami/elasticsearch/8/debian-11/docker-compose.yml b/bitnami/elasticsearch/8/debian-11/docker-compose.yml deleted file mode 100644 index 9e0079e4f779..000000000000 --- a/bitnami/elasticsearch/8/debian-11/docker-compose.yml +++ /dev/null @@ -1,16 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' - -services: - elasticsearch: - image: docker.io/bitnami/elasticsearch:8 - ports: - - '9200:9200' - - '9300:9300' - volumes: - - 'elasticsearch_data:/bitnami/elasticsearch/data' -volumes: - elasticsearch_data: - driver: local diff --git a/bitnami/elasticsearch/8/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/elasticsearch/8/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 8fc9fff5f695..000000000000 --- a/bitnami/elasticsearch/8/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "elasticsearch": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "8.12.1-1" - }, - "java": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "17.0.10-13-2" - }, - "yq": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "4.41.1-0" - } -} \ No newline at end of file diff --git a/bitnami/elasticsearch/8/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/elasticsearch/8/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/elasticsearch/8/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/elasticsearch/8/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/elasticsearch/8/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/elasticsearch/8/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/elasticsearch/8/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/elasticsearch/8/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/elasticsearch/8/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/elasticsearch/8/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/elasticsearch/8/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/elasticsearch/8/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/elasticsearch/8/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/elasticsearch/8/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/elasticsearch/8/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/elasticsearch/8/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/elasticsearch/8/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/elasticsearch/8/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/elasticsearch/8/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/elasticsearch/8/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/elasticsearch/8/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/elasticsearch/8/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/elasticsearch/8/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/elasticsearch/8/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/elasticsearch/8/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/elasticsearch/8/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/elasticsearch/8/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/elasticsearch/8/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/elasticsearch/8/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/elasticsearch/8/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/elasticsearch/8/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/elasticsearch/8/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/elasticsearch/8/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/elasticsearch/8/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/elasticsearch/8/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/elasticsearch/8/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/elasticsearch/8/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/elasticsearch/8/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/elasticsearch/8/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/elasticsearch/8/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/elasticsearch/8/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/elasticsearch/8/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/elasticsearch/8/debian-11/rootfs/opt/bitnami/scripts/elasticsearch-env.sh b/bitnami/elasticsearch/8/debian-11/rootfs/opt/bitnami/scripts/elasticsearch-env.sh deleted file mode 100644 index 425a7035a886..000000000000 --- a/bitnami/elasticsearch/8/debian-11/rootfs/opt/bitnami/scripts/elasticsearch-env.sh +++ /dev/null @@ -1,256 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for elasticsearch - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-elasticsearch}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -elasticsearch_env_vars=( - ELASTICSEARCH_CERTS_DIR - ELASTICSEARCH_DATA_DIR_LIST - ELASTICSEARCH_BIND_ADDRESS - ELASTICSEARCH_ADVERTISED_HOSTNAME - ELASTICSEARCH_CLUSTER_HOSTS - ELASTICSEARCH_CLUSTER_MASTER_HOSTS - ELASTICSEARCH_CLUSTER_NAME - ELASTICSEARCH_HEAP_SIZE - ELASTICSEARCH_MAX_ALLOWED_MEMORY_PERCENTAGE - ELASTICSEARCH_MAX_ALLOWED_MEMORY - ELASTICSEARCH_MAX_TIMEOUT - ELASTICSEARCH_LOCK_ALL_MEMORY - ELASTICSEARCH_DISABLE_JVM_HEAP_DUMP - ELASTICSEARCH_DISABLE_GC_LOGS - ELASTICSEARCH_IS_DEDICATED_NODE - ELASTICSEARCH_MINIMUM_MASTER_NODES - ELASTICSEARCH_NODE_NAME - ELASTICSEARCH_FS_SNAPSHOT_REPO_PATH - ELASTICSEARCH_NODE_ROLES - ELASTICSEARCH_PLUGINS - ELASTICSEARCH_TRANSPORT_PORT_NUMBER - ELASTICSEARCH_HTTP_PORT_NUMBER - ELASTICSEARCH_ENABLE_SECURITY - ELASTICSEARCH_PASSWORD - ELASTICSEARCH_TLS_VERIFICATION_MODE - ELASTICSEARCH_TLS_USE_PEM - ELASTICSEARCH_KEYSTORE_PASSWORD - ELASTICSEARCH_TRUSTSTORE_PASSWORD - ELASTICSEARCH_KEY_PASSWORD - ELASTICSEARCH_KEYSTORE_LOCATION - ELASTICSEARCH_TRUSTSTORE_LOCATION - ELASTICSEARCH_NODE_CERT_LOCATION - ELASTICSEARCH_NODE_KEY_LOCATION - ELASTICSEARCH_CA_CERT_LOCATION - ELASTICSEARCH_SKIP_TRANSPORT_TLS - ELASTICSEARCH_TRANSPORT_TLS_USE_PEM - ELASTICSEARCH_TRANSPORT_TLS_KEYSTORE_PASSWORD - ELASTICSEARCH_TRANSPORT_TLS_TRUSTSTORE_PASSWORD - ELASTICSEARCH_TRANSPORT_TLS_KEY_PASSWORD - ELASTICSEARCH_TRANSPORT_TLS_KEYSTORE_LOCATION - ELASTICSEARCH_TRANSPORT_TLS_TRUSTSTORE_LOCATION - ELASTICSEARCH_TRANSPORT_TLS_NODE_CERT_LOCATION - ELASTICSEARCH_TRANSPORT_TLS_NODE_KEY_LOCATION - ELASTICSEARCH_TRANSPORT_TLS_CA_CERT_LOCATION - ELASTICSEARCH_ENABLE_REST_TLS - ELASTICSEARCH_HTTP_TLS_USE_PEM - ELASTICSEARCH_HTTP_TLS_KEYSTORE_PASSWORD - ELASTICSEARCH_HTTP_TLS_TRUSTSTORE_PASSWORD - ELASTICSEARCH_HTTP_TLS_KEY_PASSWORD - ELASTICSEARCH_HTTP_TLS_KEYSTORE_LOCATION - ELASTICSEARCH_HTTP_TLS_TRUSTSTORE_LOCATION - ELASTICSEARCH_HTTP_TLS_NODE_CERT_LOCATION - ELASTICSEARCH_HTTP_TLS_NODE_KEY_LOCATION - ELASTICSEARCH_HTTP_TLS_CA_CERT_LOCATION - ELASTICSEARCH_ENABLE_FIPS_MODE - ELASTICSEARCH_KEYS - ELASTICSEARCH_ACTION_DESTRUCTIVE_REQUIRES_NAME - DB_MINIMUM_MANAGER_NODES -) -for env_var in "${elasticsearch_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset elasticsearch_env_vars -export DB_FLAVOR="elasticsearch" - -# Paths -export ELASTICSEARCH_VOLUME_DIR="/bitnami/elasticsearch" -export DB_VOLUME_DIR="$ELASTICSEARCH_VOLUME_DIR" -export ELASTICSEARCH_BASE_DIR="/opt/bitnami/elasticsearch" -export DB_BASE_DIR="$ELASTICSEARCH_BASE_DIR" -export ELASTICSEARCH_CONF_DIR="${DB_BASE_DIR}/config" -export DB_CONF_DIR="$ELASTICSEARCH_CONF_DIR" -export ELASTICSEARCH_CERTS_DIR="${ELASTICSEARCH_CERTS_DIR:-${DB_CONF_DIR}/certs}" -export DB_CERTS_DIR="$ELASTICSEARCH_CERTS_DIR" -export ELASTICSEARCH_LOGS_DIR="${DB_BASE_DIR}/logs" -export DB_LOGS_DIR="$ELASTICSEARCH_LOGS_DIR" -export ELASTICSEARCH_PLUGINS_DIR="${DB_BASE_DIR}/plugins" -export DB_PLUGINS_DIR="$ELASTICSEARCH_PLUGINS_DIR" -export ELASTICSEARCH_DEFAULT_PLUGINS_DIR="${DB_BASE_DIR}/plugins.default" -export DB_DEFAULT_PLUGINS_DIR="$ELASTICSEARCH_DEFAULT_PLUGINS_DIR" -export ELASTICSEARCH_DATA_DIR="${DB_VOLUME_DIR}/data" -export DB_DATA_DIR="$ELASTICSEARCH_DATA_DIR" -export ELASTICSEARCH_DATA_DIR_LIST="${ELASTICSEARCH_DATA_DIR_LIST:-}" -export DB_DATA_DIR_LIST="$ELASTICSEARCH_DATA_DIR_LIST" -export ELASTICSEARCH_TMP_DIR="${DB_BASE_DIR}/tmp" -export DB_TMP_DIR="$ELASTICSEARCH_TMP_DIR" -export ELASTICSEARCH_BIN_DIR="${DB_BASE_DIR}/bin" -export DB_BIN_DIR="$ELASTICSEARCH_BIN_DIR" -export ELASTICSEARCH_MOUNTED_PLUGINS_DIR="${DB_VOLUME_DIR}/plugins" -export DB_MOUNTED_PLUGINS_DIR="$ELASTICSEARCH_MOUNTED_PLUGINS_DIR" -export ELASTICSEARCH_CONF_FILE="${DB_CONF_DIR}/elasticsearch.yml" -export DB_CONF_FILE="$ELASTICSEARCH_CONF_FILE" -export ELASTICSEARCH_LOG_FILE="${DB_LOGS_DIR}/elasticsearch.log" -export DB_LOG_FILE="$ELASTICSEARCH_LOG_FILE" -export ELASTICSEARCH_PID_FILE="${DB_TMP_DIR}/elasticsearch.pid" -export DB_PID_FILE="$ELASTICSEARCH_PID_FILE" -export ELASTICSEARCH_INITSCRIPTS_DIR="/docker-entrypoint-initdb.d" -export DB_INITSCRIPTS_DIR="$ELASTICSEARCH_INITSCRIPTS_DIR" -export PATH="${DB_BIN_DIR}:${BITNAMI_ROOT_DIR}/common/bin:$PATH" - -# System users (when running with a privileged user) -export ELASTICSEARCH_DAEMON_USER="elasticsearch" -export DB_DAEMON_USER="$ELASTICSEARCH_DAEMON_USER" -export ELASTICSEARCH_DAEMON_GROUP="elasticsearch" -export DB_DAEMON_GROUP="$ELASTICSEARCH_DAEMON_GROUP" - -# Elasticsearch configuration -export ELASTICSEARCH_BIND_ADDRESS="${ELASTICSEARCH_BIND_ADDRESS:-}" -export DB_BIND_ADDRESS="$ELASTICSEARCH_BIND_ADDRESS" -export ELASTICSEARCH_ADVERTISED_HOSTNAME="${ELASTICSEARCH_ADVERTISED_HOSTNAME:-}" -export DB_ADVERTISED_HOSTNAME="$ELASTICSEARCH_ADVERTISED_HOSTNAME" -export ELASTICSEARCH_CLUSTER_HOSTS="${ELASTICSEARCH_CLUSTER_HOSTS:-}" -export DB_CLUSTER_HOSTS="$ELASTICSEARCH_CLUSTER_HOSTS" -export ELASTICSEARCH_CLUSTER_MASTER_HOSTS="${ELASTICSEARCH_CLUSTER_MASTER_HOSTS:-}" -export DB_CLUSTER_MASTER_HOSTS="$ELASTICSEARCH_CLUSTER_MASTER_HOSTS" -export ELASTICSEARCH_CLUSTER_NAME="${ELASTICSEARCH_CLUSTER_NAME:-}" -export DB_CLUSTER_NAME="$ELASTICSEARCH_CLUSTER_NAME" -export ELASTICSEARCH_HEAP_SIZE="${ELASTICSEARCH_HEAP_SIZE:-1024m}" -export DB_HEAP_SIZE="$ELASTICSEARCH_HEAP_SIZE" -export ELASTICSEARCH_MAX_ALLOWED_MEMORY_PERCENTAGE="${ELASTICSEARCH_MAX_ALLOWED_MEMORY_PERCENTAGE:-100}" -export DB_MAX_ALLOWED_MEMORY_PERCENTAGE="$ELASTICSEARCH_MAX_ALLOWED_MEMORY_PERCENTAGE" -export ELASTICSEARCH_MAX_ALLOWED_MEMORY="${ELASTICSEARCH_MAX_ALLOWED_MEMORY:-}" -export DB_MAX_ALLOWED_MEMORY="$ELASTICSEARCH_MAX_ALLOWED_MEMORY" -export ELASTICSEARCH_MAX_TIMEOUT="${ELASTICSEARCH_MAX_TIMEOUT:-60}" -export DB_MAX_TIMEOUT="$ELASTICSEARCH_MAX_TIMEOUT" -export ELASTICSEARCH_LOCK_ALL_MEMORY="${ELASTICSEARCH_LOCK_ALL_MEMORY:-no}" -export DB_LOCK_ALL_MEMORY="$ELASTICSEARCH_LOCK_ALL_MEMORY" -export ELASTICSEARCH_DISABLE_JVM_HEAP_DUMP="${ELASTICSEARCH_DISABLE_JVM_HEAP_DUMP:-no}" -export DB_DISABLE_JVM_HEAP_DUMP="$ELASTICSEARCH_DISABLE_JVM_HEAP_DUMP" -export ELASTICSEARCH_DISABLE_GC_LOGS="${ELASTICSEARCH_DISABLE_GC_LOGS:-no}" -export DB_DISABLE_GC_LOGS="$ELASTICSEARCH_DISABLE_GC_LOGS" -export ELASTICSEARCH_IS_DEDICATED_NODE="${ELASTICSEARCH_IS_DEDICATED_NODE:-no}" -export DB_IS_DEDICATED_NODE="$ELASTICSEARCH_IS_DEDICATED_NODE" -ELASTICSEARCH_MINIMUM_MASTER_NODES="${ELASTICSEARCH_MINIMUM_MASTER_NODES:-"${DB_MINIMUM_MANAGER_NODES:-}"}" -export ELASTICSEARCH_MINIMUM_MASTER_NODES="${ELASTICSEARCH_MINIMUM_MASTER_NODES:-}" -export DB_MINIMUM_MASTER_NODES="$ELASTICSEARCH_MINIMUM_MASTER_NODES" -export ELASTICSEARCH_NODE_NAME="${ELASTICSEARCH_NODE_NAME:-}" -export DB_NODE_NAME="$ELASTICSEARCH_NODE_NAME" -export ELASTICSEARCH_FS_SNAPSHOT_REPO_PATH="${ELASTICSEARCH_FS_SNAPSHOT_REPO_PATH:-}" -export DB_FS_SNAPSHOT_REPO_PATH="$ELASTICSEARCH_FS_SNAPSHOT_REPO_PATH" -export ELASTICSEARCH_NODE_ROLES="${ELASTICSEARCH_NODE_ROLES:-}" -export DB_NODE_ROLES="$ELASTICSEARCH_NODE_ROLES" -export ELASTICSEARCH_PLUGINS="${ELASTICSEARCH_PLUGINS:-}" -export DB_PLUGINS="$ELASTICSEARCH_PLUGINS" -export ELASTICSEARCH_TRANSPORT_PORT_NUMBER="${ELASTICSEARCH_TRANSPORT_PORT_NUMBER:-9300}" -export DB_TRANSPORT_PORT_NUMBER="$ELASTICSEARCH_TRANSPORT_PORT_NUMBER" -export ELASTICSEARCH_HTTP_PORT_NUMBER="${ELASTICSEARCH_HTTP_PORT_NUMBER:-9200}" -export DB_HTTP_PORT_NUMBER="$ELASTICSEARCH_HTTP_PORT_NUMBER" - -# Elasticsearch Security configuration -export ELASTICSEARCH_ENABLE_SECURITY="${ELASTICSEARCH_ENABLE_SECURITY:-false}" -export DB_ENABLE_SECURITY="$ELASTICSEARCH_ENABLE_SECURITY" -export ELASTICSEARCH_PASSWORD="${ELASTICSEARCH_PASSWORD:-bitnami}" -export DB_PASSWORD="$ELASTICSEARCH_PASSWORD" -export ELASTICSEARCH_USERNAME="elastic" -export DB_USERNAME="$ELASTICSEARCH_USERNAME" -export ELASTICSEARCH_TLS_VERIFICATION_MODE="${ELASTICSEARCH_TLS_VERIFICATION_MODE:-full}" -export DB_TLS_VERIFICATION_MODE="$ELASTICSEARCH_TLS_VERIFICATION_MODE" -export ELASTICSEARCH_TLS_USE_PEM="${ELASTICSEARCH_TLS_USE_PEM:-false}" -export DB_TLS_USE_PEM="$ELASTICSEARCH_TLS_USE_PEM" -export ELASTICSEARCH_KEYSTORE_PASSWORD="${ELASTICSEARCH_KEYSTORE_PASSWORD:-}" -export DB_KEYSTORE_PASSWORD="$ELASTICSEARCH_KEYSTORE_PASSWORD" -export ELASTICSEARCH_TRUSTSTORE_PASSWORD="${ELASTICSEARCH_TRUSTSTORE_PASSWORD:-}" -export DB_TRUSTSTORE_PASSWORD="$ELASTICSEARCH_TRUSTSTORE_PASSWORD" -export ELASTICSEARCH_KEY_PASSWORD="${ELASTICSEARCH_KEY_PASSWORD:-}" -export DB_KEY_PASSWORD="$ELASTICSEARCH_KEY_PASSWORD" -export ELASTICSEARCH_KEYSTORE_LOCATION="${ELASTICSEARCH_KEYSTORE_LOCATION:-${DB_CERTS_DIR}/elasticsearch.keystore.jks}" -export DB_KEYSTORE_LOCATION="$ELASTICSEARCH_KEYSTORE_LOCATION" -export ELASTICSEARCH_TRUSTSTORE_LOCATION="${ELASTICSEARCH_TRUSTSTORE_LOCATION:-${DB_CERTS_DIR}/elasticsearch.truststore.jks}" -export DB_TRUSTSTORE_LOCATION="$ELASTICSEARCH_TRUSTSTORE_LOCATION" -export ELASTICSEARCH_NODE_CERT_LOCATION="${ELASTICSEARCH_NODE_CERT_LOCATION:-${DB_CERTS_DIR}/tls.crt}" -export DB_NODE_CERT_LOCATION="$ELASTICSEARCH_NODE_CERT_LOCATION" -export ELASTICSEARCH_NODE_KEY_LOCATION="${ELASTICSEARCH_NODE_KEY_LOCATION:-${DB_CERTS_DIR}/tls.key}" -export DB_NODE_KEY_LOCATION="$ELASTICSEARCH_NODE_KEY_LOCATION" -export ELASTICSEARCH_CA_CERT_LOCATION="${ELASTICSEARCH_CA_CERT_LOCATION:-${DB_CERTS_DIR}/ca.crt}" -export DB_CA_CERT_LOCATION="$ELASTICSEARCH_CA_CERT_LOCATION" -export ELASTICSEARCH_SKIP_TRANSPORT_TLS="${ELASTICSEARCH_SKIP_TRANSPORT_TLS:-false}" -export DB_SKIP_TRANSPORT_TLS="$ELASTICSEARCH_SKIP_TRANSPORT_TLS" -export ELASTICSEARCH_TRANSPORT_TLS_USE_PEM="${ELASTICSEARCH_TRANSPORT_TLS_USE_PEM:-$DB_TLS_USE_PEM}" -export DB_TRANSPORT_TLS_USE_PEM="$ELASTICSEARCH_TRANSPORT_TLS_USE_PEM" -export ELASTICSEARCH_TRANSPORT_TLS_KEYSTORE_PASSWORD="${ELASTICSEARCH_TRANSPORT_TLS_KEYSTORE_PASSWORD:-$DB_KEYSTORE_PASSWORD}" -export DB_TRANSPORT_TLS_KEYSTORE_PASSWORD="$ELASTICSEARCH_TRANSPORT_TLS_KEYSTORE_PASSWORD" -export ELASTICSEARCH_TRANSPORT_TLS_TRUSTSTORE_PASSWORD="${ELASTICSEARCH_TRANSPORT_TLS_TRUSTSTORE_PASSWORD:-$DB_TRUSTSTORE_PASSWORD}" -export DB_TRANSPORT_TLS_TRUSTSTORE_PASSWORD="$ELASTICSEARCH_TRANSPORT_TLS_TRUSTSTORE_PASSWORD" -export ELASTICSEARCH_TRANSPORT_TLS_KEY_PASSWORD="${ELASTICSEARCH_TRANSPORT_TLS_KEY_PASSWORD:-$DB_KEY_PASSWORD}" -export DB_TRANSPORT_TLS_KEY_PASSWORD="$ELASTICSEARCH_TRANSPORT_TLS_KEY_PASSWORD" -export ELASTICSEARCH_TRANSPORT_TLS_KEYSTORE_LOCATION="${ELASTICSEARCH_TRANSPORT_TLS_KEYSTORE_LOCATION:-$DB_KEYSTORE_LOCATION}" -export DB_TRANSPORT_TLS_KEYSTORE_LOCATION="$ELASTICSEARCH_TRANSPORT_TLS_KEYSTORE_LOCATION" -export ELASTICSEARCH_TRANSPORT_TLS_TRUSTSTORE_LOCATION="${ELASTICSEARCH_TRANSPORT_TLS_TRUSTSTORE_LOCATION:-$DB_TRUSTSTORE_LOCATION}" -export DB_TRANSPORT_TLS_TRUSTSTORE_LOCATION="$ELASTICSEARCH_TRANSPORT_TLS_TRUSTSTORE_LOCATION" -export ELASTICSEARCH_TRANSPORT_TLS_NODE_CERT_LOCATION="${ELASTICSEARCH_TRANSPORT_TLS_NODE_CERT_LOCATION:-$DB_NODE_CERT_LOCATION}" -export DB_TRANSPORT_TLS_NODE_CERT_LOCATION="$ELASTICSEARCH_TRANSPORT_TLS_NODE_CERT_LOCATION" -export ELASTICSEARCH_TRANSPORT_TLS_NODE_KEY_LOCATION="${ELASTICSEARCH_TRANSPORT_TLS_NODE_KEY_LOCATION:-$DB_NODE_KEY_LOCATION}" -export DB_TRANSPORT_TLS_NODE_KEY_LOCATION="$ELASTICSEARCH_TRANSPORT_TLS_NODE_KEY_LOCATION" -export ELASTICSEARCH_TRANSPORT_TLS_CA_CERT_LOCATION="${ELASTICSEARCH_TRANSPORT_TLS_CA_CERT_LOCATION:-$DB_CA_CERT_LOCATION}" -export DB_TRANSPORT_TLS_CA_CERT_LOCATION="$ELASTICSEARCH_TRANSPORT_TLS_CA_CERT_LOCATION" -export ELASTICSEARCH_ENABLE_REST_TLS="${ELASTICSEARCH_ENABLE_REST_TLS:-true}" -export DB_ENABLE_REST_TLS="$ELASTICSEARCH_ENABLE_REST_TLS" -export ELASTICSEARCH_HTTP_TLS_USE_PEM="${ELASTICSEARCH_HTTP_TLS_USE_PEM:-$DB_TLS_USE_PEM}" -export DB_HTTP_TLS_USE_PEM="$ELASTICSEARCH_HTTP_TLS_USE_PEM" -export ELASTICSEARCH_HTTP_TLS_KEYSTORE_PASSWORD="${ELASTICSEARCH_HTTP_TLS_KEYSTORE_PASSWORD:-$DB_KEYSTORE_PASSWORD}" -export DB_HTTP_TLS_KEYSTORE_PASSWORD="$ELASTICSEARCH_HTTP_TLS_KEYSTORE_PASSWORD" -export ELASTICSEARCH_HTTP_TLS_TRUSTSTORE_PASSWORD="${ELASTICSEARCH_HTTP_TLS_TRUSTSTORE_PASSWORD:-$DB_TRUSTSTORE_PASSWORD}" -export DB_HTTP_TLS_TRUSTSTORE_PASSWORD="$ELASTICSEARCH_HTTP_TLS_TRUSTSTORE_PASSWORD" -export ELASTICSEARCH_HTTP_TLS_KEY_PASSWORD="${ELASTICSEARCH_HTTP_TLS_KEY_PASSWORD:-$DB_KEY_PASSWORD}" -export DB_HTTP_TLS_KEY_PASSWORD="$ELASTICSEARCH_HTTP_TLS_KEY_PASSWORD" -export ELASTICSEARCH_HTTP_TLS_KEYSTORE_LOCATION="${ELASTICSEARCH_HTTP_TLS_KEYSTORE_LOCATION:-$DB_KEYSTORE_LOCATION}" -export DB_HTTP_TLS_KEYSTORE_LOCATION="$ELASTICSEARCH_HTTP_TLS_KEYSTORE_LOCATION" -export ELASTICSEARCH_HTTP_TLS_TRUSTSTORE_LOCATION="${ELASTICSEARCH_HTTP_TLS_TRUSTSTORE_LOCATION:-$DB_TRUSTSTORE_LOCATION}" -export DB_HTTP_TLS_TRUSTSTORE_LOCATION="$ELASTICSEARCH_HTTP_TLS_TRUSTSTORE_LOCATION" -export ELASTICSEARCH_HTTP_TLS_NODE_CERT_LOCATION="${ELASTICSEARCH_HTTP_TLS_NODE_CERT_LOCATION:-$DB_NODE_CERT_LOCATION}" -export DB_HTTP_TLS_NODE_CERT_LOCATION="$ELASTICSEARCH_HTTP_TLS_NODE_CERT_LOCATION" -export ELASTICSEARCH_HTTP_TLS_NODE_KEY_LOCATION="${ELASTICSEARCH_HTTP_TLS_NODE_KEY_LOCATION:-$DB_NODE_KEY_LOCATION}" -export DB_HTTP_TLS_NODE_KEY_LOCATION="$ELASTICSEARCH_HTTP_TLS_NODE_KEY_LOCATION" -export ELASTICSEARCH_HTTP_TLS_CA_CERT_LOCATION="${ELASTICSEARCH_HTTP_TLS_CA_CERT_LOCATION:-$DB_CA_CERT_LOCATION}" -export DB_HTTP_TLS_CA_CERT_LOCATION="$ELASTICSEARCH_HTTP_TLS_CA_CERT_LOCATION" -export ELASTICSEARCH_ENABLE_FIPS_MODE="${ELASTICSEARCH_ENABLE_FIPS_MODE:-false}" -export ELASTICSEARCH_KEYS="${ELASTICSEARCH_KEYS:-}" -export ELASTICSEARCH_ACTION_DESTRUCTIVE_REQUIRES_NAME="${ELASTICSEARCH_ACTION_DESTRUCTIVE_REQUIRES_NAME:-}" -export DB_ACTION_DESTRUCTIVE_REQUIRES_NAME="$ELASTICSEARCH_ACTION_DESTRUCTIVE_REQUIRES_NAME" - -# Custom environment variables may be defined below diff --git a/bitnami/elasticsearch/8/debian-11/rootfs/opt/bitnami/scripts/elasticsearch/entrypoint.sh b/bitnami/elasticsearch/8/debian-11/rootfs/opt/bitnami/scripts/elasticsearch/entrypoint.sh deleted file mode 100755 index 0261f5a3c97d..000000000000 --- a/bitnami/elasticsearch/8/debian-11/rootfs/opt/bitnami/scripts/elasticsearch/entrypoint.sh +++ /dev/null @@ -1,47 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -#set -o xtrace - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/libelasticsearch.sh - -# Load environment -. /opt/bitnami/scripts/elasticsearch-env.sh - -print_welcome_page - -# We add the copy from default config in the entrypoint to not break users -# bypassing the setup.sh logic. If the file already exists do not overwrite (in -# case someone mounts a configuration file in /opt/bitnami/elasticsearch/conf) -debug "Copying files from $DB_DEFAULT_CONF_DIR to $DB_CONF_DIR" -cp -nr "$DB_DEFAULT_CONF_DIR"/. "$DB_CONF_DIR" - -if ! is_dir_empty "$DB_DEFAULT_PLUGINS_DIR"; then - debug "Copying plugins from $DB_DEFAULT_PLUGINS_DIR to $DB_PLUGINS_DIR" - # Copy the plugins installed by default to the plugins directory - # If there is already a plugin with the same name in the plugins folder do nothing - for plugin_path in "${DB_DEFAULT_PLUGINS_DIR}"/*; do - plugin_name="$(basename "$plugin_path")" - plugin_moved_path="${DB_PLUGINS_DIR}/${plugin_name}" - if ! [[ -d "$plugin_moved_path" ]]; then - cp -r "$plugin_path" "$plugin_moved_path" - fi - done -fi - -if [[ "$1" = "/opt/bitnami/scripts/elasticsearch/run.sh" ]]; then - info "** Starting Elasticsearch setup **" - /opt/bitnami/scripts/elasticsearch/setup.sh - info "** Elasticsearch setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/elasticsearch/8/debian-11/rootfs/opt/bitnami/scripts/elasticsearch/healthcheck.sh b/bitnami/elasticsearch/8/debian-11/rootfs/opt/bitnami/scripts/elasticsearch/healthcheck.sh deleted file mode 100755 index e1e213dd0306..000000000000 --- a/bitnami/elasticsearch/8/debian-11/rootfs/opt/bitnami/scripts/elasticsearch/healthcheck.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libelasticsearch.sh - -# Load Elasticsearch environment variables -. /opt/bitnami/scripts/elasticsearch-env.sh - -elasticsearch_healthcheck diff --git a/bitnami/elasticsearch/8/debian-11/rootfs/opt/bitnami/scripts/elasticsearch/postunpack.sh b/bitnami/elasticsearch/8/debian-11/rootfs/opt/bitnami/scripts/elasticsearch/postunpack.sh deleted file mode 100755 index f501810da7e2..000000000000 --- a/bitnami/elasticsearch/8/debian-11/rootfs/opt/bitnami/scripts/elasticsearch/postunpack.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -# Load libraries -. /opt/bitnami/scripts/libelasticsearch.sh -. /opt/bitnami/scripts/libfs.sh - -# Load environment -. /opt/bitnami/scripts/elasticsearch-env.sh - -for dir in "$DB_TMP_DIR" "$DB_DATA_DIR" "$DB_LOGS_DIR" "${DB_BASE_DIR}/plugins" "${DB_BASE_DIR}/modules" "$DB_CONF_DIR" "$DB_VOLUME_DIR" "$DB_INITSCRIPTS_DIR" "$DB_MOUNTED_PLUGINS_DIR"; do - ensure_dir_exists "$dir" - chmod -R ug+rwX "$dir" -done - -elasticsearch_configure_logging - -for dir in "$DB_TMP_DIR" "$DB_DATA_DIR" "$DB_LOGS_DIR" "${DB_BASE_DIR}/plugins" "${DB_BASE_DIR}/modules" "$DB_CONF_DIR" "$DB_VOLUME_DIR" "$DB_INITSCRIPTS_DIR" "$DB_MOUNTED_PLUGINS_DIR"; do - # `elasticsearch-plugin install` command complains about being unable to create the a plugin's directory - # even when having the proper permissions. - # The reason: the code is checking trying to check the permissions by consulting the parent directory owner, - # instead of checking if the ES user actually has writing permissions. - # - # As a workaround, we will ensure the container works (at least) with the non-root user 1001. However, - # until we can avoid this hack, we can't guarantee this container to work on K8s distributions - # where containers are exectued with non-privileged users with random user IDs. - # - # Issue reported at: https://github.com/bitnami/bitnami-docker-elasticsearch/issues/50 - chown -R 1001:0 "$dir" -done - -elasticsearch_install_plugins - -# Copy all initially generated configuration files to the default directory -# (this is to avoid breaking when entrypoint is being overridden) -cp -r "${DB_CONF_DIR}/"* "$DB_DEFAULT_CONF_DIR" - -if ! is_dir_empty "$DB_PLUGINS_DIR"; then - # Move all initially installed plugins to the default plugins directory. In - # order to not dramatically increase the container size we add symlinks in the - # plugins directory (to avoid breaking when the entrypoint is being overridden) - for plugin_path in "${DB_PLUGINS_DIR}"/*; do - plugin_name="$(basename "$plugin_path")" - plugin_moved_path="${DB_DEFAULT_PLUGINS_DIR}/${plugin_name}" - mv "$plugin_path" "$plugin_moved_path" - ln -s "$plugin_moved_path" "$plugin_path" - done -fi diff --git a/bitnami/elasticsearch/8/debian-11/rootfs/opt/bitnami/scripts/elasticsearch/run.sh b/bitnami/elasticsearch/8/debian-11/rootfs/opt/bitnami/scripts/elasticsearch/run.sh deleted file mode 100755 index 531b4cc42f07..000000000000 --- a/bitnami/elasticsearch/8/debian-11/rootfs/opt/bitnami/scripts/elasticsearch/run.sh +++ /dev/null @@ -1,35 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -#set -o xtrace - -# Load libraries -. /opt/bitnami/scripts/libelasticsearch.sh -. /opt/bitnami/scripts/libos.sh - -# Load environment -. /opt/bitnami/scripts/elasticsearch-env.sh - -# Constants -EXEC=$(command -v elasticsearch) -ARGS=("-p" "$DB_PID_FILE") -[[ -z "${DB_EXTRA_FLAGS:-}" ]] || ARGS=("${ARGS[@]}" "${DB_EXTRA_FLAGS[@]}") -# JAVA_HOME to be deprecated, see warning: -# warning: usage of JAVA_HOME is deprecated, use ES_JAVA_HOME -export JAVA_HOME=/opt/bitnami/java -export ES_JAVA_HOME=/opt/bitnami/java - -ARGS+=("$@") - -info "** Starting Elasticsearch **" -if am_i_root; then - exec_as_user "$DB_DAEMON_USER" "$EXEC" "${ARGS[@]}" -else - exec "$EXEC" "${ARGS[@]}" -fi diff --git a/bitnami/elasticsearch/8/debian-11/rootfs/opt/bitnami/scripts/elasticsearch/setup.sh b/bitnami/elasticsearch/8/debian-11/rootfs/opt/bitnami/scripts/elasticsearch/setup.sh deleted file mode 100755 index cdea7cf9f84c..000000000000 --- a/bitnami/elasticsearch/8/debian-11/rootfs/opt/bitnami/scripts/elasticsearch/setup.sh +++ /dev/null @@ -1,35 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -#set -o xtrace - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libelasticsearch.sh - -# Load environment -. /opt/bitnami/scripts/elasticsearch-env.sh - -# Ensure Elasticsearch environment variables settings are valid -elasticsearch_validate -# Ensure Elasticsearch is stopped when this script ends -trap "elasticsearch_stop" EXIT -# Ensure 'daemon' user exists when running as 'root' -am_i_root && ensure_user_exists "$DB_DAEMON_USER" --group "$DB_DAEMON_GROUP" -# Ensure Elasticsearch is initialized -elasticsearch_initialize -# Ensure kernel settings are valid -elasticsearch_validate_kernel -# Install Elasticsearch plugins -elasticsearch_install_plugins -# Ensure custom initialization scripts are executed -elasticsearch_custom_init_scripts -# Ensure all the required keys are added after plugins are installed -elasticsearch_set_keys diff --git a/bitnami/elasticsearch/8/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh b/bitnami/elasticsearch/8/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh deleted file mode 100755 index c3a1e2383fa1..000000000000 --- a/bitnami/elasticsearch/8/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -print_welcome_page - -echo "" -exec "$@" diff --git a/bitnami/elasticsearch/8/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh b/bitnami/elasticsearch/8/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh deleted file mode 100755 index 52dbf4f13673..000000000000 --- a/bitnami/elasticsearch/8/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh - -# -# Java post-unpack operations -# - -# Override default files in the Java security directory. This is used for -# custom base images (with custom CA certificates or block lists is used) - -if [[ -n "${JAVA_EXTRA_SECURITY_DIR:-}" ]] && ! is_dir_empty "$JAVA_EXTRA_SECURITY_DIR"; then - info "Adding custom CAs to the Java security folder" - cp -Lr "${JAVA_EXTRA_SECURITY_DIR}/." /opt/bitnami/java/lib/security -fi diff --git a/bitnami/elasticsearch/8/debian-11/rootfs/opt/bitnami/scripts/libelasticsearch.sh b/bitnami/elasticsearch/8/debian-11/rootfs/opt/bitnami/scripts/libelasticsearch.sh deleted file mode 100644 index 4713bb5da79b..000000000000 --- a/bitnami/elasticsearch/8/debian-11/rootfs/opt/bitnami/scripts/libelasticsearch.sh +++ /dev/null @@ -1,929 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Elasticsearch library - -# shellcheck disable=SC1090,SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libversion.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Configure TLS settings -# Globals: -# ELASTICSEARCH_* -# Arguments: -# None -# Returns: -# None -######################### -elasticsearch_transport_tls_configuration() { - info "Configuring Elasticsearch Transport TLS settings..." - elasticsearch_conf_set xpack.security.transport.ssl.enabled "true" - elasticsearch_conf_set xpack.security.transport.ssl.verification_mode "$DB_TLS_VERIFICATION_MODE" - - if is_boolean_yes "$DB_TRANSPORT_TLS_USE_PEM"; then - debug "Configuring Transport Layer TLS settings using PEM certificates..." - ! is_empty_value "$DB_TRANSPORT_TLS_KEY_PASSWORD" && elasticsearch_set_key_value "xpack.security.transport.ssl.secure_key_passphrase" "$DB_TRANSPORT_TLS_KEY_PASSWORD" - elasticsearch_conf_set xpack.security.transport.ssl.key "$DB_TRANSPORT_TLS_NODE_KEY_LOCATION" - elasticsearch_conf_set xpack.security.transport.ssl.certificate "$DB_TRANSPORT_TLS_NODE_CERT_LOCATION" - elasticsearch_conf_set xpack.security.transport.ssl.certificate_authorities "$DB_TRANSPORT_TLS_CA_CERT_LOCATION" - else - debug "Configuring Transport Layer TLS settings using JKS/PKCS certificates..." - ! is_empty_value "$DB_TRANSPORT_TLS_KEYSTORE_PASSWORD" && elasticsearch_set_key_value "xpack.security.transport.ssl.keystore.secure_password" "$DB_TRANSPORT_TLS_KEYSTORE_PASSWORD" - ! is_empty_value "$DB_TRANSPORT_TLS_TRUSTSTORE_PASSWORD" && elasticsearch_set_key_value "xpack.security.transport.ssl.truststore.secure_password" "$DB_TRANSPORT_TLS_TRUSTSTORE_PASSWORD" - elasticsearch_conf_set xpack.security.transport.ssl.keystore.path "$DB_TRANSPORT_TLS_KEYSTORE_LOCATION" - elasticsearch_conf_set xpack.security.transport.ssl.truststore.path "$DB_TRANSPORT_TLS_TRUSTSTORE_LOCATION" - fi -} - -######################## -# Configure TLS settings -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -elasticsearch_http_tls_configuration() { - info "Configuring Elasticsearch HTTP TLS settings..." - elasticsearch_conf_set xpack.security.http.ssl.enabled "true" - if is_boolean_yes "$DB_HTTP_TLS_USE_PEM"; then - debug "Configuring REST API TLS settings using PEM certificates..." - ! is_empty_value "$DB_HTTP_TLS_KEY_PASSWORD" && elasticsearch_set_key_value "xpack.security.http.ssl.secure_key_passphrase" "$DB_HTTP_TLS_KEY_PASSWORD" - elasticsearch_conf_set xpack.security.http.ssl.key "$DB_HTTP_TLS_NODE_KEY_LOCATION" - elasticsearch_conf_set xpack.security.http.ssl.certificate "$DB_HTTP_TLS_NODE_CERT_LOCATION" - elasticsearch_conf_set xpack.security.http.ssl.certificate_authorities "$DB_HTTP_TLS_CA_CERT_LOCATION" - else - debug "Configuring REST API TLS settings using JKS/PKCS certificates..." - ! is_empty_value "$DB_HTTP_TLS_KEYSTORE_PASSWORD" && elasticsearch_set_key_value "xpack.security.http.ssl.keystore.secure_password" "$DB_HTTP_TLS_KEYSTORE_PASSWORD" - ! is_empty_value "$DB_HTTP_TLS_TRUSTSTORE_PASSWORD" && elasticsearch_set_key_value "xpack.security.http.ssl.truststore.secure_password" "$DB_HTTP_TLS_TRUSTSTORE_PASSWORD" - elasticsearch_conf_set xpack.security.http.ssl.keystore.path "$DB_HTTP_TLS_KEYSTORE_LOCATION" - elasticsearch_conf_set xpack.security.http.ssl.truststore.path "$DB_HTTP_TLS_TRUSTSTORE_LOCATION" - fi -} - -######################## -# Migrate old Elasticsearch data -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -migrate_old_data() { - warn "Persisted data follows old structure. Migrating to new one..." - warn "Custom configuration files won't be persisted any longer!" - local old_data_dir="${DB_DATA_DIR}/elasticsearch" - local old_custom_conf_file="${old_data_dir}/conf/elasticsearch_custom.yml" - local custom_conf_file="${DB_CONF_DIR}/elasticsearch_custom.yml" - if [[ -f "$old_custom_conf_file" ]]; then - debug "Adding old custom configuration to user configuration" - echo "" >>"$custom_conf_file" - cat "$old_custom_conf_file" >>"$custom_conf_file" - fi - debug "Adapting data to new file structure" - find "${old_data_dir}/data" -maxdepth 1 -mindepth 1 -exec mv {} "$DB_DATA_DIR" \; - debug "Removing data that is not persisted anymore from persisted directory" - rm -rf "$old_data_dir" "${DB_DATA_DIR}/java" -} - -######################## -# Set Elasticsearch keystore values -# Globals: -# ELASTICSEARCH_KEYS -# Arguments: -# None -# Returns: -# None -######################### -elasticsearch_set_keys() { - read -r -a keys_list <<<"$(tr ',;' ' ' <<<"$ELASTICSEARCH_KEYS")" - if [[ "${#keys_list[@]}" -gt 0 ]]; then - for key_value in "${keys_list[@]}"; do - read -r -a key_value <<<"$(tr '=' ' ' <<<"$key_value")" - local key="${key_value[0]}" - local value="${key_value[1]}" - - elasticsearch_set_key_value "$key" "$value" - done - fi -} - -######################## -# Set Elasticsearch keystore values -# Globals: -# ELASTICSEARCH_* -# Arguments: -# None -# Returns: -# None -######################### -elasticsearch_set_key_value() { - local key="${1:?missing key}" - local value="${2:?missing value}" - - debug "Storing key: ${key}" - elasticsearch-keystore add --stdin --force "$key" <<<"$value" - - am_i_root && chown "$DB_DAEMON_USER:$DB_DAEMON_GROUP" "${DB_CONF_DIR}/elasticsearch.keystore" - # Avoid exit code of previous commands to affect the result of this function - true -} - -#!/bin/bash -# -# Bitnami Elasticsearch/Opensearch common library - -# shellcheck disable=SC1090,SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libversion.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Write a configuration setting value -# Globals: -# DB_CONF_FILE -# Arguments: -# $1 - key -# $2 - value -# $3 - YAML type (string, int or bool) -# Returns: -# None -######################### -elasticsearch_conf_write() { - local -r key="${1:?Missing key}" - local -r value="${2:-}" - local -r type="${3:-string}" - local -r tempfile=$(mktemp) - - case "$type" in - string) - yq eval "(.${key}) |= \"${value}\"" "$DB_CONF_FILE" >"$tempfile" - ;; - int) - yq eval "(.${key}) |= ${value}" "$DB_CONF_FILE" >"$tempfile" - ;; - bool) - yq eval "(.${key}) |= (\"${value}\" | test(\"true\"))" "$DB_CONF_FILE" >"$tempfile" - ;; - *) - error "Type unknown: ${type}" - return 1 - ;; - esac - cp "$tempfile" "$DB_CONF_FILE" -} - -######################## -# Set a configuration setting value -# Globals: -# DB_CONF_FILE -# Arguments: -# $1 - key -# $2 - values (array) -# Returns: -# None -######################### -elasticsearch_conf_set() { - local key="${1:?missing key}" - shift - local values=("${@}") - - if [[ "${#values[@]}" -eq 0 ]]; then - stderr_print "$key" - stderr_print "missing values" - return 1 - elif [[ "${#values[@]}" -eq 1 ]] && [[ -n "${values[0]}" ]]; then - elasticsearch_conf_write "$key" "${values[0]}" - else - for i in "${!values[@]}"; do - if [[ -n "${values[$i]}" ]]; then - elasticsearch_conf_write "${key}[$i]" "${values[$i]}" - fi - done - fi -} - -######################## -# Check if Elasticsearch is running -# Globals: -# DB_TMP_DIR -# Arguments: -# None -# Returns: -# Boolean -######################### -is_elasticsearch_running() { - local pid - pid="$(get_pid_from_file "$DB_PID_FILE")" - - if [[ -z "$pid" ]]; then - false - else - is_service_running "$pid" - fi -} - -######################## -# Check if Elasticsearch is not running -# Globals: -# DB_TMP_DIR -# Arguments: -# None -# Returns: -# Boolean -######################### -is_elasticsearch_not_running() { - ! is_elasticsearch_running - return "$?" -} - -######################## -# Stop Elasticsearch -# Globals: -# DB_TMP_DIR -# Arguments: -# None -# Returns: -# None -######################### -elasticsearch_stop() { - ! is_elasticsearch_running && return - debug "Stopping ${DB_FLAVOR^}..." - stop_service_using_pid "$DB_PID_FILE" -} - -######################## -# Start Elasticsearch and wait until it's ready -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -elasticsearch_start() { - is_elasticsearch_running && return - - debug "Starting ${DB_FLAVOR^}..." - local command=("${DB_BASE_DIR}/bin/${DB_FLAVOR}" "-d" "-p" "$DB_PID_FILE") - am_i_root && command=("run_as_user" "$DB_DAEMON_USER" "${command[@]}") - if [[ "$BITNAMI_DEBUG" = true ]]; then - "${command[@]}" & - else - "${command[@]}" >/dev/null 2>&1 & - fi - - local retries=50 - local seconds=2 - # Check the process is running - retry_while "is_elasticsearch_running" "$retries" "$seconds" - # Check Elasticsearch API is reachable - retry_while "elasticsearch_healthcheck" "$retries" "$seconds" -} - -######################## -# Validate kernel settings -# Arguments: -# None -# Returns: -# None -######################### -elasticsearch_validate_kernel() { - # Auxiliary functions - validate_sysctl_key() { - local key="${1:?key is missing}" - local value="${2:?value is missing}" - local current_value - current_value="$(sysctl -n "$key")" - if [[ "$current_value" -lt "$value" ]]; then - error "Invalid kernel settings. ${DB_FLAVOR^} requires at least: $key = $value" - exit 1 - fi - } - - debug "Validating Kernel settings..." - if [[ $(yq eval .index.store.type "$DB_CONF_FILE") ]]; then - debug "Custom index.store.type found in the config file. Skipping kernel validation..." - else - validate_sysctl_key "fs.file-max" 65536 - fi - if [[ $(yq eval .node.store.allow_mmap "$DB_CONF_FILE") ]]; then - debug "Custom node.store.allow_mmap found in the config file. Skipping kernel validation..." - else - validate_sysctl_key "vm.max_map_count" 262144 - fi -} - -######################## -# Validate settings in DB_* env vars -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -elasticsearch_validate() { - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - validate_node_roles() { - if [ -n "$DB_NODE_ROLES" ]; then - read -r -a roles_list <<<"$(get_elasticsearch_roles)" - local master_role="master" - [[ "$DB_FLAVOR" = "opensearch" && "$APP_VERSION" =~ ^2\. ]] && master_role="cluster_manager" - if [[ "${#roles_list[@]}" -le 0 ]]; then - warn "Setting ${DB_FLAVOR^^}_NODE_ROLES is empty and ${DB_FLAVOR^^}_IS_DEDICATED_NODE is set to true, ${DB_FLAVOR^} will be configured as coordinating-only node." - fi - for role in "${roles_list[@]}"; do - case "$role" in - "$master_role" | data | data_content | data_hot | data_warm | data_cold | data_frozen | ingest | ml | remote_cluster_client | transform) ;; - - *) - print_validation_error "Invalid node role '$role'. Supported roles are '${master_role},data,data_content,data_hot,data_warm,data_cold,data_frozen,ingest,ml,remote_cluster_client,transform'" - ;; - esac - done - fi - } - - debug "Ensuring expected directories/files exist..." - am_i_root && ensure_user_exists "$DB_DAEMON_USER" --group "$DB_DAEMON_GROUP" - for dir in "$DB_TMP_DIR" "$DB_LOGS_DIR" "$DB_PLUGINS_DIR" "$DB_BASE_DIR/modules" "$DB_CONF_DIR"; do - ensure_dir_exists "$dir" - am_i_root && chown -R "$DB_DAEMON_USER:$DB_DAEMON_GROUP" "$dir" - done - - debug "Validating settings in DB_* env vars..." - for var in "DB_HTTP_PORT_NUMBER" "DB_TRANSPORT_PORT_NUMBER"; do - if ! err=$(validate_port "${!var}"); then - print_validation_error "An invalid port was specified in the environment variable $var: $err" - fi - done - - if ! is_boolean_yes "$DB_IS_DEDICATED_NODE"; then - warn "Setting ${DB_FLAVOR^^}_IS_DEDICATED_NODE is disabled." - warn "${DB_FLAVOR^^}_NODE_ROLES will be ignored and ${DB_FLAVOR^} will asume all different roles." - else - validate_node_roles - fi - - if [[ -n "$DB_BIND_ADDRESS" ]] && ! validate_ipv4 "$DB_BIND_ADDRESS"; then - print_validation_error "The Bind Address specified in the environment variable ${DB_FLAVOR^^}_BIND_ADDRESS is not a valid IPv4" - fi - - if is_boolean_yes "$DB_ENABLE_SECURITY"; then - if [[ "$DB_FLAVOR" = "opensearch" ]]; then - if [[ ! -f "$OPENSEARCH_SECURITY_ADMIN_KEY_LOCATION" ]] || [[ ! -f "$OPENSEARCH_SECURITY_ADMIN_CERT_LOCATION" ]]; then - print_validation_error "In order to enable Opensearch Security, you must provide a valid admin PEM key and certificate." - fi - if is_empty_value "$OPENSEARCH_SECURITY_NODES_DN"; then - print_validation_error "The variable OPENSEARCH_SECURITY_NODES_DN is required." - fi - if is_empty_value "$OPENSEARCH_SECURITY_ADMIN_DN"; then - print_validation_error "The variable OPENSEARCH_SECURITY_ADMIN_DN is required." - fi - if ! is_boolean_yes "$OPENSEARCH_ENABLE_REST_TLS"; then - print_validation_error "Opensearch does not support plaintext conections (HTTP) when Security is enabled." - fi - fi - if ! is_boolean_yes "$DB_SKIP_TRANSPORT_TLS"; then - if is_boolean_yes "$DB_TRANSPORT_TLS_USE_PEM"; then - if [[ ! -f "$DB_TRANSPORT_TLS_NODE_CERT_LOCATION" ]] || [[ ! -f "$DB_TRANSPORT_TLS_NODE_KEY_LOCATION" ]] || [[ ! -f "$DB_TRANSPORT_TLS_CA_CERT_LOCATION" ]]; then - print_validation_error "In order to configure the TLS encryption for ${DB_FLAVOR^} Transport you must provide your node key, certificate and a valid certification_authority certificate." - fi - elif [[ ! -f "$DB_TRANSPORT_TLS_KEYSTORE_LOCATION" ]] || [[ ! -f "$DB_TRANSPORT_TLS_TRUSTSTORE_LOCATION" ]]; then - print_validation_error "In order to configure the TLS encryption for ${DB_FLAVOR^} Transport with JKS/PKCS12 certs you must mount a valid keystore and truststore." - fi - fi - if is_boolean_yes "$DB_HTTP_TLS_USE_PEM"; then - if is_boolean_yes "$DB_HTTP_TLS_USE_PEM"; then - if [[ ! -f "$DB_HTTP_TLS_NODE_CERT_LOCATION" ]] || [[ ! -f "$DB_HTTP_TLS_NODE_KEY_LOCATION" ]] || [[ ! -f "$DB_HTTP_TLS_CA_CERT_LOCATION" ]]; then - print_validation_error "In order to configure the TLS encryption for ${DB_FLAVOR^} you must provide your node key, certificate and a valid certification_authority certificate." - fi - elif [[ ! -f "$DB_HTTP_TLS_KEYSTORE_LOCATION" ]] || [[ ! -f "$DB_HTTP_TLS_TRUSTSTORE_LOCATION" ]]; then - print_validation_error "In order to configure the TLS encryption for ${DB_FLAVOR^} with JKS/PKCS12 certs you must mount a valid keystore and truststore." - fi - fi - fi - - [[ "$error_code" -eq 0 ]] || exit "$error_code" -} - -######################## -# Determine the hostname by which Elasticsearch can be contacted -# Returns: -# The value of $DB_ADVERTISED_HOSTNAME or the current host address -######################## -get_elasticsearch_hostname() { - if [[ -n "$DB_ADVERTISED_HOSTNAME" ]]; then - echo "$DB_ADVERTISED_HOSTNAME" - else - get_machine_ip - fi -} - -######################## -# Evaluates the env variable DB_NODE_ROLES and replaces master with -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# Array of node roles -######################### -get_elasticsearch_roles() { - read -r -a roles_list_tmp <<<"$(tr ',;' ' ' <<<"$DB_NODE_ROLES")" - roles_list=("${roles_list_tmp[@]}") - for i in "${!roles_list[@]}"; do - if [[ ${roles_list[$i]} == "master" ]] && [[ "$DB_FLAVOR" = "opensearch" && "$APP_VERSION" =~ ^2\. ]]; then - roles_list[i]="cluster_manager" - fi - done - echo "${roles_list[@]}" -} - -######################## -# Configure cluster settings -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -elasticsearch_cluster_configuration() { - # Auxiliary functions - bind_address() { - if [[ -n "$DB_BIND_ADDRESS" ]]; then - echo "$DB_BIND_ADDRESS" - else - echo "0.0.0.0" - fi - } - - is_node_master() { - if is_boolean_yes "$DB_IS_DEDICATED_NODE"; then - if [ -n "$DB_NODE_ROLES" ]; then - read -r -a roles_list <<<"$(get_elasticsearch_roles)" - if [[ " ${roles_list[*]} " = *" master "* ]]; then - true - elif [[ "$DB_FLAVOR" = "opensearch" && " ${roles_list[*]} " = *" cluster_manager "* ]]; then - true - else - false - fi - else - false - fi - else - true - fi - } - - info "Configuring ${DB_FLAVOR^} cluster settings..." - elasticsearch_conf_set network.host "$(get_elasticsearch_hostname)" - elasticsearch_conf_set network.publish_host "$(get_elasticsearch_hostname)" - elasticsearch_conf_set network.bind_host "$(bind_address)" - elasticsearch_conf_set cluster.name "$DB_CLUSTER_NAME" - elasticsearch_conf_set node.name "${DB_NODE_NAME:-$(hostname)}" - - if [[ -n "$DB_CLUSTER_HOSTS" ]]; then - read -r -a host_list <<<"$(tr ',;' ' ' <<<"$DB_CLUSTER_HOSTS")" - master_list=("${host_list[@]}") - if [[ -n "$DB_CLUSTER_MASTER_HOSTS" ]]; then - read -r -a master_list <<<"$(tr ',;' ' ' <<<"$DB_CLUSTER_MASTER_HOSTS")" - fi - elasticsearch_conf_set discovery.seed_hosts "${host_list[@]}" - if is_node_master; then - if [[ "$DB_FLAVOR" = "opensearch" && "$APP_VERSION" =~ ^2\. ]]; then - elasticsearch_conf_set cluster.initial_cluster_manager_nodes "${master_list[@]}" - else - elasticsearch_conf_set cluster.initial_master_nodes "${master_list[@]}" - fi - fi - elasticsearch_conf_set discovery.initial_state_timeout "10m" - else - elasticsearch_conf_set "discovery.type" "single-node" - fi -} - -######################## -# Extend cluster settings with custom, user-provided config -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -elasticsearch_custom_configuration() { - local custom_conf_file="${DB_CONF_DIR}/my_${DB_FLAVOR}.yml" - local -r tempfile=$(mktemp) - [[ ! -s "$custom_conf_file" ]] && return - info "Adding custom configuration" - yq eval-all 'select(fileIndex == 0) * select(fileIndex == 1)' "$DB_CONF_FILE" "$custom_conf_file" >"$tempfile" - cp "$tempfile" "$DB_CONF_FILE" -} - -######################## -# Configure node roles. -# There are 3 scenarios: -# * If DB_IS_DEDICATED_NODE is disabled, 'node.roles' is omitted and assumes all the roles (check docs). -# * Otherwise, 'node.roles' with a list of roles provided with DB_NODE_ROLES. -# * In addition, if DB_NODE_ROLES is empty, node.roles will be configured empty, meaning that the role is 'coordinating-only'. -# -# Docs ref: https://www.elastic.co/guide/en/opensearch/reference/current/modules-node.html -# -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -elasticsearch_configure_node_roles() { - debug "Configure ${DB_FLAVOR^} Node roles..." - - local set_repo_path="no" - if is_boolean_yes "$DB_IS_DEDICATED_NODE"; then - read -r -a roles_list <<<"$(get_elasticsearch_roles)" - if [[ "${#roles_list[@]}" -eq 0 ]]; then - elasticsearch_conf_write node.roles "[]" int - else - elasticsearch_conf_set node.roles "${roles_list[@]}" - for role in "${roles_list[@]}"; do - case "$role" in - cluster_manager | master | data | data_content | data_hot | data_warm | data_cold | data_frozen) - set_repo_path="yes" - ;; - *) ;; - esac - done - fi - else - set_repo_path="yes" - fi - - if is_boolean_yes "$set_repo_path" && [[ -n "$DB_FS_SNAPSHOT_REPO_PATH" ]]; then - # Configure path.repo to restore snapshots from system repository - # It must be set on every cluster_manager an data node - # ref: https://www.elastic.co/guide/en/opensearch/reference/current/snapshots-register-repository.html#snapshots-filesystem-repository - elasticsearch_conf_set path.repo "$DB_FS_SNAPSHOT_REPO_PATH" - fi -} - -######################## -# Configure Heap Size -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -elasticsearch_set_heap_size() { - local heap_size - - # Remove heap.options if it already exists - rm -f "${DB_CONF_DIR}/jvm.options.d/heap.options" - - if [[ -n "$DB_HEAP_SIZE" ]]; then - debug "Using specified values for Xmx and Xms heap options..." - heap_size="$DB_HEAP_SIZE" - else - debug "Calculating appropriate Xmx and Xms values..." - local machine_mem="" - machine_mem="$(get_total_memory)" - if [[ "$machine_mem" -lt 65536 ]]; then - local max_allowed_memory - local calculated_heap_size - calculated_heap_size="$((machine_mem / 2))" - max_allowed_memory="$((DB_MAX_ALLOWED_MEMORY_PERCENTAGE * machine_mem))" - max_allowed_memory="$((max_allowed_memory / 100))" - # Allow for absolute memory limit when calculating limit from percentage - if [[ -n "$DB_MAX_ALLOWED_MEMORY" && "$max_allowed_memory" -gt "$DB_MAX_ALLOWED_MEMORY" ]]; then - max_allowed_memory="$DB_MAX_ALLOWED_MEMORY" - fi - if [[ "$calculated_heap_size" -gt "$max_allowed_memory" ]]; then - info "Calculated Java heap size of ${calculated_heap_size} will be limited to ${max_allowed_memory}" - calculated_heap_size="$max_allowed_memory" - fi - heap_size="${calculated_heap_size}m" - - else - heap_size=32768m - fi - fi - debug "Setting '-Xmx${heap_size} -Xms${heap_size}' heap options..." - cat >"${DB_CONF_DIR}/jvm.options.d/heap.options" < plugin - # get_plugin_name file://plugin.zip -> plugin - # get_plugin_name http://plugin-0.1.2.zip -> plugin - get_plugin_name() { - local plugin="${1:?missing plugin}" - # Remove any paths, and strip both the .zip extension and the version - basename "$plugin" | sed -E -e 's/.zip$//' -e 's/-[0-9]+\.[0-9]+(\.[0-9]+){0,}$//' - } - - # Collect plugins that should be installed offline - read -r -a mounted_plugins <<<"$(find "$DB_MOUNTED_PLUGINS_DIR" -type f -name "*.zip" -print0 | xargs -0)" - if [[ "${#mounted_plugins[@]}" -gt 0 ]]; then - for plugin in "${mounted_plugins[@]}"; do - plugins_list+=("file://${plugin}") - done - fi - - # Skip if there isn't any plugin to install - [[ -z "${plugins_list[*]:-}" ]] && return - - # Install plugins - debug "Installing plugins: ${plugins_list[*]}" - for plugin in "${plugins_list[@]}"; do - plugin_name="$(get_plugin_name "$plugin")" - [[ -n "$mandatory_plugins" ]] && mandatory_plugins="${mandatory_plugins},${plugin_name}" || mandatory_plugins="$plugin_name" - - # Check if the plugin was already installed - if [[ -d "${DB_PLUGINS_DIR}/${plugin_name}" ]]; then - debug "Plugin already installed: ${plugin}" - continue - fi - - debug "Installing plugin: ${plugin}" - if [[ "${BITNAMI_DEBUG:-false}" = true ]]; then - "$cmd" install -b -v "$plugin" - else - "$cmd" install -b -v "$plugin" >/dev/null 2>&1 - fi - done - - # Mark plugins as mandatory - elasticsearch_conf_set plugin.mandatory "$mandatory_plugins" -} - -######################## -# Run custom initialization scripts -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -elasticsearch_custom_init_scripts() { - read -r -a init_scripts <<<"$(find "$DB_INITSCRIPTS_DIR" -type f -name "*.sh" -print0 | xargs -0)" - if [[ "${#init_scripts[@]}" -gt 0 ]] && [[ ! -f "$DB_VOLUME_DIR"/.user_scripts_initialized ]]; then - info "Loading user's custom files from $DB_INITSCRIPTS_DIR" - for f in "${init_scripts[@]}"; do - debug "Executing $f" - case "$f" in - *.sh) - if [[ -x "$f" ]]; then - if ! "$f"; then - error "Failed executing $f" - return 1 - fi - else - warn "Sourcing $f as it is not executable by the current user, any error may cause initialization to fail" - . "$f" - fi - ;; - *) - warn "Skipping $f, supported formats are: .sh" - ;; - esac - done - touch "$DB_VOLUME_DIR"/.user_scripts_initialized - fi -} - -######################## -# Modify log4j2.properties to send events to stdout instead of a logfile -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -elasticsearch_configure_logging() { - # Back up the original file for users who'd like to use logfile logging - cp "${DB_CONF_DIR}/log4j2.properties" "${DB_CONF_DIR}/log4j2.file.properties" - - # Replace RollingFile with Console - replace_in_file "${DB_CONF_DIR}/log4j2.properties" "RollingFile" "Console" - - local -a delete_patterns=( - # Remove RollingFile specific settings - "^.*\.policies\..*$" "^.*\.filePattern.*$" "^.*\.fileName.*$" "^.*\.strategy\..*$" - # Remove headers - "^###.*$" - # Remove .log and .json because of multiline configurations (filename) - "^\s\s.*\.log" "^\s\s.*\.json" - # Remove default rolling logger and references - "^appender\.rolling" "appenderRef\.rolling" - # Remove _old loggers - "_old\." - # Remove .filePermissions config - "\.filePermissions" - ) - for pattern in "${delete_patterns[@]}"; do - remove_in_file "${DB_CONF_DIR}/log4j2.properties" "$pattern" - done -} - -######################## -# Check Elasticsearch/Opensearch health -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# 0 when healthy (or waiting for Opensearch security bootstrap) -# 1 when unhealthy -######################### -elasticsearch_healthcheck() { - info "Checking ${DB_FLAVOR^} health..." - local -r cmd="curl" - local command_args=("--silent" "--write-out" "%{http_code}") - local protocol="http" - local host - - host=$(get_elasticsearch_hostname) - - if is_boolean_yes "$DB_ENABLE_SECURITY"; then - command_args+=("-k" "--user" "${DB_USERNAME}:${DB_PASSWORD}") - is_boolean_yes "$DB_ENABLE_REST_TLS" && protocol="https" - fi - - # Combination of --silent, --output and --write-out allows us to obtain both the status code and the request body - output=$(mktemp) - command_args+=("-o" "$output" "${protocol}://${host}:${DB_HTTP_PORT_NUMBER}/_cluster/health?local=true") - HTTP_CODE=$("$cmd" "${command_args[@]}") - if [[ ${HTTP_CODE} -ge 200 && ${HTTP_CODE} -le 299 ]] || ([[ "$DB_FLAVOR" = "opensearch" ]] && [[ ${HTTP_CODE} -eq 503 ]] && grep -q "OpenSearch Security not initialized" "$output" ); then - rm "$output" - return 0 - else - rm "$output" - return 1 - fi -} diff --git a/bitnami/elasticsearch/8/debian-11/tags-info.yaml b/bitnami/elasticsearch/8/debian-11/tags-info.yaml deleted file mode 100644 index 9be5f685ddf2..000000000000 --- a/bitnami/elasticsearch/8/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "8" -- 8-debian-11 -- 8.12.1 -- latest diff --git a/bitnami/envoy/1.25/debian-11/Dockerfile b/bitnami/envoy/1.25/debian-11/Dockerfile deleted file mode 100644 index 804f651fa5ee..000000000000 --- a/bitnami/envoy/1.25/debian-11/Dockerfile +++ /dev/null @@ -1,52 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T00:47:24Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.25.11-debian-11-r27" \ - org.opencontainers.image.title="envoy" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="1.25.11" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "envoy-1.25.11-4-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="1.25.11" \ - BITNAMI_APP_NAME="envoy" \ - PATH="/opt/bitnami/envoy/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/envoy/bin/envoy" ] -CMD [ "-c", "/opt/bitnami/envoy/conf/envoy.yaml" ] diff --git a/bitnami/envoy/1.25/debian-11/docker-compose.yml b/bitnami/envoy/1.25/debian-11/docker-compose.yml deleted file mode 100644 index 10bb97516dbc..000000000000 --- a/bitnami/envoy/1.25/debian-11/docker-compose.yml +++ /dev/null @@ -1,7 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' -services: - envoy: - image: docker.io/bitnami/envoy:1.25 diff --git a/bitnami/envoy/1.25/debian-11/examples/frontend.yaml b/bitnami/envoy/1.25/debian-11/examples/frontend.yaml deleted file mode 100644 index 0803f3c36362..000000000000 --- a/bitnami/envoy/1.25/debian-11/examples/frontend.yaml +++ /dev/null @@ -1,58 +0,0 @@ -admin: - access_log_path: /tmp/admin_access.log - address: - socket_address: { address: 127.0.0.1, port_value: 8081 } - -static_resources: - listeners: - - name: listener_0 - address: - socket_address: { address: 0.0.0.0, port_value: 8080 } - filter_chains: - - filters: - - name: envoy.filters.network.http_connection_manager - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: ingress_http - codec_type: AUTO - route_config: - name: local_route - virtual_hosts: - - name: local_service - domains: ["*"] - routes: - - match: { prefix: "/nginx" } - route: { cluster: service1, prefix_rewrite: "/" } - - match: { prefix: "/apache" } - route: { cluster: service2, prefix_rewrite: "/" } - http_filters: - - name: envoy.filters.http.router - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router - clusters: - - name: service1 - connect_timeout: 0.25s - type: STRICT_DNS - lb_policy: ROUND_ROBIN - load_assignment: - cluster_name: some_service - endpoints: - - lb_endpoints: - - endpoint: - address: - socket_address: - address: service1 - port_value: 8080 - - name: service2 - connect_timeout: 0.25s - type: STRICT_DNS - lb_policy: ROUND_ROBIN - load_assignment: - cluster_name: some_service - endpoints: - - lb_endpoints: - - endpoint: - address: - socket_address: - address: service2 - port_value: 8080 diff --git a/bitnami/envoy/1.25/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/envoy/1.25/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index b34ef7729e77..000000000000 --- a/bitnami/envoy/1.25/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "envoy": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.25.11-4" - } -} \ No newline at end of file diff --git a/bitnami/envoy/1.25/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/envoy/1.25/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/envoy/1.25/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/envoy/1.25/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/envoy/1.25/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/envoy/1.25/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/envoy/1.25/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/envoy/1.25/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/envoy/1.25/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/envoy/1.25/debian-11/tags-info.yaml b/bitnami/envoy/1.25/debian-11/tags-info.yaml deleted file mode 100644 index adb69bc61dd4..000000000000 --- a/bitnami/envoy/1.25/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "1.25" -- 1.25-debian-11 -- 1.25.11 diff --git a/bitnami/envoy/1.26/debian-11/Dockerfile b/bitnami/envoy/1.26/debian-11/Dockerfile deleted file mode 100644 index 9170127fb17d..000000000000 --- a/bitnami/envoy/1.26/debian-11/Dockerfile +++ /dev/null @@ -1,52 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T01:02:20Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.26.7-debian-11-r19" \ - org.opencontainers.image.title="envoy" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="1.26.7" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "envoy-1.26.7-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="1.26.7" \ - BITNAMI_APP_NAME="envoy" \ - PATH="/opt/bitnami/envoy/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/envoy/bin/envoy" ] -CMD [ "-c", "/opt/bitnami/envoy/conf/envoy.yaml" ] diff --git a/bitnami/envoy/1.26/debian-11/docker-compose.yml b/bitnami/envoy/1.26/debian-11/docker-compose.yml deleted file mode 100644 index 6628e9d4789f..000000000000 --- a/bitnami/envoy/1.26/debian-11/docker-compose.yml +++ /dev/null @@ -1,7 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' -services: - envoy: - image: docker.io/bitnami/envoy:1.26 diff --git a/bitnami/envoy/1.26/debian-11/examples/frontend.yaml b/bitnami/envoy/1.26/debian-11/examples/frontend.yaml deleted file mode 100644 index 0803f3c36362..000000000000 --- a/bitnami/envoy/1.26/debian-11/examples/frontend.yaml +++ /dev/null @@ -1,58 +0,0 @@ -admin: - access_log_path: /tmp/admin_access.log - address: - socket_address: { address: 127.0.0.1, port_value: 8081 } - -static_resources: - listeners: - - name: listener_0 - address: - socket_address: { address: 0.0.0.0, port_value: 8080 } - filter_chains: - - filters: - - name: envoy.filters.network.http_connection_manager - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: ingress_http - codec_type: AUTO - route_config: - name: local_route - virtual_hosts: - - name: local_service - domains: ["*"] - routes: - - match: { prefix: "/nginx" } - route: { cluster: service1, prefix_rewrite: "/" } - - match: { prefix: "/apache" } - route: { cluster: service2, prefix_rewrite: "/" } - http_filters: - - name: envoy.filters.http.router - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router - clusters: - - name: service1 - connect_timeout: 0.25s - type: STRICT_DNS - lb_policy: ROUND_ROBIN - load_assignment: - cluster_name: some_service - endpoints: - - lb_endpoints: - - endpoint: - address: - socket_address: - address: service1 - port_value: 8080 - - name: service2 - connect_timeout: 0.25s - type: STRICT_DNS - lb_policy: ROUND_ROBIN - load_assignment: - cluster_name: some_service - endpoints: - - lb_endpoints: - - endpoint: - address: - socket_address: - address: service2 - port_value: 8080 diff --git a/bitnami/envoy/1.26/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/envoy/1.26/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index ff6665ee68f1..000000000000 --- a/bitnami/envoy/1.26/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "envoy": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.26.7-1" - } -} \ No newline at end of file diff --git a/bitnami/envoy/1.26/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/envoy/1.26/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/envoy/1.26/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/envoy/1.26/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/envoy/1.26/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/envoy/1.26/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/envoy/1.26/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/envoy/1.26/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/envoy/1.26/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/envoy/1.26/debian-11/tags-info.yaml b/bitnami/envoy/1.26/debian-11/tags-info.yaml deleted file mode 100644 index 43f05c9b9f68..000000000000 --- a/bitnami/envoy/1.26/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "1.26" -- 1.26-debian-11 -- 1.26.7 diff --git a/bitnami/envoy/1.27/debian-11/Dockerfile b/bitnami/envoy/1.27/debian-11/Dockerfile deleted file mode 100644 index 426da74fd4ef..000000000000 --- a/bitnami/envoy/1.27/debian-11/Dockerfile +++ /dev/null @@ -1,52 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T01:09:25Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.27.3-debian-11-r18" \ - org.opencontainers.image.title="envoy" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="1.27.3" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "envoy-1.27.3-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="1.27.3" \ - BITNAMI_APP_NAME="envoy" \ - PATH="/opt/bitnami/envoy/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/envoy/bin/envoy" ] -CMD [ "-c", "/opt/bitnami/envoy/conf/envoy.yaml" ] diff --git a/bitnami/envoy/1.27/debian-11/docker-compose.yml b/bitnami/envoy/1.27/debian-11/docker-compose.yml deleted file mode 100644 index fdc921c380b3..000000000000 --- a/bitnami/envoy/1.27/debian-11/docker-compose.yml +++ /dev/null @@ -1,7 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' -services: - envoy: - image: docker.io/bitnami/envoy:1.27 diff --git a/bitnami/envoy/1.27/debian-11/examples/frontend.yaml b/bitnami/envoy/1.27/debian-11/examples/frontend.yaml deleted file mode 100644 index 0803f3c36362..000000000000 --- a/bitnami/envoy/1.27/debian-11/examples/frontend.yaml +++ /dev/null @@ -1,58 +0,0 @@ -admin: - access_log_path: /tmp/admin_access.log - address: - socket_address: { address: 127.0.0.1, port_value: 8081 } - -static_resources: - listeners: - - name: listener_0 - address: - socket_address: { address: 0.0.0.0, port_value: 8080 } - filter_chains: - - filters: - - name: envoy.filters.network.http_connection_manager - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: ingress_http - codec_type: AUTO - route_config: - name: local_route - virtual_hosts: - - name: local_service - domains: ["*"] - routes: - - match: { prefix: "/nginx" } - route: { cluster: service1, prefix_rewrite: "/" } - - match: { prefix: "/apache" } - route: { cluster: service2, prefix_rewrite: "/" } - http_filters: - - name: envoy.filters.http.router - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router - clusters: - - name: service1 - connect_timeout: 0.25s - type: STRICT_DNS - lb_policy: ROUND_ROBIN - load_assignment: - cluster_name: some_service - endpoints: - - lb_endpoints: - - endpoint: - address: - socket_address: - address: service1 - port_value: 8080 - - name: service2 - connect_timeout: 0.25s - type: STRICT_DNS - lb_policy: ROUND_ROBIN - load_assignment: - cluster_name: some_service - endpoints: - - lb_endpoints: - - endpoint: - address: - socket_address: - address: service2 - port_value: 8080 diff --git a/bitnami/envoy/1.27/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/envoy/1.27/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index b815ddd9752b..000000000000 --- a/bitnami/envoy/1.27/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "envoy": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.27.3-1" - } -} \ No newline at end of file diff --git a/bitnami/envoy/1.27/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/envoy/1.27/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/envoy/1.27/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/envoy/1.27/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/envoy/1.27/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/envoy/1.27/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/envoy/1.27/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/envoy/1.27/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/envoy/1.27/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/envoy/1.27/debian-11/tags-info.yaml b/bitnami/envoy/1.27/debian-11/tags-info.yaml deleted file mode 100644 index 99a5e47b1d9a..000000000000 --- a/bitnami/envoy/1.27/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "1.27" -- 1.27-debian-11 -- 1.27.3 diff --git a/bitnami/envoy/1.28/debian-11/Dockerfile b/bitnami/envoy/1.28/debian-11/Dockerfile deleted file mode 100644 index 9ad6fde294c2..000000000000 --- a/bitnami/envoy/1.28/debian-11/Dockerfile +++ /dev/null @@ -1,52 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T01:17:06Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.28.1-debian-11-r18" \ - org.opencontainers.image.title="envoy" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="1.28.1" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "envoy-1.28.1-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="1.28.1" \ - BITNAMI_APP_NAME="envoy" \ - PATH="/opt/bitnami/envoy/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/envoy/bin/envoy" ] -CMD [ "-c", "/opt/bitnami/envoy/conf/envoy.yaml" ] diff --git a/bitnami/envoy/1.28/debian-11/docker-compose.yml b/bitnami/envoy/1.28/debian-11/docker-compose.yml deleted file mode 100644 index f004dd98038d..000000000000 --- a/bitnami/envoy/1.28/debian-11/docker-compose.yml +++ /dev/null @@ -1,7 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' -services: - envoy: - image: docker.io/bitnami/envoy:1.28 diff --git a/bitnami/envoy/1.28/debian-11/examples/frontend.yaml b/bitnami/envoy/1.28/debian-11/examples/frontend.yaml deleted file mode 100644 index 0803f3c36362..000000000000 --- a/bitnami/envoy/1.28/debian-11/examples/frontend.yaml +++ /dev/null @@ -1,58 +0,0 @@ -admin: - access_log_path: /tmp/admin_access.log - address: - socket_address: { address: 127.0.0.1, port_value: 8081 } - -static_resources: - listeners: - - name: listener_0 - address: - socket_address: { address: 0.0.0.0, port_value: 8080 } - filter_chains: - - filters: - - name: envoy.filters.network.http_connection_manager - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: ingress_http - codec_type: AUTO - route_config: - name: local_route - virtual_hosts: - - name: local_service - domains: ["*"] - routes: - - match: { prefix: "/nginx" } - route: { cluster: service1, prefix_rewrite: "/" } - - match: { prefix: "/apache" } - route: { cluster: service2, prefix_rewrite: "/" } - http_filters: - - name: envoy.filters.http.router - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router - clusters: - - name: service1 - connect_timeout: 0.25s - type: STRICT_DNS - lb_policy: ROUND_ROBIN - load_assignment: - cluster_name: some_service - endpoints: - - lb_endpoints: - - endpoint: - address: - socket_address: - address: service1 - port_value: 8080 - - name: service2 - connect_timeout: 0.25s - type: STRICT_DNS - lb_policy: ROUND_ROBIN - load_assignment: - cluster_name: some_service - endpoints: - - lb_endpoints: - - endpoint: - address: - socket_address: - address: service2 - port_value: 8080 diff --git a/bitnami/envoy/1.28/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/envoy/1.28/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index d9ad5eb070fe..000000000000 --- a/bitnami/envoy/1.28/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "envoy": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.28.1-1" - } -} \ No newline at end of file diff --git a/bitnami/envoy/1.28/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/envoy/1.28/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/envoy/1.28/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/envoy/1.28/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/envoy/1.28/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/envoy/1.28/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/envoy/1.28/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/envoy/1.28/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/envoy/1.28/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/envoy/1.28/debian-11/tags-info.yaml b/bitnami/envoy/1.28/debian-11/tags-info.yaml deleted file mode 100644 index 6c634427915d..000000000000 --- a/bitnami/envoy/1.28/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "1.28" -- 1.28-debian-11 -- 1.28.1 diff --git a/bitnami/envoy/1.29/debian-11/Dockerfile b/bitnami/envoy/1.29/debian-11/Dockerfile deleted file mode 100644 index b485d4c1b9ea..000000000000 --- a/bitnami/envoy/1.29/debian-11/Dockerfile +++ /dev/null @@ -1,52 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T01:27:34Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.29.1-debian-11-r19" \ - org.opencontainers.image.title="envoy" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="1.29.1" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "envoy-1.29.1-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="1.29.1" \ - BITNAMI_APP_NAME="envoy" \ - PATH="/opt/bitnami/envoy/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/envoy/bin/envoy" ] -CMD [ "-c", "/opt/bitnami/envoy/conf/envoy.yaml" ] diff --git a/bitnami/envoy/1.29/debian-11/docker-compose.yml b/bitnami/envoy/1.29/debian-11/docker-compose.yml deleted file mode 100644 index 56053c508f1b..000000000000 --- a/bitnami/envoy/1.29/debian-11/docker-compose.yml +++ /dev/null @@ -1,7 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' -services: - envoy: - image: docker.io/bitnami/envoy:1.29 diff --git a/bitnami/envoy/1.29/debian-11/examples/frontend.yaml b/bitnami/envoy/1.29/debian-11/examples/frontend.yaml deleted file mode 100644 index 0803f3c36362..000000000000 --- a/bitnami/envoy/1.29/debian-11/examples/frontend.yaml +++ /dev/null @@ -1,58 +0,0 @@ -admin: - access_log_path: /tmp/admin_access.log - address: - socket_address: { address: 127.0.0.1, port_value: 8081 } - -static_resources: - listeners: - - name: listener_0 - address: - socket_address: { address: 0.0.0.0, port_value: 8080 } - filter_chains: - - filters: - - name: envoy.filters.network.http_connection_manager - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager - stat_prefix: ingress_http - codec_type: AUTO - route_config: - name: local_route - virtual_hosts: - - name: local_service - domains: ["*"] - routes: - - match: { prefix: "/nginx" } - route: { cluster: service1, prefix_rewrite: "/" } - - match: { prefix: "/apache" } - route: { cluster: service2, prefix_rewrite: "/" } - http_filters: - - name: envoy.filters.http.router - typed_config: - "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router - clusters: - - name: service1 - connect_timeout: 0.25s - type: STRICT_DNS - lb_policy: ROUND_ROBIN - load_assignment: - cluster_name: some_service - endpoints: - - lb_endpoints: - - endpoint: - address: - socket_address: - address: service1 - port_value: 8080 - - name: service2 - connect_timeout: 0.25s - type: STRICT_DNS - lb_policy: ROUND_ROBIN - load_assignment: - cluster_name: some_service - endpoints: - - lb_endpoints: - - endpoint: - address: - socket_address: - address: service2 - port_value: 8080 diff --git a/bitnami/envoy/1.29/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/envoy/1.29/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 940040e3c11c..000000000000 --- a/bitnami/envoy/1.29/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "envoy": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.29.1-1" - } -} \ No newline at end of file diff --git a/bitnami/envoy/1.29/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/envoy/1.29/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/envoy/1.29/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/envoy/1.29/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/envoy/1.29/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/envoy/1.29/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/envoy/1.29/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/envoy/1.29/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/envoy/1.29/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/envoy/1.29/debian-11/tags-info.yaml b/bitnami/envoy/1.29/debian-11/tags-info.yaml deleted file mode 100644 index 7b95ac11e26c..000000000000 --- a/bitnami/envoy/1.29/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "1.29" -- 1.29-debian-11 -- 1.29.1 -- latest diff --git a/bitnami/etcd/3.4/debian-11/Dockerfile b/bitnami/etcd/3.4/debian-11/Dockerfile deleted file mode 100644 index 84c93c4db744..000000000000 --- a/bitnami/etcd/3.4/debian-11/Dockerfile +++ /dev/null @@ -1,59 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T08:09:20Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="3.4.30-debian-11-r20" \ - org.opencontainers.image.title="etcd" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="3.4.30" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "yq-4.41.1-0-linux-${OS_ARCH}-debian-11" \ - "etcd-3.4.30-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y ca-certificates curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/etcd/postunpack.sh -ENV APP_VERSION="3.4.30" \ - BITNAMI_APP_NAME="etcd" \ - ETCDCTL_API="3" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/etcd/bin:$PATH" - -EXPOSE 2379 2380 - -WORKDIR /opt/bitnami/etcd -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/etcd/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/etcd/run.sh" ] diff --git a/bitnami/etcd/3.4/debian-11/docker-compose.yml b/bitnami/etcd/3.4/debian-11/docker-compose.yml deleted file mode 100644 index d166c818d7aa..000000000000 --- a/bitnami/etcd/3.4/debian-11/docker-compose.yml +++ /dev/null @@ -1,15 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' - -services: - etcd: - image: docker.io/bitnami/etcd:3.4 - environment: - - ALLOW_NONE_AUTHENTICATION=yes - volumes: - - etcd_data:/bitnami/etcd -volumes: - etcd_data: - driver: local diff --git a/bitnami/etcd/3.4/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/etcd/3.4/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index c49ea2a11eec..000000000000 --- a/bitnami/etcd/3.4/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "etcd": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.4.30-1" - }, - "yq": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "4.41.1-0" - } -} \ No newline at end of file diff --git a/bitnami/etcd/3.4/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/etcd/3.4/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/etcd/3.4/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/etcd/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/etcd/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/etcd/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/etcd/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/etcd/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/etcd/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/etcd/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/etcd/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/etcd/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/etcd/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/etcd/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/etcd/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/etcd/3.4/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/etcd/3.4/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/etcd/3.4/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/etcd/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/etcd/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/etcd/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/etcd/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/etcd/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/etcd/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/etcd/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/etcd/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/etcd/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/etcd/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/etcd/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/etcd/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/etcd/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/etcd/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/etcd/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/etcd/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/etcd/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/etcd/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/etcd/3.4/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/etcd/3.4/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/etcd/3.4/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/etcd/3.4/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/etcd/3.4/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/etcd/3.4/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/etcd/3.4/debian-11/rootfs/opt/bitnami/scripts/etcd-env.sh b/bitnami/etcd/3.4/debian-11/rootfs/opt/bitnami/scripts/etcd-env.sh deleted file mode 100644 index 5ab58995c4c1..000000000000 --- a/bitnami/etcd/3.4/debian-11/rootfs/opt/bitnami/scripts/etcd-env.sh +++ /dev/null @@ -1,116 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for etcd - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-etcd}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -etcd_env_vars=( - ETCD_SNAPSHOTS_DIR - ETCD_SNAPSHOT_HISTORY_LIMIT - ETCD_INIT_SNAPSHOTS_DIR - ALLOW_NONE_AUTHENTICATION - ETCD_ROOT_PASSWORD - ETCD_CLUSTER_DOMAIN - ETCD_START_FROM_SNAPSHOT - ETCD_DISASTER_RECOVERY - ETCD_ON_K8S - ETCD_INIT_SNAPSHOT_FILENAME - ETCDCTL_API - ETCD_DISABLE_STORE_MEMBER_ID - ETCD_DISABLE_PRESTOP - ETCD_NAME - ETCD_LOG_LEVEL - ETCD_LISTEN_CLIENT_URLS - ETCD_ADVERTISE_CLIENT_URLS - ETCD_INITIAL_CLUSTER - ETCD_INITIAL_CLUSTER_STATE - ETCD_LISTEN_PEER_URLS - ETCD_INITIAL_ADVERTISE_PEER_URLS - ETCD_INITIAL_CLUSTER_TOKEN - ETCD_AUTO_TLS - ETCD_CERT_FILE - ETCD_KEY_FILE - ETCD_TRUSTED_CA_FILE - ETCD_CLIENT_CERT_AUTH - ETCD_PEER_AUTO_TLS -) -for env_var in "${etcd_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset etcd_env_vars - -# Paths -export ETCD_BASE_DIR="/opt/bitnami/etcd" -export ETCD_VOLUME_DIR="/bitnami/etcd" -export ETCD_BIN_DIR="${ETCD_BASE_DIR}/bin" -export ETCD_DATA_DIR="${ETCD_VOLUME_DIR}/data" -export ETCD_CONF_DIR="${ETCD_BASE_DIR}/conf" -export ETCD_TMP_DIR="${ETCD_BASE_DIR}/tmp" -export ETCD_CONF_FILE="${ETCD_CONF_DIR}/etcd.yaml" -export ETCD_SNAPSHOTS_DIR="${ETCD_SNAPSHOTS_DIR:-/snapshots}" -export ETCD_SNAPSHOT_HISTORY_LIMIT="${ETCD_SNAPSHOT_HISTORY_LIMIT:-1}" -export ETCD_INIT_SNAPSHOTS_DIR="${ETCD_INIT_SNAPSHOTS_DIR:-/init-snapshot}" -export ETCD_NEW_MEMBERS_ENV_FILE="${ETCD_DATA_DIR}/new_member_envs" -export PATH="${ETCD_BIN_DIR}:${BITNAMI_ROOT_DIR}/common/bin:${PATH}" - -# System users (when running with a privileged user) -export ETCD_DAEMON_USER="etcd" -export ETCD_DAEMON_GROUP="etcd" - -# etcd settings -export ALLOW_NONE_AUTHENTICATION="${ALLOW_NONE_AUTHENTICATION:-no}" -export ETCD_ROOT_PASSWORD="${ETCD_ROOT_PASSWORD:-}" -export ETCD_CLUSTER_DOMAIN="${ETCD_CLUSTER_DOMAIN:-}" -export ETCD_START_FROM_SNAPSHOT="${ETCD_START_FROM_SNAPSHOT:-no}" -export ETCD_DISASTER_RECOVERY="${ETCD_DISASTER_RECOVERY:-no}" -export ETCD_ON_K8S="${ETCD_ON_K8S:-no}" -export ETCD_INIT_SNAPSHOT_FILENAME="${ETCD_INIT_SNAPSHOT_FILENAME:-}" -export ETCDCTL_API="${ETCDCTL_API:-3}" -export ETCD_DISABLE_STORE_MEMBER_ID="${ETCD_DISABLE_STORE_MEMBER_ID:-no}" -export ETCD_DISABLE_PRESTOP="${ETCD_DISABLE_PRESTOP:-no}" - -# etcd native environment variables (see https://etcd.io/docs/current/op-guide/configuration) -export ETCD_NAME="${ETCD_NAME:-}" -export ETCD_LOG_LEVEL="${ETCD_LOG_LEVEL:-info}" -export ETCD_LISTEN_CLIENT_URLS="${ETCD_LISTEN_CLIENT_URLS:-http://0.0.0.0:2379}" -export ETCD_ADVERTISE_CLIENT_URLS="${ETCD_ADVERTISE_CLIENT_URLS:-http://127.0.0.1:2379}" -export ETCD_INITIAL_CLUSTER="${ETCD_INITIAL_CLUSTER:-}" -export ETCD_INITIAL_CLUSTER_STATE="${ETCD_INITIAL_CLUSTER_STATE:-}" -export ETCD_LISTEN_PEER_URLS="${ETCD_LISTEN_PEER_URLS:-}" -export ETCD_INITIAL_ADVERTISE_PEER_URLS="${ETCD_INITIAL_ADVERTISE_PEER_URLS:-}" -export ETCD_INITIAL_CLUSTER_TOKEN="${ETCD_INITIAL_CLUSTER_TOKEN:-}" -export ETCD_AUTO_TLS="${ETCD_AUTO_TLS:-false}" -export ETCD_CERT_FILE="${ETCD_CERT_FILE:-}" -export ETCD_KEY_FILE="${ETCD_KEY_FILE:-}" -export ETCD_TRUSTED_CA_FILE="${ETCD_TRUSTED_CA_FILE:-}" -export ETCD_CLIENT_CERT_AUTH="${ETCD_CLIENT_CERT_AUTH:-false}" -export ETCD_PEER_AUTO_TLS="${ETCD_PEER_AUTO_TLS:-false}" - -# Custom environment variables may be defined below diff --git a/bitnami/etcd/3.4/debian-11/rootfs/opt/bitnami/scripts/etcd/entrypoint.sh b/bitnami/etcd/3.4/debian-11/rootfs/opt/bitnami/scripts/etcd/entrypoint.sh deleted file mode 100755 index a41110e95496..000000000000 --- a/bitnami/etcd/3.4/debian-11/rootfs/opt/bitnami/scripts/etcd/entrypoint.sh +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -# Load etcd environment variables -. /opt/bitnami/scripts/etcd-env.sh - -print_welcome_page - -if [[ "$1" = "/opt/bitnami/scripts/etcd/run.sh" ]]; then - info "** Starting etcd setup **" - /opt/bitnami/scripts/etcd/setup.sh - info "** etcd setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/etcd/3.4/debian-11/rootfs/opt/bitnami/scripts/etcd/healthcheck.sh b/bitnami/etcd/3.4/debian-11/rootfs/opt/bitnami/scripts/etcd/healthcheck.sh deleted file mode 100755 index 3c978b7a5c78..000000000000 --- a/bitnami/etcd/3.4/debian-11/rootfs/opt/bitnami/scripts/etcd/healthcheck.sh +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o pipefail -set -o nounset - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/libetcd.sh - -# Load etcd environment settings -. /opt/bitnami/scripts/etcd-env.sh - -read -r -a advertised_array <<< "$(tr ',;' ' ' <<< "$ETCD_ADVERTISE_CLIENT_URLS")" -host="$(parse_uri "${advertised_array[0]}" "host")" -port="$(parse_uri "${advertised_array[0]}" "port")" -read -r -a extra_flags <<< "$(etcdctl_auth_flags)" -extra_flags+=("--endpoints=${host}:${port}") -if [[ $ETCD_AUTO_TLS = true ]]; then - extra_flags+=("--insecure-skip-tls-verify") -fi -if etcdctl endpoint health "${extra_flags[@]}"; then - exit 0 -else - error "Unhealthy endpoint!" - exit 1 -fi diff --git a/bitnami/etcd/3.4/debian-11/rootfs/opt/bitnami/scripts/etcd/postunpack.sh b/bitnami/etcd/3.4/debian-11/rootfs/opt/bitnami/scripts/etcd/postunpack.sh deleted file mode 100755 index 57d97c8c8ac6..000000000000 --- a/bitnami/etcd/3.4/debian-11/rootfs/opt/bitnami/scripts/etcd/postunpack.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh - -# Load etcd environment variables -. /opt/bitnami/scripts/etcd-env.sh - -for dir in "$ETCD_BIN_DIR" "$ETCD_DATA_DIR" "${ETCD_BASE_DIR}/certs"; do - ensure_dir_exists "$dir" -done -chmod -R g+rwX "$ETCD_DATA_DIR" "${ETCD_BASE_DIR}/certs" diff --git a/bitnami/etcd/3.4/debian-11/rootfs/opt/bitnami/scripts/etcd/prestop.sh b/bitnami/etcd/3.4/debian-11/rootfs/opt/bitnami/scripts/etcd/prestop.sh deleted file mode 100755 index b540eec49053..000000000000 --- a/bitnami/etcd/3.4/debian-11/rootfs/opt/bitnami/scripts/etcd/prestop.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 -set -o errexit -set -o pipefail -set -o nounset -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libetcd.sh - -# Load etcd environment settings -. /opt/bitnami/scripts/etcd-env.sh - -if is_boolean_yes "$ETCD_DISABLE_PRESTOP"; then - return 0 -fi - -endpoints="$(etcdctl_get_endpoints true)" -if is_empty_value "${endpoints}"; then - exit 0 -fi -read -r -a extra_flags <<<"$(etcdctl_auth_flags)" -extra_flags+=("--endpoints=${endpoints}" "--debug=true") -# We use 'sync' to ensure memory buffers are flushed to disk -# so we reduce the chances that the "member_removal.log" file is empty. -# ref: https://man7.org/linux/man-pages/man1/sync.1.html -etcdctl member remove "$(get_member_id)" "${extra_flags[@]}" >"$(dirname "$ETCD_DATA_DIR")/member_removal.log" -sync -d "$(dirname "$ETCD_DATA_DIR")/member_removal.log" diff --git a/bitnami/etcd/3.4/debian-11/rootfs/opt/bitnami/scripts/etcd/run.sh b/bitnami/etcd/3.4/debian-11/rootfs/opt/bitnami/scripts/etcd/run.sh deleted file mode 100755 index e9ce00f19e69..000000000000 --- a/bitnami/etcd/3.4/debian-11/rootfs/opt/bitnami/scripts/etcd/run.sh +++ /dev/null @@ -1,41 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libetcd.sh - -# Load etcd environment variables -. /opt/bitnami/scripts/etcd-env.sh - -is_empty_value "$ETCD_ROOT_PASSWORD" && unset ETCD_ROOT_PASSWORD -if [[ -f "$ETCD_NEW_MEMBERS_ENV_FILE" ]]; then - debug "Loading env vars of existing cluster" - . "$ETCD_NEW_MEMBERS_ENV_FILE" - # We rely on the original value of ETCD_INITIAL_CLUSTER - # when bootstrapping a new cluster since - # we need all initial members to calcualte a same cluster_id -fi - -declare -a cmd=("etcd") -# If provided, run using configuration file -# Using a configuration file will cause etcd to ignore other flags and environment variables -[[ -f "$ETCD_CONF_FILE" ]] && cmd+=("--config-file" "$ETCD_CONF_FILE") -cmd+=("$@") - -info "** Starting etcd **" -if am_i_root; then - exec_as_user "$ETCD_DAEMON_USER" "${cmd[@]}" -else - exec "${cmd[@]}" -fi diff --git a/bitnami/etcd/3.4/debian-11/rootfs/opt/bitnami/scripts/etcd/setup.sh b/bitnami/etcd/3.4/debian-11/rootfs/opt/bitnami/scripts/etcd/setup.sh deleted file mode 100755 index 2e9d28fad543..000000000000 --- a/bitnami/etcd/3.4/debian-11/rootfs/opt/bitnami/scripts/etcd/setup.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libetcd.sh - -# Load etcd environment settings -. /opt/bitnami/scripts/etcd-env.sh - -# Ensure etcd environment settings are valid -etcd_validate -# Ensure etcd is stopped when this script ends. -trap "etcd_stop" EXIT -# Ensure 'daemon' user exists when running as 'root' -am_i_root && ensure_user_exists "$ETCD_DAEMON_USER" --group "$ETCD_DAEMON_GROUP" -# Ensure etcd is initialized -etcd_initialize diff --git a/bitnami/etcd/3.4/debian-11/rootfs/opt/bitnami/scripts/etcd/snapshot.sh b/bitnami/etcd/3.4/debian-11/rootfs/opt/bitnami/scripts/etcd/snapshot.sh deleted file mode 100755 index 99c7c8209484..000000000000 --- a/bitnami/etcd/3.4/debian-11/rootfs/opt/bitnami/scripts/etcd/snapshot.sh +++ /dev/null @@ -1,40 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o pipefail -set -o nounset - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libetcd.sh - -# Load etcd environment settings -. /opt/bitnami/scripts/etcd-env.sh - -ensure_dir_exists "$ETCD_SNAPSHOTS_DIR" -endpoints="$(etcdctl_get_endpoints)" -read -r -a endpoints_array <<< "$(tr ',;' ' ' <<< "$endpoints")" -for e in "${endpoints_array[@]}"; do - debug "Using endpoint $e" - read -r -a extra_flags <<< "$(etcdctl_auth_flags)" - extra_flags+=("--endpoints=$e") - if etcdctl endpoint health "${extra_flags[@]}"; then - info "Snapshotting the keyspace" - current_time="$(date -u "+%Y-%m-%d_%H-%M")" - etcdctl snapshot save "${ETCD_SNAPSHOTS_DIR}/db-${current_time}" "${extra_flags[@]}" - find "${ETCD_SNAPSHOTS_DIR}/" -maxdepth 1 -type f -name 'db-*' \! -name "db-${current_time}" \ - | sort -r \ - | tail -n+$((1 + ETCD_SNAPSHOT_HISTORY_LIMIT)) \ - | xargs rm -f - exit 0 - else - warn "etcd endpoint $e not healthy. Trying a different endpoint" - fi -done -error "all etcd endpoints are unhealthy!" -exit 1 diff --git a/bitnami/etcd/3.4/debian-11/rootfs/opt/bitnami/scripts/libetcd.sh b/bitnami/etcd/3.4/debian-11/rootfs/opt/bitnami/scripts/libetcd.sh deleted file mode 100644 index 215b934a70fc..000000000000 --- a/bitnami/etcd/3.4/debian-11/rootfs/opt/bitnami/scripts/libetcd.sh +++ /dev/null @@ -1,818 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami etcd library - -# shellcheck disable=SC1090,SC1091,SC2119,SC2120 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/libservice.sh - -# Functions - -######################## -# Write a configuration setting value -# Globals: -# ETCD_CONF_FILE -# Arguments: -# $1 - key -# $2 - value -# $3 - YAML type (string, int or bool) -# Returns: -# None -######################### -etcd_conf_write() { - local -r key="${1:?Missing key}" - local -r value="${2:-}" - local -r type="${3:-string}" - local -r tempfile=$(mktemp) - - [[ -z "$value" ]] && return - [[ ! -f "$ETCD_CONF_FILE" ]] && touch "$ETCD_CONF_FILE" - case "$type" in - string) - yq eval "(.${key}) |= \"${value}\"" "$ETCD_CONF_FILE" >"$tempfile" - ;; - bool) - yq eval "(.${key}) |= (\"${value}\" | test(\"true\"))" "$ETCD_CONF_FILE" >"$tempfile" - ;; - raw) - yq eval "(.${key}) |= ${value}" "$ETCD_CONF_FILE" >"$tempfile" - ;; - *) - error "Type unknown: ${type}" - return 1 - ;; - esac - cp "$tempfile" "$ETCD_CONF_FILE" -} - -######################## -# Creates etcd configuration file from environment variables -# Globals: -# ETCD_CFG_* -# Arguments: -# None -# Returns: -# None -######################### -etcd_setup_from_environment_variables() { - ## Except for Client and Peer TLS configuration, - ## all etcd settings consists of ETCD_FLAG_NAME - ## transformed into flag-name and configured under the yaml config root. - local -a client_tls_values=( - "ETCD_CFG_CERT_FILE" - "ETCD_CFG_KEY_FILE" - "ETCD_CFG_CLIENT_CERT_AUTH" - "ETCD_CFG_TRUSTED_CA_FILE" - "ETCD_CFG_AUTO_TLS" - "ETCD_CFG_CA_FILE" - ) - info "Generating etcd config file using env variables" - # Map environment variables to config properties for cassandra-env.sh - for var in "${!ETCD_CFG_@}"; do - value="${!var:-}" - if [[ -n "$value" ]]; then - type="string" - # Detect if value is digit or bool - if [[ "$value" =~ ^[+-]?[0-9]+([.][0-9]+)?$ || "$value" =~ ^(true|false)$ ]]; then - type="raw" - fi - if [[ ${client_tls_values[*]} =~ ${var} ]]; then - key="$(echo "$var" | sed -e 's/^ETCD_CFG_//g' -e 's/_/-/g' | tr '[:upper:]' '[:lower:]')" - etcd_conf_write "client-transport-security.${key}" "$value" "$type" - elif [[ "$var" =~ "ETCD_CFG_CLIENT_" ]]; then - key="$(echo "$var" | sed -e 's/^ETCD_CFG_CLIENT_//g' -e 's/_/-/g' | tr '[:upper:]' '[:lower:]')" - etcd_conf_write "client-transport-security.${key}" "$value" "$type" - elif [[ "$var" =~ "ETCD_CFG_PEER_" ]]; then - key="$(echo "$var" | sed -e 's/^ETCD_CFG_PEER_//g' -e 's/_/-/g' | tr '[:upper:]' '[:lower:]')" - etcd_conf_write "peer-transport-security.${key}" "$value" "$type" - else - # shellcheck disable=SC2001 - key="$(echo "$var" | sed -e 's/^ETCD_CFG_//g' -e 's/_/-/g' | tr '[:upper:]' '[:lower:]')" - etcd_conf_write "$key" "$value" "$type" - fi - fi - done - if am_i_root; then - chown "$ETCD_DAEMON_USER" "$ETCD_CONF_FILE" - fi -} - -######################## -# Validate settings in ETCD_* environment variables -# Globals: -# ETCD_* -# Arguments: -# None -# Returns: -# None -######################### -etcd_validate() { - info "Validating settings in ETCD_* env vars.." - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if is_boolean_yes "$ALLOW_NONE_AUTHENTICATION"; then - warn "You set the environment variable ALLOW_NONE_AUTHENTICATION=${ALLOW_NONE_AUTHENTICATION}. For safety reasons, do not use this flag in a production environment." - else - is_empty_value "$ETCD_ROOT_PASSWORD" && print_validation_error "The ETCD_ROOT_PASSWORD environment variable is empty or not set. Set the environment variable ALLOW_NONE_AUTHENTICATION=yes to allow a blank password. This is only recommended for development environments." - fi - if is_boolean_yes "$ETCD_START_FROM_SNAPSHOT" && [[ ! -f "${ETCD_INIT_SNAPSHOTS_DIR}/${ETCD_INIT_SNAPSHOT_FILENAME}" ]]; then - print_validation_error "You are trying to initialize etcd from a snapshot, but no snapshot was found. Set the environment variable ETCD_INIT_SNAPSHOT_FILENAME with the snapshot filename and mount it at '${ETCD_INIT_SNAPSHOTS_DIR}' directory." - fi - - [[ "$error_code" -eq 0 ]] || return "$error_code" -} - -######################## -# Check if etcd is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_etcd_running() { - local pid - pid="$(pgrep -f "^etcd" || true)" - - # etcd does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - if [[ -n "${ETCD_PID_FILE:-}" ]]; then - echo "$pid" >"$ETCD_PID_FILE" - fi - - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if etcd is running -# Globals: -# ETCD_PID_FILE -# Arguments: -# None -# Returns: -# Whether etcd is not running -######################## -is_etcd_not_running() { - ! is_etcd_running -} - -######################## -# Stop etcd -# Arguments: -# None -# Returns: -# None -######################### -etcd_stop() { - local pid - ! is_etcd_running && return - - info "Stopping etcd" - # Ensure process matches etcd binary with or without options - pid="$(pgrep -f "^etcd")" - local counter=10 - kill "$pid" - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start etcd in background -# Arguments: -# None -# Returns: -# None -######################### -etcd_start_bg() { - is_etcd_running && return - - info "Starting etcd in background" - local start_command=("etcd") - am_i_root && start_command=("run_as_user" "$ETCD_DAEMON_USER" "${start_command[@]}") - [[ -f "$ETCD_CONF_FILE" ]] && start_command+=("--config-file" "$ETCD_CONF_FILE") - debug_execute "${start_command[@]}" & - sleep 3 -} - -######################## -# Obtain endpoints to connect when running 'ectdctl' -# Globals: -# ETCD_* -# Arguments: -# $1 - exclude current member from the list (default: false) -# Returns: -# String -######################## -etcdctl_get_endpoints() { - local only_others=${1:-false} - local -a endpoints=() - local host domain port - - ip_has_valid_hostname() { - local ip="${1:?ip is required}" - local parent_domain="${1:?parent_domain is required}" - - # 'getent hosts $ip' can return hostnames in 2 different formats: - # POD_NAME.HEADLESS_SVC_DOMAIN.NAMESPACE.svc.cluster.local (using headless service domain) - # 10-237-136-79.SVC_DOMAIN.NAMESPACE.svc.cluster.local (using POD's IP and service domain) - # We need to discard the latter to avoid issues when TLS verification is enabled. - [[ "$(getent hosts "$ip")" = *"$parent_domain"* ]] && return 0 - return 1 - } - - hostname_has_ips() { - local hostname="${1:?hostname is required}" - [[ "$(getent ahosts "$hostname")" != "" ]] && return 0 - return 1 - } - - # This piece of code assumes this code is executed on a K8s environment - # where etcd members are part of a statefulset that uses a headless service - # to create a unique FQDN per member. Under these circumstances, the - # ETCD_ADVERTISE_CLIENT_URLS env. variable is created as follows: - # SCHEME://POD_NAME.HEADLESS_SVC_DOMAIN:CLIENT_PORT,SCHEME://SVC_DOMAIN:SVC_CLIENT_PORT - # - # Assuming this, we can extract the HEADLESS_SVC_DOMAIN and obtain - # every available endpoint - read -r -a advertised_array <<<"$(tr ',;' ' ' <<<"$ETCD_ADVERTISE_CLIENT_URLS")" - host="$(parse_uri "${advertised_array[0]}" "host")" - port="$(parse_uri "${advertised_array[0]}" "port")" - domain="${host#"${ETCD_NAME}."}" - # When ETCD_CLUSTER_DOMAIN is set, we use that value instead of extracting - # it from ETCD_ADVERTISE_CLIENT_URLS - ! is_empty_value "$ETCD_CLUSTER_DOMAIN" && domain="$ETCD_CLUSTER_DOMAIN" - # Depending on the K8s distro & the DNS plugin, it might need - # a few seconds to associate the POD(s) IP(s) to the headless svc domain - if retry_while "hostname_has_ips $domain"; then - local -r ahosts="$(getent ahosts "$domain" | awk '{print $1}' | uniq | wc -l)" - for i in $(seq 0 $((ahosts - 1))); do - # We use the StatefulSet name stored in MY_STS_NAME to get the peer names based on the number of IPs registered in the headless service - pod_name="${MY_STS_NAME}-${i}" - if ! { [[ $only_others = true ]] && [[ "$pod_name" = "$MY_POD_NAME" ]]; }; then - endpoints+=("${pod_name}.${ETCD_CLUSTER_DOMAIN}:${port:-2380}") - fi - done - fi - echo "${endpoints[*]}" | tr ' ' ',' -} - -######################## -# Obtain etcdctl authentication flags to use -# Globals: -# ETCD_* -# Arguments: -# None -# Returns: -# Array with extra flags to use for authentication -######################### -etcdctl_auth_flags() { - local -a authFlags=() - - ! is_empty_value "$ETCD_ROOT_PASSWORD" && authFlags+=("--user" "root:$ETCD_ROOT_PASSWORD") - if [[ $ETCD_AUTO_TLS = true ]]; then - authFlags+=("--cert" "${ETCD_DATA_DIR}/fixtures/client/cert.pem" "--key" "${ETCD_DATA_DIR}/fixtures/client/key.pem") - else - [[ -f "$ETCD_CERT_FILE" ]] && [[ -f "$ETCD_KEY_FILE" ]] && authFlags+=("--cert" "$ETCD_CERT_FILE" "--key" "$ETCD_KEY_FILE") - [[ -f "$ETCD_TRUSTED_CA_FILE" ]] && authFlags+=("--cacert" "$ETCD_TRUSTED_CA_FILE") - fi - echo "${authFlags[@]}" -} - -######################## -# Stores etcd member ID in the data directory -# Globals: -# ETCD_* -# Arguments: -# None -# Returns: -# None -######################## -etcd_store_member_id() { - if is_boolean_yes "$ETCD_DISABLE_STORE_MEMBER_ID"; then - return 0 - fi - local -a extra_flags - local member_id="" - info "Obtaining cluster member ID" - etcd_start_bg - read -r -a extra_flags <<<"$(etcdctl_auth_flags)" - is_boolean_yes "$ETCD_ON_K8S" && extra_flags+=("--endpoints=$(etcdctl_get_endpoints)") - if retry_while "etcdctl ${extra_flags[*]:-} member list" >/dev/null 2>&1; then - while is_empty_value "$member_id"; do - read -r -a advertised_array <<<"$(tr ',;' ' ' <<<"$ETCD_ADVERTISE_CLIENT_URLS")" - member_id="$(etcdctl "${extra_flags[@]}" member list | grep -w "${advertised_array[0]}" | awk -F "," '{ print $1}' || true)" - done - # We use 'sync' to ensure memory buffers are flushed to disk - # so we reduce the chances that the "member_id" file is empty. - # ref: https://man7.org/linux/man-pages/man1/sync.1.html - echo "$member_id" >"${ETCD_DATA_DIR}/member_id" - sync -d "${ETCD_DATA_DIR}/member_id" - info "Stored member ID: $(cat "${ETCD_DATA_DIR}/member_id")" - fi - etcd_stop -} - -######################## -# Configure etcd RBAC (do not confuse with K8s RBAC) -# Globals: -# ETCD_* -# Arguments: -# None -# Returns: -# None -######################## -etcd_configure_rbac() { - - ! is_etcd_running && etcd_start_bg - read -r -a extra_flags <<<"$(etcdctl_auth_flags)" - - is_boolean_yes "$ETCD_ON_K8S" && extra_flags+=("--endpoints=$(etcdctl_get_endpoints)") - if retry_while "etcdctl ${extra_flags[*]} member list" >/dev/null 2>&1; then - if retry_while "etcdctl ${extra_flags[*]} auth status" >/dev/null 2>&1; then - if etcdctl "${extra_flags[@]}" auth status | grep -q "Authentication Status: true"; then - info "Authentication already enabled" - else - info "Enabling etcd authentication" - is_boolean_yes "$ETCD_ON_K8S" && extra_flags=("--endpoints=$(etcdctl_get_endpoints)") - etcdctl "${extra_flags[@]}" user add root --interactive=false <<<"$ETCD_ROOT_PASSWORD" - etcdctl "${extra_flags[@]}" user grant-role root root - etcdctl "${extra_flags[@]}" auth enable - fi - fi - fi - etcd_stop -} - -######################## -# Checks if the member was successfully removed from the cluster -# Globals: -# ETCD_* -# Arguments: -# None -# Returns: -# None -######################## -was_etcd_member_removed() { - local return_value=0 - - if grep -sqE "^Member[[:space:]]+[a-z0-9]+\s+removed\s+from\s+cluster\s+[a-z0-9]+$" "${ETCD_VOLUME_DIR}/member_removal.log"; then - debug "Removal was properly recorded in member_removal.log" - rm -rf "${ETCD_DATA_DIR:?}/"* - elif [[ ! -d "${ETCD_DATA_DIR}/member/snap" ]] && is_empty_value "$(get_member_id)"; then - debug "Missing member data" - rm -rf "${ETCD_DATA_DIR:?}/"* - else - return_value=1 - fi - rm -f "${ETCD_VOLUME_DIR}/member_removal.log" - return $return_value -} - -######################## -# Checks if etcd needs to bootstrap a new cluster -# Globals: -# ETCD_* -# Arguments: -# None -# Returns: -# Boolean -######################## -is_new_etcd_cluster() { - [[ "$ETCD_INITIAL_CLUSTER_STATE" = "new" ]] && [[ "$ETCD_INITIAL_CLUSTER" = *"$ETCD_INITIAL_ADVERTISE_PEER_URLS"* ]] -} - -######################## -# Setup ETCD_ACTIVE_ENDPOINTS environment variable, will return the number of active endpoints , cluster size (including not active member) and the ETCD_ACTIVE_ENDPOINTS (which is also export) -# Globals: -# ETCD_* -# Arguments: -# None -# Returns: -# List of Numbers (active_endpoints, cluster_size, ETCD_ACTIVE_ENDPOINTS) -######################## -setup_etcd_active_endpoints() { - local active_endpoints=0 - local -a extra_flags active_endpoints_array - local -a endpoints_array=() - local host port - - is_boolean_yes "$ETCD_ON_K8S" && read -r -a endpoints_array <<<"$(tr ',;' ' ' <<<"$(etcdctl_get_endpoints)")" - local -r cluster_size=${#endpoints_array[@]} - read -r -a advertised_array <<<"$(tr ',;' ' ' <<<"$ETCD_ADVERTISE_CLIENT_URLS")" - host="$(parse_uri "${advertised_array[0]}" "host")" - port="$(parse_uri "${advertised_array[0]}" "port")" - if [[ $cluster_size -gt 0 ]]; then - for e in "${endpoints_array[@]}"; do - read -r -a extra_flags <<<"$(etcdctl_auth_flags)" - extra_flags+=("--endpoints=$e") - if [[ "$e" != "$host:$port" ]] && etcdctl endpoint health "${extra_flags[@]}" >/dev/null 2>&1; then - debug "$e endpoint is active" - ((active_endpoints++)) - active_endpoints_array+=("$e") - fi - done - ETCD_ACTIVE_ENDPOINTS=$(echo "${active_endpoints_array[*]}" | tr ' ' ',') - export ETCD_ACTIVE_ENDPOINTS - fi - echo "${active_endpoints} ${cluster_size} ${ETCD_ACTIVE_ENDPOINTS}" -} - -######################## -# Checks if there are enough active members, will also set ETCD_ACTIVE_ENDPOINTS -# Globals: -# ETCD_* -# Arguments: -# None -# Returns: -# Boolean -######################## -is_healthy_etcd_cluster() { - local return_value=0 - local active_endpoints cluster_size - read -r active_endpoints cluster_size ETCD_ACTIVE_ENDPOINTS <<<"$(setup_etcd_active_endpoints)" - export ETCD_ACTIVE_ENDPOINTS - - if is_boolean_yes "$ETCD_DISASTER_RECOVERY"; then - if [[ -f "/snapshots/.disaster_recovery" ]]; then - # Remove current node from the ones that need to recover - remove_in_file "/snapshots/.disaster_recovery" "$host:$port" - # Remove nodes that do not exist anymore from the ones that need to recover - read -r -a recovery_array <<<"$(tr '\n' ' ' <"/snapshots/.disaster_recovery")" - for r in "${recovery_array[@]}"; do - if [[ ! "${endpoints_array[*]}" =~ $r ]]; then - remove_in_file "/snapshots/.disaster_recovery" "$r" - fi - done - if [[ $(wc -w <"/snapshots/.disaster_recovery") -eq 0 ]]; then - debug "Last member to recover from the disaster!" - rm "/snapshots/.disaster_recovery" - fi - return_value=1 - else - if [[ $active_endpoints -lt $(((cluster_size + 1) / 2)) ]]; then - debug "There are no enough active endpoints!" - for e in "${endpoints_array[@]}"; do - [[ "$e" != "$host:$port" ]] && [[ "$e" != ":$port" ]] && echo "$e" >>"/snapshots/.disaster_recovery" - done - return_value=1 - fi - fi - else - if [[ $active_endpoints -lt $(((cluster_size + 1) / 2)) ]]; then - debug "There are no enough active endpoints!" - return_value=1 - fi - fi - - return $return_value -} - -######################## -# Prints initial cluster nodes -# Globals: -# ETCD_* -# Arguments: -# None -# Returns: -# String -######################## -get_initial_cluster() { - local -a endpoints_array=() - local scheme port initial_members - read -r -a endpoints_array <<<"$(tr ',;' ' ' <<<"$ETCD_INITIAL_CLUSTER")" - if [[ ${#endpoints_array[@]} -gt 0 ]] && ! grep -sqE "://" <<<"$ETCD_INITIAL_CLUSTER"; then - # This piece of code assumes this container is used on a VM environment - # where ETCD_INITIAL_CLUSTER contains a comma-separated list of hostnames, - # and recreates it as follows: - # SCHEME://NODE_NAME:PEER_PORT - scheme="$(parse_uri "$ETCD_INITIAL_ADVERTISE_PEER_URLS" "scheme")" - port="$(parse_uri "$ETCD_INITIAL_ADVERTISE_PEER_URLS" "port")" - for nodePeer in "${endpoints_array[@]}"; do - initial_members+=("${nodePeer}=${scheme}://${nodePeer}:$port") - done - echo "${initial_members[*]}" | tr ' ' ',' - else - # Nothing to do - echo "$ETCD_INITIAL_CLUSTER" - fi -} - -######################## -# Recalculate initial cluster -# Globals: -# ETCD_* -# Arguments: -# None -# Returns: -# String -######################## -recalculate_initial_cluster() { - local -a endpoints_array initial_members - local domain host member_host member_port member_id port scheme - - if is_boolean_yes "$ETCD_ON_K8S"; then - read -r -a endpoints_array <<<"$(tr ',;' ' ' <<<"$(etcdctl_get_endpoints)")" - # This piece of code assumes this container is used on a K8s environment - # where etcd members are part of a statefulset that uses a headless service - # to create a unique FQDN per member. Under these circumstances, the - # ETCD_INITIAL_ADVERTISE_PEER_URLS are created as follows: - # SCHEME://POD_NAME.HEADLESS_SVC_DOMAIN:PEER_PORT - # - # Assuming this, we can extract the HEADLESS_SVC_DOMAIN - host="$(parse_uri "$ETCD_INITIAL_ADVERTISE_PEER_URLS" "host")" - scheme="$(parse_uri "$ETCD_INITIAL_ADVERTISE_PEER_URLS" "scheme")" - port="$(parse_uri "$ETCD_INITIAL_ADVERTISE_PEER_URLS" "port")" - domain="${host#"${ETCD_NAME}."}" - # When ETCD_CLUSTER_DOMAIN is set, we use that value instead of extracting - # it from ETCD_INITIAL_ADVERTISE_PEER_URLS - ! is_empty_value "$ETCD_CLUSTER_DOMAIN" && domain="$ETCD_CLUSTER_DOMAIN" - for e in "${endpoints_array[@]}"; do - member_host="$(parse_uri "$scheme://$e" "host")" - member_port="$(parse_uri "$scheme://$e" "port")" - member_id=${e%".$domain:$member_port"} - initial_members+=("${member_id}=${scheme}://${member_host}:$port") - done - echo "${initial_members[*]}" | tr ' ' ',' - else - # Nothing to do - echo "$ETCD_INITIAL_CLUSTER" - fi -} - -######################## -# Ensure etcd is initialized -# Globals: -# ETCD_* -# Arguments: -# None -# Returns: -# None -######################### -etcd_initialize() { - local -a extra_flags initial_members - local domain - - info "Initializing etcd" - - # Generate user configuration if ETCD_CFG_* variables are provided - etcd_setup_from_environment_variables - - ETCD_INITIAL_CLUSTER="$(get_initial_cluster)" - export ETCD_INITIAL_CLUSTER - [[ -f "$ETCD_CONF_FILE" ]] && etcd_conf_write "initial-cluster" "$ETCD_INITIAL_CLUSTER" - - read -r -a initial_members <<<"$(tr ',;' ' ' <<<"$ETCD_INITIAL_CLUSTER")" - if is_mounted_dir_empty "$ETCD_DATA_DIR"; then - info "There is no data from previous deployments" - if [[ ${#initial_members[@]} -gt 1 ]]; then - if is_new_etcd_cluster; then - info "Bootstrapping a new cluster" - if is_boolean_yes "$ETCD_ON_K8S"; then - debug "Waiting for the headless svc domain to have an IP per initial member in the cluster" - if is_empty_value "$ETCD_CLUSTER_DOMAIN"; then - # This piece of code assumes this container is used on a K8s environment - # where etcd members are part of a statefulset that uses a headless service - # to create a unique FQDN per member. Under these circumstances, the - # ETCD_INITIAL_ADVERTISE_PEER_URLS are created as follows: - # SCHEME://POD_NAME.HEADLESS_SVC_DOMAIN:PEER_PORT - # - # Assuming this, we can extract the HEADLESS_SVC_DOMAIN - host="$(parse_uri "$ETCD_INITIAL_ADVERTISE_PEER_URLS" "host")" - domain="${host#"${ETCD_NAME}."}" - else - # When ETCD_CLUSTER_DOMAIN is set, we use that value instead of extracting - # it from ETCD_INITIAL_ADVERTISE_PEER_URLS - domain="$ETCD_CLUSTER_DOMAIN" - fi - hostname_has_N_ips() { - local -r hostname="${1:?hostname is required}" - local -r n=${2:?number of ips is required} - local -r ready_hosts=$(getent ahosts "$hostname" | awk '{print $1}' | uniq | wc -l) - [[ $((ready_hosts % n)) -eq 0 ]] && [[ $((ready_hosts / n)) -ge 1 ]] && return 0 - return 1 - } - if ! retry_while "hostname_has_N_ips $domain ${#initial_members[@]}"; then - error "Headless service domain does not have an IP per initial member in the cluster" - exit 1 - fi - fi - else - info "Adding new member to existing cluster" - ensure_dir_exists "$ETCD_DATA_DIR" - add_self_to_cluster - fi - fi - if is_boolean_yes "$ETCD_START_FROM_SNAPSHOT"; then - if [[ -f "${ETCD_INIT_SNAPSHOTS_DIR}/${ETCD_INIT_SNAPSHOT_FILENAME}" ]]; then - info "Restoring snapshot before initializing etcd cluster" - local -a restore_args=("--data-dir" "$ETCD_DATA_DIR") - if [[ ${#initial_members[@]} -gt 1 ]]; then - # - # Only recalculate the initial cluster config if it hasn't - # been provided. - # - if is_empty_value "$ETCD_INITIAL_CLUSTER"; then - ETCD_INITIAL_CLUSTER="$(recalculate_initial_cluster)" - export ETCD_INITIAL_CLUSTER - fi - - [[ -f "$ETCD_CONF_FILE" ]] && etcd_conf_write "initial-cluster" "$ETCD_INITIAL_CLUSTER" - - restore_args+=( - "--name" "$ETCD_NAME" - "--initial-cluster" "$ETCD_INITIAL_CLUSTER" - "--initial-cluster-token" "$ETCD_INITIAL_CLUSTER_TOKEN" - "--initial-advertise-peer-urls" "$ETCD_INITIAL_ADVERTISE_PEER_URLS" - ) - fi - debug_execute etcdctl snapshot restore "${ETCD_INIT_SNAPSHOTS_DIR}/${ETCD_INIT_SNAPSHOT_FILENAME}" "${restore_args[@]}" - etcd_store_member_id - else - error "There was no snapshot to restore!" - exit 1 - fi - else - etcd_store_member_id - fi - else - info "Detected data from previous deployments" - if [[ $(stat -c "%a" "$ETCD_DATA_DIR") != *700 ]]; then - debug "Setting data directory permissions to 700 in a recursive way (required in etcd >=3.4.10)" - debug_execute chmod -R 700 "$ETCD_DATA_DIR" || true - fi - if [[ ${#initial_members[@]} -gt 1 ]]; then - member_id="$(get_member_id)" - if is_boolean_yes "$ETCD_DISABLE_PRESTOP"; then - info "The member will try to join the cluster by it's own" - export ETCD_INITIAL_CLUSTER_STATE=existing - elif ! is_healthy_etcd_cluster; then - warn "Cluster not responding!" - if is_boolean_yes "$ETCD_DISASTER_RECOVERY"; then - latest_snapshot_file="$(find /snapshots/ -maxdepth 1 -type f -name 'db-*' | sort | tail -n 1)" - if [[ "${latest_snapshot_file}" != "" ]]; then - info "Restoring etcd cluster from snapshot" - rm -rf "$ETCD_DATA_DIR" - # - # Only recalculate the initial cluster config if it hasn't - # been provided. - # - if is_empty_value "$ETCD_INITIAL_CLUSTER"; then - ETCD_INITIAL_CLUSTER="$(recalculate_initial_cluster)" - export ETCD_INITIAL_CLUSTER - fi - [[ -f "$ETCD_CONF_FILE" ]] && etcd_conf_write "initial-cluster" "$ETCD_INITIAL_CLUSTER" - debug_execute etcdctl snapshot restore "${latest_snapshot_file}" \ - --name "$ETCD_NAME" \ - --data-dir "$ETCD_DATA_DIR" \ - --initial-cluster "$ETCD_INITIAL_CLUSTER" \ - --initial-cluster-token "$ETCD_INITIAL_CLUSTER_TOKEN" \ - --initial-advertise-peer-urls "$ETCD_INITIAL_ADVERTISE_PEER_URLS" - etcd_store_member_id - else - error "There was no snapshot to restore!" - exit 1 - fi - else - warn "Disaster recovery is disabled, the cluster will try to recover on it's own" - fi - elif was_etcd_member_removed; then - info "Adding new member to existing cluster" - read -r -a extra_flags <<<"$(etcdctl_auth_flags)" - is_boolean_yes "$ETCD_ON_K8S" && extra_flags+=("--endpoints=$(etcdctl_get_endpoints)") - extra_flags+=("--peer-urls=$ETCD_INITIAL_ADVERTISE_PEER_URLS") - etcdctl member add "$ETCD_NAME" "${extra_flags[@]}" | grep "^ETCD_" >"$ETCD_NEW_MEMBERS_ENV_FILE" - replace_in_file "$ETCD_NEW_MEMBERS_ENV_FILE" "^" "export " - # The value of ETCD_INITIAL_CLUSTER_STATE must be changed for it to be correctly added to the existing cluster - # https://etcd.io/docs/v3.5/op-guide/configuration/#--initial-cluster-state - export ETCD_INITIAL_CLUSTER_STATE=existing - etcd_store_member_id - elif ! is_empty_value "$member_id"; then - info "Updating member in existing cluster" - export ETCD_INITIAL_CLUSTER_STATE=existing - [[ -f "$ETCD_CONF_FILE" ]] && etcd_conf_write "initial-cluster-state" "$ETCD_INITIAL_CLUSTER_STATE" - read -r -a extra_flags <<<"$(etcdctl_auth_flags)" - extra_flags+=("--peer-urls=$ETCD_INITIAL_ADVERTISE_PEER_URLS") - if is_boolean_yes "$ETCD_ON_K8S"; then - extra_flags+=("--endpoints=$(etcdctl_get_endpoints)") - etcdctl member update "$member_id" "${extra_flags[@]}" - else - etcd_start_bg - etcdctl member update "$member_id" "${extra_flags[@]}" - etcd_stop - fi - else - info "Member ID wasn't properly stored, the member will try to join the cluster by it's own" - export ETCD_INITIAL_CLUSTER_STATE=existing - [[ -f "$ETCD_CONF_FILE" ]] && etcd_conf_write "initial-cluster-state" "$ETCD_INITIAL_CLUSTER_STATE" - fi - fi - fi - - # For both existing and new deployments, configure RBAC if set - if [[ ${#initial_members[@]} -gt 1 ]]; then - # When there's more than one etcd replica, RBAC should be only enabled in one member - if ! is_empty_value "$ETCD_ROOT_PASSWORD" && [[ "${initial_members[0]}" = *"$ETCD_INITIAL_ADVERTISE_PEER_URLS"* ]]; then - etcd_configure_rbac - else - debug "Skipping RBAC configuration in member $ETCD_NAME" - fi - else - ! is_empty_value "$ETCD_ROOT_PASSWORD" && etcd_configure_rbac - fi - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Add self to cluster if not -# Globals: -# ETCD_* -# Arguments: -# None -# Returns: -# None -######################### -add_self_to_cluster() { - local -a extra_flags - read -r -a extra_flags <<<"$(etcdctl_auth_flags)" - # is_healthy_etcd_cluster will also set ETCD_ACTIVE_ENDPOINTS - while ! is_healthy_etcd_cluster; do - warn "Cluster not healthy, not adding self to cluster for now, keeping trying..." - sleep 10 - done - - # only send req to healthy nodes - - if is_empty_value "$(get_member_id)"; then - extra_flags+=("--endpoints=${ETCD_ACTIVE_ENDPOINTS}" "--peer-urls=$ETCD_INITIAL_ADVERTISE_PEER_URLS") - while ! etcdctl member add "$ETCD_NAME" "${extra_flags[@]}" | grep "^ETCD_" >"$ETCD_NEW_MEMBERS_ENV_FILE"; do - warn "Failed to add self to cluster, keeping trying..." - sleep 10 - done - replace_in_file "$ETCD_NEW_MEMBERS_ENV_FILE" "^" "export " - sync -d "$ETCD_NEW_MEMBERS_ENV_FILE" - else - info "Node already in cluster" - fi - info "Loading env vars of existing cluster" - . "$ETCD_NEW_MEMBERS_ENV_FILE" -} - -######################## -# Get this node's member_id in cluster, if not in cluster return empty string -# Globals: -# ETCD_* -# Arguments: -# None -# Returns: -# String -######################### -get_member_id() { - if ! is_boolean_yes "$ETCD_DISABLE_STORE_MEMBER_ID"; then - if [[ ! -s "${ETCD_DATA_DIR}/member_id" ]]; then - echo "" - return 0 - fi - cat "${ETCD_DATA_DIR}/member_id" - return 0 - fi - local ret - local -a extra_flags - - local etcd_active_endpoints=${ETCD_ACTIVE_ENDPOINTS:-} - if is_empty_value "${etcd_active_endpoints}"; then - setup_etcd_active_endpoints >/dev/null 2>&1 - fi - - read -r -a extra_flags <<<"$(etcdctl_auth_flags)" - extra_flags+=("--endpoints=${ETCD_ACTIVE_ENDPOINTS}") - ret=$(etcdctl "${extra_flags[@]}" member list | grep -w "$ETCD_INITIAL_ADVERTISE_PEER_URLS" | awk -F "," '{ print $1 }') - # if not return zero - if is_empty_value "$ret"; then - info "No member id found" - echo "" - else - info "member id: $ret" - echo "$ret" - fi -} diff --git a/bitnami/etcd/3.4/debian-11/tags-info.yaml b/bitnami/etcd/3.4/debian-11/tags-info.yaml deleted file mode 100644 index 4c66f8209311..000000000000 --- a/bitnami/etcd/3.4/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "3.4" -- 3.4-debian-11 -- 3.4.30 diff --git a/bitnami/etcd/3.5/debian-11/Dockerfile b/bitnami/etcd/3.5/debian-11/Dockerfile deleted file mode 100644 index 6a1e48f621e5..000000000000 --- a/bitnami/etcd/3.5/debian-11/Dockerfile +++ /dev/null @@ -1,59 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T16:23:32Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="3.5.12-debian-11-r21" \ - org.opencontainers.image.title="etcd" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="3.5.12" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "yq-4.41.1-0-linux-${OS_ARCH}-debian-11" \ - "etcd-3.5.12-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y ca-certificates curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/etcd/postunpack.sh -ENV APP_VERSION="3.5.12" \ - BITNAMI_APP_NAME="etcd" \ - ETCDCTL_API="3" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/etcd/bin:$PATH" - -EXPOSE 2379 2380 - -WORKDIR /opt/bitnami/etcd -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/etcd/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/etcd/run.sh" ] diff --git a/bitnami/etcd/3.5/debian-11/docker-compose.yml b/bitnami/etcd/3.5/debian-11/docker-compose.yml deleted file mode 100644 index e6ef9eef5439..000000000000 --- a/bitnami/etcd/3.5/debian-11/docker-compose.yml +++ /dev/null @@ -1,15 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' - -services: - etcd: - image: docker.io/bitnami/etcd:3.5 - environment: - - ALLOW_NONE_AUTHENTICATION=yes - volumes: - - etcd_data:/bitnami/etcd -volumes: - etcd_data: - driver: local diff --git a/bitnami/etcd/3.5/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/etcd/3.5/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 1832fb8ab8e9..000000000000 --- a/bitnami/etcd/3.5/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "etcd": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.5.12-1" - }, - "yq": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "4.41.1-0" - } -} \ No newline at end of file diff --git a/bitnami/etcd/3.5/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/etcd/3.5/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/etcd/3.5/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/etcd/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/etcd/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/etcd/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/etcd/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/etcd/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/etcd/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/etcd/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/etcd/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/etcd/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/etcd/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/etcd/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/etcd/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/etcd/3.5/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/etcd/3.5/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/etcd/3.5/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/etcd/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/etcd/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/etcd/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/etcd/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/etcd/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/etcd/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/etcd/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/etcd/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/etcd/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/etcd/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/etcd/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/etcd/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/etcd/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/etcd/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/etcd/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/etcd/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/etcd/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/etcd/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/etcd/3.5/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/etcd/3.5/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/etcd/3.5/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/etcd/3.5/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/etcd/3.5/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/etcd/3.5/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/etcd/3.5/debian-11/rootfs/opt/bitnami/scripts/etcd-env.sh b/bitnami/etcd/3.5/debian-11/rootfs/opt/bitnami/scripts/etcd-env.sh deleted file mode 100644 index 5ab58995c4c1..000000000000 --- a/bitnami/etcd/3.5/debian-11/rootfs/opt/bitnami/scripts/etcd-env.sh +++ /dev/null @@ -1,116 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for etcd - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-etcd}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -etcd_env_vars=( - ETCD_SNAPSHOTS_DIR - ETCD_SNAPSHOT_HISTORY_LIMIT - ETCD_INIT_SNAPSHOTS_DIR - ALLOW_NONE_AUTHENTICATION - ETCD_ROOT_PASSWORD - ETCD_CLUSTER_DOMAIN - ETCD_START_FROM_SNAPSHOT - ETCD_DISASTER_RECOVERY - ETCD_ON_K8S - ETCD_INIT_SNAPSHOT_FILENAME - ETCDCTL_API - ETCD_DISABLE_STORE_MEMBER_ID - ETCD_DISABLE_PRESTOP - ETCD_NAME - ETCD_LOG_LEVEL - ETCD_LISTEN_CLIENT_URLS - ETCD_ADVERTISE_CLIENT_URLS - ETCD_INITIAL_CLUSTER - ETCD_INITIAL_CLUSTER_STATE - ETCD_LISTEN_PEER_URLS - ETCD_INITIAL_ADVERTISE_PEER_URLS - ETCD_INITIAL_CLUSTER_TOKEN - ETCD_AUTO_TLS - ETCD_CERT_FILE - ETCD_KEY_FILE - ETCD_TRUSTED_CA_FILE - ETCD_CLIENT_CERT_AUTH - ETCD_PEER_AUTO_TLS -) -for env_var in "${etcd_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset etcd_env_vars - -# Paths -export ETCD_BASE_DIR="/opt/bitnami/etcd" -export ETCD_VOLUME_DIR="/bitnami/etcd" -export ETCD_BIN_DIR="${ETCD_BASE_DIR}/bin" -export ETCD_DATA_DIR="${ETCD_VOLUME_DIR}/data" -export ETCD_CONF_DIR="${ETCD_BASE_DIR}/conf" -export ETCD_TMP_DIR="${ETCD_BASE_DIR}/tmp" -export ETCD_CONF_FILE="${ETCD_CONF_DIR}/etcd.yaml" -export ETCD_SNAPSHOTS_DIR="${ETCD_SNAPSHOTS_DIR:-/snapshots}" -export ETCD_SNAPSHOT_HISTORY_LIMIT="${ETCD_SNAPSHOT_HISTORY_LIMIT:-1}" -export ETCD_INIT_SNAPSHOTS_DIR="${ETCD_INIT_SNAPSHOTS_DIR:-/init-snapshot}" -export ETCD_NEW_MEMBERS_ENV_FILE="${ETCD_DATA_DIR}/new_member_envs" -export PATH="${ETCD_BIN_DIR}:${BITNAMI_ROOT_DIR}/common/bin:${PATH}" - -# System users (when running with a privileged user) -export ETCD_DAEMON_USER="etcd" -export ETCD_DAEMON_GROUP="etcd" - -# etcd settings -export ALLOW_NONE_AUTHENTICATION="${ALLOW_NONE_AUTHENTICATION:-no}" -export ETCD_ROOT_PASSWORD="${ETCD_ROOT_PASSWORD:-}" -export ETCD_CLUSTER_DOMAIN="${ETCD_CLUSTER_DOMAIN:-}" -export ETCD_START_FROM_SNAPSHOT="${ETCD_START_FROM_SNAPSHOT:-no}" -export ETCD_DISASTER_RECOVERY="${ETCD_DISASTER_RECOVERY:-no}" -export ETCD_ON_K8S="${ETCD_ON_K8S:-no}" -export ETCD_INIT_SNAPSHOT_FILENAME="${ETCD_INIT_SNAPSHOT_FILENAME:-}" -export ETCDCTL_API="${ETCDCTL_API:-3}" -export ETCD_DISABLE_STORE_MEMBER_ID="${ETCD_DISABLE_STORE_MEMBER_ID:-no}" -export ETCD_DISABLE_PRESTOP="${ETCD_DISABLE_PRESTOP:-no}" - -# etcd native environment variables (see https://etcd.io/docs/current/op-guide/configuration) -export ETCD_NAME="${ETCD_NAME:-}" -export ETCD_LOG_LEVEL="${ETCD_LOG_LEVEL:-info}" -export ETCD_LISTEN_CLIENT_URLS="${ETCD_LISTEN_CLIENT_URLS:-http://0.0.0.0:2379}" -export ETCD_ADVERTISE_CLIENT_URLS="${ETCD_ADVERTISE_CLIENT_URLS:-http://127.0.0.1:2379}" -export ETCD_INITIAL_CLUSTER="${ETCD_INITIAL_CLUSTER:-}" -export ETCD_INITIAL_CLUSTER_STATE="${ETCD_INITIAL_CLUSTER_STATE:-}" -export ETCD_LISTEN_PEER_URLS="${ETCD_LISTEN_PEER_URLS:-}" -export ETCD_INITIAL_ADVERTISE_PEER_URLS="${ETCD_INITIAL_ADVERTISE_PEER_URLS:-}" -export ETCD_INITIAL_CLUSTER_TOKEN="${ETCD_INITIAL_CLUSTER_TOKEN:-}" -export ETCD_AUTO_TLS="${ETCD_AUTO_TLS:-false}" -export ETCD_CERT_FILE="${ETCD_CERT_FILE:-}" -export ETCD_KEY_FILE="${ETCD_KEY_FILE:-}" -export ETCD_TRUSTED_CA_FILE="${ETCD_TRUSTED_CA_FILE:-}" -export ETCD_CLIENT_CERT_AUTH="${ETCD_CLIENT_CERT_AUTH:-false}" -export ETCD_PEER_AUTO_TLS="${ETCD_PEER_AUTO_TLS:-false}" - -# Custom environment variables may be defined below diff --git a/bitnami/etcd/3.5/debian-11/rootfs/opt/bitnami/scripts/etcd/entrypoint.sh b/bitnami/etcd/3.5/debian-11/rootfs/opt/bitnami/scripts/etcd/entrypoint.sh deleted file mode 100755 index a41110e95496..000000000000 --- a/bitnami/etcd/3.5/debian-11/rootfs/opt/bitnami/scripts/etcd/entrypoint.sh +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -# Load etcd environment variables -. /opt/bitnami/scripts/etcd-env.sh - -print_welcome_page - -if [[ "$1" = "/opt/bitnami/scripts/etcd/run.sh" ]]; then - info "** Starting etcd setup **" - /opt/bitnami/scripts/etcd/setup.sh - info "** etcd setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/etcd/3.5/debian-11/rootfs/opt/bitnami/scripts/etcd/healthcheck.sh b/bitnami/etcd/3.5/debian-11/rootfs/opt/bitnami/scripts/etcd/healthcheck.sh deleted file mode 100755 index 3c978b7a5c78..000000000000 --- a/bitnami/etcd/3.5/debian-11/rootfs/opt/bitnami/scripts/etcd/healthcheck.sh +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o pipefail -set -o nounset - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/libetcd.sh - -# Load etcd environment settings -. /opt/bitnami/scripts/etcd-env.sh - -read -r -a advertised_array <<< "$(tr ',;' ' ' <<< "$ETCD_ADVERTISE_CLIENT_URLS")" -host="$(parse_uri "${advertised_array[0]}" "host")" -port="$(parse_uri "${advertised_array[0]}" "port")" -read -r -a extra_flags <<< "$(etcdctl_auth_flags)" -extra_flags+=("--endpoints=${host}:${port}") -if [[ $ETCD_AUTO_TLS = true ]]; then - extra_flags+=("--insecure-skip-tls-verify") -fi -if etcdctl endpoint health "${extra_flags[@]}"; then - exit 0 -else - error "Unhealthy endpoint!" - exit 1 -fi diff --git a/bitnami/etcd/3.5/debian-11/rootfs/opt/bitnami/scripts/etcd/postunpack.sh b/bitnami/etcd/3.5/debian-11/rootfs/opt/bitnami/scripts/etcd/postunpack.sh deleted file mode 100755 index 57d97c8c8ac6..000000000000 --- a/bitnami/etcd/3.5/debian-11/rootfs/opt/bitnami/scripts/etcd/postunpack.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh - -# Load etcd environment variables -. /opt/bitnami/scripts/etcd-env.sh - -for dir in "$ETCD_BIN_DIR" "$ETCD_DATA_DIR" "${ETCD_BASE_DIR}/certs"; do - ensure_dir_exists "$dir" -done -chmod -R g+rwX "$ETCD_DATA_DIR" "${ETCD_BASE_DIR}/certs" diff --git a/bitnami/etcd/3.5/debian-11/rootfs/opt/bitnami/scripts/etcd/prestop.sh b/bitnami/etcd/3.5/debian-11/rootfs/opt/bitnami/scripts/etcd/prestop.sh deleted file mode 100755 index b540eec49053..000000000000 --- a/bitnami/etcd/3.5/debian-11/rootfs/opt/bitnami/scripts/etcd/prestop.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 -set -o errexit -set -o pipefail -set -o nounset -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libetcd.sh - -# Load etcd environment settings -. /opt/bitnami/scripts/etcd-env.sh - -if is_boolean_yes "$ETCD_DISABLE_PRESTOP"; then - return 0 -fi - -endpoints="$(etcdctl_get_endpoints true)" -if is_empty_value "${endpoints}"; then - exit 0 -fi -read -r -a extra_flags <<<"$(etcdctl_auth_flags)" -extra_flags+=("--endpoints=${endpoints}" "--debug=true") -# We use 'sync' to ensure memory buffers are flushed to disk -# so we reduce the chances that the "member_removal.log" file is empty. -# ref: https://man7.org/linux/man-pages/man1/sync.1.html -etcdctl member remove "$(get_member_id)" "${extra_flags[@]}" >"$(dirname "$ETCD_DATA_DIR")/member_removal.log" -sync -d "$(dirname "$ETCD_DATA_DIR")/member_removal.log" diff --git a/bitnami/etcd/3.5/debian-11/rootfs/opt/bitnami/scripts/etcd/run.sh b/bitnami/etcd/3.5/debian-11/rootfs/opt/bitnami/scripts/etcd/run.sh deleted file mode 100755 index e9ce00f19e69..000000000000 --- a/bitnami/etcd/3.5/debian-11/rootfs/opt/bitnami/scripts/etcd/run.sh +++ /dev/null @@ -1,41 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libetcd.sh - -# Load etcd environment variables -. /opt/bitnami/scripts/etcd-env.sh - -is_empty_value "$ETCD_ROOT_PASSWORD" && unset ETCD_ROOT_PASSWORD -if [[ -f "$ETCD_NEW_MEMBERS_ENV_FILE" ]]; then - debug "Loading env vars of existing cluster" - . "$ETCD_NEW_MEMBERS_ENV_FILE" - # We rely on the original value of ETCD_INITIAL_CLUSTER - # when bootstrapping a new cluster since - # we need all initial members to calcualte a same cluster_id -fi - -declare -a cmd=("etcd") -# If provided, run using configuration file -# Using a configuration file will cause etcd to ignore other flags and environment variables -[[ -f "$ETCD_CONF_FILE" ]] && cmd+=("--config-file" "$ETCD_CONF_FILE") -cmd+=("$@") - -info "** Starting etcd **" -if am_i_root; then - exec_as_user "$ETCD_DAEMON_USER" "${cmd[@]}" -else - exec "${cmd[@]}" -fi diff --git a/bitnami/etcd/3.5/debian-11/rootfs/opt/bitnami/scripts/etcd/setup.sh b/bitnami/etcd/3.5/debian-11/rootfs/opt/bitnami/scripts/etcd/setup.sh deleted file mode 100755 index 2e9d28fad543..000000000000 --- a/bitnami/etcd/3.5/debian-11/rootfs/opt/bitnami/scripts/etcd/setup.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libetcd.sh - -# Load etcd environment settings -. /opt/bitnami/scripts/etcd-env.sh - -# Ensure etcd environment settings are valid -etcd_validate -# Ensure etcd is stopped when this script ends. -trap "etcd_stop" EXIT -# Ensure 'daemon' user exists when running as 'root' -am_i_root && ensure_user_exists "$ETCD_DAEMON_USER" --group "$ETCD_DAEMON_GROUP" -# Ensure etcd is initialized -etcd_initialize diff --git a/bitnami/etcd/3.5/debian-11/rootfs/opt/bitnami/scripts/etcd/snapshot.sh b/bitnami/etcd/3.5/debian-11/rootfs/opt/bitnami/scripts/etcd/snapshot.sh deleted file mode 100755 index 99c7c8209484..000000000000 --- a/bitnami/etcd/3.5/debian-11/rootfs/opt/bitnami/scripts/etcd/snapshot.sh +++ /dev/null @@ -1,40 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o pipefail -set -o nounset - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libetcd.sh - -# Load etcd environment settings -. /opt/bitnami/scripts/etcd-env.sh - -ensure_dir_exists "$ETCD_SNAPSHOTS_DIR" -endpoints="$(etcdctl_get_endpoints)" -read -r -a endpoints_array <<< "$(tr ',;' ' ' <<< "$endpoints")" -for e in "${endpoints_array[@]}"; do - debug "Using endpoint $e" - read -r -a extra_flags <<< "$(etcdctl_auth_flags)" - extra_flags+=("--endpoints=$e") - if etcdctl endpoint health "${extra_flags[@]}"; then - info "Snapshotting the keyspace" - current_time="$(date -u "+%Y-%m-%d_%H-%M")" - etcdctl snapshot save "${ETCD_SNAPSHOTS_DIR}/db-${current_time}" "${extra_flags[@]}" - find "${ETCD_SNAPSHOTS_DIR}/" -maxdepth 1 -type f -name 'db-*' \! -name "db-${current_time}" \ - | sort -r \ - | tail -n+$((1 + ETCD_SNAPSHOT_HISTORY_LIMIT)) \ - | xargs rm -f - exit 0 - else - warn "etcd endpoint $e not healthy. Trying a different endpoint" - fi -done -error "all etcd endpoints are unhealthy!" -exit 1 diff --git a/bitnami/etcd/3.5/debian-11/rootfs/opt/bitnami/scripts/libetcd.sh b/bitnami/etcd/3.5/debian-11/rootfs/opt/bitnami/scripts/libetcd.sh deleted file mode 100644 index 215b934a70fc..000000000000 --- a/bitnami/etcd/3.5/debian-11/rootfs/opt/bitnami/scripts/libetcd.sh +++ /dev/null @@ -1,818 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami etcd library - -# shellcheck disable=SC1090,SC1091,SC2119,SC2120 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/libservice.sh - -# Functions - -######################## -# Write a configuration setting value -# Globals: -# ETCD_CONF_FILE -# Arguments: -# $1 - key -# $2 - value -# $3 - YAML type (string, int or bool) -# Returns: -# None -######################### -etcd_conf_write() { - local -r key="${1:?Missing key}" - local -r value="${2:-}" - local -r type="${3:-string}" - local -r tempfile=$(mktemp) - - [[ -z "$value" ]] && return - [[ ! -f "$ETCD_CONF_FILE" ]] && touch "$ETCD_CONF_FILE" - case "$type" in - string) - yq eval "(.${key}) |= \"${value}\"" "$ETCD_CONF_FILE" >"$tempfile" - ;; - bool) - yq eval "(.${key}) |= (\"${value}\" | test(\"true\"))" "$ETCD_CONF_FILE" >"$tempfile" - ;; - raw) - yq eval "(.${key}) |= ${value}" "$ETCD_CONF_FILE" >"$tempfile" - ;; - *) - error "Type unknown: ${type}" - return 1 - ;; - esac - cp "$tempfile" "$ETCD_CONF_FILE" -} - -######################## -# Creates etcd configuration file from environment variables -# Globals: -# ETCD_CFG_* -# Arguments: -# None -# Returns: -# None -######################### -etcd_setup_from_environment_variables() { - ## Except for Client and Peer TLS configuration, - ## all etcd settings consists of ETCD_FLAG_NAME - ## transformed into flag-name and configured under the yaml config root. - local -a client_tls_values=( - "ETCD_CFG_CERT_FILE" - "ETCD_CFG_KEY_FILE" - "ETCD_CFG_CLIENT_CERT_AUTH" - "ETCD_CFG_TRUSTED_CA_FILE" - "ETCD_CFG_AUTO_TLS" - "ETCD_CFG_CA_FILE" - ) - info "Generating etcd config file using env variables" - # Map environment variables to config properties for cassandra-env.sh - for var in "${!ETCD_CFG_@}"; do - value="${!var:-}" - if [[ -n "$value" ]]; then - type="string" - # Detect if value is digit or bool - if [[ "$value" =~ ^[+-]?[0-9]+([.][0-9]+)?$ || "$value" =~ ^(true|false)$ ]]; then - type="raw" - fi - if [[ ${client_tls_values[*]} =~ ${var} ]]; then - key="$(echo "$var" | sed -e 's/^ETCD_CFG_//g' -e 's/_/-/g' | tr '[:upper:]' '[:lower:]')" - etcd_conf_write "client-transport-security.${key}" "$value" "$type" - elif [[ "$var" =~ "ETCD_CFG_CLIENT_" ]]; then - key="$(echo "$var" | sed -e 's/^ETCD_CFG_CLIENT_//g' -e 's/_/-/g' | tr '[:upper:]' '[:lower:]')" - etcd_conf_write "client-transport-security.${key}" "$value" "$type" - elif [[ "$var" =~ "ETCD_CFG_PEER_" ]]; then - key="$(echo "$var" | sed -e 's/^ETCD_CFG_PEER_//g' -e 's/_/-/g' | tr '[:upper:]' '[:lower:]')" - etcd_conf_write "peer-transport-security.${key}" "$value" "$type" - else - # shellcheck disable=SC2001 - key="$(echo "$var" | sed -e 's/^ETCD_CFG_//g' -e 's/_/-/g' | tr '[:upper:]' '[:lower:]')" - etcd_conf_write "$key" "$value" "$type" - fi - fi - done - if am_i_root; then - chown "$ETCD_DAEMON_USER" "$ETCD_CONF_FILE" - fi -} - -######################## -# Validate settings in ETCD_* environment variables -# Globals: -# ETCD_* -# Arguments: -# None -# Returns: -# None -######################### -etcd_validate() { - info "Validating settings in ETCD_* env vars.." - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if is_boolean_yes "$ALLOW_NONE_AUTHENTICATION"; then - warn "You set the environment variable ALLOW_NONE_AUTHENTICATION=${ALLOW_NONE_AUTHENTICATION}. For safety reasons, do not use this flag in a production environment." - else - is_empty_value "$ETCD_ROOT_PASSWORD" && print_validation_error "The ETCD_ROOT_PASSWORD environment variable is empty or not set. Set the environment variable ALLOW_NONE_AUTHENTICATION=yes to allow a blank password. This is only recommended for development environments." - fi - if is_boolean_yes "$ETCD_START_FROM_SNAPSHOT" && [[ ! -f "${ETCD_INIT_SNAPSHOTS_DIR}/${ETCD_INIT_SNAPSHOT_FILENAME}" ]]; then - print_validation_error "You are trying to initialize etcd from a snapshot, but no snapshot was found. Set the environment variable ETCD_INIT_SNAPSHOT_FILENAME with the snapshot filename and mount it at '${ETCD_INIT_SNAPSHOTS_DIR}' directory." - fi - - [[ "$error_code" -eq 0 ]] || return "$error_code" -} - -######################## -# Check if etcd is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_etcd_running() { - local pid - pid="$(pgrep -f "^etcd" || true)" - - # etcd does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - if [[ -n "${ETCD_PID_FILE:-}" ]]; then - echo "$pid" >"$ETCD_PID_FILE" - fi - - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if etcd is running -# Globals: -# ETCD_PID_FILE -# Arguments: -# None -# Returns: -# Whether etcd is not running -######################## -is_etcd_not_running() { - ! is_etcd_running -} - -######################## -# Stop etcd -# Arguments: -# None -# Returns: -# None -######################### -etcd_stop() { - local pid - ! is_etcd_running && return - - info "Stopping etcd" - # Ensure process matches etcd binary with or without options - pid="$(pgrep -f "^etcd")" - local counter=10 - kill "$pid" - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start etcd in background -# Arguments: -# None -# Returns: -# None -######################### -etcd_start_bg() { - is_etcd_running && return - - info "Starting etcd in background" - local start_command=("etcd") - am_i_root && start_command=("run_as_user" "$ETCD_DAEMON_USER" "${start_command[@]}") - [[ -f "$ETCD_CONF_FILE" ]] && start_command+=("--config-file" "$ETCD_CONF_FILE") - debug_execute "${start_command[@]}" & - sleep 3 -} - -######################## -# Obtain endpoints to connect when running 'ectdctl' -# Globals: -# ETCD_* -# Arguments: -# $1 - exclude current member from the list (default: false) -# Returns: -# String -######################## -etcdctl_get_endpoints() { - local only_others=${1:-false} - local -a endpoints=() - local host domain port - - ip_has_valid_hostname() { - local ip="${1:?ip is required}" - local parent_domain="${1:?parent_domain is required}" - - # 'getent hosts $ip' can return hostnames in 2 different formats: - # POD_NAME.HEADLESS_SVC_DOMAIN.NAMESPACE.svc.cluster.local (using headless service domain) - # 10-237-136-79.SVC_DOMAIN.NAMESPACE.svc.cluster.local (using POD's IP and service domain) - # We need to discard the latter to avoid issues when TLS verification is enabled. - [[ "$(getent hosts "$ip")" = *"$parent_domain"* ]] && return 0 - return 1 - } - - hostname_has_ips() { - local hostname="${1:?hostname is required}" - [[ "$(getent ahosts "$hostname")" != "" ]] && return 0 - return 1 - } - - # This piece of code assumes this code is executed on a K8s environment - # where etcd members are part of a statefulset that uses a headless service - # to create a unique FQDN per member. Under these circumstances, the - # ETCD_ADVERTISE_CLIENT_URLS env. variable is created as follows: - # SCHEME://POD_NAME.HEADLESS_SVC_DOMAIN:CLIENT_PORT,SCHEME://SVC_DOMAIN:SVC_CLIENT_PORT - # - # Assuming this, we can extract the HEADLESS_SVC_DOMAIN and obtain - # every available endpoint - read -r -a advertised_array <<<"$(tr ',;' ' ' <<<"$ETCD_ADVERTISE_CLIENT_URLS")" - host="$(parse_uri "${advertised_array[0]}" "host")" - port="$(parse_uri "${advertised_array[0]}" "port")" - domain="${host#"${ETCD_NAME}."}" - # When ETCD_CLUSTER_DOMAIN is set, we use that value instead of extracting - # it from ETCD_ADVERTISE_CLIENT_URLS - ! is_empty_value "$ETCD_CLUSTER_DOMAIN" && domain="$ETCD_CLUSTER_DOMAIN" - # Depending on the K8s distro & the DNS plugin, it might need - # a few seconds to associate the POD(s) IP(s) to the headless svc domain - if retry_while "hostname_has_ips $domain"; then - local -r ahosts="$(getent ahosts "$domain" | awk '{print $1}' | uniq | wc -l)" - for i in $(seq 0 $((ahosts - 1))); do - # We use the StatefulSet name stored in MY_STS_NAME to get the peer names based on the number of IPs registered in the headless service - pod_name="${MY_STS_NAME}-${i}" - if ! { [[ $only_others = true ]] && [[ "$pod_name" = "$MY_POD_NAME" ]]; }; then - endpoints+=("${pod_name}.${ETCD_CLUSTER_DOMAIN}:${port:-2380}") - fi - done - fi - echo "${endpoints[*]}" | tr ' ' ',' -} - -######################## -# Obtain etcdctl authentication flags to use -# Globals: -# ETCD_* -# Arguments: -# None -# Returns: -# Array with extra flags to use for authentication -######################### -etcdctl_auth_flags() { - local -a authFlags=() - - ! is_empty_value "$ETCD_ROOT_PASSWORD" && authFlags+=("--user" "root:$ETCD_ROOT_PASSWORD") - if [[ $ETCD_AUTO_TLS = true ]]; then - authFlags+=("--cert" "${ETCD_DATA_DIR}/fixtures/client/cert.pem" "--key" "${ETCD_DATA_DIR}/fixtures/client/key.pem") - else - [[ -f "$ETCD_CERT_FILE" ]] && [[ -f "$ETCD_KEY_FILE" ]] && authFlags+=("--cert" "$ETCD_CERT_FILE" "--key" "$ETCD_KEY_FILE") - [[ -f "$ETCD_TRUSTED_CA_FILE" ]] && authFlags+=("--cacert" "$ETCD_TRUSTED_CA_FILE") - fi - echo "${authFlags[@]}" -} - -######################## -# Stores etcd member ID in the data directory -# Globals: -# ETCD_* -# Arguments: -# None -# Returns: -# None -######################## -etcd_store_member_id() { - if is_boolean_yes "$ETCD_DISABLE_STORE_MEMBER_ID"; then - return 0 - fi - local -a extra_flags - local member_id="" - info "Obtaining cluster member ID" - etcd_start_bg - read -r -a extra_flags <<<"$(etcdctl_auth_flags)" - is_boolean_yes "$ETCD_ON_K8S" && extra_flags+=("--endpoints=$(etcdctl_get_endpoints)") - if retry_while "etcdctl ${extra_flags[*]:-} member list" >/dev/null 2>&1; then - while is_empty_value "$member_id"; do - read -r -a advertised_array <<<"$(tr ',;' ' ' <<<"$ETCD_ADVERTISE_CLIENT_URLS")" - member_id="$(etcdctl "${extra_flags[@]}" member list | grep -w "${advertised_array[0]}" | awk -F "," '{ print $1}' || true)" - done - # We use 'sync' to ensure memory buffers are flushed to disk - # so we reduce the chances that the "member_id" file is empty. - # ref: https://man7.org/linux/man-pages/man1/sync.1.html - echo "$member_id" >"${ETCD_DATA_DIR}/member_id" - sync -d "${ETCD_DATA_DIR}/member_id" - info "Stored member ID: $(cat "${ETCD_DATA_DIR}/member_id")" - fi - etcd_stop -} - -######################## -# Configure etcd RBAC (do not confuse with K8s RBAC) -# Globals: -# ETCD_* -# Arguments: -# None -# Returns: -# None -######################## -etcd_configure_rbac() { - - ! is_etcd_running && etcd_start_bg - read -r -a extra_flags <<<"$(etcdctl_auth_flags)" - - is_boolean_yes "$ETCD_ON_K8S" && extra_flags+=("--endpoints=$(etcdctl_get_endpoints)") - if retry_while "etcdctl ${extra_flags[*]} member list" >/dev/null 2>&1; then - if retry_while "etcdctl ${extra_flags[*]} auth status" >/dev/null 2>&1; then - if etcdctl "${extra_flags[@]}" auth status | grep -q "Authentication Status: true"; then - info "Authentication already enabled" - else - info "Enabling etcd authentication" - is_boolean_yes "$ETCD_ON_K8S" && extra_flags=("--endpoints=$(etcdctl_get_endpoints)") - etcdctl "${extra_flags[@]}" user add root --interactive=false <<<"$ETCD_ROOT_PASSWORD" - etcdctl "${extra_flags[@]}" user grant-role root root - etcdctl "${extra_flags[@]}" auth enable - fi - fi - fi - etcd_stop -} - -######################## -# Checks if the member was successfully removed from the cluster -# Globals: -# ETCD_* -# Arguments: -# None -# Returns: -# None -######################## -was_etcd_member_removed() { - local return_value=0 - - if grep -sqE "^Member[[:space:]]+[a-z0-9]+\s+removed\s+from\s+cluster\s+[a-z0-9]+$" "${ETCD_VOLUME_DIR}/member_removal.log"; then - debug "Removal was properly recorded in member_removal.log" - rm -rf "${ETCD_DATA_DIR:?}/"* - elif [[ ! -d "${ETCD_DATA_DIR}/member/snap" ]] && is_empty_value "$(get_member_id)"; then - debug "Missing member data" - rm -rf "${ETCD_DATA_DIR:?}/"* - else - return_value=1 - fi - rm -f "${ETCD_VOLUME_DIR}/member_removal.log" - return $return_value -} - -######################## -# Checks if etcd needs to bootstrap a new cluster -# Globals: -# ETCD_* -# Arguments: -# None -# Returns: -# Boolean -######################## -is_new_etcd_cluster() { - [[ "$ETCD_INITIAL_CLUSTER_STATE" = "new" ]] && [[ "$ETCD_INITIAL_CLUSTER" = *"$ETCD_INITIAL_ADVERTISE_PEER_URLS"* ]] -} - -######################## -# Setup ETCD_ACTIVE_ENDPOINTS environment variable, will return the number of active endpoints , cluster size (including not active member) and the ETCD_ACTIVE_ENDPOINTS (which is also export) -# Globals: -# ETCD_* -# Arguments: -# None -# Returns: -# List of Numbers (active_endpoints, cluster_size, ETCD_ACTIVE_ENDPOINTS) -######################## -setup_etcd_active_endpoints() { - local active_endpoints=0 - local -a extra_flags active_endpoints_array - local -a endpoints_array=() - local host port - - is_boolean_yes "$ETCD_ON_K8S" && read -r -a endpoints_array <<<"$(tr ',;' ' ' <<<"$(etcdctl_get_endpoints)")" - local -r cluster_size=${#endpoints_array[@]} - read -r -a advertised_array <<<"$(tr ',;' ' ' <<<"$ETCD_ADVERTISE_CLIENT_URLS")" - host="$(parse_uri "${advertised_array[0]}" "host")" - port="$(parse_uri "${advertised_array[0]}" "port")" - if [[ $cluster_size -gt 0 ]]; then - for e in "${endpoints_array[@]}"; do - read -r -a extra_flags <<<"$(etcdctl_auth_flags)" - extra_flags+=("--endpoints=$e") - if [[ "$e" != "$host:$port" ]] && etcdctl endpoint health "${extra_flags[@]}" >/dev/null 2>&1; then - debug "$e endpoint is active" - ((active_endpoints++)) - active_endpoints_array+=("$e") - fi - done - ETCD_ACTIVE_ENDPOINTS=$(echo "${active_endpoints_array[*]}" | tr ' ' ',') - export ETCD_ACTIVE_ENDPOINTS - fi - echo "${active_endpoints} ${cluster_size} ${ETCD_ACTIVE_ENDPOINTS}" -} - -######################## -# Checks if there are enough active members, will also set ETCD_ACTIVE_ENDPOINTS -# Globals: -# ETCD_* -# Arguments: -# None -# Returns: -# Boolean -######################## -is_healthy_etcd_cluster() { - local return_value=0 - local active_endpoints cluster_size - read -r active_endpoints cluster_size ETCD_ACTIVE_ENDPOINTS <<<"$(setup_etcd_active_endpoints)" - export ETCD_ACTIVE_ENDPOINTS - - if is_boolean_yes "$ETCD_DISASTER_RECOVERY"; then - if [[ -f "/snapshots/.disaster_recovery" ]]; then - # Remove current node from the ones that need to recover - remove_in_file "/snapshots/.disaster_recovery" "$host:$port" - # Remove nodes that do not exist anymore from the ones that need to recover - read -r -a recovery_array <<<"$(tr '\n' ' ' <"/snapshots/.disaster_recovery")" - for r in "${recovery_array[@]}"; do - if [[ ! "${endpoints_array[*]}" =~ $r ]]; then - remove_in_file "/snapshots/.disaster_recovery" "$r" - fi - done - if [[ $(wc -w <"/snapshots/.disaster_recovery") -eq 0 ]]; then - debug "Last member to recover from the disaster!" - rm "/snapshots/.disaster_recovery" - fi - return_value=1 - else - if [[ $active_endpoints -lt $(((cluster_size + 1) / 2)) ]]; then - debug "There are no enough active endpoints!" - for e in "${endpoints_array[@]}"; do - [[ "$e" != "$host:$port" ]] && [[ "$e" != ":$port" ]] && echo "$e" >>"/snapshots/.disaster_recovery" - done - return_value=1 - fi - fi - else - if [[ $active_endpoints -lt $(((cluster_size + 1) / 2)) ]]; then - debug "There are no enough active endpoints!" - return_value=1 - fi - fi - - return $return_value -} - -######################## -# Prints initial cluster nodes -# Globals: -# ETCD_* -# Arguments: -# None -# Returns: -# String -######################## -get_initial_cluster() { - local -a endpoints_array=() - local scheme port initial_members - read -r -a endpoints_array <<<"$(tr ',;' ' ' <<<"$ETCD_INITIAL_CLUSTER")" - if [[ ${#endpoints_array[@]} -gt 0 ]] && ! grep -sqE "://" <<<"$ETCD_INITIAL_CLUSTER"; then - # This piece of code assumes this container is used on a VM environment - # where ETCD_INITIAL_CLUSTER contains a comma-separated list of hostnames, - # and recreates it as follows: - # SCHEME://NODE_NAME:PEER_PORT - scheme="$(parse_uri "$ETCD_INITIAL_ADVERTISE_PEER_URLS" "scheme")" - port="$(parse_uri "$ETCD_INITIAL_ADVERTISE_PEER_URLS" "port")" - for nodePeer in "${endpoints_array[@]}"; do - initial_members+=("${nodePeer}=${scheme}://${nodePeer}:$port") - done - echo "${initial_members[*]}" | tr ' ' ',' - else - # Nothing to do - echo "$ETCD_INITIAL_CLUSTER" - fi -} - -######################## -# Recalculate initial cluster -# Globals: -# ETCD_* -# Arguments: -# None -# Returns: -# String -######################## -recalculate_initial_cluster() { - local -a endpoints_array initial_members - local domain host member_host member_port member_id port scheme - - if is_boolean_yes "$ETCD_ON_K8S"; then - read -r -a endpoints_array <<<"$(tr ',;' ' ' <<<"$(etcdctl_get_endpoints)")" - # This piece of code assumes this container is used on a K8s environment - # where etcd members are part of a statefulset that uses a headless service - # to create a unique FQDN per member. Under these circumstances, the - # ETCD_INITIAL_ADVERTISE_PEER_URLS are created as follows: - # SCHEME://POD_NAME.HEADLESS_SVC_DOMAIN:PEER_PORT - # - # Assuming this, we can extract the HEADLESS_SVC_DOMAIN - host="$(parse_uri "$ETCD_INITIAL_ADVERTISE_PEER_URLS" "host")" - scheme="$(parse_uri "$ETCD_INITIAL_ADVERTISE_PEER_URLS" "scheme")" - port="$(parse_uri "$ETCD_INITIAL_ADVERTISE_PEER_URLS" "port")" - domain="${host#"${ETCD_NAME}."}" - # When ETCD_CLUSTER_DOMAIN is set, we use that value instead of extracting - # it from ETCD_INITIAL_ADVERTISE_PEER_URLS - ! is_empty_value "$ETCD_CLUSTER_DOMAIN" && domain="$ETCD_CLUSTER_DOMAIN" - for e in "${endpoints_array[@]}"; do - member_host="$(parse_uri "$scheme://$e" "host")" - member_port="$(parse_uri "$scheme://$e" "port")" - member_id=${e%".$domain:$member_port"} - initial_members+=("${member_id}=${scheme}://${member_host}:$port") - done - echo "${initial_members[*]}" | tr ' ' ',' - else - # Nothing to do - echo "$ETCD_INITIAL_CLUSTER" - fi -} - -######################## -# Ensure etcd is initialized -# Globals: -# ETCD_* -# Arguments: -# None -# Returns: -# None -######################### -etcd_initialize() { - local -a extra_flags initial_members - local domain - - info "Initializing etcd" - - # Generate user configuration if ETCD_CFG_* variables are provided - etcd_setup_from_environment_variables - - ETCD_INITIAL_CLUSTER="$(get_initial_cluster)" - export ETCD_INITIAL_CLUSTER - [[ -f "$ETCD_CONF_FILE" ]] && etcd_conf_write "initial-cluster" "$ETCD_INITIAL_CLUSTER" - - read -r -a initial_members <<<"$(tr ',;' ' ' <<<"$ETCD_INITIAL_CLUSTER")" - if is_mounted_dir_empty "$ETCD_DATA_DIR"; then - info "There is no data from previous deployments" - if [[ ${#initial_members[@]} -gt 1 ]]; then - if is_new_etcd_cluster; then - info "Bootstrapping a new cluster" - if is_boolean_yes "$ETCD_ON_K8S"; then - debug "Waiting for the headless svc domain to have an IP per initial member in the cluster" - if is_empty_value "$ETCD_CLUSTER_DOMAIN"; then - # This piece of code assumes this container is used on a K8s environment - # where etcd members are part of a statefulset that uses a headless service - # to create a unique FQDN per member. Under these circumstances, the - # ETCD_INITIAL_ADVERTISE_PEER_URLS are created as follows: - # SCHEME://POD_NAME.HEADLESS_SVC_DOMAIN:PEER_PORT - # - # Assuming this, we can extract the HEADLESS_SVC_DOMAIN - host="$(parse_uri "$ETCD_INITIAL_ADVERTISE_PEER_URLS" "host")" - domain="${host#"${ETCD_NAME}."}" - else - # When ETCD_CLUSTER_DOMAIN is set, we use that value instead of extracting - # it from ETCD_INITIAL_ADVERTISE_PEER_URLS - domain="$ETCD_CLUSTER_DOMAIN" - fi - hostname_has_N_ips() { - local -r hostname="${1:?hostname is required}" - local -r n=${2:?number of ips is required} - local -r ready_hosts=$(getent ahosts "$hostname" | awk '{print $1}' | uniq | wc -l) - [[ $((ready_hosts % n)) -eq 0 ]] && [[ $((ready_hosts / n)) -ge 1 ]] && return 0 - return 1 - } - if ! retry_while "hostname_has_N_ips $domain ${#initial_members[@]}"; then - error "Headless service domain does not have an IP per initial member in the cluster" - exit 1 - fi - fi - else - info "Adding new member to existing cluster" - ensure_dir_exists "$ETCD_DATA_DIR" - add_self_to_cluster - fi - fi - if is_boolean_yes "$ETCD_START_FROM_SNAPSHOT"; then - if [[ -f "${ETCD_INIT_SNAPSHOTS_DIR}/${ETCD_INIT_SNAPSHOT_FILENAME}" ]]; then - info "Restoring snapshot before initializing etcd cluster" - local -a restore_args=("--data-dir" "$ETCD_DATA_DIR") - if [[ ${#initial_members[@]} -gt 1 ]]; then - # - # Only recalculate the initial cluster config if it hasn't - # been provided. - # - if is_empty_value "$ETCD_INITIAL_CLUSTER"; then - ETCD_INITIAL_CLUSTER="$(recalculate_initial_cluster)" - export ETCD_INITIAL_CLUSTER - fi - - [[ -f "$ETCD_CONF_FILE" ]] && etcd_conf_write "initial-cluster" "$ETCD_INITIAL_CLUSTER" - - restore_args+=( - "--name" "$ETCD_NAME" - "--initial-cluster" "$ETCD_INITIAL_CLUSTER" - "--initial-cluster-token" "$ETCD_INITIAL_CLUSTER_TOKEN" - "--initial-advertise-peer-urls" "$ETCD_INITIAL_ADVERTISE_PEER_URLS" - ) - fi - debug_execute etcdctl snapshot restore "${ETCD_INIT_SNAPSHOTS_DIR}/${ETCD_INIT_SNAPSHOT_FILENAME}" "${restore_args[@]}" - etcd_store_member_id - else - error "There was no snapshot to restore!" - exit 1 - fi - else - etcd_store_member_id - fi - else - info "Detected data from previous deployments" - if [[ $(stat -c "%a" "$ETCD_DATA_DIR") != *700 ]]; then - debug "Setting data directory permissions to 700 in a recursive way (required in etcd >=3.4.10)" - debug_execute chmod -R 700 "$ETCD_DATA_DIR" || true - fi - if [[ ${#initial_members[@]} -gt 1 ]]; then - member_id="$(get_member_id)" - if is_boolean_yes "$ETCD_DISABLE_PRESTOP"; then - info "The member will try to join the cluster by it's own" - export ETCD_INITIAL_CLUSTER_STATE=existing - elif ! is_healthy_etcd_cluster; then - warn "Cluster not responding!" - if is_boolean_yes "$ETCD_DISASTER_RECOVERY"; then - latest_snapshot_file="$(find /snapshots/ -maxdepth 1 -type f -name 'db-*' | sort | tail -n 1)" - if [[ "${latest_snapshot_file}" != "" ]]; then - info "Restoring etcd cluster from snapshot" - rm -rf "$ETCD_DATA_DIR" - # - # Only recalculate the initial cluster config if it hasn't - # been provided. - # - if is_empty_value "$ETCD_INITIAL_CLUSTER"; then - ETCD_INITIAL_CLUSTER="$(recalculate_initial_cluster)" - export ETCD_INITIAL_CLUSTER - fi - [[ -f "$ETCD_CONF_FILE" ]] && etcd_conf_write "initial-cluster" "$ETCD_INITIAL_CLUSTER" - debug_execute etcdctl snapshot restore "${latest_snapshot_file}" \ - --name "$ETCD_NAME" \ - --data-dir "$ETCD_DATA_DIR" \ - --initial-cluster "$ETCD_INITIAL_CLUSTER" \ - --initial-cluster-token "$ETCD_INITIAL_CLUSTER_TOKEN" \ - --initial-advertise-peer-urls "$ETCD_INITIAL_ADVERTISE_PEER_URLS" - etcd_store_member_id - else - error "There was no snapshot to restore!" - exit 1 - fi - else - warn "Disaster recovery is disabled, the cluster will try to recover on it's own" - fi - elif was_etcd_member_removed; then - info "Adding new member to existing cluster" - read -r -a extra_flags <<<"$(etcdctl_auth_flags)" - is_boolean_yes "$ETCD_ON_K8S" && extra_flags+=("--endpoints=$(etcdctl_get_endpoints)") - extra_flags+=("--peer-urls=$ETCD_INITIAL_ADVERTISE_PEER_URLS") - etcdctl member add "$ETCD_NAME" "${extra_flags[@]}" | grep "^ETCD_" >"$ETCD_NEW_MEMBERS_ENV_FILE" - replace_in_file "$ETCD_NEW_MEMBERS_ENV_FILE" "^" "export " - # The value of ETCD_INITIAL_CLUSTER_STATE must be changed for it to be correctly added to the existing cluster - # https://etcd.io/docs/v3.5/op-guide/configuration/#--initial-cluster-state - export ETCD_INITIAL_CLUSTER_STATE=existing - etcd_store_member_id - elif ! is_empty_value "$member_id"; then - info "Updating member in existing cluster" - export ETCD_INITIAL_CLUSTER_STATE=existing - [[ -f "$ETCD_CONF_FILE" ]] && etcd_conf_write "initial-cluster-state" "$ETCD_INITIAL_CLUSTER_STATE" - read -r -a extra_flags <<<"$(etcdctl_auth_flags)" - extra_flags+=("--peer-urls=$ETCD_INITIAL_ADVERTISE_PEER_URLS") - if is_boolean_yes "$ETCD_ON_K8S"; then - extra_flags+=("--endpoints=$(etcdctl_get_endpoints)") - etcdctl member update "$member_id" "${extra_flags[@]}" - else - etcd_start_bg - etcdctl member update "$member_id" "${extra_flags[@]}" - etcd_stop - fi - else - info "Member ID wasn't properly stored, the member will try to join the cluster by it's own" - export ETCD_INITIAL_CLUSTER_STATE=existing - [[ -f "$ETCD_CONF_FILE" ]] && etcd_conf_write "initial-cluster-state" "$ETCD_INITIAL_CLUSTER_STATE" - fi - fi - fi - - # For both existing and new deployments, configure RBAC if set - if [[ ${#initial_members[@]} -gt 1 ]]; then - # When there's more than one etcd replica, RBAC should be only enabled in one member - if ! is_empty_value "$ETCD_ROOT_PASSWORD" && [[ "${initial_members[0]}" = *"$ETCD_INITIAL_ADVERTISE_PEER_URLS"* ]]; then - etcd_configure_rbac - else - debug "Skipping RBAC configuration in member $ETCD_NAME" - fi - else - ! is_empty_value "$ETCD_ROOT_PASSWORD" && etcd_configure_rbac - fi - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Add self to cluster if not -# Globals: -# ETCD_* -# Arguments: -# None -# Returns: -# None -######################### -add_self_to_cluster() { - local -a extra_flags - read -r -a extra_flags <<<"$(etcdctl_auth_flags)" - # is_healthy_etcd_cluster will also set ETCD_ACTIVE_ENDPOINTS - while ! is_healthy_etcd_cluster; do - warn "Cluster not healthy, not adding self to cluster for now, keeping trying..." - sleep 10 - done - - # only send req to healthy nodes - - if is_empty_value "$(get_member_id)"; then - extra_flags+=("--endpoints=${ETCD_ACTIVE_ENDPOINTS}" "--peer-urls=$ETCD_INITIAL_ADVERTISE_PEER_URLS") - while ! etcdctl member add "$ETCD_NAME" "${extra_flags[@]}" | grep "^ETCD_" >"$ETCD_NEW_MEMBERS_ENV_FILE"; do - warn "Failed to add self to cluster, keeping trying..." - sleep 10 - done - replace_in_file "$ETCD_NEW_MEMBERS_ENV_FILE" "^" "export " - sync -d "$ETCD_NEW_MEMBERS_ENV_FILE" - else - info "Node already in cluster" - fi - info "Loading env vars of existing cluster" - . "$ETCD_NEW_MEMBERS_ENV_FILE" -} - -######################## -# Get this node's member_id in cluster, if not in cluster return empty string -# Globals: -# ETCD_* -# Arguments: -# None -# Returns: -# String -######################### -get_member_id() { - if ! is_boolean_yes "$ETCD_DISABLE_STORE_MEMBER_ID"; then - if [[ ! -s "${ETCD_DATA_DIR}/member_id" ]]; then - echo "" - return 0 - fi - cat "${ETCD_DATA_DIR}/member_id" - return 0 - fi - local ret - local -a extra_flags - - local etcd_active_endpoints=${ETCD_ACTIVE_ENDPOINTS:-} - if is_empty_value "${etcd_active_endpoints}"; then - setup_etcd_active_endpoints >/dev/null 2>&1 - fi - - read -r -a extra_flags <<<"$(etcdctl_auth_flags)" - extra_flags+=("--endpoints=${ETCD_ACTIVE_ENDPOINTS}") - ret=$(etcdctl "${extra_flags[@]}" member list | grep -w "$ETCD_INITIAL_ADVERTISE_PEER_URLS" | awk -F "," '{ print $1 }') - # if not return zero - if is_empty_value "$ret"; then - info "No member id found" - echo "" - else - info "member id: $ret" - echo "$ret" - fi -} diff --git a/bitnami/etcd/3.5/debian-11/tags-info.yaml b/bitnami/etcd/3.5/debian-11/tags-info.yaml deleted file mode 100644 index 4ce44a99d29a..000000000000 --- a/bitnami/etcd/3.5/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "3.5" -- 3.5-debian-11 -- 3.5.12 -- latest diff --git a/bitnami/express/4/debian-11/Dockerfile b/bitnami/express/4/debian-11/Dockerfile deleted file mode 100644 index 0627698c0d11..000000000000 --- a/bitnami/express/4/debian-11/Dockerfile +++ /dev/null @@ -1,57 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T01:32:50Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="4.18.2-debian-11-r195" \ - org.opencontainers.image.title="express" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="4.18.2" - -ENV OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libbz2-1.0 libcom-err2 libcrypt1 libffi7 libgcc-s1 libgssapi-krb5-2 libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 liblzma5 libncursesw6 libnsl2 libreadline8 libsqlite3-0 libssl1.1 libstdc++6 libtinfo6 libtirpc3 procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "python-3.11.8-0-linux-${OS_ARCH}-debian-11" \ - "wait-for-port-1.0.7-9-linux-${OS_ARCH}-debian-11" \ - "node-18.19.1-0-linux-${OS_ARCH}-debian-11" \ - "express-4.18.2-21-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN mkdir -p /dist /app /.npm /.config /.cache /.local && chmod g+rwX /dist /app /.npm /.config /.cache /.local -RUN /opt/bitnami/scripts/express/postunpack.sh -ENV APP_VERSION="4.18.2" \ - BITNAMI_APP_NAME="express" \ - PATH="/opt/bitnami/python/bin:/opt/bitnami/common/bin:/opt/bitnami/node/bin:/opt/bitnami/express/bin:$PATH" - -EXPOSE 3000 - -WORKDIR /app -ENTRYPOINT [ "/opt/bitnami/scripts/express/entrypoint.sh" ] -CMD [ "npm", "start" ] diff --git a/bitnami/express/4/debian-11/docker-compose.yml b/bitnami/express/4/debian-11/docker-compose.yml deleted file mode 100644 index 049aaee0743a..000000000000 --- a/bitnami/express/4/debian-11/docker-compose.yml +++ /dev/null @@ -1,26 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' - -services: - mongodb: - image: docker.io/bitnami/mongodb:7.0 - environment: - - ALLOW_EMPTY_PASSWORD=yes - express: - image: docker.io/bitnami/express:4 - ports: - - '3000:3000' - environment: - - PORT=3000 - - NODE_ENV=development - - DATABASE_URL=mongodb://mongodb:27017/myapp - - EXPRESS_SKIP_DB_WAIT=0 - - EXPRESS_SKIP_DB_MIGRATION=0 - - EXPRESS_SKIP_NPM_INSTALL=0 - - EXPRESS_SKIP_BOWER_INSTALL=0 - volumes: - - './my-project:/app' - depends_on: - - mongodb diff --git a/bitnami/express/4/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/express/4/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 091c3d5319f6..000000000000 --- a/bitnami/express/4/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,26 +0,0 @@ -{ - "express": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "4.18.2-21" - }, - "node": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "18.19.1-0" - }, - "python": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.11.8-0" - }, - "wait-for-port": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.7-9" - } -} \ No newline at end of file diff --git a/bitnami/express/4/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/express/4/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/express/4/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/express/4/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/express/4/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/express/4/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/express/4/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/express/4/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/express/4/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/express/4/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/express/4/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/express/4/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/express/4/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/express/4/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/express/4/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/express/4/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/express/4/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/express/4/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/express/4/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/express/4/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/express/4/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/express/4/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/express/4/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/express/4/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/express/4/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/express/4/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/express/4/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/express/4/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/express/4/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/express/4/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/express/4/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/express/4/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/express/4/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/express/4/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/express/4/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/express/4/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/express/4/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/express/4/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/express/4/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/express/4/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/express/4/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/express/4/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/express/4/debian-11/rootfs/dist/.dockerignore b/bitnami/express/4/debian-11/rootfs/dist/.dockerignore deleted file mode 100644 index 68a40097b508..000000000000 --- a/bitnami/express/4/debian-11/rootfs/dist/.dockerignore +++ /dev/null @@ -1,4 +0,0 @@ -.git/ -node_modules/ -.gitignore -docker-compose.yml diff --git a/bitnami/express/4/debian-11/rootfs/dist/.gitignore b/bitnami/express/4/debian-11/rootfs/dist/.gitignore deleted file mode 100644 index c2658d7d1b31..000000000000 --- a/bitnami/express/4/debian-11/rootfs/dist/.gitignore +++ /dev/null @@ -1 +0,0 @@ -node_modules/ diff --git a/bitnami/express/4/debian-11/rootfs/dist/Dockerfile.tpl b/bitnami/express/4/debian-11/rootfs/dist/Dockerfile.tpl deleted file mode 100644 index faea55bcde06..000000000000 --- a/bitnami/express/4/debian-11/rootfs/dist/Dockerfile.tpl +++ /dev/null @@ -1,24 +0,0 @@ -## Dockerfile for building production image. -## Consider replacing below rolling tag by a digest or a immutable tag -FROM bitnami/express:{{APP_VERSION}} -LABEL maintainer "John Smith " - -ENV DISABLE_WELCOME_MESSAGE=1 - -ENV NODE_ENV=production \ - PORT=3000 - -# Skip fetching dependencies and database migrations for production image -ENV SKIP_DB_WAIT=0 \ - SKIP_DB_MIGRATION=1 \ - SKIP_NPM_INSTALL=1 \ - SKIP_BOWER_INSTALL=1 - -COPY . /app -RUN sudo chown -R bitnami: /app - -RUN npm install -RUN bower install - -EXPOSE 3000 -CMD ["npm", "start"] diff --git a/bitnami/express/4/debian-11/rootfs/dist/samples/mariadb.js b/bitnami/express/4/debian-11/rootfs/dist/samples/mariadb.js deleted file mode 100644 index f92729774cae..000000000000 --- a/bitnami/express/4/debian-11/rootfs/dist/samples/mariadb.js +++ /dev/null @@ -1,19 +0,0 @@ -/* - Note: Generated by Bitnami: - Configuration file that shows how to use the built in MySQL database in your project. - Based on the examples found here: https://github.com/mysqljs/mysql -*/ - -var mysql = require('mysql') - , assert = require('assert');; - -// Connection URL configured in your docker-compose.yml file -var url = process.env.DATABASE_URL; - -var connection = mysql.createConnection(url); -connection.connect(function(err) { - assert.equal(null, err); - console.log("Connected correctly to MySQL server"); - connection.query('SHOW TABLES;'); - connection.end(); -}); diff --git a/bitnami/express/4/debian-11/rootfs/dist/samples/mongodb.js b/bitnami/express/4/debian-11/rootfs/dist/samples/mongodb.js deleted file mode 100644 index ad668e76ec86..000000000000 --- a/bitnami/express/4/debian-11/rootfs/dist/samples/mongodb.js +++ /dev/null @@ -1,20 +0,0 @@ -/* - Note: Generated by Bitnami: - Configuration file that shows how to use the built in MongoDB database in your project. - Based on the examples found here: https://github.com/mongodb/node-mongodb-native - - If you want to use an ODM instead of barebone Node connections, you can install Mongoose - https://www.npmjs.com/package/mongoose -*/ - -var MongoClient = require('mongodb').MongoClient - , assert = require('assert'); - -// Connection URL configured in your docker-compose.yml file -var url = process.env.DATABASE_URL; - -MongoClient.connect(url, function(err, db) { - assert.equal(null, err); - console.log("Connected correctly to MongoDB server"); - db.close(); -}); diff --git a/bitnami/express/4/debian-11/rootfs/opt/bitnami/scripts/express-env.sh b/bitnami/express/4/debian-11/rootfs/opt/bitnami/scripts/express-env.sh deleted file mode 100644 index 24fa9f821769..000000000000 --- a/bitnami/express/4/debian-11/rootfs/opt/bitnami/scripts/express-env.sh +++ /dev/null @@ -1,79 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for express - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-express}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -express_env_vars=( - EXPRESS_SKIP_DATABASE_WAIT - EXPRESS_SKIP_DATABASE_MIGRATE - EXPRESS_SKIP_SAMPLE_CODE - EXPRESS_SKIP_NPM_INSTALL - EXPRESS_SKIP_BOWER_INSTALL - EXPRESS_DATABASE_TYPE - EXPRESS_DATABASE_HOST - EXPRESS_DATABASE_PORT_NUMBER - EXPRESS_DEFAULT_MARIADB_DATABASE_PORT_NUMBER - EXPRESS_DEFAULT_MONGODB_DATABASE_PORT_NUMBER - EXPRESS_DEFAULT_MYSQL_DATABASE_PORT_NUMBER - EXPRESS_DEFAULT_POSTGRESQL_DATABASE_PORT_NUMBER - SKIP_DB_WAIT - SKIP_DB_MIGRATE - SKIP_SAMPLE_CODE - SKIP_NPM_INSTALL - SKIP_BOWER_INSTALL -) -for env_var in "${express_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset express_env_vars - -# Express configuration -EXPRESS_SKIP_DATABASE_WAIT="${EXPRESS_SKIP_DATABASE_WAIT:-"${SKIP_DB_WAIT:-}"}" -export EXPRESS_SKIP_DATABASE_WAIT="${EXPRESS_SKIP_DATABASE_WAIT:-no}" -EXPRESS_SKIP_DATABASE_MIGRATE="${EXPRESS_SKIP_DATABASE_MIGRATE:-"${SKIP_DB_MIGRATE:-}"}" -export EXPRESS_SKIP_DATABASE_MIGRATE="${EXPRESS_SKIP_DATABASE_MIGRATE:-no}" -EXPRESS_SKIP_SAMPLE_CODE="${EXPRESS_SKIP_SAMPLE_CODE:-"${SKIP_SAMPLE_CODE:-}"}" -export EXPRESS_SKIP_SAMPLE_CODE="${EXPRESS_SKIP_SAMPLE_CODE:-no}" -EXPRESS_SKIP_NPM_INSTALL="${EXPRESS_SKIP_NPM_INSTALL:-"${SKIP_NPM_INSTALL:-}"}" -export EXPRESS_SKIP_NPM_INSTALL="${EXPRESS_SKIP_NPM_INSTALL:-no}" -EXPRESS_SKIP_BOWER_INSTALL="${EXPRESS_SKIP_BOWER_INSTALL:-"${SKIP_BOWER_INSTALL:-}"}" -export EXPRESS_SKIP_BOWER_INSTALL="${EXPRESS_SKIP_BOWER_INSTALL:-no}" - -# Database configuration -export EXPRESS_DATABASE_TYPE="${EXPRESS_DATABASE_TYPE:-}" -export EXPRESS_DATABASE_HOST="${EXPRESS_DATABASE_HOST:-}" -export EXPRESS_DATABASE_PORT_NUMBER="${EXPRESS_DATABASE_PORT_NUMBER:-}" -export EXPRESS_DEFAULT_MARIADB_DATABASE_PORT_NUMBER="${EXPRESS_DEFAULT_MARIADB_DATABASE_PORT_NUMBER:-3306}" -export EXPRESS_DEFAULT_MONGODB_DATABASE_PORT_NUMBER="${EXPRESS_DEFAULT_MONGODB_DATABASE_PORT_NUMBER:-27017}" -export EXPRESS_DEFAULT_MYSQL_DATABASE_PORT_NUMBER="${EXPRESS_DEFAULT_MYSQL_DATABASE_PORT_NUMBER:-3306}" -export EXPRESS_DEFAULT_POSTGRESQL_DATABASE_PORT_NUMBER="${EXPRESS_DEFAULT_POSTGRESQL_DATABASE_PORT_NUMBER:-5432}" - -# Custom environment variables may be defined below diff --git a/bitnami/express/4/debian-11/rootfs/opt/bitnami/scripts/express/entrypoint.sh b/bitnami/express/4/debian-11/rootfs/opt/bitnami/scripts/express/entrypoint.sh deleted file mode 100755 index 79c41bdb1192..000000000000 --- a/bitnami/express/4/debian-11/rootfs/opt/bitnami/scripts/express/entrypoint.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Load Express environment -. /opt/bitnami/scripts/express-env.sh - -print_welcome_page - -if [[ "$1" = "npm" ]] && [[ "$2" = "run" || "$2" = "start" ]]; then - info "** Running Express setup **" - /opt/bitnami/scripts/express/setup.sh - info "** Express setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/express/4/debian-11/rootfs/opt/bitnami/scripts/express/postunpack.sh b/bitnami/express/4/debian-11/rootfs/opt/bitnami/scripts/express/postunpack.sh deleted file mode 100755 index 2788b2b05e38..000000000000 --- a/bitnami/express/4/debian-11/rootfs/opt/bitnami/scripts/express/postunpack.sh +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libexpress.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh - -# Load Express environment -. /opt/bitnami/scripts/express-env.sh - -# Ensure required directories exist -ensure_dir_exists "/app" -configure_permissions_ownership "/app" -d "775" -f "664" diff --git a/bitnami/express/4/debian-11/rootfs/opt/bitnami/scripts/express/setup.sh b/bitnami/express/4/debian-11/rootfs/opt/bitnami/scripts/express/setup.sh deleted file mode 100755 index 105e467be801..000000000000 --- a/bitnami/express/4/debian-11/rootfs/opt/bitnami/scripts/express/setup.sh +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libexpress.sh - -# Load Express environment -. /opt/bitnami/scripts/express-env.sh - -# Ensure Express environment variables are valid -express_validate - -# Ensure Express app is initialized -express_initialize diff --git a/bitnami/express/4/debian-11/rootfs/opt/bitnami/scripts/libexpress.sh b/bitnami/express/4/debian-11/rootfs/opt/bitnami/scripts/libexpress.sh deleted file mode 100644 index bd39fd3886fa..000000000000 --- a/bitnami/express/4/debian-11/rootfs/opt/bitnami/scripts/libexpress.sh +++ /dev/null @@ -1,187 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Express library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh - -######################## -# Validate settings in EXPRESS_* env vars -# Globals: -# EXPRESS_* -# Arguments: -# None -# Returns: -# None -######################### -express_validate() { - info "Validating settings in EXPRESS_* environment variables..." - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - check_empty_value() { - if is_empty_value "${!1}"; then - print_validation_error "${1} must be set" - fi - } - check_yes_no_value() { - if ! is_yes_no_value "${!1}" && ! is_true_false_value "${!1}" && ! is_1_0_value "${!1}"; then - print_validation_error "The allowed values for ${1} are: yes no" - fi - } - check_multi_value() { - if [[ " ${2} " != *" ${!1} "* ]]; then - print_validation_error "The allowed values for ${1} are: ${2}" - fi - } - check_resolved_hostname() { - if ! is_hostname_resolved "$1"; then - warn "Hostname ${1} could not be resolved, this could lead to connection issues" - fi - } - check_valid_port() { - local port_var="${1:?missing port variable}" - local err - if ! err="$(validate_port "${!port_var}")"; then - print_validation_error "An invalid port was specified in the environment variable ${port_var}: ${err}." - fi - } - - # Validate user inputs - check_yes_no_value "EXPRESS_SKIP_DATABASE_WAIT" - check_yes_no_value "EXPRESS_SKIP_DATABASE_MIGRATE" - check_yes_no_value "EXPRESS_SKIP_SAMPLE_CODE" - check_yes_no_value "EXPRESS_SKIP_NPM_INSTALL" - check_yes_no_value "EXPRESS_SKIP_BOWER_INSTALL" - - # Autodetect database type and populate environment variables if they were not defined - local -a supported_database_types=("mariadb" "mongodb" "mysql" "postgresql") - if is_empty_value "$EXPRESS_DATABASE_TYPE"; then - warn "EXPRESS_DATABASE_TYPE was not set, the database type will be detected automatically" - for database_type in "${supported_database_types[@]}"; do - if getent hosts "$database_type" >/dev/null; then - debug "Detected database type ${database_type}" - EXPRESS_DATABASE_TYPE="$database_type" - EXPRESS_DATABASE_HOST="${EXPRESS_DATABASE_HOST:-"$database_type"}" - local db_port_var="EXPRESS_DEFAULT_${database_type^^}_DATABASE_PORT_NUMBER" - EXPRESS_DATABASE_PORT_NUMBER="${EXPRESS_DATABASE_PORT_NUMBER:-"${!db_port_var}"}" - break - fi - done - else - check_multi_value "EXPRESS_DATABASE_TYPE" "${supported_database_types[*]}" - fi - - if is_empty_value "$EXPRESS_DATABASE_TYPE"; then - if is_empty_value "$EXPRESS_SKIP_DATABASE_WAIT"; then - print_validation_error "Could not detect database type" - else - warn "Could not detect database type, database support will not be configured" - fi - else - check_resolved_hostname "$EXPRESS_DATABASE_HOST" - check_valid_port "EXPRESS_DATABASE_PORT_NUMBER" - fi - - return "$error_code" -} - -######################## -# Ensure the Express app is initialized -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -express_initialize() { - # Developers use the /app mountpoint - if is_dir_empty "/app"; then - info "Creating Express application in /app" - cd /app || return 1 - debug_execute express . -f - mkdir tmp logs - chmod og+rw -R tmp logs - # Copy .gitignore sample - cp /dist/.gitignore .gitignore - - if ! is_empty_value "$EXPRESS_DATABASE_TYPE"; then - info "Adding database support" - case "$EXPRESS_DATABASE_TYPE" in - mariadb|mysql) - npm ls mysql >/dev/null || debug_execute npm install --save mysql - ;; - mongodb) - npm ls mongodb >/dev/null || debug_execute npm install --save mongodb - ;; - postgresql) - npm ls pg pg-hstore >/dev/null || debug_execute npm install --save pg pg-hstore - ;; - esac - fi - - if is_boolean_yes "$EXPRESS_SKIP_DATABASE_WAIT"; then - info "Not waiting for the database to be available" - else - info "Trying to connect to the database server" - if ! retry_while "debug_execute wait-for-port --timeout 5 --host ${EXPRESS_DATABASE_HOST} ${EXPRESS_DATABASE_PORT_NUMBER}"; then - error "Could not connect to the database" - return 1 - fi - fi - - info "Configuring nodemon support" - debug_execute npm install nodemon --save-dev - replace_in_file package.json '"start".*' '"start": "node ./bin/www", "development": "nodemon ./bin/www"' - - if ! is_boolean_yes "$EXPRESS_SKIP_SAMPLE_CODE"; then - info "Adding dist samples" - cp -r /dist/samples . - fi - - if [[ ! -f Dockerfile ]]; then - info "Adding Dockerfile" - cp /dist/Dockerfile.tpl Dockerfile - sed -i 's/{{APP_VERSION}}/'"$APP_VERSION"'/g' Dockerfile - [[ ! -f bower.json ]] && sed -i '/^RUN bower install/d' Dockerfile - - if [[ ! -f .dockerignore ]]; then - cp /dist/.dockerignore . - fi - fi - - if ! is_boolean_yes "$EXPRESS_SKIP_NPM_INSTALL"; then - info "Installing npm dependencies" - debug_execute npm install - fi - - if ! is_boolean_yes "$EXPRESS_SKIP_BOWER_INSTALL" && [[ -f bower.json ]]; then - info "Installing bower dependencies" - debug_execute bower install - fi - - if ! is_boolean_yes "$EXPRESS_SKIP_DATABASE_MIGRATE" && [[ -f .sequelizerc ]]; then - info "Applying database migrations (sequelize db:migrate)" - debug_execute sequelize db:migrate - fi - else - info "An existing project was detected, skipping project creation" - fi - - # Avoid exit code of previous commands to affect the result of this function - true -} diff --git a/bitnami/express/4/debian-11/rootfs/post-init.d/shell.sh b/bitnami/express/4/debian-11/rootfs/post-init.d/shell.sh deleted file mode 100755 index 15ec2defbee7..000000000000 --- a/bitnami/express/4/debian-11/rootfs/post-init.d/shell.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Executes custom Bash init scripts - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries with logging functions -if [[ -f /opt/bitnami/base/functions ]]; then - . /opt/bitnami/base/functions -else - . /opt/bitnami/scripts/liblog.sh -fi - -# Loop through all input files passed via stdin -read -r -a custom_init_scripts <<< "$@" -failure=0 -if [[ "${#custom_init_scripts[@]}" -gt 0 ]]; then - for custom_init_script in "${custom_init_scripts[@]}"; do - [[ "$custom_init_script" != *".sh" ]] && continue - if [[ -x "$custom_init_script" ]]; then - info "Executing ${custom_init_script}" - "$custom_init_script" || failure="1" - else - info "Sourcing ${custom_init_script} as it is not executable by the current user, any error may cause initialization to fail" - . "$custom_init_script" - fi - [[ "$failure" -ne 0 ]] && error "Failed to execute ${custom_init_script}" - done -fi - -exit "$failure" diff --git a/bitnami/express/4/debian-11/rootfs/post-init.sh b/bitnami/express/4/debian-11/rootfs/post-init.sh deleted file mode 100755 index 68a5c8ad32bd..000000000000 --- a/bitnami/express/4/debian-11/rootfs/post-init.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Only execute init scripts once -if [[ ! -f "/bitnami/express/.user_scripts_initialized" && -d "/docker-entrypoint-init.d" ]]; then - read -r -a init_scripts <<< "$(find "/docker-entrypoint-init.d" -type f -print0 | sort -z | xargs -0)" - if [[ "${#init_scripts[@]}" -gt 0 ]] && [[ ! -f "/bitnami/express/.user_scripts_initialized" ]]; then - mkdir -p "/bitnami/express" - for init_script in "${init_scripts[@]}"; do - for init_script_type_handler in /post-init.d/*.sh; do - "$init_script_type_handler" "$init_script" - done - done - fi - - touch "/bitnami/express/.user_scripts_initialized" -fi diff --git a/bitnami/express/4/debian-11/tags-info.yaml b/bitnami/express/4/debian-11/tags-info.yaml deleted file mode 100644 index 6c40ca61facd..000000000000 --- a/bitnami/express/4/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "4" -- 4-debian-11 -- 4.18.2 -- latest diff --git a/bitnami/external-dns/0/debian-11/Dockerfile b/bitnami/external-dns/0/debian-11/Dockerfile deleted file mode 100644 index 0720eec57dcf..000000000000 --- a/bitnami/external-dns/0/debian-11/Dockerfile +++ /dev/null @@ -1,54 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T01:33:23Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="0.14.0-debian-11-r27" \ - org.opencontainers.image.title="external-dns" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="0.14.0" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "external-dns-0.14.0-7-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="0.14.0" \ - BITNAMI_APP_NAME="external-dns" \ - PATH="/opt/bitnami/external-dns/bin:$PATH" - -EXPOSE 7979 - -WORKDIR /opt/bitnami/external-dns -USER 1001 -ENTRYPOINT [ "external-dns" ] diff --git a/bitnami/external-dns/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/external-dns/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 0a71d1214e4d..000000000000 --- a/bitnami/external-dns/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "external-dns": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "0.14.0-7" - } -} \ No newline at end of file diff --git a/bitnami/external-dns/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/external-dns/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/external-dns/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/external-dns/0/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/external-dns/0/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/external-dns/0/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/external-dns/0/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/external-dns/0/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/external-dns/0/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/external-dns/0/debian-11/tags-info.yaml b/bitnami/external-dns/0/debian-11/tags-info.yaml deleted file mode 100644 index f290cc5e7027..000000000000 --- a/bitnami/external-dns/0/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "0" -- 0-debian-11 -- 0.14.0 -- latest diff --git a/bitnami/flink/1/debian-11/Dockerfile b/bitnami/flink/1/debian-11/Dockerfile deleted file mode 100644 index a024218c9e97..000000000000 --- a/bitnami/flink/1/debian-11/Dockerfile +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG JAVA_EXTRA_SECURITY_DIR="/bitnami/java/extra-security" -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T02:09:04Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.18.1-debian-11-r24" \ - org.opencontainers.image.title="flink" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="1.18.1" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages acl ca-certificates curl gettext libjemalloc2 procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "java-11.0.22-12-2-linux-${OS_ARCH}-debian-11" \ - "flink-1.18.1-5-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/flink/postunpack.sh -RUN /opt/bitnami/scripts/java/postunpack.sh -ENV APP_VERSION="1.18.1" \ - BITNAMI_APP_NAME="flink" \ - FLINK_HOME="/opt/bitnami/flink" \ - JAVA_HOME="/opt/bitnami/java" \ - PATH="/opt/bitnami/java/bin:/opt/bitnami/flink/bin:$PATH" - -WORKDIR /opt/bitnami/flink -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/flink/entrypoint.sh", "/opt/bitnami/scripts/flink/run.sh" ] diff --git a/bitnami/flink/1/debian-11/docker-compose.yml b/bitnami/flink/1/debian-11/docker-compose.yml deleted file mode 100644 index 07fa410d06a0..000000000000 --- a/bitnami/flink/1/debian-11/docker-compose.yml +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' - -services: - jobmanager: - image: docker.io/bitnami/flink:1 - ports: - - 6123:6123 - - 8081:8081 - environment: - - FLINK_MODE=jobmanager - - FLINK_CFG_REST_BIND__ADDRESS=0.0.0.0 - taskmanager: - image: docker.io/bitnami/flink:1 - ports: - - 6121:6121 - - 6122:6122 - environment: - - FLINK_MODE=taskmanager - - FLINK_JOB_MANAGER_RPC_ADDRESS=jobmanager diff --git a/bitnami/flink/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/flink/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index d17541e99aac..000000000000 --- a/bitnami/flink/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "flink": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.18.1-5" - }, - "java": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "11.0.22-12-2" - } -} \ No newline at end of file diff --git a/bitnami/flink/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/flink/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/flink/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/flink/1/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/flink/1/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/flink/1/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/flink/1/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/flink/1/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/flink/1/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/flink/1/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/flink/1/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/flink/1/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/flink/1/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/flink/1/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/flink/1/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/flink/1/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/flink/1/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/flink/1/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/flink/1/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/flink/1/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/flink/1/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/flink/1/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/flink/1/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/flink/1/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/flink/1/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/flink/1/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/flink/1/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/flink/1/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/flink/1/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/flink/1/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/flink/1/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/flink/1/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/flink/1/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/flink/1/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/flink/1/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/flink/1/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/flink/1/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/flink/1/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/flink/1/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/flink/1/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/flink/1/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/flink/1/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/flink/1/debian-11/rootfs/opt/bitnami/scripts/flink-env.sh b/bitnami/flink/1/debian-11/rootfs/opt/bitnami/scripts/flink-env.sh deleted file mode 100644 index 483acefa7aff..000000000000 --- a/bitnami/flink/1/debian-11/rootfs/opt/bitnami/scripts/flink-env.sh +++ /dev/null @@ -1,68 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for flink - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-flink}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -flink_env_vars=( - FLINK_MODE - FLINK_CFG_REST_PORT - FLINK_TASK_MANAGER_NUMBER_OF_TASK_SLOTS - FLINK_PROPERTIES -) -for env_var in "${flink_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset flink_env_vars - -# Paths -export FLINK_BASE_DIR="${BITNAMI_ROOT_DIR}/flink" -export FLINK_BIN_DIR="${FLINK_BASE_DIR}/bin" -export FLINK_WORK_DIR="${FLINK_BASE_DIR}" -export FLINK_LOG_DIR="${FLINK_BASE_DIR}/log" -export FLINK_CONF_DIR="${FLINK_BASE_DIR}/conf" -export FLINK_DEFAULT_CONF_DIR="${FLINK_BASE_DIR}/conf.default" -export FLINK_CONF_FILE="flink-conf.yaml" -export FLINK_CONF_FILE_PATH="${FLINK_CONF_DIR}/${FLINK_CONF_FILE}" -export FLINK_MODE="${FLINK_MODE:-jobmanager}" -export FLINK_CFG_REST_PORT="${FLINK_CFG_REST_PORT:-8081}" -export FLINK_TASK_MANAGER_NUMBER_OF_TASK_SLOTS="${FLINK_TASK_MANAGER_NUMBER_OF_TASK_SLOTS:-$(grep -c ^processor /proc/cpuinfo)}" -export FLINK_PROPERTIES="${FLINK_PROPERTIES:-}" - -# Flink persistence configuration -export FLINK_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/flink" -export FLINK_DATA_TO_PERSIST="conf plugins" - -# Flink system parameters -export FLINK_DAEMON_USER="flink" -export FLINK_DAEMON_GROUP="flink" -export PATH="/opt/bitnami/common/bin:/opt/bitnami/flink/bin:$PATH" - -# Custom environment variables may be defined below diff --git a/bitnami/flink/1/debian-11/rootfs/opt/bitnami/scripts/flink/entrypoint.sh b/bitnami/flink/1/debian-11/rootfs/opt/bitnami/scripts/flink/entrypoint.sh deleted file mode 100755 index 571db759c2c6..000000000000 --- a/bitnami/flink/1/debian-11/rootfs/opt/bitnami/scripts/flink/entrypoint.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Apache Flink environment variables -. /opt/bitnami/scripts/flink-env.sh - -print_welcome_page - -# We add the copy from default config in the entrypoint to not break users -# bypassing the setup.sh logic. If the file already exists do not overwrite (in -# case someone mounts a configuration file in /opt/bitnami/flink/conf) -debug "Copying files from $FLINK_DEFAULT_CONF_DIR to $FLINK_CONF_DIR" -cp -nfr "$FLINK_DEFAULT_CONF_DIR"/. "$FLINK_CONF_DIR" - -if [[ "$1" = "/opt/bitnami/scripts/flink/run.sh" ]]; then - info "** Starting Apache Flink ${FLINK_MODE} setup **" - /opt/bitnami/scripts/flink/setup.sh - info "** FLINK ${FLINK_MODE} setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/flink/1/debian-11/rootfs/opt/bitnami/scripts/flink/postunpack.sh b/bitnami/flink/1/debian-11/rootfs/opt/bitnami/scripts/flink/postunpack.sh deleted file mode 100755 index 2c9d139286a6..000000000000 --- a/bitnami/flink/1/debian-11/rootfs/opt/bitnami/scripts/flink/postunpack.sh +++ /dev/null @@ -1,42 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libfs.sh - -# Load Flink environment variables -. /opt/bitnami/scripts/flink-env.sh - - -# Create directories -dirs=( - "${FLINK_WORK_DIR}" - "${FLINK_CONF_DIR}" - "${FLINK_DEFAULT_CONF_DIR}" - "${FLINK_VOLUME_DIR}" -) - -# Ensure 'daemon' user exists when running as 'root' -am_i_root && ensure_user_exists "$FLINK_DAEMON_USER" --group "$FLINK_DAEMON_GROUP" - -for dir in "${dirs[@]}"; do - ensure_dir_exists "$dir" - configure_permissions_ownership "$dir" -d "775" -f "664" -done - -# Set up execution permissions for /bin folder -ensure_dir_exists "${FLINK_WORK_DIR}/bin" -configure_permissions_ownership "${FLINK_WORK_DIR}/bin" -d "775" -f "775" - -# Copy all initially generated configuration files to the default directory -# (this is to avoid breaking when entrypoint is being overridden) -cp -r "${FLINK_CONF_DIR}/"* "$FLINK_DEFAULT_CONF_DIR" \ No newline at end of file diff --git a/bitnami/flink/1/debian-11/rootfs/opt/bitnami/scripts/flink/run.sh b/bitnami/flink/1/debian-11/rootfs/opt/bitnami/scripts/flink/run.sh deleted file mode 100755 index e049b618d0c9..000000000000 --- a/bitnami/flink/1/debian-11/rootfs/opt/bitnami/scripts/flink/run.sh +++ /dev/null @@ -1,79 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libflink.sh - -# Load Apache Flink environment variables -. /opt/bitnami/scripts/flink-env.sh - -# Declare commands env vars -export COMMAND_STANDALONE="standalone-job" -export COMMAND_HISTORY_SERVER="history-server" - -declare cmd -declare -a args=("") - -cd "${FLINK_BASE_DIR}" || exit 1 - -# If nothing is provided as '$@', this assignation throws -# an unbound variable error for Bash versions < 4.4. -# https://git.savannah.gnu.org/cgit/bash.git/tree/CHANGES?id=3ba697465bc74fab513a26dea700cc82e9f4724e#n878 -if [[ "$#" -gt 0 ]]; then - args=("${@:1}") -fi - -if [[ "$FLINK_MODE" = "help" ]]; then - # shellcheck disable=SC2059 - printf "Available flink modes: $(basename "$0") jobmanager,${COMMAND_STANDALONE},taskmanager,${COMMAND_HISTORY_SERVER}\n" - # shellcheck disable=SC2059 - printf "Usage: FLINK_MODE=(jobmanager|${COMMAND_STANDALONE}|taskmanager|${COMMAND_HISTORY_SERVER})\n\n" - printf "By default, the Apache Flink Packaged by Bitnami image will run in jobmanager mode.\n" - printf "Also, by default, Apache Flink Packaged by Bitnami image adopts jemalloc as default memory allocator. This behavior can be disabled by setting the 'DISABLE_JEMALLOC' environment variable to 'true'.\n" - exit 0 -elif [[ "$FLINK_MODE" = "jobmanager" ]]; then - - info "** Starting Apache Flink Job Manager" - - cmd="$FLINK_HOME/bin/jobmanager.sh" - args=("start-foreground" "${args[@]}") -elif [[ "$FLINK_MODE" = "${COMMAND_STANDALONE}" ]]; then - - info "** Starting Apache Flink Job Manager" - - cmd="$FLINK_HOME/bin/standalone-job.sh" - args=("start-foreground" "${args[@]}") -elif [[ "$FLINK_MODE" = "${COMMAND_HISTORY_SERVER}" ]]; then - - info "** Starting Apache Flink History Server" - - cmd="$FLINK_HOME/bin/historyserver.sh" - args=("start-foreground" "${args[@]}") -elif [[ "$FLINK_MODE" = "taskmanager" ]]; then - - info "** Starting Apache Flink Task Manager" - - cmd="$FLINK_HOME/bin/taskmanager.sh" - args=("start-foreground" "${args[@]}") -else - error "Flink mode not recognized" - exit 1 -fi - -# Running command -if am_i_root; then - exec_as_user "$FLINK_DAEMON_USER" "${cmd[@]}" "${args[@]}" -else - exec "${cmd[@]}" "${args[@]}" -fi diff --git a/bitnami/flink/1/debian-11/rootfs/opt/bitnami/scripts/flink/setup.sh b/bitnami/flink/1/debian-11/rootfs/opt/bitnami/scripts/flink/setup.sh deleted file mode 100755 index 3644f66a3d35..000000000000 --- a/bitnami/flink/1/debian-11/rootfs/opt/bitnami/scripts/flink/setup.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libflink.sh - -# Load Apache Flink environment variables -. /opt/bitnami/scripts/flink-env.sh - -# Ensure Flink environment variables are valid -flink_validate - -# Ensure Flink is initialized -flink_initialize diff --git a/bitnami/flink/1/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh b/bitnami/flink/1/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh deleted file mode 100755 index c3a1e2383fa1..000000000000 --- a/bitnami/flink/1/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -print_welcome_page - -echo "" -exec "$@" diff --git a/bitnami/flink/1/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh b/bitnami/flink/1/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh deleted file mode 100755 index 52dbf4f13673..000000000000 --- a/bitnami/flink/1/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh - -# -# Java post-unpack operations -# - -# Override default files in the Java security directory. This is used for -# custom base images (with custom CA certificates or block lists is used) - -if [[ -n "${JAVA_EXTRA_SECURITY_DIR:-}" ]] && ! is_dir_empty "$JAVA_EXTRA_SECURITY_DIR"; then - info "Adding custom CAs to the Java security folder" - cp -Lr "${JAVA_EXTRA_SECURITY_DIR}/." /opt/bitnami/java/lib/security -fi diff --git a/bitnami/flink/1/debian-11/rootfs/opt/bitnami/scripts/libflink.sh b/bitnami/flink/1/debian-11/rootfs/opt/bitnami/scripts/libflink.sh deleted file mode 100644 index d6c6aecc4d60..000000000000 --- a/bitnami/flink/1/debian-11/rootfs/opt/bitnami/scripts/libflink.sh +++ /dev/null @@ -1,217 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Apache Flink library - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/libpersistence.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libservice.sh - -######################## -# Set a config option into the Flink configuration specified file. -# Globals: -# FLINK_* -# Arguments: -# $1 - Property -# $2 - Value -# Returns: -# None -######################### -flink_set_config_option() { - local option=$1 - local value=$2 - - # escape periods for usage in regular expressions - # shellcheck disable=SC2001 - # shellcheck disable=SC2155 - local escaped_option=$(echo "${option}" | sed -e "s/\./\\\./g") - - # either override an existing entry, or append a new one - if grep -E "^${escaped_option}:.*" "${FLINK_CONF_FILE_PATH}" > /dev/null; then - replace_in_file "$FLINK_CONF_FILE_PATH" "${escaped_option}:.*" "${option}: ${value}" - else - echo "${option}: ${value}" >> "${FLINK_CONF_FILE_PATH}" - fi -} - -######################## -# Validate settings in FLINK_* env vars -# Globals: -# FLINK_* -# Arguments: -# None -# Returns: -# 0 if the validation succeeded, 1 otherwise -######################### -flink_validate() { - debug "Validating settings in FLINK_* environment variables..." - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - check_valid_positive_int() { - local -r port_var="${1:?missing port variable}" - local err - if ! err="$(is_positive_int "${port_var}")"; then - print_validation_error "An invalid positive integer was specified in the environment variable ${port_var}: ${err}." - fi - } - - check_valid_positive_int "$FLINK_TASK_MANAGER_NUMBER_OF_TASK_SLOTS" - - return "$error_code" -} - -######################## -# Configure Flink configuration files from environment variables -# Globals: -# FLINK_* -# Arguments: -# None -# Returns: -# None -######################### -flink_configure_from_environment_variables() { - # Map environment variables to config properties - for var in "${!FLINK_CFG_@}"; do - key="$(echo "$var" | sed -e 's/^FLINK_CFG_//g' -e 's/__/\-/g' | sed -e 's/^FLINK_CFG_//g' -e 's/_/\./g' | tr '[:upper:]' '[:lower:]')" - # Exception for the camel case in this environment variable - [[ "$var" == "FLINK_CFG_HIGH__AVAILABILITY_STORAGE_DIR" ]] && key="high-availability.storageDir" - - value="${!var}" - flink_set_config_option "$key" "$value" - done -} - -######################## -# Initialize Flink configuration -# Globals: -# FLINK_* -# Arguments: -# None -# Returns: -# None -######################### -flink_initialize() { - local -r app_name="flink" - - flink_setup_jemalloc - - if ! is_app_initialized "$app_name"; then - # Ensure Discourse persisted directories exist (i.e. when a volume has been mounted to /bitnami) - info "Ensuring Flink directories exist" - ensure_dir_exists "$FLINK_VOLUME_DIR" - # Use daemon:root ownership for compatibility when running as a non-root user - am_i_root && configure_permissions_ownership "$FLINK_VOLUME_DIR" -d "775" -f "664" -u "$FLINK_DAEMON_USER" -g "$FLINK_DAEMON_GROUP" - - flink_prepare_configuration - - info "Persisting Flink installation" - persist_app "$app_name" "$FLINK_DATA_TO_PERSIST" - else - info "Restoring persisted Flink installation" - restore_persisted_app "$app_name" "$FLINK_DATA_TO_PERSIST" - fi -} - -######################## -# Prepare basic configuration options -# Globals: -# FLINK_* -# Arguments: -# None -# Returns: -# None -######################### -flink_prepare_configuration() { - # Emulate upstream logic and initial config - flink_set_config_option blob.server.port 6124 - flink_set_config_option query.server.port 6125 - - if [[ -n "${FLINK_TASK_MANAGER_NUMBER_OF_TASK_SLOTS}" ]]; then - flink_set_config_option taskmanager.numberOfTaskSlots "${FLINK_TASK_MANAGER_NUMBER_OF_TASK_SLOTS}" - fi - - if [[ -n "${FLINK_PROPERTIES}" ]]; then - echo "${FLINK_PROPERTIES}" >> "${FLINK_CONF_FILE_PATH}" - fi - - flink_configure_from_environment_variables - - envsubst < "${FLINK_CONF_FILE_PATH}" > "${FLINK_CONF_FILE_PATH}.tmp" && mv "${FLINK_CONF_FILE_PATH}.tmp" "${FLINK_CONF_FILE_PATH}" -} - -######################## -# Find the path to the libjemalloc library file -# Globals: -# None -# Arguments: -# None -# Returns: -# Path to a libjemalloc shared object file -######################### -find_jemalloc_lib() { - local -a locations=( "/usr/lib" "/usr/lib64" ) - local -r pattern='libjemalloc.so.[0-9]' - local path - for dir in "${locations[@]}"; do - # Find the first element matching the pattern and quit - [[ ! -d "$dir" ]] && continue - path="$(find "$dir" -name "$pattern" -print -quit)" - [[ -n "$path" ]] && break - done - echo "${path:-}" -} - -######################## -# Configure jemalloc path (ignored if flink-env.sh is mounted) -# Globals: -# FLINK_* -# Arguments: -# None -# Returns: -# None -######################### -flink_setup_jemalloc() { - if [[ -n "$(find_jemalloc_lib)" ]]; then - # shellcheck disable=SC2155 - export LD_PRELOAD=$(find_jemalloc_lib) - else - warn "Couldn't find jemalloc installed. Skipping jemalloc configuration." - fi -} - -######################## -# Check if Flink daemon is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_flink_running() { - local -r pid="$(get_pid_from_file "$FLINK_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if Flink daemon is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_flink_not_running() { - ! is_flink_running -} diff --git a/bitnami/flink/1/debian-11/tags-info.yaml b/bitnami/flink/1/debian-11/tags-info.yaml deleted file mode 100644 index 235690a8afff..000000000000 --- a/bitnami/flink/1/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "1" -- 1-debian-11 -- 1.18.1 -- latest diff --git a/bitnami/fluent-bit/2/debian-11/Dockerfile b/bitnami/fluent-bit/2/debian-11/Dockerfile deleted file mode 100644 index 3c7d503730b1..000000000000 --- a/bitnami/fluent-bit/2/debian-11/Dockerfile +++ /dev/null @@ -1,56 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T01:38:58Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="2.2.2-debian-11-r22" \ - org.opencontainers.image.title="fluent-bit" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="2.2.2" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libgcc-s1 libgcrypt20 libgpg-error0 liblz4-1 liblzma5 libsasl2-2 libssl1.1 libsystemd0 libyaml-0-2 libzstd1 procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "fluent-bit-2.2.2-2-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN chown -R 1001:1001 /opt/bitnami/fluent-bit - -ENV APP_VERSION="2.2.2" \ - BITNAMI_APP_NAME="fluent-bit" \ - PATH="/opt/bitnami/fluent-bit/bin:$PATH" - -EXPOSE 2020 - -WORKDIR /opt/bitnami/fluent-bit -USER 1001 -ENTRYPOINT [ "fluent-bit" ] -CMD [ "-c", "/opt/bitnami/fluent-bit/conf/fluent-bit.conf" ] diff --git a/bitnami/fluent-bit/2/debian-11/docker-compose.yml b/bitnami/fluent-bit/2/debian-11/docker-compose.yml deleted file mode 100644 index 498d4699b3f0..000000000000 --- a/bitnami/fluent-bit/2/debian-11/docker-compose.yml +++ /dev/null @@ -1,10 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' - -services: - fluent-bit: - image: docker.io/bitnami/fluent-bit:2 - ports: - - '2020:2020' diff --git a/bitnami/fluent-bit/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/fluent-bit/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index a16b0e4cd023..000000000000 --- a/bitnami/fluent-bit/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "fluent-bit": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.2.2-2" - } -} \ No newline at end of file diff --git a/bitnami/fluent-bit/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/fluent-bit/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/fluent-bit/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/fluent-bit/2/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/fluent-bit/2/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/fluent-bit/2/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/fluent-bit/2/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/fluent-bit/2/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/fluent-bit/2/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/fluent-bit/2/debian-11/tags-info.yaml b/bitnami/fluent-bit/2/debian-11/tags-info.yaml deleted file mode 100644 index a64c0bcaa86c..000000000000 --- a/bitnami/fluent-bit/2/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "2" -- 2-debian-11 -- 2.2.2 -- latest diff --git a/bitnami/fluentd/1/debian-11/Dockerfile b/bitnami/fluentd/1/debian-11/Dockerfile deleted file mode 100644 index d0bd0271f97d..000000000000 --- a/bitnami/fluentd/1/debian-11/Dockerfile +++ /dev/null @@ -1,59 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T01:40:18Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.16.3-debian-11-r24" \ - org.opencontainers.image.title="fluentd" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="1.16.3" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libcrypt1 libgcc-s1 libjemalloc-dev libreadline-dev libreadline8 libssl-dev libssl1.1 libstdc++6 libtinfo6 libyaml-dev procps sqlite3 zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "ruby-3.1.4-10-linux-${OS_ARCH}-debian-11" \ - "fluentd-1.16.3-2-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/fluentd/postunpack.sh -ENV APP_VERSION="1.16.3" \ - BITNAMI_APP_NAME="fluentd" \ - GEM_HOME="/opt/bitnami/fluentd" \ - PATH="/opt/bitnami/ruby/bin:/opt/bitnami/fluentd/bin:$PATH" - -EXPOSE 5140 24224 - -WORKDIR /opt/bitnami/fluentd -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/fluentd/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/fluentd/run.sh" ] diff --git a/bitnami/fluentd/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/fluentd/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 549a81d13b0a..000000000000 --- a/bitnami/fluentd/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "fluentd": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.16.3-2" - }, - "ruby": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.1.4-10" - } -} \ No newline at end of file diff --git a/bitnami/fluentd/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/fluentd/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/fluentd/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/fluentd/1/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/fluentd/1/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/fluentd/1/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/fluentd/1/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/fluentd/1/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/fluentd/1/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/fluentd/1/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/fluentd/1/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/fluentd/1/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/fluentd/1/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/fluentd/1/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/fluentd/1/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/fluentd/1/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/fluentd/1/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/fluentd/1/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/fluentd/1/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/fluentd/1/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/fluentd/1/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/fluentd/1/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/fluentd/1/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/fluentd/1/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/fluentd/1/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/fluentd/1/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/fluentd/1/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/fluentd/1/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/fluentd/1/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/fluentd/1/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/fluentd/1/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/fluentd/1/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/fluentd/1/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/fluentd/1/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/fluentd/1/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/fluentd/1/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/fluentd/1/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/fluentd/1/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/fluentd/1/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/fluentd/1/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/fluentd/1/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/fluentd/1/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/fluentd/1/debian-11/rootfs/opt/bitnami/fluentd/conf/fluentd.conf b/bitnami/fluentd/1/debian-11/rootfs/opt/bitnami/fluentd/conf/fluentd.conf deleted file mode 100644 index b50a86252896..000000000000 --- a/bitnami/fluentd/1/debian-11/rootfs/opt/bitnami/fluentd/conf/fluentd.conf +++ /dev/null @@ -1,36 +0,0 @@ - - @type forward - @id input1 - @label @mainstream - port 24224 - - - - @type stdout - - - - -# Include config files in the ./config.d directory -@include config.d/*.conf \ No newline at end of file diff --git a/bitnami/fluentd/1/debian-11/rootfs/opt/bitnami/scripts/fluentd/entrypoint.sh b/bitnami/fluentd/1/debian-11/rootfs/opt/bitnami/scripts/fluentd/entrypoint.sh deleted file mode 100755 index 17f1b5b71bf1..000000000000 --- a/bitnami/fluentd/1/debian-11/rootfs/opt/bitnami/scripts/fluentd/entrypoint.sh +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -#set -o xtrace - -# Load libraries -. /opt/bitnami/scripts/libfluentd.sh -. /opt/bitnami/scripts/libbitnami.sh - -# Load Fluentd environment -eval "$(fluentd_env)" - -print_welcome_page - -if [[ "$*" == *"/opt/bitnami/scripts/fluentd/run.sh"* ]]; then - info "** Starting Fluentd setup **" - /opt/bitnami/scripts/fluentd/setup.sh - info "** Fluentd setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/fluentd/1/debian-11/rootfs/opt/bitnami/scripts/fluentd/postunpack.sh b/bitnami/fluentd/1/debian-11/rootfs/opt/bitnami/scripts/fluentd/postunpack.sh deleted file mode 100755 index 79a73552dd25..000000000000 --- a/bitnami/fluentd/1/debian-11/rootfs/opt/bitnami/scripts/fluentd/postunpack.sh +++ /dev/null @@ -1,30 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -#set -o xtrace - -. /opt/bitnami/scripts/libfluentd.sh -. /opt/bitnami/scripts/libfs.sh - -# Load Fluentd environment -eval "$(fluentd_env)" - -for subdir in "gems" "specifications" "cache" "doc"; do - ensure_dir_exists "$FLUENTD_BASE_DIR/$subdir" - chmod -R g+rwX "$FLUENTD_BASE_DIR/$subdir" -done - -for dir in "$FLUENTD_CONF_DIR" "$FLUENTD_LOG_DIR" "$FLUENTD_PLUGINS_DIR"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" -done - -# Fluentd requires the /tmp directory to not be world-writable -# This ensures the sticky bit (t) is set -chmod +t /tmp diff --git a/bitnami/fluentd/1/debian-11/rootfs/opt/bitnami/scripts/fluentd/run.sh b/bitnami/fluentd/1/debian-11/rootfs/opt/bitnami/scripts/fluentd/run.sh deleted file mode 100755 index 29469dc4f603..000000000000 --- a/bitnami/fluentd/1/debian-11/rootfs/opt/bitnami/scripts/fluentd/run.sh +++ /dev/null @@ -1,35 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -#set -o xtrace - -# Load libraries -. /opt/bitnami/scripts/libfluentd.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Load Fluentd environment -eval "$(fluentd_env)" - -EXEC="$(command -v fluentd)" -args=("--config" "${FLUENTD_CONF_DIR}/${FLUENTD_CONF:-fluentd.conf}" "--plugin" "$FLUENTD_PLUGINS_DIR") - -# extra command line flags -if [[ -n "$FLUENTD_OPT" ]]; then - read -r -a envExtraFlags <<< "$FLUENTD_OPT" - args+=("${envExtraFlags[@]}") -fi - -info "** Starting Fluentd **" -if am_i_root && [[ "$FLUENTD_DAEMON_USER" != "root" ]]; then - info "Switching daemon from root to $FLUENTD_DAEMON_USER..." - exec_as_user "$FLUENTD_DAEMON_USER" "$EXEC" "${args[@]}" -else - exec "$EXEC" "${args[@]}" -fi diff --git a/bitnami/fluentd/1/debian-11/rootfs/opt/bitnami/scripts/fluentd/setup.sh b/bitnami/fluentd/1/debian-11/rootfs/opt/bitnami/scripts/fluentd/setup.sh deleted file mode 100755 index 4502ba123057..000000000000 --- a/bitnami/fluentd/1/debian-11/rootfs/opt/bitnami/scripts/fluentd/setup.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -#set -o xtrace - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libfluentd.sh - -# Load Fluentd environment -eval "$(fluentd_env)" - -if am_i_root && [[ "$FLUENTD_DAEMON_USER" != "root" ]]; then - debug "Ensuring $FLUENTD_DAEMON_USER:$FLUENTD_DAEMON_GROUP has ownership of required directories..." - # Ensure fluentd user and group exist when running as 'root' - ensure_user_exists "$FLUENTD_DAEMON_USER" --group "$FLUENTD_DAEMON_GROUP" - - # Ensure FLUENTD_DAEMON_USER has directory level permissions for installing fluentd plugins - for subdir in "gems" "specifications" "cache" "doc"; do - ensure_dir_exists "$FLUENTD_BASE_DIR/$subdir" - chown "$FLUENTD_DAEMON_USER:$FLUENTD_DAEMON_GROUP" "$FLUENTD_BASE_DIR/$subdir" - done - - # Ensure required directories exist and have the right persmissions - for dir in "$FLUENTD_LOG_DIR" "$FLUENTD_PLUGINS_DIR"; do - ensure_dir_exists "$dir" - chown "$FLUENTD_DAEMON_USER:$FLUENTD_DAEMON_GROUP" "$dir" - done -fi - -fluentd_custom_init_scripts diff --git a/bitnami/fluentd/1/debian-11/rootfs/opt/bitnami/scripts/libfluentd.sh b/bitnami/fluentd/1/debian-11/rootfs/opt/bitnami/scripts/libfluentd.sh deleted file mode 100644 index 74b887540d93..000000000000 --- a/bitnami/fluentd/1/debian-11/rootfs/opt/bitnami/scripts/libfluentd.sh +++ /dev/null @@ -1,76 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Fluentd library - -# shellcheck disable=SC1090,SC1091 - -######################## -# Load global variables used on Fluentd configuration. -# Globals: -# FLUENTD_* -# Arguments: -# None -# Returns: -# Series of exports to be used as 'eval' arguments -######################### -fluentd_env() { - cat <<"EOF" -# Bitnami debug -export MODULE=fluentd -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# Paths -export FLUENTD_BASE_DIR="/opt/bitnami/fluentd" -export FLUENTD_BIN_DIR="${FLUENTD_BASE_DIR}/bin" -export FLUENTD_CONF_DIR="${FLUENTD_BASE_DIR}/conf" -export FLUENTD_LOG_DIR="${FLUENTD_BASE_DIR}/logs" -export FLUENTD_PLUGINS_DIR="${FLUENTD_BASE_DIR}/plugins" -export FLUENTD_INITSCRIPTS_DIR="/docker-entrypoint-initdb.d" - -# Users -export FLUENTD_DAEMON_USER="${FLUENTD_DAEMON_USER:-fluentd}" -export FLUENTD_DAEMON_GROUP="${FLUENTD_DAEMON_GROUP:-fluentd}" - -# Configuration -export FLUENTD_CONF="${FLUENTD_CONF:-}" -export FLUENTD_OPT="${FLUENTD_OPT:-}" -EOF -} - -######################## -# Run custom initialization scripts -# Globals: -# FLUENTD_* -# Arguments: -# None -# Returns: -# None -######################### -fluentd_custom_init_scripts() { - if [[ -n $(find "${FLUENTD_INITSCRIPTS_DIR}/" -type f -regex ".*\.sh") ]]; then - info "Loading user's custom files from $FLUENTD_INITSCRIPTS_DIR ..." - local -r tmp_file="/tmp/filelist" - find "${FLUENTD_INITSCRIPTS_DIR}/" -type f -regex ".*\.sh" | sort >"$tmp_file" - while read -r f; do - case "$f" in - *.sh) - if [[ -x "$f" ]]; then - debug "Executing $f" - "$f" - else - debug "Sourcing $f" - . "$f" - fi - ;; - *) - debug "Ignoring $f" - ;; - esac - done <$tmp_file - rm -f "$tmp_file" - else - info "No custom scripts in $FLUENTD_INITSCRIPTS_DIR" - fi -} diff --git a/bitnami/fluentd/1/debian-11/tags-info.yaml b/bitnami/fluentd/1/debian-11/tags-info.yaml deleted file mode 100644 index 278df8920ebf..000000000000 --- a/bitnami/fluentd/1/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "1" -- 1-debian-11 -- 1.16.3 -- latest diff --git a/bitnami/fluxcd-helm-controller/0/debian-11/Dockerfile b/bitnami/fluxcd-helm-controller/0/debian-11/Dockerfile deleted file mode 100644 index 5ff4b66fda20..000000000000 --- a/bitnami/fluxcd-helm-controller/0/debian-11/Dockerfile +++ /dev/null @@ -1,51 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T01:42:52Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="0.37.4-debian-11-r20" \ - org.opencontainers.image.title="fluxcd-helm-controller" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="0.37.4" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "fluxcd-helm-controller-0.37.4-2-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN useradd -r -u 1001 -g root fluxcd-helm-controller -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="0.37.4" \ - BITNAMI_APP_NAME="fluxcd-helm-controller" \ - PATH="/opt/bitnami/fluxcd-helm-controller/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/fluxcd-helm-controller/bin/helm-controller" ] diff --git a/bitnami/fluxcd-helm-controller/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/fluxcd-helm-controller/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 0c6539079f0d..000000000000 --- a/bitnami/fluxcd-helm-controller/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "fluxcd-helm-controller": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "0.37.4-2" - } -} \ No newline at end of file diff --git a/bitnami/fluxcd-helm-controller/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/fluxcd-helm-controller/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/fluxcd-helm-controller/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/fluxcd-helm-controller/0/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/fluxcd-helm-controller/0/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/fluxcd-helm-controller/0/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/fluxcd-helm-controller/0/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/fluxcd-helm-controller/0/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/fluxcd-helm-controller/0/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/fluxcd-helm-controller/0/debian-11/tags-info.yaml b/bitnami/fluxcd-helm-controller/0/debian-11/tags-info.yaml deleted file mode 100644 index d8a2ae0bb4a3..000000000000 --- a/bitnami/fluxcd-helm-controller/0/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "0" -- 0-debian-11 -- 0.37.4 -- latest diff --git a/bitnami/fluxcd-image-automation-controller/0/debian-11/Dockerfile b/bitnami/fluxcd-image-automation-controller/0/debian-11/Dockerfile deleted file mode 100644 index ae5e61339701..000000000000 --- a/bitnami/fluxcd-image-automation-controller/0/debian-11/Dockerfile +++ /dev/null @@ -1,51 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T01:43:51Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="0.37.1-debian-11-r20" \ - org.opencontainers.image.title="fluxcd-image-automation-controller" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="0.37.1" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "fluxcd-image-automation-controller-0.37.1-2-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN useradd -r -u 1001 -g root fluxcd-image-automation-controll -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="0.37.1" \ - BITNAMI_APP_NAME="fluxcd-image-automation-controller" \ - PATH="/opt/bitnami/fluxcd-image-automation-controller/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/fluxcd-image-automation-controller/bin/image-automation-controller" ] diff --git a/bitnami/fluxcd-image-automation-controller/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/fluxcd-image-automation-controller/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 5311389606e2..000000000000 --- a/bitnami/fluxcd-image-automation-controller/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "fluxcd-image-automation-controller": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "0.37.1-2" - } -} \ No newline at end of file diff --git a/bitnami/fluxcd-image-automation-controller/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/fluxcd-image-automation-controller/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/fluxcd-image-automation-controller/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/fluxcd-image-automation-controller/0/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/fluxcd-image-automation-controller/0/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/fluxcd-image-automation-controller/0/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/fluxcd-image-automation-controller/0/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/fluxcd-image-automation-controller/0/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/fluxcd-image-automation-controller/0/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/fluxcd-image-automation-controller/0/debian-11/tags-info.yaml b/bitnami/fluxcd-image-automation-controller/0/debian-11/tags-info.yaml deleted file mode 100644 index 46ecb1b62ca7..000000000000 --- a/bitnami/fluxcd-image-automation-controller/0/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "0" -- 0-debian-11 -- 0.37.1 -- latest diff --git a/bitnami/fluxcd-image-reflector-controller/0/debian-11/Dockerfile b/bitnami/fluxcd-image-reflector-controller/0/debian-11/Dockerfile deleted file mode 100644 index 0e854b810392..000000000000 --- a/bitnami/fluxcd-image-reflector-controller/0/debian-11/Dockerfile +++ /dev/null @@ -1,51 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T01:46:52Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="0.31.2-debian-11-r21" \ - org.opencontainers.image.title="fluxcd-image-reflector-controller" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="0.31.2" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "fluxcd-image-reflector-controller-0.31.2-2-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN useradd -r -u 1001 -g root fluxcd-image-reflector-controlle -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="0.31.2" \ - BITNAMI_APP_NAME="fluxcd-image-reflector-controller" \ - PATH="/opt/bitnami/fluxcd-image-reflector-controller/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/fluxcd-image-reflector-controller/bin/image-reflector-controller" ] diff --git a/bitnami/fluxcd-image-reflector-controller/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/fluxcd-image-reflector-controller/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 68cae5462bd8..000000000000 --- a/bitnami/fluxcd-image-reflector-controller/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "fluxcd-image-reflector-controller": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "0.31.2-2" - } -} \ No newline at end of file diff --git a/bitnami/fluxcd-image-reflector-controller/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/fluxcd-image-reflector-controller/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/fluxcd-image-reflector-controller/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/fluxcd-image-reflector-controller/0/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/fluxcd-image-reflector-controller/0/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/fluxcd-image-reflector-controller/0/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/fluxcd-image-reflector-controller/0/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/fluxcd-image-reflector-controller/0/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/fluxcd-image-reflector-controller/0/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/fluxcd-image-reflector-controller/0/debian-11/tags-info.yaml b/bitnami/fluxcd-image-reflector-controller/0/debian-11/tags-info.yaml deleted file mode 100644 index 1fea0a5b1178..000000000000 --- a/bitnami/fluxcd-image-reflector-controller/0/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "0" -- 0-debian-11 -- 0.31.2 -- latest diff --git a/bitnami/fluxcd-kustomize-controller/1/debian-11/Dockerfile b/bitnami/fluxcd-kustomize-controller/1/debian-11/Dockerfile deleted file mode 100644 index c472aac3236d..000000000000 --- a/bitnami/fluxcd-kustomize-controller/1/debian-11/Dockerfile +++ /dev/null @@ -1,51 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T04:17:25Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.2.2-debian-11-r19" \ - org.opencontainers.image.title="fluxcd-kustomize-controller" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="1.2.2" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl git gnupg openssh-client procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "fluxcd-kustomize-controller-1.2.2-2-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN useradd -r -u 1001 -g root fluxcd-kustomize-controller -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="1.2.2" \ - BITNAMI_APP_NAME="fluxcd-kustomize-controller" \ - PATH="/opt/bitnami/fluxcd-kustomize-controller/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/fluxcd-kustomize-controller/bin/kustomize-controller" ] diff --git a/bitnami/fluxcd-kustomize-controller/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/fluxcd-kustomize-controller/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 784d0ce41ed9..000000000000 --- a/bitnami/fluxcd-kustomize-controller/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "fluxcd-kustomize-controller": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.2.2-2" - } -} \ No newline at end of file diff --git a/bitnami/fluxcd-kustomize-controller/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/fluxcd-kustomize-controller/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/fluxcd-kustomize-controller/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/fluxcd-kustomize-controller/1/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/fluxcd-kustomize-controller/1/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/fluxcd-kustomize-controller/1/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/fluxcd-kustomize-controller/1/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/fluxcd-kustomize-controller/1/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/fluxcd-kustomize-controller/1/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/fluxcd-kustomize-controller/1/debian-11/tags-info.yaml b/bitnami/fluxcd-kustomize-controller/1/debian-11/tags-info.yaml deleted file mode 100644 index d6f2323b3962..000000000000 --- a/bitnami/fluxcd-kustomize-controller/1/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "1" -- 1-debian-11 -- 1.2.2 -- latest diff --git a/bitnami/fluxcd-notification-controller/1/debian-11/Dockerfile b/bitnami/fluxcd-notification-controller/1/debian-11/Dockerfile deleted file mode 100644 index 07c7cc0f423b..000000000000 --- a/bitnami/fluxcd-notification-controller/1/debian-11/Dockerfile +++ /dev/null @@ -1,51 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T01:58:06Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.2.4-debian-11-r21" \ - org.opencontainers.image.title="fluxcd-notification-controller" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="1.2.4" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "fluxcd-notification-controller-1.2.4-2-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN useradd -r -u 1001 -g root fluxcd-notification-controller -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="1.2.4" \ - BITNAMI_APP_NAME="fluxcd-notification-controller" \ - PATH="/opt/bitnami/fluxcd-notification-controller/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/fluxcd-notification-controller/bin/notification-controller" ] diff --git a/bitnami/fluxcd-notification-controller/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/fluxcd-notification-controller/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index b7f6dc528496..000000000000 --- a/bitnami/fluxcd-notification-controller/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "fluxcd-notification-controller": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.2.4-2" - } -} \ No newline at end of file diff --git a/bitnami/fluxcd-notification-controller/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/fluxcd-notification-controller/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/fluxcd-notification-controller/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/fluxcd-notification-controller/1/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/fluxcd-notification-controller/1/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/fluxcd-notification-controller/1/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/fluxcd-notification-controller/1/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/fluxcd-notification-controller/1/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/fluxcd-notification-controller/1/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/fluxcd-notification-controller/1/debian-11/tags-info.yaml b/bitnami/fluxcd-notification-controller/1/debian-11/tags-info.yaml deleted file mode 100644 index 49613146fe7d..000000000000 --- a/bitnami/fluxcd-notification-controller/1/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "1" -- 1-debian-11 -- 1.2.4 -- latest diff --git a/bitnami/fluxcd-source-controller/1/debian-11/Dockerfile b/bitnami/fluxcd-source-controller/1/debian-11/Dockerfile deleted file mode 100644 index 787963f423e5..000000000000 --- a/bitnami/fluxcd-source-controller/1/debian-11/Dockerfile +++ /dev/null @@ -1,51 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T01:42:14Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.2.4-debian-11-r20" \ - org.opencontainers.image.title="flux" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="1.2.4" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "flux-1.2.4-2-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN useradd -r -u 1001 -g root flux -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="1.2.4" \ - BITNAMI_APP_NAME="flux" \ - PATH="/opt/bitnami/flux/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/flux/bin/source-controller" ] diff --git a/bitnami/fluxcd-source-controller/1/debian-11/docker-compose.yml b/bitnami/fluxcd-source-controller/1/debian-11/docker-compose.yml deleted file mode 100644 index 7f547b51467b..000000000000 --- a/bitnami/fluxcd-source-controller/1/debian-11/docker-compose.yml +++ /dev/null @@ -1,8 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' - -services: - fluxcd-source-controller: - image: diff --git a/bitnami/fluxcd-source-controller/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/fluxcd-source-controller/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 2d67b854c4cd..000000000000 --- a/bitnami/fluxcd-source-controller/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "flux": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.2.4-2" - } -} \ No newline at end of file diff --git a/bitnami/fluxcd-source-controller/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/fluxcd-source-controller/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/fluxcd-source-controller/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/fluxcd-source-controller/1/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/fluxcd-source-controller/1/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/fluxcd-source-controller/1/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/fluxcd-source-controller/1/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/fluxcd-source-controller/1/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/fluxcd-source-controller/1/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/fluxcd-source-controller/1/debian-11/tags-info.yaml b/bitnami/fluxcd-source-controller/1/debian-11/tags-info.yaml deleted file mode 100644 index 49613146fe7d..000000000000 --- a/bitnami/fluxcd-source-controller/1/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "1" -- 1-debian-11 -- 1.2.4 -- latest diff --git a/bitnami/ghost/5/debian-11/Dockerfile b/bitnami/ghost/5/debian-11/Dockerfile deleted file mode 100644 index 6febe312ffc3..000000000000 --- a/bitnami/ghost/5/debian-11/Dockerfile +++ /dev/null @@ -1,60 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T02:00:19Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="5.79.4-debian-11-r0" \ - org.opencontainers.image.title="ghost" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="5.79.4" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages acl ca-certificates curl jq libaudit1 libbz2-1.0 libcap-ng0 libcom-err2 libcrypt1 libffi7 libgcc-s1 libgssapi-krb5-2 libicu67 libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 liblzma5 libncurses6 libncursesw6 libnsl2 libpam0g libreadline8 libsqlite3-0 libssl1.1 libstdc++6 libtinfo6 libtirpc3 libxml2 procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "python-3.11.8-0-linux-${OS_ARCH}-debian-11" \ - "node-18.19.1-0-linux-${OS_ARCH}-debian-11" \ - "mysql-client-10.11.7-0-linux-${OS_ARCH}-debian-11" \ - "ghost-5.79.4-0-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/ghost/postunpack.sh -RUN /opt/bitnami/scripts/mysql-client/postunpack.sh -ENV APP_VERSION="5.79.4" \ - BITNAMI_APP_NAME="ghost" \ - PATH="/opt/bitnami/python/bin:/opt/bitnami/node/bin:/opt/bitnami/mysql/bin:/opt/bitnami/ghost/bin:$PATH" - -EXPOSE 2368 3000 - -WORKDIR /opt/bitnami/ghost -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/ghost/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/ghost/run.sh" ] diff --git a/bitnami/ghost/5/debian-11/docker-compose.yml b/bitnami/ghost/5/debian-11/docker-compose.yml deleted file mode 100644 index 7d5af242538e..000000000000 --- a/bitnami/ghost/5/debian-11/docker-compose.yml +++ /dev/null @@ -1,34 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' -services: - mysql: - image: docker.io/bitnami/mysql:8.0 - volumes: - - 'mysql_data:/bitnami/mysql' - environment: - # ALLOW_EMPTY_PASSWORD is recommended only for development. - - ALLOW_EMPTY_PASSWORD=yes - - MYSQL_USER=bn_ghost - - MYSQL_DATABASE=bitnami_ghost - ghost: - image: docker.io/bitnami/ghost:5 - ports: - - '80:2368' - volumes: - - 'ghost_data:/bitnami/ghost' - depends_on: - - mysql - environment: - # ALLOW_EMPTY_PASSWORD is recommended only for development. - - ALLOW_EMPTY_PASSWORD=yes - - GHOST_DATABASE_HOST=mysql - - GHOST_DATABASE_PORT_NUMBER=3306 - - GHOST_DATABASE_USER=bn_ghost - - GHOST_DATABASE_NAME=bitnami_ghost -volumes: - mysql_data: - driver: local - ghost_data: - driver: local diff --git a/bitnami/ghost/5/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/ghost/5/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index e372a9f901e0..000000000000 --- a/bitnami/ghost/5/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,26 +0,0 @@ -{ - "ghost": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "5.79.4-0" - }, - "mysql-client": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "10.11.7-0" - }, - "node": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "18.19.1-0" - }, - "python": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.11.8-0" - } -} \ No newline at end of file diff --git a/bitnami/ghost/5/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/ghost/5/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/ghost/5/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/ghost/5/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/ghost/5/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/ghost/5/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/ghost/5/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/ghost/5/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/ghost/5/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/ghost/5/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/ghost/5/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/ghost/5/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/ghost/5/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/ghost/5/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/ghost/5/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/ghost/5/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/ghost/5/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/ghost/5/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/ghost/5/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/ghost/5/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/ghost/5/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/ghost/5/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/ghost/5/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/ghost/5/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/ghost/5/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/ghost/5/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/ghost/5/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/ghost/5/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/ghost/5/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/ghost/5/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/ghost/5/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/ghost/5/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/ghost/5/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/ghost/5/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/ghost/5/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/ghost/5/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/ghost/5/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/ghost/5/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/ghost/5/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/ghost/5/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/ghost/5/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/ghost/5/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/ghost/5/debian-11/rootfs/opt/bitnami/ghost/nss-wrapper/nss_group b/bitnami/ghost/5/debian-11/rootfs/opt/bitnami/ghost/nss-wrapper/nss_group deleted file mode 100644 index 60c3f318a1be..000000000000 --- a/bitnami/ghost/5/debian-11/rootfs/opt/bitnami/ghost/nss-wrapper/nss_group +++ /dev/null @@ -1 +0,0 @@ -ghost:x:0: diff --git a/bitnami/ghost/5/debian-11/rootfs/opt/bitnami/ghost/nss-wrapper/nss_passwd b/bitnami/ghost/5/debian-11/rootfs/opt/bitnami/ghost/nss-wrapper/nss_passwd deleted file mode 100644 index 7b3a57a16acd..000000000000 --- a/bitnami/ghost/5/debian-11/rootfs/opt/bitnami/ghost/nss-wrapper/nss_passwd +++ /dev/null @@ -1 +0,0 @@ -ghost:x:1001:0:Ghost:/home/ghost:/bin/false diff --git a/bitnami/ghost/5/debian-11/rootfs/opt/bitnami/scripts/ghost-env.sh b/bitnami/ghost/5/debian-11/rootfs/opt/bitnami/scripts/ghost-env.sh deleted file mode 100644 index 50152d95bc3b..000000000000 --- a/bitnami/ghost/5/debian-11/rootfs/opt/bitnami/scripts/ghost-env.sh +++ /dev/null @@ -1,136 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for ghost - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-ghost}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -ghost_env_vars=( - GHOST_DATA_TO_PERSIST - GHOST_ENABLE_HTTPS - GHOST_EXTERNAL_HTTP_PORT_NUMBER - GHOST_EXTERNAL_HTTPS_PORT_NUMBER - GHOST_HOST - GHOST_PORT_NUMBER - GHOST_BLOG_TITLE - GHOST_SKIP_BOOTSTRAP - GHOST_USERNAME - GHOST_PASSWORD - GHOST_EMAIL - GHOST_SMTP_HOST - GHOST_SMTP_PORT_NUMBER - GHOST_SMTP_USER - GHOST_SMTP_PASSWORD - GHOST_SMTP_PROTOCOL - GHOST_DATABASE_HOST - GHOST_DATABASE_PORT_NUMBER - GHOST_DATABASE_NAME - GHOST_DATABASE_USER - GHOST_DATABASE_PASSWORD - GHOST_DATABASE_ENABLE_SSL - GHOST_DATABASE_SSL_CA_FILE - BLOG_TITLE - SMTP_HOST - SMTP_PORT - GHOST_SMTP_PORT - SMTP_USER - SMTP_PASSWORD - SMTP_PROTOCOL - MYSQL_HOST - MYSQL_PORT_NUMBER - MYSQL_DATABASE_NAME - MYSQL_DATABASE_USER - MYSQL_DATABASE_PASSWORD -) -for env_var in "${ghost_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset ghost_env_vars - -# Paths -export GHOST_BASE_DIR="${BITNAMI_ROOT_DIR}/ghost" -export GHOST_BIN_DIR="${GHOST_BASE_DIR}/bin" -export GHOST_LOG_FILE="${GHOST_BASE_DIR}/content/logs/ghost.log" -export GHOST_CONF_FILE="${GHOST_BASE_DIR}/config.production.json" -export GHOST_PID_FILE="${GHOST_BASE_DIR}/.ghostpid" -export PATH="${GHOST_BIN_DIR}:${BITNAMI_ROOT_DIR}/common/bin:${BITNAMI_ROOT_DIR}/node/bin:${PATH}" - -# Ghost persistence configuration -export GHOST_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/ghost" -export GHOST_DATA_TO_PERSIST="${GHOST_DATA_TO_PERSIST:-content config.production.json}" - -# System users (when running with a privileged user) -export GHOST_DAEMON_USER="ghost" -export GHOST_DAEMON_GROUP="ghost" - -# Ghost configuration -export GHOST_ENABLE_HTTPS="${GHOST_ENABLE_HTTPS:-no}" # only used during the first initialization -export GHOST_EXTERNAL_HTTP_PORT_NUMBER="${GHOST_EXTERNAL_HTTP_PORT_NUMBER:-80}" # only used during the first initialization -export GHOST_EXTERNAL_HTTPS_PORT_NUMBER="${GHOST_EXTERNAL_HTTPS_PORT_NUMBER:-443}" # only used during the first initialization -export GHOST_HOST="${GHOST_HOST:-localhost}" # only used during the first initialization -export GHOST_DEFAULT_PORT_NUMBER="2368" # only used at build time -export GHOST_PORT_NUMBER="${GHOST_PORT_NUMBER:-}" # only used during the first initialization -GHOST_BLOG_TITLE="${GHOST_BLOG_TITLE:-"${BLOG_TITLE:-}"}" -export GHOST_BLOG_TITLE="${GHOST_BLOG_TITLE:-"User's blog"}" # only used during the first initialization -export GHOST_SKIP_BOOTSTRAP="${GHOST_SKIP_BOOTSTRAP:-}" # only used during the first initialization - -# Ghost credentials -export GHOST_USERNAME="${GHOST_USERNAME:-user}" # only used during the first initialization -export GHOST_PASSWORD="${GHOST_PASSWORD:-bitnami123}" # only used during the first initialization -export GHOST_EMAIL="${GHOST_EMAIL:-user@example.com}" # only used during the first initialization - -# Ghost SMTP credentials -GHOST_SMTP_HOST="${GHOST_SMTP_HOST:-"${SMTP_HOST:-}"}" -export GHOST_SMTP_HOST="${GHOST_SMTP_HOST:-}" # only used during the first initialization -GHOST_SMTP_PORT_NUMBER="${GHOST_SMTP_PORT_NUMBER:-"${SMTP_PORT:-}"}" -GHOST_SMTP_PORT_NUMBER="${GHOST_SMTP_PORT_NUMBER:-"${GHOST_SMTP_PORT:-}"}" -export GHOST_SMTP_PORT_NUMBER="${GHOST_SMTP_PORT_NUMBER:-}" # only used during the first initialization -GHOST_SMTP_USER="${GHOST_SMTP_USER:-"${SMTP_USER:-}"}" -export GHOST_SMTP_USER="${GHOST_SMTP_USER:-}" # only used during the first initialization -GHOST_SMTP_PASSWORD="${GHOST_SMTP_PASSWORD:-"${SMTP_PASSWORD:-}"}" -export GHOST_SMTP_PASSWORD="${GHOST_SMTP_PASSWORD:-}" # only used during the first initialization -GHOST_SMTP_PROTOCOL="${GHOST_SMTP_PROTOCOL:-"${SMTP_PROTOCOL:-}"}" -export GHOST_SMTP_PROTOCOL="${GHOST_SMTP_PROTOCOL:-}" # only used during the first initialization - -# Database configuration -export GHOST_DEFAULT_DATABASE_HOST="mysql" # only used at build time -GHOST_DATABASE_HOST="${GHOST_DATABASE_HOST:-"${MYSQL_HOST:-}"}" -export GHOST_DATABASE_HOST="${GHOST_DATABASE_HOST:-$GHOST_DEFAULT_DATABASE_HOST}" # only used during the first initialization -GHOST_DATABASE_PORT_NUMBER="${GHOST_DATABASE_PORT_NUMBER:-"${MYSQL_PORT_NUMBER:-}"}" -export GHOST_DATABASE_PORT_NUMBER="${GHOST_DATABASE_PORT_NUMBER:-3306}" # only used during the first initialization -GHOST_DATABASE_NAME="${GHOST_DATABASE_NAME:-"${MYSQL_DATABASE_NAME:-}"}" -export GHOST_DATABASE_NAME="${GHOST_DATABASE_NAME:-bitnami_ghost}" # only used during the first initialization -GHOST_DATABASE_USER="${GHOST_DATABASE_USER:-"${MYSQL_DATABASE_USER:-}"}" -export GHOST_DATABASE_USER="${GHOST_DATABASE_USER:-bn_ghost}" # only used during the first initialization -GHOST_DATABASE_PASSWORD="${GHOST_DATABASE_PASSWORD:-"${MYSQL_DATABASE_PASSWORD:-}"}" -export GHOST_DATABASE_PASSWORD="${GHOST_DATABASE_PASSWORD:-}" # only used during the first initialization -export GHOST_DATABASE_ENABLE_SSL="${GHOST_DATABASE_ENABLE_SSL:-no}" # only used during the first initialization -export GHOST_DATABASE_SSL_CA_FILE="${GHOST_DATABASE_SSL_CA_FILE:-}" # only used during the first initialization - -# Custom environment variables may be defined below diff --git a/bitnami/ghost/5/debian-11/rootfs/opt/bitnami/scripts/ghost/entrypoint.sh b/bitnami/ghost/5/debian-11/rootfs/opt/bitnami/scripts/ghost/entrypoint.sh deleted file mode 100755 index c5da9b517b51..000000000000 --- a/bitnami/ghost/5/debian-11/rootfs/opt/bitnami/scripts/ghost/entrypoint.sh +++ /dev/null @@ -1,47 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load Ghost environment -. /opt/bitnami/scripts/ghost-env.sh - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -print_welcome_page - -# Configure libnss_wrapper based on the UID/GID used to run the container -# This container supports arbitrary UIDs, therefore we have do it dynamically -if ! am_i_root; then - export LNAME="ghost" - export LD_PRELOAD="/opt/bitnami/common/lib/libnss_wrapper.so" - if [[ -f "$LD_PRELOAD" ]]; then - info "Configuring libnss_wrapper" - NSS_WRAPPER_PASSWD="$(mktemp)" - export NSS_WRAPPER_PASSWD - NSS_WRAPPER_GROUP="$(mktemp)" - export NSS_WRAPPER_GROUP - echo "ghost:x:$(id -u):$(id -g):Ghost:/home/ghost:/bin/false" >"$NSS_WRAPPER_PASSWD" - echo "ghost:x:$(id -g):" >"$NSS_WRAPPER_GROUP" - chmod 400 "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP" - fi -fi - -if [[ "$1" = "/opt/bitnami/scripts/ghost/run.sh" ]]; then - /opt/bitnami/scripts/mysql-client/setup.sh - /opt/bitnami/scripts/ghost/setup.sh - /post-init.sh - info "** Ghost setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/ghost/5/debian-11/rootfs/opt/bitnami/scripts/ghost/postunpack.sh b/bitnami/ghost/5/debian-11/rootfs/opt/bitnami/scripts/ghost/postunpack.sh deleted file mode 100755 index d6a1ba42488e..000000000000 --- a/bitnami/ghost/5/debian-11/rootfs/opt/bitnami/scripts/ghost/postunpack.sh +++ /dev/null @@ -1,45 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load Ghost environment -. /opt/bitnami/scripts/ghost-env.sh - -# Load libraries -. /opt/bitnami/scripts/libghost.sh -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh - -# Ensure the Ghost base directory exists and has proper permissions -info "Configuring file permissions for Ghost" -# Ghost CLI creates a configuration file in the system user home directory: /home/ghost/.ghost/config -ensure_user_exists "$GHOST_DAEMON_USER" --group "$GHOST_DAEMON_GROUP" --system --home "/home/$GHOST_DAEMON_USER" - -declare -a writable_dirs=( - # Skipping GHOST_BASE_DIR intentionally because it contains a lot of files/folders that should not be writable - "$GHOST_VOLUME_DIR" - # Folders to persist - "${GHOST_BASE_DIR}/content" - # Folders that need to be writable for the app to work - "/.ghost" - "${GHOST_BASE_DIR}/content/logs" -) - -for dir in "${writable_dirs[@]}"; do - ensure_dir_exists "$dir" - # Use ghost:root ownership for compatibility when running as a non-root user - # Due to a limitation in "ghost start" and "ghost doctor" commands which doesn't check - # if the user has writing permissions properly, we need to set 777/666 permissions which - # is clearly a limitation in terms of security - configure_permissions_ownership "$dir" -d "777" -f "666" -u "$GHOST_DAEMON_USER" -g "root" -done -# Provide write permissions in installation directory (without doing it recursively) -chmod a+rwX "$GHOST_BASE_DIR" "${GHOST_BASE_DIR}/.ghost-cli" && chown "${GHOST_DAEMON_USER}:root" "$GHOST_BASE_DIR" "${GHOST_BASE_DIR}/.ghost-cli" diff --git a/bitnami/ghost/5/debian-11/rootfs/opt/bitnami/scripts/ghost/run.sh b/bitnami/ghost/5/debian-11/rootfs/opt/bitnami/scripts/ghost/run.sh deleted file mode 100755 index 4db2181547d5..000000000000 --- a/bitnami/ghost/5/debian-11/rootfs/opt/bitnami/scripts/ghost/run.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load Ghost environment -. /opt/bitnami/scripts/ghost-env.sh - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libghost.sh - -# Constants -declare -a args=("run" "$@") - -info "** Starting Ghost **" -cd "$GHOST_BASE_DIR" || false -if am_i_root; then - exec_as_user "$GHOST_DAEMON_USER" ghost "${args[@]}" -else - exec ghost "${args[@]}" -fi diff --git a/bitnami/ghost/5/debian-11/rootfs/opt/bitnami/scripts/ghost/setup.sh b/bitnami/ghost/5/debian-11/rootfs/opt/bitnami/scripts/ghost/setup.sh deleted file mode 100755 index 74a57f4b6a77..000000000000 --- a/bitnami/ghost/5/debian-11/rootfs/opt/bitnami/scripts/ghost/setup.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load Ghost environment -. /opt/bitnami/scripts/ghost-env.sh - -# Load MySQL Client environment for 'mysql_remote_execute' (after 'ghost-env.sh' so that MODULE is not set to a wrong value) -if [[ -f /opt/bitnami/scripts/mysql-client-env.sh ]]; then - . /opt/bitnami/scripts/mysql-client-env.sh -elif [[ -f /opt/bitnami/scripts/mysql-env.sh ]]; then - . /opt/bitnami/scripts/mysql-env.sh -elif [[ -f /opt/bitnami/scripts/mariadb-env.sh ]]; then - . /opt/bitnami/scripts/mariadb-env.sh -fi - -# Load libraries -. /opt/bitnami/scripts/libghost.sh - -# Ensure Ghost environment variables are valid -ghost_validate - -# Ensure Ghost is initialized -ghost_initialize diff --git a/bitnami/ghost/5/debian-11/rootfs/opt/bitnami/scripts/ghost/updatehost.sh b/bitnami/ghost/5/debian-11/rootfs/opt/bitnami/scripts/ghost/updatehost.sh deleted file mode 100755 index cebd3a223a3d..000000000000 --- a/bitnami/ghost/5/debian-11/rootfs/opt/bitnami/scripts/ghost/updatehost.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load Ghost environment -. /opt/bitnami/scripts/ghost-env.sh - -# Load libraries -. /opt/bitnami/scripts/libghost.sh - -DOMAIN="${1:?missing host}" - -# Configure host -ghost_configure_host "$DOMAIN" diff --git a/bitnami/ghost/5/debian-11/rootfs/opt/bitnami/scripts/libghost.sh b/bitnami/ghost/5/debian-11/rootfs/opt/bitnami/scripts/libghost.sh deleted file mode 100644 index af2a4df09164..000000000000 --- a/bitnami/ghost/5/debian-11/rootfs/opt/bitnami/scripts/libghost.sh +++ /dev/null @@ -1,463 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Ghost library - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libpersistence.sh -. /opt/bitnami/scripts/libservice.sh - -# Load database library -if [[ -f /opt/bitnami/scripts/libmysqlclient.sh ]]; then - . /opt/bitnami/scripts/libmysqlclient.sh -elif [[ -f /opt/bitnami/scripts/libmysql.sh ]]; then - . /opt/bitnami/scripts/libmysql.sh -elif [[ -f /opt/bitnami/scripts/libmariadb.sh ]]; then - . /opt/bitnami/scripts/libmariadb.sh -fi - -######################## -# Check if Ghost is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_ghost_running() { - local pid - - pgrep -f "^ghost" >"$GHOST_PID_FILE" - pid="$(get_pid_from_file "$GHOST_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if Ghost is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_ghost_not_running() { - ! is_ghost_running -} - -######################## -# Stop Ghost -# Arguments: -# None -# Returns: -# None -######################### -ghost_stop() { - is_ghost_not_running && return - - info "Stopping Ghost" - cd "$GHOST_BASE_DIR" || return 1 - if am_i_root; then - debug_execute run_as_user "$GHOST_DAEMON_USER" ghost stop - else - debug_execute ghost stop - fi -} - -######################## -# Start Ghost in background -# Arguments: -# None -# Returns: -# None -######################### -ghost_start_bg() { - is_ghost_running && return - - info "Starting Ghost in background" - cd "$GHOST_BASE_DIR" || return 1 - if am_i_root; then - touch "$GHOST_LOG_FILE" - configure_permissions_ownership "$GHOST_LOG_FILE" -u "$GHOST_DAEMON_USER" -g "$GHOST_DAEMON_GROUP" - run_as_user "$GHOST_DAEMON_USER" ghost start --no-enable >>"$GHOST_LOG_FILE" 2>&1 - else - ghost start --no-enable >>"$GHOST_LOG_FILE" 2>&1 - fi - wait_for_log_entry "Your admin interface is located at" "$GHOST_LOG_FILE" - sleep 5 -} - -######################## -# Validate settings in GHOST_* env vars -# Globals: -# GHOST_* -# Arguments: -# None -# Returns: -# 0 if the validation succeeded, 1 otherwise -######################### -ghost_validate() { - debug "Validating settings in GHOST_* environment variables..." - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - check_empty_value() { - if is_empty_value "${!1}"; then - print_validation_error "${1} must be set" - fi - } - check_yes_no_value() { - if ! is_yes_no_value "${!1}" && ! is_true_false_value "${!1}"; then - print_validation_error "The allowed values for ${1} are: yes no" - fi - } - check_multi_value() { - if [[ " ${2} " != *" ${!1} "* ]]; then - print_validation_error "The allowed values for ${1} are: ${2}" - fi - } - check_resolved_hostname() { - if ! is_hostname_resolved "$1"; then - warn "Hostname ${1} could not be resolved, this could lead to connection issues" - fi - } - check_valid_port() { - local port_var="${1:?missing port variable}" - local err - if ! err="$(validate_port "${!port_var}")"; then - print_validation_error "An invalid port was specified in the environment variable ${port_var}: ${err}." - fi - } - - # Validate user inputs - check_empty_value "GHOST_HOST" - ! is_empty_value "$GHOST_ENABLE_HTTPS" && check_yes_no_value "GHOST_ENABLE_HTTPS" - ! is_empty_value "$GHOST_SKIP_BOOTSTRAP" && check_yes_no_value "GHOST_SKIP_BOOTSTRAP" - ! is_empty_value "$GHOST_DATABASE_HOST" && check_resolved_hostname "$GHOST_DATABASE_HOST" - ! is_empty_value "$GHOST_DATABASE_PORT_NUMBER" && check_valid_port "GHOST_DATABASE_PORT_NUMBER" - - # Validate SSL configuration - ! is_empty_value "$GHOST_DATABASE_ENABLE_SSL" && check_yes_no_value "GHOST_DATABASE_ENABLE_SSL" - - # Validate credentials - check_empty_value "GHOST_PASSWORD" - # ref: https://github.com/TryGhost/Ghost/issues/9150 - if ((${#GHOST_PASSWORD} < 10)); then - print_validation_error "The admin password must be at least 10 characters long. Set the environment variable GHOST_PASSWORD with a longer value" - fi - if is_boolean_yes "${ALLOW_EMPTY_PASSWORD:-}"; then - warn "You set the environment variable ALLOW_EMPTY_PASSWORD=${ALLOW_EMPTY_PASSWORD:-}. For safety reasons, do not use this flag in a production environment." - else - is_empty_value "$GHOST_DATABASE_PASSWORD" && print_validation_error "The GHOST_DATABASE_PASSWORD environment variable is empty or not set. Set the environment variable ALLOW_EMPTY_PASSWORD=yes to allow a blank password. This is only recommended for development environments." - fi - - # Validate SMTP credentials - if ! is_empty_value "$GHOST_SMTP_HOST"; then - for empty_env_var in "GHOST_SMTP_USER" "GHOST_SMTP_PASSWORD"; do - is_empty_value "${!empty_env_var}" && warn "The ${empty_env_var} environment variable is empty or not set." - done - is_empty_value "$GHOST_SMTP_PORT_NUMBER" && print_validation_error "The GHOST_SMTP_PORT_NUMBER environment variable is empty or not set." - ! is_empty_value "$GHOST_SMTP_PORT_NUMBER" && check_valid_port "GHOST_SMTP_PORT_NUMBER" - ! is_empty_value "$GHOST_SMTP_PROTOCOL" && check_multi_value "GHOST_SMTP_PROTOCOL" "ssl tls" - fi - - return "$error_code" -} - -######################## -# Add or modify an entry in the Ghost configuration file -# Globals: -# GHOST_* -# Arguments: -# $1 - Variable name -# $2 - Value to assign to the variable -# $3 - YAML type (string, int, bool or json) -# Returns: -# None -######################### -ghost_conf_set() { - local -r key="${1:?Missing key}" - local -r value="${2:-}" - local -r type="${3:-string}" - local -r tempfile=$(mktemp) - - case "$type" in - string) - jq "(.${key}) |= \"${value}\"" "$GHOST_CONF_FILE" > "$tempfile" - ;; - int) - jq "(.${key}) |= (${value} | tonumber)" "$GHOST_CONF_FILE" > "$tempfile" - ;; - bool) - jq "(.${key}) |= (\"${value}\" | test(\"true\"))" "$GHOST_CONF_FILE" > "$tempfile" - ;; - json) - jq "(.${key}) |= ${value}" "$GHOST_CONF_FILE" > "$tempfile" - ;; - *) - error "Type unknown: ${type}" - return 1 - ;; - esac - cp "$tempfile" "$GHOST_CONF_FILE" -} - -######################## -# Get an entry from the Parse configuration file -# Globals: -# GHOST_* -# Arguments: -# $1 - Variable name -# Returns: -# None -######################### -ghost_conf_get() { - local -r key="${1:?key missing}" - debug "Getting ${key} from Ghost configuration" - jq -r ".${key}" "$GHOST_CONF_FILE" -} - -######################## -# Ensure Ghost is initialized -# Globals: -# GHOST_* -# Arguments: -# None -# Returns: -# None -######################### -ghost_initialize() { - # Check if Ghost has already been initialized and persisted in a previous run - local -r app_name="ghost" - local -r port="${GHOST_PORT_NUMBER:-"$GHOST_DEFAULT_PORT_NUMBER"}" - - if ! is_app_initialized "$app_name"; then - # Ensure Ghost persisted directories exist (i.e. when a volume has been mounted to /bitnami) - info "Ensuring Ghost directories exist" - ensure_dir_exists "$GHOST_VOLUME_DIR" - # Use ghost:root ownership for compatibility when running as a non-root user - am_i_root && configure_permissions_ownership "$GHOST_VOLUME_DIR" -d "775" -f "664" -u "$GHOST_DAEMON_USER" -g "root" - info "Trying to connect to the database server" - ghost_wait_for_mysql_connection "$GHOST_DATABASE_HOST" "$GHOST_DATABASE_PORT_NUMBER" "$GHOST_DATABASE_NAME" "$GHOST_DATABASE_USER" "$GHOST_DATABASE_PASSWORD" - # Configure database - info "Configuring database" - jq -n -r \ - --arg host "$GHOST_DATABASE_HOST" \ - --arg port "$GHOST_DATABASE_PORT_NUMBER" \ - --arg database "$GHOST_DATABASE_NAME" \ - --arg user "$GHOST_DATABASE_USER" \ - --arg password "$GHOST_DATABASE_PASSWORD" \ - '{ - "database": { - "client": "mysql", - "connection": { - host: $host, - port: $port|tonumber, - database: $database, - user: $user, - password: $password, - ssl: false - } - } - }' > "$GHOST_CONF_FILE" - - if ! is_empty_value "$GHOST_DATABASE_SSL_CA_FILE"; then - ca_json="{\"ca\": \"$(cat "${GHOST_DATABASE_SSL_CA_FILE}")\"}" - ghost_conf_set "database.connection.ssl" "$ca_json" "json" - elif is_boolean_yes "$GHOST_DATABASE_ENABLE_SSL"; then - ghost_conf_set "database.connection.ssl" true "bool" - fi - - am_i_root && chown "${GHOST_DAEMON_USER}:root" "$GHOST_CONF_FILE" - if ! is_boolean_yes "$GHOST_SKIP_BOOTSTRAP"; then - # Setup Ghost - # ref: https://ghost.org/docs/ghost-cli/#ghost-setup - info "Setting up Ghost" - cd "$GHOST_BASE_DIR" || false - local base_url - base_url="$(ghost_base_url "$GHOST_HOST")" - local -a setup_flags=( - "--no-setup-ssl" "--no-setup-nginx" "--no-setup-mysql" - "--no-setup-systemd" "--no-setup-linux-user" - "--url" "$base_url" - "--ip" "0.0.0.0" - "--port" "$port" - "--log" "file" - "--process" "local" "--no-prompt" "--no-start" "--no-enable" - ) - if am_i_root; then - debug_execute run_as_user "$GHOST_DAEMON_USER" ghost setup "${setup_flags[@]}" - else - debug_execute ghost setup "${setup_flags[@]}" - fi - # Configure Host - ghost_configure_host "$GHOST_HOST" - # Configure smtp - # https://ghost.org/docs/config/#mail - if ! is_empty_value "$GHOST_SMTP_HOST"; then - info "Configuring SMTP settings" - ghost_conf_set "mail.from" "$GHOST_EMAIL" - ghost_conf_set "mail.transport" "SMTP" - ghost_conf_set "mail.options.host" "$GHOST_SMTP_HOST" - ghost_conf_set "mail.options.port" "$GHOST_SMTP_PORT_NUMBER" "int" - ghost_conf_set "mail.options.secureConnection" "$([[ "$GHOST_SMTP_PROTOCOL" = "ssl" || "$GHOST_SMTP_PROTOCOL" = "tls" ]] && echo "true" || echo "false")" "bool" - ghost_conf_set "mail.options.auth.user" "$GHOST_SMTP_USER" - ghost_conf_set "mail.options.auth.pass" "$GHOST_SMTP_PASSWORD" - fi - # Configure Admin account - ghost_pass_wizard - mv "$GHOST_LOG_FILE" "${GHOST_BASE_DIR}/content/logs/ghost.setup.log" - else - info "An already initialized Ghost database was provided, configuration will be skipped" - fi - - info "Persisting Ghost installation" - persist_app "$app_name" "$GHOST_DATA_TO_PERSIST" - else - info "Restoring persisted Ghost installation" - restore_persisted_app "$app_name" "$GHOST_DATA_TO_PERSIST" - info "Trying to connect to the database server" - local db_host db_port db_name db_user db_pass - db_host="$(ghost_conf_get "database.connection.host")" - db_port="$(ghost_conf_get "database.connection.port")" - db_name="$(ghost_conf_get "database.connection.database")" - db_user="$(ghost_conf_get "database.connection.user")" - db_pass="$(ghost_conf_get "database.connection.password")" - ghost_wait_for_mysql_connection "$db_host" "$db_port" "$db_name" "$db_user" "$db_pass" - fi - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Wait until the database is accessible with the currently-known credentials -# Globals: -# * -# Arguments: -# $1 - database host -# $2 - database port -# $3 - database name -# $4 - database username -# $5 - database user password (optional) -# Returns: -# true if the database connection succeeded, false otherwise -######################### -ghost_wait_for_mysql_connection() { - local -r db_host="${1:?missing database host}" - local -r db_port="${2:?missing database port}" - local -r db_name="${3:?missing database name}" - local -r db_user="${4:?missing database user}" - local -r db_pass="${5:-}" - check_mysql_connection() { - echo "SELECT 1" | mysql_remote_execute "$db_host" "$db_port" "$db_name" "$db_user" "$db_pass" - } - if ! retry_while "check_mysql_connection"; then - error "Could not connect to the database" - return 1 - fi -} - -######################## -# Create Ghost user and set Ghost blog title passing the wizard -# Globals: -# GHOST_* -# Arguments: -# None -# Returns: -# true if the wizard succeeded, false otherwise -######################### -ghost_pass_wizard() { - local -r port="${GHOST_PORT_NUMBER:-"$GHOST_DEFAULT_PORT_NUMBER"}" - local wizard_url curl_output - local -a curl_opts curl_data_opts - - info "Passing admin user creation wizard" - # Ghost API reference: https://ghost.org/docs/admin-api/ - wizard_url="http://127.0.0.1:${port}/ghost/api/v3/admin/authentication/setup/" - curl_opts=( - "--silent" - "-H" "Content-Type: application/json" - "-H" "Cache-Control: no-cache" - ) - # Ensure Ghost is started - ghost_start_bg - # User creation & Blog Title configuration - data="$( - jq '.' </dev/null)" - debug_execute echo "$curl_output" - if [[ "$curl_output" != *"\"id\":\"1\",\"name\":\"${GHOST_USERNAME}\""* ]]; then - error "An error occurred while installing Ghost" - return 1 - fi - # Stop Ghost afterwards - ghost_stop -} - -######################### -# Returns Ghost base URL -# Globals: -# GHOST_* -# Arguments: -# $1 - host -# Returns: -# String -######################### -ghost_base_url() { - local host="${1:?missing host}" - local scheme - - if is_boolean_yes "$GHOST_ENABLE_HTTPS"; then - scheme="https" - [[ "$GHOST_EXTERNAL_HTTPS_PORT_NUMBER" != "443" ]] && host+=":${GHOST_EXTERNAL_HTTPS_PORT_NUMBER}" - else - scheme="http" - [[ "$GHOST_EXTERNAL_HTTP_PORT_NUMBER" != "80" ]] && host+=":${GHOST_EXTERNAL_HTTP_PORT_NUMBER}" - fi - echo "${scheme}://${host}" -} - -######################### -# Configure Ghost host -# Globals: -# GHOST_* -# Arguments: -# $1 - host -# Returns: -# None -######################### -ghost_configure_host() { - local -r host="${1:?missing host}" - local base_url - - base_url="$(ghost_base_url "$host")" - info "Configuring Ghost URL to ${base_url}" - ghost_conf_set "url" "$base_url" -} diff --git a/bitnami/ghost/5/debian-11/rootfs/opt/bitnami/scripts/libmysqlclient.sh b/bitnami/ghost/5/debian-11/rootfs/opt/bitnami/scripts/libmysqlclient.sh deleted file mode 100644 index fc8e6ee12d28..000000000000 --- a/bitnami/ghost/5/debian-11/rootfs/opt/bitnami/scripts/libmysqlclient.sh +++ /dev/null @@ -1,1094 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami MySQL Client library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh - -######################## -# Validate settings in MYSQL_CLIENT_* environment variables -# Globals: -# MYSQL_CLIENT_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_client_validate() { - info "Validating settings in MYSQL_CLIENT_* env vars" - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - empty_password_enabled_warn() { - warn "You set the environment variable ALLOW_EMPTY_PASSWORD=${ALLOW_EMPTY_PASSWORD}. For safety reasons, do not use this flag in a production environment." - } - empty_password_error() { - print_validation_error "The $1 environment variable is empty or not set. Set the environment variable ALLOW_EMPTY_PASSWORD=yes to allow the container to be started with blank passwords. This is recommended only for development." - } - backslash_password_error() { - print_validation_error "The password cannot contain backslashes ('\'). Set the environment variable $1 with no backslashes (more info at https://dev.mysql.com/doc/refman/8.0/en/string-comparison-functions.html)" - } - - check_yes_no_value() { - if ! is_yes_no_value "${!1}" && ! is_true_false_value "${!1}"; then - print_validation_error "The allowed values for ${1} are: yes no" - fi - } - - check_multi_value() { - if [[ " ${2} " != *" ${!1} "* ]]; then - print_validation_error "The allowed values for ${1} are: ${2}" - fi - } - - # Only validate environment variables if any action needs to be performed - check_yes_no_value "MYSQL_CLIENT_ENABLE_SSL_WRAPPER" - check_multi_value "MYSQL_CLIENT_FLAVOR" "mariadb mysql" - - if [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_USER" || -n "$MYSQL_CLIENT_CREATE_DATABASE_NAME" ]]; then - if is_boolean_yes "$ALLOW_EMPTY_PASSWORD"; then - empty_password_enabled_warn - else - if [[ -z "$MYSQL_CLIENT_DATABASE_ROOT_PASSWORD" ]]; then - empty_password_error "MYSQL_CLIENT_DATABASE_ROOT_PASSWORD" - fi - if [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_USER" ]] && [[ -z "$MYSQL_CLIENT_CREATE_DATABASE_PASSWORD" ]]; then - empty_password_error "MYSQL_CLIENT_CREATE_DATABASE_PASSWORD" - fi - fi - if [[ "${MYSQL_CLIENT_DATABASE_ROOT_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "MYSQL_CLIENT_DATABASE_ROOT_PASSWORD" - fi - if [[ "${MYSQL_CLIENT_CREATE_DATABASE_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "MYSQL_CLIENT_CREATE_DATABASE_PASSWORD" - fi - fi - return "$error_code" -} - -######################## -# Perform actions to a database -# Globals: -# DB_* -# MYSQL_CLIENT_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_client_initialize() { - # Wrap binary to force the usage of SSL - if is_boolean_yes "$MYSQL_CLIENT_ENABLE_SSL_WRAPPER"; then - mysql_client_wrap_binary_for_ssl - fi - # Wait for the database to be accessible if any action needs to be performed - if [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_USER" || -n "$MYSQL_CLIENT_CREATE_DATABASE_NAME" ]]; then - info "Trying to connect to the database server" - check_mysql_connection() { - echo "SELECT 1" | mysql_execute "mysql" "$MYSQL_CLIENT_DATABASE_ROOT_USER" "$MYSQL_CLIENT_DATABASE_ROOT_PASSWORD" "-h" "$MYSQL_CLIENT_DATABASE_HOST" "-P" "$MYSQL_CLIENT_DATABASE_PORT_NUMBER" - } - if ! retry_while "check_mysql_connection"; then - error "Could not connect to the database server" - return 1 - fi - fi - # Ensure a database user exists in the server - if [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_USER" ]]; then - info "Creating database user ${MYSQL_CLIENT_CREATE_DATABASE_USER}" - local -a args=("$MYSQL_CLIENT_CREATE_DATABASE_USER" "--host" "$MYSQL_CLIENT_DATABASE_HOST" "--port" "$MYSQL_CLIENT_DATABASE_PORT_NUMBER") - [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_PASSWORD" ]] && args+=("-p" "$MYSQL_CLIENT_CREATE_DATABASE_PASSWORD") - [[ -n "$MYSQL_CLIENT_DATABASE_AUTHENTICATION_PLUGIN" ]] && args+=("--auth-plugin" "$MYSQL_CLIENT_DATABASE_AUTHENTICATION_PLUGIN") - mysql_ensure_optional_user_exists "${args[@]}" - fi - # Ensure a database exists in the server (and that the user has write privileges, if specified) - if [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_NAME" ]]; then - info "Creating database ${MYSQL_CLIENT_CREATE_DATABASE_NAME}" - local -a createdb_args=("$MYSQL_CLIENT_CREATE_DATABASE_NAME" "--host" "$MYSQL_CLIENT_DATABASE_HOST" "--port" "$MYSQL_CLIENT_DATABASE_PORT_NUMBER") - [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_USER" ]] && createdb_args+=("-u" "$MYSQL_CLIENT_CREATE_DATABASE_USER") - [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_CHARACTER_SET" ]] && createdb_args+=("--character-set" "$MYSQL_CLIENT_CREATE_DATABASE_CHARACTER_SET") - [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_COLLATE" ]] && createdb_args+=("--collate" "$MYSQL_CLIENT_CREATE_DATABASE_COLLATE") - [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_PRIVILEGES" ]] && createdb_args+=("--privileges" "$MYSQL_CLIENT_CREATE_DATABASE_PRIVILEGES") - mysql_ensure_optional_database_exists "${createdb_args[@]}" - fi -} - -######################## -# Wrap binary to force the usage of SSL -# Globals: -# DB_* -# MYSQL_CLIENT_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_client_wrap_binary_for_ssl() { - local wrapper_file="${DB_BIN_DIR}/mysql" - # In MySQL Client 10.6, mysql is a link to the mariadb binary - if [[ -f "${DB_BIN_DIR}/mariadb" ]]; then - wrapper_file="${DB_BIN_DIR}/mariadb" - fi - local -r wrapped_binary_file="${DB_BASE_DIR}/.bin/mysql" - local -a ssl_opts=() - read -r -a ssl_opts <<<"$(mysql_client_extra_opts)" - - mv "$wrapper_file" "$wrapped_binary_file" - cat >"$wrapper_file" <> "$custom_conf_file" - cat "$old_custom_conf_file" >> "$custom_conf_file" - fi - if am_i_root; then - [[ -e "$DB_VOLUME_DIR/.initialized" ]] && rm "$DB_VOLUME_DIR/.initialized" - rm -rf "$DB_VOLUME_DIR/conf" - else - warn "Old custom configuration migrated, please manually remove the 'conf' directory from the volume use to persist data" - fi -} - -######################## -# Ensure a db user exists with the given password for the '%' host -# Globals: -# DB_* -# Flags: -# -p|--password - database password -# -u|--user - database user -# --auth-plugin - authentication plugin -# --use-ldap - authenticate user via LDAP -# --host - database host -# --port - database host -# Arguments: -# $1 - database user -# Returns: -# None -######################### -mysql_ensure_user_exists() { - local -r user="${1:?user is required}" - local password="" - local auth_plugin="" - local use_ldap="no" - local hosts - local auth_string="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -p|--password) - shift - password="${1:?missing database password}" - ;; - --auth-plugin) - shift - auth_plugin="${1:?missing authentication plugin}" - ;; - --use-ldap) - use_ldap="yes" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if is_boolean_yes "$use_ldap"; then - auth_string="identified via pam using '$DB_FLAVOR'" - elif [[ -n "$password" ]]; then - if [[ -n "$auth_plugin" ]]; then - auth_string="identified with $auth_plugin by '$password'" - else - auth_string="identified by '$password'" - fi - fi - debug "creating database user \'$user\'" - - local -a mysql_execute_cmd=("mysql_execute") - local -a mysql_execute_print_output_cmd=("mysql_execute_print_output") - if [[ -n "$db_host" && -n "$db_port" ]]; then - mysql_execute_cmd=("mysql_remote_execute" "$db_host" "$db_port") - mysql_execute_print_output_cmd=("mysql_remote_execute_print_output" "$db_host" "$db_port") - fi - - local mysql_create_user_cmd - [[ "$DB_FLAVOR" = "mariadb" ]] && mysql_create_user_cmd="create or replace user" || mysql_create_user_cmd="create user if not exists" - "${mysql_execute_cmd[@]}" "mysql" "$DB_ROOT_USER" "$DB_ROOT_PASSWORD" <=10.4, the mysql.user table was replaced with a view: https://mariadb.com/kb/en/mysqluser-table/ - # Views have a definer user, in this case set to 'root', which needs to exist for the view to work - # In MySQL, to avoid issues when renaming the root user, they use the 'mysql.sys' user as a definer: https://dev.mysql.com/doc/refman/5.7/en/sys-schema.html - # However, for MariaDB that is not the case, so when the 'root' user is renamed the 'mysql.user' table stops working and the view needs to be fixed - if [[ "$user" != "root" && ! "$(mysql_get_version)" =~ ^10.[0123]. ]]; then - alter_view_str="$(mysql_execute_print_output "mysql" "$user" "$password" "-s" <&2 - return 1 - ;; - esac - shift - done - - local -a mysql_execute_cmd=("mysql_execute") - [[ -n "$db_host" && -n "$db_port" ]] && mysql_execute_cmd=("mysql_remote_execute" "$db_host" "$db_port") - - local -a create_database_args=() - [[ -n "$character_set" ]] && create_database_args+=("character set = '${character_set}'") - [[ -n "$collate" ]] && create_database_args+=("collate = '${collate}'") - - debug "Creating database $database" - "${mysql_execute_cmd[@]}" "mysql" "$DB_ROOT_USER" "$DB_ROOT_PASSWORD" <&2 - return 1 - ;; - esac - shift - done - - local -a flags=("$user") - [[ -n "$db_host" ]] && flags+=("--host" "${db_host}") - [[ -n "$db_port" ]] && flags+=("--port" "${db_port}") - if is_boolean_yes "$use_ldap"; then - flags+=("--use-ldap") - elif [[ -n "$password" ]]; then - flags+=("-p" "$password") - [[ -n "$auth_plugin" ]] && flags=("${flags[@]}" "--auth-plugin" "$auth_plugin") - fi - mysql_ensure_user_exists "${flags[@]}" -} - -######################## -# Optionally create the given database, and then optionally give a user -# full privileges on the database. -# Flags: -# -u|--user - database user -# --character-set - character set -# --collation - collation -# --host - database host -# --port - database port -# Arguments: -# $1 - database name -# Returns: -# None -######################### -mysql_ensure_optional_database_exists() { - local -r database="${1:?database is missing}" - local character_set="" - local collate="" - local user="" - local privileges="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - --character-set) - shift - character_set="${1:?missing character set}" - ;; - --collate) - shift - collate="${1:?missing collate}" - ;; - -u|--user) - shift - user="${1:?missing database user}" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - --privileges) - shift - privileges="${1:?missing privileges}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - local -a flags=("$database") - [[ -n "$character_set" ]] && flags+=("--character-set" "$character_set") - [[ -n "$collate" ]] && flags+=("--collate" "$collate") - [[ -n "$db_host" ]] && flags+=("--host" "$db_host") - [[ -n "$db_port" ]] && flags+=("--port" "$db_port") - mysql_ensure_database_exists "${flags[@]}" - - if [[ -n "$user" ]]; then - mysql_ensure_user_has_database_privileges "$user" "$database" "$privileges" "$db_host" "$db_port" - fi -} - -######################## -# Add or modify an entry in the MySQL configuration file ("$DB_CONF_FILE") -# Globals: -# DB_* -# Arguments: -# $1 - MySQL variable name -# $2 - Value to assign to the MySQL variable -# $3 - Section in the MySQL configuration file the key is located (default: mysqld) -# $4 - Configuration file (default: "$BD_CONF_FILE") -# Returns: -# None -######################### -mysql_conf_set() { - local -r key="${1:?key missing}" - local -r value="${2:?value missing}" - read -r -a sections <<<"${3:-mysqld}" - local -r ignore_inline_comments="${4:-no}" - local -r file="${5:-"$DB_CONF_FILE"}" - info "Setting ${key} option" - debug "Setting ${key} to '${value}' in ${DB_FLAVOR} configuration file ${file}" - # Check if the configuration exists in the file - for section in "${sections[@]}"; do - if is_boolean_yes "$ignore_inline_comments"; then - ini-file set --ignore-inline-comments --section "$section" --key "$key" --value "$value" "$file" - else - ini-file set --section "$section" --key "$key" --value "$value" "$file" - fi - done -} - -######################## -# Update MySQL/MariaDB configuration file with user custom inputs -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_update_custom_config() { - # Persisted configuration files from old versions - ! is_dir_empty "$DB_VOLUME_DIR" && [[ -d "$DB_VOLUME_DIR/conf" ]] && mysql_migrate_old_configuration - - # User injected custom configuration - if [[ -f "$DB_CONF_DIR/my_custom.cnf" ]]; then - debug "Injecting custom configuration from my_custom.conf" - cat "$DB_CONF_DIR/my_custom.cnf" > "$DB_CONF_DIR/bitnami/my_custom.cnf" - fi - - ! is_empty_value "$DB_USER" && mysql_conf_set "user" "$DB_USER" "mysqladmin" - ! is_empty_value "$DB_PORT_NUMBER" && mysql_conf_set "port" "$DB_PORT_NUMBER" "mysqld client manager" - ! is_empty_value "$DB_CHARACTER_SET" && mysql_conf_set "character_set_server" "$DB_CHARACTER_SET" - ! is_empty_value "$DB_COLLATE" && mysql_conf_set "collation_server" "$DB_COLLATE" - ! is_empty_value "$DB_BIND_ADDRESS" && mysql_conf_set "bind_address" "$DB_BIND_ADDRESS" - ! is_empty_value "$DB_AUTHENTICATION_PLUGIN" && mysql_conf_set "default_authentication_plugin" "$DB_AUTHENTICATION_PLUGIN" - ! is_empty_value "$DB_SQL_MODE" && mysql_conf_set "sql_mode" "$DB_SQL_MODE" - ! is_empty_value "$DB_ENABLE_SLOW_QUERY" && mysql_conf_set "slow_query_log" "$DB_ENABLE_SLOW_QUERY" - ! is_empty_value "$DB_LONG_QUERY_TIME" && mysql_conf_set "long_query_time" "$DB_LONG_QUERY_TIME" - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Find the path to the libjemalloc library file -# Globals: -# None -# Arguments: -# None -# Returns: -# Path to a libjemalloc shared object file -######################### -find_jemalloc_lib() { - local -a locations=( "/usr/lib" "/usr/lib64" ) - local -r pattern='libjemalloc.so.[0-9]' - local path - for dir in "${locations[@]}"; do - # Find the first element matching the pattern and quit - [[ ! -d "$dir" ]] && continue - path="$(find "$dir" -name "$pattern" -print -quit)" - [[ -n "$path" ]] && break - done - echo "${path:-}" -} - -######################## -# Execute a reliable health check against the current mysql instance -# Globals: -# DB_ROOT_PASSWORD, DB_MASTER_ROOT_PASSWORD -# Arguments: -# None -# Returns: -# mysqladmin output -######################### -mysql_healthcheck() { - local args=("-uroot" "-h0.0.0.0") - local root_password - - root_password="$(get_master_env_var_value ROOT_PASSWORD)" - if [[ -n "$root_password" ]]; then - args+=("-p${root_password}") - fi - - mysqladmin "${args[@]}" ping && mysqladmin "${args[@]}" status -} - -######################## -# Prints flavor of 'mysql' client (useful to determine proper CLI flags that can be used) -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# mysql client flavor -######################### -mysql_client_flavor() { - if "${DB_BIN_DIR}/mysql" "--version" 2>&1 | grep -q MariaDB; then - echo "mariadb" - else - echo "mysql" - fi -} - -######################## -# Prints extra options for MySQL client calls (i.e. SSL options) -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# List of options to pass to "mysql" CLI -######################### -mysql_client_extra_opts() { - # Helper to get the proper value for the MySQL client environment variable - mysql_client_env_value() { - local env_name="MYSQL_CLIENT_${1:?missing name}" - if [[ -n "${!env_name:-}" ]]; then - echo "${!env_name:-}" - else - env_name="DB_CLIENT_${1}" - echo "${!env_name:-}" - fi - } - local -a opts=() - local key value - if is_boolean_yes "${DB_ENABLE_SSL:-no}"; then - if [[ "$(mysql_client_flavor)" = "mysql" ]]; then - opts+=("--ssl-mode=REQUIRED") - else - opts+=("--ssl=TRUE") - fi - # Add "--ssl-ca", "--ssl-key" and "--ssl-cert" options if the env vars are defined - for key in ca key cert; do - value="$(mysql_client_env_value "SSL_${key^^}_FILE")" - [[ -n "${value}" ]] && opts+=("--ssl-${key}=${value}") - done - fi - echo "${opts[@]:-}" -} diff --git a/bitnami/ghost/5/debian-11/rootfs/opt/bitnami/scripts/mysql-client-env.sh b/bitnami/ghost/5/debian-11/rootfs/opt/bitnami/scripts/mysql-client-env.sh deleted file mode 100644 index 5220ed4ea36d..000000000000 --- a/bitnami/ghost/5/debian-11/rootfs/opt/bitnami/scripts/mysql-client-env.sh +++ /dev/null @@ -1,128 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for mysql - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-mysql}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -mysql_env_vars=( - MYSQL_CLIENT_FLAVOR - ALLOW_EMPTY_PASSWORD - MYSQL_CLIENT_DATABASE_AUTHENTICATION_PLUGIN - MYSQL_CLIENT_DATABASE_HOST - MYSQL_CLIENT_DATABASE_PORT_NUMBER - MYSQL_CLIENT_DATABASE_ROOT_USER - MYSQL_CLIENT_DATABASE_ROOT_PASSWORD - MYSQL_CLIENT_CREATE_DATABASE_NAME - MYSQL_CLIENT_CREATE_DATABASE_USER - MYSQL_CLIENT_CREATE_DATABASE_PASSWORD - MYSQL_CLIENT_CREATE_DATABASE_CHARACTER_SET - MYSQL_CLIENT_CREATE_DATABASE_COLLATE - MYSQL_CLIENT_CREATE_DATABASE_PRIVILEGES - MYSQL_CLIENT_ENABLE_SSL_WRAPPER - MYSQL_CLIENT_ENABLE_SSL - MYSQL_CLIENT_SSL_CA_FILE - MYSQL_CLIENT_SSL_CERT_FILE - MYSQL_CLIENT_SSL_KEY_FILE - MYSQL_CLIENT_EXTRA_FLAGS - MARIADB_AUTHENTICATION_PLUGIN - MARIADB_HOST - MARIADB_PORT_NUMBER - MARIADB_ROOT_USER - MARIADB_ROOT_PASSWORD -) -for env_var in "${mysql_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset mysql_env_vars -export MYSQL_CLIENT_FLAVOR="${MYSQL_CLIENT_FLAVOR:-mariadb}" -export DB_FLAVOR="$MYSQL_CLIENT_FLAVOR" - -# Paths -export DB_BASE_DIR="${BITNAMI_ROOT_DIR}/mysql" -export DB_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/mysql" -export DB_DATA_DIR="${DB_VOLUME_DIR}/data" -export DB_BIN_DIR="${DB_BASE_DIR}/bin" -export DB_SBIN_DIR="${DB_BASE_DIR}/bin" -export DB_CONF_DIR="${DB_BASE_DIR}/conf" -export DB_DEFAULT_CONF_DIR="${DB_BASE_DIR}/conf.default" -export DB_LOGS_DIR="${DB_BASE_DIR}/logs" -export DB_TMP_DIR="${DB_BASE_DIR}/tmp" -export DB_CONF_FILE="${DB_CONF_DIR}/my.cnf" -export DB_PID_FILE="${DB_TMP_DIR}/mysqld.pid" -export DB_SOCKET_FILE="${DB_TMP_DIR}/mysql.sock" -export PATH="${DB_SBIN_DIR}:${DB_BIN_DIR}:/opt/bitnami/common/bin:${PATH}" - -# System users (when running with a privileged user) -export DB_DAEMON_USER="mysql" -export DB_DAEMON_GROUP="mysql" - -# MySQL client configuration -export ALLOW_EMPTY_PASSWORD="${ALLOW_EMPTY_PASSWORD:-no}" -MYSQL_CLIENT_DATABASE_AUTHENTICATION_PLUGIN="${MYSQL_CLIENT_DATABASE_AUTHENTICATION_PLUGIN:-"${MARIADB_AUTHENTICATION_PLUGIN:-}"}" -export MYSQL_CLIENT_DATABASE_AUTHENTICATION_PLUGIN="${MYSQL_CLIENT_DATABASE_AUTHENTICATION_PLUGIN:-}" -export DB_AUTHENTICATION_PLUGIN="$MYSQL_CLIENT_DATABASE_AUTHENTICATION_PLUGIN" -MYSQL_CLIENT_DATABASE_HOST="${MYSQL_CLIENT_DATABASE_HOST:-"${MARIADB_HOST:-}"}" -export MYSQL_CLIENT_DATABASE_HOST="${MYSQL_CLIENT_DATABASE_HOST:-mariadb}" -export DB_HOST="$MYSQL_CLIENT_DATABASE_HOST" -MYSQL_CLIENT_DATABASE_PORT_NUMBER="${MYSQL_CLIENT_DATABASE_PORT_NUMBER:-"${MARIADB_PORT_NUMBER:-}"}" -export MYSQL_CLIENT_DATABASE_PORT_NUMBER="${MYSQL_CLIENT_DATABASE_PORT_NUMBER:-3306}" -export DB_PORT_NUMBER="$MYSQL_CLIENT_DATABASE_PORT_NUMBER" -MYSQL_CLIENT_DATABASE_ROOT_USER="${MYSQL_CLIENT_DATABASE_ROOT_USER:-"${MARIADB_ROOT_USER:-}"}" -export MYSQL_CLIENT_DATABASE_ROOT_USER="${MYSQL_CLIENT_DATABASE_ROOT_USER:-root}" -export DB_ROOT_USER="$MYSQL_CLIENT_DATABASE_ROOT_USER" # only used during the first initialization -MYSQL_CLIENT_DATABASE_ROOT_PASSWORD="${MYSQL_CLIENT_DATABASE_ROOT_PASSWORD:-"${MARIADB_ROOT_PASSWORD:-}"}" -export MYSQL_CLIENT_DATABASE_ROOT_PASSWORD="${MYSQL_CLIENT_DATABASE_ROOT_PASSWORD:-}" -export DB_ROOT_PASSWORD="$MYSQL_CLIENT_DATABASE_ROOT_PASSWORD" # only used during the first initialization -export MYSQL_CLIENT_CREATE_DATABASE_NAME="${MYSQL_CLIENT_CREATE_DATABASE_NAME:-}" -export DB_CREATE_DATABASE_NAME="$MYSQL_CLIENT_CREATE_DATABASE_NAME" # only used during the first initialization -export MYSQL_CLIENT_CREATE_DATABASE_USER="${MYSQL_CLIENT_CREATE_DATABASE_USER:-}" -export DB_CREATE_DATABASE_USER="$MYSQL_CLIENT_CREATE_DATABASE_USER" -export MYSQL_CLIENT_CREATE_DATABASE_PASSWORD="${MYSQL_CLIENT_CREATE_DATABASE_PASSWORD:-}" -export DB_CREATE_DATABASE_PASSWORD="$MYSQL_CLIENT_CREATE_DATABASE_PASSWORD" -export MYSQL_CLIENT_CREATE_DATABASE_CHARACTER_SET="${MYSQL_CLIENT_CREATE_DATABASE_CHARACTER_SET:-}" -export DB_CREATE_DATABASE_CHARACTER_SET="$MYSQL_CLIENT_CREATE_DATABASE_CHARACTER_SET" -export MYSQL_CLIENT_CREATE_DATABASE_COLLATE="${MYSQL_CLIENT_CREATE_DATABASE_COLLATE:-}" -export DB_CREATE_DATABASE_COLLATE="$MYSQL_CLIENT_CREATE_DATABASE_COLLATE" -export MYSQL_CLIENT_CREATE_DATABASE_PRIVILEGES="${MYSQL_CLIENT_CREATE_DATABASE_PRIVILEGES:-}" -export DB_CREATE_DATABASE_PRIVILEGES="$MYSQL_CLIENT_CREATE_DATABASE_PRIVILEGES" -export MYSQL_CLIENT_ENABLE_SSL_WRAPPER="${MYSQL_CLIENT_ENABLE_SSL_WRAPPER:-no}" -export DB_ENABLE_SSL_WRAPPER="$MYSQL_CLIENT_ENABLE_SSL_WRAPPER" -export MYSQL_CLIENT_ENABLE_SSL="${MYSQL_CLIENT_ENABLE_SSL:-no}" -export DB_ENABLE_SSL="$MYSQL_CLIENT_ENABLE_SSL" -export MYSQL_CLIENT_SSL_CA_FILE="${MYSQL_CLIENT_SSL_CA_FILE:-}" -export DB_SSL_CA_FILE="$MYSQL_CLIENT_SSL_CA_FILE" -export MYSQL_CLIENT_SSL_CERT_FILE="${MYSQL_CLIENT_SSL_CERT_FILE:-}" -export DB_SSL_CERT_FILE="$MYSQL_CLIENT_SSL_CERT_FILE" -export MYSQL_CLIENT_SSL_KEY_FILE="${MYSQL_CLIENT_SSL_KEY_FILE:-}" -export DB_SSL_KEY_FILE="$MYSQL_CLIENT_SSL_KEY_FILE" -export MYSQL_CLIENT_EXTRA_FLAGS="${MYSQL_CLIENT_EXTRA_FLAGS:-no}" -export DB_EXTRA_FLAGS="$MYSQL_CLIENT_EXTRA_FLAGS" - -# Custom environment variables may be defined below diff --git a/bitnami/ghost/5/debian-11/rootfs/opt/bitnami/scripts/mysql-client/postunpack.sh b/bitnami/ghost/5/debian-11/rootfs/opt/bitnami/scripts/mysql-client/postunpack.sh deleted file mode 100755 index 79ec6ad52f2d..000000000000 --- a/bitnami/ghost/5/debian-11/rootfs/opt/bitnami/scripts/mysql-client/postunpack.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh - -# Load MySQL Client environment variables -. /opt/bitnami/scripts/mysql-client-env.sh - -for dir in "$DB_BIN_DIR" "${DB_BASE_DIR}/.bin"; do - ensure_dir_exists "$dir" - chmod g+rwX "$dir" -done diff --git a/bitnami/ghost/5/debian-11/rootfs/opt/bitnami/scripts/mysql-client/setup.sh b/bitnami/ghost/5/debian-11/rootfs/opt/bitnami/scripts/mysql-client/setup.sh deleted file mode 100755 index 13a2e13861ab..000000000000 --- a/bitnami/ghost/5/debian-11/rootfs/opt/bitnami/scripts/mysql-client/setup.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libmysqlclient.sh - -# Load MySQL Client environment variables -. /opt/bitnami/scripts/mysql-client-env.sh - -# Ensure MySQL Client environment variables settings are valid -mysql_client_validate -# Ensure MySQL Client is initialized -mysql_client_initialize diff --git a/bitnami/ghost/5/debian-11/rootfs/post-init.d/shell.sh b/bitnami/ghost/5/debian-11/rootfs/post-init.d/shell.sh deleted file mode 100755 index 15ec2defbee7..000000000000 --- a/bitnami/ghost/5/debian-11/rootfs/post-init.d/shell.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Executes custom Bash init scripts - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries with logging functions -if [[ -f /opt/bitnami/base/functions ]]; then - . /opt/bitnami/base/functions -else - . /opt/bitnami/scripts/liblog.sh -fi - -# Loop through all input files passed via stdin -read -r -a custom_init_scripts <<< "$@" -failure=0 -if [[ "${#custom_init_scripts[@]}" -gt 0 ]]; then - for custom_init_script in "${custom_init_scripts[@]}"; do - [[ "$custom_init_script" != *".sh" ]] && continue - if [[ -x "$custom_init_script" ]]; then - info "Executing ${custom_init_script}" - "$custom_init_script" || failure="1" - else - info "Sourcing ${custom_init_script} as it is not executable by the current user, any error may cause initialization to fail" - . "$custom_init_script" - fi - [[ "$failure" -ne 0 ]] && error "Failed to execute ${custom_init_script}" - done -fi - -exit "$failure" diff --git a/bitnami/ghost/5/debian-11/rootfs/post-init.d/sql-mysql.sh b/bitnami/ghost/5/debian-11/rootfs/post-init.d/sql-mysql.sh deleted file mode 100755 index 3618812a8335..000000000000 --- a/bitnami/ghost/5/debian-11/rootfs/post-init.d/sql-mysql.sh +++ /dev/null @@ -1,48 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Executes custom MySQL (.sql or .sql.gz) init scripts - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries with logging functions -if [[ -f /opt/bitnami/base/functions ]]; then - . /opt/bitnami/base/functions -else - . /opt/bitnami/scripts/liblog.sh -fi - -mysql_execute() { - local -r sql_file="${1:?missing file}" - local failure=0 - mysql_cmd=("mysql" "-h" "$MARIADB_HOST" "-P" "$MARIADB_PORT_NUMBER" "-u" "$MARIADB_ROOT_USER") - if [[ "${ALLOW_EMPTY_PASSWORD:-no}" != "yes" ]]; then - mysql_cmd+=("-p${MARIADB_ROOT_PASSWORD}") - fi - if [[ "$sql_file" == *".sql" ]]; then - "${mysql_cmd[@]}" < "$sql_file" || failure=$? - elif [[ "$sql_file" == *".sql.gz" ]]; then - gunzip -c "$sql_file" | "${mysql_cmd[@]}" || failure=$? - fi - return "$failure" -} - -# Loop through all input files passed via stdin -read -r -a custom_init_scripts <<< "$@" -failure=0 -if [[ "${#custom_init_scripts[@]}" -gt 0 ]]; then - for custom_init_script in "${custom_init_scripts[@]}"; do - [[ ! "$custom_init_script" =~ ^.*(\.sql|\.sql\.gz)$ ]] && continue - info "Executing ${custom_init_script}" - mysql_execute "$custom_init_script" || failure=1 - [[ "$failure" -ne 0 ]] && error "Failed to execute ${custom_init_script}" - done -fi - -exit "$failure" diff --git a/bitnami/ghost/5/debian-11/rootfs/post-init.sh b/bitnami/ghost/5/debian-11/rootfs/post-init.sh deleted file mode 100755 index 559127033f2c..000000000000 --- a/bitnami/ghost/5/debian-11/rootfs/post-init.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Only execute init scripts once -if [[ ! -f "/bitnami/ghost/.user_scripts_initialized" && -d "/docker-entrypoint-init.d" ]]; then - read -r -a init_scripts <<< "$(find "/docker-entrypoint-init.d" -type f -print0 | sort -z | xargs -0)" - if [[ "${#init_scripts[@]}" -gt 0 ]] && [[ ! -f "/bitnami/ghost/.user_scripts_initialized" ]]; then - mkdir -p "/bitnami/ghost" - for init_script in "${init_scripts[@]}"; do - for init_script_type_handler in /post-init.d/*.sh; do - "$init_script_type_handler" "$init_script" - done - done - fi - - touch "/bitnami/ghost/.user_scripts_initialized" -fi diff --git a/bitnami/ghost/5/debian-11/tags-info.yaml b/bitnami/ghost/5/debian-11/tags-info.yaml deleted file mode 100644 index f5e2039b9134..000000000000 --- a/bitnami/ghost/5/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "5" -- 5-debian-11 -- 5.79.4 -- latest diff --git a/bitnami/git/2/debian-11/Dockerfile b/bitnami/git/2/debian-11/Dockerfile deleted file mode 100644 index c65dfc1cca05..000000000000 --- a/bitnami/git/2/debian-11/Dockerfile +++ /dev/null @@ -1,52 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T16:25:08Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="2.43.2-debian-11-r6" \ - org.opencontainers.image.title="git" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="2.43.2" - -ENV OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl git-lfs less libbrotli1 libcom-err2 libcurl4 libffi7 libgcrypt20 libgmp10 libgnutls30 libgpg-error0 libgssapi-krb5-2 libhogweed6 libidn2-0 libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 libldap-2.4-2 libnettle8 libnghttp2-14 libp11-kit0 libpsl5 librtmp1 libsasl2-2 libssh2-1 libssl1.1 libtasn1-6 libunistring2 procps ssh zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "git-2.43.2-0-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN rm -f /etc/ssh/ssh_host_* > /dev/null 2>&1 && \ - chmod g+w /etc/ssh -ENV APP_VERSION="2.43.2" \ - BITNAMI_APP_NAME="git" \ - NSS_WRAPPER_LIB="/opt/bitnami/common/lib/libnss_wrapper.so" \ - PATH="/opt/bitnami/git/bin:$PATH" - -ENTRYPOINT [ "/opt/bitnami/scripts/git/entrypoint.sh" ] -CMD [ "/bin/bash" ] diff --git a/bitnami/git/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/git/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index ebb59bc9bfd1..000000000000 --- a/bitnami/git/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "git": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.43.2-0" - } -} \ No newline at end of file diff --git a/bitnami/git/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/git/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/git/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/git/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/git/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/git/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/git/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/git/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/git/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/git/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/git/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/git/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/git/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/git/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/git/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/git/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/git/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/git/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/git/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/git/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/git/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/git/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/git/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/git/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/git/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/git/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/git/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/git/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/git/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/git/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/git/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/git/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/git/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/git/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/git/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/git/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/git/2/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/git/2/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/git/2/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/git/2/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/git/2/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/git/2/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/git/2/debian-11/rootfs/opt/bitnami/scripts/git/entrypoint.sh b/bitnami/git/2/debian-11/rootfs/opt/bitnami/scripts/git/entrypoint.sh deleted file mode 100755 index ca17c4626338..000000000000 --- a/bitnami/git/2/debian-11/rootfs/opt/bitnami/scripts/git/entrypoint.sh +++ /dev/null @@ -1,46 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -#set -o xtrace - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -print_welcome_page - -# Configure NSS wrapper -if ! am_i_root; then - export LNAME="git" - export LD_PRELOAD="/opt/bitnami/common/lib/libnss_wrapper.so" - if ! user_exists "$(id -u)" && [[ -f "$LD_PRELOAD" ]]; then - # shellcheck disable=SC2155 - export NSS_WRAPPER_PASSWD="$(mktemp)" - # shellcheck disable=SC2155 - export NSS_WRAPPER_GROUP="$(mktemp)" - echo "git:x:$(id -u):$(id -g):Git:${HOME}:/bin/false" >"$NSS_WRAPPER_PASSWD" - echo "git:x:$(id -g):" >"$NSS_WRAPPER_GROUP" - fi -fi - -# Generate new SSH key pairs if they don't exist -if [[ ! -f /etc/ssh/ssh_host_rsa_key ]]; then - ssh-keygen -q -t rsa -f /etc/ssh/ssh_host_rsa_key -N "" <</dev/null 2>&1 -fi - -if [[ ! -f /etc/ssh/ssh_host_ecdsa_key ]]; then - ssh-keygen -q -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N "" <</dev/null 2>&1 -fi - -if [[ ! -f /etc/ssh/ssh_host_ed25519_key ]]; then - ssh-keygen -q -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N "" <</dev/null 2>&1 -fi - -[ "$#" -eq 0 ] || exec "$@" diff --git a/bitnami/git/2/debian-11/tags-info.yaml b/bitnami/git/2/debian-11/tags-info.yaml deleted file mode 100644 index c785fa5e143a..000000000000 --- a/bitnami/git/2/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "2" -- 2-debian-11 -- 2.43.2 -- latest diff --git a/bitnami/gitea/1/debian-11/Dockerfile b/bitnami/gitea/1/debian-11/Dockerfile deleted file mode 100644 index b5aee22c4c5f..000000000000 --- a/bitnami/gitea/1/debian-11/Dockerfile +++ /dev/null @@ -1,60 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T02:02:24Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.21.5-debian-11-r21" \ - org.opencontainers.image.title="gitea" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="1.21.5" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages acl ca-certificates curl git procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "wait-for-port-1.0.7-9-linux-${OS_ARCH}-debian-11" \ - "render-template-1.0.6-9-linux-${OS_ARCH}-debian-11" \ - "ini-file-1.4.6-9-linux-${OS_ARCH}-debian-11" \ - "gitea-1.21.5-2-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/gitea/postunpack.sh -ENV APP_VERSION="1.21.5" \ - BITNAMI_APP_NAME="gitea" \ - NSS_WRAPPER_LIB="/opt/bitnami/common/lib/libnss_wrapper.so" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/gitea/bin:$PATH" - -EXPOSE 2222 3000 - -WORKDIR /opt/bitnami/gitea -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/gitea/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/gitea/run.sh" ] diff --git a/bitnami/gitea/1/debian-11/docker-compose.yml b/bitnami/gitea/1/debian-11/docker-compose.yml deleted file mode 100644 index 4855163d1ab2..000000000000 --- a/bitnami/gitea/1/debian-11/docker-compose.yml +++ /dev/null @@ -1,32 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' -services: - postgresql: - image: docker.io/bitnami/postgresql:16 - volumes: - - 'postgresql_data:/bitnami/postgresql' - environment: - - POSTGRESQL_DATABASE=bitnami_gitea - - POSTGRESQL_USERNAME=bn_gitea - - POSTGRESQL_PASSWORD=bitnami1 - # ALLOW_EMPTY_PASSWORD is recommended only for development. - - ALLOW_EMPTY_PASSWORD=yes - gitea: - image: docker.io/bitnami/gitea:1 - volumes: - - 'gitea_data:/bitnami/gitea' - environment: - - GITEA_DATABASE_HOST=postgresql - - GITEA_DATABASE_NAME=bitnami_gitea - - GITEA_DATABASE_USERNAME=bn_gitea - - GITEA_DATABASE_PASSWORD=bitnami1 - ports: - - '3000:3000' - - '2222:2222' -volumes: - postgresql_data: - driver: local - gitea_data: - driver: local diff --git a/bitnami/gitea/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/gitea/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 20b47023a320..000000000000 --- a/bitnami/gitea/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,26 +0,0 @@ -{ - "gitea": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.21.5-2" - }, - "ini-file": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.4.6-9" - }, - "render-template": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.6-9" - }, - "wait-for-port": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.7-9" - } -} \ No newline at end of file diff --git a/bitnami/gitea/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/gitea/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/gitea/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/gitea/1/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/gitea/1/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/gitea/1/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/gitea/1/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/gitea/1/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/gitea/1/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/gitea/1/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/gitea/1/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/gitea/1/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/gitea/1/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/gitea/1/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/gitea/1/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/gitea/1/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/gitea/1/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/gitea/1/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/gitea/1/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/gitea/1/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/gitea/1/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/gitea/1/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/gitea/1/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/gitea/1/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/gitea/1/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/gitea/1/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/gitea/1/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/gitea/1/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/gitea/1/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/gitea/1/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/gitea/1/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/gitea/1/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/gitea/1/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/gitea/1/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/gitea/1/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/gitea/1/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/gitea/1/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/gitea/1/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/gitea/1/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/gitea/1/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/gitea/1/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/gitea/1/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/gitea/1/debian-11/rootfs/opt/bitnami/gitea/custom/conf/app.ini.template b/bitnami/gitea/1/debian-11/rootfs/opt/bitnami/gitea/custom/conf/app.ini.template deleted file mode 100644 index dd2fb1805d80..000000000000 --- a/bitnami/gitea/1/debian-11/rootfs/opt/bitnami/gitea/custom/conf/app.ini.template +++ /dev/null @@ -1,54 +0,0 @@ -APP_NAME = {{GITEA_APP_NAME}} -RUN_USER = {{GITEA_DAEMON_USER}} -RUN_MODE = {{GITEA_RUN_MODE}} - -[repository] -ROOT = {{GITEA_REPO_ROOT_PATH}} - -[repository.local] -LOCAL_COPY_PATH ={{GITEA_TMP_DIR}}/local-repo - -[repository.upload] -TEMP_PATH = {{GITEA_TMP_DIR}}/uploads - -[database] -DB_TYPE = {{GITEA_DATABASE_TYPE}} -HOST = {{GITEA_DATABASE_HOST}}:{{GITEA_DATABASE_PORT_NUMBER}} -NAME = {{GITEA_DATABASE_NAME}} -USER = {{GITEA_DATABASE_USERNAME}} -PASSWD = {{GITEA_DATABASE_PASSWORD}} - -[server] -DOMAIN = {{GITEA_DOMAIN}} -HTTP_PORT = {{GITEA_HTTP_PORT}} -PROTOCOL = {{GITEA_PROTOCOL}} -ROOT_URL = {{GITEA_ROOT_URL}} -APP_DATA_PATH = {{GITEA_DATA_DIR}} -DISABLE_SSH = false -START_SSH_SERVER = true -SSH_PORT = {{GITEA_SSH_PORT}} -SSH_LISTEN_PORT = {{GITEA_SSH_LISTEN_PORT}} -SSH_DOMAIN = {{GITEA_SSH_DOMAIN}} -BUILTIN_SSH_SERVER_USER = gitea -LFS_START_SERVER = {{GITEA_LFS_START_SERVER}} - -[mailer] -ENABLED = {{GITEA_SMTP_ENABLED}} - -[session] -PROVIDER_CONFIG = {{GITEA_DATA_DIR}}/sessions - -[picture] -AVATAR_UPLOAD_PATH = {{GITEA_DATA_DIR}}/avatars -REPOSITORY_AVATAR_UPLOAD_PATH = {{GITEA_DATA_DIR}}/repo-avatars - -[attachment] -PATH = {{GITEA_DATA_DIR}}/attachments - -[log] -ROOT_PATH = {{GITEA_LOG_ROOT_PATH}} - -[security] -PASSWORD_HASH_ALGO = {{GITEA_PASSWORD_HASH_ALGO}} -REVERSE_PROXY_LIMIT = 1 -REVERSE_PROXY_TRUSTED_PROXIES = * diff --git a/bitnami/gitea/1/debian-11/rootfs/opt/bitnami/gitea/nss-wrapper/nss_group b/bitnami/gitea/1/debian-11/rootfs/opt/bitnami/gitea/nss-wrapper/nss_group deleted file mode 100644 index e2c16090793e..000000000000 --- a/bitnami/gitea/1/debian-11/rootfs/opt/bitnami/gitea/nss-wrapper/nss_group +++ /dev/null @@ -1 +0,0 @@ -gitea:x:0: diff --git a/bitnami/gitea/1/debian-11/rootfs/opt/bitnami/gitea/nss-wrapper/nss_passwd b/bitnami/gitea/1/debian-11/rootfs/opt/bitnami/gitea/nss-wrapper/nss_passwd deleted file mode 100644 index 1bcce518cc2b..000000000000 --- a/bitnami/gitea/1/debian-11/rootfs/opt/bitnami/gitea/nss-wrapper/nss_passwd +++ /dev/null @@ -1 +0,0 @@ -gitea:x:1001:0:Gitea:/opt/bitnami/gitea:/bin/false diff --git a/bitnami/gitea/1/debian-11/rootfs/opt/bitnami/scripts/gitea-env.sh b/bitnami/gitea/1/debian-11/rootfs/opt/bitnami/scripts/gitea-env.sh deleted file mode 100644 index 7cf9171bd39c..000000000000 --- a/bitnami/gitea/1/debian-11/rootfs/opt/bitnami/scripts/gitea-env.sh +++ /dev/null @@ -1,130 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for gitea - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-gitea}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -gitea_env_vars=( - GITEA_REPO_ROOT_PATH - GITEA_LFS_ROOT_PATH - GITEA_LOG_ROOT_PATH - GITEA_LOG_MODE - GITEA_LOG_ROUTER - GITEA_ADMIN_USER - GITEA_ADMIN_PASSWORD - GITEA_ADMIN_EMAIL - GITEA_APP_NAME - GITEA_RUN_MODE - GITEA_DOMAIN - GITEA_SSH_DOMAIN - GITEA_SSH_LISTEN_PORT - GITEA_SSH_PORT - GITEA_HTTP_PORT - GITEA_PROTOCOL - GITEA_ROOT_URL - GITEA_PASSWORD_HASH_ALGO - GITEA_LFS_START_SERVER - GITEA_DATABASE_TYPE - GITEA_DATABASE_HOST - GITEA_DATABASE_PORT_NUMBER - GITEA_DATABASE_NAME - GITEA_DATABASE_USERNAME - GITEA_DATABASE_PASSWORD - GITEA_DATABASE_SSL_MODE - GITEA_DATABASE_SCHEMA - GITEA_DATABASE_CHARSET - GITEA_SMTP_ENABLED - GITEA_SMTP_HOST - GITEA_SMTP_PORT - GITEA_SMTP_FROM - GITEA_SMTP_USER - GITEA_SMTP_PASSWORD -) -for env_var in "${gitea_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset gitea_env_vars - -# Paths -export GITEA_BASE_DIR="${BITNAMI_ROOT_DIR}/gitea" -export GITEA_WORK_DIR="${GITEA_BASE_DIR}" -export GITEA_CUSTOM_DIR="${GITEA_BASE_DIR}/custom" -export GITEA_TMP_DIR="${GITEA_BASE_DIR}/tmp" -export GITEA_DATA_DIR="${GITEA_WORK_DIR}/data" -export GITEA_CONF_DIR="${GITEA_CUSTOM_DIR}/conf" -export GITEA_CONF_FILE="${GITEA_CONF_DIR}/app.ini" -export GITEA_PID_FILE="${GITEA_TMP_DIR}/gitea.pid" - -# Gitea persistence configuration -export GITEA_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/gitea" -export GITEA_DATA_TO_PERSIST="${GITEA_CONF_FILE} data" - -# Gitea configuration parameters -export GITEA_REPO_ROOT_PATH="${GITEA_REPO_ROOT_PATH:-${GITEA_DATA_DIR}/git/repositories}" -export GITEA_LFS_ROOT_PATH="${GITEA_LFS_ROOT_PATH:-}" -export GITEA_LOG_ROOT_PATH="${GITEA_LOG_ROOT_PATH:-${GITEA_TMP_DIR}/log}" -export GITEA_LOG_MODE="${GITEA_LOG_MODE:-}" -export GITEA_LOG_ROUTER="${GITEA_LOG_ROUTER:-}" -export GITEA_ADMIN_USER="${GITEA_ADMIN_USER:-bn_user}" -export GITEA_ADMIN_PASSWORD="${GITEA_ADMIN_PASSWORD:-bitnami}" -export GITEA_ADMIN_EMAIL="${GITEA_ADMIN_EMAIL:-user@bitnami.org}" -export GITEA_APP_NAME="${GITEA_APP_NAME:-Gitea: Git with a cup of tea}" -export GITEA_RUN_MODE="${GITEA_RUN_MODE:-prod}" -export GITEA_DOMAIN="${GITEA_DOMAIN:-localhost}" -export GITEA_SSH_DOMAIN="${GITEA_SSH_DOMAIN:-${GITEA_DOMAIN}}" -export GITEA_SSH_LISTEN_PORT="${GITEA_SSH_LISTEN_PORT:-2222}" -export GITEA_SSH_PORT="${GITEA_SSH_PORT:-${GITEA_SSH_LISTEN_PORT}}" -export GITEA_HTTP_PORT="${GITEA_HTTP_PORT:-3000}" -export GITEA_PROTOCOL="${GITEA_PROTOCOL:-http}" -export GITEA_ROOT_URL="${GITEA_ROOT_URL:-${GITEA_PROTOCOL}://${GITEA_DOMAIN}:${GITEA_HTTP_PORT}}" -export GITEA_PASSWORD_HASH_ALGO="${GITEA_PASSWORD_HASH_ALGO:-pbkdf2}" -export GITEA_LFS_START_SERVER="${GITEA_LFS_START_SERVER:-false}" -export GITEA_DATABASE_TYPE="${GITEA_DATABASE_TYPE:-postgres}" -export GITEA_DATABASE_HOST="${GITEA_DATABASE_HOST:-postgresql}" -export GITEA_DATABASE_PORT_NUMBER="${GITEA_DATABASE_PORT_NUMBER:-5432}" -export GITEA_DATABASE_NAME="${GITEA_DATABASE_NAME:-bitnami_gitea}" -export GITEA_DATABASE_USERNAME="${GITEA_DATABASE_USERNAME:-bn_gitea}" -export GITEA_DATABASE_PASSWORD="${GITEA_DATABASE_PASSWORD:-}" -export GITEA_DATABASE_SSL_MODE="${GITEA_DATABASE_SSL_MODE:-disable}" -export GITEA_DATABASE_SCHEMA="${GITEA_DATABASE_SCHEMA:-}" -export GITEA_DATABASE_CHARSET="${GITEA_DATABASE_CHARSET:-utf8}" -export GITEA_SMTP_ENABLED="${GITEA_SMTP_ENABLED:-false}" -export GITEA_SMTP_HOST="${GITEA_SMTP_HOST:-}" -export GITEA_SMTP_PORT="${GITEA_SMTP_PORT:-}" -export GITEA_SMTP_FROM="${GITEA_SMTP_FROM:-}" -export GITEA_SMTP_USER="${GITEA_SMTP_USER:-}" -export GITEA_SMTP_PASSWORD="${GITEA_SMTP_PASSWORD:-}" - -# Gitea system parameters -export GITEA_DAEMON_USER="gitea" -export GITEA_DAEMON_GROUP="gitea" -export PATH="/opt/bitnami/common/bin:/opt/bitnami/gitea/bin:$PATH" - -# Custom environment variables may be defined below diff --git a/bitnami/gitea/1/debian-11/rootfs/opt/bitnami/scripts/gitea/entrypoint.sh b/bitnami/gitea/1/debian-11/rootfs/opt/bitnami/scripts/gitea/entrypoint.sh deleted file mode 100755 index 46c89224b805..000000000000 --- a/bitnami/gitea/1/debian-11/rootfs/opt/bitnami/scripts/gitea/entrypoint.sh +++ /dev/null @@ -1,49 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Load Gitea environment variables -. /opt/bitnami/scripts/gitea-env.sh - -print_welcome_page - -# Configure libnss_wrapper based on the UID/GID used to run the container -# This container supports arbitrary UIDs, therefore we have do it dynamically -if ! am_i_root; then - export LNAME="gitea" - export LD_PRELOAD="/opt/bitnami/common/lib/libnss_wrapper.so" - if [[ -f "$LD_PRELOAD" ]]; then - info "Configuring libnss_wrapper" - NSS_WRAPPER_PASSWD="$(mktemp)" - export NSS_WRAPPER_PASSWD - NSS_WRAPPER_GROUP="$(mktemp)" - export NSS_WRAPPER_GROUP - if [[ "$HOME" == "/" ]]; then - export HOME=/opt/bitnami/gitea - fi - echo "gitea:x:$(id -u):$(id -g):gitea:${HOME}:/bin/false" >"$NSS_WRAPPER_PASSWD" - echo "gitea:x:$(id -g):" >"$NSS_WRAPPER_GROUP" - chmod 400 "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP" - fi -fi - -if [[ "$1" = "/opt/bitnami/scripts/gitea/run.sh" ]]; then - info "** Starting Gitea setup **" - /opt/bitnami/scripts/gitea/setup.sh - info "** Gitea setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/gitea/1/debian-11/rootfs/opt/bitnami/scripts/gitea/postunpack.sh b/bitnami/gitea/1/debian-11/rootfs/opt/bitnami/scripts/gitea/postunpack.sh deleted file mode 100755 index 103436c89172..000000000000 --- a/bitnami/gitea/1/debian-11/rootfs/opt/bitnami/scripts/gitea/postunpack.sh +++ /dev/null @@ -1,39 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libfs.sh - -# Load Gitea environment variables -. /opt/bitnami/scripts/gitea-env.sh - -# System User -ensure_user_exists "$GITEA_DAEMON_USER" --group "$GITEA_DAEMON_GROUP" --system - -# Create directories -dirs=( - "${GITEA_WORK_DIR}" - "${GITEA_CUSTOM_DIR}" - "${GITEA_DATA_DIR}" - "${GITEA_TMP_DIR}" - "${GITEA_VOLUME_DIR}" - "${GITEA_LOG_ROOT_PATH}" -) - -for dir in "${dirs[@]}"; do - ensure_dir_exists "$dir" - configure_permissions_ownership "$dir" -d "775" -f "664" -u "$GITEA_DAEMON_USER" -g "root" -done -chmod a+x "${GITEA_WORK_DIR}/bin/gitea" - -render-template "$GITEA_CONF_DIR/app.ini.template" >"$GITEA_CONF_FILE" -configure_permissions_ownership "$GITEA_CONF_FILE" -f "664" -u "$GITEA_DAEMON_USER" -g "root" diff --git a/bitnami/gitea/1/debian-11/rootfs/opt/bitnami/scripts/gitea/run.sh b/bitnami/gitea/1/debian-11/rootfs/opt/bitnami/scripts/gitea/run.sh deleted file mode 100755 index 5da286fc0a8c..000000000000 --- a/bitnami/gitea/1/debian-11/rootfs/opt/bitnami/scripts/gitea/run.sh +++ /dev/null @@ -1,30 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libgitea.sh - -# Load Gitea environment variables -. /opt/bitnami/scripts/gitea-env.sh - -declare -a cmd=("${GITEA_BASE_DIR}/bin/gitea") -declare -a args=("web" "--config=${GITEA_CONF_FILE}" "--pid=${GITEA_PID_FILE}" "--custom-path=${GITEA_CUSTOM_DIR}" "--work-path=${GITEA_WORK_DIR}") -args+=("$@") - -info "** Starting Gitea **" -if am_i_root; then - exec_as_user "$GITEA_DAEMON_USER" "${cmd[@]}" "${args[@]}" -else - exec "${cmd[@]}" "${args[@]}" -fi diff --git a/bitnami/gitea/1/debian-11/rootfs/opt/bitnami/scripts/gitea/setup.sh b/bitnami/gitea/1/debian-11/rootfs/opt/bitnami/scripts/gitea/setup.sh deleted file mode 100755 index 592dc5d9c1a3..000000000000 --- a/bitnami/gitea/1/debian-11/rootfs/opt/bitnami/scripts/gitea/setup.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libgitea.sh - -# Load Gitea environment settings -. /opt/bitnami/scripts/gitea-env.sh - -# Ensure Gitea environment settings are valid -gitea_validate -# Ensure Gitea is stopped when this script ends. -trap "gitea_stop" EXIT -# Ensure 'daemon' user exists when running as 'root' -am_i_root && ensure_user_exists "$GITEA_DAEMON_USER" --group "$GITEA_DAEMON_GROUP" -# Ensure is initialized -gitea_initialize -# Stop Gitea before flagging it as fully initialized. -# Relying only on the trap defined above could produce a race condition. -gitea_stop diff --git a/bitnami/gitea/1/debian-11/rootfs/opt/bitnami/scripts/libgitea.sh b/bitnami/gitea/1/debian-11/rootfs/opt/bitnami/scripts/libgitea.sh deleted file mode 100644 index 588e8943be9e..000000000000 --- a/bitnami/gitea/1/debian-11/rootfs/opt/bitnami/scripts/libgitea.sh +++ /dev/null @@ -1,382 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Gitea library - -# shellcheck disable=SC1090 -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libpersistence.sh - -######################## -# Validate settings in GITEA_* env vars -# Globals: -# GITEA_* -# Arguments: -# None -# Returns: -# 0 if the validation succeeded, 1 otherwise -######################### -gitea_validate() { - debug "Validating settings in GITEA_* environment variables..." - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - check_empty_value() { - if is_empty_value "${!1}"; then - print_validation_error "${1} must be set" - fi - } - check_valid_port() { - local port_var="${1:?missing port variable}" - local err - if ! err="$(validate_port "${!port_var}")"; then - print_validation_error "An invalid port was specified in the environment variable ${port_var}: ${err}." - fi - } - - ! is_empty_value "$GITEA_HTTP_PORT" && check_valid_port "GITEA_HTTP_PORT" - ! is_empty_value "$GITEA_SSH_PORT" && check_valid_port "GITEA_SSH_PORT" - ! is_empty_value "$GITEA_SSH_LISTEN_PORT" && check_valid_port "GITEA_SSH_LISTEN_PORT" - - if is_boolean_yes "$GITEA_SMTP_ENABLED"; then - check_empty_value "GITEA_SMTP_HOST" - check_empty_value "GITEA_SMTP_FROM" - fi - - return "$error_code" -} - -######################## -# Check if Gitea daemon is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_gitea_running() { - pid="$(get_pid_from_file "$GITEA_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if Gitea daemon is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_gitea_not_running() { - ! is_gitea_running -} - -######################## -# Stop Gitea daemons -# Arguments: -# None -# Returns: -# None -######################### -gitea_stop() { - ! is_gitea_running && return - stop_service_using_pid "$GITEA_PID_FILE" -} - -######################## -# Initialize Gitea -# Arguments: -# None -# Returns: -# None -######################### -gitea_initialize() { - # Wait for database connection - local -r database_host="${GITEA_DATABASE_HOST%:*}" - local database_port="${GITEA_DATABASE_HOST#*:}" - if is_empty_value "$database_port" || [[ "$database_port" == "$database_host" ]]; then - if [[ "${GITEA_DATABASE_TYPE}" == "mysql" ]]; then - database_port="${GITEA_DATABASE_PORT_NUMBER:-3306}" - else - # Postgresql default port - database_port="${GITEA_DATABASE_PORT_NUMBER:-5432}" - fi - fi - info "Waiting for database connection..." - wait_for_connection "$database_host" "$database_port" - info "Initializing Gitea..." - # Check if Gitea has already been initialized and persisted in a previous run - local -r app_name="gitea" - if ! is_app_initialized "$app_name" || [[ ! -f "$GITEA_CONF_FILE" ]]; then - # Run installation steps - # https://docs.gitea.io/en-us/install-from-binary/ - # Ensure configurable dirs exist - local -r dirs=( - "${GITEA_REPO_ROOT_PATH}" - "${GITEA_LOG_ROOT_PATH}" - "${GITEA_LFS_ROOT_PATH}" - ) - for dir in "${dirs[@]}"; do - if ! is_empty_value "$dir"; then - ensure_dir_exists "$dir" - am_i_root && configure_permissions_ownership "$dir" -d "775" -f "664" -u "$GITEA_DAEMON_USER" -g "root" - fi - done - gitea_update_conf_file - gitea_pass_wizard - # These config values are not desired for the wizard, as we want to print install output to a specific log file - # In addition, Gitea overwrites these values after passing the wizard, so we need to set them afterwards anyways - is_empty_value "$GITEA_LOG_MODE" || gitea_conf_set "log" "MODE" "$GITEA_LOG_MODE" - is_empty_value "$GITEA_LOG_ROUTER" || gitea_conf_set "log" "ROUTER" "$GITEA_LOG_ROUTER" - info "Persisting Gitea installation" - persist_app "$app_name" "$GITEA_DATA_TO_PERSIST" - else - info "Restoring persisted Gitea installation" - restore_persisted_app "$app_name" "$GITEA_DATA_TO_PERSIST" - # Update config file with env vars - gitea_update_conf_file - fi - # Avoid exit code of previous commands to affect the result of this function - true -} - -####################### -# Wait until the host and port are accessible -# Globals: -# * -# Arguments: -# $1 - database host -# $2 - database port -# Returns: -# true if the database connection succeeded, false otherwise -######################### -wait_for_connection() { - local -r host="${1:?missing database host}" - local -r port="${2:?missing database port}" - check_connection() { - wait-for-port --host "$host" "$port" - } - if ! retry_while "check_connection"; then - error "Could not connect to the ${host}:${port}" - return 1 - fi -} - -######################## -# Update the Gitea configuration file with the user inputs -# Globals: -# GITEA_* -# Arguments: -# None -# Returns: -# None -######################### -gitea_update_conf_file() { - # https://docs.gitea.io/en-us/config-cheat-sheet/ - # That URL contains most of the settings that can be configured as well as their default value. - gitea_conf_set "" "APP_NAME" "$GITEA_APP_NAME" - gitea_conf_set "" "RUN_USER" "$GITEA_DAEMON_USER" - gitea_conf_set "" "RUN_MODE" "$GITEA_RUN_MODE" - gitea_conf_set "database" "DB_TYPE" "$GITEA_DATABASE_TYPE" - gitea_conf_set "database" "HOST" "${GITEA_DATABASE_HOST}:${GITEA_DATABASE_PORT_NUMBER}" - gitea_conf_set "database" "NAME" "$GITEA_DATABASE_NAME" - gitea_conf_set "database" "USER" "$GITEA_DATABASE_USERNAME" - is_empty_value "$GITEA_DATABASE_PASSWORD" || gitea_conf_set "database" "PASSWD" "$GITEA_DATABASE_PASSWORD" - is_empty_value "$GITEA_DATABASE_SCHEMA" || gitea_conf_set "database" "SCHEMA" "$GITEA_DATABASE_SCHEMA" - is_empty_value "$GITEA_DATABASE_SSL_MODE" || gitea_conf_set "database" "SSL_MODE" "$GITEA_DATABASE_SSL_MODE" - - gitea_conf_set "server" "DOMAIN" "$GITEA_DOMAIN" - gitea_conf_set "server" "PROTOCOL" "$GITEA_PROTOCOL" - gitea_conf_set "server" "ROOT_URL" "$GITEA_ROOT_URL" - gitea_conf_set "server" "SSH_DOMAIN" "$GITEA_SSH_DOMAIN" - gitea_conf_set "server" "SSH_PORT" "$GITEA_SSH_PORT" - gitea_conf_set "server" "SSH_LISTEN_PORT" "$GITEA_SSH_LISTEN_PORT" - gitea_conf_set "server" "HTTP_PORT" "$GITEA_HTTP_PORT" - gitea_conf_set "log" "ROOT_PATH" "$GITEA_LOG_ROOT_PATH" - gitea_conf_set "repository" "ROOT" "$GITEA_REPO_ROOT_PATH" - gitea_conf_set "security" "PASSWORD_HASH_ALGO" "$GITEA_PASSWORD_HASH_ALGO" - - gitea_conf_set "mailer" "ENABLED" "$GITEA_SMTP_ENABLED" - is_empty_value "$GITEA_SMTP_HOST" || gitea_conf_set "mailer" "SMTP_ADDR" "$GITEA_SMTP_HOST" - is_empty_value "$GITEA_SMTP_PORT" || gitea_conf_set "mailer" "SMTP_PORT" "$GITEA_SMTP_PORT" - is_empty_value "$GITEA_SMTP_FROM" || gitea_conf_set "mailer" "FROM" "$GITEA_SMTP_FROM" - is_empty_value "$GITEA_SMTP_USER" || gitea_conf_set "mailer" "USER" "$GITEA_SMTP_USER" - is_empty_value "$GITEA_SMTP_PASSWORD" || gitea_conf_set "mailer" "PASSWD" "$GITEA_SMTP_PASSWORD" - is_empty_value "$GITEA_LFS_ROOT_PATH" || gitea_conf_set "lfs" "PATH" "$GITEA_LFS_ROOT_PATH" - -} - -######################## -# Set property in the configuration file -# Globals: -# GITEA_* -# Arguments: -# $1 - section -# $2 - key -# $3 - value -# $4 - file -# Returns: -# None -######################### -gitea_conf_set() { - local -r section="${1}" - local -r key="${2:?key is required}" - local -r value="${3:?value is required}" - local -r file="${4:-${GITEA_CONF_FILE}}" - - debug "Setting ${section:+"${section}."}${key} to '${value}' in Gitea configuration" - ini-file set --section "$section" --key "$key" --value "$value" "$file" -} - -####################### -# Pass Gitea wizard -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the wizard succeeded, false otherwise -######################### -gitea_pass_wizard() { - local -r port="${GITEA_HTTP_PORT}" - local wizard_url cookie_file curl_output - local -a curl_opts curl_data_opts - - info "Running Gitea installation wizard" - wizard_url="http://127.0.0.1:${port}" - cookie_file="/tmp/cookie$(generate_random_string -t alphanumeric -c 8)" - curl_opts=("--location" "--silent" "--cookie" "$cookie_file" "--cookie-jar" "$cookie_file") - # Ensure gitea is started - gitea_start_bg - # Step 0: Get cookies - debug "Getting cookies" - curl "${curl_opts[@]}" "$wizard_url" >/dev/null 2>/dev/null - # Step 1: Install database - debug "Install" - curl_data_opts=( - "--data-urlencode" "db_type=${GITEA_DATABASE_TYPE}" - "--data-urlencode" "db_host=${GITEA_DATABASE_HOST}:${GITEA_DATABASE_PORT_NUMBER}" - "--data-urlencode" "db_user=${GITEA_DATABASE_USERNAME}" - "--data-urlencode" "db_passwd=${GITEA_DATABASE_PASSWORD}" - "--data-urlencode" "db_name=${GITEA_DATABASE_NAME}" - "--data-urlencode" "ssl_mode=${GITEA_DATABASE_SSL_MODE}" - "--data-urlencode" "db_schema=${GITEA_DATABASE_SCHEMA}" - "--data-urlencode" "charset=${GITEA_DATABASE_CHARSET}" - "--data-urlencode" "app_name=${GITEA_APP_NAME}" - "--data-urlencode" "repo_root_path=${GITEA_REPO_ROOT_PATH}" - "--data-urlencode" "lfs_root_path=${GITEA_LFS_ROOT_PATH}" - "--data-urlencode" "run_user=${GITEA_DAEMON_USER}" - "--data-urlencode" "domain=${GITEA_DOMAIN}" - "--data-urlencode" "ssh_port=${GITEA_SSH_PORT}" - "--data-urlencode" "http_port=${GITEA_HTTP_PORT}" - "--data-urlencode" "app_url=${GITEA_ROOT_URL}" - "--data-urlencode" "log_root_path=${GITEA_LOG_ROOT_PATH}" - - "--data-urlencode" "password_algorithm=${GITEA_PASSWORD_HASH_ALGO}" - "--data-urlencode" "admin_name=${GITEA_ADMIN_USER}" - "--data-urlencode" "admin_passwd=${GITEA_ADMIN_PASSWORD}" - "--data-urlencode" "admin_confirm_passwd=${GITEA_ADMIN_PASSWORD}" - "--data-urlencode" "admin_email=${GITEA_ADMIN_EMAIL}" - ) - # Note in version 1.18 SMTP configuration is different - if is_boolean_yes "${GITEA_SMTP_ENABLED}"; then - curl_data_opts+=( - "--data-urlencode" "smtp_addr=${GITEA_SMTP_HOST}" - "--data-urlencode" "smtp_port=${GITEA_SMTP_PORT}" - "--data-urlencode" "smtp_from=${GITEA_SMTP_FROM}" - "--data-urlencode" "smtp_user=${GITEA_SMTP_USER}" - "--data-urlencode" "smtp_passwd=${GITEA_SMTP_PASSWORD}" - ) - fi - curl_output="$(curl "${curl_opts[@]}" "${curl_data_opts[@]}" "$wizard_url" 2>/dev/null)" - if [[ "$curl_output" == *"flash-error"* ]]; then - error "An error occurred while installing Gitea" - debug "Curl output: $curl_output" - return 1 - fi - gitea_stop - info "Gitea installation finished" - true -} - -######################## -# Start Gitea daemon -# Arguments: -# None -# Returns: -# None -######################### -gitea_start_bg() { - local -r log_file="${GITEA_LOG_ROOT_PATH}/boot.log" - info "Starting Gitea in background" - is_gitea_running && return - # This function is meant to be called for internal operations like the init scripts - local -r cmd=("${GITEA_BASE_DIR}/bin/gitea") - local -r args=("web" "--config=${GITEA_CONF_FILE}" "--pid=${GITEA_PID_FILE}" "--custom-path=${GITEA_CUSTOM_DIR}" "--work-path=${GITEA_WORK_DIR}") - - if am_i_root; then - run_as_user "$GITEA_DAEMON_USER" "${cmd[@]}" "${args[@]}" >"$log_file" 2>&1 & - else - "${cmd[@]}" "${args[@]}" >"$log_file" 2>&1 & - fi - if ! retry_while is_gitea_running; then - error "Gitea failed to start" - exit 1 - fi - wait_for_log_entry "Starting new Web server" "$log_file" - info "Gitea started successfully" -} - -######################## -# Check if Gitea is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_gitea_running() { - pid="$(get_pid_from_file "$GITEA_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if Gitea is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_gitea_not_running() { - ! is_gitea_running -} - -######################## -# Stop Gitea -# Arguments: -# None -# Returns: -# None -######################### -gitea_stop() { - ! is_gitea_running && return - stop_service_using_pid "$GITEA_PID_FILE" -} diff --git a/bitnami/gitea/1/debian-11/tags-info.yaml b/bitnami/gitea/1/debian-11/tags-info.yaml deleted file mode 100644 index 7cb712f3d688..000000000000 --- a/bitnami/gitea/1/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "1" -- 1-debian-11 -- 1.21.5 -- latest diff --git a/bitnami/gitlab-runner-helper/16/debian-11/Dockerfile b/bitnami/gitlab-runner-helper/16/debian-11/Dockerfile deleted file mode 100644 index 8a27869d2bdb..000000000000 --- a/bitnami/gitlab-runner-helper/16/debian-11/Dockerfile +++ /dev/null @@ -1,57 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T19:45:53Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="16.8.0-debian-11-r23" \ - org.opencontainers.image.title="gitlab-runner-helper" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="16.8.0" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl git git-lfs openssh-client procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "gitlab-runner-helper-16.8.0-3-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN mkdir /home/gitlab-runner && \ - chmod -R g+rwX /home/gitlab-runner && \ - ln -s /opt/bitnami/common/bin/dumb-init /usr/bin/dumb-init && \ - ln -s /opt/bitnami/scripts/gitlab-runner-helper/entrypoint.sh /entrypoint && \ - ln -s /opt/bitnami/gitlab-runner-helper/bin/gitlab-runner-helper /usr/bin/gitlab-runner-helper -ENV APP_VERSION="16.8.0" \ - BITNAMI_APP_NAME="gitlab-runner-helper" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/gitlab-runner-helper/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "/usr/bin/dumb-init", "/opt/bitnami/scripts/gitlab-runner-helper/entrypoint.sh" ] -CMD [ "sh" ] diff --git a/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index c1c917989f32..000000000000 --- a/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "gitlab-runner-helper": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "16.8.0-3" - } -} \ No newline at end of file diff --git a/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/gitlab-runner-helper/16/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/gitlab-runner-helper/16/debian-11/rootfs/opt/bitnami/scripts/gitlab-runner-helper/entrypoint.sh b/bitnami/gitlab-runner-helper/16/debian-11/rootfs/opt/bitnami/scripts/gitlab-runner-helper/entrypoint.sh deleted file mode 100755 index e353a7b51f11..000000000000 --- a/bitnami/gitlab-runner-helper/16/debian-11/rootfs/opt/bitnami/scripts/gitlab-runner-helper/entrypoint.sh +++ /dev/null @@ -1,57 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -print_welcome_page - -# Configure libnss_wrapper based on the UID/GID used to run the container -# This container supports arbitrary UIDs, therefore we have do it dynamically -if ! am_i_root; then - export LNAME="gitlab-runner" - export LD_PRELOAD="/opt/bitnami/common/lib/libnss_wrapper.so" - if [[ -f "$LD_PRELOAD" ]]; then - info "Configuring libnss_wrapper" - NSS_WRAPPER_PASSWD="$(mktemp)" - export NSS_WRAPPER_PASSWD - NSS_WRAPPER_GROUP="$(mktemp)" - export NSS_WRAPPER_GROUP - if [[ "$HOME" == "/" ]]; then - export HOME=/home/gitlab-runner - fi - echo "gitlab-runner:x:$(id -u):$(id -g):GitlabRunner:${HOME}:/bin/false" >"$NSS_WRAPPER_PASSWD" - echo "gitlab-runner:x:$(id -g):" >"$NSS_WRAPPER_GROUP" - chmod 400 "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP" - fi -fi - -## Code taken from the upstream gitlab-runner-helper container -## https://gitlab.com/gitlab-org/gitlab-runner/-/blob/main/dockerfiles/runner-helper/helpers/entrypoint - -DATA_DIR="/etc/gitlab-runner" -CONFIG_FILE=${CONFIG_FILE:-$DATA_DIR/config.toml} -CA_CERTIFICATES_PATH=${CA_CERTIFICATES_PATH:-$DATA_DIR/certs/ca.crt} -LOCAL_CA_PATH="/usr/local/share/ca-certificates/ca.crt" - -update_ca() { - echo "Updating CA certificates..." - cp "${CA_CERTIFICATES_PATH}" "${LOCAL_CA_PATH}" - update-ca-certificates --fresh >/dev/null -} - -if [[ -f "${CA_CERTIFICATES_PATH}" ]]; then - cmp --silent "${CA_CERTIFICATES_PATH}" "${LOCAL_CA_PATH}" || update_ca -fi - -exec "$@" diff --git a/bitnami/gitlab-runner-helper/16/debian-11/tags-info.yaml b/bitnami/gitlab-runner-helper/16/debian-11/tags-info.yaml deleted file mode 100644 index 66cee89becc9..000000000000 --- a/bitnami/gitlab-runner-helper/16/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "16" -- 16-debian-11 -- 16.8.0 -- latest diff --git a/bitnami/gitlab-runner/16/debian-11/Dockerfile b/bitnami/gitlab-runner/16/debian-11/Dockerfile deleted file mode 100644 index 1474a48d13bd..000000000000 --- a/bitnami/gitlab-runner/16/debian-11/Dockerfile +++ /dev/null @@ -1,53 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T19:46:10Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="16.8.0-debian-11-r22" \ - org.opencontainers.image.title="gitlab-runner" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="16.8.0" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl git git-lfs openssh-client procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "gitlab-runner-16.8.0-3-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN mkdir /home/gitlab-runner && chmod -R g+rwX /home/gitlab-runner && ln -s /opt/bitnami/common/bin/dumb-init /usr/bin/dumb-init && ln -s /opt/bitnami/scripts/gitlab-runner/entrypoint.sh /entrypoint -ENV APP_VERSION="16.8.0" \ - BITNAMI_APP_NAME="gitlab-runner" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/gitlab-runner/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "/usr/bin/dumb-init", "/opt/bitnami/scripts/gitlab-runner/entrypoint.sh" ] -CMD [ "run", "--user=gitlab-runner", "--working-directory=/home/gitlab-runner" ] diff --git a/bitnami/gitlab-runner/16/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/gitlab-runner/16/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 9cbcafa2666f..000000000000 --- a/bitnami/gitlab-runner/16/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "gitlab-runner": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "16.8.0-3" - } -} \ No newline at end of file diff --git a/bitnami/gitlab-runner/16/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/gitlab-runner/16/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/gitlab-runner/16/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/gitlab-runner/16/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/gitlab-runner/16/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/gitlab-runner/16/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/gitlab-runner/16/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/gitlab-runner/16/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/gitlab-runner/16/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/gitlab-runner/16/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/gitlab-runner/16/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/gitlab-runner/16/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/gitlab-runner/16/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/gitlab-runner/16/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/gitlab-runner/16/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/gitlab-runner/16/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/gitlab-runner/16/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/gitlab-runner/16/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/gitlab-runner/16/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/gitlab-runner/16/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/gitlab-runner/16/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/gitlab-runner/16/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/gitlab-runner/16/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/gitlab-runner/16/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/gitlab-runner/16/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/gitlab-runner/16/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/gitlab-runner/16/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/gitlab-runner/16/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/gitlab-runner/16/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/gitlab-runner/16/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/gitlab-runner/16/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/gitlab-runner/16/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/gitlab-runner/16/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/gitlab-runner/16/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/gitlab-runner/16/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/gitlab-runner/16/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/gitlab-runner/16/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/gitlab-runner/16/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/gitlab-runner/16/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/gitlab-runner/16/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/gitlab-runner/16/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/gitlab-runner/16/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/gitlab-runner/16/debian-11/rootfs/opt/bitnami/scripts/gitlab-runner/entrypoint.sh b/bitnami/gitlab-runner/16/debian-11/rootfs/opt/bitnami/scripts/gitlab-runner/entrypoint.sh deleted file mode 100755 index af9cc090f257..000000000000 --- a/bitnami/gitlab-runner/16/debian-11/rootfs/opt/bitnami/scripts/gitlab-runner/entrypoint.sh +++ /dev/null @@ -1,57 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -print_welcome_page - -# Configure libnss_wrapper based on the UID/GID used to run the container -# This container supports arbitrary UIDs, therefore we have do it dynamically -if ! am_i_root; then - export LNAME="gitlab-runner" - export LD_PRELOAD="/opt/bitnami/common/lib/libnss_wrapper.so" - if [[ -f "$LD_PRELOAD" ]]; then - info "Configuring libnss_wrapper" - NSS_WRAPPER_PASSWD="$(mktemp)" - export NSS_WRAPPER_PASSWD - NSS_WRAPPER_GROUP="$(mktemp)" - export NSS_WRAPPER_GROUP - if [[ "$HOME" == "/" ]]; then - export HOME=/home/gitlab-runner - fi - echo "gitlab-runner:x:$(id -u):$(id -g):GitlabRunner:${HOME}:/bin/false" >"$NSS_WRAPPER_PASSWD" - echo "gitlab-runner:x:$(id -g):" >"$NSS_WRAPPER_GROUP" - chmod 400 "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP" - fi -fi - -## Code taken from the upstream gitlab-runner container -## https://gitlab.com/gitlab-org/gitlab-runner/-/blob/main/dockerfiles/runner/ubuntu/entrypoint - -DATA_DIR="/etc/gitlab-runner" -CONFIG_FILE=${CONFIG_FILE:-$DATA_DIR/config.toml} -CA_CERTIFICATES_PATH=${CA_CERTIFICATES_PATH:-$DATA_DIR/certs/ca.crt} -LOCAL_CA_PATH="/usr/local/share/ca-certificates/ca.crt" - -update_ca() { - echo "Updating CA certificates..." - cp "${CA_CERTIFICATES_PATH}" "${LOCAL_CA_PATH}" - update-ca-certificates --fresh >/dev/null -} - -if [[ -f "${CA_CERTIFICATES_PATH}" ]]; then - cmp --silent "${CA_CERTIFICATES_PATH}" "${LOCAL_CA_PATH}" || update_ca -fi - -exec gitlab-runner "$@" diff --git a/bitnami/gitlab-runner/16/debian-11/tags-info.yaml b/bitnami/gitlab-runner/16/debian-11/tags-info.yaml deleted file mode 100644 index 66cee89becc9..000000000000 --- a/bitnami/gitlab-runner/16/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "16" -- 16-debian-11 -- 16.8.0 -- latest diff --git a/bitnami/golang/1.20/debian-11/Dockerfile b/bitnami/golang/1.20/debian-11/Dockerfile deleted file mode 100644 index 9a5bbe499c60..000000000000 --- a/bitnami/golang/1.20/debian-11/Dockerfile +++ /dev/null @@ -1,51 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T02:04:01Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.20.14-debian-11-r18" \ - org.opencontainers.image.title="golang" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="1.20.14" - -ENV OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages build-essential ca-certificates curl git pkg-config procps unzip -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "golang-1.20.14-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN mkdir -p "/go/src" "/go/bin" && chmod -R 777 "/go" - -ENV APP_VERSION="1.20.14" \ - BITNAMI_APP_NAME="golang" \ - GOCACHE="/go/.cache" \ - GOPATH="/go" \ - PATH="/go/bin:/opt/bitnami/go/bin:$PATH" - -WORKDIR $GOPATH -CMD [ "bash" ] diff --git a/bitnami/golang/1.20/debian-11/docker-compose.yml b/bitnami/golang/1.20/debian-11/docker-compose.yml deleted file mode 100644 index 6904d0ea8695..000000000000 --- a/bitnami/golang/1.20/debian-11/docker-compose.yml +++ /dev/null @@ -1,9 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' -services: - golang: - tty: true # Enables debugging capabilities when attached to this container. - image: docker.io/bitnami/golang:1.20 - command: ["sleep", "infinity"] # To keep the container running diff --git a/bitnami/golang/1.20/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/golang/1.20/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 5a4c3cc9111b..000000000000 --- a/bitnami/golang/1.20/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "golang": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.20.14-1" - } -} \ No newline at end of file diff --git a/bitnami/golang/1.20/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/golang/1.20/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/golang/1.20/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/golang/1.20/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/golang/1.20/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/golang/1.20/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/golang/1.20/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/golang/1.20/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/golang/1.20/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/golang/1.20/debian-11/tags-info.yaml b/bitnami/golang/1.20/debian-11/tags-info.yaml deleted file mode 100644 index 486180b7318e..000000000000 --- a/bitnami/golang/1.20/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "1.20" -- 1.20-debian-11 -- 1.20.14 diff --git a/bitnami/golang/1.21/debian-11/Dockerfile b/bitnami/golang/1.21/debian-11/Dockerfile deleted file mode 100644 index da7b42915153..000000000000 --- a/bitnami/golang/1.21/debian-11/Dockerfile +++ /dev/null @@ -1,51 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T02:05:38Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.21.7-debian-11-r18" \ - org.opencontainers.image.title="golang" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="1.21.7" - -ENV OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages build-essential ca-certificates curl git pkg-config procps unzip -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "golang-1.21.7-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN mkdir -p "/go/src" "/go/bin" && chmod -R 777 "/go" - -ENV APP_VERSION="1.21.7" \ - BITNAMI_APP_NAME="golang" \ - GOCACHE="/go/.cache" \ - GOPATH="/go" \ - PATH="/go/bin:/opt/bitnami/go/bin:$PATH" - -WORKDIR $GOPATH -CMD [ "bash" ] diff --git a/bitnami/golang/1.21/debian-11/docker-compose.yml b/bitnami/golang/1.21/debian-11/docker-compose.yml deleted file mode 100644 index 0984f684a5e7..000000000000 --- a/bitnami/golang/1.21/debian-11/docker-compose.yml +++ /dev/null @@ -1,9 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' -services: - golang: - tty: true # Enables debugging capabilities when attached to this container. - image: docker.io/bitnami/golang:1.21 - command: ["sleep", "infinity"] # To keep the container running diff --git a/bitnami/golang/1.21/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/golang/1.21/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 7f842e723579..000000000000 --- a/bitnami/golang/1.21/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "golang": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.21.7-1" - } -} \ No newline at end of file diff --git a/bitnami/golang/1.21/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/golang/1.21/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/golang/1.21/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/golang/1.21/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/golang/1.21/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/golang/1.21/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/golang/1.21/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/golang/1.21/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/golang/1.21/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/golang/1.21/debian-11/tags-info.yaml b/bitnami/golang/1.21/debian-11/tags-info.yaml deleted file mode 100644 index 2c50af7f9b60..000000000000 --- a/bitnami/golang/1.21/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "1.21" -- 1.21-debian-11 -- 1.21.7 diff --git a/bitnami/golang/1.22/debian-11/Dockerfile b/bitnami/golang/1.22/debian-11/Dockerfile deleted file mode 100644 index 80beafde792b..000000000000 --- a/bitnami/golang/1.22/debian-11/Dockerfile +++ /dev/null @@ -1,51 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T09:50:41Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.22.0-debian-11-r9" \ - org.opencontainers.image.title="golang" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="1.22.0" - -ENV OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages build-essential ca-certificates curl git pkg-config procps unzip -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "golang-1.22.0-0-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN mkdir -p "/go/src" "/go/bin" && chmod -R 777 "/go" - -ENV APP_VERSION="1.22.0" \ - BITNAMI_APP_NAME="golang" \ - GOCACHE="/go/.cache" \ - GOPATH="/go" \ - PATH="/go/bin:/opt/bitnami/go/bin:$PATH" - -WORKDIR $GOPATH -CMD [ "bash" ] diff --git a/bitnami/golang/1.22/debian-11/docker-compose.yml b/bitnami/golang/1.22/debian-11/docker-compose.yml deleted file mode 100644 index 4c94d2004f91..000000000000 --- a/bitnami/golang/1.22/debian-11/docker-compose.yml +++ /dev/null @@ -1,9 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' -services: - golang: - tty: true # Enables debugging capabilities when attached to this container. - image: docker.io/bitnami/golang:1.22 - command: ["sleep", "infinity"] # To keep the container running diff --git a/bitnami/golang/1.22/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/golang/1.22/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index a3be1de336c9..000000000000 --- a/bitnami/golang/1.22/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "golang": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.22.0-0" - } -} \ No newline at end of file diff --git a/bitnami/golang/1.22/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/golang/1.22/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/golang/1.22/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/golang/1.22/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/golang/1.22/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/golang/1.22/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/golang/1.22/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/golang/1.22/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/golang/1.22/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/golang/1.22/debian-11/tags-info.yaml b/bitnami/golang/1.22/debian-11/tags-info.yaml deleted file mode 100644 index 4a3cd37cc7e2..000000000000 --- a/bitnami/golang/1.22/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "1.22" -- 1.22-debian-11 -- 1.22.0 -- latest diff --git a/bitnami/google-cloud-sdk/0/debian-11/Dockerfile b/bitnami/google-cloud-sdk/0/debian-11/Dockerfile deleted file mode 100644 index f947cad25f73..000000000000 --- a/bitnami/google-cloud-sdk/0/debian-11/Dockerfile +++ /dev/null @@ -1,55 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T02:06:18Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="0.464.0-debian-11-r8" \ - org.opencontainers.image.title="google-cloud-sdk" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="0.464.0" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libbz2-1.0 libcom-err2 libcrypt1 libffi7 libgssapi-krb5-2 libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 liblzma5 libncursesw6 libnsl2 libreadline8 libsqlite3-0 libssl1.1 libtinfo6 libtirpc3 procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "python-3.11.8-0-linux-${OS_ARCH}-debian-11" \ - "google-cloud-sdk-0.464.0-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN mkdir /.config /.gsutil && chmod g+rwX /.config /.gsutil -RUN mkdir /.local && chmod g+rwX /.local - -ENV APP_VERSION="0.464.0" \ - BITNAMI_APP_NAME="google-cloud-sdk" \ - PATH="/opt/bitnami/python/bin:/opt/bitnami/google-cloud-sdk/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "gcloud" ] -CMD [ "--help" ] diff --git a/bitnami/google-cloud-sdk/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/google-cloud-sdk/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 8ec48886e93f..000000000000 --- a/bitnami/google-cloud-sdk/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "google-cloud-sdk": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "0.464.0-1" - }, - "python": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.11.8-0" - } -} \ No newline at end of file diff --git a/bitnami/google-cloud-sdk/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/google-cloud-sdk/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/google-cloud-sdk/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/google-cloud-sdk/0/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/google-cloud-sdk/0/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/google-cloud-sdk/0/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/google-cloud-sdk/0/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/google-cloud-sdk/0/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/google-cloud-sdk/0/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/google-cloud-sdk/0/debian-11/tags-info.yaml b/bitnami/google-cloud-sdk/0/debian-11/tags-info.yaml deleted file mode 100644 index a897236628d7..000000000000 --- a/bitnami/google-cloud-sdk/0/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "0" -- 0-debian-11 -- 0.464.0 -- latest diff --git a/bitnami/gotrue/1/debian-11/Dockerfile b/bitnami/gotrue/1/debian-11/Dockerfile deleted file mode 100644 index 059099877d3e..000000000000 --- a/bitnami/gotrue/1/debian-11/Dockerfile +++ /dev/null @@ -1,51 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T02:07:21Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.0.1-debian-11-r245" \ - org.opencontainers.image.title="gotrue" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="1.0.1" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "gotrue-1.0.1-16-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN useradd -r -u 1001 -g root gotrue -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="1.0.1" \ - BITNAMI_APP_NAME="gotrue" \ - PATH="/opt/bitnami/gotrue/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/gotrue/bin/gotrue" ] diff --git a/bitnami/gotrue/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/gotrue/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 8d230188feca..000000000000 --- a/bitnami/gotrue/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "gotrue": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.1-16" - } -} \ No newline at end of file diff --git a/bitnami/gotrue/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/gotrue/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/gotrue/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/gotrue/1/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/gotrue/1/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/gotrue/1/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/gotrue/1/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/gotrue/1/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/gotrue/1/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/gotrue/1/debian-11/tags-info.yaml b/bitnami/gotrue/1/debian-11/tags-info.yaml deleted file mode 100644 index a8f651b3a58c..000000000000 --- a/bitnami/gotrue/1/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "1" -- 1-debian-11 -- 1.0.1 -- latest diff --git a/bitnami/gradle/8/debian-11/Dockerfile b/bitnami/gradle/8/debian-11/Dockerfile deleted file mode 100644 index 5dfe1c280b26..000000000000 --- a/bitnami/gradle/8/debian-11/Dockerfile +++ /dev/null @@ -1,52 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T02:08:05Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="8.6.0-debian-11-r19" \ - org.opencontainers.image.title="gradle" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="8.6.0" - -ENV HOME="/app" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "java-17.0.10-13-2-linux-${OS_ARCH}-debian-11" \ - "gradle-8.6.0-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN mkdir /app && chmod g+rwX /app -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="8.6.0" \ - BITNAMI_APP_NAME="gradle" \ - PATH="/opt/bitnami/java/bin:/opt/bitnami/gradle/bin:$PATH" - -WORKDIR /app -ENTRYPOINT [ "gradle" ] -CMD [ "--help" ] diff --git a/bitnami/gradle/8/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/gradle/8/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 09fd7eab8ecb..000000000000 --- a/bitnami/gradle/8/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "gradle": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "8.6.0-1" - }, - "java": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "17.0.10-13-2" - } -} \ No newline at end of file diff --git a/bitnami/gradle/8/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/gradle/8/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/gradle/8/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/gradle/8/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/gradle/8/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/gradle/8/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/gradle/8/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/gradle/8/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/gradle/8/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/gradle/8/debian-11/tags-info.yaml b/bitnami/gradle/8/debian-11/tags-info.yaml deleted file mode 100644 index a414989b2934..000000000000 --- a/bitnami/gradle/8/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "8" -- 8-debian-11 -- 8.6.0 -- latest diff --git a/bitnami/grafana-image-renderer/3/debian-11/Dockerfile b/bitnami/grafana-image-renderer/3/debian-11/Dockerfile deleted file mode 100644 index ac1949ffb08b..000000000000 --- a/bitnami/grafana-image-renderer/3/debian-11/Dockerfile +++ /dev/null @@ -1,59 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T02:18:30Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="3.9.1-debian-11-r18" \ - org.opencontainers.image.title="grafana-image-renderer" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="3.9.1" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates chromium curl fonts-freefont-ttf fonts-ipafont-gothic fonts-kacst fonts-thai-tlwg fonts-wqy-zenhei gnupg jq libbz2-1.0 libcom-err2 libcrypt1 libffi7 libgcc-s1 libgssapi-krb5-2 libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 liblzma5 libncursesw6 libnsl2 libreadline8 libsqlite3-0 libssl1.1 libstdc++6 libtinfo6 libtirpc3 libx11-xcb1 libxcb-dri3-0 libxshmfence1 libxss1 libxtst6 procps wget zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "python-3.11.8-0-linux-${OS_ARCH}-debian-11" \ - "node-18.19.1-0-linux-${OS_ARCH}-debian-11" \ - "grafana-image-renderer-3.9.1-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="3.9.1" \ - BITNAMI_APP_NAME="grafana-image-renderer" \ - HTTP_HOST="0.0.0.0" \ - HTTP_PORT="8080" \ - PATH="/opt/bitnami/python/bin:/opt/bitnami/node/bin:$PATH" - -EXPOSE 3000 8080 - -WORKDIR /opt/bitnami/grafana-image-renderer -USER 1001 -ENTRYPOINT [ "node" ] -CMD [ "build/app.js", "server", "--config=conf/config.json" ] diff --git a/bitnami/grafana-image-renderer/3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/grafana-image-renderer/3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index b01676a0eac2..000000000000 --- a/bitnami/grafana-image-renderer/3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "grafana-image-renderer": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.9.1-1" - }, - "node": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "18.19.1-0" - }, - "python": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.11.8-0" - } -} \ No newline at end of file diff --git a/bitnami/grafana-image-renderer/3/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/grafana-image-renderer/3/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/grafana-image-renderer/3/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/grafana-image-renderer/3/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/grafana-image-renderer/3/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/grafana-image-renderer/3/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/grafana-image-renderer/3/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/grafana-image-renderer/3/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/grafana-image-renderer/3/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/grafana-image-renderer/3/debian-11/tags-info.yaml b/bitnami/grafana-image-renderer/3/debian-11/tags-info.yaml deleted file mode 100644 index 4a1659ce74f5..000000000000 --- a/bitnami/grafana-image-renderer/3/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "3" -- 3-debian-11 -- 3.9.1 -- latest diff --git a/bitnami/grafana-loki/2/debian-11/Dockerfile b/bitnami/grafana-loki/2/debian-11/Dockerfile deleted file mode 100644 index 7952333c6bb2..000000000000 --- a/bitnami/grafana-loki/2/debian-11/Dockerfile +++ /dev/null @@ -1,55 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T03:16:40Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="2.9.4-debian-11-r25" \ - org.opencontainers.image.title="grafana-loki" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="2.9.4" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "grafana-loki-2.9.4-3-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN mkdir -p /bitnami/grafana-loki/data /bitnami/grafana-loki/loki /bitnami/grafana-loki/wal && chmod -R g+rwX /bitnami/grafana-loki && ln -s /bitnami/grafana-loki/loki /loki && ln -s /bitnami/grafana-loki/data /data && ln -s /bitnami/grafana-loki/wal /wal -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="2.9.4" \ - BITNAMI_APP_NAME="grafana-loki" \ - PATH="/opt/bitnami/grafana-loki/bin:$PATH" - -EXPOSE 3100 - -USER 1001 -ENTRYPOINT [ "loki" ] -CMD [ "-config.file=/bitnami/grafana-loki/conf/loki.yaml" ] diff --git a/bitnami/grafana-loki/2/debian-11/examples/loki.yaml b/bitnami/grafana-loki/2/debian-11/examples/loki.yaml deleted file mode 100644 index 807095ae0235..000000000000 --- a/bitnami/grafana-loki/2/debian-11/examples/loki.yaml +++ /dev/null @@ -1,70 +0,0 @@ -# This is a configuration to deploy Loki depending only on a storage solution -# for example, an S3-compatible API like MinIO. -# The ring configuration is based on the gossip memberlist and the index is shipped to storage -# via Single Store (boltdb-shipper) - -auth_enabled: false - -server: - http_listen_port: 3100 - -distributor: - ring: - kvstore: - store: memberlist - -ingester: - lifecycler: - ring: - kvstore: - store: memberlist - replication_factor: 1 - final_sleep: 0s - chunk_idle_period: 5m - chunk_retain_period: 30s - -memberlist: - abort_if_cluster_join_fails: false - - # Expose this port on all distributor, ingester - # and querier replicas. - bind_port: 7946 - - # You can use a headless k8s service for all distributor, - # ingester and querier components. - join_members: - - loki-gossip-ring.loki.svc.cluster.local:7946 - - max_join_backoff: 1m - max_join_retries: 10 - min_join_backoff: 1s - -schema_config: - configs: - - from: 2020-05-15 - store: boltdb-shipper - object_store: s3 - schema: v11 - index: - prefix: index_ - period: 24h - -storage_config: - boltdb_shipper: - active_index_directory: /loki/index - cache_location: /loki/index_cache - shared_store: s3 - - aws: - s3: s3://access_key:secret_access_key@custom_endpoint/bucket_name - s3forcepathstyle: true - -limits_config: - enforce_metric_name: false - reject_old_samples: true - reject_old_samples_max_age: 168h - -compactor: - working_directory: /data/compactor - shared_store: s3 - compaction_interval: 5m diff --git a/bitnami/grafana-loki/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/grafana-loki/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 2ba3c13a00c5..000000000000 --- a/bitnami/grafana-loki/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "grafana-loki": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.9.4-3" - } -} \ No newline at end of file diff --git a/bitnami/grafana-loki/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/grafana-loki/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/grafana-loki/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/grafana-loki/2/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/grafana-loki/2/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/grafana-loki/2/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/grafana-loki/2/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/grafana-loki/2/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/grafana-loki/2/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/grafana-loki/2/debian-11/tags-info.yaml b/bitnami/grafana-loki/2/debian-11/tags-info.yaml deleted file mode 100644 index 688601e661da..000000000000 --- a/bitnami/grafana-loki/2/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "2" -- 2-debian-11 -- 2.9.4 -- latest diff --git a/bitnami/grafana-mimir/2/debian-11/Dockerfile b/bitnami/grafana-mimir/2/debian-11/Dockerfile deleted file mode 100644 index ba0aacd94f14..000000000000 --- a/bitnami/grafana-mimir/2/debian-11/Dockerfile +++ /dev/null @@ -1,56 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T03:22:27Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="2.11.0-debian-11-r27" \ - org.opencontainers.image.title="grafana-mimir" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="2.11.0" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "grafana-mimir-2.11.0-5-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN mkdir -p /bitnami/grafana-mimir/data /bitnami/grafana-mimir/mimir && chmod -R g+rwX /bitnami/grafana-mimir && ln -s /bitnami/grafana-mimir/mimir /mimir && ln -s /bitnami/grafana-mimir/data /data -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="2.11.0" \ - BITNAMI_APP_NAME="grafana-mimir" \ - PATH="/opt/bitnami/grafana-mimir/bin:$PATH" - -EXPOSE 8080 9095 - -WORKDIR /opt/bitnami/grafana-mimir -USER 1001 -ENTRYPOINT [ "mimir" ] -CMD [ "-config.file=/bitnami/grafana-mimir/conf/mimir.yaml" ] diff --git a/bitnami/grafana-mimir/2/debian-11/examples/mimir.yaml b/bitnami/grafana-mimir/2/debian-11/examples/mimir.yaml deleted file mode 100644 index 846f279105c6..000000000000 --- a/bitnami/grafana-mimir/2/debian-11/examples/mimir.yaml +++ /dev/null @@ -1,54 +0,0 @@ -# This is a configuration to deploy run Grafana Mimir as a monolith and with local filesystem storage -# Do not use this configuration in production. -# It is for demonstration purposes only. -multitenancy_enabled: false - -activity_tracker: - filepath: /mimir/metrics-activity.log - -alertmanager: - data_dir: /mimir/data-alertmanager - -blocks_storage: - backend: filesystem - bucket_store: - sync_dir: /mimir/tsdb-sync - filesystem: - dir: /data/blocks - tsdb: - dir: /data/tsdb - -compactor: - data_dir: /mimir/compactor - sharding_ring: - kvstore: - store: memberlist - -distributor: - ring: - instance_addr: 127.0.0.1 - kvstore: - store: memberlist - -ingester: - ring: - instance_addr: 127.0.0.1 - kvstore: - store: memberlist - replication_factor: 1 - -ruler_storage: - backend: filesystem - filesystem: - dir: /data/ruler - -ruler: - rule_path: /mimir/data-ruler - -server: - http_listen_port: 9009 - log_level: error - -store_gateway: - sharding_ring: - replication_factor: 1 \ No newline at end of file diff --git a/bitnami/grafana-mimir/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/grafana-mimir/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 4f0dc2f7fefc..000000000000 --- a/bitnami/grafana-mimir/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "grafana-mimir": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.11.0-5" - } -} \ No newline at end of file diff --git a/bitnami/grafana-mimir/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/grafana-mimir/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/grafana-mimir/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/grafana-mimir/2/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/grafana-mimir/2/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/grafana-mimir/2/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/grafana-mimir/2/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/grafana-mimir/2/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/grafana-mimir/2/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/grafana-mimir/2/debian-11/tags-info.yaml b/bitnami/grafana-mimir/2/debian-11/tags-info.yaml deleted file mode 100644 index d75a7d737f52..000000000000 --- a/bitnami/grafana-mimir/2/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "2" -- 2-debian-11 -- 2.11.0 -- latest diff --git a/bitnami/grafana-operator/5/debian-11/Dockerfile b/bitnami/grafana-operator/5/debian-11/Dockerfile deleted file mode 100644 index aa80918f393b..000000000000 --- a/bitnami/grafana-operator/5/debian-11/Dockerfile +++ /dev/null @@ -1,56 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T03:29:31Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="5.6.3-debian-11-r17" \ - org.opencontainers.image.title="grafana-operator" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="5.6.3" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "grafana-operator-5.6.3-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN ln -sf /opt/bitnami/grafana-operator/bin/grafana-operator /usr/local/bin/grafana-operator -RUN mkdir -p /opt/jsonnet && ln -sf /opt/bitnami/grafonnet-lib/grafonnet /opt/jsonnet/grafonnet - -ENV APP_VERSION="5.6.3" \ - BITNAMI_APP_NAME="grafana-operator" \ - PATH="/opt/bitnami/grafana-operator/bin:$PATH" - -EXPOSE 8080 - -WORKDIR /opt/bitnami/grafana-operator -USER 1001 -ENTRYPOINT [ "grafana-operator" ] diff --git a/bitnami/grafana-operator/5/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/grafana-operator/5/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index dbb57159dc68..000000000000 --- a/bitnami/grafana-operator/5/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "grafana-operator": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "5.6.3-1" - } -} \ No newline at end of file diff --git a/bitnami/grafana-operator/5/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/grafana-operator/5/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/grafana-operator/5/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/grafana-operator/5/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/grafana-operator/5/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/grafana-operator/5/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/grafana-operator/5/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/grafana-operator/5/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/grafana-operator/5/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/grafana-operator/5/debian-11/tags-info.yaml b/bitnami/grafana-operator/5/debian-11/tags-info.yaml deleted file mode 100644 index cecc178b6e55..000000000000 --- a/bitnami/grafana-operator/5/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "5" -- 5-debian-11 -- 5.6.3 -- latest diff --git a/bitnami/grafana-tempo-query/2/debian-11/Dockerfile b/bitnami/grafana-tempo-query/2/debian-11/Dockerfile deleted file mode 100644 index 9b019ebd667f..000000000000 --- a/bitnami/grafana-tempo-query/2/debian-11/Dockerfile +++ /dev/null @@ -1,54 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T03:34:11Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="2.3.1-debian-11-r27" \ - org.opencontainers.image.title="grafana-tempo-query" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="2.3.1" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "grafana-tempo-query-2.3.1-6-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="2.3.1" \ - BITNAMI_APP_NAME="grafana-tempo-query" \ - GRPC_STORAGE_PLUGIN_BINARY="/opt/bitnami/grafana-tempo-query/bin/tempo-query" \ - PATH="/opt/bitnami/grafana-tempo-query/bin:/opt/bitnami/jaeger-query/bin:$PATH" \ - SPAN_STORAGE_TYPE="grpc-plugin" - -USER 1001 -ENTRYPOINT [ "query" ] -CMD [ "--grpc-storage-plugin.configuration-file=/bitnami/grafana-tempo/conf/tempo-query.yaml" ] diff --git a/bitnami/grafana-tempo-query/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/grafana-tempo-query/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index b822775875da..000000000000 --- a/bitnami/grafana-tempo-query/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "grafana-tempo-query": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.3.1-6" - } -} \ No newline at end of file diff --git a/bitnami/grafana-tempo-query/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/grafana-tempo-query/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/grafana-tempo-query/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/grafana-tempo-query/2/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/grafana-tempo-query/2/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/grafana-tempo-query/2/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/grafana-tempo-query/2/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/grafana-tempo-query/2/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/grafana-tempo-query/2/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/grafana-tempo-query/2/debian-11/tags-info.yaml b/bitnami/grafana-tempo-query/2/debian-11/tags-info.yaml deleted file mode 100644 index 95be3f4e047f..000000000000 --- a/bitnami/grafana-tempo-query/2/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "2" -- 2-debian-11 -- 2.3.1 -- latest diff --git a/bitnami/grafana-tempo-vulture/2/debian-11/Dockerfile b/bitnami/grafana-tempo-vulture/2/debian-11/Dockerfile deleted file mode 100644 index 5280d50b08bc..000000000000 --- a/bitnami/grafana-tempo-vulture/2/debian-11/Dockerfile +++ /dev/null @@ -1,52 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T03:42:30Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="2.3.1-debian-11-r28" \ - org.opencontainers.image.title="grafana-tempo-vulture" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="2.3.1" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "grafana-tempo-vulture-2.3.1-6-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="2.3.1" \ - BITNAMI_APP_NAME="grafana-tempo-vulture" \ - PATH="/opt/bitnami/grafana-tempo-vulture/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "tempo-vulture" ] -CMD [ "--help" ] diff --git a/bitnami/grafana-tempo-vulture/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/grafana-tempo-vulture/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 8218080095ba..000000000000 --- a/bitnami/grafana-tempo-vulture/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "grafana-tempo-vulture": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.3.1-6" - } -} \ No newline at end of file diff --git a/bitnami/grafana-tempo-vulture/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/grafana-tempo-vulture/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/grafana-tempo-vulture/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/grafana-tempo-vulture/2/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/grafana-tempo-vulture/2/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/grafana-tempo-vulture/2/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/grafana-tempo-vulture/2/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/grafana-tempo-vulture/2/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/grafana-tempo-vulture/2/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/grafana-tempo-vulture/2/debian-11/tags-info.yaml b/bitnami/grafana-tempo-vulture/2/debian-11/tags-info.yaml deleted file mode 100644 index 95be3f4e047f..000000000000 --- a/bitnami/grafana-tempo-vulture/2/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "2" -- 2-debian-11 -- 2.3.1 -- latest diff --git a/bitnami/grafana-tempo/2/debian-11/Dockerfile b/bitnami/grafana-tempo/2/debian-11/Dockerfile deleted file mode 100644 index f50d935301c1..000000000000 --- a/bitnami/grafana-tempo/2/debian-11/Dockerfile +++ /dev/null @@ -1,53 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T03:48:32Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="2.3.1-debian-11-r27" \ - org.opencontainers.image.title="grafana-tempo" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="2.3.1" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "grafana-tempo-2.3.1-6-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN mkdir -p /bitnami/grafana-tempo && chmod g+rwX /bitnami/grafana-tempo -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="2.3.1" \ - BITNAMI_APP_NAME="grafana-tempo" \ - PATH="/opt/bitnami/grafana-tempo/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "tempo" ] -CMD [ "-config.file=/bitnami/grafana-tempo/conf/tempo.yaml" ] diff --git a/bitnami/grafana-tempo/2/debian-11/examples/tempo.yaml b/bitnami/grafana-tempo/2/debian-11/examples/tempo.yaml deleted file mode 100644 index 0afa036431a4..000000000000 --- a/bitnami/grafana-tempo/2/debian-11/examples/tempo.yaml +++ /dev/null @@ -1,46 +0,0 @@ -server: - http_listen_port: 3200 - -distributor: - receivers: # this configuration will listen on all ports and protocols that tempo is capable of. - jaeger: # the receives all come from the OpenTelemetry collector. more configuration information can - protocols: # be found there: https://github.com/open-telemetry/opentelemetry-collector/tree/main/receiver - thrift_http: # - grpc: # for a production deployment you should only enable the receivers you need! - thrift_binary: - thrift_compact: - zipkin: - otlp: - protocols: - http: - grpc: - opencensus: - -ingester: - max_block_duration: 5m # cut the headblock when this much time passes. this is being set for demo purposes and should probably be left alone normally - -compactor: - compaction: - block_retention: 1h # overall Tempo trace retention. set for demo purposes - -metrics_generator: - registry: - external_labels: - source: tempo - cluster: docker-compose - storage: - path: /tmp/tempo/generator/wal - remote_write: - - url: http://prometheus:9090/api/v1/write - send_exemplars: true - -storage: - trace: - backend: local # backend configuration to use - wal: - path: /tmp/tempo/wal # where to store the the wal locally - local: - path: /tmp/tempo/blocks - -overrides: - metrics_generator_processors: [service-graphs, span-metrics] # enables metrics generator diff --git a/bitnami/grafana-tempo/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/grafana-tempo/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index d0c509807848..000000000000 --- a/bitnami/grafana-tempo/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "grafana-tempo": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.3.1-6" - } -} \ No newline at end of file diff --git a/bitnami/grafana-tempo/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/grafana-tempo/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/grafana-tempo/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/grafana-tempo/2/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/grafana-tempo/2/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/grafana-tempo/2/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/grafana-tempo/2/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/grafana-tempo/2/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/grafana-tempo/2/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/grafana-tempo/2/debian-11/tags-info.yaml b/bitnami/grafana-tempo/2/debian-11/tags-info.yaml deleted file mode 100644 index 95be3f4e047f..000000000000 --- a/bitnami/grafana-tempo/2/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "2" -- 2-debian-11 -- 2.3.1 -- latest diff --git a/bitnami/grafana/10/debian-11/Dockerfile b/bitnami/grafana/10/debian-11/Dockerfile deleted file mode 100644 index bdf5530234b7..000000000000 --- a/bitnami/grafana/10/debian-11/Dockerfile +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T03:53:37Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="10.3.3-debian-11-r9" \ - org.opencontainers.image.title="grafana" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="10.3.3" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libaudit1 libcap-ng0 libfontconfig libgcc-s1 libicu67 liblzma5 libncurses6 libpam0g libssl1.1 libstdc++6 libtinfo6 libxml2 procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "mysql-client-10.11.7-0-linux-${OS_ARCH}-debian-11" \ - "ini-file-1.4.6-9-linux-${OS_ARCH}-debian-11" \ - "grafana-10.3.3-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/grafana/postunpack.sh -ENV APP_VERSION="10.3.3" \ - BITNAMI_APP_NAME="grafana" \ - PATH="/opt/bitnami/mysql/bin:/opt/bitnami/common/bin:/opt/bitnami/grafana/bin:$PATH" - -EXPOSE 3000 - -WORKDIR /opt/bitnami/grafana -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/grafana/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/grafana/run.sh" ] diff --git a/bitnami/grafana/10/debian-11/docker-compose.yml b/bitnami/grafana/10/debian-11/docker-compose.yml deleted file mode 100644 index 7dfd7e16cdf4..000000000000 --- a/bitnami/grafana/10/debian-11/docker-compose.yml +++ /dev/null @@ -1,17 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' - -services: - grafana: - image: docker.io/bitnami/grafana:10 - ports: - - '3000:3000' - environment: - - 'GF_SECURITY_ADMIN_PASSWORD=bitnami' - volumes: - - grafana_data:/opt/bitnami/grafana/data -volumes: - grafana_data: - driver: local diff --git a/bitnami/grafana/10/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/grafana/10/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 2ed6a32309dc..000000000000 --- a/bitnami/grafana/10/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "grafana": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "10.3.3-1" - }, - "ini-file": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.4.6-9" - }, - "mysql-client": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "10.11.7-0" - } -} \ No newline at end of file diff --git a/bitnami/grafana/10/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/grafana/10/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/grafana/10/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/grafana/10/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/grafana/10/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/grafana/10/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/grafana/10/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/grafana/10/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/grafana/10/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/grafana/10/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/grafana/10/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/grafana/10/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/grafana/10/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/grafana/10/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/grafana/10/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/grafana/10/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/grafana/10/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/grafana/10/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/grafana/10/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/grafana/10/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/grafana/10/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/grafana/10/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/grafana/10/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/grafana/10/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/grafana/10/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/grafana/10/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/grafana/10/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/grafana/10/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/grafana/10/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/grafana/10/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/grafana/10/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/grafana/10/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/grafana/10/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/grafana/10/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/grafana/10/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/grafana/10/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/grafana/10/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/grafana/10/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/grafana/10/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/grafana/10/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/grafana/10/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/grafana/10/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/grafana/10/debian-11/rootfs/opt/bitnami/scripts/grafana-env.sh b/bitnami/grafana/10/debian-11/rootfs/opt/bitnami/scripts/grafana-env.sh deleted file mode 100644 index fcd8fb190d57..000000000000 --- a/bitnami/grafana/10/debian-11/rootfs/opt/bitnami/scripts/grafana-env.sh +++ /dev/null @@ -1,92 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for grafana - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-grafana}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -grafana_env_vars=( - GRAFANA_TMP_DIR - GRAFANA_PID_FILE - GRAFANA_DEFAULT_PLUGINS_DIR - GF_PATHS_HOME - GF_PATHS_CONFIG - GF_PATHS_DATA - GF_PATHS_LOGS - GF_PATHS_PLUGINS - GF_PATHS_PROVISIONING - GF_INSTALL_PLUGINS - GF_INSTALL_PLUGINS_SKIP_TLS - GF_FEATURE_TOGGLES - GRAFANA_MIGRATION_LOCK - GRAFANA_SLEEP_TIME - GRAFANA_RETRY_ATTEMPTS - GRAFANA_PLUGINS -) -for env_var in "${grafana_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset grafana_env_vars - -# Grafana paths -export GRAFANA_BASE_DIR="${BITNAMI_ROOT_DIR}/grafana" -export GRAFANA_BIN_DIR="${GRAFANA_BASE_DIR}/bin" -export GRAFANA_TMP_DIR="${GRAFANA_TMP_DIR:-${GRAFANA_BASE_DIR}/tmp}" -export GRAFANA_PID_FILE="${GRAFANA_PID_FILE:-${GRAFANA_TMP_DIR}/grafana.pid}" -export PATH="${GRAFANA_BIN_DIR}:${BITNAMI_ROOT_DIR}/common/bin:${PATH}" -export GRAFANA_DEFAULT_PLUGINS_DIR="${GRAFANA_DEFAULT_PLUGINS_DIR:-${GRAFANA_BASE_DIR}/default-plugins}" - -# System users (when running with a privileged user) -export GRAFANA_DAEMON_USER="grafana" -export GRAFANA_DAEMON_GROUP="grafana" - -# Grafana configuration -export GF_PATHS_HOME="${GF_PATHS_HOME:-$GRAFANA_BASE_DIR}" -export GF_PATHS_CONFIG="${GF_PATHS_CONFIG:-${GRAFANA_BASE_DIR}/conf/grafana.ini}" -export GF_PATHS_DATA="${GF_PATHS_DATA:-${GRAFANA_BASE_DIR}/data}" -export GF_PATHS_LOGS="${GF_PATHS_LOGS:-${GRAFANA_BASE_DIR}/logs}" -export GF_PATHS_PLUGINS="${GF_PATHS_PLUGINS:-${GF_PATHS_DATA}/plugins}" -export GF_PATHS_PROVISIONING="${GF_PATHS_PROVISIONING:-${GRAFANA_BASE_DIR}/conf/provisioning}" -GF_INSTALL_PLUGINS="${GF_INSTALL_PLUGINS:-"${GRAFANA_PLUGINS:-}"}" -export GF_INSTALL_PLUGINS="${GF_INSTALL_PLUGINS:-}" -export GF_INSTALL_PLUGINS_SKIP_TLS="${GF_INSTALL_PLUGINS_SKIP_TLS:-yes}" -export GF_FEATURE_TOGGLES="${GF_FEATURE_TOGGLES:-}" -export GF_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/grafana" -export GRAFANA_MIGRATION_LOCK="${GRAFANA_MIGRATION_LOCK:-false}" -export GRAFANA_SLEEP_TIME="${GRAFANA_SLEEP_TIME:-10}" -export GRAFANA_RETRY_ATTEMPTS="${GRAFANA_RETRY_ATTEMPTS:-12}" - -# Grafana Operator configuration -export GF_OP_PATHS_CONFIG="/etc/grafana/grafana.ini" -export GF_OP_PATHS_DATA="/var/lib/grafana" -export GF_OP_PATHS_LOGS="/var/log/grafana" -export GF_OP_PATHS_PROVISIONING="/etc/grafana/provisioning" -export GF_OP_PLUGINS_INIT_DIR="/opt/plugins" - -# Custom environment variables may be defined below diff --git a/bitnami/grafana/10/debian-11/rootfs/opt/bitnami/scripts/grafana/entrypoint.sh b/bitnami/grafana/10/debian-11/rootfs/opt/bitnami/scripts/grafana/entrypoint.sh deleted file mode 100755 index 0a5430b3acb9..000000000000 --- a/bitnami/grafana/10/debian-11/rootfs/opt/bitnami/scripts/grafana/entrypoint.sh +++ /dev/null @@ -1,49 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load Grafana environment -. /opt/bitnami/scripts/grafana-env.sh - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -function is_exec() { - # This checks if the first provided argument is executable or if only args was used - exec_in_path=$(builtin type -P "$1" 2> /dev/null) - if [[ -f "$1" && -x $(realpath "$1" 2> /dev/null) || -x $(realpath "$exec_in_path" 2> /dev/null) ]]; then - true; - else - false; - fi; -} - -print_welcome_page - -if [[ "$1" = "/opt/bitnami/scripts/grafana/run.sh" ]] || ! is_exec "$1"; then - # This catches the error-code from libgrafana.sh for the immediate exit when the grafana-operator is used. And ensure that the exit code is kept silently. - /opt/bitnami/scripts/grafana/setup.sh || GRAFANA_OPERATOR_IMMEDIATE_EXIT=$? - if [[ "${GRAFANA_OPERATOR_IMMEDIATE_EXIT:-0}" -eq 255 ]]; then - exit 0 - elif [[ "${GRAFANA_OPERATOR_IMMEDIATE_EXIT:-0}" -ne 0 ]]; then - exit "$GRAFANA_OPERATOR_IMMEDIATE_EXIT" - fi - /post-init.sh - info "** Grafana setup finished! **" -fi - -echo "" - -if is_exec "$1"; then - exec "$@" -else - exec "/opt/bitnami/scripts/grafana/run.sh" "$@" -fi diff --git a/bitnami/grafana/10/debian-11/rootfs/opt/bitnami/scripts/grafana/postunpack.sh b/bitnami/grafana/10/debian-11/rootfs/opt/bitnami/scripts/grafana/postunpack.sh deleted file mode 100755 index 7493c7cf36c7..000000000000 --- a/bitnami/grafana/10/debian-11/rootfs/opt/bitnami/scripts/grafana/postunpack.sh +++ /dev/null @@ -1,74 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load Grafana environment -. /opt/bitnami/scripts/grafana-env.sh - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libgrafana.sh - -info "Creating configuration file" -cp "${GRAFANA_BASE_DIR}/conf/sample.ini" "$(grafana_env_var_value PATHS_CONFIG)" - -info "Creating system user" -ensure_user_exists "$GRAFANA_DAEMON_USER" --group "$GRAFANA_DAEMON_GROUP" --system - -info "Configuring file permissions" -for dir in "$(grafana_env_var_value PATHS_DATA)" "$(grafana_env_var_value PATHS_LOGS)" "$(grafana_env_var_value PATHS_PLUGINS)" "$(grafana_env_var_value PATHS_PROVISIONING)" "$(grafana_env_var_value VOLUME_DIR)"; do - ensure_dir_exists "$dir" - # Use grafana:root ownership for compatibility when running as a non-root user - configure_permissions_ownership "$dir" -d "775" -f "664" -u "$GRAFANA_DAEMON_USER" -g "root" -done - -# Use grafana:root ownership for compatibility when running as a non-root user -configure_permissions_ownership "$(grafana_env_var_value PATHS_CONFIG)" -f "664" -u "$GRAFANA_DAEMON_USER" -g "root" - -# Ensure permissions to parent directories of configs -# Used when replacing configs with symlinks for grafana-operator compatibility -for dir in "$(grafana_env_var_value PATHS_CONFIG)" "$(grafana_env_var_value PATHS_DATA)" "$(grafana_env_var_value PATHS_LOGS)" "$(grafana_env_var_value PATHS_PROVISIONING)"; do - chmod 775 "$(dirname "$dir")" -done - -# Install well-known plugins -grafana_plugin_list=( - "grafana-clock-panel" - "grafana-piechart-panel" - "michaeldmoore-annunciator-panel" - "briangann-gauge-panel" - "briangann-datatable-panel" - "jdbranham-diagram-panel" - "natel-discrete-panel" - "digiapulssi-organisations-panel" - "vonage-status-panel" - "neocat-cal-heatmap-panel" - "agenty-flowcharting-panel" - "larona-epict-panel" - "pierosavi-imageit-panel" - "michaeldmoore-multistat-panel" - "grafana-polystat-panel" - "scadavis-synoptic-panel" - "marcuscalidus-svg-panel" - "snuids-trafficlights-panel" -) -for plugin in "${grafana_plugin_list[@]}"; do - info "Installing ${plugin} plugin" - grafana cli --pluginsDir "$(grafana_env_var_value PATHS_PLUGINS)" plugins install "$plugin" -done - -# The Grafana Helm chart mounts the data directory at "/opt/bitnami/grafana/data" -# Therefore, all the plugins installed when building the image will be lost -# As a workaround, we can move them to a "default-plugins" directory and recover them -# during the 1st boot of the container -ensure_dir_exists "$GRAFANA_DEFAULT_PLUGINS_DIR" -mv "$(grafana_env_var_value PATHS_PLUGINS)"/* "$GRAFANA_DEFAULT_PLUGINS_DIR" diff --git a/bitnami/grafana/10/debian-11/rootfs/opt/bitnami/scripts/grafana/run.sh b/bitnami/grafana/10/debian-11/rootfs/opt/bitnami/scripts/grafana/run.sh deleted file mode 100755 index 6860070c2107..000000000000 --- a/bitnami/grafana/10/debian-11/rootfs/opt/bitnami/scripts/grafana/run.sh +++ /dev/null @@ -1,42 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load Grafana environment -. /opt/bitnami/scripts/grafana-env.sh - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh - -declare cmd="grafana" -declare -a args=( - # Based on https://github.com/grafana/grafana/blob/v8.2.5/packaging/docker/run.sh - "server" - "--homepath=${GF_PATHS_HOME}" - "--config=${GF_PATHS_CONFIG}" - "--pidfile=${GRAFANA_PID_FILE}" - "--packaging=docker" - "$@" - "cfg:default.log.mode=console" - "cfg:default.paths.data=${GF_PATHS_DATA}" - "cfg:default.paths.logs=${GF_PATHS_LOGS}" - "cfg:default.paths.plugins=${GF_PATHS_PLUGINS}" - "cfg:default.paths.provisioning=${GF_PATHS_PROVISIONING}" -) - -cd "$GRAFANA_BASE_DIR" - -info "** Starting Grafana **" -if am_i_root; then - exec_as_user "$GRAFANA_DAEMON_USER" "$cmd" "${args[@]}" -else - exec "$cmd" "${args[@]}" -fi diff --git a/bitnami/grafana/10/debian-11/rootfs/opt/bitnami/scripts/grafana/setup.sh b/bitnami/grafana/10/debian-11/rootfs/opt/bitnami/scripts/grafana/setup.sh deleted file mode 100755 index 1694f94eb4fc..000000000000 --- a/bitnami/grafana/10/debian-11/rootfs/opt/bitnami/scripts/grafana/setup.sh +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load Grafana environment -. /opt/bitnami/scripts/grafana-env.sh - -# Load MySQL Client environment for 'mysql_remote_execute' (after 'grafana-env.sh' so that MODULE is not set to a wrong value) -if [[ -f /opt/bitnami/scripts/mysql-client-env.sh ]]; then - . /opt/bitnami/scripts/mysql-client-env.sh -elif [[ -f /opt/bitnami/scripts/mysql-env.sh ]]; then - . /opt/bitnami/scripts/mysql-env.sh -elif [[ -f /opt/bitnami/scripts/mariadb-env.sh ]]; then - . /opt/bitnami/scripts/mariadb-env.sh -fi - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libgrafana.sh - -# Ensure Grafana environment variables are valid -grafana_validate - -# Ensure Grafana is initialized -grafana_initialize diff --git a/bitnami/grafana/10/debian-11/rootfs/opt/bitnami/scripts/libgrafana.sh b/bitnami/grafana/10/debian-11/rootfs/opt/bitnami/scripts/libgrafana.sh deleted file mode 100644 index 351f00ab8532..000000000000 --- a/bitnami/grafana/10/debian-11/rootfs/opt/bitnami/scripts/libgrafana.sh +++ /dev/null @@ -1,387 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Grafana library - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Load database library -if [[ -f /opt/bitnami/scripts/libmysqlclient.sh ]]; then - . /opt/bitnami/scripts/libmysqlclient.sh -elif [[ -f /opt/bitnami/scripts/libmysql.sh ]]; then - . /opt/bitnami/scripts/libmysql.sh -elif [[ -f /opt/bitnami/scripts/libmariadb.sh ]]; then - . /opt/bitnami/scripts/libmariadb.sh -fi - -######################## -# Print the value of a Grafana environment variable -# Globals: -# GF_* -# GRAFANA_CFG_* -# Arguments: -# None -# Returns: -# The value in the environment variable -######################### -grafana_env_var_value() { - local -r name="${1:?missing name}" - local gf_env_var="GF_${name}" - local grafana_cfg_env_var="GRAFANA_CFG_${name}" - if [[ -n "${!gf_env_var:-}" ]]; then - echo "${!gf_env_var:-}" - elif [[ -n "${!grafana_cfg_env_var}" ]]; then - echo "${!grafana_cfg_env_var:-}" - else - error "${gf_env_var} or ${grafana_cfg_env_var} must be set" - fi -} - -######################## -# Validate settings in GRAFANA_* env vars -# Globals: -# GRAFANA_* -# Arguments: -# None -# Returns: -# 0 if the validation succeeded, 1 otherwise -######################### -grafana_validate() { - debug "Validating settings in GRAFANA_* environment variables..." - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - check_path_exists() { - if [[ ! -e "$1" ]]; then - print_validation_error "The directory ${1} does not exist" - fi - } - - # Validate user inputs - [[ -e "$GF_OP_PATHS_CONFIG" ]] || check_path_exists "$(grafana_env_var_value PATHS_CONFIG)" - [[ -e "$GF_OP_PATHS_DATA" ]] || check_path_exists "$(grafana_env_var_value PATHS_DATA)" - [[ -e "$GF_OP_PATHS_LOGS" ]] || check_path_exists "$(grafana_env_var_value PATHS_LOGS)" - [[ -e "$GF_OP_PATHS_PROVISIONING" ]] || check_path_exists "$(grafana_env_var_value PATHS_PROVISIONING)" - - return "$error_code" -} - -######################## -# Ensure Grafana is initialized -# Globals: -# GRAFANA_* -# Arguments: -# None -# Returns: -# None -######################### -grafana_initialize() { - # Ensure compatibility with Grafana Operator - local grafana_var grafana_operator_var - for path_suffix in "config" "data" "logs" "provisioning"; do - grafana_var="GF_PATHS_${path_suffix^^}" - grafana_operator_var="GF_OP_PATHS_${path_suffix^^}" - if [[ -e "${!grafana_operator_var}" && "${!grafana_operator_var}" != "${!grafana_var}" ]]; then - info "Ensuring ${!grafana_operator_var} points to ${!grafana_var}" - rm -rf "${!grafana_var}" - ln -sfn "${!grafana_operator_var}" "${!grafana_var}" - fi - done - - if am_i_root; then - for dir in "$GF_PATHS_DATA" "$GF_PATHS_LOGS" "$GF_PATHS_PLUGINS"; do - is_mounted_dir_empty "$dir" && configure_permissions_ownership "$dir" -d "775" -f "664" -u "$GRAFANA_DAEMON_USER" - done - fi - - # Install plugins in a Grafana operator-compatible environment, useful to for starting the image as an init container - # Based on https://github.com/grafana-operator/grafana-operator/blob/master/controllers/grafana/pluginsHelper.go - if [[ -d "$GF_OP_PLUGINS_INIT_DIR" ]]; then - info "Detected mounted plugins directory at '${GF_OP_PLUGINS_INIT_DIR}'. The container will exit after installing plugins as grafana-operator." - if [[ -n "$GF_INSTALL_PLUGINS" ]]; then - GF_PATHS_PLUGINS="$GF_OP_PLUGINS_INIT_DIR" grafana_install_plugins - else - warn "There are no plugins to install" - fi - return 255 - fi - - # Recover plugins installed when building the image - if [[ ! -e "$(grafana_env_var_value PATHS_PLUGINS)" ]] || [[ -z "$(ls -A "$(grafana_env_var_value PATHS_PLUGINS)")" ]]; then - mkdir -p "$(grafana_env_var_value PATHS_PLUGINS)" - if [[ -e "$GRAFANA_DEFAULT_PLUGINS_DIR" ]] && [[ -n "$(ls -A "$GRAFANA_DEFAULT_PLUGINS_DIR")" ]]; then - cp -r "$GRAFANA_DEFAULT_PLUGINS_DIR"/* "$(grafana_env_var_value PATHS_PLUGINS)" - fi - fi - - # Configure configuration file based on environment variables - grafana_configure_from_environment_variables - - # Install plugins - grafana_install_plugins - - # Configure Grafana feature toggles - ! is_empty_value "$GF_FEATURE_TOGGLES" && grafana_conf_set "feature_toggles" "enable" "$GF_FEATURE_TOGGLES" - - # If using an external database, avoid nodes collition during migration - if is_boolean_yes "$GRAFANA_MIGRATION_LOCK"; then - grafana_migrate_db - fi - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Runs Grafana migration using a database lock to avoid collision with other Grafana nodes -# If database is locked, wait until unlocked and continue. Otherwise, run Grafana to perform migration. -# Globals: -# GRAFANA_CFG_* -# Arguments: -# None -# Returns: -# None -######################### -grafana_migrate_db() { - local -r db_host="${GRAFANA_CFG_DATABASE_HOST:-mysql}" - local -r db_port="${GRAFANA_CFG_DATABASE_PORT:-3306}" - local -r db_name="${GRAFANA_CFG_DATABASE_NAME:-}" - local -r db_user="${GRAFANA_CFG_DATABASE_USER:-}" - local -r db_pass="${GRAFANA_CFG_DATABASE_PASSWORD:-}" - - local -r grafana_host="${GRAFANA_CFG_SERVER_HTTP_ADDR:-localhost}" - local -r grafana_port="${GRAFANA_CFG_SERVER_HTTP_PORT:-3000}" - local -r grafana_protocol="${GRAFANA_CFG_SERVER_PROTOCOL:-http}" - - local -r sleep_time="${GRAFANA_SLEEP_TIME:-5}" - local -r retries="${GRAFANA_RETRY_ATTEMPTS:-12}" - - lock_db() { - debug_execute mysql_remote_execute_print_output "$db_host" "$db_port" "$db_name" "$db_user" "$db_pass" <&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/haproxy/2/debian-11/tags-info.yaml b/bitnami/haproxy/2/debian-11/tags-info.yaml deleted file mode 100644 index 1da6d4451791..000000000000 --- a/bitnami/haproxy/2/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "2" -- 2-debian-11 -- 2.9.5 -- latest diff --git a/bitnami/harbor-adapter-trivy/2/debian-11/Dockerfile b/bitnami/harbor-adapter-trivy/2/debian-11/Dockerfile deleted file mode 100644 index 33ed336b3e4a..000000000000 --- a/bitnami/harbor-adapter-trivy/2/debian-11/Dockerfile +++ /dev/null @@ -1,55 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T03:56:21Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="2.10.0-debian-11-r27" \ - org.opencontainers.image.title="harbor-adapter-trivy" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="2.10.0" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "harbor-adapter-trivy-2.10.0-7-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/harbor-adapter-trivy/postunpack.sh -ENV APP_VERSION="2.10.0" \ - BITNAMI_APP_NAME="harbor-adapter-trivy" \ - PATH="/opt/bitnami/harbor-adapter-trivy/bin:$PATH" - -WORKDIR /opt/bitnami/harbor-adapter-trivy -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/harbor-adapter-trivy/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/harbor-adapter-trivy/run.sh" ] diff --git a/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 7da1d34d369d..000000000000 --- a/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "harbor-adapter-trivy": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.10.0-7" - } -} \ No newline at end of file diff --git a/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/harbor-adapter-trivy/2/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/harbor-adapter-trivy/2/debian-11/rootfs/opt/bitnami/scripts/harbor-adapter-trivy-env.sh b/bitnami/harbor-adapter-trivy/2/debian-11/rootfs/opt/bitnami/scripts/harbor-adapter-trivy-env.sh deleted file mode 100644 index 09e2d96a9ca0..000000000000 --- a/bitnami/harbor-adapter-trivy/2/debian-11/rootfs/opt/bitnami/scripts/harbor-adapter-trivy-env.sh +++ /dev/null @@ -1,54 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for harbor-adapter-trivy - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-harbor-adapter-trivy}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -harbor_adapter_trivy_env_vars=( - SCANNER_TRIVY_VOLUME_DIR - SCANNER_TRIVY_CACHE_DIR - SCANNER_TRIVY_REPORTS_DIR -) -for env_var in "${harbor_adapter_trivy_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset harbor_adapter_trivy_env_vars - -# Paths -export SCANNER_TRIVY_BASE_DIR="${BITNAMI_ROOT_DIR}/harbor-adapter-trivy" -export SCANNER_TRIVY_VOLUME_DIR="${SCANNER_TRIVY_VOLUME_DIR:-${BITNAMI_VOLUME_DIR}/harbor-adapter-trivy}" -export SCANNER_TRIVY_CACHE_DIR="${SCANNER_TRIVY_CACHE_DIR:-${SCANNER_TRIVY_VOLUME_DIR}/.cache/trivy}" -export SCANNER_TRIVY_REPORTS_DIR="${SCANNER_TRIVY_REPORTS_DIR:-${SCANNER_TRIVY_VOLUME_DIR}/.cache/reports}" - -# System users -export SCANNER_TRIVY_DAEMON_USER="trivy-scanner" -export SCANNER_TRIVY_DAEMON_GROUP="trivy-scanner" - -# Custom environment variables may be defined below diff --git a/bitnami/harbor-adapter-trivy/2/debian-11/rootfs/opt/bitnami/scripts/harbor-adapter-trivy/entrypoint.sh b/bitnami/harbor-adapter-trivy/2/debian-11/rootfs/opt/bitnami/scripts/harbor-adapter-trivy/entrypoint.sh deleted file mode 100755 index e5204b214b1c..000000000000 --- a/bitnami/harbor-adapter-trivy/2/debian-11/rootfs/opt/bitnami/scripts/harbor-adapter-trivy/entrypoint.sh +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/harbor-adapter-trivy-env.sh - -print_welcome_page - -if [[ "$*" = *"/opt/bitnami/scripts/harbor-adapter-trivy/run.sh"* ]]; then - info "** Starting harbor-adapter-trivy setup **" - /opt/bitnami/scripts/harbor-adapter-trivy/setup.sh - info "** harbor-adapter-trivy setup finished! **" -fi - -echo "" -exec "$@" - - diff --git a/bitnami/harbor-adapter-trivy/2/debian-11/rootfs/opt/bitnami/scripts/harbor-adapter-trivy/postunpack.sh b/bitnami/harbor-adapter-trivy/2/debian-11/rootfs/opt/bitnami/scripts/harbor-adapter-trivy/postunpack.sh deleted file mode 100755 index f082fae430eb..000000000000 --- a/bitnami/harbor-adapter-trivy/2/debian-11/rootfs/opt/bitnami/scripts/harbor-adapter-trivy/postunpack.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libharbor.sh - -# Load environment -. /opt/bitnami/scripts/harbor-adapter-trivy-env.sh - -ensure_user_exists "$SCANNER_TRIVY_DAEMON_USER" --group "$SCANNER_TRIVY_DAEMON_GROUP" --home "/home/${SCANNER_TRIVY_DAEMON_USER}" - -# Ensure a set of directories exist and the non-root user has write privileges to them -read -r -a directories <<<"$(get_system_cert_paths)" -directories+=("$SCANNER_TRIVY_CACHE_DIR" "$SCANNER_TRIVY_REPORTS_DIR") -for dir in "${directories[@]}"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" - chown -R "$SCANNER_TRIVY_DAEMON_USER" "$dir" -done - -# Ensure permissions for Internal TLS -configure_permissions_system_certs diff --git a/bitnami/harbor-adapter-trivy/2/debian-11/rootfs/opt/bitnami/scripts/harbor-adapter-trivy/run.sh b/bitnami/harbor-adapter-trivy/2/debian-11/rootfs/opt/bitnami/scripts/harbor-adapter-trivy/run.sh deleted file mode 100755 index b172a2315a10..000000000000 --- a/bitnami/harbor-adapter-trivy/2/debian-11/rootfs/opt/bitnami/scripts/harbor-adapter-trivy/run.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Load harbor-adapter-trivy environment -. /opt/bitnami/scripts/harbor-adapter-trivy-env.sh - -CMD="$(command -v scanner-trivy)" - -info "** Starting harbor-adapter-trivy **" -if am_i_root; then - exec_as_user "$SCANNER_TRIVY_DAEMON_USER" "$CMD" "$@" -else - exec "$CMD" "$@" -fi diff --git a/bitnami/harbor-adapter-trivy/2/debian-11/rootfs/opt/bitnami/scripts/harbor-adapter-trivy/setup.sh b/bitnami/harbor-adapter-trivy/2/debian-11/rootfs/opt/bitnami/scripts/harbor-adapter-trivy/setup.sh deleted file mode 100755 index e23ffa71c574..000000000000 --- a/bitnami/harbor-adapter-trivy/2/debian-11/rootfs/opt/bitnami/scripts/harbor-adapter-trivy/setup.sh +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libharbor.sh - -# Load environment -. /opt/bitnami/scripts/harbor-adapter-trivy-env.sh - -# Create directories -for dir in "$SCANNER_TRIVY_CACHE_DIR" "$SCANNER_TRIVY_REPORTS_DIR"; do - ensure_dir_exists "$dir" - if am_i_root; then - chown -R "${SCANNER_TRIVY_DAEMON_USER}:${SCANNER_TRIVY_DAEMON_GROUP}" "$dir" - fi -done - -install_custom_certs diff --git a/bitnami/harbor-adapter-trivy/2/debian-11/rootfs/opt/bitnami/scripts/libharbor.sh b/bitnami/harbor-adapter-trivy/2/debian-11/rootfs/opt/bitnami/scripts/libharbor.sh deleted file mode 100644 index d6134ff84dd5..000000000000 --- a/bitnami/harbor-adapter-trivy/2/debian-11/rootfs/opt/bitnami/scripts/libharbor.sh +++ /dev/null @@ -1,492 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Harbor library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libservice.sh - -######################## -# Get the paths relevant to CA certs depending -# on the OS -# Globals: -# None -# Arguments: -# None -# Returns: -# A series of paths relevant to CA certs -# depending on the OS. -######################### -get_system_cert_paths() { - local distro - distro="$(get_os_metadata --id)" - if [[ "$distro" =~ ^(debian|ubuntu)$ ]]; then - echo "/etc/ssl/certs/" - elif [[ "$distro" =~ ^photon$ ]]; then - echo "/etc/pki/tls/certs/" - else - # Check the existence of generic paths when OS_FLAVOR does - # not match - if [[ -d /etc/ssl/certs/ ]] ; then - echo "/etc/ssl/certs/" - elif [[ -d /etc/pki/tls/certs/ ]]; then - echo "/etc/pki/tls/certs/" - else - error "Could not determine relevant CA paths for this OS Flavour" - fi - fi -} - -######################## -# Ensure CA bundles allows users in root group install new certificate -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -configure_permissions_system_certs() { - local -r owner="${1:-}" - # Debian - set_permissions_ownership "/etc/pki/tls/certs/ca-bundle.crt" "$owner" - # Photon - set_permissions_ownership "/etc/pki/tls/certs/ca-bundle.trust.crt" "$owner" - set_permissions_ownership "/etc/ssl/certs/ca-certificates.crt" "$owner" -} - -######################## -# Grant group write permissions to the file provided and change ownership if a the owner argument is set. -# If the path is not a file, then do nothing. -# Globals: -# None -# Arguments: -# $1 - path -# $2 - owner -# Returns: -# None -######################### -set_permissions_ownership() { - local -r path="${1:?path is missing}" - local -r owner="${2:-}" - - if [[ -f "$path" ]]; then - chmod g+w "$path" - if [[ -n "$owner" ]]; then - chown "$owner" "$path" - fi - fi -} - -######################## -# Place a given certificate in the correct location for installation -# depending on the OS -# Globals: -# None -# Arguments: -# $1 - certificate to be installed -# Returns: -# None -######################### -install_cert() { - local -r cert="${1:?missing certificate}" - local distro - distro="$(get_os_metadata --id)" - - if [[ "$distro" =~ ^(debian|ubuntu)$ ]]; then - cat "$cert" >> /etc/ssl/certs/ca-certificates.crt - elif [[ "$distro" =~ ^photon$ ]]; then - cat "$cert" >> /etc/pki/tls/certs/ca-bundle.crt - else - # Check the existence of generic ca-bundles when OS_FLAVOR does - # not match - if [[ -f /etc/ssl/certs/ca-certificates.crt ]] ; then - cat "$cert" >> /etc/ssl/certs/ca-certificates.crt - elif [[ -f /etc/pki/tls/certs/ca-bundle.crt ]]; then - cat "$cert" >> /etc/pki/tls/certs/ca-bundle.crt - else - error "Could not install CA certificate ${cert} CA in this OS Flavour" - fi - fi -} - -######################## -# Install CA certificates found under the specific paths -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -install_custom_certs() { - local installed=false - - # Install any internalTLS CA authority certificate, found under - # /etc/harbor/ssl/{component}/ca.crt - if [[ -d /etc/harbor/ssl ]]; then - info "Appending internalTLS trust CA cert..." - while IFS= read -r -d '' caCert; do - install_cert "$caCert" - installed=true - debug "Internal tls trust CA $caCert copied" - done < <(find /etc/harbor/ssl -maxdepth 2 -name ca.crt -print0) - info "interalTLS CA certs appending done!" - fi - - # Install any other custom certificate provided by the end user under the path - # /harbor_cust_cert - if [[ -d /harbor_cust_cert ]]; then - info "Appending custom trust CA certs ..." - for certFile in /harbor_cust_cert/*; do - case ${certFile} in - *.crt | *.ca | *.ca-bundle | *.pem) - if [[ -d "$certFile" ]]; then - debug "$certFile is a directory, skipping it" - else - install_cert "$certFile" - installed=true - debug "Custom CA cert $certFile copied" - fi - ;; - *) debug "$certFile is not a CA cert file, skipping it" ;; - esac - done - fi - - if [[ "$installed" = true ]]; then - info "Custom certificates were installed in the system!" - else - info "No custom certificates were installed in the system" - fi -} - -######################## -# Generate an .env file contents given an input string containing all envvars -# Arguments: -# None -# Returns: -# String -######################### -harbor_generate_env_file_contents() { - local -r envvars_string="${1:-}" - [[ -z "$envvars_string" ]] && return - # For systemd, we will load it via EnvironmentFile=, so the shebang is not needed - [[ "$BITNAMI_SERVICE_MANAGER" != "systemd" ]] && echo "#!/bin/bash" - while IFS= read -r ENV_VAR_LINE; do - if [[ ! "$ENV_VAR_LINE" =~ ^[A-Z_] ]]; then - continue - fi - ENV_VAR_NAME="${ENV_VAR_LINE/=*}" - ENV_VAR_VALUE="${ENV_VAR_LINE#*=}" - # For systemd, we will load it via EnvironmentFile=, which does not allow 'export' - [[ "$BITNAMI_SERVICE_MANAGER" != "systemd" ]] && echo -n 'export ' - # Use single quotes to avoid shell expansion, and escape to be parsed properly (even if it contains quotes) - # Escape the value, so it can be parsed as a variable even with quotes set - echo "${ENV_VAR_NAME}='${ENV_VAR_VALUE//\'/\'\\\'\'}'" - done <<< "$envvars_string" -} - -######################## -# Print harbor-core runtime environment -# Arguments: -# None -# Returns: -# Boolean -######################### -harbor_core_print_env() { - # The CSRF key can only be up to 32 characters long - HARBOR_CORE_CFG_CSRF_KEY="${HARBOR_CORE_CFG_CSRF_KEY:0:32}" - for var in "${!HARBOR_CORE_CFG_@}"; do - echo "${var/HARBOR_CORE_CFG_/}=${!var}" - done -} - -######################## -# Check if harbor-core is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_core_running() { - # harbor-core does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "$(command -v harbor_core)" > "$HARBOR_CORE_PID_FILE" - - pid="$(get_pid_from_file "$HARBOR_CORE_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if harbor-core is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_core_not_running() { - ! is_harbor_core_running -} - -######################## -# Stop harbor-core -# Arguments: -# None -# Returns: -# None -######################### -harbor_core_stop() { - ! is_harbor_core_running && return - stop_service_using_pid "$HARBOR_CORE_PID_FILE" -} - -######################## -# Print harbor-jobservice runtime environment -# Arguments: -# None -# Returns: -# Boolean -######################### -harbor_jobservice_print_env() { - for var in "${!HARBOR_JOBSERVICE_CFG_@}"; do - echo "${var/HARBOR_JOBSERVICE_CFG_/}=${!var}" - done -} - -######################## -# Check if harbor-jobservice is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_jobservice_running() { - # harbor-jobservice does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "$(command -v harbor_jobservice)" > "$HARBOR_JOBSERVICE_PID_FILE" - - pid="$(get_pid_from_file "$HARBOR_JOBSERVICE_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if harbor-jobservice is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_jobservice_not_running() { - ! is_harbor_jobservice_running -} - -######################## -# Stop harbor-jobservice -# Arguments: -# None -# Returns: -# None -######################### -harbor_jobservice_stop() { - ! is_harbor_jobservice_running && return - stop_service_using_pid "$HARBOR_JOBSERVICE_PID_FILE" -} - -######################## -# Print harbor-registry runtime environment -# Arguments: -# None -# Returns: -# Boolean -######################### -harbor_registry_print_env() { - if [[ -n "$HARBOR_REGISTRY_USER" && -n "$HARBOR_REGISTRY_PASSWORD" ]]; then - HARBOR_REGISTRY_CFG_REGISTRY_HTPASSWD="$(htpasswd -nbBC10 "$HARBOR_REGISTRY_USER" "$HARBOR_REGISTRY_PASSWORD")" - # Update passwd file - echo "$HARBOR_REGISTRY_CFG_REGISTRY_HTPASSWD" >/etc/registry/passwd - fi - for var in "${!HARBOR_REGISTRY_CFG_@}"; do - echo "${var/HARBOR_REGISTRY_CFG_/}=${!var}" - done -} - -######################## -# Check if harbor-registry is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_registry_running() { - # harbor-registry does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "$(command -v registry)" > "$HARBOR_REGISTRY_PID_FILE" - - pid="$(get_pid_from_file "$HARBOR_REGISTRY_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if harbor-registry is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_registry_not_running() { - ! is_harbor_registry_running -} - -######################## -# Stop harbor-registry -# Arguments: -# None -# Returns: -# None -######################### -harbor_registry_stop() { - ! is_harbor_registry_running && return - stop_service_using_pid "$HARBOR_REGISTRY_PID_FILE" -} - -######################## -# Print harbor-registryctl runtime environment -# Arguments: -# None -# Returns: -# Boolean -######################### -harbor_registryctl_print_env() { - if [[ -n "$HARBOR_REGISTRYCTL_USER" && -n "$HARBOR_REGISTRYCTL_PASSWORD" ]]; then - HARBOR_REGISTRYCTL_CFG_REGISTRY_HTPASSWD="$(htpasswd -nbBC10 "$HARBOR_REGISTRYCTL_USER" "$HARBOR_REGISTRYCTL_PASSWORD")" - # Update passwd file - echo "$HARBOR_REGISTRYCTL_CFG_REGISTRY_HTPASSWD" >/etc/registry/passwd - fi - for var in "${!HARBOR_REGISTRYCTL_CFG_@}"; do - echo "${var/HARBOR_REGISTRYCTL_CFG_/}=${!var}" - done -} - -######################## -# Check if harbor-registryctl is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_registryctl_running() { - # harbor-registryctl does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "$(command -v harbor_registryctl)" > "$HARBOR_REGISTRYCTL_PID_FILE" - - pid="$(get_pid_from_file "$HARBOR_REGISTRYCTL_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if harbor-registryctl is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_registryctl_not_running() { - ! is_harbor_registryctl_running -} - -######################## -# Stop harbor-registryctl -# Arguments: -# None -# Returns: -# None -######################### -harbor_registryctl_stop() { - ! is_harbor_registryctl_running && return - stop_service_using_pid "$HARBOR_REGISTRYCTL_PID_FILE" - # The service may not respond properly to the default kill signal, so send a SIGKILL if it fails - local -r retries=5 - local -r sleep_time=1 - if ! retry_while "is_harbor_registryctl_not_running" "$retries" "$sleep_time"; then - stop_service_using_pid "$HARBOR_REGISTRYCTL_PID_FILE" SIGKILL - fi -} - -######################## -# Print harbor-adapter-trivy runtime environment -# Arguments: -# None -# Returns: -# Boolean -######################### -harbor_adapter_trivy_print_env() { - for var in "${!SCANNER_TRIVY_CFG_@}"; do - echo "${var/SCANNER_TRIVY_CFG_/}=${!var}" - done -} - -######################## -# Check if harbor-adapter-trivy is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_adapter_trivy_running() { - # harbor-adapter-trivy does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "$(command -v scanner-trivy)" > "$SCANNER_TRIVY_PID_FILE" - - pid="$(get_pid_from_file "$SCANNER_TRIVY_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if harbor-adapter-trivy is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_adapter_trivy_not_running() { - ! is_harbor_adapter_trivy_running -} - -######################## -# Stop harbor-adapter-trivy -# Arguments: -# None -# Returns: -# None -######################### -harbor_adapter_trivy_stop() { - ! is_harbor_adapter_trivy_running && return - stop_service_using_pid "$SCANNER_TRIVY_PID_FILE" -} - diff --git a/bitnami/harbor-adapter-trivy/2/debian-11/tags-info.yaml b/bitnami/harbor-adapter-trivy/2/debian-11/tags-info.yaml deleted file mode 100644 index fa154790da8f..000000000000 --- a/bitnami/harbor-adapter-trivy/2/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "2" -- 2-debian-11 -- 2.10.0 -- latest diff --git a/bitnami/harbor-core/2/debian-11/Dockerfile b/bitnami/harbor-core/2/debian-11/Dockerfile deleted file mode 100644 index aaa404016e77..000000000000 --- a/bitnami/harbor-core/2/debian-11/Dockerfile +++ /dev/null @@ -1,61 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T04:00:05Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="2.10.0-debian-11-r25" \ - org.opencontainers.image.title="harbor-core" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="2.10.0" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "wait-for-port-1.0.7-9-linux-${OS_ARCH}-debian-11" \ - "ini-file-1.4.6-9-linux-${OS_ARCH}-debian-11" \ - "harbor-core-2.10.0-5-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/harbor-core/postunpack.sh -ENV APP_VERSION="2.10.0" \ - BITNAMI_APP_NAME="harbor-core" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/harbor-core/bin:$PATH" - -VOLUME [ "/data", "/etc/core" ] - -EXPOSE 8080 - -WORKDIR /opt/bitnami/harbor-core -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/harbor-core/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/harbor-core/run.sh" ] diff --git a/bitnami/harbor-core/2/debian-11/config/core/app.conf b/bitnami/harbor-core/2/debian-11/config/core/app.conf deleted file mode 100644 index 6110364ca044..000000000000 --- a/bitnami/harbor-core/2/debian-11/config/core/app.conf +++ /dev/null @@ -1,6 +0,0 @@ -appname = Harbor -runmode = dev -enablegzip = true - -[dev] -httpport = 8080 diff --git a/bitnami/harbor-core/2/debian-11/config/core/private_key.pem b/bitnami/harbor-core/2/debian-11/config/core/private_key.pem deleted file mode 100644 index d2dc85dd1c0c..000000000000 --- a/bitnami/harbor-core/2/debian-11/config/core/private_key.pem +++ /dev/null @@ -1,51 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIJKAIBAAKCAgEAtpMvyv153iSmwm6TrFpUOzsIGBEDbGtOOEZMEm08D8IC2n1G -d6/XOZ5FxPAD6gIpE0EAcMojY5O0Hl4CDoyV3e/iKcBqFOgYtpogNtan7yT5J8gw -KsPbU/8nBkK75GOq56nfvq4t9GVAclIDtHbuvmlh6O2n+fxtR0M9LbuotbSBdXYU -hzXqiSsMclBvLyIk/z327VP5l0nUNOzPuKIwQjuxYKDkvq1oGy98oVlE6wl0ldh2 -ZYZLGAYbVhqBVUT1Un/PYqi9Nofa2RI5n1WOkUJQp87vb+PUPFhVOdvH/oAzV6/b -9dzyhA5paDM06lj2gsg9hQWxCgbFh1x39c6pSI8hmVe6x2d4tAtSyOm3Qwz+zO2l -bPDvkY8Svh5nxUYObrNreoO8wHr8MC6TGUQLnUt/RfdVKe5fYPFl6VYqJP/L3LDn -Xj771nFq6PKiYbhBwJw3TM49gpKNS/Of70TP2m7nVlyuyMdE5T1j3xyXNkixXqqn -JuSMqX/3Bmm0On9KEbemwn7KRYF/bqc50+RcGUdKNcOkN6vuMVZei4GbxALnVqac -s+/UQAiQP4212UO7iZFwMaCNJ3r/b4GOlyalI1yEA4odoZov7k5zVOzHu8O6QmCj -3R5TVOudpGiUh+lumRRpNqxDgjngLljvaWU6ttyIbjnAwCjnJoppZM2lkRkCAwEA -AQKCAgAvsvCPlf2a3fR7Y6xNISRUfS22K+u7DaXX6fXB8qv4afWY45Xfex89vG35 -78L2Bi55C0h0LztjrpkmPeVHq88TtrJduhl88M5UFpxH93jUb9JwZErBQX4xyb2G -UzUHjEqAT89W3+a9rR5TP74cDd59/MZJtp1mIF7keVqochi3sDsKVxkx4hIuWALe -csk5hTApRyUWCBRzRCSe1yfF0wnMpA/JcP+SGXfTcmqbNNlelo/Q/kaga59+3UmT -C0Wy41s8fIvP+MnGT2QLxkkrqYyfwrWTweqoTtuKEIHjpdnwUcoYJKfQ6jKp8aH0 -STyP5UIyFOKNuFjyh6ZfoPbuT1nGW+YKlUnK4hQ9N/GE0oMoecTaHTbqM+psQvbj -6+CG/1ukA5ZTQyogNyuOApArFBQ+RRmVudPKA3JYygIhwctuB2oItsVEOEZMELCn -g2aVFAVXGfGRDXvpa8oxs3Pc6RJEp/3tON6+w7cMCx0lwN/Jk2Ie6RgTzUycT3k6 -MoTQJRoO6/ZHcx3hTut/CfnrWiltyAUZOsefLuLg+Pwf9GHhOycLRI6gHfgSwdIV -S77UbbELWdscVr1EoPIasUm1uYWBBcFRTturRW+GHJ8TZX+mcWSBcWwBhp15LjEl -tJf+9U6lWMOSB2LvT+vFmR0M9q56fo7UeKFIR7mo7/GpiVu5AQKCAQEA6Qs7G9mw -N/JZOSeQO6xIQakC+sKApPyXO58fa7WQzri+l2UrLNp0DEQfZCujqDgwys6OOzR/ -xg8ZKQWVoad08Ind3ZwoJgnLn6QLENOcE6PpWxA/JjnVGP4JrXCYR98cP0sf9jEI -xkR1qT50GbeqU3RDFliI4kGRvbZ8cekzuWppfQcjstSBPdvuxqAcUVmTnTw83nvD -FmBbhlLiEgI3iKtJ97UB7480ivnWnOuusduk7FO4jF3hkrOa+YRidinTCi8JBo0Y -jx4Ci3Y5x6nvwkXhKzXapd7YmPNisUc5xA7/a+W71cyC0IKUwRc/8pYWLL3R3CpR -YiV8gf6gwzOckQKCAQEAyI9CSNoAQH4zpS8B9PF8zILqEEuun8m1f5JB3hQnfWzm -7uz/zg6I0TkcCE0AJVSKPHQm1V9+TRbF9+DiOWHEYYzPmK8h63SIufaWxZPqai4E -PUj6eQWykBUVJ96n6/AW0JHRZ+WrJ5RXBqCLuY7NP6wDhORrCJjBwaGMohNpbKPS -H3QewsoxCh+CEXKdKyy+/yU/f4E89PlHapkW1/bDJ5u7puSD+KvmiDDIXSBncdOO -uFT8n+XH5IwgjdXFSDim15rQ8jD2l2xLcwKboTpx5GeRl8oB1VGm0fUbBn1dvGPG -4WfHGyrp9VNZtP160WoHr+vRVPqvHNkoeAlCfEwQCQKCAQBN1dtzLN0HgqE8TrOE -ysEDdTCykj4nXNoiJr522hi4gsndhQPLolb6NdKKQW0S5Vmekyi8K4e1nhtYMS5N -5MFRCasZtmtOcR0af87WWucZRDjPmniNCunaxBZ1YFLsRl+H4E6Xir8UgY8O7PYY -FNkFsKIrl3x4nU/RHl8oKKyG9Dyxbq4Er6dPAuMYYiezIAkGjjUCVjHNindnQM2T -GDx2IEe/PSydV6ZD+LguhyU88FCAQmI0N7L8rZJIXmgIcWW0VAterceTHYHaFK2t -u1uB9pcDOKSDnA+Z3kiLT2/CxQOYhQ2clgbnH4YRi/Nm0awsW2X5dATklAKm5GXL -bLSRAoIBAQClaNnPQdTBXBR2IN3pSZ2XAkXPKMwdxvtk+phOc6raHA4eceLL7FrU -y9gd1HvRTfcwws8gXcDKDYU62gNaNhMELWEt2QsNqS/2x7Qzwbms1sTyUpUZaSSL -BohLOKyfv4ThgdIGcXoGi6Z2tcRnRqpq4BCK8uR/05TBgN5+8amaS0ZKYLfaCW4G -nlPk1fVgHWhtAChtnYZLuKg494fKmB7+NMfAbmmVlxjrq+gkPkxyqXvk9Vrg+V8y -VIuozu0Fkouv+GRpyw4ldtCHS1hV0eEK8ow2dwmqCMygDxm58X10mYn2b2PcOTl5 -9sNerUw1GNC8O66K+rGgBk4FKgXmg8kZAoIBABBcuisK250fXAfjAWXGqIMs2+Di -vqAdT041SNZEOJSGNFsLJbhd/3TtCLf29PN/YXtnvBmC37rqryTsqjSbx/YT2Jbr -Bk3jOr9JVbmcoSubXl8d/uzf7IGs91qaCgBwPZHgeH+kK13FCLexz+U9zYMZ78fF -/yO82CpoekT+rcl1jzYn43b6gIklHABQU1uCD6MMyMhJ9Op2WmbDk3X+py359jMc -+Cr2zfzdHAIVff2dOV3OL+ZHEWbwtnn3htKUdOmjoTJrciFx0xNZJS5Q7QYHMONj -yPqbajyhopiN01aBQpCSGF1F1uRpWeIjTrAZPbrwLl9YSYXz0AT05QeFEFk= ------END RSA PRIVATE KEY----- diff --git a/bitnami/harbor-core/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/harbor-core/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index ac2430f6dcb3..000000000000 --- a/bitnami/harbor-core/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "harbor-core": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.10.0-5" - }, - "ini-file": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.4.6-9" - }, - "wait-for-port": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.7-9" - } -} \ No newline at end of file diff --git a/bitnami/harbor-core/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/harbor-core/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/harbor-core/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/harbor-core/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/harbor-core/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/harbor-core/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/harbor-core/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/harbor-core/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/harbor-core/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/harbor-core/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/harbor-core/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/harbor-core/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/harbor-core/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/harbor-core/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/harbor-core/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/harbor-core/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/harbor-core/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/harbor-core/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/harbor-core/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/harbor-core/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/harbor-core/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/harbor-core/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/harbor-core/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/harbor-core/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/harbor-core/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/harbor-core/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/harbor-core/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/harbor-core/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/harbor-core/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/harbor-core/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/harbor-core/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/harbor-core/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/harbor-core/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/harbor-core/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/harbor-core/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/harbor-core/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/harbor-core/2/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/harbor-core/2/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/harbor-core/2/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/harbor-core/2/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/harbor-core/2/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/harbor-core/2/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/harbor-core/2/debian-11/rootfs/opt/bitnami/scripts/harbor-core-env.sh b/bitnami/harbor-core/2/debian-11/rootfs/opt/bitnami/scripts/harbor-core-env.sh deleted file mode 100644 index e5693bfd8352..000000000000 --- a/bitnami/harbor-core/2/debian-11/rootfs/opt/bitnami/scripts/harbor-core-env.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for harbor-core - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-harbor-core}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# Paths -export HARBOR_CORE_BASE_DIR="${BITNAMI_ROOT_DIR}/harbor-core" -export HARBOR_CORE_VOLUME_DIR="/data" -export PATH="${BITNAMI_ROOT_DIR}/common/bin:${PATH}" - -# System users -export HARBOR_CORE_DAEMON_USER="harbor" -export HARBOR_CORE_DAEMON_GROUP="harbor" - -# Custom environment variables may be defined below diff --git a/bitnami/harbor-core/2/debian-11/rootfs/opt/bitnami/scripts/harbor-core/entrypoint.sh b/bitnami/harbor-core/2/debian-11/rootfs/opt/bitnami/scripts/harbor-core/entrypoint.sh deleted file mode 100755 index c5e1ce7ac353..000000000000 --- a/bitnami/harbor-core/2/debian-11/rootfs/opt/bitnami/scripts/harbor-core/entrypoint.sh +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh - -print_welcome_page - -if [[ "$1" = "/opt/bitnami/scripts/harbor-core/run.sh" ]]; then - info "** Starting harbor-core setup **" - /opt/bitnami/scripts/harbor-core/setup.sh - info "** harbor-core setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/harbor-core/2/debian-11/rootfs/opt/bitnami/scripts/harbor-core/postunpack.sh b/bitnami/harbor-core/2/debian-11/rootfs/opt/bitnami/scripts/harbor-core/postunpack.sh deleted file mode 100755 index c7730e852ae1..000000000000 --- a/bitnami/harbor-core/2/debian-11/rootfs/opt/bitnami/scripts/harbor-core/postunpack.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libharbor.sh - -# Load environment -. /opt/bitnami/scripts/harbor-core-env.sh - -ensure_user_exists "$HARBOR_CORE_DAEMON_USER" --group "$HARBOR_CORE_DAEMON_GROUP" - -# Ensure a set of directories exist and the non-root user has write privileges to them -read -r -a directories <<<"$(get_system_cert_paths)" -directories+=("/etc/core" "${HARBOR_CORE_VOLUME_DIR}/certificates" "${HARBOR_CORE_VOLUME_DIR}/ca_download" "${HARBOR_CORE_VOLUME_DIR}/psc") -for dir in "/etc/core" "/data"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" - chown -R "$HARBOR_CORE_DAEMON_USER" "$dir" -done - -# Ensure permissions for Internal TLS -configure_permissions_system_certs - -# Add persisted configuration -ln -sf "${HARBOR_CORE_VOLUME_DIR}/certificates" /etc/core/certificates -ln -sf "${HARBOR_CORE_VOLUME_DIR}/ca_download" /etc/core/ca_download -ln -sf "${HARBOR_CORE_VOLUME_DIR}/psc" /etc/core/token diff --git a/bitnami/harbor-core/2/debian-11/rootfs/opt/bitnami/scripts/harbor-core/run.sh b/bitnami/harbor-core/2/debian-11/rootfs/opt/bitnami/scripts/harbor-core/run.sh deleted file mode 100755 index 6ba67662e77a..000000000000 --- a/bitnami/harbor-core/2/debian-11/rootfs/opt/bitnami/scripts/harbor-core/run.sh +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Load harbor-core environment -. /opt/bitnami/scripts/harbor-core-env.sh - -CMD="$(command -v harbor_core)" - -cd "$HARBOR_CORE_BASE_DIR" - -info "** Starting harbor-core **" -if am_i_root; then - exec_as_user "$HARBOR_CORE_DAEMON_USER" "$CMD" "$@" -else - exec "$CMD" "$@" -fi diff --git a/bitnami/harbor-core/2/debian-11/rootfs/opt/bitnami/scripts/harbor-core/setup.sh b/bitnami/harbor-core/2/debian-11/rootfs/opt/bitnami/scripts/harbor-core/setup.sh deleted file mode 100755 index c79e6e917baa..000000000000 --- a/bitnami/harbor-core/2/debian-11/rootfs/opt/bitnami/scripts/harbor-core/setup.sh +++ /dev/null @@ -1,107 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libharbor.sh - -# Load environment -. /opt/bitnami/scripts/harbor-core-env.sh - -# Auxiliar Functions - -######################## -# Retrieve a configuration setting value -# Arguments: -# $1 - key -# Returns: -# None -######################### -harbor_core_conf_get() { - local key="${1:?missing key}" - local runmode - local value - if [[ -f "/etc/core/app.conf" ]]; then - runmode="$(ini-file get "/etc/core/app.conf" --key "runmode" --section "")" - value="$(ini-file get "/etc/core/app.conf" --key "$key" --section "$runmode")" - echo "$value" - fi -} - -######################## -# Ensures a configuration setting is not empty -# Arguments: -# $1 - config_option -# Returns: -# None -######################### -not_empty_setting() { - local config_option="${1:?missing config_option}" - if [[ -z "$(harbor_core_conf_get "$config_option")" ]]; then - error "The configuration option \"$config_option\" must be set!" - exit 1 - fi -} - -######################## -# Ensures an environment_variable -# Arguments: -# $1 - env_var -# Returns: -# None -######################### -not_empty_env_var() { - local env_var="${1:?missing env_var}" - if [[ -z "${!env_var:-}" ]]; then - error "The environment variable \"$env_var\" must be set!" - exit 1 - fi -} - -######################## -# Validate Core settings -# Arguments: -# None -# Returns: -# None -######################### -harbor_core_validate() { - info "Validating Core settings..." - - if [[ ! -f "/etc/core/key" ]]; then - info "The key was not mounted at \"/etc/core/key\". Will use environment variable \"CORE_KEY\" instead." - if [[ -n "${HARBOR_CORE_CFG_CORE_KEY:-}" && -z "${CORE_KEY:-}" ]]; then - # Hack to support VMs approach to initializing Harbor components - export CORE_KEY="$HARBOR_CORE_CFG_CORE_KEY" - fi - not_empty_env_var "CORE_KEY" - echo -n "$CORE_KEY" >/etc/core/key - fi - - if [[ ! -f "/etc/core/app.conf" ]]; then - error "No configuration file was detected. Please mount your configuration file at \"/etc/core/app.conf\"" - exit 1 - fi - - not_empty_setting "httpport" - local validate_port_args=() - ! am_i_root && validate_port_args+=("-unprivileged") - if ! err=$(validate_port "${validate_port_args[@]}" "$(harbor_core_conf_get "httpport")"); then - error "An invalid port was specified: $err" - exit 1 - fi -} - -# Ensure harbor-core settings are valid -harbor_core_validate -install_custom_certs diff --git a/bitnami/harbor-core/2/debian-11/rootfs/opt/bitnami/scripts/libharbor.sh b/bitnami/harbor-core/2/debian-11/rootfs/opt/bitnami/scripts/libharbor.sh deleted file mode 100644 index d6134ff84dd5..000000000000 --- a/bitnami/harbor-core/2/debian-11/rootfs/opt/bitnami/scripts/libharbor.sh +++ /dev/null @@ -1,492 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Harbor library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libservice.sh - -######################## -# Get the paths relevant to CA certs depending -# on the OS -# Globals: -# None -# Arguments: -# None -# Returns: -# A series of paths relevant to CA certs -# depending on the OS. -######################### -get_system_cert_paths() { - local distro - distro="$(get_os_metadata --id)" - if [[ "$distro" =~ ^(debian|ubuntu)$ ]]; then - echo "/etc/ssl/certs/" - elif [[ "$distro" =~ ^photon$ ]]; then - echo "/etc/pki/tls/certs/" - else - # Check the existence of generic paths when OS_FLAVOR does - # not match - if [[ -d /etc/ssl/certs/ ]] ; then - echo "/etc/ssl/certs/" - elif [[ -d /etc/pki/tls/certs/ ]]; then - echo "/etc/pki/tls/certs/" - else - error "Could not determine relevant CA paths for this OS Flavour" - fi - fi -} - -######################## -# Ensure CA bundles allows users in root group install new certificate -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -configure_permissions_system_certs() { - local -r owner="${1:-}" - # Debian - set_permissions_ownership "/etc/pki/tls/certs/ca-bundle.crt" "$owner" - # Photon - set_permissions_ownership "/etc/pki/tls/certs/ca-bundle.trust.crt" "$owner" - set_permissions_ownership "/etc/ssl/certs/ca-certificates.crt" "$owner" -} - -######################## -# Grant group write permissions to the file provided and change ownership if a the owner argument is set. -# If the path is not a file, then do nothing. -# Globals: -# None -# Arguments: -# $1 - path -# $2 - owner -# Returns: -# None -######################### -set_permissions_ownership() { - local -r path="${1:?path is missing}" - local -r owner="${2:-}" - - if [[ -f "$path" ]]; then - chmod g+w "$path" - if [[ -n "$owner" ]]; then - chown "$owner" "$path" - fi - fi -} - -######################## -# Place a given certificate in the correct location for installation -# depending on the OS -# Globals: -# None -# Arguments: -# $1 - certificate to be installed -# Returns: -# None -######################### -install_cert() { - local -r cert="${1:?missing certificate}" - local distro - distro="$(get_os_metadata --id)" - - if [[ "$distro" =~ ^(debian|ubuntu)$ ]]; then - cat "$cert" >> /etc/ssl/certs/ca-certificates.crt - elif [[ "$distro" =~ ^photon$ ]]; then - cat "$cert" >> /etc/pki/tls/certs/ca-bundle.crt - else - # Check the existence of generic ca-bundles when OS_FLAVOR does - # not match - if [[ -f /etc/ssl/certs/ca-certificates.crt ]] ; then - cat "$cert" >> /etc/ssl/certs/ca-certificates.crt - elif [[ -f /etc/pki/tls/certs/ca-bundle.crt ]]; then - cat "$cert" >> /etc/pki/tls/certs/ca-bundle.crt - else - error "Could not install CA certificate ${cert} CA in this OS Flavour" - fi - fi -} - -######################## -# Install CA certificates found under the specific paths -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -install_custom_certs() { - local installed=false - - # Install any internalTLS CA authority certificate, found under - # /etc/harbor/ssl/{component}/ca.crt - if [[ -d /etc/harbor/ssl ]]; then - info "Appending internalTLS trust CA cert..." - while IFS= read -r -d '' caCert; do - install_cert "$caCert" - installed=true - debug "Internal tls trust CA $caCert copied" - done < <(find /etc/harbor/ssl -maxdepth 2 -name ca.crt -print0) - info "interalTLS CA certs appending done!" - fi - - # Install any other custom certificate provided by the end user under the path - # /harbor_cust_cert - if [[ -d /harbor_cust_cert ]]; then - info "Appending custom trust CA certs ..." - for certFile in /harbor_cust_cert/*; do - case ${certFile} in - *.crt | *.ca | *.ca-bundle | *.pem) - if [[ -d "$certFile" ]]; then - debug "$certFile is a directory, skipping it" - else - install_cert "$certFile" - installed=true - debug "Custom CA cert $certFile copied" - fi - ;; - *) debug "$certFile is not a CA cert file, skipping it" ;; - esac - done - fi - - if [[ "$installed" = true ]]; then - info "Custom certificates were installed in the system!" - else - info "No custom certificates were installed in the system" - fi -} - -######################## -# Generate an .env file contents given an input string containing all envvars -# Arguments: -# None -# Returns: -# String -######################### -harbor_generate_env_file_contents() { - local -r envvars_string="${1:-}" - [[ -z "$envvars_string" ]] && return - # For systemd, we will load it via EnvironmentFile=, so the shebang is not needed - [[ "$BITNAMI_SERVICE_MANAGER" != "systemd" ]] && echo "#!/bin/bash" - while IFS= read -r ENV_VAR_LINE; do - if [[ ! "$ENV_VAR_LINE" =~ ^[A-Z_] ]]; then - continue - fi - ENV_VAR_NAME="${ENV_VAR_LINE/=*}" - ENV_VAR_VALUE="${ENV_VAR_LINE#*=}" - # For systemd, we will load it via EnvironmentFile=, which does not allow 'export' - [[ "$BITNAMI_SERVICE_MANAGER" != "systemd" ]] && echo -n 'export ' - # Use single quotes to avoid shell expansion, and escape to be parsed properly (even if it contains quotes) - # Escape the value, so it can be parsed as a variable even with quotes set - echo "${ENV_VAR_NAME}='${ENV_VAR_VALUE//\'/\'\\\'\'}'" - done <<< "$envvars_string" -} - -######################## -# Print harbor-core runtime environment -# Arguments: -# None -# Returns: -# Boolean -######################### -harbor_core_print_env() { - # The CSRF key can only be up to 32 characters long - HARBOR_CORE_CFG_CSRF_KEY="${HARBOR_CORE_CFG_CSRF_KEY:0:32}" - for var in "${!HARBOR_CORE_CFG_@}"; do - echo "${var/HARBOR_CORE_CFG_/}=${!var}" - done -} - -######################## -# Check if harbor-core is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_core_running() { - # harbor-core does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "$(command -v harbor_core)" > "$HARBOR_CORE_PID_FILE" - - pid="$(get_pid_from_file "$HARBOR_CORE_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if harbor-core is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_core_not_running() { - ! is_harbor_core_running -} - -######################## -# Stop harbor-core -# Arguments: -# None -# Returns: -# None -######################### -harbor_core_stop() { - ! is_harbor_core_running && return - stop_service_using_pid "$HARBOR_CORE_PID_FILE" -} - -######################## -# Print harbor-jobservice runtime environment -# Arguments: -# None -# Returns: -# Boolean -######################### -harbor_jobservice_print_env() { - for var in "${!HARBOR_JOBSERVICE_CFG_@}"; do - echo "${var/HARBOR_JOBSERVICE_CFG_/}=${!var}" - done -} - -######################## -# Check if harbor-jobservice is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_jobservice_running() { - # harbor-jobservice does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "$(command -v harbor_jobservice)" > "$HARBOR_JOBSERVICE_PID_FILE" - - pid="$(get_pid_from_file "$HARBOR_JOBSERVICE_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if harbor-jobservice is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_jobservice_not_running() { - ! is_harbor_jobservice_running -} - -######################## -# Stop harbor-jobservice -# Arguments: -# None -# Returns: -# None -######################### -harbor_jobservice_stop() { - ! is_harbor_jobservice_running && return - stop_service_using_pid "$HARBOR_JOBSERVICE_PID_FILE" -} - -######################## -# Print harbor-registry runtime environment -# Arguments: -# None -# Returns: -# Boolean -######################### -harbor_registry_print_env() { - if [[ -n "$HARBOR_REGISTRY_USER" && -n "$HARBOR_REGISTRY_PASSWORD" ]]; then - HARBOR_REGISTRY_CFG_REGISTRY_HTPASSWD="$(htpasswd -nbBC10 "$HARBOR_REGISTRY_USER" "$HARBOR_REGISTRY_PASSWORD")" - # Update passwd file - echo "$HARBOR_REGISTRY_CFG_REGISTRY_HTPASSWD" >/etc/registry/passwd - fi - for var in "${!HARBOR_REGISTRY_CFG_@}"; do - echo "${var/HARBOR_REGISTRY_CFG_/}=${!var}" - done -} - -######################## -# Check if harbor-registry is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_registry_running() { - # harbor-registry does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "$(command -v registry)" > "$HARBOR_REGISTRY_PID_FILE" - - pid="$(get_pid_from_file "$HARBOR_REGISTRY_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if harbor-registry is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_registry_not_running() { - ! is_harbor_registry_running -} - -######################## -# Stop harbor-registry -# Arguments: -# None -# Returns: -# None -######################### -harbor_registry_stop() { - ! is_harbor_registry_running && return - stop_service_using_pid "$HARBOR_REGISTRY_PID_FILE" -} - -######################## -# Print harbor-registryctl runtime environment -# Arguments: -# None -# Returns: -# Boolean -######################### -harbor_registryctl_print_env() { - if [[ -n "$HARBOR_REGISTRYCTL_USER" && -n "$HARBOR_REGISTRYCTL_PASSWORD" ]]; then - HARBOR_REGISTRYCTL_CFG_REGISTRY_HTPASSWD="$(htpasswd -nbBC10 "$HARBOR_REGISTRYCTL_USER" "$HARBOR_REGISTRYCTL_PASSWORD")" - # Update passwd file - echo "$HARBOR_REGISTRYCTL_CFG_REGISTRY_HTPASSWD" >/etc/registry/passwd - fi - for var in "${!HARBOR_REGISTRYCTL_CFG_@}"; do - echo "${var/HARBOR_REGISTRYCTL_CFG_/}=${!var}" - done -} - -######################## -# Check if harbor-registryctl is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_registryctl_running() { - # harbor-registryctl does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "$(command -v harbor_registryctl)" > "$HARBOR_REGISTRYCTL_PID_FILE" - - pid="$(get_pid_from_file "$HARBOR_REGISTRYCTL_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if harbor-registryctl is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_registryctl_not_running() { - ! is_harbor_registryctl_running -} - -######################## -# Stop harbor-registryctl -# Arguments: -# None -# Returns: -# None -######################### -harbor_registryctl_stop() { - ! is_harbor_registryctl_running && return - stop_service_using_pid "$HARBOR_REGISTRYCTL_PID_FILE" - # The service may not respond properly to the default kill signal, so send a SIGKILL if it fails - local -r retries=5 - local -r sleep_time=1 - if ! retry_while "is_harbor_registryctl_not_running" "$retries" "$sleep_time"; then - stop_service_using_pid "$HARBOR_REGISTRYCTL_PID_FILE" SIGKILL - fi -} - -######################## -# Print harbor-adapter-trivy runtime environment -# Arguments: -# None -# Returns: -# Boolean -######################### -harbor_adapter_trivy_print_env() { - for var in "${!SCANNER_TRIVY_CFG_@}"; do - echo "${var/SCANNER_TRIVY_CFG_/}=${!var}" - done -} - -######################## -# Check if harbor-adapter-trivy is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_adapter_trivy_running() { - # harbor-adapter-trivy does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "$(command -v scanner-trivy)" > "$SCANNER_TRIVY_PID_FILE" - - pid="$(get_pid_from_file "$SCANNER_TRIVY_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if harbor-adapter-trivy is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_adapter_trivy_not_running() { - ! is_harbor_adapter_trivy_running -} - -######################## -# Stop harbor-adapter-trivy -# Arguments: -# None -# Returns: -# None -######################### -harbor_adapter_trivy_stop() { - ! is_harbor_adapter_trivy_running && return - stop_service_using_pid "$SCANNER_TRIVY_PID_FILE" -} - diff --git a/bitnami/harbor-core/2/debian-11/tags-info.yaml b/bitnami/harbor-core/2/debian-11/tags-info.yaml deleted file mode 100644 index fa154790da8f..000000000000 --- a/bitnami/harbor-core/2/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "2" -- 2-debian-11 -- 2.10.0 -- latest diff --git a/bitnami/harbor-exporter/2/debian-11/Dockerfile b/bitnami/harbor-exporter/2/debian-11/Dockerfile deleted file mode 100644 index 5504ab00c933..000000000000 --- a/bitnami/harbor-exporter/2/debian-11/Dockerfile +++ /dev/null @@ -1,57 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T04:06:47Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="2.10.0-debian-11-r24" \ - org.opencontainers.image.title="harbor-exporter" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="2.10.0" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "harbor-exporter-2.10.0-5-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/harbor-exporter/postunpack.sh -ENV APP_VERSION="2.10.0" \ - BITNAMI_APP_NAME="harbor-exporter" \ - PATH="/opt/bitnami/harbor-exporter/bin:$PATH" - -EXPOSE 9090 - -WORKDIR /opt/bitnami/harbor-exporter -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/harbor-exporter/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/harbor-exporter/run.sh" ] diff --git a/bitnami/harbor-exporter/2/debian-11/config/core/app.conf b/bitnami/harbor-exporter/2/debian-11/config/core/app.conf deleted file mode 100644 index 6110364ca044..000000000000 --- a/bitnami/harbor-exporter/2/debian-11/config/core/app.conf +++ /dev/null @@ -1,6 +0,0 @@ -appname = Harbor -runmode = dev -enablegzip = true - -[dev] -httpport = 8080 diff --git a/bitnami/harbor-exporter/2/debian-11/config/core/private_key.pem b/bitnami/harbor-exporter/2/debian-11/config/core/private_key.pem deleted file mode 100644 index d2dc85dd1c0c..000000000000 --- a/bitnami/harbor-exporter/2/debian-11/config/core/private_key.pem +++ /dev/null @@ -1,51 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIJKAIBAAKCAgEAtpMvyv153iSmwm6TrFpUOzsIGBEDbGtOOEZMEm08D8IC2n1G -d6/XOZ5FxPAD6gIpE0EAcMojY5O0Hl4CDoyV3e/iKcBqFOgYtpogNtan7yT5J8gw -KsPbU/8nBkK75GOq56nfvq4t9GVAclIDtHbuvmlh6O2n+fxtR0M9LbuotbSBdXYU -hzXqiSsMclBvLyIk/z327VP5l0nUNOzPuKIwQjuxYKDkvq1oGy98oVlE6wl0ldh2 -ZYZLGAYbVhqBVUT1Un/PYqi9Nofa2RI5n1WOkUJQp87vb+PUPFhVOdvH/oAzV6/b -9dzyhA5paDM06lj2gsg9hQWxCgbFh1x39c6pSI8hmVe6x2d4tAtSyOm3Qwz+zO2l -bPDvkY8Svh5nxUYObrNreoO8wHr8MC6TGUQLnUt/RfdVKe5fYPFl6VYqJP/L3LDn -Xj771nFq6PKiYbhBwJw3TM49gpKNS/Of70TP2m7nVlyuyMdE5T1j3xyXNkixXqqn -JuSMqX/3Bmm0On9KEbemwn7KRYF/bqc50+RcGUdKNcOkN6vuMVZei4GbxALnVqac -s+/UQAiQP4212UO7iZFwMaCNJ3r/b4GOlyalI1yEA4odoZov7k5zVOzHu8O6QmCj -3R5TVOudpGiUh+lumRRpNqxDgjngLljvaWU6ttyIbjnAwCjnJoppZM2lkRkCAwEA -AQKCAgAvsvCPlf2a3fR7Y6xNISRUfS22K+u7DaXX6fXB8qv4afWY45Xfex89vG35 -78L2Bi55C0h0LztjrpkmPeVHq88TtrJduhl88M5UFpxH93jUb9JwZErBQX4xyb2G -UzUHjEqAT89W3+a9rR5TP74cDd59/MZJtp1mIF7keVqochi3sDsKVxkx4hIuWALe -csk5hTApRyUWCBRzRCSe1yfF0wnMpA/JcP+SGXfTcmqbNNlelo/Q/kaga59+3UmT -C0Wy41s8fIvP+MnGT2QLxkkrqYyfwrWTweqoTtuKEIHjpdnwUcoYJKfQ6jKp8aH0 -STyP5UIyFOKNuFjyh6ZfoPbuT1nGW+YKlUnK4hQ9N/GE0oMoecTaHTbqM+psQvbj -6+CG/1ukA5ZTQyogNyuOApArFBQ+RRmVudPKA3JYygIhwctuB2oItsVEOEZMELCn -g2aVFAVXGfGRDXvpa8oxs3Pc6RJEp/3tON6+w7cMCx0lwN/Jk2Ie6RgTzUycT3k6 -MoTQJRoO6/ZHcx3hTut/CfnrWiltyAUZOsefLuLg+Pwf9GHhOycLRI6gHfgSwdIV -S77UbbELWdscVr1EoPIasUm1uYWBBcFRTturRW+GHJ8TZX+mcWSBcWwBhp15LjEl -tJf+9U6lWMOSB2LvT+vFmR0M9q56fo7UeKFIR7mo7/GpiVu5AQKCAQEA6Qs7G9mw -N/JZOSeQO6xIQakC+sKApPyXO58fa7WQzri+l2UrLNp0DEQfZCujqDgwys6OOzR/ -xg8ZKQWVoad08Ind3ZwoJgnLn6QLENOcE6PpWxA/JjnVGP4JrXCYR98cP0sf9jEI -xkR1qT50GbeqU3RDFliI4kGRvbZ8cekzuWppfQcjstSBPdvuxqAcUVmTnTw83nvD -FmBbhlLiEgI3iKtJ97UB7480ivnWnOuusduk7FO4jF3hkrOa+YRidinTCi8JBo0Y -jx4Ci3Y5x6nvwkXhKzXapd7YmPNisUc5xA7/a+W71cyC0IKUwRc/8pYWLL3R3CpR -YiV8gf6gwzOckQKCAQEAyI9CSNoAQH4zpS8B9PF8zILqEEuun8m1f5JB3hQnfWzm -7uz/zg6I0TkcCE0AJVSKPHQm1V9+TRbF9+DiOWHEYYzPmK8h63SIufaWxZPqai4E -PUj6eQWykBUVJ96n6/AW0JHRZ+WrJ5RXBqCLuY7NP6wDhORrCJjBwaGMohNpbKPS -H3QewsoxCh+CEXKdKyy+/yU/f4E89PlHapkW1/bDJ5u7puSD+KvmiDDIXSBncdOO -uFT8n+XH5IwgjdXFSDim15rQ8jD2l2xLcwKboTpx5GeRl8oB1VGm0fUbBn1dvGPG -4WfHGyrp9VNZtP160WoHr+vRVPqvHNkoeAlCfEwQCQKCAQBN1dtzLN0HgqE8TrOE -ysEDdTCykj4nXNoiJr522hi4gsndhQPLolb6NdKKQW0S5Vmekyi8K4e1nhtYMS5N -5MFRCasZtmtOcR0af87WWucZRDjPmniNCunaxBZ1YFLsRl+H4E6Xir8UgY8O7PYY -FNkFsKIrl3x4nU/RHl8oKKyG9Dyxbq4Er6dPAuMYYiezIAkGjjUCVjHNindnQM2T -GDx2IEe/PSydV6ZD+LguhyU88FCAQmI0N7L8rZJIXmgIcWW0VAterceTHYHaFK2t -u1uB9pcDOKSDnA+Z3kiLT2/CxQOYhQ2clgbnH4YRi/Nm0awsW2X5dATklAKm5GXL -bLSRAoIBAQClaNnPQdTBXBR2IN3pSZ2XAkXPKMwdxvtk+phOc6raHA4eceLL7FrU -y9gd1HvRTfcwws8gXcDKDYU62gNaNhMELWEt2QsNqS/2x7Qzwbms1sTyUpUZaSSL -BohLOKyfv4ThgdIGcXoGi6Z2tcRnRqpq4BCK8uR/05TBgN5+8amaS0ZKYLfaCW4G -nlPk1fVgHWhtAChtnYZLuKg494fKmB7+NMfAbmmVlxjrq+gkPkxyqXvk9Vrg+V8y -VIuozu0Fkouv+GRpyw4ldtCHS1hV0eEK8ow2dwmqCMygDxm58X10mYn2b2PcOTl5 -9sNerUw1GNC8O66K+rGgBk4FKgXmg8kZAoIBABBcuisK250fXAfjAWXGqIMs2+Di -vqAdT041SNZEOJSGNFsLJbhd/3TtCLf29PN/YXtnvBmC37rqryTsqjSbx/YT2Jbr -Bk3jOr9JVbmcoSubXl8d/uzf7IGs91qaCgBwPZHgeH+kK13FCLexz+U9zYMZ78fF -/yO82CpoekT+rcl1jzYn43b6gIklHABQU1uCD6MMyMhJ9Op2WmbDk3X+py359jMc -+Cr2zfzdHAIVff2dOV3OL+ZHEWbwtnn3htKUdOmjoTJrciFx0xNZJS5Q7QYHMONj -yPqbajyhopiN01aBQpCSGF1F1uRpWeIjTrAZPbrwLl9YSYXz0AT05QeFEFk= ------END RSA PRIVATE KEY----- diff --git a/bitnami/harbor-exporter/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/harbor-exporter/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 6696036604ca..000000000000 --- a/bitnami/harbor-exporter/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "harbor-exporter": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.10.0-5" - } -} \ No newline at end of file diff --git a/bitnami/harbor-exporter/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/harbor-exporter/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/harbor-exporter/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/harbor-exporter/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/harbor-exporter/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/harbor-exporter/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/harbor-exporter/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/harbor-exporter/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/harbor-exporter/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/harbor-exporter/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/harbor-exporter/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/harbor-exporter/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/harbor-exporter/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/harbor-exporter/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/harbor-exporter/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/harbor-exporter/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/harbor-exporter/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/harbor-exporter/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/harbor-exporter/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/harbor-exporter/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/harbor-exporter/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/harbor-exporter/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/harbor-exporter/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/harbor-exporter/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/harbor-exporter/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/harbor-exporter/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/harbor-exporter/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/harbor-exporter/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/harbor-exporter/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/harbor-exporter/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/harbor-exporter/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/harbor-exporter/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/harbor-exporter/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/harbor-exporter/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/harbor-exporter/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/harbor-exporter/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/harbor-exporter/2/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/harbor-exporter/2/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/harbor-exporter/2/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/harbor-exporter/2/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/harbor-exporter/2/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/harbor-exporter/2/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/harbor-exporter/2/debian-11/rootfs/opt/bitnami/scripts/harbor-exporter-env.sh b/bitnami/harbor-exporter/2/debian-11/rootfs/opt/bitnami/scripts/harbor-exporter-env.sh deleted file mode 100644 index 80d2ced41629..000000000000 --- a/bitnami/harbor-exporter/2/debian-11/rootfs/opt/bitnami/scripts/harbor-exporter-env.sh +++ /dev/null @@ -1,85 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for harbor-exporter - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-harbor-exporter}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -harbor_exporter_env_vars=( - HARBOR_EXPORTER_BASE_DIR - HARBOR_DATABASE_HOST - HARBOR_DATABASE_PORT - HARBOR_DATABASE_USERNAME - HARBOR_DATABASE_PASSWORD - HARBOR_DATABASE_DBNAME - HARBOR_DATABASE_SSLMODE - HARBOR_SERVICE_SCHEME - HARBOR_SERVICE_HOST - HARBOR_SERVICE_PORT - HARBOR_REDIS_URL - HARBOR_REDIS_NAMESPACE - HARBOR_REDIS_TIMEOUT - HARBOR_EXPORTER_PORT - HARBOR_EXPORTER_METRICS_PATH -) -for env_var in "${harbor_exporter_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset harbor_exporter_env_vars - -# Paths -export HARBOR_EXPORTER_BASE_DIR="${HARBOR_EXPORTER_BASE_DIR:-${BITNAMI_ROOT_DIR}/harbor-exporter}" - -# System users -export HARBOR_EXPORTER_DAEMON_USER="harbor" -export HARBOR_EXPORTER_DAEMON_GROUP="harbor" - -# Core Database Config -export HARBOR_DATABASE_HOST="${HARBOR_DATABASE_HOST:-}" -export HARBOR_DATABASE_PORT="${HARBOR_DATABASE_PORT:-5432}" -export HARBOR_DATABASE_USERNAME="${HARBOR_DATABASE_USERNAME:-}" -export HARBOR_DATABASE_PASSWORD="${HARBOR_DATABASE_PASSWORD:-}" -export HARBOR_DATABASE_DBNAME="${HARBOR_DATABASE_DBNAME:-}" -export HARBOR_DATABASE_SSLMODE="${HARBOR_DATABASE_SSLMODE:-disable}" - -# Core Service Config -export HARBOR_SERVICE_SCHEME="${HARBOR_SERVICE_SCHEME:-http}" -export HARBOR_SERVICE_HOST="${HARBOR_SERVICE_HOST:-core}" -export HARBOR_SERVICE_PORT="${HARBOR_SERVICE_PORT:-8080}" - -# Job Service Redis Config -export HARBOR_REDIS_URL="${HARBOR_REDIS_URL:-}" -export HARBOR_REDIS_NAMESPACE="${HARBOR_REDIS_NAMESPACE:-harbor_job_service_namespace}" -export HARBOR_REDIS_TIMEOUT="${HARBOR_REDIS_TIMEOUT:-3600}" - -# Exporter Config -export HARBOR_EXPORTER_PORT="${HARBOR_EXPORTER_PORT:-9090}" -export HARBOR_EXPORTER_METRICS_PATH="${HARBOR_EXPORTER_METRICS_PATH:-/metrics}" - -# Custom environment variables may be defined below diff --git a/bitnami/harbor-exporter/2/debian-11/rootfs/opt/bitnami/scripts/harbor-exporter/entrypoint.sh b/bitnami/harbor-exporter/2/debian-11/rootfs/opt/bitnami/scripts/harbor-exporter/entrypoint.sh deleted file mode 100755 index 3bddd3417219..000000000000 --- a/bitnami/harbor-exporter/2/debian-11/rootfs/opt/bitnami/scripts/harbor-exporter/entrypoint.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/libharbor.sh -. /opt/bitnami/scripts/libharborexporter.sh - -# Load environment -. /opt/bitnami/scripts/harbor-exporter-env.sh - -print_welcome_page - -if [[ "$1" = "/opt/bitnami/scripts/harbor-exporter/run.sh" ]]; then - info "** Starting harbor-exporter setup **" - install_custom_certs - info "** harbor-exporter setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/harbor-exporter/2/debian-11/rootfs/opt/bitnami/scripts/harbor-exporter/postunpack.sh b/bitnami/harbor-exporter/2/debian-11/rootfs/opt/bitnami/scripts/harbor-exporter/postunpack.sh deleted file mode 100755 index 00f59e130d62..000000000000 --- a/bitnami/harbor-exporter/2/debian-11/rootfs/opt/bitnami/scripts/harbor-exporter/postunpack.sh +++ /dev/null @@ -1,36 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libharbor.sh -. /opt/bitnami/scripts/libharborexporter.sh - -# Load environment -. /opt/bitnami/scripts/harbor-exporter-env.sh - -ensure_user_exists "$HARBOR_EXPORTER_DAEMON_USER" --group "$HARBOR_EXPORTER_DAEMON_GROUP" - -# Ensure a set of directories exist and the non-root user has write privileges to them -# Give execution permissions to /var/log to ensure harbor can access the child folder -chmod +x /var/log -read -r -a directories <<<"$(get_system_cert_paths)" -directories+=("/var/log/jobs") -for dir in "${directories[@]}"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" - chown -R "$HARBOR_EXPORTER_DAEMON_USER" "$dir" -done - -# Ensure permissions for Internal TLS -configure_permissions_system_certs diff --git a/bitnami/harbor-exporter/2/debian-11/rootfs/opt/bitnami/scripts/harbor-exporter/run.sh b/bitnami/harbor-exporter/2/debian-11/rootfs/opt/bitnami/scripts/harbor-exporter/run.sh deleted file mode 100755 index 760ab1c9de39..000000000000 --- a/bitnami/harbor-exporter/2/debian-11/rootfs/opt/bitnami/scripts/harbor-exporter/run.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libharbor.sh -. /opt/bitnami/scripts/libharborexporter.sh - -# Load harbor-exporter environment -. /opt/bitnami/scripts/harbor-exporter-env.sh - -CMD="$(command -v harbor_exporter)" - -harbor_exporter_validate -info "** Wait for database connection **" -wait_for_connection "$HARBOR_DATABASE_HOST" "$HARBOR_DATABASE_PORT" -info "** Starting harbor-exporter **" -if am_i_root; then - exec_as_user "$HARBOR_EXPORTER_DAEMON_USER" "$CMD" "$@" -else - exec "$CMD" "$@" -fi diff --git a/bitnami/harbor-exporter/2/debian-11/rootfs/opt/bitnami/scripts/libharbor.sh b/bitnami/harbor-exporter/2/debian-11/rootfs/opt/bitnami/scripts/libharbor.sh deleted file mode 100644 index d6134ff84dd5..000000000000 --- a/bitnami/harbor-exporter/2/debian-11/rootfs/opt/bitnami/scripts/libharbor.sh +++ /dev/null @@ -1,492 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Harbor library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libservice.sh - -######################## -# Get the paths relevant to CA certs depending -# on the OS -# Globals: -# None -# Arguments: -# None -# Returns: -# A series of paths relevant to CA certs -# depending on the OS. -######################### -get_system_cert_paths() { - local distro - distro="$(get_os_metadata --id)" - if [[ "$distro" =~ ^(debian|ubuntu)$ ]]; then - echo "/etc/ssl/certs/" - elif [[ "$distro" =~ ^photon$ ]]; then - echo "/etc/pki/tls/certs/" - else - # Check the existence of generic paths when OS_FLAVOR does - # not match - if [[ -d /etc/ssl/certs/ ]] ; then - echo "/etc/ssl/certs/" - elif [[ -d /etc/pki/tls/certs/ ]]; then - echo "/etc/pki/tls/certs/" - else - error "Could not determine relevant CA paths for this OS Flavour" - fi - fi -} - -######################## -# Ensure CA bundles allows users in root group install new certificate -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -configure_permissions_system_certs() { - local -r owner="${1:-}" - # Debian - set_permissions_ownership "/etc/pki/tls/certs/ca-bundle.crt" "$owner" - # Photon - set_permissions_ownership "/etc/pki/tls/certs/ca-bundle.trust.crt" "$owner" - set_permissions_ownership "/etc/ssl/certs/ca-certificates.crt" "$owner" -} - -######################## -# Grant group write permissions to the file provided and change ownership if a the owner argument is set. -# If the path is not a file, then do nothing. -# Globals: -# None -# Arguments: -# $1 - path -# $2 - owner -# Returns: -# None -######################### -set_permissions_ownership() { - local -r path="${1:?path is missing}" - local -r owner="${2:-}" - - if [[ -f "$path" ]]; then - chmod g+w "$path" - if [[ -n "$owner" ]]; then - chown "$owner" "$path" - fi - fi -} - -######################## -# Place a given certificate in the correct location for installation -# depending on the OS -# Globals: -# None -# Arguments: -# $1 - certificate to be installed -# Returns: -# None -######################### -install_cert() { - local -r cert="${1:?missing certificate}" - local distro - distro="$(get_os_metadata --id)" - - if [[ "$distro" =~ ^(debian|ubuntu)$ ]]; then - cat "$cert" >> /etc/ssl/certs/ca-certificates.crt - elif [[ "$distro" =~ ^photon$ ]]; then - cat "$cert" >> /etc/pki/tls/certs/ca-bundle.crt - else - # Check the existence of generic ca-bundles when OS_FLAVOR does - # not match - if [[ -f /etc/ssl/certs/ca-certificates.crt ]] ; then - cat "$cert" >> /etc/ssl/certs/ca-certificates.crt - elif [[ -f /etc/pki/tls/certs/ca-bundle.crt ]]; then - cat "$cert" >> /etc/pki/tls/certs/ca-bundle.crt - else - error "Could not install CA certificate ${cert} CA in this OS Flavour" - fi - fi -} - -######################## -# Install CA certificates found under the specific paths -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -install_custom_certs() { - local installed=false - - # Install any internalTLS CA authority certificate, found under - # /etc/harbor/ssl/{component}/ca.crt - if [[ -d /etc/harbor/ssl ]]; then - info "Appending internalTLS trust CA cert..." - while IFS= read -r -d '' caCert; do - install_cert "$caCert" - installed=true - debug "Internal tls trust CA $caCert copied" - done < <(find /etc/harbor/ssl -maxdepth 2 -name ca.crt -print0) - info "interalTLS CA certs appending done!" - fi - - # Install any other custom certificate provided by the end user under the path - # /harbor_cust_cert - if [[ -d /harbor_cust_cert ]]; then - info "Appending custom trust CA certs ..." - for certFile in /harbor_cust_cert/*; do - case ${certFile} in - *.crt | *.ca | *.ca-bundle | *.pem) - if [[ -d "$certFile" ]]; then - debug "$certFile is a directory, skipping it" - else - install_cert "$certFile" - installed=true - debug "Custom CA cert $certFile copied" - fi - ;; - *) debug "$certFile is not a CA cert file, skipping it" ;; - esac - done - fi - - if [[ "$installed" = true ]]; then - info "Custom certificates were installed in the system!" - else - info "No custom certificates were installed in the system" - fi -} - -######################## -# Generate an .env file contents given an input string containing all envvars -# Arguments: -# None -# Returns: -# String -######################### -harbor_generate_env_file_contents() { - local -r envvars_string="${1:-}" - [[ -z "$envvars_string" ]] && return - # For systemd, we will load it via EnvironmentFile=, so the shebang is not needed - [[ "$BITNAMI_SERVICE_MANAGER" != "systemd" ]] && echo "#!/bin/bash" - while IFS= read -r ENV_VAR_LINE; do - if [[ ! "$ENV_VAR_LINE" =~ ^[A-Z_] ]]; then - continue - fi - ENV_VAR_NAME="${ENV_VAR_LINE/=*}" - ENV_VAR_VALUE="${ENV_VAR_LINE#*=}" - # For systemd, we will load it via EnvironmentFile=, which does not allow 'export' - [[ "$BITNAMI_SERVICE_MANAGER" != "systemd" ]] && echo -n 'export ' - # Use single quotes to avoid shell expansion, and escape to be parsed properly (even if it contains quotes) - # Escape the value, so it can be parsed as a variable even with quotes set - echo "${ENV_VAR_NAME}='${ENV_VAR_VALUE//\'/\'\\\'\'}'" - done <<< "$envvars_string" -} - -######################## -# Print harbor-core runtime environment -# Arguments: -# None -# Returns: -# Boolean -######################### -harbor_core_print_env() { - # The CSRF key can only be up to 32 characters long - HARBOR_CORE_CFG_CSRF_KEY="${HARBOR_CORE_CFG_CSRF_KEY:0:32}" - for var in "${!HARBOR_CORE_CFG_@}"; do - echo "${var/HARBOR_CORE_CFG_/}=${!var}" - done -} - -######################## -# Check if harbor-core is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_core_running() { - # harbor-core does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "$(command -v harbor_core)" > "$HARBOR_CORE_PID_FILE" - - pid="$(get_pid_from_file "$HARBOR_CORE_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if harbor-core is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_core_not_running() { - ! is_harbor_core_running -} - -######################## -# Stop harbor-core -# Arguments: -# None -# Returns: -# None -######################### -harbor_core_stop() { - ! is_harbor_core_running && return - stop_service_using_pid "$HARBOR_CORE_PID_FILE" -} - -######################## -# Print harbor-jobservice runtime environment -# Arguments: -# None -# Returns: -# Boolean -######################### -harbor_jobservice_print_env() { - for var in "${!HARBOR_JOBSERVICE_CFG_@}"; do - echo "${var/HARBOR_JOBSERVICE_CFG_/}=${!var}" - done -} - -######################## -# Check if harbor-jobservice is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_jobservice_running() { - # harbor-jobservice does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "$(command -v harbor_jobservice)" > "$HARBOR_JOBSERVICE_PID_FILE" - - pid="$(get_pid_from_file "$HARBOR_JOBSERVICE_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if harbor-jobservice is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_jobservice_not_running() { - ! is_harbor_jobservice_running -} - -######################## -# Stop harbor-jobservice -# Arguments: -# None -# Returns: -# None -######################### -harbor_jobservice_stop() { - ! is_harbor_jobservice_running && return - stop_service_using_pid "$HARBOR_JOBSERVICE_PID_FILE" -} - -######################## -# Print harbor-registry runtime environment -# Arguments: -# None -# Returns: -# Boolean -######################### -harbor_registry_print_env() { - if [[ -n "$HARBOR_REGISTRY_USER" && -n "$HARBOR_REGISTRY_PASSWORD" ]]; then - HARBOR_REGISTRY_CFG_REGISTRY_HTPASSWD="$(htpasswd -nbBC10 "$HARBOR_REGISTRY_USER" "$HARBOR_REGISTRY_PASSWORD")" - # Update passwd file - echo "$HARBOR_REGISTRY_CFG_REGISTRY_HTPASSWD" >/etc/registry/passwd - fi - for var in "${!HARBOR_REGISTRY_CFG_@}"; do - echo "${var/HARBOR_REGISTRY_CFG_/}=${!var}" - done -} - -######################## -# Check if harbor-registry is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_registry_running() { - # harbor-registry does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "$(command -v registry)" > "$HARBOR_REGISTRY_PID_FILE" - - pid="$(get_pid_from_file "$HARBOR_REGISTRY_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if harbor-registry is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_registry_not_running() { - ! is_harbor_registry_running -} - -######################## -# Stop harbor-registry -# Arguments: -# None -# Returns: -# None -######################### -harbor_registry_stop() { - ! is_harbor_registry_running && return - stop_service_using_pid "$HARBOR_REGISTRY_PID_FILE" -} - -######################## -# Print harbor-registryctl runtime environment -# Arguments: -# None -# Returns: -# Boolean -######################### -harbor_registryctl_print_env() { - if [[ -n "$HARBOR_REGISTRYCTL_USER" && -n "$HARBOR_REGISTRYCTL_PASSWORD" ]]; then - HARBOR_REGISTRYCTL_CFG_REGISTRY_HTPASSWD="$(htpasswd -nbBC10 "$HARBOR_REGISTRYCTL_USER" "$HARBOR_REGISTRYCTL_PASSWORD")" - # Update passwd file - echo "$HARBOR_REGISTRYCTL_CFG_REGISTRY_HTPASSWD" >/etc/registry/passwd - fi - for var in "${!HARBOR_REGISTRYCTL_CFG_@}"; do - echo "${var/HARBOR_REGISTRYCTL_CFG_/}=${!var}" - done -} - -######################## -# Check if harbor-registryctl is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_registryctl_running() { - # harbor-registryctl does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "$(command -v harbor_registryctl)" > "$HARBOR_REGISTRYCTL_PID_FILE" - - pid="$(get_pid_from_file "$HARBOR_REGISTRYCTL_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if harbor-registryctl is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_registryctl_not_running() { - ! is_harbor_registryctl_running -} - -######################## -# Stop harbor-registryctl -# Arguments: -# None -# Returns: -# None -######################### -harbor_registryctl_stop() { - ! is_harbor_registryctl_running && return - stop_service_using_pid "$HARBOR_REGISTRYCTL_PID_FILE" - # The service may not respond properly to the default kill signal, so send a SIGKILL if it fails - local -r retries=5 - local -r sleep_time=1 - if ! retry_while "is_harbor_registryctl_not_running" "$retries" "$sleep_time"; then - stop_service_using_pid "$HARBOR_REGISTRYCTL_PID_FILE" SIGKILL - fi -} - -######################## -# Print harbor-adapter-trivy runtime environment -# Arguments: -# None -# Returns: -# Boolean -######################### -harbor_adapter_trivy_print_env() { - for var in "${!SCANNER_TRIVY_CFG_@}"; do - echo "${var/SCANNER_TRIVY_CFG_/}=${!var}" - done -} - -######################## -# Check if harbor-adapter-trivy is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_adapter_trivy_running() { - # harbor-adapter-trivy does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "$(command -v scanner-trivy)" > "$SCANNER_TRIVY_PID_FILE" - - pid="$(get_pid_from_file "$SCANNER_TRIVY_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if harbor-adapter-trivy is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_adapter_trivy_not_running() { - ! is_harbor_adapter_trivy_running -} - -######################## -# Stop harbor-adapter-trivy -# Arguments: -# None -# Returns: -# None -######################### -harbor_adapter_trivy_stop() { - ! is_harbor_adapter_trivy_running && return - stop_service_using_pid "$SCANNER_TRIVY_PID_FILE" -} - diff --git a/bitnami/harbor-exporter/2/debian-11/rootfs/opt/bitnami/scripts/libharborexporter.sh b/bitnami/harbor-exporter/2/debian-11/rootfs/opt/bitnami/scripts/libharborexporter.sh deleted file mode 100644 index 77f8c861f76b..000000000000 --- a/bitnami/harbor-exporter/2/debian-11/rootfs/opt/bitnami/scripts/libharborexporter.sh +++ /dev/null @@ -1,153 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh - -####################### -# Wait until the database is accessible with the currently-known credentials -# Globals: -# * -# Arguments: -# $1 - database host -# $2 - database port -# $3 - database name -# $4 - database username -# $5 - database user password (optional) -# Returns: -# true if the database connection succeeded, false otherwise -######################### -wait_for_connection() { - local -r host="${1:?missing database host}" - local -r port="${2:?missing database port}" - check_connection() { - (echo > /dev/tcp/"$host"/"$port") >/dev/null 2>&1 - } - if ! retry_while "check_connection"; then - error "Could not connect to the ${host}:${port}" - return 1 - fi -} - -harbor_exporter_validate() { - debug "Validating settings in HARBOR_* environment variables..." - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - check_not_empty_value() { - if is_empty_value "${!1}"; then - print_validation_error "${1} must be set" - fi - } - check_multi_value() { - if [[ " ${2} " != *" ${!1} "* ]]; then - print_validation_error "The allowed values for ${1} are: ${2}" - fi - } - check_resolved_hostname() { - if ! is_hostname_resolved "$1"; then - warn "Hostname ${1} could not be resolved, this could lead to connection issues" - fi - } - check_valid_port() { - local port_var="${1:?missing port variable}" - local err - if ! err="$(validate_port "${!port_var}")"; then - print_validation_error "An invalid port was specified in the environment variable ${port_var}: ${err}." - fi - } - - local mandatory=( - "HARBOR_DATABASE_DBNAME" - "HARBOR_DATABASE_HOST" - "HARBOR_DATABASE_USERNAME" - "HARBOR_DATABASE_SSLMODE" - "HARBOR_REDIS_NAMESPACE" - "HARBOR_REDIS_URL" - "HARBOR_SERVICE_HOST" - ) - - for parameter in "${mandatory[@]}"; do - check_not_empty_value "$parameter" - done - - check_resolved_hostname "$HARBOR_DATABASE_HOST" - check_valid_port "HARBOR_DATABASE_PORT" - - check_multi_value "HARBOR_SERVICE_SCHEME" "http https" - check_resolved_hostname "$HARBOR_SERVICE_HOST" - check_valid_port "HARBOR_SERVICE_PORT" - - check_resolved_hostname "$(parse_uri "$HARBOR_REDIS_URL" "host")" - - check_valid_port "HARBOR_EXPORTER_PORT" - - return "$error_code" -} - -######################## -# Print harbor-exporter runtime environment -# Arguments: -# None -# Returns: -# Boolean -######################### -harbor_exporter_print_env() { - for var in "${!HARBOR_EXPORTER_CFG_@}"; do - echo "${var/HARBOR_EXPORTER_CFG_/}=${!var}" - done -} - -######################## -# Check if harbor-exporter is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_exporter_running() { - # harbor-exporter does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "harbor_exporter" > "$HARBOR_EXPORTER_PID_FILE" - - pid="$(get_pid_from_file "$HARBOR_EXPORTER_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if harbor-exporter is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_exporter_not_running() { - ! is_harbor_exporter_running -} - -######################## -# Stop harbor-exporter -# Arguments: -# None -# Returns: -# None -######################### -harbor_exporter_stop() { - ! is_harbor_exporter_running && return - stop_service_using_pid "$HARBOR_EXPORTER_PID_FILE" -} diff --git a/bitnami/harbor-exporter/2/debian-11/tags-info.yaml b/bitnami/harbor-exporter/2/debian-11/tags-info.yaml deleted file mode 100644 index fa154790da8f..000000000000 --- a/bitnami/harbor-exporter/2/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "2" -- 2-debian-11 -- 2.10.0 -- latest diff --git a/bitnami/harbor-jobservice/2/debian-11/Dockerfile b/bitnami/harbor-jobservice/2/debian-11/Dockerfile deleted file mode 100644 index 383d6099ea10..000000000000 --- a/bitnami/harbor-jobservice/2/debian-11/Dockerfile +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T04:10:34Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="2.10.0-debian-11-r26" \ - org.opencontainers.image.title="harbor-jobservice" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="2.10.0" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "yq-4.41.1-0-linux-${OS_ARCH}-debian-11" \ - "harbor-jobservice-2.10.0-5-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/harbor-jobservice/postunpack.sh -ENV APP_VERSION="2.10.0" \ - BITNAMI_APP_NAME="harbor-jobservice" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/harbor-jobservice/bin:$PATH" - -VOLUME [ "/etc/jobservice", "/var/log/jobs" ] - -EXPOSE 8080 8443 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/harbor-jobservice/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/harbor-jobservice/run.sh" ] diff --git a/bitnami/harbor-jobservice/2/debian-11/config/jobservice/config.yml b/bitnami/harbor-jobservice/2/debian-11/config/jobservice/config.yml deleted file mode 100644 index a575ce71ffea..000000000000 --- a/bitnami/harbor-jobservice/2/debian-11/config/jobservice/config.yml +++ /dev/null @@ -1,41 +0,0 @@ ---- -#Protocol used to serve -protocol: "http" - -#Config certification if use 'https' protocol -#https_config: -# cert: "server.crt" -# key: "server.key" - -#Server listening port -port: 8080 - -#Worker pool -worker_pool: - #Worker concurrency - workers: 10 - backend: "redis" - #Additional config if use 'redis' backend - redis_pool: - #redis://[arbitrary_username:password@]ipaddress:port/database_index - redis_url: redis://redis:6379/2 - namespace: "harbor_job_service_namespace" -#Loggers for the running job -job_loggers: - - name: "STD_OUTPUT" # logger backend name, only support "FILE" and "STD_OUTPUT" - level: "INFO" # INFO/DEBUG/WARNING/ERROR/FATAL - - name: "FILE" - level: "INFO" - settings: # Customized settings of logger - base_dir: "/var/log/jobs" - sweeper: - duration: 1 #days - settings: # Customized settings of sweeper - work_dir: "/var/log/jobs" - -#Loggers for the job service -loggers: - - name: "STD_OUTPUT" # Same with above - level: "INFO" -#Admin server endpoint -admin_server: "http://adminserver:8080/" diff --git a/bitnami/harbor-jobservice/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/harbor-jobservice/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 36361676edb5..000000000000 --- a/bitnami/harbor-jobservice/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "harbor-jobservice": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.10.0-5" - }, - "yq": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "4.41.1-0" - } -} \ No newline at end of file diff --git a/bitnami/harbor-jobservice/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/harbor-jobservice/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/harbor-jobservice/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/harbor-jobservice/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/harbor-jobservice/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/harbor-jobservice/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/harbor-jobservice/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/harbor-jobservice/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/harbor-jobservice/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/harbor-jobservice/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/harbor-jobservice/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/harbor-jobservice/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/harbor-jobservice/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/harbor-jobservice/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/harbor-jobservice/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/harbor-jobservice/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/harbor-jobservice/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/harbor-jobservice/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/harbor-jobservice/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/harbor-jobservice/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/harbor-jobservice/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/harbor-jobservice/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/harbor-jobservice/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/harbor-jobservice/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/harbor-jobservice/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/harbor-jobservice/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/harbor-jobservice/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/harbor-jobservice/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/harbor-jobservice/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/harbor-jobservice/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/harbor-jobservice/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/harbor-jobservice/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/harbor-jobservice/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/harbor-jobservice/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/harbor-jobservice/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/harbor-jobservice/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/harbor-jobservice/2/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/harbor-jobservice/2/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/harbor-jobservice/2/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/harbor-jobservice/2/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/harbor-jobservice/2/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/harbor-jobservice/2/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/harbor-jobservice/2/debian-11/rootfs/opt/bitnami/scripts/harbor-jobservice-env.sh b/bitnami/harbor-jobservice/2/debian-11/rootfs/opt/bitnami/scripts/harbor-jobservice-env.sh deleted file mode 100644 index 15fd0b912bd7..000000000000 --- a/bitnami/harbor-jobservice/2/debian-11/rootfs/opt/bitnami/scripts/harbor-jobservice-env.sh +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for harbor-jobservice - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-harbor-jobservice}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# Paths -export HARBOR_JOBSERVICE_BASE_DIR="${BITNAMI_ROOT_DIR}/harbor-jobservice" -export PATH="${BITNAMI_ROOT_DIR}/common/bin:${PATH}" - -# System users -export HARBOR_JOBSERVICE_DAEMON_USER="harbor" -export HARBOR_JOBSERVICE_DAEMON_GROUP="harbor" - -# Custom environment variables may be defined below diff --git a/bitnami/harbor-jobservice/2/debian-11/rootfs/opt/bitnami/scripts/harbor-jobservice/entrypoint.sh b/bitnami/harbor-jobservice/2/debian-11/rootfs/opt/bitnami/scripts/harbor-jobservice/entrypoint.sh deleted file mode 100755 index ed373d6af0b8..000000000000 --- a/bitnami/harbor-jobservice/2/debian-11/rootfs/opt/bitnami/scripts/harbor-jobservice/entrypoint.sh +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh - -print_welcome_page - -if [[ "$1" = "/opt/bitnami/scripts/harbor-jobservice/run.sh" ]]; then - info "** Starting harbor-jobservice setup **" - /opt/bitnami/scripts/harbor-jobservice/setup.sh - info "** harbor-jobservice setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/harbor-jobservice/2/debian-11/rootfs/opt/bitnami/scripts/harbor-jobservice/postunpack.sh b/bitnami/harbor-jobservice/2/debian-11/rootfs/opt/bitnami/scripts/harbor-jobservice/postunpack.sh deleted file mode 100755 index 8f317c498128..000000000000 --- a/bitnami/harbor-jobservice/2/debian-11/rootfs/opt/bitnami/scripts/harbor-jobservice/postunpack.sh +++ /dev/null @@ -1,37 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libharbor.sh - -# Load environment -. /opt/bitnami/scripts/harbor-jobservice-env.sh - -ensure_user_exists "$HARBOR_JOBSERVICE_DAEMON_USER" --group "$HARBOR_JOBSERVICE_DAEMON_GROUP" - -# Ensure a set of directories exist and the non-root user has write privileges to them -# Give execution permissions to /var/log to ensure harbor can access the child folder -chmod +x /var/log -read -r -a directories <<<"$(get_system_cert_paths)" -directories+=("/var/log/jobs") -for dir in "${directories[@]}"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" - chown -R "$HARBOR_JOBSERVICE_DAEMON_USER" "$dir" -done - -ensure_dir_exists "/etc/jobservice" - -# Ensure permissions for Internal TLS -configure_permissions_system_certs diff --git a/bitnami/harbor-jobservice/2/debian-11/rootfs/opt/bitnami/scripts/harbor-jobservice/run.sh b/bitnami/harbor-jobservice/2/debian-11/rootfs/opt/bitnami/scripts/harbor-jobservice/run.sh deleted file mode 100755 index eaf782ed9e2a..000000000000 --- a/bitnami/harbor-jobservice/2/debian-11/rootfs/opt/bitnami/scripts/harbor-jobservice/run.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Load harbor-jobservice environment -. /opt/bitnami/scripts/harbor-jobservice-env.sh - -CMD="$(command -v harbor_jobservice)" -FLAGS=("-c" "/etc/jobservice/config.yml" "$@") - -cd "$HARBOR_JOBSERVICE_BASE_DIR" - -info "** Starting harbor-jobservice **" -if am_i_root; then - exec_as_user "$HARBOR_JOBSERVICE_DAEMON_USER" "$CMD" "${FLAGS[@]}" -else - exec "$CMD" "${FLAGS[@]}" -fi diff --git a/bitnami/harbor-jobservice/2/debian-11/rootfs/opt/bitnami/scripts/harbor-jobservice/setup.sh b/bitnami/harbor-jobservice/2/debian-11/rootfs/opt/bitnami/scripts/harbor-jobservice/setup.sh deleted file mode 100755 index 5c28a0bbdfe2..000000000000 --- a/bitnami/harbor-jobservice/2/debian-11/rootfs/opt/bitnami/scripts/harbor-jobservice/setup.sh +++ /dev/null @@ -1,148 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libharbor.sh - -# Load environment -. /opt/bitnami/scripts/harbor-jobservice-env.sh - -# Auxiliar Functions - -######################## -# Retrieve a configuration setting value -# Arguments: -# $1 - key -# Returns: -# None -######################### -harbor_jobservice_conf_get() { - local key="${1:?missing key}" - local value - if [[ -f "/etc/jobservice/config.yml" ]]; then - value="$(yq eval ".${key}" "/etc/jobservice/config.yml")" - if [[ "$value" != "null" ]]; then - echo "$value" - fi - fi -} - -######################## -# Ensures a configuration setting is not empty -# Arguments: -# $1 - env_var -# $2 - config_option -# Returns: -# None -######################### -not_empty_setting() { - local env_var="${1:?missing env_var}" - local config_option="${2:?missing config_option}" - if [[ -z "${!env_var:-$(harbor_jobservice_conf_get "$config_option")}" ]]; then - error "The environment variable \"$env_var\" or the configuration option \"$config_option\" must be set!" - exit 1 - fi -} - -######################## -# Ensures an environment_variable -# Arguments: -# $1 - env_var -# Returns: -# None -######################### -not_empty_env_var() { - local env_var="${1:?missing env_var}" - if [[ -z "${!env_var:-}" ]]; then - error "The environment variable \"$env_var\" must be set!" - exit 1 - fi -} - -######################## -# Validate harbor-jobservice settings -# Arguments: -# None -# Returns: -# None -######################### -harbor_jobservice_validate() { - info "Validating harbor-jobservice settings..." - - if [[ ! -f "/etc/jobservice/config.yml" ]]; then - error "No configuration file was detected. Please mount your configuration file at \"/etc/jobservice/config.yml\"" - exit 1 - fi - - not_empty_setting "JOB_SERVICE_PROTOCOL" "protocol" - not_empty_setting "JOB_SERVICE_PORT" "port" - not_empty_setting "JOB_SERVICE_POOL_WORKERS" "worker_pool.workers" - not_empty_setting "JOB_SERVICE_POOL_BACKEND" "worker_pool.backend" - - if [[ "${JOB_SERVICE_PROTOCOL:-$(harbor_jobservice_conf_get "protocol")}" != "http" ]] && - [[ "${JOB_SERVICE_PROTOCOL:-$(harbor_jobservice_conf_get "protocol")}" != "https" ]]; then - error "Protocol must be \"http\" or \"https\"!" - exit 1 - fi - local validate_port_args=() - ! am_i_root && validate_port_args+=("-unprivileged") - if ! err=$(validate_port "${validate_port_args[@]}" "${JOB_SERVICE_PORT:-$(harbor_jobservice_conf_get "port")}"); then - error "An invalid port was specified: $err" - exit 1 - fi -} - - -######################## -# Check if harbor-core API is reported as healthy -# Globals: -# CORE_URL -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_core_ready() { - if [[ -n "${HARBOR_JOBSERVICE_CFG_CORE_URL:-}" && -z "${CORE_URL:-}" ]]; then - # Hack to support VMs approach to initializing Harbor components - export CORE_URL="$HARBOR_JOBSERVICE_CFG_CORE_URL" - fi - not_empty_env_var "CORE_URL" - - local -r status="$(yq eval '.components[]|select(.name == "core").status' - <<<"$(curl -s "${CORE_URL}/api/v2.0/health")")" - [[ "$status" = "healthy" ]] -} - -######################## -# Waits for harbor-core to be ready -# Times out after 60 seconds -# Globals: -# INFLUXDB_* -# Arguments: -# None -# Returns: -# None -######################## -wait_for_harbor_core() { - info "Waiting for harbor-core to be started and ready" - if ! retry_while "is_harbor_core_ready"; then - error "Timeout waiting for harbor-core to be available" - return 1 - fi -} - -# Ensure harbor-jobservice settings are valid -harbor_jobservice_validate -install_custom_certs -wait_for_harbor_core diff --git a/bitnami/harbor-jobservice/2/debian-11/rootfs/opt/bitnami/scripts/libharbor.sh b/bitnami/harbor-jobservice/2/debian-11/rootfs/opt/bitnami/scripts/libharbor.sh deleted file mode 100644 index d6134ff84dd5..000000000000 --- a/bitnami/harbor-jobservice/2/debian-11/rootfs/opt/bitnami/scripts/libharbor.sh +++ /dev/null @@ -1,492 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Harbor library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libservice.sh - -######################## -# Get the paths relevant to CA certs depending -# on the OS -# Globals: -# None -# Arguments: -# None -# Returns: -# A series of paths relevant to CA certs -# depending on the OS. -######################### -get_system_cert_paths() { - local distro - distro="$(get_os_metadata --id)" - if [[ "$distro" =~ ^(debian|ubuntu)$ ]]; then - echo "/etc/ssl/certs/" - elif [[ "$distro" =~ ^photon$ ]]; then - echo "/etc/pki/tls/certs/" - else - # Check the existence of generic paths when OS_FLAVOR does - # not match - if [[ -d /etc/ssl/certs/ ]] ; then - echo "/etc/ssl/certs/" - elif [[ -d /etc/pki/tls/certs/ ]]; then - echo "/etc/pki/tls/certs/" - else - error "Could not determine relevant CA paths for this OS Flavour" - fi - fi -} - -######################## -# Ensure CA bundles allows users in root group install new certificate -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -configure_permissions_system_certs() { - local -r owner="${1:-}" - # Debian - set_permissions_ownership "/etc/pki/tls/certs/ca-bundle.crt" "$owner" - # Photon - set_permissions_ownership "/etc/pki/tls/certs/ca-bundle.trust.crt" "$owner" - set_permissions_ownership "/etc/ssl/certs/ca-certificates.crt" "$owner" -} - -######################## -# Grant group write permissions to the file provided and change ownership if a the owner argument is set. -# If the path is not a file, then do nothing. -# Globals: -# None -# Arguments: -# $1 - path -# $2 - owner -# Returns: -# None -######################### -set_permissions_ownership() { - local -r path="${1:?path is missing}" - local -r owner="${2:-}" - - if [[ -f "$path" ]]; then - chmod g+w "$path" - if [[ -n "$owner" ]]; then - chown "$owner" "$path" - fi - fi -} - -######################## -# Place a given certificate in the correct location for installation -# depending on the OS -# Globals: -# None -# Arguments: -# $1 - certificate to be installed -# Returns: -# None -######################### -install_cert() { - local -r cert="${1:?missing certificate}" - local distro - distro="$(get_os_metadata --id)" - - if [[ "$distro" =~ ^(debian|ubuntu)$ ]]; then - cat "$cert" >> /etc/ssl/certs/ca-certificates.crt - elif [[ "$distro" =~ ^photon$ ]]; then - cat "$cert" >> /etc/pki/tls/certs/ca-bundle.crt - else - # Check the existence of generic ca-bundles when OS_FLAVOR does - # not match - if [[ -f /etc/ssl/certs/ca-certificates.crt ]] ; then - cat "$cert" >> /etc/ssl/certs/ca-certificates.crt - elif [[ -f /etc/pki/tls/certs/ca-bundle.crt ]]; then - cat "$cert" >> /etc/pki/tls/certs/ca-bundle.crt - else - error "Could not install CA certificate ${cert} CA in this OS Flavour" - fi - fi -} - -######################## -# Install CA certificates found under the specific paths -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -install_custom_certs() { - local installed=false - - # Install any internalTLS CA authority certificate, found under - # /etc/harbor/ssl/{component}/ca.crt - if [[ -d /etc/harbor/ssl ]]; then - info "Appending internalTLS trust CA cert..." - while IFS= read -r -d '' caCert; do - install_cert "$caCert" - installed=true - debug "Internal tls trust CA $caCert copied" - done < <(find /etc/harbor/ssl -maxdepth 2 -name ca.crt -print0) - info "interalTLS CA certs appending done!" - fi - - # Install any other custom certificate provided by the end user under the path - # /harbor_cust_cert - if [[ -d /harbor_cust_cert ]]; then - info "Appending custom trust CA certs ..." - for certFile in /harbor_cust_cert/*; do - case ${certFile} in - *.crt | *.ca | *.ca-bundle | *.pem) - if [[ -d "$certFile" ]]; then - debug "$certFile is a directory, skipping it" - else - install_cert "$certFile" - installed=true - debug "Custom CA cert $certFile copied" - fi - ;; - *) debug "$certFile is not a CA cert file, skipping it" ;; - esac - done - fi - - if [[ "$installed" = true ]]; then - info "Custom certificates were installed in the system!" - else - info "No custom certificates were installed in the system" - fi -} - -######################## -# Generate an .env file contents given an input string containing all envvars -# Arguments: -# None -# Returns: -# String -######################### -harbor_generate_env_file_contents() { - local -r envvars_string="${1:-}" - [[ -z "$envvars_string" ]] && return - # For systemd, we will load it via EnvironmentFile=, so the shebang is not needed - [[ "$BITNAMI_SERVICE_MANAGER" != "systemd" ]] && echo "#!/bin/bash" - while IFS= read -r ENV_VAR_LINE; do - if [[ ! "$ENV_VAR_LINE" =~ ^[A-Z_] ]]; then - continue - fi - ENV_VAR_NAME="${ENV_VAR_LINE/=*}" - ENV_VAR_VALUE="${ENV_VAR_LINE#*=}" - # For systemd, we will load it via EnvironmentFile=, which does not allow 'export' - [[ "$BITNAMI_SERVICE_MANAGER" != "systemd" ]] && echo -n 'export ' - # Use single quotes to avoid shell expansion, and escape to be parsed properly (even if it contains quotes) - # Escape the value, so it can be parsed as a variable even with quotes set - echo "${ENV_VAR_NAME}='${ENV_VAR_VALUE//\'/\'\\\'\'}'" - done <<< "$envvars_string" -} - -######################## -# Print harbor-core runtime environment -# Arguments: -# None -# Returns: -# Boolean -######################### -harbor_core_print_env() { - # The CSRF key can only be up to 32 characters long - HARBOR_CORE_CFG_CSRF_KEY="${HARBOR_CORE_CFG_CSRF_KEY:0:32}" - for var in "${!HARBOR_CORE_CFG_@}"; do - echo "${var/HARBOR_CORE_CFG_/}=${!var}" - done -} - -######################## -# Check if harbor-core is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_core_running() { - # harbor-core does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "$(command -v harbor_core)" > "$HARBOR_CORE_PID_FILE" - - pid="$(get_pid_from_file "$HARBOR_CORE_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if harbor-core is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_core_not_running() { - ! is_harbor_core_running -} - -######################## -# Stop harbor-core -# Arguments: -# None -# Returns: -# None -######################### -harbor_core_stop() { - ! is_harbor_core_running && return - stop_service_using_pid "$HARBOR_CORE_PID_FILE" -} - -######################## -# Print harbor-jobservice runtime environment -# Arguments: -# None -# Returns: -# Boolean -######################### -harbor_jobservice_print_env() { - for var in "${!HARBOR_JOBSERVICE_CFG_@}"; do - echo "${var/HARBOR_JOBSERVICE_CFG_/}=${!var}" - done -} - -######################## -# Check if harbor-jobservice is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_jobservice_running() { - # harbor-jobservice does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "$(command -v harbor_jobservice)" > "$HARBOR_JOBSERVICE_PID_FILE" - - pid="$(get_pid_from_file "$HARBOR_JOBSERVICE_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if harbor-jobservice is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_jobservice_not_running() { - ! is_harbor_jobservice_running -} - -######################## -# Stop harbor-jobservice -# Arguments: -# None -# Returns: -# None -######################### -harbor_jobservice_stop() { - ! is_harbor_jobservice_running && return - stop_service_using_pid "$HARBOR_JOBSERVICE_PID_FILE" -} - -######################## -# Print harbor-registry runtime environment -# Arguments: -# None -# Returns: -# Boolean -######################### -harbor_registry_print_env() { - if [[ -n "$HARBOR_REGISTRY_USER" && -n "$HARBOR_REGISTRY_PASSWORD" ]]; then - HARBOR_REGISTRY_CFG_REGISTRY_HTPASSWD="$(htpasswd -nbBC10 "$HARBOR_REGISTRY_USER" "$HARBOR_REGISTRY_PASSWORD")" - # Update passwd file - echo "$HARBOR_REGISTRY_CFG_REGISTRY_HTPASSWD" >/etc/registry/passwd - fi - for var in "${!HARBOR_REGISTRY_CFG_@}"; do - echo "${var/HARBOR_REGISTRY_CFG_/}=${!var}" - done -} - -######################## -# Check if harbor-registry is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_registry_running() { - # harbor-registry does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "$(command -v registry)" > "$HARBOR_REGISTRY_PID_FILE" - - pid="$(get_pid_from_file "$HARBOR_REGISTRY_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if harbor-registry is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_registry_not_running() { - ! is_harbor_registry_running -} - -######################## -# Stop harbor-registry -# Arguments: -# None -# Returns: -# None -######################### -harbor_registry_stop() { - ! is_harbor_registry_running && return - stop_service_using_pid "$HARBOR_REGISTRY_PID_FILE" -} - -######################## -# Print harbor-registryctl runtime environment -# Arguments: -# None -# Returns: -# Boolean -######################### -harbor_registryctl_print_env() { - if [[ -n "$HARBOR_REGISTRYCTL_USER" && -n "$HARBOR_REGISTRYCTL_PASSWORD" ]]; then - HARBOR_REGISTRYCTL_CFG_REGISTRY_HTPASSWD="$(htpasswd -nbBC10 "$HARBOR_REGISTRYCTL_USER" "$HARBOR_REGISTRYCTL_PASSWORD")" - # Update passwd file - echo "$HARBOR_REGISTRYCTL_CFG_REGISTRY_HTPASSWD" >/etc/registry/passwd - fi - for var in "${!HARBOR_REGISTRYCTL_CFG_@}"; do - echo "${var/HARBOR_REGISTRYCTL_CFG_/}=${!var}" - done -} - -######################## -# Check if harbor-registryctl is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_registryctl_running() { - # harbor-registryctl does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "$(command -v harbor_registryctl)" > "$HARBOR_REGISTRYCTL_PID_FILE" - - pid="$(get_pid_from_file "$HARBOR_REGISTRYCTL_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if harbor-registryctl is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_registryctl_not_running() { - ! is_harbor_registryctl_running -} - -######################## -# Stop harbor-registryctl -# Arguments: -# None -# Returns: -# None -######################### -harbor_registryctl_stop() { - ! is_harbor_registryctl_running && return - stop_service_using_pid "$HARBOR_REGISTRYCTL_PID_FILE" - # The service may not respond properly to the default kill signal, so send a SIGKILL if it fails - local -r retries=5 - local -r sleep_time=1 - if ! retry_while "is_harbor_registryctl_not_running" "$retries" "$sleep_time"; then - stop_service_using_pid "$HARBOR_REGISTRYCTL_PID_FILE" SIGKILL - fi -} - -######################## -# Print harbor-adapter-trivy runtime environment -# Arguments: -# None -# Returns: -# Boolean -######################### -harbor_adapter_trivy_print_env() { - for var in "${!SCANNER_TRIVY_CFG_@}"; do - echo "${var/SCANNER_TRIVY_CFG_/}=${!var}" - done -} - -######################## -# Check if harbor-adapter-trivy is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_adapter_trivy_running() { - # harbor-adapter-trivy does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "$(command -v scanner-trivy)" > "$SCANNER_TRIVY_PID_FILE" - - pid="$(get_pid_from_file "$SCANNER_TRIVY_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if harbor-adapter-trivy is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_adapter_trivy_not_running() { - ! is_harbor_adapter_trivy_running -} - -######################## -# Stop harbor-adapter-trivy -# Arguments: -# None -# Returns: -# None -######################### -harbor_adapter_trivy_stop() { - ! is_harbor_adapter_trivy_running && return - stop_service_using_pid "$SCANNER_TRIVY_PID_FILE" -} - diff --git a/bitnami/harbor-jobservice/2/debian-11/tags-info.yaml b/bitnami/harbor-jobservice/2/debian-11/tags-info.yaml deleted file mode 100644 index fa154790da8f..000000000000 --- a/bitnami/harbor-jobservice/2/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "2" -- 2-debian-11 -- 2.10.0 -- latest diff --git a/bitnami/harbor-portal/2/debian-11/Dockerfile b/bitnami/harbor-portal/2/debian-11/Dockerfile deleted file mode 100644 index b2d3fc601e7b..000000000000 --- a/bitnami/harbor-portal/2/debian-11/Dockerfile +++ /dev/null @@ -1,64 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T04:28:03Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="2.10.0-debian-11-r23" \ - org.opencontainers.image.title="harbor-portal" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="2.10.0" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libcrypt1 libgeoip1 libpcre3 libssl1.1 openssl procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "render-template-1.0.6-9-linux-${OS_ARCH}-debian-11" \ - "nginx-1.25.4-0-linux-${OS_ARCH}-debian-11" \ - "harbor-2.10.0-3-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN ln -sf /dev/stdout /opt/bitnami/nginx/logs/access.log -RUN ln -sf /dev/stderr /opt/bitnami/nginx/logs/error.log - -COPY rootfs / -RUN /opt/bitnami/scripts/nginx/postunpack.sh -RUN /opt/bitnami/scripts/harbor-portal/postunpack.sh -ENV APP_VERSION="2.10.0" \ - BITNAMI_APP_NAME="harbor-portal" \ - NGINX_HTTPS_PORT_NUMBER="" \ - NGINX_HTTP_PORT_NUMBER="" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/nginx/sbin:$PATH" - -EXPOSE 8080 8443 - -WORKDIR /opt/bitnami/harbor -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/harbor-portal/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/nginx/run.sh" ] diff --git a/bitnami/harbor-portal/2/debian-11/config/core/app.conf b/bitnami/harbor-portal/2/debian-11/config/core/app.conf deleted file mode 100644 index 6110364ca044..000000000000 --- a/bitnami/harbor-portal/2/debian-11/config/core/app.conf +++ /dev/null @@ -1,6 +0,0 @@ -appname = Harbor -runmode = dev -enablegzip = true - -[dev] -httpport = 8080 diff --git a/bitnami/harbor-portal/2/debian-11/config/core/private_key.pem b/bitnami/harbor-portal/2/debian-11/config/core/private_key.pem deleted file mode 100644 index d2dc85dd1c0c..000000000000 --- a/bitnami/harbor-portal/2/debian-11/config/core/private_key.pem +++ /dev/null @@ -1,51 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIJKAIBAAKCAgEAtpMvyv153iSmwm6TrFpUOzsIGBEDbGtOOEZMEm08D8IC2n1G -d6/XOZ5FxPAD6gIpE0EAcMojY5O0Hl4CDoyV3e/iKcBqFOgYtpogNtan7yT5J8gw -KsPbU/8nBkK75GOq56nfvq4t9GVAclIDtHbuvmlh6O2n+fxtR0M9LbuotbSBdXYU -hzXqiSsMclBvLyIk/z327VP5l0nUNOzPuKIwQjuxYKDkvq1oGy98oVlE6wl0ldh2 -ZYZLGAYbVhqBVUT1Un/PYqi9Nofa2RI5n1WOkUJQp87vb+PUPFhVOdvH/oAzV6/b -9dzyhA5paDM06lj2gsg9hQWxCgbFh1x39c6pSI8hmVe6x2d4tAtSyOm3Qwz+zO2l -bPDvkY8Svh5nxUYObrNreoO8wHr8MC6TGUQLnUt/RfdVKe5fYPFl6VYqJP/L3LDn -Xj771nFq6PKiYbhBwJw3TM49gpKNS/Of70TP2m7nVlyuyMdE5T1j3xyXNkixXqqn -JuSMqX/3Bmm0On9KEbemwn7KRYF/bqc50+RcGUdKNcOkN6vuMVZei4GbxALnVqac -s+/UQAiQP4212UO7iZFwMaCNJ3r/b4GOlyalI1yEA4odoZov7k5zVOzHu8O6QmCj -3R5TVOudpGiUh+lumRRpNqxDgjngLljvaWU6ttyIbjnAwCjnJoppZM2lkRkCAwEA -AQKCAgAvsvCPlf2a3fR7Y6xNISRUfS22K+u7DaXX6fXB8qv4afWY45Xfex89vG35 -78L2Bi55C0h0LztjrpkmPeVHq88TtrJduhl88M5UFpxH93jUb9JwZErBQX4xyb2G -UzUHjEqAT89W3+a9rR5TP74cDd59/MZJtp1mIF7keVqochi3sDsKVxkx4hIuWALe -csk5hTApRyUWCBRzRCSe1yfF0wnMpA/JcP+SGXfTcmqbNNlelo/Q/kaga59+3UmT -C0Wy41s8fIvP+MnGT2QLxkkrqYyfwrWTweqoTtuKEIHjpdnwUcoYJKfQ6jKp8aH0 -STyP5UIyFOKNuFjyh6ZfoPbuT1nGW+YKlUnK4hQ9N/GE0oMoecTaHTbqM+psQvbj -6+CG/1ukA5ZTQyogNyuOApArFBQ+RRmVudPKA3JYygIhwctuB2oItsVEOEZMELCn -g2aVFAVXGfGRDXvpa8oxs3Pc6RJEp/3tON6+w7cMCx0lwN/Jk2Ie6RgTzUycT3k6 -MoTQJRoO6/ZHcx3hTut/CfnrWiltyAUZOsefLuLg+Pwf9GHhOycLRI6gHfgSwdIV -S77UbbELWdscVr1EoPIasUm1uYWBBcFRTturRW+GHJ8TZX+mcWSBcWwBhp15LjEl -tJf+9U6lWMOSB2LvT+vFmR0M9q56fo7UeKFIR7mo7/GpiVu5AQKCAQEA6Qs7G9mw -N/JZOSeQO6xIQakC+sKApPyXO58fa7WQzri+l2UrLNp0DEQfZCujqDgwys6OOzR/ -xg8ZKQWVoad08Ind3ZwoJgnLn6QLENOcE6PpWxA/JjnVGP4JrXCYR98cP0sf9jEI -xkR1qT50GbeqU3RDFliI4kGRvbZ8cekzuWppfQcjstSBPdvuxqAcUVmTnTw83nvD -FmBbhlLiEgI3iKtJ97UB7480ivnWnOuusduk7FO4jF3hkrOa+YRidinTCi8JBo0Y -jx4Ci3Y5x6nvwkXhKzXapd7YmPNisUc5xA7/a+W71cyC0IKUwRc/8pYWLL3R3CpR -YiV8gf6gwzOckQKCAQEAyI9CSNoAQH4zpS8B9PF8zILqEEuun8m1f5JB3hQnfWzm -7uz/zg6I0TkcCE0AJVSKPHQm1V9+TRbF9+DiOWHEYYzPmK8h63SIufaWxZPqai4E -PUj6eQWykBUVJ96n6/AW0JHRZ+WrJ5RXBqCLuY7NP6wDhORrCJjBwaGMohNpbKPS -H3QewsoxCh+CEXKdKyy+/yU/f4E89PlHapkW1/bDJ5u7puSD+KvmiDDIXSBncdOO -uFT8n+XH5IwgjdXFSDim15rQ8jD2l2xLcwKboTpx5GeRl8oB1VGm0fUbBn1dvGPG -4WfHGyrp9VNZtP160WoHr+vRVPqvHNkoeAlCfEwQCQKCAQBN1dtzLN0HgqE8TrOE -ysEDdTCykj4nXNoiJr522hi4gsndhQPLolb6NdKKQW0S5Vmekyi8K4e1nhtYMS5N -5MFRCasZtmtOcR0af87WWucZRDjPmniNCunaxBZ1YFLsRl+H4E6Xir8UgY8O7PYY -FNkFsKIrl3x4nU/RHl8oKKyG9Dyxbq4Er6dPAuMYYiezIAkGjjUCVjHNindnQM2T -GDx2IEe/PSydV6ZD+LguhyU88FCAQmI0N7L8rZJIXmgIcWW0VAterceTHYHaFK2t -u1uB9pcDOKSDnA+Z3kiLT2/CxQOYhQ2clgbnH4YRi/Nm0awsW2X5dATklAKm5GXL -bLSRAoIBAQClaNnPQdTBXBR2IN3pSZ2XAkXPKMwdxvtk+phOc6raHA4eceLL7FrU -y9gd1HvRTfcwws8gXcDKDYU62gNaNhMELWEt2QsNqS/2x7Qzwbms1sTyUpUZaSSL -BohLOKyfv4ThgdIGcXoGi6Z2tcRnRqpq4BCK8uR/05TBgN5+8amaS0ZKYLfaCW4G -nlPk1fVgHWhtAChtnYZLuKg494fKmB7+NMfAbmmVlxjrq+gkPkxyqXvk9Vrg+V8y -VIuozu0Fkouv+GRpyw4ldtCHS1hV0eEK8ow2dwmqCMygDxm58X10mYn2b2PcOTl5 -9sNerUw1GNC8O66K+rGgBk4FKgXmg8kZAoIBABBcuisK250fXAfjAWXGqIMs2+Di -vqAdT041SNZEOJSGNFsLJbhd/3TtCLf29PN/YXtnvBmC37rqryTsqjSbx/YT2Jbr -Bk3jOr9JVbmcoSubXl8d/uzf7IGs91qaCgBwPZHgeH+kK13FCLexz+U9zYMZ78fF -/yO82CpoekT+rcl1jzYn43b6gIklHABQU1uCD6MMyMhJ9Op2WmbDk3X+py359jMc -+Cr2zfzdHAIVff2dOV3OL+ZHEWbwtnn3htKUdOmjoTJrciFx0xNZJS5Q7QYHMONj -yPqbajyhopiN01aBQpCSGF1F1uRpWeIjTrAZPbrwLl9YSYXz0AT05QeFEFk= ------END RSA PRIVATE KEY----- diff --git a/bitnami/harbor-portal/2/debian-11/config/jobservice/config.yml b/bitnami/harbor-portal/2/debian-11/config/jobservice/config.yml deleted file mode 100644 index a575ce71ffea..000000000000 --- a/bitnami/harbor-portal/2/debian-11/config/jobservice/config.yml +++ /dev/null @@ -1,41 +0,0 @@ ---- -#Protocol used to serve -protocol: "http" - -#Config certification if use 'https' protocol -#https_config: -# cert: "server.crt" -# key: "server.key" - -#Server listening port -port: 8080 - -#Worker pool -worker_pool: - #Worker concurrency - workers: 10 - backend: "redis" - #Additional config if use 'redis' backend - redis_pool: - #redis://[arbitrary_username:password@]ipaddress:port/database_index - redis_url: redis://redis:6379/2 - namespace: "harbor_job_service_namespace" -#Loggers for the running job -job_loggers: - - name: "STD_OUTPUT" # logger backend name, only support "FILE" and "STD_OUTPUT" - level: "INFO" # INFO/DEBUG/WARNING/ERROR/FATAL - - name: "FILE" - level: "INFO" - settings: # Customized settings of logger - base_dir: "/var/log/jobs" - sweeper: - duration: 1 #days - settings: # Customized settings of sweeper - work_dir: "/var/log/jobs" - -#Loggers for the job service -loggers: - - name: "STD_OUTPUT" # Same with above - level: "INFO" -#Admin server endpoint -admin_server: "http://adminserver:8080/" diff --git a/bitnami/harbor-portal/2/debian-11/config/proxy/nginx.conf b/bitnami/harbor-portal/2/debian-11/config/proxy/nginx.conf deleted file mode 100644 index 833c54cf4985..000000000000 --- a/bitnami/harbor-portal/2/debian-11/config/proxy/nginx.conf +++ /dev/null @@ -1,130 +0,0 @@ -worker_processes auto; -error_log "/opt/bitnami/nginx/logs/error.log"; -pid "/opt/bitnami/nginx/tmp/nginx.pid"; - -events { - worker_connections 1024; - use epoll; - multi_accept on; -} - -http { - tcp_nodelay on; - - # this is necessary for us to be able to disable request buffering in all cases - proxy_http_version 1.1; - - upstream core { - server core:8080; - } - - upstream portal { - server portal:8080; - } - - log_format timed_combined '$remote_addr - ' - '"$request" $status $body_bytes_sent ' - '"$http_referer" "$http_user_agent" ' - '$request_time $upstream_response_time $pipe'; - - client_body_temp_path "/opt/bitnami/nginx/tmp/client_body" 1 2; - proxy_temp_path "/opt/bitnami/nginx/tmp/proxy" 1 2; - fastcgi_temp_path "/opt/bitnami/nginx/tmp/fastcgi" 1 2; - scgi_temp_path "/opt/bitnami/nginx/tmp/scgi" 1 2; - uwsgi_temp_path "/opt/bitnami/nginx/tmp/uwsgi" 1 2; - - server { - listen 8080; - server_tokens off; - # disable any limits to avoid HTTP 413 for large image uploads - client_max_body_size 0; - - # costumized location config file can place to /opt/bitnami/nginx/conf with prefix harbor.http. and suffix .conf - include /opt/bitnami/conf/nginx/conf.d/harbor.http.*.conf; - - location / { - proxy_pass http://portal/; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - - # When setting up Harbor behind other proxy, such as an Nginx instance, remove the below line if the proxy already has similar settings. - proxy_set_header X-Forwarded-Proto $scheme; - - proxy_buffering off; - proxy_request_buffering off; - } - - location /c/ { - proxy_pass http://core/c/; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - - # When setting up Harbor behind other proxy, such as an Nginx instance, remove the below line if the proxy already has similar settings. - proxy_set_header X-Forwarded-Proto $scheme; - - proxy_buffering off; - proxy_request_buffering off; - } - - location /api/ { - proxy_pass http://core/api/; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - - # When setting up Harbor behind other proxy, such as an Nginx instance, remove the below line if the proxy already has similar settings. - proxy_set_header X-Forwarded-Proto $scheme; - - proxy_buffering off; - proxy_request_buffering off; - } - - location /chartrepo/ { - proxy_pass http://core/chartrepo/; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - - # When setting up Harbor behind other proxy, such as an Nginx instance, remove the below line if the proxy already has similar settings. - proxy_set_header X-Forwarded-Proto $scheme; - - proxy_buffering off; - proxy_request_buffering off; - } - - location /v1/ { - return 404; - } - - location /v2/ { - proxy_pass http://core/v2/; - proxy_set_header Host $http_host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - - # When setting up Harbor behind other proxy, such as an Nginx instance, remove the below line if the proxy already has similar settings. - proxy_set_header X-Forwarded-Proto $scheme; - proxy_buffering off; - proxy_request_buffering off; - } - - location /service/ { - proxy_pass http://core/service/; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - - # When setting up Harbor behind other proxy, such as an Nginx instance, remove the below line if the proxy already has similar settings. - proxy_set_header X-Forwarded-Proto $scheme; - - proxy_buffering off; - proxy_request_buffering off; - } - - location /service/notifications { - return 404; - } - } -} diff --git a/bitnami/harbor-portal/2/debian-11/config/registry/config.yml b/bitnami/harbor-portal/2/debian-11/config/registry/config.yml deleted file mode 100644 index e4e99a79e55c..000000000000 --- a/bitnami/harbor-portal/2/debian-11/config/registry/config.yml +++ /dev/null @@ -1,36 +0,0 @@ -version: 0.1 -log: - level: info - fields: - service: registry -storage: - cache: - layerinfo: redis - filesystem: - rootdirectory: /storage - maintenance: - uploadpurging: - enabled: false - delete: - enabled: true -redis: - addr: redis:6379 - password: - db: 1 -http: - addr: :5000 - secret: placeholder - debug: - addr: localhost:5001 -auth: - htpasswd: - realm: harbor-registry-basic-realm - path: /etc/registry/passwd -notifications: - endpoints: - - name: harbor - disabled: false - url: http://core:8080/service/notifications - timeout: 3000ms - threshold: 5 - backoff: 1s diff --git a/bitnami/harbor-portal/2/debian-11/config/registry/passwd b/bitnami/harbor-portal/2/debian-11/config/registry/passwd deleted file mode 100644 index bec5ef97dc00..000000000000 --- a/bitnami/harbor-portal/2/debian-11/config/registry/passwd +++ /dev/null @@ -1 +0,0 @@ -harbor_registry_user:$2y$10$9L4Tc0DJbFFMB6RdSCunrOpTHdwhid4ktBJmLD00bYgqkkGOvll3m \ No newline at end of file diff --git a/bitnami/harbor-portal/2/debian-11/config/registry/root.crt b/bitnami/harbor-portal/2/debian-11/config/registry/root.crt deleted file mode 100644 index c31b27de66d6..000000000000 --- a/bitnami/harbor-portal/2/debian-11/config/registry/root.crt +++ /dev/null @@ -1,35 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIGBzCCA++gAwIBAgIJAKB8CNqCxhr7MA0GCSqGSIb3DQEBCwUAMIGZMQswCQYD -VQQGEwJDTjEOMAwGA1UECAwFU3RhdGUxCzAJBgNVBAcMAkNOMRUwEwYDVQQKDAxv -cmdhbml6YXRpb24xHDAaBgNVBAsME29yZ2FuaXphdGlvbmFsIHVuaXQxFDASBgNV -BAMMC2V4YW1wbGUuY29tMSIwIAYJKoZIhvcNAQkBFhNleGFtcGxlQGV4YW1wbGUu -Y29tMB4XDTE2MDUxNjAyNDY1NVoXDTI2MDUxNDAyNDY1NVowgZkxCzAJBgNVBAYT -AkNOMQ4wDAYDVQQIDAVTdGF0ZTELMAkGA1UEBwwCQ04xFTATBgNVBAoMDG9yZ2Fu -aXphdGlvbjEcMBoGA1UECwwTb3JnYW5pemF0aW9uYWwgdW5pdDEUMBIGA1UEAwwL -ZXhhbXBsZS5jb20xIjAgBgkqhkiG9w0BCQEWE2V4YW1wbGVAZXhhbXBsZS5jb20w -ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC2ky/K/XneJKbCbpOsWlQ7 -OwgYEQNsa044RkwSbTwPwgLafUZ3r9c5nkXE8APqAikTQQBwyiNjk7QeXgIOjJXd -7+IpwGoU6Bi2miA21qfvJPknyDAqw9tT/ycGQrvkY6rnqd++ri30ZUByUgO0du6+ -aWHo7af5/G1HQz0tu6i1tIF1dhSHNeqJKwxyUG8vIiT/PfbtU/mXSdQ07M+4ojBC -O7FgoOS+rWgbL3yhWUTrCXSV2HZlhksYBhtWGoFVRPVSf89iqL02h9rZEjmfVY6R -QlCnzu9v49Q8WFU528f+gDNXr9v13PKEDmloMzTqWPaCyD2FBbEKBsWHXHf1zqlI -jyGZV7rHZ3i0C1LI6bdDDP7M7aVs8O+RjxK+HmfFRg5us2t6g7zAevwwLpMZRAud -S39F91Up7l9g8WXpViok/8vcsOdePvvWcWro8qJhuEHAnDdMzj2Cko1L85/vRM/a -budWXK7Ix0TlPWPfHJc2SLFeqqcm5Iypf/cGabQ6f0oRt6bCfspFgX9upznT5FwZ -R0o1w6Q3q+4xVl6LgZvEAudWppyz79RACJA/jbXZQ7uJkXAxoI0nev9vgY6XJqUj -XIQDih2hmi/uTnNU7Me7w7pCYKPdHlNU652kaJSH6W6ZFGk2rEOCOeAuWO9pZTq2 -3IhuOcDAKOcmimlkzaWRGQIDAQABo1AwTjAdBgNVHQ4EFgQUPJF++WMsv1OJvf7F -oCew37JTnfQwHwYDVR0jBBgwFoAUPJF++WMsv1OJvf7FoCew37JTnfQwDAYDVR0T -BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAb5LvqukMxWd5Zajbh3orfYsXmhWn -UWiwG176+bd3b5xMlG9iLd4vQ11lTZoIhFOfprRQzbizQ8BzR2JBQckpLcy+5hyA -D3M9vLL37OwA0wT6kxFnd6LtlFaH5gG++huw2ts2PDXFz0jqw+0YE/R8ov2+YdaZ -aPSEMunmAuEY1TbYWzz4u6PxycxhQzDQ34ZmJZ34Elvw1NYMfPMGTKp34PsxIcgT -ao5jqb9RMU6JAumfXrOvXRjjl573vX2hgMZzEU6OF2/+uyg95chn6nO1GUQrT2+F -/1xIqfHfFCm8+jujSDgqfBtGI+2C7No+Dq8LEyEINZe6wSQ81+ryt5jy5SZmAsnj -V4OsSIwlpR5fLUwrFStVoUWHEKl1DflkYki/cAC1TL0Om+ldJ219kcOnaXDNaq66 -3I75BvRY7/88MYLl4Fgt7sn05Mn3uNPrCrci8d0R1tlXIcwMdCowIHeZdWHX43f7 -NsVk/7VSOxJ343csgaQc+3WxEFK0tBxGO6GP+Xj0XmdVGLhalVBsEhPjnmx+Yyrn -oMsTA1Yrs88C8ItQn7zuO/30eKNGTnby0gptHiS6sa/c3O083Mpi8y33GPVZDvBl -l9PfSZT8LG7SvpjsdgdNZlyFvTY4vsB+Vd5Howh7gXYPVXdCs4k7HMyo7zvzliZS -ekCw9NGLoNqQqnA= ------END CERTIFICATE----- diff --git a/bitnami/harbor-portal/2/debian-11/config/registryctl/config.yml b/bitnami/harbor-portal/2/debian-11/config/registryctl/config.yml deleted file mode 100644 index 636f674b072a..000000000000 --- a/bitnami/harbor-portal/2/debian-11/config/registryctl/config.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- -protocol: "http" -port: 8080 -log_level: "INFO" -registry_config: "/etc/registry/config.yml" - -#https_config: -# cert: "server.crt" -# key: "server.key" diff --git a/bitnami/harbor-portal/2/debian-11/docker-compose.yml b/bitnami/harbor-portal/2/debian-11/docker-compose.yml deleted file mode 100644 index 917a4a76c30b..000000000000 --- a/bitnami/harbor-portal/2/debian-11/docker-compose.yml +++ /dev/null @@ -1,117 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' - -services: - registry: - image: docker.io/bitnami/harbor-registry:2 - environment: - - REGISTRY_HTTP_SECRET=CHANGEME - volumes: - - registry_data:/storage - - ./config/registry/:/etc/registry/:ro - registryctl: - image: docker.io/bitnami/harbor-registryctl:2 - environment: - - CORE_SECRET=CHANGEME - - JOBSERVICE_SECRET=CHANGEME - - REGISTRY_HTTP_SECRET=CHANGEME - volumes: - - registry_data:/storage - - ./config/registry/:/etc/registry/:ro - - ./config/registryctl/config.yml:/etc/registryctl/config.yml:ro - postgresql: - image: docker.io/bitnami/postgresql:13 - container_name: harbor-db - environment: - - POSTGRESQL_PASSWORD=bitnami - - POSTGRESQL_DATABASE=registry - volumes: - - postgresql_data:/bitnami/postgresql - core: - image: docker.io/bitnami/harbor-core:2 - container_name: harbor-core - depends_on: - - registry - environment: - - CORE_KEY=change-this-key - - _REDIS_URL_CORE=redis://redis:6379/0 - - SYNC_REGISTRY=false - - CHART_CACHE_DRIVER=redis - - _REDIS_URL_REG=redis://redis:6379/1 - - PORT=8080 - - LOG_LEVEL=info - - EXT_ENDPOINT=http://reg.mydomain.com - - DATABASE_TYPE=postgresql - - REGISTRY_CONTROLLER_URL=http://registryctl:8080 - - POSTGRESQL_HOST=postgresql - - POSTGRESQL_PORT=5432 - - POSTGRESQL_DATABASE=registry - - POSTGRESQL_USERNAME=postgres - - POSTGRESQL_PASSWORD=bitnami - - POSTGRESQL_SSLMODE=disable - - REGISTRY_URL=http://registry:5000 - - TOKEN_SERVICE_URL=http://core:8080/service/token - - HARBOR_ADMIN_PASSWORD=bitnami - - CORE_SECRET=CHANGEME - - JOBSERVICE_SECRET=CHANGEME - - ADMIRAL_URL= - - CORE_URL=http://core:8080 - - JOBSERVICE_URL=http://jobservice:8080 - - REGISTRY_STORAGE_PROVIDER_NAME=filesystem - - REGISTRY_CREDENTIAL_USERNAME=harbor_registry_user - - REGISTRY_CREDENTIAL_PASSWORD=harbor_registry_password - - READ_ONLY=false - - RELOAD_KEY= - volumes: - - core_data:/data - - ./config/core/app.conf:/etc/core/app.conf:ro - - ./config/core/private_key.pem:/etc/core/private_key.pem:ro - portal: - image: docker.io/bitnami/harbor-portal:2 - container_name: harbor-portal - depends_on: - - core - jobservice: - image: docker.io/bitnami/harbor-jobservice:2 - container_name: harbor-jobservice - depends_on: - - redis - - core - environment: - - CORE_SECRET=CHANGEME - - JOBSERVICE_SECRET=CHANGEME - - CORE_URL=http://core:8080 - - REGISTRY_CONTROLLER_URL=http://registryctl:8080 - - REGISTRY_CREDENTIAL_USERNAME=harbor_registry_user - - REGISTRY_CREDENTIAL_PASSWORD=harbor_registry_password - volumes: - - jobservice_data:/var/log/jobs - - ./config/jobservice/config.yml:/etc/jobservice/config.yml:ro - redis: - image: docker.io/bitnami/redis:7.0 - environment: - # ALLOW_EMPTY_PASSWORD is recommended only for development. - - ALLOW_EMPTY_PASSWORD=yes - harbor-nginx: - image: docker.io/bitnami/nginx:1.25 - container_name: nginx - volumes: - - ./config/proxy/nginx.conf:/opt/bitnami/nginx/conf/nginx.conf:ro - ports: - - '80:8080' - depends_on: - - postgresql - - registry - - core - - portal -volumes: - registry_data: - driver: local - core_data: - driver: local - jobservice_data: - driver: local - postgresql_data: - driver: local diff --git a/bitnami/harbor-portal/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/harbor-portal/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index b5203d1689c3..000000000000 --- a/bitnami/harbor-portal/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "harbor": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.10.0-3" - }, - "nginx": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.25.4-0" - }, - "render-template": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.6-9" - } -} \ No newline at end of file diff --git a/bitnami/harbor-portal/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/harbor-portal/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/harbor-portal/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/harbor-portal/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/harbor-portal/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/harbor-portal/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/harbor-portal/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/harbor-portal/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/harbor-portal/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/harbor-portal/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/harbor-portal/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/harbor-portal/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/harbor-portal/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/harbor-portal/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/harbor-portal/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/harbor-portal/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/harbor-portal/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/harbor-portal/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/harbor-portal/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/harbor-portal/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/harbor-portal/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/harbor-portal/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/harbor-portal/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/harbor-portal/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/harbor-portal/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/harbor-portal/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/harbor-portal/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/harbor-portal/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/harbor-portal/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/harbor-portal/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/harbor-portal/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/harbor-portal/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/harbor-portal/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/harbor-portal/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/harbor-portal/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/harbor-portal/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/harbor-portal/2/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/harbor-portal/2/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/harbor-portal/2/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/harbor-portal/2/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/harbor-portal/2/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/harbor-portal/2/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/nginx/conf/bitnami/protect-hidden-files.conf b/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/nginx/conf/bitnami/protect-hidden-files.conf deleted file mode 100644 index 2ddab8c9a1e0..000000000000 --- a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/nginx/conf/bitnami/protect-hidden-files.conf +++ /dev/null @@ -1,4 +0,0 @@ -# Deny all attempts to access hidden files such as .htaccess or .htpasswd -location ~ /\. { - deny all; -} diff --git a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/nginx/conf/nginx.conf b/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/nginx/conf/nginx.conf deleted file mode 100644 index 9833b1cfd043..000000000000 --- a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/nginx/conf/nginx.conf +++ /dev/null @@ -1,60 +0,0 @@ -# Based on https://www.nginx.com/resources/wiki/start/topics/examples/full/#nginx-conf -user www www; ## Default: nobody - -worker_processes auto; -error_log "/opt/bitnami/nginx/logs/error.log"; -pid "/opt/bitnami/nginx/tmp/nginx.pid"; - -events { - worker_connections 1024; -} - -http { - include mime.types; - default_type application/octet-stream; - log_format main '$remote_addr - $remote_user [$time_local] ' - '"$request" $status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; - access_log "/opt/bitnami/nginx/logs/access.log" main; - add_header X-Frame-Options SAMEORIGIN; - - client_body_temp_path "/opt/bitnami/nginx/tmp/client_body" 1 2; - proxy_temp_path "/opt/bitnami/nginx/tmp/proxy" 1 2; - fastcgi_temp_path "/opt/bitnami/nginx/tmp/fastcgi" 1 2; - scgi_temp_path "/opt/bitnami/nginx/tmp/scgi" 1 2; - uwsgi_temp_path "/opt/bitnami/nginx/tmp/uwsgi" 1 2; - - sendfile on; - tcp_nopush on; - tcp_nodelay off; - gzip on; - gzip_http_version 1.0; - gzip_comp_level 2; - gzip_proxied any; - gzip_types text/plain text/css application/javascript text/xml application/xml+rss; - keepalive_timeout 65; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305; - client_max_body_size 80M; - server_tokens off; - - absolute_redirect off; - port_in_redirect off; - - include "/opt/bitnami/nginx/conf/server_blocks/*.conf"; - - # HTTP Server - server { - # Port to listen on, can also be set in IP:PORT format - listen 80; - - include "/opt/bitnami/nginx/conf/bitnami/*.conf"; - - location /status { - stub_status on; - access_log off; - allow 127.0.0.1; - deny all; - } - } -} diff --git a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/harbor-portal-env.sh b/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/harbor-portal-env.sh deleted file mode 100644 index 728af7ad9888..000000000000 --- a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/harbor-portal-env.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for harbor-portal - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-harbor-portal}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# Paths -export HARBOR_PORTAL_BASE_DIR="${BITNAMI_ROOT_DIR}/harbor" -export HARBOR_PORTAL_NGINX_CONF_DIR="${HARBOR_PORTAL_BASE_DIR}/nginx-conf" -export HARBOR_PORTAL_NGINX_CONF_FILE="${HARBOR_PORTAL_NGINX_CONF_DIR}/nginx.conf" - -# System users -export HARBOR_PORTAL_DAEMON_USER="harbor" -export HARBOR_PORTAL_DAEMON_GROUP="harbor" - -# Custom environment variables may be defined below diff --git a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/harbor-portal/entrypoint.sh b/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/harbor-portal/entrypoint.sh deleted file mode 100755 index d059665d2b7d..000000000000 --- a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/harbor-portal/entrypoint.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/libnginx.sh - -# Load NGINX environment variables -. /opt/bitnami/scripts/nginx-env.sh - -print_welcome_page - -if [[ "$1" = "/opt/bitnami/scripts/nginx/run.sh" ]]; then - info "** Starting harbor-portal setup **" - /opt/bitnami/scripts/nginx/setup.sh - /opt/bitnami/scripts/harbor-portal/setup.sh - info "** harbor-portal setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/harbor-portal/postunpack.sh b/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/harbor-portal/postunpack.sh deleted file mode 100755 index efb885576340..000000000000 --- a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/harbor-portal/postunpack.sh +++ /dev/null @@ -1,49 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libnginx.sh -. /opt/bitnami/scripts/libharbor.sh - -# Load Nginx environment variables -. /opt/bitnami/scripts/nginx-env.sh - -# Load environment -. /opt/bitnami/scripts/harbor-portal-env.sh - -ensure_user_exists "$HARBOR_PORTAL_DAEMON_USER" --group "$HARBOR_PORTAL_DAEMON_GROUP" - -# Ensure NGINX temp folders exists -for dir in "${NGINX_BASE_DIR}/client_body_temp" "${NGINX_BASE_DIR}/proxy_temp" "${NGINX_BASE_DIR}/fastcgi_temp" "${NGINX_BASE_DIR}/scgi_temp" "${NGINX_BASE_DIR}/uwsgi_temp"; do - ensure_dir_exists "$dir" -done - -# Ensure permissions for Internal TLS -configure_permissions_system_certs "$HARBOR_PORTAL_DAEMON_USER" - -# Loading bitnami paths -replace_in_file "$HARBOR_PORTAL_NGINX_CONF_FILE" "/usr/share/nginx/html" "${HARBOR_PORTAL_BASE_DIR}" false -replace_in_file "$HARBOR_PORTAL_NGINX_CONF_FILE" "/etc/nginx/mime.types" "${NGINX_CONF_DIR}/mime.types" false - -cp -a "${HARBOR_PORTAL_NGINX_CONF_DIR}/." "$NGINX_CONF_DIR" -# Remove the folder, otherwise it will get exposed when accessing via browser -rm -rf "${HARBOR_PORTAL_NGINX_CONF_DIR}" - -# Ensure a set of directories exist and the non-root user has write privileges to them -read -r -a directories <<<"$(get_system_cert_paths)" -directories+=("$NGINX_CONF_DIR") -for dir in "${directories[@]}"; do - chmod -R g+rwX "$dir" - chown -R "$HARBOR_PORTAL_DAEMON_USER" "$dir" -done diff --git a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/harbor-portal/setup.sh b/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/harbor-portal/setup.sh deleted file mode 100755 index f148c23e6b54..000000000000 --- a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/harbor-portal/setup.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libharbor.sh - -# Load environment -. /opt/bitnami/scripts/harbor-portal-env.sh - -install_custom_certs diff --git a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/libharbor.sh b/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/libharbor.sh deleted file mode 100644 index d6134ff84dd5..000000000000 --- a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/libharbor.sh +++ /dev/null @@ -1,492 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Harbor library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libservice.sh - -######################## -# Get the paths relevant to CA certs depending -# on the OS -# Globals: -# None -# Arguments: -# None -# Returns: -# A series of paths relevant to CA certs -# depending on the OS. -######################### -get_system_cert_paths() { - local distro - distro="$(get_os_metadata --id)" - if [[ "$distro" =~ ^(debian|ubuntu)$ ]]; then - echo "/etc/ssl/certs/" - elif [[ "$distro" =~ ^photon$ ]]; then - echo "/etc/pki/tls/certs/" - else - # Check the existence of generic paths when OS_FLAVOR does - # not match - if [[ -d /etc/ssl/certs/ ]] ; then - echo "/etc/ssl/certs/" - elif [[ -d /etc/pki/tls/certs/ ]]; then - echo "/etc/pki/tls/certs/" - else - error "Could not determine relevant CA paths for this OS Flavour" - fi - fi -} - -######################## -# Ensure CA bundles allows users in root group install new certificate -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -configure_permissions_system_certs() { - local -r owner="${1:-}" - # Debian - set_permissions_ownership "/etc/pki/tls/certs/ca-bundle.crt" "$owner" - # Photon - set_permissions_ownership "/etc/pki/tls/certs/ca-bundle.trust.crt" "$owner" - set_permissions_ownership "/etc/ssl/certs/ca-certificates.crt" "$owner" -} - -######################## -# Grant group write permissions to the file provided and change ownership if a the owner argument is set. -# If the path is not a file, then do nothing. -# Globals: -# None -# Arguments: -# $1 - path -# $2 - owner -# Returns: -# None -######################### -set_permissions_ownership() { - local -r path="${1:?path is missing}" - local -r owner="${2:-}" - - if [[ -f "$path" ]]; then - chmod g+w "$path" - if [[ -n "$owner" ]]; then - chown "$owner" "$path" - fi - fi -} - -######################## -# Place a given certificate in the correct location for installation -# depending on the OS -# Globals: -# None -# Arguments: -# $1 - certificate to be installed -# Returns: -# None -######################### -install_cert() { - local -r cert="${1:?missing certificate}" - local distro - distro="$(get_os_metadata --id)" - - if [[ "$distro" =~ ^(debian|ubuntu)$ ]]; then - cat "$cert" >> /etc/ssl/certs/ca-certificates.crt - elif [[ "$distro" =~ ^photon$ ]]; then - cat "$cert" >> /etc/pki/tls/certs/ca-bundle.crt - else - # Check the existence of generic ca-bundles when OS_FLAVOR does - # not match - if [[ -f /etc/ssl/certs/ca-certificates.crt ]] ; then - cat "$cert" >> /etc/ssl/certs/ca-certificates.crt - elif [[ -f /etc/pki/tls/certs/ca-bundle.crt ]]; then - cat "$cert" >> /etc/pki/tls/certs/ca-bundle.crt - else - error "Could not install CA certificate ${cert} CA in this OS Flavour" - fi - fi -} - -######################## -# Install CA certificates found under the specific paths -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -install_custom_certs() { - local installed=false - - # Install any internalTLS CA authority certificate, found under - # /etc/harbor/ssl/{component}/ca.crt - if [[ -d /etc/harbor/ssl ]]; then - info "Appending internalTLS trust CA cert..." - while IFS= read -r -d '' caCert; do - install_cert "$caCert" - installed=true - debug "Internal tls trust CA $caCert copied" - done < <(find /etc/harbor/ssl -maxdepth 2 -name ca.crt -print0) - info "interalTLS CA certs appending done!" - fi - - # Install any other custom certificate provided by the end user under the path - # /harbor_cust_cert - if [[ -d /harbor_cust_cert ]]; then - info "Appending custom trust CA certs ..." - for certFile in /harbor_cust_cert/*; do - case ${certFile} in - *.crt | *.ca | *.ca-bundle | *.pem) - if [[ -d "$certFile" ]]; then - debug "$certFile is a directory, skipping it" - else - install_cert "$certFile" - installed=true - debug "Custom CA cert $certFile copied" - fi - ;; - *) debug "$certFile is not a CA cert file, skipping it" ;; - esac - done - fi - - if [[ "$installed" = true ]]; then - info "Custom certificates were installed in the system!" - else - info "No custom certificates were installed in the system" - fi -} - -######################## -# Generate an .env file contents given an input string containing all envvars -# Arguments: -# None -# Returns: -# String -######################### -harbor_generate_env_file_contents() { - local -r envvars_string="${1:-}" - [[ -z "$envvars_string" ]] && return - # For systemd, we will load it via EnvironmentFile=, so the shebang is not needed - [[ "$BITNAMI_SERVICE_MANAGER" != "systemd" ]] && echo "#!/bin/bash" - while IFS= read -r ENV_VAR_LINE; do - if [[ ! "$ENV_VAR_LINE" =~ ^[A-Z_] ]]; then - continue - fi - ENV_VAR_NAME="${ENV_VAR_LINE/=*}" - ENV_VAR_VALUE="${ENV_VAR_LINE#*=}" - # For systemd, we will load it via EnvironmentFile=, which does not allow 'export' - [[ "$BITNAMI_SERVICE_MANAGER" != "systemd" ]] && echo -n 'export ' - # Use single quotes to avoid shell expansion, and escape to be parsed properly (even if it contains quotes) - # Escape the value, so it can be parsed as a variable even with quotes set - echo "${ENV_VAR_NAME}='${ENV_VAR_VALUE//\'/\'\\\'\'}'" - done <<< "$envvars_string" -} - -######################## -# Print harbor-core runtime environment -# Arguments: -# None -# Returns: -# Boolean -######################### -harbor_core_print_env() { - # The CSRF key can only be up to 32 characters long - HARBOR_CORE_CFG_CSRF_KEY="${HARBOR_CORE_CFG_CSRF_KEY:0:32}" - for var in "${!HARBOR_CORE_CFG_@}"; do - echo "${var/HARBOR_CORE_CFG_/}=${!var}" - done -} - -######################## -# Check if harbor-core is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_core_running() { - # harbor-core does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "$(command -v harbor_core)" > "$HARBOR_CORE_PID_FILE" - - pid="$(get_pid_from_file "$HARBOR_CORE_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if harbor-core is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_core_not_running() { - ! is_harbor_core_running -} - -######################## -# Stop harbor-core -# Arguments: -# None -# Returns: -# None -######################### -harbor_core_stop() { - ! is_harbor_core_running && return - stop_service_using_pid "$HARBOR_CORE_PID_FILE" -} - -######################## -# Print harbor-jobservice runtime environment -# Arguments: -# None -# Returns: -# Boolean -######################### -harbor_jobservice_print_env() { - for var in "${!HARBOR_JOBSERVICE_CFG_@}"; do - echo "${var/HARBOR_JOBSERVICE_CFG_/}=${!var}" - done -} - -######################## -# Check if harbor-jobservice is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_jobservice_running() { - # harbor-jobservice does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "$(command -v harbor_jobservice)" > "$HARBOR_JOBSERVICE_PID_FILE" - - pid="$(get_pid_from_file "$HARBOR_JOBSERVICE_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if harbor-jobservice is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_jobservice_not_running() { - ! is_harbor_jobservice_running -} - -######################## -# Stop harbor-jobservice -# Arguments: -# None -# Returns: -# None -######################### -harbor_jobservice_stop() { - ! is_harbor_jobservice_running && return - stop_service_using_pid "$HARBOR_JOBSERVICE_PID_FILE" -} - -######################## -# Print harbor-registry runtime environment -# Arguments: -# None -# Returns: -# Boolean -######################### -harbor_registry_print_env() { - if [[ -n "$HARBOR_REGISTRY_USER" && -n "$HARBOR_REGISTRY_PASSWORD" ]]; then - HARBOR_REGISTRY_CFG_REGISTRY_HTPASSWD="$(htpasswd -nbBC10 "$HARBOR_REGISTRY_USER" "$HARBOR_REGISTRY_PASSWORD")" - # Update passwd file - echo "$HARBOR_REGISTRY_CFG_REGISTRY_HTPASSWD" >/etc/registry/passwd - fi - for var in "${!HARBOR_REGISTRY_CFG_@}"; do - echo "${var/HARBOR_REGISTRY_CFG_/}=${!var}" - done -} - -######################## -# Check if harbor-registry is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_registry_running() { - # harbor-registry does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "$(command -v registry)" > "$HARBOR_REGISTRY_PID_FILE" - - pid="$(get_pid_from_file "$HARBOR_REGISTRY_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if harbor-registry is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_registry_not_running() { - ! is_harbor_registry_running -} - -######################## -# Stop harbor-registry -# Arguments: -# None -# Returns: -# None -######################### -harbor_registry_stop() { - ! is_harbor_registry_running && return - stop_service_using_pid "$HARBOR_REGISTRY_PID_FILE" -} - -######################## -# Print harbor-registryctl runtime environment -# Arguments: -# None -# Returns: -# Boolean -######################### -harbor_registryctl_print_env() { - if [[ -n "$HARBOR_REGISTRYCTL_USER" && -n "$HARBOR_REGISTRYCTL_PASSWORD" ]]; then - HARBOR_REGISTRYCTL_CFG_REGISTRY_HTPASSWD="$(htpasswd -nbBC10 "$HARBOR_REGISTRYCTL_USER" "$HARBOR_REGISTRYCTL_PASSWORD")" - # Update passwd file - echo "$HARBOR_REGISTRYCTL_CFG_REGISTRY_HTPASSWD" >/etc/registry/passwd - fi - for var in "${!HARBOR_REGISTRYCTL_CFG_@}"; do - echo "${var/HARBOR_REGISTRYCTL_CFG_/}=${!var}" - done -} - -######################## -# Check if harbor-registryctl is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_registryctl_running() { - # harbor-registryctl does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "$(command -v harbor_registryctl)" > "$HARBOR_REGISTRYCTL_PID_FILE" - - pid="$(get_pid_from_file "$HARBOR_REGISTRYCTL_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if harbor-registryctl is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_registryctl_not_running() { - ! is_harbor_registryctl_running -} - -######################## -# Stop harbor-registryctl -# Arguments: -# None -# Returns: -# None -######################### -harbor_registryctl_stop() { - ! is_harbor_registryctl_running && return - stop_service_using_pid "$HARBOR_REGISTRYCTL_PID_FILE" - # The service may not respond properly to the default kill signal, so send a SIGKILL if it fails - local -r retries=5 - local -r sleep_time=1 - if ! retry_while "is_harbor_registryctl_not_running" "$retries" "$sleep_time"; then - stop_service_using_pid "$HARBOR_REGISTRYCTL_PID_FILE" SIGKILL - fi -} - -######################## -# Print harbor-adapter-trivy runtime environment -# Arguments: -# None -# Returns: -# Boolean -######################### -harbor_adapter_trivy_print_env() { - for var in "${!SCANNER_TRIVY_CFG_@}"; do - echo "${var/SCANNER_TRIVY_CFG_/}=${!var}" - done -} - -######################## -# Check if harbor-adapter-trivy is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_adapter_trivy_running() { - # harbor-adapter-trivy does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "$(command -v scanner-trivy)" > "$SCANNER_TRIVY_PID_FILE" - - pid="$(get_pid_from_file "$SCANNER_TRIVY_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if harbor-adapter-trivy is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_adapter_trivy_not_running() { - ! is_harbor_adapter_trivy_running -} - -######################## -# Stop harbor-adapter-trivy -# Arguments: -# None -# Returns: -# None -######################### -harbor_adapter_trivy_stop() { - ! is_harbor_adapter_trivy_running && return - stop_service_using_pid "$SCANNER_TRIVY_PID_FILE" -} - diff --git a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/libnginx.sh b/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/libnginx.sh deleted file mode 100644 index 40f204ea4f7c..000000000000 --- a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/libnginx.sh +++ /dev/null @@ -1,669 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami NGINX library - -# shellcheck disable=SC1090,SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if NGINX is running -# Globals: -# NGINX_TMP_DIR -# Arguments: -# None -# Returns: -# Boolean -######################### -is_nginx_running() { - local pid - pid="$(get_pid_from_file "$NGINX_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if NGINX is not running -# Globals: -# NGINX_TMP_DIR -# Arguments: -# None -# Returns: -# Boolean -######################### -is_nginx_not_running() { - ! is_nginx_running -} - -######################## -# Stop NGINX -# Globals: -# NGINX_TMP_DIR -# Arguments: -# None -# Returns: -# None -######################### -nginx_stop() { - ! is_nginx_running && return - debug "Stopping NGINX" - stop_service_using_pid "$NGINX_PID_FILE" -} - -######################## -# Configure NGINX server block port -# Globals: -# NGINX_CONF_DIR -# Arguments: -# $1 - Port number -# $2 - (optional) Path to server block file -# Returns: -# None -######################### -nginx_configure_port() { - local port=${1:?missing port} - local file=${2:-"$NGINX_CONF_FILE"} - if is_file_writable "$file"; then - local nginx_configuration - debug "Setting port number to ${port} in '${file}'" - # TODO: find an appropriate NGINX parser to avoid 'sed calls' - nginx_configuration="$(sed -E "s/(listen\s+)[0-9]{1,5}(.*);/\1${port}\2;/g" "$file")" - echo "$nginx_configuration" >"$file" - fi -} - -######################## -# Configure NGINX directives -# Globals: -# NGINX_CONF_DIR -# Arguments: -# $1 - Directive to modify -# $2 - Value -# $3 - (optional) Path to server block file -# Returns: -# None -######################### -nginx_configure() { - local directive=${1:?missing directive} - local value=${2:?missing value} - local file=${3:-"$NGINX_CONF_FILE"} - if is_file_writable "$file"; then - local nginx_configuration - debug "Setting directive '${directive}' to '${value}' in '${file}'" - nginx_configuration="$(sed -E "s/(\s*${directive}\s+)(.+);/\1${value};/g" "$file")" - echo "$nginx_configuration" >"$file" - fi -} - -######################## -# Validate settings in NGINX_* env vars -# Globals: -# NGINX_* -# Arguments: -# None -# Returns: -# None -######################### -nginx_validate() { - info "Validating settings in NGINX_* env vars" - local error_code=0 - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - check_yes_no_value() { - if ! is_yes_no_value "${!1}" && ! is_true_false_value "${!1}"; then - print_validation_error "The allowed values for ${1} are: yes no" - fi - } - check_valid_port() { - local port_var="${1:?missing port variable}" - local validate_port_args=() - local err - ! am_i_root && validate_port_args+=("-unprivileged") - if ! err="$(validate_port "${validate_port_args[@]}" "${!port_var}")"; then - print_validation_error "An invalid port was specified in the environment variable ${port_var}: ${err}." - fi - } - - ! is_empty_value "$NGINX_ENABLE_ABSOLUTE_REDIRECT" && check_yes_no_value "NGINX_ENABLE_ABSOLUTE_REDIRECT" - ! is_empty_value "$NGINX_ENABLE_PORT_IN_REDIRECT" && check_yes_no_value "NGINX_ENABLE_PORT_IN_REDIRECT" - - ! is_empty_value "$NGINX_HTTP_PORT_NUMBER" && check_valid_port "NGINX_HTTP_PORT_NUMBER" - ! is_empty_value "$NGINX_HTTPS_PORT_NUMBER" && check_valid_port "NGINX_HTTPS_PORT_NUMBER" - - if ! is_file_writable "$NGINX_CONF_FILE"; then - warn "The NGINX configuration file '${NGINX_CONF_FILE}' is not writable by current user. Configurations based on environment variables will not be applied." - fi - return "$error_code" -} - -######################## -# Initialize NGINX -# Globals: -# NGINX_* -# Arguments: -# None -# Returns: -# None -######################### -nginx_initialize() { - info "Initializing NGINX" - - # This fixes an issue where the trap would kill the entrypoint.sh, if a PID was left over from a previous run - # Exec replaces the process without creating a new one, and when the container is restarted it may have the same PID - rm -f "${NGINX_TMP_DIR}/nginx.pid" - - # Persisted configuration files from old versions - if [[ -f "$NGINX_VOLUME_DIR/conf/nginx.conf" ]]; then - error "A 'nginx.conf' file was found inside '${NGINX_VOLUME_DIR}/conf'. This configuration is not supported anymore. Please mount the configuration file at '${NGINX_CONF_FILE}' instead." - exit 1 - fi - if ! is_dir_empty "$NGINX_VOLUME_DIR/conf/vhosts"; then - error "Custom server blocks files were found inside '$NGINX_VOLUME_DIR/conf/vhosts'. This configuration is not supported anymore. Please mount your custom server blocks config files at '${NGINX_SERVER_BLOCKS_DIR}' instead." - exit 1 - fi - - debug "Updating NGINX configuration based on environment variables" - local nginx_user_configuration - if am_i_root; then - debug "Ensuring NGINX daemon user/group exists" - ensure_user_exists "$NGINX_DAEMON_USER" --group "$NGINX_DAEMON_GROUP" - if [[ -n "${NGINX_DAEMON_USER:-}" ]]; then - chown -R "${NGINX_DAEMON_USER:-}" "$NGINX_TMP_DIR" - fi - nginx_configure "user" "${NGINX_DAEMON_USER:-} ${NGINX_DAEMON_GROUP:-}" - else - # The "user" directive makes sense only if the master process runs with super-user privileges - # TODO: find an appropriate NGINX parser to avoid 'sed calls' - nginx_user_configuration="$(sed -E "s/(^user)/# \1/g" "$NGINX_CONF_FILE")" - is_file_writable "$NGINX_CONF_FILE" && echo "$nginx_user_configuration" >"$NGINX_CONF_FILE" - fi - # Configure HTTP port number - if [[ -n "${NGINX_HTTP_PORT_NUMBER:-}" ]]; then - nginx_configure_port "$NGINX_HTTP_PORT_NUMBER" - fi - # Configure HTTPS port number - if [[ -n "${NGINX_HTTPS_PORT_NUMBER:-}" ]] && [[ -f "${NGINX_SERVER_BLOCKS_DIR}/default-https-server-block.conf" ]]; then - nginx_configure_port "$NGINX_HTTPS_PORT_NUMBER" "${NGINX_SERVER_BLOCKS_DIR}/default-https-server-block.conf" - fi - nginx_configure "absolute_redirect" "$(is_boolean_yes "$NGINX_ENABLE_ABSOLUTE_REDIRECT" && echo "on" || echo "off" )" - nginx_configure "port_in_redirect" "$(is_boolean_yes "$NGINX_ENABLE_PORT_IN_REDIRECT" && echo "on" || echo "off" )" -} - -######################## -# Ensure an NGINX application configuration exists (in server block format) -# Globals: -# NGINX_* -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on what configuration template will be used, allowed values: php, (empty) -# --hosts - Host listen addresses -# --server-name - Server name (if not specified, a catch-all server block will be created) -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render the app's server blocks with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server block with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server block with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --additional-configuration - Additional server block configuration (no default) -# --external-configuration - Configuration external to server block (no default) -# --document-root - Path to document root directory -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_nginx_app_configuration_exists() { - export app="${1:?missing app}" - # Default options - local type="" - local -a hosts=() - local server_name - local -a server_aliases=() - local allow_remote_connections="yes" - local disable="no" - local disable_http="no" - local disable_https="no" - # Template variables defaults - export additional_configuration="" - export external_configuration="" - export document_root="${BITNAMI_ROOT_DIR}/${app}" - export http_port="${NGINX_HTTP_PORT_NUMBER:-"$NGINX_DEFAULT_HTTP_PORT_NUMBER"}" - export https_port="${NGINX_HTTPS_PORT_NUMBER:-"$NGINX_DEFAULT_HTTPS_PORT_NUMBER"}" - # Validate arguments - local var_name - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --hosts | \ - --server-aliases) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - read -r -a "${var_name?}" <<<"$1" - ;; - --disable | \ - --disable-http | \ - --disable-https) - - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - export "${var_name?}=yes" - ;; - --type | \ - --server-name | \ - --allow-remote-connections | \ - --http-port | \ - --https-port | \ - --additional-configuration | \ - --external-configuration | \ - --document-root | \ - --extra-directory-configuration) - - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - export "${var_name?}"="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Construct host string in the format of "listen host1:port1", "listen host2:port2", ... - export http_listen_configuration="" - export https_listen_configuration="" - if [[ "${#hosts[@]}" -gt 0 ]]; then - for host in "${hosts[@]}"; do - http_listen=$'\n'"listen ${host}:${http_port};" - https_listen=$'\n'"listen ${host}:${https_port} ssl;" - [[ -z "${http_listen_configuration:-}" ]] && http_listen_configuration="$http_listen" || http_listen_configuration="${http_listen_configuration}${http_listen}" - [[ -z "${https_listen_configuration:-}" ]] && https_listen_configuration="$https_listen" || https_listen_configuration="${https_listen_configuration}${https_listen}" - done - else - http_listen_configuration=$'\n'"listen ${http_port} default_server;" - https_listen_configuration=$'\n'"listen ${https_port} ssl default_server;" - fi - # Construct server_name block - export server_name_configuration="" - if ! is_empty_value "${server_name:-}"; then - server_name_configuration="server_name ${server_name}" - if [[ "${#server_aliases[@]}" -gt 0 ]]; then - server_name_configuration+=" ${server_aliases[*]}" - fi - server_name_configuration+=";" - else - server_name_configuration=" -# Catch-all server block -# See: https://nginx.org/en/docs/http/server_names.html#miscellaneous_names -server_name _;" - fi - # ACL configuration - export acl_configuration="" - if ! is_boolean_yes "$allow_remote_connections"; then - acl_configuration=" -default_type text/html; -if (\$remote_addr != 127.0.0.1) { - return 403 'For security reasons, this URL is only accessible using localhost (127.0.0.1) as the hostname.'; -} -# Avoid absolute redirects when connecting through a SSH tunnel -absolute_redirect off;" - fi - # Indent configurations - server_name_configuration="$(indent $'\n'"$server_name_configuration" 4)" - acl_configuration="$(indent "$acl_configuration" 4)" - additional_configuration=$'\n'"$(indent "$additional_configuration" 4)" - external_configuration=$'\n'"$external_configuration" - http_listen_configuration="$(indent "$http_listen_configuration" 4)" - https_listen_configuration="$(indent "$https_listen_configuration" 4)" - # Render templates - # We remove lines that are empty or contain only newspaces with 'sed', so the resulting file looks better - local template_name="app" - [[ -n "$type" && "$type" != "php" ]] && template_name="app-${type}" - local template_dir="${BITNAMI_ROOT_DIR}/scripts/nginx/bitnami-templates" - local http_server_block="${NGINX_SERVER_BLOCKS_DIR}/${app}-server-block.conf" - local https_server_block="${NGINX_SERVER_BLOCKS_DIR}/${app}-https-server-block.conf" - local -r disable_suffix=".disabled" - (is_boolean_yes "$disable" || is_boolean_yes "$disable_http") && http_server_block+="$disable_suffix" - (is_boolean_yes "$disable" || is_boolean_yes "$disable_https") && https_server_block+="$disable_suffix" - if is_file_writable "$http_server_block"; then - # Create file with root group write privileges, so it can be modified in non-root containers - [[ ! -f "$http_server_block" ]] && touch "$http_server_block" && chmod g+rw "$http_server_block" - render-template "${template_dir}/${template_name}-http-server-block.conf.tpl" | sed '/^\s*$/d' >"$http_server_block" - elif [[ ! -f "$http_server_block" ]]; then - error "Could not create server block for ${app} at '${http_server_block}'. Check permissions and ownership for parent directories." - return 1 - else - warn "The ${app} server block file '${http_server_block}' is not writable. Configurations based on environment variables will not be applied for this file." - fi - if is_file_writable "$https_server_block"; then - # Create file with root group write privileges, so it can be modified in non-root containers - [[ ! -f "$https_server_block" ]] && touch "$https_server_block" && chmod g+rw "$https_server_block" - render-template "${template_dir}/${template_name}-https-server-block.conf.tpl" | sed '/^\s*$/d' >"$https_server_block" - elif [[ ! -f "$https_server_block" ]]; then - error "Could not create server block for ${app} at '${https_server_block}'. Check permissions and ownership for parent directories." - return 1 - else - warn "The ${app} server block file '${https_server_block}' is not writable. Configurations based on environment variables will not be applied for this file." - fi -} - -######################## -# Ensure an NGINX application configuration does not exist anymore (in server block format) -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_nginx_app_configuration_not_exists() { - local app="${1:?missing app}" - local http_server_block="${NGINX_SERVER_BLOCKS_DIR}/${app}-server-block.conf" - local https_server_block="${NGINX_SERVER_BLOCKS_DIR}/${app}-https-server-block.conf" - local -r disable_suffix=".disabled" - # Note that 'rm -f' will not fail if the files don't exist - # However if we lack permissions to remove the file, it will result in a non-zero exit code, as expected by this function - rm -f "$http_server_block" "$https_server_block" "${http_server_block}${disable_suffix}" "${https_server_block}${disable_suffix}" -} - -######################## -# Ensure NGINX loads the configuration for an application in a URL prefix -# Globals: -# NGINX_* -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on what configuration template will be used, allowed values: php, (empty) -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --additional-configuration - Additional server block configuration (no default) -# --document-root - Path to document root directory -# --extra-directory-configuration - Extra configuration for the document root directory -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_nginx_prefix_configuration_exists() { - local app="${1:?missing app}" - # Default options - local type="" - local allow_remote_connections="yes" - local prefix="/${app}" - # Template variables defaults - export additional_configuration="" - export document_root="${BITNAMI_ROOT_DIR}/${app}" - export extra_directory_configuration="" - # Validate arguments - local var_name - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --type | \ - --allow-remote-connections | \ - --additional-configuration | \ - --document-root | \ - --extra-directory-configuration | \ - --prefix) - - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "${var_name?}"="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # ACL configuration - export acl_configuration="" - if ! is_boolean_yes "$allow_remote_connections"; then - acl_configuration=" -default_type text/html; -if (\$remote_addr != 127.0.0.1) { - return 403 'For security reasons, this URL is only accessible using localhost (127.0.0.1) as the hostname.'; -} -# Avoid absolute redirects when connecting through a SSH tunnel -absolute_redirect off;" - fi - # Prefix configuration - export location="$prefix" - # Indent configurations - acl_configuration="$(indent "$acl_configuration" 4)" - additional_configuration=$'\n'"$(indent "$additional_configuration" 4)" - # Render templates - # We remove lines that are empty or contain only newspaces with 'sed', so the resulting file looks better - local template_name="app" - [[ -n "$type" ]] && template_name="app-${type}" - local template_dir="${BITNAMI_ROOT_DIR}/scripts/nginx/bitnami-templates" - local prefix_file="${NGINX_CONF_DIR}/bitnami/${app}.conf" - if is_file_writable "$prefix_file"; then - # Create file with root group write privileges, so it can be modified in non-root containers - [[ ! -f "$prefix_file" ]] && touch "$prefix_file" && chmod g+rw "$prefix_file" - render-template "${template_dir}/${template_name}-prefix.conf.tpl" | sed '/^\s*$/d' >"$prefix_file" - elif [[ ! -f "$prefix_file" ]]; then - error "Could not create web server configuration file for ${app} at '${prefix_file}'. Check permissions and ownership for parent directories." - return 1 - else - warn "The ${app} web server configuration file '${prefix_file}' is not writable. Configurations based on environment variables will not be applied for this file." - fi -} - -######################## -# Ensure NGINX application configuration is updated with the runtime configuration (i.e. ports) -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Hosts to enable -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -nginx_update_app_configuration() { - local -r app="${1:?missing app}" - # Default options - local -a hosts=() - local enable_http="no" - local enable_https="no" - local disable_http="no" - local disable_https="no" - local http_port="${NGINX_HTTP_PORT_NUMBER:-"$NGINX_DEFAULT_HTTP_PORT_NUMBER"}" - local https_port="${NGINX_HTTPS_PORT_NUMBER:-"$NGINX_DEFAULT_HTTPS_PORT_NUMBER"}" - # Validate arguments - local var_name - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --hosts \ - | --server-aliases \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - read -r -a "${var_name?}" <<<"$1" - ;; - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - declare "${var_name?}=yes" - ;; - --server-name \ - | --http-port \ - | --https-port \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "${var_name?}=${1}" - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Construct host string in the format of "listen host1:port1", "listen host2:port2", ... - export http_listen_configuration="" - export https_listen_configuration="" - if [[ "${#hosts[@]}" -gt 0 ]]; then - for host in "${hosts[@]}"; do - http_listen="listen ${host}:${http_port};" - https_listen="listen ${host}:${https_port} ssl;" - [[ -z "${http_listen_configuration:-}" ]] && http_listen_configuration="$http_listen" || http_listen_configuration="${http_listen_configuration}"$'\\\n'"${http_listen}" - [[ -z "${https_listen_configuration:-}" ]] && https_listen_configuration="$https_listen" || https_listen_configuration="${https_listen_configuration}"$'\\\n'"${https_listen}" - done - else - http_listen_configuration="listen ${http_port} default_server;" - https_listen_configuration="listen ${https_port} ssl default_server;" - fi - # Indent configurations - http_listen_configuration="$(indent "$http_listen_configuration" 4)" - https_listen_configuration="$(indent "$https_listen_configuration" 4)" - # Update configuration - local -r http_server_block="${NGINX_SERVER_BLOCKS_DIR}/${app}-server-block.conf" - local -r https_server_block="${NGINX_SERVER_BLOCKS_DIR}/${app}-https-server-block.conf" - # Helper function to avoid duplicating code - update_common_server_block_config() { - local -r server_block_file="${1:?missing server block}" - # Update server_name - if ! is_empty_value "${server_name:-}"; then - local server_name_list="$server_name" - if [[ "${#server_aliases[@]}" -gt 0 ]]; then - server_name_list+=" ${server_aliases[*]}" - fi - replace_in_file "$server_block_file" "^(\s*server_name\s+)[^;]*" "\1${server_name_list}" - fi - } - # Disable and enable configuration files - rename_conf_file() { - local -r origin="$1" - local -r destination="$2" - if is_file_writable "$origin" && is_file_writable "$destination"; then - warn "Could not rename server block file '${origin}' to '${destination}' due to lack of permissions." - else - mv "$origin" "$destination" - fi - } - is_boolean_yes "$disable_http" && [[ -e "$http_server_block" ]] && rename_conf_file "${http_server_block}${disable_suffix}" "$http_server_block" - is_boolean_yes "$disable_https" && [[ -e "$https_server_block" ]] && rename_conf_file "${https_server_block}${disable_suffix}" "$https_server_block" - is_boolean_yes "$enable_http" && [[ -e "${http_server_block}${disable_suffix}" ]] && rename_conf_file "${http_server_block}${disable_suffix}" "$http_server_block" - is_boolean_yes "$enable_https" && [[ -e "${https_server_block}${disable_suffix}" ]] && rename_conf_file "${https_server_block}${disable_suffix}" "$https_server_block" - # Update only configuration files without the '.disabled' suffix - if [[ -e "$http_server_block" ]]; then - if is_file_writable "$http_server_block"; then - update_common_server_block_config "$http_server_block" - # Update specific server block config (listen addresses) - replace_in_file "$http_server_block" "^\s*listen\s.*;" "$http_listen_configuration" - else - warn "The ${app} server block file '${http_server_block}' is not writable. Configurations based on environment variables will not be applied for this file." - fi - fi - if [[ -e "$https_server_block" ]]; then - if is_file_writable "$https_server_block"; then - update_common_server_block_config "$https_server_block" - # Update specific server block config (listen addresses) - replace_in_file "$https_server_block" "^\s*listen\s.*\sssl;" "$https_listen_configuration" - else - warn "The ${app} server block file '${https_server_block}' is not writable. Configurations based on environment variables will not be applied for this file." - fi - fi -} - -######################## -# Run custom initialization scripts -# Globals: -# NGINX_* -# Arguments: -# None -# Returns: -# None -######################### -nginx_custom_init_scripts() { - if [[ -n $(find "${NGINX_INITSCRIPTS_DIR}/" -type f -regex ".*\.sh") ]]; then - info "Loading user's custom files from $NGINX_INITSCRIPTS_DIR ..." - local -r tmp_file="/tmp/filelist" - find "${NGINX_INITSCRIPTS_DIR}/" -type f -regex ".*\.sh" | sort >"$tmp_file" - while read -r f; do - case "$f" in - *.sh) - if [[ -x "$f" ]]; then - debug "Executing $f" - "$f" - else - debug "Sourcing $f" - . "$f" - fi - ;; - *) - debug "Ignoring $f" - ;; - esac - done <$tmp_file - nginx_stop - rm -f "$tmp_file" - else - info "No custom scripts in $NGINX_INITSCRIPTS_DIR" - fi -} - -######################## -# Generate sample TLS certificates without passphrase for sample HTTPS server_block -# Globals: -# NGINX_* -# Arguments: -# None -# Returns: -# None -######################### -nginx_generate_sample_certs() { - local certs_dir="${NGINX_CONF_DIR}/bitnami/certs" - - if ! is_boolean_yes "$NGINX_SKIP_SAMPLE_CERTS" && [[ ! -f "${certs_dir}/server.crt" ]]; then - # Check certificates directory exists and is writable - if [[ -d "$certs_dir" && -w "$certs_dir" ]]; then - SSL_KEY_FILE="${certs_dir}/server.key" - SSL_CERT_FILE="${certs_dir}/server.crt" - SSL_CSR_FILE="${certs_dir}/server.csr" - SSL_SUBJ="/CN=example.com" - SSL_EXT="subjectAltName=DNS:example.com,DNS:www.example.com,IP:127.0.0.1" - rm -f "$SSL_KEY_FILE" "$SSL_CERT_FILE" - openssl genrsa -out "$SSL_KEY_FILE" 4096 - # OpenSSL version 1.0.x does not use the same parameters as OpenSSL >= 1.1.x - if [[ "$(openssl version | grep -oE "[0-9]+\.[0-9]+")" == "1.0" ]]; then - openssl req -new -sha256 -out "$SSL_CSR_FILE" -key "$SSL_KEY_FILE" -nodes -subj "$SSL_SUBJ" - else - openssl req -new -sha256 -out "$SSL_CSR_FILE" -key "$SSL_KEY_FILE" -nodes -subj "$SSL_SUBJ" -addext "$SSL_EXT" - fi - openssl x509 -req -sha256 -in "$SSL_CSR_FILE" -signkey "$SSL_KEY_FILE" -out "$SSL_CERT_FILE" -days 1825 -extfile <(echo -n "$SSL_EXT") - rm -f "$SSL_CSR_FILE" - else - warn "The certificates directories '${certs_dir}' does not exist or is not writable, skipping sample HTTPS certificates generation" - fi - fi -} diff --git a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx-env.sh b/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx-env.sh deleted file mode 100644 index 1d584e7b82c1..000000000000 --- a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx-env.sh +++ /dev/null @@ -1,80 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for nginx - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-nginx}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -nginx_env_vars=( - NGINX_HTTP_PORT_NUMBER - NGINX_HTTPS_PORT_NUMBER - NGINX_SKIP_SAMPLE_CERTS - NGINX_ENABLE_ABSOLUTE_REDIRECT - NGINX_ENABLE_PORT_IN_REDIRECT -) -for env_var in "${nginx_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset nginx_env_vars -export WEB_SERVER_TYPE="nginx" - -# Paths -export NGINX_BASE_DIR="${BITNAMI_ROOT_DIR}/nginx" -export NGINX_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/nginx" -export NGINX_SBIN_DIR="${NGINX_BASE_DIR}/sbin" -export NGINX_CONF_DIR="${NGINX_BASE_DIR}/conf" -export NGINX_HTDOCS_DIR="${NGINX_BASE_DIR}/html" -export NGINX_TMP_DIR="${NGINX_BASE_DIR}/tmp" -export NGINX_LOGS_DIR="${NGINX_BASE_DIR}/logs" -export NGINX_SERVER_BLOCKS_DIR="${NGINX_CONF_DIR}/server_blocks" -export NGINX_INITSCRIPTS_DIR="/docker-entrypoint-initdb.d" -export NGINX_CONF_FILE="${NGINX_CONF_DIR}/nginx.conf" -export NGINX_PID_FILE="${NGINX_TMP_DIR}/nginx.pid" -export PATH="${NGINX_SBIN_DIR}:${BITNAMI_ROOT_DIR}/common/bin:${PATH}" - -# System users (when running with a privileged user) -export NGINX_DAEMON_USER="daemon" -export WEB_SERVER_DAEMON_USER="$NGINX_DAEMON_USER" -export NGINX_DAEMON_GROUP="daemon" -export WEB_SERVER_DAEMON_GROUP="$NGINX_DAEMON_GROUP" -export NGINX_DEFAULT_HTTP_PORT_NUMBER="8080" -export WEB_SERVER_DEFAULT_HTTP_PORT_NUMBER="$NGINX_DEFAULT_HTTP_PORT_NUMBER" # only used at build time -export NGINX_DEFAULT_HTTPS_PORT_NUMBER="8443" -export WEB_SERVER_DEFAULT_HTTPS_PORT_NUMBER="$NGINX_DEFAULT_HTTPS_PORT_NUMBER" # only used at build time - -# NGINX configuration -export NGINX_HTTP_PORT_NUMBER="${NGINX_HTTP_PORT_NUMBER:-}" -export WEB_SERVER_HTTP_PORT_NUMBER="$NGINX_HTTP_PORT_NUMBER" -export NGINX_HTTPS_PORT_NUMBER="${NGINX_HTTPS_PORT_NUMBER:-}" -export WEB_SERVER_HTTPS_PORT_NUMBER="$NGINX_HTTPS_PORT_NUMBER" -export NGINX_SKIP_SAMPLE_CERTS="${NGINX_SKIP_SAMPLE_CERTS:-false}" -export NGINX_ENABLE_ABSOLUTE_REDIRECT="${NGINX_ENABLE_ABSOLUTE_REDIRECT:-no}" -export NGINX_ENABLE_PORT_IN_REDIRECT="${NGINX_ENABLE_PORT_IN_REDIRECT:-no}" - -# Custom environment variables may be defined below diff --git a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-http-server-block.conf.tpl b/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-http-server-block.conf.tpl deleted file mode 100644 index 4ebeed573889..000000000000 --- a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-http-server-block.conf.tpl +++ /dev/null @@ -1,16 +0,0 @@ -{{external_configuration}} - -server { - # Port to listen on, can also be set in IP:PORT format - {{http_listen_configuration}} - - root {{document_root}}; - - {{server_name_configuration}} - - {{acl_configuration}} - - {{additional_configuration}} - - include "/opt/bitnami/nginx/conf/bitnami/*.conf"; -} diff --git a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-https-server-block.conf.tpl b/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-https-server-block.conf.tpl deleted file mode 100644 index 02acfbb055c6..000000000000 --- a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-https-server-block.conf.tpl +++ /dev/null @@ -1,19 +0,0 @@ -{{external_configuration}} - -server { - # Port to listen on, can also be set in IP:PORT format - {{https_listen_configuration}} - - root {{document_root}}; - - {{server_name_configuration}} - - ssl_certificate bitnami/certs/server.crt; - ssl_certificate_key bitnami/certs/server.key; - - {{acl_configuration}} - - {{additional_configuration}} - - include "/opt/bitnami/nginx/conf/bitnami/*.conf"; -} diff --git a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-php-prefix.conf.tpl b/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-php-prefix.conf.tpl deleted file mode 100644 index 28bb0393aaa3..000000000000 --- a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-php-prefix.conf.tpl +++ /dev/null @@ -1,10 +0,0 @@ -location ^~ {{location}} { - alias "{{document_root}}"; - - {{acl_configuration}} - - include "/opt/bitnami/nginx/conf/bitnami/protect-hidden-files.conf"; - include "/opt/bitnami/nginx/conf/bitnami/php-fpm.conf"; -} - -{{additional_configuration}} diff --git a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-prefix.conf.tpl b/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-prefix.conf.tpl deleted file mode 100644 index b7d04e1e80f7..000000000000 --- a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-prefix.conf.tpl +++ /dev/null @@ -1,9 +0,0 @@ -location ^~ {{location}} { - alias "{{document_root}}"; - - {{acl_configuration}} - - include "/opt/bitnami/nginx/conf/bitnami/protect-hidden-files.conf"; -} - -{{additional_configuration}} diff --git a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/default-https-server-block.conf b/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/default-https-server-block.conf deleted file mode 100644 index 27284a637c31..000000000000 --- a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/default-https-server-block.conf +++ /dev/null @@ -1,17 +0,0 @@ -# HTTPS Server -server { - # Port to listen on, can also be set in IP:PORT format - listen 443 ssl; - - ssl_certificate bitnami/certs/server.crt; - ssl_certificate_key bitnami/certs/server.key; - - include "/opt/bitnami/nginx/conf/bitnami/*.conf"; - - location /status { - stub_status on; - access_log off; - allow 127.0.0.1; - deny all; - } -} diff --git a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/entrypoint.sh b/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/entrypoint.sh deleted file mode 100755 index cce4b3e874a3..000000000000 --- a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/entrypoint.sh +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/libnginx.sh - -# Load NGINX environment variables -. /opt/bitnami/scripts/nginx-env.sh - -print_welcome_page - -if [[ "$1" = "/opt/bitnami/scripts/nginx/run.sh" ]]; then - info "** Starting NGINX setup **" - /opt/bitnami/scripts/nginx/setup.sh - info "** NGINX setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/postunpack.sh b/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/postunpack.sh deleted file mode 100755 index 2ebe0fb36870..000000000000 --- a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/postunpack.sh +++ /dev/null @@ -1,74 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libnginx.sh -. /opt/bitnami/scripts/libfs.sh - -# Auxiliar Functions - -######################## -# Unset HTTP_PROXY header to protect vs HTTPPOXY vulnerability -# Ref: https://www.digitalocean.com/community/tutorials/how-to-protect-your-server-against-the-httpoxy-vulnerability -# Globals: -# NGINX_* -# Arguments: -# None -# Returns: -# None -######################### -nginx_patch_httpoxy_vulnerability() { - debug "Unsetting HTTP_PROXY header..." - echo '# Unset the HTTP_PROXY header' >>"${NGINX_CONF_DIR}/fastcgi_params" - echo 'fastcgi_param HTTP_PROXY "";' >>"${NGINX_CONF_DIR}/fastcgi_params" -} - -# Load NGINX environment variables -. /opt/bitnami/scripts/nginx-env.sh - -# Remove unnecessary directories that come with the tarball -rm -rf "${BITNAMI_ROOT_DIR}/certs" "${BITNAMI_ROOT_DIR}/server_blocks" - -# Ensure non-root user has write permissions on a set of directories -for dir in "$NGINX_VOLUME_DIR" "$NGINX_CONF_DIR" "$NGINX_INITSCRIPTS_DIR" "$NGINX_SERVER_BLOCKS_DIR" "${NGINX_CONF_DIR}/bitnami" "${NGINX_CONF_DIR}/bitnami/certs" "$NGINX_LOGS_DIR" "$NGINX_TMP_DIR"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" -done - -# Unset HTTP_PROXY header to protect vs HTTPPOXY vulnerability -nginx_patch_httpoxy_vulnerability - -# Configure default HTTP port -nginx_configure_port "$NGINX_DEFAULT_HTTP_PORT_NUMBER" -# Configure default HTTPS port -nginx_configure_port "$NGINX_DEFAULT_HTTPS_PORT_NUMBER" "${BITNAMI_ROOT_DIR}/scripts/nginx/bitnami-templates/default-https-server-block.conf" - -# shellcheck disable=SC1091 - -# Load additional libraries -. /opt/bitnami/scripts/libfs.sh - -# Users can mount their html sites at /app -mv "${NGINX_BASE_DIR}/html" /app -ln -sf /app "${NGINX_BASE_DIR}/html" - -# Users can mount their certificates at /certs -mv "${NGINX_CONF_DIR}/bitnami/certs" /certs -ln -sf /certs "${NGINX_CONF_DIR}/bitnami/certs" - -ln -sf "/dev/stdout" "${NGINX_LOGS_DIR}/access.log" -ln -sf "/dev/stderr" "${NGINX_LOGS_DIR}/error.log" - -# This file is necessary for avoiding the error -# "unable to write random state" -# Source: https://stackoverflow.com/questions/94445/using-openssl-what-does-unable-to-write-random-state-mean - -touch /.rnd && chmod g+rw /.rnd diff --git a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/reload.sh b/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/reload.sh deleted file mode 100755 index 1b18ed6d9637..000000000000 --- a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/reload.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libnginx.sh -. /opt/bitnami/scripts/liblog.sh - -# Load NGINX environment -. /opt/bitnami/scripts/nginx-env.sh - -info "** Reloading NGINX configuration **" -exec "${NGINX_SBIN_DIR}/nginx" -s reload diff --git a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/restart.sh b/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/restart.sh deleted file mode 100755 index deaa515bac32..000000000000 --- a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/restart.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libnginx.sh - -# Load NGINX environment variables -. /opt/bitnami/scripts/nginx-env.sh - -/opt/bitnami/scripts/nginx/stop.sh -/opt/bitnami/scripts/nginx/start.sh diff --git a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/run.sh b/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/run.sh deleted file mode 100755 index a2f3b57114d0..000000000000 --- a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/run.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libnginx.sh - -# Load NGINX environment variables -. /opt/bitnami/scripts/nginx-env.sh - -info "** Starting NGINX **" -exec "${NGINX_SBIN_DIR}/nginx" -c "$NGINX_CONF_FILE" -g "daemon off;" diff --git a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/setup.sh b/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/setup.sh deleted file mode 100755 index 084490b6ac83..000000000000 --- a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/setup.sh +++ /dev/null @@ -1,45 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libnginx.sh - -# Load NGINX environment variables -. /opt/bitnami/scripts/nginx-env.sh - -# Ensure NGINX environment variables settings are valid -nginx_validate - -# Ensure NGINX is stopped when this script ends -trap "nginx_stop" EXIT - -# Ensure NGINX daemon user exists when running as 'root' -am_i_root && ensure_user_exists "$NGINX_DAEMON_USER" --group "$NGINX_DAEMON_GROUP" - -# Configure HTTPS sample block using generated SSL certs -nginx_generate_sample_certs - -# Run init scripts -nginx_custom_init_scripts - -# Fix logging issue when running as root -! am_i_root || chmod o+w "$(readlink /dev/stdout)" "$(readlink /dev/stderr)" - -# Configure HTTPS port number -if [[ -f "${NGINX_CONF_DIR}/bitnami/certs/server.crt" ]] && [[ -n "${NGINX_HTTPS_PORT_NUMBER:-}" ]] && [[ ! -f "${NGINX_SERVER_BLOCKS_DIR}/default-https-server-block.conf" ]] && is_file_writable "${NGINX_SERVER_BLOCKS_DIR}/default-https-server-block.conf"; then - cp "${BITNAMI_ROOT_DIR}/scripts/nginx/bitnami-templates/default-https-server-block.conf" "${NGINX_SERVER_BLOCKS_DIR}/default-https-server-block.conf" -fi - -# Initialize NGINX -nginx_initialize - diff --git a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/start.sh b/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/start.sh deleted file mode 100755 index 1dc8e8e746dd..000000000000 --- a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/start.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libnginx.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh - -# Load NGINX environment variables -. /opt/bitnami/scripts/nginx-env.sh - -error_code=0 - -if is_nginx_not_running; then - "${NGINX_SBIN_DIR}/nginx" -c "$NGINX_CONF_FILE" - if ! retry_while "is_nginx_running"; then - error "nginx did not start" - error_code=1 - else - info "nginx started" - fi -else - info "nginx is already running" -fi - -exit "$error_code" diff --git a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/status.sh b/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/status.sh deleted file mode 100755 index 16b35ef1b0e8..000000000000 --- a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/status.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libnginx.sh -. /opt/bitnami/scripts/liblog.sh - -# Load NGINX environment variables -. /opt/bitnami/scripts/nginx-env.sh - -if is_nginx_running; then - info "nginx is already running" -else - info "nginx is not running" -fi diff --git a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/stop.sh b/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/stop.sh deleted file mode 100755 index bc6f4f3fd8aa..000000000000 --- a/bitnami/harbor-portal/2/debian-11/rootfs/opt/bitnami/scripts/nginx/stop.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libnginx.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh - -# Load NGINX environment variables -. /opt/bitnami/scripts/nginx-env.sh - -error_code=0 - -if is_nginx_running; then - BITNAMI_QUIET=1 nginx_stop - if ! retry_while "is_nginx_not_running"; then - error "nginx could not be stopped" - error_code=1 - else - info "nginx stopped" - fi -else - info "nginx is not running" -fi - -exit "$error_code" diff --git a/bitnami/harbor-portal/2/debian-11/tags-info.yaml b/bitnami/harbor-portal/2/debian-11/tags-info.yaml deleted file mode 100644 index fa154790da8f..000000000000 --- a/bitnami/harbor-portal/2/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "2" -- 2-debian-11 -- 2.10.0 -- latest diff --git a/bitnami/harbor-registry/2/debian-11/Dockerfile b/bitnami/harbor-registry/2/debian-11/Dockerfile deleted file mode 100644 index f3802f7437bb..000000000000 --- a/bitnami/harbor-registry/2/debian-11/Dockerfile +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T04:18:19Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="2.10.0-debian-11-r26" \ - org.opencontainers.image.title="harbor-registry" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="2.10.0" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "harbor-registry-2.10.0-6-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/harbor-registry/postunpack.sh -ENV APP_VERSION="2.10.0" \ - BITNAMI_APP_NAME="harbor-registry" \ - PATH="/opt/bitnami/harbor-registry/bin:$PATH" - -VOLUME [ "/etc/registry", "/storage", "/var/lib/registry" ] - -EXPOSE 5000 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/harbor-registry/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/harbor-registry/run.sh" ] diff --git a/bitnami/harbor-registry/2/debian-11/config/registry/config.yml b/bitnami/harbor-registry/2/debian-11/config/registry/config.yml deleted file mode 100644 index e4e99a79e55c..000000000000 --- a/bitnami/harbor-registry/2/debian-11/config/registry/config.yml +++ /dev/null @@ -1,36 +0,0 @@ -version: 0.1 -log: - level: info - fields: - service: registry -storage: - cache: - layerinfo: redis - filesystem: - rootdirectory: /storage - maintenance: - uploadpurging: - enabled: false - delete: - enabled: true -redis: - addr: redis:6379 - password: - db: 1 -http: - addr: :5000 - secret: placeholder - debug: - addr: localhost:5001 -auth: - htpasswd: - realm: harbor-registry-basic-realm - path: /etc/registry/passwd -notifications: - endpoints: - - name: harbor - disabled: false - url: http://core:8080/service/notifications - timeout: 3000ms - threshold: 5 - backoff: 1s diff --git a/bitnami/harbor-registry/2/debian-11/config/registry/passwd b/bitnami/harbor-registry/2/debian-11/config/registry/passwd deleted file mode 100644 index bec5ef97dc00..000000000000 --- a/bitnami/harbor-registry/2/debian-11/config/registry/passwd +++ /dev/null @@ -1 +0,0 @@ -harbor_registry_user:$2y$10$9L4Tc0DJbFFMB6RdSCunrOpTHdwhid4ktBJmLD00bYgqkkGOvll3m \ No newline at end of file diff --git a/bitnami/harbor-registry/2/debian-11/config/registry/root.crt b/bitnami/harbor-registry/2/debian-11/config/registry/root.crt deleted file mode 100644 index c31b27de66d6..000000000000 --- a/bitnami/harbor-registry/2/debian-11/config/registry/root.crt +++ /dev/null @@ -1,35 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIGBzCCA++gAwIBAgIJAKB8CNqCxhr7MA0GCSqGSIb3DQEBCwUAMIGZMQswCQYD -VQQGEwJDTjEOMAwGA1UECAwFU3RhdGUxCzAJBgNVBAcMAkNOMRUwEwYDVQQKDAxv -cmdhbml6YXRpb24xHDAaBgNVBAsME29yZ2FuaXphdGlvbmFsIHVuaXQxFDASBgNV -BAMMC2V4YW1wbGUuY29tMSIwIAYJKoZIhvcNAQkBFhNleGFtcGxlQGV4YW1wbGUu -Y29tMB4XDTE2MDUxNjAyNDY1NVoXDTI2MDUxNDAyNDY1NVowgZkxCzAJBgNVBAYT -AkNOMQ4wDAYDVQQIDAVTdGF0ZTELMAkGA1UEBwwCQ04xFTATBgNVBAoMDG9yZ2Fu -aXphdGlvbjEcMBoGA1UECwwTb3JnYW5pemF0aW9uYWwgdW5pdDEUMBIGA1UEAwwL -ZXhhbXBsZS5jb20xIjAgBgkqhkiG9w0BCQEWE2V4YW1wbGVAZXhhbXBsZS5jb20w -ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC2ky/K/XneJKbCbpOsWlQ7 -OwgYEQNsa044RkwSbTwPwgLafUZ3r9c5nkXE8APqAikTQQBwyiNjk7QeXgIOjJXd -7+IpwGoU6Bi2miA21qfvJPknyDAqw9tT/ycGQrvkY6rnqd++ri30ZUByUgO0du6+ -aWHo7af5/G1HQz0tu6i1tIF1dhSHNeqJKwxyUG8vIiT/PfbtU/mXSdQ07M+4ojBC -O7FgoOS+rWgbL3yhWUTrCXSV2HZlhksYBhtWGoFVRPVSf89iqL02h9rZEjmfVY6R -QlCnzu9v49Q8WFU528f+gDNXr9v13PKEDmloMzTqWPaCyD2FBbEKBsWHXHf1zqlI -jyGZV7rHZ3i0C1LI6bdDDP7M7aVs8O+RjxK+HmfFRg5us2t6g7zAevwwLpMZRAud -S39F91Up7l9g8WXpViok/8vcsOdePvvWcWro8qJhuEHAnDdMzj2Cko1L85/vRM/a -budWXK7Ix0TlPWPfHJc2SLFeqqcm5Iypf/cGabQ6f0oRt6bCfspFgX9upznT5FwZ -R0o1w6Q3q+4xVl6LgZvEAudWppyz79RACJA/jbXZQ7uJkXAxoI0nev9vgY6XJqUj -XIQDih2hmi/uTnNU7Me7w7pCYKPdHlNU652kaJSH6W6ZFGk2rEOCOeAuWO9pZTq2 -3IhuOcDAKOcmimlkzaWRGQIDAQABo1AwTjAdBgNVHQ4EFgQUPJF++WMsv1OJvf7F -oCew37JTnfQwHwYDVR0jBBgwFoAUPJF++WMsv1OJvf7FoCew37JTnfQwDAYDVR0T -BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAb5LvqukMxWd5Zajbh3orfYsXmhWn -UWiwG176+bd3b5xMlG9iLd4vQ11lTZoIhFOfprRQzbizQ8BzR2JBQckpLcy+5hyA -D3M9vLL37OwA0wT6kxFnd6LtlFaH5gG++huw2ts2PDXFz0jqw+0YE/R8ov2+YdaZ -aPSEMunmAuEY1TbYWzz4u6PxycxhQzDQ34ZmJZ34Elvw1NYMfPMGTKp34PsxIcgT -ao5jqb9RMU6JAumfXrOvXRjjl573vX2hgMZzEU6OF2/+uyg95chn6nO1GUQrT2+F -/1xIqfHfFCm8+jujSDgqfBtGI+2C7No+Dq8LEyEINZe6wSQ81+ryt5jy5SZmAsnj -V4OsSIwlpR5fLUwrFStVoUWHEKl1DflkYki/cAC1TL0Om+ldJ219kcOnaXDNaq66 -3I75BvRY7/88MYLl4Fgt7sn05Mn3uNPrCrci8d0R1tlXIcwMdCowIHeZdWHX43f7 -NsVk/7VSOxJ343csgaQc+3WxEFK0tBxGO6GP+Xj0XmdVGLhalVBsEhPjnmx+Yyrn -oMsTA1Yrs88C8ItQn7zuO/30eKNGTnby0gptHiS6sa/c3O083Mpi8y33GPVZDvBl -l9PfSZT8LG7SvpjsdgdNZlyFvTY4vsB+Vd5Howh7gXYPVXdCs4k7HMyo7zvzliZS -ekCw9NGLoNqQqnA= ------END CERTIFICATE----- diff --git a/bitnami/harbor-registry/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/harbor-registry/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 50d2d67849a1..000000000000 --- a/bitnami/harbor-registry/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "harbor-registry": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.10.0-6" - } -} \ No newline at end of file diff --git a/bitnami/harbor-registry/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/harbor-registry/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/harbor-registry/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/harbor-registry/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/harbor-registry/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/harbor-registry/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/harbor-registry/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/harbor-registry/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/harbor-registry/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/harbor-registry/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/harbor-registry/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/harbor-registry/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/harbor-registry/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/harbor-registry/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/harbor-registry/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/harbor-registry/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/harbor-registry/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/harbor-registry/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/harbor-registry/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/harbor-registry/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/harbor-registry/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/harbor-registry/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/harbor-registry/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/harbor-registry/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/harbor-registry/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/harbor-registry/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/harbor-registry/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/harbor-registry/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/harbor-registry/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/harbor-registry/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/harbor-registry/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/harbor-registry/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/harbor-registry/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/harbor-registry/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/harbor-registry/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/harbor-registry/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/harbor-registry/2/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/harbor-registry/2/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/harbor-registry/2/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/harbor-registry/2/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/harbor-registry/2/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/harbor-registry/2/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/harbor-registry/2/debian-11/rootfs/opt/bitnami/scripts/harbor-registry-env.sh b/bitnami/harbor-registry/2/debian-11/rootfs/opt/bitnami/scripts/harbor-registry-env.sh deleted file mode 100644 index 06d389e299b2..000000000000 --- a/bitnami/harbor-registry/2/debian-11/rootfs/opt/bitnami/scripts/harbor-registry-env.sh +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for harbor-registry - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-harbor-registry}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# Paths -export HARBOR_REGISTRY_BASE_DIR="${BITNAMI_ROOT_DIR}/harbor-registry" -export HARBOR_REGISTRY_STORAGE_DIR="/storage" - -# System users -export HARBOR_REGISTRY_DAEMON_USER="harbor" -export HARBOR_REGISTRY_DAEMON_GROUP="harbor" - -# Custom environment variables may be defined below diff --git a/bitnami/harbor-registry/2/debian-11/rootfs/opt/bitnami/scripts/harbor-registry/entrypoint.sh b/bitnami/harbor-registry/2/debian-11/rootfs/opt/bitnami/scripts/harbor-registry/entrypoint.sh deleted file mode 100755 index 981966d46c33..000000000000 --- a/bitnami/harbor-registry/2/debian-11/rootfs/opt/bitnami/scripts/harbor-registry/entrypoint.sh +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh - -print_welcome_page - -if [[ "$1" = "/opt/bitnami/scripts/harbor-registry/run.sh" ]]; then - info "** Starting harbor-registry setup **" - /opt/bitnami/scripts/harbor-registry/setup.sh - info "** harbor-registry setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/harbor-registry/2/debian-11/rootfs/opt/bitnami/scripts/harbor-registry/postunpack.sh b/bitnami/harbor-registry/2/debian-11/rootfs/opt/bitnami/scripts/harbor-registry/postunpack.sh deleted file mode 100755 index 4d1677d14a4c..000000000000 --- a/bitnami/harbor-registry/2/debian-11/rootfs/opt/bitnami/scripts/harbor-registry/postunpack.sh +++ /dev/null @@ -1,35 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libharbor.sh - -# Load environment -. /opt/bitnami/scripts/harbor-registry-env.sh - -ensure_user_exists "$HARBOR_REGISTRY_DAEMON_USER" --group "$HARBOR_REGISTRY_DAEMON_GROUP" - -# Ensure a set of directories exist and the non-root user has write privileges to them -read -r -a directories <<<"$(get_system_cert_paths)" -directories+=("/var/lib/registry" "$HARBOR_REGISTRY_STORAGE_DIR") -for dir in "${directories[@]}"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" - chown -R "$HARBOR_REGISTRY_DAEMON_USER" "$dir" -done - -ensure_dir_exists "/etc/registry" - -# Ensure permissions for Internal TLS -configure_permissions_system_certs "$HARBOR_REGISTRY_DAEMON_USER" diff --git a/bitnami/harbor-registry/2/debian-11/rootfs/opt/bitnami/scripts/harbor-registry/run.sh b/bitnami/harbor-registry/2/debian-11/rootfs/opt/bitnami/scripts/harbor-registry/run.sh deleted file mode 100755 index c58d3811371c..000000000000 --- a/bitnami/harbor-registry/2/debian-11/rootfs/opt/bitnami/scripts/harbor-registry/run.sh +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Load harbor-registry environment -. /opt/bitnami/scripts/harbor-registry-env.sh - -CMD="$(command -v registry)" -FLAGS=("serve" "/etc/registry/config.yml" "$@") - -info "** Starting harbor-registry **" -if am_i_root; then - exec_as_user "$HARBOR_REGISTRY_DAEMON_USER" "$CMD" "${FLAGS[@]}" -else - exec "$CMD" "${FLAGS[@]}" -fi diff --git a/bitnami/harbor-registry/2/debian-11/rootfs/opt/bitnami/scripts/harbor-registry/setup.sh b/bitnami/harbor-registry/2/debian-11/rootfs/opt/bitnami/scripts/harbor-registry/setup.sh deleted file mode 100755 index 617d3d4d3796..000000000000 --- a/bitnami/harbor-registry/2/debian-11/rootfs/opt/bitnami/scripts/harbor-registry/setup.sh +++ /dev/null @@ -1,40 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libharbor.sh - -# Load environment -. /opt/bitnami/scripts/harbor-registry-env.sh - -# Auxiliar Functions - -######################## -# Validate Registry settings -# Arguments: -# None -# Returns: -# None -######################### -harbor_registry_validate() { - info "Validating harbor-registry settings..." - - if [[ ! -f "/etc/registry/config.yml" ]]; then - error "No configuration file was detected. Please mount your configuration file at \"/etc/registry/config.yml\"" - exit 1 - fi -} - -# Ensure harbor-registry settings are valid -harbor_registry_validate -install_custom_certs diff --git a/bitnami/harbor-registry/2/debian-11/rootfs/opt/bitnami/scripts/libharbor.sh b/bitnami/harbor-registry/2/debian-11/rootfs/opt/bitnami/scripts/libharbor.sh deleted file mode 100644 index d6134ff84dd5..000000000000 --- a/bitnami/harbor-registry/2/debian-11/rootfs/opt/bitnami/scripts/libharbor.sh +++ /dev/null @@ -1,492 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Harbor library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libservice.sh - -######################## -# Get the paths relevant to CA certs depending -# on the OS -# Globals: -# None -# Arguments: -# None -# Returns: -# A series of paths relevant to CA certs -# depending on the OS. -######################### -get_system_cert_paths() { - local distro - distro="$(get_os_metadata --id)" - if [[ "$distro" =~ ^(debian|ubuntu)$ ]]; then - echo "/etc/ssl/certs/" - elif [[ "$distro" =~ ^photon$ ]]; then - echo "/etc/pki/tls/certs/" - else - # Check the existence of generic paths when OS_FLAVOR does - # not match - if [[ -d /etc/ssl/certs/ ]] ; then - echo "/etc/ssl/certs/" - elif [[ -d /etc/pki/tls/certs/ ]]; then - echo "/etc/pki/tls/certs/" - else - error "Could not determine relevant CA paths for this OS Flavour" - fi - fi -} - -######################## -# Ensure CA bundles allows users in root group install new certificate -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -configure_permissions_system_certs() { - local -r owner="${1:-}" - # Debian - set_permissions_ownership "/etc/pki/tls/certs/ca-bundle.crt" "$owner" - # Photon - set_permissions_ownership "/etc/pki/tls/certs/ca-bundle.trust.crt" "$owner" - set_permissions_ownership "/etc/ssl/certs/ca-certificates.crt" "$owner" -} - -######################## -# Grant group write permissions to the file provided and change ownership if a the owner argument is set. -# If the path is not a file, then do nothing. -# Globals: -# None -# Arguments: -# $1 - path -# $2 - owner -# Returns: -# None -######################### -set_permissions_ownership() { - local -r path="${1:?path is missing}" - local -r owner="${2:-}" - - if [[ -f "$path" ]]; then - chmod g+w "$path" - if [[ -n "$owner" ]]; then - chown "$owner" "$path" - fi - fi -} - -######################## -# Place a given certificate in the correct location for installation -# depending on the OS -# Globals: -# None -# Arguments: -# $1 - certificate to be installed -# Returns: -# None -######################### -install_cert() { - local -r cert="${1:?missing certificate}" - local distro - distro="$(get_os_metadata --id)" - - if [[ "$distro" =~ ^(debian|ubuntu)$ ]]; then - cat "$cert" >> /etc/ssl/certs/ca-certificates.crt - elif [[ "$distro" =~ ^photon$ ]]; then - cat "$cert" >> /etc/pki/tls/certs/ca-bundle.crt - else - # Check the existence of generic ca-bundles when OS_FLAVOR does - # not match - if [[ -f /etc/ssl/certs/ca-certificates.crt ]] ; then - cat "$cert" >> /etc/ssl/certs/ca-certificates.crt - elif [[ -f /etc/pki/tls/certs/ca-bundle.crt ]]; then - cat "$cert" >> /etc/pki/tls/certs/ca-bundle.crt - else - error "Could not install CA certificate ${cert} CA in this OS Flavour" - fi - fi -} - -######################## -# Install CA certificates found under the specific paths -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -install_custom_certs() { - local installed=false - - # Install any internalTLS CA authority certificate, found under - # /etc/harbor/ssl/{component}/ca.crt - if [[ -d /etc/harbor/ssl ]]; then - info "Appending internalTLS trust CA cert..." - while IFS= read -r -d '' caCert; do - install_cert "$caCert" - installed=true - debug "Internal tls trust CA $caCert copied" - done < <(find /etc/harbor/ssl -maxdepth 2 -name ca.crt -print0) - info "interalTLS CA certs appending done!" - fi - - # Install any other custom certificate provided by the end user under the path - # /harbor_cust_cert - if [[ -d /harbor_cust_cert ]]; then - info "Appending custom trust CA certs ..." - for certFile in /harbor_cust_cert/*; do - case ${certFile} in - *.crt | *.ca | *.ca-bundle | *.pem) - if [[ -d "$certFile" ]]; then - debug "$certFile is a directory, skipping it" - else - install_cert "$certFile" - installed=true - debug "Custom CA cert $certFile copied" - fi - ;; - *) debug "$certFile is not a CA cert file, skipping it" ;; - esac - done - fi - - if [[ "$installed" = true ]]; then - info "Custom certificates were installed in the system!" - else - info "No custom certificates were installed in the system" - fi -} - -######################## -# Generate an .env file contents given an input string containing all envvars -# Arguments: -# None -# Returns: -# String -######################### -harbor_generate_env_file_contents() { - local -r envvars_string="${1:-}" - [[ -z "$envvars_string" ]] && return - # For systemd, we will load it via EnvironmentFile=, so the shebang is not needed - [[ "$BITNAMI_SERVICE_MANAGER" != "systemd" ]] && echo "#!/bin/bash" - while IFS= read -r ENV_VAR_LINE; do - if [[ ! "$ENV_VAR_LINE" =~ ^[A-Z_] ]]; then - continue - fi - ENV_VAR_NAME="${ENV_VAR_LINE/=*}" - ENV_VAR_VALUE="${ENV_VAR_LINE#*=}" - # For systemd, we will load it via EnvironmentFile=, which does not allow 'export' - [[ "$BITNAMI_SERVICE_MANAGER" != "systemd" ]] && echo -n 'export ' - # Use single quotes to avoid shell expansion, and escape to be parsed properly (even if it contains quotes) - # Escape the value, so it can be parsed as a variable even with quotes set - echo "${ENV_VAR_NAME}='${ENV_VAR_VALUE//\'/\'\\\'\'}'" - done <<< "$envvars_string" -} - -######################## -# Print harbor-core runtime environment -# Arguments: -# None -# Returns: -# Boolean -######################### -harbor_core_print_env() { - # The CSRF key can only be up to 32 characters long - HARBOR_CORE_CFG_CSRF_KEY="${HARBOR_CORE_CFG_CSRF_KEY:0:32}" - for var in "${!HARBOR_CORE_CFG_@}"; do - echo "${var/HARBOR_CORE_CFG_/}=${!var}" - done -} - -######################## -# Check if harbor-core is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_core_running() { - # harbor-core does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "$(command -v harbor_core)" > "$HARBOR_CORE_PID_FILE" - - pid="$(get_pid_from_file "$HARBOR_CORE_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if harbor-core is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_core_not_running() { - ! is_harbor_core_running -} - -######################## -# Stop harbor-core -# Arguments: -# None -# Returns: -# None -######################### -harbor_core_stop() { - ! is_harbor_core_running && return - stop_service_using_pid "$HARBOR_CORE_PID_FILE" -} - -######################## -# Print harbor-jobservice runtime environment -# Arguments: -# None -# Returns: -# Boolean -######################### -harbor_jobservice_print_env() { - for var in "${!HARBOR_JOBSERVICE_CFG_@}"; do - echo "${var/HARBOR_JOBSERVICE_CFG_/}=${!var}" - done -} - -######################## -# Check if harbor-jobservice is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_jobservice_running() { - # harbor-jobservice does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "$(command -v harbor_jobservice)" > "$HARBOR_JOBSERVICE_PID_FILE" - - pid="$(get_pid_from_file "$HARBOR_JOBSERVICE_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if harbor-jobservice is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_jobservice_not_running() { - ! is_harbor_jobservice_running -} - -######################## -# Stop harbor-jobservice -# Arguments: -# None -# Returns: -# None -######################### -harbor_jobservice_stop() { - ! is_harbor_jobservice_running && return - stop_service_using_pid "$HARBOR_JOBSERVICE_PID_FILE" -} - -######################## -# Print harbor-registry runtime environment -# Arguments: -# None -# Returns: -# Boolean -######################### -harbor_registry_print_env() { - if [[ -n "$HARBOR_REGISTRY_USER" && -n "$HARBOR_REGISTRY_PASSWORD" ]]; then - HARBOR_REGISTRY_CFG_REGISTRY_HTPASSWD="$(htpasswd -nbBC10 "$HARBOR_REGISTRY_USER" "$HARBOR_REGISTRY_PASSWORD")" - # Update passwd file - echo "$HARBOR_REGISTRY_CFG_REGISTRY_HTPASSWD" >/etc/registry/passwd - fi - for var in "${!HARBOR_REGISTRY_CFG_@}"; do - echo "${var/HARBOR_REGISTRY_CFG_/}=${!var}" - done -} - -######################## -# Check if harbor-registry is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_registry_running() { - # harbor-registry does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "$(command -v registry)" > "$HARBOR_REGISTRY_PID_FILE" - - pid="$(get_pid_from_file "$HARBOR_REGISTRY_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if harbor-registry is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_registry_not_running() { - ! is_harbor_registry_running -} - -######################## -# Stop harbor-registry -# Arguments: -# None -# Returns: -# None -######################### -harbor_registry_stop() { - ! is_harbor_registry_running && return - stop_service_using_pid "$HARBOR_REGISTRY_PID_FILE" -} - -######################## -# Print harbor-registryctl runtime environment -# Arguments: -# None -# Returns: -# Boolean -######################### -harbor_registryctl_print_env() { - if [[ -n "$HARBOR_REGISTRYCTL_USER" && -n "$HARBOR_REGISTRYCTL_PASSWORD" ]]; then - HARBOR_REGISTRYCTL_CFG_REGISTRY_HTPASSWD="$(htpasswd -nbBC10 "$HARBOR_REGISTRYCTL_USER" "$HARBOR_REGISTRYCTL_PASSWORD")" - # Update passwd file - echo "$HARBOR_REGISTRYCTL_CFG_REGISTRY_HTPASSWD" >/etc/registry/passwd - fi - for var in "${!HARBOR_REGISTRYCTL_CFG_@}"; do - echo "${var/HARBOR_REGISTRYCTL_CFG_/}=${!var}" - done -} - -######################## -# Check if harbor-registryctl is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_registryctl_running() { - # harbor-registryctl does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "$(command -v harbor_registryctl)" > "$HARBOR_REGISTRYCTL_PID_FILE" - - pid="$(get_pid_from_file "$HARBOR_REGISTRYCTL_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if harbor-registryctl is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_registryctl_not_running() { - ! is_harbor_registryctl_running -} - -######################## -# Stop harbor-registryctl -# Arguments: -# None -# Returns: -# None -######################### -harbor_registryctl_stop() { - ! is_harbor_registryctl_running && return - stop_service_using_pid "$HARBOR_REGISTRYCTL_PID_FILE" - # The service may not respond properly to the default kill signal, so send a SIGKILL if it fails - local -r retries=5 - local -r sleep_time=1 - if ! retry_while "is_harbor_registryctl_not_running" "$retries" "$sleep_time"; then - stop_service_using_pid "$HARBOR_REGISTRYCTL_PID_FILE" SIGKILL - fi -} - -######################## -# Print harbor-adapter-trivy runtime environment -# Arguments: -# None -# Returns: -# Boolean -######################### -harbor_adapter_trivy_print_env() { - for var in "${!SCANNER_TRIVY_CFG_@}"; do - echo "${var/SCANNER_TRIVY_CFG_/}=${!var}" - done -} - -######################## -# Check if harbor-adapter-trivy is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_adapter_trivy_running() { - # harbor-adapter-trivy does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "$(command -v scanner-trivy)" > "$SCANNER_TRIVY_PID_FILE" - - pid="$(get_pid_from_file "$SCANNER_TRIVY_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if harbor-adapter-trivy is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_adapter_trivy_not_running() { - ! is_harbor_adapter_trivy_running -} - -######################## -# Stop harbor-adapter-trivy -# Arguments: -# None -# Returns: -# None -######################### -harbor_adapter_trivy_stop() { - ! is_harbor_adapter_trivy_running && return - stop_service_using_pid "$SCANNER_TRIVY_PID_FILE" -} - diff --git a/bitnami/harbor-registry/2/debian-11/tags-info.yaml b/bitnami/harbor-registry/2/debian-11/tags-info.yaml deleted file mode 100644 index fa154790da8f..000000000000 --- a/bitnami/harbor-registry/2/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "2" -- 2-debian-11 -- 2.10.0 -- latest diff --git a/bitnami/harbor-registryctl/2/debian-11/Dockerfile b/bitnami/harbor-registryctl/2/debian-11/Dockerfile deleted file mode 100644 index fe35db1cb662..000000000000 --- a/bitnami/harbor-registryctl/2/debian-11/Dockerfile +++ /dev/null @@ -1,60 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T04:23:29Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="2.10.0-debian-11-r24" \ - org.opencontainers.image.title="harbor-registryctl" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="2.10.0" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "yq-4.41.1-0-linux-${OS_ARCH}-debian-11" \ - "harbor-registry-2.10.0-6-linux-${OS_ARCH}-debian-11" \ - "harbor-registryctl-2.10.0-5-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/harbor-registryctl/postunpack.sh -ENV APP_VERSION="2.10.0" \ - BITNAMI_APP_NAME="harbor-registryctl" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/harbor-registry/bin:/opt/bitnami/harbor-registryctl/bin:$PATH" - -VOLUME [ "/etc/registry", "/etc/registryctl", "/storage", "/var/lib/registry" ] - -EXPOSE 8080 8443 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/harbor-registryctl/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/harbor-registryctl/run.sh" ] diff --git a/bitnami/harbor-registryctl/2/debian-11/config/registry/config.yml b/bitnami/harbor-registryctl/2/debian-11/config/registry/config.yml deleted file mode 100644 index e4e99a79e55c..000000000000 --- a/bitnami/harbor-registryctl/2/debian-11/config/registry/config.yml +++ /dev/null @@ -1,36 +0,0 @@ -version: 0.1 -log: - level: info - fields: - service: registry -storage: - cache: - layerinfo: redis - filesystem: - rootdirectory: /storage - maintenance: - uploadpurging: - enabled: false - delete: - enabled: true -redis: - addr: redis:6379 - password: - db: 1 -http: - addr: :5000 - secret: placeholder - debug: - addr: localhost:5001 -auth: - htpasswd: - realm: harbor-registry-basic-realm - path: /etc/registry/passwd -notifications: - endpoints: - - name: harbor - disabled: false - url: http://core:8080/service/notifications - timeout: 3000ms - threshold: 5 - backoff: 1s diff --git a/bitnami/harbor-registryctl/2/debian-11/config/registry/passwd b/bitnami/harbor-registryctl/2/debian-11/config/registry/passwd deleted file mode 100644 index bec5ef97dc00..000000000000 --- a/bitnami/harbor-registryctl/2/debian-11/config/registry/passwd +++ /dev/null @@ -1 +0,0 @@ -harbor_registry_user:$2y$10$9L4Tc0DJbFFMB6RdSCunrOpTHdwhid4ktBJmLD00bYgqkkGOvll3m \ No newline at end of file diff --git a/bitnami/harbor-registryctl/2/debian-11/config/registry/root.crt b/bitnami/harbor-registryctl/2/debian-11/config/registry/root.crt deleted file mode 100644 index c31b27de66d6..000000000000 --- a/bitnami/harbor-registryctl/2/debian-11/config/registry/root.crt +++ /dev/null @@ -1,35 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIGBzCCA++gAwIBAgIJAKB8CNqCxhr7MA0GCSqGSIb3DQEBCwUAMIGZMQswCQYD -VQQGEwJDTjEOMAwGA1UECAwFU3RhdGUxCzAJBgNVBAcMAkNOMRUwEwYDVQQKDAxv -cmdhbml6YXRpb24xHDAaBgNVBAsME29yZ2FuaXphdGlvbmFsIHVuaXQxFDASBgNV -BAMMC2V4YW1wbGUuY29tMSIwIAYJKoZIhvcNAQkBFhNleGFtcGxlQGV4YW1wbGUu -Y29tMB4XDTE2MDUxNjAyNDY1NVoXDTI2MDUxNDAyNDY1NVowgZkxCzAJBgNVBAYT -AkNOMQ4wDAYDVQQIDAVTdGF0ZTELMAkGA1UEBwwCQ04xFTATBgNVBAoMDG9yZ2Fu -aXphdGlvbjEcMBoGA1UECwwTb3JnYW5pemF0aW9uYWwgdW5pdDEUMBIGA1UEAwwL -ZXhhbXBsZS5jb20xIjAgBgkqhkiG9w0BCQEWE2V4YW1wbGVAZXhhbXBsZS5jb20w -ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC2ky/K/XneJKbCbpOsWlQ7 -OwgYEQNsa044RkwSbTwPwgLafUZ3r9c5nkXE8APqAikTQQBwyiNjk7QeXgIOjJXd -7+IpwGoU6Bi2miA21qfvJPknyDAqw9tT/ycGQrvkY6rnqd++ri30ZUByUgO0du6+ -aWHo7af5/G1HQz0tu6i1tIF1dhSHNeqJKwxyUG8vIiT/PfbtU/mXSdQ07M+4ojBC -O7FgoOS+rWgbL3yhWUTrCXSV2HZlhksYBhtWGoFVRPVSf89iqL02h9rZEjmfVY6R -QlCnzu9v49Q8WFU528f+gDNXr9v13PKEDmloMzTqWPaCyD2FBbEKBsWHXHf1zqlI -jyGZV7rHZ3i0C1LI6bdDDP7M7aVs8O+RjxK+HmfFRg5us2t6g7zAevwwLpMZRAud -S39F91Up7l9g8WXpViok/8vcsOdePvvWcWro8qJhuEHAnDdMzj2Cko1L85/vRM/a -budWXK7Ix0TlPWPfHJc2SLFeqqcm5Iypf/cGabQ6f0oRt6bCfspFgX9upznT5FwZ -R0o1w6Q3q+4xVl6LgZvEAudWppyz79RACJA/jbXZQ7uJkXAxoI0nev9vgY6XJqUj -XIQDih2hmi/uTnNU7Me7w7pCYKPdHlNU652kaJSH6W6ZFGk2rEOCOeAuWO9pZTq2 -3IhuOcDAKOcmimlkzaWRGQIDAQABo1AwTjAdBgNVHQ4EFgQUPJF++WMsv1OJvf7F -oCew37JTnfQwHwYDVR0jBBgwFoAUPJF++WMsv1OJvf7FoCew37JTnfQwDAYDVR0T -BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAb5LvqukMxWd5Zajbh3orfYsXmhWn -UWiwG176+bd3b5xMlG9iLd4vQ11lTZoIhFOfprRQzbizQ8BzR2JBQckpLcy+5hyA -D3M9vLL37OwA0wT6kxFnd6LtlFaH5gG++huw2ts2PDXFz0jqw+0YE/R8ov2+YdaZ -aPSEMunmAuEY1TbYWzz4u6PxycxhQzDQ34ZmJZ34Elvw1NYMfPMGTKp34PsxIcgT -ao5jqb9RMU6JAumfXrOvXRjjl573vX2hgMZzEU6OF2/+uyg95chn6nO1GUQrT2+F -/1xIqfHfFCm8+jujSDgqfBtGI+2C7No+Dq8LEyEINZe6wSQ81+ryt5jy5SZmAsnj -V4OsSIwlpR5fLUwrFStVoUWHEKl1DflkYki/cAC1TL0Om+ldJ219kcOnaXDNaq66 -3I75BvRY7/88MYLl4Fgt7sn05Mn3uNPrCrci8d0R1tlXIcwMdCowIHeZdWHX43f7 -NsVk/7VSOxJ343csgaQc+3WxEFK0tBxGO6GP+Xj0XmdVGLhalVBsEhPjnmx+Yyrn -oMsTA1Yrs88C8ItQn7zuO/30eKNGTnby0gptHiS6sa/c3O083Mpi8y33GPVZDvBl -l9PfSZT8LG7SvpjsdgdNZlyFvTY4vsB+Vd5Howh7gXYPVXdCs4k7HMyo7zvzliZS -ekCw9NGLoNqQqnA= ------END CERTIFICATE----- diff --git a/bitnami/harbor-registryctl/2/debian-11/config/registryctl/config.yml b/bitnami/harbor-registryctl/2/debian-11/config/registryctl/config.yml deleted file mode 100644 index 636f674b072a..000000000000 --- a/bitnami/harbor-registryctl/2/debian-11/config/registryctl/config.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- -protocol: "http" -port: 8080 -log_level: "INFO" -registry_config: "/etc/registry/config.yml" - -#https_config: -# cert: "server.crt" -# key: "server.key" diff --git a/bitnami/harbor-registryctl/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/harbor-registryctl/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 5f1869c8f3a6..000000000000 --- a/bitnami/harbor-registryctl/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "harbor-registry": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.10.0-6" - }, - "harbor-registryctl": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.10.0-5" - }, - "yq": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "4.41.1-0" - } -} \ No newline at end of file diff --git a/bitnami/harbor-registryctl/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/harbor-registryctl/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/harbor-registryctl/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/harbor-registryctl/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/harbor-registryctl/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/harbor-registryctl/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/harbor-registryctl/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/harbor-registryctl/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/harbor-registryctl/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/harbor-registryctl/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/harbor-registryctl/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/harbor-registryctl/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/harbor-registryctl/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/harbor-registryctl/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/harbor-registryctl/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/harbor-registryctl/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/harbor-registryctl/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/harbor-registryctl/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/harbor-registryctl/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/harbor-registryctl/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/harbor-registryctl/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/harbor-registryctl/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/harbor-registryctl/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/harbor-registryctl/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/harbor-registryctl/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/harbor-registryctl/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/harbor-registryctl/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/harbor-registryctl/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/harbor-registryctl/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/harbor-registryctl/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/harbor-registryctl/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/harbor-registryctl/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/harbor-registryctl/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/harbor-registryctl/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/harbor-registryctl/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/harbor-registryctl/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/harbor-registryctl/2/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/harbor-registryctl/2/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/harbor-registryctl/2/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/harbor-registryctl/2/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/harbor-registryctl/2/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/harbor-registryctl/2/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/harbor-registryctl/2/debian-11/rootfs/opt/bitnami/scripts/harbor-registryctl-env.sh b/bitnami/harbor-registryctl/2/debian-11/rootfs/opt/bitnami/scripts/harbor-registryctl-env.sh deleted file mode 100644 index 1078a699d0dd..000000000000 --- a/bitnami/harbor-registryctl/2/debian-11/rootfs/opt/bitnami/scripts/harbor-registryctl-env.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for harbor-registryctl - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-harbor-registryctl}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# Paths -export HARBOR_REGISTRYCTL_BASE_DIR="${BITNAMI_ROOT_DIR}/harbor-registryctl" -export HARBOR_REGISTRYCTL_STORAGE_DIR="/storage" -export PATH="${BITNAMI_ROOT_DIR}/common/bin:${PATH}" - -# System users -export HARBOR_REGISTRYCTL_DAEMON_USER="harbor" -export HARBOR_REGISTRYCTL_DAEMON_GROUP="harbor" - -# Custom environment variables may be defined below diff --git a/bitnami/harbor-registryctl/2/debian-11/rootfs/opt/bitnami/scripts/harbor-registryctl/entrypoint.sh b/bitnami/harbor-registryctl/2/debian-11/rootfs/opt/bitnami/scripts/harbor-registryctl/entrypoint.sh deleted file mode 100755 index 4c90036c662a..000000000000 --- a/bitnami/harbor-registryctl/2/debian-11/rootfs/opt/bitnami/scripts/harbor-registryctl/entrypoint.sh +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh - -print_welcome_page - -if [[ "$1" = "/opt/bitnami/scripts/harbor-registryctl/run.sh" ]]; then - info "** Starting harbor-registryctl setup **" - /opt/bitnami/scripts/harbor-registryctl/setup.sh - info "** harbor-registryctl setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/harbor-registryctl/2/debian-11/rootfs/opt/bitnami/scripts/harbor-registryctl/postunpack.sh b/bitnami/harbor-registryctl/2/debian-11/rootfs/opt/bitnami/scripts/harbor-registryctl/postunpack.sh deleted file mode 100755 index 2671f9ebd79b..000000000000 --- a/bitnami/harbor-registryctl/2/debian-11/rootfs/opt/bitnami/scripts/harbor-registryctl/postunpack.sh +++ /dev/null @@ -1,36 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libharbor.sh - -# Load environment -. /opt/bitnami/scripts/harbor-registryctl-env.sh - -ensure_user_exists "$HARBOR_REGISTRYCTL_DAEMON_USER" --group "$HARBOR_REGISTRYCTL_DAEMON_GROUP" - -# Ensure the non-root user has writing permission at a set of directories -read -r -a directories <<<"$(get_system_cert_paths)" -directories+=("/var/lib/registry" "$HARBOR_REGISTRYCTL_STORAGE_DIR") -for dir in "${directories[@]}"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" - chown -R "$HARBOR_REGISTRYCTL_DAEMON_USER" "$dir" -done - -ensure_dir_exists "/etc/registry" -ensure_dir_exists "/etc/registryctl" - -# Ensure permissions for Internal TLS -configure_permissions_system_certs "$HARBOR_REGISTRYCTL_DAEMON_USER" diff --git a/bitnami/harbor-registryctl/2/debian-11/rootfs/opt/bitnami/scripts/harbor-registryctl/run.sh b/bitnami/harbor-registryctl/2/debian-11/rootfs/opt/bitnami/scripts/harbor-registryctl/run.sh deleted file mode 100755 index 1d77968eebab..000000000000 --- a/bitnami/harbor-registryctl/2/debian-11/rootfs/opt/bitnami/scripts/harbor-registryctl/run.sh +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Load harbor-registryctl environment -. /opt/bitnami/scripts/harbor-registryctl-env.sh - -CMD="$(command -v harbor_registryctl)" -FLAGS=("-c" "/etc/registryctl/config.yml" "$@") - -info "** Starting harbor-registryctl **" -if am_i_root; then - exec_as_user "$HARBOR_REGISTRYCTL_DAEMON_USER" "$CMD" "${FLAGS[@]}" -else - exec "$CMD" "${FLAGS[@]}" -fi diff --git a/bitnami/harbor-registryctl/2/debian-11/rootfs/opt/bitnami/scripts/harbor-registryctl/setup.sh b/bitnami/harbor-registryctl/2/debian-11/rootfs/opt/bitnami/scripts/harbor-registryctl/setup.sh deleted file mode 100755 index a703914becea..000000000000 --- a/bitnami/harbor-registryctl/2/debian-11/rootfs/opt/bitnami/scripts/harbor-registryctl/setup.sh +++ /dev/null @@ -1,89 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libharbor.sh - -# Load environment -. /opt/bitnami/scripts/harbor-registryctl-env.sh - -# Auxiliar Functions - -######################## -# Retrieve a configuration setting value -# Arguments: -# $1 - key -# Returns: -# None -######################### -harbor_registryctl_conf_get() { - local key="${1:?missing key}" - local value - if [[ -f "/etc/registryctl/config.yml" ]]; then - value="$(yq eval ".${key}" "/etc/registryctl/config.yml")" - if [[ "$value" != "null" ]]; then - echo "$value" - fi - fi -} - -######################## -# Ensures a configuration setting is not empty -# Arguments: -# $1 - config_option -# Returns: -# None -######################### -not_empty_config_option() { - local config_option="${1:?missing config_option}" - if [[ -z "$(harbor_registryctl_conf_get "$config_option")" ]]; then - error "The configuration option \"$config_option\" must be set!" - exit 1 - fi -} - -######################## -# Validate Registryctl settings -# Arguments: -# None -# Returns: -# None -######################### -harbor_registryctl_validate() { - info "Validating harbor-registryctl settings..." - - if [[ ! -f "/etc/registryctl/config.yml" ]]; then - error "No configuration file was detected. Please mount your configuration file at \"/etc/registryctl/config.yml\"" - exit 1 - fi - - not_empty_config_option "protocol" - not_empty_config_option "port" - - if [[ "$(harbor_registryctl_conf_get "protocol")" != "http" ]] && - [[ "$(harbor_registryctl_conf_get "protocol")" != "https" ]]; then - error "Protocol must be \"http\" or \"https\"!" - exit 1 - fi - local validate_port_args=() - ! am_i_root && validate_port_args+=("-unprivileged") - if ! err=$(validate_port "${validate_port_args[@]}" "$(harbor_registryctl_conf_get "port")"); then - error "An invalid port was specified: $err" - exit 1 - fi -} - -# Ensure harbor-registryctl settings are valid -harbor_registryctl_validate -install_custom_certs diff --git a/bitnami/harbor-registryctl/2/debian-11/rootfs/opt/bitnami/scripts/libharbor.sh b/bitnami/harbor-registryctl/2/debian-11/rootfs/opt/bitnami/scripts/libharbor.sh deleted file mode 100644 index d6134ff84dd5..000000000000 --- a/bitnami/harbor-registryctl/2/debian-11/rootfs/opt/bitnami/scripts/libharbor.sh +++ /dev/null @@ -1,492 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Harbor library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libservice.sh - -######################## -# Get the paths relevant to CA certs depending -# on the OS -# Globals: -# None -# Arguments: -# None -# Returns: -# A series of paths relevant to CA certs -# depending on the OS. -######################### -get_system_cert_paths() { - local distro - distro="$(get_os_metadata --id)" - if [[ "$distro" =~ ^(debian|ubuntu)$ ]]; then - echo "/etc/ssl/certs/" - elif [[ "$distro" =~ ^photon$ ]]; then - echo "/etc/pki/tls/certs/" - else - # Check the existence of generic paths when OS_FLAVOR does - # not match - if [[ -d /etc/ssl/certs/ ]] ; then - echo "/etc/ssl/certs/" - elif [[ -d /etc/pki/tls/certs/ ]]; then - echo "/etc/pki/tls/certs/" - else - error "Could not determine relevant CA paths for this OS Flavour" - fi - fi -} - -######################## -# Ensure CA bundles allows users in root group install new certificate -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -configure_permissions_system_certs() { - local -r owner="${1:-}" - # Debian - set_permissions_ownership "/etc/pki/tls/certs/ca-bundle.crt" "$owner" - # Photon - set_permissions_ownership "/etc/pki/tls/certs/ca-bundle.trust.crt" "$owner" - set_permissions_ownership "/etc/ssl/certs/ca-certificates.crt" "$owner" -} - -######################## -# Grant group write permissions to the file provided and change ownership if a the owner argument is set. -# If the path is not a file, then do nothing. -# Globals: -# None -# Arguments: -# $1 - path -# $2 - owner -# Returns: -# None -######################### -set_permissions_ownership() { - local -r path="${1:?path is missing}" - local -r owner="${2:-}" - - if [[ -f "$path" ]]; then - chmod g+w "$path" - if [[ -n "$owner" ]]; then - chown "$owner" "$path" - fi - fi -} - -######################## -# Place a given certificate in the correct location for installation -# depending on the OS -# Globals: -# None -# Arguments: -# $1 - certificate to be installed -# Returns: -# None -######################### -install_cert() { - local -r cert="${1:?missing certificate}" - local distro - distro="$(get_os_metadata --id)" - - if [[ "$distro" =~ ^(debian|ubuntu)$ ]]; then - cat "$cert" >> /etc/ssl/certs/ca-certificates.crt - elif [[ "$distro" =~ ^photon$ ]]; then - cat "$cert" >> /etc/pki/tls/certs/ca-bundle.crt - else - # Check the existence of generic ca-bundles when OS_FLAVOR does - # not match - if [[ -f /etc/ssl/certs/ca-certificates.crt ]] ; then - cat "$cert" >> /etc/ssl/certs/ca-certificates.crt - elif [[ -f /etc/pki/tls/certs/ca-bundle.crt ]]; then - cat "$cert" >> /etc/pki/tls/certs/ca-bundle.crt - else - error "Could not install CA certificate ${cert} CA in this OS Flavour" - fi - fi -} - -######################## -# Install CA certificates found under the specific paths -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -install_custom_certs() { - local installed=false - - # Install any internalTLS CA authority certificate, found under - # /etc/harbor/ssl/{component}/ca.crt - if [[ -d /etc/harbor/ssl ]]; then - info "Appending internalTLS trust CA cert..." - while IFS= read -r -d '' caCert; do - install_cert "$caCert" - installed=true - debug "Internal tls trust CA $caCert copied" - done < <(find /etc/harbor/ssl -maxdepth 2 -name ca.crt -print0) - info "interalTLS CA certs appending done!" - fi - - # Install any other custom certificate provided by the end user under the path - # /harbor_cust_cert - if [[ -d /harbor_cust_cert ]]; then - info "Appending custom trust CA certs ..." - for certFile in /harbor_cust_cert/*; do - case ${certFile} in - *.crt | *.ca | *.ca-bundle | *.pem) - if [[ -d "$certFile" ]]; then - debug "$certFile is a directory, skipping it" - else - install_cert "$certFile" - installed=true - debug "Custom CA cert $certFile copied" - fi - ;; - *) debug "$certFile is not a CA cert file, skipping it" ;; - esac - done - fi - - if [[ "$installed" = true ]]; then - info "Custom certificates were installed in the system!" - else - info "No custom certificates were installed in the system" - fi -} - -######################## -# Generate an .env file contents given an input string containing all envvars -# Arguments: -# None -# Returns: -# String -######################### -harbor_generate_env_file_contents() { - local -r envvars_string="${1:-}" - [[ -z "$envvars_string" ]] && return - # For systemd, we will load it via EnvironmentFile=, so the shebang is not needed - [[ "$BITNAMI_SERVICE_MANAGER" != "systemd" ]] && echo "#!/bin/bash" - while IFS= read -r ENV_VAR_LINE; do - if [[ ! "$ENV_VAR_LINE" =~ ^[A-Z_] ]]; then - continue - fi - ENV_VAR_NAME="${ENV_VAR_LINE/=*}" - ENV_VAR_VALUE="${ENV_VAR_LINE#*=}" - # For systemd, we will load it via EnvironmentFile=, which does not allow 'export' - [[ "$BITNAMI_SERVICE_MANAGER" != "systemd" ]] && echo -n 'export ' - # Use single quotes to avoid shell expansion, and escape to be parsed properly (even if it contains quotes) - # Escape the value, so it can be parsed as a variable even with quotes set - echo "${ENV_VAR_NAME}='${ENV_VAR_VALUE//\'/\'\\\'\'}'" - done <<< "$envvars_string" -} - -######################## -# Print harbor-core runtime environment -# Arguments: -# None -# Returns: -# Boolean -######################### -harbor_core_print_env() { - # The CSRF key can only be up to 32 characters long - HARBOR_CORE_CFG_CSRF_KEY="${HARBOR_CORE_CFG_CSRF_KEY:0:32}" - for var in "${!HARBOR_CORE_CFG_@}"; do - echo "${var/HARBOR_CORE_CFG_/}=${!var}" - done -} - -######################## -# Check if harbor-core is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_core_running() { - # harbor-core does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "$(command -v harbor_core)" > "$HARBOR_CORE_PID_FILE" - - pid="$(get_pid_from_file "$HARBOR_CORE_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if harbor-core is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_core_not_running() { - ! is_harbor_core_running -} - -######################## -# Stop harbor-core -# Arguments: -# None -# Returns: -# None -######################### -harbor_core_stop() { - ! is_harbor_core_running && return - stop_service_using_pid "$HARBOR_CORE_PID_FILE" -} - -######################## -# Print harbor-jobservice runtime environment -# Arguments: -# None -# Returns: -# Boolean -######################### -harbor_jobservice_print_env() { - for var in "${!HARBOR_JOBSERVICE_CFG_@}"; do - echo "${var/HARBOR_JOBSERVICE_CFG_/}=${!var}" - done -} - -######################## -# Check if harbor-jobservice is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_jobservice_running() { - # harbor-jobservice does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "$(command -v harbor_jobservice)" > "$HARBOR_JOBSERVICE_PID_FILE" - - pid="$(get_pid_from_file "$HARBOR_JOBSERVICE_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if harbor-jobservice is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_jobservice_not_running() { - ! is_harbor_jobservice_running -} - -######################## -# Stop harbor-jobservice -# Arguments: -# None -# Returns: -# None -######################### -harbor_jobservice_stop() { - ! is_harbor_jobservice_running && return - stop_service_using_pid "$HARBOR_JOBSERVICE_PID_FILE" -} - -######################## -# Print harbor-registry runtime environment -# Arguments: -# None -# Returns: -# Boolean -######################### -harbor_registry_print_env() { - if [[ -n "$HARBOR_REGISTRY_USER" && -n "$HARBOR_REGISTRY_PASSWORD" ]]; then - HARBOR_REGISTRY_CFG_REGISTRY_HTPASSWD="$(htpasswd -nbBC10 "$HARBOR_REGISTRY_USER" "$HARBOR_REGISTRY_PASSWORD")" - # Update passwd file - echo "$HARBOR_REGISTRY_CFG_REGISTRY_HTPASSWD" >/etc/registry/passwd - fi - for var in "${!HARBOR_REGISTRY_CFG_@}"; do - echo "${var/HARBOR_REGISTRY_CFG_/}=${!var}" - done -} - -######################## -# Check if harbor-registry is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_registry_running() { - # harbor-registry does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "$(command -v registry)" > "$HARBOR_REGISTRY_PID_FILE" - - pid="$(get_pid_from_file "$HARBOR_REGISTRY_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if harbor-registry is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_registry_not_running() { - ! is_harbor_registry_running -} - -######################## -# Stop harbor-registry -# Arguments: -# None -# Returns: -# None -######################### -harbor_registry_stop() { - ! is_harbor_registry_running && return - stop_service_using_pid "$HARBOR_REGISTRY_PID_FILE" -} - -######################## -# Print harbor-registryctl runtime environment -# Arguments: -# None -# Returns: -# Boolean -######################### -harbor_registryctl_print_env() { - if [[ -n "$HARBOR_REGISTRYCTL_USER" && -n "$HARBOR_REGISTRYCTL_PASSWORD" ]]; then - HARBOR_REGISTRYCTL_CFG_REGISTRY_HTPASSWD="$(htpasswd -nbBC10 "$HARBOR_REGISTRYCTL_USER" "$HARBOR_REGISTRYCTL_PASSWORD")" - # Update passwd file - echo "$HARBOR_REGISTRYCTL_CFG_REGISTRY_HTPASSWD" >/etc/registry/passwd - fi - for var in "${!HARBOR_REGISTRYCTL_CFG_@}"; do - echo "${var/HARBOR_REGISTRYCTL_CFG_/}=${!var}" - done -} - -######################## -# Check if harbor-registryctl is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_registryctl_running() { - # harbor-registryctl does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "$(command -v harbor_registryctl)" > "$HARBOR_REGISTRYCTL_PID_FILE" - - pid="$(get_pid_from_file "$HARBOR_REGISTRYCTL_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if harbor-registryctl is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_registryctl_not_running() { - ! is_harbor_registryctl_running -} - -######################## -# Stop harbor-registryctl -# Arguments: -# None -# Returns: -# None -######################### -harbor_registryctl_stop() { - ! is_harbor_registryctl_running && return - stop_service_using_pid "$HARBOR_REGISTRYCTL_PID_FILE" - # The service may not respond properly to the default kill signal, so send a SIGKILL if it fails - local -r retries=5 - local -r sleep_time=1 - if ! retry_while "is_harbor_registryctl_not_running" "$retries" "$sleep_time"; then - stop_service_using_pid "$HARBOR_REGISTRYCTL_PID_FILE" SIGKILL - fi -} - -######################## -# Print harbor-adapter-trivy runtime environment -# Arguments: -# None -# Returns: -# Boolean -######################### -harbor_adapter_trivy_print_env() { - for var in "${!SCANNER_TRIVY_CFG_@}"; do - echo "${var/SCANNER_TRIVY_CFG_/}=${!var}" - done -} - -######################## -# Check if harbor-adapter-trivy is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_adapter_trivy_running() { - # harbor-adapter-trivy does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "$(command -v scanner-trivy)" > "$SCANNER_TRIVY_PID_FILE" - - pid="$(get_pid_from_file "$SCANNER_TRIVY_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if harbor-adapter-trivy is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_harbor_adapter_trivy_not_running() { - ! is_harbor_adapter_trivy_running -} - -######################## -# Stop harbor-adapter-trivy -# Arguments: -# None -# Returns: -# None -######################### -harbor_adapter_trivy_stop() { - ! is_harbor_adapter_trivy_running && return - stop_service_using_pid "$SCANNER_TRIVY_PID_FILE" -} - diff --git a/bitnami/harbor-registryctl/2/debian-11/tags-info.yaml b/bitnami/harbor-registryctl/2/debian-11/tags-info.yaml deleted file mode 100644 index fa154790da8f..000000000000 --- a/bitnami/harbor-registryctl/2/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "2" -- 2-debian-11 -- 2.10.0 -- latest diff --git a/bitnami/influxdb/2/debian-11/Dockerfile b/bitnami/influxdb/2/debian-11/Dockerfile deleted file mode 100644 index 7444ce424d93..000000000000 --- a/bitnami/influxdb/2/debian-11/Dockerfile +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T16:30:20Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="2.7.5-debian-11-r27" \ - org.opencontainers.image.title="influxdb" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="2.7.5" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libgcc-s1 procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "wait-for-port-1.0.7-8-linux-${OS_ARCH}-debian-11" \ - "influxdb-2.7.5-4-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/influxdb/postunpack.sh -ENV APP_VERSION="2.7.5" \ - BITNAMI_APP_NAME="influxdb" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/influxdb/bin:$PATH" - -VOLUME [ "/bitnami/influxdb" ] - -EXPOSE 8086 8088 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/influxdb/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/influxdb/run.sh" ] diff --git a/bitnami/influxdb/2/debian-11/docker-compose.yml b/bitnami/influxdb/2/debian-11/docker-compose.yml deleted file mode 100644 index fa72fbaeba50..000000000000 --- a/bitnami/influxdb/2/debian-11/docker-compose.yml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' -services: - influxdb: - image: docker.io/bitnami/influxdb:2 - ports: - - 8086:8086 - - 8088:8088 - environment: - - INFLUXDB_ADMIN_USER_PASSWORD=bitnami123 - - INFLUXDB_ADMIN_USER_TOKEN=admintoken123 - volumes: - - influxdb_data:/bitnami/influxdb -volumes: - influxdb_data: - driver: local diff --git a/bitnami/influxdb/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/influxdb/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index a8b43366fba1..000000000000 --- a/bitnami/influxdb/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "influxdb": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.7.5-4" - }, - "wait-for-port": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.7-8" - } -} \ No newline at end of file diff --git a/bitnami/influxdb/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/influxdb/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/influxdb/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/influxdb/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/influxdb/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/influxdb/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/influxdb/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/influxdb/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/influxdb/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/influxdb/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/influxdb/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/influxdb/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/influxdb/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/influxdb/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/influxdb/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/influxdb/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/influxdb/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/influxdb/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/influxdb/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/influxdb/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/influxdb/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/influxdb/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/influxdb/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/influxdb/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/influxdb/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/influxdb/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/influxdb/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/influxdb/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/influxdb/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/influxdb/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/influxdb/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/influxdb/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/influxdb/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/influxdb/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/influxdb/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/influxdb/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/influxdb/2/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/influxdb/2/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/influxdb/2/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/influxdb/2/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/influxdb/2/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/influxdb/2/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/influxdb/2/debian-11/rootfs/opt/bitnami/scripts/influxdb-env.sh b/bitnami/influxdb/2/debian-11/rootfs/opt/bitnami/scripts/influxdb-env.sh deleted file mode 100644 index 8c606ca3079c..000000000000 --- a/bitnami/influxdb/2/debian-11/rootfs/opt/bitnami/scripts/influxdb-env.sh +++ /dev/null @@ -1,120 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for influxdb - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-influxdb}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -influxdb_env_vars=( - INFLUXDB_DATA_DIR - INFLUXDB_DATA_WAL_DIR - INFLUXDB_META_DIR - INFLUXDB_REPORTING_DISABLED - INFLUXDB_HTTP_PORT_NUMBER - INFLUXDB_HTTP_BIND_ADDRESS - INFLUXDB_HTTP_READINESS_TIMEOUT - INFLUXDB_PORT_NUMBER - INFLUXDB_BIND_ADDRESS - INFLUXDB_PORT_READINESS_TIMEOUT - INFLUXDB_HTTP_AUTH_ENABLED - INFLUXDB_ADMIN_USER - INFLUXDB_ADMIN_USER_PASSWORD - INFLUXDB_ADMIN_USER_TOKEN - INFLUXDB_ADMIN_CONFIG_NAME - INFLUXDB_ADMIN_ORG - INFLUXDB_ADMIN_BUCKET - INFLUXDB_ADMIN_RETENTION - INFLUXDB_USER - INFLUXDB_USER_PASSWORD - INFLUXDB_USER_ORG - INFLUXDB_USER_BUCKET - INFLUXDB_CREATE_USER_TOKEN - INFLUXDB_READ_USER - INFLUXDB_READ_USER_PASSWORD - INFLUXDB_WRITE_USER - INFLUXDB_WRITE_USER_PASSWORD - INFLUXDB_DB -) -for env_var in "${influxdb_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset influxdb_env_vars - -# Paths -export INFLUXDB_BASE_DIR="${BITNAMI_ROOT_DIR}/influxdb" -export INFLUXDB_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/influxdb" -export INFLUXDB_BIN_DIR="${INFLUXDB_BASE_DIR}/bin" -export INFLUXDB_DATA_DIR="${INFLUXDB_DATA_DIR:-${INFLUXDB_VOLUME_DIR}/data}" -export INFLUXDB_DATA_WAL_DIR="${INFLUXDB_DATA_WAL_DIR:-${INFLUXDB_VOLUME_DIR}/wal}" -export INFLUXDB_META_DIR="${INFLUXDB_META_DIR:-${INFLUXDB_VOLUME_DIR}/meta}" -export INFLUXDB_CONF_DIR="${INFLUXDB_BASE_DIR}/etc" -export INFLUXDB_CONF_FILE="${INFLUXDB_CONF_DIR}/influxdb.conf" -export INFLUXDB_INITSCRIPTS_DIR="/docker-entrypoint-initdb.d" - -# InfluxDB 2.x aliases -export INFLUXD_ENGINE_PATH="${INFLUXDB_VOLUME_DIR}" -export INFLUXD_BOLT_PATH="${INFLUXDB_VOLUME_DIR}/influxd.bolt" -export INFLUXD_CONFIG_PATH="${INFLUXDB_CONF_DIR}/influxdb.conf" -export INFLUX_CONFIGS_PATH="${INFLUXDB_VOLUME_DIR}/configs" - -# System users (when running with a privileged user) -export INFLUXDB_DAEMON_USER="influxdb" -export INFLUXDB_DAEMON_GROUP="influxdb" - -# InfluxDB server settings -export INFLUXDB_REPORTING_DISABLED="${INFLUXDB_REPORTING_DISABLED:-true}" -export INFLUXDB_HTTP_PORT_NUMBER="${INFLUXDB_HTTP_PORT_NUMBER:-8086}" -export INFLUXDB_HTTP_BIND_ADDRESS="${INFLUXDB_HTTP_BIND_ADDRESS:-0.0.0.0:${INFLUXDB_HTTP_PORT_NUMBER}}" -export INFLUXD_HTTP_BIND_ADDRESS="$INFLUXDB_HTTP_BIND_ADDRESS" -export INFLUXDB_HTTP_READINESS_TIMEOUT="${INFLUXDB_HTTP_READINESS_TIMEOUT:-60}" -export INFLUXDB_PORT_NUMBER="${INFLUXDB_PORT_NUMBER:-8088}" -export INFLUXDB_BIND_ADDRESS="${INFLUXDB_BIND_ADDRESS:-0.0.0.0:${INFLUXDB_PORT_NUMBER}}" -export INFLUXDB_PORT_READINESS_TIMEOUT="${INFLUXDB_PORT_READINESS_TIMEOUT:-30}" - -# InfluxDB auth settings -export INFLUXDB_HTTP_AUTH_ENABLED="${INFLUXDB_HTTP_AUTH_ENABLED:-true}" -export INFLUXDB_ADMIN_USER="${INFLUXDB_ADMIN_USER:-admin}" -export INFLUXDB_ADMIN_USER_PASSWORD="${INFLUXDB_ADMIN_USER_PASSWORD:-}" -export INFLUXDB_ADMIN_USER_TOKEN="${INFLUXDB_ADMIN_USER_TOKEN:-}" -export INFLUXDB_ADMIN_CONFIG_NAME="${INFLUXDB_ADMIN_CONFIG_NAME:-default}" -export INFLUXDB_ADMIN_ORG="${INFLUXDB_ADMIN_ORG:-primary}" -export INFLUXDB_ADMIN_BUCKET="${INFLUXDB_ADMIN_BUCKET:-primary}" -export INFLUXDB_ADMIN_RETENTION="${INFLUXDB_ADMIN_RETENTION:-0}" -export INFLUXDB_USER="${INFLUXDB_USER:-}" -export INFLUXDB_USER_PASSWORD="${INFLUXDB_USER_PASSWORD:-}" -export INFLUXDB_USER_ORG="${INFLUXDB_USER_ORG:-${INFLUXDB_ADMIN_ORG}}" -export INFLUXDB_USER_BUCKET="${INFLUXDB_USER_BUCKET:-}" -export INFLUXDB_CREATE_USER_TOKEN="${INFLUXDB_CREATE_USER_TOKEN:-no}" -export INFLUXDB_READ_USER="${INFLUXDB_READ_USER:-}" -export INFLUXDB_READ_USER_PASSWORD="${INFLUXDB_READ_USER_PASSWORD:-}" -export INFLUXDB_WRITE_USER="${INFLUXDB_WRITE_USER:-}" -export INFLUXDB_WRITE_USER_PASSWORD="${INFLUXDB_WRITE_USER_PASSWORD:-}" -export INFLUXDB_DB="${INFLUXDB_DB:-}" - -# Custom environment variables may be defined below diff --git a/bitnami/influxdb/2/debian-11/rootfs/opt/bitnami/scripts/influxdb/entrypoint.sh b/bitnami/influxdb/2/debian-11/rootfs/opt/bitnami/scripts/influxdb/entrypoint.sh deleted file mode 100755 index 12e1d9b17648..000000000000 --- a/bitnami/influxdb/2/debian-11/rootfs/opt/bitnami/scripts/influxdb/entrypoint.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/libinfluxdb.sh - -# Load InfluxDB environment variables -. /opt/bitnami/scripts/influxdb-env.sh - -print_welcome_page - -if [[ "$*" = *"/opt/bitnami/scripts/influxdb/run.sh"* ]]; then - info "** Starting InfluxDB setup **" - /opt/bitnami/scripts/influxdb/setup.sh - info "** InfluxDB setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/influxdb/2/debian-11/rootfs/opt/bitnami/scripts/influxdb/postunpack.sh b/bitnami/influxdb/2/debian-11/rootfs/opt/bitnami/scripts/influxdb/postunpack.sh deleted file mode 100755 index 0cc7350527fb..000000000000 --- a/bitnami/influxdb/2/debian-11/rootfs/opt/bitnami/scripts/influxdb/postunpack.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libinfluxdb.sh - -# Load InfluxDB environment variables -. /opt/bitnami/scripts/influxdb-env.sh - -ensure_user_exists "$INFLUXDB_DAEMON_USER" --group "$INFLUXDB_DAEMON_GROUP" - -# Ensure directories used by InfluxDB exist and have proper ownership and permissions -for dir in "$INFLUXDB_VOLUME_DIR" "$INFLUXDB_DATA_DIR" "$INFLUXDB_DATA_WAL_DIR" "$INFLUXDB_META_DIR" "$INFLUXDB_CONF_DIR" "$INFLUXDB_INITSCRIPTS_DIR"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" - chown -R "${INFLUXDB_DAEMON_USER}:root" "$dir" -done - -touch "$HOME/.influx_history" && chmod g+rwX "$HOME/.influx_history" diff --git a/bitnami/influxdb/2/debian-11/rootfs/opt/bitnami/scripts/influxdb/run.sh b/bitnami/influxdb/2/debian-11/rootfs/opt/bitnami/scripts/influxdb/run.sh deleted file mode 100755 index 64601c379b23..000000000000 --- a/bitnami/influxdb/2/debian-11/rootfs/opt/bitnami/scripts/influxdb/run.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libinfluxdb.sh - -# Load InfluxDB environment variables -. /opt/bitnami/scripts/influxdb-env.sh - -info "** Starting InfluxDB **" -if [[ -f "$INFLUXDB_CONF_FILE" ]]; then - export INFLUXD_CONFIG_PATH=${INFLUXDB_CONF_FILE:-} -fi - -export HOME=/bitnami/influxdb/ - -if am_i_root; then - exec_as_user "$INFLUXDB_DAEMON_USER" "${INFLUXDB_BIN_DIR}/influxd" "$@" -else - exec "${INFLUXDB_BIN_DIR}/influxd" "$@" -fi diff --git a/bitnami/influxdb/2/debian-11/rootfs/opt/bitnami/scripts/influxdb/setup.sh b/bitnami/influxdb/2/debian-11/rootfs/opt/bitnami/scripts/influxdb/setup.sh deleted file mode 100755 index fe71f2b87f96..000000000000 --- a/bitnami/influxdb/2/debian-11/rootfs/opt/bitnami/scripts/influxdb/setup.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libinfluxdb.sh - -# Load InfluxDB environment variables -. /opt/bitnami/scripts/influxdb-env.sh - -# Ensure InfluxDB environment variables are valid -influxdb_validate -# Ensure InfluxDB user and group exist when running as 'root' -if am_i_root; then - chown -R "$INFLUXDB_DAEMON_USER" "$INFLUXDB_DATA_DIR" "$INFLUXDB_CONF_DIR" -fi -# Ensure InfluxDB is stopped when this script ends. -trap "influxdb_stop" EXIT -# Ensure InfluxDB is initialized -influxdb_initialize -# Allow running custom initialization scripts -influxdb_custom_init_scripts diff --git a/bitnami/influxdb/2/debian-11/rootfs/opt/bitnami/scripts/libinfluxdb.sh b/bitnami/influxdb/2/debian-11/rootfs/opt/bitnami/scripts/libinfluxdb.sh deleted file mode 100644 index c0dbd09bddad..000000000000 --- a/bitnami/influxdb/2/debian-11/rootfs/opt/bitnami/scripts/libinfluxdb.sh +++ /dev/null @@ -1,463 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami InfluxDB library - -# shellcheck disable=SC1090,SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Validate settings in INFLUXDB_* env vars -# Globals: -# INFLUXDB_* -# Arguments: -# None -# Returns: -# None -######################### -influxdb_validate() { - local error_code=0 - debug "Validating settings in INFLUXDB_* env vars..." - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - check_true_false_value() { - if ! is_true_false_value "${!1}"; then - print_validation_error "The allowed values for $1 are [true, false]" - fi - } - check_conflicting_ports() { - local -r total="$#" - for i in $(seq 1 "$((total - 1))"); do - for j in $(seq "$((i + 1))" "$total"); do - if [[ "${!i}" -eq "${!j}" ]]; then - print_validation_error "${!i} and ${!j} are bound to the same port" - fi - done - done - } - - # InfluxDB authentication validations - if [[ -z "${INFLUXDB_ADMIN_USER_PASSWORD:-}" ]]; then - print_validation_error "Primary config authentication is required. Please, specify a password for the ${INFLUXDB_ADMIN_USER} user by setting the 'INFLUXDB_ADMIN_USER_PASSWORD' or 'INFLUXDB_ADMIN_USER_PASSWORD_FILE' environment variables." - fi - if [[ -z "${INFLUXDB_ADMIN_USER_TOKEN:-}" ]]; then - print_validation_error "Primary config authentication is required. Please, specify a token for the ${INFLUXDB_ADMIN_USER} user by setting the 'INFLUXDB_ADMIN_USER_TOKEN' or 'INFLUXDB_ADMIN_USER_TOKEN_FILE' environment variables." - fi - - if [[ -n "${INFLUXDB_USER:-}" ]] && [[ -z "${INFLUXDB_USER_PASSWORD:-}" ]]; then - print_validation_error "User authentication is required. Please, specify a password for the ${INFLUXDB_USER} user by setting the 'INFLUXDB_USER_PASSWORD' or 'INFLUXDB_USER_PASSWORD_FILE' environment variables." - fi - - # InfluxDB port validations - local -a ports_envs=("INFLUXDB_PORT_NUMBER" "INFLUXDB_HTTP_PORT_NUMBER") - for p in "${ports_envs[@]}"; do - if ! is_empty_value "${!p}" && ! err=$(validate_port -unprivileged "${!p}"); then - print_validation_error "An invalid port was specified in the environment variable ${p}: ${err}" - fi - done - check_conflicting_ports "${ports_envs[@]}" - - [[ "$error_code" -eq 0 ]] || exit "$error_code" -} - -######################## -# Get a property's value from the the influxdb.conf file -# Globals: -# INFLUXDB_* -# Arguments: -# $1 - key -# $2 - section -# Returns: -# None -######################### -influxdb_conf_get() { - local -r key="${1:?missing key}" - - # TODO: Improve logic by using toml-parser (or an alternative) - # local -r section="${2:?missing section}" - # toml-parser -r "$section" "$key" "$INFLUXDB_CONF_FILE" - - sed -n -e "s/^ *$key *= *//p" "$INFLUXDB_CONF_FILE" -} - -######################## -# Create basic influxdb.conf file using the example provided in the etc/ folder -# Globals: -# INFLUXDB_* -# Arguments: -# None -# Returns: -# None -######################### -influxdb_create_config() { - local config_file="${INFLUXD_CONFIG_PATH}" - - if [[ -f "${config_file}" ]]; then - info "Custom configuration ${INFLUXDB_CONF_FILE} detected!" - warn "The 'INFLUXDB_' environment variables override the equivalent options in the configuration file." - warn "If a configuration option is not specified in either the configuration file or in an environment variable, InfluxDB uses its internal default configuration" - else - info "No injected configuration files found. Creating default config files..." - touch "${config_file}" - fi -} - -######################## -# Create primary setup -# Globals: -# INFLUXDB_* -# Arguments: -# None -# Returns: -# None -######################### -influxdb_create_primary_setup() { - "${INFLUXDB_BIN_DIR}/influx" setup -f --name "${INFLUXDB_ADMIN_CONFIG_NAME}" \ - --org "${INFLUXDB_ADMIN_ORG}" \ - --bucket "${INFLUXDB_ADMIN_BUCKET}" \ - --username "${INFLUXDB_ADMIN_USER}" \ - --password "${INFLUXDB_ADMIN_USER_PASSWORD}" \ - --token "${INFLUXDB_ADMIN_USER_TOKEN}" \ - --retention "${INFLUXDB_ADMIN_RETENTION}" -} - -######################## -# Create organization -# Globals: -# INFLUXDB_* -# Arguments: -# None -# Returns: -# None -######################### -influxdb_create_org() { - INFLUX_ACTIVE_CONFIG="${INFLUXDB_ADMIN_CONFIG_NAME}" "${INFLUXDB_BIN_DIR}/influx" org create --name "${INFLUXDB_USER_ORG}" -} - -######################## -# Create bucket -# Globals: -# INFLUXDB_* -# Arguments: -# None -# Returns: -# None -######################### -influxdb_create_bucket() { - INFLUX_ACTIVE_CONFIG="${INFLUXDB_ADMIN_CONFIG_NAME}" "${INFLUXDB_BIN_DIR}/influx" bucket create \ - "--org" "${INFLUXDB_USER_ORG:-${INFLUXDB_ADMIN_ORG}}" \ - "--name" "${INFLUXDB_USER_BUCKET}" -} - -######################## -# Create user -# Globals: -# INFLUXDB_* -# Arguments: -# None -# Returns: -# None -######################### -influxdb_create_user() { - local username=${1:?missing username} - local password=${2:?missing password} - local kind=${3:-"admin"} - - local params=("--org" "${INFLUXDB_USER_ORG:-${INFLUXDB_ADMIN_ORG}}" "--name" "${username}" "--password" "${password}") - INFLUX_ACTIVE_CONFIG="${INFLUXDB_ADMIN_CONFIG_NAME}" "${INFLUXDB_BIN_DIR}/influx" user create "${params[@]}" - - if is_boolean_yes "${INFLUXDB_CREATE_USER_TOKEN}"; then - local read_grants=("--read-buckets" "--read-checks" "--read-dashboards" "--read-dbrp" "--read-notificationEndpoints" "--read-notificationRules" "--read-orgs" "--read-tasks") - local write_grants=("--write-buckets" "--write-checks" "--write-dashboards" "--write-dbrp" "--write-notificationEndpoints" "--write-notificationRules" "--write-orgs" "--write-tasks") - - local -a grants - if [[ ${kind} = "admin" ]] || [[ ${kind} = "write" ]]; then - grants+=("${read_grants[@]}" "${write_grants[@]}") - elif [[ ${kind} = "read" ]]; then - grants+=("${read_grants[@]}") - else - echo "not supported user kind: ${kind}" && exit 1 - fi - - INFLUX_ACTIVE_CONFIG="${INFLUXDB_ADMIN_CONFIG_NAME}" "${INFLUXDB_BIN_DIR}/influx" auth create \ - --user "${username}" \ - --org "${INFLUXDB_USER_ORG:-${INFLUXDB_ADMIN_ORG}}" "${grants[@]}" - fi -} - -######################## -# Start InfluxDB in background disabling authentication and waits until it's ready -# Globals: -# INFLUXDB_* -# Arguments: -# None -# Returns: -# None -######################### -influxdb_start_bg_noauth() { - info "Starting InfluxDB in background..." - - local start_command=("${INFLUXDB_BIN_DIR}/influxd") - # if root user then run it with chroot - am_i_root && start_command=("run_as_user" "$INFLUXDB_DAEMON_USER" "${start_command[@]}") - - INFLUXDB_HTTP_HTTPS_ENABLED=false INFLUXDB_HTTP_BIND_ADDRESS="127.0.0.1:${INFLUXDB_HTTP_PORT_NUMBER}" debug_execute "${start_command[@]}" & - - wait-for-port --timeout="$INFLUXDB_PORT_READINESS_TIMEOUT" "$INFLUXDB_HTTP_PORT_NUMBER" - - wait_for_influxdb -} - -######################## -# Waits for InfluxDB to be ready -# Times out after 60 seconds -# Globals: -# INFLUXDB_* -# Arguments: -# None -# Returns: -# None -######################## -wait_for_influxdb() { - curl -sSL -I "127.0.0.1:${INFLUXDB_HTTP_PORT_NUMBER}/ping?wait_for_leader=${INFLUXDB_HTTP_READINESS_TIMEOUT}s" >/dev/null 2>&1 -} - -######################## -# Check if InfluxDB is running -# Globals: -# INFLUXDB_* -# Arguments: -# None -# Returns: -# Boolean -######################### -is_influxdb_running() { - # VMs use a PID file, but containers do not, so check if the variable exists to cover both scenarios - if [[ -n "${INFLUXDB_PID_FILE:-}" ]]; then - # influxdb does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep "influxd" | head -n 1 > "$INFLUXDB_PID_FILE" - - local pid - pid="$(get_pid_from_file "$INFLUXDB_PID_FILE")" - if [[ -z "$pid" ]]; then - false - else - is_service_running "$pid" - fi - elif pgrep "influxd" >/dev/null 2>&1; then - true - else - false - fi -} - -######################## -# Check if InfluxDB is not running -# Globals: -# INFLUXDB_* -# Arguments: -# None -# Returns: -# Boolean -######################### -is_influxdb_not_running() { - ! is_influxdb_running -} - -######################## -# Stop InfluxDB -# Globals: -# INFLUXDB_* -# Arguments: -# None -# Returns: -# None -######################### -influxdb_stop() { - info "Stopping InfluxDB..." - ! is_influxdb_running && return - pkill --full --signal TERM "$INFLUXDB_BASE_DIR" - wait-for-port --state free "$INFLUXDB_PORT_NUMBER" -} - -######################## -# Execute an arbitrary query using InfluxDB CLI -# Globals: -# INFLUXDB_* -# Arguments: -# $1 - Query to execute -# $2 - Whether to use admin credentials to run the command or not -# Returns: -# None -######################### -influxdb_execute_query() { - local -r query="${1:-query is required}" - local authenticate="${2:-false}" - local flags=("-host" "127.0.0.1" "-port" "$INFLUXDB_HTTP_PORT_NUMBER") - - is_boolean_yes "$authenticate" && flags+=("-username" "${INFLUXDB_ADMIN_USER}" "-password" "${INFLUXDB_ADMIN_USER_PASSWORD}") - debug_execute "${INFLUXDB_BIN_DIR}/influx" "${flags[@]}" "-execute" "$query" -} - -######################## -# Creates the admin user -# Globals: -# INFLUXDB_* -# Arguments: -# None -# Returns: -# None -######################### -influxdb_create_admin_user() { - debug "Creating admin user..." - influxdb_execute_query "CREATE USER \"${INFLUXDB_ADMIN_USER}\" WITH PASSWORD '${INFLUXDB_ADMIN_USER_PASSWORD}' WITH ALL PRIVILEGES" -} - -######################## -# Creates a database -# Globals: -# INFLUXDB_* -# Arguments: -# $1 - Database name -# Returns: -# None -######################### -influxdb_create_db() { - local -r db="${1:?db is required}" - debug "Creating database \"${db}\"..." - influxdb_execute_query "CREATE DATABASE ${db}" "true" -} - -######################## -# Creates a database -# Globals: -# INFLUXDB_* -# Arguments: -# $1 - User name -# $2 - Database name -# $3 - Role -# Returns: -# None -######################### -influxdb_grant() { - local -r user="${1:?user is required}" - local -r db="${2:?db is required}" - local -r role="${3:?role is required}" - debug "Granting \"${role}\" permissions to user ${user} on database \"${db}\"..." - influxdb_execute_query "GRANT ${role} ON \"${db}\" TO \"${user}\"" "true" -} - -######################## -# Gets the role for an user -# Arguments: -# $1 - user -# Returns: -# String -######################### -influxdb_user_role() { - local role - local -r user="${1:?user is required}" - role="${user//_/}" - role="${role%USER}" - role="${role#INFLUXDB}" - echo "${role:-ALL}" -} - -######################## -# Ensure InfluxDB is initialized -# Globals: -# INFLUXDB_* -# Arguments: -# None -# Returns: -# None -######################### -influxdb_initialize() { - influxdb_create_config - - if [[ ! -f "${INFLUX_CONFIGS_PATH}" ]]; then - influxdb_start_bg_noauth - info "Deploying InfluxDB from scratch" - info "Creating primary setup..." - influxdb_create_primary_setup - - if [[ -n "${INFLUXDB_USER_ORG}" ]] && [[ "${INFLUXDB_USER_ORG}" != "${INFLUXDB_ADMIN_ORG}" ]]; then - info "Creating custom org with id: ${INFLUXDB_USER_ORG}..." - influxdb_create_org - fi - - if [[ -n "${INFLUXDB_USER_BUCKET}" ]]; then - info "Creating custom bucket with id: ${INFLUXDB_USER_BUCKET} in org with id: ${INFLUXDB_USER_ORG:-${INFLUXDB_ADMIN_ORG}}..." - influxdb_create_bucket - fi - - if [[ -n "${INFLUXDB_USER}" ]]; then - info "Creating custom user with username: ${INFLUXDB_USER} in org with id: ${INFLUXDB_USER_ORG:-${INFLUXDB_ADMIN_ORG}}..." - influxdb_create_user "${INFLUXDB_USER}" "${INFLUXDB_USER_PASSWORD}" - fi - if [[ -n "${INFLUXDB_READ_USER}" ]]; then - info "Creating custom user with username: ${INFLUXDB_READ_USER} in org with id: ${INFLUXDB_USER_ORG:-${INFLUXDB_ADMIN_ORG}}..." - influxdb_create_user "${INFLUXDB_READ_USER}" "${INFLUXDB_READ_USER_PASSWORD}" "read" - fi - if [[ -n "${INFLUXDB_WRITE_USER}" ]]; then - info "Creating custom user with username: ${INFLUXDB_WRITE_USER} in org with id: ${INFLUXDB_USER_ORG:-${INFLUXDB_ADMIN_ORG}}..." - influxdb_create_user "${INFLUXDB_WRITE_USER}" "${INFLUXDB_WRITE_USER_PASSWORD}" "write" - fi - else - info "influx CLI configuration ${INFLUXDB_CONF_FILE} detected!" - info "Deploying InfluxDB with persisted data" - fi -} - -######################## -# Run custom initialization scripts -# Globals: -# INFLUXDB_* -# Arguments: -# None -# Returns: -# None -######################### -influxdb_custom_init_scripts() { - if [[ -n $(find "${INFLUXDB_INITSCRIPTS_DIR}/" -type f -regex ".*\.\(sh\|txt\)") ]] && [[ ! -f "${INFLUXDB_VOLUME_DIR}/.user_scripts_initialized" ]]; then - info "Loading user's custom files from ${INFLUXDB_INITSCRIPTS_DIR} ..." - local -r tmp_file="/tmp/filelist" - if ! is_influxdb_running; then - influxdb_start_bg_noauth - fi - find "${INFLUXDB_INITSCRIPTS_DIR}/" -type f -regex ".*\.\(sh\|txt\)" | sort >"$tmp_file" - while read -r f; do - case "$f" in - *.sh) - if [[ -x "$f" ]]; then - debug "Executing $f" - "$f" - else - debug "Sourcing $f" - . "$f" - fi - ;; - *.txt) - debug "Executing $f" - influxdb_execute_query "$(<"$f")" - ;; - *) debug "Ignoring $f" ;; - esac - done <$tmp_file - rm -f "$tmp_file" - touch "$INFLUXDB_VOLUME_DIR"/.user_scripts_initialized - fi -} diff --git a/bitnami/influxdb/2/debian-11/tags-info.yaml b/bitnami/influxdb/2/debian-11/tags-info.yaml deleted file mode 100644 index 3e9aaaadfd80..000000000000 --- a/bitnami/influxdb/2/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "2" -- 2-debian-11 -- 2.7.5 -- latest diff --git a/bitnami/jaeger/1/debian-11/Dockerfile b/bitnami/jaeger/1/debian-11/Dockerfile deleted file mode 100644 index 3ae9ceefad65..000000000000 --- a/bitnami/jaeger/1/debian-11/Dockerfile +++ /dev/null @@ -1,52 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T04:39:24Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.54.0-debian-11-r21" \ - org.opencontainers.image.title="jaeger" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="1.54.0" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "jaeger-1.54.0-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="1.54.0" \ - BITNAMI_APP_NAME="jaeger" \ - PATH="/opt/bitnami/jaeger/bin:$PATH" - -WORKDIR /opt/bitnami/jaeger -USER 1001 -ENTRYPOINT [ "/opt/bitnami/jaeger/bin/jaeger-all-in-one" ] diff --git a/bitnami/jaeger/1/debian-11/docker-compose.yml b/bitnami/jaeger/1/debian-11/docker-compose.yml deleted file mode 100644 index e4e452748e9d..000000000000 --- a/bitnami/jaeger/1/debian-11/docker-compose.yml +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' - -services: - jaeger: - image: docker.io/bitnami/jaeger:1 - ports: - - 6831:6831 - - 6832:6832 - - 5778:5778 - - 16686:16686 - - 4317:4317 - - 4318:4318 - - 14250:14250 - - 14268:14268 - - 14269:14269 - - 9411:9411 - environment: - - COLLECTOR_ZIPKIN_HOST_PORT=:9411 - - COLLECTOR_OTLP_ENABLED=true diff --git a/bitnami/jaeger/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/jaeger/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index f0ac86ad2510..000000000000 --- a/bitnami/jaeger/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "jaeger": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.54.0-1" - } -} \ No newline at end of file diff --git a/bitnami/jaeger/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/jaeger/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/jaeger/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/jaeger/1/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/jaeger/1/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/jaeger/1/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/jaeger/1/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/jaeger/1/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/jaeger/1/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/jaeger/1/debian-11/tags-info.yaml b/bitnami/jaeger/1/debian-11/tags-info.yaml deleted file mode 100644 index 436647aa4a3f..000000000000 --- a/bitnami/jaeger/1/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "1" -- 1-debian-11 -- 1.54.0 -- latest diff --git a/bitnami/java/1.8/debian-11/Dockerfile b/bitnami/java/1.8/debian-11/Dockerfile deleted file mode 100644 index c9a2882665e5..000000000000 --- a/bitnami/java/1.8/debian-11/Dockerfile +++ /dev/null @@ -1,62 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG JAVA_EXTRA_SECURITY_DIR="/bitnami/java/extra-security" -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T04:44:25Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.8.402-7-debian-11-r22" \ - org.opencontainers.image.title="java" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="1.8.402-7" - -ENV OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libfontconfig libgcc-s1 libsqlite3-dev libssl-dev locales procps wget -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "java-1.8.402-7-2-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN localedef -c -f UTF-8 -i en_US en_US.UTF-8 -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN update-locale LANG=C.UTF-8 LC_MESSAGES=POSIX && \ - DEBIAN_FRONTEND=noninteractive dpkg-reconfigure locales -RUN echo 'en_US.UTF-8 UTF-8' >> /etc/locale.gen && locale-gen -RUN sed -i 's/^PASS_MAX_DAYS.*/PASS_MAX_DAYS 90/' /etc/login.defs && \ - sed -i 's/^PASS_MIN_DAYS.*/PASS_MIN_DAYS 0/' /etc/login.defs && \ - sed -i 's/sha512/sha512 minlen=8/' /etc/pam.d/common-password - -COPY rootfs / -RUN /opt/bitnami/scripts/locales/add-extra-locales.sh -RUN /opt/bitnami/scripts/java/postunpack.sh -ENV APP_VERSION="1.8.402-7" \ - BITNAMI_APP_NAME="java" \ - JAVA_HOME="/opt/bitnami/java" \ - LANG="en_US.UTF-8" \ - LANGUAGE="en_US:en" \ - PATH="/opt/bitnami/java/bin:$PATH" - -ENTRYPOINT [ "/opt/bitnami/scripts/java/entrypoint.sh" ] -CMD [ "bash" ] diff --git a/bitnami/java/1.8/debian-11/docker-compose.yml b/bitnami/java/1.8/debian-11/docker-compose.yml deleted file mode 100644 index f9aac74849a5..000000000000 --- a/bitnami/java/1.8/debian-11/docker-compose.yml +++ /dev/null @@ -1,14 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' - -services: - java: - tty: true # Enables debugging capabilities when attached to this container. - image: docker.io/bitnami/java:1.8 - command: ["tail", "-f", "/dev/null"] # To keep the container running - ports: - - 8080:8080 - volumes: - - .:/app diff --git a/bitnami/java/1.8/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/java/1.8/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 216baacba17f..000000000000 --- a/bitnami/java/1.8/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "java": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.8.402-7-2" - } -} \ No newline at end of file diff --git a/bitnami/java/1.8/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/java/1.8/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/java/1.8/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/java/1.8/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/java/1.8/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/java/1.8/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/java/1.8/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/java/1.8/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/java/1.8/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/java/1.8/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/java/1.8/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/java/1.8/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/java/1.8/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/java/1.8/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/java/1.8/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/java/1.8/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/java/1.8/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/java/1.8/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/java/1.8/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/java/1.8/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/java/1.8/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/java/1.8/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/java/1.8/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/java/1.8/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/java/1.8/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/java/1.8/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/java/1.8/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/java/1.8/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/java/1.8/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/java/1.8/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/java/1.8/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/java/1.8/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/java/1.8/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/java/1.8/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/java/1.8/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/java/1.8/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/java/1.8/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/java/1.8/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/java/1.8/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/java/1.8/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/java/1.8/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/java/1.8/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/java/1.8/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh b/bitnami/java/1.8/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh deleted file mode 100755 index c3a1e2383fa1..000000000000 --- a/bitnami/java/1.8/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -print_welcome_page - -echo "" -exec "$@" diff --git a/bitnami/java/1.8/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh b/bitnami/java/1.8/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh deleted file mode 100755 index 52dbf4f13673..000000000000 --- a/bitnami/java/1.8/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh - -# -# Java post-unpack operations -# - -# Override default files in the Java security directory. This is used for -# custom base images (with custom CA certificates or block lists is used) - -if [[ -n "${JAVA_EXTRA_SECURITY_DIR:-}" ]] && ! is_dir_empty "$JAVA_EXTRA_SECURITY_DIR"; then - info "Adding custom CAs to the Java security folder" - cp -Lr "${JAVA_EXTRA_SECURITY_DIR}/." /opt/bitnami/java/lib/security -fi diff --git a/bitnami/java/1.8/debian-11/rootfs/opt/bitnami/scripts/locales/add-extra-locales.sh b/bitnami/java/1.8/debian-11/rootfs/opt/bitnami/scripts/locales/add-extra-locales.sh deleted file mode 100755 index c937a8fa4b18..000000000000 --- a/bitnami/java/1.8/debian-11/rootfs/opt/bitnami/scripts/locales/add-extra-locales.sh +++ /dev/null @@ -1,46 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purpose - -# Defaults -WITH_ALL_LOCALES="${WITH_ALL_LOCALES:-no}" -EXTRA_LOCALES="${EXTRA_LOCALES:-}" - -# Constants -LOCALES_FILE="/etc/locale.gen" -SUPPORTED_LOCALES_FILE="/usr/share/i18n/SUPPORTED" - -# Helper function for enabling locale only when it was not added before -enable_locale() { - local -r locale="${1:?missing locale}" - if ! grep -q -E "^${locale}$" "$SUPPORTED_LOCALES_FILE"; then - echo "Locale ${locale} is not supported in this system" - return 1 - fi - if ! grep -q -E "^${locale}" "$LOCALES_FILE"; then - echo "$locale" >> "$LOCALES_FILE" - else - echo "Locale ${locale} is already enabled" - fi -} - -if [[ "$WITH_ALL_LOCALES" =~ ^(yes|true|1)$ ]]; then - echo "Enabling all locales" - cp "$SUPPORTED_LOCALES_FILE" "$LOCALES_FILE" -else - # shellcheck disable=SC2001 - LOCALES_TO_ADD="$(sed 's/[,;]\s*/\n/g' <<< "$EXTRA_LOCALES")" - while [[ -n "$LOCALES_TO_ADD" ]] && read -r locale; do - echo "Enabling locale ${locale}" - enable_locale "$locale" - done <<< "$LOCALES_TO_ADD" -fi - -locale-gen diff --git a/bitnami/java/1.8/debian-11/tags-info.yaml b/bitnami/java/1.8/debian-11/tags-info.yaml deleted file mode 100644 index 0c9fcd7e6528..000000000000 --- a/bitnami/java/1.8/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "1.8" -- 1.8-debian-11 -- 1.8.402-7 diff --git a/bitnami/java/11/debian-11/Dockerfile b/bitnami/java/11/debian-11/Dockerfile deleted file mode 100644 index c9e421c7f463..000000000000 --- a/bitnami/java/11/debian-11/Dockerfile +++ /dev/null @@ -1,62 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG JAVA_EXTRA_SECURITY_DIR="/bitnami/java/extra-security" -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T04:55:10Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="11.0.22-12-debian-11-r22" \ - org.opencontainers.image.title="java" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="11.0.22-12" - -ENV OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libfontconfig libsqlite3-dev libssl-dev locales procps wget zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "java-11.0.22-12-2-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN localedef -c -f UTF-8 -i en_US en_US.UTF-8 -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN update-locale LANG=C.UTF-8 LC_MESSAGES=POSIX && \ - DEBIAN_FRONTEND=noninteractive dpkg-reconfigure locales -RUN echo 'en_US.UTF-8 UTF-8' >> /etc/locale.gen && locale-gen -RUN sed -i 's/^PASS_MAX_DAYS.*/PASS_MAX_DAYS 90/' /etc/login.defs && \ - sed -i 's/^PASS_MIN_DAYS.*/PASS_MIN_DAYS 0/' /etc/login.defs && \ - sed -i 's/sha512/sha512 minlen=8/' /etc/pam.d/common-password - -COPY rootfs / -RUN /opt/bitnami/scripts/locales/add-extra-locales.sh -RUN /opt/bitnami/scripts/java/postunpack.sh -ENV APP_VERSION="11.0.22-12" \ - BITNAMI_APP_NAME="java" \ - JAVA_HOME="/opt/bitnami/java" \ - LANG="en_US.UTF-8" \ - LANGUAGE="en_US:en" \ - PATH="/opt/bitnami/java/bin:$PATH" - -ENTRYPOINT [ "/opt/bitnami/scripts/java/entrypoint.sh" ] -CMD [ "bash" ] diff --git a/bitnami/java/11/debian-11/docker-compose.yml b/bitnami/java/11/debian-11/docker-compose.yml deleted file mode 100644 index 4c7f2b6b3fc7..000000000000 --- a/bitnami/java/11/debian-11/docker-compose.yml +++ /dev/null @@ -1,14 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' - -services: - java: - tty: true # Enables debugging capabilities when attached to this container. - image: docker.io/bitnami/java:11 - command: ["tail", "-f", "/dev/null"] # To keep the container running - ports: - - 8080:8080 - volumes: - - .:/app diff --git a/bitnami/java/11/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/java/11/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index ba9338d5a48b..000000000000 --- a/bitnami/java/11/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "java": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "11.0.22-12-2" - } -} \ No newline at end of file diff --git a/bitnami/java/11/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/java/11/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/java/11/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/java/11/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/java/11/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/java/11/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/java/11/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/java/11/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/java/11/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/java/11/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/java/11/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/java/11/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/java/11/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/java/11/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/java/11/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/java/11/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/java/11/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/java/11/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/java/11/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/java/11/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/java/11/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/java/11/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/java/11/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/java/11/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/java/11/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/java/11/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/java/11/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/java/11/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/java/11/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/java/11/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/java/11/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/java/11/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/java/11/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/java/11/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/java/11/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/java/11/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/java/11/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/java/11/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/java/11/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/java/11/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/java/11/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/java/11/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/java/11/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh b/bitnami/java/11/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh deleted file mode 100755 index c3a1e2383fa1..000000000000 --- a/bitnami/java/11/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -print_welcome_page - -echo "" -exec "$@" diff --git a/bitnami/java/11/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh b/bitnami/java/11/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh deleted file mode 100755 index 52dbf4f13673..000000000000 --- a/bitnami/java/11/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh - -# -# Java post-unpack operations -# - -# Override default files in the Java security directory. This is used for -# custom base images (with custom CA certificates or block lists is used) - -if [[ -n "${JAVA_EXTRA_SECURITY_DIR:-}" ]] && ! is_dir_empty "$JAVA_EXTRA_SECURITY_DIR"; then - info "Adding custom CAs to the Java security folder" - cp -Lr "${JAVA_EXTRA_SECURITY_DIR}/." /opt/bitnami/java/lib/security -fi diff --git a/bitnami/java/11/debian-11/rootfs/opt/bitnami/scripts/locales/add-extra-locales.sh b/bitnami/java/11/debian-11/rootfs/opt/bitnami/scripts/locales/add-extra-locales.sh deleted file mode 100755 index c937a8fa4b18..000000000000 --- a/bitnami/java/11/debian-11/rootfs/opt/bitnami/scripts/locales/add-extra-locales.sh +++ /dev/null @@ -1,46 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purpose - -# Defaults -WITH_ALL_LOCALES="${WITH_ALL_LOCALES:-no}" -EXTRA_LOCALES="${EXTRA_LOCALES:-}" - -# Constants -LOCALES_FILE="/etc/locale.gen" -SUPPORTED_LOCALES_FILE="/usr/share/i18n/SUPPORTED" - -# Helper function for enabling locale only when it was not added before -enable_locale() { - local -r locale="${1:?missing locale}" - if ! grep -q -E "^${locale}$" "$SUPPORTED_LOCALES_FILE"; then - echo "Locale ${locale} is not supported in this system" - return 1 - fi - if ! grep -q -E "^${locale}" "$LOCALES_FILE"; then - echo "$locale" >> "$LOCALES_FILE" - else - echo "Locale ${locale} is already enabled" - fi -} - -if [[ "$WITH_ALL_LOCALES" =~ ^(yes|true|1)$ ]]; then - echo "Enabling all locales" - cp "$SUPPORTED_LOCALES_FILE" "$LOCALES_FILE" -else - # shellcheck disable=SC2001 - LOCALES_TO_ADD="$(sed 's/[,;]\s*/\n/g' <<< "$EXTRA_LOCALES")" - while [[ -n "$LOCALES_TO_ADD" ]] && read -r locale; do - echo "Enabling locale ${locale}" - enable_locale "$locale" - done <<< "$LOCALES_TO_ADD" -fi - -locale-gen diff --git a/bitnami/java/11/debian-11/tags-info.yaml b/bitnami/java/11/debian-11/tags-info.yaml deleted file mode 100644 index fdbe66b68d21..000000000000 --- a/bitnami/java/11/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "11" -- 11-debian-11 -- 11.0.22-12 diff --git a/bitnami/java/17/debian-11/Dockerfile b/bitnami/java/17/debian-11/Dockerfile deleted file mode 100644 index 5cba6eeed2b2..000000000000 --- a/bitnami/java/17/debian-11/Dockerfile +++ /dev/null @@ -1,62 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG JAVA_EXTRA_SECURITY_DIR="/bitnami/java/extra-security" -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T04:58:13Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="17.0.10-13-debian-11-r21" \ - org.opencontainers.image.title="java" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="17.0.10-13" - -ENV OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libfontconfig libsqlite3-dev libssl-dev locales procps wget zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "java-17.0.10-13-2-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN localedef -c -f UTF-8 -i en_US en_US.UTF-8 -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN update-locale LANG=C.UTF-8 LC_MESSAGES=POSIX && \ - DEBIAN_FRONTEND=noninteractive dpkg-reconfigure locales -RUN echo 'en_US.UTF-8 UTF-8' >> /etc/locale.gen && locale-gen -RUN sed -i 's/^PASS_MAX_DAYS.*/PASS_MAX_DAYS 90/' /etc/login.defs && \ - sed -i 's/^PASS_MIN_DAYS.*/PASS_MIN_DAYS 0/' /etc/login.defs && \ - sed -i 's/sha512/sha512 minlen=8/' /etc/pam.d/common-password - -COPY rootfs / -RUN /opt/bitnami/scripts/locales/add-extra-locales.sh -RUN /opt/bitnami/scripts/java/postunpack.sh -ENV APP_VERSION="17.0.10-13" \ - BITNAMI_APP_NAME="java" \ - JAVA_HOME="/opt/bitnami/java" \ - LANG="en_US.UTF-8" \ - LANGUAGE="en_US:en" \ - PATH="/opt/bitnami/java/bin:$PATH" - -ENTRYPOINT [ "/opt/bitnami/scripts/java/entrypoint.sh" ] -CMD [ "bash" ] diff --git a/bitnami/java/17/debian-11/docker-compose.yml b/bitnami/java/17/debian-11/docker-compose.yml deleted file mode 100644 index 123407c5d77c..000000000000 --- a/bitnami/java/17/debian-11/docker-compose.yml +++ /dev/null @@ -1,14 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' - -services: - java: - tty: true # Enables debugging capabilities when attached to this container. - image: docker.io/bitnami/java:17 - command: ["tail", "-f", "/dev/null"] # To keep the container running - ports: - - 8080:8080 - volumes: - - .:/app diff --git a/bitnami/java/17/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/java/17/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index eac3a2054476..000000000000 --- a/bitnami/java/17/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "java": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "17.0.10-13-2" - } -} \ No newline at end of file diff --git a/bitnami/java/17/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/java/17/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/java/17/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/java/17/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/java/17/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/java/17/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/java/17/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/java/17/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/java/17/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/java/17/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/java/17/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/java/17/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/java/17/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/java/17/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/java/17/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/java/17/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/java/17/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/java/17/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/java/17/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/java/17/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/java/17/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/java/17/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/java/17/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/java/17/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/java/17/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/java/17/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/java/17/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/java/17/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/java/17/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/java/17/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/java/17/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/java/17/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/java/17/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/java/17/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/java/17/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/java/17/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/java/17/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/java/17/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/java/17/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/java/17/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/java/17/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/java/17/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/java/17/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh b/bitnami/java/17/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh deleted file mode 100755 index c3a1e2383fa1..000000000000 --- a/bitnami/java/17/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -print_welcome_page - -echo "" -exec "$@" diff --git a/bitnami/java/17/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh b/bitnami/java/17/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh deleted file mode 100755 index 52dbf4f13673..000000000000 --- a/bitnami/java/17/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh - -# -# Java post-unpack operations -# - -# Override default files in the Java security directory. This is used for -# custom base images (with custom CA certificates or block lists is used) - -if [[ -n "${JAVA_EXTRA_SECURITY_DIR:-}" ]] && ! is_dir_empty "$JAVA_EXTRA_SECURITY_DIR"; then - info "Adding custom CAs to the Java security folder" - cp -Lr "${JAVA_EXTRA_SECURITY_DIR}/." /opt/bitnami/java/lib/security -fi diff --git a/bitnami/java/17/debian-11/rootfs/opt/bitnami/scripts/locales/add-extra-locales.sh b/bitnami/java/17/debian-11/rootfs/opt/bitnami/scripts/locales/add-extra-locales.sh deleted file mode 100755 index c937a8fa4b18..000000000000 --- a/bitnami/java/17/debian-11/rootfs/opt/bitnami/scripts/locales/add-extra-locales.sh +++ /dev/null @@ -1,46 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purpose - -# Defaults -WITH_ALL_LOCALES="${WITH_ALL_LOCALES:-no}" -EXTRA_LOCALES="${EXTRA_LOCALES:-}" - -# Constants -LOCALES_FILE="/etc/locale.gen" -SUPPORTED_LOCALES_FILE="/usr/share/i18n/SUPPORTED" - -# Helper function for enabling locale only when it was not added before -enable_locale() { - local -r locale="${1:?missing locale}" - if ! grep -q -E "^${locale}$" "$SUPPORTED_LOCALES_FILE"; then - echo "Locale ${locale} is not supported in this system" - return 1 - fi - if ! grep -q -E "^${locale}" "$LOCALES_FILE"; then - echo "$locale" >> "$LOCALES_FILE" - else - echo "Locale ${locale} is already enabled" - fi -} - -if [[ "$WITH_ALL_LOCALES" =~ ^(yes|true|1)$ ]]; then - echo "Enabling all locales" - cp "$SUPPORTED_LOCALES_FILE" "$LOCALES_FILE" -else - # shellcheck disable=SC2001 - LOCALES_TO_ADD="$(sed 's/[,;]\s*/\n/g' <<< "$EXTRA_LOCALES")" - while [[ -n "$LOCALES_TO_ADD" ]] && read -r locale; do - echo "Enabling locale ${locale}" - enable_locale "$locale" - done <<< "$LOCALES_TO_ADD" -fi - -locale-gen diff --git a/bitnami/java/17/debian-11/tags-info.yaml b/bitnami/java/17/debian-11/tags-info.yaml deleted file mode 100644 index 7718a1efc1c3..000000000000 --- a/bitnami/java/17/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "17" -- 17-debian-11 -- 17.0.10-13 diff --git a/bitnami/java/21/debian-11/Dockerfile b/bitnami/java/21/debian-11/Dockerfile deleted file mode 100644 index 012b80db6b0e..000000000000 --- a/bitnami/java/21/debian-11/Dockerfile +++ /dev/null @@ -1,62 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG JAVA_EXTRA_SECURITY_DIR="/bitnami/java/extra-security" -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T05:01:07Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="21.0.2-14-debian-11-r21" \ - org.opencontainers.image.title="java" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="21.0.2-14" - -ENV OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libfontconfig libsqlite3-dev libssl-dev locales procps wget zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "java-21.0.2-14-2-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN localedef -c -f UTF-8 -i en_US en_US.UTF-8 -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN update-locale LANG=C.UTF-8 LC_MESSAGES=POSIX && \ - DEBIAN_FRONTEND=noninteractive dpkg-reconfigure locales -RUN echo 'en_US.UTF-8 UTF-8' >> /etc/locale.gen && locale-gen -RUN sed -i 's/^PASS_MAX_DAYS.*/PASS_MAX_DAYS 90/' /etc/login.defs && \ - sed -i 's/^PASS_MIN_DAYS.*/PASS_MIN_DAYS 0/' /etc/login.defs && \ - sed -i 's/sha512/sha512 minlen=8/' /etc/pam.d/common-password - -COPY rootfs / -RUN /opt/bitnami/scripts/locales/add-extra-locales.sh -RUN /opt/bitnami/scripts/java/postunpack.sh -ENV APP_VERSION="21.0.2-14" \ - BITNAMI_APP_NAME="java" \ - JAVA_HOME="/opt/bitnami/java" \ - LANG="en_US.UTF-8" \ - LANGUAGE="en_US:en" \ - PATH="/opt/bitnami/java/bin:$PATH" - -ENTRYPOINT [ "/opt/bitnami/scripts/java/entrypoint.sh" ] -CMD [ "bash" ] diff --git a/bitnami/java/21/debian-11/docker-compose.yml b/bitnami/java/21/debian-11/docker-compose.yml deleted file mode 100644 index 2df81c681415..000000000000 --- a/bitnami/java/21/debian-11/docker-compose.yml +++ /dev/null @@ -1,14 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' - -services: - java: - tty: true # Enables debugging capabilities when attached to this container. - image: docker.io/bitnami/java:21 - command: ["tail", "-f", "/dev/null"] # To keep the container running - ports: - - 8080:8080 - volumes: - - .:/app diff --git a/bitnami/java/21/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/java/21/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index c627fdaba3d5..000000000000 --- a/bitnami/java/21/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "java": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "21.0.2-14-2" - } -} \ No newline at end of file diff --git a/bitnami/java/21/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/java/21/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/java/21/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/java/21/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/java/21/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/java/21/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/java/21/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/java/21/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/java/21/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/java/21/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/java/21/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/java/21/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/java/21/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/java/21/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/java/21/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/java/21/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/java/21/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/java/21/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/java/21/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/java/21/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/java/21/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/java/21/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/java/21/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/java/21/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/java/21/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/java/21/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/java/21/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/java/21/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/java/21/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/java/21/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/java/21/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/java/21/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/java/21/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/java/21/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/java/21/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/java/21/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/java/21/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/java/21/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/java/21/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/java/21/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/java/21/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/java/21/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/java/21/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh b/bitnami/java/21/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh deleted file mode 100755 index c3a1e2383fa1..000000000000 --- a/bitnami/java/21/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -print_welcome_page - -echo "" -exec "$@" diff --git a/bitnami/java/21/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh b/bitnami/java/21/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh deleted file mode 100755 index 52dbf4f13673..000000000000 --- a/bitnami/java/21/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh - -# -# Java post-unpack operations -# - -# Override default files in the Java security directory. This is used for -# custom base images (with custom CA certificates or block lists is used) - -if [[ -n "${JAVA_EXTRA_SECURITY_DIR:-}" ]] && ! is_dir_empty "$JAVA_EXTRA_SECURITY_DIR"; then - info "Adding custom CAs to the Java security folder" - cp -Lr "${JAVA_EXTRA_SECURITY_DIR}/." /opt/bitnami/java/lib/security -fi diff --git a/bitnami/java/21/debian-11/rootfs/opt/bitnami/scripts/locales/add-extra-locales.sh b/bitnami/java/21/debian-11/rootfs/opt/bitnami/scripts/locales/add-extra-locales.sh deleted file mode 100755 index c937a8fa4b18..000000000000 --- a/bitnami/java/21/debian-11/rootfs/opt/bitnami/scripts/locales/add-extra-locales.sh +++ /dev/null @@ -1,46 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purpose - -# Defaults -WITH_ALL_LOCALES="${WITH_ALL_LOCALES:-no}" -EXTRA_LOCALES="${EXTRA_LOCALES:-}" - -# Constants -LOCALES_FILE="/etc/locale.gen" -SUPPORTED_LOCALES_FILE="/usr/share/i18n/SUPPORTED" - -# Helper function for enabling locale only when it was not added before -enable_locale() { - local -r locale="${1:?missing locale}" - if ! grep -q -E "^${locale}$" "$SUPPORTED_LOCALES_FILE"; then - echo "Locale ${locale} is not supported in this system" - return 1 - fi - if ! grep -q -E "^${locale}" "$LOCALES_FILE"; then - echo "$locale" >> "$LOCALES_FILE" - else - echo "Locale ${locale} is already enabled" - fi -} - -if [[ "$WITH_ALL_LOCALES" =~ ^(yes|true|1)$ ]]; then - echo "Enabling all locales" - cp "$SUPPORTED_LOCALES_FILE" "$LOCALES_FILE" -else - # shellcheck disable=SC2001 - LOCALES_TO_ADD="$(sed 's/[,;]\s*/\n/g' <<< "$EXTRA_LOCALES")" - while [[ -n "$LOCALES_TO_ADD" ]] && read -r locale; do - echo "Enabling locale ${locale}" - enable_locale "$locale" - done <<< "$LOCALES_TO_ADD" -fi - -locale-gen diff --git a/bitnami/java/21/debian-11/tags-info.yaml b/bitnami/java/21/debian-11/tags-info.yaml deleted file mode 100644 index 7c4f23c2560a..000000000000 --- a/bitnami/java/21/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "21" -- 21-debian-11 -- 21.0.2-14 -- latest diff --git a/bitnami/jax/0/debian-11/Dockerfile b/bitnami/jax/0/debian-11/Dockerfile deleted file mode 100644 index 059a6cb04dca..000000000000 --- a/bitnami/jax/0/debian-11/Dockerfile +++ /dev/null @@ -1,55 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T05:08:12Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="0.4.24-debian-11-r19" \ - org.opencontainers.image.title="jax" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="0.4.24" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libbz2-1.0 libcom-err2 libcrypt1 libffi7 libgcc-s1 libgssapi-krb5-2 libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 liblzma5 libncursesw6 libnsl2 libreadline8 libsqlite3-0 libssl1.1 libstdc++6 libtinfo6 libtirpc3 procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "python-3.11.8-0-linux-${OS_ARCH}-debian-11" \ - "jax-0.4.24-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN useradd -r -u 1001 -g root jax -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN mkdir /.local && chmod g+rwX /.local - -RUN mkdir /app && chmod g+rwX /app -ENV APP_VERSION="0.4.24" \ - BITNAMI_APP_NAME="jax" \ - PATH="/opt/bitnami/python/bin:$PATH" - -WORKDIR /app -USER 1001 -ENTRYPOINT [ "python" ] diff --git a/bitnami/jax/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/jax/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 30fb2053fa06..000000000000 --- a/bitnami/jax/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "jax": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "0.4.24-1" - }, - "python": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.11.8-0" - } -} \ No newline at end of file diff --git a/bitnami/jax/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/jax/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/jax/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/jax/0/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/jax/0/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/jax/0/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/jax/0/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/jax/0/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/jax/0/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/jax/0/debian-11/tags-info.yaml b/bitnami/jax/0/debian-11/tags-info.yaml deleted file mode 100644 index 21aebfa57df3..000000000000 --- a/bitnami/jax/0/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "0" -- 0-debian-11 -- 0.4.24 -- latest diff --git a/bitnami/jenkins-agent/0/debian-11/Dockerfile b/bitnami/jenkins-agent/0/debian-11/Dockerfile deleted file mode 100644 index 99b0b87cf76a..000000000000 --- a/bitnami/jenkins-agent/0/debian-11/Dockerfile +++ /dev/null @@ -1,56 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG JAVA_EXTRA_SECURITY_DIR="/bitnami/java/extra-security" -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T05:13:27Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="0.3206.0-debian-11-r23" \ - org.opencontainers.image.title="jenkins-agent" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="0.3206.0" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "java-17.0.10-13-2-linux-${OS_ARCH}-debian-11" \ - "jenkins-agent-0.3206.0-3-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/java/postunpack.sh -RUN /opt/bitnami/scripts/jenkins-agent/postunpack.sh -ENV APP_VERSION="0.3206.0" \ - BITNAMI_APP_NAME="jenkins-agent" \ - JAVA_HOME="/opt/bitnami/java" \ - PATH="/opt/bitnami/java/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/jenkins-agent/entrypoint.sh" ] diff --git a/bitnami/jenkins-agent/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/jenkins-agent/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 80feb8a87873..000000000000 --- a/bitnami/jenkins-agent/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "java": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "17.0.10-13-2" - }, - "jenkins-agent": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "0.3206.0-3" - } -} \ No newline at end of file diff --git a/bitnami/jenkins-agent/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/jenkins-agent/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/jenkins-agent/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/jenkins-agent/0/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/jenkins-agent/0/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/jenkins-agent/0/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/jenkins-agent/0/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/jenkins-agent/0/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/jenkins-agent/0/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/jenkins-agent/0/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/jenkins-agent/0/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/jenkins-agent/0/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/jenkins-agent/0/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/jenkins-agent/0/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/jenkins-agent/0/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/jenkins-agent/0/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/jenkins-agent/0/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/jenkins-agent/0/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/jenkins-agent/0/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/jenkins-agent/0/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/jenkins-agent/0/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/jenkins-agent/0/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/jenkins-agent/0/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/jenkins-agent/0/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/jenkins-agent/0/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/jenkins-agent/0/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/jenkins-agent/0/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/jenkins-agent/0/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/jenkins-agent/0/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/jenkins-agent/0/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/jenkins-agent/0/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/jenkins-agent/0/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/jenkins-agent/0/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/jenkins-agent/0/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/jenkins-agent/0/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/jenkins-agent/0/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/jenkins-agent/0/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/jenkins-agent/0/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/jenkins-agent/0/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/jenkins-agent/0/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/jenkins-agent/0/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/jenkins-agent/0/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/jenkins-agent/0/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh b/bitnami/jenkins-agent/0/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh deleted file mode 100755 index c3a1e2383fa1..000000000000 --- a/bitnami/jenkins-agent/0/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -print_welcome_page - -echo "" -exec "$@" diff --git a/bitnami/jenkins-agent/0/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh b/bitnami/jenkins-agent/0/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh deleted file mode 100755 index 52dbf4f13673..000000000000 --- a/bitnami/jenkins-agent/0/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh - -# -# Java post-unpack operations -# - -# Override default files in the Java security directory. This is used for -# custom base images (with custom CA certificates or block lists is used) - -if [[ -n "${JAVA_EXTRA_SECURITY_DIR:-}" ]] && ! is_dir_empty "$JAVA_EXTRA_SECURITY_DIR"; then - info "Adding custom CAs to the Java security folder" - cp -Lr "${JAVA_EXTRA_SECURITY_DIR}/." /opt/bitnami/java/lib/security -fi diff --git a/bitnami/jenkins-agent/0/debian-11/rootfs/opt/bitnami/scripts/jenkins-agent-env.sh b/bitnami/jenkins-agent/0/debian-11/rootfs/opt/bitnami/scripts/jenkins-agent-env.sh deleted file mode 100644 index 99a9b2cbf8fb..000000000000 --- a/bitnami/jenkins-agent/0/debian-11/rootfs/opt/bitnami/scripts/jenkins-agent-env.sh +++ /dev/null @@ -1,101 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for jenkins-agent - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-jenkins-agent}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -jenkins_agent_env_vars=( - JENKINS_AGENT_TUNNEL - JENKINS_AGENT_URL - JENKINS_AGENT_PROTOCOLS - JENKINS_AGENT_DIRECT_CONNECTION - JENKINS_AGENT_INSTANCE_IDENTITY - JENKINS_AGENT_WORKDIR - JENKINS_AGENT_WEB_SOCKET - JENKINS_AGENT_SECRET - JENKINS_AGENT_NAME - JAVA_HOME - JAVA_OPTS - JENKINS_TUNNEL - JENKINS_URL - JENKINS_PROTOCOLS - JENKINS_DIRECT_CONNECTION - JENKINS_INSTANCE_IDENTITY - JENKINS_WORKDIR - AGENT_WORKDIR - JENKINS_WEB_SOCKET - JENKINS_SECRET - JENKINS_NAME -) -for env_var in "${jenkins_agent_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset jenkins_agent_env_vars - -# Paths -export JENKINS_AGENT_BASE_DIR="${BITNAMI_ROOT_DIR}/jenkins-agent" -export JENKINS_AGENT_LOGS_DIR="${JENKINS_AGENT_BASE_DIR}/logs" -export JENKINS_AGENT_LOG_FILE="${JENKINS_AGENT_LOGS_DIR}/jenkins-agent.log" -export JENKINS_AGENT_TMP_DIR="${JENKINS_AGENT_BASE_DIR}/tmp" -export JENKINS_AGENT_PID_FILE="${JENKINS_AGENT_TMP_DIR}/jenkins-agent.pid" - -# Jenkins Agent persistence configuration -export JENKINS_AGENT_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/jenkins" - -# System users (when running with a privileged user) -export JENKINS_AGENT_DAEMON_USER="jenkins" -export JENKINS_AGENT_DAEMON_GROUP="jenkins" - -# Jenkins Agent configuration -JENKINS_AGENT_TUNNEL="${JENKINS_AGENT_TUNNEL:-"${JENKINS_TUNNEL:-}"}" -export JENKINS_AGENT_TUNNEL="${JENKINS_AGENT_TUNNEL:-}" -JENKINS_AGENT_URL="${JENKINS_AGENT_URL:-"${JENKINS_URL:-}"}" -export JENKINS_AGENT_URL="${JENKINS_AGENT_URL:-}" -JENKINS_AGENT_PROTOCOLS="${JENKINS_AGENT_PROTOCOLS:-"${JENKINS_PROTOCOLS:-}"}" -export JENKINS_AGENT_PROTOCOLS="${JENKINS_AGENT_PROTOCOLS:-}" -JENKINS_AGENT_DIRECT_CONNECTION="${JENKINS_AGENT_DIRECT_CONNECTION:-"${JENKINS_DIRECT_CONNECTION:-}"}" -export JENKINS_AGENT_DIRECT_CONNECTION="${JENKINS_AGENT_DIRECT_CONNECTION:-}" -JENKINS_AGENT_INSTANCE_IDENTITY="${JENKINS_AGENT_INSTANCE_IDENTITY:-"${JENKINS_INSTANCE_IDENTITY:-}"}" -export JENKINS_AGENT_INSTANCE_IDENTITY="${JENKINS_AGENT_INSTANCE_IDENTITY:-}" -JENKINS_AGENT_WORKDIR="${JENKINS_AGENT_WORKDIR:-"${JENKINS_WORKDIR:-}"}" -JENKINS_AGENT_WORKDIR="${JENKINS_AGENT_WORKDIR:-"${AGENT_WORKDIR:-}"}" -export JENKINS_AGENT_WORKDIR="${JENKINS_AGENT_WORKDIR:-${JENKINS_AGENT_VOLUME_DIR}/home}" -JENKINS_AGENT_WEB_SOCKET="${JENKINS_AGENT_WEB_SOCKET:-"${JENKINS_WEB_SOCKET:-}"}" -export JENKINS_AGENT_WEB_SOCKET="${JENKINS_AGENT_WEB_SOCKET:-false}" -JENKINS_AGENT_SECRET="${JENKINS_AGENT_SECRET:-"${JENKINS_SECRET:-}"}" -export JENKINS_AGENT_SECRET="${JENKINS_AGENT_SECRET:-}" -JENKINS_AGENT_NAME="${JENKINS_AGENT_NAME:-"${JENKINS_NAME:-}"}" -export JENKINS_AGENT_NAME="${JENKINS_AGENT_NAME:-}" - -# Java configuration -export JAVA_HOME="${JAVA_HOME:-${BITNAMI_ROOT_DIR}/java}" -export JAVA_OPTS="${JAVA_OPTS:-}" - -# Custom environment variables may be defined below diff --git a/bitnami/jenkins-agent/0/debian-11/rootfs/opt/bitnami/scripts/jenkins-agent/entrypoint.sh b/bitnami/jenkins-agent/0/debian-11/rootfs/opt/bitnami/scripts/jenkins-agent/entrypoint.sh deleted file mode 100755 index e3d2130212de..000000000000 --- a/bitnami/jenkins-agent/0/debian-11/rootfs/opt/bitnami/scripts/jenkins-agent/entrypoint.sh +++ /dev/null @@ -1,70 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Load Jenkins Agent environment -. /opt/bitnami/scripts/jenkins-agent-env.sh - -print_welcome_page - -# If running as root, run the agent using the daemon user -# Otherwise, set nss_wrapper vars only when running as non-root -if am_i_root; then - ensure_user_exists "$JENKINS_AGENT_DAEMON_USER" --group "$JENKINS_AGENT_DAEMON_GROUP" --home "$JENKINS_AGENT_WORKDIR" --system -else - export LNAME="jenkins" - export LD_PRELOAD="/opt/bitnami/common/lib/libnss_wrapper.so" - if ! user_exists "$(id -u)" && [[ -f "$LD_PRELOAD" ]]; then - info "Configuring libnss_wrapper" - NSS_WRAPPER_PASSWD="$(mktemp)" - export NSS_WRAPPER_PASSWD - NSS_WRAPPER_GROUP="$(mktemp)" - export NSS_WRAPPER_GROUP - echo "jenkins:x:$(id -u):$(id -g):Jenkins:${JENKINS_AGENT_WORKDIR}:/bin/false" >"$NSS_WRAPPER_PASSWD" - echo "jenkins:x:$(id -g):" >"$NSS_WRAPPER_GROUP" - chmod 400 "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP" - export HOME="$JENKINS_AGENT_WORKDIR" - fi -fi - -declare -a args -if [[ -n "${JAVA_OPTS:-}" ]]; then - read -r -a java_opts <<< "$JAVA_OPTS" - args+=("${java_opts[@]}") -fi - -args+=( - "-cp" "${JENKINS_AGENT_BASE_DIR}/agent.jar" - "hudson.remoting.jnlp.Main" -) - -[[ -n "$JENKINS_AGENT_TUNNEL" ]] && args+=("-tunnel" "$JENKINS_AGENT_TUNNEL") #JENKINS_TUNNEL -[[ -n "$JENKINS_AGENT_URL" ]] && args+=("-url" "$JENKINS_AGENT_URL") -[[ -n "$JENKINS_AGENT_PROTOCOLS" ]] && args+=("-protocols" "$JENKINS_AGENT_PROTOCOLS") -[[ -n "$JENKINS_AGENT_DIRECT_CONNECTION" ]] && args+=("-direct" "$JENKINS_AGENT_DIRECT_CONNECTION") -[[ -n "$JENKINS_AGENT_INSTANCE_IDENTITY" ]] && args+=("-instanceIdentity" "$JENKINS_INSTANCE_IDENTITY") -[[ -n "$JENKINS_AGENT_SECRET" ]] && args+=("$JENKINS_SECRET") -[[ -n "$JENKINS_AGENT_NAME" ]] && args+=("$JENKINS_AGENT_NAME") -[[ -n "$JENKINS_AGENT_WORKDIR" ]] && args+=("-workDir" "$JENKINS_AGENT_WORKDIR") -is_boolean_yes "$JENKINS_AGENT_WEB_SOCKET" && args+=("-webSocket") - -args+=("$@") - -info "** Starting Jenkins Agent" -if am_i_root; then - exec_as_user "$JENKINS_AGENT_DAEMON_USER" java "${args[@]}" -else - exec java "${args[@]}" -fi diff --git a/bitnami/jenkins-agent/0/debian-11/rootfs/opt/bitnami/scripts/jenkins-agent/postunpack.sh b/bitnami/jenkins-agent/0/debian-11/rootfs/opt/bitnami/scripts/jenkins-agent/postunpack.sh deleted file mode 100755 index 66432944b5bd..000000000000 --- a/bitnami/jenkins-agent/0/debian-11/rootfs/opt/bitnami/scripts/jenkins-agent/postunpack.sh +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh - -# Load Jenkins Agent environment -. /opt/bitnami/scripts/jenkins-agent-env.sh - -# Ensure required directories exist -chmod g+rwX "$JENKINS_AGENT_BASE_DIR" -for dir in "$JENKINS_AGENT_WORKDIR" "$JENKINS_AGENT_TMP_DIR" "$JENKINS_AGENT_LOGS_DIR"; do - ensure_dir_exists "$dir" - configure_permissions_ownership "$dir" -d "775" -f "664" -done diff --git a/bitnami/jenkins-agent/0/debian-11/tags-info.yaml b/bitnami/jenkins-agent/0/debian-11/tags-info.yaml deleted file mode 100644 index d61608b26dc2..000000000000 --- a/bitnami/jenkins-agent/0/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "0" -- 0-debian-11 -- 0.3206.0 -- latest diff --git a/bitnami/jenkins/2/debian-11/Dockerfile b/bitnami/jenkins/2/debian-11/Dockerfile deleted file mode 100644 index 783bfe29618d..000000000000 --- a/bitnami/jenkins/2/debian-11/Dockerfile +++ /dev/null @@ -1,60 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG JAVA_EXTRA_SECURITY_DIR="/bitnami/java/extra-security" -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T05:19:54Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="2.426.3-debian-11-r24" \ - org.opencontainers.image.title="jenkins" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="2.426.3" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl fontconfig git jq libfontconfig1 openssh-client procps unzip zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "render-template-1.0.6-9-linux-${OS_ARCH}-debian-11" \ - "java-17.0.10-13-2-linux-${OS_ARCH}-debian-11" \ - "jenkins-2.426.3-5-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/java/postunpack.sh -RUN /opt/bitnami/scripts/jenkins/postunpack.sh -ENV APP_VERSION="2.426.3" \ - BITNAMI_APP_NAME="jenkins" \ - JAVA_HOME="/opt/bitnami/java" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/java/bin:$PATH" - -EXPOSE 8080 8443 50000 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/jenkins/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/jenkins/run.sh" ] diff --git a/bitnami/jenkins/2/debian-11/docker-compose.yml b/bitnami/jenkins/2/debian-11/docker-compose.yml deleted file mode 100644 index 4a03e43329e5..000000000000 --- a/bitnami/jenkins/2/debian-11/docker-compose.yml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' - -services: - jenkins: - image: docker.io/bitnami/jenkins:2 - ports: - - '80:8080' - environment: - - JENKINS_PASSWORD=bitnami - volumes: - - 'jenkins_data:/bitnami/jenkins' - -volumes: - jenkins_data: - driver: local diff --git a/bitnami/jenkins/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/jenkins/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 8d8f0e7e5a76..000000000000 --- a/bitnami/jenkins/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "java": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "17.0.10-13-2" - }, - "jenkins": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.426.3-5" - }, - "render-template": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.6-9" - } -} \ No newline at end of file diff --git a/bitnami/jenkins/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/jenkins/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/jenkins/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/jenkins/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/jenkins/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/jenkins/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/jenkins/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/jenkins/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/jenkins/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/jenkins/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/jenkins/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/jenkins/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/jenkins/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/jenkins/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/jenkins/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/jenkins/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/jenkins/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/jenkins/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/jenkins/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/jenkins/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/jenkins/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/jenkins/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/jenkins/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/jenkins/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/jenkins/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/jenkins/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/jenkins/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/jenkins/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/jenkins/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/jenkins/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/jenkins/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/jenkins/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/jenkins/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/jenkins/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/jenkins/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/jenkins/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/jenkins/2/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/jenkins/2/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/jenkins/2/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/jenkins/2/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/jenkins/2/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/jenkins/2/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/jenkins/nss-wrapper/nss_group b/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/jenkins/nss-wrapper/nss_group deleted file mode 100644 index 11562584abbc..000000000000 --- a/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/jenkins/nss-wrapper/nss_group +++ /dev/null @@ -1 +0,0 @@ -jenkins:x:0: diff --git a/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/jenkins/nss-wrapper/nss_passwd b/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/jenkins/nss-wrapper/nss_passwd deleted file mode 100644 index 519bb1eb0f18..000000000000 --- a/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/jenkins/nss-wrapper/nss_passwd +++ /dev/null @@ -1 +0,0 @@ -jenkins:x:1001:0:Jenkins:/opt/bitnami/jenkins/jenkins_home:/bin/false diff --git a/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh b/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh deleted file mode 100755 index c3a1e2383fa1..000000000000 --- a/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -print_welcome_page - -echo "" -exec "$@" diff --git a/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh b/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh deleted file mode 100755 index 52dbf4f13673..000000000000 --- a/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh - -# -# Java post-unpack operations -# - -# Override default files in the Java security directory. This is used for -# custom base images (with custom CA certificates or block lists is used) - -if [[ -n "${JAVA_EXTRA_SECURITY_DIR:-}" ]] && ! is_dir_empty "$JAVA_EXTRA_SECURITY_DIR"; then - info "Adding custom CAs to the Java security folder" - cp -Lr "${JAVA_EXTRA_SECURITY_DIR}/." /opt/bitnami/java/lib/security -fi diff --git a/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/scripts/jenkins-env.sh b/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/scripts/jenkins-env.sh deleted file mode 100644 index a52791e17a5c..000000000000 --- a/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/scripts/jenkins-env.sh +++ /dev/null @@ -1,126 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for jenkins - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-jenkins}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -jenkins_env_vars=( - JENKINS_HOME - JENKINS_PLUGINS - JENKINS_PLUGINS_LATEST - JENKINS_PLUGINS_LATEST_SPECIFIED - JENKINS_SKIP_IMAGE_PLUGINS - JENKINS_OVERRIDE_PLUGINS - JENKINS_OVERRIDE_PATHS - JENKINS_HTTP_LISTEN_ADDRESS - JENKINS_HTTPS_LISTEN_ADDRESS - JENKINS_HTTP_PORT_NUMBER - JENKINS_HTTPS_PORT_NUMBER - JENKINS_JNLP_PORT_NUMBER - JENKINS_EXTERNAL_HTTP_PORT_NUMBER - JENKINS_EXTERNAL_HTTPS_PORT_NUMBER - JENKINS_HOST - JENKINS_FORCE_HTTPS - JENKINS_SKIP_BOOTSTRAP - JENKINS_ENABLE_SWARM - JENKINS_CERTS_DIR - JENKINS_KEYSTORE_PASSWORD - JENKINS_OPTS - JENKINS_USERNAME - JENKINS_PASSWORD - JENKINS_EMAIL - JENKINS_SWARM_USERNAME - JENKINS_SWARM_PASSWORD - JAVA_HOME - JAVA_OPTS - DISABLE_JENKINS_INITIALIZATION -) -for env_var in "${jenkins_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset jenkins_env_vars - -# Paths -export JENKINS_BASE_DIR="${BITNAMI_ROOT_DIR}/jenkins" -export JENKINS_LOGS_DIR="${JENKINS_BASE_DIR}/logs" -export JENKINS_LOG_FILE="${JENKINS_LOGS_DIR}/jenkins.log" -export JENKINS_TMP_DIR="${JENKINS_BASE_DIR}/tmp" -export JENKINS_PID_FILE="${JENKINS_TMP_DIR}/jenkins.pid" -export JENKINS_TEMPLATES_DIR="${BITNAMI_ROOT_DIR}/scripts/jenkins/bitnami-templates" - -# Jenkins persistence configuration -export JENKINS_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/jenkins" -export JENKINS_HOME="${JENKINS_HOME:-${JENKINS_VOLUME_DIR}/home}" -export JENKINS_MOUNTED_CONTENT_DIR="/usr/share/jenkins/ref" -export JENKINS_PLUGINS="${JENKINS_PLUGINS:-}" -export JENKINS_PLUGINS_LATEST="${JENKINS_PLUGINS_LATEST:-true}" -export JENKINS_PLUGINS_LATEST_SPECIFIED="${JENKINS_PLUGINS_LATEST_SPECIFIED:-false}" -export JENKINS_SKIP_IMAGE_PLUGINS="${JENKINS_SKIP_IMAGE_PLUGINS:-false}" -export JENKINS_OVERRIDE_PLUGINS="${JENKINS_OVERRIDE_PLUGINS:-false}" -export JENKINS_OVERRIDE_PATHS="${JENKINS_OVERRIDE_PATHS:-}" - -# System users (when running with a privileged user) -export JENKINS_DAEMON_USER="jenkins" -export JENKINS_DAEMON_GROUP="jenkins" - -# Jenkins configuration -export JENKINS_DEFAULT_HTTP_LISTEN_ADDRESS="0.0.0.0" # only used at build time -export JENKINS_DEFAULT_HTTPS_LISTEN_ADDRESS="0.0.0.0" # only used at build time -export JENKINS_DEFAULT_HTTP_PORT_NUMBER="8080" # only used at build time -export JENKINS_DEFAULT_HTTPS_PORT_NUMBER="8443" # only used at build time -export JENKINS_DEFAULT_JNLP_PORT_NUMBER="50000" # only used at build time -export JENKINS_HTTP_LISTEN_ADDRESS="${JENKINS_HTTP_LISTEN_ADDRESS:-}" -export JENKINS_HTTPS_LISTEN_ADDRESS="${JENKINS_HTTPS_LISTEN_ADDRESS:-}" -export JENKINS_HTTP_PORT_NUMBER="${JENKINS_HTTP_PORT_NUMBER:-}" -export JENKINS_HTTPS_PORT_NUMBER="${JENKINS_HTTPS_PORT_NUMBER:-}" -export JENKINS_JNLP_PORT_NUMBER="${JENKINS_JNLP_PORT_NUMBER:-}" -export JENKINS_EXTERNAL_HTTP_PORT_NUMBER="${JENKINS_EXTERNAL_HTTP_PORT_NUMBER:-80}" -export JENKINS_EXTERNAL_HTTPS_PORT_NUMBER="${JENKINS_EXTERNAL_HTTPS_PORT_NUMBER:-443}" -export JENKINS_HOST="${JENKINS_HOST:-}" -export JENKINS_FORCE_HTTPS="${JENKINS_FORCE_HTTPS:-no}" -JENKINS_SKIP_BOOTSTRAP="${JENKINS_SKIP_BOOTSTRAP:-"${DISABLE_JENKINS_INITIALIZATION:-}"}" -export JENKINS_SKIP_BOOTSTRAP="${JENKINS_SKIP_BOOTSTRAP:-no}" # only used during the first initialization -export JENKINS_ENABLE_SWARM="${JENKINS_ENABLE_SWARM:-no}" -export JENKINS_CERTS_DIR="${JENKINS_CERTS_DIR:-${JENKINS_HOME}}" -export JENKINS_KEYSTORE_PASSWORD="${JENKINS_KEYSTORE_PASSWORD:-bitnami}" -export JENKINS_OPTS="${JENKINS_OPTS:-}" - -# Jenkins credentials -export JENKINS_USERNAME="${JENKINS_USERNAME:-user}" # only used during the first initialization -export JENKINS_PASSWORD="${JENKINS_PASSWORD:-bitnami}" # only used during the first initialization -export JENKINS_EMAIL="${JENKINS_EMAIL:-user@example.com}" # only used during the first initialization -export JENKINS_SWARM_USERNAME="${JENKINS_SWARM_USERNAME:-swarm}" # only used during the first initialization -export JENKINS_SWARM_PASSWORD="${JENKINS_SWARM_PASSWORD:-}" # only used during the first initialization - -# Java configuration -export JAVA_HOME="${JAVA_HOME:-${BITNAMI_ROOT_DIR}/java}" -export JAVA_OPTS="${JAVA_OPTS:-}" - -# Custom environment variables may be defined below diff --git a/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/scripts/jenkins/bitnami-templates/configure-host.groovy.tpl b/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/scripts/jenkins/bitnami-templates/configure-host.groovy.tpl deleted file mode 100644 index 6792ca3bf61e..000000000000 --- a/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/scripts/jenkins/bitnami-templates/configure-host.groovy.tpl +++ /dev/null @@ -1,3 +0,0 @@ -location = jenkins.model.JenkinsLocationConfiguration.get() -location.setUrl("{{url}}") -location.save() diff --git a/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/scripts/jenkins/bitnami-templates/init-jenkins-swarm.groovy.tpl b/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/scripts/jenkins/bitnami-templates/init-jenkins-swarm.groovy.tpl deleted file mode 100644 index 20c06d0f06ab..000000000000 --- a/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/scripts/jenkins/bitnami-templates/init-jenkins-swarm.groovy.tpl +++ /dev/null @@ -1,166 +0,0 @@ -// Inspired by https://github.com/jenkinsci/jenkins/blob/e1beed03962bbc3777a49a041109b8752d98d2ed/core/src/main/java/jenkins/install/SetupWizard.java - -import jenkins.security.s2m.AdminWhitelistRule; -import hudson.security.csrf.DefaultCrumbIssuer; -import jenkins.security.QueueItemAuthenticatorConfiguration; -import org.jenkinsci.plugins.authorizeproject.*; -import org.jenkinsci.plugins.authorizeproject.strategy.*; -import org.jenkinsci.plugins.matrixauth.*; -import jenkins.model.*; -import jenkins.install.*; -import hudson.security.*; -import hudson.model.*; - -// Set Hudson Security -def jenkins = Jenkins.getInstance() -def securityRealm = new HudsonPrivateSecurityRealm(false, false, null) -jenkins.setSecurityRealm(securityRealm) - -// Create new admin account -println " [bitnami/groovy-init-jenkins-with-slaves] Creating Jenkins users" -def adminUsername = '{{JENKINS_USERNAME}}' -def adminPassword = '{{JENKINS_PASSWORD}}' -securityRealm.createAccount(adminUsername, adminPassword) -println " [bitnami/groovy-init-jenkins-with-slaves] Admin user created: {{JENKINS_USERNAME}}:*******" -if (adminUsername != 'admin') { - // Delete the existing by default admin account - User u = User.get('admin') - u.delete() -} -// Create slave account -def slaveUsername = '{{JENKINS_SWARM_USERNAME}}' -def slavePassword = '{{JENKINS_SWARM_PASSWORD}}' -securityRealm.createAccount(slaveUsername, slavePassword) -println " [bitnami/groovy-init-jenkins-with-slaves] Slave user created: {{JENKINS_SWARM_USERNAME}}:*******" -// Create system account. Same password than admin account -def systemUsername = 'system_user' -def systemPassword = '{{JENKINS_PASSWORD}}' -securityRealm.createAccount(systemUsername, systemPassword) -println " [bitnami/groovy-init-jenkins-with-slaves] System user created: system_user:*******" - -// Set Authorization strategy -// Roles based on https://wiki.jenkins-ci.org/display/JENKINS/Matrix-based+security -println " [bitnami/groovy-init-jenkins-with-slaves] Setting Authorization Strategy" -def strategy = new GlobalMatrixAuthorizationStrategy() -// Setting Slave Permissions -// Slave Permissions -strategy.add(hudson.model.Computer.BUILD, new PermissionEntry(AuthorizationType.USER, slaveUsername)) -strategy.add(hudson.model.Computer.CONFIGURE, new PermissionEntry(AuthorizationType.USER, slaveUsername)) -strategy.add(hudson.model.Computer.CONNECT, new PermissionEntry(AuthorizationType.USER, slaveUsername)) -strategy.add(hudson.model.Computer.CREATE, new PermissionEntry(AuthorizationType.USER, slaveUsername)) -strategy.add(hudson.model.Computer.DELETE, new PermissionEntry(AuthorizationType.USER, slaveUsername)) -strategy.add(hudson.model.Computer.DISCONNECT, new PermissionEntry(AuthorizationType.USER, slaveUsername)) -// Overall Permissions -strategy.add(hudson.model.Hudson.READ, new PermissionEntry(AuthorizationType.USER, slaveUsername)) -// Setting System Permissions -// System Permissions -strategy.add(hudson.model.Computer.BUILD, new PermissionEntry(AuthorizationType.USER, systemUsername)) -strategy.add(hudson.model.Computer.CONFIGURE, new PermissionEntry(AuthorizationType.USER, systemUsername)) -strategy.add(hudson.model.Computer.CONNECT, new PermissionEntry(AuthorizationType.USER, systemUsername)) -strategy.add(hudson.model.Computer.CREATE, new PermissionEntry(AuthorizationType.USER, systemUsername)) -strategy.add(hudson.model.Computer.DELETE, new PermissionEntry(AuthorizationType.USER, systemUsername)) -strategy.add(hudson.model.Computer.DISCONNECT, new PermissionEntry(AuthorizationType.USER, systemUsername)) -// Overall Permissions -strategy.add(hudson.model.Hudson.READ, new PermissionEntry(AuthorizationType.USER, systemUsername)) -// Setting Admin Permissions -// Admin Permissions -strategy.add(hudson.model.Computer.BUILD, new PermissionEntry(AuthorizationType.USER, adminUsername)) -strategy.add(hudson.model.Computer.CONFIGURE, new PermissionEntry(AuthorizationType.USER, adminUsername)) -strategy.add(hudson.model.Computer.CONNECT, new PermissionEntry(AuthorizationType.USER, adminUsername)) -strategy.add(hudson.model.Computer.CREATE, new PermissionEntry(AuthorizationType.USER, adminUsername)) -strategy.add(hudson.model.Computer.DELETE, new PermissionEntry(AuthorizationType.USER, adminUsername)) -strategy.add(hudson.model.Computer.DISCONNECT, new PermissionEntry(AuthorizationType.USER, adminUsername)) -// Overall Permissions -strategy.add(hudson.model.Hudson.ADMINISTER, new PermissionEntry(AuthorizationType.USER, adminUsername)) -strategy.add(hudson.PluginManager.CONFIGURE_UPDATECENTER, new PermissionEntry(AuthorizationType.USER, adminUsername)) -strategy.add(hudson.model.Hudson.READ, new PermissionEntry(AuthorizationType.USER, adminUsername)) -strategy.add(hudson.model.Hudson.RUN_SCRIPTS, new PermissionEntry(AuthorizationType.USER, adminUsername)) -strategy.add(hudson.PluginManager.UPLOAD_PLUGINS, new PermissionEntry(AuthorizationType.USER, adminUsername)) -// Job Permissions -strategy.add(hudson.model.Item.BUILD, new PermissionEntry(AuthorizationType.USER, adminUsername)) -strategy.add(hudson.model.Item.CANCEL, new PermissionEntry(AuthorizationType.USER, adminUsername)) -strategy.add(hudson.model.Item.CONFIGURE, new PermissionEntry(AuthorizationType.USER, adminUsername)) -strategy.add(hudson.model.Item.CREATE, new PermissionEntry(AuthorizationType.USER, adminUsername)) -strategy.add(hudson.model.Item.DELETE, new PermissionEntry(AuthorizationType.USER, adminUsername)) -strategy.add(hudson.model.Item.DISCOVER, new PermissionEntry(AuthorizationType.USER, adminUsername)) -strategy.add(hudson.model.Item.READ, new PermissionEntry(AuthorizationType.USER, adminUsername)) -strategy.add(hudson.model.Item.WORKSPACE, new PermissionEntry(AuthorizationType.USER, adminUsername)) -// Run Permissions -strategy.add(hudson.model.Run.DELETE, new PermissionEntry(AuthorizationType.USER, adminUsername)) -strategy.add(hudson.model.Run.UPDATE, new PermissionEntry(AuthorizationType.USER, adminUsername)) -// View Permissions -strategy.add(hudson.model.View.CONFIGURE, new PermissionEntry(AuthorizationType.USER, adminUsername)) -strategy.add(hudson.model.View.CREATE, new PermissionEntry(AuthorizationType.USER, adminUsername)) -strategy.add(hudson.model.View.DELETE, new PermissionEntry(AuthorizationType.USER, adminUsername)) -strategy.add(hudson.model.View.READ, new PermissionEntry(AuthorizationType.USER, adminUsername)) -jenkins.setAuthorizationStrategy(strategy); -println " [bitnami/groovy-init-jenkins-with-slaves] Authorization Strategy set" - -// Configure Authorize Project Plugin -// Proper rules are needed to increase the security settings of the jobs and to avoid warning messages -println " [bitnami/groovy-init-jenkins-with-slaves] Configuring 'Authorize Project' plugin" -def configureGlobalAuthenticator = true -def configureProjectAuthenticator = true -def authenticators = QueueItemAuthenticatorConfiguration.get().getAuthenticators() -for (authenticator in authenticators) { - if (authenticator instanceof GlobalQueueItemAuthenticator) { - println " [bitnami/groovy-init-jenkins-with-slaves] Skipping global build authenticator, it exists" - configureGlobalAuthenticator = false - } else if (authenticator instanceof ProjectQueueItemAuthenticator) { - println " [bitnami/groovy-init-jenkins-with-slaves] Skipping per-project build authenticator, it exists" - configureProjectAuthenticator = false - } -} -if (configureGlobalAuthenticator) { - def globalStrategy = new SpecificUsersAuthorizationStrategy(systemUsername) - def globalStrategyName = globalStrategy.getDescriptor().getDisplayName() - println " [bitnami/groovy-init-jenkins-with-slaves] Configuring global build authenticator with '${globalStrategyName}' strategy" - authenticators.add(new GlobalQueueItemAuthenticator(globalStrategy)) -} -if (configureProjectAuthenticator) { - def anonymousAuthorizationStrategyDescriptor = jenkins.getDescriptor(AnonymousAuthorizationStrategy.class) - def triggeringUsersAuthorizationStrategyDescriptor = jenkins.getDescriptor(TriggeringUsersAuthorizationStrategy.class) - def specificUsersAuthorizationStrategyDescriptor = jenkins.getDescriptor(SpecificUsersAuthorizationStrategy.class) - def systemAuthorizationStrategyDescriptor = jenkins.getDescriptor(SystemAuthorizationStrategy.class) - def projectStrategy = [ - (anonymousAuthorizationStrategyDescriptor.getId()): true, - (triggeringUsersAuthorizationStrategyDescriptor.getId()): true, - (specificUsersAuthorizationStrategyDescriptor.getId()): true, - (systemAuthorizationStrategyDescriptor.getId()): false - ] - println " [bitnami/groovy-init-jenkins-with-slaves] Configuring per-project build authenticator" - println " [bitnami/groovy-init-jenkins-with-slaves] Allowing '${anonymousAuthorizationStrategyDescriptor.getDisplayName()}' strategy" - println " [bitnami/groovy-init-jenkins-with-slaves] Allowing '${triggeringUsersAuthorizationStrategyDescriptor.getDisplayName()}' strategy" - println " [bitnami/groovy-init-jenkins-with-slaves] Allowing '${specificUsersAuthorizationStrategyDescriptor.getDisplayName()}' strategy" - authenticators.add(new ProjectQueueItemAuthenticator(projectStrategy)) -} -println " [bitnami/groovy-init-jenkins-with-slaves] 'Authorize Project' plugin configuration finished" - -// Configure JNLP port -println " [bitnami/groovy-init-jenkins-with-slaves] Configuring JNLP port" -jenkins.setSlaveAgentPort({{jnlp_port}}) -println " [bitnami/groovy-init-jenkins-with-slaves] JNLP port is set to '{{jnlp_port}}'" - -// require a crumb issuer -println " [bitnami/groovy-init-jenkins] Enabling CSRF Protection" -jenkins.setCrumbIssuer(new DefaultCrumbIssuer(true)); -println " [bitnami/groovy-init-jenkins] CSRF Protection enabled" - -// Set master-slave security -println " [bitnami/groovy-init-jenkins] Setting master-slave security" -jenkins.getInjector().getInstance(AdminWhitelistRule.class).setMasterKillSwitch(false); -println " [bitnami/groovy-init-jenkins] master-slave set" - -// Set master executors -println " [bitnami/groovy-init-jenkins] Setting master executors to 0" -jenkins.setNumExecutors(0); -println " [bitnami/groovy-init-jenkins] master executors set" - -jenkins.save() - -// Complete wizard -println " [bitnami/groovy-init-jenkins-with-slaves] Passing wizard" -def wizard = new SetupWizard() -wizard.init(true) -wizard.completeSetup() -println " [bitnami/groovy-init-jenkins-with-slaves] Wizard passed" diff --git a/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/scripts/jenkins/bitnami-templates/init-jenkins.groovy.tpl b/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/scripts/jenkins/bitnami-templates/init-jenkins.groovy.tpl deleted file mode 100644 index 3507419e0fa3..000000000000 --- a/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/scripts/jenkins/bitnami-templates/init-jenkins.groovy.tpl +++ /dev/null @@ -1,56 +0,0 @@ -// Inspired by https://github.com/jenkinsci/jenkins/blob/e1beed03962bbc3777a49a041109b8752d98d2ed/core/src/main/java/jenkins/install/SetupWizard.java - -import jenkins.security.s2m.AdminWhitelistRule; -import hudson.security.csrf.DefaultCrumbIssuer -import jenkins.model.*; -import jenkins.install.*; -import hudson.security.*; -import hudson.model.*; - -// Set Hudson Security -def jenkins = Jenkins.getInstance() -def securityRealm = new HudsonPrivateSecurityRealm(false, false, null) -jenkins.setSecurityRealm(securityRealm) - -// Create new admin account -println " [bitnami/groovy-init-jenkins] Creating admin user" -def adminUsername = '{{JENKINS_USERNAME}}' -def adminPassword = '{{JENKINS_PASSWORD}}' -securityRealm.createAccount(adminUsername, adminPassword) -println " [bitnami/groovy-init-jenkins] Admin user created: {{JENKINS_USERNAME}}:*******" -if (adminUsername != 'admin') { - // Delete the existing by default admin account - User u = User.get('admin') - u.delete() -} - -// Set Authorization strategy -println " [bitnami/groovy-init-jenkins] Setting Authorization Strategy" -def authStrategy = new FullControlOnceLoggedInAuthorizationStrategy(); -authStrategy.setAllowAnonymousRead(false); -jenkins.setAuthorizationStrategy(authStrategy); -println " [bitnami/groovy-init-jenkins] Authorization Strategy set" - -// Disable jnlp by default, but honor system properties -println " [bitnami/groovy-init-jenkins] Disabling JNLP" -jenkins.setSlaveAgentPort(-1); -println " [bitnami/groovy-init-jenkins] JNLP disabled" - -// require a crumb issuer -println " [bitnami/groovy-init-jenkins] Enabling CSRF Protection" -jenkins.setCrumbIssuer(new DefaultCrumbIssuer(true)); -println " [bitnami/groovy-init-jenkins] CSRF Protection enabled" - -// Set master-slave security -println " [bitnami/groovy-init-jenkins] Setting master-slave security" -jenkins.getInjector().getInstance(AdminWhitelistRule.class).setMasterKillSwitch(false); -println " [bitnami/groovy-init-jenkins] master-slave security set" - -jenkins.save() - -// Complete wizard -println " [bitnami/groovy-init-jenkins] Passing wizard" -def wizard = new SetupWizard() -wizard.init(true) -wizard.completeSetup() -println " [bitnami/groovy-init-jenkins] Wizard passed" diff --git a/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/scripts/jenkins/entrypoint.sh b/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/scripts/jenkins/entrypoint.sh deleted file mode 100755 index 3d830a07bd25..000000000000 --- a/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/scripts/jenkins/entrypoint.sh +++ /dev/null @@ -1,48 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Load Jenkins environment -. /opt/bitnami/scripts/jenkins-env.sh - -print_welcome_page - -# Set nss_wrapper vars only when running as non-root -# Configure libnss_wrapper based on the UID/GID used to run the container -# This container supports arbitrary UIDs, therefore we have do it dynamically -if ! am_i_root; then - export LNAME="jenkins" - export LD_PRELOAD="/opt/bitnami/common/lib/libnss_wrapper.so" - if ! user_exists "$(id -u)" && [[ -f "$LD_PRELOAD" ]]; then - info "Configuring libnss_wrapper" - NSS_WRAPPER_PASSWD="$(mktemp)" - export NSS_WRAPPER_PASSWD - NSS_WRAPPER_GROUP="$(mktemp)" - export NSS_WRAPPER_GROUP - echo "jenkins:x:$(id -u):$(id -g):Jenkins:${JENKINS_HOME}:/bin/false" >"$NSS_WRAPPER_PASSWD" - echo "jenkins:x:$(id -g):" >"$NSS_WRAPPER_GROUP" - chmod 400 "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP" - export HOME="$JENKINS_HOME" - fi -fi - -if [[ "$1" = "/opt/bitnami/scripts/jenkins/run.sh" ]]; then - info "** Starting Jenkins setup **" - /opt/bitnami/scripts/jenkins/setup.sh - info "** Jenkins setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/scripts/jenkins/postunpack.sh b/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/scripts/jenkins/postunpack.sh deleted file mode 100755 index 70ac5cc2762b..000000000000 --- a/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/scripts/jenkins/postunpack.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libjenkins.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh - -# Load Jenkins environment -. /opt/bitnami/scripts/jenkins-env.sh - -# Ensure required directories exist -chmod g+rwX "$JENKINS_BASE_DIR" -for dir in "$JENKINS_VOLUME_DIR" "$JENKINS_HOME" "${JENKINS_BASE_DIR}/plugins" "$JENKINS_TMP_DIR" "$JENKINS_LOGS_DIR"; do - ensure_dir_exists "$dir" - configure_permissions_ownership "$dir" -d "775" -f "664" -done diff --git a/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/scripts/jenkins/run.sh b/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/scripts/jenkins/run.sh deleted file mode 100755 index 2bf9fd9f36a1..000000000000 --- a/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/scripts/jenkins/run.sh +++ /dev/null @@ -1,55 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libjenkins.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Jenkins environment -. /opt/bitnami/scripts/jenkins-env.sh - -declare -a args -if [[ -n "${JAVA_OPTS:-}" ]]; then - read -r -a java_opts <<<"$JAVA_OPTS" - args+=("${java_opts[@]}") -fi - -args+=("-Duser.home=${JENKINS_HOME}" "-jar" "${JENKINS_BASE_DIR}/jenkins.war") -if is_boolean_yes "$JENKINS_FORCE_HTTPS"; then - args+=( - "--httpPort=-1" - "--httpsPort=${JENKINS_HTTPS_PORT_NUMBER:-"$JENKINS_DEFAULT_HTTPS_PORT_NUMBER"}" - "--httpsListenAddress=${JENKINS_HTTPS_LISTEN_ADDRESS:-"$JENKINS_DEFAULT_HTTPS_LISTEN_ADDRESS"}" - "--httpsKeyStore=${JENKINS_CERTS_DIR}/jenkins.jks" - "--httpsKeyStorePassword=${JENKINS_KEYSTORE_PASSWORD}" - ) -else - args+=( - "--httpPort=${JENKINS_HTTP_PORT_NUMBER:-"$JENKINS_DEFAULT_HTTP_PORT_NUMBER"}" - "--httpListenAddress=${JENKINS_HTTP_LISTEN_ADDRESS:-"$JENKINS_DEFAULT_HTTP_LISTEN_ADDRESS"}" - "--httpsPort=${JENKINS_HTTPS_PORT_NUMBER:-"$JENKINS_DEFAULT_HTTPS_PORT_NUMBER"}" - "--httpsListenAddress=${JENKINS_HTTPS_LISTEN_ADDRESS:-"$JENKINS_DEFAULT_HTTPS_LISTEN_ADDRESS"}" - "--httpsKeyStore=${JENKINS_CERTS_DIR}/jenkins.jks" - "--httpsKeyStorePassword=${JENKINS_KEYSTORE_PASSWORD}" - ) -fi -if [[ -n "${JENKINS_OPTS:-}" ]]; then - read -r -a jenkins_opts <<<"$JENKINS_OPTS" - args+=("${jenkins_opts[@]}") -fi -args+=("$@") - -info "** Starting Jenkins **" -if am_i_root; then - exec_as_user "$JENKINS_DAEMON_USER" java "${args[@]}" -else - exec java "${args[@]}" -fi diff --git a/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/scripts/jenkins/setup.sh b/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/scripts/jenkins/setup.sh deleted file mode 100755 index 6f57a009605c..000000000000 --- a/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/scripts/jenkins/setup.sh +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libjenkins.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh - -# Load Jenkins environment -. /opt/bitnami/scripts/jenkins-env.sh - -# Ensure Jenkins environment variables are valid -jenkins_validate - -if am_i_root; then - info "Creating Jenkins daemon user" - ensure_user_exists "$JENKINS_DAEMON_USER" --group "$JENKINS_DAEMON_GROUP" --home "$JENKINS_HOME" --system -fi - -# Ensure Jenkins is initialized -jenkins_initialize - -# Allow running custom initialization scripts -jenkins_custom_init_scripts diff --git a/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/scripts/libjenkins.sh b/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/scripts/libjenkins.sh deleted file mode 100644 index e3c180eb6d60..000000000000 --- a/bitnami/jenkins/2/debian-11/rootfs/opt/bitnami/scripts/libjenkins.sh +++ /dev/null @@ -1,485 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Jenkins library - -# shellcheck disable=SC1091 -# shellcheck disable=SC1090 - -# Load generic libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libpersistence.sh - -######################## -# Check if Jenkins is running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_jenkins_running() { - local pid - pgrep -f "^java.*-jar ${JENKINS_BASE_DIR}/jenkins.war" >"$JENKINS_PID_FILE" - pid="$(get_pid_from_file "$JENKINS_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if Jenkins is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_jenkins_not_running() { - ! is_jenkins_running -} - -######################## -# Stop Jenkins -# Arguments: -# None -# Returns: -# None -######################### -jenkins_stop() { - is_jenkins_not_running && return - info "Stopping Jenkins" - stop_service_using_pid "$JENKINS_PID_FILE" 15 -} - -######################## -# Start Jenkins in background -# Arguments: -# None -# Returns: -# None -######################### -jenkins_start_bg() { - local -a args - if [[ -n "${JAVA_OPTS:-}" ]]; then - read -r -a java_opts <<<"$JAVA_OPTS" - args+=("${java_opts[@]}") - fi - args+=("-Duser.home=${JENKINS_HOME}" "-jar" "${JENKINS_BASE_DIR}/jenkins.war" "--httpListenAddress=127.0.0.1") - - is_jenkins_running && return - info "Starting Jenkins in background" - if am_i_root; then - touch "$JENKINS_LOG_FILE" - configure_permissions_ownership "$JENKINS_LOG_FILE" -u "$JENKINS_DAEMON_USER" -g "$JENKINS_DAEMON_GROUP" - run_as_user "$JENKINS_DAEMON_USER" java "${args[@]}" >>"$JENKINS_LOG_FILE" 2>&1 & - else - java "${args[@]}" >>"$JENKINS_LOG_FILE" 2>&1 & - fi - wait_for_log_entry "Jenkins is fully up and running" "$JENKINS_LOG_FILE" 36 10 -} - -######################## -# Invoke the Jenkins bundled client -# Globals: -# JENKINS_* -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -jenkins_cli_execute() { - local -r cli_jar="$(find "${JENKINS_HOME}/war/WEB-INF/lib" -name "cli-*.jar")" - local -r http_port="${JENKINS_HTTP_PORT_NUMBER:-"$JENKINS_DEFAULT_HTTP_PORT_NUMBER"}" - local -r jenkins_url="http://127.0.0.1:${http_port}" - local -r args=("-jar" "${cli_jar}" "-s" "$jenkins_url" "-auth" "${JENKINS_USERNAME}:${JENKINS_PASSWORD}" "$@") - - debug "Executing command: java ${args[*]}" - if am_i_root; then - debug_execute run_as_user "$JENKINS_DAEMON_USER" java "${args[@]}" - else - debug_execute java "${args[@]}" - fi -} - -######################## -# Validate settings in JENKINS_* env vars -# Globals: -# JENKINS_* -# Arguments: -# None -# Returns: -# 0 if the validation succeeded, 1 otherwise -######################### -jenkins_validate() { - debug "Validating settings in JENKINS_* environment variables..." - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - check_conflicting_ports() { - local -r total="$#" - for i in $(seq 1 "$((total - 1))"); do - for j in $(seq "$((i + 1))" "$total"); do - var_i="${!i}" - var_j="${!j}" - if [[ -n "${!var_i:-}" ]] && [[ -n "${!var_j:-}" ]] && [[ "${!var_i:-}" -eq "${!var_j:-}" ]]; then - print_validation_error "${var_i} and ${var_j} are bound to the same port" - fi - done - done - } - check_resolved_hostname() { - if ! is_hostname_resolved "$1"; then - warn "Hostname ${1} could not be resolved, this could lead to connection issues" - fi - } - check_empty_value() { - if is_empty_value "${!1}"; then - print_validation_error "${1} must be set" - fi - } - check_yes_no_value() { - if ! is_yes_no_value "${!1}" && ! is_true_false_value "${!1}"; then - print_validation_error "The allowed values for ${1} are: yes no" - fi - } - check_valid_port() { - local port_var="${1:?missing port variable}" - local err - if ! err="$(validate_port "${!port_var}")"; then - print_validation_error "An invalid port was specified in the environment variable ${port_var}: ${err}." - fi - } - - check_yes_no_value "JENKINS_SKIP_BOOTSTRAP" - - # Validate ports - ! is_empty_value "$JENKINS_HTTP_PORT_NUMBER" && check_valid_port "JENKINS_HTTP_PORT_NUMBER" - ! is_empty_value "$JENKINS_HTTPS_PORT_NUMBER" && check_valid_port "JENKINS_HTTPS_PORT_NUMBER" - ! is_empty_value "$JENKINS_JNLP_PORT_NUMBER" && check_valid_port "JENKINS_JNLP_PORT_NUMBER" - check_conflicting_ports "JENKINS_HTTP_PORT_NUMBER" "JENKINS_HTTPS_PORT_NUMBER" "JENKINS_JNLP_PORT_NUMBER" - - # Validate host - check_yes_no_value "JENKINS_FORCE_HTTPS" - if ! is_empty_value "$JENKINS_HOST"; then - check_resolved_hostname "$JENKINS_HOST" - [[ "$JENKINS_HOST" =~ localhost ]] && print_validation_error "JENKINS_HOST must be set to an actual hostname, localhost values are not allowed." - validate_ipv4 "$JENKINS_HOST" && print_validation_error "JENKINS_HOST must be set to an actual hostname, IP addresses are not allowed." - fi - - # Validate credentials - check_empty_value "JENKINS_PASSWORD" - if [[ "${#JENKINS_PASSWORD}" -lt 6 ]]; then - print_validation_error "The admin password must be at least 6 characters long. Set the environment variable JENKINS_PASSWORD with a longer value" - fi - - # Validate swarm configuration - check_yes_no_value "JENKINS_ENABLE_SWARM" - is_boolean_yes "$JENKINS_ENABLE_SWARM" && check_empty_value "JENKINS_SWARM_PASSWORD" - - return "$error_code" -} - -######################## -# Ensure Jenkins is initialized -# Globals: -# JENKINS_* -# Arguments: -# None -# Returns: -# None -######################### -jenkins_initialize() { - local -r init_jenkins_groovy_tpl="${JENKINS_TEMPLATES_DIR}/init-jenkins$(is_boolean_yes "$JENKINS_ENABLE_SWARM" && echo "-swarm").groovy.tpl" - - if am_i_root; then - # Ensure Jenkins daemon user has proper permissions on Jenkins home directory - info "Configuring file permissions for Jenkins" - is_mounted_dir_empty "$JENKINS_HOME" && configure_permissions_ownership "$JENKINS_HOME" -d "755" -f "644" -u "$JENKINS_DAEMON_USER" -g "$JENKINS_DAEMON_GROUP" - fi - - if is_mounted_dir_empty "$JENKINS_HOME"; then - # Copy files from mounted directory, except for plugins - if ! is_mounted_dir_empty "$JENKINS_MOUNTED_CONTENT_DIR"; then - info "Moving custom mounted files to Jenkins home directory" - echo "--- Copying files at $(date)" >>"${JENKINS_LOGS_DIR}/copy_reference_file.log" - find "$JENKINS_MOUNTED_CONTENT_DIR" \( -type f -o -type l \) -and -not -path "$JENKINS_MOUNTED_CONTENT_DIR/plugins/*" | xargs -I % -P10 bash -c '. /opt/bitnami/scripts/libjenkins.sh && jenkins_add_custom_file %' - fi - # Install Jenkins plugins defined in JENKINS_PLUGINS - jenkins_install_plugins - # Initialize Jenkins - if ! is_boolean_yes "$JENKINS_SKIP_BOOTSTRAP"; then - # Create init groovy script and initialize Jenkins - info "Creating init script" - ensure_dir_exists "${JENKINS_HOME}/init.groovy.d" - jnlp_port="${JENKINS_JNLP_PORT_NUMBER:-"$JENKINS_DEFAULT_JNLP_PORT_NUMBER"}" render-template "$init_jenkins_groovy_tpl" >"${JENKINS_HOME}/init.groovy.d/init-jenkins.groovy" - jenkins_start_bg - # Configure host - ! is_empty_value "$JENKINS_HOST" && jenkins_configure_host "$JENKINS_HOST" - # Rotate the logs in Jenkins to clean the Jenkins warnings before actually configuring the app - jenkins_stop - # Generate jenkins.jks - "${JAVA_HOME}/bin/keytool" -genkey -keyalg RSA -keypass "${JENKINS_KEYSTORE_PASSWORD}" -storepass "${JENKINS_KEYSTORE_PASSWORD}" -keystore "${JENKINS_CERTS_DIR}/jenkins.jks" -dname "CN=${JENKINS_HOST}, O=${JENKINS_HOST}" -alias "${JENKINS_HOST}" - mv "$JENKINS_LOG_FILE" "${JENKINS_LOGS_DIR}/jenkins.firstboot.log" - rm "${JENKINS_HOME}/init.groovy.d/init-jenkins.groovy" - else - info "Skipping Bitnami initialization" - fi - else - info "Detected data from previous deployments" - jenkins_override_home_paths - # If JENKINS_OVERRIDE_PLUGINS is enabled, remove plugins from the volume if any and trigger new installation - if is_boolean_yes "$JENKINS_OVERRIDE_PLUGINS"; then - [[ -d "${JENKINS_HOME}/plugins" ]] && rm -rf "${JENKINS_HOME}/plugins" - jenkins_install_plugins - fi - fi - - true -} - -######################### -# Configure Jenkins host -# Globals: -# JENKINS_* -# Arguments: -# $1 - hostname -# Returns: -# None -######################### -jenkins_configure_host() { - local -r hostname="${1:?missing hostname}" - local -r local_port="${JENKINS_HTTP_PORT_NUMBER:-"$JENKINS_DEFAULT_HTTP_PORT_NUMBER"}" - local -r configure_host_groovy_tpl="${JENKINS_TEMPLATES_DIR}/configure-host.groovy.tpl" - local -r retries="30" - local -r interval_time="10" - local base_url - local scheme - - is_boolean_yes "$JENKINS_FORCE_HTTPS" && scheme="https" || scheme="http" - base_url="${scheme}://${hostname}" - if is_boolean_yes "$JENKINS_FORCE_HTTPS"; then - [[ "$JENKINS_EXTERNAL_HTTPS_PORT_NUMBER" != "443" ]] && base_url+=":${JENKINS_EXTERNAL_HTTPS_PORT_NUMBER}" - else - [[ "$JENKINS_EXTERNAL_HTTP_PORT_NUMBER" != "80" ]] && base_url+=":${JENKINS_EXTERNAL_HTTP_PORT_NUMBER}" - fi - info "Configuring Jenkins URL to ${base_url}" - - if ! retry_while "debug_execute curl -sSf http://127.0.0.1:${local_port}/login" "$retries" "$interval_time"; then - error "Jenkins is not accessible" - return 1 - else - configure_host_tmp=$(mktemp) - url="${base_url}" render-template "$configure_host_groovy_tpl" >"$configure_host_tmp" - jenkins_cli_execute "groovy" "=" <"$configure_host_tmp" - rm "$configure_host_tmp" - fi -} - -######################### -# Copy files from JENKINS_MOUNTED_CONTENT_DIR into JENKINS_HOME -# Based on https://github.com/jenkinsci/docker/blob/8e33e547a43d248bbb3cf403fe908dbf11d4ae45/jenkins-support -# Globals: -# JENKINS_* -# Arguments: -# $1 - filepath -# Returns: -# None -######################### -jenkins_add_custom_file() { - local -r filepath="${1:?filepath is required}" - local -r filename="$(basename "$filepath")" - local -r relpath="${filepath#"${JENKINS_MOUNTED_CONTENT_DIR}/"}" - local action - local reason - - get_plugin_version() { - local -r pluginpath="${1:?pluginpath is required}" - local version - # Use unzip -p, which is mean to extract files to pipe - # https://linux.die.net/man/1/unzip - version=$(unzip -p "$pluginpath" META-INF/MANIFEST.MF | grep "^Plugin-Version: " | sed -e 's#^Plugin-Version: ##') - version=${version%%[[:space:]]} - echo "$version" - } - - if [[ $relpath = plugins/*.jpi ]]; then - debug "Adding custom plugin ${filename}" - if [[ -f "${JENKINS_HOME}/${relpath}" ]]; then - debug "Plugin ${filename} already exists" - plugin_version=$(get_plugin_version "${JENKINS_HOME}/${relpath}") - current_version=$(get_plugin_version "$filepath") - if [[ "$(get_sematic_version "$plugin_version" 1)" -gt "$(get_sematic_version "$current_version" 1)" ]]; then - action="UPGRADED" - reason="Installed version ($current_version) is older than installed version ($plugin_version)" - cp -pr "$(realpath "${filepath}")" "${JENKINS_HOME}/${relpath}" - else - action="SKIPPED" - reason="Installed version ($current_version) is lower or equal than installed version ($plugin_version)" - fi - else - action="INSTALLED" - mkdir -p "${JENKINS_HOME}/$(dirname "$relpath")" - cp -pr "$(realpath "${filepath}")" "${JENKINS_HOME}/${relpath}" - fi - else - if [[ ! -f "${JENKINS_HOME}/${relpath}" ]]; then - action="INSTALLED" - mkdir -p "${JENKINS_HOME}/$(dirname "$relpath")" - cp -pr "$(realpath "${filepath}")" "${JENKINS_HOME}/${relpath}" - else - action="SKIPPED" - fi - fi - if [[ -z "$reason" ]]; then - echo "$action $relpath" >>"${JENKINS_LOGS_DIR}/copy_reference_file.log" - else - echo "$action $relpath : $reason" >>"${JENKINS_LOGS_DIR}/copy_reference_file.log" - fi -} - -######################## -# Run custom initialization scripts -# Globals: -# JENKINS_* -# Arguments: -# None -# Returns: -# None -######################### -jenkins_custom_init_scripts() { - if [[ -n $(find /docker-entrypoint-initdb.d/ -type f -regex ".*\.\(sh\|groovy\)") ]] && [[ ! -f "${JENKINS_VOLUME_DIR}/.user_scripts_initialized" ]]; then - info "Loading user's custom files from /docker-entrypoint-initdb.d" - for f in /docker-entrypoint-initdb.d/*; do - debug "Executing $f" - case "$f" in - *.sh) - if [[ -x "$f" ]]; then - if ! "$f"; then - error "Failed executing $f" - return 1 - fi - else - warn "Sourcing $f as it is not executable by the current user, any error may cause initialization to fail" - . "$f" - fi - ;; - *.groovy) - cp "$f" "${JENKINS_HOME}/init.groovy.d" - jenkins_start_bg - jenkins_stop - # Rotate the logs in Jenkins - mv "$JENKINS_LOG_FILE" "${JENKINS_LOGS_DIR}/jenkins.initscripts.log" - rm "${JENKINS_HOME}/init.groovy.d/$(basename "$f")" - ;; - *) - warn "Skipping $f, supported formats are: .sh .groovy" - ;; - esac - done - touch "${JENKINS_VOLUME_DIR}/.user_scripts_initialized" - fi -} - -######################## -# Installs/upgrades plugins defined -# Globals: -# JENKINS_* -# Arguments: -# None -# Returns: -# None -######################### -jenkins_install_plugins() { - read -r -a plugins_list <<<"$(tr ',;' ' ' <<<"$JENKINS_PLUGINS")" - local -r plugin_manager_jar="${JENKINS_BASE_DIR}/jenkins-plugin-manager.jar" - local -r jenkins_war="${JENKINS_BASE_DIR}/jenkins.war" - local -r plugins_dir="${JENKINS_HOME}/plugins" - local -r tmp_plugins_file="${JENKINS_TMP_DIR}/plugins.txt" - local -a args=("-jar" "${plugin_manager_jar}" "--war" "$jenkins_war" "--plugin-file" "$tmp_plugins_file" "-d" "$plugins_dir" "--verbose") - - info "Installing Jenkins plugins" - # Copy built-in plugins included in the image - if ! is_dir_empty "${JENKINS_BASE_DIR}/plugins" && ! is_boolean_yes "$JENKINS_SKIP_IMAGE_PLUGINS"; then - debug "Moving image plugins to $JENKINS_HOME" - ensure_dir_exists "${JENKINS_HOME}/plugins" - mv "${JENKINS_BASE_DIR}/plugins"/* "${JENKINS_HOME}/plugins" - am_i_root && configure_permissions_ownership "${JENKINS_HOME}/plugins" -d "755" -f "644" -u "$JENKINS_DAEMON_USER" -g "$JENKINS_DAEMON_GROUP" - else - debug "${JENKINS_BASE_DIR}/plugins is empty" - fi - - # Copy plugins from mounted directory - if ! is_mounted_dir_empty "$JENKINS_MOUNTED_CONTENT_DIR/plugins"; then - debug "Moving custom mounted plugins to Jenkins home directory" - echo "--- Copying files at $(date)" >>"${JENKINS_LOGS_DIR}/copy_reference_file.log" - find "$JENKINS_MOUNTED_CONTENT_DIR/plugins" \( -type f -o -type l \) | xargs -I % -P10 bash -c '. /opt/bitnami/scripts/libjenkins.sh && jenkins_add_custom_file %' - else - debug "${JENKINS_MOUNTED_CONTENT_DIR}/plugins is empty" - fi - - # Install plugins from JENKINS_PLUGINS environment variable - if [[ "${#plugins_list[@]}" -gt 0 ]]; then - # Additional parameters - args+=("--latest" "$(is_boolean_yes "$JENKINS_PLUGINS_LATEST" && echo "true" || echo "false")") - if is_boolean_yes "$JENKINS_PLUGINS_LATEST_SPECIFIED"; then - args+=("--latest-specified") - fi - # Install plugins - debug "Installing plugins: ${plugins_list[*]}" - for i in "${plugins_list[@]}"; do - echo "$i" >> "$tmp_plugins_file" - done - if am_i_root; then - debug_execute run_as_user "$JENKINS_DAEMON_USER" java "${args[@]}" - else - debug_execute java "${args[@]}" - fi - rm "$tmp_plugins_file" - fi -} - -######################## -# Remove directories and files from Jenkins home and/or copy them from the mounted content dir -# Globals: -# JENKINS_* -# Arguments: -# None -# Returns: -# None -######################### -jenkins_override_home_paths() { - read -r -a paths_list <<<"$(tr ',;' ' ' <<<"$JENKINS_OVERRIDE_PATHS")" - # Skip if JENKINS_OVERRIDE_PATHS is empty - [[ "${#paths_list[@]}" -gt 0 ]] || return 0 - - info "The following relative paths will be removed from Jenkins home directory: ${paths_list[*]}" - for path in "${paths_list[@]}"; do - # Ensure no leading slash - relpath=${path#/} - # Remove file from Jenkins home - if [[ -d "${JENKINS_HOME}/${relpath}" ]]; then - rm -rf "${JENKINS_HOME:?}/${relpath}" - elif [[ -f "${JENKINS_HOME}/${relpath}" ]]; then - rm "${JENKINS_HOME}/${relpath}" - fi - # Mount relative path from mounted content dir - if ! is_mounted_dir_empty "$JENKINS_MOUNTED_CONTENT_DIR/${relpath}"; then - debug "Copying mounted directory ${relpath} to Jenkins home directory" - find "$JENKINS_MOUNTED_CONTENT_DIR/${relpath}" \( -type f -o -type l \) | xargs -I % -P10 bash -c '. /opt/bitnami/scripts/libjenkins.sh && jenkins_add_custom_file %' - elif [[ -f "$JENKINS_MOUNTED_CONTENT_DIR/${relpath}" ]]; then - debug "Copying mounted file ${relpath} to Jenkins home directory" - jenkins_add_custom_file "$JENKINS_MOUNTED_CONTENT_DIR/${relpath}" - fi - done -} diff --git a/bitnami/jenkins/2/debian-11/tags-info.yaml b/bitnami/jenkins/2/debian-11/tags-info.yaml deleted file mode 100644 index 1dc24f60a374..000000000000 --- a/bitnami/jenkins/2/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "2" -- 2-debian-11 -- 2.426.3 -- latest diff --git a/bitnami/jmx-exporter/0/debian-11/Dockerfile b/bitnami/jmx-exporter/0/debian-11/Dockerfile deleted file mode 100644 index e0465ca00c62..000000000000 --- a/bitnami/jmx-exporter/0/debian-11/Dockerfile +++ /dev/null @@ -1,57 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T05:28:24Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="0.20.0-debian-11-r25" \ - org.opencontainers.image.title="jmx-exporter" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="0.20.0" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "java-17.0.10-13-2-linux-${OS_ARCH}-debian-11" \ - "jmx-exporter-0.20.0-3-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y ca-certificates curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN chown -R 1001:1001 /opt/bitnami/jmx-exporter - -ENV APP_VERSION="0.20.0" \ - BITNAMI_APP_NAME="jmx-exporter" \ - PATH="/opt/bitnami/java/bin:$PATH" - -EXPOSE 5556 - -WORKDIR /opt/bitnami/jmx-exporter -USER 1001 -ENTRYPOINT [ "java", "-jar", "jmx_prometheus_httpserver.jar" ] -CMD [ "5556", "example_configs/httpserver_sample_config.yml" ] diff --git a/bitnami/jmx-exporter/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/jmx-exporter/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 0a436a15c4da..000000000000 --- a/bitnami/jmx-exporter/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "java": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "17.0.10-13-2" - }, - "jmx-exporter": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "0.20.0-3" - } -} \ No newline at end of file diff --git a/bitnami/jmx-exporter/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/jmx-exporter/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/jmx-exporter/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/jmx-exporter/0/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/jmx-exporter/0/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/jmx-exporter/0/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/jmx-exporter/0/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/jmx-exporter/0/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/jmx-exporter/0/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/jmx-exporter/0/debian-11/tags-info.yaml b/bitnami/jmx-exporter/0/debian-11/tags-info.yaml deleted file mode 100644 index 02b64ae8afbd..000000000000 --- a/bitnami/jmx-exporter/0/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "0" -- 0-debian-11 -- 0.20.0 -- latest diff --git a/bitnami/joomla/5/debian-11/Dockerfile b/bitnami/joomla/5/debian-11/Dockerfile deleted file mode 100644 index 8e5cebd5a72d..000000000000 --- a/bitnami/joomla/5/debian-11/Dockerfile +++ /dev/null @@ -1,67 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T16:31:23Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="5.0.2-debian-11-r21" \ - org.opencontainers.image.title="joomla" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="5.0.2" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages acl ca-certificates curl libaudit1 libbrotli1 libbsd0 libbz2-1.0 libcap-ng0 libcom-err2 libcrypt1 libcurl4 libexpat1 libffi7 libfftw3-double3 libfontconfig1 libfreetype6 libgcc-s1 libgcrypt20 libglib2.0-0 libgmp10 libgnutls30 libgomp1 libgpg-error0 libgssapi-krb5-2 libhogweed6 libicu67 libidn2-0 libjpeg62-turbo libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 liblcms2-2 libldap-2.4-2 liblqr-1-0 libltdl7 liblzma5 libmagickcore-6.q16-6 libmagickwand-6.q16-6 libmd0 libmemcached11 libncurses6 libnettle8 libnghttp2-14 libonig5 libp11-kit0 libpam0g libpcre2-8-0 libpcre3 libpng16-16 libpq5 libpsl5 libreadline8 librtmp1 libsasl2-2 libsodium23 libsqlite3-0 libssh2-1 libssl1.1 libstdc++6 libsybdb5 libtasn1-6 libtidy5deb1 libtinfo6 libunistring2 libuuid1 libwebp6 libx11-6 libxau6 libxcb1 libxdmcp6 libxext6 libxml2 libxslt1.1 libzip4 openssl procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "render-template-1.0.6-8-linux-${OS_ARCH}-debian-11" \ - "php-8.1.27-5-linux-${OS_ARCH}-debian-11" \ - "apache-2.4.58-6-linux-${OS_ARCH}-debian-11" \ - "mysql-client-11.2.3-0-linux-${OS_ARCH}-debian-11" \ - "libphp-8.1.27-2-linux-${OS_ARCH}-debian-11" \ - "joomla-5.0.2-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/apache/postunpack.sh -RUN /opt/bitnami/scripts/php/postunpack.sh -RUN /opt/bitnami/scripts/apache-modphp/postunpack.sh -RUN /opt/bitnami/scripts/joomla/postunpack.sh -RUN /opt/bitnami/scripts/mysql-client/postunpack.sh -ENV APACHE_HTTPS_PORT_NUMBER="" \ - APACHE_HTTP_PORT_NUMBER="" \ - APP_VERSION="5.0.2" \ - BITNAMI_APP_NAME="joomla" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/php/bin:/opt/bitnami/php/sbin:/opt/bitnami/apache/bin:/opt/bitnami/mysql/bin:$PATH" - -EXPOSE 8080 8443 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/joomla/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/apache/run.sh" ] diff --git a/bitnami/joomla/5/debian-11/docker-compose.yml b/bitnami/joomla/5/debian-11/docker-compose.yml deleted file mode 100644 index 8cc818c76707..000000000000 --- a/bitnami/joomla/5/debian-11/docker-compose.yml +++ /dev/null @@ -1,35 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' -services: - mariadb: - image: docker.io/bitnami/mariadb:11.2 - environment: - # ALLOW_EMPTY_PASSWORD is recommended only for development. - - ALLOW_EMPTY_PASSWORD=yes - - MARIADB_USER=bn_joomla - - MARIADB_DATABASE=bitnami_joomla - volumes: - - 'mariadb_data:/bitnami/mariadb' - joomla: - image: docker.io/bitnami/joomla:5 - ports: - - '80:8080' - - '443:8443' - environment: - - JOOMLA_DATABASE_HOST=mariadb - - JOOMLA_DATABASE_PORT_NUMBER=3306 - - JOOMLA_DATABASE_USER=bn_joomla - - JOOMLA_DATABASE_NAME=bitnami_joomla - # ALLOW_EMPTY_PASSWORD is recommended only for development. - - ALLOW_EMPTY_PASSWORD=yes - volumes: - - 'joomla_data:/bitnami/joomla' - depends_on: - - mariadb -volumes: - mariadb_data: - driver: local - joomla_data: - driver: local diff --git a/bitnami/joomla/5/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/joomla/5/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index a9f5bfc31915..000000000000 --- a/bitnami/joomla/5/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,38 +0,0 @@ -{ - "apache": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.4.58-6" - }, - "joomla": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "5.0.2-1" - }, - "libphp": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "8.1.27-2" - }, - "mysql-client": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "11.2.3-0" - }, - "php": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "8.1.27-5" - }, - "render-template": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.6-8" - } -} \ No newline at end of file diff --git a/bitnami/joomla/5/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/joomla/5/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/joomla/5/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/joomla/5/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/joomla/5/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/joomla/5/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/joomla/5/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/joomla/5/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/joomla/5/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/joomla/5/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/joomla/5/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/joomla/5/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/joomla/5/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/joomla/5/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/joomla/5/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/joomla/5/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/joomla/5/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/joomla/5/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/joomla/5/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/joomla/5/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/joomla/5/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/joomla/5/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/joomla/5/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/joomla/5/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/joomla/5/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/joomla/5/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/joomla/5/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/joomla/5/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/joomla/5/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/joomla/5/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/joomla/5/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/joomla/5/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/joomla/5/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/joomla/5/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/joomla/5/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/joomla/5/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/joomla/5/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/joomla/5/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/joomla/5/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/joomla/5/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/joomla/5/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/joomla/5/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/apache/conf/deflate.conf b/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/apache/conf/deflate.conf deleted file mode 100644 index ca9bc1d6e4b6..000000000000 --- a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/apache/conf/deflate.conf +++ /dev/null @@ -1,5 +0,0 @@ - - AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css - AddOutputFilterByType DEFLATE application/x-javascript application/javascript application/ecmascript - AddOutputFilterByType DEFLATE application/rss+xml - diff --git a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/apache/conf/vhosts/00_status-vhost.conf b/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/apache/conf/vhosts/00_status-vhost.conf deleted file mode 100644 index c0838da2a4e5..000000000000 --- a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/apache/conf/vhosts/00_status-vhost.conf +++ /dev/null @@ -1,7 +0,0 @@ - - ServerName status.localhost - - Require local - SetHandler server-status - - diff --git a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache-env.sh b/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache-env.sh deleted file mode 100644 index 449481062e54..000000000000 --- a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache-env.sh +++ /dev/null @@ -1,80 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for apache - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-apache}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -apache_env_vars=( - APACHE_HTTP_PORT_NUMBER - APACHE_HTTPS_PORT_NUMBER - APACHE_SERVER_TOKENS - APACHE_HTTP_PORT - APACHE_HTTPS_PORT -) -for env_var in "${apache_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset apache_env_vars -export WEB_SERVER_TYPE="apache" - -# Paths -export APACHE_BASE_DIR="${BITNAMI_ROOT_DIR}/apache" -export APACHE_BIN_DIR="${APACHE_BASE_DIR}/bin" -export APACHE_CONF_DIR="${APACHE_BASE_DIR}/conf" -export APACHE_HTDOCS_DIR="${APACHE_BASE_DIR}/htdocs" -export APACHE_TMP_DIR="${APACHE_BASE_DIR}/var/run" -export APACHE_LOGS_DIR="${APACHE_BASE_DIR}/logs" -export APACHE_VHOSTS_DIR="${APACHE_CONF_DIR}/vhosts" -export APACHE_HTACCESS_DIR="${APACHE_VHOSTS_DIR}/htaccess" -export APACHE_CONF_FILE="${APACHE_CONF_DIR}/httpd.conf" -export APACHE_PID_FILE="${APACHE_TMP_DIR}/httpd.pid" -export PATH="${APACHE_BIN_DIR}:${BITNAMI_ROOT_DIR}/common/bin:${PATH}" - -# System users (when running with a privileged user) -export APACHE_DAEMON_USER="daemon" -export WEB_SERVER_DAEMON_USER="$APACHE_DAEMON_USER" -export APACHE_DAEMON_GROUP="daemon" -export WEB_SERVER_DAEMON_GROUP="$APACHE_DAEMON_GROUP" -export WEB_SERVER_GROUP="$APACHE_DAEMON_GROUP" - -# Apache configuration -export APACHE_DEFAULT_HTTP_PORT_NUMBER="8080" -export WEB_SERVER_DEFAULT_HTTP_PORT_NUMBER="$APACHE_DEFAULT_HTTP_PORT_NUMBER" # only used at build time -export APACHE_DEFAULT_HTTPS_PORT_NUMBER="8443" -export WEB_SERVER_DEFAULT_HTTPS_PORT_NUMBER="$APACHE_DEFAULT_HTTPS_PORT_NUMBER" # only used at build time -APACHE_HTTP_PORT_NUMBER="${APACHE_HTTP_PORT_NUMBER:-"${APACHE_HTTP_PORT:-}"}" -export APACHE_HTTP_PORT_NUMBER="${APACHE_HTTP_PORT_NUMBER:-}" -export WEB_SERVER_HTTP_PORT_NUMBER="$APACHE_HTTP_PORT_NUMBER" -APACHE_HTTPS_PORT_NUMBER="${APACHE_HTTPS_PORT_NUMBER:-"${APACHE_HTTPS_PORT:-}"}" -export APACHE_HTTPS_PORT_NUMBER="${APACHE_HTTPS_PORT_NUMBER:-}" -export WEB_SERVER_HTTPS_PORT_NUMBER="$APACHE_HTTPS_PORT_NUMBER" -export APACHE_SERVER_TOKENS="${APACHE_SERVER_TOKENS:-Prod}" - -# Custom environment variables may be defined below diff --git a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache-modphp/postunpack.sh b/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache-modphp/postunpack.sh deleted file mode 100755 index a415969338cc..000000000000 --- a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache-modphp/postunpack.sh +++ /dev/null @@ -1,39 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libversion.sh -. /opt/bitnami/scripts/libapache.sh - -# Load Apache environment -. /opt/bitnami/scripts/apache-env.sh -. /opt/bitnami/scripts/php-env.sh - -# Enable required Apache modules -apache_enable_module "mpm_prefork_module" -php_version="$("${PHP_BIN_DIR}/php" -v | grep ^PHP | cut -d' ' -f2))" -php_major_version="$(get_sematic_version "$php_version" 1)" -if [[ "$php_major_version" -eq "8" ]]; then - apache_enable_module "php_module" "modules/libphp.so" -else - apache_enable_module "php${php_major_version}_module" "modules/libphp${php_major_version}.so" -fi - -# Disable incompatible Apache modules -apache_disable_module "mpm_event_module" - -# Write Apache configuration -apache_php_conf_file="${APACHE_CONF_DIR}/bitnami/php.conf" -cat > "$apache_php_conf_file" < - {{server_name_configuration}} - {{additional_http_configuration}} - {{additional_configuration}} - diff --git a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-https-vhost.conf.tpl b/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-https-vhost.conf.tpl deleted file mode 100644 index 589538513c9c..000000000000 --- a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-https-vhost.conf.tpl +++ /dev/null @@ -1,10 +0,0 @@ -{{https_listen_configuration}} -{{before_vhost_configuration}} - - {{server_name_configuration}} - SSLEngine on - SSLCertificateFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.crt" - SSLCertificateKeyFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.key" - {{additional_https_configuration}} - {{additional_configuration}} - diff --git a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-prefix.conf.tpl b/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-prefix.conf.tpl deleted file mode 100644 index c895e537502a..000000000000 --- a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-prefix.conf.tpl +++ /dev/null @@ -1 +0,0 @@ -{{additional_configuration}} diff --git a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-http-vhost.conf.tpl b/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-http-vhost.conf.tpl deleted file mode 100644 index 96be8f822771..000000000000 --- a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-http-vhost.conf.tpl +++ /dev/null @@ -1,15 +0,0 @@ -{{http_listen_configuration}} -{{before_vhost_configuration}} - - {{server_name_configuration}} - DocumentRoot {{document_root}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - {{extra_directory_configuration}} - - {{additional_http_configuration}} - {{additional_configuration}} - {{htaccess_include}} - diff --git a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-https-vhost.conf.tpl b/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-https-vhost.conf.tpl deleted file mode 100644 index 1ad938929726..000000000000 --- a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-https-vhost.conf.tpl +++ /dev/null @@ -1,18 +0,0 @@ -{{https_listen_configuration}} -{{before_vhost_configuration}} - - {{server_name_configuration}} - SSLEngine on - SSLCertificateFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.crt" - SSLCertificateKeyFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.key" - DocumentRoot {{document_root}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - {{extra_directory_configuration}} - - {{additional_https_configuration}} - {{additional_configuration}} - {{htaccess_include}} - diff --git a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-prefix.conf.tpl b/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-prefix.conf.tpl deleted file mode 100644 index fc0f6c218196..000000000000 --- a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-prefix.conf.tpl +++ /dev/null @@ -1,9 +0,0 @@ -{{prefix_conf}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - {{extra_directory_configuration}} - -{{additional_configuration}} -{{htaccess_include}} diff --git a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-http-vhost.conf.tpl b/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-http-vhost.conf.tpl deleted file mode 100644 index 9440b89d28bf..000000000000 --- a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-http-vhost.conf.tpl +++ /dev/null @@ -1,11 +0,0 @@ -{{http_listen_configuration}} -{{before_vhost_configuration}} - - {{server_name_configuration}} - {{proxy_configuration}} - {{proxy_http_configuration}} - ProxyPass / {{proxy_address}} - ProxyPassReverse / {{proxy_address}} - {{additional_http_configuration}} - {{additional_configuration}} - diff --git a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-https-vhost.conf.tpl b/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-https-vhost.conf.tpl deleted file mode 100644 index 577cd461eb9d..000000000000 --- a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-https-vhost.conf.tpl +++ /dev/null @@ -1,14 +0,0 @@ -{{https_listen_configuration}} -{{before_vhost_configuration}} - - {{server_name_configuration}} - SSLEngine on - SSLCertificateFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.crt" - SSLCertificateKeyFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.key" - {{proxy_configuration}} - {{proxy_https_configuration}} - ProxyPass / {{proxy_address}} - ProxyPassReverse / {{proxy_address}} - {{additional_https_configuration}} - {{additional_configuration}} - diff --git a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-prefix.conf.tpl b/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-prefix.conf.tpl deleted file mode 100644 index 7ac08b131680..000000000000 --- a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-prefix.conf.tpl +++ /dev/null @@ -1,11 +0,0 @@ -{{prefix_conf}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - {{proxy_configuration}} - ProxyPass / {{proxy_address}} - ProxyPassReverse / {{proxy_address}} - {{extra_directory_configuration}} - -{{additional_configuration}} diff --git a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-http-vhost.conf.tpl b/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-http-vhost.conf.tpl deleted file mode 100644 index f518c7d42aab..000000000000 --- a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-http-vhost.conf.tpl +++ /dev/null @@ -1,16 +0,0 @@ -{{http_listen_configuration}} -{{before_vhost_configuration}} -PassengerPreStart http://localhost:{{http_port}}/ - - {{server_name_configuration}} - DocumentRoot {{document_root}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - PassengerEnabled on - {{extra_directory_configuration}} - - {{additional_http_configuration}} - {{additional_configuration}} - diff --git a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-https-vhost.conf.tpl b/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-https-vhost.conf.tpl deleted file mode 100644 index 5aae54c37d3b..000000000000 --- a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-https-vhost.conf.tpl +++ /dev/null @@ -1,19 +0,0 @@ -{{https_listen_configuration}} -{{before_vhost_configuration}} -PassengerPreStart https://localhost:{{https_port}}/ - - {{server_name_configuration}} - SSLEngine on - SSLCertificateFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.crt" - SSLCertificateKeyFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.key" - DocumentRoot {{document_root}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - PassengerEnabled on - {{extra_directory_configuration}} - - {{additional_https_configuration}} - {{additional_configuration}} - diff --git a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-prefix.conf.tpl b/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-prefix.conf.tpl deleted file mode 100644 index 2242d656b5a8..000000000000 --- a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-prefix.conf.tpl +++ /dev/null @@ -1,9 +0,0 @@ -{{prefix_conf}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - PassengerEnabled on - {{extra_directory_configuration}} - -{{additional_configuration}} diff --git a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami-ssl.conf.tpl b/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami-ssl.conf.tpl deleted file mode 100644 index f1d31ed3ecc3..000000000000 --- a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami-ssl.conf.tpl +++ /dev/null @@ -1,29 +0,0 @@ -# Default SSL Virtual Host configuration. - - - LoadModule ssl_module modules/mod_ssl.so - - -Listen 443 -SSLProtocol all -SSLv2 -SSLv3 -SSLHonorCipherOrder on -SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !EDH !RC4" -SSLPassPhraseDialog builtin -SSLSessionCache "shmcb:{{APACHE_LOGS_DIR}}/ssl_scache(512000)" -SSLSessionCacheTimeout 300 - - - DocumentRoot "{{APACHE_BASE_DIR}}/htdocs" - SSLEngine on - SSLCertificateFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.crt" - SSLCertificateKeyFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.key" - - - Options Indexes FollowSymLinks - AllowOverride All - Require all granted - - - # Error Documents - ErrorDocument 503 /503.html - diff --git a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami.conf.tpl b/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami.conf.tpl deleted file mode 100644 index 75a255c3efee..000000000000 --- a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami.conf.tpl +++ /dev/null @@ -1,17 +0,0 @@ -# Default Virtual Host configuration. - -# Let Apache know we're behind a SSL reverse proxy -SetEnvIf X-Forwarded-Proto https HTTPS=on - - - DocumentRoot "{{APACHE_BASE_DIR}}/htdocs" - - Options Indexes FollowSymLinks - AllowOverride All - Require all granted - - - # Error Documents - ErrorDocument 503 /503.html - - diff --git a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/entrypoint.sh b/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/entrypoint.sh deleted file mode 100755 index dad82feba389..000000000000 --- a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/entrypoint.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -#set -o xtrace - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Apache environment -. /opt/bitnami/scripts/apache-env.sh - -print_welcome_page - -if [[ "$*" == *"/opt/bitnami/scripts/apache/run.sh"* ]]; then - info "** Starting Apache setup **" - /opt/bitnami/scripts/apache/setup.sh - info "** Apache setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/postunpack.sh b/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/postunpack.sh deleted file mode 100755 index 6a480ad4ddde..000000000000 --- a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/postunpack.sh +++ /dev/null @@ -1,127 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh - -######################## -# Sets up the default Bitnami configuration -# Globals: -# APACHE_* -# Arguments: -# None -# Returns: -# None -######################### -apache_setup_bitnami_config() { - local template_dir="${BITNAMI_ROOT_DIR}/scripts/apache/bitnami-templates" - - # Enable Apache modules - local -a modules_to_enable=( - "deflate_module" - "negotiation_module" - "proxy[^\s]*_module" - "rewrite_module" - "slotmem_shm_module" - "socache_shmcb_module" - "ssl_module" - "status_module" - "version_module" - ) - for module in "${modules_to_enable[@]}"; do - apache_enable_module "$module" - done - - # Disable Apache modules - local -a modules_to_disable=( - "http2_module" - "proxy_hcheck_module" - "proxy_html_module" - "proxy_http2_module" - ) - for module in "${modules_to_disable[@]}"; do - apache_disable_module "$module" - done - - # Bitnami customizations - ensure_dir_exists "${APACHE_CONF_DIR}/bitnami" - render-template "${template_dir}/bitnami.conf.tpl" > "${APACHE_CONF_DIR}/bitnami/bitnami.conf" - render-template "${template_dir}/bitnami-ssl.conf.tpl" > "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf" - - # Add new configuration only once, to avoid a second postunpack run breaking Apache - local apache_conf_add - apache_conf_add="$(cat <>"$APACHE_CONF_FILE" < - RequestHeader unset Proxy - -EOF - fi -} - -# Load Apache environment -. /opt/bitnami/scripts/apache-env.sh - -apache_setup_bitnami_config - -# Ensure non-root user has write permissions on a set of directories -for dir in "$APACHE_TMP_DIR" "$APACHE_CONF_DIR" "$APACHE_LOGS_DIR" "$APACHE_VHOSTS_DIR" "$APACHE_HTACCESS_DIR" "$APACHE_HTDOCS_DIR"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" -done - -# Create 'apache2' symlink pointing to the 'apache' directory, for compatibility with Bitnami Docs guides -ln -sf apache "${BITNAMI_ROOT_DIR}/apache2" - -ln -sf "/dev/stdout" "${APACHE_LOGS_DIR}/access_log" -ln -sf "/dev/stderr" "${APACHE_LOGS_DIR}/error_log" - -# This file is necessary for avoiding the error -# "unable to write random state" -# Source: https://stackoverflow.com/questions/94445/using-openssl-what-does-unable-to-write-random-state-mean - -touch /.rnd && chmod g+rw /.rnd diff --git a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/reload.sh b/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/reload.sh deleted file mode 100755 index 759c76157cc5..000000000000 --- a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/reload.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Apache environment -. /opt/bitnami/scripts/apache-env.sh - -info "** Reloading Apache configuration **" -exec "${APACHE_BIN_DIR}/apachectl" -k graceful diff --git a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/restart.sh b/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/restart.sh deleted file mode 100755 index a58851df0bab..000000000000 --- a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/restart.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh - -# Load Apache environment variables -. /opt/bitnami/scripts/apache-env.sh - -/opt/bitnami/scripts/apache/stop.sh -/opt/bitnami/scripts/apache/start.sh diff --git a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/run.sh b/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/run.sh deleted file mode 100755 index 01872e16a58a..000000000000 --- a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/run.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Apache environment -. /opt/bitnami/scripts/apache-env.sh - -info "** Starting Apache **" -exec "${APACHE_BIN_DIR}/httpd" -f "$APACHE_CONF_FILE" -D "FOREGROUND" diff --git a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/setup.sh b/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/setup.sh deleted file mode 100755 index ab451b6c1442..000000000000 --- a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/setup.sh +++ /dev/null @@ -1,91 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libapache.sh - -# Load Apache environment -. /opt/bitnami/scripts/apache-env.sh - -# Ensure Apache environment variables are valid -apache_validate - -# Ensure Apache daemon user exists when running as 'root' -am_i_root && ensure_user_exists "$APACHE_DAEMON_USER" --group "$APACHE_DAEMON_GROUP" - -# Generate SSL certs (without a passphrase) -ensure_dir_exists "${APACHE_CONF_DIR}/bitnami/certs" -if [[ ! -f "${APACHE_CONF_DIR}/bitnami/certs/server.crt" ]]; then - info "Generating sample certificates" - SSL_KEY_FILE="${APACHE_CONF_DIR}/bitnami/certs/server.key" - SSL_CERT_FILE="${APACHE_CONF_DIR}/bitnami/certs/server.crt" - SSL_CSR_FILE="${APACHE_CONF_DIR}/bitnami/certs/server.csr" - SSL_SUBJ="/CN=example.com" - SSL_EXT="subjectAltName=DNS:example.com,DNS:www.example.com,IP:127.0.0.1" - rm -f "$SSL_KEY_FILE" "$SSL_CERT_FILE" - openssl genrsa -out "$SSL_KEY_FILE" 4096 - # OpenSSL version 1.0.x does not use the same parameters as OpenSSL >= 1.1.x - if [[ "$(openssl version | grep -oE "[0-9]+\.[0-9]+")" == "1.0" ]]; then - openssl req -new -sha256 -out "$SSL_CSR_FILE" -key "$SSL_KEY_FILE" -nodes -subj "$SSL_SUBJ" - else - openssl req -new -sha256 -out "$SSL_CSR_FILE" -key "$SSL_KEY_FILE" -nodes -subj "$SSL_SUBJ" -addext "$SSL_EXT" - fi - openssl x509 -req -sha256 -in "$SSL_CSR_FILE" -signkey "$SSL_KEY_FILE" -out "$SSL_CERT_FILE" -days 1825 -extfile <(echo -n "$SSL_EXT") - rm -f "$SSL_CSR_FILE" -fi -# Load SSL configuration -if [[ -f "${APACHE_CONF_DIR}/bitnami/bitnami.conf" ]] && [[ -f "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf" ]]; then - ensure_apache_configuration_exists "Include \"${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf\"" "bitnami-ssl\.conf" "${APACHE_CONF_DIR}/bitnami/bitnami.conf" -fi - -# Copy vhosts files -if ! is_dir_empty "/vhosts"; then - info "Found mounted virtual hosts in '/vhosts'. Copying them to '${APACHE_BASE_DIR}/conf/vhosts'" - cp -Lr "/vhosts/." "${APACHE_VHOSTS_DIR}" -fi - -# Mount certificate files -if ! is_dir_empty "${APACHE_BASE_DIR}/certs"; then - warn "The directory '${APACHE_BASE_DIR}/certs' was externally mounted. This is a legacy configuration and will be deprecated soon. Please mount certificate files at '/certs' instead. Find an example at: https://github.com/bitnami/containers/tree/main/bitnami/apache#using-custom-ssl-certificates" - warn "Restoring certificates at '${APACHE_BASE_DIR}/certs' to '${APACHE_CONF_DIR}/bitnami/certs'" - rm -rf "${APACHE_CONF_DIR}/bitnami/certs" - ln -sf "${APACHE_BASE_DIR}/certs" "${APACHE_CONF_DIR}/bitnami/certs" -elif ! is_dir_empty "/certs"; then - info "Mounting certificates files from '/certs'" - rm -rf "${APACHE_CONF_DIR}/bitnami/certs" - ln -sf "/certs" "${APACHE_CONF_DIR}/bitnami/certs" -fi - -# Mount application files -if ! is_dir_empty "/app"; then - info "Mounting application files from '/app'" - rm -rf "$APACHE_HTDOCS_DIR" - ln -sf "/app" "$APACHE_HTDOCS_DIR" -fi - -# Restore persisted configuration files (deprecated) -if ! is_dir_empty "/bitnami/apache/conf"; then - warn "The directory '/bitnami/apache/conf' was externally mounted. This is a legacy configuration and will be deprecated soon. Please mount certificate files at '${APACHE_CONF_DIR}' instead. Find an example at: https://github.com/bitnami/containers/tree/main/bitnami/apache#full-configuration" - warn "Restoring configuration at '/bitnami/apache/conf' to '${APACHE_CONF_DIR}'" - rm -rf "$APACHE_CONF_DIR" - ln -sf "/bitnami/apache/conf" "$APACHE_CONF_DIR" -fi - -# Update ports in configuration -[[ -n "$APACHE_HTTP_PORT_NUMBER" ]] && info "Configuring the HTTP port" && apache_configure_http_port "$APACHE_HTTP_PORT_NUMBER" -[[ -n "$APACHE_HTTPS_PORT_NUMBER" ]] && info "Configuring the HTTPS port" && apache_configure_https_port "$APACHE_HTTPS_PORT_NUMBER" - -# Configure ServerTokens with user values -[[ -n "$APACHE_SERVER_TOKENS" ]] && info "Configuring Apache ServerTokens directive" && apache_configure_server_tokens "$APACHE_SERVER_TOKENS" - -# Fix logging issue when running as root -! am_i_root || chmod o+w "$(readlink /dev/stdout)" "$(readlink /dev/stderr)" diff --git a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/start.sh b/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/start.sh deleted file mode 100755 index 28425368c332..000000000000 --- a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/start.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Apache environment variables -. /opt/bitnami/scripts/apache-env.sh - -error_code=0 - -if is_apache_not_running; then - "${APACHE_BIN_DIR}/httpd" -f "$APACHE_CONF_FILE" - if ! retry_while "is_apache_running"; then - error "apache did not start" - error_code=1 - else - info "apache started" - fi -else - info "apache is already running" -fi - -exit "$error_code" diff --git a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/status.sh b/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/status.sh deleted file mode 100755 index 825fe8d37620..000000000000 --- a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/status.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Apache environment variables -. /opt/bitnami/scripts/apache-env.sh - -if is_apache_running; then - info "apache is already running" -else - info "apache is not running" -fi diff --git a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/stop.sh b/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/stop.sh deleted file mode 100755 index 8cca0a07ac64..000000000000 --- a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/apache/stop.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Apache environment variables -. /opt/bitnami/scripts/apache-env.sh - -error_code=0 - -if is_apache_running; then - BITNAMI_QUIET=1 apache_stop - if ! retry_while "is_apache_not_running"; then - error "apache could not be stopped" - error_code=1 - else - info "apache stopped" - fi -else - info "apache is not running" -fi - -exit "$error_code" diff --git a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/joomla-env.sh b/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/joomla-env.sh deleted file mode 100644 index 93c0efcd2ba9..000000000000 --- a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/joomla-env.sh +++ /dev/null @@ -1,121 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for joomla - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-joomla}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -joomla_env_vars=( - JOOMLA_DATA_TO_PERSIST - JOOMLA_LOAD_SAMPLE_DATA - JOOMLA_SKIP_BOOTSTRAP - JOOMLA_USERNAME - JOOMLA_PASSWORD - JOOMLA_EMAIL - JOOMLA_SITE_NAME - JOOMLA_SECRET - JOOMLA_SMTP_HOST - JOOMLA_SMTP_PORT_NUMBER - JOOMLA_SMTP_USER - JOOMLA_SMTP_PASSWORD - JOOMLA_SMTP_PROTOCOL - JOOMLA_SMTP_SENDER_EMAIL - JOOMLA_SMTP_SENDER_NAME - JOOMLA_DEFAULT_DATABASE_PORT_NUMBER - JOOMLA_DATABASE_HOST - JOOMLA_DATABASE_PORT_NUMBER - JOOMLA_DATABASE_NAME - JOOMLA_DATABASE_USER - JOOMLA_DATABASE_PASSWORD - SMTP_HOST - SMTP_PORT - JOOMLA_SMTP_PORT - SMTP_USER - SMTP_PASSWORD - SMTP_PROTOCOL - SMTP_SENDER_EMAIL - SMTP_SENDER_NAME -) -for env_var in "${joomla_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset joomla_env_vars - -# Paths -export JOOMLA_BASE_DIR="${BITNAMI_ROOT_DIR}/joomla" -export JOOMLA_TMP_DIR="${JOOMLA_BASE_DIR}/tmp" -export JOOMLA_LOGS_DIR="${JOOMLA_BASE_DIR}/logs" -export JOOMLA_CONF_FILE="${JOOMLA_BASE_DIR}/configuration.php" - -# Joomla! persistence configuration -export JOOMLA_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/joomla" -export JOOMLA_DATA_TO_PERSIST="${JOOMLA_DATA_TO_PERSIST:-$JOOMLA_BASE_DIR}" - -# Joomla! configuration -export JOOMLA_LOAD_SAMPLE_DATA="${JOOMLA_LOAD_SAMPLE_DATA:-yes}" # only used during the first initialization -export JOOMLA_SKIP_BOOTSTRAP="${JOOMLA_SKIP_BOOTSTRAP:-}" # only used during the first initialization - -# Joomla! credentials -export JOOMLA_USERNAME="${JOOMLA_USERNAME:-user}" # only used during the first initialization -export JOOMLA_PASSWORD="${JOOMLA_PASSWORD:-bitnami}" # only used during the first initialization -export JOOMLA_EMAIL="${JOOMLA_EMAIL:-user@example.com}" # only used during the first initialization -export JOOMLA_DEFAULT_SITE_NAME="My site" # only used during the first initialization -export JOOMLA_SITE_NAME="${JOOMLA_SITE_NAME:-$JOOMLA_DEFAULT_SITE_NAME}" # only used during the first initialization -export JOOMLA_SECRET="${JOOMLA_SECRET:-}" # only used during the first initialization - -# Joomla! SMTP credentials -JOOMLA_SMTP_HOST="${JOOMLA_SMTP_HOST:-"${SMTP_HOST:-}"}" -export JOOMLA_SMTP_HOST="${JOOMLA_SMTP_HOST:-}" # only used during the first initialization -JOOMLA_SMTP_PORT_NUMBER="${JOOMLA_SMTP_PORT_NUMBER:-"${SMTP_PORT:-}"}" -JOOMLA_SMTP_PORT_NUMBER="${JOOMLA_SMTP_PORT_NUMBER:-"${JOOMLA_SMTP_PORT:-}"}" -export JOOMLA_SMTP_PORT_NUMBER="${JOOMLA_SMTP_PORT_NUMBER:-}" # only used during the first initialization -JOOMLA_SMTP_USER="${JOOMLA_SMTP_USER:-"${SMTP_USER:-}"}" -export JOOMLA_SMTP_USER="${JOOMLA_SMTP_USER:-}" # only used during the first initialization -JOOMLA_SMTP_PASSWORD="${JOOMLA_SMTP_PASSWORD:-"${SMTP_PASSWORD:-}"}" -export JOOMLA_SMTP_PASSWORD="${JOOMLA_SMTP_PASSWORD:-}" # only used during the first initialization -JOOMLA_SMTP_PROTOCOL="${JOOMLA_SMTP_PROTOCOL:-"${SMTP_PROTOCOL:-}"}" -export JOOMLA_SMTP_PROTOCOL="${JOOMLA_SMTP_PROTOCOL:-}" # only used during the first initialization -JOOMLA_SMTP_SENDER_EMAIL="${JOOMLA_SMTP_SENDER_EMAIL:-"${SMTP_SENDER_EMAIL:-}"}" -export JOOMLA_SMTP_SENDER_EMAIL="${JOOMLA_SMTP_SENDER_EMAIL:-}" # only used during the first initialization -JOOMLA_SMTP_SENDER_NAME="${JOOMLA_SMTP_SENDER_NAME:-"${SMTP_SENDER_NAME:-}"}" -export JOOMLA_SMTP_SENDER_NAME="${JOOMLA_SMTP_SENDER_NAME:-}" # only used during the first initialization - -# Database configuration -export JOOMLA_DEFAULT_DATABASE_HOST="mariadb" # only used at build time -export JOOMLA_DEFAULT_DATABASE_PORT_NUMBER="${JOOMLA_DEFAULT_DATABASE_PORT_NUMBER:-3306}" # only used during the first initialization -export JOOMLA_DATABASE_HOST="${JOOMLA_DATABASE_HOST:-$JOOMLA_DEFAULT_DATABASE_HOST}" # only used during the first initialization -export JOOMLA_DATABASE_PORT_NUMBER="${JOOMLA_DATABASE_PORT_NUMBER:-$JOOMLA_DEFAULT_DATABASE_PORT_NUMBER}" # only used during the first initialization -export JOOMLA_DATABASE_NAME="${JOOMLA_DATABASE_NAME:-bitnami_joomla}" # only used during the first initialization -export JOOMLA_DATABASE_USER="${JOOMLA_DATABASE_USER:-bn_joomla}" # only used during the first initialization -export JOOMLA_DATABASE_PASSWORD="${JOOMLA_DATABASE_PASSWORD:-}" # only used during the first initialization - -# PHP configuration -export PHP_DEFAULT_MEMORY_LIMIT="256M" # only used at build time - -# Custom environment variables may be defined below diff --git a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/joomla/entrypoint.sh b/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/joomla/entrypoint.sh deleted file mode 100755 index fbc463a3d0d9..000000000000 --- a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/joomla/entrypoint.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load Joomla! environment -. /opt/bitnami/scripts/joomla-env.sh - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libwebserver.sh - -print_welcome_page - -if [[ "$1" = "/opt/bitnami/scripts/$(web_server_type)/run.sh" || "$1" = "/opt/bitnami/scripts/nginx-php-fpm/run.sh" ]]; then - info "** Starting Joomla! setup **" - /opt/bitnami/scripts/"$(web_server_type)"/setup.sh - /opt/bitnami/scripts/php/setup.sh - /opt/bitnami/scripts/mysql-client/setup.sh - /opt/bitnami/scripts/joomla/setup.sh - /post-init.sh - info "** Joomla! setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/joomla/postunpack.sh b/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/joomla/postunpack.sh deleted file mode 100755 index 0e8b256faaed..000000000000 --- a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/joomla/postunpack.sh +++ /dev/null @@ -1,71 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load Joomla! environment -. /opt/bitnami/scripts/joomla-env.sh - -# Load PHP environment for 'php_conf_set' (after 'joomla-env.sh' so that MODULE is not set to a wrong value) -. /opt/bitnami/scripts/php-env.sh - -# Load libraries -. /opt/bitnami/scripts/libjoomla.sh -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libphp.sh -. /opt/bitnami/scripts/libwebserver.sh - -# Load web server environment and functions (after Joomla! environment file so MODULE is not set to a wrong value) -. "/opt/bitnami/scripts/$(web_server_type)-env.sh" - -# Enable Joomla! configuration file -[[ ! -f "$JOOMLA_CONF_FILE" ]] && cp "${JOOMLA_BASE_DIR}/installation/configuration.php-dist" "$JOOMLA_CONF_FILE" - -# Ensure the Joomla! base directory exists and has proper permissions -info "Configuring file permissions for Joomla!" -ensure_user_exists "$WEB_SERVER_DAEMON_USER" --group "$WEB_SERVER_DAEMON_GROUP" -for dir in "$JOOMLA_BASE_DIR" "$JOOMLA_VOLUME_DIR" "$JOOMLA_TMP_DIR" "$JOOMLA_LOGS_DIR"; do - ensure_dir_exists "$dir" - # Use daemon:root ownership for compatibility when running as a non-root user - configure_permissions_ownership "$dir" -d "775" -f "664" -u "$WEB_SERVER_DAEMON_USER" -g "root" -done - -# Configure Joomla! based on build-time defaults -joomla_conf_set "\$sitename" "$JOOMLA_DEFAULT_SITE_NAME" -joomla_conf_set "\$fromname" "$JOOMLA_DEFAULT_SITE_NAME" -joomla_conf_set "\$log_path" "$JOOMLA_LOGS_DIR" -joomla_conf_set "\$tmp_path" "$JOOMLA_TMP_DIR" -joomla_conf_set "\$db" "$JOOMLA_DATABASE_NAME" -joomla_conf_set "\$host" "${JOOMLA_DEFAULT_DATABASE_HOST}:${JOOMLA_DEFAULT_DATABASE_PORT_NUMBER}" -joomla_conf_set "\$user" "$JOOMLA_DATABASE_USER" -joomla_conf_set "\$db" "$JOOMLA_DATABASE_NAME" - -info "Configuring default PHP options for Joomla!" -php_conf_set memory_limit "$PHP_DEFAULT_MEMORY_LIMIT" - -# The sql scripts contain a template "#__" which will be substituted by the -# prefix set in the configuration ("jos_" in our case), we need to adapt it. -debug "Adapting installation sql files" -for sql_file in "${JOOMLA_BASE_DIR}/installation/sql/mysql"/*.sql; do - replace_in_file "$sql_file" "#__" "jos_" -done - -# Enable default web server configuration for Joomla! -info "Creating default web server configuration for Joomla!" -web_server_validate - -ensure_web_server_app_configuration_exists "joomla" --type php --apache-additional-configuration ' -# Bypass mod_dir in order to allow 80->8080 redirections when not using a reverse proxy (example: docker-compose or Kubernetes) - - DirectorySlash off - -' -replace_in_file "${APACHE_HTACCESS_DIR}/joomla-htaccess.conf" '(## End [-] Custom redirects)' '# Custom rewrite by Bitnami - bypass mod_dir in order to allow 80->8080 redirections when not using a reverse proxy (example: docker-compose or Kubernetes)\n RewriteRule "^administrator$" "administrator/"\n \1' diff --git a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/joomla/setup.sh b/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/joomla/setup.sh deleted file mode 100755 index d1231b1b70c1..000000000000 --- a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/joomla/setup.sh +++ /dev/null @@ -1,37 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load Joomla! environment -. /opt/bitnami/scripts/joomla-env.sh - -# Load MySQL Client environment for 'mysql_remote_execute', used during initialization -if [[ -f /opt/bitnami/scripts/mysql-client-env.sh ]]; then - . /opt/bitnami/scripts/mysql-client-env.sh -elif [[ -f /opt/bitnami/scripts/mysql-env.sh ]]; then - . /opt/bitnami/scripts/mysql-env.sh -elif [[ -f /opt/bitnami/scripts/mariadb-env.sh ]]; then - . /opt/bitnami/scripts/mariadb-env.sh -fi - -# Load libraries -. /opt/bitnami/scripts/libjoomla.sh -. /opt/bitnami/scripts/libwebserver.sh - -# Load web server environment and functions (after Joomla! environment file so MODULE is not set to a wrong value) -. "/opt/bitnami/scripts/$(web_server_type)-env.sh" - -# Ensure Joomla! environment variables are valid -joomla_validate - -# Update web server configuration with runtime environment (needs to happen before the initialization) -web_server_update_app_configuration "joomla" - -joomla_initialize diff --git a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/libapache.sh b/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/libapache.sh deleted file mode 100644 index c83892a10c5f..000000000000 --- a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/libapache.sh +++ /dev/null @@ -1,808 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Apache library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libservice.sh - -######################## -# Validate settings in APACHE_* env vars -# Globals: -# APACHE_* -# Arguments: -# None -# Returns: -# None -######################### -apache_validate() { - debug "Validating settings in APACHE_* environment variables" - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - check_allowed_port() { - local port_var="${1:?missing port variable}" - local -a validate_port_args=() - ! am_i_root && validate_port_args+=("-unprivileged") - validate_port_args+=("${!port_var}") - if ! err=$(validate_port "${validate_port_args[@]}"); then - print_validation_error "An invalid port was specified in the environment variable ${port_var}: ${err}." - fi - } - - [[ -w "$APACHE_CONF_FILE" ]] || warn "The Apache configuration file '${APACHE_CONF_FILE}' is not writable. Configurations based on environment variables will not be applied." - - if [[ -n "$APACHE_HTTP_PORT_NUMBER" ]] && [[ -n "$APACHE_HTTPS_PORT_NUMBER" ]]; then - if [[ "$APACHE_HTTP_PORT_NUMBER" -eq "$APACHE_HTTPS_PORT_NUMBER" ]]; then - print_validation_error "APACHE_HTTP_PORT_NUMBER and APACHE_HTTPS_PORT_NUMBER are bound to the same port!" - fi - fi - - [[ -n "$APACHE_HTTP_PORT_NUMBER" ]] && check_allowed_port APACHE_HTTP_PORT_NUMBER - [[ -n "$APACHE_HTTPS_PORT_NUMBER" ]] && check_allowed_port APACHE_HTTPS_PORT_NUMBER - - [[ "$error_code" -eq 0 ]] || exit "$error_code" -} - -######################## -# Configure Apache's HTTP port -# Globals: -# APACHE_CONF_FILE, APACHE_CONF_DIR -# Arguments: -# None -# Returns: -# None -######################### -apache_configure_http_port() { - local -r port=${1:?missing port} - local -r listen_exp="s|^\s*Listen\s+([^:]*:)?[0-9]+\s*$|Listen ${port}|" - local -r server_name_exp="s|^\s*#?\s*ServerName\s+([^:\s]+)(:[0-9]+)?$|ServerName \1:${port}|" - local -r vhost_exp="s|VirtualHost\s+([^:>]+)(:[0-9]+)|VirtualHost \1:${port}|" - local apache_configuration - - if [[ -w "$APACHE_CONF_FILE" ]]; then - debug "Configuring port ${port} on file ${APACHE_CONF_FILE}" - apache_configuration="$(sed -E -e "$listen_exp" -e "$server_name_exp" "$APACHE_CONF_FILE")" - echo "$apache_configuration" > "$APACHE_CONF_FILE" - fi - - if [[ -w "${APACHE_CONF_DIR}/bitnami/bitnami.conf" ]]; then - debug "Configuring port ${port} on file ${APACHE_CONF_DIR}/bitnami/bitnami.conf" - apache_configuration="$(sed -E "$vhost_exp" "${APACHE_CONF_DIR}/bitnami/bitnami.conf")" - echo "$apache_configuration" > "${APACHE_CONF_DIR}/bitnami/bitnami.conf" - fi - - if [[ -w "${APACHE_VHOSTS_DIR}/00_status-vhost.conf" ]]; then - debug "Configuring port ${port} on file ${APACHE_VHOSTS_DIR}/00_status-vhost.conf" - apache_configuration="$(sed -E "$vhost_exp" "${APACHE_VHOSTS_DIR}/00_status-vhost.conf")" - echo "$apache_configuration" > "${APACHE_VHOSTS_DIR}/00_status-vhost.conf" - fi -} - -######################## -# Configure Apache's HTTPS port -# Globals: -# APACHE_CONF_DIR -# Arguments: -# None -# Returns: -# None -######################### -apache_configure_https_port() { - local -r port=${1:?missing port} - local -r listen_exp="s|^\s*Listen\s+([^:]*:)?[0-9]+\s*$|Listen ${port}|" - local -r vhost_exp="s|VirtualHost\s+([^:>]+)(:[0-9]+)|VirtualHost \1:${port}|" - local apache_configuration - - if [[ -w "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf" ]]; then - debug "Configuring port ${port} on file ${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf" - apache_configuration="$(sed -E -e "$listen_exp" -e "$vhost_exp" "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf")" - echo "$apache_configuration" > "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf" - fi -} - -######################## -# Configure Apache's ServerTokens directive -# Globals: -# APACHE_CONF_DIR -# Arguments: -# $1 - Value for ServerTokens directive -# Returns: -# None -######################### -apache_configure_server_tokens() { - local -r value=${1:?missing value} - local -r server_tokens_exp="s|^\s*ServerTokens\s+\w+\s*$|ServerTokens ${value}|" - local apache_configuration - - if [[ -w "$APACHE_CONF_FILE" ]]; then - debug "Configuring ServerTokens ${value} on file ${APACHE_CONF_FILE}" - apache_configuration="$(sed -E -e "$server_tokens_exp" "$APACHE_CONF_FILE")" - echo "$apache_configuration" > "$APACHE_CONF_FILE" - fi -} - -######################## -# Enable a module in the Apache configuration file -# Globals: -# APACHE_CONF_FILE -# Arguments: -# $1 - Module to enable -# $2 - Path to module .so file (optional if already defined in httpd.conf) -# Returns: -# None -######################### -apache_enable_module() { - local -r name="${1:?missing name}" - local -r file="${2:-}" - local -r regex="[#\s]*(LoadModule\s+${name}\s+.*)$" - local apache_configuration - - if [[ -w "$APACHE_CONF_FILE" ]]; then - debug "Enabling module '${name}'" - if grep -q -E "$regex" "$APACHE_CONF_FILE"; then - # Uncomment line if the module was already defined - replace_in_file "$APACHE_CONF_FILE" "$regex" "\1" - elif [[ -n "$file" ]]; then - # Add right after the last LoadModule, so all Apache modules are organized in the same section of the file - append_file_after_last_match "$APACHE_CONF_FILE" "^[#\s]*LoadModule" "LoadModule ${name} ${file}" - else - error "Module ${name} was not defined in ${APACHE_CONF_FILE}. Please specify the 'file' parameter for 'apache_enable_module'." - fi - fi -} - -######################## -# Disable a module in the Apache configuration file -# Globals: -# APACHE_CONF_FILE -# Arguments: -# $1 - Module to disable -# Returns: -# None -######################### -apache_disable_module() { - local -r name="${1:?missing name}" - local -r file="${2:-}" - local -r regex="[#\s]*(LoadModule\s+${name}\s+.*)$" - local apache_configuration - - if [[ -w "$APACHE_CONF_FILE" ]]; then - debug "Disabling module '${name}'" - replace_in_file "$APACHE_CONF_FILE" "$regex" "#\1" - fi -} - -######################## -# Stop Apache -# Globals: -# APACHE_* -# Arguments: -# None -# Returns: -# None -######################### -apache_stop() { - is_apache_not_running && return - stop_service_using_pid "$APACHE_PID_FILE" -} - -######################## -# Check if Apache is running -# Globals: -# APACHE_PID_FILE -# Arguments: -# None -# Returns: -# Whether Apache is running -######################## -is_apache_running() { - local pid - pid="$(get_pid_from_file "$APACHE_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if Apache is running -# Globals: -# APACHE_PID_FILE -# Arguments: -# None -# Returns: -# Whether Apache is not running -######################## -is_apache_not_running() { - ! is_apache_running -} - -######################## -# Ensure configuration gets added to the main Apache configuration file -# Globals: -# APACHE_* -# Arguments: -# $1 - configuration string -# $2 - pattern to use for checking if the configuration already exists (default: $1) -# $3 - Apache configuration file (default: $APACHE_CONF_FILE) -# Returns: -# None -######################## -ensure_apache_configuration_exists() { - local -r conf="${1:?conf missing}" - local -r pattern="${2:-"$conf"}" - local -r conf_file="${3:-"$APACHE_CONF_FILE"}" - # Enable configuration by appending to httpd.conf - if ! grep -E -q "$pattern" "$conf_file"; then - if is_file_writable "$conf_file"; then - cat >> "$conf_file" <<< "$conf" - else - error "Could not add the following configuration to '${conf_file}:" - error "" - error "$(indent "$conf" 4)" - error "" - error "Include the configuration manually and try again." - return 1 - fi - fi -} - -######################## -# Collect all the .htaccess files from /opt/bitnami/$name and write the result in the 'htaccess' directory -# Globals: -# APACHE_* -# Arguments: -# $1 - App name -# $2 - Overwrite the original .htaccess with the explanation text (defaults to 'yes') -# Flags: -# --document-root - Path to document root directory -# Returns: -# None -######################## -apache_replace_htaccess_files() { - local -r app="${1:?missing app}" - local -r result_file="${APACHE_HTACCESS_DIR}/${app}-htaccess.conf" - # Default options - local document_root="${BITNAMI_ROOT_DIR}/${app}" - local overwrite="yes" - local -a htaccess_files - local htaccess_dir - local htaccess_contents - # Validate arguments - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --document-root) - shift - document_root="$1" - ;; - --overwrite) - shift - overwrite="$1" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - if is_file_writable "$result_file"; then - # Locate all .htaccess files inside the document root - read -r -a htaccess_files <<< "$(find "$document_root" -name .htaccess -print0 | xargs -0)" - [[ "${#htaccess_files[@]}" = 0 ]] && return - # Create file with root group write privileges, so it can be modified in non-root containers - [[ ! -f "$result_file" ]] && touch "$result_file" && chmod g+rw "$result_file" - for htaccess_file in "${htaccess_files[@]}"; do - htaccess_dir="$(dirname "$htaccess_file")" - htaccess_contents="$(indent "$(< "$htaccess_file")" 2)" - # Skip if it was already included to the resulting htaccess file - if grep -q "^" <<< "$htaccess_contents"; then - continue - fi - # Add to the htaccess file - cat >> "$result_file" < -${htaccess_contents} - -EOF - # Overwrite the original .htaccess with the explanation text - if is_boolean_yes "$overwrite"; then - echo "# This configuration has been moved to the ${result_file} config file for performance and security reasons" > "$htaccess_file" - fi - done - elif [[ ! -f "$result_file" ]]; then - error "Could not create htaccess for ${app} at '${result_file}'. Check permissions and ownership for parent directories." - return 1 - else - warn "The ${app} htaccess file '${result_file}' is not writable. Configurations based on environment variables will not be applied for this file." - return - fi -} - -######################## -# Ensure an Apache application configuration exists (in virtual host format) -# Globals: -# APACHE_* -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on what configuration template will be used, allowed values: php, (empty) -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases (defaults to '*') -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render the app's virtual hosts with a .disabled prefix -# --disable-http - Whether to render the app's HTTP virtual host with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS virtual host with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# --additional-configuration - Additional vhost configuration (no default) -# --additional-http-configuration - Additional HTTP vhost configuration (no default) -# --additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --before-vhost-configuration - Configuration to add before the directive (no default) -# --allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --document-root - Path to document root directory -# --extra-directory-configuration - Extra configuration for the document root directory -# --proxy-address - Address where to proxy requests -# --proxy-configuration - Extra configuration for the proxy -# --proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_apache_app_configuration_exists() { - local -r app="${1:?missing app}" - # Default options - local type="" - local -a hosts=("127.0.0.1" "_default_") - local server_name="www.example.com" # Default ServerName in httpd.conf - local -a server_aliases=("*") - local allow_remote_connections="yes" - local disable="no" - local disable_http="no" - local disable_https="no" - local move_htaccess="yes" - # Template variables defaults - export additional_configuration="" - export additional_http_configuration="" - export additional_https_configuration="" - export before_vhost_configuration="" - export allow_override="All" - export document_root="${BITNAMI_ROOT_DIR}/${app}" - export extra_directory_configuration="" - export default_http_port="${APACHE_HTTP_PORT_NUMBER:-"$APACHE_DEFAULT_HTTP_PORT_NUMBER"}" - export default_https_port="${APACHE_HTTPS_PORT_NUMBER:-"$APACHE_DEFAULT_HTTPS_PORT_NUMBER"}" - export http_port="$default_http_port" - export https_port="$default_https_port" - export proxy_address="" - export proxy_configuration="" - export proxy_http_configuration="" - export proxy_https_configuration="" - # Validate arguments - local var_name - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --hosts \ - | --server-aliases) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - read -r -a "${var_name?}" <<< "$1" - ;; - --disable \ - | --disable-http \ - | --disable-https \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - export "${var_name}=yes" - ;; - --type \ - | --server-name \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --move-htaccess \ - | --additional-configuration \ - | --additional-http-configuration \ - | --additional-https-configuration \ - | --before-vhost-configuration \ - | --allow-override \ - | --document-root \ - | --extra-directory-configuration \ - | --proxy-address \ - | --proxy-configuration \ - | --proxy-http-configuration \ - | --proxy-https-configuration \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - export "${var_name}=${1}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Construct listen ports configuration (only to add when using non-standard ports) - export http_listen_configuration="" - export https_listen_configuration="" - [[ "$http_port" != "$default_http_port" ]] && http_listen_configuration="Listen ${http_port}" - [[ "$https_port" != "$default_https_port" ]] && https_listen_configuration="Listen ${https_port}" - # Construct host string in the format of "host1:port1[ host2:port2[ ...]]" - export http_listen_addresses="" - export https_listen_addresses="" - for host in "${hosts[@]}"; do - http_listen="${host}:${http_port}" - https_listen="${host}:${https_port}" - [[ -z "${http_listen_addresses:-}" ]] && http_listen_addresses="$http_listen" || http_listen_addresses="${http_listen_addresses} ${http_listen}" - [[ -z "${https_listen_addresses:-}" ]] && https_listen_addresses="$https_listen" || https_listen_addresses="${https_listen_addresses} ${https_listen}" - done - # Construct ServerName/ServerAlias block - export server_name_configuration="" - if ! is_empty_value "${server_name:-}"; then - server_name_configuration="ServerName ${server_name}" - fi - if [[ "${#server_aliases[@]}" -gt 0 ]]; then - server_name_configuration+=$'\n'"ServerAlias ${server_aliases[*]}" - fi - # App .htaccess support (only when type is not defined) - export htaccess_include - [[ -z "$type" || "$type" = "php" ]] && is_boolean_yes "$move_htaccess" && apache_replace_htaccess_files "$app" --document-root "$document_root" - if [[ -z "$type" || "$type" = "php" ]] && [[ -f "${APACHE_HTACCESS_DIR}/${app}-htaccess.conf" ]]; then - allow_override="None" - htaccess_include="Include \"${APACHE_HTACCESS_DIR}/${app}-htaccess.conf\"" - else - # allow_override is already set to the expected value - htaccess_include="" - fi - # ACL configuration - export acl_configuration - if is_boolean_yes "$allow_remote_connections"; then - acl_configuration="Require all granted" - else - acl_configuration="$(cat < "$http_vhost" - elif [[ ! -f "$http_vhost" ]]; then - error "Could not create virtual host for ${app} at '${http_vhost}'. Check permissions and ownership for parent directories." - return 1 - else - warn "The ${app} virtual host file '${http_vhost}' is not writable. Configurations based on environment variables will not be applied for this file." - fi - if is_file_writable "$https_vhost"; then - # Create file with root group write privileges, so it can be modified in non-root containers - [[ ! -f "$https_vhost" ]] && touch "$https_vhost" && chmod g+rw "$https_vhost" - render-template "${template_dir}/${template_name}-https-vhost.conf.tpl" | sed '/^\s*$/d' > "$https_vhost" - elif [[ ! -f "$https_vhost" ]]; then - error "Could not create virtual host for ${app} at '${https_vhost}'. Check permissions and ownership for parent directories." - return 1 - else - warn "The ${app} virtual host file '${https_vhost}' is not writable. Configurations based on environment variables will not be applied for this file." - fi -} - -######################## -# Ensure an Apache application configuration does not exist anymore (in virtual hosts format) -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_apache_app_configuration_not_exists() { - local -r app="${1:?missing app}" - local -r http_vhost="${APACHE_VHOSTS_DIR}/${app}-vhost.conf" - local -r https_vhost="${APACHE_VHOSTS_DIR}/${app}-https-vhost.conf" - local -r disable_suffix=".disabled" - # Note that 'rm -f' will not fail if the files don't exist - # However if we lack permissions to remove the file, it will result in a non-zero exit code, as expected by this function - rm -f "$http_vhost" "$https_vhost" "${http_vhost}${disable_suffix}" "${https_vhost}${disable_suffix}" -} - -######################## -# Ensure Apache loads the configuration for an application in a URL prefix -# Globals: -# APACHE_* -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on what configuration template will be used, allowed values: php, (empty) -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --additional-configuration - Additional vhost configuration (no default) -# --allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --document-root - Path to document root directory -# --extra-directory-configuration - Extra configuration for the document root directory -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_apache_prefix_configuration_exists() { - local -r app="${1:?missing app}" - # Default options - local type="" - local allow_remote_connections="yes" - local move_htaccess="yes" - local prefix="/${app}" - # Template variables defaults - export additional_configuration="" - export allow_override="All" - export document_root="${BITNAMI_ROOT_DIR}/${app}" - export extra_directory_configuration="" - # Validate arguments - local var_name - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --type \ - | --allow-remote-connections \ - | --move-htaccess \ - | --prefix \ - | --additional-configuration \ - | --allow-override \ - | --document-root \ - | --extra-directory-configuration \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "${var_name}=${1}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # App .htaccess support (only when type is not defined) - export htaccess_include - [[ -z "$type" || "$type" = "php" ]] && is_boolean_yes "$move_htaccess" && apache_replace_htaccess_files "$app" --document-root "$document_root" - if [[ -z "$type" || "$type" = "php" ]] && [[ -f "${APACHE_HTACCESS_DIR}/${app}-htaccess.conf" ]]; then - allow_override="None" - htaccess_include="Include \"${APACHE_HTACCESS_DIR}/${app}-htaccess.conf\"" - else - # allow_override is already set to the expected value - htaccess_include="" - fi - # ACL configuration - export acl_configuration - if is_boolean_yes "$allow_remote_connections"; then - acl_configuration="Require all granted" - else - acl_configuration="$(cat < "$prefix_file" - ensure_apache_configuration_exists "Include \"$prefix_file\"" - elif [[ ! -f "$prefix_file" ]]; then - error "Could not create web server configuration file for ${app} at '${prefix_file}'. Check permissions and ownership for parent directories." - return 1 - else - warn "The ${app} web server configuration file '${prefix_file}' is not writable. Configurations based on environment variables will not be applied for this file." - fi -} - -######################## -# Ensure Apache application configuration is updated with the runtime configuration (i.e. ports) -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -apache_update_app_configuration() { - local -r app="${1:?missing app}" - # Default options - local -a hosts=("127.0.0.1" "_default_") - local server_name="www.example.com" # Default ServerName in httpd.conf - local -a server_aliases=() - local enable_http="no" - local enable_https="no" - local disable_http="no" - local disable_https="no" - export default_http_port="${APACHE_HTTP_PORT_NUMBER:-"$APACHE_DEFAULT_HTTP_PORT_NUMBER"}" - export default_https_port="${APACHE_HTTPS_PORT_NUMBER:-"$APACHE_DEFAULT_HTTPS_PORT_NUMBER"}" - export http_port="$default_http_port" - export https_port="$default_https_port" - local var_name - # Validate arguments - local var_name - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --hosts \ - | --server-aliases) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - read -r -a "${var_name?}" <<< "$1" - ;; - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - declare "${var_name}=yes" - ;; - --server-name \ - | --http-port \ - | --https-port \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "${var_name}=${1}" - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Construct host string in the format of "host1:port1[ host2:port2[ ...]]" - export http_listen_addresses="" - export https_listen_addresses="" - for host in "${hosts[@]}"; do - http_listen="${host}:${http_port}" - https_listen="${host}:${https_port}" - [[ -z "${http_listen_addresses:-}" ]] && http_listen_addresses="$http_listen" || http_listen_addresses="${http_listen_addresses} ${http_listen}" - [[ -z "${https_listen_addresses:-}" ]] && https_listen_addresses="$https_listen" || https_listen_addresses="${https_listen_addresses} ${https_listen}" - done - # Update configuration - local -r http_vhost="${APACHE_VHOSTS_DIR}/${app}-vhost.conf" - local -r https_vhost="${APACHE_VHOSTS_DIR}/${app}-https-vhost.conf" - local -r disable_suffix=".disabled" - # Helper function to avoid duplicating code - update_common_vhost_config() { - local -r vhost_file="${1:?missing virtual host}" - # Update ServerName - if ! is_empty_value "${server_name:-}"; then - replace_in_file "$vhost_file" "^(\s*ServerName\s+).*" "\1${server_name}" - fi - # Update ServerAlias - if [[ "${#server_aliases[@]}" -gt 0 ]]; then - replace_in_file "$vhost_file" "^(\s*ServerAlias\s+).*" "\1${server_aliases[*]}" - fi - } - # Disable and enable configuration files - rename_conf_file() { - local -r origin="$1" - local -r destination="$2" - if is_file_writable "$origin" && is_file_writable "$destination"; then - warn "Could not rename virtual host file '${origin}' to '${destination}' due to lack of permissions." - else - mv "$origin" "$destination" - fi - } - is_boolean_yes "$disable_http" && [[ -e "$http_vhost" ]] && rename_conf_file "${http_vhost}${disable_suffix}" "$http_vhost" - is_boolean_yes "$disable_https" && [[ -e "$https_vhost" ]] && rename_conf_file "${https_vhost}${disable_suffix}" "$https_vhost" - is_boolean_yes "$enable_http" && [[ -e "${http_vhost}${disable_suffix}" ]] && rename_conf_file "${http_vhost}${disable_suffix}" "$http_vhost" - is_boolean_yes "$enable_https" && [[ -e "${https_vhost}${disable_suffix}" ]] && rename_conf_file "${https_vhost}${disable_suffix}" "$https_vhost" - # Update only configuration files without the '.disabled' suffix - if [[ -e "$http_vhost" ]]; then - if is_file_writable "$http_vhost"; then - update_common_vhost_config "$http_vhost" - # Update vhost-specific config (listen port and addresses) - replace_in_file "$http_vhost" "^Listen .*" "Listen ${http_port}" - replace_in_file "$http_vhost" "^$" "" - else - warn "The ${app} virtual host file '${http_vhost}' is not writable. Configurations based on environment variables will not be applied for this file." - fi - fi - if [[ -e "$https_vhost" ]]; then - if is_file_writable "$https_vhost"; then - update_common_vhost_config "$https_vhost" - # Update vhost-specific config (listen port and addresses) - replace_in_file "$https_vhost" "^Listen .*" "Listen ${https_port}" - replace_in_file "$https_vhost" "^$" "" - else - warn "The ${app} virtual host file '${https_vhost}' is not writable. Configurations based on environment variables will not be applied for this file." - fi - fi -} - -######################## -# Create a password file for basic authentication and restrict its permissions -# Globals: -# * -# Arguments: -# $1 - file -# $2 - username -# $3 - password -# Returns: -# true if the configuration was updated, false otherwise -######################## -apache_create_password_file() { - local -r file="${1:?missing file}" - local -r username="${2:?missing username}" - local -r password="${3:?missing password}" - - "${APACHE_BIN_DIR}/htpasswd" -bc "$file" "$username" "$password" - am_i_root && configure_permissions_ownership "$file" --file-mode "600" --user "$APACHE_DAEMON_USER" --group "$APACHE_DAEMON_GROUP" -} diff --git a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/libjoomla.sh b/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/libjoomla.sh deleted file mode 100644 index 101ef1dad844..000000000000 --- a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/libjoomla.sh +++ /dev/null @@ -1,306 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Joomla! library - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/libphp.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libpersistence.sh -. /opt/bitnami/scripts/libwebserver.sh - -# Load database library -if [[ -f /opt/bitnami/scripts/libmysqlclient.sh ]]; then - . /opt/bitnami/scripts/libmysqlclient.sh -elif [[ -f /opt/bitnami/scripts/libmysql.sh ]]; then - . /opt/bitnami/scripts/libmysql.sh -elif [[ -f /opt/bitnami/scripts/libmariadb.sh ]]; then - . /opt/bitnami/scripts/libmariadb.sh -fi - -######################## -# Validate settings in JOOMLA_* env vars -# Globals: -# JOOMLA_* -# Arguments: -# None -# Returns: -# 0 if the validation succeeded, 1 otherwise -######################### -joomla_validate() { - debug "Validating settings in JOOMLA_* environment variables..." - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - check_yes_no_value() { - if ! is_yes_no_value "${!1}" && ! is_true_false_value "${!1}"; then - print_validation_error "The allowed values for ${1} are: yes no" - fi - } - check_multi_value() { - if [[ " ${2} " != *" ${!1} "* ]]; then - print_validation_error "The allowed values for ${1} are: ${2}" - fi - } - check_valid_port() { - local port_var="${1:?missing port variable}" - local err - if ! err="$(validate_port "${!port_var}")"; then - print_validation_error "An invalid port was specified in the environment variable ${port_var}: ${err}." - fi - } - - # Validate credentials - if is_boolean_yes "$ALLOW_EMPTY_PASSWORD"; then - warn "You set the environment variable ALLOW_EMPTY_PASSWORD=${ALLOW_EMPTY_PASSWORD}. For safety reasons, do not use this flag in a production environment." - else - for empty_env_var in "JOOMLA_DATABASE_PASSWORD" "JOOMLA_PASSWORD"; do - is_empty_value "${!empty_env_var}" && print_validation_error "The ${empty_env_var} environment variable is empty or not set. Set the environment variable ALLOW_EMPTY_PASSWORD=yes to allow a blank password. This is only recommended for development environments." - done - fi - - # Validate SMTP credentials - if ! is_empty_value "$JOOMLA_SMTP_HOST"; then - for empty_env_var in "JOOMLA_SMTP_USER" "JOOMLA_SMTP_PASSWORD"; do - is_empty_value "${!empty_env_var}" && warn "The ${empty_env_var} environment variable is empty or not set." - done - is_empty_value "$JOOMLA_SMTP_PORT_NUMBER" && print_validation_error "The JOOMLA_SMTP_PORT_NUMBER environment variable is empty or not set." - ! is_empty_value "$JOOMLA_SMTP_PORT_NUMBER" && check_valid_port "JOOMLA_SMTP_PORT_NUMBER" - ! is_empty_value "$JOOMLA_SMTP_PROTOCOL" && check_multi_value "JOOMLA_SMTP_PROTOCOL" "ssl tls" - fi - - # Check that the web server is properly set up - web_server_validate || print_validation_error "Web server validation failed" - - return "$error_code" -} - -######################## -# Get Joomla! version -# Globals: -# JOOMLA_* -# Arguments: -# None -# Returns: -# String with Joomla version -######################### -joomla_get_version() { - grep -Eo "[0-9]+[.][0-9]+[.][0-9]+" "${JOOMLA_BASE_DIR}/administrator/manifests/files/joomla.xml" -} - -######################## -# Get Joomla! major version -# Globals: -# JOOMLA_* -# Arguments: -# None -# Returns: -# String with Joomla major version -######################### -joomla_get_major_version() { - joomla_get_version | cut -d '.' -f 1 -} - -######################## -# Get Joomla! schema version -# Globals: -# JOOMLA_* -# Arguments: -# None -# Returns: -# String with Joomla schema version -######################### -joomla_get_version_schema() { - local -r migrations_dir=/opt/bitnami/joomla/administrator/components/com_admin/sql/updates/mysql - # Sort by date (specified in the filename), since files are named following the 'version-date.sql' pattern - # Regular sort does not work because the versions have different digits, example: 3.9.3 > 3.9.19 using sort - local -r regex=".*-([0-9]{4}-[0-9]{2}-[0-9]{2})\.sql" - local -r latest_date="$(find "$migrations_dir" -regextype posix-extended -regex "$regex" | sed -E "s/${regex}/\1/" | sort | tail -n 1)" - # Obtain the file associated with the date - find "$migrations_dir" -name "*-${latest_date}.sql" -exec basename {} \+ | sed 's/\.sql//g' -} - -######################## -# Ensure Joomla! is initialized -# Globals: -# JOOMLA_* -# Arguments: -# None -# Returns: -# None -######################### -joomla_initialize() { - # Check if Joomla! has already been initialized and persisted in a previous run - local db_host db_port db_name db_user db_pass - local -r app_name="joomla" - if ! is_app_initialized "$app_name"; then - # Ensure the base directory exists and has proper permissions - info "Configuring file permissions for Joomla!" - ensure_dir_exists "$JOOMLA_VOLUME_DIR" - # Use daemon:root ownership for compatibility when running as a non-root user - am_i_root && configure_permissions_ownership "$JOOMLA_VOLUME_DIR" -d "775" -f "664" -u "$WEB_SERVER_DAEMON_USER" -g "root" - # Configure Joomla! based on environment variables - info "Configuring Joomla! with settings provided via environment variables" - ## Site name - ! is_empty_value "$JOOMLA_SITE_NAME" && info "Setting site name" && joomla_conf_set "\$sitename" "$JOOMLA_SITE_NAME" && joomla_conf_set "\$fromname" "$JOOMLA_SITE_NAME" - ## SMTP - # Use JOOMLA_SMTP_HOST as a flag to know if SMTP should be enabled (the rest of parameters are check in the validation) - if ! is_empty_value "$JOOMLA_SMTP_HOST"; then - local smtp_auth_req=0 - ! is_empty_value "$JOOMLA_SMTP_USER" && smtp_auth_req=1 - - info "Enabling SMTP" && joomla_conf_set "\$mailer" "smtp" - debug "Enabling SMTP authorization" && joomla_conf_set "\$smtpauth" "$smtp_auth_req" - debug "Setting SMTP host" && joomla_conf_set "\$smtphost" "$JOOMLA_SMTP_HOST" - ! is_empty_value "$JOOMLA_SMTP_USER" && debug "Setting SMTP user" && joomla_conf_set "\$smtpuser" "$JOOMLA_SMTP_USER" - ! is_empty_value "$JOOMLA_SMTP_PASSWORD" && debug "Setting SMTP password" && joomla_conf_set "\$smtppass" "$JOOMLA_SMTP_PASSWORD" - debug "Setting SMTP port" && joomla_conf_set "\$smtpport" "$JOOMLA_SMTP_PORT_NUMBER" - debug "Setting SMTP protocol" && joomla_conf_set "\$smtpsecure" "$JOOMLA_SMTP_PROTOCOL" - ! is_empty_value "$JOOMLA_SMTP_SENDER_EMAIL" && debug "Setting SMTP sender email" && joomla_conf_set "\$mailfrom" "$JOOMLA_SMTP_SENDER_EMAIL" - ! is_empty_value "$JOOMLA_SMTP_SENDER_NAME" && debug "Setting SMTP sender name" && joomla_conf_set "\$fromname" "$JOOMLA_SMTP_SENDER_NAME" - fi - - info "Setting database host" && joomla_conf_set "\$host" "${JOOMLA_DATABASE_HOST}:${JOOMLA_DATABASE_PORT_NUMBER}" - info "Setting database name" && joomla_conf_set "\$db" "$JOOMLA_DATABASE_NAME" - info "Setting database user" && joomla_conf_set "\$user" "$JOOMLA_DATABASE_USER" - if ! is_boolean_yes "$ALLOW_EMPTY_PASSWORD"; then - info "Setting database password" && joomla_conf_set "\$password" "$JOOMLA_DATABASE_PASSWORD" - fi - local -r salt="${JOOMLA_SECRET:-$(generate_random_string -t alphanumeric -c 32)}" - info "Setting salt" && joomla_conf_set "\$secret" "$salt" - - info "Trying to connect to the database server" - db_host="$JOOMLA_DATABASE_HOST" - db_port="$JOOMLA_DATABASE_PORT_NUMBER" - db_name="$JOOMLA_DATABASE_NAME" - db_user="$JOOMLA_DATABASE_USER" - db_pass="$JOOMLA_DATABASE_PASSWORD" - joomla_wait_for_db_connection "$db_host" "$db_port" "$db_name" "$db_user" "$db_pass" - - if ! is_boolean_yes "$JOOMLA_SKIP_BOOTSTRAP"; then - local -r version_id="$(joomla_get_version_schema)" - local -r encrypted_password="$(generate_md5_hash "${JOOMLA_PASSWORD}${salt}")" - info "Executing initialization SQL commands" - echo "SOURCE ${JOOMLA_BASE_DIR}/installation/sql/mysql/base.sql" | mysql_remote_execute "$db_host" "$db_port" "$db_name" "$db_user" "$db_pass" - echo "SOURCE ${JOOMLA_BASE_DIR}/installation/sql/mysql/extensions.sql" | mysql_remote_execute "$db_host" "$db_port" "$db_name" "$db_user" "$db_pass" - echo "SOURCE ${JOOMLA_BASE_DIR}/installation/sql/mysql/supports.sql" | mysql_remote_execute "$db_host" "$db_port" "$db_name" "$db_user" "$db_pass" - echo "INSERT INTO jos_users(id, name, username, email, password, block, sendEmail, registerDate, params) VALUES(42, 'Super User', '$JOOMLA_USERNAME', '$JOOMLA_EMAIL', '${encrypted_password}:${salt}', 0, 1, '0000-00-00 00:00:00', '')" | mysql_remote_execute "$db_host" "$db_port" "$db_name" "$db_user" "$db_pass" - echo "INSERT INTO jos_user_usergroup_map(user_id, group_id) VALUES(42, 8)" | mysql_remote_execute "$db_host" "$db_port" "$db_name" "$db_user" "$db_pass" - echo "INSERT INTO jos_schemas(extension_id, version_id) VALUES(700, '${version_id}')" | mysql_remote_execute "$db_host" "$db_port" "$db_name" "$db_user" "$db_pass" - echo "UPDATE jos_extensions SET manifest_cache='{\"version\": \"$(joomla_get_version)\"}' WHERE name='files_joomla'" | mysql_remote_execute "$db_host" "$db_port" "$db_name" "$db_user" "$db_pass" - if ! is_boolean_yes "$JOOMLA_LOAD_SAMPLE_DATA"; then - info "Disabling sample data" - echo "UPDATE jos_extensions SET enabled='0' WHERE name LIKE '%sampledata%';" | mysql_remote_execute "$db_host" "$db_port" "$db_name" "$db_user" "$db_pass" - fi - else - info "An already initialized Joomla! database was provided, configuration will be skipped" - fi - # Delete installation files for getting the version schema - info "Deleting installation files" - rm -rf "${JOOMLA_BASE_DIR}/installation" - - info "Persisting Joomla! installation" - persist_app "$app_name" "$JOOMLA_DATA_TO_PERSIST" - else - info "Restoring persisted Joomla! installation" - restore_persisted_app "$app_name" "$JOOMLA_DATA_TO_PERSIST" - info "Trying to connect to the database server" - db_host="$(joomla_conf_get "\$host" | awk -F: '{print $1}')" - db_port="$(joomla_conf_get "\$host" | awk -F: '{print $2}')" - db_name="$(joomla_conf_get "\$db")" - db_user="$(joomla_conf_get "\$user")" - db_pass="$(joomla_conf_get "\$password")" - joomla_wait_for_db_connection "$db_host" "$db_port" "$db_name" "$db_user" "$db_pass" - fi - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Add or modify an entry in the Joomla! configuration file (config.inc.php) -# Globals: -# JOOMLA_* -# Arguments: -# $1 - PHP variable name -# $2 - Value to assign to the PHP variable -# $3 - Whether the value is a literal, or if instead it should be quoted (default: no) -# Returns: -# None -######################### -joomla_conf_set() { - local -r key="${1:?key missing}" - local -r value="${2:-}" - local -r is_literal="${3:-no}" - debug "Setting ${key} to '${value}' in Joomla! configuration (literal: ${is_literal})" - # Sanitize key (sed does not support fixed string substitutions) - local sanitized_pattern - sanitized_pattern="public $(sed 's/[]\[^$.*/]/\\&/g' <<< "$key")\s*=.*" - local entry - is_boolean_yes "$is_literal" && entry="${key} = $value;" || entry="public ${key} = '$value';" - # Check if the configuration exists in the file - if grep -q -E "$sanitized_pattern" "$JOOMLA_CONF_FILE"; then - # It exists, so replace the line - replace_in_file "$JOOMLA_CONF_FILE" "$sanitized_pattern" "$entry" - else - # The Joomla! configuration file includes all supported keys, but because of its format, - # we cannot append contents to the end. We can assume thi - warn "Could not set the Joomla! '${key}' configuration. Check that the file has not been modified externally." - fi -} - -######################## -# Get an entry from the Joomla! configuration file (config.inc.php) -# Globals: -# JOOMLA_* -# Arguments: -# $1 - PHP variable name -# Returns: -# None -######################### -joomla_conf_get() { - local -r key="${1:?key missing}" - debug "Getting ${key} from Joomla! configuration" - # Sanitize key (sed does not support fixed string substitutions) - local sanitized_pattern - sanitized_pattern="public $(sed 's/[]\[^$.*/]/\\&/g' <<< "$key")\s*=([^;/]+);.*$" - debug "$sanitized_pattern" - grep -E "$sanitized_pattern" "$JOOMLA_CONF_FILE" | sed -E "s|${sanitized_pattern}|\1|" | tr -d "\"\t' " -} - -######################## -# Wait until the database is accessible with the currently-known credentials -# Globals: -# * -# Arguments: -# $1 - database host -# $2 - database port -# $3 - database name -# $4 - database username -# $5 - database user password (optional) -# Returns: -# true if the database connection succeeded, false otherwise -######################### -joomla_wait_for_db_connection() { - local -r db_host="${1:?missing database host}" - local -r db_port="${2:?missing database port}" - local -r db_name="${3:?missing database name}" - local -r db_user="${4:?missing database user}" - local -r db_pass="${5:-}" - check_mysql_connection() { - echo "SELECT 1" | mysql_remote_execute "$db_host" "$db_port" "$db_name" "$db_user" "$db_pass" - } - if ! retry_while "check_mysql_connection"; then - error "Could not connect to the database" - return 1 - fi -} diff --git a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/libmysqlclient.sh b/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/libmysqlclient.sh deleted file mode 100644 index fc8e6ee12d28..000000000000 --- a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/libmysqlclient.sh +++ /dev/null @@ -1,1094 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami MySQL Client library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh - -######################## -# Validate settings in MYSQL_CLIENT_* environment variables -# Globals: -# MYSQL_CLIENT_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_client_validate() { - info "Validating settings in MYSQL_CLIENT_* env vars" - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - empty_password_enabled_warn() { - warn "You set the environment variable ALLOW_EMPTY_PASSWORD=${ALLOW_EMPTY_PASSWORD}. For safety reasons, do not use this flag in a production environment." - } - empty_password_error() { - print_validation_error "The $1 environment variable is empty or not set. Set the environment variable ALLOW_EMPTY_PASSWORD=yes to allow the container to be started with blank passwords. This is recommended only for development." - } - backslash_password_error() { - print_validation_error "The password cannot contain backslashes ('\'). Set the environment variable $1 with no backslashes (more info at https://dev.mysql.com/doc/refman/8.0/en/string-comparison-functions.html)" - } - - check_yes_no_value() { - if ! is_yes_no_value "${!1}" && ! is_true_false_value "${!1}"; then - print_validation_error "The allowed values for ${1} are: yes no" - fi - } - - check_multi_value() { - if [[ " ${2} " != *" ${!1} "* ]]; then - print_validation_error "The allowed values for ${1} are: ${2}" - fi - } - - # Only validate environment variables if any action needs to be performed - check_yes_no_value "MYSQL_CLIENT_ENABLE_SSL_WRAPPER" - check_multi_value "MYSQL_CLIENT_FLAVOR" "mariadb mysql" - - if [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_USER" || -n "$MYSQL_CLIENT_CREATE_DATABASE_NAME" ]]; then - if is_boolean_yes "$ALLOW_EMPTY_PASSWORD"; then - empty_password_enabled_warn - else - if [[ -z "$MYSQL_CLIENT_DATABASE_ROOT_PASSWORD" ]]; then - empty_password_error "MYSQL_CLIENT_DATABASE_ROOT_PASSWORD" - fi - if [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_USER" ]] && [[ -z "$MYSQL_CLIENT_CREATE_DATABASE_PASSWORD" ]]; then - empty_password_error "MYSQL_CLIENT_CREATE_DATABASE_PASSWORD" - fi - fi - if [[ "${MYSQL_CLIENT_DATABASE_ROOT_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "MYSQL_CLIENT_DATABASE_ROOT_PASSWORD" - fi - if [[ "${MYSQL_CLIENT_CREATE_DATABASE_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "MYSQL_CLIENT_CREATE_DATABASE_PASSWORD" - fi - fi - return "$error_code" -} - -######################## -# Perform actions to a database -# Globals: -# DB_* -# MYSQL_CLIENT_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_client_initialize() { - # Wrap binary to force the usage of SSL - if is_boolean_yes "$MYSQL_CLIENT_ENABLE_SSL_WRAPPER"; then - mysql_client_wrap_binary_for_ssl - fi - # Wait for the database to be accessible if any action needs to be performed - if [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_USER" || -n "$MYSQL_CLIENT_CREATE_DATABASE_NAME" ]]; then - info "Trying to connect to the database server" - check_mysql_connection() { - echo "SELECT 1" | mysql_execute "mysql" "$MYSQL_CLIENT_DATABASE_ROOT_USER" "$MYSQL_CLIENT_DATABASE_ROOT_PASSWORD" "-h" "$MYSQL_CLIENT_DATABASE_HOST" "-P" "$MYSQL_CLIENT_DATABASE_PORT_NUMBER" - } - if ! retry_while "check_mysql_connection"; then - error "Could not connect to the database server" - return 1 - fi - fi - # Ensure a database user exists in the server - if [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_USER" ]]; then - info "Creating database user ${MYSQL_CLIENT_CREATE_DATABASE_USER}" - local -a args=("$MYSQL_CLIENT_CREATE_DATABASE_USER" "--host" "$MYSQL_CLIENT_DATABASE_HOST" "--port" "$MYSQL_CLIENT_DATABASE_PORT_NUMBER") - [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_PASSWORD" ]] && args+=("-p" "$MYSQL_CLIENT_CREATE_DATABASE_PASSWORD") - [[ -n "$MYSQL_CLIENT_DATABASE_AUTHENTICATION_PLUGIN" ]] && args+=("--auth-plugin" "$MYSQL_CLIENT_DATABASE_AUTHENTICATION_PLUGIN") - mysql_ensure_optional_user_exists "${args[@]}" - fi - # Ensure a database exists in the server (and that the user has write privileges, if specified) - if [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_NAME" ]]; then - info "Creating database ${MYSQL_CLIENT_CREATE_DATABASE_NAME}" - local -a createdb_args=("$MYSQL_CLIENT_CREATE_DATABASE_NAME" "--host" "$MYSQL_CLIENT_DATABASE_HOST" "--port" "$MYSQL_CLIENT_DATABASE_PORT_NUMBER") - [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_USER" ]] && createdb_args+=("-u" "$MYSQL_CLIENT_CREATE_DATABASE_USER") - [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_CHARACTER_SET" ]] && createdb_args+=("--character-set" "$MYSQL_CLIENT_CREATE_DATABASE_CHARACTER_SET") - [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_COLLATE" ]] && createdb_args+=("--collate" "$MYSQL_CLIENT_CREATE_DATABASE_COLLATE") - [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_PRIVILEGES" ]] && createdb_args+=("--privileges" "$MYSQL_CLIENT_CREATE_DATABASE_PRIVILEGES") - mysql_ensure_optional_database_exists "${createdb_args[@]}" - fi -} - -######################## -# Wrap binary to force the usage of SSL -# Globals: -# DB_* -# MYSQL_CLIENT_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_client_wrap_binary_for_ssl() { - local wrapper_file="${DB_BIN_DIR}/mysql" - # In MySQL Client 10.6, mysql is a link to the mariadb binary - if [[ -f "${DB_BIN_DIR}/mariadb" ]]; then - wrapper_file="${DB_BIN_DIR}/mariadb" - fi - local -r wrapped_binary_file="${DB_BASE_DIR}/.bin/mysql" - local -a ssl_opts=() - read -r -a ssl_opts <<<"$(mysql_client_extra_opts)" - - mv "$wrapper_file" "$wrapped_binary_file" - cat >"$wrapper_file" <> "$custom_conf_file" - cat "$old_custom_conf_file" >> "$custom_conf_file" - fi - if am_i_root; then - [[ -e "$DB_VOLUME_DIR/.initialized" ]] && rm "$DB_VOLUME_DIR/.initialized" - rm -rf "$DB_VOLUME_DIR/conf" - else - warn "Old custom configuration migrated, please manually remove the 'conf' directory from the volume use to persist data" - fi -} - -######################## -# Ensure a db user exists with the given password for the '%' host -# Globals: -# DB_* -# Flags: -# -p|--password - database password -# -u|--user - database user -# --auth-plugin - authentication plugin -# --use-ldap - authenticate user via LDAP -# --host - database host -# --port - database host -# Arguments: -# $1 - database user -# Returns: -# None -######################### -mysql_ensure_user_exists() { - local -r user="${1:?user is required}" - local password="" - local auth_plugin="" - local use_ldap="no" - local hosts - local auth_string="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -p|--password) - shift - password="${1:?missing database password}" - ;; - --auth-plugin) - shift - auth_plugin="${1:?missing authentication plugin}" - ;; - --use-ldap) - use_ldap="yes" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if is_boolean_yes "$use_ldap"; then - auth_string="identified via pam using '$DB_FLAVOR'" - elif [[ -n "$password" ]]; then - if [[ -n "$auth_plugin" ]]; then - auth_string="identified with $auth_plugin by '$password'" - else - auth_string="identified by '$password'" - fi - fi - debug "creating database user \'$user\'" - - local -a mysql_execute_cmd=("mysql_execute") - local -a mysql_execute_print_output_cmd=("mysql_execute_print_output") - if [[ -n "$db_host" && -n "$db_port" ]]; then - mysql_execute_cmd=("mysql_remote_execute" "$db_host" "$db_port") - mysql_execute_print_output_cmd=("mysql_remote_execute_print_output" "$db_host" "$db_port") - fi - - local mysql_create_user_cmd - [[ "$DB_FLAVOR" = "mariadb" ]] && mysql_create_user_cmd="create or replace user" || mysql_create_user_cmd="create user if not exists" - "${mysql_execute_cmd[@]}" "mysql" "$DB_ROOT_USER" "$DB_ROOT_PASSWORD" <=10.4, the mysql.user table was replaced with a view: https://mariadb.com/kb/en/mysqluser-table/ - # Views have a definer user, in this case set to 'root', which needs to exist for the view to work - # In MySQL, to avoid issues when renaming the root user, they use the 'mysql.sys' user as a definer: https://dev.mysql.com/doc/refman/5.7/en/sys-schema.html - # However, for MariaDB that is not the case, so when the 'root' user is renamed the 'mysql.user' table stops working and the view needs to be fixed - if [[ "$user" != "root" && ! "$(mysql_get_version)" =~ ^10.[0123]. ]]; then - alter_view_str="$(mysql_execute_print_output "mysql" "$user" "$password" "-s" <&2 - return 1 - ;; - esac - shift - done - - local -a mysql_execute_cmd=("mysql_execute") - [[ -n "$db_host" && -n "$db_port" ]] && mysql_execute_cmd=("mysql_remote_execute" "$db_host" "$db_port") - - local -a create_database_args=() - [[ -n "$character_set" ]] && create_database_args+=("character set = '${character_set}'") - [[ -n "$collate" ]] && create_database_args+=("collate = '${collate}'") - - debug "Creating database $database" - "${mysql_execute_cmd[@]}" "mysql" "$DB_ROOT_USER" "$DB_ROOT_PASSWORD" <&2 - return 1 - ;; - esac - shift - done - - local -a flags=("$user") - [[ -n "$db_host" ]] && flags+=("--host" "${db_host}") - [[ -n "$db_port" ]] && flags+=("--port" "${db_port}") - if is_boolean_yes "$use_ldap"; then - flags+=("--use-ldap") - elif [[ -n "$password" ]]; then - flags+=("-p" "$password") - [[ -n "$auth_plugin" ]] && flags=("${flags[@]}" "--auth-plugin" "$auth_plugin") - fi - mysql_ensure_user_exists "${flags[@]}" -} - -######################## -# Optionally create the given database, and then optionally give a user -# full privileges on the database. -# Flags: -# -u|--user - database user -# --character-set - character set -# --collation - collation -# --host - database host -# --port - database port -# Arguments: -# $1 - database name -# Returns: -# None -######################### -mysql_ensure_optional_database_exists() { - local -r database="${1:?database is missing}" - local character_set="" - local collate="" - local user="" - local privileges="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - --character-set) - shift - character_set="${1:?missing character set}" - ;; - --collate) - shift - collate="${1:?missing collate}" - ;; - -u|--user) - shift - user="${1:?missing database user}" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - --privileges) - shift - privileges="${1:?missing privileges}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - local -a flags=("$database") - [[ -n "$character_set" ]] && flags+=("--character-set" "$character_set") - [[ -n "$collate" ]] && flags+=("--collate" "$collate") - [[ -n "$db_host" ]] && flags+=("--host" "$db_host") - [[ -n "$db_port" ]] && flags+=("--port" "$db_port") - mysql_ensure_database_exists "${flags[@]}" - - if [[ -n "$user" ]]; then - mysql_ensure_user_has_database_privileges "$user" "$database" "$privileges" "$db_host" "$db_port" - fi -} - -######################## -# Add or modify an entry in the MySQL configuration file ("$DB_CONF_FILE") -# Globals: -# DB_* -# Arguments: -# $1 - MySQL variable name -# $2 - Value to assign to the MySQL variable -# $3 - Section in the MySQL configuration file the key is located (default: mysqld) -# $4 - Configuration file (default: "$BD_CONF_FILE") -# Returns: -# None -######################### -mysql_conf_set() { - local -r key="${1:?key missing}" - local -r value="${2:?value missing}" - read -r -a sections <<<"${3:-mysqld}" - local -r ignore_inline_comments="${4:-no}" - local -r file="${5:-"$DB_CONF_FILE"}" - info "Setting ${key} option" - debug "Setting ${key} to '${value}' in ${DB_FLAVOR} configuration file ${file}" - # Check if the configuration exists in the file - for section in "${sections[@]}"; do - if is_boolean_yes "$ignore_inline_comments"; then - ini-file set --ignore-inline-comments --section "$section" --key "$key" --value "$value" "$file" - else - ini-file set --section "$section" --key "$key" --value "$value" "$file" - fi - done -} - -######################## -# Update MySQL/MariaDB configuration file with user custom inputs -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_update_custom_config() { - # Persisted configuration files from old versions - ! is_dir_empty "$DB_VOLUME_DIR" && [[ -d "$DB_VOLUME_DIR/conf" ]] && mysql_migrate_old_configuration - - # User injected custom configuration - if [[ -f "$DB_CONF_DIR/my_custom.cnf" ]]; then - debug "Injecting custom configuration from my_custom.conf" - cat "$DB_CONF_DIR/my_custom.cnf" > "$DB_CONF_DIR/bitnami/my_custom.cnf" - fi - - ! is_empty_value "$DB_USER" && mysql_conf_set "user" "$DB_USER" "mysqladmin" - ! is_empty_value "$DB_PORT_NUMBER" && mysql_conf_set "port" "$DB_PORT_NUMBER" "mysqld client manager" - ! is_empty_value "$DB_CHARACTER_SET" && mysql_conf_set "character_set_server" "$DB_CHARACTER_SET" - ! is_empty_value "$DB_COLLATE" && mysql_conf_set "collation_server" "$DB_COLLATE" - ! is_empty_value "$DB_BIND_ADDRESS" && mysql_conf_set "bind_address" "$DB_BIND_ADDRESS" - ! is_empty_value "$DB_AUTHENTICATION_PLUGIN" && mysql_conf_set "default_authentication_plugin" "$DB_AUTHENTICATION_PLUGIN" - ! is_empty_value "$DB_SQL_MODE" && mysql_conf_set "sql_mode" "$DB_SQL_MODE" - ! is_empty_value "$DB_ENABLE_SLOW_QUERY" && mysql_conf_set "slow_query_log" "$DB_ENABLE_SLOW_QUERY" - ! is_empty_value "$DB_LONG_QUERY_TIME" && mysql_conf_set "long_query_time" "$DB_LONG_QUERY_TIME" - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Find the path to the libjemalloc library file -# Globals: -# None -# Arguments: -# None -# Returns: -# Path to a libjemalloc shared object file -######################### -find_jemalloc_lib() { - local -a locations=( "/usr/lib" "/usr/lib64" ) - local -r pattern='libjemalloc.so.[0-9]' - local path - for dir in "${locations[@]}"; do - # Find the first element matching the pattern and quit - [[ ! -d "$dir" ]] && continue - path="$(find "$dir" -name "$pattern" -print -quit)" - [[ -n "$path" ]] && break - done - echo "${path:-}" -} - -######################## -# Execute a reliable health check against the current mysql instance -# Globals: -# DB_ROOT_PASSWORD, DB_MASTER_ROOT_PASSWORD -# Arguments: -# None -# Returns: -# mysqladmin output -######################### -mysql_healthcheck() { - local args=("-uroot" "-h0.0.0.0") - local root_password - - root_password="$(get_master_env_var_value ROOT_PASSWORD)" - if [[ -n "$root_password" ]]; then - args+=("-p${root_password}") - fi - - mysqladmin "${args[@]}" ping && mysqladmin "${args[@]}" status -} - -######################## -# Prints flavor of 'mysql' client (useful to determine proper CLI flags that can be used) -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# mysql client flavor -######################### -mysql_client_flavor() { - if "${DB_BIN_DIR}/mysql" "--version" 2>&1 | grep -q MariaDB; then - echo "mariadb" - else - echo "mysql" - fi -} - -######################## -# Prints extra options for MySQL client calls (i.e. SSL options) -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# List of options to pass to "mysql" CLI -######################### -mysql_client_extra_opts() { - # Helper to get the proper value for the MySQL client environment variable - mysql_client_env_value() { - local env_name="MYSQL_CLIENT_${1:?missing name}" - if [[ -n "${!env_name:-}" ]]; then - echo "${!env_name:-}" - else - env_name="DB_CLIENT_${1}" - echo "${!env_name:-}" - fi - } - local -a opts=() - local key value - if is_boolean_yes "${DB_ENABLE_SSL:-no}"; then - if [[ "$(mysql_client_flavor)" = "mysql" ]]; then - opts+=("--ssl-mode=REQUIRED") - else - opts+=("--ssl=TRUE") - fi - # Add "--ssl-ca", "--ssl-key" and "--ssl-cert" options if the env vars are defined - for key in ca key cert; do - value="$(mysql_client_env_value "SSL_${key^^}_FILE")" - [[ -n "${value}" ]] && opts+=("--ssl-${key}=${value}") - done - fi - echo "${opts[@]:-}" -} diff --git a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/libphp.sh b/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/libphp.sh deleted file mode 100644 index a107519847f5..000000000000 --- a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/libphp.sh +++ /dev/null @@ -1,260 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami PHP library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libwebserver.sh - -######################## -# Add or modify an entry in the main PHP configuration file (php.ini) -# Globals: -# PHP_CONF_FILE -# Arguments: -# $1 - Key -# $2 - Value -# $3 - File to modify (default: $PHP_CONF_FILE) -# Returns: -# None -######################### -php_conf_set() { - local -r key="${1:?key missing}" - local -r value="${2:?value missing}" - local -r file="${3:-"$PHP_CONF_FILE"}" - local pattern="^[; ]*${key}\s*=.*$" - if [[ "$key" = "extension" || "$key" = "zend_extension" ]]; then - # The "extension" property works a bit different for PHP, as there is one per module to be included, meaning it is additive unlike other configurations - # Because of that, we first check if the extension was defined in the file to replace the proper entry - pattern="^[; ]*${key}\s*=\s*[\"]?${value}(\.so)?[\"]?\s*$" - fi - local -r entry="${key} = ${value}" - if is_file_writable "$file"; then - # Not using the ini-file tool since it does not play well with php.ini - if grep -q -E "$pattern" "$file"; then - replace_in_file "$file" "$pattern" "$entry" - else - cat >> "$file" <<< "$entry" - fi - else - warn "The PHP configuration file '${file}' is not writable. The '${key}' option will not be configured." - fi -} - -######################## -# Ensure PHP is initialized -# Globals: -# PHP_* -# Arguments: -# None -# Returns: -# None -######################### -php_initialize() { - # Configure PHP options based on the runtime environment - info "Configuring PHP options" - php_set_runtime_config "$PHP_CONF_FILE" - - # PHP-FPM configuration - ! is_empty_value "$PHP_FPM_LISTEN_ADDRESS" && info "Setting PHP-FPM listen option" && php_conf_set "listen" "$PHP_FPM_LISTEN_ADDRESS" "${PHP_CONF_DIR}/php-fpm.d/www.conf" - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Set PHP runtime options, based on user-provided environment variables -# Globals: -# PHP_* -# Arguments: -# None -# Returns: -# None -######################### -php_set_runtime_config() { - local -r conf_file="${1:?missing conf file}" - - ! is_empty_value "$PHP_DATE_TIMEZONE" && info "Setting PHP date.timezone option" && php_conf_set date.timezone "$PHP_DATE_TIMEZONE" "$conf_file" - ! is_empty_value "$PHP_ENABLE_OPCACHE" && info "Setting PHP opcache.enable option" && php_conf_set opcache.enable "$PHP_ENABLE_OPCACHE" "$conf_file" - ! is_empty_value "$PHP_EXPOSE_PHP" && info "Setting PHP expose_php option" && php_conf_set expose_php "$PHP_EXPOSE_PHP" "$conf_file" - ! is_empty_value "$PHP_MAX_EXECUTION_TIME" && info "Setting PHP max_execution_time option" && php_conf_set max_execution_time "$PHP_MAX_EXECUTION_TIME" "$conf_file" - ! is_empty_value "$PHP_MAX_INPUT_TIME" && info "Setting PHP max_input_time option" && php_conf_set max_input_time "$PHP_MAX_INPUT_TIME" "$conf_file" - ! is_empty_value "$PHP_MAX_INPUT_VARS" && info "Setting PHP max_input_vars option" && php_conf_set max_input_vars "$PHP_MAX_INPUT_VARS" "$conf_file" - ! is_empty_value "$PHP_MEMORY_LIMIT" && info "Setting PHP memory_limit option" && php_conf_set memory_limit "$PHP_MEMORY_LIMIT" "$conf_file" - ! is_empty_value "$PHP_POST_MAX_SIZE" && info "Setting PHP post_max_size option" && php_conf_set post_max_size "$PHP_POST_MAX_SIZE" "$conf_file" - ! is_empty_value "$PHP_UPLOAD_MAX_FILESIZE" && info "Setting PHP upload_max_filesize option" && php_conf_set upload_max_filesize "$PHP_UPLOAD_MAX_FILESIZE" "$conf_file" - ! is_empty_value "$PHP_OUTPUT_BUFFERING" && info "Setting PHP output_buffering option" && php_conf_set output_buffering "$PHP_OUTPUT_BUFFERING" "$conf_file" - - true -} - -######################## -# Convert a yes/no value to a PHP boolean -# Globals: -# None -# Arguments: -# $1 - yes/no value -# Returns: -# None -######################### -php_convert_to_boolean() { - local -r value="${1:?missing value}" - is_boolean_yes "$value" && echo "true" || echo "false" -} - -######################## -# Execute/run PHP code and print to stdout -# Globals: -# None -# Stdin: -# Code to execute -# Arguments: -# $1..$n - Input arguments to script -# Returns: -# None -######################### -php_execute_print_output() { - local php_cmd - # Obtain the command specified via stdin - php_cmd="$(/dev/null 2>&1 & - if ! retry_while "is_php_fpm_running"; then - error "php-fpm did not start" - error_code=1 - else - info "php-fpm started" - fi -else - info "php-fpm is already running" -fi - -exit "$error_code" diff --git a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/php/status.sh b/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/php/status.sh deleted file mode 100755 index fcb71cf40410..000000000000 --- a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/php/status.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libphp.sh -. /opt/bitnami/scripts/liblog.sh - -# Load PHP-FPM environment variables -. /opt/bitnami/scripts/php-env.sh - -if is_php_fpm_running; then - info "php-fpm is already running" -else - info "php-fpm is not running" -fi diff --git a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/php/stop.sh b/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/php/stop.sh deleted file mode 100755 index 153f256030eb..000000000000 --- a/bitnami/joomla/5/debian-11/rootfs/opt/bitnami/scripts/php/stop.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libphp.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh - -# Load PHP-FPM environment variables -. /opt/bitnami/scripts/php-env.sh - -error_code=0 - -if is_php_fpm_running; then - BITNAMI_QUIET=1 php_fpm_stop - if ! retry_while "is_php_fpm_not_running"; then - error "php-fpm could not be stopped" - error_code=1 - else - info "php-fpm stopped" - fi -else - info "php-fpm is not running" -fi - -exit "$error_code" diff --git a/bitnami/joomla/5/debian-11/rootfs/post-init.d/php.sh b/bitnami/joomla/5/debian-11/rootfs/post-init.d/php.sh deleted file mode 100755 index 75fbeb8b58bc..000000000000 --- a/bitnami/joomla/5/debian-11/rootfs/post-init.d/php.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Executes custom PHP init scripts - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries with logging functions -if [[ -f /opt/bitnami/base/functions ]]; then - . /opt/bitnami/base/functions -else - . /opt/bitnami/scripts/liblog.sh -fi - -# Loop through all input files passed via stdin -read -r -a custom_init_scripts <<< "$@" -failure=0 -if [[ "${#custom_init_scripts[@]}" -gt 0 ]]; then - for custom_init_script in "${custom_init_scripts[@]}"; do - [[ "$custom_init_script" != *".php" ]] && continue - info "Executing ${custom_init_script} with PHP interpreter" - php "$custom_init_script" || failure=1 - [[ "$failure" -ne 0 ]] && error "Failed to execute ${custom_init_script}" - done -fi - -exit "$failure" diff --git a/bitnami/joomla/5/debian-11/rootfs/post-init.d/shell.sh b/bitnami/joomla/5/debian-11/rootfs/post-init.d/shell.sh deleted file mode 100755 index 15ec2defbee7..000000000000 --- a/bitnami/joomla/5/debian-11/rootfs/post-init.d/shell.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Executes custom Bash init scripts - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries with logging functions -if [[ -f /opt/bitnami/base/functions ]]; then - . /opt/bitnami/base/functions -else - . /opt/bitnami/scripts/liblog.sh -fi - -# Loop through all input files passed via stdin -read -r -a custom_init_scripts <<< "$@" -failure=0 -if [[ "${#custom_init_scripts[@]}" -gt 0 ]]; then - for custom_init_script in "${custom_init_scripts[@]}"; do - [[ "$custom_init_script" != *".sh" ]] && continue - if [[ -x "$custom_init_script" ]]; then - info "Executing ${custom_init_script}" - "$custom_init_script" || failure="1" - else - info "Sourcing ${custom_init_script} as it is not executable by the current user, any error may cause initialization to fail" - . "$custom_init_script" - fi - [[ "$failure" -ne 0 ]] && error "Failed to execute ${custom_init_script}" - done -fi - -exit "$failure" diff --git a/bitnami/joomla/5/debian-11/rootfs/post-init.d/sql-mysql.sh b/bitnami/joomla/5/debian-11/rootfs/post-init.d/sql-mysql.sh deleted file mode 100755 index 3618812a8335..000000000000 --- a/bitnami/joomla/5/debian-11/rootfs/post-init.d/sql-mysql.sh +++ /dev/null @@ -1,48 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Executes custom MySQL (.sql or .sql.gz) init scripts - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries with logging functions -if [[ -f /opt/bitnami/base/functions ]]; then - . /opt/bitnami/base/functions -else - . /opt/bitnami/scripts/liblog.sh -fi - -mysql_execute() { - local -r sql_file="${1:?missing file}" - local failure=0 - mysql_cmd=("mysql" "-h" "$MARIADB_HOST" "-P" "$MARIADB_PORT_NUMBER" "-u" "$MARIADB_ROOT_USER") - if [[ "${ALLOW_EMPTY_PASSWORD:-no}" != "yes" ]]; then - mysql_cmd+=("-p${MARIADB_ROOT_PASSWORD}") - fi - if [[ "$sql_file" == *".sql" ]]; then - "${mysql_cmd[@]}" < "$sql_file" || failure=$? - elif [[ "$sql_file" == *".sql.gz" ]]; then - gunzip -c "$sql_file" | "${mysql_cmd[@]}" || failure=$? - fi - return "$failure" -} - -# Loop through all input files passed via stdin -read -r -a custom_init_scripts <<< "$@" -failure=0 -if [[ "${#custom_init_scripts[@]}" -gt 0 ]]; then - for custom_init_script in "${custom_init_scripts[@]}"; do - [[ ! "$custom_init_script" =~ ^.*(\.sql|\.sql\.gz)$ ]] && continue - info "Executing ${custom_init_script}" - mysql_execute "$custom_init_script" || failure=1 - [[ "$failure" -ne 0 ]] && error "Failed to execute ${custom_init_script}" - done -fi - -exit "$failure" diff --git a/bitnami/joomla/5/debian-11/rootfs/post-init.sh b/bitnami/joomla/5/debian-11/rootfs/post-init.sh deleted file mode 100755 index 4efc11b682d7..000000000000 --- a/bitnami/joomla/5/debian-11/rootfs/post-init.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Only execute init scripts once -if [[ ! -f "/bitnami/joomla/.user_scripts_initialized" && -d "/docker-entrypoint-init.d" ]]; then - read -r -a init_scripts <<< "$(find "/docker-entrypoint-init.d" -type f -print0 | sort -z | xargs -0)" - if [[ "${#init_scripts[@]}" -gt 0 ]] && [[ ! -f "/bitnami/joomla/.user_scripts_initialized" ]]; then - mkdir -p "/bitnami/joomla" - for init_script in "${init_scripts[@]}"; do - for init_script_type_handler in /post-init.d/*.sh; do - "$init_script_type_handler" "$init_script" - done - done - fi - - touch "/bitnami/joomla/.user_scripts_initialized" -fi diff --git a/bitnami/joomla/5/debian-11/tags-info.yaml b/bitnami/joomla/5/debian-11/tags-info.yaml deleted file mode 100644 index 0cc5837fe8a2..000000000000 --- a/bitnami/joomla/5/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "5" -- 5-debian-11 -- 5.0.2 -- latest diff --git a/bitnami/jruby/9.4/debian-11/Dockerfile b/bitnami/jruby/9.4/debian-11/Dockerfile deleted file mode 100644 index 16350c3a7bc0..000000000000 --- a/bitnami/jruby/9.4/debian-11/Dockerfile +++ /dev/null @@ -1,57 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T06:56:22Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="9.4.5-0-debian-11-r26" \ - org.opencontainers.image.title="jruby" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="9.4.5-0" - -ENV OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages build-essential ca-certificates curl git libbrotli1 libbz2-1.0 libcom-err2 libcrypt1 libcurl4 libexpat1 libffi7 libgcc-s1 libgcrypt20 libgmp10 libgnutls30 libgpg-error0 libgssapi-krb5-2 libhogweed6 libidn2-0 libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 libldap-2.4-2 liblzma5 libncursesw6 libnettle8 libnghttp2-14 libnsl2 libp11-kit0 libpsl5 libreadline8 librtmp1 libsasl2-2 libsqlite3-0 libsqlite3-dev libssh2-1 libssl-dev libssl1.1 libstdc++6 libtasn1-6 libtinfo6 libtirpc3 libunistring2 pkg-config procps sqlite3 unzip wget zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "python-3.11.8-0-linux-${OS_ARCH}-debian-11" \ - "node-18.19.1-0-linux-${OS_ARCH}-debian-11" \ - "java-17.0.10-13-2-linux-${OS_ARCH}-debian-11" \ - "jruby-9.4.5-0-4-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN sed -i 's/^PASS_MAX_DAYS.*/PASS_MAX_DAYS 90/' /etc/login.defs && \ - sed -i 's/^PASS_MIN_DAYS.*/PASS_MIN_DAYS 0/' /etc/login.defs && \ - sed -i 's/sha512/sha512 minlen=8/' /etc/pam.d/common-password - -ENV APP_VERSION="9.4.5-0" \ - BITNAMI_APP_NAME="jruby" \ - PATH="/opt/bitnami/python/bin:/opt/bitnami/node/bin:/opt/bitnami/java/bin:/opt/bitnami/jruby/bin:$PATH" - -EXPOSE 3000 - -WORKDIR /app -CMD [ "irb" ] diff --git a/bitnami/jruby/9.4/debian-11/docker-compose.yml b/bitnami/jruby/9.4/debian-11/docker-compose.yml deleted file mode 100644 index 70389639c0b4..000000000000 --- a/bitnami/jruby/9.4/debian-11/docker-compose.yml +++ /dev/null @@ -1,14 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' - -services: - jruby: - tty: true # Enables debugging capabilities when attached to this container. - image: docker.io/bitnami/jruby:9.4 - # command: sh -c 'bundle install && bundle exec rails server -b 0.0.0.0 -p 3000' - ports: - - 3000:3000 - volumes: - - .:/app diff --git a/bitnami/jruby/9.4/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/jruby/9.4/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 6e34f5ab3fc4..000000000000 --- a/bitnami/jruby/9.4/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,26 +0,0 @@ -{ - "java": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "17.0.10-13-2" - }, - "jruby": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "9.4.5-0-4" - }, - "node": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "18.19.1-0" - }, - "python": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.11.8-0" - } -} \ No newline at end of file diff --git a/bitnami/jruby/9.4/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/jruby/9.4/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/jruby/9.4/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/jruby/9.4/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/jruby/9.4/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/jruby/9.4/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/jruby/9.4/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/jruby/9.4/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/jruby/9.4/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/jruby/9.4/debian-11/tags-info.yaml b/bitnami/jruby/9.4/debian-11/tags-info.yaml deleted file mode 100644 index 6d5c214347b7..000000000000 --- a/bitnami/jruby/9.4/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "9.4" -- 9.4-debian-11 -- 9.4.5-0 -- latest diff --git a/bitnami/jsonnet/0/debian-11/Dockerfile b/bitnami/jsonnet/0/debian-11/Dockerfile deleted file mode 100644 index d5faab412dd7..000000000000 --- a/bitnami/jsonnet/0/debian-11/Dockerfile +++ /dev/null @@ -1,53 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T05:41:17Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="0.20.0-debian-11-r127" \ - org.opencontainers.image.title="jsonnet" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="0.20.0" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libgcc-s1 libstdc++6 procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "jsonnet-0.20.0-5-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y ca-certificates curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -RUN chmod +x /opt/bitnami/jsonnet/bin/jsonnet -ENV APP_VERSION="0.20.0" \ - BITNAMI_APP_NAME="jsonnet" \ - PATH="/opt/bitnami/jsonnet/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "jsonnet" ] -CMD [ "--help" ] diff --git a/bitnami/jsonnet/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/jsonnet/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index e7c6c25ceeb9..000000000000 --- a/bitnami/jsonnet/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "jsonnet": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "0.20.0-5" - } -} \ No newline at end of file diff --git a/bitnami/jsonnet/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/jsonnet/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/jsonnet/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/jsonnet/0/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/jsonnet/0/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/jsonnet/0/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/jsonnet/0/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/jsonnet/0/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/jsonnet/0/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/jsonnet/0/debian-11/tags-info.yaml b/bitnami/jsonnet/0/debian-11/tags-info.yaml deleted file mode 100644 index 02b64ae8afbd..000000000000 --- a/bitnami/jsonnet/0/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "0" -- 0-debian-11 -- 0.20.0 -- latest diff --git a/bitnami/jupyter-base-notebook/4/debian-11/Dockerfile b/bitnami/jupyter-base-notebook/4/debian-11/Dockerfile deleted file mode 100644 index b9719a1c5af9..000000000000 --- a/bitnami/jupyter-base-notebook/4/debian-11/Dockerfile +++ /dev/null @@ -1,54 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T05:42:36Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="4.0.2-debian-11-r94" \ - org.opencontainers.image.title="jupyter-base-notebook" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="4.0.2" - -ENV HOME="/opt/bitnami/jupyterhub-singleuser/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libbrotli1 libbz2-1.0 libcom-err2 libcrypt1 libcurl4 libffi7 libgcc-s1 libgcrypt20 libgmp10 libgnutls30 libgpg-error0 libgssapi-krb5-2 libhogweed6 libicu67 libidn2-0 libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 libldap-2.4-2 liblz4-1 liblzma5 libncursesw6 libnettle8 libnghttp2-14 libp11-kit0 libpsl5 libreadline8 librtmp1 libsasl2-2 libssh2-1 libssl1.1 libstdc++6 libtasn1-6 libtinfo6 libunistring2 libxml2 libzstd1 procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "miniconda-23.11.0-1-linux-${OS_ARCH}-debian-11" \ - "jupyter-base-notebook-4.0.2-22-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN mkdir /opt/bitnami/jupyterhub-singleuser/ && chmod g+rwX /opt/bitnami/jupyterhub-singleuser/ - -ENV APP_VERSION="4.0.2" \ - BITNAMI_APP_NAME="jupyter-base-notebook" \ - PATH="/opt/bitnami/miniconda/bin:/opt/bitnami/common/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "tini", "-g", "--" ] -CMD [ "jupyterhub-singleuser" ] diff --git a/bitnami/jupyter-base-notebook/4/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/jupyter-base-notebook/4/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index bb7161dd100f..000000000000 --- a/bitnami/jupyter-base-notebook/4/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "jupyter-base-notebook": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "4.0.2-22" - }, - "miniconda": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "23.11.0-1" - } -} \ No newline at end of file diff --git a/bitnami/jupyter-base-notebook/4/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/jupyter-base-notebook/4/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/jupyter-base-notebook/4/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/jupyter-base-notebook/4/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/jupyter-base-notebook/4/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/jupyter-base-notebook/4/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/jupyter-base-notebook/4/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/jupyter-base-notebook/4/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/jupyter-base-notebook/4/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/jupyter-base-notebook/4/debian-11/tags-info.yaml b/bitnami/jupyter-base-notebook/4/debian-11/tags-info.yaml deleted file mode 100644 index 09bd7d87747d..000000000000 --- a/bitnami/jupyter-base-notebook/4/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "4" -- 4-debian-11 -- 4.0.2 -- latest diff --git a/bitnami/jupyterhub/4/debian-11/Dockerfile b/bitnami/jupyterhub/4/debian-11/Dockerfile deleted file mode 100644 index ef35ea20c0d9..000000000000 --- a/bitnami/jupyterhub/4/debian-11/Dockerfile +++ /dev/null @@ -1,52 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T05:44:58Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="4.0.2-debian-11-r89" \ - org.opencontainers.image.title="jupyterhub" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="4.0.2" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libbrotli1 libbz2-1.0 libcom-err2 libcrypt1 libcurl4 libffi7 libgcc-s1 libgcrypt20 libgmp10 libgnutls30 libgpg-error0 libgssapi-krb5-2 libhogweed6 libicu67 libidn2-0 libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 libldap-2.4-2 liblz4-1 liblzma5 libncursesw6 libnettle8 libnghttp2-14 libp11-kit0 libpsl5 libreadline8 librtmp1 libsasl2-2 libssh2-1 libssl1.1 libstdc++6 libtasn1-6 libtinfo6 libunistring2 libxml2 libzstd1 procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "miniconda-23.11.0-1-linux-${OS_ARCH}-debian-11" \ - "jupyterhub-4.0.2-15-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="4.0.2" \ - BITNAMI_APP_NAME="jupyterhub" \ - PATH="/opt/bitnami/miniconda/bin:/opt/bitnami/miniconda/bin/:$PATH" - -USER 1001 -ENTRYPOINT [ "jupyterhub" ] diff --git a/bitnami/jupyterhub/4/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/jupyterhub/4/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 218c37e7119c..000000000000 --- a/bitnami/jupyterhub/4/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "jupyterhub": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "4.0.2-15" - }, - "miniconda": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "23.11.0-1" - } -} \ No newline at end of file diff --git a/bitnami/jupyterhub/4/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/jupyterhub/4/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/jupyterhub/4/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/jupyterhub/4/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/jupyterhub/4/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/jupyterhub/4/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/jupyterhub/4/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/jupyterhub/4/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/jupyterhub/4/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/jupyterhub/4/debian-11/tags-info.yaml b/bitnami/jupyterhub/4/debian-11/tags-info.yaml deleted file mode 100644 index 09bd7d87747d..000000000000 --- a/bitnami/jupyterhub/4/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "4" -- 4-debian-11 -- 4.0.2 -- latest diff --git a/bitnami/jwt-cli/6/debian-11/Dockerfile b/bitnami/jwt-cli/6/debian-11/Dockerfile deleted file mode 100644 index b55947cc5571..000000000000 --- a/bitnami/jwt-cli/6/debian-11/Dockerfile +++ /dev/null @@ -1,51 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T05:52:47Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="6.0.0-debian-11-r47" \ - org.opencontainers.image.title="jwt-cli" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="6.0.0" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libgcc-s1 procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "jwt-cli-6.0.0-3-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN useradd -r -u 1001 -g root jwt-cli -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="6.0.0" \ - BITNAMI_APP_NAME="jwt-cli" \ - PATH="/opt/bitnami/jwt-cli/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/jwt-cli/bin/jwt" ] diff --git a/bitnami/jwt-cli/6/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/jwt-cli/6/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 2114beebaaa6..000000000000 --- a/bitnami/jwt-cli/6/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "jwt-cli": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "6.0.0-3" - } -} \ No newline at end of file diff --git a/bitnami/jwt-cli/6/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/jwt-cli/6/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/jwt-cli/6/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/jwt-cli/6/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/jwt-cli/6/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/jwt-cli/6/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/jwt-cli/6/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/jwt-cli/6/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/jwt-cli/6/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/jwt-cli/6/debian-11/tags-info.yaml b/bitnami/jwt-cli/6/debian-11/tags-info.yaml deleted file mode 100644 index b7ccff3f3d48..000000000000 --- a/bitnami/jwt-cli/6/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "6" -- 6-debian-11 -- 6.0.0 -- latest diff --git a/bitnami/kafka-exporter/1/debian-11/Dockerfile b/bitnami/kafka-exporter/1/debian-11/Dockerfile deleted file mode 100644 index f3ca2e2d49cb..000000000000 --- a/bitnami/kafka-exporter/1/debian-11/Dockerfile +++ /dev/null @@ -1,54 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T05:57:58Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.7.0-debian-11-r160" \ - org.opencontainers.image.title="kafka-exporter" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="1.7.0" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "kafka-exporter-1.7.0-13-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="1.7.0" \ - BITNAMI_APP_NAME="kafka-exporter" \ - PATH="/opt/bitnami/kafka-exporter/bin:$PATH" - -EXPOSE 9308 - -WORKDIR /opt/bitnami/kafka-exporter -USER 1001 -ENTRYPOINT [ "kafka_exporter" ] diff --git a/bitnami/kafka-exporter/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/kafka-exporter/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 09bc9cc5686f..000000000000 --- a/bitnami/kafka-exporter/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "kafka-exporter": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.7.0-13" - } -} \ No newline at end of file diff --git a/bitnami/kafka-exporter/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/kafka-exporter/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/kafka-exporter/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/kafka-exporter/1/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/kafka-exporter/1/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/kafka-exporter/1/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/kafka-exporter/1/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/kafka-exporter/1/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/kafka-exporter/1/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/kafka-exporter/1/debian-11/tags-info.yaml b/bitnami/kafka-exporter/1/debian-11/tags-info.yaml deleted file mode 100644 index c12a7a21c494..000000000000 --- a/bitnami/kafka-exporter/1/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "1" -- 1-debian-11 -- 1.7.0 -- latest diff --git a/bitnami/kafka/3.2/debian-11/Dockerfile b/bitnami/kafka/3.2/debian-11/Dockerfile deleted file mode 100644 index 7a91e98b7ba3..000000000000 --- a/bitnami/kafka/3.2/debian-11/Dockerfile +++ /dev/null @@ -1,63 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG JAVA_EXTRA_SECURITY_DIR="/bitnami/java/extra-security" -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T06:08:49Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="3.2.3-debian-11-r253" \ - org.opencontainers.image.title="kafka" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="3.2.3" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "wait-for-port-1.0.7-9-linux-${OS_ARCH}-debian-11" \ - "render-template-1.0.6-9-linux-${OS_ARCH}-debian-11" \ - "java-17.0.10-13-2-linux-${OS_ARCH}-debian-11" \ - "kafka-3.2.3-15-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN ln -s /opt/bitnami/scripts/kafka/entrypoint.sh /entrypoint.sh -RUN ln -s /opt/bitnami/scripts/kafka/run.sh /run.sh - -COPY rootfs / -RUN /opt/bitnami/scripts/java/postunpack.sh -RUN /opt/bitnami/scripts/kafka/postunpack.sh -ENV APP_VERSION="3.2.3" \ - BITNAMI_APP_NAME="kafka" \ - JAVA_HOME="/opt/bitnami/java" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/java/bin:/opt/bitnami/kafka/bin:$PATH" - -EXPOSE 9092 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/kafka/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/kafka/run.sh" ] diff --git a/bitnami/kafka/3.2/debian-11/docker-compose.yml b/bitnami/kafka/3.2/debian-11/docker-compose.yml deleted file mode 100644 index fb8292e3e455..000000000000 --- a/bitnami/kafka/3.2/debian-11/docker-compose.yml +++ /dev/null @@ -1,26 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: "2" - -services: - kafka: - image: docker.io/bitnami/kafka:3.2 - ports: - - "9092:9092" - volumes: - - "kafka_data:/bitnami" - environment: - # KRaft settings - - KAFKA_CFG_NODE_ID=0 - - KAFKA_CFG_PROCESS_ROLES=controller,broker - - KAFKA_CFG_CONTROLLER_QUORUM_VOTERS=0@kafka:9093 - # Listeners - - KAFKA_CFG_LISTENERS=PLAINTEXT://:9092,CONTROLLER://:9093 - - KAFKA_CFG_ADVERTISED_LISTENERS=PLAINTEXT://:9092 - - KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP=CONTROLLER:PLAINTEXT,PLAINTEXT:PLAINTEXT - - KAFKA_CFG_CONTROLLER_LISTENER_NAMES=CONTROLLER - - KAFKA_CFG_INTER_BROKER_LISTENER_NAME=PLAINTEXT -volumes: - kafka_data: - driver: local diff --git a/bitnami/kafka/3.2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/kafka/3.2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 6bf9b1d6b4d0..000000000000 --- a/bitnami/kafka/3.2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,26 +0,0 @@ -{ - "java": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "17.0.10-13-2" - }, - "kafka": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.2.3-15" - }, - "render-template": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.6-9" - }, - "wait-for-port": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.7-9" - } -} \ No newline at end of file diff --git a/bitnami/kafka/3.2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/kafka/3.2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/kafka/3.2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/kafka/3.2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/kafka/3.2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/kafka/3.2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/kafka/3.2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/kafka/3.2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/kafka/3.2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/kafka/3.2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/kafka/3.2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/kafka/3.2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/kafka/3.2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/kafka/3.2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/kafka/3.2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/kafka/3.2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/kafka/3.2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/kafka/3.2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/kafka/3.2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/kafka/3.2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/kafka/3.2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/kafka/3.2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/kafka/3.2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/kafka/3.2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/kafka/3.2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/kafka/3.2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/kafka/3.2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/kafka/3.2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/kafka/3.2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/kafka/3.2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/kafka/3.2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/kafka/3.2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/kafka/3.2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/kafka/3.2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/kafka/3.2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/kafka/3.2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/kafka/3.2/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/kafka/3.2/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/kafka/3.2/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/kafka/3.2/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/kafka/3.2/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/kafka/3.2/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/kafka/3.2/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh b/bitnami/kafka/3.2/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh deleted file mode 100755 index c3a1e2383fa1..000000000000 --- a/bitnami/kafka/3.2/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -print_welcome_page - -echo "" -exec "$@" diff --git a/bitnami/kafka/3.2/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh b/bitnami/kafka/3.2/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh deleted file mode 100755 index 52dbf4f13673..000000000000 --- a/bitnami/kafka/3.2/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh - -# -# Java post-unpack operations -# - -# Override default files in the Java security directory. This is used for -# custom base images (with custom CA certificates or block lists is used) - -if [[ -n "${JAVA_EXTRA_SECURITY_DIR:-}" ]] && ! is_dir_empty "$JAVA_EXTRA_SECURITY_DIR"; then - info "Adding custom CAs to the Java security folder" - cp -Lr "${JAVA_EXTRA_SECURITY_DIR}/." /opt/bitnami/java/lib/security -fi diff --git a/bitnami/kafka/3.2/debian-11/rootfs/opt/bitnami/scripts/kafka-env.sh b/bitnami/kafka/3.2/debian-11/rootfs/opt/bitnami/scripts/kafka-env.sh deleted file mode 100644 index 9f33fc07871a..000000000000 --- a/bitnami/kafka/3.2/debian-11/rootfs/opt/bitnami/scripts/kafka-env.sh +++ /dev/null @@ -1,117 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for kafka - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-kafka}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -kafka_env_vars=( - KAFKA_MOUNTED_CONF_DIR - KAFKA_INTER_BROKER_USER - KAFKA_INTER_BROKER_PASSWORD - KAFKA_CONTROLLER_USER - KAFKA_CONTROLLER_PASSWORD - KAFKA_CERTIFICATE_PASSWORD - KAFKA_TLS_TRUSTSTORE_FILE - KAFKA_TLS_TYPE - KAFKA_TLS_CLIENT_AUTH - KAFKA_OPTS - KAFKA_CFG_SASL_ENABLED_MECHANISMS - KAFKA_KRAFT_CLUSTER_ID - KAFKA_SKIP_KRAFT_STORAGE_INIT - KAFKA_CLIENT_LISTENER_NAME - KAFKA_ZOOKEEPER_PROTOCOL - KAFKA_ZOOKEEPER_PASSWORD - KAFKA_ZOOKEEPER_USER - KAFKA_ZOOKEEPER_TLS_KEYSTORE_PASSWORD - KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_PASSWORD - KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE - KAFKA_ZOOKEEPER_TLS_VERIFY_HOSTNAME - KAFKA_ZOOKEEPER_TLS_TYPE - KAFKA_CLIENT_USERS - KAFKA_CLIENT_PASSWORDS - KAFKA_HEAP_OPTS -) -for env_var in "${kafka_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset kafka_env_vars - -# Paths -export KAFKA_BASE_DIR="${BITNAMI_ROOT_DIR}/kafka" -export KAFKA_VOLUME_DIR="/bitnami/kafka" -export KAFKA_DATA_DIR="${KAFKA_VOLUME_DIR}/data" -export KAFKA_CONF_DIR="${KAFKA_BASE_DIR}/config" -export KAFKA_CONF_FILE="${KAFKA_CONF_DIR}/server.properties" -export KAFKA_MOUNTED_CONF_DIR="${KAFKA_MOUNTED_CONF_DIR:-${KAFKA_VOLUME_DIR}/config}" -export KAFKA_CERTS_DIR="${KAFKA_CONF_DIR}/certs" -export KAFKA_INITSCRIPTS_DIR="/docker-entrypoint-initdb.d" -export KAFKA_LOG_DIR="${KAFKA_BASE_DIR}/logs" -export KAFKA_HOME="$KAFKA_BASE_DIR" -export PATH="${KAFKA_BASE_DIR}/bin:${BITNAMI_ROOT_DIR}/java/bin:${PATH}" - -# System users (when running with a privileged user) -export KAFKA_DAEMON_USER="kafka" -export KAFKA_DAEMON_GROUP="kafka" - -# Kafka runtime settings -export KAFKA_INTER_BROKER_USER="${KAFKA_INTER_BROKER_USER:-user}" -export KAFKA_INTER_BROKER_PASSWORD="${KAFKA_INTER_BROKER_PASSWORD:-bitnami}" -export KAFKA_CONTROLLER_USER="${KAFKA_CONTROLLER_USER:-controller_user}" -export KAFKA_CONTROLLER_PASSWORD="${KAFKA_CONTROLLER_PASSWORD:-bitnami}" -export KAFKA_CERTIFICATE_PASSWORD="${KAFKA_CERTIFICATE_PASSWORD:-}" -export KAFKA_TLS_TRUSTSTORE_FILE="${KAFKA_TLS_TRUSTSTORE_FILE:-}" -export KAFKA_TLS_TYPE="${KAFKA_TLS_TYPE:-JKS}" -export KAFKA_TLS_CLIENT_AUTH="${KAFKA_TLS_CLIENT_AUTH:-required}" -export KAFKA_OPTS="${KAFKA_OPTS:-}" - -# Kafka configuration overrides -export KAFKA_CFG_SASL_ENABLED_MECHANISMS="${KAFKA_CFG_SASL_ENABLED_MECHANISMS:-PLAIN,SCRAM-SHA-256,SCRAM-SHA-512}" -export KAFKA_KRAFT_CLUSTER_ID="${KAFKA_KRAFT_CLUSTER_ID:-}" -export KAFKA_SKIP_KRAFT_STORAGE_INIT="${KAFKA_SKIP_KRAFT_STORAGE_INIT:-false}" -export KAFKA_CLIENT_LISTENER_NAME="${KAFKA_CLIENT_LISTENER_NAME:-}" - -# ZooKeeper connection settings -export KAFKA_ZOOKEEPER_PROTOCOL="${KAFKA_ZOOKEEPER_PROTOCOL:-PLAINTEXT}" -export KAFKA_ZOOKEEPER_PASSWORD="${KAFKA_ZOOKEEPER_PASSWORD:-}" -export KAFKA_ZOOKEEPER_USER="${KAFKA_ZOOKEEPER_USER:-}" -export KAFKA_ZOOKEEPER_TLS_KEYSTORE_PASSWORD="${KAFKA_ZOOKEEPER_TLS_KEYSTORE_PASSWORD:-}" -export KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_PASSWORD="${KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_PASSWORD:-}" -export KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE="${KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE:-}" -export KAFKA_ZOOKEEPER_TLS_VERIFY_HOSTNAME="${KAFKA_ZOOKEEPER_TLS_VERIFY_HOSTNAME:-true}" -export KAFKA_ZOOKEEPER_TLS_TYPE="${KAFKA_ZOOKEEPER_TLS_TYPE:-JKS}" - -# Authentication -export KAFKA_CLIENT_USERS="${KAFKA_CLIENT_USERS:-user}" -export KAFKA_CLIENT_PASSWORDS="${KAFKA_CLIENT_PASSWORDS:-bitnami}" - -# Java settings -export KAFKA_HEAP_OPTS="${KAFKA_HEAP_OPTS:--Xmx1024m -Xms1024m}" - -# Custom environment variables may be defined below diff --git a/bitnami/kafka/3.2/debian-11/rootfs/opt/bitnami/scripts/kafka/entrypoint.sh b/bitnami/kafka/3.2/debian-11/rootfs/opt/bitnami/scripts/kafka/entrypoint.sh deleted file mode 100755 index deafe6d4660a..000000000000 --- a/bitnami/kafka/3.2/debian-11/rootfs/opt/bitnami/scripts/kafka/entrypoint.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/libkafka.sh - -# Load Kafka environment variables -. /opt/bitnami/scripts/kafka-env.sh - -print_welcome_page - -if [[ "$*" = *"/opt/bitnami/scripts/kafka/run.sh"* || "$*" = *"/run.sh"* ]]; then - info "** Starting Kafka setup **" - /opt/bitnami/scripts/kafka/setup.sh - info "** Kafka setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/kafka/3.2/debian-11/rootfs/opt/bitnami/scripts/kafka/postunpack.sh b/bitnami/kafka/3.2/debian-11/rootfs/opt/bitnami/scripts/kafka/postunpack.sh deleted file mode 100755 index b6526959daf7..000000000000 --- a/bitnami/kafka/3.2/debian-11/rootfs/opt/bitnami/scripts/kafka/postunpack.sh +++ /dev/null @@ -1,46 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libkafka.sh -. /opt/bitnami/scripts/libfs.sh - -# Load Kafka environment variables -. /opt/bitnami/scripts/kafka-env.sh - -# Move server.properties from configtmp to config -# Temporary solution until kafka tarball places server.properties into config -if [[ -d "${KAFKA_BASE_DIR}/configtmp" ]]; then - mv "${KAFKA_BASE_DIR}/configtmp"/* "$KAFKA_CONF_DIR" - rmdir "${KAFKA_BASE_DIR}/configtmp" -fi -[[ -d "${KAFKA_BASE_DIR}/conf" ]] && rmdir "${KAFKA_BASE_DIR}/conf" - -# Ensure directories used by Kafka exist and have proper ownership and permissions -for dir in "$KAFKA_LOG_DIR" "$KAFKA_CONF_DIR" "$KAFKA_MOUNTED_CONF_DIR" "$KAFKA_VOLUME_DIR" "$KAFKA_DATA_DIR" "$KAFKA_INITSCRIPTS_DIR"; do - ensure_dir_exists "$dir" -done -chmod -R g+rwX "$KAFKA_BASE_DIR" "$KAFKA_VOLUME_DIR" "$KAFKA_DATA_DIR" "$KAFKA_INITSCRIPTS_DIR" - -# Move the original server.properties, so users can skip initialization logic by mounting their own server.properties directly instead of using the MOUNTED_CONF_DIR -mv "${KAFKA_CONF_DIR}/server.properties" "${KAFKA_CONF_DIR}/server.properties.original" - -# Disable logging to stdout and garbage collection -# Source: https://logging.apache.org/log4j/log4j-2.4/manual/appenders.html -replace_in_file "${KAFKA_BASE_DIR}/bin/kafka-server-start.sh" " [-]loggc" " " -replace_in_file "${KAFKA_CONF_DIR}/log4j.properties" "DailyRollingFileAppender" "ConsoleAppender" - -# Disable the default console logger in favour of KafkaAppender (which provides the exact output) -echo "log4j.appender.stdout.Threshold=OFF" >>"${KAFKA_CONF_DIR}/log4j.properties" - -# Remove invalid parameters for ConsoleAppender -remove_in_file "${KAFKA_CONF_DIR}/log4j.properties" "DatePattern" -remove_in_file "${KAFKA_CONF_DIR}/log4j.properties" "Appender.File" diff --git a/bitnami/kafka/3.2/debian-11/rootfs/opt/bitnami/scripts/kafka/run.sh b/bitnami/kafka/3.2/debian-11/rootfs/opt/bitnami/scripts/kafka/run.sh deleted file mode 100755 index a82f26867e70..000000000000 --- a/bitnami/kafka/3.2/debian-11/rootfs/opt/bitnami/scripts/kafka/run.sh +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libkafka.sh -. /opt/bitnami/scripts/libos.sh - -# Load Kafka environment variables -. /opt/bitnami/scripts/kafka-env.sh - -if [[ -f "${KAFKA_CONF_DIR}/kafka_jaas.conf" ]]; then - export KAFKA_OPTS="-Djava.security.auth.login.config=${KAFKA_CONF_DIR}/kafka_jaas.conf" -fi - -cmd="$KAFKA_HOME/bin/kafka-server-start.sh" -args=("$KAFKA_CONF_FILE") -! is_empty_value "${KAFKA_EXTRA_FLAGS:-}" && args=("${args[@]}" "${KAFKA_EXTRA_FLAGS[@]}") - -info "** Starting Kafka **" -if am_i_root; then - exec_as_user "$KAFKA_DAEMON_USER" "$cmd" "${args[@]}" "$@" -else - exec "$cmd" "${args[@]}" "$@" -fi diff --git a/bitnami/kafka/3.2/debian-11/rootfs/opt/bitnami/scripts/kafka/setup.sh b/bitnami/kafka/3.2/debian-11/rootfs/opt/bitnami/scripts/kafka/setup.sh deleted file mode 100755 index a1dcc1d2d162..000000000000 --- a/bitnami/kafka/3.2/debian-11/rootfs/opt/bitnami/scripts/kafka/setup.sh +++ /dev/null @@ -1,60 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libkafka.sh - -# Load Kafka environment variables -. /opt/bitnami/scripts/kafka-env.sh - -# Map Kafka environment variables -kafka_create_alias_environment_variables - -# Dinamically set node.id/broker.id/controller.quorum.voters if the _COMMAND environment variable is set -kafka_dynamic_environment_variables - -# Set the default tuststore locations before validation -kafka_configure_default_truststore_locations -# Ensure Kafka user and group exist when running as 'root' -am_i_root && ensure_user_exists "$KAFKA_DAEMON_USER" --group "$KAFKA_DAEMON_GROUP" -# Ensure directories used by Kafka exist and have proper ownership and permissions -for dir in "$KAFKA_LOG_DIR" "$KAFKA_CONF_DIR" "$KAFKA_MOUNTED_CONF_DIR" "$KAFKA_VOLUME_DIR" "$KAFKA_DATA_DIR"; do - if am_i_root; then - ensure_dir_exists "$dir" "$KAFKA_DAEMON_USER" "$KAFKA_DAEMON_GROUP" - else - ensure_dir_exists "$dir" - fi -done - -# Kafka validation, skipped if server.properties was mounted at either $KAFKA_MOUNTED_CONF_DIR or $KAFKA_CONF_DIR -[[ ! -f "${KAFKA_MOUNTED_CONF_DIR}/server.properties" && ! -f "$KAFKA_CONF_FILE" ]] && kafka_validate -# Kafka initialization, skipped if server.properties was mounted at $KAFKA_CONF_DIR -[[ ! -f "$KAFKA_CONF_FILE" ]] && kafka_initialize - -# Initialise KRaft metadata storage if process.roles configured -if grep -q "^process.roles=" "$KAFKA_CONF_FILE" && ! is_boolean_yes "$KAFKA_SKIP_KRAFT_STORAGE_INIT" ; then - kafka_kraft_storage_initialize -fi -# Configure Zookeeper SCRAM users -if is_boolean_yes "${KAFKA_ZOOKEEPER_BOOTSTRAP_SCRAM_USERS:-}"; then - kafka_zookeeper_create_sasl_scram_users -fi -# KRaft controllers may get stuck starting when the controller quorum voters are changed. -# Workaround: Remove quorum-state file when scaling up/down controllers (Waiting proposal KIP-853) -# https://cwiki.apache.org/confluence/display/KAFKA/KIP-853%3A+KRaft+Voter+Changes -if [[ -f "${KAFKA_DATA_DIR}/__cluster_metadata-0/quorum-state" ]] && grep -q "^controller.quorum.voters=" "$KAFKA_CONF_FILE" && kafka_kraft_quorum_voters_changed; then - warn "Detected inconsitences between controller.quorum.voters and quorum-state, removing it..." - rm -f "${KAFKA_DATA_DIR}/__cluster_metadata-0/quorum-state" -fi -# Ensure custom initialization scripts are executed -kafka_custom_init_scripts diff --git a/bitnami/kafka/3.2/debian-11/rootfs/opt/bitnami/scripts/libkafka.sh b/bitnami/kafka/3.2/debian-11/rootfs/opt/bitnami/scripts/libkafka.sh deleted file mode 100644 index 0efa81c4b873..000000000000 --- a/bitnami/kafka/3.2/debian-11/rootfs/opt/bitnami/scripts/libkafka.sh +++ /dev/null @@ -1,1175 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Kafka library - -# shellcheck disable=SC1090,SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libservice.sh - -# Functions - -######################## -# Set a configuration setting value to a file -# Globals: -# None -# Arguments: -# $1 - file -# $2 - key -# $3 - values (array) -# Returns: -# None -######################### -kafka_common_conf_set() { - local file="${1:?missing file}" - local key="${2:?missing key}" - shift - shift - local values=("$@") - - if [[ "${#values[@]}" -eq 0 ]]; then - stderr_print "missing value" - return 1 - elif [[ "${#values[@]}" -ne 1 ]]; then - for i in "${!values[@]}"; do - kafka_common_conf_set "$file" "${key[$i]}" "${values[$i]}" - done - else - value="${values[0]}" - # Check if the value was set before - if grep -q "^[#\\s]*$key\s*=.*" "$file"; then - # Update the existing key - replace_in_file "$file" "^[#\\s]*${key}\s*=.*" "${key}=${value}" false - else - # Add a new key - printf '\n%s=%s' "$key" "$value" >>"$file" - fi - fi -} - -######################## -# Returns true if at least one listener is configured using SSL -# Globals: -# KAFKA_CFG_LISTENERS -# KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP -# Arguments: -# None -# Returns: -# true/false -######################### -kafka_has_ssl_listener(){ - if ! is_empty_value "${KAFKA_CFG_LISTENERS:-}"; then - if is_empty_value "${KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP:-}"; then - if [[ "$KAFKA_CFG_LISTENERS" =~ SSL: || "$KAFKA_CFG_LISTENERS" =~ SASL_SSL: ]]; then - return - fi - else - read -r -a protocol_maps <<<"$(tr ',' ' ' <<<"$KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP")" - for protocol_map in "${protocol_maps[@]}"; do - read -r -a map <<<"$(tr ':' ' ' <<<"$protocol_map")" - # Obtain the listener and protocol from protocol map string, e.g. CONTROLLER:PLAINTEXT - listener="${map[0]}" - protocol="${map[1]}" - if [[ "$protocol" = "SSL" || "$protocol" = "SASL_SSL" ]]; then - if [[ "$KAFKA_CFG_LISTENERS" =~ $listener ]]; then - return - fi - fi - done - fi - fi - return 1 -} - -######################## -# Returns true if at least one listener is configured using SASL -# Globals: -# KAFKA_CFG_LISTENERS -# KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP -# Arguments: -# None -# Returns: -# true/false -######################### -kafka_has_sasl_listener(){ - if ! is_empty_value "${KAFKA_CFG_LISTENERS:-}"; then - if is_empty_value "${KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP:-}"; then - if [[ "$KAFKA_CFG_LISTENERS" =~ SASL_PLAINTEXT: ]] || [[ "$KAFKA_CFG_LISTENERS" =~ SASL_SSL: ]]; then - return - fi - else - read -r -a protocol_maps <<<"$(tr ',' ' ' <<<"$KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP")" - for protocol_map in "${protocol_maps[@]}"; do - read -r -a map <<<"$(tr ':' ' ' <<<"$protocol_map")" - # Obtain the listener and protocol from protocol map string, e.g. CONTROLLER:PLAINTEXT - listener="${map[0]}" - protocol="${map[1]}" - if [[ "$protocol" = "SASL_PLAINTEXT" || "$protocol" = "SASL_SSL" ]]; then - if [[ "$KAFKA_CFG_LISTENERS" =~ $listener ]]; then - return - fi - fi - done - fi - fi - return 1 -} - -######################## -# Returns true if at least one listener is configured using plaintext -# Globals: -# KAFKA_CFG_LISTENERS -# KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP -# Arguments: -# None -# Returns: -# true/false -######################### -kafka_has_plaintext_listener(){ - if ! is_empty_value "${KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP:-}"; then - read -r -a protocol_maps <<<"$(tr ',' ' ' <<<"$KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP")" - for protocol_map in "${protocol_maps[@]}"; do - read -r -a map <<<"$(tr ':' ' ' <<<"$protocol_map")" - # Obtain the listener and protocol from protocol map string, e.g. CONTROLLER:PLAINTEXT - listener="${map[0]}" - protocol="${map[1]}" - if [[ "$protocol" = "PLAINTEXT" ]]; then - if is_empty_value "${KAFKA_CFG_LISTENERS:-}" || [[ "$KAFKA_CFG_LISTENERS" =~ $listener ]]; then - return - fi - fi - done - else - if is_empty_value "${KAFKA_CFG_LISTENERS:-}" || [[ "$KAFKA_CFG_LISTENERS" =~ PLAINTEXT: ]]; then - return - fi - fi - return 1 -} - -######################## -# Backwards compatibility measure to configure the TLS truststore locations -# Globals: -# KAFKA_CONF_FILE -# Arguments: -# None -# Returns: -# None -######################### -kafka_configure_default_truststore_locations() { - # Backwards compatibility measure to allow custom truststore locations but at the same time not disrupt - # the UX that the previous version of the containers and the helm chart have. - # Context: The chart and containers by default assumed that the truststore location was KAFKA_CERTS_DIR/kafka.truststore.jks or KAFKA_MOUNTED_CONF_DIR/certs/kafka.truststore.jks. - # Because of this, we could not use custom certificates in different locations (use case: A custom base image that already has a truststore). Changing the logic to allow custom - # locations implied major changes in the current user experience (which only required to mount certificates at the assumed location). In order to maintain this compatibility we need - # use this logic that sets the KAFKA_TLS_*_FILE variables to the previously assumed locations in case it is not set - - # Kafka truststore - if kafka_has_ssl_listener && is_empty_value "${KAFKA_TLS_TRUSTSTORE_FILE:-}"; then - local kafka_truststore_filename="kafka.truststore.jks" - [[ "$KAFKA_TLS_TYPE" = "PEM" ]] && kafka_truststore_filename="kafka.truststore.pem" - if [[ -f "${KAFKA_CERTS_DIR}/${kafka_truststore_filename}" ]]; then - # Mounted in /opt/bitnami/kafka/conf/certs - export KAFKA_TLS_TRUSTSTORE_FILE="${KAFKA_CERTS_DIR}/${kafka_truststore_filename}" - else - # Mounted in /bitnami/kafka/conf/certs - export KAFKA_TLS_TRUSTSTORE_FILE="${KAFKA_MOUNTED_CONF_DIR}/certs/${kafka_truststore_filename}" - fi - fi - # Zookeeper truststore - if [[ "${KAFKA_ZOOKEEPER_PROTOCOL:-}" =~ SSL ]] && is_empty_value "${KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE:-}"; then - local zk_truststore_filename="zookeeper.truststore.jks" - [[ "$KAFKA_ZOOKEEPER_TLS_TYPE" = "PEM" ]] && zk_truststore_filename="zookeeper.truststore.pem" - if [[ -f "${KAFKA_CERTS_DIR}/${zk_truststore_filename}" ]]; then - # Mounted in /opt/bitnami/kafka/conf/certs - export KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE="${KAFKA_CERTS_DIR}/${zk_truststore_filename}" - else - # Mounted in /bitnami/kafka/conf/certs - export KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE="${KAFKA_MOUNTED_CONF_DIR}/certs/${zk_truststore_filename}" - fi - fi -} - -######################## -# Set a configuration setting value to server.properties -# Globals: -# KAFKA_CONF_FILE -# Arguments: -# $1 - key -# $2 - values (array) -# Returns: -# None -######################### -kafka_server_conf_set() { - kafka_common_conf_set "$KAFKA_CONF_FILE" "$@" -} - -######################## -# Set a configuration setting value to producer.properties and consumer.properties -# Globals: -# KAFKA_CONF_DIR -# Arguments: -# $1 - key -# $2 - values (array) -# Returns: -# None -######################### -kafka_producer_consumer_conf_set() { - kafka_common_conf_set "$KAFKA_CONF_DIR/producer.properties" "$@" - kafka_common_conf_set "$KAFKA_CONF_DIR/consumer.properties" "$@" -} - -######################## -# Create alias for environment variable, so both can be used -# Globals: -# None -# Arguments: -# $1 - Alias environment variable name -# $2 - Original environment variable name -# Returns: -# None -######################### -kafka_declare_alias_env() { - local -r alias="${1:?missing environment variable alias}" - local -r original="${2:?missing original environment variable}" - if printenv "${original}" >/dev/null; then - export "$alias"="${!original:-}" - fi -} - -######################## -# Map Kafka legacy environment variables to the new names -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_create_alias_environment_variables() { - suffixes=( - "ADVERTISED_LISTENERS" - "BROKER_ID" - "NODE_ID" - "CONTROLLER_QUORUM_VOTERS" - "PROCESS_ROLES" - "DEFAULT_REPLICATION_FACTOR" - "DELETE_TOPIC_ENABLE" - "INTER_BROKER_LISTENER_NAME" - "LISTENERS" - "LISTENER_SECURITY_PROTOCOL_MAP" - "LOG_DIRS" - "LOG_FLUSH_INTERVAL_MESSAGES" - "LOG_FLUSH_INTERVAL_MS" - "LOG_MESSAGE_FORMAT_VERSION" - "LOG_RETENTION_BYTES" - "LOG_RETENTION_CHECK_INTERVALS_MS" - "LOG_RETENTION_HOURS" - "LOG_SEGMENT_BYTES" - "MESSAGE_MAX_BYTES" - "NUM_IO_THREADS" - "NUM_NETWORK_THREADS" - "NUM_PARTITIONS" - "NUM_RECOVERY_THREADS_PER_DATA_DIR" - "OFFSETS_TOPIC_REPLICATION_FACTOR" - "SOCKET_RECEIVE_BUFFER_BYTES" - "SOCKET_REQUEST_MAX_BYTES" - "SOCKET_SEND_BUFFER_BYTES" - "SSL_ENDPOINT_IDENTIFICATION_ALGORITHM" - "TRANSACTION_STATE_LOG_MIN_ISR" - "TRANSACTION_STATE_LOG_REPLICATION_FACTOR" - "ZOOKEEPER_CONNECT" - "ZOOKEEPER_CONNECTION_TIMEOUT_MS" - ) - kafka_declare_alias_env "KAFKA_CFG_LOG_DIRS" "KAFKA_LOGS_DIRS" - kafka_declare_alias_env "KAFKA_CFG_LOG_SEGMENT_BYTES" "KAFKA_SEGMENT_BYTES" - kafka_declare_alias_env "KAFKA_CFG_MESSAGE_MAX_BYTES" "KAFKA_MAX_MESSAGE_BYTES" - kafka_declare_alias_env "KAFKA_CFG_ZOOKEEPER_CONNECTION_TIMEOUT_MS" "KAFKA_ZOOKEEPER_CONNECT_TIMEOUT_MS" - kafka_declare_alias_env "KAFKA_CFG_AUTO_CREATE_TOPICS_ENABLE" "KAFKA_AUTO_CREATE_TOPICS_ENABLE" - kafka_declare_alias_env "KAFKA_CLIENT_USERS" "KAFKA_BROKER_USER" - kafka_declare_alias_env "KAFKA_CLIENT_PASSWORDS" "KAFKA_BROKER_PASSWORD" - kafka_declare_alias_env "KAFKA_CLIENT_LISTENER_NAME" "KAFKA_CLIENT_LISTENER" - for s in "${suffixes[@]}"; do - kafka_declare_alias_env "KAFKA_CFG_${s}" "KAFKA_${s}" - done -} - -######################## -# Validate settings in KAFKA_* env vars -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_validate() { - debug "Validating settings in KAFKA_* env vars..." - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - check_multi_value() { - if [[ " ${2} " != *" ${!1} "* ]]; then - print_validation_error "The allowed values for ${1} are: ${2}" - fi - } - # If process.roles configured, check its values are valid and perform additional checks for each - check_kraft_process_roles() { - read -r -a roles_list <<<"$(tr ',;' ' ' <<<"$KAFKA_CFG_PROCESS_ROLES")" - for role in "${roles_list[@]}"; do - case "$role" in - broker) ;; - controller) - if is_empty_value "${KAFKA_CFG_CONTROLLER_LISTENER_NAMES:-}"; then - print_validation_error "Role 'controller' enabled but environment variable KAFKA_CFG_CONTROLLER_LISTENER_NAMES was not provided." - fi - if is_empty_value "${KAFKA_CFG_LISTENERS:-}" || [[ ! "$KAFKA_CFG_LISTENERS" =~ ${KAFKA_CFG_CONTROLLER_LISTENER_NAMES} ]]; then - print_validation_error "Role 'controller' enabled but listener ${KAFKA_CFG_CONTROLLER_LISTENER_NAMES} not found in KAFKA_CFG_LISTENERS." - fi - ;; - *) - print_validation_error "Invalid KRaft process role '$role'. Supported roles are 'broker,controller'" - ;; - esac - done - } - # Check all listeners are using a unique and valid port - check_listener_ports(){ - check_allowed_port() { - local port="${1:?missing port variable}" - local -a validate_port_args=() - ! am_i_root && validate_port_args+=("-unprivileged") - validate_port_args+=("$port") - if ! err=$(validate_port "${validate_port_args[@]}"); then - print_validation_error "An invalid port ${port} was specified in the environment variable KAFKA_CFG_LISTENERS: ${err}." - fi - } - - read -r -a listeners <<<"$(tr ',' ' ' <<<"${KAFKA_CFG_LISTENERS:-}")" - local -a ports=() - for listener in "${listeners[@]}"; do - read -r -a arr <<<"$(tr ':' ' ' <<<"$listener")" - # Obtain the port from listener string, e.g. PLAINTEXT://:9092 - port="${arr[2]}" - check_allowed_port "$port" - ports+=("$port") - done - # Check each listener is using an unique port - local -a unique_ports=() - read -r -a unique_ports <<< "$(echo "${ports[@]}" | tr ' ' '\n' | sort -u | tr '\n' ' ')" - if [[ "${#ports[@]}" != "${#unique_ports[@]}" ]]; then - print_validation_error "There are listeners bound to the same port" - fi - } - check_listener_protocols(){ - local -r allowed_protocols=("PLAINTEXT" "SASL_PLAINTEXT" "SASL_SSL" "SSL") - read -r -a protocol_maps <<<"$(tr ',' ' ' <<<"$KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP")" - for protocol_map in "${protocol_maps[@]}"; do - read -r -a map <<<"$(tr ':' ' ' <<<"$protocol_map")" - # Obtain the listener and protocol from protocol map string, e.g. CONTROLLER:PLAINTEXT - listener="${map[0]}" - protocol="${map[1]}" - # Check protocol in allowed list - if [[ ! "${allowed_protocols[*]}" =~ $protocol ]]; then - print_validation_error "Authentication protocol ${protocol} is not supported!" - fi - # If inter-broker listener configured with SASL, ensure KAFKA_CFG_SASL_MECHANISM_INTER_BROKER_PROTOCOL is set - if [[ "$listener" = "${KAFKA_CFG_INTER_BROKER_LISTENER_NAME:-INTERNAL}" ]]; then - if [[ "$protocol" = "SASL_PLAINTEXT" ]] || [[ "$protocol" = "SASL_SSL" ]]; then - if is_empty_value "${KAFKA_CFG_SASL_MECHANISM_INTER_BROKER_PROTOCOL:-}"; then - print_validation_error "When using SASL for inter broker comunication the mechanism should be provided using KAFKA_CFG_SASL_MECHANISM_INTER_BROKER_PROTOCOL" - fi - if is_empty_value "${KAFKA_INTER_BROKER_USER:-}" || is_empty_value "${KAFKA_INTER_BROKER_PASSWORD:-}"; then - print_validation_error "In order to configure SASL authentication for Kafka inter-broker communications, you must provide the SASL credentials. Set the environment variables KAFKA_INTER_BROKER_USER and KAFKA_INTER_BROKER_PASSWORD to configure the credentials for SASL authentication with between brokers." - fi - fi - # If controller listener configured with SASL, ensure KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL is set - elif [[ "${KAFKA_CFG_CONTROLLER_LISTENER_NAMES:-CONTROLLER}" =~ $listener ]]; then - if [[ "$protocol" = "SASL_PLAINTEXT" ]] || [[ "$protocol" = "SASL_SSL" ]]; then - if is_empty_value "${KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL:-}"; then - print_validation_error "When using SASL for controller comunication the mechanism should be provided at KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL" - elif [[ "$KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL" =~ SCRAM ]]; then - warn "KRaft controller listener may not support SCRAM-SHA-256/SCRAM-SHA-512 mechanisms. If facing any issues, we recommend switching to PLAIN mechanism. More information at: https://issues.apache.org/jira/browse/KAFKA-15513" - fi - if is_empty_value "${KAFKA_CONTROLLER_USER:-}" || is_empty_value "${KAFKA_CONTROLLER_PASSWORD:-}"; then - print_validation_error "In order to configure SASL authentication for Kafka control plane communications, you must provide the SASL credentials. Set the environment variables KAFKA_CONTROLLER_USER and KAFKA_CONTROLLER_PASSWORD to configure the credentials for SASL authentication with between controllers." - fi - fi - else - if [[ "$protocol" = "SASL_PLAINTEXT" ]] || [[ "$protocol" = "SASL_SSL" ]]; then - if is_empty_value "${KAFKA_CLIENT_USERS:-}" || is_empty_value "${KAFKA_CLIENT_PASSWORDS:-}"; then - print_validation_error "In order to configure SASL authentication for Kafka, you must provide the SASL credentials. Set the environment variables KAFKA_CLIENT_USERS and KAFKA_CLIENT_PASSWORDS to configure the credentials for SASL authentication with clients." - fi - fi - - fi - done - } - - if is_empty_value "${KAFKA_CFG_PROCESS_ROLES:-}" && is_empty_value "${KAFKA_CFG_ZOOKEEPER_CONNECT:-}"; then - print_validation_error "Kafka haven't been configured to work in either Raft or Zookeper mode. Please make sure at least one of the modes is configured." - fi - # Check KRaft mode - if ! is_empty_value "${KAFKA_CFG_PROCESS_ROLES:-}"; then - # Raft - if [[ "$(kafka_get_version)" =~ ^3\.2\. ]]; then - warn "KRaft mode is not production-ready in Kafka 3.2, for production environments, we recommend upgrading " - fi - # Only allow Zookeeper configuration if migration mode is enabled - if ! is_empty_value "${KAFKA_CFG_ZOOKEEPER_CONNECT:-}" && - { is_empty_value "${KAFKA_CFG_ZOOKEEPER_METADATA_MIGRATION_ENABLE:-}" || ! is_boolean_yes "$KAFKA_CFG_ZOOKEEPER_METADATA_MIGRATION_ENABLE"; }; then - print_validation_error "Both KRaft mode and Zookeeper modes are configured, but KAFKA_CFG_ZOOKEEPER_METADATA_MIGRATION_ENABLE is not enabled" - fi - if is_empty_value "${KAFKA_CFG_NODE_ID:-}"; then - print_validation_error "KRaft mode requires an unique node.id, please set the environment variable KAFKA_CFG_NODE_ID" - fi - if is_empty_value "${KAFKA_CFG_CONTROLLER_QUORUM_VOTERS:-}"; then - print_validation_error "KRaft mode requires KAFKA_CFG_CONTROLLER_QUORUM_VOTERS to be set" - fi - check_kraft_process_roles - fi - # Check Zookeeper mode - if ! is_empty_value "${KAFKA_CFG_ZOOKEEPER_CONNECT:-}"; then - # If SSL/SASL_SSL protocol configured, check certificates are provided - if [[ "$KAFKA_ZOOKEEPER_PROTOCOL" =~ SSL ]]; then - if [[ "$KAFKA_ZOOKEEPER_TLS_TYPE" = "JKS" ]]; then - # Fail if truststore is not provided - if [[ ! -f "$KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE" ]]; then - print_validation_error "In order to configure the TLS encryption for Zookeeper with JKS certs you must mount your zookeeper.truststore.jks cert to the ${KAFKA_MOUNTED_CONF_DIR}/certs directory." - fi - # Warn if keystore is not provided, only required if Zookeper mTLS is enabled (ZOO_TLS_CLIENT_AUTH) - if [[ ! -f "${KAFKA_CERTS_DIR}/zookeeper.keystore.jks" ]] && [[ ! -f "${KAFKA_MOUNTED_CONF_DIR}/certs/zookeeper.keystore.jks" ]]; then - warn "In order to configure the mTLS for Zookeeper with JKS certs you must mount your zookeeper.keystore.jks cert to the ${KAFKA_MOUNTED_CONF_DIR}/certs directory." - fi - elif [[ "$KAFKA_ZOOKEEPER_TLS_TYPE" = "PEM" ]]; then - # Fail if CA / validation cert is not provided - if [[ ! -f "$KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE" ]]; then - print_validation_error "In order to configure the TLS encryption for Zookeeper with PEM certs you must mount your zookeeper.truststore.pem cert to the ${KAFKA_MOUNTED_CONF_DIR}/certs directory." - fi - # Warn if node key or cert are not provided, only required if Zookeper mTLS is enabled (ZOO_TLS_CLIENT_AUTH) - if { [[ ! -f "${KAFKA_CERTS_DIR}/zookeeper.keystore.pem" ]] || [[ ! -f "${KAFKA_CERTS_DIR}/zookeeper.keystore.key" ]]; } && - { [[ ! -f "${KAFKA_MOUNTED_CONF_DIR}/certs/zookeeper.keystore.pem" ]] || [[ ! -f "${KAFKA_MOUNTED_CONF_DIR}/certs/zookeeper.keystore.key" ]]; }; then - warn "In order to configure the mTLS for Zookeeper with PEM certs you must mount your zookeeper.keystore.pem cert and zookeeper.keystore.key key to the ${KAFKA_MOUNTED_CONF_DIR}/certs directory." - fi - fi - fi - # If SASL/SASL_SSL protocol configured, check certificates are provided - if [[ "$KAFKA_ZOOKEEPER_PROTOCOL" =~ SASL ]]; then - if is_empty_value "${KAFKA_ZOOKEEPER_USER:-}" || is_empty_value "${KAFKA_ZOOKEEPER_PASSWORD:-}"; then - print_validation_error "In order to configure SASL authentication for Kafka, you must provide the SASL credentials. Set the environment variables KAFKA_ZOOKEEPER_USER and KAFKA_ZOOKEEPER_PASSWORD, to configure the credentials for SASL authentication with Zookeeper." - fi - fi - # If using plaintext protocol, check it is explicitly allowed - if [[ "$KAFKA_ZOOKEEPER_PROTOCOL" = "PLAINTEXT" ]]; then - warn "The KAFKA_ZOOKEEPER_PROTOCOL environment variable does not configure SASL and/or SSL, this setting is not recommended for production environments." - fi - fi - # Check listener ports are unique and allowed - check_listener_ports - # Check listeners are mapped to a valid security protocol - check_listener_protocols - # Warn users if plaintext listeners are configured - if kafka_has_plaintext_listener; then - warn "Kafka has been configured with a PLAINTEXT listener, this setting is not recommended for production environments." - fi - # If SSL/SASL_SSL listeners configured, check certificates are provided - if kafka_has_ssl_listener; then - if [[ "$KAFKA_TLS_TYPE" = "JKS" ]] && - { [[ ! -f "${KAFKA_CERTS_DIR}/kafka.keystore.jks" ]] || [[ ! -f "$KAFKA_TLS_TRUSTSTORE_FILE" ]]; } && - { [[ ! -f "${KAFKA_MOUNTED_CONF_DIR}/certs/kafka.keystore.jks" ]] || [[ ! -f "$KAFKA_TLS_TRUSTSTORE_FILE" ]]; }; then - print_validation_error "In order to configure the TLS encryption for Kafka with JKS certs you must mount your kafka.keystore.jks and kafka.truststore.jks certs to the ${KAFKA_MOUNTED_CONF_DIR}/certs directory." - elif [[ "$KAFKA_TLS_TYPE" = "PEM" ]] && - { [[ ! -f "${KAFKA_CERTS_DIR}/kafka.keystore.pem" ]] || [[ ! -f "${KAFKA_CERTS_DIR}/kafka.keystore.key" ]] || [[ ! -f "$KAFKA_TLS_TRUSTSTORE_FILE" ]]; } && - { [[ ! -f "${KAFKA_MOUNTED_CONF_DIR}/certs/kafka.keystore.pem" ]] || [[ ! -f "${KAFKA_MOUNTED_CONF_DIR}/certs/kafka.keystore.key" ]] || [[ ! -f "$KAFKA_TLS_TRUSTSTORE_FILE" ]]; }; then - print_validation_error "In order to configure the TLS encryption for Kafka with PEM certs you must mount your kafka.keystore.pem, kafka.keystore.key and kafka.truststore.pem certs to the ${KAFKA_MOUNTED_CONF_DIR}/certs directory." - fi - fi - # If SASL/SASL_SSL listeners configured, check passwords are provided - if kafka_has_sasl_listener; then - if is_empty_value "${KAFKA_CFG_SASL_ENABLED_MECHANISMS:-}"; then - print_validation_error "Specified SASL protocol but no SASL mechanisms provided in KAFKA_CFG_SASL_ENABLED_MECHANISMS" - fi - fi - # Check users and passwords lists are the same size - read -r -a users <<<"$(tr ',;' ' ' <<<"${KAFKA_CLIENT_USERS:-}")" - read -r -a passwords <<<"$(tr ',;' ' ' <<<"${KAFKA_CLIENT_PASSWORDS:-}")" - if [[ "${#users[@]}" -ne "${#passwords[@]}" ]]; then - print_validation_error "Specify the same number of passwords on KAFKA_CLIENT_PASSWORDS as the number of users on KAFKA_CLIENT_USERS!" - fi - check_multi_value "KAFKA_TLS_TYPE" "JKS PEM" - check_multi_value "KAFKA_ZOOKEEPER_TLS_TYPE" "JKS PEM" - check_multi_value "KAFKA_ZOOKEEPER_PROTOCOL" "PLAINTEXT SASL SSL SASL_SSL" - check_multi_value "KAFKA_TLS_CLIENT_AUTH" "none requested required" - [[ "$error_code" -eq 0 ]] || return "$error_code" -} - -######################## -# Get kafka version -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# version -######################### -kafka_get_version() { - local -a cmd=("kafka-topics.sh" "--version") - am_i_root && cmd=("run_as_user" "$KAFKA_DAEMON_USER" "${cmd[@]}") - - read -r -a ver_split <<< "$("${cmd[@]}")" - echo "${ver_split[0]}" -} - -######################### -# Configure JAAS for a given listener and SASL mechanisms -# Globals: -# KAFKA_* -# Arguments: -# $1 - Name of the listener JAAS will be configured for -# $2 - Comma-separated list of SASL mechanisms to configure -# $3 - Comma-separated list of usernames -# $4 - Comma-separated list of passwords -# Returns: -# None -######################### -kafka_configure_server_jaas() { - local listener="${1:?missing listener name}" - local role="${2:-}" - - if [[ "$role" = "controller" ]]; then - local jaas_content=() - if [[ "$KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL" = "PLAIN" ]]; then - jaas_content=( - "org.apache.kafka.common.security.plain.PlainLoginModule required" - "username=\"${KAFKA_CONTROLLER_USER}\"" - "password=\"${KAFKA_CONTROLLER_PASSWORD}\"" - "user_${KAFKA_CONTROLLER_USER}=\"${KAFKA_CONTROLLER_PASSWORD}\";" - ) - elif [[ "$KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL" =~ SCRAM ]]; then - jaas_content=( - "org.apache.kafka.common.security.scram.ScramLoginModule required" - "username=\"${KAFKA_CONTROLLER_USER}\"" - "password=\"${KAFKA_CONTROLLER_PASSWORD}\";" - ) - fi - listener_lower="$(echo "$listener" | tr '[:upper:]' '[:lower:]')" - sasl_mechanism_lower="$(echo "$KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL" | tr '[:upper:]' '[:lower:]')" - kafka_server_conf_set "listener.name.${listener_lower}.${sasl_mechanism_lower}.sasl.jaas.config" "${jaas_content[*]}" - else - read -r -a sasl_mechanisms_arr <<<"$(tr ',' ' ' <<<"$KAFKA_CFG_SASL_ENABLED_MECHANISMS")" - read -r -a users <<<"$(tr ',;' ' ' <<<"$KAFKA_CLIENT_USERS")" - read -r -a passwords <<<"$(tr ',;' ' ' <<<"$KAFKA_CLIENT_PASSWORDS")" - # Configure JAAS for each SASL mechanism - # ref: https://docs.confluent.io/platform/current/kafka/authentication_sasl/index.html - for sasl_mechanism in "${sasl_mechanisms_arr[@]}"; do - local jaas_content=() - # For PLAIN mechanism, only the first username will be used - if [[ "$sasl_mechanism" = "PLAIN" ]]; then - jaas_content=("org.apache.kafka.common.security.plain.PlainLoginModule required") - if [[ "$role" = "inter-broker" ]]; then - jaas_content+=( - "username=\"${KAFKA_INTER_BROKER_USER}\"" - "password=\"${KAFKA_INTER_BROKER_PASSWORD}\"" - ) - users+=("$KAFKA_INTER_BROKER_USER") - passwords+=("$KAFKA_INTER_BROKER_PASSWORD") - fi - for ((i = 0; i < ${#users[@]}; i++)); do - jaas_content+=("user_${users[i]}=\"${passwords[i]}\"") - done - # Add semi-colon to the last element of the array - jaas_content[${#jaas_content[@]} - 1]="${jaas_content[${#jaas_content[@]} - 1]};" - elif [[ "$sasl_mechanism" =~ SCRAM ]]; then - if [[ "$role" = "inter-broker" ]]; then - jaas_content=( - "org.apache.kafka.common.security.scram.ScramLoginModule required" - "username=\"${KAFKA_INTER_BROKER_USER}\"" - "password=\"${KAFKA_INTER_BROKER_PASSWORD}\";" - ) - else - jaas_content=("org.apache.kafka.common.security.scram.ScramLoginModule required;") - fi - fi - listener_lower="$(echo "$listener" | tr '[:upper:]' '[:lower:]')" - sasl_mechanism_lower="$(echo "$sasl_mechanism" | tr '[:upper:]' '[:lower:]')" - kafka_server_conf_set "listener.name.${listener_lower}.${sasl_mechanism_lower}.sasl.jaas.config" "${jaas_content[*]}" - done - fi -} - -######################## -# Configure Zookeeper JAAS authentication -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_zookeeper_configure_jaas(){ - local jaas_content=( - "org.apache.kafka.common.security.plain.PlainLoginModule required" - "username=\"${KAFKA_ZOOKEEPER_USER}\"" - "password=\"${KAFKA_ZOOKEEPER_PASSWORD}\";" - ) - - kafka_server_conf_set "sasl.jaas.config" "${jaas_content[*]}" -} - -######################## -# Generate JAAS authentication file for local producer/consumer to use -# Globals: -# KAFKA_* -# Arguments: -# $1 - Authentication protocol to use for the internal listener -# $2 - Authentication protocol to use for the client listener -# Returns: -# None -######################### -kafka_configure_consumer_producer_jaas(){ - local jaas_content=() - read -r -a users <<<"$(tr ',;' ' ' <<<"${KAFKA_CLIENT_USERS}")" - read -r -a passwords <<<"$(tr ',;' ' ' <<<"${KAFKA_CLIENT_PASSWORDS}")" - - if [[ "${KAFKA_CFG_SASL_ENABLED_MECHANISMS}" =~ SCRAM ]]; then - jaas_content=("org.apache.kafka.common.security.scram.ScramLoginModule required") - elif [[ "${KAFKA_CFG_SASL_ENABLED_MECHANISMS}" =~ PLAIN ]]; then - jaas_content=("org.apache.kafka.common.security.plain.PlainLoginModule required") - else - error "Couldn't configure a supported SASL mechanism for Kafka consumer/producer properties" - exit 1 - fi - - jaas_content+=( - "username=\"${users[0]}\"" - "password=\"${passwords[0]}\";" - ) - - kafka_producer_consumer_conf_set "sasl.jaas.config" "${jaas_content[*]}" -} - -######################## -# Create users in zookeper when using SASL/SCRAM mechanism -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_zookeeper_create_sasl_scram_users() { - info "Creating users in Zookeeper" - read -r -a users <<<"$(tr ',;' ' ' <<<"${KAFKA_CLIENT_USERS}")" - read -r -a passwords <<<"$(tr ',;' ' ' <<<"${KAFKA_CLIENT_PASSWORDS}")" - local zookeeper_connect - zookeeper_connect=$(grep "^zookeeper.connect=" "$KAFKA_CONF_FILE" | sed -E 's/^zookeeper\.connect=(\S+)$/\1/') - read -r -a zookeeper_hosts <<<"$(tr ',;' ' ' <<<"${zookeeper_connect}")" - - if [[ "${#zookeeper_hosts[@]}" -eq 0 ]]; then - error "Couldn't obtain zookeeper.connect from $KAFKA_CONF_FILE" - exit 1 - fi - # Wait for Zookeeper to be reachable - read -r -a aux <<<"$(tr ':' ' ' <<<"${zookeeper_hosts[0]}")" - local host="${aux[0]:?missing host}" - local port="${aux[1]:-2181}" - wait-for-port --host "$host" "$port" - - # Add interbroker credentials - if grep -Eq "^sasl.mechanism.inter.broker.protocol=SCRAM" "$KAFKA_CONF_FILE"; then - users+=("${KAFKA_INTER_BROKER_USER}") - passwords+=("${KAFKA_INTER_BROKER_PASSWORD}") - fi - for ((i = 0; i < ${#users[@]}; i++)); do - debug "Creating user ${users[i]} in zookeeper" - # Ref: https://docs.confluent.io/current/kafka/authentication_sasl/authentication_sasl_scram.html#sasl-scram-overview - debug_execute kafka-configs.sh --zookeeper "$zookeeper_connect" --alter --add-config "SCRAM-SHA-256=[iterations=8192,password=${passwords[i]}],SCRAM-SHA-512=[password=${passwords[i]}]" --entity-type users --entity-name "${users[i]}" - done -} - -######################## -# Configure Kafka SSL settings -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_configure_ssl() { - # Configures both Kafka server and producers/consumers - configure_both() { - kafka_server_conf_set "${1:?missing key}" "${2:?missing value}" - kafka_producer_consumer_conf_set "${1:?missing key}" "${2:?missing value}" - } - kafka_server_conf_set "ssl.client.auth" "${KAFKA_TLS_CLIENT_AUTH}" - configure_both ssl.keystore.type "${KAFKA_TLS_TYPE}" - configure_both ssl.truststore.type "${KAFKA_TLS_TYPE}" - local -r kafka_truststore_location="${KAFKA_CERTS_DIR}/$(basename "${KAFKA_TLS_TRUSTSTORE_FILE}")" - ! is_empty_value "${KAFKA_CERTIFICATE_PASSWORD:-}" && configure_both ssl.key.password "$KAFKA_CERTIFICATE_PASSWORD" - if [[ "$KAFKA_TLS_TYPE" = "PEM" ]]; then - file_to_multiline_property() { - awk 'NR > 1{print line"\\n\\"}{line=$0;}END{print $0" "}' <"${1:?missing file}" - } - remove_previous_cert_value() { - local key="${1:?missing key}" - files=( - "${KAFKA_CONF_FILE}" - "${KAFKA_CONF_DIR}/producer.properties" - "${KAFKA_CONF_DIR}/consumer.properties" - ) - for file in "${files[@]}"; do - if grep -q "^[#\\s]*$key\s*=.*" "$file"; then - # Delete all lines from the certificate beginning to its end - sed -i "/^[#\\s]*$key\s*=.*-----BEGIN/,/-----END/d" "$file" - fi - done - } - # We need to remove the previous cert value - # kafka_common_conf_set uses replace_in_file, which can't match multiple lines - remove_previous_cert_value ssl.keystore.key - remove_previous_cert_value ssl.keystore.certificate.chain - remove_previous_cert_value ssl.truststore.certificates - configure_both ssl.keystore.key "$(file_to_multiline_property "${KAFKA_CERTS_DIR}/kafka.keystore.key")" - configure_both ssl.keystore.certificate.chain "$(file_to_multiline_property "${KAFKA_CERTS_DIR}/kafka.keystore.pem")" - configure_both ssl.truststore.certificates "$(file_to_multiline_property "${kafka_truststore_location}")" - elif [[ "$KAFKA_TLS_TYPE" = "JKS" ]]; then - configure_both ssl.keystore.location "$KAFKA_CERTS_DIR"/kafka.keystore.jks - configure_both ssl.truststore.location "$kafka_truststore_location" - ! is_empty_value "${KAFKA_CERTIFICATE_PASSWORD:-}" && configure_both ssl.keystore.password "$KAFKA_CERTIFICATE_PASSWORD" - ! is_empty_value "${KAFKA_CERTIFICATE_PASSWORD:-}" && configure_both ssl.truststore.password "$KAFKA_CERTIFICATE_PASSWORD" - fi - true # Avoid the function to fail due to the check above -} - -######################## -# Get Zookeeper TLS settings -# Globals: -# KAFKA_ZOOKEEPER_TLS_* -# Arguments: -# None -# Returns: -# String -######################### -kafka_zookeeper_configure_tls() { - # Note that ZooKeeper does not support a key password different from the keystore password, - # so be sure to set the key password in the keystore to be identical to the keystore password; - # otherwise the connection attempt to Zookeeper will fail. - local keystore_location="" - local -r kafka_zk_truststore_location="${KAFKA_CERTS_DIR}/$(basename "${KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE}")" - - if [[ "$KAFKA_ZOOKEEPER_TLS_TYPE" = "JKS" ]] && [[ -f "${KAFKA_CERTS_DIR}/zookeeper.keystore.jks" ]]; then - keystore_location="${KAFKA_CERTS_DIR}/zookeeper.keystore.jks" - elif [[ "$KAFKA_ZOOKEEPER_TLS_TYPE" = "PEM" ]] && [[ -f "${KAFKA_CERTS_DIR}/zookeeper.keystore.pem" ]] && [[ -f "${KAFKA_CERTS_DIR}/zookeeper.keystore.key" ]]; then - # Concatenating private key into public certificate file - # This is needed to load keystore from location using PEM - keystore_location="${KAFKA_CERTS_DIR}/zookeeper.keypair.pem" - cat "${KAFKA_CERTS_DIR}/zookeeper.keystore.pem" "${KAFKA_CERTS_DIR}/zookeeper.keystore.key" > "$keystore_location" - fi - - kafka_server_conf_set "zookeeper.clientCnxnSocket" "org.apache.zookeeper.ClientCnxnSocketNetty" - kafka_server_conf_set "zookeeper.ssl.client.enable" "true" - is_boolean_yes "${KAFKA_ZOOKEEPER_TLS_VERIFY_HOSTNAME:-}" && kafka_server_conf_set "zookeeper.ssl.endpoint.identification.algorithm" "HTTPS" - ! is_empty_value "${keystore_location:-}" && kafka_server_conf_set "zookeeper.ssl.keystore.location" "${keystore_location}" - ! is_empty_value "${KAFKA_ZOOKEEPER_TLS_KEYSTORE_PASSWORD:-}" && kafka_server_conf_set "zookeeper.ssl.keystore.password" "${KAFKA_ZOOKEEPER_TLS_KEYSTORE_PASSWORD}" - ! is_empty_value "${kafka_zk_truststore_location:-}" && kafka_server_conf_set "zookeeper.ssl.truststore.location" "${kafka_zk_truststore_location}" - ! is_empty_value "${KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_PASSWORD:-}" && kafka_server_conf_set "zookeeper.ssl.truststore.password" "${KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_PASSWORD}" - true # Avoid the function to fail due to the check above -} - -######################## -# Configure Kafka configuration files from environment variables -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_configure_from_environment_variables() { - # List of special cases to apply to the variables - local -r exception_regexps=( - "s/sasl\.ssl/sasl_ssl/g" - "s/sasl\.plaintext/sasl_plaintext/g" - ) - # Map environment variables to config properties - for var in "${!KAFKA_CFG_@}"; do - key="$(echo "$var" | sed -e 's/^KAFKA_CFG_//g' -e 's/_/\./g' | tr '[:upper:]' '[:lower:]')" - - # Exception for the camel case in this environment variable - [[ "$var" == "KAFKA_CFG_ZOOKEEPER_CLIENTCNXNSOCKET" ]] && key="zookeeper.clientCnxnSocket" - - # Apply exception regexps - for regex in "${exception_regexps[@]}"; do - key="$(echo "$key" | sed "$regex")" - done - - value="${!var}" - # Skip empty variables from kafka-env.sh - ! is_empty_value "$value" && kafka_server_conf_set "$key" "$value" - done -} - -######################## -# Initialize KRaft storage -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_kraft_storage_initialize() { - local args=("--config" "$KAFKA_CONF_FILE" "--ignore-formatted") - info "Initializing KRaft storage metadata" - - # If cluster.id found in meta.properties, use it - if [[ -f "${KAFKA_DATA_DIR}/meta.properties" ]]; then - KAFKA_KRAFT_CLUSTER_ID=$(grep "^cluster.id=" "${KAFKA_DATA_DIR}/meta.properties" | sed -E 's/^cluster\.id=(\S+)$/\1/') - fi - - if is_empty_value "${KAFKA_KRAFT_CLUSTER_ID:-}"; then - warn "KAFKA_KRAFT_CLUSTER_ID not set - If using multiple nodes then you must use the same Cluster ID for each one" - KAFKA_KRAFT_CLUSTER_ID="$("${KAFKA_HOME}/bin/kafka-storage.sh" random-uuid)" - info "Generated Kafka cluster ID '${KAFKA_KRAFT_CLUSTER_ID}'" - fi - args+=("--cluster-id" "$KAFKA_KRAFT_CLUSTER_ID") - - # SCRAM users are configured during the cluster bootstrapping process and can later be manually updated using kafka-config.sh - if is_boolean_yes "${KAFKA_KRAFT_BOOTSTRAP_SCRAM_USERS:-}"; then - info "Adding KRaft SCRAM users at storage bootstrap" - read -r -a users <<<"$(tr ',;' ' ' <<<"${KAFKA_CLIENT_USERS}")" - read -r -a passwords <<<"$(tr ',;' ' ' <<<"${KAFKA_CLIENT_PASSWORDS}")" - # Configure SCRAM-SHA-256 if enabled - if grep -Eq "^sasl.enabled.mechanisms=.*SCRAM-SHA-256" "$KAFKA_CONF_FILE"; then - for ((i = 0; i < ${#users[@]}; i++)); do - args+=("--add-scram" "SCRAM-SHA-256=[name=${users[i]},password=${passwords[i]}]") - done - fi - # Configure SCRAM-SHA-512 if enabled - if grep -Eq "^sasl.enabled.mechanisms=.*SCRAM-SHA-512" "$KAFKA_CONF_FILE"; then - for ((i = 0; i < ${#users[@]}; i++)); do - args+=("--add-scram" "SCRAM-SHA-512=[name=${users[i]},password=${passwords[i]}]") - done - fi - # Add interbroker credentials - if grep -Eq "^sasl.mechanism.inter.broker.protocol=SCRAM-SHA-256" "$KAFKA_CONF_FILE"; then - args+=("--add-scram" "SCRAM-SHA-256=[name=${KAFKA_INTER_BROKER_USER},password=${KAFKA_INTER_BROKER_PASSWORD}]") - elif grep -Eq "^sasl.mechanism.inter.broker.protocol=SCRAM-SHA-512" "$KAFKA_CONF_FILE"; then - args+=("--add-scram" "SCRAM-SHA-512=[name=${KAFKA_INTER_BROKER_USER},password=${KAFKA_INTER_BROKER_PASSWORD}]") - fi - # Add controller credentials - if grep -Eq "^sasl.mechanism.controller.protocol=SCRAM-SHA-256" "$KAFKA_CONF_FILE"; then - args+=("--add-scram" "SCRAM-SHA-256=[name=${KAFKA_CONTROLLER_USER},password=${KAFKA_CONTROLLER_PASSWORD}]") - elif grep -Eq "^sasl.mechanism.controller.protocol=SCRAM-SHA-512" "$KAFKA_CONF_FILE"; then - args+=("--add-scram" "SCRAM-SHA-512=[name=${KAFKA_CONTROLLER_USER},password=${KAFKA_CONTROLLER_PASSWORD}]") - fi - fi - info "Formatting storage directories to add metadata..." - "${KAFKA_HOME}/bin/kafka-storage.sh" format "${args[@]}" -} - -######################## -# Detects inconsitences between the configuration at KAFKA_CONF_FILE and cluster-state file -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_kraft_quorum_voters_changed(){ - read -r -a quorum_voters_conf_ids <<<"$(grep "^controller.quorum.voters=" "$KAFKA_CONF_FILE" | sed "s/^controller.quorum.voters=//" | tr "," " " | sed -E "s/\@\S+//g")" - read -r -a quorum_voters_state_ids <<< "$(grep -Eo "\{\"voterId\":[0-9]+\}" "${KAFKA_DATA_DIR}/__cluster_metadata-0/quorum-state" | grep -Eo "[0-9]+" | tr "\n" " ")" - - if [[ "${#quorum_voters_conf_ids[@]}" != "${#quorum_voters_state_ids[@]}" ]]; then - true - else - read -r -a sorted_state <<< "$(echo "${quorum_voters_conf_ids[@]}" | tr ' ' '\n' | sort | tr '\n' ' ')" - read -r -a sorted_conf <<< "$(echo "${quorum_voters_state_ids[@]}" | tr ' ' '\n' | sort | tr '\n' ' ')" - if [[ "${sorted_state[*]}" = "${sorted_conf[*]}" ]]; then - false - else - true - fi - fi -} - -######################## -# Initialize Kafka -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_initialize() { - info "Initializing Kafka..." - # Check for mounted configuration files - if ! is_dir_empty "$KAFKA_MOUNTED_CONF_DIR"; then - cp -Lr "$KAFKA_MOUNTED_CONF_DIR"/* "$KAFKA_CONF_DIR" - fi - # Copy truststore to cert directory - for cert_var in KAFKA_TLS_TRUSTSTORE_FILE KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE; do - # Only copy if the file exists and it is in a different location than KAFKA_CERTS_DIR (to avoid copying to the same location) - if [[ -f "${!cert_var}" ]] && ! [[ "${!cert_var}" =~ $KAFKA_CERTS_DIR ]]; then - info "Copying truststore ${!cert_var} to ${KAFKA_CERTS_DIR}" - cp -L "${!cert_var}" "$KAFKA_CERTS_DIR" - fi - done - - if [[ ! -f "${KAFKA_MOUNTED_CONF_DIR}/server.properties" ]]; then - info "No injected configuration files found, creating default config files" - # Restore original server.properties but remove Zookeeper/KRaft specific settings for compatibility with both architectures - cp "${KAFKA_CONF_DIR}/server.properties.original" "$KAFKA_CONF_FILE" - kafka_server_unify_conf - # Configure Kafka settings - kafka_server_conf_set log.dirs "$KAFKA_DATA_DIR" - kafka_configure_from_environment_variables - # Configure Kafka producer/consumer to set up message sizes - ! is_empty_value "${KAFKA_CFG_MAX_REQUEST_SIZE:-}" && kafka_common_conf_set "$KAFKA_CONF_DIR/producer.properties" max.request.size "$KAFKA_CFG_MAX_REQUEST_SIZE" - ! is_empty_value "${KAFKA_CFG_MAX_PARTITION_FETCH_BYTES:-}" && kafka_common_conf_set "$KAFKA_CONF_DIR/consumer.properties" max.partition.fetch.bytes "$KAFKA_CFG_MAX_PARTITION_FETCH_BYTES" - # Zookeeper mode additional settings - if ! is_empty_value "${KAFKA_CFG_ZOOKEEPER_CONNECT:-}"; then - if [[ "$KAFKA_ZOOKEEPER_PROTOCOL" =~ SSL ]]; then - kafka_zookeeper_configure_tls - fi - if [[ "$KAFKA_ZOOKEEPER_PROTOCOL" =~ SASL ]]; then - kafka_zookeeper_configure_jaas - fi - fi - # If at least one listener uses SSL or SASL_SSL, ensure SSL is configured - if kafka_has_ssl_listener; then - kafka_configure_ssl - fi - # If at least one listener uses SASL_PLAINTEXT or SASL_SSL, ensure SASL is configured - if kafka_has_sasl_listener; then - if [[ "$KAFKA_CFG_SASL_ENABLED_MECHANISMS" =~ SCRAM ]]; then - if ! is_empty_value "${KAFKA_CFG_PROCESS_ROLES:-}"; then - if [[ "$(kafka_get_version)" =~ ^3\.2\.|^3\.3\.|^3\.4\. ]]; then - # NOTE: This will depend on Kafka version when support for SCRAM is added - warn "KRaft mode requires Kafka version 3.5 or higher for SCRAM to be supported. SCRAM SASL mechanisms will now be disabled." - KAFKA_CFG_SASL_ENABLED_MECHANISMS=PLAIN - else - export KAFKA_KRAFT_BOOTSTRAP_SCRAM_USERS="true" - fi - fi - if ! is_empty_value "${KAFKA_CFG_ZOOKEEPER_CONNECT:-}"; then - export KAFKA_ZOOKEEPER_BOOTSTRAP_SCRAM_USERS="true" - fi - fi - kafka_server_conf_set sasl.enabled.mechanisms "$KAFKA_CFG_SASL_ENABLED_MECHANISMS" - fi - # Settings for each Kafka Listener are configured individually - read -r -a protocol_maps <<<"$(tr ',' ' ' <<<"$KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP")" - for protocol_map in "${protocol_maps[@]}"; do - read -r -a map <<<"$(tr ':' ' ' <<<"$protocol_map")" - # Obtain the listener and protocol from protocol map string, e.g. CONTROLLER:PLAINTEXT - listener="${map[0]}" - protocol="${map[1]}" - listener_lower="$(echo "$listener" | tr '[:upper:]' '[:lower:]')" - - if [[ "$protocol" = "SSL" || "$protocol" = "SASL_SSL" ]]; then - listener_upper="$(echo "$listener" | tr '[:lower:]' '[:upper:]')" - env_name="KAFKA_TLS_${listener_upper}_CLIENT_AUTH" - [[ -n "${!env_name:-}" ]] && kafka_server_conf_set "listener.name.${listener_lower}.ssl.client.auth" "${!env_name}" - fi - if [[ "$protocol" = "SASL_PLAINTEXT" || "$protocol" = "SASL_SSL" ]]; then - local role="" - if [[ "$listener" = "${KAFKA_CFG_INTER_BROKER_LISTENER_NAME:-INTERNAL}" ]]; then - kafka_server_conf_set sasl.mechanism.inter.broker.protocol "$KAFKA_CFG_SASL_MECHANISM_INTER_BROKER_PROTOCOL" - role="inter-broker" - elif [[ "${KAFKA_CFG_CONTROLLER_LISTENER_NAMES:-CONTROLLER}" =~ $listener ]]; then - kafka_server_conf_set sasl.mechanism.controller.protocol "$KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL" - kafka_server_conf_set "listener.name.${listener_lower}.sasl.enabled.mechanisms" "$KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL" - role="controller" - fi - # If KAFKA_CLIENT_LISTENER_NAME is found in the listeners list, configure the producer/consumer accordingly - if [[ "$listener" = "${KAFKA_CLIENT_LISTENER_NAME:-CLIENT}" ]]; then - kafka_configure_consumer_producer_jaas - kafka_producer_consumer_conf_set security.protocol "$protocol" - kafka_producer_consumer_conf_set sasl.mechanism "${KAFKA_CLIENT_SASL_MECHANISM:-$(kafka_client_sasl_mechanism)}" - fi - kafka_configure_server_jaas "$listener_lower" "${role:-}" - fi - done - else - info "Detected mounted server.properties file at ${KAFKA_MOUNTED_CONF_DIR}/server.properties. Skipping configuration based on env variables" - fi - true -} - -######################## -# Returns the most secure SASL mechanism available for Kafka clients -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################## -kafka_client_sasl_mechanism() { - local sasl_mechanism="" - - if [[ "$KAFKA_CFG_SASL_ENABLED_MECHANISMS" =~ SCRAM-SHA-512 ]]; then - sasl_mechanism="SCRAM-SHA-512" - elif [[ "$KAFKA_CFG_SASL_ENABLED_MECHANISMS" =~ SCRAM-SHA-256 ]]; then - sasl_mechanism="SCRAM-SHA-256" - elif [[ "$KAFKA_CFG_SASL_ENABLED_MECHANISMS" =~ PLAIN ]]; then - sasl_mechanism="PLAIN" - fi - echo "$sasl_mechanism" -} - -######################## -# Removes default settings referencing Zookeeper mode or KRaft mode -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################## -kafka_server_unify_conf() { - local -r remove_regexps=( - #Zookeeper - "s/^zookeeper\./#zookeeper./g" - "s/^group\.initial/#group.initial/g" - "s/^broker\./#broker./g" - "s/^node\./#node./g" - "s/^process\./#process./g" - "s/^listeners=/#listeners=/g" - "s/^listener\./#listener./g" - "s/^controller\./#controller./g" - "s/^inter\.broker/#inter.broker/g" - "s/^advertised\.listeners/#advertised.listeners/g" - ) - - # Map environment variables to config properties - for regex in "${remove_regexps[@]}"; do - sed -i "${regex}" "$KAFKA_CONF_FILE" - done -} - -######################## -# Dinamically set node.id/broker.id/controller.quorum.voters if their alternative environment variable _COMMAND is set -# Globals: -# KAFKA_*_COMMAND -# Arguments: -# None -# Returns: -# None -######################### -kafka_dynamic_environment_variables() { - # KRaft mode - if ! is_empty_value "${KAFKA_NODE_ID_COMMAND:-}"; then - KAFKA_CFG_NODE_ID="$(eval "${KAFKA_NODE_ID_COMMAND}")" - export KAFKA_CFG_NODE_ID - fi - if ! is_empty_value "${KAFKA_CONTROLLER_QUORUM_VOTERS_COMMAND:-}"; then - KAFKA_CFG_CONTROLLER_QUORUM_VOTERS="$(eval "${KAFKA_CONTROLLER_QUORUM_VOTERS_COMMAND}")" - export KAFKA_CFG_CONTROLLER_QUORUM_VOTERS - fi - # Zookeeper mode - # DEPRECATED - BROKER_ID_COMMAND has been deprecated, please use KAFKA_BROKER_ID_COMMAND instead - if ! is_empty_value "${KAFKA_BROKER_ID_COMMAND:-}"; then - KAFKA_CFG_BROKER_ID="$(eval "${KAFKA_BROKER_ID_COMMAND}")" - export KAFKA_CFG_BROKER_ID - elif ! is_empty_value "${BROKER_ID_COMMAND:-}"; then - KAFKA_CFG_BROKER_ID="$(eval "${BROKER_ID_COMMAND}")" - export KAFKA_CFG_BROKER_ID - fi -} - -######################## -# Run custom initialization scripts -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_custom_init_scripts() { - if [[ -n $(find "${KAFKA_INITSCRIPTS_DIR}/" -type f -regex ".*\.\(sh\)") ]] && [[ ! -f "${KAFKA_VOLUME_DIR}/.user_scripts_initialized" ]]; then - info "Loading user's custom files from $KAFKA_INITSCRIPTS_DIR" - for f in /docker-entrypoint-initdb.d/*; do - debug "Executing $f" - case "$f" in - *.sh) - if [[ -x "$f" ]]; then - if ! "$f"; then - error "Failed executing $f" - return 1 - fi - else - warn "Sourcing $f as it is not executable by the current user, any error may cause initialization to fail" - . "$f" - fi - ;; - *) - warn "Skipping $f, supported formats are: .sh" - ;; - esac - done - touch "$KAFKA_VOLUME_DIR"/.user_scripts_initialized - fi -} - -######################## -# Check if Kafka is running -# Globals: -# KAFKA_PID_FILE -# Arguments: -# None -# Returns: -# Whether Kafka is running -######################## -is_kafka_running() { - local pid - pid="$(get_pid_from_file "$KAFKA_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if Kafka is running -# Globals: -# KAFKA_PID_FILE -# Arguments: -# None -# Returns: -# Whether Kafka is not running -######################## -is_kafka_not_running() { - ! is_kafka_running -} - -######################## -# Stop Kafka -# Globals: -# KAFKA_PID_FILE -# Arguments: -# None -# Returns: -# None -######################### -kafka_stop() { - ! is_kafka_running && return - stop_service_using_pid "$KAFKA_PID_FILE" TERM -} diff --git a/bitnami/kafka/3.2/debian-11/tags-info.yaml b/bitnami/kafka/3.2/debian-11/tags-info.yaml deleted file mode 100644 index bc06a47e9c61..000000000000 --- a/bitnami/kafka/3.2/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "3.2" -- 3.2-debian-11 -- 3.2.3 diff --git a/bitnami/kafka/3.3/debian-11/Dockerfile b/bitnami/kafka/3.3/debian-11/Dockerfile deleted file mode 100644 index 8c7ac68ec000..000000000000 --- a/bitnami/kafka/3.3/debian-11/Dockerfile +++ /dev/null @@ -1,63 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG JAVA_EXTRA_SECURITY_DIR="/bitnami/java/extra-security" -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T06:12:51Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="3.3.2-debian-11-r267" \ - org.opencontainers.image.title="kafka" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="3.3.2" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "wait-for-port-1.0.7-9-linux-${OS_ARCH}-debian-11" \ - "render-template-1.0.6-9-linux-${OS_ARCH}-debian-11" \ - "java-17.0.10-13-2-linux-${OS_ARCH}-debian-11" \ - "kafka-3.3.2-12-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN ln -s /opt/bitnami/scripts/kafka/entrypoint.sh /entrypoint.sh -RUN ln -s /opt/bitnami/scripts/kafka/run.sh /run.sh - -COPY rootfs / -RUN /opt/bitnami/scripts/java/postunpack.sh -RUN /opt/bitnami/scripts/kafka/postunpack.sh -ENV APP_VERSION="3.3.2" \ - BITNAMI_APP_NAME="kafka" \ - JAVA_HOME="/opt/bitnami/java" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/java/bin:/opt/bitnami/kafka/bin:$PATH" - -EXPOSE 9092 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/kafka/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/kafka/run.sh" ] diff --git a/bitnami/kafka/3.3/debian-11/docker-compose.yml b/bitnami/kafka/3.3/debian-11/docker-compose.yml deleted file mode 100644 index 5f0cce16497c..000000000000 --- a/bitnami/kafka/3.3/debian-11/docker-compose.yml +++ /dev/null @@ -1,26 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: "2" - -services: - kafka: - image: docker.io/bitnami/kafka:3.3 - ports: - - "9092:9092" - volumes: - - "kafka_data:/bitnami" - environment: - # KRaft settings - - KAFKA_CFG_NODE_ID=0 - - KAFKA_CFG_PROCESS_ROLES=controller,broker - - KAFKA_CFG_CONTROLLER_QUORUM_VOTERS=0@kafka:9093 - # Listeners - - KAFKA_CFG_LISTENERS=PLAINTEXT://:9092,CONTROLLER://:9093 - - KAFKA_CFG_ADVERTISED_LISTENERS=PLAINTEXT://:9092 - - KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP=CONTROLLER:PLAINTEXT,PLAINTEXT:PLAINTEXT - - KAFKA_CFG_CONTROLLER_LISTENER_NAMES=CONTROLLER - - KAFKA_CFG_INTER_BROKER_LISTENER_NAME=PLAINTEXT -volumes: - kafka_data: - driver: local diff --git a/bitnami/kafka/3.3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/kafka/3.3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index f921f947816f..000000000000 --- a/bitnami/kafka/3.3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,26 +0,0 @@ -{ - "java": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "17.0.10-13-2" - }, - "kafka": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.3.2-12" - }, - "render-template": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.6-9" - }, - "wait-for-port": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.7-9" - } -} \ No newline at end of file diff --git a/bitnami/kafka/3.3/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/kafka/3.3/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/kafka/3.3/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/kafka/3.3/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/kafka/3.3/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/kafka/3.3/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/kafka/3.3/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/kafka/3.3/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/kafka/3.3/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/kafka/3.3/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/kafka/3.3/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/kafka/3.3/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/kafka/3.3/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/kafka/3.3/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/kafka/3.3/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/kafka/3.3/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/kafka/3.3/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/kafka/3.3/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/kafka/3.3/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/kafka/3.3/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/kafka/3.3/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/kafka/3.3/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/kafka/3.3/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/kafka/3.3/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/kafka/3.3/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/kafka/3.3/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/kafka/3.3/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/kafka/3.3/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/kafka/3.3/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/kafka/3.3/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/kafka/3.3/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/kafka/3.3/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/kafka/3.3/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/kafka/3.3/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/kafka/3.3/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/kafka/3.3/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/kafka/3.3/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/kafka/3.3/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/kafka/3.3/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/kafka/3.3/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/kafka/3.3/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/kafka/3.3/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/kafka/3.3/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh b/bitnami/kafka/3.3/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh deleted file mode 100755 index c3a1e2383fa1..000000000000 --- a/bitnami/kafka/3.3/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -print_welcome_page - -echo "" -exec "$@" diff --git a/bitnami/kafka/3.3/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh b/bitnami/kafka/3.3/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh deleted file mode 100755 index 52dbf4f13673..000000000000 --- a/bitnami/kafka/3.3/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh - -# -# Java post-unpack operations -# - -# Override default files in the Java security directory. This is used for -# custom base images (with custom CA certificates or block lists is used) - -if [[ -n "${JAVA_EXTRA_SECURITY_DIR:-}" ]] && ! is_dir_empty "$JAVA_EXTRA_SECURITY_DIR"; then - info "Adding custom CAs to the Java security folder" - cp -Lr "${JAVA_EXTRA_SECURITY_DIR}/." /opt/bitnami/java/lib/security -fi diff --git a/bitnami/kafka/3.3/debian-11/rootfs/opt/bitnami/scripts/kafka-env.sh b/bitnami/kafka/3.3/debian-11/rootfs/opt/bitnami/scripts/kafka-env.sh deleted file mode 100644 index 9f33fc07871a..000000000000 --- a/bitnami/kafka/3.3/debian-11/rootfs/opt/bitnami/scripts/kafka-env.sh +++ /dev/null @@ -1,117 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for kafka - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-kafka}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -kafka_env_vars=( - KAFKA_MOUNTED_CONF_DIR - KAFKA_INTER_BROKER_USER - KAFKA_INTER_BROKER_PASSWORD - KAFKA_CONTROLLER_USER - KAFKA_CONTROLLER_PASSWORD - KAFKA_CERTIFICATE_PASSWORD - KAFKA_TLS_TRUSTSTORE_FILE - KAFKA_TLS_TYPE - KAFKA_TLS_CLIENT_AUTH - KAFKA_OPTS - KAFKA_CFG_SASL_ENABLED_MECHANISMS - KAFKA_KRAFT_CLUSTER_ID - KAFKA_SKIP_KRAFT_STORAGE_INIT - KAFKA_CLIENT_LISTENER_NAME - KAFKA_ZOOKEEPER_PROTOCOL - KAFKA_ZOOKEEPER_PASSWORD - KAFKA_ZOOKEEPER_USER - KAFKA_ZOOKEEPER_TLS_KEYSTORE_PASSWORD - KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_PASSWORD - KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE - KAFKA_ZOOKEEPER_TLS_VERIFY_HOSTNAME - KAFKA_ZOOKEEPER_TLS_TYPE - KAFKA_CLIENT_USERS - KAFKA_CLIENT_PASSWORDS - KAFKA_HEAP_OPTS -) -for env_var in "${kafka_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset kafka_env_vars - -# Paths -export KAFKA_BASE_DIR="${BITNAMI_ROOT_DIR}/kafka" -export KAFKA_VOLUME_DIR="/bitnami/kafka" -export KAFKA_DATA_DIR="${KAFKA_VOLUME_DIR}/data" -export KAFKA_CONF_DIR="${KAFKA_BASE_DIR}/config" -export KAFKA_CONF_FILE="${KAFKA_CONF_DIR}/server.properties" -export KAFKA_MOUNTED_CONF_DIR="${KAFKA_MOUNTED_CONF_DIR:-${KAFKA_VOLUME_DIR}/config}" -export KAFKA_CERTS_DIR="${KAFKA_CONF_DIR}/certs" -export KAFKA_INITSCRIPTS_DIR="/docker-entrypoint-initdb.d" -export KAFKA_LOG_DIR="${KAFKA_BASE_DIR}/logs" -export KAFKA_HOME="$KAFKA_BASE_DIR" -export PATH="${KAFKA_BASE_DIR}/bin:${BITNAMI_ROOT_DIR}/java/bin:${PATH}" - -# System users (when running with a privileged user) -export KAFKA_DAEMON_USER="kafka" -export KAFKA_DAEMON_GROUP="kafka" - -# Kafka runtime settings -export KAFKA_INTER_BROKER_USER="${KAFKA_INTER_BROKER_USER:-user}" -export KAFKA_INTER_BROKER_PASSWORD="${KAFKA_INTER_BROKER_PASSWORD:-bitnami}" -export KAFKA_CONTROLLER_USER="${KAFKA_CONTROLLER_USER:-controller_user}" -export KAFKA_CONTROLLER_PASSWORD="${KAFKA_CONTROLLER_PASSWORD:-bitnami}" -export KAFKA_CERTIFICATE_PASSWORD="${KAFKA_CERTIFICATE_PASSWORD:-}" -export KAFKA_TLS_TRUSTSTORE_FILE="${KAFKA_TLS_TRUSTSTORE_FILE:-}" -export KAFKA_TLS_TYPE="${KAFKA_TLS_TYPE:-JKS}" -export KAFKA_TLS_CLIENT_AUTH="${KAFKA_TLS_CLIENT_AUTH:-required}" -export KAFKA_OPTS="${KAFKA_OPTS:-}" - -# Kafka configuration overrides -export KAFKA_CFG_SASL_ENABLED_MECHANISMS="${KAFKA_CFG_SASL_ENABLED_MECHANISMS:-PLAIN,SCRAM-SHA-256,SCRAM-SHA-512}" -export KAFKA_KRAFT_CLUSTER_ID="${KAFKA_KRAFT_CLUSTER_ID:-}" -export KAFKA_SKIP_KRAFT_STORAGE_INIT="${KAFKA_SKIP_KRAFT_STORAGE_INIT:-false}" -export KAFKA_CLIENT_LISTENER_NAME="${KAFKA_CLIENT_LISTENER_NAME:-}" - -# ZooKeeper connection settings -export KAFKA_ZOOKEEPER_PROTOCOL="${KAFKA_ZOOKEEPER_PROTOCOL:-PLAINTEXT}" -export KAFKA_ZOOKEEPER_PASSWORD="${KAFKA_ZOOKEEPER_PASSWORD:-}" -export KAFKA_ZOOKEEPER_USER="${KAFKA_ZOOKEEPER_USER:-}" -export KAFKA_ZOOKEEPER_TLS_KEYSTORE_PASSWORD="${KAFKA_ZOOKEEPER_TLS_KEYSTORE_PASSWORD:-}" -export KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_PASSWORD="${KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_PASSWORD:-}" -export KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE="${KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE:-}" -export KAFKA_ZOOKEEPER_TLS_VERIFY_HOSTNAME="${KAFKA_ZOOKEEPER_TLS_VERIFY_HOSTNAME:-true}" -export KAFKA_ZOOKEEPER_TLS_TYPE="${KAFKA_ZOOKEEPER_TLS_TYPE:-JKS}" - -# Authentication -export KAFKA_CLIENT_USERS="${KAFKA_CLIENT_USERS:-user}" -export KAFKA_CLIENT_PASSWORDS="${KAFKA_CLIENT_PASSWORDS:-bitnami}" - -# Java settings -export KAFKA_HEAP_OPTS="${KAFKA_HEAP_OPTS:--Xmx1024m -Xms1024m}" - -# Custom environment variables may be defined below diff --git a/bitnami/kafka/3.3/debian-11/rootfs/opt/bitnami/scripts/kafka/entrypoint.sh b/bitnami/kafka/3.3/debian-11/rootfs/opt/bitnami/scripts/kafka/entrypoint.sh deleted file mode 100755 index deafe6d4660a..000000000000 --- a/bitnami/kafka/3.3/debian-11/rootfs/opt/bitnami/scripts/kafka/entrypoint.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/libkafka.sh - -# Load Kafka environment variables -. /opt/bitnami/scripts/kafka-env.sh - -print_welcome_page - -if [[ "$*" = *"/opt/bitnami/scripts/kafka/run.sh"* || "$*" = *"/run.sh"* ]]; then - info "** Starting Kafka setup **" - /opt/bitnami/scripts/kafka/setup.sh - info "** Kafka setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/kafka/3.3/debian-11/rootfs/opt/bitnami/scripts/kafka/postunpack.sh b/bitnami/kafka/3.3/debian-11/rootfs/opt/bitnami/scripts/kafka/postunpack.sh deleted file mode 100755 index b6526959daf7..000000000000 --- a/bitnami/kafka/3.3/debian-11/rootfs/opt/bitnami/scripts/kafka/postunpack.sh +++ /dev/null @@ -1,46 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libkafka.sh -. /opt/bitnami/scripts/libfs.sh - -# Load Kafka environment variables -. /opt/bitnami/scripts/kafka-env.sh - -# Move server.properties from configtmp to config -# Temporary solution until kafka tarball places server.properties into config -if [[ -d "${KAFKA_BASE_DIR}/configtmp" ]]; then - mv "${KAFKA_BASE_DIR}/configtmp"/* "$KAFKA_CONF_DIR" - rmdir "${KAFKA_BASE_DIR}/configtmp" -fi -[[ -d "${KAFKA_BASE_DIR}/conf" ]] && rmdir "${KAFKA_BASE_DIR}/conf" - -# Ensure directories used by Kafka exist and have proper ownership and permissions -for dir in "$KAFKA_LOG_DIR" "$KAFKA_CONF_DIR" "$KAFKA_MOUNTED_CONF_DIR" "$KAFKA_VOLUME_DIR" "$KAFKA_DATA_DIR" "$KAFKA_INITSCRIPTS_DIR"; do - ensure_dir_exists "$dir" -done -chmod -R g+rwX "$KAFKA_BASE_DIR" "$KAFKA_VOLUME_DIR" "$KAFKA_DATA_DIR" "$KAFKA_INITSCRIPTS_DIR" - -# Move the original server.properties, so users can skip initialization logic by mounting their own server.properties directly instead of using the MOUNTED_CONF_DIR -mv "${KAFKA_CONF_DIR}/server.properties" "${KAFKA_CONF_DIR}/server.properties.original" - -# Disable logging to stdout and garbage collection -# Source: https://logging.apache.org/log4j/log4j-2.4/manual/appenders.html -replace_in_file "${KAFKA_BASE_DIR}/bin/kafka-server-start.sh" " [-]loggc" " " -replace_in_file "${KAFKA_CONF_DIR}/log4j.properties" "DailyRollingFileAppender" "ConsoleAppender" - -# Disable the default console logger in favour of KafkaAppender (which provides the exact output) -echo "log4j.appender.stdout.Threshold=OFF" >>"${KAFKA_CONF_DIR}/log4j.properties" - -# Remove invalid parameters for ConsoleAppender -remove_in_file "${KAFKA_CONF_DIR}/log4j.properties" "DatePattern" -remove_in_file "${KAFKA_CONF_DIR}/log4j.properties" "Appender.File" diff --git a/bitnami/kafka/3.3/debian-11/rootfs/opt/bitnami/scripts/kafka/run.sh b/bitnami/kafka/3.3/debian-11/rootfs/opt/bitnami/scripts/kafka/run.sh deleted file mode 100755 index a82f26867e70..000000000000 --- a/bitnami/kafka/3.3/debian-11/rootfs/opt/bitnami/scripts/kafka/run.sh +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libkafka.sh -. /opt/bitnami/scripts/libos.sh - -# Load Kafka environment variables -. /opt/bitnami/scripts/kafka-env.sh - -if [[ -f "${KAFKA_CONF_DIR}/kafka_jaas.conf" ]]; then - export KAFKA_OPTS="-Djava.security.auth.login.config=${KAFKA_CONF_DIR}/kafka_jaas.conf" -fi - -cmd="$KAFKA_HOME/bin/kafka-server-start.sh" -args=("$KAFKA_CONF_FILE") -! is_empty_value "${KAFKA_EXTRA_FLAGS:-}" && args=("${args[@]}" "${KAFKA_EXTRA_FLAGS[@]}") - -info "** Starting Kafka **" -if am_i_root; then - exec_as_user "$KAFKA_DAEMON_USER" "$cmd" "${args[@]}" "$@" -else - exec "$cmd" "${args[@]}" "$@" -fi diff --git a/bitnami/kafka/3.3/debian-11/rootfs/opt/bitnami/scripts/kafka/setup.sh b/bitnami/kafka/3.3/debian-11/rootfs/opt/bitnami/scripts/kafka/setup.sh deleted file mode 100755 index a1dcc1d2d162..000000000000 --- a/bitnami/kafka/3.3/debian-11/rootfs/opt/bitnami/scripts/kafka/setup.sh +++ /dev/null @@ -1,60 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libkafka.sh - -# Load Kafka environment variables -. /opt/bitnami/scripts/kafka-env.sh - -# Map Kafka environment variables -kafka_create_alias_environment_variables - -# Dinamically set node.id/broker.id/controller.quorum.voters if the _COMMAND environment variable is set -kafka_dynamic_environment_variables - -# Set the default tuststore locations before validation -kafka_configure_default_truststore_locations -# Ensure Kafka user and group exist when running as 'root' -am_i_root && ensure_user_exists "$KAFKA_DAEMON_USER" --group "$KAFKA_DAEMON_GROUP" -# Ensure directories used by Kafka exist and have proper ownership and permissions -for dir in "$KAFKA_LOG_DIR" "$KAFKA_CONF_DIR" "$KAFKA_MOUNTED_CONF_DIR" "$KAFKA_VOLUME_DIR" "$KAFKA_DATA_DIR"; do - if am_i_root; then - ensure_dir_exists "$dir" "$KAFKA_DAEMON_USER" "$KAFKA_DAEMON_GROUP" - else - ensure_dir_exists "$dir" - fi -done - -# Kafka validation, skipped if server.properties was mounted at either $KAFKA_MOUNTED_CONF_DIR or $KAFKA_CONF_DIR -[[ ! -f "${KAFKA_MOUNTED_CONF_DIR}/server.properties" && ! -f "$KAFKA_CONF_FILE" ]] && kafka_validate -# Kafka initialization, skipped if server.properties was mounted at $KAFKA_CONF_DIR -[[ ! -f "$KAFKA_CONF_FILE" ]] && kafka_initialize - -# Initialise KRaft metadata storage if process.roles configured -if grep -q "^process.roles=" "$KAFKA_CONF_FILE" && ! is_boolean_yes "$KAFKA_SKIP_KRAFT_STORAGE_INIT" ; then - kafka_kraft_storage_initialize -fi -# Configure Zookeeper SCRAM users -if is_boolean_yes "${KAFKA_ZOOKEEPER_BOOTSTRAP_SCRAM_USERS:-}"; then - kafka_zookeeper_create_sasl_scram_users -fi -# KRaft controllers may get stuck starting when the controller quorum voters are changed. -# Workaround: Remove quorum-state file when scaling up/down controllers (Waiting proposal KIP-853) -# https://cwiki.apache.org/confluence/display/KAFKA/KIP-853%3A+KRaft+Voter+Changes -if [[ -f "${KAFKA_DATA_DIR}/__cluster_metadata-0/quorum-state" ]] && grep -q "^controller.quorum.voters=" "$KAFKA_CONF_FILE" && kafka_kraft_quorum_voters_changed; then - warn "Detected inconsitences between controller.quorum.voters and quorum-state, removing it..." - rm -f "${KAFKA_DATA_DIR}/__cluster_metadata-0/quorum-state" -fi -# Ensure custom initialization scripts are executed -kafka_custom_init_scripts diff --git a/bitnami/kafka/3.3/debian-11/rootfs/opt/bitnami/scripts/libkafka.sh b/bitnami/kafka/3.3/debian-11/rootfs/opt/bitnami/scripts/libkafka.sh deleted file mode 100644 index 0efa81c4b873..000000000000 --- a/bitnami/kafka/3.3/debian-11/rootfs/opt/bitnami/scripts/libkafka.sh +++ /dev/null @@ -1,1175 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Kafka library - -# shellcheck disable=SC1090,SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libservice.sh - -# Functions - -######################## -# Set a configuration setting value to a file -# Globals: -# None -# Arguments: -# $1 - file -# $2 - key -# $3 - values (array) -# Returns: -# None -######################### -kafka_common_conf_set() { - local file="${1:?missing file}" - local key="${2:?missing key}" - shift - shift - local values=("$@") - - if [[ "${#values[@]}" -eq 0 ]]; then - stderr_print "missing value" - return 1 - elif [[ "${#values[@]}" -ne 1 ]]; then - for i in "${!values[@]}"; do - kafka_common_conf_set "$file" "${key[$i]}" "${values[$i]}" - done - else - value="${values[0]}" - # Check if the value was set before - if grep -q "^[#\\s]*$key\s*=.*" "$file"; then - # Update the existing key - replace_in_file "$file" "^[#\\s]*${key}\s*=.*" "${key}=${value}" false - else - # Add a new key - printf '\n%s=%s' "$key" "$value" >>"$file" - fi - fi -} - -######################## -# Returns true if at least one listener is configured using SSL -# Globals: -# KAFKA_CFG_LISTENERS -# KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP -# Arguments: -# None -# Returns: -# true/false -######################### -kafka_has_ssl_listener(){ - if ! is_empty_value "${KAFKA_CFG_LISTENERS:-}"; then - if is_empty_value "${KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP:-}"; then - if [[ "$KAFKA_CFG_LISTENERS" =~ SSL: || "$KAFKA_CFG_LISTENERS" =~ SASL_SSL: ]]; then - return - fi - else - read -r -a protocol_maps <<<"$(tr ',' ' ' <<<"$KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP")" - for protocol_map in "${protocol_maps[@]}"; do - read -r -a map <<<"$(tr ':' ' ' <<<"$protocol_map")" - # Obtain the listener and protocol from protocol map string, e.g. CONTROLLER:PLAINTEXT - listener="${map[0]}" - protocol="${map[1]}" - if [[ "$protocol" = "SSL" || "$protocol" = "SASL_SSL" ]]; then - if [[ "$KAFKA_CFG_LISTENERS" =~ $listener ]]; then - return - fi - fi - done - fi - fi - return 1 -} - -######################## -# Returns true if at least one listener is configured using SASL -# Globals: -# KAFKA_CFG_LISTENERS -# KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP -# Arguments: -# None -# Returns: -# true/false -######################### -kafka_has_sasl_listener(){ - if ! is_empty_value "${KAFKA_CFG_LISTENERS:-}"; then - if is_empty_value "${KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP:-}"; then - if [[ "$KAFKA_CFG_LISTENERS" =~ SASL_PLAINTEXT: ]] || [[ "$KAFKA_CFG_LISTENERS" =~ SASL_SSL: ]]; then - return - fi - else - read -r -a protocol_maps <<<"$(tr ',' ' ' <<<"$KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP")" - for protocol_map in "${protocol_maps[@]}"; do - read -r -a map <<<"$(tr ':' ' ' <<<"$protocol_map")" - # Obtain the listener and protocol from protocol map string, e.g. CONTROLLER:PLAINTEXT - listener="${map[0]}" - protocol="${map[1]}" - if [[ "$protocol" = "SASL_PLAINTEXT" || "$protocol" = "SASL_SSL" ]]; then - if [[ "$KAFKA_CFG_LISTENERS" =~ $listener ]]; then - return - fi - fi - done - fi - fi - return 1 -} - -######################## -# Returns true if at least one listener is configured using plaintext -# Globals: -# KAFKA_CFG_LISTENERS -# KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP -# Arguments: -# None -# Returns: -# true/false -######################### -kafka_has_plaintext_listener(){ - if ! is_empty_value "${KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP:-}"; then - read -r -a protocol_maps <<<"$(tr ',' ' ' <<<"$KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP")" - for protocol_map in "${protocol_maps[@]}"; do - read -r -a map <<<"$(tr ':' ' ' <<<"$protocol_map")" - # Obtain the listener and protocol from protocol map string, e.g. CONTROLLER:PLAINTEXT - listener="${map[0]}" - protocol="${map[1]}" - if [[ "$protocol" = "PLAINTEXT" ]]; then - if is_empty_value "${KAFKA_CFG_LISTENERS:-}" || [[ "$KAFKA_CFG_LISTENERS" =~ $listener ]]; then - return - fi - fi - done - else - if is_empty_value "${KAFKA_CFG_LISTENERS:-}" || [[ "$KAFKA_CFG_LISTENERS" =~ PLAINTEXT: ]]; then - return - fi - fi - return 1 -} - -######################## -# Backwards compatibility measure to configure the TLS truststore locations -# Globals: -# KAFKA_CONF_FILE -# Arguments: -# None -# Returns: -# None -######################### -kafka_configure_default_truststore_locations() { - # Backwards compatibility measure to allow custom truststore locations but at the same time not disrupt - # the UX that the previous version of the containers and the helm chart have. - # Context: The chart and containers by default assumed that the truststore location was KAFKA_CERTS_DIR/kafka.truststore.jks or KAFKA_MOUNTED_CONF_DIR/certs/kafka.truststore.jks. - # Because of this, we could not use custom certificates in different locations (use case: A custom base image that already has a truststore). Changing the logic to allow custom - # locations implied major changes in the current user experience (which only required to mount certificates at the assumed location). In order to maintain this compatibility we need - # use this logic that sets the KAFKA_TLS_*_FILE variables to the previously assumed locations in case it is not set - - # Kafka truststore - if kafka_has_ssl_listener && is_empty_value "${KAFKA_TLS_TRUSTSTORE_FILE:-}"; then - local kafka_truststore_filename="kafka.truststore.jks" - [[ "$KAFKA_TLS_TYPE" = "PEM" ]] && kafka_truststore_filename="kafka.truststore.pem" - if [[ -f "${KAFKA_CERTS_DIR}/${kafka_truststore_filename}" ]]; then - # Mounted in /opt/bitnami/kafka/conf/certs - export KAFKA_TLS_TRUSTSTORE_FILE="${KAFKA_CERTS_DIR}/${kafka_truststore_filename}" - else - # Mounted in /bitnami/kafka/conf/certs - export KAFKA_TLS_TRUSTSTORE_FILE="${KAFKA_MOUNTED_CONF_DIR}/certs/${kafka_truststore_filename}" - fi - fi - # Zookeeper truststore - if [[ "${KAFKA_ZOOKEEPER_PROTOCOL:-}" =~ SSL ]] && is_empty_value "${KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE:-}"; then - local zk_truststore_filename="zookeeper.truststore.jks" - [[ "$KAFKA_ZOOKEEPER_TLS_TYPE" = "PEM" ]] && zk_truststore_filename="zookeeper.truststore.pem" - if [[ -f "${KAFKA_CERTS_DIR}/${zk_truststore_filename}" ]]; then - # Mounted in /opt/bitnami/kafka/conf/certs - export KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE="${KAFKA_CERTS_DIR}/${zk_truststore_filename}" - else - # Mounted in /bitnami/kafka/conf/certs - export KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE="${KAFKA_MOUNTED_CONF_DIR}/certs/${zk_truststore_filename}" - fi - fi -} - -######################## -# Set a configuration setting value to server.properties -# Globals: -# KAFKA_CONF_FILE -# Arguments: -# $1 - key -# $2 - values (array) -# Returns: -# None -######################### -kafka_server_conf_set() { - kafka_common_conf_set "$KAFKA_CONF_FILE" "$@" -} - -######################## -# Set a configuration setting value to producer.properties and consumer.properties -# Globals: -# KAFKA_CONF_DIR -# Arguments: -# $1 - key -# $2 - values (array) -# Returns: -# None -######################### -kafka_producer_consumer_conf_set() { - kafka_common_conf_set "$KAFKA_CONF_DIR/producer.properties" "$@" - kafka_common_conf_set "$KAFKA_CONF_DIR/consumer.properties" "$@" -} - -######################## -# Create alias for environment variable, so both can be used -# Globals: -# None -# Arguments: -# $1 - Alias environment variable name -# $2 - Original environment variable name -# Returns: -# None -######################### -kafka_declare_alias_env() { - local -r alias="${1:?missing environment variable alias}" - local -r original="${2:?missing original environment variable}" - if printenv "${original}" >/dev/null; then - export "$alias"="${!original:-}" - fi -} - -######################## -# Map Kafka legacy environment variables to the new names -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_create_alias_environment_variables() { - suffixes=( - "ADVERTISED_LISTENERS" - "BROKER_ID" - "NODE_ID" - "CONTROLLER_QUORUM_VOTERS" - "PROCESS_ROLES" - "DEFAULT_REPLICATION_FACTOR" - "DELETE_TOPIC_ENABLE" - "INTER_BROKER_LISTENER_NAME" - "LISTENERS" - "LISTENER_SECURITY_PROTOCOL_MAP" - "LOG_DIRS" - "LOG_FLUSH_INTERVAL_MESSAGES" - "LOG_FLUSH_INTERVAL_MS" - "LOG_MESSAGE_FORMAT_VERSION" - "LOG_RETENTION_BYTES" - "LOG_RETENTION_CHECK_INTERVALS_MS" - "LOG_RETENTION_HOURS" - "LOG_SEGMENT_BYTES" - "MESSAGE_MAX_BYTES" - "NUM_IO_THREADS" - "NUM_NETWORK_THREADS" - "NUM_PARTITIONS" - "NUM_RECOVERY_THREADS_PER_DATA_DIR" - "OFFSETS_TOPIC_REPLICATION_FACTOR" - "SOCKET_RECEIVE_BUFFER_BYTES" - "SOCKET_REQUEST_MAX_BYTES" - "SOCKET_SEND_BUFFER_BYTES" - "SSL_ENDPOINT_IDENTIFICATION_ALGORITHM" - "TRANSACTION_STATE_LOG_MIN_ISR" - "TRANSACTION_STATE_LOG_REPLICATION_FACTOR" - "ZOOKEEPER_CONNECT" - "ZOOKEEPER_CONNECTION_TIMEOUT_MS" - ) - kafka_declare_alias_env "KAFKA_CFG_LOG_DIRS" "KAFKA_LOGS_DIRS" - kafka_declare_alias_env "KAFKA_CFG_LOG_SEGMENT_BYTES" "KAFKA_SEGMENT_BYTES" - kafka_declare_alias_env "KAFKA_CFG_MESSAGE_MAX_BYTES" "KAFKA_MAX_MESSAGE_BYTES" - kafka_declare_alias_env "KAFKA_CFG_ZOOKEEPER_CONNECTION_TIMEOUT_MS" "KAFKA_ZOOKEEPER_CONNECT_TIMEOUT_MS" - kafka_declare_alias_env "KAFKA_CFG_AUTO_CREATE_TOPICS_ENABLE" "KAFKA_AUTO_CREATE_TOPICS_ENABLE" - kafka_declare_alias_env "KAFKA_CLIENT_USERS" "KAFKA_BROKER_USER" - kafka_declare_alias_env "KAFKA_CLIENT_PASSWORDS" "KAFKA_BROKER_PASSWORD" - kafka_declare_alias_env "KAFKA_CLIENT_LISTENER_NAME" "KAFKA_CLIENT_LISTENER" - for s in "${suffixes[@]}"; do - kafka_declare_alias_env "KAFKA_CFG_${s}" "KAFKA_${s}" - done -} - -######################## -# Validate settings in KAFKA_* env vars -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_validate() { - debug "Validating settings in KAFKA_* env vars..." - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - check_multi_value() { - if [[ " ${2} " != *" ${!1} "* ]]; then - print_validation_error "The allowed values for ${1} are: ${2}" - fi - } - # If process.roles configured, check its values are valid and perform additional checks for each - check_kraft_process_roles() { - read -r -a roles_list <<<"$(tr ',;' ' ' <<<"$KAFKA_CFG_PROCESS_ROLES")" - for role in "${roles_list[@]}"; do - case "$role" in - broker) ;; - controller) - if is_empty_value "${KAFKA_CFG_CONTROLLER_LISTENER_NAMES:-}"; then - print_validation_error "Role 'controller' enabled but environment variable KAFKA_CFG_CONTROLLER_LISTENER_NAMES was not provided." - fi - if is_empty_value "${KAFKA_CFG_LISTENERS:-}" || [[ ! "$KAFKA_CFG_LISTENERS" =~ ${KAFKA_CFG_CONTROLLER_LISTENER_NAMES} ]]; then - print_validation_error "Role 'controller' enabled but listener ${KAFKA_CFG_CONTROLLER_LISTENER_NAMES} not found in KAFKA_CFG_LISTENERS." - fi - ;; - *) - print_validation_error "Invalid KRaft process role '$role'. Supported roles are 'broker,controller'" - ;; - esac - done - } - # Check all listeners are using a unique and valid port - check_listener_ports(){ - check_allowed_port() { - local port="${1:?missing port variable}" - local -a validate_port_args=() - ! am_i_root && validate_port_args+=("-unprivileged") - validate_port_args+=("$port") - if ! err=$(validate_port "${validate_port_args[@]}"); then - print_validation_error "An invalid port ${port} was specified in the environment variable KAFKA_CFG_LISTENERS: ${err}." - fi - } - - read -r -a listeners <<<"$(tr ',' ' ' <<<"${KAFKA_CFG_LISTENERS:-}")" - local -a ports=() - for listener in "${listeners[@]}"; do - read -r -a arr <<<"$(tr ':' ' ' <<<"$listener")" - # Obtain the port from listener string, e.g. PLAINTEXT://:9092 - port="${arr[2]}" - check_allowed_port "$port" - ports+=("$port") - done - # Check each listener is using an unique port - local -a unique_ports=() - read -r -a unique_ports <<< "$(echo "${ports[@]}" | tr ' ' '\n' | sort -u | tr '\n' ' ')" - if [[ "${#ports[@]}" != "${#unique_ports[@]}" ]]; then - print_validation_error "There are listeners bound to the same port" - fi - } - check_listener_protocols(){ - local -r allowed_protocols=("PLAINTEXT" "SASL_PLAINTEXT" "SASL_SSL" "SSL") - read -r -a protocol_maps <<<"$(tr ',' ' ' <<<"$KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP")" - for protocol_map in "${protocol_maps[@]}"; do - read -r -a map <<<"$(tr ':' ' ' <<<"$protocol_map")" - # Obtain the listener and protocol from protocol map string, e.g. CONTROLLER:PLAINTEXT - listener="${map[0]}" - protocol="${map[1]}" - # Check protocol in allowed list - if [[ ! "${allowed_protocols[*]}" =~ $protocol ]]; then - print_validation_error "Authentication protocol ${protocol} is not supported!" - fi - # If inter-broker listener configured with SASL, ensure KAFKA_CFG_SASL_MECHANISM_INTER_BROKER_PROTOCOL is set - if [[ "$listener" = "${KAFKA_CFG_INTER_BROKER_LISTENER_NAME:-INTERNAL}" ]]; then - if [[ "$protocol" = "SASL_PLAINTEXT" ]] || [[ "$protocol" = "SASL_SSL" ]]; then - if is_empty_value "${KAFKA_CFG_SASL_MECHANISM_INTER_BROKER_PROTOCOL:-}"; then - print_validation_error "When using SASL for inter broker comunication the mechanism should be provided using KAFKA_CFG_SASL_MECHANISM_INTER_BROKER_PROTOCOL" - fi - if is_empty_value "${KAFKA_INTER_BROKER_USER:-}" || is_empty_value "${KAFKA_INTER_BROKER_PASSWORD:-}"; then - print_validation_error "In order to configure SASL authentication for Kafka inter-broker communications, you must provide the SASL credentials. Set the environment variables KAFKA_INTER_BROKER_USER and KAFKA_INTER_BROKER_PASSWORD to configure the credentials for SASL authentication with between brokers." - fi - fi - # If controller listener configured with SASL, ensure KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL is set - elif [[ "${KAFKA_CFG_CONTROLLER_LISTENER_NAMES:-CONTROLLER}" =~ $listener ]]; then - if [[ "$protocol" = "SASL_PLAINTEXT" ]] || [[ "$protocol" = "SASL_SSL" ]]; then - if is_empty_value "${KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL:-}"; then - print_validation_error "When using SASL for controller comunication the mechanism should be provided at KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL" - elif [[ "$KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL" =~ SCRAM ]]; then - warn "KRaft controller listener may not support SCRAM-SHA-256/SCRAM-SHA-512 mechanisms. If facing any issues, we recommend switching to PLAIN mechanism. More information at: https://issues.apache.org/jira/browse/KAFKA-15513" - fi - if is_empty_value "${KAFKA_CONTROLLER_USER:-}" || is_empty_value "${KAFKA_CONTROLLER_PASSWORD:-}"; then - print_validation_error "In order to configure SASL authentication for Kafka control plane communications, you must provide the SASL credentials. Set the environment variables KAFKA_CONTROLLER_USER and KAFKA_CONTROLLER_PASSWORD to configure the credentials for SASL authentication with between controllers." - fi - fi - else - if [[ "$protocol" = "SASL_PLAINTEXT" ]] || [[ "$protocol" = "SASL_SSL" ]]; then - if is_empty_value "${KAFKA_CLIENT_USERS:-}" || is_empty_value "${KAFKA_CLIENT_PASSWORDS:-}"; then - print_validation_error "In order to configure SASL authentication for Kafka, you must provide the SASL credentials. Set the environment variables KAFKA_CLIENT_USERS and KAFKA_CLIENT_PASSWORDS to configure the credentials for SASL authentication with clients." - fi - fi - - fi - done - } - - if is_empty_value "${KAFKA_CFG_PROCESS_ROLES:-}" && is_empty_value "${KAFKA_CFG_ZOOKEEPER_CONNECT:-}"; then - print_validation_error "Kafka haven't been configured to work in either Raft or Zookeper mode. Please make sure at least one of the modes is configured." - fi - # Check KRaft mode - if ! is_empty_value "${KAFKA_CFG_PROCESS_ROLES:-}"; then - # Raft - if [[ "$(kafka_get_version)" =~ ^3\.2\. ]]; then - warn "KRaft mode is not production-ready in Kafka 3.2, for production environments, we recommend upgrading " - fi - # Only allow Zookeeper configuration if migration mode is enabled - if ! is_empty_value "${KAFKA_CFG_ZOOKEEPER_CONNECT:-}" && - { is_empty_value "${KAFKA_CFG_ZOOKEEPER_METADATA_MIGRATION_ENABLE:-}" || ! is_boolean_yes "$KAFKA_CFG_ZOOKEEPER_METADATA_MIGRATION_ENABLE"; }; then - print_validation_error "Both KRaft mode and Zookeeper modes are configured, but KAFKA_CFG_ZOOKEEPER_METADATA_MIGRATION_ENABLE is not enabled" - fi - if is_empty_value "${KAFKA_CFG_NODE_ID:-}"; then - print_validation_error "KRaft mode requires an unique node.id, please set the environment variable KAFKA_CFG_NODE_ID" - fi - if is_empty_value "${KAFKA_CFG_CONTROLLER_QUORUM_VOTERS:-}"; then - print_validation_error "KRaft mode requires KAFKA_CFG_CONTROLLER_QUORUM_VOTERS to be set" - fi - check_kraft_process_roles - fi - # Check Zookeeper mode - if ! is_empty_value "${KAFKA_CFG_ZOOKEEPER_CONNECT:-}"; then - # If SSL/SASL_SSL protocol configured, check certificates are provided - if [[ "$KAFKA_ZOOKEEPER_PROTOCOL" =~ SSL ]]; then - if [[ "$KAFKA_ZOOKEEPER_TLS_TYPE" = "JKS" ]]; then - # Fail if truststore is not provided - if [[ ! -f "$KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE" ]]; then - print_validation_error "In order to configure the TLS encryption for Zookeeper with JKS certs you must mount your zookeeper.truststore.jks cert to the ${KAFKA_MOUNTED_CONF_DIR}/certs directory." - fi - # Warn if keystore is not provided, only required if Zookeper mTLS is enabled (ZOO_TLS_CLIENT_AUTH) - if [[ ! -f "${KAFKA_CERTS_DIR}/zookeeper.keystore.jks" ]] && [[ ! -f "${KAFKA_MOUNTED_CONF_DIR}/certs/zookeeper.keystore.jks" ]]; then - warn "In order to configure the mTLS for Zookeeper with JKS certs you must mount your zookeeper.keystore.jks cert to the ${KAFKA_MOUNTED_CONF_DIR}/certs directory." - fi - elif [[ "$KAFKA_ZOOKEEPER_TLS_TYPE" = "PEM" ]]; then - # Fail if CA / validation cert is not provided - if [[ ! -f "$KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE" ]]; then - print_validation_error "In order to configure the TLS encryption for Zookeeper with PEM certs you must mount your zookeeper.truststore.pem cert to the ${KAFKA_MOUNTED_CONF_DIR}/certs directory." - fi - # Warn if node key or cert are not provided, only required if Zookeper mTLS is enabled (ZOO_TLS_CLIENT_AUTH) - if { [[ ! -f "${KAFKA_CERTS_DIR}/zookeeper.keystore.pem" ]] || [[ ! -f "${KAFKA_CERTS_DIR}/zookeeper.keystore.key" ]]; } && - { [[ ! -f "${KAFKA_MOUNTED_CONF_DIR}/certs/zookeeper.keystore.pem" ]] || [[ ! -f "${KAFKA_MOUNTED_CONF_DIR}/certs/zookeeper.keystore.key" ]]; }; then - warn "In order to configure the mTLS for Zookeeper with PEM certs you must mount your zookeeper.keystore.pem cert and zookeeper.keystore.key key to the ${KAFKA_MOUNTED_CONF_DIR}/certs directory." - fi - fi - fi - # If SASL/SASL_SSL protocol configured, check certificates are provided - if [[ "$KAFKA_ZOOKEEPER_PROTOCOL" =~ SASL ]]; then - if is_empty_value "${KAFKA_ZOOKEEPER_USER:-}" || is_empty_value "${KAFKA_ZOOKEEPER_PASSWORD:-}"; then - print_validation_error "In order to configure SASL authentication for Kafka, you must provide the SASL credentials. Set the environment variables KAFKA_ZOOKEEPER_USER and KAFKA_ZOOKEEPER_PASSWORD, to configure the credentials for SASL authentication with Zookeeper." - fi - fi - # If using plaintext protocol, check it is explicitly allowed - if [[ "$KAFKA_ZOOKEEPER_PROTOCOL" = "PLAINTEXT" ]]; then - warn "The KAFKA_ZOOKEEPER_PROTOCOL environment variable does not configure SASL and/or SSL, this setting is not recommended for production environments." - fi - fi - # Check listener ports are unique and allowed - check_listener_ports - # Check listeners are mapped to a valid security protocol - check_listener_protocols - # Warn users if plaintext listeners are configured - if kafka_has_plaintext_listener; then - warn "Kafka has been configured with a PLAINTEXT listener, this setting is not recommended for production environments." - fi - # If SSL/SASL_SSL listeners configured, check certificates are provided - if kafka_has_ssl_listener; then - if [[ "$KAFKA_TLS_TYPE" = "JKS" ]] && - { [[ ! -f "${KAFKA_CERTS_DIR}/kafka.keystore.jks" ]] || [[ ! -f "$KAFKA_TLS_TRUSTSTORE_FILE" ]]; } && - { [[ ! -f "${KAFKA_MOUNTED_CONF_DIR}/certs/kafka.keystore.jks" ]] || [[ ! -f "$KAFKA_TLS_TRUSTSTORE_FILE" ]]; }; then - print_validation_error "In order to configure the TLS encryption for Kafka with JKS certs you must mount your kafka.keystore.jks and kafka.truststore.jks certs to the ${KAFKA_MOUNTED_CONF_DIR}/certs directory." - elif [[ "$KAFKA_TLS_TYPE" = "PEM" ]] && - { [[ ! -f "${KAFKA_CERTS_DIR}/kafka.keystore.pem" ]] || [[ ! -f "${KAFKA_CERTS_DIR}/kafka.keystore.key" ]] || [[ ! -f "$KAFKA_TLS_TRUSTSTORE_FILE" ]]; } && - { [[ ! -f "${KAFKA_MOUNTED_CONF_DIR}/certs/kafka.keystore.pem" ]] || [[ ! -f "${KAFKA_MOUNTED_CONF_DIR}/certs/kafka.keystore.key" ]] || [[ ! -f "$KAFKA_TLS_TRUSTSTORE_FILE" ]]; }; then - print_validation_error "In order to configure the TLS encryption for Kafka with PEM certs you must mount your kafka.keystore.pem, kafka.keystore.key and kafka.truststore.pem certs to the ${KAFKA_MOUNTED_CONF_DIR}/certs directory." - fi - fi - # If SASL/SASL_SSL listeners configured, check passwords are provided - if kafka_has_sasl_listener; then - if is_empty_value "${KAFKA_CFG_SASL_ENABLED_MECHANISMS:-}"; then - print_validation_error "Specified SASL protocol but no SASL mechanisms provided in KAFKA_CFG_SASL_ENABLED_MECHANISMS" - fi - fi - # Check users and passwords lists are the same size - read -r -a users <<<"$(tr ',;' ' ' <<<"${KAFKA_CLIENT_USERS:-}")" - read -r -a passwords <<<"$(tr ',;' ' ' <<<"${KAFKA_CLIENT_PASSWORDS:-}")" - if [[ "${#users[@]}" -ne "${#passwords[@]}" ]]; then - print_validation_error "Specify the same number of passwords on KAFKA_CLIENT_PASSWORDS as the number of users on KAFKA_CLIENT_USERS!" - fi - check_multi_value "KAFKA_TLS_TYPE" "JKS PEM" - check_multi_value "KAFKA_ZOOKEEPER_TLS_TYPE" "JKS PEM" - check_multi_value "KAFKA_ZOOKEEPER_PROTOCOL" "PLAINTEXT SASL SSL SASL_SSL" - check_multi_value "KAFKA_TLS_CLIENT_AUTH" "none requested required" - [[ "$error_code" -eq 0 ]] || return "$error_code" -} - -######################## -# Get kafka version -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# version -######################### -kafka_get_version() { - local -a cmd=("kafka-topics.sh" "--version") - am_i_root && cmd=("run_as_user" "$KAFKA_DAEMON_USER" "${cmd[@]}") - - read -r -a ver_split <<< "$("${cmd[@]}")" - echo "${ver_split[0]}" -} - -######################### -# Configure JAAS for a given listener and SASL mechanisms -# Globals: -# KAFKA_* -# Arguments: -# $1 - Name of the listener JAAS will be configured for -# $2 - Comma-separated list of SASL mechanisms to configure -# $3 - Comma-separated list of usernames -# $4 - Comma-separated list of passwords -# Returns: -# None -######################### -kafka_configure_server_jaas() { - local listener="${1:?missing listener name}" - local role="${2:-}" - - if [[ "$role" = "controller" ]]; then - local jaas_content=() - if [[ "$KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL" = "PLAIN" ]]; then - jaas_content=( - "org.apache.kafka.common.security.plain.PlainLoginModule required" - "username=\"${KAFKA_CONTROLLER_USER}\"" - "password=\"${KAFKA_CONTROLLER_PASSWORD}\"" - "user_${KAFKA_CONTROLLER_USER}=\"${KAFKA_CONTROLLER_PASSWORD}\";" - ) - elif [[ "$KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL" =~ SCRAM ]]; then - jaas_content=( - "org.apache.kafka.common.security.scram.ScramLoginModule required" - "username=\"${KAFKA_CONTROLLER_USER}\"" - "password=\"${KAFKA_CONTROLLER_PASSWORD}\";" - ) - fi - listener_lower="$(echo "$listener" | tr '[:upper:]' '[:lower:]')" - sasl_mechanism_lower="$(echo "$KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL" | tr '[:upper:]' '[:lower:]')" - kafka_server_conf_set "listener.name.${listener_lower}.${sasl_mechanism_lower}.sasl.jaas.config" "${jaas_content[*]}" - else - read -r -a sasl_mechanisms_arr <<<"$(tr ',' ' ' <<<"$KAFKA_CFG_SASL_ENABLED_MECHANISMS")" - read -r -a users <<<"$(tr ',;' ' ' <<<"$KAFKA_CLIENT_USERS")" - read -r -a passwords <<<"$(tr ',;' ' ' <<<"$KAFKA_CLIENT_PASSWORDS")" - # Configure JAAS for each SASL mechanism - # ref: https://docs.confluent.io/platform/current/kafka/authentication_sasl/index.html - for sasl_mechanism in "${sasl_mechanisms_arr[@]}"; do - local jaas_content=() - # For PLAIN mechanism, only the first username will be used - if [[ "$sasl_mechanism" = "PLAIN" ]]; then - jaas_content=("org.apache.kafka.common.security.plain.PlainLoginModule required") - if [[ "$role" = "inter-broker" ]]; then - jaas_content+=( - "username=\"${KAFKA_INTER_BROKER_USER}\"" - "password=\"${KAFKA_INTER_BROKER_PASSWORD}\"" - ) - users+=("$KAFKA_INTER_BROKER_USER") - passwords+=("$KAFKA_INTER_BROKER_PASSWORD") - fi - for ((i = 0; i < ${#users[@]}; i++)); do - jaas_content+=("user_${users[i]}=\"${passwords[i]}\"") - done - # Add semi-colon to the last element of the array - jaas_content[${#jaas_content[@]} - 1]="${jaas_content[${#jaas_content[@]} - 1]};" - elif [[ "$sasl_mechanism" =~ SCRAM ]]; then - if [[ "$role" = "inter-broker" ]]; then - jaas_content=( - "org.apache.kafka.common.security.scram.ScramLoginModule required" - "username=\"${KAFKA_INTER_BROKER_USER}\"" - "password=\"${KAFKA_INTER_BROKER_PASSWORD}\";" - ) - else - jaas_content=("org.apache.kafka.common.security.scram.ScramLoginModule required;") - fi - fi - listener_lower="$(echo "$listener" | tr '[:upper:]' '[:lower:]')" - sasl_mechanism_lower="$(echo "$sasl_mechanism" | tr '[:upper:]' '[:lower:]')" - kafka_server_conf_set "listener.name.${listener_lower}.${sasl_mechanism_lower}.sasl.jaas.config" "${jaas_content[*]}" - done - fi -} - -######################## -# Configure Zookeeper JAAS authentication -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_zookeeper_configure_jaas(){ - local jaas_content=( - "org.apache.kafka.common.security.plain.PlainLoginModule required" - "username=\"${KAFKA_ZOOKEEPER_USER}\"" - "password=\"${KAFKA_ZOOKEEPER_PASSWORD}\";" - ) - - kafka_server_conf_set "sasl.jaas.config" "${jaas_content[*]}" -} - -######################## -# Generate JAAS authentication file for local producer/consumer to use -# Globals: -# KAFKA_* -# Arguments: -# $1 - Authentication protocol to use for the internal listener -# $2 - Authentication protocol to use for the client listener -# Returns: -# None -######################### -kafka_configure_consumer_producer_jaas(){ - local jaas_content=() - read -r -a users <<<"$(tr ',;' ' ' <<<"${KAFKA_CLIENT_USERS}")" - read -r -a passwords <<<"$(tr ',;' ' ' <<<"${KAFKA_CLIENT_PASSWORDS}")" - - if [[ "${KAFKA_CFG_SASL_ENABLED_MECHANISMS}" =~ SCRAM ]]; then - jaas_content=("org.apache.kafka.common.security.scram.ScramLoginModule required") - elif [[ "${KAFKA_CFG_SASL_ENABLED_MECHANISMS}" =~ PLAIN ]]; then - jaas_content=("org.apache.kafka.common.security.plain.PlainLoginModule required") - else - error "Couldn't configure a supported SASL mechanism for Kafka consumer/producer properties" - exit 1 - fi - - jaas_content+=( - "username=\"${users[0]}\"" - "password=\"${passwords[0]}\";" - ) - - kafka_producer_consumer_conf_set "sasl.jaas.config" "${jaas_content[*]}" -} - -######################## -# Create users in zookeper when using SASL/SCRAM mechanism -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_zookeeper_create_sasl_scram_users() { - info "Creating users in Zookeeper" - read -r -a users <<<"$(tr ',;' ' ' <<<"${KAFKA_CLIENT_USERS}")" - read -r -a passwords <<<"$(tr ',;' ' ' <<<"${KAFKA_CLIENT_PASSWORDS}")" - local zookeeper_connect - zookeeper_connect=$(grep "^zookeeper.connect=" "$KAFKA_CONF_FILE" | sed -E 's/^zookeeper\.connect=(\S+)$/\1/') - read -r -a zookeeper_hosts <<<"$(tr ',;' ' ' <<<"${zookeeper_connect}")" - - if [[ "${#zookeeper_hosts[@]}" -eq 0 ]]; then - error "Couldn't obtain zookeeper.connect from $KAFKA_CONF_FILE" - exit 1 - fi - # Wait for Zookeeper to be reachable - read -r -a aux <<<"$(tr ':' ' ' <<<"${zookeeper_hosts[0]}")" - local host="${aux[0]:?missing host}" - local port="${aux[1]:-2181}" - wait-for-port --host "$host" "$port" - - # Add interbroker credentials - if grep -Eq "^sasl.mechanism.inter.broker.protocol=SCRAM" "$KAFKA_CONF_FILE"; then - users+=("${KAFKA_INTER_BROKER_USER}") - passwords+=("${KAFKA_INTER_BROKER_PASSWORD}") - fi - for ((i = 0; i < ${#users[@]}; i++)); do - debug "Creating user ${users[i]} in zookeeper" - # Ref: https://docs.confluent.io/current/kafka/authentication_sasl/authentication_sasl_scram.html#sasl-scram-overview - debug_execute kafka-configs.sh --zookeeper "$zookeeper_connect" --alter --add-config "SCRAM-SHA-256=[iterations=8192,password=${passwords[i]}],SCRAM-SHA-512=[password=${passwords[i]}]" --entity-type users --entity-name "${users[i]}" - done -} - -######################## -# Configure Kafka SSL settings -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_configure_ssl() { - # Configures both Kafka server and producers/consumers - configure_both() { - kafka_server_conf_set "${1:?missing key}" "${2:?missing value}" - kafka_producer_consumer_conf_set "${1:?missing key}" "${2:?missing value}" - } - kafka_server_conf_set "ssl.client.auth" "${KAFKA_TLS_CLIENT_AUTH}" - configure_both ssl.keystore.type "${KAFKA_TLS_TYPE}" - configure_both ssl.truststore.type "${KAFKA_TLS_TYPE}" - local -r kafka_truststore_location="${KAFKA_CERTS_DIR}/$(basename "${KAFKA_TLS_TRUSTSTORE_FILE}")" - ! is_empty_value "${KAFKA_CERTIFICATE_PASSWORD:-}" && configure_both ssl.key.password "$KAFKA_CERTIFICATE_PASSWORD" - if [[ "$KAFKA_TLS_TYPE" = "PEM" ]]; then - file_to_multiline_property() { - awk 'NR > 1{print line"\\n\\"}{line=$0;}END{print $0" "}' <"${1:?missing file}" - } - remove_previous_cert_value() { - local key="${1:?missing key}" - files=( - "${KAFKA_CONF_FILE}" - "${KAFKA_CONF_DIR}/producer.properties" - "${KAFKA_CONF_DIR}/consumer.properties" - ) - for file in "${files[@]}"; do - if grep -q "^[#\\s]*$key\s*=.*" "$file"; then - # Delete all lines from the certificate beginning to its end - sed -i "/^[#\\s]*$key\s*=.*-----BEGIN/,/-----END/d" "$file" - fi - done - } - # We need to remove the previous cert value - # kafka_common_conf_set uses replace_in_file, which can't match multiple lines - remove_previous_cert_value ssl.keystore.key - remove_previous_cert_value ssl.keystore.certificate.chain - remove_previous_cert_value ssl.truststore.certificates - configure_both ssl.keystore.key "$(file_to_multiline_property "${KAFKA_CERTS_DIR}/kafka.keystore.key")" - configure_both ssl.keystore.certificate.chain "$(file_to_multiline_property "${KAFKA_CERTS_DIR}/kafka.keystore.pem")" - configure_both ssl.truststore.certificates "$(file_to_multiline_property "${kafka_truststore_location}")" - elif [[ "$KAFKA_TLS_TYPE" = "JKS" ]]; then - configure_both ssl.keystore.location "$KAFKA_CERTS_DIR"/kafka.keystore.jks - configure_both ssl.truststore.location "$kafka_truststore_location" - ! is_empty_value "${KAFKA_CERTIFICATE_PASSWORD:-}" && configure_both ssl.keystore.password "$KAFKA_CERTIFICATE_PASSWORD" - ! is_empty_value "${KAFKA_CERTIFICATE_PASSWORD:-}" && configure_both ssl.truststore.password "$KAFKA_CERTIFICATE_PASSWORD" - fi - true # Avoid the function to fail due to the check above -} - -######################## -# Get Zookeeper TLS settings -# Globals: -# KAFKA_ZOOKEEPER_TLS_* -# Arguments: -# None -# Returns: -# String -######################### -kafka_zookeeper_configure_tls() { - # Note that ZooKeeper does not support a key password different from the keystore password, - # so be sure to set the key password in the keystore to be identical to the keystore password; - # otherwise the connection attempt to Zookeeper will fail. - local keystore_location="" - local -r kafka_zk_truststore_location="${KAFKA_CERTS_DIR}/$(basename "${KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE}")" - - if [[ "$KAFKA_ZOOKEEPER_TLS_TYPE" = "JKS" ]] && [[ -f "${KAFKA_CERTS_DIR}/zookeeper.keystore.jks" ]]; then - keystore_location="${KAFKA_CERTS_DIR}/zookeeper.keystore.jks" - elif [[ "$KAFKA_ZOOKEEPER_TLS_TYPE" = "PEM" ]] && [[ -f "${KAFKA_CERTS_DIR}/zookeeper.keystore.pem" ]] && [[ -f "${KAFKA_CERTS_DIR}/zookeeper.keystore.key" ]]; then - # Concatenating private key into public certificate file - # This is needed to load keystore from location using PEM - keystore_location="${KAFKA_CERTS_DIR}/zookeeper.keypair.pem" - cat "${KAFKA_CERTS_DIR}/zookeeper.keystore.pem" "${KAFKA_CERTS_DIR}/zookeeper.keystore.key" > "$keystore_location" - fi - - kafka_server_conf_set "zookeeper.clientCnxnSocket" "org.apache.zookeeper.ClientCnxnSocketNetty" - kafka_server_conf_set "zookeeper.ssl.client.enable" "true" - is_boolean_yes "${KAFKA_ZOOKEEPER_TLS_VERIFY_HOSTNAME:-}" && kafka_server_conf_set "zookeeper.ssl.endpoint.identification.algorithm" "HTTPS" - ! is_empty_value "${keystore_location:-}" && kafka_server_conf_set "zookeeper.ssl.keystore.location" "${keystore_location}" - ! is_empty_value "${KAFKA_ZOOKEEPER_TLS_KEYSTORE_PASSWORD:-}" && kafka_server_conf_set "zookeeper.ssl.keystore.password" "${KAFKA_ZOOKEEPER_TLS_KEYSTORE_PASSWORD}" - ! is_empty_value "${kafka_zk_truststore_location:-}" && kafka_server_conf_set "zookeeper.ssl.truststore.location" "${kafka_zk_truststore_location}" - ! is_empty_value "${KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_PASSWORD:-}" && kafka_server_conf_set "zookeeper.ssl.truststore.password" "${KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_PASSWORD}" - true # Avoid the function to fail due to the check above -} - -######################## -# Configure Kafka configuration files from environment variables -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_configure_from_environment_variables() { - # List of special cases to apply to the variables - local -r exception_regexps=( - "s/sasl\.ssl/sasl_ssl/g" - "s/sasl\.plaintext/sasl_plaintext/g" - ) - # Map environment variables to config properties - for var in "${!KAFKA_CFG_@}"; do - key="$(echo "$var" | sed -e 's/^KAFKA_CFG_//g' -e 's/_/\./g' | tr '[:upper:]' '[:lower:]')" - - # Exception for the camel case in this environment variable - [[ "$var" == "KAFKA_CFG_ZOOKEEPER_CLIENTCNXNSOCKET" ]] && key="zookeeper.clientCnxnSocket" - - # Apply exception regexps - for regex in "${exception_regexps[@]}"; do - key="$(echo "$key" | sed "$regex")" - done - - value="${!var}" - # Skip empty variables from kafka-env.sh - ! is_empty_value "$value" && kafka_server_conf_set "$key" "$value" - done -} - -######################## -# Initialize KRaft storage -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_kraft_storage_initialize() { - local args=("--config" "$KAFKA_CONF_FILE" "--ignore-formatted") - info "Initializing KRaft storage metadata" - - # If cluster.id found in meta.properties, use it - if [[ -f "${KAFKA_DATA_DIR}/meta.properties" ]]; then - KAFKA_KRAFT_CLUSTER_ID=$(grep "^cluster.id=" "${KAFKA_DATA_DIR}/meta.properties" | sed -E 's/^cluster\.id=(\S+)$/\1/') - fi - - if is_empty_value "${KAFKA_KRAFT_CLUSTER_ID:-}"; then - warn "KAFKA_KRAFT_CLUSTER_ID not set - If using multiple nodes then you must use the same Cluster ID for each one" - KAFKA_KRAFT_CLUSTER_ID="$("${KAFKA_HOME}/bin/kafka-storage.sh" random-uuid)" - info "Generated Kafka cluster ID '${KAFKA_KRAFT_CLUSTER_ID}'" - fi - args+=("--cluster-id" "$KAFKA_KRAFT_CLUSTER_ID") - - # SCRAM users are configured during the cluster bootstrapping process and can later be manually updated using kafka-config.sh - if is_boolean_yes "${KAFKA_KRAFT_BOOTSTRAP_SCRAM_USERS:-}"; then - info "Adding KRaft SCRAM users at storage bootstrap" - read -r -a users <<<"$(tr ',;' ' ' <<<"${KAFKA_CLIENT_USERS}")" - read -r -a passwords <<<"$(tr ',;' ' ' <<<"${KAFKA_CLIENT_PASSWORDS}")" - # Configure SCRAM-SHA-256 if enabled - if grep -Eq "^sasl.enabled.mechanisms=.*SCRAM-SHA-256" "$KAFKA_CONF_FILE"; then - for ((i = 0; i < ${#users[@]}; i++)); do - args+=("--add-scram" "SCRAM-SHA-256=[name=${users[i]},password=${passwords[i]}]") - done - fi - # Configure SCRAM-SHA-512 if enabled - if grep -Eq "^sasl.enabled.mechanisms=.*SCRAM-SHA-512" "$KAFKA_CONF_FILE"; then - for ((i = 0; i < ${#users[@]}; i++)); do - args+=("--add-scram" "SCRAM-SHA-512=[name=${users[i]},password=${passwords[i]}]") - done - fi - # Add interbroker credentials - if grep -Eq "^sasl.mechanism.inter.broker.protocol=SCRAM-SHA-256" "$KAFKA_CONF_FILE"; then - args+=("--add-scram" "SCRAM-SHA-256=[name=${KAFKA_INTER_BROKER_USER},password=${KAFKA_INTER_BROKER_PASSWORD}]") - elif grep -Eq "^sasl.mechanism.inter.broker.protocol=SCRAM-SHA-512" "$KAFKA_CONF_FILE"; then - args+=("--add-scram" "SCRAM-SHA-512=[name=${KAFKA_INTER_BROKER_USER},password=${KAFKA_INTER_BROKER_PASSWORD}]") - fi - # Add controller credentials - if grep -Eq "^sasl.mechanism.controller.protocol=SCRAM-SHA-256" "$KAFKA_CONF_FILE"; then - args+=("--add-scram" "SCRAM-SHA-256=[name=${KAFKA_CONTROLLER_USER},password=${KAFKA_CONTROLLER_PASSWORD}]") - elif grep -Eq "^sasl.mechanism.controller.protocol=SCRAM-SHA-512" "$KAFKA_CONF_FILE"; then - args+=("--add-scram" "SCRAM-SHA-512=[name=${KAFKA_CONTROLLER_USER},password=${KAFKA_CONTROLLER_PASSWORD}]") - fi - fi - info "Formatting storage directories to add metadata..." - "${KAFKA_HOME}/bin/kafka-storage.sh" format "${args[@]}" -} - -######################## -# Detects inconsitences between the configuration at KAFKA_CONF_FILE and cluster-state file -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_kraft_quorum_voters_changed(){ - read -r -a quorum_voters_conf_ids <<<"$(grep "^controller.quorum.voters=" "$KAFKA_CONF_FILE" | sed "s/^controller.quorum.voters=//" | tr "," " " | sed -E "s/\@\S+//g")" - read -r -a quorum_voters_state_ids <<< "$(grep -Eo "\{\"voterId\":[0-9]+\}" "${KAFKA_DATA_DIR}/__cluster_metadata-0/quorum-state" | grep -Eo "[0-9]+" | tr "\n" " ")" - - if [[ "${#quorum_voters_conf_ids[@]}" != "${#quorum_voters_state_ids[@]}" ]]; then - true - else - read -r -a sorted_state <<< "$(echo "${quorum_voters_conf_ids[@]}" | tr ' ' '\n' | sort | tr '\n' ' ')" - read -r -a sorted_conf <<< "$(echo "${quorum_voters_state_ids[@]}" | tr ' ' '\n' | sort | tr '\n' ' ')" - if [[ "${sorted_state[*]}" = "${sorted_conf[*]}" ]]; then - false - else - true - fi - fi -} - -######################## -# Initialize Kafka -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_initialize() { - info "Initializing Kafka..." - # Check for mounted configuration files - if ! is_dir_empty "$KAFKA_MOUNTED_CONF_DIR"; then - cp -Lr "$KAFKA_MOUNTED_CONF_DIR"/* "$KAFKA_CONF_DIR" - fi - # Copy truststore to cert directory - for cert_var in KAFKA_TLS_TRUSTSTORE_FILE KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE; do - # Only copy if the file exists and it is in a different location than KAFKA_CERTS_DIR (to avoid copying to the same location) - if [[ -f "${!cert_var}" ]] && ! [[ "${!cert_var}" =~ $KAFKA_CERTS_DIR ]]; then - info "Copying truststore ${!cert_var} to ${KAFKA_CERTS_DIR}" - cp -L "${!cert_var}" "$KAFKA_CERTS_DIR" - fi - done - - if [[ ! -f "${KAFKA_MOUNTED_CONF_DIR}/server.properties" ]]; then - info "No injected configuration files found, creating default config files" - # Restore original server.properties but remove Zookeeper/KRaft specific settings for compatibility with both architectures - cp "${KAFKA_CONF_DIR}/server.properties.original" "$KAFKA_CONF_FILE" - kafka_server_unify_conf - # Configure Kafka settings - kafka_server_conf_set log.dirs "$KAFKA_DATA_DIR" - kafka_configure_from_environment_variables - # Configure Kafka producer/consumer to set up message sizes - ! is_empty_value "${KAFKA_CFG_MAX_REQUEST_SIZE:-}" && kafka_common_conf_set "$KAFKA_CONF_DIR/producer.properties" max.request.size "$KAFKA_CFG_MAX_REQUEST_SIZE" - ! is_empty_value "${KAFKA_CFG_MAX_PARTITION_FETCH_BYTES:-}" && kafka_common_conf_set "$KAFKA_CONF_DIR/consumer.properties" max.partition.fetch.bytes "$KAFKA_CFG_MAX_PARTITION_FETCH_BYTES" - # Zookeeper mode additional settings - if ! is_empty_value "${KAFKA_CFG_ZOOKEEPER_CONNECT:-}"; then - if [[ "$KAFKA_ZOOKEEPER_PROTOCOL" =~ SSL ]]; then - kafka_zookeeper_configure_tls - fi - if [[ "$KAFKA_ZOOKEEPER_PROTOCOL" =~ SASL ]]; then - kafka_zookeeper_configure_jaas - fi - fi - # If at least one listener uses SSL or SASL_SSL, ensure SSL is configured - if kafka_has_ssl_listener; then - kafka_configure_ssl - fi - # If at least one listener uses SASL_PLAINTEXT or SASL_SSL, ensure SASL is configured - if kafka_has_sasl_listener; then - if [[ "$KAFKA_CFG_SASL_ENABLED_MECHANISMS" =~ SCRAM ]]; then - if ! is_empty_value "${KAFKA_CFG_PROCESS_ROLES:-}"; then - if [[ "$(kafka_get_version)" =~ ^3\.2\.|^3\.3\.|^3\.4\. ]]; then - # NOTE: This will depend on Kafka version when support for SCRAM is added - warn "KRaft mode requires Kafka version 3.5 or higher for SCRAM to be supported. SCRAM SASL mechanisms will now be disabled." - KAFKA_CFG_SASL_ENABLED_MECHANISMS=PLAIN - else - export KAFKA_KRAFT_BOOTSTRAP_SCRAM_USERS="true" - fi - fi - if ! is_empty_value "${KAFKA_CFG_ZOOKEEPER_CONNECT:-}"; then - export KAFKA_ZOOKEEPER_BOOTSTRAP_SCRAM_USERS="true" - fi - fi - kafka_server_conf_set sasl.enabled.mechanisms "$KAFKA_CFG_SASL_ENABLED_MECHANISMS" - fi - # Settings for each Kafka Listener are configured individually - read -r -a protocol_maps <<<"$(tr ',' ' ' <<<"$KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP")" - for protocol_map in "${protocol_maps[@]}"; do - read -r -a map <<<"$(tr ':' ' ' <<<"$protocol_map")" - # Obtain the listener and protocol from protocol map string, e.g. CONTROLLER:PLAINTEXT - listener="${map[0]}" - protocol="${map[1]}" - listener_lower="$(echo "$listener" | tr '[:upper:]' '[:lower:]')" - - if [[ "$protocol" = "SSL" || "$protocol" = "SASL_SSL" ]]; then - listener_upper="$(echo "$listener" | tr '[:lower:]' '[:upper:]')" - env_name="KAFKA_TLS_${listener_upper}_CLIENT_AUTH" - [[ -n "${!env_name:-}" ]] && kafka_server_conf_set "listener.name.${listener_lower}.ssl.client.auth" "${!env_name}" - fi - if [[ "$protocol" = "SASL_PLAINTEXT" || "$protocol" = "SASL_SSL" ]]; then - local role="" - if [[ "$listener" = "${KAFKA_CFG_INTER_BROKER_LISTENER_NAME:-INTERNAL}" ]]; then - kafka_server_conf_set sasl.mechanism.inter.broker.protocol "$KAFKA_CFG_SASL_MECHANISM_INTER_BROKER_PROTOCOL" - role="inter-broker" - elif [[ "${KAFKA_CFG_CONTROLLER_LISTENER_NAMES:-CONTROLLER}" =~ $listener ]]; then - kafka_server_conf_set sasl.mechanism.controller.protocol "$KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL" - kafka_server_conf_set "listener.name.${listener_lower}.sasl.enabled.mechanisms" "$KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL" - role="controller" - fi - # If KAFKA_CLIENT_LISTENER_NAME is found in the listeners list, configure the producer/consumer accordingly - if [[ "$listener" = "${KAFKA_CLIENT_LISTENER_NAME:-CLIENT}" ]]; then - kafka_configure_consumer_producer_jaas - kafka_producer_consumer_conf_set security.protocol "$protocol" - kafka_producer_consumer_conf_set sasl.mechanism "${KAFKA_CLIENT_SASL_MECHANISM:-$(kafka_client_sasl_mechanism)}" - fi - kafka_configure_server_jaas "$listener_lower" "${role:-}" - fi - done - else - info "Detected mounted server.properties file at ${KAFKA_MOUNTED_CONF_DIR}/server.properties. Skipping configuration based on env variables" - fi - true -} - -######################## -# Returns the most secure SASL mechanism available for Kafka clients -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################## -kafka_client_sasl_mechanism() { - local sasl_mechanism="" - - if [[ "$KAFKA_CFG_SASL_ENABLED_MECHANISMS" =~ SCRAM-SHA-512 ]]; then - sasl_mechanism="SCRAM-SHA-512" - elif [[ "$KAFKA_CFG_SASL_ENABLED_MECHANISMS" =~ SCRAM-SHA-256 ]]; then - sasl_mechanism="SCRAM-SHA-256" - elif [[ "$KAFKA_CFG_SASL_ENABLED_MECHANISMS" =~ PLAIN ]]; then - sasl_mechanism="PLAIN" - fi - echo "$sasl_mechanism" -} - -######################## -# Removes default settings referencing Zookeeper mode or KRaft mode -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################## -kafka_server_unify_conf() { - local -r remove_regexps=( - #Zookeeper - "s/^zookeeper\./#zookeeper./g" - "s/^group\.initial/#group.initial/g" - "s/^broker\./#broker./g" - "s/^node\./#node./g" - "s/^process\./#process./g" - "s/^listeners=/#listeners=/g" - "s/^listener\./#listener./g" - "s/^controller\./#controller./g" - "s/^inter\.broker/#inter.broker/g" - "s/^advertised\.listeners/#advertised.listeners/g" - ) - - # Map environment variables to config properties - for regex in "${remove_regexps[@]}"; do - sed -i "${regex}" "$KAFKA_CONF_FILE" - done -} - -######################## -# Dinamically set node.id/broker.id/controller.quorum.voters if their alternative environment variable _COMMAND is set -# Globals: -# KAFKA_*_COMMAND -# Arguments: -# None -# Returns: -# None -######################### -kafka_dynamic_environment_variables() { - # KRaft mode - if ! is_empty_value "${KAFKA_NODE_ID_COMMAND:-}"; then - KAFKA_CFG_NODE_ID="$(eval "${KAFKA_NODE_ID_COMMAND}")" - export KAFKA_CFG_NODE_ID - fi - if ! is_empty_value "${KAFKA_CONTROLLER_QUORUM_VOTERS_COMMAND:-}"; then - KAFKA_CFG_CONTROLLER_QUORUM_VOTERS="$(eval "${KAFKA_CONTROLLER_QUORUM_VOTERS_COMMAND}")" - export KAFKA_CFG_CONTROLLER_QUORUM_VOTERS - fi - # Zookeeper mode - # DEPRECATED - BROKER_ID_COMMAND has been deprecated, please use KAFKA_BROKER_ID_COMMAND instead - if ! is_empty_value "${KAFKA_BROKER_ID_COMMAND:-}"; then - KAFKA_CFG_BROKER_ID="$(eval "${KAFKA_BROKER_ID_COMMAND}")" - export KAFKA_CFG_BROKER_ID - elif ! is_empty_value "${BROKER_ID_COMMAND:-}"; then - KAFKA_CFG_BROKER_ID="$(eval "${BROKER_ID_COMMAND}")" - export KAFKA_CFG_BROKER_ID - fi -} - -######################## -# Run custom initialization scripts -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_custom_init_scripts() { - if [[ -n $(find "${KAFKA_INITSCRIPTS_DIR}/" -type f -regex ".*\.\(sh\)") ]] && [[ ! -f "${KAFKA_VOLUME_DIR}/.user_scripts_initialized" ]]; then - info "Loading user's custom files from $KAFKA_INITSCRIPTS_DIR" - for f in /docker-entrypoint-initdb.d/*; do - debug "Executing $f" - case "$f" in - *.sh) - if [[ -x "$f" ]]; then - if ! "$f"; then - error "Failed executing $f" - return 1 - fi - else - warn "Sourcing $f as it is not executable by the current user, any error may cause initialization to fail" - . "$f" - fi - ;; - *) - warn "Skipping $f, supported formats are: .sh" - ;; - esac - done - touch "$KAFKA_VOLUME_DIR"/.user_scripts_initialized - fi -} - -######################## -# Check if Kafka is running -# Globals: -# KAFKA_PID_FILE -# Arguments: -# None -# Returns: -# Whether Kafka is running -######################## -is_kafka_running() { - local pid - pid="$(get_pid_from_file "$KAFKA_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if Kafka is running -# Globals: -# KAFKA_PID_FILE -# Arguments: -# None -# Returns: -# Whether Kafka is not running -######################## -is_kafka_not_running() { - ! is_kafka_running -} - -######################## -# Stop Kafka -# Globals: -# KAFKA_PID_FILE -# Arguments: -# None -# Returns: -# None -######################### -kafka_stop() { - ! is_kafka_running && return - stop_service_using_pid "$KAFKA_PID_FILE" TERM -} diff --git a/bitnami/kafka/3.3/debian-11/tags-info.yaml b/bitnami/kafka/3.3/debian-11/tags-info.yaml deleted file mode 100644 index 4255858f7360..000000000000 --- a/bitnami/kafka/3.3/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "3.3" -- 3.3-debian-11 -- 3.3.2 diff --git a/bitnami/kafka/3.4/debian-11/Dockerfile b/bitnami/kafka/3.4/debian-11/Dockerfile deleted file mode 100644 index a9cc0ed1dabf..000000000000 --- a/bitnami/kafka/3.4/debian-11/Dockerfile +++ /dev/null @@ -1,63 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG JAVA_EXTRA_SECURITY_DIR="/bitnami/java/extra-security" -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T06:20:56Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="3.4.1-debian-11-r140" \ - org.opencontainers.image.title="kafka" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="3.4.1" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "wait-for-port-1.0.7-9-linux-${OS_ARCH}-debian-11" \ - "render-template-1.0.6-9-linux-${OS_ARCH}-debian-11" \ - "java-17.0.10-13-2-linux-${OS_ARCH}-debian-11" \ - "kafka-3.4.1-6-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN ln -s /opt/bitnami/scripts/kafka/entrypoint.sh /entrypoint.sh -RUN ln -s /opt/bitnami/scripts/kafka/run.sh /run.sh - -COPY rootfs / -RUN /opt/bitnami/scripts/java/postunpack.sh -RUN /opt/bitnami/scripts/kafka/postunpack.sh -ENV APP_VERSION="3.4.1" \ - BITNAMI_APP_NAME="kafka" \ - JAVA_HOME="/opt/bitnami/java" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/java/bin:/opt/bitnami/kafka/bin:$PATH" - -EXPOSE 9092 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/kafka/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/kafka/run.sh" ] diff --git a/bitnami/kafka/3.4/debian-11/docker-compose.yml b/bitnami/kafka/3.4/debian-11/docker-compose.yml deleted file mode 100644 index 60699cb7413f..000000000000 --- a/bitnami/kafka/3.4/debian-11/docker-compose.yml +++ /dev/null @@ -1,26 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: "2" - -services: - kafka: - image: docker.io/bitnami/kafka:3.4 - ports: - - "9092:9092" - volumes: - - "kafka_data:/bitnami" - environment: - # KRaft settings - - KAFKA_CFG_NODE_ID=0 - - KAFKA_CFG_PROCESS_ROLES=controller,broker - - KAFKA_CFG_CONTROLLER_QUORUM_VOTERS=0@kafka:9093 - # Listeners - - KAFKA_CFG_LISTENERS=PLAINTEXT://:9092,CONTROLLER://:9093 - - KAFKA_CFG_ADVERTISED_LISTENERS=PLAINTEXT://:9092 - - KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP=CONTROLLER:PLAINTEXT,PLAINTEXT:PLAINTEXT - - KAFKA_CFG_CONTROLLER_LISTENER_NAMES=CONTROLLER - - KAFKA_CFG_INTER_BROKER_LISTENER_NAME=PLAINTEXT -volumes: - kafka_data: - driver: local diff --git a/bitnami/kafka/3.4/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/kafka/3.4/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 30255f597897..000000000000 --- a/bitnami/kafka/3.4/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,26 +0,0 @@ -{ - "java": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "17.0.10-13-2" - }, - "kafka": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.4.1-6" - }, - "render-template": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.6-9" - }, - "wait-for-port": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.7-9" - } -} \ No newline at end of file diff --git a/bitnami/kafka/3.4/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/kafka/3.4/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/kafka/3.4/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/kafka/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/kafka/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/kafka/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/kafka/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/kafka/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/kafka/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/kafka/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/kafka/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/kafka/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/kafka/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/kafka/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/kafka/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/kafka/3.4/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/kafka/3.4/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/kafka/3.4/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/kafka/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/kafka/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/kafka/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/kafka/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/kafka/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/kafka/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/kafka/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/kafka/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/kafka/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/kafka/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/kafka/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/kafka/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/kafka/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/kafka/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/kafka/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/kafka/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/kafka/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/kafka/3.4/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/kafka/3.4/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/kafka/3.4/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/kafka/3.4/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/kafka/3.4/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/kafka/3.4/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/kafka/3.4/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/kafka/3.4/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh b/bitnami/kafka/3.4/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh deleted file mode 100755 index c3a1e2383fa1..000000000000 --- a/bitnami/kafka/3.4/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -print_welcome_page - -echo "" -exec "$@" diff --git a/bitnami/kafka/3.4/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh b/bitnami/kafka/3.4/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh deleted file mode 100755 index 52dbf4f13673..000000000000 --- a/bitnami/kafka/3.4/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh - -# -# Java post-unpack operations -# - -# Override default files in the Java security directory. This is used for -# custom base images (with custom CA certificates or block lists is used) - -if [[ -n "${JAVA_EXTRA_SECURITY_DIR:-}" ]] && ! is_dir_empty "$JAVA_EXTRA_SECURITY_DIR"; then - info "Adding custom CAs to the Java security folder" - cp -Lr "${JAVA_EXTRA_SECURITY_DIR}/." /opt/bitnami/java/lib/security -fi diff --git a/bitnami/kafka/3.4/debian-11/rootfs/opt/bitnami/scripts/kafka-env.sh b/bitnami/kafka/3.4/debian-11/rootfs/opt/bitnami/scripts/kafka-env.sh deleted file mode 100644 index 9f33fc07871a..000000000000 --- a/bitnami/kafka/3.4/debian-11/rootfs/opt/bitnami/scripts/kafka-env.sh +++ /dev/null @@ -1,117 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for kafka - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-kafka}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -kafka_env_vars=( - KAFKA_MOUNTED_CONF_DIR - KAFKA_INTER_BROKER_USER - KAFKA_INTER_BROKER_PASSWORD - KAFKA_CONTROLLER_USER - KAFKA_CONTROLLER_PASSWORD - KAFKA_CERTIFICATE_PASSWORD - KAFKA_TLS_TRUSTSTORE_FILE - KAFKA_TLS_TYPE - KAFKA_TLS_CLIENT_AUTH - KAFKA_OPTS - KAFKA_CFG_SASL_ENABLED_MECHANISMS - KAFKA_KRAFT_CLUSTER_ID - KAFKA_SKIP_KRAFT_STORAGE_INIT - KAFKA_CLIENT_LISTENER_NAME - KAFKA_ZOOKEEPER_PROTOCOL - KAFKA_ZOOKEEPER_PASSWORD - KAFKA_ZOOKEEPER_USER - KAFKA_ZOOKEEPER_TLS_KEYSTORE_PASSWORD - KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_PASSWORD - KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE - KAFKA_ZOOKEEPER_TLS_VERIFY_HOSTNAME - KAFKA_ZOOKEEPER_TLS_TYPE - KAFKA_CLIENT_USERS - KAFKA_CLIENT_PASSWORDS - KAFKA_HEAP_OPTS -) -for env_var in "${kafka_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset kafka_env_vars - -# Paths -export KAFKA_BASE_DIR="${BITNAMI_ROOT_DIR}/kafka" -export KAFKA_VOLUME_DIR="/bitnami/kafka" -export KAFKA_DATA_DIR="${KAFKA_VOLUME_DIR}/data" -export KAFKA_CONF_DIR="${KAFKA_BASE_DIR}/config" -export KAFKA_CONF_FILE="${KAFKA_CONF_DIR}/server.properties" -export KAFKA_MOUNTED_CONF_DIR="${KAFKA_MOUNTED_CONF_DIR:-${KAFKA_VOLUME_DIR}/config}" -export KAFKA_CERTS_DIR="${KAFKA_CONF_DIR}/certs" -export KAFKA_INITSCRIPTS_DIR="/docker-entrypoint-initdb.d" -export KAFKA_LOG_DIR="${KAFKA_BASE_DIR}/logs" -export KAFKA_HOME="$KAFKA_BASE_DIR" -export PATH="${KAFKA_BASE_DIR}/bin:${BITNAMI_ROOT_DIR}/java/bin:${PATH}" - -# System users (when running with a privileged user) -export KAFKA_DAEMON_USER="kafka" -export KAFKA_DAEMON_GROUP="kafka" - -# Kafka runtime settings -export KAFKA_INTER_BROKER_USER="${KAFKA_INTER_BROKER_USER:-user}" -export KAFKA_INTER_BROKER_PASSWORD="${KAFKA_INTER_BROKER_PASSWORD:-bitnami}" -export KAFKA_CONTROLLER_USER="${KAFKA_CONTROLLER_USER:-controller_user}" -export KAFKA_CONTROLLER_PASSWORD="${KAFKA_CONTROLLER_PASSWORD:-bitnami}" -export KAFKA_CERTIFICATE_PASSWORD="${KAFKA_CERTIFICATE_PASSWORD:-}" -export KAFKA_TLS_TRUSTSTORE_FILE="${KAFKA_TLS_TRUSTSTORE_FILE:-}" -export KAFKA_TLS_TYPE="${KAFKA_TLS_TYPE:-JKS}" -export KAFKA_TLS_CLIENT_AUTH="${KAFKA_TLS_CLIENT_AUTH:-required}" -export KAFKA_OPTS="${KAFKA_OPTS:-}" - -# Kafka configuration overrides -export KAFKA_CFG_SASL_ENABLED_MECHANISMS="${KAFKA_CFG_SASL_ENABLED_MECHANISMS:-PLAIN,SCRAM-SHA-256,SCRAM-SHA-512}" -export KAFKA_KRAFT_CLUSTER_ID="${KAFKA_KRAFT_CLUSTER_ID:-}" -export KAFKA_SKIP_KRAFT_STORAGE_INIT="${KAFKA_SKIP_KRAFT_STORAGE_INIT:-false}" -export KAFKA_CLIENT_LISTENER_NAME="${KAFKA_CLIENT_LISTENER_NAME:-}" - -# ZooKeeper connection settings -export KAFKA_ZOOKEEPER_PROTOCOL="${KAFKA_ZOOKEEPER_PROTOCOL:-PLAINTEXT}" -export KAFKA_ZOOKEEPER_PASSWORD="${KAFKA_ZOOKEEPER_PASSWORD:-}" -export KAFKA_ZOOKEEPER_USER="${KAFKA_ZOOKEEPER_USER:-}" -export KAFKA_ZOOKEEPER_TLS_KEYSTORE_PASSWORD="${KAFKA_ZOOKEEPER_TLS_KEYSTORE_PASSWORD:-}" -export KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_PASSWORD="${KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_PASSWORD:-}" -export KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE="${KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE:-}" -export KAFKA_ZOOKEEPER_TLS_VERIFY_HOSTNAME="${KAFKA_ZOOKEEPER_TLS_VERIFY_HOSTNAME:-true}" -export KAFKA_ZOOKEEPER_TLS_TYPE="${KAFKA_ZOOKEEPER_TLS_TYPE:-JKS}" - -# Authentication -export KAFKA_CLIENT_USERS="${KAFKA_CLIENT_USERS:-user}" -export KAFKA_CLIENT_PASSWORDS="${KAFKA_CLIENT_PASSWORDS:-bitnami}" - -# Java settings -export KAFKA_HEAP_OPTS="${KAFKA_HEAP_OPTS:--Xmx1024m -Xms1024m}" - -# Custom environment variables may be defined below diff --git a/bitnami/kafka/3.4/debian-11/rootfs/opt/bitnami/scripts/kafka/entrypoint.sh b/bitnami/kafka/3.4/debian-11/rootfs/opt/bitnami/scripts/kafka/entrypoint.sh deleted file mode 100755 index deafe6d4660a..000000000000 --- a/bitnami/kafka/3.4/debian-11/rootfs/opt/bitnami/scripts/kafka/entrypoint.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/libkafka.sh - -# Load Kafka environment variables -. /opt/bitnami/scripts/kafka-env.sh - -print_welcome_page - -if [[ "$*" = *"/opt/bitnami/scripts/kafka/run.sh"* || "$*" = *"/run.sh"* ]]; then - info "** Starting Kafka setup **" - /opt/bitnami/scripts/kafka/setup.sh - info "** Kafka setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/kafka/3.4/debian-11/rootfs/opt/bitnami/scripts/kafka/postunpack.sh b/bitnami/kafka/3.4/debian-11/rootfs/opt/bitnami/scripts/kafka/postunpack.sh deleted file mode 100755 index b6526959daf7..000000000000 --- a/bitnami/kafka/3.4/debian-11/rootfs/opt/bitnami/scripts/kafka/postunpack.sh +++ /dev/null @@ -1,46 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libkafka.sh -. /opt/bitnami/scripts/libfs.sh - -# Load Kafka environment variables -. /opt/bitnami/scripts/kafka-env.sh - -# Move server.properties from configtmp to config -# Temporary solution until kafka tarball places server.properties into config -if [[ -d "${KAFKA_BASE_DIR}/configtmp" ]]; then - mv "${KAFKA_BASE_DIR}/configtmp"/* "$KAFKA_CONF_DIR" - rmdir "${KAFKA_BASE_DIR}/configtmp" -fi -[[ -d "${KAFKA_BASE_DIR}/conf" ]] && rmdir "${KAFKA_BASE_DIR}/conf" - -# Ensure directories used by Kafka exist and have proper ownership and permissions -for dir in "$KAFKA_LOG_DIR" "$KAFKA_CONF_DIR" "$KAFKA_MOUNTED_CONF_DIR" "$KAFKA_VOLUME_DIR" "$KAFKA_DATA_DIR" "$KAFKA_INITSCRIPTS_DIR"; do - ensure_dir_exists "$dir" -done -chmod -R g+rwX "$KAFKA_BASE_DIR" "$KAFKA_VOLUME_DIR" "$KAFKA_DATA_DIR" "$KAFKA_INITSCRIPTS_DIR" - -# Move the original server.properties, so users can skip initialization logic by mounting their own server.properties directly instead of using the MOUNTED_CONF_DIR -mv "${KAFKA_CONF_DIR}/server.properties" "${KAFKA_CONF_DIR}/server.properties.original" - -# Disable logging to stdout and garbage collection -# Source: https://logging.apache.org/log4j/log4j-2.4/manual/appenders.html -replace_in_file "${KAFKA_BASE_DIR}/bin/kafka-server-start.sh" " [-]loggc" " " -replace_in_file "${KAFKA_CONF_DIR}/log4j.properties" "DailyRollingFileAppender" "ConsoleAppender" - -# Disable the default console logger in favour of KafkaAppender (which provides the exact output) -echo "log4j.appender.stdout.Threshold=OFF" >>"${KAFKA_CONF_DIR}/log4j.properties" - -# Remove invalid parameters for ConsoleAppender -remove_in_file "${KAFKA_CONF_DIR}/log4j.properties" "DatePattern" -remove_in_file "${KAFKA_CONF_DIR}/log4j.properties" "Appender.File" diff --git a/bitnami/kafka/3.4/debian-11/rootfs/opt/bitnami/scripts/kafka/run.sh b/bitnami/kafka/3.4/debian-11/rootfs/opt/bitnami/scripts/kafka/run.sh deleted file mode 100755 index a82f26867e70..000000000000 --- a/bitnami/kafka/3.4/debian-11/rootfs/opt/bitnami/scripts/kafka/run.sh +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libkafka.sh -. /opt/bitnami/scripts/libos.sh - -# Load Kafka environment variables -. /opt/bitnami/scripts/kafka-env.sh - -if [[ -f "${KAFKA_CONF_DIR}/kafka_jaas.conf" ]]; then - export KAFKA_OPTS="-Djava.security.auth.login.config=${KAFKA_CONF_DIR}/kafka_jaas.conf" -fi - -cmd="$KAFKA_HOME/bin/kafka-server-start.sh" -args=("$KAFKA_CONF_FILE") -! is_empty_value "${KAFKA_EXTRA_FLAGS:-}" && args=("${args[@]}" "${KAFKA_EXTRA_FLAGS[@]}") - -info "** Starting Kafka **" -if am_i_root; then - exec_as_user "$KAFKA_DAEMON_USER" "$cmd" "${args[@]}" "$@" -else - exec "$cmd" "${args[@]}" "$@" -fi diff --git a/bitnami/kafka/3.4/debian-11/rootfs/opt/bitnami/scripts/kafka/setup.sh b/bitnami/kafka/3.4/debian-11/rootfs/opt/bitnami/scripts/kafka/setup.sh deleted file mode 100755 index a1dcc1d2d162..000000000000 --- a/bitnami/kafka/3.4/debian-11/rootfs/opt/bitnami/scripts/kafka/setup.sh +++ /dev/null @@ -1,60 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libkafka.sh - -# Load Kafka environment variables -. /opt/bitnami/scripts/kafka-env.sh - -# Map Kafka environment variables -kafka_create_alias_environment_variables - -# Dinamically set node.id/broker.id/controller.quorum.voters if the _COMMAND environment variable is set -kafka_dynamic_environment_variables - -# Set the default tuststore locations before validation -kafka_configure_default_truststore_locations -# Ensure Kafka user and group exist when running as 'root' -am_i_root && ensure_user_exists "$KAFKA_DAEMON_USER" --group "$KAFKA_DAEMON_GROUP" -# Ensure directories used by Kafka exist and have proper ownership and permissions -for dir in "$KAFKA_LOG_DIR" "$KAFKA_CONF_DIR" "$KAFKA_MOUNTED_CONF_DIR" "$KAFKA_VOLUME_DIR" "$KAFKA_DATA_DIR"; do - if am_i_root; then - ensure_dir_exists "$dir" "$KAFKA_DAEMON_USER" "$KAFKA_DAEMON_GROUP" - else - ensure_dir_exists "$dir" - fi -done - -# Kafka validation, skipped if server.properties was mounted at either $KAFKA_MOUNTED_CONF_DIR or $KAFKA_CONF_DIR -[[ ! -f "${KAFKA_MOUNTED_CONF_DIR}/server.properties" && ! -f "$KAFKA_CONF_FILE" ]] && kafka_validate -# Kafka initialization, skipped if server.properties was mounted at $KAFKA_CONF_DIR -[[ ! -f "$KAFKA_CONF_FILE" ]] && kafka_initialize - -# Initialise KRaft metadata storage if process.roles configured -if grep -q "^process.roles=" "$KAFKA_CONF_FILE" && ! is_boolean_yes "$KAFKA_SKIP_KRAFT_STORAGE_INIT" ; then - kafka_kraft_storage_initialize -fi -# Configure Zookeeper SCRAM users -if is_boolean_yes "${KAFKA_ZOOKEEPER_BOOTSTRAP_SCRAM_USERS:-}"; then - kafka_zookeeper_create_sasl_scram_users -fi -# KRaft controllers may get stuck starting when the controller quorum voters are changed. -# Workaround: Remove quorum-state file when scaling up/down controllers (Waiting proposal KIP-853) -# https://cwiki.apache.org/confluence/display/KAFKA/KIP-853%3A+KRaft+Voter+Changes -if [[ -f "${KAFKA_DATA_DIR}/__cluster_metadata-0/quorum-state" ]] && grep -q "^controller.quorum.voters=" "$KAFKA_CONF_FILE" && kafka_kraft_quorum_voters_changed; then - warn "Detected inconsitences between controller.quorum.voters and quorum-state, removing it..." - rm -f "${KAFKA_DATA_DIR}/__cluster_metadata-0/quorum-state" -fi -# Ensure custom initialization scripts are executed -kafka_custom_init_scripts diff --git a/bitnami/kafka/3.4/debian-11/rootfs/opt/bitnami/scripts/libkafka.sh b/bitnami/kafka/3.4/debian-11/rootfs/opt/bitnami/scripts/libkafka.sh deleted file mode 100644 index 0efa81c4b873..000000000000 --- a/bitnami/kafka/3.4/debian-11/rootfs/opt/bitnami/scripts/libkafka.sh +++ /dev/null @@ -1,1175 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Kafka library - -# shellcheck disable=SC1090,SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libservice.sh - -# Functions - -######################## -# Set a configuration setting value to a file -# Globals: -# None -# Arguments: -# $1 - file -# $2 - key -# $3 - values (array) -# Returns: -# None -######################### -kafka_common_conf_set() { - local file="${1:?missing file}" - local key="${2:?missing key}" - shift - shift - local values=("$@") - - if [[ "${#values[@]}" -eq 0 ]]; then - stderr_print "missing value" - return 1 - elif [[ "${#values[@]}" -ne 1 ]]; then - for i in "${!values[@]}"; do - kafka_common_conf_set "$file" "${key[$i]}" "${values[$i]}" - done - else - value="${values[0]}" - # Check if the value was set before - if grep -q "^[#\\s]*$key\s*=.*" "$file"; then - # Update the existing key - replace_in_file "$file" "^[#\\s]*${key}\s*=.*" "${key}=${value}" false - else - # Add a new key - printf '\n%s=%s' "$key" "$value" >>"$file" - fi - fi -} - -######################## -# Returns true if at least one listener is configured using SSL -# Globals: -# KAFKA_CFG_LISTENERS -# KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP -# Arguments: -# None -# Returns: -# true/false -######################### -kafka_has_ssl_listener(){ - if ! is_empty_value "${KAFKA_CFG_LISTENERS:-}"; then - if is_empty_value "${KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP:-}"; then - if [[ "$KAFKA_CFG_LISTENERS" =~ SSL: || "$KAFKA_CFG_LISTENERS" =~ SASL_SSL: ]]; then - return - fi - else - read -r -a protocol_maps <<<"$(tr ',' ' ' <<<"$KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP")" - for protocol_map in "${protocol_maps[@]}"; do - read -r -a map <<<"$(tr ':' ' ' <<<"$protocol_map")" - # Obtain the listener and protocol from protocol map string, e.g. CONTROLLER:PLAINTEXT - listener="${map[0]}" - protocol="${map[1]}" - if [[ "$protocol" = "SSL" || "$protocol" = "SASL_SSL" ]]; then - if [[ "$KAFKA_CFG_LISTENERS" =~ $listener ]]; then - return - fi - fi - done - fi - fi - return 1 -} - -######################## -# Returns true if at least one listener is configured using SASL -# Globals: -# KAFKA_CFG_LISTENERS -# KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP -# Arguments: -# None -# Returns: -# true/false -######################### -kafka_has_sasl_listener(){ - if ! is_empty_value "${KAFKA_CFG_LISTENERS:-}"; then - if is_empty_value "${KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP:-}"; then - if [[ "$KAFKA_CFG_LISTENERS" =~ SASL_PLAINTEXT: ]] || [[ "$KAFKA_CFG_LISTENERS" =~ SASL_SSL: ]]; then - return - fi - else - read -r -a protocol_maps <<<"$(tr ',' ' ' <<<"$KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP")" - for protocol_map in "${protocol_maps[@]}"; do - read -r -a map <<<"$(tr ':' ' ' <<<"$protocol_map")" - # Obtain the listener and protocol from protocol map string, e.g. CONTROLLER:PLAINTEXT - listener="${map[0]}" - protocol="${map[1]}" - if [[ "$protocol" = "SASL_PLAINTEXT" || "$protocol" = "SASL_SSL" ]]; then - if [[ "$KAFKA_CFG_LISTENERS" =~ $listener ]]; then - return - fi - fi - done - fi - fi - return 1 -} - -######################## -# Returns true if at least one listener is configured using plaintext -# Globals: -# KAFKA_CFG_LISTENERS -# KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP -# Arguments: -# None -# Returns: -# true/false -######################### -kafka_has_plaintext_listener(){ - if ! is_empty_value "${KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP:-}"; then - read -r -a protocol_maps <<<"$(tr ',' ' ' <<<"$KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP")" - for protocol_map in "${protocol_maps[@]}"; do - read -r -a map <<<"$(tr ':' ' ' <<<"$protocol_map")" - # Obtain the listener and protocol from protocol map string, e.g. CONTROLLER:PLAINTEXT - listener="${map[0]}" - protocol="${map[1]}" - if [[ "$protocol" = "PLAINTEXT" ]]; then - if is_empty_value "${KAFKA_CFG_LISTENERS:-}" || [[ "$KAFKA_CFG_LISTENERS" =~ $listener ]]; then - return - fi - fi - done - else - if is_empty_value "${KAFKA_CFG_LISTENERS:-}" || [[ "$KAFKA_CFG_LISTENERS" =~ PLAINTEXT: ]]; then - return - fi - fi - return 1 -} - -######################## -# Backwards compatibility measure to configure the TLS truststore locations -# Globals: -# KAFKA_CONF_FILE -# Arguments: -# None -# Returns: -# None -######################### -kafka_configure_default_truststore_locations() { - # Backwards compatibility measure to allow custom truststore locations but at the same time not disrupt - # the UX that the previous version of the containers and the helm chart have. - # Context: The chart and containers by default assumed that the truststore location was KAFKA_CERTS_DIR/kafka.truststore.jks or KAFKA_MOUNTED_CONF_DIR/certs/kafka.truststore.jks. - # Because of this, we could not use custom certificates in different locations (use case: A custom base image that already has a truststore). Changing the logic to allow custom - # locations implied major changes in the current user experience (which only required to mount certificates at the assumed location). In order to maintain this compatibility we need - # use this logic that sets the KAFKA_TLS_*_FILE variables to the previously assumed locations in case it is not set - - # Kafka truststore - if kafka_has_ssl_listener && is_empty_value "${KAFKA_TLS_TRUSTSTORE_FILE:-}"; then - local kafka_truststore_filename="kafka.truststore.jks" - [[ "$KAFKA_TLS_TYPE" = "PEM" ]] && kafka_truststore_filename="kafka.truststore.pem" - if [[ -f "${KAFKA_CERTS_DIR}/${kafka_truststore_filename}" ]]; then - # Mounted in /opt/bitnami/kafka/conf/certs - export KAFKA_TLS_TRUSTSTORE_FILE="${KAFKA_CERTS_DIR}/${kafka_truststore_filename}" - else - # Mounted in /bitnami/kafka/conf/certs - export KAFKA_TLS_TRUSTSTORE_FILE="${KAFKA_MOUNTED_CONF_DIR}/certs/${kafka_truststore_filename}" - fi - fi - # Zookeeper truststore - if [[ "${KAFKA_ZOOKEEPER_PROTOCOL:-}" =~ SSL ]] && is_empty_value "${KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE:-}"; then - local zk_truststore_filename="zookeeper.truststore.jks" - [[ "$KAFKA_ZOOKEEPER_TLS_TYPE" = "PEM" ]] && zk_truststore_filename="zookeeper.truststore.pem" - if [[ -f "${KAFKA_CERTS_DIR}/${zk_truststore_filename}" ]]; then - # Mounted in /opt/bitnami/kafka/conf/certs - export KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE="${KAFKA_CERTS_DIR}/${zk_truststore_filename}" - else - # Mounted in /bitnami/kafka/conf/certs - export KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE="${KAFKA_MOUNTED_CONF_DIR}/certs/${zk_truststore_filename}" - fi - fi -} - -######################## -# Set a configuration setting value to server.properties -# Globals: -# KAFKA_CONF_FILE -# Arguments: -# $1 - key -# $2 - values (array) -# Returns: -# None -######################### -kafka_server_conf_set() { - kafka_common_conf_set "$KAFKA_CONF_FILE" "$@" -} - -######################## -# Set a configuration setting value to producer.properties and consumer.properties -# Globals: -# KAFKA_CONF_DIR -# Arguments: -# $1 - key -# $2 - values (array) -# Returns: -# None -######################### -kafka_producer_consumer_conf_set() { - kafka_common_conf_set "$KAFKA_CONF_DIR/producer.properties" "$@" - kafka_common_conf_set "$KAFKA_CONF_DIR/consumer.properties" "$@" -} - -######################## -# Create alias for environment variable, so both can be used -# Globals: -# None -# Arguments: -# $1 - Alias environment variable name -# $2 - Original environment variable name -# Returns: -# None -######################### -kafka_declare_alias_env() { - local -r alias="${1:?missing environment variable alias}" - local -r original="${2:?missing original environment variable}" - if printenv "${original}" >/dev/null; then - export "$alias"="${!original:-}" - fi -} - -######################## -# Map Kafka legacy environment variables to the new names -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_create_alias_environment_variables() { - suffixes=( - "ADVERTISED_LISTENERS" - "BROKER_ID" - "NODE_ID" - "CONTROLLER_QUORUM_VOTERS" - "PROCESS_ROLES" - "DEFAULT_REPLICATION_FACTOR" - "DELETE_TOPIC_ENABLE" - "INTER_BROKER_LISTENER_NAME" - "LISTENERS" - "LISTENER_SECURITY_PROTOCOL_MAP" - "LOG_DIRS" - "LOG_FLUSH_INTERVAL_MESSAGES" - "LOG_FLUSH_INTERVAL_MS" - "LOG_MESSAGE_FORMAT_VERSION" - "LOG_RETENTION_BYTES" - "LOG_RETENTION_CHECK_INTERVALS_MS" - "LOG_RETENTION_HOURS" - "LOG_SEGMENT_BYTES" - "MESSAGE_MAX_BYTES" - "NUM_IO_THREADS" - "NUM_NETWORK_THREADS" - "NUM_PARTITIONS" - "NUM_RECOVERY_THREADS_PER_DATA_DIR" - "OFFSETS_TOPIC_REPLICATION_FACTOR" - "SOCKET_RECEIVE_BUFFER_BYTES" - "SOCKET_REQUEST_MAX_BYTES" - "SOCKET_SEND_BUFFER_BYTES" - "SSL_ENDPOINT_IDENTIFICATION_ALGORITHM" - "TRANSACTION_STATE_LOG_MIN_ISR" - "TRANSACTION_STATE_LOG_REPLICATION_FACTOR" - "ZOOKEEPER_CONNECT" - "ZOOKEEPER_CONNECTION_TIMEOUT_MS" - ) - kafka_declare_alias_env "KAFKA_CFG_LOG_DIRS" "KAFKA_LOGS_DIRS" - kafka_declare_alias_env "KAFKA_CFG_LOG_SEGMENT_BYTES" "KAFKA_SEGMENT_BYTES" - kafka_declare_alias_env "KAFKA_CFG_MESSAGE_MAX_BYTES" "KAFKA_MAX_MESSAGE_BYTES" - kafka_declare_alias_env "KAFKA_CFG_ZOOKEEPER_CONNECTION_TIMEOUT_MS" "KAFKA_ZOOKEEPER_CONNECT_TIMEOUT_MS" - kafka_declare_alias_env "KAFKA_CFG_AUTO_CREATE_TOPICS_ENABLE" "KAFKA_AUTO_CREATE_TOPICS_ENABLE" - kafka_declare_alias_env "KAFKA_CLIENT_USERS" "KAFKA_BROKER_USER" - kafka_declare_alias_env "KAFKA_CLIENT_PASSWORDS" "KAFKA_BROKER_PASSWORD" - kafka_declare_alias_env "KAFKA_CLIENT_LISTENER_NAME" "KAFKA_CLIENT_LISTENER" - for s in "${suffixes[@]}"; do - kafka_declare_alias_env "KAFKA_CFG_${s}" "KAFKA_${s}" - done -} - -######################## -# Validate settings in KAFKA_* env vars -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_validate() { - debug "Validating settings in KAFKA_* env vars..." - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - check_multi_value() { - if [[ " ${2} " != *" ${!1} "* ]]; then - print_validation_error "The allowed values for ${1} are: ${2}" - fi - } - # If process.roles configured, check its values are valid and perform additional checks for each - check_kraft_process_roles() { - read -r -a roles_list <<<"$(tr ',;' ' ' <<<"$KAFKA_CFG_PROCESS_ROLES")" - for role in "${roles_list[@]}"; do - case "$role" in - broker) ;; - controller) - if is_empty_value "${KAFKA_CFG_CONTROLLER_LISTENER_NAMES:-}"; then - print_validation_error "Role 'controller' enabled but environment variable KAFKA_CFG_CONTROLLER_LISTENER_NAMES was not provided." - fi - if is_empty_value "${KAFKA_CFG_LISTENERS:-}" || [[ ! "$KAFKA_CFG_LISTENERS" =~ ${KAFKA_CFG_CONTROLLER_LISTENER_NAMES} ]]; then - print_validation_error "Role 'controller' enabled but listener ${KAFKA_CFG_CONTROLLER_LISTENER_NAMES} not found in KAFKA_CFG_LISTENERS." - fi - ;; - *) - print_validation_error "Invalid KRaft process role '$role'. Supported roles are 'broker,controller'" - ;; - esac - done - } - # Check all listeners are using a unique and valid port - check_listener_ports(){ - check_allowed_port() { - local port="${1:?missing port variable}" - local -a validate_port_args=() - ! am_i_root && validate_port_args+=("-unprivileged") - validate_port_args+=("$port") - if ! err=$(validate_port "${validate_port_args[@]}"); then - print_validation_error "An invalid port ${port} was specified in the environment variable KAFKA_CFG_LISTENERS: ${err}." - fi - } - - read -r -a listeners <<<"$(tr ',' ' ' <<<"${KAFKA_CFG_LISTENERS:-}")" - local -a ports=() - for listener in "${listeners[@]}"; do - read -r -a arr <<<"$(tr ':' ' ' <<<"$listener")" - # Obtain the port from listener string, e.g. PLAINTEXT://:9092 - port="${arr[2]}" - check_allowed_port "$port" - ports+=("$port") - done - # Check each listener is using an unique port - local -a unique_ports=() - read -r -a unique_ports <<< "$(echo "${ports[@]}" | tr ' ' '\n' | sort -u | tr '\n' ' ')" - if [[ "${#ports[@]}" != "${#unique_ports[@]}" ]]; then - print_validation_error "There are listeners bound to the same port" - fi - } - check_listener_protocols(){ - local -r allowed_protocols=("PLAINTEXT" "SASL_PLAINTEXT" "SASL_SSL" "SSL") - read -r -a protocol_maps <<<"$(tr ',' ' ' <<<"$KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP")" - for protocol_map in "${protocol_maps[@]}"; do - read -r -a map <<<"$(tr ':' ' ' <<<"$protocol_map")" - # Obtain the listener and protocol from protocol map string, e.g. CONTROLLER:PLAINTEXT - listener="${map[0]}" - protocol="${map[1]}" - # Check protocol in allowed list - if [[ ! "${allowed_protocols[*]}" =~ $protocol ]]; then - print_validation_error "Authentication protocol ${protocol} is not supported!" - fi - # If inter-broker listener configured with SASL, ensure KAFKA_CFG_SASL_MECHANISM_INTER_BROKER_PROTOCOL is set - if [[ "$listener" = "${KAFKA_CFG_INTER_BROKER_LISTENER_NAME:-INTERNAL}" ]]; then - if [[ "$protocol" = "SASL_PLAINTEXT" ]] || [[ "$protocol" = "SASL_SSL" ]]; then - if is_empty_value "${KAFKA_CFG_SASL_MECHANISM_INTER_BROKER_PROTOCOL:-}"; then - print_validation_error "When using SASL for inter broker comunication the mechanism should be provided using KAFKA_CFG_SASL_MECHANISM_INTER_BROKER_PROTOCOL" - fi - if is_empty_value "${KAFKA_INTER_BROKER_USER:-}" || is_empty_value "${KAFKA_INTER_BROKER_PASSWORD:-}"; then - print_validation_error "In order to configure SASL authentication for Kafka inter-broker communications, you must provide the SASL credentials. Set the environment variables KAFKA_INTER_BROKER_USER and KAFKA_INTER_BROKER_PASSWORD to configure the credentials for SASL authentication with between brokers." - fi - fi - # If controller listener configured with SASL, ensure KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL is set - elif [[ "${KAFKA_CFG_CONTROLLER_LISTENER_NAMES:-CONTROLLER}" =~ $listener ]]; then - if [[ "$protocol" = "SASL_PLAINTEXT" ]] || [[ "$protocol" = "SASL_SSL" ]]; then - if is_empty_value "${KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL:-}"; then - print_validation_error "When using SASL for controller comunication the mechanism should be provided at KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL" - elif [[ "$KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL" =~ SCRAM ]]; then - warn "KRaft controller listener may not support SCRAM-SHA-256/SCRAM-SHA-512 mechanisms. If facing any issues, we recommend switching to PLAIN mechanism. More information at: https://issues.apache.org/jira/browse/KAFKA-15513" - fi - if is_empty_value "${KAFKA_CONTROLLER_USER:-}" || is_empty_value "${KAFKA_CONTROLLER_PASSWORD:-}"; then - print_validation_error "In order to configure SASL authentication for Kafka control plane communications, you must provide the SASL credentials. Set the environment variables KAFKA_CONTROLLER_USER and KAFKA_CONTROLLER_PASSWORD to configure the credentials for SASL authentication with between controllers." - fi - fi - else - if [[ "$protocol" = "SASL_PLAINTEXT" ]] || [[ "$protocol" = "SASL_SSL" ]]; then - if is_empty_value "${KAFKA_CLIENT_USERS:-}" || is_empty_value "${KAFKA_CLIENT_PASSWORDS:-}"; then - print_validation_error "In order to configure SASL authentication for Kafka, you must provide the SASL credentials. Set the environment variables KAFKA_CLIENT_USERS and KAFKA_CLIENT_PASSWORDS to configure the credentials for SASL authentication with clients." - fi - fi - - fi - done - } - - if is_empty_value "${KAFKA_CFG_PROCESS_ROLES:-}" && is_empty_value "${KAFKA_CFG_ZOOKEEPER_CONNECT:-}"; then - print_validation_error "Kafka haven't been configured to work in either Raft or Zookeper mode. Please make sure at least one of the modes is configured." - fi - # Check KRaft mode - if ! is_empty_value "${KAFKA_CFG_PROCESS_ROLES:-}"; then - # Raft - if [[ "$(kafka_get_version)" =~ ^3\.2\. ]]; then - warn "KRaft mode is not production-ready in Kafka 3.2, for production environments, we recommend upgrading " - fi - # Only allow Zookeeper configuration if migration mode is enabled - if ! is_empty_value "${KAFKA_CFG_ZOOKEEPER_CONNECT:-}" && - { is_empty_value "${KAFKA_CFG_ZOOKEEPER_METADATA_MIGRATION_ENABLE:-}" || ! is_boolean_yes "$KAFKA_CFG_ZOOKEEPER_METADATA_MIGRATION_ENABLE"; }; then - print_validation_error "Both KRaft mode and Zookeeper modes are configured, but KAFKA_CFG_ZOOKEEPER_METADATA_MIGRATION_ENABLE is not enabled" - fi - if is_empty_value "${KAFKA_CFG_NODE_ID:-}"; then - print_validation_error "KRaft mode requires an unique node.id, please set the environment variable KAFKA_CFG_NODE_ID" - fi - if is_empty_value "${KAFKA_CFG_CONTROLLER_QUORUM_VOTERS:-}"; then - print_validation_error "KRaft mode requires KAFKA_CFG_CONTROLLER_QUORUM_VOTERS to be set" - fi - check_kraft_process_roles - fi - # Check Zookeeper mode - if ! is_empty_value "${KAFKA_CFG_ZOOKEEPER_CONNECT:-}"; then - # If SSL/SASL_SSL protocol configured, check certificates are provided - if [[ "$KAFKA_ZOOKEEPER_PROTOCOL" =~ SSL ]]; then - if [[ "$KAFKA_ZOOKEEPER_TLS_TYPE" = "JKS" ]]; then - # Fail if truststore is not provided - if [[ ! -f "$KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE" ]]; then - print_validation_error "In order to configure the TLS encryption for Zookeeper with JKS certs you must mount your zookeeper.truststore.jks cert to the ${KAFKA_MOUNTED_CONF_DIR}/certs directory." - fi - # Warn if keystore is not provided, only required if Zookeper mTLS is enabled (ZOO_TLS_CLIENT_AUTH) - if [[ ! -f "${KAFKA_CERTS_DIR}/zookeeper.keystore.jks" ]] && [[ ! -f "${KAFKA_MOUNTED_CONF_DIR}/certs/zookeeper.keystore.jks" ]]; then - warn "In order to configure the mTLS for Zookeeper with JKS certs you must mount your zookeeper.keystore.jks cert to the ${KAFKA_MOUNTED_CONF_DIR}/certs directory." - fi - elif [[ "$KAFKA_ZOOKEEPER_TLS_TYPE" = "PEM" ]]; then - # Fail if CA / validation cert is not provided - if [[ ! -f "$KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE" ]]; then - print_validation_error "In order to configure the TLS encryption for Zookeeper with PEM certs you must mount your zookeeper.truststore.pem cert to the ${KAFKA_MOUNTED_CONF_DIR}/certs directory." - fi - # Warn if node key or cert are not provided, only required if Zookeper mTLS is enabled (ZOO_TLS_CLIENT_AUTH) - if { [[ ! -f "${KAFKA_CERTS_DIR}/zookeeper.keystore.pem" ]] || [[ ! -f "${KAFKA_CERTS_DIR}/zookeeper.keystore.key" ]]; } && - { [[ ! -f "${KAFKA_MOUNTED_CONF_DIR}/certs/zookeeper.keystore.pem" ]] || [[ ! -f "${KAFKA_MOUNTED_CONF_DIR}/certs/zookeeper.keystore.key" ]]; }; then - warn "In order to configure the mTLS for Zookeeper with PEM certs you must mount your zookeeper.keystore.pem cert and zookeeper.keystore.key key to the ${KAFKA_MOUNTED_CONF_DIR}/certs directory." - fi - fi - fi - # If SASL/SASL_SSL protocol configured, check certificates are provided - if [[ "$KAFKA_ZOOKEEPER_PROTOCOL" =~ SASL ]]; then - if is_empty_value "${KAFKA_ZOOKEEPER_USER:-}" || is_empty_value "${KAFKA_ZOOKEEPER_PASSWORD:-}"; then - print_validation_error "In order to configure SASL authentication for Kafka, you must provide the SASL credentials. Set the environment variables KAFKA_ZOOKEEPER_USER and KAFKA_ZOOKEEPER_PASSWORD, to configure the credentials for SASL authentication with Zookeeper." - fi - fi - # If using plaintext protocol, check it is explicitly allowed - if [[ "$KAFKA_ZOOKEEPER_PROTOCOL" = "PLAINTEXT" ]]; then - warn "The KAFKA_ZOOKEEPER_PROTOCOL environment variable does not configure SASL and/or SSL, this setting is not recommended for production environments." - fi - fi - # Check listener ports are unique and allowed - check_listener_ports - # Check listeners are mapped to a valid security protocol - check_listener_protocols - # Warn users if plaintext listeners are configured - if kafka_has_plaintext_listener; then - warn "Kafka has been configured with a PLAINTEXT listener, this setting is not recommended for production environments." - fi - # If SSL/SASL_SSL listeners configured, check certificates are provided - if kafka_has_ssl_listener; then - if [[ "$KAFKA_TLS_TYPE" = "JKS" ]] && - { [[ ! -f "${KAFKA_CERTS_DIR}/kafka.keystore.jks" ]] || [[ ! -f "$KAFKA_TLS_TRUSTSTORE_FILE" ]]; } && - { [[ ! -f "${KAFKA_MOUNTED_CONF_DIR}/certs/kafka.keystore.jks" ]] || [[ ! -f "$KAFKA_TLS_TRUSTSTORE_FILE" ]]; }; then - print_validation_error "In order to configure the TLS encryption for Kafka with JKS certs you must mount your kafka.keystore.jks and kafka.truststore.jks certs to the ${KAFKA_MOUNTED_CONF_DIR}/certs directory." - elif [[ "$KAFKA_TLS_TYPE" = "PEM" ]] && - { [[ ! -f "${KAFKA_CERTS_DIR}/kafka.keystore.pem" ]] || [[ ! -f "${KAFKA_CERTS_DIR}/kafka.keystore.key" ]] || [[ ! -f "$KAFKA_TLS_TRUSTSTORE_FILE" ]]; } && - { [[ ! -f "${KAFKA_MOUNTED_CONF_DIR}/certs/kafka.keystore.pem" ]] || [[ ! -f "${KAFKA_MOUNTED_CONF_DIR}/certs/kafka.keystore.key" ]] || [[ ! -f "$KAFKA_TLS_TRUSTSTORE_FILE" ]]; }; then - print_validation_error "In order to configure the TLS encryption for Kafka with PEM certs you must mount your kafka.keystore.pem, kafka.keystore.key and kafka.truststore.pem certs to the ${KAFKA_MOUNTED_CONF_DIR}/certs directory." - fi - fi - # If SASL/SASL_SSL listeners configured, check passwords are provided - if kafka_has_sasl_listener; then - if is_empty_value "${KAFKA_CFG_SASL_ENABLED_MECHANISMS:-}"; then - print_validation_error "Specified SASL protocol but no SASL mechanisms provided in KAFKA_CFG_SASL_ENABLED_MECHANISMS" - fi - fi - # Check users and passwords lists are the same size - read -r -a users <<<"$(tr ',;' ' ' <<<"${KAFKA_CLIENT_USERS:-}")" - read -r -a passwords <<<"$(tr ',;' ' ' <<<"${KAFKA_CLIENT_PASSWORDS:-}")" - if [[ "${#users[@]}" -ne "${#passwords[@]}" ]]; then - print_validation_error "Specify the same number of passwords on KAFKA_CLIENT_PASSWORDS as the number of users on KAFKA_CLIENT_USERS!" - fi - check_multi_value "KAFKA_TLS_TYPE" "JKS PEM" - check_multi_value "KAFKA_ZOOKEEPER_TLS_TYPE" "JKS PEM" - check_multi_value "KAFKA_ZOOKEEPER_PROTOCOL" "PLAINTEXT SASL SSL SASL_SSL" - check_multi_value "KAFKA_TLS_CLIENT_AUTH" "none requested required" - [[ "$error_code" -eq 0 ]] || return "$error_code" -} - -######################## -# Get kafka version -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# version -######################### -kafka_get_version() { - local -a cmd=("kafka-topics.sh" "--version") - am_i_root && cmd=("run_as_user" "$KAFKA_DAEMON_USER" "${cmd[@]}") - - read -r -a ver_split <<< "$("${cmd[@]}")" - echo "${ver_split[0]}" -} - -######################### -# Configure JAAS for a given listener and SASL mechanisms -# Globals: -# KAFKA_* -# Arguments: -# $1 - Name of the listener JAAS will be configured for -# $2 - Comma-separated list of SASL mechanisms to configure -# $3 - Comma-separated list of usernames -# $4 - Comma-separated list of passwords -# Returns: -# None -######################### -kafka_configure_server_jaas() { - local listener="${1:?missing listener name}" - local role="${2:-}" - - if [[ "$role" = "controller" ]]; then - local jaas_content=() - if [[ "$KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL" = "PLAIN" ]]; then - jaas_content=( - "org.apache.kafka.common.security.plain.PlainLoginModule required" - "username=\"${KAFKA_CONTROLLER_USER}\"" - "password=\"${KAFKA_CONTROLLER_PASSWORD}\"" - "user_${KAFKA_CONTROLLER_USER}=\"${KAFKA_CONTROLLER_PASSWORD}\";" - ) - elif [[ "$KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL" =~ SCRAM ]]; then - jaas_content=( - "org.apache.kafka.common.security.scram.ScramLoginModule required" - "username=\"${KAFKA_CONTROLLER_USER}\"" - "password=\"${KAFKA_CONTROLLER_PASSWORD}\";" - ) - fi - listener_lower="$(echo "$listener" | tr '[:upper:]' '[:lower:]')" - sasl_mechanism_lower="$(echo "$KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL" | tr '[:upper:]' '[:lower:]')" - kafka_server_conf_set "listener.name.${listener_lower}.${sasl_mechanism_lower}.sasl.jaas.config" "${jaas_content[*]}" - else - read -r -a sasl_mechanisms_arr <<<"$(tr ',' ' ' <<<"$KAFKA_CFG_SASL_ENABLED_MECHANISMS")" - read -r -a users <<<"$(tr ',;' ' ' <<<"$KAFKA_CLIENT_USERS")" - read -r -a passwords <<<"$(tr ',;' ' ' <<<"$KAFKA_CLIENT_PASSWORDS")" - # Configure JAAS for each SASL mechanism - # ref: https://docs.confluent.io/platform/current/kafka/authentication_sasl/index.html - for sasl_mechanism in "${sasl_mechanisms_arr[@]}"; do - local jaas_content=() - # For PLAIN mechanism, only the first username will be used - if [[ "$sasl_mechanism" = "PLAIN" ]]; then - jaas_content=("org.apache.kafka.common.security.plain.PlainLoginModule required") - if [[ "$role" = "inter-broker" ]]; then - jaas_content+=( - "username=\"${KAFKA_INTER_BROKER_USER}\"" - "password=\"${KAFKA_INTER_BROKER_PASSWORD}\"" - ) - users+=("$KAFKA_INTER_BROKER_USER") - passwords+=("$KAFKA_INTER_BROKER_PASSWORD") - fi - for ((i = 0; i < ${#users[@]}; i++)); do - jaas_content+=("user_${users[i]}=\"${passwords[i]}\"") - done - # Add semi-colon to the last element of the array - jaas_content[${#jaas_content[@]} - 1]="${jaas_content[${#jaas_content[@]} - 1]};" - elif [[ "$sasl_mechanism" =~ SCRAM ]]; then - if [[ "$role" = "inter-broker" ]]; then - jaas_content=( - "org.apache.kafka.common.security.scram.ScramLoginModule required" - "username=\"${KAFKA_INTER_BROKER_USER}\"" - "password=\"${KAFKA_INTER_BROKER_PASSWORD}\";" - ) - else - jaas_content=("org.apache.kafka.common.security.scram.ScramLoginModule required;") - fi - fi - listener_lower="$(echo "$listener" | tr '[:upper:]' '[:lower:]')" - sasl_mechanism_lower="$(echo "$sasl_mechanism" | tr '[:upper:]' '[:lower:]')" - kafka_server_conf_set "listener.name.${listener_lower}.${sasl_mechanism_lower}.sasl.jaas.config" "${jaas_content[*]}" - done - fi -} - -######################## -# Configure Zookeeper JAAS authentication -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_zookeeper_configure_jaas(){ - local jaas_content=( - "org.apache.kafka.common.security.plain.PlainLoginModule required" - "username=\"${KAFKA_ZOOKEEPER_USER}\"" - "password=\"${KAFKA_ZOOKEEPER_PASSWORD}\";" - ) - - kafka_server_conf_set "sasl.jaas.config" "${jaas_content[*]}" -} - -######################## -# Generate JAAS authentication file for local producer/consumer to use -# Globals: -# KAFKA_* -# Arguments: -# $1 - Authentication protocol to use for the internal listener -# $2 - Authentication protocol to use for the client listener -# Returns: -# None -######################### -kafka_configure_consumer_producer_jaas(){ - local jaas_content=() - read -r -a users <<<"$(tr ',;' ' ' <<<"${KAFKA_CLIENT_USERS}")" - read -r -a passwords <<<"$(tr ',;' ' ' <<<"${KAFKA_CLIENT_PASSWORDS}")" - - if [[ "${KAFKA_CFG_SASL_ENABLED_MECHANISMS}" =~ SCRAM ]]; then - jaas_content=("org.apache.kafka.common.security.scram.ScramLoginModule required") - elif [[ "${KAFKA_CFG_SASL_ENABLED_MECHANISMS}" =~ PLAIN ]]; then - jaas_content=("org.apache.kafka.common.security.plain.PlainLoginModule required") - else - error "Couldn't configure a supported SASL mechanism for Kafka consumer/producer properties" - exit 1 - fi - - jaas_content+=( - "username=\"${users[0]}\"" - "password=\"${passwords[0]}\";" - ) - - kafka_producer_consumer_conf_set "sasl.jaas.config" "${jaas_content[*]}" -} - -######################## -# Create users in zookeper when using SASL/SCRAM mechanism -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_zookeeper_create_sasl_scram_users() { - info "Creating users in Zookeeper" - read -r -a users <<<"$(tr ',;' ' ' <<<"${KAFKA_CLIENT_USERS}")" - read -r -a passwords <<<"$(tr ',;' ' ' <<<"${KAFKA_CLIENT_PASSWORDS}")" - local zookeeper_connect - zookeeper_connect=$(grep "^zookeeper.connect=" "$KAFKA_CONF_FILE" | sed -E 's/^zookeeper\.connect=(\S+)$/\1/') - read -r -a zookeeper_hosts <<<"$(tr ',;' ' ' <<<"${zookeeper_connect}")" - - if [[ "${#zookeeper_hosts[@]}" -eq 0 ]]; then - error "Couldn't obtain zookeeper.connect from $KAFKA_CONF_FILE" - exit 1 - fi - # Wait for Zookeeper to be reachable - read -r -a aux <<<"$(tr ':' ' ' <<<"${zookeeper_hosts[0]}")" - local host="${aux[0]:?missing host}" - local port="${aux[1]:-2181}" - wait-for-port --host "$host" "$port" - - # Add interbroker credentials - if grep -Eq "^sasl.mechanism.inter.broker.protocol=SCRAM" "$KAFKA_CONF_FILE"; then - users+=("${KAFKA_INTER_BROKER_USER}") - passwords+=("${KAFKA_INTER_BROKER_PASSWORD}") - fi - for ((i = 0; i < ${#users[@]}; i++)); do - debug "Creating user ${users[i]} in zookeeper" - # Ref: https://docs.confluent.io/current/kafka/authentication_sasl/authentication_sasl_scram.html#sasl-scram-overview - debug_execute kafka-configs.sh --zookeeper "$zookeeper_connect" --alter --add-config "SCRAM-SHA-256=[iterations=8192,password=${passwords[i]}],SCRAM-SHA-512=[password=${passwords[i]}]" --entity-type users --entity-name "${users[i]}" - done -} - -######################## -# Configure Kafka SSL settings -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_configure_ssl() { - # Configures both Kafka server and producers/consumers - configure_both() { - kafka_server_conf_set "${1:?missing key}" "${2:?missing value}" - kafka_producer_consumer_conf_set "${1:?missing key}" "${2:?missing value}" - } - kafka_server_conf_set "ssl.client.auth" "${KAFKA_TLS_CLIENT_AUTH}" - configure_both ssl.keystore.type "${KAFKA_TLS_TYPE}" - configure_both ssl.truststore.type "${KAFKA_TLS_TYPE}" - local -r kafka_truststore_location="${KAFKA_CERTS_DIR}/$(basename "${KAFKA_TLS_TRUSTSTORE_FILE}")" - ! is_empty_value "${KAFKA_CERTIFICATE_PASSWORD:-}" && configure_both ssl.key.password "$KAFKA_CERTIFICATE_PASSWORD" - if [[ "$KAFKA_TLS_TYPE" = "PEM" ]]; then - file_to_multiline_property() { - awk 'NR > 1{print line"\\n\\"}{line=$0;}END{print $0" "}' <"${1:?missing file}" - } - remove_previous_cert_value() { - local key="${1:?missing key}" - files=( - "${KAFKA_CONF_FILE}" - "${KAFKA_CONF_DIR}/producer.properties" - "${KAFKA_CONF_DIR}/consumer.properties" - ) - for file in "${files[@]}"; do - if grep -q "^[#\\s]*$key\s*=.*" "$file"; then - # Delete all lines from the certificate beginning to its end - sed -i "/^[#\\s]*$key\s*=.*-----BEGIN/,/-----END/d" "$file" - fi - done - } - # We need to remove the previous cert value - # kafka_common_conf_set uses replace_in_file, which can't match multiple lines - remove_previous_cert_value ssl.keystore.key - remove_previous_cert_value ssl.keystore.certificate.chain - remove_previous_cert_value ssl.truststore.certificates - configure_both ssl.keystore.key "$(file_to_multiline_property "${KAFKA_CERTS_DIR}/kafka.keystore.key")" - configure_both ssl.keystore.certificate.chain "$(file_to_multiline_property "${KAFKA_CERTS_DIR}/kafka.keystore.pem")" - configure_both ssl.truststore.certificates "$(file_to_multiline_property "${kafka_truststore_location}")" - elif [[ "$KAFKA_TLS_TYPE" = "JKS" ]]; then - configure_both ssl.keystore.location "$KAFKA_CERTS_DIR"/kafka.keystore.jks - configure_both ssl.truststore.location "$kafka_truststore_location" - ! is_empty_value "${KAFKA_CERTIFICATE_PASSWORD:-}" && configure_both ssl.keystore.password "$KAFKA_CERTIFICATE_PASSWORD" - ! is_empty_value "${KAFKA_CERTIFICATE_PASSWORD:-}" && configure_both ssl.truststore.password "$KAFKA_CERTIFICATE_PASSWORD" - fi - true # Avoid the function to fail due to the check above -} - -######################## -# Get Zookeeper TLS settings -# Globals: -# KAFKA_ZOOKEEPER_TLS_* -# Arguments: -# None -# Returns: -# String -######################### -kafka_zookeeper_configure_tls() { - # Note that ZooKeeper does not support a key password different from the keystore password, - # so be sure to set the key password in the keystore to be identical to the keystore password; - # otherwise the connection attempt to Zookeeper will fail. - local keystore_location="" - local -r kafka_zk_truststore_location="${KAFKA_CERTS_DIR}/$(basename "${KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE}")" - - if [[ "$KAFKA_ZOOKEEPER_TLS_TYPE" = "JKS" ]] && [[ -f "${KAFKA_CERTS_DIR}/zookeeper.keystore.jks" ]]; then - keystore_location="${KAFKA_CERTS_DIR}/zookeeper.keystore.jks" - elif [[ "$KAFKA_ZOOKEEPER_TLS_TYPE" = "PEM" ]] && [[ -f "${KAFKA_CERTS_DIR}/zookeeper.keystore.pem" ]] && [[ -f "${KAFKA_CERTS_DIR}/zookeeper.keystore.key" ]]; then - # Concatenating private key into public certificate file - # This is needed to load keystore from location using PEM - keystore_location="${KAFKA_CERTS_DIR}/zookeeper.keypair.pem" - cat "${KAFKA_CERTS_DIR}/zookeeper.keystore.pem" "${KAFKA_CERTS_DIR}/zookeeper.keystore.key" > "$keystore_location" - fi - - kafka_server_conf_set "zookeeper.clientCnxnSocket" "org.apache.zookeeper.ClientCnxnSocketNetty" - kafka_server_conf_set "zookeeper.ssl.client.enable" "true" - is_boolean_yes "${KAFKA_ZOOKEEPER_TLS_VERIFY_HOSTNAME:-}" && kafka_server_conf_set "zookeeper.ssl.endpoint.identification.algorithm" "HTTPS" - ! is_empty_value "${keystore_location:-}" && kafka_server_conf_set "zookeeper.ssl.keystore.location" "${keystore_location}" - ! is_empty_value "${KAFKA_ZOOKEEPER_TLS_KEYSTORE_PASSWORD:-}" && kafka_server_conf_set "zookeeper.ssl.keystore.password" "${KAFKA_ZOOKEEPER_TLS_KEYSTORE_PASSWORD}" - ! is_empty_value "${kafka_zk_truststore_location:-}" && kafka_server_conf_set "zookeeper.ssl.truststore.location" "${kafka_zk_truststore_location}" - ! is_empty_value "${KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_PASSWORD:-}" && kafka_server_conf_set "zookeeper.ssl.truststore.password" "${KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_PASSWORD}" - true # Avoid the function to fail due to the check above -} - -######################## -# Configure Kafka configuration files from environment variables -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_configure_from_environment_variables() { - # List of special cases to apply to the variables - local -r exception_regexps=( - "s/sasl\.ssl/sasl_ssl/g" - "s/sasl\.plaintext/sasl_plaintext/g" - ) - # Map environment variables to config properties - for var in "${!KAFKA_CFG_@}"; do - key="$(echo "$var" | sed -e 's/^KAFKA_CFG_//g' -e 's/_/\./g' | tr '[:upper:]' '[:lower:]')" - - # Exception for the camel case in this environment variable - [[ "$var" == "KAFKA_CFG_ZOOKEEPER_CLIENTCNXNSOCKET" ]] && key="zookeeper.clientCnxnSocket" - - # Apply exception regexps - for regex in "${exception_regexps[@]}"; do - key="$(echo "$key" | sed "$regex")" - done - - value="${!var}" - # Skip empty variables from kafka-env.sh - ! is_empty_value "$value" && kafka_server_conf_set "$key" "$value" - done -} - -######################## -# Initialize KRaft storage -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_kraft_storage_initialize() { - local args=("--config" "$KAFKA_CONF_FILE" "--ignore-formatted") - info "Initializing KRaft storage metadata" - - # If cluster.id found in meta.properties, use it - if [[ -f "${KAFKA_DATA_DIR}/meta.properties" ]]; then - KAFKA_KRAFT_CLUSTER_ID=$(grep "^cluster.id=" "${KAFKA_DATA_DIR}/meta.properties" | sed -E 's/^cluster\.id=(\S+)$/\1/') - fi - - if is_empty_value "${KAFKA_KRAFT_CLUSTER_ID:-}"; then - warn "KAFKA_KRAFT_CLUSTER_ID not set - If using multiple nodes then you must use the same Cluster ID for each one" - KAFKA_KRAFT_CLUSTER_ID="$("${KAFKA_HOME}/bin/kafka-storage.sh" random-uuid)" - info "Generated Kafka cluster ID '${KAFKA_KRAFT_CLUSTER_ID}'" - fi - args+=("--cluster-id" "$KAFKA_KRAFT_CLUSTER_ID") - - # SCRAM users are configured during the cluster bootstrapping process and can later be manually updated using kafka-config.sh - if is_boolean_yes "${KAFKA_KRAFT_BOOTSTRAP_SCRAM_USERS:-}"; then - info "Adding KRaft SCRAM users at storage bootstrap" - read -r -a users <<<"$(tr ',;' ' ' <<<"${KAFKA_CLIENT_USERS}")" - read -r -a passwords <<<"$(tr ',;' ' ' <<<"${KAFKA_CLIENT_PASSWORDS}")" - # Configure SCRAM-SHA-256 if enabled - if grep -Eq "^sasl.enabled.mechanisms=.*SCRAM-SHA-256" "$KAFKA_CONF_FILE"; then - for ((i = 0; i < ${#users[@]}; i++)); do - args+=("--add-scram" "SCRAM-SHA-256=[name=${users[i]},password=${passwords[i]}]") - done - fi - # Configure SCRAM-SHA-512 if enabled - if grep -Eq "^sasl.enabled.mechanisms=.*SCRAM-SHA-512" "$KAFKA_CONF_FILE"; then - for ((i = 0; i < ${#users[@]}; i++)); do - args+=("--add-scram" "SCRAM-SHA-512=[name=${users[i]},password=${passwords[i]}]") - done - fi - # Add interbroker credentials - if grep -Eq "^sasl.mechanism.inter.broker.protocol=SCRAM-SHA-256" "$KAFKA_CONF_FILE"; then - args+=("--add-scram" "SCRAM-SHA-256=[name=${KAFKA_INTER_BROKER_USER},password=${KAFKA_INTER_BROKER_PASSWORD}]") - elif grep -Eq "^sasl.mechanism.inter.broker.protocol=SCRAM-SHA-512" "$KAFKA_CONF_FILE"; then - args+=("--add-scram" "SCRAM-SHA-512=[name=${KAFKA_INTER_BROKER_USER},password=${KAFKA_INTER_BROKER_PASSWORD}]") - fi - # Add controller credentials - if grep -Eq "^sasl.mechanism.controller.protocol=SCRAM-SHA-256" "$KAFKA_CONF_FILE"; then - args+=("--add-scram" "SCRAM-SHA-256=[name=${KAFKA_CONTROLLER_USER},password=${KAFKA_CONTROLLER_PASSWORD}]") - elif grep -Eq "^sasl.mechanism.controller.protocol=SCRAM-SHA-512" "$KAFKA_CONF_FILE"; then - args+=("--add-scram" "SCRAM-SHA-512=[name=${KAFKA_CONTROLLER_USER},password=${KAFKA_CONTROLLER_PASSWORD}]") - fi - fi - info "Formatting storage directories to add metadata..." - "${KAFKA_HOME}/bin/kafka-storage.sh" format "${args[@]}" -} - -######################## -# Detects inconsitences between the configuration at KAFKA_CONF_FILE and cluster-state file -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_kraft_quorum_voters_changed(){ - read -r -a quorum_voters_conf_ids <<<"$(grep "^controller.quorum.voters=" "$KAFKA_CONF_FILE" | sed "s/^controller.quorum.voters=//" | tr "," " " | sed -E "s/\@\S+//g")" - read -r -a quorum_voters_state_ids <<< "$(grep -Eo "\{\"voterId\":[0-9]+\}" "${KAFKA_DATA_DIR}/__cluster_metadata-0/quorum-state" | grep -Eo "[0-9]+" | tr "\n" " ")" - - if [[ "${#quorum_voters_conf_ids[@]}" != "${#quorum_voters_state_ids[@]}" ]]; then - true - else - read -r -a sorted_state <<< "$(echo "${quorum_voters_conf_ids[@]}" | tr ' ' '\n' | sort | tr '\n' ' ')" - read -r -a sorted_conf <<< "$(echo "${quorum_voters_state_ids[@]}" | tr ' ' '\n' | sort | tr '\n' ' ')" - if [[ "${sorted_state[*]}" = "${sorted_conf[*]}" ]]; then - false - else - true - fi - fi -} - -######################## -# Initialize Kafka -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_initialize() { - info "Initializing Kafka..." - # Check for mounted configuration files - if ! is_dir_empty "$KAFKA_MOUNTED_CONF_DIR"; then - cp -Lr "$KAFKA_MOUNTED_CONF_DIR"/* "$KAFKA_CONF_DIR" - fi - # Copy truststore to cert directory - for cert_var in KAFKA_TLS_TRUSTSTORE_FILE KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE; do - # Only copy if the file exists and it is in a different location than KAFKA_CERTS_DIR (to avoid copying to the same location) - if [[ -f "${!cert_var}" ]] && ! [[ "${!cert_var}" =~ $KAFKA_CERTS_DIR ]]; then - info "Copying truststore ${!cert_var} to ${KAFKA_CERTS_DIR}" - cp -L "${!cert_var}" "$KAFKA_CERTS_DIR" - fi - done - - if [[ ! -f "${KAFKA_MOUNTED_CONF_DIR}/server.properties" ]]; then - info "No injected configuration files found, creating default config files" - # Restore original server.properties but remove Zookeeper/KRaft specific settings for compatibility with both architectures - cp "${KAFKA_CONF_DIR}/server.properties.original" "$KAFKA_CONF_FILE" - kafka_server_unify_conf - # Configure Kafka settings - kafka_server_conf_set log.dirs "$KAFKA_DATA_DIR" - kafka_configure_from_environment_variables - # Configure Kafka producer/consumer to set up message sizes - ! is_empty_value "${KAFKA_CFG_MAX_REQUEST_SIZE:-}" && kafka_common_conf_set "$KAFKA_CONF_DIR/producer.properties" max.request.size "$KAFKA_CFG_MAX_REQUEST_SIZE" - ! is_empty_value "${KAFKA_CFG_MAX_PARTITION_FETCH_BYTES:-}" && kafka_common_conf_set "$KAFKA_CONF_DIR/consumer.properties" max.partition.fetch.bytes "$KAFKA_CFG_MAX_PARTITION_FETCH_BYTES" - # Zookeeper mode additional settings - if ! is_empty_value "${KAFKA_CFG_ZOOKEEPER_CONNECT:-}"; then - if [[ "$KAFKA_ZOOKEEPER_PROTOCOL" =~ SSL ]]; then - kafka_zookeeper_configure_tls - fi - if [[ "$KAFKA_ZOOKEEPER_PROTOCOL" =~ SASL ]]; then - kafka_zookeeper_configure_jaas - fi - fi - # If at least one listener uses SSL or SASL_SSL, ensure SSL is configured - if kafka_has_ssl_listener; then - kafka_configure_ssl - fi - # If at least one listener uses SASL_PLAINTEXT or SASL_SSL, ensure SASL is configured - if kafka_has_sasl_listener; then - if [[ "$KAFKA_CFG_SASL_ENABLED_MECHANISMS" =~ SCRAM ]]; then - if ! is_empty_value "${KAFKA_CFG_PROCESS_ROLES:-}"; then - if [[ "$(kafka_get_version)" =~ ^3\.2\.|^3\.3\.|^3\.4\. ]]; then - # NOTE: This will depend on Kafka version when support for SCRAM is added - warn "KRaft mode requires Kafka version 3.5 or higher for SCRAM to be supported. SCRAM SASL mechanisms will now be disabled." - KAFKA_CFG_SASL_ENABLED_MECHANISMS=PLAIN - else - export KAFKA_KRAFT_BOOTSTRAP_SCRAM_USERS="true" - fi - fi - if ! is_empty_value "${KAFKA_CFG_ZOOKEEPER_CONNECT:-}"; then - export KAFKA_ZOOKEEPER_BOOTSTRAP_SCRAM_USERS="true" - fi - fi - kafka_server_conf_set sasl.enabled.mechanisms "$KAFKA_CFG_SASL_ENABLED_MECHANISMS" - fi - # Settings for each Kafka Listener are configured individually - read -r -a protocol_maps <<<"$(tr ',' ' ' <<<"$KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP")" - for protocol_map in "${protocol_maps[@]}"; do - read -r -a map <<<"$(tr ':' ' ' <<<"$protocol_map")" - # Obtain the listener and protocol from protocol map string, e.g. CONTROLLER:PLAINTEXT - listener="${map[0]}" - protocol="${map[1]}" - listener_lower="$(echo "$listener" | tr '[:upper:]' '[:lower:]')" - - if [[ "$protocol" = "SSL" || "$protocol" = "SASL_SSL" ]]; then - listener_upper="$(echo "$listener" | tr '[:lower:]' '[:upper:]')" - env_name="KAFKA_TLS_${listener_upper}_CLIENT_AUTH" - [[ -n "${!env_name:-}" ]] && kafka_server_conf_set "listener.name.${listener_lower}.ssl.client.auth" "${!env_name}" - fi - if [[ "$protocol" = "SASL_PLAINTEXT" || "$protocol" = "SASL_SSL" ]]; then - local role="" - if [[ "$listener" = "${KAFKA_CFG_INTER_BROKER_LISTENER_NAME:-INTERNAL}" ]]; then - kafka_server_conf_set sasl.mechanism.inter.broker.protocol "$KAFKA_CFG_SASL_MECHANISM_INTER_BROKER_PROTOCOL" - role="inter-broker" - elif [[ "${KAFKA_CFG_CONTROLLER_LISTENER_NAMES:-CONTROLLER}" =~ $listener ]]; then - kafka_server_conf_set sasl.mechanism.controller.protocol "$KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL" - kafka_server_conf_set "listener.name.${listener_lower}.sasl.enabled.mechanisms" "$KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL" - role="controller" - fi - # If KAFKA_CLIENT_LISTENER_NAME is found in the listeners list, configure the producer/consumer accordingly - if [[ "$listener" = "${KAFKA_CLIENT_LISTENER_NAME:-CLIENT}" ]]; then - kafka_configure_consumer_producer_jaas - kafka_producer_consumer_conf_set security.protocol "$protocol" - kafka_producer_consumer_conf_set sasl.mechanism "${KAFKA_CLIENT_SASL_MECHANISM:-$(kafka_client_sasl_mechanism)}" - fi - kafka_configure_server_jaas "$listener_lower" "${role:-}" - fi - done - else - info "Detected mounted server.properties file at ${KAFKA_MOUNTED_CONF_DIR}/server.properties. Skipping configuration based on env variables" - fi - true -} - -######################## -# Returns the most secure SASL mechanism available for Kafka clients -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################## -kafka_client_sasl_mechanism() { - local sasl_mechanism="" - - if [[ "$KAFKA_CFG_SASL_ENABLED_MECHANISMS" =~ SCRAM-SHA-512 ]]; then - sasl_mechanism="SCRAM-SHA-512" - elif [[ "$KAFKA_CFG_SASL_ENABLED_MECHANISMS" =~ SCRAM-SHA-256 ]]; then - sasl_mechanism="SCRAM-SHA-256" - elif [[ "$KAFKA_CFG_SASL_ENABLED_MECHANISMS" =~ PLAIN ]]; then - sasl_mechanism="PLAIN" - fi - echo "$sasl_mechanism" -} - -######################## -# Removes default settings referencing Zookeeper mode or KRaft mode -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################## -kafka_server_unify_conf() { - local -r remove_regexps=( - #Zookeeper - "s/^zookeeper\./#zookeeper./g" - "s/^group\.initial/#group.initial/g" - "s/^broker\./#broker./g" - "s/^node\./#node./g" - "s/^process\./#process./g" - "s/^listeners=/#listeners=/g" - "s/^listener\./#listener./g" - "s/^controller\./#controller./g" - "s/^inter\.broker/#inter.broker/g" - "s/^advertised\.listeners/#advertised.listeners/g" - ) - - # Map environment variables to config properties - for regex in "${remove_regexps[@]}"; do - sed -i "${regex}" "$KAFKA_CONF_FILE" - done -} - -######################## -# Dinamically set node.id/broker.id/controller.quorum.voters if their alternative environment variable _COMMAND is set -# Globals: -# KAFKA_*_COMMAND -# Arguments: -# None -# Returns: -# None -######################### -kafka_dynamic_environment_variables() { - # KRaft mode - if ! is_empty_value "${KAFKA_NODE_ID_COMMAND:-}"; then - KAFKA_CFG_NODE_ID="$(eval "${KAFKA_NODE_ID_COMMAND}")" - export KAFKA_CFG_NODE_ID - fi - if ! is_empty_value "${KAFKA_CONTROLLER_QUORUM_VOTERS_COMMAND:-}"; then - KAFKA_CFG_CONTROLLER_QUORUM_VOTERS="$(eval "${KAFKA_CONTROLLER_QUORUM_VOTERS_COMMAND}")" - export KAFKA_CFG_CONTROLLER_QUORUM_VOTERS - fi - # Zookeeper mode - # DEPRECATED - BROKER_ID_COMMAND has been deprecated, please use KAFKA_BROKER_ID_COMMAND instead - if ! is_empty_value "${KAFKA_BROKER_ID_COMMAND:-}"; then - KAFKA_CFG_BROKER_ID="$(eval "${KAFKA_BROKER_ID_COMMAND}")" - export KAFKA_CFG_BROKER_ID - elif ! is_empty_value "${BROKER_ID_COMMAND:-}"; then - KAFKA_CFG_BROKER_ID="$(eval "${BROKER_ID_COMMAND}")" - export KAFKA_CFG_BROKER_ID - fi -} - -######################## -# Run custom initialization scripts -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_custom_init_scripts() { - if [[ -n $(find "${KAFKA_INITSCRIPTS_DIR}/" -type f -regex ".*\.\(sh\)") ]] && [[ ! -f "${KAFKA_VOLUME_DIR}/.user_scripts_initialized" ]]; then - info "Loading user's custom files from $KAFKA_INITSCRIPTS_DIR" - for f in /docker-entrypoint-initdb.d/*; do - debug "Executing $f" - case "$f" in - *.sh) - if [[ -x "$f" ]]; then - if ! "$f"; then - error "Failed executing $f" - return 1 - fi - else - warn "Sourcing $f as it is not executable by the current user, any error may cause initialization to fail" - . "$f" - fi - ;; - *) - warn "Skipping $f, supported formats are: .sh" - ;; - esac - done - touch "$KAFKA_VOLUME_DIR"/.user_scripts_initialized - fi -} - -######################## -# Check if Kafka is running -# Globals: -# KAFKA_PID_FILE -# Arguments: -# None -# Returns: -# Whether Kafka is running -######################## -is_kafka_running() { - local pid - pid="$(get_pid_from_file "$KAFKA_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if Kafka is running -# Globals: -# KAFKA_PID_FILE -# Arguments: -# None -# Returns: -# Whether Kafka is not running -######################## -is_kafka_not_running() { - ! is_kafka_running -} - -######################## -# Stop Kafka -# Globals: -# KAFKA_PID_FILE -# Arguments: -# None -# Returns: -# None -######################### -kafka_stop() { - ! is_kafka_running && return - stop_service_using_pid "$KAFKA_PID_FILE" TERM -} diff --git a/bitnami/kafka/3.4/debian-11/tags-info.yaml b/bitnami/kafka/3.4/debian-11/tags-info.yaml deleted file mode 100644 index f8a24c2d89e5..000000000000 --- a/bitnami/kafka/3.4/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "3.4" -- 3.4-debian-11 -- 3.4.1 diff --git a/bitnami/kafka/3.5/debian-11/Dockerfile b/bitnami/kafka/3.5/debian-11/Dockerfile deleted file mode 100644 index d7cd4e8eb72f..000000000000 --- a/bitnami/kafka/3.5/debian-11/Dockerfile +++ /dev/null @@ -1,63 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG JAVA_EXTRA_SECURITY_DIR="/bitnami/java/extra-security" -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T08:50:52Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="3.5.2-debian-11-r24" \ - org.opencontainers.image.title="kafka" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="3.5.2" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "wait-for-port-1.0.7-9-linux-${OS_ARCH}-debian-11" \ - "render-template-1.0.6-9-linux-${OS_ARCH}-debian-11" \ - "java-17.0.10-13-2-linux-${OS_ARCH}-debian-11" \ - "kafka-3.5.2-3-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN ln -s /opt/bitnami/scripts/kafka/entrypoint.sh /entrypoint.sh -RUN ln -s /opt/bitnami/scripts/kafka/run.sh /run.sh - -COPY rootfs / -RUN /opt/bitnami/scripts/java/postunpack.sh -RUN /opt/bitnami/scripts/kafka/postunpack.sh -ENV APP_VERSION="3.5.2" \ - BITNAMI_APP_NAME="kafka" \ - JAVA_HOME="/opt/bitnami/java" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/java/bin:/opt/bitnami/kafka/bin:$PATH" - -EXPOSE 9092 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/kafka/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/kafka/run.sh" ] diff --git a/bitnami/kafka/3.5/debian-11/docker-compose.yml b/bitnami/kafka/3.5/debian-11/docker-compose.yml deleted file mode 100644 index 86a24cf65d53..000000000000 --- a/bitnami/kafka/3.5/debian-11/docker-compose.yml +++ /dev/null @@ -1,26 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: "2" - -services: - kafka: - image: docker.io/bitnami/kafka:3.5 - ports: - - "9092:9092" - volumes: - - "kafka_data:/bitnami" - environment: - # KRaft settings - - KAFKA_CFG_NODE_ID=0 - - KAFKA_CFG_PROCESS_ROLES=controller,broker - - KAFKA_CFG_CONTROLLER_QUORUM_VOTERS=0@kafka:9093 - # Listeners - - KAFKA_CFG_LISTENERS=PLAINTEXT://:9092,CONTROLLER://:9093 - - KAFKA_CFG_ADVERTISED_LISTENERS=PLAINTEXT://:9092 - - KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP=CONTROLLER:PLAINTEXT,PLAINTEXT:PLAINTEXT - - KAFKA_CFG_CONTROLLER_LISTENER_NAMES=CONTROLLER - - KAFKA_CFG_INTER_BROKER_LISTENER_NAME=PLAINTEXT -volumes: - kafka_data: - driver: local diff --git a/bitnami/kafka/3.5/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/kafka/3.5/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 1bf33e97b33e..000000000000 --- a/bitnami/kafka/3.5/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,26 +0,0 @@ -{ - "java": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "17.0.10-13-2" - }, - "kafka": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.5.2-3" - }, - "render-template": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.6-9" - }, - "wait-for-port": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.7-9" - } -} \ No newline at end of file diff --git a/bitnami/kafka/3.5/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/kafka/3.5/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/kafka/3.5/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/kafka/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/kafka/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/kafka/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/kafka/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/kafka/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/kafka/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/kafka/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/kafka/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/kafka/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/kafka/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/kafka/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/kafka/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/kafka/3.5/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/kafka/3.5/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/kafka/3.5/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/kafka/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/kafka/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/kafka/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/kafka/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/kafka/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/kafka/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/kafka/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/kafka/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/kafka/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/kafka/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/kafka/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/kafka/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/kafka/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/kafka/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/kafka/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/kafka/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/kafka/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/kafka/3.5/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/kafka/3.5/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/kafka/3.5/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/kafka/3.5/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/kafka/3.5/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/kafka/3.5/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/kafka/3.5/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/kafka/3.5/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh b/bitnami/kafka/3.5/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh deleted file mode 100755 index c3a1e2383fa1..000000000000 --- a/bitnami/kafka/3.5/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -print_welcome_page - -echo "" -exec "$@" diff --git a/bitnami/kafka/3.5/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh b/bitnami/kafka/3.5/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh deleted file mode 100755 index 52dbf4f13673..000000000000 --- a/bitnami/kafka/3.5/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh - -# -# Java post-unpack operations -# - -# Override default files in the Java security directory. This is used for -# custom base images (with custom CA certificates or block lists is used) - -if [[ -n "${JAVA_EXTRA_SECURITY_DIR:-}" ]] && ! is_dir_empty "$JAVA_EXTRA_SECURITY_DIR"; then - info "Adding custom CAs to the Java security folder" - cp -Lr "${JAVA_EXTRA_SECURITY_DIR}/." /opt/bitnami/java/lib/security -fi diff --git a/bitnami/kafka/3.5/debian-11/rootfs/opt/bitnami/scripts/kafka-env.sh b/bitnami/kafka/3.5/debian-11/rootfs/opt/bitnami/scripts/kafka-env.sh deleted file mode 100644 index 9f33fc07871a..000000000000 --- a/bitnami/kafka/3.5/debian-11/rootfs/opt/bitnami/scripts/kafka-env.sh +++ /dev/null @@ -1,117 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for kafka - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-kafka}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -kafka_env_vars=( - KAFKA_MOUNTED_CONF_DIR - KAFKA_INTER_BROKER_USER - KAFKA_INTER_BROKER_PASSWORD - KAFKA_CONTROLLER_USER - KAFKA_CONTROLLER_PASSWORD - KAFKA_CERTIFICATE_PASSWORD - KAFKA_TLS_TRUSTSTORE_FILE - KAFKA_TLS_TYPE - KAFKA_TLS_CLIENT_AUTH - KAFKA_OPTS - KAFKA_CFG_SASL_ENABLED_MECHANISMS - KAFKA_KRAFT_CLUSTER_ID - KAFKA_SKIP_KRAFT_STORAGE_INIT - KAFKA_CLIENT_LISTENER_NAME - KAFKA_ZOOKEEPER_PROTOCOL - KAFKA_ZOOKEEPER_PASSWORD - KAFKA_ZOOKEEPER_USER - KAFKA_ZOOKEEPER_TLS_KEYSTORE_PASSWORD - KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_PASSWORD - KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE - KAFKA_ZOOKEEPER_TLS_VERIFY_HOSTNAME - KAFKA_ZOOKEEPER_TLS_TYPE - KAFKA_CLIENT_USERS - KAFKA_CLIENT_PASSWORDS - KAFKA_HEAP_OPTS -) -for env_var in "${kafka_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset kafka_env_vars - -# Paths -export KAFKA_BASE_DIR="${BITNAMI_ROOT_DIR}/kafka" -export KAFKA_VOLUME_DIR="/bitnami/kafka" -export KAFKA_DATA_DIR="${KAFKA_VOLUME_DIR}/data" -export KAFKA_CONF_DIR="${KAFKA_BASE_DIR}/config" -export KAFKA_CONF_FILE="${KAFKA_CONF_DIR}/server.properties" -export KAFKA_MOUNTED_CONF_DIR="${KAFKA_MOUNTED_CONF_DIR:-${KAFKA_VOLUME_DIR}/config}" -export KAFKA_CERTS_DIR="${KAFKA_CONF_DIR}/certs" -export KAFKA_INITSCRIPTS_DIR="/docker-entrypoint-initdb.d" -export KAFKA_LOG_DIR="${KAFKA_BASE_DIR}/logs" -export KAFKA_HOME="$KAFKA_BASE_DIR" -export PATH="${KAFKA_BASE_DIR}/bin:${BITNAMI_ROOT_DIR}/java/bin:${PATH}" - -# System users (when running with a privileged user) -export KAFKA_DAEMON_USER="kafka" -export KAFKA_DAEMON_GROUP="kafka" - -# Kafka runtime settings -export KAFKA_INTER_BROKER_USER="${KAFKA_INTER_BROKER_USER:-user}" -export KAFKA_INTER_BROKER_PASSWORD="${KAFKA_INTER_BROKER_PASSWORD:-bitnami}" -export KAFKA_CONTROLLER_USER="${KAFKA_CONTROLLER_USER:-controller_user}" -export KAFKA_CONTROLLER_PASSWORD="${KAFKA_CONTROLLER_PASSWORD:-bitnami}" -export KAFKA_CERTIFICATE_PASSWORD="${KAFKA_CERTIFICATE_PASSWORD:-}" -export KAFKA_TLS_TRUSTSTORE_FILE="${KAFKA_TLS_TRUSTSTORE_FILE:-}" -export KAFKA_TLS_TYPE="${KAFKA_TLS_TYPE:-JKS}" -export KAFKA_TLS_CLIENT_AUTH="${KAFKA_TLS_CLIENT_AUTH:-required}" -export KAFKA_OPTS="${KAFKA_OPTS:-}" - -# Kafka configuration overrides -export KAFKA_CFG_SASL_ENABLED_MECHANISMS="${KAFKA_CFG_SASL_ENABLED_MECHANISMS:-PLAIN,SCRAM-SHA-256,SCRAM-SHA-512}" -export KAFKA_KRAFT_CLUSTER_ID="${KAFKA_KRAFT_CLUSTER_ID:-}" -export KAFKA_SKIP_KRAFT_STORAGE_INIT="${KAFKA_SKIP_KRAFT_STORAGE_INIT:-false}" -export KAFKA_CLIENT_LISTENER_NAME="${KAFKA_CLIENT_LISTENER_NAME:-}" - -# ZooKeeper connection settings -export KAFKA_ZOOKEEPER_PROTOCOL="${KAFKA_ZOOKEEPER_PROTOCOL:-PLAINTEXT}" -export KAFKA_ZOOKEEPER_PASSWORD="${KAFKA_ZOOKEEPER_PASSWORD:-}" -export KAFKA_ZOOKEEPER_USER="${KAFKA_ZOOKEEPER_USER:-}" -export KAFKA_ZOOKEEPER_TLS_KEYSTORE_PASSWORD="${KAFKA_ZOOKEEPER_TLS_KEYSTORE_PASSWORD:-}" -export KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_PASSWORD="${KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_PASSWORD:-}" -export KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE="${KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE:-}" -export KAFKA_ZOOKEEPER_TLS_VERIFY_HOSTNAME="${KAFKA_ZOOKEEPER_TLS_VERIFY_HOSTNAME:-true}" -export KAFKA_ZOOKEEPER_TLS_TYPE="${KAFKA_ZOOKEEPER_TLS_TYPE:-JKS}" - -# Authentication -export KAFKA_CLIENT_USERS="${KAFKA_CLIENT_USERS:-user}" -export KAFKA_CLIENT_PASSWORDS="${KAFKA_CLIENT_PASSWORDS:-bitnami}" - -# Java settings -export KAFKA_HEAP_OPTS="${KAFKA_HEAP_OPTS:--Xmx1024m -Xms1024m}" - -# Custom environment variables may be defined below diff --git a/bitnami/kafka/3.5/debian-11/rootfs/opt/bitnami/scripts/kafka/entrypoint.sh b/bitnami/kafka/3.5/debian-11/rootfs/opt/bitnami/scripts/kafka/entrypoint.sh deleted file mode 100755 index deafe6d4660a..000000000000 --- a/bitnami/kafka/3.5/debian-11/rootfs/opt/bitnami/scripts/kafka/entrypoint.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/libkafka.sh - -# Load Kafka environment variables -. /opt/bitnami/scripts/kafka-env.sh - -print_welcome_page - -if [[ "$*" = *"/opt/bitnami/scripts/kafka/run.sh"* || "$*" = *"/run.sh"* ]]; then - info "** Starting Kafka setup **" - /opt/bitnami/scripts/kafka/setup.sh - info "** Kafka setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/kafka/3.5/debian-11/rootfs/opt/bitnami/scripts/kafka/postunpack.sh b/bitnami/kafka/3.5/debian-11/rootfs/opt/bitnami/scripts/kafka/postunpack.sh deleted file mode 100755 index b6526959daf7..000000000000 --- a/bitnami/kafka/3.5/debian-11/rootfs/opt/bitnami/scripts/kafka/postunpack.sh +++ /dev/null @@ -1,46 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libkafka.sh -. /opt/bitnami/scripts/libfs.sh - -# Load Kafka environment variables -. /opt/bitnami/scripts/kafka-env.sh - -# Move server.properties from configtmp to config -# Temporary solution until kafka tarball places server.properties into config -if [[ -d "${KAFKA_BASE_DIR}/configtmp" ]]; then - mv "${KAFKA_BASE_DIR}/configtmp"/* "$KAFKA_CONF_DIR" - rmdir "${KAFKA_BASE_DIR}/configtmp" -fi -[[ -d "${KAFKA_BASE_DIR}/conf" ]] && rmdir "${KAFKA_BASE_DIR}/conf" - -# Ensure directories used by Kafka exist and have proper ownership and permissions -for dir in "$KAFKA_LOG_DIR" "$KAFKA_CONF_DIR" "$KAFKA_MOUNTED_CONF_DIR" "$KAFKA_VOLUME_DIR" "$KAFKA_DATA_DIR" "$KAFKA_INITSCRIPTS_DIR"; do - ensure_dir_exists "$dir" -done -chmod -R g+rwX "$KAFKA_BASE_DIR" "$KAFKA_VOLUME_DIR" "$KAFKA_DATA_DIR" "$KAFKA_INITSCRIPTS_DIR" - -# Move the original server.properties, so users can skip initialization logic by mounting their own server.properties directly instead of using the MOUNTED_CONF_DIR -mv "${KAFKA_CONF_DIR}/server.properties" "${KAFKA_CONF_DIR}/server.properties.original" - -# Disable logging to stdout and garbage collection -# Source: https://logging.apache.org/log4j/log4j-2.4/manual/appenders.html -replace_in_file "${KAFKA_BASE_DIR}/bin/kafka-server-start.sh" " [-]loggc" " " -replace_in_file "${KAFKA_CONF_DIR}/log4j.properties" "DailyRollingFileAppender" "ConsoleAppender" - -# Disable the default console logger in favour of KafkaAppender (which provides the exact output) -echo "log4j.appender.stdout.Threshold=OFF" >>"${KAFKA_CONF_DIR}/log4j.properties" - -# Remove invalid parameters for ConsoleAppender -remove_in_file "${KAFKA_CONF_DIR}/log4j.properties" "DatePattern" -remove_in_file "${KAFKA_CONF_DIR}/log4j.properties" "Appender.File" diff --git a/bitnami/kafka/3.5/debian-11/rootfs/opt/bitnami/scripts/kafka/run.sh b/bitnami/kafka/3.5/debian-11/rootfs/opt/bitnami/scripts/kafka/run.sh deleted file mode 100755 index a82f26867e70..000000000000 --- a/bitnami/kafka/3.5/debian-11/rootfs/opt/bitnami/scripts/kafka/run.sh +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libkafka.sh -. /opt/bitnami/scripts/libos.sh - -# Load Kafka environment variables -. /opt/bitnami/scripts/kafka-env.sh - -if [[ -f "${KAFKA_CONF_DIR}/kafka_jaas.conf" ]]; then - export KAFKA_OPTS="-Djava.security.auth.login.config=${KAFKA_CONF_DIR}/kafka_jaas.conf" -fi - -cmd="$KAFKA_HOME/bin/kafka-server-start.sh" -args=("$KAFKA_CONF_FILE") -! is_empty_value "${KAFKA_EXTRA_FLAGS:-}" && args=("${args[@]}" "${KAFKA_EXTRA_FLAGS[@]}") - -info "** Starting Kafka **" -if am_i_root; then - exec_as_user "$KAFKA_DAEMON_USER" "$cmd" "${args[@]}" "$@" -else - exec "$cmd" "${args[@]}" "$@" -fi diff --git a/bitnami/kafka/3.5/debian-11/rootfs/opt/bitnami/scripts/kafka/setup.sh b/bitnami/kafka/3.5/debian-11/rootfs/opt/bitnami/scripts/kafka/setup.sh deleted file mode 100755 index a1dcc1d2d162..000000000000 --- a/bitnami/kafka/3.5/debian-11/rootfs/opt/bitnami/scripts/kafka/setup.sh +++ /dev/null @@ -1,60 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libkafka.sh - -# Load Kafka environment variables -. /opt/bitnami/scripts/kafka-env.sh - -# Map Kafka environment variables -kafka_create_alias_environment_variables - -# Dinamically set node.id/broker.id/controller.quorum.voters if the _COMMAND environment variable is set -kafka_dynamic_environment_variables - -# Set the default tuststore locations before validation -kafka_configure_default_truststore_locations -# Ensure Kafka user and group exist when running as 'root' -am_i_root && ensure_user_exists "$KAFKA_DAEMON_USER" --group "$KAFKA_DAEMON_GROUP" -# Ensure directories used by Kafka exist and have proper ownership and permissions -for dir in "$KAFKA_LOG_DIR" "$KAFKA_CONF_DIR" "$KAFKA_MOUNTED_CONF_DIR" "$KAFKA_VOLUME_DIR" "$KAFKA_DATA_DIR"; do - if am_i_root; then - ensure_dir_exists "$dir" "$KAFKA_DAEMON_USER" "$KAFKA_DAEMON_GROUP" - else - ensure_dir_exists "$dir" - fi -done - -# Kafka validation, skipped if server.properties was mounted at either $KAFKA_MOUNTED_CONF_DIR or $KAFKA_CONF_DIR -[[ ! -f "${KAFKA_MOUNTED_CONF_DIR}/server.properties" && ! -f "$KAFKA_CONF_FILE" ]] && kafka_validate -# Kafka initialization, skipped if server.properties was mounted at $KAFKA_CONF_DIR -[[ ! -f "$KAFKA_CONF_FILE" ]] && kafka_initialize - -# Initialise KRaft metadata storage if process.roles configured -if grep -q "^process.roles=" "$KAFKA_CONF_FILE" && ! is_boolean_yes "$KAFKA_SKIP_KRAFT_STORAGE_INIT" ; then - kafka_kraft_storage_initialize -fi -# Configure Zookeeper SCRAM users -if is_boolean_yes "${KAFKA_ZOOKEEPER_BOOTSTRAP_SCRAM_USERS:-}"; then - kafka_zookeeper_create_sasl_scram_users -fi -# KRaft controllers may get stuck starting when the controller quorum voters are changed. -# Workaround: Remove quorum-state file when scaling up/down controllers (Waiting proposal KIP-853) -# https://cwiki.apache.org/confluence/display/KAFKA/KIP-853%3A+KRaft+Voter+Changes -if [[ -f "${KAFKA_DATA_DIR}/__cluster_metadata-0/quorum-state" ]] && grep -q "^controller.quorum.voters=" "$KAFKA_CONF_FILE" && kafka_kraft_quorum_voters_changed; then - warn "Detected inconsitences between controller.quorum.voters and quorum-state, removing it..." - rm -f "${KAFKA_DATA_DIR}/__cluster_metadata-0/quorum-state" -fi -# Ensure custom initialization scripts are executed -kafka_custom_init_scripts diff --git a/bitnami/kafka/3.5/debian-11/rootfs/opt/bitnami/scripts/libkafka.sh b/bitnami/kafka/3.5/debian-11/rootfs/opt/bitnami/scripts/libkafka.sh deleted file mode 100644 index 0efa81c4b873..000000000000 --- a/bitnami/kafka/3.5/debian-11/rootfs/opt/bitnami/scripts/libkafka.sh +++ /dev/null @@ -1,1175 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Kafka library - -# shellcheck disable=SC1090,SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libservice.sh - -# Functions - -######################## -# Set a configuration setting value to a file -# Globals: -# None -# Arguments: -# $1 - file -# $2 - key -# $3 - values (array) -# Returns: -# None -######################### -kafka_common_conf_set() { - local file="${1:?missing file}" - local key="${2:?missing key}" - shift - shift - local values=("$@") - - if [[ "${#values[@]}" -eq 0 ]]; then - stderr_print "missing value" - return 1 - elif [[ "${#values[@]}" -ne 1 ]]; then - for i in "${!values[@]}"; do - kafka_common_conf_set "$file" "${key[$i]}" "${values[$i]}" - done - else - value="${values[0]}" - # Check if the value was set before - if grep -q "^[#\\s]*$key\s*=.*" "$file"; then - # Update the existing key - replace_in_file "$file" "^[#\\s]*${key}\s*=.*" "${key}=${value}" false - else - # Add a new key - printf '\n%s=%s' "$key" "$value" >>"$file" - fi - fi -} - -######################## -# Returns true if at least one listener is configured using SSL -# Globals: -# KAFKA_CFG_LISTENERS -# KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP -# Arguments: -# None -# Returns: -# true/false -######################### -kafka_has_ssl_listener(){ - if ! is_empty_value "${KAFKA_CFG_LISTENERS:-}"; then - if is_empty_value "${KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP:-}"; then - if [[ "$KAFKA_CFG_LISTENERS" =~ SSL: || "$KAFKA_CFG_LISTENERS" =~ SASL_SSL: ]]; then - return - fi - else - read -r -a protocol_maps <<<"$(tr ',' ' ' <<<"$KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP")" - for protocol_map in "${protocol_maps[@]}"; do - read -r -a map <<<"$(tr ':' ' ' <<<"$protocol_map")" - # Obtain the listener and protocol from protocol map string, e.g. CONTROLLER:PLAINTEXT - listener="${map[0]}" - protocol="${map[1]}" - if [[ "$protocol" = "SSL" || "$protocol" = "SASL_SSL" ]]; then - if [[ "$KAFKA_CFG_LISTENERS" =~ $listener ]]; then - return - fi - fi - done - fi - fi - return 1 -} - -######################## -# Returns true if at least one listener is configured using SASL -# Globals: -# KAFKA_CFG_LISTENERS -# KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP -# Arguments: -# None -# Returns: -# true/false -######################### -kafka_has_sasl_listener(){ - if ! is_empty_value "${KAFKA_CFG_LISTENERS:-}"; then - if is_empty_value "${KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP:-}"; then - if [[ "$KAFKA_CFG_LISTENERS" =~ SASL_PLAINTEXT: ]] || [[ "$KAFKA_CFG_LISTENERS" =~ SASL_SSL: ]]; then - return - fi - else - read -r -a protocol_maps <<<"$(tr ',' ' ' <<<"$KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP")" - for protocol_map in "${protocol_maps[@]}"; do - read -r -a map <<<"$(tr ':' ' ' <<<"$protocol_map")" - # Obtain the listener and protocol from protocol map string, e.g. CONTROLLER:PLAINTEXT - listener="${map[0]}" - protocol="${map[1]}" - if [[ "$protocol" = "SASL_PLAINTEXT" || "$protocol" = "SASL_SSL" ]]; then - if [[ "$KAFKA_CFG_LISTENERS" =~ $listener ]]; then - return - fi - fi - done - fi - fi - return 1 -} - -######################## -# Returns true if at least one listener is configured using plaintext -# Globals: -# KAFKA_CFG_LISTENERS -# KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP -# Arguments: -# None -# Returns: -# true/false -######################### -kafka_has_plaintext_listener(){ - if ! is_empty_value "${KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP:-}"; then - read -r -a protocol_maps <<<"$(tr ',' ' ' <<<"$KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP")" - for protocol_map in "${protocol_maps[@]}"; do - read -r -a map <<<"$(tr ':' ' ' <<<"$protocol_map")" - # Obtain the listener and protocol from protocol map string, e.g. CONTROLLER:PLAINTEXT - listener="${map[0]}" - protocol="${map[1]}" - if [[ "$protocol" = "PLAINTEXT" ]]; then - if is_empty_value "${KAFKA_CFG_LISTENERS:-}" || [[ "$KAFKA_CFG_LISTENERS" =~ $listener ]]; then - return - fi - fi - done - else - if is_empty_value "${KAFKA_CFG_LISTENERS:-}" || [[ "$KAFKA_CFG_LISTENERS" =~ PLAINTEXT: ]]; then - return - fi - fi - return 1 -} - -######################## -# Backwards compatibility measure to configure the TLS truststore locations -# Globals: -# KAFKA_CONF_FILE -# Arguments: -# None -# Returns: -# None -######################### -kafka_configure_default_truststore_locations() { - # Backwards compatibility measure to allow custom truststore locations but at the same time not disrupt - # the UX that the previous version of the containers and the helm chart have. - # Context: The chart and containers by default assumed that the truststore location was KAFKA_CERTS_DIR/kafka.truststore.jks or KAFKA_MOUNTED_CONF_DIR/certs/kafka.truststore.jks. - # Because of this, we could not use custom certificates in different locations (use case: A custom base image that already has a truststore). Changing the logic to allow custom - # locations implied major changes in the current user experience (which only required to mount certificates at the assumed location). In order to maintain this compatibility we need - # use this logic that sets the KAFKA_TLS_*_FILE variables to the previously assumed locations in case it is not set - - # Kafka truststore - if kafka_has_ssl_listener && is_empty_value "${KAFKA_TLS_TRUSTSTORE_FILE:-}"; then - local kafka_truststore_filename="kafka.truststore.jks" - [[ "$KAFKA_TLS_TYPE" = "PEM" ]] && kafka_truststore_filename="kafka.truststore.pem" - if [[ -f "${KAFKA_CERTS_DIR}/${kafka_truststore_filename}" ]]; then - # Mounted in /opt/bitnami/kafka/conf/certs - export KAFKA_TLS_TRUSTSTORE_FILE="${KAFKA_CERTS_DIR}/${kafka_truststore_filename}" - else - # Mounted in /bitnami/kafka/conf/certs - export KAFKA_TLS_TRUSTSTORE_FILE="${KAFKA_MOUNTED_CONF_DIR}/certs/${kafka_truststore_filename}" - fi - fi - # Zookeeper truststore - if [[ "${KAFKA_ZOOKEEPER_PROTOCOL:-}" =~ SSL ]] && is_empty_value "${KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE:-}"; then - local zk_truststore_filename="zookeeper.truststore.jks" - [[ "$KAFKA_ZOOKEEPER_TLS_TYPE" = "PEM" ]] && zk_truststore_filename="zookeeper.truststore.pem" - if [[ -f "${KAFKA_CERTS_DIR}/${zk_truststore_filename}" ]]; then - # Mounted in /opt/bitnami/kafka/conf/certs - export KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE="${KAFKA_CERTS_DIR}/${zk_truststore_filename}" - else - # Mounted in /bitnami/kafka/conf/certs - export KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE="${KAFKA_MOUNTED_CONF_DIR}/certs/${zk_truststore_filename}" - fi - fi -} - -######################## -# Set a configuration setting value to server.properties -# Globals: -# KAFKA_CONF_FILE -# Arguments: -# $1 - key -# $2 - values (array) -# Returns: -# None -######################### -kafka_server_conf_set() { - kafka_common_conf_set "$KAFKA_CONF_FILE" "$@" -} - -######################## -# Set a configuration setting value to producer.properties and consumer.properties -# Globals: -# KAFKA_CONF_DIR -# Arguments: -# $1 - key -# $2 - values (array) -# Returns: -# None -######################### -kafka_producer_consumer_conf_set() { - kafka_common_conf_set "$KAFKA_CONF_DIR/producer.properties" "$@" - kafka_common_conf_set "$KAFKA_CONF_DIR/consumer.properties" "$@" -} - -######################## -# Create alias for environment variable, so both can be used -# Globals: -# None -# Arguments: -# $1 - Alias environment variable name -# $2 - Original environment variable name -# Returns: -# None -######################### -kafka_declare_alias_env() { - local -r alias="${1:?missing environment variable alias}" - local -r original="${2:?missing original environment variable}" - if printenv "${original}" >/dev/null; then - export "$alias"="${!original:-}" - fi -} - -######################## -# Map Kafka legacy environment variables to the new names -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_create_alias_environment_variables() { - suffixes=( - "ADVERTISED_LISTENERS" - "BROKER_ID" - "NODE_ID" - "CONTROLLER_QUORUM_VOTERS" - "PROCESS_ROLES" - "DEFAULT_REPLICATION_FACTOR" - "DELETE_TOPIC_ENABLE" - "INTER_BROKER_LISTENER_NAME" - "LISTENERS" - "LISTENER_SECURITY_PROTOCOL_MAP" - "LOG_DIRS" - "LOG_FLUSH_INTERVAL_MESSAGES" - "LOG_FLUSH_INTERVAL_MS" - "LOG_MESSAGE_FORMAT_VERSION" - "LOG_RETENTION_BYTES" - "LOG_RETENTION_CHECK_INTERVALS_MS" - "LOG_RETENTION_HOURS" - "LOG_SEGMENT_BYTES" - "MESSAGE_MAX_BYTES" - "NUM_IO_THREADS" - "NUM_NETWORK_THREADS" - "NUM_PARTITIONS" - "NUM_RECOVERY_THREADS_PER_DATA_DIR" - "OFFSETS_TOPIC_REPLICATION_FACTOR" - "SOCKET_RECEIVE_BUFFER_BYTES" - "SOCKET_REQUEST_MAX_BYTES" - "SOCKET_SEND_BUFFER_BYTES" - "SSL_ENDPOINT_IDENTIFICATION_ALGORITHM" - "TRANSACTION_STATE_LOG_MIN_ISR" - "TRANSACTION_STATE_LOG_REPLICATION_FACTOR" - "ZOOKEEPER_CONNECT" - "ZOOKEEPER_CONNECTION_TIMEOUT_MS" - ) - kafka_declare_alias_env "KAFKA_CFG_LOG_DIRS" "KAFKA_LOGS_DIRS" - kafka_declare_alias_env "KAFKA_CFG_LOG_SEGMENT_BYTES" "KAFKA_SEGMENT_BYTES" - kafka_declare_alias_env "KAFKA_CFG_MESSAGE_MAX_BYTES" "KAFKA_MAX_MESSAGE_BYTES" - kafka_declare_alias_env "KAFKA_CFG_ZOOKEEPER_CONNECTION_TIMEOUT_MS" "KAFKA_ZOOKEEPER_CONNECT_TIMEOUT_MS" - kafka_declare_alias_env "KAFKA_CFG_AUTO_CREATE_TOPICS_ENABLE" "KAFKA_AUTO_CREATE_TOPICS_ENABLE" - kafka_declare_alias_env "KAFKA_CLIENT_USERS" "KAFKA_BROKER_USER" - kafka_declare_alias_env "KAFKA_CLIENT_PASSWORDS" "KAFKA_BROKER_PASSWORD" - kafka_declare_alias_env "KAFKA_CLIENT_LISTENER_NAME" "KAFKA_CLIENT_LISTENER" - for s in "${suffixes[@]}"; do - kafka_declare_alias_env "KAFKA_CFG_${s}" "KAFKA_${s}" - done -} - -######################## -# Validate settings in KAFKA_* env vars -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_validate() { - debug "Validating settings in KAFKA_* env vars..." - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - check_multi_value() { - if [[ " ${2} " != *" ${!1} "* ]]; then - print_validation_error "The allowed values for ${1} are: ${2}" - fi - } - # If process.roles configured, check its values are valid and perform additional checks for each - check_kraft_process_roles() { - read -r -a roles_list <<<"$(tr ',;' ' ' <<<"$KAFKA_CFG_PROCESS_ROLES")" - for role in "${roles_list[@]}"; do - case "$role" in - broker) ;; - controller) - if is_empty_value "${KAFKA_CFG_CONTROLLER_LISTENER_NAMES:-}"; then - print_validation_error "Role 'controller' enabled but environment variable KAFKA_CFG_CONTROLLER_LISTENER_NAMES was not provided." - fi - if is_empty_value "${KAFKA_CFG_LISTENERS:-}" || [[ ! "$KAFKA_CFG_LISTENERS" =~ ${KAFKA_CFG_CONTROLLER_LISTENER_NAMES} ]]; then - print_validation_error "Role 'controller' enabled but listener ${KAFKA_CFG_CONTROLLER_LISTENER_NAMES} not found in KAFKA_CFG_LISTENERS." - fi - ;; - *) - print_validation_error "Invalid KRaft process role '$role'. Supported roles are 'broker,controller'" - ;; - esac - done - } - # Check all listeners are using a unique and valid port - check_listener_ports(){ - check_allowed_port() { - local port="${1:?missing port variable}" - local -a validate_port_args=() - ! am_i_root && validate_port_args+=("-unprivileged") - validate_port_args+=("$port") - if ! err=$(validate_port "${validate_port_args[@]}"); then - print_validation_error "An invalid port ${port} was specified in the environment variable KAFKA_CFG_LISTENERS: ${err}." - fi - } - - read -r -a listeners <<<"$(tr ',' ' ' <<<"${KAFKA_CFG_LISTENERS:-}")" - local -a ports=() - for listener in "${listeners[@]}"; do - read -r -a arr <<<"$(tr ':' ' ' <<<"$listener")" - # Obtain the port from listener string, e.g. PLAINTEXT://:9092 - port="${arr[2]}" - check_allowed_port "$port" - ports+=("$port") - done - # Check each listener is using an unique port - local -a unique_ports=() - read -r -a unique_ports <<< "$(echo "${ports[@]}" | tr ' ' '\n' | sort -u | tr '\n' ' ')" - if [[ "${#ports[@]}" != "${#unique_ports[@]}" ]]; then - print_validation_error "There are listeners bound to the same port" - fi - } - check_listener_protocols(){ - local -r allowed_protocols=("PLAINTEXT" "SASL_PLAINTEXT" "SASL_SSL" "SSL") - read -r -a protocol_maps <<<"$(tr ',' ' ' <<<"$KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP")" - for protocol_map in "${protocol_maps[@]}"; do - read -r -a map <<<"$(tr ':' ' ' <<<"$protocol_map")" - # Obtain the listener and protocol from protocol map string, e.g. CONTROLLER:PLAINTEXT - listener="${map[0]}" - protocol="${map[1]}" - # Check protocol in allowed list - if [[ ! "${allowed_protocols[*]}" =~ $protocol ]]; then - print_validation_error "Authentication protocol ${protocol} is not supported!" - fi - # If inter-broker listener configured with SASL, ensure KAFKA_CFG_SASL_MECHANISM_INTER_BROKER_PROTOCOL is set - if [[ "$listener" = "${KAFKA_CFG_INTER_BROKER_LISTENER_NAME:-INTERNAL}" ]]; then - if [[ "$protocol" = "SASL_PLAINTEXT" ]] || [[ "$protocol" = "SASL_SSL" ]]; then - if is_empty_value "${KAFKA_CFG_SASL_MECHANISM_INTER_BROKER_PROTOCOL:-}"; then - print_validation_error "When using SASL for inter broker comunication the mechanism should be provided using KAFKA_CFG_SASL_MECHANISM_INTER_BROKER_PROTOCOL" - fi - if is_empty_value "${KAFKA_INTER_BROKER_USER:-}" || is_empty_value "${KAFKA_INTER_BROKER_PASSWORD:-}"; then - print_validation_error "In order to configure SASL authentication for Kafka inter-broker communications, you must provide the SASL credentials. Set the environment variables KAFKA_INTER_BROKER_USER and KAFKA_INTER_BROKER_PASSWORD to configure the credentials for SASL authentication with between brokers." - fi - fi - # If controller listener configured with SASL, ensure KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL is set - elif [[ "${KAFKA_CFG_CONTROLLER_LISTENER_NAMES:-CONTROLLER}" =~ $listener ]]; then - if [[ "$protocol" = "SASL_PLAINTEXT" ]] || [[ "$protocol" = "SASL_SSL" ]]; then - if is_empty_value "${KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL:-}"; then - print_validation_error "When using SASL for controller comunication the mechanism should be provided at KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL" - elif [[ "$KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL" =~ SCRAM ]]; then - warn "KRaft controller listener may not support SCRAM-SHA-256/SCRAM-SHA-512 mechanisms. If facing any issues, we recommend switching to PLAIN mechanism. More information at: https://issues.apache.org/jira/browse/KAFKA-15513" - fi - if is_empty_value "${KAFKA_CONTROLLER_USER:-}" || is_empty_value "${KAFKA_CONTROLLER_PASSWORD:-}"; then - print_validation_error "In order to configure SASL authentication for Kafka control plane communications, you must provide the SASL credentials. Set the environment variables KAFKA_CONTROLLER_USER and KAFKA_CONTROLLER_PASSWORD to configure the credentials for SASL authentication with between controllers." - fi - fi - else - if [[ "$protocol" = "SASL_PLAINTEXT" ]] || [[ "$protocol" = "SASL_SSL" ]]; then - if is_empty_value "${KAFKA_CLIENT_USERS:-}" || is_empty_value "${KAFKA_CLIENT_PASSWORDS:-}"; then - print_validation_error "In order to configure SASL authentication for Kafka, you must provide the SASL credentials. Set the environment variables KAFKA_CLIENT_USERS and KAFKA_CLIENT_PASSWORDS to configure the credentials for SASL authentication with clients." - fi - fi - - fi - done - } - - if is_empty_value "${KAFKA_CFG_PROCESS_ROLES:-}" && is_empty_value "${KAFKA_CFG_ZOOKEEPER_CONNECT:-}"; then - print_validation_error "Kafka haven't been configured to work in either Raft or Zookeper mode. Please make sure at least one of the modes is configured." - fi - # Check KRaft mode - if ! is_empty_value "${KAFKA_CFG_PROCESS_ROLES:-}"; then - # Raft - if [[ "$(kafka_get_version)" =~ ^3\.2\. ]]; then - warn "KRaft mode is not production-ready in Kafka 3.2, for production environments, we recommend upgrading " - fi - # Only allow Zookeeper configuration if migration mode is enabled - if ! is_empty_value "${KAFKA_CFG_ZOOKEEPER_CONNECT:-}" && - { is_empty_value "${KAFKA_CFG_ZOOKEEPER_METADATA_MIGRATION_ENABLE:-}" || ! is_boolean_yes "$KAFKA_CFG_ZOOKEEPER_METADATA_MIGRATION_ENABLE"; }; then - print_validation_error "Both KRaft mode and Zookeeper modes are configured, but KAFKA_CFG_ZOOKEEPER_METADATA_MIGRATION_ENABLE is not enabled" - fi - if is_empty_value "${KAFKA_CFG_NODE_ID:-}"; then - print_validation_error "KRaft mode requires an unique node.id, please set the environment variable KAFKA_CFG_NODE_ID" - fi - if is_empty_value "${KAFKA_CFG_CONTROLLER_QUORUM_VOTERS:-}"; then - print_validation_error "KRaft mode requires KAFKA_CFG_CONTROLLER_QUORUM_VOTERS to be set" - fi - check_kraft_process_roles - fi - # Check Zookeeper mode - if ! is_empty_value "${KAFKA_CFG_ZOOKEEPER_CONNECT:-}"; then - # If SSL/SASL_SSL protocol configured, check certificates are provided - if [[ "$KAFKA_ZOOKEEPER_PROTOCOL" =~ SSL ]]; then - if [[ "$KAFKA_ZOOKEEPER_TLS_TYPE" = "JKS" ]]; then - # Fail if truststore is not provided - if [[ ! -f "$KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE" ]]; then - print_validation_error "In order to configure the TLS encryption for Zookeeper with JKS certs you must mount your zookeeper.truststore.jks cert to the ${KAFKA_MOUNTED_CONF_DIR}/certs directory." - fi - # Warn if keystore is not provided, only required if Zookeper mTLS is enabled (ZOO_TLS_CLIENT_AUTH) - if [[ ! -f "${KAFKA_CERTS_DIR}/zookeeper.keystore.jks" ]] && [[ ! -f "${KAFKA_MOUNTED_CONF_DIR}/certs/zookeeper.keystore.jks" ]]; then - warn "In order to configure the mTLS for Zookeeper with JKS certs you must mount your zookeeper.keystore.jks cert to the ${KAFKA_MOUNTED_CONF_DIR}/certs directory." - fi - elif [[ "$KAFKA_ZOOKEEPER_TLS_TYPE" = "PEM" ]]; then - # Fail if CA / validation cert is not provided - if [[ ! -f "$KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE" ]]; then - print_validation_error "In order to configure the TLS encryption for Zookeeper with PEM certs you must mount your zookeeper.truststore.pem cert to the ${KAFKA_MOUNTED_CONF_DIR}/certs directory." - fi - # Warn if node key or cert are not provided, only required if Zookeper mTLS is enabled (ZOO_TLS_CLIENT_AUTH) - if { [[ ! -f "${KAFKA_CERTS_DIR}/zookeeper.keystore.pem" ]] || [[ ! -f "${KAFKA_CERTS_DIR}/zookeeper.keystore.key" ]]; } && - { [[ ! -f "${KAFKA_MOUNTED_CONF_DIR}/certs/zookeeper.keystore.pem" ]] || [[ ! -f "${KAFKA_MOUNTED_CONF_DIR}/certs/zookeeper.keystore.key" ]]; }; then - warn "In order to configure the mTLS for Zookeeper with PEM certs you must mount your zookeeper.keystore.pem cert and zookeeper.keystore.key key to the ${KAFKA_MOUNTED_CONF_DIR}/certs directory." - fi - fi - fi - # If SASL/SASL_SSL protocol configured, check certificates are provided - if [[ "$KAFKA_ZOOKEEPER_PROTOCOL" =~ SASL ]]; then - if is_empty_value "${KAFKA_ZOOKEEPER_USER:-}" || is_empty_value "${KAFKA_ZOOKEEPER_PASSWORD:-}"; then - print_validation_error "In order to configure SASL authentication for Kafka, you must provide the SASL credentials. Set the environment variables KAFKA_ZOOKEEPER_USER and KAFKA_ZOOKEEPER_PASSWORD, to configure the credentials for SASL authentication with Zookeeper." - fi - fi - # If using plaintext protocol, check it is explicitly allowed - if [[ "$KAFKA_ZOOKEEPER_PROTOCOL" = "PLAINTEXT" ]]; then - warn "The KAFKA_ZOOKEEPER_PROTOCOL environment variable does not configure SASL and/or SSL, this setting is not recommended for production environments." - fi - fi - # Check listener ports are unique and allowed - check_listener_ports - # Check listeners are mapped to a valid security protocol - check_listener_protocols - # Warn users if plaintext listeners are configured - if kafka_has_plaintext_listener; then - warn "Kafka has been configured with a PLAINTEXT listener, this setting is not recommended for production environments." - fi - # If SSL/SASL_SSL listeners configured, check certificates are provided - if kafka_has_ssl_listener; then - if [[ "$KAFKA_TLS_TYPE" = "JKS" ]] && - { [[ ! -f "${KAFKA_CERTS_DIR}/kafka.keystore.jks" ]] || [[ ! -f "$KAFKA_TLS_TRUSTSTORE_FILE" ]]; } && - { [[ ! -f "${KAFKA_MOUNTED_CONF_DIR}/certs/kafka.keystore.jks" ]] || [[ ! -f "$KAFKA_TLS_TRUSTSTORE_FILE" ]]; }; then - print_validation_error "In order to configure the TLS encryption for Kafka with JKS certs you must mount your kafka.keystore.jks and kafka.truststore.jks certs to the ${KAFKA_MOUNTED_CONF_DIR}/certs directory." - elif [[ "$KAFKA_TLS_TYPE" = "PEM" ]] && - { [[ ! -f "${KAFKA_CERTS_DIR}/kafka.keystore.pem" ]] || [[ ! -f "${KAFKA_CERTS_DIR}/kafka.keystore.key" ]] || [[ ! -f "$KAFKA_TLS_TRUSTSTORE_FILE" ]]; } && - { [[ ! -f "${KAFKA_MOUNTED_CONF_DIR}/certs/kafka.keystore.pem" ]] || [[ ! -f "${KAFKA_MOUNTED_CONF_DIR}/certs/kafka.keystore.key" ]] || [[ ! -f "$KAFKA_TLS_TRUSTSTORE_FILE" ]]; }; then - print_validation_error "In order to configure the TLS encryption for Kafka with PEM certs you must mount your kafka.keystore.pem, kafka.keystore.key and kafka.truststore.pem certs to the ${KAFKA_MOUNTED_CONF_DIR}/certs directory." - fi - fi - # If SASL/SASL_SSL listeners configured, check passwords are provided - if kafka_has_sasl_listener; then - if is_empty_value "${KAFKA_CFG_SASL_ENABLED_MECHANISMS:-}"; then - print_validation_error "Specified SASL protocol but no SASL mechanisms provided in KAFKA_CFG_SASL_ENABLED_MECHANISMS" - fi - fi - # Check users and passwords lists are the same size - read -r -a users <<<"$(tr ',;' ' ' <<<"${KAFKA_CLIENT_USERS:-}")" - read -r -a passwords <<<"$(tr ',;' ' ' <<<"${KAFKA_CLIENT_PASSWORDS:-}")" - if [[ "${#users[@]}" -ne "${#passwords[@]}" ]]; then - print_validation_error "Specify the same number of passwords on KAFKA_CLIENT_PASSWORDS as the number of users on KAFKA_CLIENT_USERS!" - fi - check_multi_value "KAFKA_TLS_TYPE" "JKS PEM" - check_multi_value "KAFKA_ZOOKEEPER_TLS_TYPE" "JKS PEM" - check_multi_value "KAFKA_ZOOKEEPER_PROTOCOL" "PLAINTEXT SASL SSL SASL_SSL" - check_multi_value "KAFKA_TLS_CLIENT_AUTH" "none requested required" - [[ "$error_code" -eq 0 ]] || return "$error_code" -} - -######################## -# Get kafka version -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# version -######################### -kafka_get_version() { - local -a cmd=("kafka-topics.sh" "--version") - am_i_root && cmd=("run_as_user" "$KAFKA_DAEMON_USER" "${cmd[@]}") - - read -r -a ver_split <<< "$("${cmd[@]}")" - echo "${ver_split[0]}" -} - -######################### -# Configure JAAS for a given listener and SASL mechanisms -# Globals: -# KAFKA_* -# Arguments: -# $1 - Name of the listener JAAS will be configured for -# $2 - Comma-separated list of SASL mechanisms to configure -# $3 - Comma-separated list of usernames -# $4 - Comma-separated list of passwords -# Returns: -# None -######################### -kafka_configure_server_jaas() { - local listener="${1:?missing listener name}" - local role="${2:-}" - - if [[ "$role" = "controller" ]]; then - local jaas_content=() - if [[ "$KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL" = "PLAIN" ]]; then - jaas_content=( - "org.apache.kafka.common.security.plain.PlainLoginModule required" - "username=\"${KAFKA_CONTROLLER_USER}\"" - "password=\"${KAFKA_CONTROLLER_PASSWORD}\"" - "user_${KAFKA_CONTROLLER_USER}=\"${KAFKA_CONTROLLER_PASSWORD}\";" - ) - elif [[ "$KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL" =~ SCRAM ]]; then - jaas_content=( - "org.apache.kafka.common.security.scram.ScramLoginModule required" - "username=\"${KAFKA_CONTROLLER_USER}\"" - "password=\"${KAFKA_CONTROLLER_PASSWORD}\";" - ) - fi - listener_lower="$(echo "$listener" | tr '[:upper:]' '[:lower:]')" - sasl_mechanism_lower="$(echo "$KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL" | tr '[:upper:]' '[:lower:]')" - kafka_server_conf_set "listener.name.${listener_lower}.${sasl_mechanism_lower}.sasl.jaas.config" "${jaas_content[*]}" - else - read -r -a sasl_mechanisms_arr <<<"$(tr ',' ' ' <<<"$KAFKA_CFG_SASL_ENABLED_MECHANISMS")" - read -r -a users <<<"$(tr ',;' ' ' <<<"$KAFKA_CLIENT_USERS")" - read -r -a passwords <<<"$(tr ',;' ' ' <<<"$KAFKA_CLIENT_PASSWORDS")" - # Configure JAAS for each SASL mechanism - # ref: https://docs.confluent.io/platform/current/kafka/authentication_sasl/index.html - for sasl_mechanism in "${sasl_mechanisms_arr[@]}"; do - local jaas_content=() - # For PLAIN mechanism, only the first username will be used - if [[ "$sasl_mechanism" = "PLAIN" ]]; then - jaas_content=("org.apache.kafka.common.security.plain.PlainLoginModule required") - if [[ "$role" = "inter-broker" ]]; then - jaas_content+=( - "username=\"${KAFKA_INTER_BROKER_USER}\"" - "password=\"${KAFKA_INTER_BROKER_PASSWORD}\"" - ) - users+=("$KAFKA_INTER_BROKER_USER") - passwords+=("$KAFKA_INTER_BROKER_PASSWORD") - fi - for ((i = 0; i < ${#users[@]}; i++)); do - jaas_content+=("user_${users[i]}=\"${passwords[i]}\"") - done - # Add semi-colon to the last element of the array - jaas_content[${#jaas_content[@]} - 1]="${jaas_content[${#jaas_content[@]} - 1]};" - elif [[ "$sasl_mechanism" =~ SCRAM ]]; then - if [[ "$role" = "inter-broker" ]]; then - jaas_content=( - "org.apache.kafka.common.security.scram.ScramLoginModule required" - "username=\"${KAFKA_INTER_BROKER_USER}\"" - "password=\"${KAFKA_INTER_BROKER_PASSWORD}\";" - ) - else - jaas_content=("org.apache.kafka.common.security.scram.ScramLoginModule required;") - fi - fi - listener_lower="$(echo "$listener" | tr '[:upper:]' '[:lower:]')" - sasl_mechanism_lower="$(echo "$sasl_mechanism" | tr '[:upper:]' '[:lower:]')" - kafka_server_conf_set "listener.name.${listener_lower}.${sasl_mechanism_lower}.sasl.jaas.config" "${jaas_content[*]}" - done - fi -} - -######################## -# Configure Zookeeper JAAS authentication -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_zookeeper_configure_jaas(){ - local jaas_content=( - "org.apache.kafka.common.security.plain.PlainLoginModule required" - "username=\"${KAFKA_ZOOKEEPER_USER}\"" - "password=\"${KAFKA_ZOOKEEPER_PASSWORD}\";" - ) - - kafka_server_conf_set "sasl.jaas.config" "${jaas_content[*]}" -} - -######################## -# Generate JAAS authentication file for local producer/consumer to use -# Globals: -# KAFKA_* -# Arguments: -# $1 - Authentication protocol to use for the internal listener -# $2 - Authentication protocol to use for the client listener -# Returns: -# None -######################### -kafka_configure_consumer_producer_jaas(){ - local jaas_content=() - read -r -a users <<<"$(tr ',;' ' ' <<<"${KAFKA_CLIENT_USERS}")" - read -r -a passwords <<<"$(tr ',;' ' ' <<<"${KAFKA_CLIENT_PASSWORDS}")" - - if [[ "${KAFKA_CFG_SASL_ENABLED_MECHANISMS}" =~ SCRAM ]]; then - jaas_content=("org.apache.kafka.common.security.scram.ScramLoginModule required") - elif [[ "${KAFKA_CFG_SASL_ENABLED_MECHANISMS}" =~ PLAIN ]]; then - jaas_content=("org.apache.kafka.common.security.plain.PlainLoginModule required") - else - error "Couldn't configure a supported SASL mechanism for Kafka consumer/producer properties" - exit 1 - fi - - jaas_content+=( - "username=\"${users[0]}\"" - "password=\"${passwords[0]}\";" - ) - - kafka_producer_consumer_conf_set "sasl.jaas.config" "${jaas_content[*]}" -} - -######################## -# Create users in zookeper when using SASL/SCRAM mechanism -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_zookeeper_create_sasl_scram_users() { - info "Creating users in Zookeeper" - read -r -a users <<<"$(tr ',;' ' ' <<<"${KAFKA_CLIENT_USERS}")" - read -r -a passwords <<<"$(tr ',;' ' ' <<<"${KAFKA_CLIENT_PASSWORDS}")" - local zookeeper_connect - zookeeper_connect=$(grep "^zookeeper.connect=" "$KAFKA_CONF_FILE" | sed -E 's/^zookeeper\.connect=(\S+)$/\1/') - read -r -a zookeeper_hosts <<<"$(tr ',;' ' ' <<<"${zookeeper_connect}")" - - if [[ "${#zookeeper_hosts[@]}" -eq 0 ]]; then - error "Couldn't obtain zookeeper.connect from $KAFKA_CONF_FILE" - exit 1 - fi - # Wait for Zookeeper to be reachable - read -r -a aux <<<"$(tr ':' ' ' <<<"${zookeeper_hosts[0]}")" - local host="${aux[0]:?missing host}" - local port="${aux[1]:-2181}" - wait-for-port --host "$host" "$port" - - # Add interbroker credentials - if grep -Eq "^sasl.mechanism.inter.broker.protocol=SCRAM" "$KAFKA_CONF_FILE"; then - users+=("${KAFKA_INTER_BROKER_USER}") - passwords+=("${KAFKA_INTER_BROKER_PASSWORD}") - fi - for ((i = 0; i < ${#users[@]}; i++)); do - debug "Creating user ${users[i]} in zookeeper" - # Ref: https://docs.confluent.io/current/kafka/authentication_sasl/authentication_sasl_scram.html#sasl-scram-overview - debug_execute kafka-configs.sh --zookeeper "$zookeeper_connect" --alter --add-config "SCRAM-SHA-256=[iterations=8192,password=${passwords[i]}],SCRAM-SHA-512=[password=${passwords[i]}]" --entity-type users --entity-name "${users[i]}" - done -} - -######################## -# Configure Kafka SSL settings -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_configure_ssl() { - # Configures both Kafka server and producers/consumers - configure_both() { - kafka_server_conf_set "${1:?missing key}" "${2:?missing value}" - kafka_producer_consumer_conf_set "${1:?missing key}" "${2:?missing value}" - } - kafka_server_conf_set "ssl.client.auth" "${KAFKA_TLS_CLIENT_AUTH}" - configure_both ssl.keystore.type "${KAFKA_TLS_TYPE}" - configure_both ssl.truststore.type "${KAFKA_TLS_TYPE}" - local -r kafka_truststore_location="${KAFKA_CERTS_DIR}/$(basename "${KAFKA_TLS_TRUSTSTORE_FILE}")" - ! is_empty_value "${KAFKA_CERTIFICATE_PASSWORD:-}" && configure_both ssl.key.password "$KAFKA_CERTIFICATE_PASSWORD" - if [[ "$KAFKA_TLS_TYPE" = "PEM" ]]; then - file_to_multiline_property() { - awk 'NR > 1{print line"\\n\\"}{line=$0;}END{print $0" "}' <"${1:?missing file}" - } - remove_previous_cert_value() { - local key="${1:?missing key}" - files=( - "${KAFKA_CONF_FILE}" - "${KAFKA_CONF_DIR}/producer.properties" - "${KAFKA_CONF_DIR}/consumer.properties" - ) - for file in "${files[@]}"; do - if grep -q "^[#\\s]*$key\s*=.*" "$file"; then - # Delete all lines from the certificate beginning to its end - sed -i "/^[#\\s]*$key\s*=.*-----BEGIN/,/-----END/d" "$file" - fi - done - } - # We need to remove the previous cert value - # kafka_common_conf_set uses replace_in_file, which can't match multiple lines - remove_previous_cert_value ssl.keystore.key - remove_previous_cert_value ssl.keystore.certificate.chain - remove_previous_cert_value ssl.truststore.certificates - configure_both ssl.keystore.key "$(file_to_multiline_property "${KAFKA_CERTS_DIR}/kafka.keystore.key")" - configure_both ssl.keystore.certificate.chain "$(file_to_multiline_property "${KAFKA_CERTS_DIR}/kafka.keystore.pem")" - configure_both ssl.truststore.certificates "$(file_to_multiline_property "${kafka_truststore_location}")" - elif [[ "$KAFKA_TLS_TYPE" = "JKS" ]]; then - configure_both ssl.keystore.location "$KAFKA_CERTS_DIR"/kafka.keystore.jks - configure_both ssl.truststore.location "$kafka_truststore_location" - ! is_empty_value "${KAFKA_CERTIFICATE_PASSWORD:-}" && configure_both ssl.keystore.password "$KAFKA_CERTIFICATE_PASSWORD" - ! is_empty_value "${KAFKA_CERTIFICATE_PASSWORD:-}" && configure_both ssl.truststore.password "$KAFKA_CERTIFICATE_PASSWORD" - fi - true # Avoid the function to fail due to the check above -} - -######################## -# Get Zookeeper TLS settings -# Globals: -# KAFKA_ZOOKEEPER_TLS_* -# Arguments: -# None -# Returns: -# String -######################### -kafka_zookeeper_configure_tls() { - # Note that ZooKeeper does not support a key password different from the keystore password, - # so be sure to set the key password in the keystore to be identical to the keystore password; - # otherwise the connection attempt to Zookeeper will fail. - local keystore_location="" - local -r kafka_zk_truststore_location="${KAFKA_CERTS_DIR}/$(basename "${KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE}")" - - if [[ "$KAFKA_ZOOKEEPER_TLS_TYPE" = "JKS" ]] && [[ -f "${KAFKA_CERTS_DIR}/zookeeper.keystore.jks" ]]; then - keystore_location="${KAFKA_CERTS_DIR}/zookeeper.keystore.jks" - elif [[ "$KAFKA_ZOOKEEPER_TLS_TYPE" = "PEM" ]] && [[ -f "${KAFKA_CERTS_DIR}/zookeeper.keystore.pem" ]] && [[ -f "${KAFKA_CERTS_DIR}/zookeeper.keystore.key" ]]; then - # Concatenating private key into public certificate file - # This is needed to load keystore from location using PEM - keystore_location="${KAFKA_CERTS_DIR}/zookeeper.keypair.pem" - cat "${KAFKA_CERTS_DIR}/zookeeper.keystore.pem" "${KAFKA_CERTS_DIR}/zookeeper.keystore.key" > "$keystore_location" - fi - - kafka_server_conf_set "zookeeper.clientCnxnSocket" "org.apache.zookeeper.ClientCnxnSocketNetty" - kafka_server_conf_set "zookeeper.ssl.client.enable" "true" - is_boolean_yes "${KAFKA_ZOOKEEPER_TLS_VERIFY_HOSTNAME:-}" && kafka_server_conf_set "zookeeper.ssl.endpoint.identification.algorithm" "HTTPS" - ! is_empty_value "${keystore_location:-}" && kafka_server_conf_set "zookeeper.ssl.keystore.location" "${keystore_location}" - ! is_empty_value "${KAFKA_ZOOKEEPER_TLS_KEYSTORE_PASSWORD:-}" && kafka_server_conf_set "zookeeper.ssl.keystore.password" "${KAFKA_ZOOKEEPER_TLS_KEYSTORE_PASSWORD}" - ! is_empty_value "${kafka_zk_truststore_location:-}" && kafka_server_conf_set "zookeeper.ssl.truststore.location" "${kafka_zk_truststore_location}" - ! is_empty_value "${KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_PASSWORD:-}" && kafka_server_conf_set "zookeeper.ssl.truststore.password" "${KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_PASSWORD}" - true # Avoid the function to fail due to the check above -} - -######################## -# Configure Kafka configuration files from environment variables -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_configure_from_environment_variables() { - # List of special cases to apply to the variables - local -r exception_regexps=( - "s/sasl\.ssl/sasl_ssl/g" - "s/sasl\.plaintext/sasl_plaintext/g" - ) - # Map environment variables to config properties - for var in "${!KAFKA_CFG_@}"; do - key="$(echo "$var" | sed -e 's/^KAFKA_CFG_//g' -e 's/_/\./g' | tr '[:upper:]' '[:lower:]')" - - # Exception for the camel case in this environment variable - [[ "$var" == "KAFKA_CFG_ZOOKEEPER_CLIENTCNXNSOCKET" ]] && key="zookeeper.clientCnxnSocket" - - # Apply exception regexps - for regex in "${exception_regexps[@]}"; do - key="$(echo "$key" | sed "$regex")" - done - - value="${!var}" - # Skip empty variables from kafka-env.sh - ! is_empty_value "$value" && kafka_server_conf_set "$key" "$value" - done -} - -######################## -# Initialize KRaft storage -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_kraft_storage_initialize() { - local args=("--config" "$KAFKA_CONF_FILE" "--ignore-formatted") - info "Initializing KRaft storage metadata" - - # If cluster.id found in meta.properties, use it - if [[ -f "${KAFKA_DATA_DIR}/meta.properties" ]]; then - KAFKA_KRAFT_CLUSTER_ID=$(grep "^cluster.id=" "${KAFKA_DATA_DIR}/meta.properties" | sed -E 's/^cluster\.id=(\S+)$/\1/') - fi - - if is_empty_value "${KAFKA_KRAFT_CLUSTER_ID:-}"; then - warn "KAFKA_KRAFT_CLUSTER_ID not set - If using multiple nodes then you must use the same Cluster ID for each one" - KAFKA_KRAFT_CLUSTER_ID="$("${KAFKA_HOME}/bin/kafka-storage.sh" random-uuid)" - info "Generated Kafka cluster ID '${KAFKA_KRAFT_CLUSTER_ID}'" - fi - args+=("--cluster-id" "$KAFKA_KRAFT_CLUSTER_ID") - - # SCRAM users are configured during the cluster bootstrapping process and can later be manually updated using kafka-config.sh - if is_boolean_yes "${KAFKA_KRAFT_BOOTSTRAP_SCRAM_USERS:-}"; then - info "Adding KRaft SCRAM users at storage bootstrap" - read -r -a users <<<"$(tr ',;' ' ' <<<"${KAFKA_CLIENT_USERS}")" - read -r -a passwords <<<"$(tr ',;' ' ' <<<"${KAFKA_CLIENT_PASSWORDS}")" - # Configure SCRAM-SHA-256 if enabled - if grep -Eq "^sasl.enabled.mechanisms=.*SCRAM-SHA-256" "$KAFKA_CONF_FILE"; then - for ((i = 0; i < ${#users[@]}; i++)); do - args+=("--add-scram" "SCRAM-SHA-256=[name=${users[i]},password=${passwords[i]}]") - done - fi - # Configure SCRAM-SHA-512 if enabled - if grep -Eq "^sasl.enabled.mechanisms=.*SCRAM-SHA-512" "$KAFKA_CONF_FILE"; then - for ((i = 0; i < ${#users[@]}; i++)); do - args+=("--add-scram" "SCRAM-SHA-512=[name=${users[i]},password=${passwords[i]}]") - done - fi - # Add interbroker credentials - if grep -Eq "^sasl.mechanism.inter.broker.protocol=SCRAM-SHA-256" "$KAFKA_CONF_FILE"; then - args+=("--add-scram" "SCRAM-SHA-256=[name=${KAFKA_INTER_BROKER_USER},password=${KAFKA_INTER_BROKER_PASSWORD}]") - elif grep -Eq "^sasl.mechanism.inter.broker.protocol=SCRAM-SHA-512" "$KAFKA_CONF_FILE"; then - args+=("--add-scram" "SCRAM-SHA-512=[name=${KAFKA_INTER_BROKER_USER},password=${KAFKA_INTER_BROKER_PASSWORD}]") - fi - # Add controller credentials - if grep -Eq "^sasl.mechanism.controller.protocol=SCRAM-SHA-256" "$KAFKA_CONF_FILE"; then - args+=("--add-scram" "SCRAM-SHA-256=[name=${KAFKA_CONTROLLER_USER},password=${KAFKA_CONTROLLER_PASSWORD}]") - elif grep -Eq "^sasl.mechanism.controller.protocol=SCRAM-SHA-512" "$KAFKA_CONF_FILE"; then - args+=("--add-scram" "SCRAM-SHA-512=[name=${KAFKA_CONTROLLER_USER},password=${KAFKA_CONTROLLER_PASSWORD}]") - fi - fi - info "Formatting storage directories to add metadata..." - "${KAFKA_HOME}/bin/kafka-storage.sh" format "${args[@]}" -} - -######################## -# Detects inconsitences between the configuration at KAFKA_CONF_FILE and cluster-state file -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_kraft_quorum_voters_changed(){ - read -r -a quorum_voters_conf_ids <<<"$(grep "^controller.quorum.voters=" "$KAFKA_CONF_FILE" | sed "s/^controller.quorum.voters=//" | tr "," " " | sed -E "s/\@\S+//g")" - read -r -a quorum_voters_state_ids <<< "$(grep -Eo "\{\"voterId\":[0-9]+\}" "${KAFKA_DATA_DIR}/__cluster_metadata-0/quorum-state" | grep -Eo "[0-9]+" | tr "\n" " ")" - - if [[ "${#quorum_voters_conf_ids[@]}" != "${#quorum_voters_state_ids[@]}" ]]; then - true - else - read -r -a sorted_state <<< "$(echo "${quorum_voters_conf_ids[@]}" | tr ' ' '\n' | sort | tr '\n' ' ')" - read -r -a sorted_conf <<< "$(echo "${quorum_voters_state_ids[@]}" | tr ' ' '\n' | sort | tr '\n' ' ')" - if [[ "${sorted_state[*]}" = "${sorted_conf[*]}" ]]; then - false - else - true - fi - fi -} - -######################## -# Initialize Kafka -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_initialize() { - info "Initializing Kafka..." - # Check for mounted configuration files - if ! is_dir_empty "$KAFKA_MOUNTED_CONF_DIR"; then - cp -Lr "$KAFKA_MOUNTED_CONF_DIR"/* "$KAFKA_CONF_DIR" - fi - # Copy truststore to cert directory - for cert_var in KAFKA_TLS_TRUSTSTORE_FILE KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE; do - # Only copy if the file exists and it is in a different location than KAFKA_CERTS_DIR (to avoid copying to the same location) - if [[ -f "${!cert_var}" ]] && ! [[ "${!cert_var}" =~ $KAFKA_CERTS_DIR ]]; then - info "Copying truststore ${!cert_var} to ${KAFKA_CERTS_DIR}" - cp -L "${!cert_var}" "$KAFKA_CERTS_DIR" - fi - done - - if [[ ! -f "${KAFKA_MOUNTED_CONF_DIR}/server.properties" ]]; then - info "No injected configuration files found, creating default config files" - # Restore original server.properties but remove Zookeeper/KRaft specific settings for compatibility with both architectures - cp "${KAFKA_CONF_DIR}/server.properties.original" "$KAFKA_CONF_FILE" - kafka_server_unify_conf - # Configure Kafka settings - kafka_server_conf_set log.dirs "$KAFKA_DATA_DIR" - kafka_configure_from_environment_variables - # Configure Kafka producer/consumer to set up message sizes - ! is_empty_value "${KAFKA_CFG_MAX_REQUEST_SIZE:-}" && kafka_common_conf_set "$KAFKA_CONF_DIR/producer.properties" max.request.size "$KAFKA_CFG_MAX_REQUEST_SIZE" - ! is_empty_value "${KAFKA_CFG_MAX_PARTITION_FETCH_BYTES:-}" && kafka_common_conf_set "$KAFKA_CONF_DIR/consumer.properties" max.partition.fetch.bytes "$KAFKA_CFG_MAX_PARTITION_FETCH_BYTES" - # Zookeeper mode additional settings - if ! is_empty_value "${KAFKA_CFG_ZOOKEEPER_CONNECT:-}"; then - if [[ "$KAFKA_ZOOKEEPER_PROTOCOL" =~ SSL ]]; then - kafka_zookeeper_configure_tls - fi - if [[ "$KAFKA_ZOOKEEPER_PROTOCOL" =~ SASL ]]; then - kafka_zookeeper_configure_jaas - fi - fi - # If at least one listener uses SSL or SASL_SSL, ensure SSL is configured - if kafka_has_ssl_listener; then - kafka_configure_ssl - fi - # If at least one listener uses SASL_PLAINTEXT or SASL_SSL, ensure SASL is configured - if kafka_has_sasl_listener; then - if [[ "$KAFKA_CFG_SASL_ENABLED_MECHANISMS" =~ SCRAM ]]; then - if ! is_empty_value "${KAFKA_CFG_PROCESS_ROLES:-}"; then - if [[ "$(kafka_get_version)" =~ ^3\.2\.|^3\.3\.|^3\.4\. ]]; then - # NOTE: This will depend on Kafka version when support for SCRAM is added - warn "KRaft mode requires Kafka version 3.5 or higher for SCRAM to be supported. SCRAM SASL mechanisms will now be disabled." - KAFKA_CFG_SASL_ENABLED_MECHANISMS=PLAIN - else - export KAFKA_KRAFT_BOOTSTRAP_SCRAM_USERS="true" - fi - fi - if ! is_empty_value "${KAFKA_CFG_ZOOKEEPER_CONNECT:-}"; then - export KAFKA_ZOOKEEPER_BOOTSTRAP_SCRAM_USERS="true" - fi - fi - kafka_server_conf_set sasl.enabled.mechanisms "$KAFKA_CFG_SASL_ENABLED_MECHANISMS" - fi - # Settings for each Kafka Listener are configured individually - read -r -a protocol_maps <<<"$(tr ',' ' ' <<<"$KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP")" - for protocol_map in "${protocol_maps[@]}"; do - read -r -a map <<<"$(tr ':' ' ' <<<"$protocol_map")" - # Obtain the listener and protocol from protocol map string, e.g. CONTROLLER:PLAINTEXT - listener="${map[0]}" - protocol="${map[1]}" - listener_lower="$(echo "$listener" | tr '[:upper:]' '[:lower:]')" - - if [[ "$protocol" = "SSL" || "$protocol" = "SASL_SSL" ]]; then - listener_upper="$(echo "$listener" | tr '[:lower:]' '[:upper:]')" - env_name="KAFKA_TLS_${listener_upper}_CLIENT_AUTH" - [[ -n "${!env_name:-}" ]] && kafka_server_conf_set "listener.name.${listener_lower}.ssl.client.auth" "${!env_name}" - fi - if [[ "$protocol" = "SASL_PLAINTEXT" || "$protocol" = "SASL_SSL" ]]; then - local role="" - if [[ "$listener" = "${KAFKA_CFG_INTER_BROKER_LISTENER_NAME:-INTERNAL}" ]]; then - kafka_server_conf_set sasl.mechanism.inter.broker.protocol "$KAFKA_CFG_SASL_MECHANISM_INTER_BROKER_PROTOCOL" - role="inter-broker" - elif [[ "${KAFKA_CFG_CONTROLLER_LISTENER_NAMES:-CONTROLLER}" =~ $listener ]]; then - kafka_server_conf_set sasl.mechanism.controller.protocol "$KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL" - kafka_server_conf_set "listener.name.${listener_lower}.sasl.enabled.mechanisms" "$KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL" - role="controller" - fi - # If KAFKA_CLIENT_LISTENER_NAME is found in the listeners list, configure the producer/consumer accordingly - if [[ "$listener" = "${KAFKA_CLIENT_LISTENER_NAME:-CLIENT}" ]]; then - kafka_configure_consumer_producer_jaas - kafka_producer_consumer_conf_set security.protocol "$protocol" - kafka_producer_consumer_conf_set sasl.mechanism "${KAFKA_CLIENT_SASL_MECHANISM:-$(kafka_client_sasl_mechanism)}" - fi - kafka_configure_server_jaas "$listener_lower" "${role:-}" - fi - done - else - info "Detected mounted server.properties file at ${KAFKA_MOUNTED_CONF_DIR}/server.properties. Skipping configuration based on env variables" - fi - true -} - -######################## -# Returns the most secure SASL mechanism available for Kafka clients -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################## -kafka_client_sasl_mechanism() { - local sasl_mechanism="" - - if [[ "$KAFKA_CFG_SASL_ENABLED_MECHANISMS" =~ SCRAM-SHA-512 ]]; then - sasl_mechanism="SCRAM-SHA-512" - elif [[ "$KAFKA_CFG_SASL_ENABLED_MECHANISMS" =~ SCRAM-SHA-256 ]]; then - sasl_mechanism="SCRAM-SHA-256" - elif [[ "$KAFKA_CFG_SASL_ENABLED_MECHANISMS" =~ PLAIN ]]; then - sasl_mechanism="PLAIN" - fi - echo "$sasl_mechanism" -} - -######################## -# Removes default settings referencing Zookeeper mode or KRaft mode -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################## -kafka_server_unify_conf() { - local -r remove_regexps=( - #Zookeeper - "s/^zookeeper\./#zookeeper./g" - "s/^group\.initial/#group.initial/g" - "s/^broker\./#broker./g" - "s/^node\./#node./g" - "s/^process\./#process./g" - "s/^listeners=/#listeners=/g" - "s/^listener\./#listener./g" - "s/^controller\./#controller./g" - "s/^inter\.broker/#inter.broker/g" - "s/^advertised\.listeners/#advertised.listeners/g" - ) - - # Map environment variables to config properties - for regex in "${remove_regexps[@]}"; do - sed -i "${regex}" "$KAFKA_CONF_FILE" - done -} - -######################## -# Dinamically set node.id/broker.id/controller.quorum.voters if their alternative environment variable _COMMAND is set -# Globals: -# KAFKA_*_COMMAND -# Arguments: -# None -# Returns: -# None -######################### -kafka_dynamic_environment_variables() { - # KRaft mode - if ! is_empty_value "${KAFKA_NODE_ID_COMMAND:-}"; then - KAFKA_CFG_NODE_ID="$(eval "${KAFKA_NODE_ID_COMMAND}")" - export KAFKA_CFG_NODE_ID - fi - if ! is_empty_value "${KAFKA_CONTROLLER_QUORUM_VOTERS_COMMAND:-}"; then - KAFKA_CFG_CONTROLLER_QUORUM_VOTERS="$(eval "${KAFKA_CONTROLLER_QUORUM_VOTERS_COMMAND}")" - export KAFKA_CFG_CONTROLLER_QUORUM_VOTERS - fi - # Zookeeper mode - # DEPRECATED - BROKER_ID_COMMAND has been deprecated, please use KAFKA_BROKER_ID_COMMAND instead - if ! is_empty_value "${KAFKA_BROKER_ID_COMMAND:-}"; then - KAFKA_CFG_BROKER_ID="$(eval "${KAFKA_BROKER_ID_COMMAND}")" - export KAFKA_CFG_BROKER_ID - elif ! is_empty_value "${BROKER_ID_COMMAND:-}"; then - KAFKA_CFG_BROKER_ID="$(eval "${BROKER_ID_COMMAND}")" - export KAFKA_CFG_BROKER_ID - fi -} - -######################## -# Run custom initialization scripts -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_custom_init_scripts() { - if [[ -n $(find "${KAFKA_INITSCRIPTS_DIR}/" -type f -regex ".*\.\(sh\)") ]] && [[ ! -f "${KAFKA_VOLUME_DIR}/.user_scripts_initialized" ]]; then - info "Loading user's custom files from $KAFKA_INITSCRIPTS_DIR" - for f in /docker-entrypoint-initdb.d/*; do - debug "Executing $f" - case "$f" in - *.sh) - if [[ -x "$f" ]]; then - if ! "$f"; then - error "Failed executing $f" - return 1 - fi - else - warn "Sourcing $f as it is not executable by the current user, any error may cause initialization to fail" - . "$f" - fi - ;; - *) - warn "Skipping $f, supported formats are: .sh" - ;; - esac - done - touch "$KAFKA_VOLUME_DIR"/.user_scripts_initialized - fi -} - -######################## -# Check if Kafka is running -# Globals: -# KAFKA_PID_FILE -# Arguments: -# None -# Returns: -# Whether Kafka is running -######################## -is_kafka_running() { - local pid - pid="$(get_pid_from_file "$KAFKA_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if Kafka is running -# Globals: -# KAFKA_PID_FILE -# Arguments: -# None -# Returns: -# Whether Kafka is not running -######################## -is_kafka_not_running() { - ! is_kafka_running -} - -######################## -# Stop Kafka -# Globals: -# KAFKA_PID_FILE -# Arguments: -# None -# Returns: -# None -######################### -kafka_stop() { - ! is_kafka_running && return - stop_service_using_pid "$KAFKA_PID_FILE" TERM -} diff --git a/bitnami/kafka/3.5/debian-11/tags-info.yaml b/bitnami/kafka/3.5/debian-11/tags-info.yaml deleted file mode 100644 index c30f182e75d7..000000000000 --- a/bitnami/kafka/3.5/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "3.5" -- 3.5-debian-11 -- 3.5.2 diff --git a/bitnami/kafka/3.6/debian-11/Dockerfile b/bitnami/kafka/3.6/debian-11/Dockerfile deleted file mode 100644 index f15922c72cb0..000000000000 --- a/bitnami/kafka/3.6/debian-11/Dockerfile +++ /dev/null @@ -1,63 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG JAVA_EXTRA_SECURITY_DIR="/bitnami/java/extra-security" -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T06:34:23Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="3.6.1-debian-11-r25" \ - org.opencontainers.image.title="kafka" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="3.6.1" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "wait-for-port-1.0.7-9-linux-${OS_ARCH}-debian-11" \ - "render-template-1.0.6-9-linux-${OS_ARCH}-debian-11" \ - "java-17.0.10-13-2-linux-${OS_ARCH}-debian-11" \ - "kafka-3.6.1-3-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN ln -s /opt/bitnami/scripts/kafka/entrypoint.sh /entrypoint.sh -RUN ln -s /opt/bitnami/scripts/kafka/run.sh /run.sh - -COPY rootfs / -RUN /opt/bitnami/scripts/java/postunpack.sh -RUN /opt/bitnami/scripts/kafka/postunpack.sh -ENV APP_VERSION="3.6.1" \ - BITNAMI_APP_NAME="kafka" \ - JAVA_HOME="/opt/bitnami/java" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/java/bin:/opt/bitnami/kafka/bin:$PATH" - -EXPOSE 9092 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/kafka/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/kafka/run.sh" ] diff --git a/bitnami/kafka/3.6/debian-11/docker-compose.yml b/bitnami/kafka/3.6/debian-11/docker-compose.yml deleted file mode 100644 index 88466f32b842..000000000000 --- a/bitnami/kafka/3.6/debian-11/docker-compose.yml +++ /dev/null @@ -1,26 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: "2" - -services: - kafka: - image: docker.io/bitnami/kafka:3.6 - ports: - - "9092:9092" - volumes: - - "kafka_data:/bitnami" - environment: - # KRaft settings - - KAFKA_CFG_NODE_ID=0 - - KAFKA_CFG_PROCESS_ROLES=controller,broker - - KAFKA_CFG_CONTROLLER_QUORUM_VOTERS=0@kafka:9093 - # Listeners - - KAFKA_CFG_LISTENERS=PLAINTEXT://:9092,CONTROLLER://:9093 - - KAFKA_CFG_ADVERTISED_LISTENERS=PLAINTEXT://:9092 - - KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP=CONTROLLER:PLAINTEXT,PLAINTEXT:PLAINTEXT - - KAFKA_CFG_CONTROLLER_LISTENER_NAMES=CONTROLLER - - KAFKA_CFG_INTER_BROKER_LISTENER_NAME=PLAINTEXT -volumes: - kafka_data: - driver: local diff --git a/bitnami/kafka/3.6/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/kafka/3.6/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index f9663d45a74f..000000000000 --- a/bitnami/kafka/3.6/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,26 +0,0 @@ -{ - "java": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "17.0.10-13-2" - }, - "kafka": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.6.1-3" - }, - "render-template": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.6-9" - }, - "wait-for-port": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.7-9" - } -} \ No newline at end of file diff --git a/bitnami/kafka/3.6/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/kafka/3.6/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/kafka/3.6/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/kafka/3.6/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/kafka/3.6/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/kafka/3.6/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/kafka/3.6/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/kafka/3.6/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/kafka/3.6/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/kafka/3.6/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/kafka/3.6/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/kafka/3.6/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/kafka/3.6/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/kafka/3.6/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/kafka/3.6/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/kafka/3.6/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/kafka/3.6/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/kafka/3.6/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/kafka/3.6/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/kafka/3.6/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/kafka/3.6/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/kafka/3.6/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/kafka/3.6/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/kafka/3.6/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/kafka/3.6/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/kafka/3.6/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/kafka/3.6/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/kafka/3.6/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/kafka/3.6/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/kafka/3.6/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/kafka/3.6/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/kafka/3.6/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/kafka/3.6/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/kafka/3.6/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/kafka/3.6/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/kafka/3.6/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/kafka/3.6/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/kafka/3.6/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/kafka/3.6/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/kafka/3.6/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/kafka/3.6/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/kafka/3.6/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/kafka/3.6/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh b/bitnami/kafka/3.6/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh deleted file mode 100755 index c3a1e2383fa1..000000000000 --- a/bitnami/kafka/3.6/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -print_welcome_page - -echo "" -exec "$@" diff --git a/bitnami/kafka/3.6/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh b/bitnami/kafka/3.6/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh deleted file mode 100755 index 52dbf4f13673..000000000000 --- a/bitnami/kafka/3.6/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh - -# -# Java post-unpack operations -# - -# Override default files in the Java security directory. This is used for -# custom base images (with custom CA certificates or block lists is used) - -if [[ -n "${JAVA_EXTRA_SECURITY_DIR:-}" ]] && ! is_dir_empty "$JAVA_EXTRA_SECURITY_DIR"; then - info "Adding custom CAs to the Java security folder" - cp -Lr "${JAVA_EXTRA_SECURITY_DIR}/." /opt/bitnami/java/lib/security -fi diff --git a/bitnami/kafka/3.6/debian-11/rootfs/opt/bitnami/scripts/kafka-env.sh b/bitnami/kafka/3.6/debian-11/rootfs/opt/bitnami/scripts/kafka-env.sh deleted file mode 100644 index 9f33fc07871a..000000000000 --- a/bitnami/kafka/3.6/debian-11/rootfs/opt/bitnami/scripts/kafka-env.sh +++ /dev/null @@ -1,117 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for kafka - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-kafka}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -kafka_env_vars=( - KAFKA_MOUNTED_CONF_DIR - KAFKA_INTER_BROKER_USER - KAFKA_INTER_BROKER_PASSWORD - KAFKA_CONTROLLER_USER - KAFKA_CONTROLLER_PASSWORD - KAFKA_CERTIFICATE_PASSWORD - KAFKA_TLS_TRUSTSTORE_FILE - KAFKA_TLS_TYPE - KAFKA_TLS_CLIENT_AUTH - KAFKA_OPTS - KAFKA_CFG_SASL_ENABLED_MECHANISMS - KAFKA_KRAFT_CLUSTER_ID - KAFKA_SKIP_KRAFT_STORAGE_INIT - KAFKA_CLIENT_LISTENER_NAME - KAFKA_ZOOKEEPER_PROTOCOL - KAFKA_ZOOKEEPER_PASSWORD - KAFKA_ZOOKEEPER_USER - KAFKA_ZOOKEEPER_TLS_KEYSTORE_PASSWORD - KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_PASSWORD - KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE - KAFKA_ZOOKEEPER_TLS_VERIFY_HOSTNAME - KAFKA_ZOOKEEPER_TLS_TYPE - KAFKA_CLIENT_USERS - KAFKA_CLIENT_PASSWORDS - KAFKA_HEAP_OPTS -) -for env_var in "${kafka_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset kafka_env_vars - -# Paths -export KAFKA_BASE_DIR="${BITNAMI_ROOT_DIR}/kafka" -export KAFKA_VOLUME_DIR="/bitnami/kafka" -export KAFKA_DATA_DIR="${KAFKA_VOLUME_DIR}/data" -export KAFKA_CONF_DIR="${KAFKA_BASE_DIR}/config" -export KAFKA_CONF_FILE="${KAFKA_CONF_DIR}/server.properties" -export KAFKA_MOUNTED_CONF_DIR="${KAFKA_MOUNTED_CONF_DIR:-${KAFKA_VOLUME_DIR}/config}" -export KAFKA_CERTS_DIR="${KAFKA_CONF_DIR}/certs" -export KAFKA_INITSCRIPTS_DIR="/docker-entrypoint-initdb.d" -export KAFKA_LOG_DIR="${KAFKA_BASE_DIR}/logs" -export KAFKA_HOME="$KAFKA_BASE_DIR" -export PATH="${KAFKA_BASE_DIR}/bin:${BITNAMI_ROOT_DIR}/java/bin:${PATH}" - -# System users (when running with a privileged user) -export KAFKA_DAEMON_USER="kafka" -export KAFKA_DAEMON_GROUP="kafka" - -# Kafka runtime settings -export KAFKA_INTER_BROKER_USER="${KAFKA_INTER_BROKER_USER:-user}" -export KAFKA_INTER_BROKER_PASSWORD="${KAFKA_INTER_BROKER_PASSWORD:-bitnami}" -export KAFKA_CONTROLLER_USER="${KAFKA_CONTROLLER_USER:-controller_user}" -export KAFKA_CONTROLLER_PASSWORD="${KAFKA_CONTROLLER_PASSWORD:-bitnami}" -export KAFKA_CERTIFICATE_PASSWORD="${KAFKA_CERTIFICATE_PASSWORD:-}" -export KAFKA_TLS_TRUSTSTORE_FILE="${KAFKA_TLS_TRUSTSTORE_FILE:-}" -export KAFKA_TLS_TYPE="${KAFKA_TLS_TYPE:-JKS}" -export KAFKA_TLS_CLIENT_AUTH="${KAFKA_TLS_CLIENT_AUTH:-required}" -export KAFKA_OPTS="${KAFKA_OPTS:-}" - -# Kafka configuration overrides -export KAFKA_CFG_SASL_ENABLED_MECHANISMS="${KAFKA_CFG_SASL_ENABLED_MECHANISMS:-PLAIN,SCRAM-SHA-256,SCRAM-SHA-512}" -export KAFKA_KRAFT_CLUSTER_ID="${KAFKA_KRAFT_CLUSTER_ID:-}" -export KAFKA_SKIP_KRAFT_STORAGE_INIT="${KAFKA_SKIP_KRAFT_STORAGE_INIT:-false}" -export KAFKA_CLIENT_LISTENER_NAME="${KAFKA_CLIENT_LISTENER_NAME:-}" - -# ZooKeeper connection settings -export KAFKA_ZOOKEEPER_PROTOCOL="${KAFKA_ZOOKEEPER_PROTOCOL:-PLAINTEXT}" -export KAFKA_ZOOKEEPER_PASSWORD="${KAFKA_ZOOKEEPER_PASSWORD:-}" -export KAFKA_ZOOKEEPER_USER="${KAFKA_ZOOKEEPER_USER:-}" -export KAFKA_ZOOKEEPER_TLS_KEYSTORE_PASSWORD="${KAFKA_ZOOKEEPER_TLS_KEYSTORE_PASSWORD:-}" -export KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_PASSWORD="${KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_PASSWORD:-}" -export KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE="${KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE:-}" -export KAFKA_ZOOKEEPER_TLS_VERIFY_HOSTNAME="${KAFKA_ZOOKEEPER_TLS_VERIFY_HOSTNAME:-true}" -export KAFKA_ZOOKEEPER_TLS_TYPE="${KAFKA_ZOOKEEPER_TLS_TYPE:-JKS}" - -# Authentication -export KAFKA_CLIENT_USERS="${KAFKA_CLIENT_USERS:-user}" -export KAFKA_CLIENT_PASSWORDS="${KAFKA_CLIENT_PASSWORDS:-bitnami}" - -# Java settings -export KAFKA_HEAP_OPTS="${KAFKA_HEAP_OPTS:--Xmx1024m -Xms1024m}" - -# Custom environment variables may be defined below diff --git a/bitnami/kafka/3.6/debian-11/rootfs/opt/bitnami/scripts/kafka/entrypoint.sh b/bitnami/kafka/3.6/debian-11/rootfs/opt/bitnami/scripts/kafka/entrypoint.sh deleted file mode 100755 index deafe6d4660a..000000000000 --- a/bitnami/kafka/3.6/debian-11/rootfs/opt/bitnami/scripts/kafka/entrypoint.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/libkafka.sh - -# Load Kafka environment variables -. /opt/bitnami/scripts/kafka-env.sh - -print_welcome_page - -if [[ "$*" = *"/opt/bitnami/scripts/kafka/run.sh"* || "$*" = *"/run.sh"* ]]; then - info "** Starting Kafka setup **" - /opt/bitnami/scripts/kafka/setup.sh - info "** Kafka setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/kafka/3.6/debian-11/rootfs/opt/bitnami/scripts/kafka/postunpack.sh b/bitnami/kafka/3.6/debian-11/rootfs/opt/bitnami/scripts/kafka/postunpack.sh deleted file mode 100755 index b6526959daf7..000000000000 --- a/bitnami/kafka/3.6/debian-11/rootfs/opt/bitnami/scripts/kafka/postunpack.sh +++ /dev/null @@ -1,46 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libkafka.sh -. /opt/bitnami/scripts/libfs.sh - -# Load Kafka environment variables -. /opt/bitnami/scripts/kafka-env.sh - -# Move server.properties from configtmp to config -# Temporary solution until kafka tarball places server.properties into config -if [[ -d "${KAFKA_BASE_DIR}/configtmp" ]]; then - mv "${KAFKA_BASE_DIR}/configtmp"/* "$KAFKA_CONF_DIR" - rmdir "${KAFKA_BASE_DIR}/configtmp" -fi -[[ -d "${KAFKA_BASE_DIR}/conf" ]] && rmdir "${KAFKA_BASE_DIR}/conf" - -# Ensure directories used by Kafka exist and have proper ownership and permissions -for dir in "$KAFKA_LOG_DIR" "$KAFKA_CONF_DIR" "$KAFKA_MOUNTED_CONF_DIR" "$KAFKA_VOLUME_DIR" "$KAFKA_DATA_DIR" "$KAFKA_INITSCRIPTS_DIR"; do - ensure_dir_exists "$dir" -done -chmod -R g+rwX "$KAFKA_BASE_DIR" "$KAFKA_VOLUME_DIR" "$KAFKA_DATA_DIR" "$KAFKA_INITSCRIPTS_DIR" - -# Move the original server.properties, so users can skip initialization logic by mounting their own server.properties directly instead of using the MOUNTED_CONF_DIR -mv "${KAFKA_CONF_DIR}/server.properties" "${KAFKA_CONF_DIR}/server.properties.original" - -# Disable logging to stdout and garbage collection -# Source: https://logging.apache.org/log4j/log4j-2.4/manual/appenders.html -replace_in_file "${KAFKA_BASE_DIR}/bin/kafka-server-start.sh" " [-]loggc" " " -replace_in_file "${KAFKA_CONF_DIR}/log4j.properties" "DailyRollingFileAppender" "ConsoleAppender" - -# Disable the default console logger in favour of KafkaAppender (which provides the exact output) -echo "log4j.appender.stdout.Threshold=OFF" >>"${KAFKA_CONF_DIR}/log4j.properties" - -# Remove invalid parameters for ConsoleAppender -remove_in_file "${KAFKA_CONF_DIR}/log4j.properties" "DatePattern" -remove_in_file "${KAFKA_CONF_DIR}/log4j.properties" "Appender.File" diff --git a/bitnami/kafka/3.6/debian-11/rootfs/opt/bitnami/scripts/kafka/run.sh b/bitnami/kafka/3.6/debian-11/rootfs/opt/bitnami/scripts/kafka/run.sh deleted file mode 100755 index a82f26867e70..000000000000 --- a/bitnami/kafka/3.6/debian-11/rootfs/opt/bitnami/scripts/kafka/run.sh +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libkafka.sh -. /opt/bitnami/scripts/libos.sh - -# Load Kafka environment variables -. /opt/bitnami/scripts/kafka-env.sh - -if [[ -f "${KAFKA_CONF_DIR}/kafka_jaas.conf" ]]; then - export KAFKA_OPTS="-Djava.security.auth.login.config=${KAFKA_CONF_DIR}/kafka_jaas.conf" -fi - -cmd="$KAFKA_HOME/bin/kafka-server-start.sh" -args=("$KAFKA_CONF_FILE") -! is_empty_value "${KAFKA_EXTRA_FLAGS:-}" && args=("${args[@]}" "${KAFKA_EXTRA_FLAGS[@]}") - -info "** Starting Kafka **" -if am_i_root; then - exec_as_user "$KAFKA_DAEMON_USER" "$cmd" "${args[@]}" "$@" -else - exec "$cmd" "${args[@]}" "$@" -fi diff --git a/bitnami/kafka/3.6/debian-11/rootfs/opt/bitnami/scripts/kafka/setup.sh b/bitnami/kafka/3.6/debian-11/rootfs/opt/bitnami/scripts/kafka/setup.sh deleted file mode 100755 index a1dcc1d2d162..000000000000 --- a/bitnami/kafka/3.6/debian-11/rootfs/opt/bitnami/scripts/kafka/setup.sh +++ /dev/null @@ -1,60 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libkafka.sh - -# Load Kafka environment variables -. /opt/bitnami/scripts/kafka-env.sh - -# Map Kafka environment variables -kafka_create_alias_environment_variables - -# Dinamically set node.id/broker.id/controller.quorum.voters if the _COMMAND environment variable is set -kafka_dynamic_environment_variables - -# Set the default tuststore locations before validation -kafka_configure_default_truststore_locations -# Ensure Kafka user and group exist when running as 'root' -am_i_root && ensure_user_exists "$KAFKA_DAEMON_USER" --group "$KAFKA_DAEMON_GROUP" -# Ensure directories used by Kafka exist and have proper ownership and permissions -for dir in "$KAFKA_LOG_DIR" "$KAFKA_CONF_DIR" "$KAFKA_MOUNTED_CONF_DIR" "$KAFKA_VOLUME_DIR" "$KAFKA_DATA_DIR"; do - if am_i_root; then - ensure_dir_exists "$dir" "$KAFKA_DAEMON_USER" "$KAFKA_DAEMON_GROUP" - else - ensure_dir_exists "$dir" - fi -done - -# Kafka validation, skipped if server.properties was mounted at either $KAFKA_MOUNTED_CONF_DIR or $KAFKA_CONF_DIR -[[ ! -f "${KAFKA_MOUNTED_CONF_DIR}/server.properties" && ! -f "$KAFKA_CONF_FILE" ]] && kafka_validate -# Kafka initialization, skipped if server.properties was mounted at $KAFKA_CONF_DIR -[[ ! -f "$KAFKA_CONF_FILE" ]] && kafka_initialize - -# Initialise KRaft metadata storage if process.roles configured -if grep -q "^process.roles=" "$KAFKA_CONF_FILE" && ! is_boolean_yes "$KAFKA_SKIP_KRAFT_STORAGE_INIT" ; then - kafka_kraft_storage_initialize -fi -# Configure Zookeeper SCRAM users -if is_boolean_yes "${KAFKA_ZOOKEEPER_BOOTSTRAP_SCRAM_USERS:-}"; then - kafka_zookeeper_create_sasl_scram_users -fi -# KRaft controllers may get stuck starting when the controller quorum voters are changed. -# Workaround: Remove quorum-state file when scaling up/down controllers (Waiting proposal KIP-853) -# https://cwiki.apache.org/confluence/display/KAFKA/KIP-853%3A+KRaft+Voter+Changes -if [[ -f "${KAFKA_DATA_DIR}/__cluster_metadata-0/quorum-state" ]] && grep -q "^controller.quorum.voters=" "$KAFKA_CONF_FILE" && kafka_kraft_quorum_voters_changed; then - warn "Detected inconsitences between controller.quorum.voters and quorum-state, removing it..." - rm -f "${KAFKA_DATA_DIR}/__cluster_metadata-0/quorum-state" -fi -# Ensure custom initialization scripts are executed -kafka_custom_init_scripts diff --git a/bitnami/kafka/3.6/debian-11/rootfs/opt/bitnami/scripts/libkafka.sh b/bitnami/kafka/3.6/debian-11/rootfs/opt/bitnami/scripts/libkafka.sh deleted file mode 100644 index 0efa81c4b873..000000000000 --- a/bitnami/kafka/3.6/debian-11/rootfs/opt/bitnami/scripts/libkafka.sh +++ /dev/null @@ -1,1175 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Kafka library - -# shellcheck disable=SC1090,SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libservice.sh - -# Functions - -######################## -# Set a configuration setting value to a file -# Globals: -# None -# Arguments: -# $1 - file -# $2 - key -# $3 - values (array) -# Returns: -# None -######################### -kafka_common_conf_set() { - local file="${1:?missing file}" - local key="${2:?missing key}" - shift - shift - local values=("$@") - - if [[ "${#values[@]}" -eq 0 ]]; then - stderr_print "missing value" - return 1 - elif [[ "${#values[@]}" -ne 1 ]]; then - for i in "${!values[@]}"; do - kafka_common_conf_set "$file" "${key[$i]}" "${values[$i]}" - done - else - value="${values[0]}" - # Check if the value was set before - if grep -q "^[#\\s]*$key\s*=.*" "$file"; then - # Update the existing key - replace_in_file "$file" "^[#\\s]*${key}\s*=.*" "${key}=${value}" false - else - # Add a new key - printf '\n%s=%s' "$key" "$value" >>"$file" - fi - fi -} - -######################## -# Returns true if at least one listener is configured using SSL -# Globals: -# KAFKA_CFG_LISTENERS -# KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP -# Arguments: -# None -# Returns: -# true/false -######################### -kafka_has_ssl_listener(){ - if ! is_empty_value "${KAFKA_CFG_LISTENERS:-}"; then - if is_empty_value "${KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP:-}"; then - if [[ "$KAFKA_CFG_LISTENERS" =~ SSL: || "$KAFKA_CFG_LISTENERS" =~ SASL_SSL: ]]; then - return - fi - else - read -r -a protocol_maps <<<"$(tr ',' ' ' <<<"$KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP")" - for protocol_map in "${protocol_maps[@]}"; do - read -r -a map <<<"$(tr ':' ' ' <<<"$protocol_map")" - # Obtain the listener and protocol from protocol map string, e.g. CONTROLLER:PLAINTEXT - listener="${map[0]}" - protocol="${map[1]}" - if [[ "$protocol" = "SSL" || "$protocol" = "SASL_SSL" ]]; then - if [[ "$KAFKA_CFG_LISTENERS" =~ $listener ]]; then - return - fi - fi - done - fi - fi - return 1 -} - -######################## -# Returns true if at least one listener is configured using SASL -# Globals: -# KAFKA_CFG_LISTENERS -# KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP -# Arguments: -# None -# Returns: -# true/false -######################### -kafka_has_sasl_listener(){ - if ! is_empty_value "${KAFKA_CFG_LISTENERS:-}"; then - if is_empty_value "${KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP:-}"; then - if [[ "$KAFKA_CFG_LISTENERS" =~ SASL_PLAINTEXT: ]] || [[ "$KAFKA_CFG_LISTENERS" =~ SASL_SSL: ]]; then - return - fi - else - read -r -a protocol_maps <<<"$(tr ',' ' ' <<<"$KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP")" - for protocol_map in "${protocol_maps[@]}"; do - read -r -a map <<<"$(tr ':' ' ' <<<"$protocol_map")" - # Obtain the listener and protocol from protocol map string, e.g. CONTROLLER:PLAINTEXT - listener="${map[0]}" - protocol="${map[1]}" - if [[ "$protocol" = "SASL_PLAINTEXT" || "$protocol" = "SASL_SSL" ]]; then - if [[ "$KAFKA_CFG_LISTENERS" =~ $listener ]]; then - return - fi - fi - done - fi - fi - return 1 -} - -######################## -# Returns true if at least one listener is configured using plaintext -# Globals: -# KAFKA_CFG_LISTENERS -# KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP -# Arguments: -# None -# Returns: -# true/false -######################### -kafka_has_plaintext_listener(){ - if ! is_empty_value "${KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP:-}"; then - read -r -a protocol_maps <<<"$(tr ',' ' ' <<<"$KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP")" - for protocol_map in "${protocol_maps[@]}"; do - read -r -a map <<<"$(tr ':' ' ' <<<"$protocol_map")" - # Obtain the listener and protocol from protocol map string, e.g. CONTROLLER:PLAINTEXT - listener="${map[0]}" - protocol="${map[1]}" - if [[ "$protocol" = "PLAINTEXT" ]]; then - if is_empty_value "${KAFKA_CFG_LISTENERS:-}" || [[ "$KAFKA_CFG_LISTENERS" =~ $listener ]]; then - return - fi - fi - done - else - if is_empty_value "${KAFKA_CFG_LISTENERS:-}" || [[ "$KAFKA_CFG_LISTENERS" =~ PLAINTEXT: ]]; then - return - fi - fi - return 1 -} - -######################## -# Backwards compatibility measure to configure the TLS truststore locations -# Globals: -# KAFKA_CONF_FILE -# Arguments: -# None -# Returns: -# None -######################### -kafka_configure_default_truststore_locations() { - # Backwards compatibility measure to allow custom truststore locations but at the same time not disrupt - # the UX that the previous version of the containers and the helm chart have. - # Context: The chart and containers by default assumed that the truststore location was KAFKA_CERTS_DIR/kafka.truststore.jks or KAFKA_MOUNTED_CONF_DIR/certs/kafka.truststore.jks. - # Because of this, we could not use custom certificates in different locations (use case: A custom base image that already has a truststore). Changing the logic to allow custom - # locations implied major changes in the current user experience (which only required to mount certificates at the assumed location). In order to maintain this compatibility we need - # use this logic that sets the KAFKA_TLS_*_FILE variables to the previously assumed locations in case it is not set - - # Kafka truststore - if kafka_has_ssl_listener && is_empty_value "${KAFKA_TLS_TRUSTSTORE_FILE:-}"; then - local kafka_truststore_filename="kafka.truststore.jks" - [[ "$KAFKA_TLS_TYPE" = "PEM" ]] && kafka_truststore_filename="kafka.truststore.pem" - if [[ -f "${KAFKA_CERTS_DIR}/${kafka_truststore_filename}" ]]; then - # Mounted in /opt/bitnami/kafka/conf/certs - export KAFKA_TLS_TRUSTSTORE_FILE="${KAFKA_CERTS_DIR}/${kafka_truststore_filename}" - else - # Mounted in /bitnami/kafka/conf/certs - export KAFKA_TLS_TRUSTSTORE_FILE="${KAFKA_MOUNTED_CONF_DIR}/certs/${kafka_truststore_filename}" - fi - fi - # Zookeeper truststore - if [[ "${KAFKA_ZOOKEEPER_PROTOCOL:-}" =~ SSL ]] && is_empty_value "${KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE:-}"; then - local zk_truststore_filename="zookeeper.truststore.jks" - [[ "$KAFKA_ZOOKEEPER_TLS_TYPE" = "PEM" ]] && zk_truststore_filename="zookeeper.truststore.pem" - if [[ -f "${KAFKA_CERTS_DIR}/${zk_truststore_filename}" ]]; then - # Mounted in /opt/bitnami/kafka/conf/certs - export KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE="${KAFKA_CERTS_DIR}/${zk_truststore_filename}" - else - # Mounted in /bitnami/kafka/conf/certs - export KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE="${KAFKA_MOUNTED_CONF_DIR}/certs/${zk_truststore_filename}" - fi - fi -} - -######################## -# Set a configuration setting value to server.properties -# Globals: -# KAFKA_CONF_FILE -# Arguments: -# $1 - key -# $2 - values (array) -# Returns: -# None -######################### -kafka_server_conf_set() { - kafka_common_conf_set "$KAFKA_CONF_FILE" "$@" -} - -######################## -# Set a configuration setting value to producer.properties and consumer.properties -# Globals: -# KAFKA_CONF_DIR -# Arguments: -# $1 - key -# $2 - values (array) -# Returns: -# None -######################### -kafka_producer_consumer_conf_set() { - kafka_common_conf_set "$KAFKA_CONF_DIR/producer.properties" "$@" - kafka_common_conf_set "$KAFKA_CONF_DIR/consumer.properties" "$@" -} - -######################## -# Create alias for environment variable, so both can be used -# Globals: -# None -# Arguments: -# $1 - Alias environment variable name -# $2 - Original environment variable name -# Returns: -# None -######################### -kafka_declare_alias_env() { - local -r alias="${1:?missing environment variable alias}" - local -r original="${2:?missing original environment variable}" - if printenv "${original}" >/dev/null; then - export "$alias"="${!original:-}" - fi -} - -######################## -# Map Kafka legacy environment variables to the new names -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_create_alias_environment_variables() { - suffixes=( - "ADVERTISED_LISTENERS" - "BROKER_ID" - "NODE_ID" - "CONTROLLER_QUORUM_VOTERS" - "PROCESS_ROLES" - "DEFAULT_REPLICATION_FACTOR" - "DELETE_TOPIC_ENABLE" - "INTER_BROKER_LISTENER_NAME" - "LISTENERS" - "LISTENER_SECURITY_PROTOCOL_MAP" - "LOG_DIRS" - "LOG_FLUSH_INTERVAL_MESSAGES" - "LOG_FLUSH_INTERVAL_MS" - "LOG_MESSAGE_FORMAT_VERSION" - "LOG_RETENTION_BYTES" - "LOG_RETENTION_CHECK_INTERVALS_MS" - "LOG_RETENTION_HOURS" - "LOG_SEGMENT_BYTES" - "MESSAGE_MAX_BYTES" - "NUM_IO_THREADS" - "NUM_NETWORK_THREADS" - "NUM_PARTITIONS" - "NUM_RECOVERY_THREADS_PER_DATA_DIR" - "OFFSETS_TOPIC_REPLICATION_FACTOR" - "SOCKET_RECEIVE_BUFFER_BYTES" - "SOCKET_REQUEST_MAX_BYTES" - "SOCKET_SEND_BUFFER_BYTES" - "SSL_ENDPOINT_IDENTIFICATION_ALGORITHM" - "TRANSACTION_STATE_LOG_MIN_ISR" - "TRANSACTION_STATE_LOG_REPLICATION_FACTOR" - "ZOOKEEPER_CONNECT" - "ZOOKEEPER_CONNECTION_TIMEOUT_MS" - ) - kafka_declare_alias_env "KAFKA_CFG_LOG_DIRS" "KAFKA_LOGS_DIRS" - kafka_declare_alias_env "KAFKA_CFG_LOG_SEGMENT_BYTES" "KAFKA_SEGMENT_BYTES" - kafka_declare_alias_env "KAFKA_CFG_MESSAGE_MAX_BYTES" "KAFKA_MAX_MESSAGE_BYTES" - kafka_declare_alias_env "KAFKA_CFG_ZOOKEEPER_CONNECTION_TIMEOUT_MS" "KAFKA_ZOOKEEPER_CONNECT_TIMEOUT_MS" - kafka_declare_alias_env "KAFKA_CFG_AUTO_CREATE_TOPICS_ENABLE" "KAFKA_AUTO_CREATE_TOPICS_ENABLE" - kafka_declare_alias_env "KAFKA_CLIENT_USERS" "KAFKA_BROKER_USER" - kafka_declare_alias_env "KAFKA_CLIENT_PASSWORDS" "KAFKA_BROKER_PASSWORD" - kafka_declare_alias_env "KAFKA_CLIENT_LISTENER_NAME" "KAFKA_CLIENT_LISTENER" - for s in "${suffixes[@]}"; do - kafka_declare_alias_env "KAFKA_CFG_${s}" "KAFKA_${s}" - done -} - -######################## -# Validate settings in KAFKA_* env vars -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_validate() { - debug "Validating settings in KAFKA_* env vars..." - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - check_multi_value() { - if [[ " ${2} " != *" ${!1} "* ]]; then - print_validation_error "The allowed values for ${1} are: ${2}" - fi - } - # If process.roles configured, check its values are valid and perform additional checks for each - check_kraft_process_roles() { - read -r -a roles_list <<<"$(tr ',;' ' ' <<<"$KAFKA_CFG_PROCESS_ROLES")" - for role in "${roles_list[@]}"; do - case "$role" in - broker) ;; - controller) - if is_empty_value "${KAFKA_CFG_CONTROLLER_LISTENER_NAMES:-}"; then - print_validation_error "Role 'controller' enabled but environment variable KAFKA_CFG_CONTROLLER_LISTENER_NAMES was not provided." - fi - if is_empty_value "${KAFKA_CFG_LISTENERS:-}" || [[ ! "$KAFKA_CFG_LISTENERS" =~ ${KAFKA_CFG_CONTROLLER_LISTENER_NAMES} ]]; then - print_validation_error "Role 'controller' enabled but listener ${KAFKA_CFG_CONTROLLER_LISTENER_NAMES} not found in KAFKA_CFG_LISTENERS." - fi - ;; - *) - print_validation_error "Invalid KRaft process role '$role'. Supported roles are 'broker,controller'" - ;; - esac - done - } - # Check all listeners are using a unique and valid port - check_listener_ports(){ - check_allowed_port() { - local port="${1:?missing port variable}" - local -a validate_port_args=() - ! am_i_root && validate_port_args+=("-unprivileged") - validate_port_args+=("$port") - if ! err=$(validate_port "${validate_port_args[@]}"); then - print_validation_error "An invalid port ${port} was specified in the environment variable KAFKA_CFG_LISTENERS: ${err}." - fi - } - - read -r -a listeners <<<"$(tr ',' ' ' <<<"${KAFKA_CFG_LISTENERS:-}")" - local -a ports=() - for listener in "${listeners[@]}"; do - read -r -a arr <<<"$(tr ':' ' ' <<<"$listener")" - # Obtain the port from listener string, e.g. PLAINTEXT://:9092 - port="${arr[2]}" - check_allowed_port "$port" - ports+=("$port") - done - # Check each listener is using an unique port - local -a unique_ports=() - read -r -a unique_ports <<< "$(echo "${ports[@]}" | tr ' ' '\n' | sort -u | tr '\n' ' ')" - if [[ "${#ports[@]}" != "${#unique_ports[@]}" ]]; then - print_validation_error "There are listeners bound to the same port" - fi - } - check_listener_protocols(){ - local -r allowed_protocols=("PLAINTEXT" "SASL_PLAINTEXT" "SASL_SSL" "SSL") - read -r -a protocol_maps <<<"$(tr ',' ' ' <<<"$KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP")" - for protocol_map in "${protocol_maps[@]}"; do - read -r -a map <<<"$(tr ':' ' ' <<<"$protocol_map")" - # Obtain the listener and protocol from protocol map string, e.g. CONTROLLER:PLAINTEXT - listener="${map[0]}" - protocol="${map[1]}" - # Check protocol in allowed list - if [[ ! "${allowed_protocols[*]}" =~ $protocol ]]; then - print_validation_error "Authentication protocol ${protocol} is not supported!" - fi - # If inter-broker listener configured with SASL, ensure KAFKA_CFG_SASL_MECHANISM_INTER_BROKER_PROTOCOL is set - if [[ "$listener" = "${KAFKA_CFG_INTER_BROKER_LISTENER_NAME:-INTERNAL}" ]]; then - if [[ "$protocol" = "SASL_PLAINTEXT" ]] || [[ "$protocol" = "SASL_SSL" ]]; then - if is_empty_value "${KAFKA_CFG_SASL_MECHANISM_INTER_BROKER_PROTOCOL:-}"; then - print_validation_error "When using SASL for inter broker comunication the mechanism should be provided using KAFKA_CFG_SASL_MECHANISM_INTER_BROKER_PROTOCOL" - fi - if is_empty_value "${KAFKA_INTER_BROKER_USER:-}" || is_empty_value "${KAFKA_INTER_BROKER_PASSWORD:-}"; then - print_validation_error "In order to configure SASL authentication for Kafka inter-broker communications, you must provide the SASL credentials. Set the environment variables KAFKA_INTER_BROKER_USER and KAFKA_INTER_BROKER_PASSWORD to configure the credentials for SASL authentication with between brokers." - fi - fi - # If controller listener configured with SASL, ensure KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL is set - elif [[ "${KAFKA_CFG_CONTROLLER_LISTENER_NAMES:-CONTROLLER}" =~ $listener ]]; then - if [[ "$protocol" = "SASL_PLAINTEXT" ]] || [[ "$protocol" = "SASL_SSL" ]]; then - if is_empty_value "${KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL:-}"; then - print_validation_error "When using SASL for controller comunication the mechanism should be provided at KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL" - elif [[ "$KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL" =~ SCRAM ]]; then - warn "KRaft controller listener may not support SCRAM-SHA-256/SCRAM-SHA-512 mechanisms. If facing any issues, we recommend switching to PLAIN mechanism. More information at: https://issues.apache.org/jira/browse/KAFKA-15513" - fi - if is_empty_value "${KAFKA_CONTROLLER_USER:-}" || is_empty_value "${KAFKA_CONTROLLER_PASSWORD:-}"; then - print_validation_error "In order to configure SASL authentication for Kafka control plane communications, you must provide the SASL credentials. Set the environment variables KAFKA_CONTROLLER_USER and KAFKA_CONTROLLER_PASSWORD to configure the credentials for SASL authentication with between controllers." - fi - fi - else - if [[ "$protocol" = "SASL_PLAINTEXT" ]] || [[ "$protocol" = "SASL_SSL" ]]; then - if is_empty_value "${KAFKA_CLIENT_USERS:-}" || is_empty_value "${KAFKA_CLIENT_PASSWORDS:-}"; then - print_validation_error "In order to configure SASL authentication for Kafka, you must provide the SASL credentials. Set the environment variables KAFKA_CLIENT_USERS and KAFKA_CLIENT_PASSWORDS to configure the credentials for SASL authentication with clients." - fi - fi - - fi - done - } - - if is_empty_value "${KAFKA_CFG_PROCESS_ROLES:-}" && is_empty_value "${KAFKA_CFG_ZOOKEEPER_CONNECT:-}"; then - print_validation_error "Kafka haven't been configured to work in either Raft or Zookeper mode. Please make sure at least one of the modes is configured." - fi - # Check KRaft mode - if ! is_empty_value "${KAFKA_CFG_PROCESS_ROLES:-}"; then - # Raft - if [[ "$(kafka_get_version)" =~ ^3\.2\. ]]; then - warn "KRaft mode is not production-ready in Kafka 3.2, for production environments, we recommend upgrading " - fi - # Only allow Zookeeper configuration if migration mode is enabled - if ! is_empty_value "${KAFKA_CFG_ZOOKEEPER_CONNECT:-}" && - { is_empty_value "${KAFKA_CFG_ZOOKEEPER_METADATA_MIGRATION_ENABLE:-}" || ! is_boolean_yes "$KAFKA_CFG_ZOOKEEPER_METADATA_MIGRATION_ENABLE"; }; then - print_validation_error "Both KRaft mode and Zookeeper modes are configured, but KAFKA_CFG_ZOOKEEPER_METADATA_MIGRATION_ENABLE is not enabled" - fi - if is_empty_value "${KAFKA_CFG_NODE_ID:-}"; then - print_validation_error "KRaft mode requires an unique node.id, please set the environment variable KAFKA_CFG_NODE_ID" - fi - if is_empty_value "${KAFKA_CFG_CONTROLLER_QUORUM_VOTERS:-}"; then - print_validation_error "KRaft mode requires KAFKA_CFG_CONTROLLER_QUORUM_VOTERS to be set" - fi - check_kraft_process_roles - fi - # Check Zookeeper mode - if ! is_empty_value "${KAFKA_CFG_ZOOKEEPER_CONNECT:-}"; then - # If SSL/SASL_SSL protocol configured, check certificates are provided - if [[ "$KAFKA_ZOOKEEPER_PROTOCOL" =~ SSL ]]; then - if [[ "$KAFKA_ZOOKEEPER_TLS_TYPE" = "JKS" ]]; then - # Fail if truststore is not provided - if [[ ! -f "$KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE" ]]; then - print_validation_error "In order to configure the TLS encryption for Zookeeper with JKS certs you must mount your zookeeper.truststore.jks cert to the ${KAFKA_MOUNTED_CONF_DIR}/certs directory." - fi - # Warn if keystore is not provided, only required if Zookeper mTLS is enabled (ZOO_TLS_CLIENT_AUTH) - if [[ ! -f "${KAFKA_CERTS_DIR}/zookeeper.keystore.jks" ]] && [[ ! -f "${KAFKA_MOUNTED_CONF_DIR}/certs/zookeeper.keystore.jks" ]]; then - warn "In order to configure the mTLS for Zookeeper with JKS certs you must mount your zookeeper.keystore.jks cert to the ${KAFKA_MOUNTED_CONF_DIR}/certs directory." - fi - elif [[ "$KAFKA_ZOOKEEPER_TLS_TYPE" = "PEM" ]]; then - # Fail if CA / validation cert is not provided - if [[ ! -f "$KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE" ]]; then - print_validation_error "In order to configure the TLS encryption for Zookeeper with PEM certs you must mount your zookeeper.truststore.pem cert to the ${KAFKA_MOUNTED_CONF_DIR}/certs directory." - fi - # Warn if node key or cert are not provided, only required if Zookeper mTLS is enabled (ZOO_TLS_CLIENT_AUTH) - if { [[ ! -f "${KAFKA_CERTS_DIR}/zookeeper.keystore.pem" ]] || [[ ! -f "${KAFKA_CERTS_DIR}/zookeeper.keystore.key" ]]; } && - { [[ ! -f "${KAFKA_MOUNTED_CONF_DIR}/certs/zookeeper.keystore.pem" ]] || [[ ! -f "${KAFKA_MOUNTED_CONF_DIR}/certs/zookeeper.keystore.key" ]]; }; then - warn "In order to configure the mTLS for Zookeeper with PEM certs you must mount your zookeeper.keystore.pem cert and zookeeper.keystore.key key to the ${KAFKA_MOUNTED_CONF_DIR}/certs directory." - fi - fi - fi - # If SASL/SASL_SSL protocol configured, check certificates are provided - if [[ "$KAFKA_ZOOKEEPER_PROTOCOL" =~ SASL ]]; then - if is_empty_value "${KAFKA_ZOOKEEPER_USER:-}" || is_empty_value "${KAFKA_ZOOKEEPER_PASSWORD:-}"; then - print_validation_error "In order to configure SASL authentication for Kafka, you must provide the SASL credentials. Set the environment variables KAFKA_ZOOKEEPER_USER and KAFKA_ZOOKEEPER_PASSWORD, to configure the credentials for SASL authentication with Zookeeper." - fi - fi - # If using plaintext protocol, check it is explicitly allowed - if [[ "$KAFKA_ZOOKEEPER_PROTOCOL" = "PLAINTEXT" ]]; then - warn "The KAFKA_ZOOKEEPER_PROTOCOL environment variable does not configure SASL and/or SSL, this setting is not recommended for production environments." - fi - fi - # Check listener ports are unique and allowed - check_listener_ports - # Check listeners are mapped to a valid security protocol - check_listener_protocols - # Warn users if plaintext listeners are configured - if kafka_has_plaintext_listener; then - warn "Kafka has been configured with a PLAINTEXT listener, this setting is not recommended for production environments." - fi - # If SSL/SASL_SSL listeners configured, check certificates are provided - if kafka_has_ssl_listener; then - if [[ "$KAFKA_TLS_TYPE" = "JKS" ]] && - { [[ ! -f "${KAFKA_CERTS_DIR}/kafka.keystore.jks" ]] || [[ ! -f "$KAFKA_TLS_TRUSTSTORE_FILE" ]]; } && - { [[ ! -f "${KAFKA_MOUNTED_CONF_DIR}/certs/kafka.keystore.jks" ]] || [[ ! -f "$KAFKA_TLS_TRUSTSTORE_FILE" ]]; }; then - print_validation_error "In order to configure the TLS encryption for Kafka with JKS certs you must mount your kafka.keystore.jks and kafka.truststore.jks certs to the ${KAFKA_MOUNTED_CONF_DIR}/certs directory." - elif [[ "$KAFKA_TLS_TYPE" = "PEM" ]] && - { [[ ! -f "${KAFKA_CERTS_DIR}/kafka.keystore.pem" ]] || [[ ! -f "${KAFKA_CERTS_DIR}/kafka.keystore.key" ]] || [[ ! -f "$KAFKA_TLS_TRUSTSTORE_FILE" ]]; } && - { [[ ! -f "${KAFKA_MOUNTED_CONF_DIR}/certs/kafka.keystore.pem" ]] || [[ ! -f "${KAFKA_MOUNTED_CONF_DIR}/certs/kafka.keystore.key" ]] || [[ ! -f "$KAFKA_TLS_TRUSTSTORE_FILE" ]]; }; then - print_validation_error "In order to configure the TLS encryption for Kafka with PEM certs you must mount your kafka.keystore.pem, kafka.keystore.key and kafka.truststore.pem certs to the ${KAFKA_MOUNTED_CONF_DIR}/certs directory." - fi - fi - # If SASL/SASL_SSL listeners configured, check passwords are provided - if kafka_has_sasl_listener; then - if is_empty_value "${KAFKA_CFG_SASL_ENABLED_MECHANISMS:-}"; then - print_validation_error "Specified SASL protocol but no SASL mechanisms provided in KAFKA_CFG_SASL_ENABLED_MECHANISMS" - fi - fi - # Check users and passwords lists are the same size - read -r -a users <<<"$(tr ',;' ' ' <<<"${KAFKA_CLIENT_USERS:-}")" - read -r -a passwords <<<"$(tr ',;' ' ' <<<"${KAFKA_CLIENT_PASSWORDS:-}")" - if [[ "${#users[@]}" -ne "${#passwords[@]}" ]]; then - print_validation_error "Specify the same number of passwords on KAFKA_CLIENT_PASSWORDS as the number of users on KAFKA_CLIENT_USERS!" - fi - check_multi_value "KAFKA_TLS_TYPE" "JKS PEM" - check_multi_value "KAFKA_ZOOKEEPER_TLS_TYPE" "JKS PEM" - check_multi_value "KAFKA_ZOOKEEPER_PROTOCOL" "PLAINTEXT SASL SSL SASL_SSL" - check_multi_value "KAFKA_TLS_CLIENT_AUTH" "none requested required" - [[ "$error_code" -eq 0 ]] || return "$error_code" -} - -######################## -# Get kafka version -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# version -######################### -kafka_get_version() { - local -a cmd=("kafka-topics.sh" "--version") - am_i_root && cmd=("run_as_user" "$KAFKA_DAEMON_USER" "${cmd[@]}") - - read -r -a ver_split <<< "$("${cmd[@]}")" - echo "${ver_split[0]}" -} - -######################### -# Configure JAAS for a given listener and SASL mechanisms -# Globals: -# KAFKA_* -# Arguments: -# $1 - Name of the listener JAAS will be configured for -# $2 - Comma-separated list of SASL mechanisms to configure -# $3 - Comma-separated list of usernames -# $4 - Comma-separated list of passwords -# Returns: -# None -######################### -kafka_configure_server_jaas() { - local listener="${1:?missing listener name}" - local role="${2:-}" - - if [[ "$role" = "controller" ]]; then - local jaas_content=() - if [[ "$KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL" = "PLAIN" ]]; then - jaas_content=( - "org.apache.kafka.common.security.plain.PlainLoginModule required" - "username=\"${KAFKA_CONTROLLER_USER}\"" - "password=\"${KAFKA_CONTROLLER_PASSWORD}\"" - "user_${KAFKA_CONTROLLER_USER}=\"${KAFKA_CONTROLLER_PASSWORD}\";" - ) - elif [[ "$KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL" =~ SCRAM ]]; then - jaas_content=( - "org.apache.kafka.common.security.scram.ScramLoginModule required" - "username=\"${KAFKA_CONTROLLER_USER}\"" - "password=\"${KAFKA_CONTROLLER_PASSWORD}\";" - ) - fi - listener_lower="$(echo "$listener" | tr '[:upper:]' '[:lower:]')" - sasl_mechanism_lower="$(echo "$KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL" | tr '[:upper:]' '[:lower:]')" - kafka_server_conf_set "listener.name.${listener_lower}.${sasl_mechanism_lower}.sasl.jaas.config" "${jaas_content[*]}" - else - read -r -a sasl_mechanisms_arr <<<"$(tr ',' ' ' <<<"$KAFKA_CFG_SASL_ENABLED_MECHANISMS")" - read -r -a users <<<"$(tr ',;' ' ' <<<"$KAFKA_CLIENT_USERS")" - read -r -a passwords <<<"$(tr ',;' ' ' <<<"$KAFKA_CLIENT_PASSWORDS")" - # Configure JAAS for each SASL mechanism - # ref: https://docs.confluent.io/platform/current/kafka/authentication_sasl/index.html - for sasl_mechanism in "${sasl_mechanisms_arr[@]}"; do - local jaas_content=() - # For PLAIN mechanism, only the first username will be used - if [[ "$sasl_mechanism" = "PLAIN" ]]; then - jaas_content=("org.apache.kafka.common.security.plain.PlainLoginModule required") - if [[ "$role" = "inter-broker" ]]; then - jaas_content+=( - "username=\"${KAFKA_INTER_BROKER_USER}\"" - "password=\"${KAFKA_INTER_BROKER_PASSWORD}\"" - ) - users+=("$KAFKA_INTER_BROKER_USER") - passwords+=("$KAFKA_INTER_BROKER_PASSWORD") - fi - for ((i = 0; i < ${#users[@]}; i++)); do - jaas_content+=("user_${users[i]}=\"${passwords[i]}\"") - done - # Add semi-colon to the last element of the array - jaas_content[${#jaas_content[@]} - 1]="${jaas_content[${#jaas_content[@]} - 1]};" - elif [[ "$sasl_mechanism" =~ SCRAM ]]; then - if [[ "$role" = "inter-broker" ]]; then - jaas_content=( - "org.apache.kafka.common.security.scram.ScramLoginModule required" - "username=\"${KAFKA_INTER_BROKER_USER}\"" - "password=\"${KAFKA_INTER_BROKER_PASSWORD}\";" - ) - else - jaas_content=("org.apache.kafka.common.security.scram.ScramLoginModule required;") - fi - fi - listener_lower="$(echo "$listener" | tr '[:upper:]' '[:lower:]')" - sasl_mechanism_lower="$(echo "$sasl_mechanism" | tr '[:upper:]' '[:lower:]')" - kafka_server_conf_set "listener.name.${listener_lower}.${sasl_mechanism_lower}.sasl.jaas.config" "${jaas_content[*]}" - done - fi -} - -######################## -# Configure Zookeeper JAAS authentication -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_zookeeper_configure_jaas(){ - local jaas_content=( - "org.apache.kafka.common.security.plain.PlainLoginModule required" - "username=\"${KAFKA_ZOOKEEPER_USER}\"" - "password=\"${KAFKA_ZOOKEEPER_PASSWORD}\";" - ) - - kafka_server_conf_set "sasl.jaas.config" "${jaas_content[*]}" -} - -######################## -# Generate JAAS authentication file for local producer/consumer to use -# Globals: -# KAFKA_* -# Arguments: -# $1 - Authentication protocol to use for the internal listener -# $2 - Authentication protocol to use for the client listener -# Returns: -# None -######################### -kafka_configure_consumer_producer_jaas(){ - local jaas_content=() - read -r -a users <<<"$(tr ',;' ' ' <<<"${KAFKA_CLIENT_USERS}")" - read -r -a passwords <<<"$(tr ',;' ' ' <<<"${KAFKA_CLIENT_PASSWORDS}")" - - if [[ "${KAFKA_CFG_SASL_ENABLED_MECHANISMS}" =~ SCRAM ]]; then - jaas_content=("org.apache.kafka.common.security.scram.ScramLoginModule required") - elif [[ "${KAFKA_CFG_SASL_ENABLED_MECHANISMS}" =~ PLAIN ]]; then - jaas_content=("org.apache.kafka.common.security.plain.PlainLoginModule required") - else - error "Couldn't configure a supported SASL mechanism for Kafka consumer/producer properties" - exit 1 - fi - - jaas_content+=( - "username=\"${users[0]}\"" - "password=\"${passwords[0]}\";" - ) - - kafka_producer_consumer_conf_set "sasl.jaas.config" "${jaas_content[*]}" -} - -######################## -# Create users in zookeper when using SASL/SCRAM mechanism -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_zookeeper_create_sasl_scram_users() { - info "Creating users in Zookeeper" - read -r -a users <<<"$(tr ',;' ' ' <<<"${KAFKA_CLIENT_USERS}")" - read -r -a passwords <<<"$(tr ',;' ' ' <<<"${KAFKA_CLIENT_PASSWORDS}")" - local zookeeper_connect - zookeeper_connect=$(grep "^zookeeper.connect=" "$KAFKA_CONF_FILE" | sed -E 's/^zookeeper\.connect=(\S+)$/\1/') - read -r -a zookeeper_hosts <<<"$(tr ',;' ' ' <<<"${zookeeper_connect}")" - - if [[ "${#zookeeper_hosts[@]}" -eq 0 ]]; then - error "Couldn't obtain zookeeper.connect from $KAFKA_CONF_FILE" - exit 1 - fi - # Wait for Zookeeper to be reachable - read -r -a aux <<<"$(tr ':' ' ' <<<"${zookeeper_hosts[0]}")" - local host="${aux[0]:?missing host}" - local port="${aux[1]:-2181}" - wait-for-port --host "$host" "$port" - - # Add interbroker credentials - if grep -Eq "^sasl.mechanism.inter.broker.protocol=SCRAM" "$KAFKA_CONF_FILE"; then - users+=("${KAFKA_INTER_BROKER_USER}") - passwords+=("${KAFKA_INTER_BROKER_PASSWORD}") - fi - for ((i = 0; i < ${#users[@]}; i++)); do - debug "Creating user ${users[i]} in zookeeper" - # Ref: https://docs.confluent.io/current/kafka/authentication_sasl/authentication_sasl_scram.html#sasl-scram-overview - debug_execute kafka-configs.sh --zookeeper "$zookeeper_connect" --alter --add-config "SCRAM-SHA-256=[iterations=8192,password=${passwords[i]}],SCRAM-SHA-512=[password=${passwords[i]}]" --entity-type users --entity-name "${users[i]}" - done -} - -######################## -# Configure Kafka SSL settings -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_configure_ssl() { - # Configures both Kafka server and producers/consumers - configure_both() { - kafka_server_conf_set "${1:?missing key}" "${2:?missing value}" - kafka_producer_consumer_conf_set "${1:?missing key}" "${2:?missing value}" - } - kafka_server_conf_set "ssl.client.auth" "${KAFKA_TLS_CLIENT_AUTH}" - configure_both ssl.keystore.type "${KAFKA_TLS_TYPE}" - configure_both ssl.truststore.type "${KAFKA_TLS_TYPE}" - local -r kafka_truststore_location="${KAFKA_CERTS_DIR}/$(basename "${KAFKA_TLS_TRUSTSTORE_FILE}")" - ! is_empty_value "${KAFKA_CERTIFICATE_PASSWORD:-}" && configure_both ssl.key.password "$KAFKA_CERTIFICATE_PASSWORD" - if [[ "$KAFKA_TLS_TYPE" = "PEM" ]]; then - file_to_multiline_property() { - awk 'NR > 1{print line"\\n\\"}{line=$0;}END{print $0" "}' <"${1:?missing file}" - } - remove_previous_cert_value() { - local key="${1:?missing key}" - files=( - "${KAFKA_CONF_FILE}" - "${KAFKA_CONF_DIR}/producer.properties" - "${KAFKA_CONF_DIR}/consumer.properties" - ) - for file in "${files[@]}"; do - if grep -q "^[#\\s]*$key\s*=.*" "$file"; then - # Delete all lines from the certificate beginning to its end - sed -i "/^[#\\s]*$key\s*=.*-----BEGIN/,/-----END/d" "$file" - fi - done - } - # We need to remove the previous cert value - # kafka_common_conf_set uses replace_in_file, which can't match multiple lines - remove_previous_cert_value ssl.keystore.key - remove_previous_cert_value ssl.keystore.certificate.chain - remove_previous_cert_value ssl.truststore.certificates - configure_both ssl.keystore.key "$(file_to_multiline_property "${KAFKA_CERTS_DIR}/kafka.keystore.key")" - configure_both ssl.keystore.certificate.chain "$(file_to_multiline_property "${KAFKA_CERTS_DIR}/kafka.keystore.pem")" - configure_both ssl.truststore.certificates "$(file_to_multiline_property "${kafka_truststore_location}")" - elif [[ "$KAFKA_TLS_TYPE" = "JKS" ]]; then - configure_both ssl.keystore.location "$KAFKA_CERTS_DIR"/kafka.keystore.jks - configure_both ssl.truststore.location "$kafka_truststore_location" - ! is_empty_value "${KAFKA_CERTIFICATE_PASSWORD:-}" && configure_both ssl.keystore.password "$KAFKA_CERTIFICATE_PASSWORD" - ! is_empty_value "${KAFKA_CERTIFICATE_PASSWORD:-}" && configure_both ssl.truststore.password "$KAFKA_CERTIFICATE_PASSWORD" - fi - true # Avoid the function to fail due to the check above -} - -######################## -# Get Zookeeper TLS settings -# Globals: -# KAFKA_ZOOKEEPER_TLS_* -# Arguments: -# None -# Returns: -# String -######################### -kafka_zookeeper_configure_tls() { - # Note that ZooKeeper does not support a key password different from the keystore password, - # so be sure to set the key password in the keystore to be identical to the keystore password; - # otherwise the connection attempt to Zookeeper will fail. - local keystore_location="" - local -r kafka_zk_truststore_location="${KAFKA_CERTS_DIR}/$(basename "${KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE}")" - - if [[ "$KAFKA_ZOOKEEPER_TLS_TYPE" = "JKS" ]] && [[ -f "${KAFKA_CERTS_DIR}/zookeeper.keystore.jks" ]]; then - keystore_location="${KAFKA_CERTS_DIR}/zookeeper.keystore.jks" - elif [[ "$KAFKA_ZOOKEEPER_TLS_TYPE" = "PEM" ]] && [[ -f "${KAFKA_CERTS_DIR}/zookeeper.keystore.pem" ]] && [[ -f "${KAFKA_CERTS_DIR}/zookeeper.keystore.key" ]]; then - # Concatenating private key into public certificate file - # This is needed to load keystore from location using PEM - keystore_location="${KAFKA_CERTS_DIR}/zookeeper.keypair.pem" - cat "${KAFKA_CERTS_DIR}/zookeeper.keystore.pem" "${KAFKA_CERTS_DIR}/zookeeper.keystore.key" > "$keystore_location" - fi - - kafka_server_conf_set "zookeeper.clientCnxnSocket" "org.apache.zookeeper.ClientCnxnSocketNetty" - kafka_server_conf_set "zookeeper.ssl.client.enable" "true" - is_boolean_yes "${KAFKA_ZOOKEEPER_TLS_VERIFY_HOSTNAME:-}" && kafka_server_conf_set "zookeeper.ssl.endpoint.identification.algorithm" "HTTPS" - ! is_empty_value "${keystore_location:-}" && kafka_server_conf_set "zookeeper.ssl.keystore.location" "${keystore_location}" - ! is_empty_value "${KAFKA_ZOOKEEPER_TLS_KEYSTORE_PASSWORD:-}" && kafka_server_conf_set "zookeeper.ssl.keystore.password" "${KAFKA_ZOOKEEPER_TLS_KEYSTORE_PASSWORD}" - ! is_empty_value "${kafka_zk_truststore_location:-}" && kafka_server_conf_set "zookeeper.ssl.truststore.location" "${kafka_zk_truststore_location}" - ! is_empty_value "${KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_PASSWORD:-}" && kafka_server_conf_set "zookeeper.ssl.truststore.password" "${KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_PASSWORD}" - true # Avoid the function to fail due to the check above -} - -######################## -# Configure Kafka configuration files from environment variables -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_configure_from_environment_variables() { - # List of special cases to apply to the variables - local -r exception_regexps=( - "s/sasl\.ssl/sasl_ssl/g" - "s/sasl\.plaintext/sasl_plaintext/g" - ) - # Map environment variables to config properties - for var in "${!KAFKA_CFG_@}"; do - key="$(echo "$var" | sed -e 's/^KAFKA_CFG_//g' -e 's/_/\./g' | tr '[:upper:]' '[:lower:]')" - - # Exception for the camel case in this environment variable - [[ "$var" == "KAFKA_CFG_ZOOKEEPER_CLIENTCNXNSOCKET" ]] && key="zookeeper.clientCnxnSocket" - - # Apply exception regexps - for regex in "${exception_regexps[@]}"; do - key="$(echo "$key" | sed "$regex")" - done - - value="${!var}" - # Skip empty variables from kafka-env.sh - ! is_empty_value "$value" && kafka_server_conf_set "$key" "$value" - done -} - -######################## -# Initialize KRaft storage -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_kraft_storage_initialize() { - local args=("--config" "$KAFKA_CONF_FILE" "--ignore-formatted") - info "Initializing KRaft storage metadata" - - # If cluster.id found in meta.properties, use it - if [[ -f "${KAFKA_DATA_DIR}/meta.properties" ]]; then - KAFKA_KRAFT_CLUSTER_ID=$(grep "^cluster.id=" "${KAFKA_DATA_DIR}/meta.properties" | sed -E 's/^cluster\.id=(\S+)$/\1/') - fi - - if is_empty_value "${KAFKA_KRAFT_CLUSTER_ID:-}"; then - warn "KAFKA_KRAFT_CLUSTER_ID not set - If using multiple nodes then you must use the same Cluster ID for each one" - KAFKA_KRAFT_CLUSTER_ID="$("${KAFKA_HOME}/bin/kafka-storage.sh" random-uuid)" - info "Generated Kafka cluster ID '${KAFKA_KRAFT_CLUSTER_ID}'" - fi - args+=("--cluster-id" "$KAFKA_KRAFT_CLUSTER_ID") - - # SCRAM users are configured during the cluster bootstrapping process and can later be manually updated using kafka-config.sh - if is_boolean_yes "${KAFKA_KRAFT_BOOTSTRAP_SCRAM_USERS:-}"; then - info "Adding KRaft SCRAM users at storage bootstrap" - read -r -a users <<<"$(tr ',;' ' ' <<<"${KAFKA_CLIENT_USERS}")" - read -r -a passwords <<<"$(tr ',;' ' ' <<<"${KAFKA_CLIENT_PASSWORDS}")" - # Configure SCRAM-SHA-256 if enabled - if grep -Eq "^sasl.enabled.mechanisms=.*SCRAM-SHA-256" "$KAFKA_CONF_FILE"; then - for ((i = 0; i < ${#users[@]}; i++)); do - args+=("--add-scram" "SCRAM-SHA-256=[name=${users[i]},password=${passwords[i]}]") - done - fi - # Configure SCRAM-SHA-512 if enabled - if grep -Eq "^sasl.enabled.mechanisms=.*SCRAM-SHA-512" "$KAFKA_CONF_FILE"; then - for ((i = 0; i < ${#users[@]}; i++)); do - args+=("--add-scram" "SCRAM-SHA-512=[name=${users[i]},password=${passwords[i]}]") - done - fi - # Add interbroker credentials - if grep -Eq "^sasl.mechanism.inter.broker.protocol=SCRAM-SHA-256" "$KAFKA_CONF_FILE"; then - args+=("--add-scram" "SCRAM-SHA-256=[name=${KAFKA_INTER_BROKER_USER},password=${KAFKA_INTER_BROKER_PASSWORD}]") - elif grep -Eq "^sasl.mechanism.inter.broker.protocol=SCRAM-SHA-512" "$KAFKA_CONF_FILE"; then - args+=("--add-scram" "SCRAM-SHA-512=[name=${KAFKA_INTER_BROKER_USER},password=${KAFKA_INTER_BROKER_PASSWORD}]") - fi - # Add controller credentials - if grep -Eq "^sasl.mechanism.controller.protocol=SCRAM-SHA-256" "$KAFKA_CONF_FILE"; then - args+=("--add-scram" "SCRAM-SHA-256=[name=${KAFKA_CONTROLLER_USER},password=${KAFKA_CONTROLLER_PASSWORD}]") - elif grep -Eq "^sasl.mechanism.controller.protocol=SCRAM-SHA-512" "$KAFKA_CONF_FILE"; then - args+=("--add-scram" "SCRAM-SHA-512=[name=${KAFKA_CONTROLLER_USER},password=${KAFKA_CONTROLLER_PASSWORD}]") - fi - fi - info "Formatting storage directories to add metadata..." - "${KAFKA_HOME}/bin/kafka-storage.sh" format "${args[@]}" -} - -######################## -# Detects inconsitences between the configuration at KAFKA_CONF_FILE and cluster-state file -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_kraft_quorum_voters_changed(){ - read -r -a quorum_voters_conf_ids <<<"$(grep "^controller.quorum.voters=" "$KAFKA_CONF_FILE" | sed "s/^controller.quorum.voters=//" | tr "," " " | sed -E "s/\@\S+//g")" - read -r -a quorum_voters_state_ids <<< "$(grep -Eo "\{\"voterId\":[0-9]+\}" "${KAFKA_DATA_DIR}/__cluster_metadata-0/quorum-state" | grep -Eo "[0-9]+" | tr "\n" " ")" - - if [[ "${#quorum_voters_conf_ids[@]}" != "${#quorum_voters_state_ids[@]}" ]]; then - true - else - read -r -a sorted_state <<< "$(echo "${quorum_voters_conf_ids[@]}" | tr ' ' '\n' | sort | tr '\n' ' ')" - read -r -a sorted_conf <<< "$(echo "${quorum_voters_state_ids[@]}" | tr ' ' '\n' | sort | tr '\n' ' ')" - if [[ "${sorted_state[*]}" = "${sorted_conf[*]}" ]]; then - false - else - true - fi - fi -} - -######################## -# Initialize Kafka -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_initialize() { - info "Initializing Kafka..." - # Check for mounted configuration files - if ! is_dir_empty "$KAFKA_MOUNTED_CONF_DIR"; then - cp -Lr "$KAFKA_MOUNTED_CONF_DIR"/* "$KAFKA_CONF_DIR" - fi - # Copy truststore to cert directory - for cert_var in KAFKA_TLS_TRUSTSTORE_FILE KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_FILE; do - # Only copy if the file exists and it is in a different location than KAFKA_CERTS_DIR (to avoid copying to the same location) - if [[ -f "${!cert_var}" ]] && ! [[ "${!cert_var}" =~ $KAFKA_CERTS_DIR ]]; then - info "Copying truststore ${!cert_var} to ${KAFKA_CERTS_DIR}" - cp -L "${!cert_var}" "$KAFKA_CERTS_DIR" - fi - done - - if [[ ! -f "${KAFKA_MOUNTED_CONF_DIR}/server.properties" ]]; then - info "No injected configuration files found, creating default config files" - # Restore original server.properties but remove Zookeeper/KRaft specific settings for compatibility with both architectures - cp "${KAFKA_CONF_DIR}/server.properties.original" "$KAFKA_CONF_FILE" - kafka_server_unify_conf - # Configure Kafka settings - kafka_server_conf_set log.dirs "$KAFKA_DATA_DIR" - kafka_configure_from_environment_variables - # Configure Kafka producer/consumer to set up message sizes - ! is_empty_value "${KAFKA_CFG_MAX_REQUEST_SIZE:-}" && kafka_common_conf_set "$KAFKA_CONF_DIR/producer.properties" max.request.size "$KAFKA_CFG_MAX_REQUEST_SIZE" - ! is_empty_value "${KAFKA_CFG_MAX_PARTITION_FETCH_BYTES:-}" && kafka_common_conf_set "$KAFKA_CONF_DIR/consumer.properties" max.partition.fetch.bytes "$KAFKA_CFG_MAX_PARTITION_FETCH_BYTES" - # Zookeeper mode additional settings - if ! is_empty_value "${KAFKA_CFG_ZOOKEEPER_CONNECT:-}"; then - if [[ "$KAFKA_ZOOKEEPER_PROTOCOL" =~ SSL ]]; then - kafka_zookeeper_configure_tls - fi - if [[ "$KAFKA_ZOOKEEPER_PROTOCOL" =~ SASL ]]; then - kafka_zookeeper_configure_jaas - fi - fi - # If at least one listener uses SSL or SASL_SSL, ensure SSL is configured - if kafka_has_ssl_listener; then - kafka_configure_ssl - fi - # If at least one listener uses SASL_PLAINTEXT or SASL_SSL, ensure SASL is configured - if kafka_has_sasl_listener; then - if [[ "$KAFKA_CFG_SASL_ENABLED_MECHANISMS" =~ SCRAM ]]; then - if ! is_empty_value "${KAFKA_CFG_PROCESS_ROLES:-}"; then - if [[ "$(kafka_get_version)" =~ ^3\.2\.|^3\.3\.|^3\.4\. ]]; then - # NOTE: This will depend on Kafka version when support for SCRAM is added - warn "KRaft mode requires Kafka version 3.5 or higher for SCRAM to be supported. SCRAM SASL mechanisms will now be disabled." - KAFKA_CFG_SASL_ENABLED_MECHANISMS=PLAIN - else - export KAFKA_KRAFT_BOOTSTRAP_SCRAM_USERS="true" - fi - fi - if ! is_empty_value "${KAFKA_CFG_ZOOKEEPER_CONNECT:-}"; then - export KAFKA_ZOOKEEPER_BOOTSTRAP_SCRAM_USERS="true" - fi - fi - kafka_server_conf_set sasl.enabled.mechanisms "$KAFKA_CFG_SASL_ENABLED_MECHANISMS" - fi - # Settings for each Kafka Listener are configured individually - read -r -a protocol_maps <<<"$(tr ',' ' ' <<<"$KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP")" - for protocol_map in "${protocol_maps[@]}"; do - read -r -a map <<<"$(tr ':' ' ' <<<"$protocol_map")" - # Obtain the listener and protocol from protocol map string, e.g. CONTROLLER:PLAINTEXT - listener="${map[0]}" - protocol="${map[1]}" - listener_lower="$(echo "$listener" | tr '[:upper:]' '[:lower:]')" - - if [[ "$protocol" = "SSL" || "$protocol" = "SASL_SSL" ]]; then - listener_upper="$(echo "$listener" | tr '[:lower:]' '[:upper:]')" - env_name="KAFKA_TLS_${listener_upper}_CLIENT_AUTH" - [[ -n "${!env_name:-}" ]] && kafka_server_conf_set "listener.name.${listener_lower}.ssl.client.auth" "${!env_name}" - fi - if [[ "$protocol" = "SASL_PLAINTEXT" || "$protocol" = "SASL_SSL" ]]; then - local role="" - if [[ "$listener" = "${KAFKA_CFG_INTER_BROKER_LISTENER_NAME:-INTERNAL}" ]]; then - kafka_server_conf_set sasl.mechanism.inter.broker.protocol "$KAFKA_CFG_SASL_MECHANISM_INTER_BROKER_PROTOCOL" - role="inter-broker" - elif [[ "${KAFKA_CFG_CONTROLLER_LISTENER_NAMES:-CONTROLLER}" =~ $listener ]]; then - kafka_server_conf_set sasl.mechanism.controller.protocol "$KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL" - kafka_server_conf_set "listener.name.${listener_lower}.sasl.enabled.mechanisms" "$KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL" - role="controller" - fi - # If KAFKA_CLIENT_LISTENER_NAME is found in the listeners list, configure the producer/consumer accordingly - if [[ "$listener" = "${KAFKA_CLIENT_LISTENER_NAME:-CLIENT}" ]]; then - kafka_configure_consumer_producer_jaas - kafka_producer_consumer_conf_set security.protocol "$protocol" - kafka_producer_consumer_conf_set sasl.mechanism "${KAFKA_CLIENT_SASL_MECHANISM:-$(kafka_client_sasl_mechanism)}" - fi - kafka_configure_server_jaas "$listener_lower" "${role:-}" - fi - done - else - info "Detected mounted server.properties file at ${KAFKA_MOUNTED_CONF_DIR}/server.properties. Skipping configuration based on env variables" - fi - true -} - -######################## -# Returns the most secure SASL mechanism available for Kafka clients -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################## -kafka_client_sasl_mechanism() { - local sasl_mechanism="" - - if [[ "$KAFKA_CFG_SASL_ENABLED_MECHANISMS" =~ SCRAM-SHA-512 ]]; then - sasl_mechanism="SCRAM-SHA-512" - elif [[ "$KAFKA_CFG_SASL_ENABLED_MECHANISMS" =~ SCRAM-SHA-256 ]]; then - sasl_mechanism="SCRAM-SHA-256" - elif [[ "$KAFKA_CFG_SASL_ENABLED_MECHANISMS" =~ PLAIN ]]; then - sasl_mechanism="PLAIN" - fi - echo "$sasl_mechanism" -} - -######################## -# Removes default settings referencing Zookeeper mode or KRaft mode -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################## -kafka_server_unify_conf() { - local -r remove_regexps=( - #Zookeeper - "s/^zookeeper\./#zookeeper./g" - "s/^group\.initial/#group.initial/g" - "s/^broker\./#broker./g" - "s/^node\./#node./g" - "s/^process\./#process./g" - "s/^listeners=/#listeners=/g" - "s/^listener\./#listener./g" - "s/^controller\./#controller./g" - "s/^inter\.broker/#inter.broker/g" - "s/^advertised\.listeners/#advertised.listeners/g" - ) - - # Map environment variables to config properties - for regex in "${remove_regexps[@]}"; do - sed -i "${regex}" "$KAFKA_CONF_FILE" - done -} - -######################## -# Dinamically set node.id/broker.id/controller.quorum.voters if their alternative environment variable _COMMAND is set -# Globals: -# KAFKA_*_COMMAND -# Arguments: -# None -# Returns: -# None -######################### -kafka_dynamic_environment_variables() { - # KRaft mode - if ! is_empty_value "${KAFKA_NODE_ID_COMMAND:-}"; then - KAFKA_CFG_NODE_ID="$(eval "${KAFKA_NODE_ID_COMMAND}")" - export KAFKA_CFG_NODE_ID - fi - if ! is_empty_value "${KAFKA_CONTROLLER_QUORUM_VOTERS_COMMAND:-}"; then - KAFKA_CFG_CONTROLLER_QUORUM_VOTERS="$(eval "${KAFKA_CONTROLLER_QUORUM_VOTERS_COMMAND}")" - export KAFKA_CFG_CONTROLLER_QUORUM_VOTERS - fi - # Zookeeper mode - # DEPRECATED - BROKER_ID_COMMAND has been deprecated, please use KAFKA_BROKER_ID_COMMAND instead - if ! is_empty_value "${KAFKA_BROKER_ID_COMMAND:-}"; then - KAFKA_CFG_BROKER_ID="$(eval "${KAFKA_BROKER_ID_COMMAND}")" - export KAFKA_CFG_BROKER_ID - elif ! is_empty_value "${BROKER_ID_COMMAND:-}"; then - KAFKA_CFG_BROKER_ID="$(eval "${BROKER_ID_COMMAND}")" - export KAFKA_CFG_BROKER_ID - fi -} - -######################## -# Run custom initialization scripts -# Globals: -# KAFKA_* -# Arguments: -# None -# Returns: -# None -######################### -kafka_custom_init_scripts() { - if [[ -n $(find "${KAFKA_INITSCRIPTS_DIR}/" -type f -regex ".*\.\(sh\)") ]] && [[ ! -f "${KAFKA_VOLUME_DIR}/.user_scripts_initialized" ]]; then - info "Loading user's custom files from $KAFKA_INITSCRIPTS_DIR" - for f in /docker-entrypoint-initdb.d/*; do - debug "Executing $f" - case "$f" in - *.sh) - if [[ -x "$f" ]]; then - if ! "$f"; then - error "Failed executing $f" - return 1 - fi - else - warn "Sourcing $f as it is not executable by the current user, any error may cause initialization to fail" - . "$f" - fi - ;; - *) - warn "Skipping $f, supported formats are: .sh" - ;; - esac - done - touch "$KAFKA_VOLUME_DIR"/.user_scripts_initialized - fi -} - -######################## -# Check if Kafka is running -# Globals: -# KAFKA_PID_FILE -# Arguments: -# None -# Returns: -# Whether Kafka is running -######################## -is_kafka_running() { - local pid - pid="$(get_pid_from_file "$KAFKA_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if Kafka is running -# Globals: -# KAFKA_PID_FILE -# Arguments: -# None -# Returns: -# Whether Kafka is not running -######################## -is_kafka_not_running() { - ! is_kafka_running -} - -######################## -# Stop Kafka -# Globals: -# KAFKA_PID_FILE -# Arguments: -# None -# Returns: -# None -######################### -kafka_stop() { - ! is_kafka_running && return - stop_service_using_pid "$KAFKA_PID_FILE" TERM -} diff --git a/bitnami/kafka/3.6/debian-11/tags-info.yaml b/bitnami/kafka/3.6/debian-11/tags-info.yaml deleted file mode 100644 index 3ec1994d566d..000000000000 --- a/bitnami/kafka/3.6/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "3.6" -- 3.6-debian-11 -- 3.6.1 -- latest diff --git a/bitnami/kaniko/1/debian-11/Dockerfile b/bitnami/kaniko/1/debian-11/Dockerfile deleted file mode 100644 index 3d1318b52b15..000000000000 --- a/bitnami/kaniko/1/debian-11/Dockerfile +++ /dev/null @@ -1,65 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye as builder - -ARG TARGETARCH - -ENV HOME="/root" \ - OS_ARCH="${TARGETARCH:-amd64}" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] - -# Install required system packages and dependencies -RUN install_packages ca-certificates curl -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "kaniko-1.20.1-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done - -RUN mkdir -p /out/kaniko/.docker /out/etc && cp /opt/bitnami/kaniko/bin/* /out/kaniko && cp /opt/bitnami/kaniko/nsswitch/nsswitch.conf /out/etc && chmod 775 /out/kaniko - -###### - -FROM scratch - -ARG TARGETARCH - -ENV HOME="/root" \ - OS_ARCH="${TARGETARCH:-amd64}" - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="scratch" \ - org.opencontainers.image.created="2024-02-20T06:39:33Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.20.1-debian-11-r1" \ - org.opencontainers.image.title="kaniko" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="1.20.1" - -COPY prebuildfs / -COPY rootfs / -COPY --from=builder /out / - -ENV APP_VERSION="1.20.1" \ - BITNAMI_APP_NAME="kaniko" \ - DOCKER_CONFIG="/kaniko/.docker" \ - DOCKER_CREDENTIAL_GCR_CONFIG="/kaniko/.config/gcloud/docker_credential_gcr_config.json" \ - PATH="/kaniko" \ - SSL_CERT_DIR="/etc/ssl/certs/" \ - USER="root" - -WORKDIR /workspace - -ENTRYPOINT [ "/kaniko/executor" ] diff --git a/bitnami/kaniko/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/kaniko/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 6402514665f7..000000000000 --- a/bitnami/kaniko/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "kaniko": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.20.1-1" - } -} \ No newline at end of file diff --git a/bitnami/kaniko/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/kaniko/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/kaniko/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/kaniko/1/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/kaniko/1/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/kaniko/1/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/kaniko/1/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/kaniko/1/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/kaniko/1/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/kaniko/1/debian-11/rootfs/etc/ssl/certs/ca-certificates.crt b/bitnami/kaniko/1/debian-11/rootfs/etc/ssl/certs/ca-certificates.crt deleted file mode 100644 index 2d584626cce6..000000000000 --- a/bitnami/kaniko/1/debian-11/rootfs/etc/ssl/certs/ca-certificates.crt +++ /dev/null @@ -1,3864 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIH0zCCBbugAwIBAgIIXsO3pkN/pOAwDQYJKoZIhvcNAQEFBQAwQjESMBAGA1UE -AwwJQUNDVlJBSVoxMRAwDgYDVQQLDAdQS0lBQ0NWMQ0wCwYDVQQKDARBQ0NWMQsw -CQYDVQQGEwJFUzAeFw0xMTA1MDUwOTM3MzdaFw0zMDEyMzEwOTM3MzdaMEIxEjAQ -BgNVBAMMCUFDQ1ZSQUlaMTEQMA4GA1UECwwHUEtJQUNDVjENMAsGA1UECgwEQUND -VjELMAkGA1UEBhMCRVMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCb -qau/YUqXry+XZpp0X9DZlv3P4uRm7x8fRzPCRKPfmt4ftVTdFXxpNRFvu8gMjmoY -HtiP2Ra8EEg2XPBjs5BaXCQ316PWywlxufEBcoSwfdtNgM3802/J+Nq2DoLSRYWo -G2ioPej0RGy9ocLLA76MPhMAhN9KSMDjIgro6TenGEyxCQ0jVn8ETdkXhBilyNpA -lHPrzg5XPAOBOp0KoVdDaaxXbXmQeOW1tDvYvEyNKKGno6e6Ak4l0Squ7a4DIrhr -IA8wKFSVf+DuzgpmndFALW4ir50awQUZ0m/A8p/4e7MCQvtQqR0tkw8jq8bBD5L/ -0KIV9VMJcRz/RROE5iZe+OCIHAr8Fraocwa48GOEAqDGWuzndN9wrqODJerWx5eH -k6fGioozl2A3ED6XPm4pFdahD9GILBKfb6qkxkLrQaLjlUPTAYVtjrs78yM2x/47 -4KElB0iryYl0/wiPgL/AlmXz7uxLaL2diMMxs0Dx6M/2OLuc5NF/1OVYm3z61PMO -m3WR5LpSLhl+0fXNWhn8ugb2+1KoS5kE3fj5tItQo05iifCHJPqDQsGH+tUtKSpa -cXpkatcnYGMN285J9Y0fkIkyF/hzQ7jSWpOGYdbhdQrqeWZ2iE9x6wQl1gpaepPl -uUsXQA+xtrn13k/c4LOsOxFwYIRKQ26ZIMApcQrAZQIDAQABo4ICyzCCAscwfQYI -KwYBBQUHAQEEcTBvMEwGCCsGAQUFBzAChkBodHRwOi8vd3d3LmFjY3YuZXMvZmls -ZWFkbWluL0FyY2hpdm9zL2NlcnRpZmljYWRvcy9yYWl6YWNjdjEuY3J0MB8GCCsG -AQUFBzABhhNodHRwOi8vb2NzcC5hY2N2LmVzMB0GA1UdDgQWBBTSh7Tj3zcnk1X2 -VuqB5TbMjB4/vTAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFNKHtOPfNyeT -VfZW6oHlNsyMHj+9MIIBcwYDVR0gBIIBajCCAWYwggFiBgRVHSAAMIIBWDCCASIG -CCsGAQUFBwICMIIBFB6CARAAQQB1AHQAbwByAGkAZABhAGQAIABkAGUAIABDAGUA -cgB0AGkAZgBpAGMAYQBjAGkA8wBuACAAUgBhAO0AegAgAGQAZQAgAGwAYQAgAEEA -QwBDAFYAIAAoAEEAZwBlAG4AYwBpAGEAIABkAGUAIABUAGUAYwBuAG8AbABvAGcA -7QBhACAAeQAgAEMAZQByAHQAaQBmAGkAYwBhAGMAaQDzAG4AIABFAGwAZQBjAHQA -cgDzAG4AaQBjAGEALAAgAEMASQBGACAAUQA0ADYAMAAxADEANQA2AEUAKQAuACAA -QwBQAFMAIABlAG4AIABoAHQAdABwADoALwAvAHcAdwB3AC4AYQBjAGMAdgAuAGUA -czAwBggrBgEFBQcCARYkaHR0cDovL3d3dy5hY2N2LmVzL2xlZ2lzbGFjaW9uX2Mu -aHRtMFUGA1UdHwROMEwwSqBIoEaGRGh0dHA6Ly93d3cuYWNjdi5lcy9maWxlYWRt -aW4vQXJjaGl2b3MvY2VydGlmaWNhZG9zL3JhaXphY2N2MV9kZXIuY3JsMA4GA1Ud -DwEB/wQEAwIBBjAXBgNVHREEEDAOgQxhY2N2QGFjY3YuZXMwDQYJKoZIhvcNAQEF -BQADggIBAJcxAp/n/UNnSEQU5CmH7UwoZtCPNdpNYbdKl02125DgBS4OxnnQ8pdp -D70ER9m+27Up2pvZrqmZ1dM8MJP1jaGo/AaNRPTKFpV8M9xii6g3+CfYCS0b78gU -JyCpZET/LtZ1qmxNYEAZSUNUY9rizLpm5U9EelvZaoErQNV/+QEnWCzI7UiRfD+m -AM/EKXMRNt6GGT6d7hmKG9Ww7Y49nCrADdg9ZuM8Db3VlFzi4qc1GwQA9j9ajepD -vV+JHanBsMyZ4k0ACtrJJ1vnE5Bc5PUzolVt3OAJTS+xJlsndQAJxGJ3KQhfnlms -tn6tn1QwIgPBHnFk/vk4CpYY3QIUrCPLBhwepH2NDd4nQeit2hW3sCPdK6jT2iWH -7ehVRE2I9DZ+hJp4rPcOVkkO1jMl1oRQQmwgEh0q1b688nCBpHBgvgW1m54ERL5h -I6zppSSMEYCUWqKiuUnSwdzRp+0xESyeGabu4VXhwOrPDYTkF7eifKXeVSUG7szA -h1xA2syVP1XgNce4hL60Xc16gwFy7ofmXx2utYXGJt/mwZrpHgJHnyqobalbz+xF -d3+YJ5oyXSrjhO7FmGYvliAd3djDJ9ew+f7Zfc3Qn48LFFhRny+Lwzgt3uiP1o2H -pPVWQxaZLPSkVrQ0uGE3ycJYgBugl6H8WY3pEfbRD0tVNEYqi4Y7 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFgzCCA2ugAwIBAgIPXZONMGc2yAYdGsdUhGkHMA0GCSqGSIb3DQEBCwUAMDsx -CzAJBgNVBAYTAkVTMREwDwYDVQQKDAhGTk1ULVJDTTEZMBcGA1UECwwQQUMgUkFJ -WiBGTk1ULVJDTTAeFw0wODEwMjkxNTU5NTZaFw0zMDAxMDEwMDAwMDBaMDsxCzAJ -BgNVBAYTAkVTMREwDwYDVQQKDAhGTk1ULVJDTTEZMBcGA1UECwwQQUMgUkFJWiBG -Tk1ULVJDTTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALpxgHpMhm5/ -yBNtwMZ9HACXjywMI7sQmkCpGreHiPibVmr75nuOi5KOpyVdWRHbNi63URcfqQgf -BBckWKo3Shjf5TnUV/3XwSyRAZHiItQDwFj8d0fsjz50Q7qsNI1NOHZnjrDIbzAz -WHFctPVrbtQBULgTfmxKo0nRIBnuvMApGGWn3v7v3QqQIecaZ5JCEJhfTzC8PhxF -tBDXaEAUwED653cXeuYLj2VbPNmaUtu1vZ5Gzz3rkQUCwJaydkxNEJY7kvqcfw+Z -374jNUUeAlz+taibmSXaXvMiwzn15Cou08YfxGyqxRxqAQVKL9LFwag0Jl1mpdIC -IfkYtwb1TplvqKtMUejPUBjFd8g5CSxJkjKZqLsXF3mwWsXmo8RZZUc1g16p6DUL -mbvkzSDGm0oGObVo/CK67lWMK07q87Hj/LaZmtVC+nFNCM+HHmpxffnTtOmlcYF7 -wk5HlqX2doWjKI/pgG6BU6VtX7hI+cL5NqYuSf+4lsKMB7ObiFj86xsc3i1w4peS -MKGJ47xVqCfWS+2QrYv6YyVZLag13cqXM7zlzced0ezvXg5KkAYmY6252TUtB7p2 -ZSysV4999AeU14ECll2jB0nVetBX+RvnU0Z1qrB5QstocQjpYL05ac70r8NWQMet -UqIJ5G+GR4of6ygnXYMgrwTJbFaai0b1AgMBAAGjgYMwgYAwDwYDVR0TAQH/BAUw -AwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFPd9xf3E6Jobd2Sn9R2gzL+H -YJptMD4GA1UdIAQ3MDUwMwYEVR0gADArMCkGCCsGAQUFBwIBFh1odHRwOi8vd3d3 -LmNlcnQuZm5tdC5lcy9kcGNzLzANBgkqhkiG9w0BAQsFAAOCAgEAB5BK3/MjTvDD -nFFlm5wioooMhfNzKWtN/gHiqQxjAb8EZ6WdmF/9ARP67Jpi6Yb+tmLSbkyU+8B1 -RXxlDPiyN8+sD8+Nb/kZ94/sHvJwnvDKuO+3/3Y3dlv2bojzr2IyIpMNOmqOFGYM -LVN0V2Ue1bLdI4E7pWYjJ2cJj+F3qkPNZVEI7VFY/uY5+ctHhKQV8Xa7pO6kO8Rf -77IzlhEYt8llvhjho6Tc+hj507wTmzl6NLrTQfv6MooqtyuGC2mDOL7Nii4LcK2N -JpLuHvUBKwrZ1pebbuCoGRw6IYsMHkCtA+fdZn71uSANA+iW+YJF1DngoABd15jm -fZ5nc8OaKveri6E6FO80vFIOiZiaBECEHX5FaZNXzuvO+FB8TxxuBEOb+dY7Ixjp -6o7RTUaN8Tvkasq6+yO3m/qZASlaWFot4/nUbQ4mrcFuNLwy+AwF+mWj2zs3gyLp -1txyM/1d8iC9djwj2ij3+RvrWWTV3F9yfiD8zYm1kGdNYno/Tq0dwzn+evQoFt9B -9kiABdcPUXmsEKvU7ANm5mqwujGSQkBqvjrTcuFqN1W8rB2Vt2lh8kORdOag0wok -RqEIr9baRRmW1FMdW4R58MD3R++Lj8UGrp1MYp3/RgT408m2ECVAdf4WqslKYIYv -uu8wd+RU4riEmViAqhOLUTpPSPaLtrM= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIGZjCCBE6gAwIBAgIPB35Sk3vgFeNX8GmMy+wMMA0GCSqGSIb3DQEBBQUAMHsx -CzAJBgNVBAYTAkNPMUcwRQYDVQQKDD5Tb2NpZWRhZCBDYW1lcmFsIGRlIENlcnRp -ZmljYWNpw7NuIERpZ2l0YWwgLSBDZXJ0aWPDoW1hcmEgUy5BLjEjMCEGA1UEAwwa -QUMgUmHDrXogQ2VydGljw6FtYXJhIFMuQS4wHhcNMDYxMTI3MjA0NjI5WhcNMzAw -NDAyMjE0MjAyWjB7MQswCQYDVQQGEwJDTzFHMEUGA1UECgw+U29jaWVkYWQgQ2Ft -ZXJhbCBkZSBDZXJ0aWZpY2FjacOzbiBEaWdpdGFsIC0gQ2VydGljw6FtYXJhIFMu -QS4xIzAhBgNVBAMMGkFDIFJhw616IENlcnRpY8OhbWFyYSBTLkEuMIICIjANBgkq -hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAq2uJo1PMSCMI+8PPUZYILrgIem08kBeG -qentLhM0R7LQcNzJPNCNyu5LF6vQhbCnIwTLqKL85XXbQMpiiY9QngE9JlsYhBzL -fDe3fezTf3MZsGqy2IiKLUV0qPezuMDU2s0iiXRNWhU5cxh0T7XrmafBHoi0wpOQ -Y5fzp6cSsgkiBzPZkc0OnB8OIMfuuzONj8LSWKdf/WU34ojC2I+GdV75LaeHM/J4 -Ny+LvB2GNzmxlPLYvEqcgxhaBvzz1NS6jBUJJfD5to0EfhcSM2tXSExP2yYe68yQ -54v5aHxwD6Mq0Do43zeX4lvegGHTgNiRg0JaTASJaBE8rF9ogEHMYELODVoqDA+b -MMCm8Ibbq0nXl21Ii/kDwFJnmxL3wvIumGVC2daa49AZMQyth9VXAnow6IYm+48j -ilSH5L887uvDdUhfHjlvgWJsxS3EF1QZtzeNnDeRyPYL1epjb4OsOMLzP96a++Ej -YfDIJss2yKHzMI+ko6Kh3VOz3vCaMh+DkXkwwakfU5tTohVTP92dsxA7SH2JD/zt -A/X7JWR1DhcZDY8AFmd5ekD8LVkH2ZD6mq093ICK5lw1omdMEWux+IBkAC1vImHF -rEsm5VoQgpukg3s0956JkSCXjrdCx2bD0Omk1vUgjcTDlaxECp1bczwmPS9KvqfJ -pxAe+59QafMCAwEAAaOB5jCB4zAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE -AwIBBjAdBgNVHQ4EFgQU0QnQ6dfOeXRU+Tows/RtLAMDG2gwgaAGA1UdIASBmDCB -lTCBkgYEVR0gADCBiTArBggrBgEFBQcCARYfaHR0cDovL3d3dy5jZXJ0aWNhbWFy -YS5jb20vZHBjLzBaBggrBgEFBQcCAjBOGkxMaW1pdGFjaW9uZXMgZGUgZ2FyYW50 -7WFzIGRlIGVzdGUgY2VydGlmaWNhZG8gc2UgcHVlZGVuIGVuY29udHJhciBlbiBs -YSBEUEMuMA0GCSqGSIb3DQEBBQUAA4ICAQBclLW4RZFNjmEfAygPU3zmpFmps4p6 -xbD/CHwso3EcIRNnoZUSQDWDg4902zNc8El2CoFS3UnUmjIz75uny3XlesuXEpBc -unvFm9+7OSPI/5jOCk0iAUgHforA1SBClETvv3eiiWdIG0ADBaGJ7M9i4z0ldma/ -Jre7Ir5v/zlXdLp6yQGVwZVR6Kss+LGGIOk/yzVb0hfpKv6DExdA7ohiZVvVO2Dp -ezy4ydV/NgIlqmjCMRW3MGXrfx1IebHPOeJCgBbT9ZMj/EyXyVo3bHwi2ErN0o42 -gzmRkBDI8ck1fj+404HGIGQatlDCIaR43NAvO2STdPCWkPHv+wlaNECW8DYSwaN0 -jJN+Qd53i+yG2dIPPy3RzECiiWZIHiCznCNZc6lEc7wkeZBWN7PGKX6jD/EpOe9+ -XCgycDWs2rjIdWb8m0w5R44bb5tNAlQiM+9hup4phO9OSzNHdpdqy35f/RWmnkJD -W2ZaiogN9xa5P1FlK2Zqi9E4UqLWRhH6/JocdJ6PlwsCT2TG9WjTSy3/pDceiz+/ -RL5hRqGEPQgnTIEgd4kI6mdAXmwIUV80WoyWaM3X94nCHNMyAK9Sy9NgWyo6R35r -MDOhYil/SrnhLecUIw4OGEfhefwVVdCx/CVxY3UzHCMrr1zZ7Ud3YA47Dx7SwNxk -BYn8eNZcLCZDqQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFuzCCA6OgAwIBAgIIVwoRl0LE48wwDQYJKoZIhvcNAQELBQAwazELMAkGA1UE -BhMCSVQxDjAMBgNVBAcMBU1pbGFuMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8w -MzM1ODUyMDk2NzEnMCUGA1UEAwweQWN0YWxpcyBBdXRoZW50aWNhdGlvbiBSb290 -IENBMB4XDTExMDkyMjExMjIwMloXDTMwMDkyMjExMjIwMlowazELMAkGA1UEBhMC -SVQxDjAMBgNVBAcMBU1pbGFuMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8wMzM1 -ODUyMDk2NzEnMCUGA1UEAwweQWN0YWxpcyBBdXRoZW50aWNhdGlvbiBSb290IENB -MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAp8bEpSmkLO/lGMWwUKNv -UTufClrJwkg4CsIcoBh/kbWHuUA/3R1oHwiD1S0eiKD4j1aPbZkCkpAW1V8IbInX -4ay8IMKx4INRimlNAJZaby/ARH6jDuSRzVju3PvHHkVH3Se5CAGfpiEd9UEtL0z9 -KK3giq0itFZljoZUj5NDKd45RnijMCO6zfB9E1fAXdKDa0hMxKufgFpbOr3JpyI/ -gCczWw63igxdBzcIy2zSekciRDXFzMwujt0q7bd9Zg1fYVEiVRvjRuPjPdA1Yprb -rxTIW6HMiRvhMCb8oJsfgadHHwTrozmSBp+Z07/T6k9QnBn+locePGX2oxgkg4YQ -51Q+qDp2JE+BIcXjDwL4k5RHILv+1A7TaLndxHqEguNTVHnd25zS8gebLra8Pu2F -be8lEfKXGkJh90qX6IuxEAf6ZYGyojnP9zz/GPvG8VqLWeICrHuS0E4UT1lF9gxe -KF+w6D9Fz8+vm2/7hNN3WpVvrJSEnu68wEqPSpP4RCHiMUVhUE4Q2OM1fEwZtN4F -v6MGn8i1zeQf1xcGDXqVdFUNaBr8EBtiZJ1t4JWgw5QHVw0U5r0F+7if5t+L4sbn -fpb2U8WANFAoWPASUHEXMLrmeGO89LKtmyuy/uE5jF66CyCU3nuDuP/jVo23Eek7 -jPKxwV2dpAtMK9myGPW1n0sCAwEAAaNjMGEwHQYDVR0OBBYEFFLYiDrIn3hm7Ynz -ezhwlMkCAjbQMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUUtiIOsifeGbt -ifN7OHCUyQICNtAwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4ICAQAL -e3KHwGCmSUyIWOYdiPcUZEim2FgKDk8TNd81HdTtBjHIgT5q1d07GjLukD0R0i70 -jsNjLiNmsGe+b7bAEzlgqqI0JZN1Ut6nna0Oh4lScWoWPBkdg/iaKWW+9D+a2fDz -WochcYBNy+A4mz+7+uAwTc+G02UQGRjRlwKxK3JCaKygvU5a2hi/a5iB0P2avl4V -SM0RFbnAKVy06Ij3Pjaut2L9HmLecHgQHEhb2rykOLpn7VU+Xlff1ANATIGk0k9j -pwlCCRT8AKnCgHNPLsBA2RF7SOp6AsDT6ygBJlh0wcBzIm2Tlf05fbsq4/aC4yyX -X04fkZT6/iyj2HYauE2yOE+b+h1IYHkm4vP9qdCa6HCPSXrW5b0KDtst842/6+Ok -fcvHlXHo2qN8xcL4dJIEG4aspCJTQLas/kx2z/uUMsA1n3Y/buWQbqCmJqK4LL7R -K4X9p2jIugErsWx0Hbhzlefut8cl8ABMALJ+tguLHPPAUJ4lueAI3jZm/zel0btU -ZCzJJ7VLkn5l/9Mt4blOvH+kQSGQQXemOR/qnuOf0GZvBeyqdn6/axag67XH/JJU -LysRJyU3eExRarDzzFhdFPFqSBX/wge2sY0PjlxQRrM9vwGYT7JZVEc+NHt4bVaT -LnPqZih4zR0Uv6CPLy64Lo7yFIrM6bV8+2ydDKXhlg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIENjCCAx6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBvMQswCQYDVQQGEwJTRTEU -MBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4dGVybmFs -IFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBFeHRlcm5hbCBDQSBSb290 -MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFowbzELMAkGA1UEBhMCU0Ux -FDASBgNVBAoTC0FkZFRydXN0IEFCMSYwJAYDVQQLEx1BZGRUcnVzdCBFeHRlcm5h -bCBUVFAgTmV0d29yazEiMCAGA1UEAxMZQWRkVHJ1c3QgRXh0ZXJuYWwgQ0EgUm9v -dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALf3GjPm8gAELTngTlvt -H7xsD821+iO2zt6bETOXpClMfZOfvUq8k+0DGuOPz+VtUFrWlymUWoCwSXrbLpX9 -uMq/NzgtHj6RQa1wVsfwTz/oMp50ysiQVOnGXw94nZpAPA6sYapeFI+eh6FqUNzX -mk6vBbOmcZSccbNQYArHE504B4YCqOmoaSYYkKtMsE8jqzpPhNjfzp/haW+710LX -a0Tkx63ubUFfclpxCDezeWWkWaCUN/cALw3CknLa0Dhy2xSoRcRdKn23tNbE7qzN -E0S3ySvdQwAl+mG5aWpYIxG3pzOPVnVZ9c0p10a3CitlttNCbxWyuHv77+ldU9U0 -WicCAwEAAaOB3DCB2TAdBgNVHQ4EFgQUrb2YejS0Jvf6xCZU7wO94CTLVBowCwYD -VR0PBAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wgZkGA1UdIwSBkTCBjoAUrb2YejS0 -Jvf6xCZU7wO94CTLVBqhc6RxMG8xCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRU -cnVzdCBBQjEmMCQGA1UECxMdQWRkVHJ1c3QgRXh0ZXJuYWwgVFRQIE5ldHdvcmsx -IjAgBgNVBAMTGUFkZFRydXN0IEV4dGVybmFsIENBIFJvb3SCAQEwDQYJKoZIhvcN -AQEFBQADggEBALCb4IUlwtYj4g+WBpKdQZic2YR5gdkeWxQHIzZlj7DYd7usQWxH -YINRsPkyPef89iYTx4AWpb9a/IfPeHmJIZriTAcKhjW88t5RxNKWt9x+Tu5w/Rw5 -6wwCURQtjr0W4MHfRnXnJK3s9EK0hZNwEGe6nQY1ShjTK3rMUUKhemPR5ruhxSvC -Nr4TDea9Y355e6cJDUCrat2PisP29owaQgVR1EX1n6diIWgVIEM8med8vSTYqZEX -c4g/VhsxOBi0cQ+azcgOno4uG+GMmIPLHzHxREzGBHNJdmAPx/i9F4BrLunMTA5a -mnkPIAou1Z5jJh5VkpTYghdae9C8x49OhgQ= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEGDCCAwCgAwIBAgIBATANBgkqhkiG9w0BAQUFADBlMQswCQYDVQQGEwJTRTEU -MBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3 -b3JrMSEwHwYDVQQDExhBZGRUcnVzdCBDbGFzcyAxIENBIFJvb3QwHhcNMDAwNTMw -MTAzODMxWhcNMjAwNTMwMTAzODMxWjBlMQswCQYDVQQGEwJTRTEUMBIGA1UEChML -QWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3b3JrMSEwHwYD -VQQDExhBZGRUcnVzdCBDbGFzcyAxIENBIFJvb3QwggEiMA0GCSqGSIb3DQEBAQUA -A4IBDwAwggEKAoIBAQCWltQhSWDia+hBBwzexODcEyPNwTXH+9ZOEQpnXvUGW2ul -CDtbKRY654eyNAbFvAWlA3yCyykQruGIgb3WntP+LVbBFc7jJp0VLhD7Bo8wBN6n -tGO0/7Gcrjyvd7ZWxbWroulpOj0OM3kyP3CCkplhbY0wCI9xP6ZIVxn4JdxLZlyl -dI+Yrsj5wAYi56xz36Uu+1LcsRVlIPo1Zmne3yzxbrww2ywkEtvrNTVokMsAsJch -PXQhI2U0K7t4WaPW4XY5mqRJjox0r26kmqPZm9I4XJuiGMx1I4S+6+JNM3GOGvDC -+Mcdoq0Dlyz4zyXG9rgkMbFjXZJ/Y/AlyVMuH79NAgMBAAGjgdIwgc8wHQYDVR0O -BBYEFJWxtPCUtr3H2tERCSG+wa9J/RB7MAsGA1UdDwQEAwIBBjAPBgNVHRMBAf8E -BTADAQH/MIGPBgNVHSMEgYcwgYSAFJWxtPCUtr3H2tERCSG+wa9J/RB7oWmkZzBl -MQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFk -ZFRydXN0IFRUUCBOZXR3b3JrMSEwHwYDVQQDExhBZGRUcnVzdCBDbGFzcyAxIENB -IFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBACxtZBsfzQ3duQH6lmM0MkhHma6X -7f1yFqZzR1r0693p9db7RcwpiURdv0Y5PejuvE1Uhh4dbOMXJ0PhiVYrqW9yTkkz -43J8KiOavD7/KCrto/8cI7pDVwlnTUtiBi34/2ydYB7YHEt9tTEv2dB8Xfjea4MY -eDdXL+gzB2ffHsdrKpV2ro9Xo/D0UrSpUwjP4E/TelOL/bscVjby/rK25Xa71SJl -pz/+0WatC7xrmYbvP33zGDLKe8bjq2RGlfgmadlVg3sslgf/WSxEo8bl6ancoWOA -WiFeIc9TVPC6b4nbqKqVz4vjccweGyBECMB6tkD9xOQ14R0WHNC8K47Wcdk= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDTDCCAjSgAwIBAgIId3cGJyapsXwwDQYJKoZIhvcNAQELBQAwRDELMAkGA1UE -BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVz -dCBDb21tZXJjaWFsMB4XDTEwMDEyOTE0MDYwNloXDTMwMTIzMTE0MDYwNlowRDEL -MAkGA1UEBhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZp -cm1UcnVzdCBDb21tZXJjaWFsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC -AQEA9htPZwcroRX1BiLLHwGy43NFBkRJLLtJJRTWzsO3qyxPxkEylFf6EqdbDuKP -Hx6GGaeqtS25Xw2Kwq+FNXkyLbscYjfysVtKPcrNcV/pQr6U6Mje+SJIZMblq8Yr -ba0F8PrVC8+a5fBQpIs7R6UjW3p6+DM/uO+Zl+MgwdYoic+U+7lF7eNAFxHUdPAL -MeIrJmqbTFeurCA+ukV6BfO9m2kVrn1OIGPENXY6BwLJN/3HR+7o8XYdcxXyl6S1 -yHp52UKqK39c/s4mT6NmgTWvRLpUHhwwMmWd5jyTXlBOeuM61G7MGvv50jeuJCqr -VwMiKA1JdX+3KNp1v47j3A55MQIDAQABo0IwQDAdBgNVHQ4EFgQUnZPGU4teyq8/ -nx4P5ZmVvCT2lI8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwDQYJ -KoZIhvcNAQELBQADggEBAFis9AQOzcAN/wr91LoWXym9e2iZWEnStB03TX8nfUYG -XUPGhi4+c7ImfU+TqbbEKpqrIZcUsd6M06uJFdhrJNTxFq7YpFzUf1GO7RgBsZNj -vbz4YYCanrHOQnDiqX0GJX0nof5v7LMeJNrjS1UaADs1tDvZ110w/YETifLCBivt -Z8SOyUOyXGsViQK8YvxO8rUzqrJv0wqiUOP2O+guRMLbZjipM1ZI8W0bM40NjD9g -N53Tym1+NH4Nn3J2ixufcv1SNUFFApYvHLKac0khsUlHRUe072o0EclNmsxZt9YC -nlpOZbWUrhvfKbAW8b8Angc6F2S1BLUjIZkKlTuXfO8= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDTDCCAjSgAwIBAgIIfE8EORzUmS0wDQYJKoZIhvcNAQEFBQAwRDELMAkGA1UE -BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVz -dCBOZXR3b3JraW5nMB4XDTEwMDEyOTE0MDgyNFoXDTMwMTIzMTE0MDgyNFowRDEL -MAkGA1UEBhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZp -cm1UcnVzdCBOZXR3b3JraW5nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC -AQEAtITMMxcua5Rsa2FSoOujz3mUTOWUgJnLVWREZY9nZOIG41w3SfYvm4SEHi3y -YJ0wTsyEheIszx6e/jarM3c1RNg1lho9Nuh6DtjVR6FqaYvZ/Ls6rnla1fTWcbua -kCNrmreIdIcMHl+5ni36q1Mr3Lt2PpNMCAiMHqIjHNRqrSK6mQEubWXLviRmVSRL -QESxG9fhwoXA3hA/Pe24/PHxI1Pcv2WXb9n5QHGNfb2V1M6+oF4nI979ptAmDgAp -6zxG8D1gvz9Q0twmQVGeFDdCBKNwV6gbh+0t+nvujArjqWaJGctB+d1ENmHP4ndG -yH329JKBNv3bNPFyfvMMFr20FQIDAQABo0IwQDAdBgNVHQ4EFgQUBx/S55zawm6i -QLSwelAQUHTEyL0wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwDQYJ -KoZIhvcNAQEFBQADggEBAIlXshZ6qML91tmbmzTCnLQyFE2npN/svqe++EPbkTfO -tDIuUFUaNU52Q3Eg75N3ThVwLofDwR1t3Mu1J9QsVtFSUzpE0nPIxBsFZVpikpzu -QY0x2+c06lkh1QF612S4ZDnNye2v7UsDSKegmQGA3GWjNq5lWUhPgkvIZfFXHeVZ -Lgo/bNjR9eUJtGxUAArgFU2HdW23WJZa3W3SAKD0m0i+wzekujbgfIeFlxoVot4u -olu9rxj5kFDNcFn4J2dHy8egBzp90SxdbBk6ZrV9/ZFvgrG+CJPbFEfxojfHRZ48 -x3evZKiT3/Zpg4Jg8klCNO1aAFSFHBY2kgxc+qatv9s= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFRjCCAy6gAwIBAgIIbYwURrGmCu4wDQYJKoZIhvcNAQEMBQAwQTELMAkGA1UE -BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MRwwGgYDVQQDDBNBZmZpcm1UcnVz -dCBQcmVtaXVtMB4XDTEwMDEyOTE0MTAzNloXDTQwMTIzMTE0MTAzNlowQTELMAkG -A1UEBhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MRwwGgYDVQQDDBNBZmZpcm1U -cnVzdCBQcmVtaXVtMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxBLf -qV/+Qd3d9Z+K4/as4Tx4mrzY8H96oDMq3I0gW64tb+eT2TZwamjPjlGjhVtnBKAQ -JG9dKILBl1fYSCkTtuG+kU3fhQxTGJoeJKJPj/CihQvL9Cl/0qRY7iZNyaqoe5rZ -+jjeRFcV5fiMyNlI4g0WJx0eyIOFJbe6qlVBzAMiSy2RjYvmia9mx+n/K+k8rNrS -s8PhaJyJ+HoAVt70VZVs+7pk3WKL3wt3MutizCaam7uqYoNMtAZ6MMgpv+0GTZe5 -HMQxK9VfvFMSF5yZVylmd2EhMQcuJUmdGPLu8ytxjLW6OQdJd/zvLpKQBY0tL3d7 -70O/Nbua2Plzpyzy0FfuKE4mX4+QaAkvuPjcBukumj5Rp9EixAqnOEhss/n/fauG -V+O61oV4d7pD6kh/9ti+I20ev9E2bFhc8e6kGVQa9QPSdubhjL08s9NIS+LI+H+S -qHZGnEJlPqQewQcDWkYtuJfzt9WyVSHvutxMAJf7FJUnM7/oQ0dG0giZFmA7mn7S -5u046uwBHjxIVkkJx0w3AJ6IDsBz4W9m6XJHMD4Q5QsDyZpCAGzFlH5hxIrff4Ia -C1nEWTJ3s7xgaVY5/bQGeyzWZDbZvUjthB9+pSKPKrhC9IK31FOQeE4tGv2Bb0TX -OwF0lkLgAOIua+rF7nKsu7/+6qqo+Nz2snmKtmcCAwEAAaNCMEAwHQYDVR0OBBYE -FJ3AZ6YMItkm9UWrpmVSESfYRaxjMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/ -BAQDAgEGMA0GCSqGSIb3DQEBDAUAA4ICAQCzV00QYk465KzquByvMiPIs0laUZx2 -KI15qldGF9X1Uva3ROgIRL8YhNILgM3FEv0AVQVhh0HctSSePMTYyPtwni94loMg -Nt58D2kTiKV1NpgIpsbfrM7jWNa3Pt668+s0QNiigfV4Py/VpfzZotReBA4Xrf5B -8OWycvpEgjNC6C1Y91aMYj+6QrCcDFx+LmUmXFNPALJ4fqENmS2NuB2OosSw/WDQ -MKSOyARiqcTtNd56l+0OOF6SL5Nwpamcb6d9Ex1+xghIsV5n61EIJenmJWtSKZGc -0jlzCFfemQa0W50QBuHCAKi4HEoCChTQwUHK+4w1IX2COPKpVJEZNZOUbWo6xbLQ -u4mGk+ibyQ86p3q4ofB4Rvr8Ny/lioTz3/4E2aFooC8k4gmVBtWVyuEklut89pMF -u+1z6S3RdTnX5yTb2E5fQ4+e0BQ5v1VwSJlXMbSc7kqYA5YwH2AG7hsj/oFgIxpH -YoWlzBk0gG+zrBrjn/B7SK3VAdlntqlyk+otZrWyuOQ9PLLvTIzq6we/qzWaVYa8 -GKa1qF60g2xraUDTn9zxw2lrueFtCfTxqlB2Cnp9ehehVZZCmTEJ3WARjQUwfuaO -RtGdFNrHF+QFlozEJLUbzxQHskD4o55BhrwE0GuWyCqANP2/7waj3VjFhT0+j/6e -KeC2uAloGRwYQw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB/jCCAYWgAwIBAgIIdJclisc/elQwCgYIKoZIzj0EAwMwRTELMAkGA1UEBhMC -VVMxFDASBgNVBAoMC0FmZmlybVRydXN0MSAwHgYDVQQDDBdBZmZpcm1UcnVzdCBQ -cmVtaXVtIEVDQzAeFw0xMDAxMjkxNDIwMjRaFw00MDEyMzExNDIwMjRaMEUxCzAJ -BgNVBAYTAlVTMRQwEgYDVQQKDAtBZmZpcm1UcnVzdDEgMB4GA1UEAwwXQWZmaXJt -VHJ1c3QgUHJlbWl1bSBFQ0MwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQNMF4bFZ0D -0KF5Nbc6PJJ6yhUczWLznCZcBz3lVPqj1swS6vQUX+iOGasvLkjmrBhDeKzQN8O9 -ss0s5kfiGuZjuD0uL3jET9v0D6RoTFVya5UdThhClXjMNzyR4ptlKymjQjBAMB0G -A1UdDgQWBBSaryl6wBE1NSZRMADDav5A1a7WPDAPBgNVHRMBAf8EBTADAQH/MA4G -A1UdDwEB/wQEAwIBBjAKBggqhkjOPQQDAwNnADBkAjAXCfOHiFBar8jAQr9HX/Vs -aobgxCd05DhT1wV/GzTjxi+zygk8N53X57hG8f2h4nECMEJZh0PUUd+60wkyWs6I -flc9nF9Ca/UHLbXwgpP5WW+uZPpY5Yse42O+tYHNbwKMeQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDQTCCAimgAwIBAgITBmyfz5m/jAo54vB4ikPmljZbyjANBgkqhkiG9w0BAQsF -ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6 -b24gUm9vdCBDQSAxMB4XDTE1MDUyNjAwMDAwMFoXDTM4MDExNzAwMDAwMFowOTEL -MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv -b3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALJ4gHHKeNXj -ca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgHFzZM -9O6II8c+6zf1tRn4SWiw3te5djgdYZ6k/oI2peVKVuRF4fn9tBb6dNqcmzU5L/qw -IFAGbHrQgLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6 -VOujw5H5SNz/0egwLX0tdHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L -93FcXmn/6pUCyziKrlA4b9v7LWIbxcceVOF34GfID5yHI9Y/QCB/IIDEgEw+OyQm -jgSubJrIqg0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC -AYYwHQYDVR0OBBYEFIQYzIU07LwMlJQuCFmcx7IQTgoIMA0GCSqGSIb3DQEBCwUA -A4IBAQCY8jdaQZChGsV2USggNiMOruYou6r4lK5IpDB/G/wkjUu0yKGX9rbxenDI -U5PMCCjjmCXPI6T53iHTfIUJrU6adTrCC2qJeHZERxhlbI1Bjjt/msv0tadQ1wUs -N+gDS63pYaACbvXy8MWy7Vu33PqUXHeeE6V/Uq2V8viTO96LXFvKWlJbYK8U90vv -o/ufQJVtMVT8QtPHRh8jrdkPSHCa2XV4cdFyQzR1bldZwgJcJmApzyMZFo6IQ6XU -5MsI+yMRQ+hDKXJioaldXgjUkK642M4UwtBV8ob2xJNDd2ZhwLnoQdeXeGADbkpy -rqXRfboQnoZsG4q5WTP468SQvvG5 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFQTCCAymgAwIBAgITBmyf0pY1hp8KD+WGePhbJruKNzANBgkqhkiG9w0BAQwF -ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6 -b24gUm9vdCBDQSAyMB4XDTE1MDUyNjAwMDAwMFoXDTQwMDUyNjAwMDAwMFowOTEL -MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv -b3QgQ0EgMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK2Wny2cSkxK -gXlRmeyKy2tgURO8TW0G/LAIjd0ZEGrHJgw12MBvIITplLGbhQPDW9tK6Mj4kHbZ -W0/jTOgGNk3Mmqw9DJArktQGGWCsN0R5hYGCrVo34A3MnaZMUnbqQ523BNFQ9lXg -1dKmSYXpN+nKfq5clU1Imj+uIFptiJXZNLhSGkOQsL9sBbm2eLfq0OQ6PBJTYv9K -8nu+NQWpEjTj82R0Yiw9AElaKP4yRLuH3WUnAnE72kr3H9rN9yFVkE8P7K6C4Z9r -2UXTu/Bfh+08LDmG2j/e7HJV63mjrdvdfLC6HM783k81ds8P+HgfajZRRidhW+me -z/CiVX18JYpvL7TFz4QuK/0NURBs+18bvBt+xa47mAExkv8LV/SasrlX6avvDXbR -8O70zoan4G7ptGmh32n2M8ZpLpcTnqWHsFcQgTfJU7O7f/aS0ZzQGPSSbtqDT6Zj -mUyl+17vIWR6IF9sZIUVyzfpYgwLKhbcAS4y2j5L9Z469hdAlO+ekQiG+r5jqFoz -7Mt0Q5X5bGlSNscpb/xVA1wf+5+9R+vnSUeVC06JIglJ4PVhHvG/LopyboBZ/1c6 -+XUyo05f7O0oYtlNc/LMgRdg7c3r3NunysV+Ar3yVAhU/bQtCSwXVEqY0VThUWcI -0u1ufm8/0i2BWSlmy5A5lREedCf+3euvAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMB -Af8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBSwDPBMMPQFWAJI/TPlUq9LhONm -UjANBgkqhkiG9w0BAQwFAAOCAgEAqqiAjw54o+Ci1M3m9Zh6O+oAA7CXDpO8Wqj2 -LIxyh6mx/H9z/WNxeKWHWc8w4Q0QshNabYL1auaAn6AFC2jkR2vHat+2/XcycuUY -+gn0oJMsXdKMdYV2ZZAMA3m3MSNjrXiDCYZohMr/+c8mmpJ5581LxedhpxfL86kS -k5Nrp+gvU5LEYFiwzAJRGFuFjWJZY7attN6a+yb3ACfAXVU3dJnJUH/jWS5E4ywl -7uxMMne0nxrpS10gxdr9HIcWxkPo1LsmmkVwXqkLN1PiRnsn/eBG8om3zEK2yygm -btmlyTrIQRNg91CMFa6ybRoVGld45pIq2WWQgj9sAq+uEjonljYE1x2igGOpm/Hl -urR8FLBOybEfdF849lHqm/osohHUqS0nGkWxr7JOcQ3AWEbWaQbLU8uz/mtBzUF+ -fUwPfHJ5elnNXkoOrJupmHN5fLT0zLm4BwyydFy4x2+IoZCn9Kr5v2c69BoVYh63 -n749sSmvZ6ES8lgQGVMDMBu4Gon2nL2XA46jCfMdiyHxtN/kHNGfZQIG6lzWE7OE -76KlXIx3KadowGuuQNKotOrN8I1LOJwZmhsoVLiJkO/KdYE+HvJkJMcYr07/R54H -9jVlpNMKVv/1F2Rs76giJUmTtt8AF9pYfl3uxRuw0dFfIRDH+fO6AgonB8Xx1sfT -4PsJYGw= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIBtjCCAVugAwIBAgITBmyf1XSXNmY/Owua2eiedgPySjAKBggqhkjOPQQDAjA5 -MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24g -Um9vdCBDQSAzMB4XDTE1MDUyNjAwMDAwMFoXDTQwMDUyNjAwMDAwMFowOTELMAkG -A1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJvb3Qg -Q0EgMzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABCmXp8ZBf8ANm+gBG1bG8lKl -ui2yEujSLtf6ycXYqm0fc4E7O5hrOXwzpcVOho6AF2hiRVd9RFgdszflZwjrZt6j -QjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBSr -ttvXBp43rDCGB5Fwx5zEGbF4wDAKBggqhkjOPQQDAgNJADBGAiEA4IWSoxe3jfkr -BqWTrBqYaGFy+uGh0PsceGCmQ5nFuMQCIQCcAu/xlJyzlvnrxir4tiz+OpAUFteM -YyRIHN8wfdVoOw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB8jCCAXigAwIBAgITBmyf18G7EEwpQ+Vxe3ssyBrBDjAKBggqhkjOPQQDAzA5 -MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24g -Um9vdCBDQSA0MB4XDTE1MDUyNjAwMDAwMFoXDTQwMDUyNjAwMDAwMFowOTELMAkG -A1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJvb3Qg -Q0EgNDB2MBAGByqGSM49AgEGBSuBBAAiA2IABNKrijdPo1MN/sGKe0uoe0ZLY7Bi -9i0b2whxIdIA6GO9mif78DluXeo9pcmBqqNbIJhFXRbb/egQbeOc4OO9X4Ri83Bk -M6DLJC9wuoihKqB1+IGuYgbEgds5bimwHvouXKNCMEAwDwYDVR0TAQH/BAUwAwEB -/zAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0OBBYEFNPsxzplbszh2naaVvuc84ZtV+WB -MAoGCCqGSM49BAMDA2gAMGUCMDqLIfG9fhGt0O9Yli/W651+kI0rz2ZVwyzjKKlw -CkcO8DdZEv8tmZQoTipPNU0zWgIxAOp1AE47xDqUEpHJWEadIRNyp4iciuRMStuW -1KyLa2tJElMzrdfkviT8tQp21KW8EA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDdzCCAl+gAwIBAgIIXDPLYixfszIwDQYJKoZIhvcNAQELBQAwPDEeMBwGA1UE -AwwVQXRvcyBUcnVzdGVkUm9vdCAyMDExMQ0wCwYDVQQKDARBdG9zMQswCQYDVQQG -EwJERTAeFw0xMTA3MDcxNDU4MzBaFw0zMDEyMzEyMzU5NTlaMDwxHjAcBgNVBAMM -FUF0b3MgVHJ1c3RlZFJvb3QgMjAxMTENMAsGA1UECgwEQXRvczELMAkGA1UEBhMC -REUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVhTuXbyo7LjvPpvMp -Nb7PGKw+qtn4TaA+Gke5vJrf8v7MPkfoepbCJI419KkM/IL9bcFyYie96mvr54rM -VD6QUM+A1JX76LWC1BTFtqlVJVfbsVD2sGBkWXppzwO3bw2+yj5vdHLqqjAqc2K+ -SZFhyBH+DgMq92og3AIVDV4VavzjgsG1xZ1kCWyjWZgHJ8cblithdHFsQ/H3NYkQ -4J7sVaE3IqKHBAUsR320HLliKWYoyrfhk/WklAOZuXCFteZI6o1Q/NnezG8HDt0L -cp2AMBYHlT8oDv3FdU9T1nSatCQujgKRz3bFmx5VdJx4IbHwLfELn8LVlhgf8FQi -eowHAgMBAAGjfTB7MB0GA1UdDgQWBBSnpQaxLKYJYO7Rl+lwrrw7GWzbITAPBgNV -HRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFKelBrEspglg7tGX6XCuvDsZbNshMBgG -A1UdIAQRMA8wDQYLKwYBBAGwLQMEAQEwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3 -DQEBCwUAA4IBAQAmdzTblEiGKkGdLD4GkGDEjKwLVLgfuXvTBznk+j57sj1O7Z8j -vZfza1zv7v1Apt+hk6EKhqzvINB5Ab149xnYJDE0BAGmuhWawyfc2E8PzBhj/5kP -DpFrdRbhIfzYJsdHt6bPWHJxfrrhTZVHO8mvbaG0weyJ9rQPOLXiZNwlz6bb65pc -maHFCN795trV1lpFDMS3wrUU77QR/w4VtfX128a961qn8FYiqTxlVMYVqL2Gns2D -lmh6cYGJ4Qvh6hEbaAjMaZ7snkGeRDImeuKHCnE96+RapNLbxc3G3mB/ufNPRJLv -KrcYPqcZ2Qt9sTdBQrC6YB3y/gkRsPCHe6ed ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIGFDCCA/ygAwIBAgIIU+w77vuySF8wDQYJKoZIhvcNAQEFBQAwUTELMAkGA1UE -BhMCRVMxQjBABgNVBAMMOUF1dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIEZpcm1h -cHJvZmVzaW9uYWwgQ0lGIEE2MjYzNDA2ODAeFw0wOTA1MjAwODM4MTVaFw0zMDEy -MzEwODM4MTVaMFExCzAJBgNVBAYTAkVTMUIwQAYDVQQDDDlBdXRvcmlkYWQgZGUg -Q2VydGlmaWNhY2lvbiBGaXJtYXByb2Zlc2lvbmFsIENJRiBBNjI2MzQwNjgwggIi -MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDKlmuO6vj78aI14H9M2uDDUtd9 -thDIAl6zQyrET2qyyhxdKJp4ERppWVevtSBC5IsP5t9bpgOSL/UR5GLXMnE42QQM -cas9UX4PB99jBVzpv5RvwSmCwLTaUbDBPLutN0pcyvFLNg4kq7/DhHf9qFD0sefG -L9ItWY16Ck6WaVICqjaY7Pz6FIMMNx/Jkjd/14Et5cS54D40/mf0PmbR0/RAz15i -NA9wBj4gGFrO93IbJWyTdBSTo3OxDqqHECNZXyAFGUftaI6SEspd/NYrspI8IM/h -X68gvqB2f3bl7BqGYTM+53u0P6APjqK5am+5hyZvQWyIplD9amML9ZMWGxmPsu2b -m8mQ9QEM3xk9Dz44I8kvjwzRAv4bVdZO0I08r0+k8/6vKtMFnXkIoctXMbScyJCy -Z/QYFpM6/EfY0XiWMR+6KwxfXZmtY4laJCB22N/9q06mIqqdXuYnin1oKaPnirja -EbsXLZmdEyRG98Xi2J+Of8ePdG1asuhy9azuJBCtLxTa/y2aRnFHvkLfuwHb9H/T -KI8xWVvTyQKmtFLKbpf7Q8UIJm+K9Lv9nyiqDdVF8xM6HdjAeI9BZzwelGSuewvF -6NkBiDkal4ZkQdU7hwxu+g/GvUgUvzlN1J5Bto+WHWOWk9mVBngxaJ43BjuAiUVh -OSPHG0SjFeUc+JIwuwIDAQABo4HvMIHsMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYD -VR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRlzeurNR4APn7VdMActHNHDhpkLzCBpgYD -VR0gBIGeMIGbMIGYBgRVHSAAMIGPMC8GCCsGAQUFBwIBFiNodHRwOi8vd3d3LmZp -cm1hcHJvZmVzaW9uYWwuY29tL2NwczBcBggrBgEFBQcCAjBQHk4AUABhAHMAZQBv -ACAAZABlACAAbABhACAAQgBvAG4AYQBuAG8AdgBhACAANAA3ACAAQgBhAHIAYwBl -AGwAbwBuAGEAIAAwADgAMAAxADcwDQYJKoZIhvcNAQEFBQADggIBABd9oPm03cXF -661LJLWhAqvdpYhKsg9VSytXjDvlMd3+xDLx51tkljYyGOylMnfX40S2wBEqgLk9 -am58m9Ot/MPWo+ZkKXzR4Tgegiv/J2Wv+xYVxC5xhOW1//qkR71kMrv2JYSiJ0L1 -ILDCExARzRAVukKQKtJE4ZYm6zFIEv0q2skGz3QeqUvVhyj5eTSSPi5E6PaPT481 -PyWzOdxjKpBrIF/EUhJOlywqrJ2X3kjyo2bbwtKDlaZmp54lD+kLM5FlClrD2VQS -3a/DTg4fJl4N3LON7NWBcN7STyQF82xO9UxJZo3R/9ILJUFI/lGExkKvgATP0H5k -SeTy36LssUzAKh3ntLFlosS88Zj0qnAHY7S42jtM+kAiMFsRpvAFDsYCA0irhpuF -3dvd6qJ2gHN99ZwExEWN57kci57q13XRcrHedUTnQn3iV2t93Jm8PYMo6oCTjcVM -ZcFwgbg4/EMxsvYDNEeyrPsiBsse3RdHHF9mudMaotoRsaS8I8nkvof/uZS2+F0g -StRf571oe2XyFR7SOqkt6dhrJKyXWERHrVkY8SFlcN7ONGCoQPHzPKTDKCOM/icz -Q0CgFzzr6juwcqajuUpLXhZI9LK8yIySxZ2frHI2vDSANGupi5LAuBft7HZT9SQB -jLMi6Et8Vcad+qMUu2WFbm5PEn4KPJ2V ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDdzCCAl+gAwIBAgIEAgAAuTANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJ -RTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYD -VQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTAwMDUxMjE4NDYwMFoX -DTI1MDUxMjIzNTkwMFowWjELMAkGA1UEBhMCSUUxEjAQBgNVBAoTCUJhbHRpbW9y -ZTETMBEGA1UECxMKQ3liZXJUcnVzdDEiMCAGA1UEAxMZQmFsdGltb3JlIEN5YmVy -VHJ1c3QgUm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKMEuyKr -mD1X6CZymrV51Cni4eiVgLGw41uOKymaZN+hXe2wCQVt2yguzmKiYv60iNoS6zjr -IZ3AQSsBUnuId9Mcj8e6uYi1agnnc+gRQKfRzMpijS3ljwumUNKoUMMo6vWrJYeK -mpYcqWe4PwzV9/lSEy/CG9VwcPCPwBLKBsua4dnKM3p31vjsufFoREJIE9LAwqSu -XmD+tqYF/LTdB1kC1FkYmGP1pWPgkAx9XbIGevOF6uvUA65ehD5f/xXtabz5OTZy -dc93Uk3zyZAsuT3lySNTPx8kmCFcB5kpvcY67Oduhjprl3RjM71oGDHweI12v/ye -jl0qhqdNkNwnGjkCAwEAAaNFMEMwHQYDVR0OBBYEFOWdWTCCR1jMrPoIVDaGezq1 -BE3wMBIGA1UdEwEB/wQIMAYBAf8CAQMwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3 -DQEBBQUAA4IBAQCFDF2O5G9RaEIFoN27TyclhAO992T9Ldcw46QQF+vaKSm2eT92 -9hkTI7gQCvlYpNRhcL0EYWoSihfVCr3FvDB81ukMJY2GQE/szKN+OMY3EU/t3Wgx -jkzSswF07r51XgdIGn9w/xZchMB5hbgF/X++ZRGjD8ACtPhSNzkE1akxehi/oCr0 -Epn3o0WC4zxe9Z2etciefC7IpJ5OCBRLbf1wbWsaY71k5h+3zvDyny67G7fyUIhz -ksLi4xaNmjICq44Y3ekQEe5+NauQrz4wlHrQMz2nZQ/1/I6eYs9HRCwBXbsdtTLS -R9I4LtD+gdwyah617jzV/OeBHRnDJELqYzmp ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFWTCCA0GgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJOTzEd -MBsGA1UECgwUQnV5cGFzcyBBUy05ODMxNjMzMjcxIDAeBgNVBAMMF0J1eXBhc3Mg -Q2xhc3MgMiBSb290IENBMB4XDTEwMTAyNjA4MzgwM1oXDTQwMTAyNjA4MzgwM1ow -TjELMAkGA1UEBhMCTk8xHTAbBgNVBAoMFEJ1eXBhc3MgQVMtOTgzMTYzMzI3MSAw -HgYDVQQDDBdCdXlwYXNzIENsYXNzIDIgUm9vdCBDQTCCAiIwDQYJKoZIhvcNAQEB -BQADggIPADCCAgoCggIBANfHXvfBB9R3+0Mh9PT1aeTuMgHbo4Yf5FkNuud1g1Lr -6hxhFUi7HQfKjK6w3Jad6sNgkoaCKHOcVgb/S2TwDCo3SbXlzwx87vFKu3MwZfPV -L4O2fuPn9Z6rYPnT8Z2SdIrkHJasW4DptfQxh6NR/Md+oW+OU3fUl8FVM5I+GC91 -1K2GScuVr1QGbNgGE41b/+EmGVnAJLqBcXmQRFBoJJRfuLMR8SlBYaNByyM21cHx -MlAQTn/0hpPshNOOvEu/XAFOBz3cFIqUCqTqc/sLUegTBxj6DvEr0VQVfTzh97QZ -QmdiXnfgolXsttlpF9U6r0TtSsWe5HonfOV116rLJeffawrbD02TTqigzXsu8lkB -arcNuAeBfos4GzjmCleZPe4h6KP1DBbdi+w0jpwqHAAVF41og9JwnxgIzRFo1clr -Us3ERo/ctfPYV3Me6ZQ5BL/T3jjetFPsaRyifsSP5BtwrfKi+fv3FmRmaZ9JUaLi -FRhnBkp/1Wy1TbMz4GHrXb7pmA8y1x1LPC5aAVKRCfLf6o3YBkBjqhHk/sM3nhRS -P/TizPJhk9H9Z2vXUq6/aKtAQ6BXNVN48FP4YUIHZMbXb5tMOA1jrGKvNouicwoN -9SG9dKpN6nIDSdvHXx1iY8f93ZHsM+71bbRuMGjeyNYmsHVee7QHIJihdjK4TWxP -AgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFMmAd+BikoL1Rpzz -uvdMw964o605MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEAU18h -9bqwOlI5LJKwbADJ784g7wbylp7ppHR/ehb8t/W2+xUbP6umwHJdELFx7rxP462s -A20ucS6vxOOto70MEae0/0qyexAQH6dXQbLArvQsWdZHEIjzIVEpMMpghq9Gqx3t -OluwlN5E40EIosHsHdb9T7bWR9AUC8rmyrV7d35BH16Dx7aMOZawP5aBQW9gkOLo -+fsicdl9sz1Gv7SEr5AcD48Saq/v7h56rgJKihcrdv6sVIkkLE8/trKnToyokZf7 -KcZ7XC25y2a2t6hbElGFtQl+Ynhw/qlqYLYdDnkM/crqJIByw5c/8nerQyIKx+u2 -DISCLIBrQYoIwOula9+ZEsuK1V6ADJHgJgg2SMX6OBE1/yWDLfJ6v9r9jv6ly0Us -H8SIU653DtmadsWOLB2jutXsMq7Aqqz30XpN69QH4kj3Io6wpJ9qzo6ysmD0oyLQ -I+uUWnpp3Q+/QFesa1lQ2aOZ4W7+jQF5JyMV3pKdewlNWudLSDBaGOYKbeaP4NK7 -5t98biGCwWg5TbSYWGZizEqQXsP6JwSxeRV0mcy+rSDeJmAc61ZRpqPq5KM/p/9h -3PFaTWwyI0PurKju7koSCTxdccK+efrCh2gdC/1cacwG0Jp9VJkqyTkaGa9LKkPz -Y11aWOIv4x3kqdbQCtCev9eBCfHJxyYNrJgWVqA= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFWTCCA0GgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJOTzEd -MBsGA1UECgwUQnV5cGFzcyBBUy05ODMxNjMzMjcxIDAeBgNVBAMMF0J1eXBhc3Mg -Q2xhc3MgMyBSb290IENBMB4XDTEwMTAyNjA4Mjg1OFoXDTQwMTAyNjA4Mjg1OFow -TjELMAkGA1UEBhMCTk8xHTAbBgNVBAoMFEJ1eXBhc3MgQVMtOTgzMTYzMzI3MSAw -HgYDVQQDDBdCdXlwYXNzIENsYXNzIDMgUm9vdCBDQTCCAiIwDQYJKoZIhvcNAQEB -BQADggIPADCCAgoCggIBAKXaCpUWUOOV8l6ddjEGMnqb8RB2uACatVI2zSRHsJ8Y -ZLya9vrVediQYkwiL944PdbgqOkcLNt4EemOaFEVcsfzM4fkoF0LXOBXByow9c3E -N3coTRiR5r/VUv1xLXA+58bEiuPwKAv0dpihi4dVsjoT/Lc+JzeOIuOoTyrvYLs9 -tznDDgFHmV0ST9tD+leh7fmdvhFHJlsTmKtdFoqwNxxXnUX/iJY2v7vKB3tvh2PX -0DJq1l1sDPGzbjniazEuOQAnFN44wOwZZoYS6J1yFhNkUsepNxz9gjDthBgd9K5c -/3ATAOux9TN6S9ZV+AWNS2mw9bMoNlwUxFFzTWsL8TQH2xc519woe2v1n/MuwU8X -KhDzzMro6/1rqy6any2CbgTUUgGTLT2G/H783+9CHaZr77kgxve9oKeV/afmiSTY -zIw0bOIjL9kSGiG5VZFvC5F5GQytQIgLcOJ60g7YaEi7ghM5EFjp2CoHxhLbWNvS -O1UQRwUVZ2J+GGOmRj8JDlQyXr8NYnon74Do29lLBlo3WiXQCBJ31G8JUJc9yB3D -34xFMFbG02SrZvPAXpacw8Tvw3xrizp5f7NJzz3iiZ+gMEuFuZyUJHmPfWupRWgP -K9Dx2hzLabjKSWJtyNBjYt1gD1iqj6G8BaVmos8bdrKEZLFMOVLAMLrwjEsCsLa3 -AgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFEe4zf/lb+74suwv -Tg75JbCOPGvDMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEAACAj -QTUEkMJAYmDv4jVM1z+s4jSQuKFvdvoWFqRINyzpkMLyPPgKn9iB5btb2iUspKdV -cSQy9sgL8rxq+JOssgfCX5/bzMiKqr5qb+FJEMwx14C7u8jYog5kV+qi9cKpMRXS -IGrs/CIBKM+GuIAeqcwRpTzyFrNHnfzSgCHEy9BHcEGhyoMZCCxt8l13nIoUE9Q2 -HJLw5QY33KbmkJs4j1xrG0aGQ0JfPgEHU1RdZX33inOhmlRaHylDFCfChQ+1iHsa -O5S3HWCntZznKWlXWpuTekMwGwPXYshApqr8ZORK15FTAaggiG6cX0S5y2CBNOxv -033aSF/rtJC8LakcC6wc1aJoIIAE1vyxjy+7SjENSoYc6+I2KSb12tjE8nVhz36u -dmNKekBlk4f4HoCMhuWG1o8O/FMsYOgWYRqiPkN7zTlgVGr18okmAWiDSKIz6MkE -kbIRNBE+6tBDGR8Dk5AM/1E9V/RBbuHLoL7ryWPNbczk+DaqaJ3tvV2XcEQNtg41 -3OEMXbugUZTLfhbrES+jkkXITHHZvMmZUldGL1DPvTVp9D0VzgalLA8+9oG6lLvD -u79leNKGef9JOxqDDPDeeOzI8k1MGt6CKfjBWtrt7uYnXuhF0J0cUahoq0Tj0Itq -4/g7u9xN12TyUb7mqqta6THuBrxzvxNiCp/HuZc= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFaTCCA1GgAwIBAgIJAJK4iNuwisFjMA0GCSqGSIb3DQEBCwUAMFIxCzAJBgNV -BAYTAlNLMRMwEQYDVQQHEwpCcmF0aXNsYXZhMRMwEQYDVQQKEwpEaXNpZyBhLnMu -MRkwFwYDVQQDExBDQSBEaXNpZyBSb290IFIyMB4XDTEyMDcxOTA5MTUzMFoXDTQy -MDcxOTA5MTUzMFowUjELMAkGA1UEBhMCU0sxEzARBgNVBAcTCkJyYXRpc2xhdmEx -EzARBgNVBAoTCkRpc2lnIGEucy4xGTAXBgNVBAMTEENBIERpc2lnIFJvb3QgUjIw -ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCio8QACdaFXS1tFPbCw3Oe -NcJxVX6B+6tGUODBfEl45qt5WDza/3wcn9iXAng+a0EE6UG9vgMsRfYvZNSrXaNH -PWSb6WiaxswbP7q+sos0Ai6YVRn8jG+qX9pMzk0DIaPY0jSTVpbLTAwAFjxfGs3I -x2ymrdMxp7zo5eFm1tL7A7RBZckQrg4FY8aAamkw/dLukO8NJ9+flXP04SXabBbe -QTg06ov80egEFGEtQX6sx3dOy1FU+16SGBsEWmjGycT6txOgmLcRK7fWV8x8nhfR -yyX+hk4kLlYMeE2eARKmK6cBZW58Yh2EhN/qwGu1pSqVg8NTEQxzHQuyRpDRQjrO -QG6Vrf/GlK1ul4SOfW+eioANSW1z4nuSHsPzwfPrLgVv2RvPN3YEyLRa5Beny912 -H9AZdugsBbPWnDTYltxhh5EF5EQIM8HauQhl1K6yNg3ruji6DOWbnuuNZt2Zz9aJ -QfYEkoopKW1rOhzndX0CcQ7zwOe9yxndnWCywmZgtrEE7snmhrmaZkCo5xHtgUUD -i/ZnWejBBhG93c+AAk9lQHhcR1DIm+YfgXvkRKhbhZri3lrVx/k6RGZL5DJUfORs -nLMOPReisjQS1n6yqEm70XooQL6iFh/f5DcfEXP7kAplQ6INfPgGAVUzfbANuPT1 -rqVCV3w2EYx7XsQDnYx5nQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud -DwEB/wQEAwIBBjAdBgNVHQ4EFgQUtZn4r7CU9eMg1gqtzk5WpC5uQu0wDQYJKoZI -hvcNAQELBQADggIBACYGXnDnZTPIgm7ZnBc6G3pmsgH2eDtpXi/q/075KMOYKmFM -tCQSin1tERT3nLXK5ryeJ45MGcipvXrA1zYObYVybqjGom32+nNjf7xueQgcnYqf -GopTpti72TVVsRHFqQOzVju5hJMiXn7B9hJSi+osZ7z+Nkz1uM/Rs0mSO9MpDpkb -lvdhuDvEK7Z4bLQjb/D907JedR+Zlais9trhxTF7+9FGs9K8Z7RiVLoJ92Owk6Ka -+elSLotgEqv89WBW7xBci8QaQtyDW2QOy7W81k/BfDxujRNt+3vrMNDcTa/F1bal -TFtxyegxvug4BkihGuLq0t4SOVga/4AOgnXmt8kHbA7v/zjxmHHEt38OFdAlab0i -nSvtBfZGR6ztwPDUO+Ls7pZbkBNOHlY667DvlruWIxG68kOGdGSVyCh13x01utI3 -gzhTODY7z2zp+WsO0PsE6E9312UBeIYMej4hYvF/Y3EMyZ9E26gnonW+boE+18Dr -G5gPcFw0sorMwIUY6256s/daoQe/qUKS82Ail+QUoQebTnbAjn39pCXHR+3/H3Os -zMOl6W8KjptlwlCFtaOgUxLMVYdh84GuEEZhvUQhuMI9dM9+JDX6HAcOmz0iyu8x -L4ysEr3vQCj8KWefshNPZiTEUxnpHikV7+ZtsH8tZ/3zbBt1RqPlShfppNcL ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFjTCCA3WgAwIBAgIEGErM1jANBgkqhkiG9w0BAQsFADBWMQswCQYDVQQGEwJD -TjEwMC4GA1UECgwnQ2hpbmEgRmluYW5jaWFsIENlcnRpZmljYXRpb24gQXV0aG9y -aXR5MRUwEwYDVQQDDAxDRkNBIEVWIFJPT1QwHhcNMTIwODA4MDMwNzAxWhcNMjkx -MjMxMDMwNzAxWjBWMQswCQYDVQQGEwJDTjEwMC4GA1UECgwnQ2hpbmEgRmluYW5j -aWFsIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRUwEwYDVQQDDAxDRkNBIEVWIFJP -T1QwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDXXWvNED8fBVnVBU03 -sQ7smCuOFR36k0sXgiFxEFLXUWRwFsJVaU2OFW2fvwwbwuCjZ9YMrM8irq93VCpL -TIpTUnrD7i7es3ElweldPe6hL6P3KjzJIx1qqx2hp/Hz7KDVRM8Vz3IvHWOX6Jn5 -/ZOkVIBMUtRSqy5J35DNuF++P96hyk0g1CXohClTt7GIH//62pCfCqktQT+x8Rgp -7hZZLDRJGqgG16iI0gNyejLi6mhNbiyWZXvKWfry4t3uMCz7zEasxGPrb382KzRz -EpR/38wmnvFyXVBlWY9ps4deMm/DGIq1lY+wejfeWkU7xzbh72fROdOXW3NiGUgt -hxwG+3SYIElz8AXSG7Ggo7cbcNOIabla1jj0Ytwli3i/+Oh+uFzJlU9fpy25IGvP -a931DfSCt/SyZi4QKPaXWnuWFo8BGS1sbn85WAZkgwGDg8NNkt0yxoekN+kWzqot -aK8KgWU6cMGbrU1tVMoqLUuFG7OA5nBFDWteNfB/O7ic5ARwiRIlk9oKmSJgamNg -TnYGmE69g60dWIolhdLHZR4tjsbftsbhf4oEIRUpdPA+nJCdDC7xij5aqgwJHsfV -PKPtl8MeNPo4+QgO48BdK4PRVmrJtqhUUy54Mmc9gn900PvhtgVguXDbjgv5E1hv -cWAQUhC5wUEJ73IfZzF4/5YFjQIDAQABo2MwYTAfBgNVHSMEGDAWgBTj/i39KNAL -tbq2osS/BqoFjJP7LzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAd -BgNVHQ4EFgQU4/4t/SjQC7W6tqLEvwaqBYyT+y8wDQYJKoZIhvcNAQELBQADggIB -ACXGumvrh8vegjmWPfBEp2uEcwPenStPuiB/vHiyz5ewG5zz13ku9Ui20vsXiObT -ej/tUxPQ4i9qecsAIyjmHjdXNYmEwnZPNDatZ8POQQaIxffu2Bq41gt/UP+TqhdL -jOztUmCypAbqTuv0axn96/Ua4CUqmtzHQTb3yHQFhDmVOdYLO6Qn+gjYXB74BGBS -ESgoA//vU2YApUo0FmZ8/Qmkrp5nGm9BC2sGE5uPhnEFtC+NiWYzKXZUmhH4J/qy -P5Hgzg0b8zAarb8iXRvTvyUFTeGSGn+ZnzxEk8rUQElsgIfXBDrDMlI1Dlb4pd19 -xIsNER9Tyx6yF7Zod1rg1MvIB671Oi6ON7fQAUtDKXeMOZePglr4UeWJoBjnaH9d -Ci77o0cOPaYjesYBx4/IXr9tgFa+iiS6M+qf4TIRnvHST4D2G0CvOJ4RUHlzEhLN -5mydLIhyPDCBBpEi6lmt2hkuIsKNuYyH4Ga8cyNfIWRjgEj1oDwYPZTISEEdQLpe -/v5WOaHIz16eGWRGENoXkbcFgKyLmZJ956LYBws2J+dIeWCKw9cTXPhyQN9Ky8+Z -AAoACxGV2lZFA4gKn2fQ1XmxqI1AbQ3CekD6819kR5LLU7m7Wc5P/dAVUwHY3+vZ -5nbv0CO7O6l5s9UCKc2Jo5YPSjXnTkLAdc0Hz+Ys63su ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEHTCCAwWgAwIBAgIQToEtioJl4AsC7j41AkblPTANBgkqhkiG9w0BAQUFADCB -gTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G -A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxJzAlBgNV -BAMTHkNPTU9ETyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNjEyMDEwMDAw -MDBaFw0yOTEyMzEyMzU5NTlaMIGBMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3Jl -YXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFDT01P -RE8gQ0EgTGltaXRlZDEnMCUGA1UEAxMeQ09NT0RPIENlcnRpZmljYXRpb24gQXV0 -aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ECLi3LjkRv3 -UcEbVASY06m/weaKXTuH+7uIzg3jLz8GlvCiKVCZrts7oVewdFFxze1CkU1B/qnI -2GqGd0S7WWaXUF601CxwRM/aN5VCaTwwxHGzUvAhTaHYujl8HJ6jJJ3ygxaYqhZ8 -Q5sVW7euNJH+1GImGEaaP+vB+fGQV+useg2L23IwambV4EajcNxo2f8ESIl33rXp -+2dtQem8Ob0y2WIC8bGoPW43nOIv4tOiJovGuFVDiOEjPqXSJDlqR6sA1KGzqSX+ -DT+nHbrTUcELpNqsOO9VUCQFZUaTNE8tja3G1CEZ0o7KBWFxB3NH5YoZEr0ETc5O -nKVIrLsm9wIDAQABo4GOMIGLMB0GA1UdDgQWBBQLWOWLxkwVN6RAqTCpIb5HNlpW -/zAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBJBgNVHR8EQjBAMD6g -PKA6hjhodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9DZXJ0aWZpY2F0aW9u -QXV0aG9yaXR5LmNybDANBgkqhkiG9w0BAQUFAAOCAQEAPpiem/Yb6dc5t3iuHXIY -SdOH5EOC6z/JqvWote9VfCFSZfnVDeFs9D6Mk3ORLgLETgdxb8CPOGEIqB6BCsAv -IC9Bi5HcSEW88cbeunZrM8gALTFGTO3nnc+IlP8zwFboJIYmuNg4ON8qa90SzMc/ -RxdMosIGlgnW2/4/PEZB31jiVg88O8EckzXZOFKs7sjsLjBOlDW0JB9LeGna8gI4 -zJVSk/BwJVmcIGfE7vmLV2H0knZ9P4SNVbfo5azV8fUZVqZa+5Acr5Pr5RzUZ5dd -BA6+C4OmF4O5MBKgxTMVBbkN+8cFduPYSo38NBejxiEovjBFMR7HeL5YYTisO+IB -ZQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICiTCCAg+gAwIBAgIQH0evqmIAcFBUTAGem2OZKjAKBggqhkjOPQQDAzCBhTEL -MAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE -BxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMT -IkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDgwMzA2MDAw -MDAwWhcNMzgwMTE4MjM1OTU5WjCBhTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdy -ZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09N -T0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlv -biBBdXRob3JpdHkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQDR3svdcmCFYX7deSR -FtSrYpn1PlILBs5BAH+X4QokPB0BBO490o0JlwzgdeT6+3eKKvUDYEs2ixYjFq0J -cfRK9ChQtP6IHG4/bC8vCVlbpVsLM5niwz2J+Wos77LTBumjQjBAMB0GA1UdDgQW -BBR1cacZSBm8nZ3qQUfflMRId5nTeTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/ -BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjEA7wNbeqy3eApyt4jf/7VGFAkK+qDm -fQjGGoe9GKhzvSbKYAydzpmfz1wPMOG+FDHqAjAU9JM8SaczepBGR7NjfRObTrdv -GDeAU/7dIOA1mjbRxwG55tzd8/8dLDoWV9mSOdY= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF2DCCA8CgAwIBAgIQTKr5yttjb+Af907YWwOGnTANBgkqhkiG9w0BAQwFADCB -hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G -A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNV -BAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAwMTE5 -MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBhTELMAkGA1UEBhMCR0IxGzAZBgNVBAgT -EkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR -Q09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNh -dGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCR -6FSS0gpWsawNJN3Fz0RndJkrN6N9I3AAcbxT38T6KhKPS38QVr2fcHK3YX/JSw8X -pz3jsARh7v8Rl8f0hj4K+j5c+ZPmNHrZFGvnnLOFoIJ6dq9xkNfs/Q36nGz637CC -9BR++b7Epi9Pf5l/tfxnQ3K9DADWietrLNPtj5gcFKt+5eNu/Nio5JIk2kNrYrhV -/erBvGy2i/MOjZrkm2xpmfh4SDBF1a3hDTxFYPwyllEnvGfDyi62a+pGx8cgoLEf -Zd5ICLqkTqnyg0Y3hOvozIFIQ2dOciqbXL1MGyiKXCJ7tKuY2e7gUYPDCUZObT6Z -+pUX2nwzV0E8jVHtC7ZcryxjGt9XyD+86V3Em69FmeKjWiS0uqlWPc9vqv9JWL7w -qP/0uK3pN/u6uPQLOvnoQ0IeidiEyxPx2bvhiWC4jChWrBQdnArncevPDt09qZah -SL0896+1DSJMwBGB7FY79tOi4lu3sgQiUpWAk2nojkxl8ZEDLXB0AuqLZxUpaVIC -u9ffUGpVRr+goyhhf3DQw6KqLCGqR84onAZFdr+CGCe01a60y1Dma/RMhnEw6abf -Fobg2P9A3fvQQoh/ozM6LlweQRGBY84YcWsr7KaKtzFcOmpH4MN5WdYgGq/yapiq -crxXStJLnbsQ/LBMQeXtHT1eKJ2czL+zUdqnR+WEUwIDAQABo0IwQDAdBgNVHQ4E -FgQUu69+Aj36pvE8hI6t7jiY7NkyMtQwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB -/wQFMAMBAf8wDQYJKoZIhvcNAQEMBQADggIBAArx1UaEt65Ru2yyTUEUAJNMnMvl -wFTPoCWOAvn9sKIN9SCYPBMtrFaisNZ+EZLpLrqeLppysb0ZRGxhNaKatBYSaVqM -4dc+pBroLwP0rmEdEBsqpIt6xf4FpuHA1sj+nq6PK7o9mfjYcwlYRm6mnPTXJ9OV -2jeDchzTc+CiR5kDOF3VSXkAKRzH7JsgHAckaVd4sjn8OoSgtZx8jb8uk2Intzna -FxiuvTwJaP+EmzzV1gsD41eeFPfR60/IvYcjt7ZJQ3mFXLrrkguhxuhoqEwWsRqZ -CuhTLJK7oQkYdQxlqHvLI7cawiiFwxv/0Cti76R7CZGYZ4wUAc1oBmpjIXUDgIiK -boHGhfKppC3n9KUkEEeDys30jXlYsQab5xoq2Z0B15R97QNKyvDb6KkBPvVWmcke -jkk9u+UJueBPSZI9FoJAzMxZxuY67RIuaTxslbH9qh17f4a+Hg4yRvv7E491f0yL -S0Zj/gA0QHDBw7mh3aZw4gSzQbzpgJHqZJx64SIDqZxubw5lT2yHh17zbqD5daWb -QOhTsiedSrnAdyGN/4fy3ryM7xfft0kL0fJuMAsaDk527RH89elWsn2/x20Kk4yl -0MC2Hb46TpSi125sC8KKfPog88Tk5c0NqMuRkrF8hey1FGlmDoLnzc7ILaZRfyHB -NVOFBkpdn627G190 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEvTCCA6WgAwIBAgIBADANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJFVTEn -MCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQL -ExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEiMCAGA1UEAxMZQ2hhbWJlcnMg -b2YgQ29tbWVyY2UgUm9vdDAeFw0wMzA5MzAxNjEzNDNaFw0zNzA5MzAxNjEzNDRa -MH8xCzAJBgNVBAYTAkVVMScwJQYDVQQKEx5BQyBDYW1lcmZpcm1hIFNBIENJRiBB -ODI3NDMyODcxIzAhBgNVBAsTGmh0dHA6Ly93d3cuY2hhbWJlcnNpZ24ub3JnMSIw -IAYDVQQDExlDaGFtYmVycyBvZiBDb21tZXJjZSBSb290MIIBIDANBgkqhkiG9w0B -AQEFAAOCAQ0AMIIBCAKCAQEAtzZV5aVdGDDg2olUkfzIx1L4L1DZ77F1c2VHfRtb -unXF/KGIJPov7coISjlUxFF6tdpg6jg8gbLL8bvZkSM/SAFwdakFKq0fcfPJVD0d -BmpAPrMMhe5cG3nCYsS4No41XQEMIwRHNaqbYE6gZj3LJgqcQKH0XZi/caulAGgq -7YN6D6IUtdQis4CwPAxaUWktWBiP7Zme8a7ileb2R6jWDA+wWFjbw2Y3npuRVDM3 -0pQcakjJyfKl2qUMI/cjDpwyVV5xnIQFUZot/eZOKjRa3spAN2cMVCFVd9oKDMyX -roDclDZK9D7ONhMeU+SsTjoF7Nuucpw4i9A5O4kKPnf+dQIBA6OCAUQwggFAMBIG -A1UdEwEB/wQIMAYBAf8CAQwwPAYDVR0fBDUwMzAxoC+gLYYraHR0cDovL2NybC5j -aGFtYmVyc2lnbi5vcmcvY2hhbWJlcnNyb290LmNybDAdBgNVHQ4EFgQU45T1sU3p -26EpW1eLTXYGduHRooowDgYDVR0PAQH/BAQDAgEGMBEGCWCGSAGG+EIBAQQEAwIA -BzAnBgNVHREEIDAegRxjaGFtYmVyc3Jvb3RAY2hhbWJlcnNpZ24ub3JnMCcGA1Ud -EgQgMB6BHGNoYW1iZXJzcm9vdEBjaGFtYmVyc2lnbi5vcmcwWAYDVR0gBFEwTzBN -BgsrBgEEAYGHLgoDATA+MDwGCCsGAQUFBwIBFjBodHRwOi8vY3BzLmNoYW1iZXJz -aWduLm9yZy9jcHMvY2hhbWJlcnNyb290Lmh0bWwwDQYJKoZIhvcNAQEFBQADggEB -AAxBl8IahsAifJ/7kPMa0QOx7xP5IV8EnNrJpY0nbJaHkb5BkAFyk+cefV/2icZd -p0AJPaxJRUXcLo0waLIJuvvDL8y6C98/d3tGfToSJI6WjzwFCm/SlCgdbQzALogi -1djPHRPH8EjX1wWnz8dHnjs8NMiAT9QUu/wNUPf6s+xCX6ndbcj0dc97wXImsQEc -XCz9ek60AcUFV7nnPKoF2YjpB0ZBzu9Bga5Y34OirsrXdx/nADydb47kMgkdTXg0 -eDQ8lJsm7U9xxhl6vSAiSFr+S30Dt+dYvsYyTnQeaN2oaFuzPu5ifdmA6Ap1erfu -tGWaIZDgqtCYvDi1czyL+Nw= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIExTCCA62gAwIBAgIBADANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJFVTEn -MCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQL -ExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEgMB4GA1UEAxMXR2xvYmFsIENo -YW1iZXJzaWduIFJvb3QwHhcNMDMwOTMwMTYxNDE4WhcNMzcwOTMwMTYxNDE4WjB9 -MQswCQYDVQQGEwJFVTEnMCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgy -NzQzMjg3MSMwIQYDVQQLExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEgMB4G -A1UEAxMXR2xvYmFsIENoYW1iZXJzaWduIFJvb3QwggEgMA0GCSqGSIb3DQEBAQUA -A4IBDQAwggEIAoIBAQCicKLQn0KuWxfH2H3PFIP8T8mhtxOviteePgQKkotgVvq0 -Mi+ITaFgCPS3CU6gSS9J1tPfnZdan5QEcOw/Wdm3zGaLmFIoCQLfxS+EjXqXd7/s -QJ0lcqu1PzKY+7e3/HKE5TWH+VX6ox8Oby4o3Wmg2UIQxvi1RMLQQ3/bvOSiPGpV -eAp3qdjqGTK3L/5cPxvusZjsyq16aUXjlg9V9ubtdepl6DJWk0aJqCWKZQbua795 -B9Dxt6/tLE2Su8CoX6dnfQTyFQhwrJLWfQTSM/tMtgsL+xrJxI0DqX5c8lCrEqWh -z0hQpe/SyBoT+rB/sYIcd2oPX9wLlY/vQ37mRQklAgEDo4IBUDCCAUwwEgYDVR0T -AQH/BAgwBgEB/wIBDDA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vY3JsLmNoYW1i -ZXJzaWduLm9yZy9jaGFtYmVyc2lnbnJvb3QuY3JsMB0GA1UdDgQWBBRDnDafsJ4w -TcbOX60Qq+UDpfqpFDAOBgNVHQ8BAf8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgAH -MCoGA1UdEQQjMCGBH2NoYW1iZXJzaWducm9vdEBjaGFtYmVyc2lnbi5vcmcwKgYD -VR0SBCMwIYEfY2hhbWJlcnNpZ25yb290QGNoYW1iZXJzaWduLm9yZzBbBgNVHSAE -VDBSMFAGCysGAQQBgYcuCgEBMEEwPwYIKwYBBQUHAgEWM2h0dHA6Ly9jcHMuY2hh -bWJlcnNpZ24ub3JnL2Nwcy9jaGFtYmVyc2lnbnJvb3QuaHRtbDANBgkqhkiG9w0B -AQUFAAOCAQEAPDtwkfkEVCeR4e3t/mh/YV3lQWVPMvEYBZRqHN4fcNs+ezICNLUM -bKGKfKX0j//U2K0X1S0E0T9YgOKBWYi+wONGkyT+kL0mojAt6JcmVzWJdJYY9hXi -ryQZVgICsroPFOrGimbBhkVVi76SvpykBMdJPJ7oKXqJ1/6v/2j1pReQvayZzKWG -VwlnRtvWFsJG8eSpUPWP0ZIV018+xgBJOm5YstHRJw0lyDL4IBHNfTIzSJRUTN3c -ecQwn+uOuFW114hcxWokPbLTBQNRxgfvzBRydD1ucs4YKIxKoHflCStFREest2d/ -AYoFWpO+ocH/+OcOZ6RHSXZddZAa9SaP8A== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDqDCCApCgAwIBAgIJAP7c4wEPyUj/MA0GCSqGSIb3DQEBBQUAMDQxCzAJBgNV -BAYTAkZSMRIwEAYDVQQKDAlEaGlteW90aXMxETAPBgNVBAMMCENlcnRpZ25hMB4X -DTA3MDYyOTE1MTMwNVoXDTI3MDYyOTE1MTMwNVowNDELMAkGA1UEBhMCRlIxEjAQ -BgNVBAoMCURoaW15b3RpczERMA8GA1UEAwwIQ2VydGlnbmEwggEiMA0GCSqGSIb3 -DQEBAQUAA4IBDwAwggEKAoIBAQDIaPHJ1tazNHUmgh7stL7qXOEm7RFHYeGifBZ4 -QCHkYJ5ayGPhxLGWkv8YbWkj4Sti993iNi+RB7lIzw7sebYs5zRLcAglozyHGxny -gQcPOJAZ0xH+hrTy0V4eHpbNgGzOOzGTtvKg0KmVEn2lmsxryIRWijOp5yIVUxbw -zBfsV1/pogqYCd7jX5xv3EjjhQsVWqa6n6xI4wmy9/Qy3l40vhx4XUJbzg4ij02Q -130yGLMLLGq/jj8UEYkgDncUtT2UCIf3JR7VsmAA7G8qKCVuKj4YYxclPz5EIBb2 -JsglrgVKtOdjLPOMFlN+XPsRGgjBRmKfIrjxwo1p3Po6WAbfAgMBAAGjgbwwgbkw -DwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUGu3+QTmQtCRZvgHyUtVF9lo53BEw -ZAYDVR0jBF0wW4AUGu3+QTmQtCRZvgHyUtVF9lo53BGhOKQ2MDQxCzAJBgNVBAYT -AkZSMRIwEAYDVQQKDAlEaGlteW90aXMxETAPBgNVBAMMCENlcnRpZ25hggkA/tzj -AQ/JSP8wDgYDVR0PAQH/BAQDAgEGMBEGCWCGSAGG+EIBAQQEAwIABzANBgkqhkiG -9w0BAQUFAAOCAQEAhQMeknH2Qq/ho2Ge6/PAD/Kl1NqV5ta+aDY9fm4fTIrv0Q8h -bV6lUmPOEvjvKtpv6zf+EwLHyzs+ImvaYS5/1HI93TDhHkxAGYwP15zRgzB7mFnc -fca5DClMoTOi62c6ZYTTluLtdkVwj7Ur3vkj1kluPBS1xp81HlDQwY9qcEQCYsuu -HWhBp6pX6FOqB9IG9tUUBguRA3UsbHK1YZWaDYu5Def131TN3ubY1gkIl2PlwS6w -t0QmwCbAr1UwnjvVNioZBPRcHv/PLLf/0P2HQBHVESO7SMAhqaQoLf0V+LBOK/Qw -WyH8EZE0vkHve52Xdf+XlcCWWC/qu0bXu+TZLg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFkjCCA3qgAwIBAgIBATANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJGUjET -MBEGA1UEChMKQ2VydGlub21pczEXMBUGA1UECxMOMDAwMiA0MzM5OTg5MDMxHTAb -BgNVBAMTFENlcnRpbm9taXMgLSBSb290IENBMB4XDTEzMTAyMTA5MTcxOFoXDTMz -MTAyMTA5MTcxOFowWjELMAkGA1UEBhMCRlIxEzARBgNVBAoTCkNlcnRpbm9taXMx -FzAVBgNVBAsTDjAwMDIgNDMzOTk4OTAzMR0wGwYDVQQDExRDZXJ0aW5vbWlzIC0g -Um9vdCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANTMCQosP5L2 -fxSeC5yaah1AMGT9qt8OHgZbn1CF6s2Nq0Nn3rD6foCWnoR4kkjW4znuzuRZWJfl -LieY6pOod5tK8O90gC3rMB+12ceAnGInkYjwSond3IjmFPnVAy//ldu9n+ws+hQV -WZUKxkd8aRi5pwP5ynapz8dvtF4F/u7BUrJ1Mofs7SlmO/NKFoL21prbcpjp3vDF -TKWrteoB4owuZH9kb/2jJZOLyKIOSY008B/sWEUuNKqEUL3nskoTuLAPrjhdsKkb -5nPJWqHZZkCqqU2mNAKthH6yI8H7KsZn9DS2sJVqM09xRLWtwHkziOC/7aOgFLSc -CbAK42C++PhmiM1b8XcF4LVzbsF9Ri6OSyemzTUK/eVNfaoqoynHWmgE6OXWk6Ri -wsXm9E/G+Z8ajYJJGYrKWUM66A0ywfRMEwNvbqY/kXPLynNvEiCL7sCCeN5LLsJJ -wx3tFvYk9CcbXFcx3FXuqB5vbKziRcxXV4p1VxngtViZSTYxPDMBbRZKzbgqg4SG -m/lg0h9tkQPTYKbVPZrdd5A9NaSfD171UkRpucC63M9933zZxKyGIjK8e2uR73r4 -F2iw4lNVYC2vPsKD2NkJK/DAZNuHi5HMkesE/Xa0lZrmFAYb1TQdvtj/dBxThZng -WVJKYe2InmtJiUZ+IFrZ50rlau7SZRFDAgMBAAGjYzBhMA4GA1UdDwEB/wQEAwIB -BjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTvkUz1pcMw6C8I6tNxIqSSaHh0 -2TAfBgNVHSMEGDAWgBTvkUz1pcMw6C8I6tNxIqSSaHh02TANBgkqhkiG9w0BAQsF -AAOCAgEAfj1U2iJdGlg+O1QnurrMyOMaauo++RLrVl89UM7g6kgmJs95Vn6RHJk/ -0KGRHCwPT5iVWVO90CLYiF2cN/z7ZMF4jIuaYAnq1fohX9B0ZedQxb8uuQsLrbWw -F6YSjNRieOpWauwK0kDDPAUwPk2Ut59KA9N9J0u2/kTO+hkzGm2kQtHdzMjI1xZS -g081lLMSVX3l4kLr5JyTCcBMWwerx20RoFAXlCOotQqSD7J6wWAsOMwaplv/8gzj -qh8c3LigkyfeY+N/IZ865Z764BNqdeuWXGKRlI5nU7aJ+BIJy29SWwNyhlCVCNSN -h4YVH5Uk2KRvms6knZtt0rJ2BobGVgjF6wnaNsIbW0G+YSrjcOa4pvi2WsS9Iff/ -ql+hbHY5ZtbqTFXhADObE5hjyW/QASAJN1LnDE8+zbz1X5YnpyACleAu6AdBBR8V -btaw5BngDwKTACdyxYvRVB9dSsNAl35VpnzBMwQUAR1JIGkLGZOdblgi90AMRgwj -Y/M50n92Uaf0yKHxDHYiI0ZSKS3io0EHVmmY0gUJvGnHWmHNj4FgFU2A3ZDifcRQ -8ow7bkrHxuaAKzyBvBGAFhAn1/DNP3nMcyrDflOR1m749fPH0FFNjkulW+YZFzvW -gQncItzujrnEj1PhZ7szuIgVRs/taTX/dQ1G885x4cVrhkIGuUE= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDkjCCAnqgAwIBAgIRAIW9S/PY2uNp9pTXX8OlRCMwDQYJKoZIhvcNAQEFBQAw -PTELMAkGA1UEBhMCRlIxETAPBgNVBAoTCENlcnRwbHVzMRswGQYDVQQDExJDbGFz -cyAyIFByaW1hcnkgQ0EwHhcNOTkwNzA3MTcwNTAwWhcNMTkwNzA2MjM1OTU5WjA9 -MQswCQYDVQQGEwJGUjERMA8GA1UEChMIQ2VydHBsdXMxGzAZBgNVBAMTEkNsYXNz -IDIgUHJpbWFyeSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANxQ -ltAS+DXSCHh6tlJw/W/uz7kRy1134ezpfgSN1sxvc0NXYKwzCkTsA18cgCSR5aiR -VhKC9+Ar9NuuYS6JEI1rbLqzAr3VNsVINyPi8Fo3UjMXEuLRYE2+L0ER4/YXJQyL -kcAbmXuZVg2v7tK8R1fjeUl7NIknJITesezpWE7+Tt9avkGtrAjFGA7v0lPubNCd -EgETjdyAYveVqUSISnFOYFWe2yMZeVYHDD9jC1yw4r5+FfyUM1hBOHTE4Y+L3yas -H7WLO7dDWWuwJKZtkIvEcupdM5i3y95ee++U8Rs+yskhwcWYAqqi9lt3m/V+llU0 -HGdpwPFC40es/CgcZlUCAwEAAaOBjDCBiTAPBgNVHRMECDAGAQH/AgEKMAsGA1Ud -DwQEAwIBBjAdBgNVHQ4EFgQU43Mt38sOKAze3bOkynm4jrvoMIkwEQYJYIZIAYb4 -QgEBBAQDAgEGMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly93d3cuY2VydHBsdXMu -Y29tL0NSTC9jbGFzczIuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQCnVM+IRBnL39R/ -AN9WM2K191EBkOvDP9GIROkkXe/nFL0gt5o8AP5tn9uQ3Nf0YtaLcF3n5QRIqWh8 -yfFC82x/xXp8HVGIutIKPidd3i1RTtMTZGnkLuPT55sJmabglZvOGtd/vjzOUrMR -FcEPF80Du5wlFbqidon8BvEY0JNLDnyCt6X09l/+7UCmnYR0ObncHoUW2ikbhiMA -ybuJfm6AiB4vFLQDJKgybwOaRywwvlbGp0ICcBvqQNi6BQNwB6SW//1IMwrh3KWB -kJtN3X3n57LNXMhqlfil9o3EXXgIvnsG1knPGTZQIy4I5p4FTUcY1Rbpsda2ENW7 -l7+ijrRU ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFazCCA1OgAwIBAgISESBVg+QtPlRWhS2DN7cs3EYRMA0GCSqGSIb3DQEBDQUA -MD4xCzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2Vy -dHBsdXMgUm9vdCBDQSBHMTAeFw0xNDA1MjYwMDAwMDBaFw0zODAxMTUwMDAwMDBa -MD4xCzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2Vy -dHBsdXMgUm9vdCBDQSBHMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB -ANpQh7bauKk+nWT6VjOaVj0W5QOVsjQcmm1iBdTYj+eJZJ+622SLZOZ5KmHNr49a -iZFluVj8tANfkT8tEBXgfs+8/H9DZ6itXjYj2JizTfNDnjl8KvzsiNWI7nC9hRYt -6kuJPKNxQv4c/dMcLRC4hlTqQ7jbxofaqK6AJc96Jh2qkbBIb6613p7Y1/oA/caP -0FG7Yn2ksYyy/yARujVjBYZHYEMzkPZHogNPlk2dT8Hq6pyi/jQu3rfKG3akt62f -6ajUeD94/vI4CTYd0hYCyOwqaK/1jpTvLRN6HkJKHRUxrgwEV/xhc/MxVoYxgKDE -EW4wduOU8F8ExKyHcomYxZ3MVwia9Az8fXoFOvpHgDm2z4QTd28n6v+WZxcIbekN -1iNQMLAVdBM+5S//Ds3EC0pd8NgAM0lm66EYfFkuPSi5YXHLtaW6uOrc4nBvCGrc -h2c0798wct3zyT8j/zXhviEpIDCB5BmlIOklynMxdCm+4kLV87ImZsdo/Rmz5yCT -mehd4F6H50boJZwKKSTUzViGUkAksnsPmBIgJPaQbEfIDbsYIC7Z/fyL8inqh3SV -4EJQeIQEQWGw9CEjjy3LKCHyamz0GqbFFLQ3ZU+V/YDI+HLlJWvEYLF7bY5KinPO -WftwenMGE9nTdDckQQoRb5fc5+R+ob0V8rqHDz1oihYHAgMBAAGjYzBhMA4GA1Ud -DwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSowcCbkahDFXxd -Bie0KlHYlwuBsTAfBgNVHSMEGDAWgBSowcCbkahDFXxdBie0KlHYlwuBsTANBgkq -hkiG9w0BAQ0FAAOCAgEAnFZvAX7RvUz1isbwJh/k4DgYzDLDKTudQSk0YcbX8ACh -66Ryj5QXvBMsdbRX7gp8CXrc1cqh0DQT+Hern+X+2B50ioUHj3/MeXrKls3N/U/7 -/SMNkPX0XtPGYX2eEeAC7gkE2Qfdpoq3DIMku4NQkv5gdRE+2J2winq14J2by5BS -S7CTKtQ+FjPlnsZlFT5kOwQ/2wyPX1wdaR+v8+khjPPvl/aatxm2hHSco1S1cE5j -2FddUyGbQJJD+tZ3VTNPZNX70Cxqjm0lpu+F6ALEUz65noe8zDUa3qHpimOHZR4R -Kttjd5cUvpoUmRGywO6wT/gUITJDT5+rosuoD6o7BlXGEilXCNQ314cnrUlZp5Gr -RHpejXDbl85IULFzk/bwg2D5zfHhMf1bfHEhYxQUqq/F3pN+aLHsIqKqkHWetUNy -6mSjhEv9DKgma3GX7lZjZuhCVPnHHd/Qj1vfyDBviP4NxDMcU6ij/UgQ8uQKTuEV -V/xuZDDCVRHc6qnNSlSsKWNEz0pAoNZoWRsz+e86i9sgktxChL8Bq4fA1SCC28a5 -g4VCXA9DO2pJNdWY9BW/+mGBDAkgGNLQFwzLSABQ6XaCjGTXOqAHVcweMcDvOrRl -++O/QmueD6i9a5jc2NvLi6Td11n0bt3+qsOR0C5CB8AMTVPNJLFMWx5R9N/pkvo= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICHDCCAaKgAwIBAgISESDZkc6uo+jF5//pAq/Pc7xVMAoGCCqGSM49BAMDMD4x -CzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2VydHBs -dXMgUm9vdCBDQSBHMjAeFw0xNDA1MjYwMDAwMDBaFw0zODAxMTUwMDAwMDBaMD4x -CzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2VydHBs -dXMgUm9vdCBDQSBHMjB2MBAGByqGSM49AgEGBSuBBAAiA2IABM0PW1aC3/BFGtat -93nwHcmsltaeTpwftEIRyoa/bfuFo8XlGVzX7qY/aWfYeOKmycTbLXku54uNAm8x -Ik0G42ByRZ0OQneezs/lf4WbGOT8zC5y0xaTTsqZY1yhBSpsBqNjMGEwDgYDVR0P -AQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNqDYwJ5jtpMxjwj -FNiPwyCrKGBZMB8GA1UdIwQYMBaAFNqDYwJ5jtpMxjwjFNiPwyCrKGBZMAoGCCqG -SM49BAMDA2gAMGUCMHD+sAvZ94OX7PNVHdTcswYO/jOYnYs5kGuUIe22113WTNch -p+e/IQ8rzfcq3IUHnQIxAIYUFuXcsGXCwI4Un78kFmjlvPl5adytRSv3tjFzzAal -U5ORGpOucGpnutee5WEaXw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDDDCCAfSgAwIBAgIDAQAgMA0GCSqGSIb3DQEBBQUAMD4xCzAJBgNVBAYTAlBM -MRswGQYDVQQKExJVbml6ZXRvIFNwLiB6IG8uby4xEjAQBgNVBAMTCUNlcnR1bSBD -QTAeFw0wMjA2MTExMDQ2MzlaFw0yNzA2MTExMDQ2MzlaMD4xCzAJBgNVBAYTAlBM -MRswGQYDVQQKExJVbml6ZXRvIFNwLiB6IG8uby4xEjAQBgNVBAMTCUNlcnR1bSBD -QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM6xwS7TT3zNJc4YPk/E -jG+AanPIW1H4m9LcuwBcsaD8dQPugfCI7iNS6eYVM42sLQnFdvkrOYCJ5JdLkKWo -ePhzQ3ukYbDYWMzhbGZ+nPMJXlVjhNWo7/OxLjBos8Q82KxujZlakE403Daaj4GI -ULdtlkIJ89eVgw1BS7Bqa/j8D35in2fE7SZfECYPCE/wpFcozo+47UX2bu4lXapu -Ob7kky/ZR6By6/qmW6/KUz/iDsaWVhFu9+lmqSbYf5VT7QqFiLpPKaVCjF62/IUg -AKpoC6EahQGcxEZjgoi2IrHu/qpGWX7PNSzVttpd90gzFFS269lvzs2I1qsb2pY7 -HVkCAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEA -uI3O7+cUus/usESSbLQ5PqKEbq24IXfS1HeCh+YgQYHu4vgRt2PRFze+GXYkHAQa -TOs9qmdvLdTN/mUxcMUbpgIKumB7bVjCmkn+YzILa+M6wKyrO7Do0wlRjBCDxjTg -xSvgGrZgFCdsMneMvLJymM/NzD+5yCRCFNZX/OYmQ6kd5YCQzgNUKD73P9P4Te1q -CjqTE5s7FCMTY5w/0YcneeVMUeMBrYVdGjux1XMQpNPyvG5k9VpWkKjHDkx0Dy5x -O/fIR/RpbxXyEV6DHpx8Uq79AtoSqFlnGNu8cN2bsWntgM6JQEhqDjXKKWYVIZQs -6GAqm4VKQPNriiTsBhYscw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDuzCCAqOgAwIBAgIDBETAMA0GCSqGSIb3DQEBBQUAMH4xCzAJBgNVBAYTAlBM -MSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2llcyBTLkEuMScwJQYDVQQLEx5D -ZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxIjAgBgNVBAMTGUNlcnR1bSBU -cnVzdGVkIE5ldHdvcmsgQ0EwHhcNMDgxMDIyMTIwNzM3WhcNMjkxMjMxMTIwNzM3 -WjB+MQswCQYDVQQGEwJQTDEiMCAGA1UEChMZVW5pemV0byBUZWNobm9sb2dpZXMg -Uy5BLjEnMCUGA1UECxMeQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MSIw -IAYDVQQDExlDZXJ0dW0gVHJ1c3RlZCBOZXR3b3JrIENBMIIBIjANBgkqhkiG9w0B -AQEFAAOCAQ8AMIIBCgKCAQEA4/t9o3K6wvDJFIf1awFO4W5AB7ptJ11/91sts1rH -UV+rpDKmYYe2bg+G0jACl/jXaVehGDldamR5xgFZrDwxSjh80gTSSyjoIF87B6LM -TXPb865Px1bVWqeWifrzq2jUI4ZZJ88JJ7ysbnKDHDBy3+Ci6dLhdHUZvSqeexVU -BBvXQzmtVSjF4hq79MDkrjhJM8x2hZ85RdKknvISjFH4fOQtf/WsX+sWn7Et0brM -kUJ3TCXJkDhv2/DM+44el1k+1WBO5gUo7Ul5E0u6SNsv+XLTOcr+H9g0cvW0QM8x -AcPs3hEtF10fuFDRXhmnad4HMyjKUJX5p1TLVIZQRan5SQIDAQABo0IwQDAPBgNV -HRMBAf8EBTADAQH/MB0GA1UdDgQWBBQIds3LB/8k9sXN7buQvOKEN0Z19zAOBgNV -HQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQEFBQADggEBAKaorSLOAT2mo/9i0Eidi15y -sHhE49wcrwn9I0j6vSrEuVUEtRCjjSfeC4Jj0O7eDDd5QVsisrCaQVymcODU0HfL -I9MA4GxWL+FpDQ3Zqr8hgVDZBqWo/5U30Kr+4rP1mS1FhIrlQgnXdAIv94nYmem8 -J9RHjboNRhx3zxSkHLmkMcScKHQDNP8zGSal6Q10tz6XxnboJ5ajZt3hrvJBW8qY -VoNzcOSGGtIxQbovvi0TWnZvTuhOgQ4/WwMioBK+ZlgRSssDxLQqKi2WF+A5VLxI -03YnnZotBqbJ7DnSq9ufmgsnAjUpsUCV5/nonFWIGUbWtzT1fs45mtk48VH3Tyw= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF0jCCA7qgAwIBAgIQIdbQSk8lD8kyN/yqXhKN6TANBgkqhkiG9w0BAQ0FADCB -gDELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMu -QS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEkMCIG -A1UEAxMbQ2VydHVtIFRydXN0ZWQgTmV0d29yayBDQSAyMCIYDzIwMTExMDA2MDgz -OTU2WhgPMjA0NjEwMDYwODM5NTZaMIGAMQswCQYDVQQGEwJQTDEiMCAGA1UEChMZ -VW5pemV0byBUZWNobm9sb2dpZXMgUy5BLjEnMCUGA1UECxMeQ2VydHVtIENlcnRp -ZmljYXRpb24gQXV0aG9yaXR5MSQwIgYDVQQDExtDZXJ0dW0gVHJ1c3RlZCBOZXR3 -b3JrIENBIDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC9+Xj45tWA -DGSdhhuWZGc/IjoedQF97/tcZ4zJzFxrqZHmuULlIEub2pt7uZld2ZuAS9eEQCsn -0+i6MLs+CRqnSZXvK0AkwpfHp+6bJe+oCgCXhVqqndwpyeI1B+twTUrWwbNWuKFB -OJvR+zF/j+Bf4bE/D44WSWDXBo0Y+aomEKsq09DRZ40bRr5HMNUuctHFY9rnY3lE -fktjJImGLjQ/KUxSiyqnwOKRKIm5wFv5HdnnJ63/mgKXwcZQkpsCLL2puTRZCr+E -Sv/f/rOf69me4Jgj7KZrdxYq28ytOxykh9xGc14ZYmhFV+SQgkK7QtbwYeDBoz1m -o130GO6IyY0XRSmZMnUCMe4pJshrAua1YkV/NxVaI2iJ1D7eTiew8EAMvE0Xy02i -sx7QBlrd9pPPV3WZ9fqGGmd4s7+W/jTcvedSVuWz5XV710GRBdxdaeOVDUO5/IOW -OZV7bIBaTxNyxtd9KXpEulKkKtVBRgkg/iKgtlswjbyJDNXXcPiHUv3a76xRLgez -Tv7QCdpw75j6VuZt27VXS9zlLCUVyJ4ueE742pyehizKV/Ma5ciSixqClnrDvFAS -adgOWkaLOusm+iPJtrCBvkIApPjW/jAux9JG9uWOdf3yzLnQh1vMBhBgu4M1t15n -3kfsmUjxpKEV/q2MYo45VU85FrmxY53/twIDAQABo0IwQDAPBgNVHRMBAf8EBTAD -AQH/MB0GA1UdDgQWBBS2oVQ5AsOgP46KvPrU+Bym0ToO/TAOBgNVHQ8BAf8EBAMC -AQYwDQYJKoZIhvcNAQENBQADggIBAHGlDs7k6b8/ONWJWsQCYftMxRQXLYtPU2sQ -F/xlhMcQSZDe28cmk4gmb3DWAl45oPePq5a1pRNcgRRtDoGCERuKTsZPpd1iHkTf -CVn0W3cLN+mLIMb4Ck4uWBzrM9DPhmDJ2vuAL55MYIR4PSFk1vtBHxgP58l1cb29 -XN40hz5BsA72udY/CROWFC/emh1auVbONTqwX3BNXuMp8SMoclm2q8KMZiYcdywm -djWLKKdpoPk79SPdhRB0yZADVpHnr7pH1BKXESLjokmUbOe3lEu6LaTaM4tMpkT/ -WjzGHWTYtTHkpjx6qFcL2+1hGsvxznN3Y6SHb0xRONbkX8eftoEq5IVIeVheO/jb -AoJnwTnbw3RLPTYe+SmTiGhbqEQZIfCn6IENLOiTNrQ3ssqwGyZ6miUfmpqAnksq -P/ujmv5zMnHCnsZy4YpoJ/HkD7TETKVhk/iXEAcqMCWpuchxuO9ozC1+9eB+D4Ko -b7a6bINDd82Kkhehnlt4Fj1F4jNy3eFmypnTycUm/Q1oBEauttmbjL4ZvrHG8hnj -XALKLNhvSgfZyTXaQHXyxKcZb55CEJh15pWLYLztxRLXis7VmFxWlgPF7ncGNf/P -5O4/E2Hu29othfDNrp2yGAlFw5Khchf8R7agCyzxxN5DaAhqXzvwdmP7zAYspsbi -DrW5viSP ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIHTzCCBTegAwIBAgIJAKPaQn6ksa7aMA0GCSqGSIb3DQEBBQUAMIGuMQswCQYD -VQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0 -IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAGA1UEBRMJQTgyNzQzMjg3 -MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xKTAnBgNVBAMTIENoYW1iZXJz -IG9mIENvbW1lcmNlIFJvb3QgLSAyMDA4MB4XDTA4MDgwMTEyMjk1MFoXDTM4MDcz -MTEyMjk1MFowga4xCzAJBgNVBAYTAkVVMUMwQQYDVQQHEzpNYWRyaWQgKHNlZSBj -dXJyZW50IGFkZHJlc3MgYXQgd3d3LmNhbWVyZmlybWEuY29tL2FkZHJlc3MpMRIw -EAYDVQQFEwlBODI3NDMyODcxGzAZBgNVBAoTEkFDIENhbWVyZmlybWEgUy5BLjEp -MCcGA1UEAxMgQ2hhbWJlcnMgb2YgQ29tbWVyY2UgUm9vdCAtIDIwMDgwggIiMA0G -CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCvAMtwNyuAWko6bHiUfaN/Gh/2NdW9 -28sNRHI+JrKQUrpjOyhYb6WzbZSm891kDFX29ufyIiKAXuFixrYp4YFs8r/lfTJq -VKAyGVn+H4vXPWCGhSRv4xGzdz4gljUha7MI2XAuZPeEklPWDrCQiorjh40G072Q -DuKZoRuGDtqaCrsLYVAGUvGef3bsyw/QHg3PmTA9HMRFEFis1tPo1+XqxQEHd9ZR -5gN/ikilTWh1uem8nk4ZcfUyS5xtYBkL+8ydddy/Js2Pk3g5eXNeJQ7KXOt3EgfL -ZEFHcpOrUMPrCXZkNNI5t3YRCQ12RcSprj1qr7V9ZS+UWBDsXHyvfuK2GNnQm05a -Sd+pZgvMPMZ4fKecHePOjlO+Bd5gD2vlGts/4+EhySnB8esHnFIbAURRPHsl18Tl -UlRdJQfKFiC4reRB7noI/plvg6aRArBsNlVq5331lubKgdaX8ZSD6e2wsWsSaR6s -+12pxZjptFtYer49okQ6Y1nUCyXeG0+95QGezdIp1Z8XGQpvvwyQ0wlf2eOKNcx5 -Wk0ZN5K3xMGtr/R5JJqyAQuxr1yW84Ay+1w9mPGgP0revq+ULtlVmhduYJ1jbLhj -ya6BXBg14JC7vjxPNyK5fuvPnnchpj04gftI2jE9K+OJ9dC1vX7gUMQSibMjmhAx -hduub+84Mxh2EQIDAQABo4IBbDCCAWgwEgYDVR0TAQH/BAgwBgEB/wIBDDAdBgNV -HQ4EFgQU+SSsD7K1+HnA+mCIG8TZTQKeFxkwgeMGA1UdIwSB2zCB2IAU+SSsD7K1 -+HnA+mCIG8TZTQKeFxmhgbSkgbEwga4xCzAJBgNVBAYTAkVVMUMwQQYDVQQHEzpN -YWRyaWQgKHNlZSBjdXJyZW50IGFkZHJlc3MgYXQgd3d3LmNhbWVyZmlybWEuY29t -L2FkZHJlc3MpMRIwEAYDVQQFEwlBODI3NDMyODcxGzAZBgNVBAoTEkFDIENhbWVy -ZmlybWEgUy5BLjEpMCcGA1UEAxMgQ2hhbWJlcnMgb2YgQ29tbWVyY2UgUm9vdCAt -IDIwMDiCCQCj2kJ+pLGu2jAOBgNVHQ8BAf8EBAMCAQYwPQYDVR0gBDYwNDAyBgRV -HSAAMCowKAYIKwYBBQUHAgEWHGh0dHA6Ly9wb2xpY3kuY2FtZXJmaXJtYS5jb20w -DQYJKoZIhvcNAQEFBQADggIBAJASryI1wqM58C7e6bXpeHxIvj99RZJe6dqxGfwW -PJ+0W2aeaufDuV2I6A+tzyMP3iU6XsxPpcG1Lawk0lgH3qLPaYRgM+gQDROpI9CF -5Y57pp49chNyM/WqfcZjHwj0/gF/JM8rLFQJ3uIrbZLGOU8W6jx+ekbURWpGqOt1 -glanq6B8aBMz9p0w8G8nOSQjKpD9kCk18pPfNKXG9/jvjA9iSnyu0/VU+I22mlaH -FoI6M6taIgj3grrqLuBHmrS1RaMFO9ncLkVAO+rcf+g769HsJtg1pDDFOqxXnrN2 -pSB7+R5KBWIBpih1YJeSDW4+TTdDDZIVnBgizVGZoCkaPF+KMjNbMMeJL0eYD6MD -xvbxrN8y8NmBGuScvfaAFPDRLLmF9dijscilIeUcE5fuDr3fKanvNFNb0+RqE4QG -tjICxFKuItLcsiFCGtpA8CnJ7AoMXOLQusxI0zcKzBIKinmwPQN/aUv0NCB9szTq -jktk9T79syNnFQ0EuPAtwQlRPLJsFfClI9eDdOTlLsn+mCdCxqvGnrDQWzilm1De -fhiYtUU79nm06PcaewaD+9CL2rvHvRirCG88gGtAPxkZumWK5r7VXNM21+9AUiRg -OGcEMeyP84LG3rlV8zsxkVrctQgVrXYlCg17LofiDKYGvCYQbTed7N14jHyAxfDZ -d0jQ ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDkzCCAnugAwIBAgIQFBOWgxRVjOp7Y+X8NId3RDANBgkqhkiG9w0BAQUFADA0 -MRMwEQYDVQQDEwpDb21TaWduIENBMRAwDgYDVQQKEwdDb21TaWduMQswCQYDVQQG -EwJJTDAeFw0wNDAzMjQxMTMyMThaFw0yOTAzMTkxNTAyMThaMDQxEzARBgNVBAMT -CkNvbVNpZ24gQ0ExEDAOBgNVBAoTB0NvbVNpZ24xCzAJBgNVBAYTAklMMIIBIjAN -BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8ORUaSvTx49qROR+WCf4C9DklBKK -8Rs4OC8fMZwG1Cyn3gsqrhqg455qv588x26i+YtkbDqthVVRVKU4VbirgwTyP2Q2 -98CNQ0NqZtH3FyrV7zb6MBBC11PN+fozc0yz6YQgitZBJzXkOPqUm7h65HkfM/sb -2CEJKHxNGGleZIp6GZPKfuzzcuc3B1hZKKxC+cX/zT/npfo4sdAMx9lSGlPWgcxC -ejVb7Us6eva1jsz/D3zkYDaHL63woSV9/9JLEYhwVKZBqGdTUkJe5DSe5L6j7Kpi -Xd3DTKaCQeQzC6zJMw9kglcq/QytNuEMrkvF7zuZ2SOzW120V+x0cAwqTwIDAQAB -o4GgMIGdMAwGA1UdEwQFMAMBAf8wPQYDVR0fBDYwNDAyoDCgLoYsaHR0cDovL2Zl -ZGlyLmNvbXNpZ24uY28uaWwvY3JsL0NvbVNpZ25DQS5jcmwwDgYDVR0PAQH/BAQD -AgGGMB8GA1UdIwQYMBaAFEsBmz5WGmU2dst7l6qSBe4y5ygxMB0GA1UdDgQWBBRL -AZs+VhplNnbLe5eqkgXuMucoMTANBgkqhkiG9w0BAQUFAAOCAQEA0Nmlfv4pYEWd -foPPbrxHbvUanlR2QnG0PFg/LUAlQvaBnPGJEMgOqnhPOAlXsDzACPw1jvFIUY0M -cXS6hMTXcpuEfDhOZAYnKuGntewImbQKDdSFc8gS4TXt8QUxHXOZDOuWyt3T5oWq -8Ir7dcHyCTxlZWTzTNity4hp8+SDtwy9F1qWF8pb/627HOkthIDYIb6FUtnUdLlp -hbpN7Sgy6/lhSuTENh4Z3G+EER+V9YMoGKgzkkMn3V0TBEVPh9VGzT2ouvDzuFYk -Res3x+F2T3I5GN9+dHLHcy056mDmrRGiVod7w2ia/viMcKjfZTL0pECMocJEAw6U -AGegcQCCSA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEMjCCAxqgAwIBAgIBATANBgkqhkiG9w0BAQUFADB7MQswCQYDVQQGEwJHQjEb -MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow -GAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UEAwwYQUFBIENlcnRpZmlj -YXRlIFNlcnZpY2VzMB4XDTA0MDEwMTAwMDAwMFoXDTI4MTIzMTIzNTk1OVowezEL -MAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE -BwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxITAfBgNVBAMM -GEFBQSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczCCASIwDQYJKoZIhvcNAQEBBQADggEP -ADCCAQoCggEBAL5AnfRu4ep2hxxNRUSOvkbIgwadwSr+GB+O5AL686tdUIoWMQua -BtDFcCLNSS1UY8y2bmhGC1Pqy0wkwLxyTurxFa70VJoSCsN6sjNg4tqJVfMiWPPe -3M/vg4aijJRPn2jymJBGhCfHdr/jzDUsi14HZGWCwEiwqJH5YZ92IFCokcdmtet4 -YgNW8IoaE+oxox6gmf049vYnMlhvB/VruPsUK6+3qszWY19zjNoFmag4qMsXeDZR -rOme9Hg6jc8P2ULimAyrL58OAd7vn5lJ8S3frHRNG5i1R8XlKdH5kBjHYpy+g8cm -ez6KJcfA3Z3mNWgQIJ2P2N7Sw4ScDV7oL8kCAwEAAaOBwDCBvTAdBgNVHQ4EFgQU -oBEKIz6W8Qfs4q8p74Klf9AwpLQwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQF -MAMBAf8wewYDVR0fBHQwcjA4oDagNIYyaHR0cDovL2NybC5jb21vZG9jYS5jb20v -QUFBQ2VydGlmaWNhdGVTZXJ2aWNlcy5jcmwwNqA0oDKGMGh0dHA6Ly9jcmwuY29t -b2RvLm5ldC9BQUFDZXJ0aWZpY2F0ZVNlcnZpY2VzLmNybDANBgkqhkiG9w0BAQUF -AAOCAQEACFb8AvCb6P+k+tZ7xkSAzk/ExfYAWMymtrwUSWgEdujm7l3sAg9g1o1Q -GE8mTgHj5rCl7r+8dFRBv/38ErjHT1r0iWAFf2C3BUrz9vHCv8S5dIa2LX1rzNLz -Rt0vxuBqw8M0Ayx9lt1awg6nCpnBBYurDC/zXDrPbDdVCYfeU0BsWO/8tqtlbgT2 -G9w84FoVxp7Z8VlIMCFlA2zs6SFz7JsDoeA3raAVGI/6ugLOpyypEBMs1OUIJqsi -l2D4kF501KKaU73yqWjgom7C12yxow+ev+to51byrvLjKzg6CYG1a4XXvi3tPxq3 -smPi9WIsgtRqAEFQ8TmDn5XpNpaYbg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDoTCCAomgAwIBAgILBAAAAAABD4WqLUgwDQYJKoZIhvcNAQEFBQAwOzEYMBYG -A1UEChMPQ3liZXJ0cnVzdCwgSW5jMR8wHQYDVQQDExZDeWJlcnRydXN0IEdsb2Jh -bCBSb290MB4XDTA2MTIxNTA4MDAwMFoXDTIxMTIxNTA4MDAwMFowOzEYMBYGA1UE -ChMPQ3liZXJ0cnVzdCwgSW5jMR8wHQYDVQQDExZDeWJlcnRydXN0IEdsb2JhbCBS -b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+Mi8vRRQZhP/8NN5 -7CPytxrHjoXxEnOmGaoQ25yiZXRadz5RfVb23CO21O1fWLE3TdVJDm71aofW0ozS -J8bi/zafmGWgE07GKmSb1ZASzxQG9Dvj1Ci+6A74q05IlG2OlTEQXO2iLb3VOm2y -HLtgwEZLAfVJrn5GitB0jaEMAs7u/OePuGtm839EAL9mJRQr3RAwHQeWP032a7iP -t3sMpTjr3kfb1V05/Iin89cqdPHoWqI7n1C6poxFNcJQZZXcY4Lv3b93TZxiyWNz -FtApD0mpSPCzqrdsxacwOUBdrsTiXSZT8M4cIwhhqJQZugRiQOwfOHB3EgZxpzAY -XSUnpQIDAQABo4GlMIGiMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/ -MB0GA1UdDgQWBBS2CHsNesysIEyGVjJez6tuhS1wVzA/BgNVHR8EODA2MDSgMqAw -hi5odHRwOi8vd3d3Mi5wdWJsaWMtdHJ1c3QuY29tL2NybC9jdC9jdHJvb3QuY3Js -MB8GA1UdIwQYMBaAFLYIew16zKwgTIZWMl7Pq26FLXBXMA0GCSqGSIb3DQEBBQUA -A4IBAQBW7wojoFROlZfJ+InaRcHUowAl9B8Tq7ejhVhpwjCt2BWKLePJzYFa+HMj -Wqd8BfP9IjsO0QbE2zZMcwSO5bAi5MXzLqXZI+O4Tkogp24CJJ8iYGd7ix1yCcUx -XOl5n4BHPa2hCwcUPUf/A2kaDAtE52Mlp3+yybh2hO0j9n0Hq0V+09+zv+mKts2o -omcrUtW3ZfA5TGOgkXmTUg9U3YO7n9GPp1Nzw8v/MOx8BLjYRB+TX3EJIrduPuoc -A06dGiBh+4E37F78CkWr1+cXVdCg6mCbpvbjjFspwgZgFJ0tl0ypkxWdYcQBX0jW -WL1WMRJOEcgh4LMRkWXbtKaIOM5V ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEDjCCAvagAwIBAgIDD92sMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNVBAYTAkRF -MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxHzAdBgNVBAMMFkQtVFJVU1QgUm9vdCBD -QSAzIDIwMTMwHhcNMTMwOTIwMDgyNTUxWhcNMjgwOTIwMDgyNTUxWjBFMQswCQYD -VQQGEwJERTEVMBMGA1UECgwMRC1UcnVzdCBHbWJIMR8wHQYDVQQDDBZELVRSVVNU -IFJvb3QgQ0EgMyAyMDEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA -xHtCkoIf7O1UmI4SwMoJ35NuOpNcG+QQd55OaYhs9uFp8vabomGxvQcgdJhl8Ywm -CM2oNcqANtFjbehEeoLDbF7eu+g20sRoNoyfMr2EIuDcwu4QRjltr5M5rofmw7wJ -ySxrZ1vZm3Z1TAvgu8XXvD558l++0ZBX+a72Zl8xv9Ntj6e6SvMjZbu376Ml1wrq -WLbviPr6ebJSWNXwrIyhUXQplapRO5AyA58ccnSQ3j3tYdLl4/1kR+W5t0qp9x+u -loYErC/jpIF3t1oW/9gPP/a3eMykr/pbPBJbqFKJcu+I89VEgYaVI5973bzZNO98 -lDyqwEHC451QGsDkGSL8swIDAQABo4IBBTCCAQEwDwYDVR0TAQH/BAUwAwEB/zAd -BgNVHQ4EFgQUP5DIfccVb/Mkj6nDL0uiDyGyL+cwDgYDVR0PAQH/BAQDAgEGMIG+ -BgNVHR8EgbYwgbMwdKByoHCGbmxkYXA6Ly9kaXJlY3RvcnkuZC10cnVzdC5uZXQv -Q049RC1UUlVTVCUyMFJvb3QlMjBDQSUyMDMlMjAyMDEzLE89RC1UcnVzdCUyMEdt -YkgsQz1ERT9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0MDugOaA3hjVodHRwOi8v -Y3JsLmQtdHJ1c3QubmV0L2NybC9kLXRydXN0X3Jvb3RfY2FfM18yMDEzLmNybDAN -BgkqhkiG9w0BAQsFAAOCAQEADlkOWOR0SCNEzzQhtZwUGq2aS7eziG1cqRdw8Cqf -jXv5e4X6xznoEAiwNStfzwLS05zICx7uBVSuN5MECX1sj8J0vPgclL4xAUAt8yQg -t4RVLFzI9XRKEBmLo8ftNdYJSNMOwLo5qLBGArDbxohZwr78e7Erz35ih1WWzAFv -m2chlTWL+BD8cRu3SzdppjvW7IvuwbDzJcmPkn2h6sPKRL8mpXSSnON065102ctN -h9j8tGlsi6BDB2B4l+nZk3zCRrybN1Kj7Yo8E6l7U0tJmhEFLAtuVqwfLoJs4Gln -tQ5tLdnkwBXxP/oYcuEVbSdbLTAoK59ImmQrme/ydUlfXA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEMzCCAxugAwIBAgIDCYPzMA0GCSqGSIb3DQEBCwUAME0xCzAJBgNVBAYTAkRF -MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxJzAlBgNVBAMMHkQtVFJVU1QgUm9vdCBD -bGFzcyAzIENBIDIgMjAwOTAeFw0wOTExMDUwODM1NThaFw0yOTExMDUwODM1NTha -ME0xCzAJBgNVBAYTAkRFMRUwEwYDVQQKDAxELVRydXN0IEdtYkgxJzAlBgNVBAMM -HkQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgMjAwOTCCASIwDQYJKoZIhvcNAQEB -BQADggEPADCCAQoCggEBANOySs96R+91myP6Oi/WUEWJNTrGa9v+2wBoqOADER03 -UAifTUpolDWzU9GUY6cgVq/eUXjsKj3zSEhQPgrfRlWLJ23DEE0NkVJD2IfgXU42 -tSHKXzlABF9bfsyjxiupQB7ZNoTWSPOSHjRGICTBpFGOShrvUD9pXRl/RcPHAY9R -ySPocq60vFYJfxLLHLGvKZAKyVXMD9O0Gu1HNVpK7ZxzBCHQqr0ME7UAyiZsxGsM -lFqVlNpQmvH/pStmMaTJOKDfHR+4CS7zp+hnUquVH+BGPtikw8paxTGA6Eian5Rp -/hnd2HN8gcqW3o7tszIFZYQ05ub9VxC1X3a/L7AQDcUCAwEAAaOCARowggEWMA8G -A1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFP3aFMSfMN4hvR5COfyrYyNJ4PGEMA4G -A1UdDwEB/wQEAwIBBjCB0wYDVR0fBIHLMIHIMIGAoH6gfIZ6bGRhcDovL2RpcmVj -dG9yeS5kLXRydXN0Lm5ldC9DTj1ELVRSVVNUJTIwUm9vdCUyMENsYXNzJTIwMyUy -MENBJTIwMiUyMDIwMDksTz1ELVRydXN0JTIwR21iSCxDPURFP2NlcnRpZmljYXRl -cmV2b2NhdGlvbmxpc3QwQ6BBoD+GPWh0dHA6Ly93d3cuZC10cnVzdC5uZXQvY3Js -L2QtdHJ1c3Rfcm9vdF9jbGFzc18zX2NhXzJfMjAwOS5jcmwwDQYJKoZIhvcNAQEL -BQADggEBAH+X2zDI36ScfSF6gHDOFBJpiBSVYEQBrLLpME+bUMJm2H6NMLVwMeni -acfzcNsgFYbQDfC+rAF1hM5+n02/t2A7nPPKHeJeaNijnZflQGDSNiH+0LS4F9p0 -o3/U37CYAqxva2ssJSRyoWXuJVrl5jLn8t+rSfrzkGkj2wTZ51xY/GXUl77M/C4K -zCUqNQT4YJEVdT1B/yMfGchs64JTBKbkTCJNjYy6zltz7GRUUG3RnFX7acM2w4y8 -PIWmawomDeCTmGCufsYkl4phX5GOZpIJhzbNi5stPvZR1FDUWSi9g/LMKHtThm3Y -Johw1+qRzT65ysCQblrGXnRl11z+o+I= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEQzCCAyugAwIBAgIDCYP0MA0GCSqGSIb3DQEBCwUAMFAxCzAJBgNVBAYTAkRF -MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxKjAoBgNVBAMMIUQtVFJVU1QgUm9vdCBD -bGFzcyAzIENBIDIgRVYgMjAwOTAeFw0wOTExMDUwODUwNDZaFw0yOTExMDUwODUw -NDZaMFAxCzAJBgNVBAYTAkRFMRUwEwYDVQQKDAxELVRydXN0IEdtYkgxKjAoBgNV -BAMMIUQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgRVYgMjAwOTCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAJnxhDRwui+3MKCOvXwEz75ivJn9gpfSegpn -ljgJ9hBOlSJzmY3aFS3nBfwZcyK3jpgAvDw9rKFs+9Z5JUut8Mxk2og+KbgPCdM0 -3TP1YtHhzRnp7hhPTFiu4h7WDFsVWtg6uMQYZB7jM7K1iXdODL/ZlGsTl28So/6Z -qQTMFexgaDbtCHu39b+T7WYxg4zGcTSHThfqr4uRjRxWQa4iN1438h3Z0S0NL2lR -p75mpoo6Kr3HGrHhFPC+Oh25z1uxav60sUYgovseO3Dvk5h9jHOW8sXvhXCtKSb8 -HgQ+HKDYD8tSg2J87otTlZCpV6LqYQXY+U3EJ/pure3511H3a6UCAwEAAaOCASQw -ggEgMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNOUikxiEyoZLsyvcop9Ntea -HNxnMA4GA1UdDwEB/wQEAwIBBjCB3QYDVR0fBIHVMIHSMIGHoIGEoIGBhn9sZGFw -Oi8vZGlyZWN0b3J5LmQtdHJ1c3QubmV0L0NOPUQtVFJVU1QlMjBSb290JTIwQ2xh -c3MlMjAzJTIwQ0ElMjAyJTIwRVYlMjAyMDA5LE89RC1UcnVzdCUyMEdtYkgsQz1E -RT9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0MEagRKBChkBodHRwOi8vd3d3LmQt -dHJ1c3QubmV0L2NybC9kLXRydXN0X3Jvb3RfY2xhc3NfM19jYV8yX2V2XzIwMDku -Y3JsMA0GCSqGSIb3DQEBCwUAA4IBAQA07XtaPKSUiO8aEXUHL7P+PPoeUSbrh/Yp -3uDx1MYkCenBz1UbtDDZzhr+BlGmFaQt77JLvyAoJUnRpjZ3NOhk31KxEcdzes05 -nsKtjHEh8lprr988TlWvsoRlFIm5d8sqMb7Po23Pb0iUMkZv53GMoKaEGTcH8gNF -CSuGdXzfX2lXANtu2KZyIktQ1HWYVt+3GP9DQ1CuekR78HlR10M9p9OB0/DJT7na -xpeG0ILD5EJt/rDiZE4OJudANCa1CInXCGNjOCd1HjPqbqjdn5lPdE2BiYBL3ZqX -KVwvvoFBuYz/6n1gBp7N1z3TLqMVvKjmJuVvw9y4AyHqnxbxLFS1 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/ -MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT -DkRTVCBSb290IENBIFgzMB4XDTAwMDkzMDIxMTIxOVoXDTIxMDkzMDE0MDExNVow -PzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQD -Ew5EU1QgUm9vdCBDQSBYMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB -AN+v6ZdQCINXtMxiZfaQguzH0yxrMMpb7NnDfcdAwRgUi+DoM3ZJKuM/IUmTrE4O -rz5Iy2Xu/NMhD2XSKtkyj4zl93ewEnu1lcCJo6m67XMuegwGMoOifooUMM0RoOEq -OLl5CjH9UL2AZd+3UWODyOKIYepLYYHsUmu5ouJLGiifSKOeDNoJjj4XLh7dIN9b -xiqKqy69cK3FCxolkHRyxXtqqzTWMIn/5WgTe1QLyNau7Fqckh49ZLOMxt+/yUFw -7BZy1SbsOFU5Q9D8/RhcQPGX69Wam40dutolucbY38EVAjqr2m7xPi71XAicPNaD -aeQQmxkqtilX4+U9m5/wAl0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNV -HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMSnsaR7LHH62+FLkHX/xBVghYkQMA0GCSqG -SIb3DQEBBQUAA4IBAQCjGiybFwBcqR7uKGY3Or+Dxz9LwwmglSBd49lZRNI+DT69 -ikugdB/OEIKcdBodfpga3csTS7MgROSR6cz8faXbauX+5v3gTt23ADq1cEmv8uXr -AvHRAosZy5Q6XkjEGB5YGV8eAlrwDPGxrancWYaLbumR9YbK+rlmM6pZW87ipxZz -R8srzJmwN0jP41ZL9c8PDHIyh8bwRLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5 -JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubSfZGL+T0yjWW06XyxV3bqxbYo -Ob8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDnzCCAoegAwIBAgIBJjANBgkqhkiG9w0BAQUFADBxMQswCQYDVQQGEwJERTEc -MBoGA1UEChMTRGV1dHNjaGUgVGVsZWtvbSBBRzEfMB0GA1UECxMWVC1UZWxlU2Vj -IFRydXN0IENlbnRlcjEjMCEGA1UEAxMaRGV1dHNjaGUgVGVsZWtvbSBSb290IENB -IDIwHhcNOTkwNzA5MTIxMTAwWhcNMTkwNzA5MjM1OTAwWjBxMQswCQYDVQQGEwJE -RTEcMBoGA1UEChMTRGV1dHNjaGUgVGVsZWtvbSBBRzEfMB0GA1UECxMWVC1UZWxl -U2VjIFRydXN0IENlbnRlcjEjMCEGA1UEAxMaRGV1dHNjaGUgVGVsZWtvbSBSb290 -IENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrC6M14IspFLEU -ha88EOQ5bzVdSq7d6mGNlUn0b2SjGmBmpKlAIoTZ1KXleJMOaAGtuU1cOs7TuKhC -QN/Po7qCWWqSG6wcmtoIKyUn+WkjR/Hg6yx6m/UTAtB+NHzCnjwAWav12gz1Mjwr -rFDa1sPeg5TKqAyZMg4ISFZbavva4VhYAUlfckE8FQYBjl2tqriTtM2e66foai1S -NNs671x1Udrb8zH57nGYMsRUFUQM+ZtV7a3fGAigo4aKSe5TBY8ZTNXeWHmb0moc -QqvF1afPaA+W5OFhmHZhyJF81j4A4pFQh+GdCuatl9Idxjp9y7zaAzTVjlsB9WoH -txa2bkp/AgMBAAGjQjBAMB0GA1UdDgQWBBQxw3kbuvVT1xfgiXotF2wKsyudMzAP -BgNVHRMECDAGAQH/AgEFMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOC -AQEAlGRZrTlk5ynrE/5aw4sTV8gEJPB0d8Bg42f76Ymmg7+Wgnxu1MM9756Abrsp -tJh6sTtU6zkXR34ajgv8HzFZMQSyzhfzLMdiNlXiItiJVbSYSKpk+tYcNthEeFpa -IzpXl/V6ME+un2pMSyuOoAPjPuCp1NJ70rOo4nI8rZ7/gFnkm0W09juwzTkZmDLl -6iFhkOQxIY40sfcvNUqFENrnijchvllj4PKFiDFT1FQUhXB59C4Gdyd1Lx+4ivn+ -xbrYNuSD7Odlt79jWvNGr4GUN9RBjNYj1h7P9WgbRGOiWrqnNVmh5XAFmw4jV5mU -Cm26OWMohpLzGITY+9HPBVZkVw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDtzCCAp+gAwIBAgIQDOfg5RfYRv6P5WD8G/AwOTANBgkqhkiG9w0BAQUFADBl -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv -b3QgQ0EwHhcNMDYxMTEwMDAwMDAwWhcNMzExMTEwMDAwMDAwWjBlMQswCQYDVQQG -EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNl -cnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgQ0EwggEi -MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtDhXO5EOAXLGH87dg+XESpa7c -JpSIqvTO9SA5KFhgDPiA2qkVlTJhPLWxKISKityfCgyDF3qPkKyK53lTXDGEKvYP -mDI2dsze3Tyoou9q+yHyUmHfnyDXH+Kx2f4YZNISW1/5WBg1vEfNoTb5a3/UsDg+ -wRvDjDPZ2C8Y/igPs6eD1sNuRMBhNZYW/lmci3Zt1/GiSw0r/wty2p5g0I6QNcZ4 -VYcgoc/lbQrISXwxmDNsIumH0DJaoroTghHtORedmTpyoeb6pNnVFzF1roV9Iq4/ -AUaG9ih5yLHa5FcXxH4cDrC0kqZWs72yl+2qp/C3xag/lRbQ/6GW6whfGHdPAgMB -AAGjYzBhMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQW -BBRF66Kv9JLLgjEtUYunpyGd823IDzAfBgNVHSMEGDAWgBRF66Kv9JLLgjEtUYun -pyGd823IDzANBgkqhkiG9w0BAQUFAAOCAQEAog683+Lt8ONyc3pklL/3cmbYMuRC -dWKuh+vy1dneVrOfzM4UKLkNl2BcEkxY5NM9g0lFWJc1aRqoR+pWxnmrEthngYTf -fwk8lOa4JiwgvT2zKIn3X/8i4peEH+ll74fg38FnSbNd67IJKusm7Xi+fT8r87cm -NW1fiQG2SVufAQWbqz0lwcy2f8Lxb4bG+mRo64EtlOtCt/qMHt1i8b5QZ7dsvfPx -H2sMNgcWfzd8qVttevESRmCD1ycEvkvOl77DZypoEd+A5wwzZr8TDRRu838fYxAe -+o0bJW1sj6W3YQGx0qMmoRBxna3iw/nDmVG3KwcIzi7mULKn+gpFL6Lw8g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDljCCAn6gAwIBAgIQC5McOtY5Z+pnI7/Dr5r0SzANBgkqhkiG9w0BAQsFADBl -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv -b3QgRzIwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1MTIwMDAwWjBlMQswCQYDVQQG -EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNl -cnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgRzIwggEi -MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ5ygvUj82ckmIkzTz+GoeMVSA -n61UQbVH35ao1K+ALbkKz3X9iaV9JPrjIgwrvJUXCzO/GU1BBpAAvQxNEP4Htecc -biJVMWWXvdMX0h5i89vqbFCMP4QMls+3ywPgym2hFEwbid3tALBSfK+RbLE4E9Hp -EgjAALAcKxHad3A2m67OeYfcgnDmCXRwVWmvo2ifv922ebPynXApVfSr/5Vh88lA -bx3RvpO704gqu52/clpWcTs/1PPRCv4o76Pu2ZmvA9OPYLfykqGxvYmJHzDNw6Yu -YjOuFgJ3RFrngQo8p0Quebg/BLxcoIfhG69Rjs3sLPr4/m3wOnyqi+RnlTGNAgMB -AAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQW -BBTOw0q5mVXyuNtgv6l+vVa1lzan1jANBgkqhkiG9w0BAQsFAAOCAQEAyqVVjOPI -QW5pJ6d1Ee88hjZv0p3GeDgdaZaikmkuOGybfQTUiaWxMTeKySHMq2zNixya1r9I -0jJmwYrA8y8678Dj1JGG0VDjA9tzd29KOVPt3ibHtX2vK0LRdWLjSisCx1BL4Gni -lmwORGYQRI+tBev4eaymG+g3NJ1TyWGqolKvSnAWhsI6yLETcDbYz+70CjTVW0z9 -B5yiutkBclzzTcHdDrEcDcRjvq30FPuJ7KJBDkzMyFdA0G4Dqs0MjomZmWzwPDCv -ON9vvKO+KSAnq3T/EyJ43pdSVR6DtVQgA+6uwE9W3jfMw3+qBCe703e4YtsXfJwo -IhNzbM8m9Yop5w== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICRjCCAc2gAwIBAgIQC6Fa+h3foLVJRK/NJKBs7DAKBggqhkjOPQQDAzBlMQsw -CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu -ZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3Qg -RzMwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1MTIwMDAwWjBlMQswCQYDVQQGEwJV -UzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQu -Y29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgRzMwdjAQBgcq -hkjOPQIBBgUrgQQAIgNiAAQZ57ysRGXtzbg/WPuNsVepRC0FFfLvC/8QdJ+1YlJf -Zn4f5dwbRXkLzMZTCp2NXQLZqVneAlr2lSoOjThKiknGvMYDOAdfVdp+CW7if17Q -RSAPWXYQ1qAk8C3eNvJsKTmjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/ -BAQDAgGGMB0GA1UdDgQWBBTL0L2p4ZgFUaFNN6KDec6NHSrkhDAKBggqhkjOPQQD -AwNnADBkAjAlpIFFAmsSS3V0T8gj43DydXLefInwz5FyYZ5eEJJZVrmDxxDnOOlY -JjZ91eQ0hjkCMHw2U/Aw5WJjOpnitqM7mzT6HtoQknFekROn3aRukswy1vUhZscv -6pZjamVFkpUBtA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD -QTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT -MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j -b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG -9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB -CSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97 -nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt -43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P -T19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4 -gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO -BgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR -TLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw -DQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr -hMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg -06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF -PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls -YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk -CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDjjCCAnagAwIBAgIQAzrx5qcRqaC7KGSxHQn65TANBgkqhkiG9w0BAQsFADBh -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH -MjAeFw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAwMDBaMGExCzAJBgNVBAYTAlVT -MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j -b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEcyMIIBIjANBgkqhkiG -9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzfNNNx7a8myaJCtSnX/RrohCgiN9RlUyfuI -2/Ou8jqJkTx65qsGGmvPrC3oXgkkRLpimn7Wo6h+4FR1IAWsULecYxpsMNzaHxmx -1x7e/dfgy5SDN67sH0NO3Xss0r0upS/kqbitOtSZpLYl6ZtrAGCSYP9PIUkY92eQ -q2EGnI/yuum06ZIya7XzV+hdG82MHauVBJVJ8zUtluNJbd134/tJS7SsVQepj5Wz -tCO7TG1F8PapspUwtP1MVYwnSlcUfIKdzXOS0xZKBgyMUNGPHgm+F6HmIcr9g+UQ -vIOlCsRnKPZzFBQ9RnbDhxSJITRNrw9FDKZJobq7nMWxM4MphQIDAQABo0IwQDAP -BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUTiJUIBiV -5uNu5g/6+rkS7QYXjzkwDQYJKoZIhvcNAQELBQADggEBAGBnKJRvDkhj6zHd6mcY -1Yl9PMWLSn/pvtsrF9+wX3N3KjITOYFnQoQj8kVnNeyIv/iPsGEMNKSuIEyExtv4 -NeF22d+mQrvHRAiGfzZ0JFrabA0UWTW98kndth/Jsw1HKj2ZL7tcu7XUIOGZX1NG -Fdtom/DzMNU+MeKNhJ7jitralj41E6Vf8PlwUHBHQRFXGU7Aj64GxJUTFy8bJZ91 -8rGOmaFvE7FBcf6IKshPECBV1/MUReXgRPTqh5Uykw7+U0b6LJ3/iyK5S9kJRaTe -pLiaWN0bfVKfjllDiIGknibVb63dDcY3fe0Dkhvld1927jyNxF1WW6LZZm6zNTfl -MrY= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICPzCCAcWgAwIBAgIQBVVWvPJepDU1w6QP1atFcjAKBggqhkjOPQQDAzBhMQsw -CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu -ZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBHMzAe -Fw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAwMDBaMGExCzAJBgNVBAYTAlVTMRUw -EwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20x -IDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEczMHYwEAYHKoZIzj0CAQYF -K4EEACIDYgAE3afZu4q4C/sLfyHS8L6+c/MzXRq8NOrexpu80JX28MzQC7phW1FG -fp4tn+6OYwwX7Adw9c+ELkCDnOg/QW07rdOkFFk2eJ0DQ+4QE2xy3q6Ip6FrtUPO -Z9wj/wMco+I+o0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAd -BgNVHQ4EFgQUs9tIpPmhxdiuNkHMEWNpYim8S8YwCgYIKoZIzj0EAwMDaAAwZQIx -AK288mw/EkrRLTnDCgmXc/SINoyIJ7vmiI1Qhadj+Z4y3maTD/HMsQmP3Wyr+mt/ -oAIwOWZbwmSNuJ5Q3KjVSaLtx9zRSX8XAbjIho9OjIgrqJqpisXRAL34VOKa5Vt8 -sycX ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDxTCCAq2gAwIBAgIQAqxcJmoLQJuPC3nyrkYldzANBgkqhkiG9w0BAQUFADBs -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j -ZSBFViBSb290IENBMB4XDTA2MTExMDAwMDAwMFoXDTMxMTExMDAwMDAwMFowbDEL -MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3 -LmRpZ2ljZXJ0LmNvbTErMCkGA1UEAxMiRGlnaUNlcnQgSGlnaCBBc3N1cmFuY2Ug -RVYgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMbM5XPm -+9S75S0tMqbf5YE/yc0lSbZxKsPVlDRnogocsF9ppkCxxLeyj9CYpKlBWTrT3JTW -PNt0OKRKzE0lgvdKpVMSOO7zSW1xkX5jtqumX8OkhPhPYlG++MXs2ziS4wblCJEM -xChBVfvLWokVfnHoNb9Ncgk9vjo4UFt3MRuNs8ckRZqnrG0AFFoEt7oT61EKmEFB -Ik5lYYeBQVCmeVyJ3hlKV9Uu5l0cUyx+mM0aBhakaHPQNAQTXKFx01p8VdteZOE3 -hzBWBOURtCmAEvF5OYiiAhF8J2a3iLd48soKqDirCmTCv2ZdlYTBoSUeh10aUAsg -EsxBu24LUTi4S8sCAwEAAaNjMGEwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQF -MAMBAf8wHQYDVR0OBBYEFLE+w2kD+L9HAdSYJhoIAu9jZCvDMB8GA1UdIwQYMBaA -FLE+w2kD+L9HAdSYJhoIAu9jZCvDMA0GCSqGSIb3DQEBBQUAA4IBAQAcGgaX3Nec -nzyIZgYIVyHbIUf4KmeqvxgydkAQV8GK83rZEWWONfqe/EW1ntlMMUu4kehDLI6z -eM7b41N5cdblIZQB2lWHmiRk9opmzN6cN82oNLFpmyPInngiK3BD41VHMWEZ71jF -hS9OMPagMRYjyOfiZRYzy78aG6A9+MpeizGLYAiJLQwGXFK3xPkKmNEVX58Svnw2 -Yzi9RKR/5CYrCsSXaQ3pjOLAEFe4yHYSkVXySGnYvCoCWw9E1CAx2/S6cCZdkGCe -vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep -+OkuE6N36B9K ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFkDCCA3igAwIBAgIQBZsbV56OITLiOQe9p3d1XDANBgkqhkiG9w0BAQwFADBi -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSEwHwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3Qg -RzQwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1MTIwMDAwWjBiMQswCQYDVQQGEwJV -UzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQu -Y29tMSEwHwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3QgRzQwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQC/5pBzaN675F1KPDAiMGkz7MKnJS7JIT3y -ithZwuEppz1Yq3aaza57G4QNxDAf8xukOBbrVsaXbR2rsnnyyhHS5F/WBTxSD1If -xp4VpX6+n6lXFllVcq9ok3DCsrp1mWpzMpTREEQQLt+C8weE5nQ7bXHiLQwb7iDV -ySAdYyktzuxeTsiT+CFhmzTrBcZe7FsavOvJz82sNEBfsXpm7nfISKhmV1efVFiO -DCu3T6cw2Vbuyntd463JT17lNecxy9qTXtyOj4DatpGYQJB5w3jHtrHEtWoYOAMQ -jdjUN6QuBX2I9YI+EJFwq1WCQTLX2wRzKm6RAXwhTNS8rhsDdV14Ztk6MUSaM0C/ -CNdaSaTC5qmgZ92kJ7yhTzm1EVgX9yRcRo9k98FpiHaYdj1ZXUJ2h4mXaXpI8OCi -EhtmmnTK3kse5w5jrubU75KSOp493ADkRSWJtppEGSt+wJS00mFt6zPZxd9LBADM -fRyVw4/3IbKyEbe7f/LVjHAsQWCqsWMYRJUadmJ+9oCw++hkpjPRiQfhvbfmQ6QY -uKZ3AeEPlAwhHbJUKSWJbOUOUlFHdL4mrLZBdd56rF+NP8m800ERElvlEFDrMcXK -chYiCd98THU/Y+whX8QgUWtvsauGi0/C1kVfnSD8oR7FwI+isX4KJpn15GkvmB0t -9dmpsh3lGwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB -hjAdBgNVHQ4EFgQU7NfjgtJxXWRM3y5nP+e6mK4cD08wDQYJKoZIhvcNAQEMBQAD -ggIBALth2X2pbL4XxJEbw6GiAI3jZGgPVs93rnD5/ZpKmbnJeFwMDF/k5hQpVgs2 -SV1EY+CtnJYYZhsjDT156W1r1lT40jzBQ0CuHVD1UvyQO7uYmWlrx8GnqGikJ9yd -+SeuMIW59mdNOj6PWTkiU0TryF0Dyu1Qen1iIQqAyHNm0aAFYF/opbSnr6j3bTWc -fFqK1qI4mfN4i/RN0iAL3gTujJtHgXINwBQy7zBZLq7gcfJW5GqXb5JQbZaNaHqa -sjYUegbyJLkJEVDXCLG4iXqEI2FCKeWjzaIgQdfRnGTZ6iahixTXTBmyUEFxPT9N -cCOGDErcgdLMMpSEDQgJlxxPwO5rIHQw0uA5NBCFIRUBCOhVMt5xSdkoF1BN5r5N -0XWs0Mr7QbhDparTwwVETyw2m+L64kW4I1NsBm9nVX9GtUw/bihaeSbSpKhil9Ie -4u1Ki7wb/UdKDd9nZn6yW0HQO+T0O/QEY+nvwlQAUaCKKsnOeMzV6ocEGLPOr0mI -r/OSmbaz5mEP0oUA51Aa5BuVnRmhuZyxm7EAHu/QD09CbMkKvO5D+jpxpchNJqU1 -/YldvIViHTLSoCtU7ZpXwdv6EM8Zt4tKG48BtieVU+i2iW1bvGjUI+iLUaJW+fCm -gKDWHrO8Dw9TdSmq6hN35N6MgSGtBxBHEa2HPQfRdbzP82Z+ ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIGSzCCBDOgAwIBAgIIamg+nFGby1MwDQYJKoZIhvcNAQELBQAwgbIxCzAJBgNV -BAYTAlRSMQ8wDQYDVQQHDAZBbmthcmExQDA+BgNVBAoMN0UtVHXEn3JhIEVCRyBC -aWxpxZ9pbSBUZWtub2xvamlsZXJpIHZlIEhpem1ldGxlcmkgQS7Fni4xJjAkBgNV -BAsMHUUtVHVncmEgU2VydGlmaWthc3lvbiBNZXJrZXppMSgwJgYDVQQDDB9FLVR1 -Z3JhIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTEzMDMwNTEyMDk0OFoXDTIz -MDMwMzEyMDk0OFowgbIxCzAJBgNVBAYTAlRSMQ8wDQYDVQQHDAZBbmthcmExQDA+ -BgNVBAoMN0UtVHXEn3JhIEVCRyBCaWxpxZ9pbSBUZWtub2xvamlsZXJpIHZlIEhp -em1ldGxlcmkgQS7Fni4xJjAkBgNVBAsMHUUtVHVncmEgU2VydGlmaWthc3lvbiBN -ZXJrZXppMSgwJgYDVQQDDB9FLVR1Z3JhIENlcnRpZmljYXRpb24gQXV0aG9yaXR5 -MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA4vU/kwVRHoViVF56C/UY -B4Oufq9899SKa6VjQzm5S/fDxmSJPZQuVIBSOTkHS0vdhQd2h8y/L5VMzH2nPbxH -D5hw+IyFHnSOkm0bQNGZDbt1bsipa5rAhDGvykPL6ys06I+XawGb1Q5KCKpbknSF -Q9OArqGIW66z6l7LFpp3RMih9lRozt6Plyu6W0ACDGQXwLWTzeHxE2bODHnv0ZEo -q1+gElIwcxmOj+GMB6LDu0rw6h8VqO4lzKRG+Bsi77MOQ7osJLjFLFzUHPhdZL3D -k14opz8n8Y4e0ypQBaNV2cvnOVPAmJ6MVGKLJrD3fY185MaeZkJVgkfnsliNZvcH -fC425lAcP9tDJMW/hkd5s3kc91r0E+xs+D/iWR+V7kI+ua2oMoVJl0b+SzGPWsut -dEcf6ZG33ygEIqDUD13ieU/qbIWGvaimzuT6w+Gzrt48Ue7LE3wBf4QOXVGUnhMM -ti6lTPk5cDZvlsouDERVxcr6XQKj39ZkjFqzAQqptQpHF//vkUAqjqFGOjGY5RH8 -zLtJVor8udBhmm9lbObDyz51Sf6Pp+KJxWfXnUYTTjF2OySznhFlhqt/7x3U+Lzn -rFpct1pHXFXOVbQicVtbC/DP3KBhZOqp12gKY6fgDT+gr9Oq0n7vUaDmUStVkhUX -U8u3Zg5mTPj5dUyQ5xJwx0UCAwEAAaNjMGEwHQYDVR0OBBYEFC7j27JJ0JxUeVz6 -Jyr+zE7S6E5UMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAULuPbsknQnFR5 -XPonKv7MTtLoTlQwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4ICAQAF -Nzr0TbdF4kV1JI+2d1LoHNgQk2Xz8lkGpD4eKexd0dCrfOAKkEh47U6YA5n+KGCR -HTAduGN8qOY1tfrTYXbm1gdLymmasoR6d5NFFxWfJNCYExL/u6Au/U5Mh/jOXKqY -GwXgAEZKgoClM4so3O0409/lPun++1ndYYRP0lSWE2ETPo+Aab6TR7U1Q9Jauz1c -77NCR807VRMGsAnb/WP2OogKmW9+4c4bU2pEZiNRCHu8W1Ki/QY3OEBhj0qWuJA3 -+GbHeJAAFS6LrVE1Uweoa2iu+U48BybNCAVwzDk/dr2l02cmAYamU9JgO3xDf1WK -vJUawSg5TB9D0pH0clmKuVb8P7Sd2nCcdlqMQ1DujjByTd//SffGqWfZbawCEeI6 -FiWnWAjLb1NBnEg4R2gz0dfHj9R0IdTDBZB6/86WiLEVKV0jq9BgoRJP3vQXzTLl -yb/IQ639Lo7xr+L0mPoSHyDYwKcMhcWQ9DstliaxLL5Mq+ux0orJ23gTDx4JnW2P -AJ8C2sH6H3p6CcRK5ogql5+Ji/03X186zjhZhkuvcQu02PJwT58yE+Owp1fl2tpD -y4Q08ijE6m30Ku/Ba3ba+367hTzSU8JNvnHhRdH9I2cNE3X7z2VnIp2usAnRCf8d -NL/+I5c30jn6PQ0GC7TbO6Orb1wdtn7os4I07QZcJA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFVjCCBD6gAwIBAgIQ7is969Qh3hSoYqwE893EATANBgkqhkiG9w0BAQUFADCB -8zELMAkGA1UEBhMCRVMxOzA5BgNVBAoTMkFnZW5jaWEgQ2F0YWxhbmEgZGUgQ2Vy -dGlmaWNhY2lvIChOSUYgUS0wODAxMTc2LUkpMSgwJgYDVQQLEx9TZXJ2ZWlzIFB1 -YmxpY3MgZGUgQ2VydGlmaWNhY2lvMTUwMwYDVQQLEyxWZWdldSBodHRwczovL3d3 -dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbCAoYykwMzE1MDMGA1UECxMsSmVyYXJxdWlh -IEVudGl0YXRzIGRlIENlcnRpZmljYWNpbyBDYXRhbGFuZXMxDzANBgNVBAMTBkVD -LUFDQzAeFw0wMzAxMDcyMzAwMDBaFw0zMTAxMDcyMjU5NTlaMIHzMQswCQYDVQQG -EwJFUzE7MDkGA1UEChMyQWdlbmNpYSBDYXRhbGFuYSBkZSBDZXJ0aWZpY2FjaW8g -KE5JRiBRLTA4MDExNzYtSSkxKDAmBgNVBAsTH1NlcnZlaXMgUHVibGljcyBkZSBD -ZXJ0aWZpY2FjaW8xNTAzBgNVBAsTLFZlZ2V1IGh0dHBzOi8vd3d3LmNhdGNlcnQu -bmV0L3ZlcmFycmVsIChjKTAzMTUwMwYDVQQLEyxKZXJhcnF1aWEgRW50aXRhdHMg -ZGUgQ2VydGlmaWNhY2lvIENhdGFsYW5lczEPMA0GA1UEAxMGRUMtQUNDMIIBIjAN -BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyLHT+KXQpWIR4NA9h0X84NzJB5R -85iKw5K4/0CQBXCHYMkAqbWUZRkiFRfCQ2xmRJoNBD45b6VLeqpjt4pEndljkYRm -4CgPukLjbo73FCeTae6RDqNfDrHrZqJyTxIThmV6PttPB/SnCWDaOkKZx7J/sxaV -HMf5NLWUhdWZXqBIoH7nF2W4onW4HvPlQn2v7fOKSGRdghST2MDk/7NQcvJ29rNd -QlB50JQ+awwAvthrDk4q7D7SzIKiGGUzE3eeml0aE9jD2z3Il3rucO2n5nzbcc8t -lGLfbdb1OL4/pYUKGbio2Al1QnDE6u/LDsg0qBIimAy4E5S2S+zw0JDnJwIDAQAB -o4HjMIHgMB0GA1UdEQQWMBSBEmVjX2FjY0BjYXRjZXJ0Lm5ldDAPBgNVHRMBAf8E -BTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUoMOLRKo3pUW/l4Ba0fF4 -opvpXY0wfwYDVR0gBHgwdjB0BgsrBgEEAfV4AQMBCjBlMCwGCCsGAQUFBwIBFiBo -dHRwczovL3d3dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbDA1BggrBgEFBQcCAjApGidW -ZWdldSBodHRwczovL3d3dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbCAwDQYJKoZIhvcN -AQEFBQADggEBAKBIW4IB9k1IuDlVNZyAelOZ1Vr/sXE7zDkJlF7W2u++AVtd0x7Y -/X1PzaBB4DSTv8vihpw3kpBWHNzrKQXlxJ7HNd+KDM3FIUPpqojlNcAZQmNaAl6k -SBg6hW/cnbw/nZzBh7h6YQjpdwt/cKt63dmXLGQehb+8dJahw3oS7AwaboMMPOhy -Rp/7SNVel+axofjk70YllJyJ22k4vuxcDlbHZVHlUIiIv0LVKz3l+bqeLrPK9HOS -Agu+TGbrIP65y7WZf+a2E/rKS03Z7lNGBjvGTq2TWoF+bCpLagVFjPIhpDGQh2xl -nJ2lYJU6Un/10asIbvPuW/mIPX64b24D5EI= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEAzCCAuugAwIBAgIQVID5oHPtPwBMyonY43HmSjANBgkqhkiG9w0BAQUFADB1 -MQswCQYDVQQGEwJFRTEiMCAGA1UECgwZQVMgU2VydGlmaXRzZWVyaW1pc2tlc2t1 -czEoMCYGA1UEAwwfRUUgQ2VydGlmaWNhdGlvbiBDZW50cmUgUm9vdCBDQTEYMBYG -CSqGSIb3DQEJARYJcGtpQHNrLmVlMCIYDzIwMTAxMDMwMTAxMDMwWhgPMjAzMDEy -MTcyMzU5NTlaMHUxCzAJBgNVBAYTAkVFMSIwIAYDVQQKDBlBUyBTZXJ0aWZpdHNl -ZXJpbWlza2Vza3VzMSgwJgYDVQQDDB9FRSBDZXJ0aWZpY2F0aW9uIENlbnRyZSBS -b290IENBMRgwFgYJKoZIhvcNAQkBFglwa2lAc2suZWUwggEiMA0GCSqGSIb3DQEB -AQUAA4IBDwAwggEKAoIBAQDIIMDs4MVLqwd4lfNE7vsLDP90jmG7sWLqI9iroWUy -euuOF0+W2Ap7kaJjbMeMTC55v6kF/GlclY1i+blw7cNRfdCT5mzrMEvhvH2/UpvO -bntl8jixwKIy72KyaOBhU8E2lf/slLo2rpwcpzIP5Xy0xm90/XsY6KxX7QYgSzIw -WFv9zajmofxwvI6Sc9uXp3whrj3B9UiHbCe9nyV0gVWw93X2PaRka9ZP585ArQ/d -MtO8ihJTmMmJ+xAdTX7Nfh9WDSFwhfYggx/2uh8Ej+p3iDXE/+pOoYtNP2MbRMNE -1CV2yreN1x5KZmTNXMWcg+HCCIia7E6j8T4cLNlsHaFLAgMBAAGjgYowgYcwDwYD -VR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFBLyWj7qVhy/ -zQas8fElyalL1BSZMEUGA1UdJQQ+MDwGCCsGAQUFBwMCBggrBgEFBQcDAQYIKwYB -BQUHAwMGCCsGAQUFBwMEBggrBgEFBQcDCAYIKwYBBQUHAwkwDQYJKoZIhvcNAQEF -BQADggEBAHv25MANqhlHt01Xo/6tu7Fq1Q+e2+RjxY6hUFaTlrg4wCQiZrxTFGGV -v9DHKpY5P30osxBAIWrEr7BSdxjhlthWXePdNl4dp1BUoMUq5KqMlIpPnTX/dqQG -E5Gion0ARD9V04I8GtVbvFZMIi5GQ4okQC3zErg7cBqklrkar4dBGmoYDQZPxz5u -uSlNDUmJEYcyW+ZLBMjkXOZ0c5RdFpgTlf7727FE5TpwrDdr5rMzcijJs1eg9gIW -iAYLtqZLICjU3j2LrTcFU3T+bsy8QxdxXvnFzBqpYe73dgzzcvRyrc9yAjYHR8/v -GVCJYMzpJJUPwssd8m92kMfMdcGWxZ0= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEKjCCAxKgAwIBAgIEOGPe+DANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChML -RW50cnVzdC5uZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNfMjA0OCBp -bmNvcnAuIGJ5IHJlZi4gKGxpbWl0cyBsaWFiLikxJTAjBgNVBAsTHChjKSAxOTk5 -IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNVBAMTKkVudHJ1c3QubmV0IENlcnRp -ZmljYXRpb24gQXV0aG9yaXR5ICgyMDQ4KTAeFw05OTEyMjQxNzUwNTFaFw0yOTA3 -MjQxNDE1MTJaMIG0MRQwEgYDVQQKEwtFbnRydXN0Lm5ldDFAMD4GA1UECxQ3d3d3 -LmVudHJ1c3QubmV0L0NQU18yMDQ4IGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxp -YWIuKTElMCMGA1UECxMcKGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDEzMDEG -A1UEAxMqRW50cnVzdC5uZXQgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgKDIwNDgp -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArU1LqRKGsuqjIAcVFmQq -K0vRvwtKTY7tgHalZ7d4QMBzQshowNtTK91euHaYNZOLGp18EzoOH1u3Hs/lJBQe -sYGpjX24zGtLA/ECDNyrpUAkAH90lKGdCCmziAv1h3edVc3kw37XamSrhRSGlVuX -MlBvPci6Zgzj/L24ScF2iUkZ/cCovYmjZy/Gn7xxGWC4LeksyZB2ZnuU4q941mVT -XTzWnLLPKQP5L6RQstRIzgUyVYr9smRMDuSYB3Xbf9+5CFVghTAp+XtIpGmG4zU/ -HoZdenoVve8AjhUiVBcAkCaTvA5JaJG/+EfTnZVCwQ5N328mz8MYIWJmQ3DW1cAH -4QIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV -HQ4EFgQUVeSB0RGAvtiJuQijMfmhJAkWuXAwDQYJKoZIhvcNAQEFBQADggEBADub -j1abMOdTmXx6eadNl9cZlZD7Bh/KM3xGY4+WZiT6QBshJ8rmcnPyT/4xmf3IDExo -U8aAghOY+rat2l098c5u9hURlIIM7j+VrxGrD9cv3h8Dj1csHsm7mhpElesYT6Yf -zX1XEC+bBAlahLVu2B064dae0Wx5XnkcFMXj0EyTO2U87d89vqbllRrDtRnDvV5b -u/8j72gZyxKTJ1wDLW8w0B62GqzeWvfRqqgnpv55gcR5mTNXuhKwqeBCbJPKVt7+ -bYQLCIt+jerXmCHG8+c8eS9enNFMFY3h7CI3zJpDC5fcgJCNs2ebb0gIFVbPv/Er -fF6adulZkMV8gzURZVE= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEkTCCA3mgAwIBAgIERWtQVDANBgkqhkiG9w0BAQUFADCBsDELMAkGA1UEBhMC -VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xOTA3BgNVBAsTMHd3dy5lbnRydXN0 -Lm5ldC9DUFMgaXMgaW5jb3Jwb3JhdGVkIGJ5IHJlZmVyZW5jZTEfMB0GA1UECxMW -KGMpIDIwMDYgRW50cnVzdCwgSW5jLjEtMCsGA1UEAxMkRW50cnVzdCBSb290IENl -cnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA2MTEyNzIwMjM0MloXDTI2MTEyNzIw -NTM0MlowgbAxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMTkw -NwYDVQQLEzB3d3cuZW50cnVzdC5uZXQvQ1BTIGlzIGluY29ycG9yYXRlZCBieSBy -ZWZlcmVuY2UxHzAdBgNVBAsTFihjKSAyMDA2IEVudHJ1c3QsIEluYy4xLTArBgNV -BAMTJEVudHJ1c3QgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASIwDQYJ -KoZIhvcNAQEBBQADggEPADCCAQoCggEBALaVtkNC+sZtKm9I35RMOVcF7sN5EUFo -Nu3s/poBj6E4KPz3EEZmLk0eGrEaTsbRwJWIsMn/MYszA9u3g3s+IIRe7bJWKKf4 -4LlAcTfFy0cOlypowCKVYhXbR9n10Cv/gkvJrT7eTNuQgFA/CYqEAOwwCj0Yzfv9 -KlmaI5UXLEWeH25DeW0MXJj+SKfFI0dcXv1u5x609mhF0YaDW6KKjbHjKYD+JXGI -rb68j6xSlkuqUY3kEzEZ6E5Nn9uss2rVvDlUccp6en+Q3X0dgNmBu1kmwhH+5pPi -94DkZfs0Nw4pgHBNrziGLp5/V6+eF67rHMsoIV+2HNjnogQi+dPa2MsCAwEAAaOB -sDCBrTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zArBgNVHRAEJDAi -gA8yMDA2MTEyNzIwMjM0MlqBDzIwMjYxMTI3MjA1MzQyWjAfBgNVHSMEGDAWgBRo -kORnpKZTgMeGZqTx90tD+4S9bTAdBgNVHQ4EFgQUaJDkZ6SmU4DHhmak8fdLQ/uE -vW0wHQYJKoZIhvZ9B0EABBAwDhsIVjcuMTo0LjADAgSQMA0GCSqGSIb3DQEBBQUA -A4IBAQCT1DCw1wMgKtD5Y+iRDAUgqV8ZyntyTtSx29CW+1RaGSwMCPeyvIWonX9t -O1KzKtvn1ISMY/YPyyYBkVBs9F8U4pN0wBOeMDpQ47RgxRzwIkSNcUesyBrJ6Zua -AGAT/3B+XxFNSRuzFVJ7yVTav52Vr2ua2J7p8eRDjeIRRDq/r72DQnNSi6q7pynP -9WQcCk3RvKqsnyrQ/39/2n3qse0wJcGE2jTSW3iDVuycNsMm4hH2Z0kdkquM++v/ -eu6FSqdQgPCnXEqULl8FmTxSQeDNtGPPAUO6nIPcj2A781q0tHuu2guQOHXvgR1m -0vdXcDazv/wor3ElhVsT/h5/WrQ8 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIC+TCCAoCgAwIBAgINAKaLeSkAAAAAUNCR+TAKBggqhkjOPQQDAzCBvzELMAkG -A1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3 -d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDEyIEVu -dHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEzMDEGA1UEAxMq -RW50cnVzdCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRUMxMB4XDTEy -MTIxODE1MjUzNloXDTM3MTIxODE1NTUzNlowgb8xCzAJBgNVBAYTAlVTMRYwFAYD -VQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQLEx9TZWUgd3d3LmVudHJ1c3QubmV0 -L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykgMjAxMiBFbnRydXN0LCBJbmMuIC0g -Zm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxMzAxBgNVBAMTKkVudHJ1c3QgUm9vdCBD -ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEVDMTB2MBAGByqGSM49AgEGBSuBBAAi -A2IABIQTydC6bUF74mzQ61VfZgIaJPRbiWlH47jCffHyAsWfoPZb1YsGGYZPUxBt -ByQnoaD41UcZYUx9ypMn6nQM72+WCf5j7HBdNq1nd67JnXxVRDqiY1Ef9eNi1KlH -Bz7MIKNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O -BBYEFLdj5xrdjekIplWDpOBqUEFlEUJJMAoGCCqGSM49BAMDA2cAMGQCMGF52OVC -R98crlOZF7ZvHH3hvxGU0QOIdeSNiaSKd0bebWHvAvX7td/M/k7//qnmpwIwW5nX -hTcGtXsI/esni0qU+eH6p44mCOh8kmhtc9hvJqwhAriZtyZBWyVgrtBIGu4G ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEPjCCAyagAwIBAgIESlOMKDANBgkqhkiG9w0BAQsFADCBvjELMAkGA1UEBhMC -VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50 -cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDA5IEVudHJ1c3Qs -IEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEyMDAGA1UEAxMpRW50cnVz -dCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzIwHhcNMDkwNzA3MTcy -NTU0WhcNMzAxMjA3MTc1NTU0WjCBvjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVu -dHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwt -dGVybXMxOTA3BgNVBAsTMChjKSAyMDA5IEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0 -aG9yaXplZCB1c2Ugb25seTEyMDAGA1UEAxMpRW50cnVzdCBSb290IENlcnRpZmlj -YXRpb24gQXV0aG9yaXR5IC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK -AoIBAQC6hLZy254Ma+KZ6TABp3bqMriVQRrJ2mFOWHLP/vaCeb9zYQYKpSfYs1/T -RU4cctZOMvJyig/3gxnQaoCAAEUesMfnmr8SVycco2gvCoe9amsOXmXzHHfV1IWN -cCG0szLni6LVhjkCsbjSR87kyUnEO6fe+1R9V77w6G7CebI6C1XiUJgWMhNcL3hW -wcKUs/Ja5CeanyTXxuzQmyWC48zCxEXFjJd6BmsqEZ+pCm5IO2/b1BEZQvePB7/1 -U1+cPvQXLOZprE4yTGJ36rfo5bs0vBmLrpxR57d+tVOxMyLlbc9wPBr64ptntoP0 -jaWvYkxN4FisZDQSA/i2jZRjJKRxAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAP -BgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRqciZ60B7vfec7aVHUbI2fkBJmqzAN -BgkqhkiG9w0BAQsFAAOCAQEAeZ8dlsa2eT8ijYfThwMEYGprmi5ZiXMRrEPR9RP/ -jTkrwPK9T3CMqS/qF8QLVJ7UG5aYMzyorWKiAHarWWluBh1+xLlEjZivEtRh2woZ -Rkfz6/djwUAFQKXSt/S1mja/qYh2iARVBCuch38aNzx+LaUa2NSJXsq9rD1s2G2v -1fN2D807iDginWyTmsQ9v4IbZT+mD12q/OWyFcq1rca8PdCE6OoGcrBNOTJ4vz4R -nAuknZoh8/CbCzB428Hch0P+vGOaysXCHMnHjf87ElgI5rY97HosTvuDls4MPGmH -VHOkc8KT/1EQrBVUAdj8BbGJoX90g5pJ19xOe4pIb4tF9g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFiDCCA3CgAwIBAgIIfQmX/vBH6nowDQYJKoZIhvcNAQELBQAwYjELMAkGA1UE -BhMCQ04xMjAwBgNVBAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZ -IENPLixMVEQuMR8wHQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMB4XDTE0 -MTEyNjA1MTMxNVoXDTQwMTIzMTE1NTk1OVowYjELMAkGA1UEBhMCQ04xMjAwBgNV -BAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZIENPLixMVEQuMR8w -HQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMIICIjANBgkqhkiG9w0BAQEF -AAOCAg8AMIICCgKCAgEA2aMW8Mh0dHeb7zMNOwZ+Vfy1YI92hhJCfVZmPoiC7XJj -Dp6L3TQsAlFRwxn9WVSEyfFrs0yw6ehGXTjGoqcuEVe6ghWinI9tsJlKCvLriXBj -TnnEt1u9ol2x8kECK62pOqPseQrsXzrj/e+APK00mxqriCZ7VqKChh/rNYmDf1+u -KU49tm7srsHwJ5uu4/Ts765/94Y9cnrrpftZTqfrlYwiOXnhLQiPzLyRuEH3FMEj -qcOtmkVEs7LXLM3GKeJQEK5cy4KOFxg2fZfmiJqwTTQJ9Cy5WmYqsBebnh52nUpm -MUHfP/vFBu8btn4aRjb3ZGM74zkYI+dndRTVdVeSN72+ahsmUPI2JgaQxXABZG12 -ZuGR224HwGGALrIuL4xwp9E7PLOR5G62xDtw8mySlwnNR30YwPO7ng/Wi64HtloP -zgsMR6flPri9fcebNaBhlzpBdRfMK5Z3KpIhHtmVdiBnaM8Nvd/WHwlqmuLMc3Gk -L30SgLdTMEZeS1SZD2fJpcjyIMGC7J0R38IC+xo70e0gmu9lZJIQDSri3nDxGGeC -jGHeuLzRL5z7D9Ar7Rt2ueQ5Vfj4oR24qoAATILnsn8JuLwwoC8N9VKejveSswoA -HQBUlwbgsQfZxw9cZX08bVlX5O2ljelAU58VS6Bx9hoh49pwBiFYFIeFd3mqgnkC -AwEAAaNCMEAwHQYDVR0OBBYEFOLJQJ9NzuiaoXzPDj9lxSmIahlRMA8GA1UdEwEB -/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQDRSVfg -p8xoWLoBDysZzY2wYUWsEe1jUGn4H3++Fo/9nesLqjJHdtJnJO29fDMylyrHBYZm -DRd9FBUb1Ov9H5r2XpdptxolpAqzkT9fNqyL7FeoPueBihhXOYV0GkLH6VsTX4/5 -COmSdI31R9KrO9b7eGZONn356ZLpBN79SWP8bfsUcZNnL0dKt7n/HipzcEYwv1ry -L3ml4Y0M2fmyYzeMN2WFcGpcWwlyua1jPLHd+PwyvzeG5LuOmCd+uh8W4XAR8gPf -JWIyJyYYMoSf/wA6E7qaTfRPuBRwIrHKK5DOKcFw9C+df/KQHtZa37dG/OaG+svg -IHZ6uqbL9XzeYqWxi+7egmaKTjowHz+Ay60nugxe19CxVsp3cbK1daFQqUBDF8Io -2c9Si1vIY9RCPqAzekYu9wogRlR+ak8x8YF+QnQ4ZXMn7sZ8uI7XpTrXmKGcjBBV -09tL7ECQ8s1uV9JiDnxXk7Gnbc2dg7sq5+W2O3FYrf3RRbxake5TFW/TRQl1brqQ -XR4EzzffHqhmsYzmIGrv/EhOdJhCrylvLmrH+33RZjEizIYAfmaDDEL0vTSSwxrq -T8p+ck0LcIymSLumoRT2+1hEmRSuqguTaaApJUqlyyvdimYHFngVV3Eb7PVHhPOe -MTd61X8kreS8/f3MboPoDKi3QWwH3b08hpcv0g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT -MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i -YWwgQ0EwHhcNMDIwNTIxMDQwMDAwWhcNMjIwNTIxMDQwMDAwWjBCMQswCQYDVQQG -EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMSR2VvVHJ1c3Qg -R2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2swYYzD9 -9BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9mOSm9BXiLnTjoBbdq -fnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIuT8rxh0PBFpVXLVDv -iS2Aelet8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6cJmTM386DGXHKTubU -1XupGc1V3sjs0l44U+VcT4wt/lAjNvxm5suOpDkZALeVAjmRCw7+OC7RHQWa9k0+ -bw8HHa8sHo9gOeL6NlMTOdReJivbPagUvTLrGAMoUgRx5aszPeE4uwc2hGKceeoW -MPRfwCvocWvk+QIDAQABo1MwUTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTA -ephojYn7qwVkDBF9qn1luMrMTjAfBgNVHSMEGDAWgBTAephojYn7qwVkDBF9qn1l -uMrMTjANBgkqhkiG9w0BAQUFAAOCAQEANeMpauUvXVSOKVCUn5kaFOSPeCpilKIn -Z57QzxpeR+nBsqTP3UEaBU6bS+5Kb1VSsyShNwrrZHYqLizz/Tt1kL/6cdjHPTfS -tQWVYrmm3ok9Nns4d0iXrKYgjy6myQzCsplFAMfOEVEiIuCl6rYVSAlk6l5PdPcF -PseKUgzbFbS9bZvlxrFUaKnjaZC2mqUPuLk/IH2uSrW4nOQdtqvmlKXBx4Ot2/Un -hw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6pXE0zX5IJL4hmXXeXxx12E6nV -5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvmMw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDfDCCAmSgAwIBAgIQGKy1av1pthU6Y2yv2vrEoTANBgkqhkiG9w0BAQUFADBY -MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjExMC8GA1UEAxMo -R2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNjEx -MjcwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMFgxCzAJBgNVBAYTAlVTMRYwFAYDVQQK -Ew1HZW9UcnVzdCBJbmMuMTEwLwYDVQQDEyhHZW9UcnVzdCBQcmltYXJ5IENlcnRp -ZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC -AQEAvrgVe//UfH1nrYNke8hCUy3f9oQIIGHWAVlqnEQRr+92/ZV+zmEwu3qDXwK9 -AWbK7hWNb6EwnL2hhZ6UOvNWiAAxz9juapYC2e0DjPt1befquFUWBRaa9OBesYjA -ZIVcFU2Ix7e64HXprQU9nceJSOC7KMgD4TCTZF5SwFlwIjVXiIrxlQqD17wxcwE0 -7e9GceBrAqg1cmuXm2bgyxx5X9gaBGgeRwLmnWDiNpcB3841kt++Z8dtd1k7j53W -kBWUvEI0EME5+bEnPn7WinXFsq+W06Lem+SYvn3h6YGttm/81w7a4DSwDRp35+MI -mO9Y+pyEtzavwt+s0vQQBnBxNQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4G -A1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQULNVQQZcVi/CPNmFbSvtr2ZnJM5IwDQYJ -KoZIhvcNAQEFBQADggEBAFpwfyzdtzRP9YZRqSa+S7iq8XEN3GHHoOo0Hnp3DwQ1 -6CePbJC/kRYkRj5KTs4rFtULUh38H2eiAkUxT87z+gOneZ1TatnaYzr4gNfTmeGl -4b7UVXGYNTq+k+qurUKykG/g/CFNNWMziUnWm07Kx+dOCQD32sfvmWKZd7aVIl6K -oKv0uHiYyjgZmclynnjNS6yvGaBzEi38wkG6gZHaFloxt/m0cYASSJlyc1pZU8Fj -UjPtp8nSOQJw+uCxQmYpqptR7TBUIhRf2asdweSU8Pj1K/fqynhG1riR/aYNKxoU -AT6A8EKglQdebc3MS6RFjasS6LPeWuWgfOgPIh1a6Vk= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICrjCCAjWgAwIBAgIQPLL0SAoA4v7rJDteYD7DazAKBggqhkjOPQQDAzCBmDEL -MAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsTMChj -KSAyMDA3IEdlb1RydXN0IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTE2 -MDQGA1UEAxMtR2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0 -eSAtIEcyMB4XDTA3MTEwNTAwMDAwMFoXDTM4MDExODIzNTk1OVowgZgxCzAJBgNV -BAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMTkwNwYDVQQLEzAoYykgMjAw -NyBHZW9UcnVzdCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxNjA0BgNV -BAMTLUdlb1RydXN0IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBH -MjB2MBAGByqGSM49AgEGBSuBBAAiA2IABBWx6P0DFUPlrOuHNxFi79KDNlJ9RVcL -So17VDs6bl8VAsBQps8lL33KSLjHUGMcKiEIfJo22Av+0SbFWDEwKCXzXV2juLal -tJLtbCyf691DiaI8S0iRHVDsJt/WYC69IaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAO -BgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFBVfNVdRVfslsq0DafwBo/q+EVXVMAoG -CCqGSM49BAMDA2cAMGQCMGSWWaboCd6LuvpaiIjwH5HTRqjySkwCY/tsXzjbLkGT -qQ7mndwxHLKgpxgceeHHNgIwOlavmnRs9vuD4DPTCF+hnMJbn0bWtsuRBmOiBucz -rD6ogRLQy7rQkgu2npaqBA+K ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID/jCCAuagAwIBAgIQFaxulBmyeUtB9iepwxgPHzANBgkqhkiG9w0BAQsFADCB -mDELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsT -MChjKSAyMDA4IEdlb1RydXN0IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25s -eTE2MDQGA1UEAxMtR2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhv -cml0eSAtIEczMB4XDTA4MDQwMjAwMDAwMFoXDTM3MTIwMTIzNTk1OVowgZgxCzAJ -BgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMTkwNwYDVQQLEzAoYykg -MjAwOCBHZW9UcnVzdCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxNjA0 -BgNVBAMTLUdlb1RydXN0IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg -LSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANziXmJYHTNXOTIz -+uvLh4yn1ErdBojqZI4xmKU4kB6Yzy5jK/BGvESyiaHAKAxJcCGVn2TAppMSAmUm -hsalifD614SgcK9PGpc/BkTVyetyEH3kMSj7HGHmKAdEc5IiaacDiGydY8hS2pgn -5whMcD60yRLBxWeDXTPzAxHsatBT4tG6NmCUgLthY2xbF37fQJQeqw3CIShwiP/W -JmxsYAQlTlV+fe+/lEjetx3dcI0FX4ilm/LC7urRQEFtYjgdVgbFA0dRIBn8exAL -DmKudlW/X3e+PkkBUz2YJQN2JFodtNuJ6nnltrM7P7pMKEF/BqxqjsHQ9gUdfeZC -huOl1UcCAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw -HQYDVR0OBBYEFMR5yo6hTgMdHNxr2zFblD4/MH8tMA0GCSqGSIb3DQEBCwUAA4IB -AQAtxRPPVoB7eni9n64smefv2t+UXglpp+duaIy9cr5HqQ6XErhK8WTTOd8lNNTB -zU6B8A8ExCSzNJbGpqow32hhc9f5joWJ7w5elShKKiePEI4ufIbEAp7aDHdlDkQN -kv39sxY2+hENHYwOB4lqKVb3cvTdFZx3NWZXqxNT2I7BQMXXExZacse3aQHEerGD -AWh9jUGhlBjBJVz88P6DAod8DQ3PLghcSkANPuyBYeYk28rgDi0Hsj5W3I31QYUH -SJsMC8tJP33st/3LjWeJGqvtux6jAAgIFyqCXDFdRootD4abdNlF+9RAsXqqaC2G -spki4cErx5z481+oghLrGREt ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFaDCCA1CgAwIBAgIBATANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJVUzEW -MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEeMBwGA1UEAxMVR2VvVHJ1c3QgVW5pdmVy -c2FsIENBMB4XDTA0MDMwNDA1MDAwMFoXDTI5MDMwNDA1MDAwMFowRTELMAkGA1UE -BhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xHjAcBgNVBAMTFUdlb1RydXN0 -IFVuaXZlcnNhbCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKYV -VaCjxuAfjJ0hUNfBvitbtaSeodlyWL0AG0y/YckUHUWCq8YdgNY96xCcOq9tJPi8 -cQGeBvV8Xx7BDlXKg5pZMK4ZyzBIle0iN430SppyZj6tlcDgFgDgEB8rMQ7XlFTT -QjOgNB0eRXbdT8oYN+yFFXoZCPzVx5zw8qkuEKmS5j1YPakWaDwvdSEYfyh3peFh -F7em6fgemdtzbvQKoiFs7tqqhZJmr/Z6a4LauiIINQ/PQvE1+mrufislzDoR5G2v -c7J2Ha3QsnhnGqQ5HFELZ1aD/ThdDc7d8Lsrlh/eezJS/R27tQahsiFepdaVaH/w -mZ7cRQg+59IJDTWU3YBOU5fXtQlEIGQWFwMCTFMNaN7VqnJNk22CDtucvc+081xd -VHppCZbW2xHBjXWotM85yM48vCR85mLK4b19p71XZQvk/iXttmkQ3CgaRr0BHdCX -teGYO8A3ZNY9lO4L4fUorgtWv3GLIylBjobFS1J72HGrH4oVpjuDWtdYAVHGTEHZ -f9hBZ3KiKN9gg6meyHv8U3NyWfWTehd2Ds735VzZC1U0oqpbtWpU5xPKV+yXbfRe -Bi9Fi1jUIxaS5BZuKGNZMN9QAZxjiRqf2xeUgnA3wySemkfWWspOqGmJch+RbNt+ -nhutxx9z3SxPGWX9f5NAEC7S8O08ni4oPmkmM8V7AgMBAAGjYzBhMA8GA1UdEwEB -/wQFMAMBAf8wHQYDVR0OBBYEFNq7LqqwDLiIJlF0XG0D08DYj3rWMB8GA1UdIwQY -MBaAFNq7LqqwDLiIJlF0XG0D08DYj3rWMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG -9w0BAQUFAAOCAgEAMXjmx7XfuJRAyXHEqDXsRh3ChfMoWIawC/yOsjmPRFWrZIRc -aanQmjg8+uUfNeVE44B5lGiku8SfPeE0zTBGi1QrlaXv9z+ZhP015s8xxtxqv6fX -IwjhmF7DWgh2qaavdy+3YL1ERmrvl/9zlcGO6JP7/TG37FcREUWbMPEaiDnBTzyn -ANXH/KttgCJwpQzgXQQpAvvLoJHRfNbDflDVnVi+QTjruXU8FdmbyUqDWcDaU/0z -uzYYm4UPFd3uLax2k7nZAY1IEKj79TiG8dsKxr2EoyNB3tZ3b4XUhRxQ4K5RirqN -Pnbiucon8l+f725ZDQbYKxek0nxru18UGkiPGkzns0ccjkxFKyDuSN/n3QmOGKja -QI2SJhFTYXNd673nxE0pN2HrrDktZy4W1vUAg4WhzH92xH3kt0tm7wNFYGm2DFKW -koRepqO1pD4r2czYG0eq8kTaT/kD6PAUyz/zg97QwVTjt+gKN02LIFkDMBmhLMi9 -ER/frslKxfMnZmaGrGiR/9nmUxwPi1xpZQomyB40w11Re9epnAahNt3ViZS82eQt -DF4JbAiXfKM9fJP/P6EUp8+1Xevb2xzEdt+Iub1FBZUbrvxGakyvSOPOrg/Sfuvm -bJxPgWp6ZKy7PtXny3YuxadIwVyQD8vIP/rmMuGNG2+k5o7Y+SlIis5z/iw= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFbDCCA1SgAwIBAgIBATANBgkqhkiG9w0BAQUFADBHMQswCQYDVQQGEwJVUzEW -MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMXR2VvVHJ1c3QgVW5pdmVy -c2FsIENBIDIwHhcNMDQwMzA0MDUwMDAwWhcNMjkwMzA0MDUwMDAwWjBHMQswCQYD -VQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMXR2VvVHJ1 -c3QgVW5pdmVyc2FsIENBIDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC -AQCzVFLByT7y2dyxUxpZKeexw0Uo5dfR7cXFS6GqdHtXr0om/Nj1XqduGdt0DE81 -WzILAePb63p3NeqqWuDW6KFXlPCQo3RWlEQwAx5cTiuFJnSCegx2oG9NzkEtoBUG -FF+3Qs17j1hhNNwqCPkuwwGmIkQcTAeC5lvO0Ep8BNMZcyfwqph/Lq9O64ceJHdq -XbboW0W63MOhBW9Wjo8QJqVJwy7XQYci4E+GymC16qFjwAGXEHm9ADwSbSsVsaxL -se4YuU6W3Nx2/zu+z18DwPw76L5GG//aQMJS9/7jOvdqdzXQ2o3rXhhqMcceujwb -KNZrVMaqW9eiLBsZzKIC9ptZvTdrhrVtgrrY6slWvKk2WP0+GfPtDCapkzj4T8Fd -IgbQl+rhrcZV4IErKIM6+vR7IVEAvlI4zs1meaj0gVbi0IMJR1FbUGrP20gaXT73 -y/Zl92zxlfgCOzJWgjl6W70viRu/obTo/3+NjN8D8WBOWBFM66M/ECuDmgFz2ZRt -hAAnZqzwcEAJQpKtT5MNYQlRJNiS1QuUYbKHsu3/mjX/hVTK7URDrBs8FmtISgoc -QIgfksILAAX/8sgCSqSqqcyZlpwvWOB94b67B9xfBHJcMTTD7F8t4D1kkCLm0ey4 -Lt1ZrtmhN79UNdxzMk+MBB4zsslG8dhcyFVQyWi9qLo2CQIDAQABo2MwYTAPBgNV -HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR281Xh+qQ2+/CfXGJx7Tz0RzgQKzAfBgNV -HSMEGDAWgBR281Xh+qQ2+/CfXGJx7Tz0RzgQKzAOBgNVHQ8BAf8EBAMCAYYwDQYJ -KoZIhvcNAQEFBQADggIBAGbBxiPz2eAubl/oz66wsCVNK/g7WJtAJDday6sWSf+z -dXkzoS9tcBc0kf5nfo/sm+VegqlVHy/c1FEHEv6sFj4sNcZj/NwQ6w2jqtB8zNHQ -L1EuxBRa3ugZ4T7GzKQp5y6EqgYweHZUcyiYWTjgAA1i00J9IZ+uPTqM1fp3DRgr -Fg5fNuH8KrUwJM/gYwx7WBr+mbpCErGR9Hxo4sjoryzqyX6uuyo9DRXcNJW2GHSo -ag/HtPQTxORb7QrSpJdMKu0vbBKJPfEncKpqA1Ihn0CoZ1Dy81of398j9tx4TuaY -T1U6U+Pv8vSfx3zYWK8pIpe44L2RLrB27FcRz+8pRPPphXpgY+RdM4kX2TGq2tbz -GDVyz4crL2MjhF2EjD9XoIj8mZEoJmmZ1I+XRL6O1UixpCgp8RW04eWe3fiPpm8m -1wk8OhwRDqZsN/etRIcsKMfYdIKz0G9KV7s1KSegi+ghp4dkNl3M2Basx7InQJJV -OCiNUW7dFGdTbHFcJoRNdVq2fmBWqU2t+5sel/MN2dKXVHfaPRK34B7vCAas+YWH -6aLcr34YEoP9VhdBLtUpgn2Z9DH2canPLAEnpQW5qrJITirvn5NSUZU8UnOOVkwX -QMAJKOSLakhT2+zNVVXxxvjpoixMptEmX36vWkzaH6byHCx+rgIW0lbQL1dTR+iS ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB4TCCAYegAwIBAgIRKjikHJYKBN5CsiilC+g0mAIwCgYIKoZIzj0EAwIwUDEk -MCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI0MRMwEQYDVQQKEwpH -bG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWduMB4XDTEyMTExMzAwMDAwMFoX -DTM4MDExOTAzMTQwN1owUDEkMCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBD -QSAtIFI0MRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWdu -MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEuMZ5049sJQ6fLjkZHAOkrprlOQcJ -FspjsbmG+IpXwVfOQvpzofdlQv8ewQCybnMO/8ch5RikqtlxP6jUuc6MHaNCMEAw -DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFFSwe61F -uOJAf/sKbvu+M8k8o4TVMAoGCCqGSM49BAMCA0gAMEUCIQDckqGgE6bPA7DmxCGX -kPoUVy0D7O48027KqGx2vKLeuwIgJ6iFJzWbVsaj8kfSt24bAgAXqmemFZHe+pTs -ewv4n4Q= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICHjCCAaSgAwIBAgIRYFlJ4CYuu1X5CneKcflK2GwwCgYIKoZIzj0EAwMwUDEk -MCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI1MRMwEQYDVQQKEwpH -bG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWduMB4XDTEyMTExMzAwMDAwMFoX -DTM4MDExOTAzMTQwN1owUDEkMCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBD -QSAtIFI1MRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWdu -MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAER0UOlvt9Xb/pOdEh+J8LttV7HpI6SFkc -8GIxLcB6KP4ap1yztsyX50XUWPrRd21DosCHZTQKH3rd6zwzocWdTaRvQZU4f8ke -hOvRnkmSh5SHDDqFSmafnVmTTZdhBoZKo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYD -VR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUPeYpSJvqB8ohREom3m7e0oPQn1kwCgYI -KoZIzj0EAwMDaAAwZQIxAOVpEslu28YxuglB4Zf4+/2a4n0Sye18ZNPLBSWLVtmg -515dTguDnFt2KaAJJiFqYgIwcdK1j1zqO+F4CYWodZI7yFz9SO8NdCKoCOJuxUnO -xwy8p2Fp8fc74SrL+SvzZpA3 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG -A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv -b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw -MDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i -YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT -aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ -jc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp -xy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp -1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdG -snUOhugZitVtbNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJ -U26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N8 -9iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E -BTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0B -AQUFAAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOz -yj1hTdNGCbM+w6DjY1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE -38NflNUVyRRBnMRddWQVDf9VMOyGj/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymP -AbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad -DKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME -HMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4G -A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp -Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDYxMjE1MDgwMDAwWhcNMjExMjE1 -MDgwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEG -A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAKbPJA6+Lm8omUVCxKs+IVSbC9N/hHD6ErPL -v4dfxn+G07IwXNb9rfF73OX4YJYJkhD10FPe+3t+c4isUoh7SqbKSaZeqKeMWhG8 -eoLrvozps6yWJQeXSpkqBy+0Hne/ig+1AnwblrjFuTosvNYSuetZfeLQBoZfXklq -tTleiDTsvHgMCJiEbKjNS7SgfQx5TfC4LcshytVsW33hoCmEofnTlEnLJGKRILzd -C9XZzPnqJworc5HGnRusyMvo4KD0L5CLTfuwNhv2GXqF4G3yYROIXJ/gkwpRl4pa -zq+r1feqCapgvdzZX99yqWATXgAByUr6P6TqBwMhAo6CygPCm48CAwEAAaOBnDCB -mTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUm+IH -V2ccHsBqBt5ZtJot39wZhi4wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5n -bG9iYWxzaWduLm5ldC9yb290LXIyLmNybDAfBgNVHSMEGDAWgBSb4gdXZxwewGoG -3lm0mi3f3BmGLjANBgkqhkiG9w0BAQUFAAOCAQEAmYFThxxol4aR7OBKuEQLq4Gs -J0/WwbgcQ3izDJr86iw8bmEbTUsp9Z8FHSbBuOmDAGJFtqkIk7mpM0sYmsL4h4hO -291xNBrBVNpGP+DTKqttVCL1OmLNIG+6KYnX3ZHu01yiPqFbQfXf5WRDLenVOavS -ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd -AfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7 -TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDXzCCAkegAwIBAgILBAAAAAABIVhTCKIwDQYJKoZIhvcNAQELBQAwTDEgMB4G -A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbFNp -Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDkwMzE4MTAwMDAwWhcNMjkwMzE4 -MTAwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEG -A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAMwldpB5BngiFvXAg7aEyiie/QV2EcWtiHL8 -RgJDx7KKnQRfJMsuS+FggkbhUqsMgUdwbN1k0ev1LKMPgj0MK66X17YUhhB5uzsT -gHeMCOFJ0mpiLx9e+pZo34knlTifBtc+ycsmWQ1z3rDI6SYOgxXG71uL0gRgykmm -KPZpO/bLyCiR5Z2KYVc3rHQU3HTgOu5yLy6c+9C7v/U9AOEGM+iCK65TpjoWc4zd -QQ4gOsC0p6Hpsk+QLjJg6VfLuQSSaGjlOCZgdbKfd/+RFO+uIEn8rUAVSNECMWEZ -XriX7613t2Saer9fwRPvm2L7DWzgVGkWqQPabumDk3F2xmmFghcCAwEAAaNCMEAw -DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFI/wS3+o -LkUkrk1Q+mOai97i3Ru8MA0GCSqGSIb3DQEBCwUAA4IBAQBLQNvAUKr+yAzv95ZU -RUm7lgAJQayzE4aGKAczymvmdLm6AC2upArT9fHxD4q/c2dKg8dEe3jgr25sbwMp -jjM5RcOO5LlXbKr8EpbsU8Yt5CRsuZRj+9xTaGdWPoO4zzUhw8lo/s7awlOqzJCK -6fBdRoyV3XpYKBovHd7NADdBj+1EbddTKJd+82cEHhXXipa0095MJ6RMG3NzdvQX -mcIfeg7jLQitChws/zyrVQ4PkX4268NXSb7hLi18YIvDQVETI53O9zJrlAGomecs -Mx86OyXShkDOOyyGeMlhLxS67ttVb9+E7gUJTb0o2HLO02JQZR7rkpeDMdmztcpH -WD9f ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIHSTCCBTGgAwIBAgIJAMnN0+nVfSPOMA0GCSqGSIb3DQEBBQUAMIGsMQswCQYD -VQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0 -IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAGA1UEBRMJQTgyNzQzMjg3 -MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xJzAlBgNVBAMTHkdsb2JhbCBD -aGFtYmVyc2lnbiBSb290IC0gMjAwODAeFw0wODA4MDExMjMxNDBaFw0zODA3MzEx -MjMxNDBaMIGsMQswCQYDVQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3Vy -cmVudCBhZGRyZXNzIGF0IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAG -A1UEBRMJQTgyNzQzMjg3MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xJzAl -BgNVBAMTHkdsb2JhbCBDaGFtYmVyc2lnbiBSb290IC0gMjAwODCCAiIwDQYJKoZI -hvcNAQEBBQADggIPADCCAgoCggIBAMDfVtPkOpt2RbQT2//BthmLN0EYlVJH6xed -KYiONWwGMi5HYvNJBL99RDaxccy9Wglz1dmFRP+RVyXfXjaOcNFccUMd2drvXNL7 -G706tcuto8xEpw2uIRU/uXpbknXYpBI4iRmKt4DS4jJvVpyR1ogQC7N0ZJJ0YPP2 -zxhPYLIj0Mc7zmFLmY/CDNBAspjcDahOo7kKrmCgrUVSY7pmvWjg+b4aqIG7HkF4 -ddPB/gBVsIdU6CeQNR1MM62X/JcumIS/LMmjv9GYERTtY/jKmIhYF5ntRQOXfjyG -HoiMvvKRhI9lNNgATH23MRdaKXoKGCQwoze1eqkBfSbW+Q6OWfH9GzO1KTsXO0G2 -Id3UwD2ln58fQ1DJu7xsepeY7s2MH/ucUa6LcL0nn3HAa6x9kGbo1106DbDVwo3V -yJ2dwW3Q0L9R5OP4wzg2rtandeavhENdk5IMagfeOx2YItaswTXbo6Al/3K1dh3e -beksZixShNBFks4c5eUzHdwHU1SjqoI7mjcv3N2gZOnm3b2u/GSFHTynyQbehP9r -6GsaPMWis0L7iwk+XwhSx2LE1AVxv8Rk5Pihg+g+EpuoHtQ2TS9x9o0o9oOpE9Jh -wZG7SMA0j0GMS0zbaRL/UJScIINZc+18ofLx/d33SdNDWKBWY8o9PeU1VlnpDsog -zCtLkykPAgMBAAGjggFqMIIBZjASBgNVHRMBAf8ECDAGAQH/AgEMMB0GA1UdDgQW -BBS5CcqcHtvTbDprru1U8VuTBjUuXjCB4QYDVR0jBIHZMIHWgBS5CcqcHtvTbDpr -ru1U8VuTBjUuXqGBsqSBrzCBrDELMAkGA1UEBhMCRVUxQzBBBgNVBAcTOk1hZHJp -ZCAoc2VlIGN1cnJlbnQgYWRkcmVzcyBhdCB3d3cuY2FtZXJmaXJtYS5jb20vYWRk -cmVzcykxEjAQBgNVBAUTCUE4Mjc0MzI4NzEbMBkGA1UEChMSQUMgQ2FtZXJmaXJt -YSBTLkEuMScwJQYDVQQDEx5HbG9iYWwgQ2hhbWJlcnNpZ24gUm9vdCAtIDIwMDiC -CQDJzdPp1X0jzjAOBgNVHQ8BAf8EBAMCAQYwPQYDVR0gBDYwNDAyBgRVHSAAMCow -KAYIKwYBBQUHAgEWHGh0dHA6Ly9wb2xpY3kuY2FtZXJmaXJtYS5jb20wDQYJKoZI -hvcNAQEFBQADggIBAICIf3DekijZBZRG/5BXqfEv3xoNa/p8DhxJJHkn2EaqbylZ -UohwEurdPfWbU1Rv4WCiqAm57OtZfMY18dwY6fFn5a+6ReAJ3spED8IXDneRRXoz -X1+WLGiLwUePmJs9wOzL9dWCkoQ10b42OFZyMVtHLaoXpGNR6woBrX/sdZ7LoR/x -fxKxueRkf2fWIyr0uDldmOghp+G9PUIadJpwr2hsUF1Jz//7Dl3mLEfXgTpZALVz -a2Mg9jFFCDkO9HB+QHBaP9BrQql0PSgvAm11cpUJjUhjxsYjV5KTXjXBjfkK9yyd -Yhz2rXzdpjEetrHHfoUm+qRqtdpjMNHvkzeyZi99Bffnt0uYlDXA2TopwZ2yUDMd -SqlapskD7+3056huirRXhOukP9DuqqqHW2Pok+JrqNS4cnhrG+055F3Lm6qH1U9O -AP7Zap88MQ8oAgF9mOinsKJknnn4SPIVqczmyETrP3iZ8ntxPjzxmKfFGBI/5rso -M0LpRQp8bfKGeS/Fghl9CYl8slR2iK7ewfPM4W7bMdaTrpmg7yVqc5iJWzouE4ge -v8CSlDQb4ye3ix5vQv/n6TebUB0tovkC7stYWDpxvGjjqsGvHCgfotwjZT+B6q6Z -09gwzxMNTxXJhLynSC34MCN32EZLeW32jO06f2ARePTpm67VVMB0gNELQp/B ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEADCCAuigAwIBAgIBADANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEh -MB8GA1UEChMYVGhlIEdvIERhZGR5IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBE -YWRkeSBDbGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA0MDYyOTE3 -MDYyMFoXDTM0MDYyOTE3MDYyMFowYzELMAkGA1UEBhMCVVMxITAfBgNVBAoTGFRo -ZSBHbyBEYWRkeSBHcm91cCwgSW5jLjExMC8GA1UECxMoR28gRGFkZHkgQ2xhc3Mg -MiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASAwDQYJKoZIhvcNAQEBBQADggEN -ADCCAQgCggEBAN6d1+pXGEmhW+vXX0iG6r7d/+TvZxz0ZWizV3GgXne77ZtJ6XCA -PVYYYwhv2vLM0D9/AlQiVBDYsoHUwHU9S3/Hd8M+eKsaA7Ugay9qK7HFiH7Eux6w -wdhFJ2+qN1j3hybX2C32qRe3H3I2TqYXP2WYktsqbl2i/ojgC95/5Y0V4evLOtXi -EqITLdiOr18SPaAIBQi2XKVlOARFmR6jYGB0xUGlcmIbYsUfb18aQr4CUWWoriMY -avx4A6lNf4DD+qta/KFApMoZFv6yyO9ecw3ud72a9nmYvLEHZ6IVDd2gWMZEewo+ -YihfukEHU1jPEX44dMX4/7VpkI+EdOqXG68CAQOjgcAwgb0wHQYDVR0OBBYEFNLE -sNKR1EwRcbNhyz2h/t2oatTjMIGNBgNVHSMEgYUwgYKAFNLEsNKR1EwRcbNhyz2h -/t2oatTjoWekZTBjMQswCQYDVQQGEwJVUzEhMB8GA1UEChMYVGhlIEdvIERhZGR5 -IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBEYWRkeSBDbGFzcyAyIENlcnRpZmlj -YXRpb24gQXV0aG9yaXR5ggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQAD -ggEBADJL87LKPpH8EsahB4yOd6AzBhRckB4Y9wimPQoZ+YeAEW5p5JYXMP80kWNy -OO7MHAGjHZQopDH2esRU1/blMVgDoszOYtuURXO1v0XJJLXVggKtI3lpjbi2Tc7P -TMozI+gciKqdi0FuFskg5YmezTvacPd+mSYgFFQlq25zheabIZ0KbIIOqPjCDPoQ -HmyW74cNxA9hi63ugyuV+I6ShHI56yDqg+2DzZduCLzrTia2cyvk0/ZM/iZx4mER -dEr/VxqHD3VILs9RaRegAhJhldXRQLIQTO7ErBBDpqWeCtWVYpoNz4iCxTIM5Cuf -ReYNnyicsbkqWletNw+vHX/bvZ8= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDxTCCAq2gAwIBAgIBADANBgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhMCVVMx -EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoT -EUdvRGFkZHkuY29tLCBJbmMuMTEwLwYDVQQDEyhHbyBEYWRkeSBSb290IENlcnRp -ZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5MDkwMTAwMDAwMFoXDTM3MTIzMTIz -NTk1OVowgYMxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQH -EwpTY290dHNkYWxlMRowGAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjExMC8GA1UE -AxMoR28gRGFkZHkgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjCCASIw -DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL9xYgjx+lk09xvJGKP3gElY6SKD -E6bFIEMBO4Tx5oVJnyfq9oQbTqC023CYxzIBsQU+B07u9PpPL1kwIuerGVZr4oAH -/PMWdYA5UXvl+TW2dE6pjYIT5LY/qQOD+qK+ihVqf94Lw7YZFAXK6sOoBJQ7Rnwy -DfMAZiLIjWltNowRGLfTshxgtDj6AozO091GB94KPutdfMh8+7ArU6SSYmlRJQVh -GkSBjCypQ5Yj36w6gZoOKcUcqeldHraenjAKOc7xiID7S13MMuyFYkMlNAJWJwGR -tDtwKj9useiciAF9n9T521NtYJ2/LOdYq7hfRvzOxBsDPAnrSTFcaUaz4EcCAwEA -AaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYE -FDqahQcQZyi27/a9BUFuIMGU2g/eMA0GCSqGSIb3DQEBCwUAA4IBAQCZ21151fmX -WWcDYfF+OwYxdS2hII5PZYe096acvNjpL9DbWu7PdIxztDhC2gV7+AJ1uP2lsdeu -9tfeE8tTEH6KRtGX+rcuKxGrkLAngPnon1rpN5+r5N9ss4UXnT3ZJE95kTXWXwTr -gIOrmgIttRD02JDHBHNA7XIloKmf7J6raBKZV8aPEjoJpL1E/QYVN8Gb5DKj7Tjo -2GTzLH4U/ALqn83/B2gX2yKQOC16jdFU8WnjXzPKej17CuPKf1855eJ1usV2GDPO -LPAvTK33sefOT6jEm0pUBsV/fdUID+Ic/n4XuKxe9tQWskMJDE32p2u0mYRlynqI -4uJEvlz36hz1 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICwzCCAkqgAwIBAgIBADAKBggqhkjOPQQDAjCBqjELMAkGA1UEBhMCR1IxDzAN -BgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl -c2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRob3JpdHkxRDBCBgNVBAMTO0hl -bGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgRUNDIFJv -b3RDQSAyMDE1MB4XDTE1MDcwNzEwMzcxMloXDTQwMDYzMDEwMzcxMlowgaoxCzAJ -BgNVBAYTAkdSMQ8wDQYDVQQHEwZBdGhlbnMxRDBCBgNVBAoTO0hlbGxlbmljIEFj -YWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgQ2VydC4gQXV0aG9yaXR5 -MUQwQgYDVQQDEztIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0 -dXRpb25zIEVDQyBSb290Q0EgMjAxNTB2MBAGByqGSM49AgEGBSuBBAAiA2IABJKg -QehLgoRc4vgxEZmGZE4JJS+dQS8KrjVPdJWyUWRrjWvmP3CV8AVER6ZyOFB2lQJa -jq4onvktTpnvLEhvTCUp6NFxW98dwXU3tNf6e3pCnGoKVlp8aQuqgAkkbH7BRqNC -MEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFLQi -C4KZJAEOnLvkDv2/+5cgk5kqMAoGCCqGSM49BAMCA2cAMGQCMGfOFmI4oqxiRaep -lSTAGiecMjvAwNW6qef4BENThe5SId6d9SWDPp5YSy/XZxMOIQIwBeF1Ad5o7Sof -TUwJCA3sS61kFyjndc5FZXIhF8siQQ6ME5g4mlRtm8rifOoCWCKR ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEMTCCAxmgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBlTELMAkGA1UEBhMCR1Ix -RDBCBgNVBAoTO0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1 -dGlvbnMgQ2VydC4gQXV0aG9yaXR5MUAwPgYDVQQDEzdIZWxsZW5pYyBBY2FkZW1p -YyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIFJvb3RDQSAyMDExMB4XDTExMTIw -NjEzNDk1MloXDTMxMTIwMTEzNDk1MlowgZUxCzAJBgNVBAYTAkdSMUQwQgYDVQQK -EztIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIENl -cnQuIEF1dGhvcml0eTFAMD4GA1UEAxM3SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl -c2VhcmNoIEluc3RpdHV0aW9ucyBSb290Q0EgMjAxMTCCASIwDQYJKoZIhvcNAQEB -BQADggEPADCCAQoCggEBAKlTAOMupvaO+mDYLZU++CwqVE7NuYRhlFhPjz2L5EPz -dYmNUeTDN9KKiE15HrcS3UN4SoqS5tdI1Q+kOilENbgH9mgdVc04UfCMJDGFr4PJ -fel3r+0ae50X+bOdOFAPplp5kYCvN66m0zH7tSYJnTxa71HFK9+WXesyHgLacEns -bgzImjeN9/E2YEsmLIKe0HjzDQ9jpFEw4fkrJxIH2Oq9GGKYsFk3fb7u8yBRQlqD -75O6aRXxYp2fmTmCobd0LovUxQt7L/DICto9eQqakxylKHJzkUOap9FNhYS5qXSP -FEDH3N6sQWRstBmbAmNtJGSPRLIl6s5ddAxjMlyNh+UCAwEAAaOBiTCBhjAPBgNV -HRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQUppFC/RNhSiOeCKQp -5dgTBCPuQSUwRwYDVR0eBEAwPqA8MAWCAy5ncjAFggMuZXUwBoIELmVkdTAGggQu -b3JnMAWBAy5ncjAFgQMuZXUwBoEELmVkdTAGgQQub3JnMA0GCSqGSIb3DQEBBQUA -A4IBAQAf73lB4XtuP7KMhjdCSk4cNx6NZrokgclPEg8hwAOXhiVtXdMiKahsog2p -6z0GW5k6x8zDmjR/qw7IThzh+uTczQ2+vyT+bOdrwg3IBp5OjWEopmr95fZi6hg8 -TqBTnbI6nOulnJEWtk2C4AwFSKls9cz4y51JtPACpf1wA+2KIaWuE4ZJwzNzvoc7 -dIsXRSZMFpGD/md9zU1jZ/rzAxKWeAaNsWftjj++n08C9bMJL/NMh98qy5V8Acys -Nnq/onN694/BtZqhFLKPM58N7yLcZnuEvUUXBj08yrl3NI/K6s8/MT7jiOOASSXI -l7WdmplNsDz4SgCbZN2fOUvRJ9e4 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIGCzCCA/OgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBpjELMAkGA1UEBhMCR1Ix -DzANBgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNhZGVtaWMgYW5k -IFJlc2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRob3JpdHkxQDA+BgNVBAMT -N0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgUm9v -dENBIDIwMTUwHhcNMTUwNzA3MTAxMTIxWhcNNDAwNjMwMTAxMTIxWjCBpjELMAkG -A1UEBhMCR1IxDzANBgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNh -ZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRob3JpdHkx -QDA+BgNVBAMTN0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1 -dGlvbnMgUm9vdENBIDIwMTUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC -AQDC+Kk/G4n8PDwEXT2QNrCROnk8ZlrvbTkBSRq0t89/TSNTt5AA4xMqKKYx8ZEA -4yjsriFBzh/a/X0SWwGDD7mwX5nh8hKDgE0GPt+sr+ehiGsxr/CL0BgzuNtFajT0 -AoAkKAoCFZVedioNmToUW/bLy1O8E00BiDeUJRtCvCLYjqOWXjrZMts+6PAQZe10 -4S+nfK8nNLspfZu2zwnI5dMK/IhlZXQK3HMcXM1AsRzUtoSMTFDPaI6oWa7CJ06C -ojXdFPQf/7J31Ycvqm59JCfnxssm5uX+Zwdj2EUN3TpZZTlYepKZcj2chF6IIbjV -9Cz82XBST3i4vTwri5WY9bPRaM8gFH5MXF/ni+X1NYEZN9cRCLdmvtNKzoNXADrD -gfgXy5I2XdGj2HUb4Ysn6npIQf1FGQatJ5lOwXBH3bWfgVMS5bGMSF0xQxfjjMZ6 -Y5ZLKTBOhE5iGV48zpeQpX8B653g+IuJ3SWYPZK2fu/Z8VFRfS0myGlZYeCsargq -NhEEelC9MoS+L9xy1dcdFkfkR2YgP/SWxa+OAXqlD3pk9Q0Yh9muiNX6hME6wGko -LfINaFGq46V3xqSQDqE3izEjR8EJCOtu93ib14L8hCCZSRm2Ekax+0VVFqmjZayc -Bw/qa9wfLgZy7IaIEuQt218FL+TwA9MmM+eAws1CoRc0CwIDAQABo0IwQDAPBgNV -HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUcRVnyMjJvXVd -ctA4GGqd83EkVAswDQYJKoZIhvcNAQELBQADggIBAHW7bVRLqhBYRjTyYtcWNl0I -XtVsyIe9tC5G8jH4fOpCtZMWVdyhDBKg2mF+D1hYc2Ryx+hFjtyp8iY/xnmMsVMI -M4GwVhO+5lFc2JsKT0ucVlMC6U/2DWDqTUJV6HwbISHTGzrMd/K4kPFox/la/vot -9L/J9UUbzjgQKjeKeaO04wlshYaT/4mWJ3iBj2fjRnRUjtkNaeJK9E10A/+yd+2V -Z5fkscWrv2oj6NSU4kQoYsRL4vDY4ilrGnB+JGGTe08DMiUNRSQrlrRGar9KC/ea -j8GsGsVn82800vpzY4zvFrCopEYq+OsS7HK07/grfoxSwIuEVPkvPuNVqNxmsdnh -X9izjFk0WaSrT2y7HxjbdavYy5LNlDhhDgcGH0tGEPEVvo2FXDtKK4F5D7Rpn0lQ -l033DlZdwJVqwjbDG2jJ9SrcR5q+ss7FJej6A7na+RZukYT1HCjI/CbM1xyQVqdf -bzoEvM14iQuODy+jqk+iGxI9FghAD/FGTNeqewjBCvVtJ94Cj8rDtSvK6evIIVM4 -pcw72Hc3MKJP2W/R8kCtQXoXxdZKNYm3QdV8hn9VTYNKpXMgwDqvkPGaJI7ZjnHK -e7iG2rKPmT4dEw0SEe7Uq/DpFXYC5ODfqiAeW2GFZECpkJcNrVPSWh2HagCXZWK0 -vm9qp/UsQu0yrbYhnr68 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDMDCCAhigAwIBAgICA+gwDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UEBhMCSEsx -FjAUBgNVBAoTDUhvbmdrb25nIFBvc3QxIDAeBgNVBAMTF0hvbmdrb25nIFBvc3Qg -Um9vdCBDQSAxMB4XDTAzMDUxNTA1MTMxNFoXDTIzMDUxNTA0NTIyOVowRzELMAkG -A1UEBhMCSEsxFjAUBgNVBAoTDUhvbmdrb25nIFBvc3QxIDAeBgNVBAMTF0hvbmdr -b25nIFBvc3QgUm9vdCBDQSAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC -AQEArP84tulmAknjorThkPlAj3n54r15/gK97iSSHSL22oVyaf7XPwnU3ZG1ApzQ -jVrhVcNQhrkpJsLj2aDxaQMoIIBFIi1WpztUlVYiWR8o3x8gPW2iNr4joLFutbEn -PzlTCeqrauh0ssJlXI6/fMN4hM2eFvz1Lk8gKgifd/PFHsSaUmYeSF7jEAaPIpjh -ZY4bXSNmO7ilMlHIhqqhqZ5/dpTCpmy3QfDVyAY45tQM4vM7TG1QjMSDJ8EThFk9 -nnV0ttgCXjqQesBCNnLsak3c78QA3xMYV18meMjWCnl3v/evt3a5pQuEF10Q6m/h -q5URX208o1xNg1vysxmKgIsLhwIDAQABoyYwJDASBgNVHRMBAf8ECDAGAQH/AgED -MA4GA1UdDwEB/wQEAwIBxjANBgkqhkiG9w0BAQUFAAOCAQEADkbVPK7ih9legYsC -mEEIjEy82tvuJxuC52pF7BaLT4Wg87JwvVqWuspube5Gi27nKi6Wsxkz67SfqLI3 -7piol7Yutmcn1KZJ/RyTZXaeQi/cImyaT/JaFTmxcdcrUehtHJjA2Sr0oYJ71clB -oiMBdDhViw+5LmeiIAQ32pwL0xch4I+XeTRvhEgCIDMb5jREn5Fw9IBehEPCKdJs -EhTkYY2sEJCehFC78JZvRZ+K88psT/oROhUVRsPNH4NbLUES7VBnQRM9IauUiqpO -fMGx+6fWtScvl6tu4B3i0RwsH0Ti/L6RoZz71ilTc4afU9hDDl3WY4JxHYB0yvbi -AmvZWg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw -TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh -cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4 -WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu -ZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY -MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc -h77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+ -0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U -A5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW -T8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH -B5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC -B5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv -KBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn -OlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn -jh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw -qHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI -rU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV -HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq -hkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL -ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ -3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK -NFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5 -ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur -TkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC -jNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc -oyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq -4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA -mRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d -emyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFYDCCA0igAwIBAgIQCgFCgAAAAUUjyES1AAAAAjANBgkqhkiG9w0BAQsFADBK -MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MScwJQYDVQQDEx5JZGVu -VHJ1c3QgQ29tbWVyY2lhbCBSb290IENBIDEwHhcNMTQwMTE2MTgxMjIzWhcNMzQw -MTE2MTgxMjIzWjBKMQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MScw -JQYDVQQDEx5JZGVuVHJ1c3QgQ29tbWVyY2lhbCBSb290IENBIDEwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQCnUBneP5k91DNG8W9RYYKyqU+PZ4ldhNlT -3Qwo2dfw/66VQ3KZ+bVdfIrBQuExUHTRgQ18zZshq0PirK1ehm7zCYofWjK9ouuU -+ehcCuz/mNKvcbO0U59Oh++SvL3sTzIwiEsXXlfEU8L2ApeN2WIrvyQfYo3fw7gp -S0l4PJNgiCL8mdo2yMKi1CxUAGc1bnO/AljwpN3lsKImesrgNqUZFvX9t++uP0D1 -bVoE/c40yiTcdCMbXTMTEl3EASX2MN0CXZ/g1Ue9tOsbobtJSdifWwLziuQkkORi -T0/Br4sOdBeo0XKIanoBScy0RnnGF7HamB4HWfp1IYVl3ZBWzvurpWCdxJ35UrCL -vYf5jysjCiN2O/cz4ckA82n5S6LgTrx+kzmEB/dEcH7+B1rlsazRGMzyNeVJSQjK -Vsk9+w8YfYs7wRPCTY/JTw436R+hDmrfYi7LNQZReSzIJTj0+kuniVyc0uMNOYZK -dHzVWYfCP04MXFL0PfdSgvHqo6z9STQaKPNBiDoT7uje/5kdX7rL6B7yuVBgwDHT -c+XvvqDtMwt0viAgxGds8AgDelWAf0ZOlqf0Hj7h9tgJ4TNkK2PXMl6f+cB7D3hv -l7yTmvmcEpB4eoCHFddydJxVdHixuuFucAS6T6C6aMN7/zHwcz09lCqxC0EOoP5N -iGVreTO01wIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB -/zAdBgNVHQ4EFgQU7UQZwNPwBovupHu+QucmVMiONnYwDQYJKoZIhvcNAQELBQAD -ggIBAA2ukDL2pkt8RHYZYR4nKM1eVO8lvOMIkPkp165oCOGUAFjvLi5+U1KMtlwH -6oi6mYtQlNeCgN9hCQCTrQ0U5s7B8jeUeLBfnLOic7iPBZM4zY0+sLj7wM+x8uwt -LRvM7Kqas6pgghstO8OEPVeKlh6cdbjTMM1gCIOQ045U8U1mwF10A0Cj7oV+wh93 -nAbowacYXVKV7cndJZ5t+qntozo00Fl72u1Q8zW/7esUTTHHYPTa8Yec4kjixsU3 -+wYQ+nVZZjFHKdp2mhzpgq7vmrlR94gjmmmVYjzlVYA211QC//G5Xc7UI2/YRYRK -W2XviQzdFKcgyxilJbQN+QHwotL0AMh0jqEqSI5l2xPE4iUXfeu+h1sXIFRRk0pT -AwvsXcoz7WL9RccvW9xYoIA55vrX/hMUpu09lEpCdNTDd1lzzY9GvlU47/rokTLq -l1gEIt44w8y8bckzOmoKaT+gyOpyj4xjhiO9bTyWnpXgSUyqorkqG5w2gXjtw+hG -4iZZRHUe2XWJUc0QhJ1hYMtd+ZciTY6Y5uN/9lu7rs3KSoFrXgvzUeF0K+l+J6fZ -mUlO+KWA2yUPHGNiiskzZ2s8EIPGrd6ozRaOjfAHN3Gf8qv8QfXBi+wAN10J5U6A -7/qxXDgGpRtK4dw4LTzcqx+QGtVKnO7RcGzM7vRX+Bi6hG6H ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFZjCCA06gAwIBAgIQCgFCgAAAAUUjz0Z8AAAAAjANBgkqhkiG9w0BAQsFADBN -MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MSowKAYDVQQDEyFJZGVu -VHJ1c3QgUHVibGljIFNlY3RvciBSb290IENBIDEwHhcNMTQwMTE2MTc1MzMyWhcN -MzQwMTE2MTc1MzMyWjBNMQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0 -MSowKAYDVQQDEyFJZGVuVHJ1c3QgUHVibGljIFNlY3RvciBSb290IENBIDEwggIi -MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC2IpT8pEiv6EdrCvsnduTyP4o7 -ekosMSqMjbCpwzFrqHd2hCa2rIFCDQjrVVi7evi8ZX3yoG2LqEfpYnYeEe4IFNGy -RBb06tD6Hi9e28tzQa68ALBKK0CyrOE7S8ItneShm+waOh7wCLPQ5CQ1B5+ctMlS -bdsHyo+1W/CD80/HLaXIrcuVIKQxKFdYWuSNG5qrng0M8gozOSI5Cpcu81N3uURF -/YTLNiCBWS2ab21ISGHKTN9T0a9SvESfqy9rg3LvdYDaBjMbXcjaY8ZNzaxmMc3R -3j6HEDbhuaR672BQssvKplbgN6+rNBM5Jeg5ZuSYeqoSmJxZZoY+rfGwyj4GD3vw -EUs3oERte8uojHH01bWRNszwFcYr3lEXsZdMUD2xlVl8BX0tIdUAvwFnol57plzy -9yLxkA2T26pEUWbMfXYD62qoKjgZl3YNa4ph+bz27nb9cCvdKTz4Ch5bQhyLVi9V -GxyhLrXHFub4qjySjmm2AcG1hp2JDws4lFTo6tyePSW8Uybt1as5qsVATFSrsrTZ -2fjXctscvG29ZV/viDUqZi/u9rNl8DONfJhBaUYPQxxp+pu10GFqzcpL2UyQRqsV -WaFHVCkugyhfHMKiq3IXAAaOReyL4jM9f9oZRORicsPfIsbyVtTdX5Vy7W1f90gD -W/3FKqD2cyOEEBsB5wIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/ -BAUwAwEB/zAdBgNVHQ4EFgQU43HgntinQtnbcZFrlJPrw6PRFKMwDQYJKoZIhvcN -AQELBQADggIBAEf63QqwEZE4rU1d9+UOl1QZgkiHVIyqZJnYWv6IAcVYpZmxI1Qj -t2odIFflAWJBF9MJ23XLblSQdf4an4EKwt3X9wnQW3IV5B4Jaj0z8yGa5hV+rVHV -DRDtfULAj+7AmgjVQdZcDiFpboBhDhXAuM/FSRJSzL46zNQuOAXeNf0fb7iAaJg9 -TaDKQGXSc3z1i9kKlT/YPyNtGtEqJBnZhbMX73huqVjRI9PHE+1yJX9dsXNw0H8G -lwmEKYBhHfpe/3OsoOOJuBxxFcbeMX8S3OFtm6/n6J91eEyrRjuazr8FGF1NFTwW -mhlQBJqymm9li1JfPFgEKCXAZmExfrngdbkaqIHWchezxQMxNRF4eKLg6TCMf4Df -WN88uieW4oA0beOY02QnrEh+KHdcxiVhJfiFDGX6xDIvpZgF5PgLZxYWxoK4Mhn5 -+bl53B/N66+rDt0b20XkeucC4pVd/GnwU2lhlXV5C15V5jgclKlZM57IcXR5f1GJ -tshquDDIajjDbp7hNxbqBWJMWxJH7ae0s1hWx0nzfxJoCTFx8G34Tkf71oXuxVhA -GaQdp/lLQzfcaFpPz+vCZHTetBXZ9FRUGi8c15dxVJCO2SCdUyt/q4/i6jC8UDfv -8Ue1fXwsBOxonbRJRBD0ckscZOf85muQ3Wl9af0AVqW3rLatt8o+Ae+c ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF8TCCA9mgAwIBAgIQALC3WhZIX7/hy/WL1xnmfTANBgkqhkiG9w0BAQsFADA4 -MQswCQYDVQQGEwJFUzEUMBIGA1UECgwLSVpFTlBFIFMuQS4xEzARBgNVBAMMCkl6 -ZW5wZS5jb20wHhcNMDcxMjEzMTMwODI4WhcNMzcxMjEzMDgyNzI1WjA4MQswCQYD -VQQGEwJFUzEUMBIGA1UECgwLSVpFTlBFIFMuQS4xEzARBgNVBAMMCkl6ZW5wZS5j -b20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDJ03rKDx6sp4boFmVq -scIbRTJxldn+EFvMr+eleQGPicPK8lVx93e+d5TzcqQsRNiekpsUOqHnJJAKClaO -xdgmlOHZSOEtPtoKct2jmRXagaKH9HtuJneJWK3W6wyyQXpzbm3benhB6QiIEn6H -LmYRY2xU+zydcsC8Lv/Ct90NduM61/e0aL6i9eOBbsFGb12N4E3GVFWJGjMxCrFX -uaOKmMPsOzTFlUFpfnXCPCDFYbpRR6AgkJOhkEvzTnyFRVSa0QUmQbC1TR0zvsQD -yCV8wXDbO/QJLVQnSKwv4cSsPsjLkkxTOTcj7NMB+eAJRE1NZMDhDVqHIrytG6P+ -JrUV86f8hBnp7KGItERphIPzidF0BqnMC9bC3ieFUCbKF7jJeodWLBoBHmy+E60Q -rLUk9TiRodZL2vG70t5HtfG8gfZZa88ZU+mNFctKy6lvROUbQc/hhqfK0GqfvEyN -BjNaooXlkDWgYlwWTvDjovoDGrQscbNYLN57C9saD+veIR8GdwYDsMnvmfzAuU8L -hij+0rnq49qlw0dpEuDb8PYZi+17cNcC1u2HGCgsBCRMd+RIihrGO5rUD8r6ddIB -QFqNeb+Lz0vPqhbBleStTIo+F5HUsWLlguWABKQDfo2/2n+iD5dPDNMN+9fR5XJ+ -HMh3/1uaD7euBUbl8agW7EekFwIDAQABo4H2MIHzMIGwBgNVHREEgagwgaWBD2lu -Zm9AaXplbnBlLmNvbaSBkTCBjjFHMEUGA1UECgw+SVpFTlBFIFMuQS4gLSBDSUYg -QTAxMzM3MjYwLVJNZXJjLlZpdG9yaWEtR2FzdGVpeiBUMTA1NSBGNjIgUzgxQzBB -BgNVBAkMOkF2ZGEgZGVsIE1lZGl0ZXJyYW5lbyBFdG9yYmlkZWEgMTQgLSAwMTAx -MCBWaXRvcmlhLUdhc3RlaXowDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC -AQYwHQYDVR0OBBYEFB0cZQ6o8iV7tJHP5LGx5r1VdGwFMA0GCSqGSIb3DQEBCwUA -A4ICAQB4pgwWSp9MiDrAyw6lFn2fuUhfGI8NYjb2zRlrrKvV9pF9rnHzP7MOeIWb -laQnIUdCSnxIOvVFfLMMjlF4rJUT3sb9fbgakEyrkgPH7UIBzg/YsfqikuFgba56 -awmqxinuaElnMIAkejEWOVt+8Rwu3WwJrfIxwYJOubv5vr8qhT/AQKM6WfxZSzwo -JNu0FXWuDYi6LnPAvViH5ULy617uHjAimcs30cQhbIHsvm0m5hzkQiCeR7Csg1lw -LDXWrzY0tM07+DKo7+N4ifuNRSzanLh+QBxh5z6ikixL8s36mLYp//Pye6kfLqCT -VyvehQP5aTfLnnhqBbTFMXiJ7HqnheG5ezzevh55hM6fcA5ZwjUukCox2eRFekGk -LhObNA5me0mrZJfQRsN5nXJQY6aYWwa9SG3YOYNw6DXwBdGqvOPbyALqfP2C2sJb -UjWumDqtujWTI6cfSN01RpiyEGjkpTHCClguGYEQyVB1/OpaFs4R1+7vUIgtYf8/ -QnMFlEPVjjxOAToZpR9GTnfQXeWBIiGH/pR9hNiTrdZoQ0iy2+tzJOeRf1SktoA+ -naM8THLCV8Sg1Mw4J87VBp6iSNnpn86CcDaTmjvfliHjWbcM2pE38P1ZWrOZyGls -QyYBNWNgVYkDOnXYukrZVP/u3oDYLdE41V4tC5h9Pmzb/CaIxw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFwzCCA6ugAwIBAgIUCn6m30tEntpqJIWe5rgV0xZ/u7EwDQYJKoZIhvcNAQEL -BQAwRjELMAkGA1UEBhMCTFUxFjAUBgNVBAoMDUx1eFRydXN0IFMuQS4xHzAdBgNV -BAMMFkx1eFRydXN0IEdsb2JhbCBSb290IDIwHhcNMTUwMzA1MTMyMTU3WhcNMzUw -MzA1MTMyMTU3WjBGMQswCQYDVQQGEwJMVTEWMBQGA1UECgwNTHV4VHJ1c3QgUy5B -LjEfMB0GA1UEAwwWTHV4VHJ1c3QgR2xvYmFsIFJvb3QgMjCCAiIwDQYJKoZIhvcN -AQEBBQADggIPADCCAgoCggIBANeFl78RmOnwYoNMPIf5U2o3C/IPPIfOb9wmKb3F -ibrJgz337spbxm1Jc7TJRqMbNBM/wYlFV/TZsfs2ZUv7COJIcRHIbjuend+JZTem -hfY7RBi2xjcwYkSSl2l9QjAk5A0MiWtj3sXh306pFGxT4GHO9hcvHTy95iJMHZP1 -EMShduxq3sVs35a0VkBCwGKSMKEtFZSg0iAGCW5qbeXrt77U8PEVfIvmTroTzEsn -Xpk8F12PgX8zPU/TPxvsXD/wPEx1bvKm1Z3aLQdjAsZy6ZS8TEmVT4hSyNvoaYL4 -zDRbIvCGp4m9SAptZoFtyMhk+wHh9OHe2Z7d21vUKpkmFRseTJIpgp7VkoGSQXAZ -96Tlk0u8d2cx3Rz9MXANF5kM+Qw5GSoXtTBxVdUPrljhPS80m8+f9niFwpN6cj5m -j5wWEWCPnolvZ77gR1o7DJpni89Gxq44o/KnvObWhWszJHAiS8sIm7vI+AIpHb4g -DEa/a4ebsypmQjVGbKq6rfmYe+lQVRQxv7HaLe2ArWgk+2mr2HETMOZns4dA/Yl+ -8kPREd8vZS9kzl8UubG/Mb2HeFpZZYiq/FkySIbWTLkpS5XTdvN3JW1CHDiDTf2j -X5t/Lax5Gw5CMZdjpPuKadUiDTSQMC6otOBttpSsvItO13D8xTiOZCXhTTmQzsmH -hFhxAgMBAAGjgagwgaUwDwYDVR0TAQH/BAUwAwEB/zBCBgNVHSAEOzA5MDcGByuB -KwEBAQowLDAqBggrBgEFBQcCARYeaHR0cHM6Ly9yZXBvc2l0b3J5Lmx1eHRydXN0 -Lmx1MA4GA1UdDwEB/wQEAwIBBjAfBgNVHSMEGDAWgBT/GCh2+UgFLKGu8SsbK7JT -+Et8szAdBgNVHQ4EFgQU/xgodvlIBSyhrvErGyuyU/hLfLMwDQYJKoZIhvcNAQEL -BQADggIBAGoZFO1uecEsh9QNcH7X9njJCwROxLHOk3D+sFTAMs2ZMGQXvw/l4jP9 -BzZAcg4atmpZ1gDlaCDdLnINH2pkMSCEfUmmWjfrRcmF9dTHF5kH5ptV5AzoqbTO -jFu1EVzPig4N1qx3gf4ynCSecs5U89BvolbW7MM3LGVYvlcAGvI1+ut7MV3CwRI9 -loGIlonBWVx65n9wNOeD4rHh4bhY79SV5GCc8JaXcozrhAIuZY+kt9J/Z93I055c -qqmkoCUUBpvsT34tC38ddfEz2O3OuHVtPlu5mB0xDVbYQw8wkbIEa91WvpWAVWe+ -2M2D2RjuLg+GLZKecBPs3lHJQ3gCpU3I+V/EkVhGFndadKpAvAefMLmx9xIX3eP/ -JEAdemrRTxgKqpAd60Ae36EeRJIQmvKN4dFLRp7oRUKX6kWZ8+xm1QL68qZKJKre -zrnK+T+Tb/mjuuqlPpmt/f97mfVl7vBZKGfXkJWkE4SphMHozs51k2MavDzq1WQf -LSoSOcbDWjLtR5EWDrw4wVDej8oqkDQc7kGUnF4ZLvhFSZl0kbAEb+MEWrGrKqv+ -x9CWttrhSmQGbmBNvUJO/3jaJMobtNeWOWyu8Q6qp31IiyBMz2TWuJdGsE7RKlY6 -oJO9r4Ak4Ap+58rVyuiFVdw2KuGUaJPHZnJED4AhMmwlxyOAgwrr ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIECjCCAvKgAwIBAgIJAMJ+QwRORz8ZMA0GCSqGSIb3DQEBCwUAMIGCMQswCQYD -VQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0 -ZC4xJzAlBgNVBAMMHk1pY3Jvc2VjIGUtU3ppZ25vIFJvb3QgQ0EgMjAwOTEfMB0G -CSqGSIb3DQEJARYQaW5mb0BlLXN6aWduby5odTAeFw0wOTA2MTYxMTMwMThaFw0y -OTEyMzAxMTMwMThaMIGCMQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3Qx -FjAUBgNVBAoMDU1pY3Jvc2VjIEx0ZC4xJzAlBgNVBAMMHk1pY3Jvc2VjIGUtU3pp -Z25vIFJvb3QgQ0EgMjAwOTEfMB0GCSqGSIb3DQEJARYQaW5mb0BlLXN6aWduby5o -dTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOn4j/NjrdqG2KfgQvvP -kd6mJviZpWNwrZuuyjNAfW2WbqEORO7hE52UQlKavXWFdCyoDh2Tthi3jCyoz/tc -cbna7P7ofo/kLx2yqHWH2Leh5TvPmUpG0IMZfcChEhyVbUr02MelTTMuhTlAdX4U -fIASmFDHQWe4oIBhVKZsTh/gnQ4H6cm6M+f+wFUoLAKApxn1ntxVUwOXewdI/5n7 -N4okxFnMUBBjjqqpGrCEGob5X7uxUG6k0QrM1XF+H6cbfPVTbiJfyyvm1HxdrtbC -xkzlBQHZ7Vf8wSN5/PrIJIOV87VqUQHQd9bpEqH5GoP7ghu5sJf0dgYzQ0mg/wu1 -+rUCAwEAAaOBgDB+MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0G -A1UdDgQWBBTLD8bfQkPMPcu1SCOhGnqmKrs0aDAfBgNVHSMEGDAWgBTLD8bfQkPM -Pcu1SCOhGnqmKrs0aDAbBgNVHREEFDASgRBpbmZvQGUtc3ppZ25vLmh1MA0GCSqG -SIb3DQEBCwUAA4IBAQDJ0Q5eLtXMs3w+y/w9/w0olZMEyL/azXm4Q5DwpL7v8u8h -mLzU1F0G9u5C7DBsoKqpyvGvivo/C3NqPuouQH4frlRheesuCDfXI/OMn74dseGk -ddug4lQUsbocKaQY9hK6ohQU4zE1yED/t+AFdlfBHFny+L/k7SViXITwfn4fs775 -tyERzAMBVnCnEJIeGzSBHq2cGsMEPO0CYdYeBvNfOofyK/FFh+U9rNHHV4S9a67c -2Pm2G2JwCz02yULyMtd6YebS2z3PyKnJm9zbWETXbzivf3jTo60adbocwTZ8jx5t -HMN1Rq41Bab2XD0h7lbwyYIiLXpUq3DDfSJlgnCW ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEFTCCAv2gAwIBAgIGSUEs5AAQMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQG -EwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3 -MDUGA1UECwwuVGFuw7pzw610dsOhbnlraWFkw7NrIChDZXJ0aWZpY2F0aW9uIFNl -cnZpY2VzKTE1MDMGA1UEAwwsTmV0TG9jayBBcmFueSAoQ2xhc3MgR29sZCkgRsWR -dGFuw7pzw610dsOhbnkwHhcNMDgxMjExMTUwODIxWhcNMjgxMjA2MTUwODIxWjCB -pzELMAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRUwEwYDVQQKDAxOZXRM -b2NrIEtmdC4xNzA1BgNVBAsMLlRhbsO6c8OtdHbDoW55a2lhZMOzayAoQ2VydGlm -aWNhdGlvbiBTZXJ2aWNlcykxNTAzBgNVBAMMLE5ldExvY2sgQXJhbnkgKENsYXNz -IEdvbGQpIEbFkXRhbsO6c8OtdHbDoW55MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A -MIIBCgKCAQEAxCRec75LbRTDofTjl5Bu0jBFHjzuZ9lk4BqKf8owyoPjIMHj9DrT -lF8afFttvzBPhCf2nx9JvMaZCpDyD/V/Q4Q3Y1GLeqVw/HpYzY6b7cNGbIRwXdrz -AZAj/E4wqX7hJ2Pn7WQ8oLjJM2P+FpD/sLj916jAwJRDC7bVWaaeVtAkH3B5r9s5 -VA1lddkVQZQBr17s9o3x/61k/iCa11zr/qYfCGSji3ZVrR47KGAuhyXoqq8fxmRG -ILdwfzzeSNuWU7c5d+Qa4scWhHaXWy+7GRWF+GmF9ZmnqfI0p6m2pgP8b4Y9VHx2 -BJtr+UBdADTHLpl1neWIA6pN+APSQnbAGwIDAKiLo0UwQzASBgNVHRMBAf8ECDAG -AQH/AgEEMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUzPpnk/C2uNClwB7zU/2M -U9+D15YwDQYJKoZIhvcNAQELBQADggEBAKt/7hwWqZw8UQCgwBEIBaeZ5m8BiFRh -bvG5GK1Krf6BQCOUL/t1fC8oS2IkgYIL9WHxHG64YTjrgfpioTtaYtOUZcTh5m2C -+C8lcLIhJsFyUR+MLMOEkMNaj7rP9KdlpeuY0fsFskZ1FSNqb4VjMIDw1Z4fKRzC -bLBQWV2QWzuoDTDPv31/zvGdg73JRm4gpvlhUbohL3u+pRVjodSVh/GeufOJ8z2F -uLjbvrW5KfnaNwUASZQDhETnv0Mxz3WLJdH0pmT1kvarBes96aULNmLazAZfNou2 -XjG4Kvte9nHfRCaexOYNkbQudZWAUWpLMKawYqGT8ZvYzsRjdT9ZR7E= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID5jCCAs6gAwIBAgIQV8szb8JcFuZHFhfjkDFo4DANBgkqhkiG9w0BAQUFADBi -MQswCQYDVQQGEwJVUzEhMB8GA1UEChMYTmV0d29yayBTb2x1dGlvbnMgTC5MLkMu -MTAwLgYDVQQDEydOZXR3b3JrIFNvbHV0aW9ucyBDZXJ0aWZpY2F0ZSBBdXRob3Jp -dHkwHhcNMDYxMjAxMDAwMDAwWhcNMjkxMjMxMjM1OTU5WjBiMQswCQYDVQQGEwJV -UzEhMB8GA1UEChMYTmV0d29yayBTb2x1dGlvbnMgTC5MLkMuMTAwLgYDVQQDEydO -ZXR3b3JrIFNvbHV0aW9ucyBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkvH6SMG3G2I4rC7xGzuAnlt7e+foS0zwz -c7MEL7xxjOWftiJgPl9dzgn/ggwbmlFQGiaJ3dVhXRncEg8tCqJDXRfQNJIg6nPP -OCwGJgl6cvf6UDL4wpPTaaIjzkGxzOTVHzbRijr4jGPiFFlp7Q3Tf2vouAPlT2rl -mGNpSAW+Lv8ztumXWWn4Zxmuk2GWRBXTcrA/vGp97Eh/jcOrqnErU2lBUzS1sLnF -BgrEsEX1QV1uiUV7PTsmjHTC5dLRfbIR1PtYMiKagMnc/Qzpf14Dl847ABSHJ3A4 -qY5usyd2mFHgBeMhqxrVhSI8KbWaFsWAqPS7azCPL0YCorEMIuDTAgMBAAGjgZcw -gZQwHQYDVR0OBBYEFCEwyfsA106Y2oeqKtCnLrFAMadMMA4GA1UdDwEB/wQEAwIB -BjAPBgNVHRMBAf8EBTADAQH/MFIGA1UdHwRLMEkwR6BFoEOGQWh0dHA6Ly9jcmwu -bmV0c29sc3NsLmNvbS9OZXR3b3JrU29sdXRpb25zQ2VydGlmaWNhdGVBdXRob3Jp -dHkuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQC7rkvnt1frf6ott3NHhWrB5KUd5Oc8 -6fRZZXe1eltajSU24HqXLjjAV2CDmAaDn7l2em5Q4LqILPxFzBiwmZVRDuwduIj/ -h1AcgsLj4DKAv6ALR8jDMe+ZZzKATxcheQxpXN5eNK4CtSbqUN9/GGUsyfJj4akH -/nxxH2szJGoeBfcFaMBqEssuXmHLrijTfsK0ZpEmXzwuJF/LWA/rKOyvEZbz3Htv -wKeI8lN3s2Berq4o2jUsbzRF0ybh3uxbTydrFny9RAQYgrOJeRcQcT16ohZO9QHN -pGxlaKFJdlxDydi8NmdspZS11My5vWo1ViHe2MPr+8ukYEywVaCge1ey ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID8TCCAtmgAwIBAgIQQT1yx/RrH4FDffHSKFTfmjANBgkqhkiG9w0BAQUFADCB -ijELMAkGA1UEBhMCQ0gxEDAOBgNVBAoTB1dJU2VLZXkxGzAZBgNVBAsTEkNvcHly -aWdodCAoYykgMjAwNTEiMCAGA1UECxMZT0lTVEUgRm91bmRhdGlvbiBFbmRvcnNl -ZDEoMCYGA1UEAxMfT0lTVEUgV0lTZUtleSBHbG9iYWwgUm9vdCBHQSBDQTAeFw0w -NTEyMTExNjAzNDRaFw0zNzEyMTExNjA5NTFaMIGKMQswCQYDVQQGEwJDSDEQMA4G -A1UEChMHV0lTZUtleTEbMBkGA1UECxMSQ29weXJpZ2h0IChjKSAyMDA1MSIwIAYD -VQQLExlPSVNURSBGb3VuZGF0aW9uIEVuZG9yc2VkMSgwJgYDVQQDEx9PSVNURSBX -SVNlS2V5IEdsb2JhbCBSb290IEdBIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A -MIIBCgKCAQEAy0+zAJs9Nt350UlqaxBJH+zYK7LG+DKBKUOVTJoZIyEVRd7jyBxR -VVuuk+g3/ytr6dTqvirdqFEr12bDYVxgAsj1znJ7O7jyTmUIms2kahnBAbtzptf2 -w93NvKSLtZlhuAGio9RN1AU9ka34tAhxZK9w8RxrfvbDd50kc3vkDIzh2TbhmYsF -mQvtRTEJysIA2/dyoJaqlYfQjse2YXMNdmaM3Bu0Y6Kff5MTMPGhJ9vZ/yxViJGg -4E8HsChWjBgbl0SOid3gF27nKu+POQoxhILYQBRJLnpB5Kf+42TMwVlxSywhp1t9 -4B3RLoGbw9ho972WG6xwsRYUC9tguSYBBQIDAQABo1EwTzALBgNVHQ8EBAMCAYYw -DwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUswN+rja8sHnR3JQmthG+IbJphpQw -EAYJKwYBBAGCNxUBBAMCAQAwDQYJKoZIhvcNAQEFBQADggEBAEuh/wuHbrP5wUOx -SPMowB0uyQlB+pQAHKSkq0lPjz0e701vvbyk9vImMMkQyh2I+3QZH4VFvbBsUfk2 -ftv1TDI6QU9bR8/oCy22xBmddMVHxjtqD6wU2zz0c5ypBd8A3HR4+vg1YFkCExh8 -vPtNsCBtQ7tgMHpnM1zFmdH4LTlSc/uMqpclXHLZCB6rTjzjgTGfA6b7wP4piFXa -hNVQA7bihKOmNqoROgHhGEvWRGizPflTdISzRpFGlgC3gCy24eMQ4tui5yiPAZZi -Fj4A4xylNoEYokxSdsARo27mHbrjWr42U8U+dY+GaSlYU7Wcu2+fXMUY7N0v4ZjJ -/L7fCg0= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDtTCCAp2gAwIBAgIQdrEgUnTwhYdGs/gjGvbCwDANBgkqhkiG9w0BAQsFADBt -MQswCQYDVQQGEwJDSDEQMA4GA1UEChMHV0lTZUtleTEiMCAGA1UECxMZT0lTVEUg -Rm91bmRhdGlvbiBFbmRvcnNlZDEoMCYGA1UEAxMfT0lTVEUgV0lTZUtleSBHbG9i -YWwgUm9vdCBHQiBDQTAeFw0xNDEyMDExNTAwMzJaFw0zOTEyMDExNTEwMzFaMG0x -CzAJBgNVBAYTAkNIMRAwDgYDVQQKEwdXSVNlS2V5MSIwIAYDVQQLExlPSVNURSBG -b3VuZGF0aW9uIEVuZG9yc2VkMSgwJgYDVQQDEx9PSVNURSBXSVNlS2V5IEdsb2Jh -bCBSb290IEdCIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Be3 -HEokKtaXscriHvt9OO+Y9bI5mE4nuBFde9IllIiCFSZqGzG7qFshISvYD06fWvGx -WuR51jIjK+FTzJlFXHtPrby/h0oLS5daqPZI7H17Dc0hBt+eFf1Biki3IPShehtX -1F1Q/7pn2COZH8g/497/b1t3sWtuuMlk9+HKQUYOKXHQuSP8yYFfTvdv37+ErXNk -u7dCjmn21HYdfp2nuFeKUWdy19SouJVUQHMD9ur06/4oQnc/nSMbsrY9gBQHTC5P -99UKFg29ZkM3fiNDecNAhvVMKdqOmq0NpQSHiB6F4+lT1ZvIiwNjeOvgGUpuuy9r -M2RYk61pv48b74JIxwIDAQABo1EwTzALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUw -AwEB/zAdBgNVHQ4EFgQUNQ/INmNe4qPs+TtmFc5RUuORmj0wEAYJKwYBBAGCNxUB -BAMCAQAwDQYJKoZIhvcNAQELBQADggEBAEBM+4eymYGQfp3FsLAmzYh7KzKNbrgh -cViXfa43FK8+5/ea4n32cZiZBKpDdHij40lhPnOMTZTg+XHEthYOU3gf1qKHLwI5 -gSk8rxWYITD+KJAAjNHhy/peyP34EEY7onhCkRd0VQreUGdNZtGn//3ZwLWoo4rO -ZvUPQ82nK1d7Y0Zqqi5S2PTt4W2tKZB4SLrhI6qjiey1q5bAtEuiHZeeevJuQHHf -aPFlTc58Bd9TZaml8LGXBHAVRgOY1NK/VLSgWH1Sb9pWJmLU2NuJMW8c8CLC02Ic -Nc1MaRVUGpCY3useX8p3x8uOPUNpnJpY0CQ73xtAln41rYHHTnG6iBM= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFbzCCA1egAwIBAgISESCzkFU5fX82bWTCp59rY45nMA0GCSqGSIb3DQEBCwUA -MEAxCzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9w -ZW5UcnVzdCBSb290IENBIEcxMB4XDTE0MDUyNjA4NDU1MFoXDTM4MDExNTAwMDAw -MFowQDELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCU9wZW5UcnVzdDEdMBsGA1UEAwwU -T3BlblRydXN0IFJvb3QgQ0EgRzEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK -AoICAQD4eUbalsUwXopxAy1wpLuwxQjczeY1wICkES3d5oeuXT2R0odsN7faYp6b -wiTXj/HbpqbfRm9RpnHLPhsxZ2L3EVs0J9V5ToybWL0iEA1cJwzdMOWo010hOHQX -/uMftk87ay3bfWAfjH1MBcLrARYVmBSO0ZB3Ij/swjm4eTrwSSTilZHcYTSSjFR0 -77F9jAHiOH3BX2pfJLKOYheteSCtqx234LSWSE9mQxAGFiQD4eCcjsZGT44ameGP -uY4zbGneWK2gDqdkVBFpRGZPTBKnjix9xNRbxQA0MMHZmf4yzgeEtE7NCv82TWLx -p2NX5Ntqp66/K7nJ5rInieV+mhxNaMbBGN4zK1FGSxyO9z0M+Yo0FMT7MzUj8czx -Kselu7Cizv5Ta01BG2Yospb6p64KTrk5M0ScdMGTHPjgniQlQ/GbI4Kq3ywgsNw2 -TgOzfALU5nsaqocTvz6hdLubDuHAk5/XpGbKuxs74zD0M1mKB3IDVedzagMxbm+W -G+Oin6+Sx+31QrclTDsTBM8clq8cIqPQqwWyTBIjUtz9GVsnnB47ev1CI9sjgBPw -vFEVVJSmdz7QdFG9URQIOTfLHzSpMJ1ShC5VkLG631UAC9hWLbFJSXKAqWLXwPYY -EQRVzXR7z2FwefR7LFxckvzluFqrTJOVoSfupb7PcSNCupt2LQIDAQABo2MwYTAO -BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUl0YhVyE1 -2jZVx/PxN3DlCPaTKbYwHwYDVR0jBBgwFoAUl0YhVyE12jZVx/PxN3DlCPaTKbYw -DQYJKoZIhvcNAQELBQADggIBAB3dAmB84DWn5ph76kTOZ0BP8pNuZtQ5iSas000E -PLuHIT839HEl2ku6q5aCgZG27dmxpGWX4m9kWaSW7mDKHyP7Rbr/jyTwyqkxf3kf -gLMtMrpkZ2CvuVnN35pJ06iCsfmYlIrM4LvgBBuZYLFGZdwIorJGnkSI6pN+VxbS -FXJfLkur1J1juONI5f6ELlgKn0Md/rcYkoZDSw6cMoYsYPXpSOqV7XAp8dUv/TW0 -V8/bhUiZucJvbI/NeJWsZCj9VrDDb8O+WVLhX4SPgPL0DTatdrOjteFkdjpY3H1P -XlZs5VVZV6Xf8YpmMIzUUmI4d7S+KNfKNsSbBfD4Fdvb8e80nR14SohWZ25g/4/I -i+GOvUKpMwpZQhISKvqxnUOOBZuZ2mKtVzazHbYNeS2WuOvyDEsMpZTGMKcmGS3t -TAZQMPH9WD25SxdfGbRqhFS0OE85og2WaMMolP3tLR9Ka0OWLpABEPs4poEL0L91 -09S5zvE/bw4cHjdx5RiHdRk/ULlepEU0rbDK5uUTdg8xFKmOLZTW1YVNcxVPS/Ky -Pu1svf0OnWZzsD2097+o4BGkxK51CUpjAEggpsadCwmKtODmzj7HPiY46SvepghJ -AwSQiumPv+i2tCqjI40cHLI5kqiPAlxAOXXUc0ECd97N4EOH1uS6SsNsEn/+KuYj -1oxx ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFbzCCA1egAwIBAgISESChaRu/vbm9UpaPI+hIvyYRMA0GCSqGSIb3DQEBDQUA -MEAxCzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9w -ZW5UcnVzdCBSb290IENBIEcyMB4XDTE0MDUyNjAwMDAwMFoXDTM4MDExNTAwMDAw -MFowQDELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCU9wZW5UcnVzdDEdMBsGA1UEAwwU -T3BlblRydXN0IFJvb3QgQ0EgRzIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK -AoICAQDMtlelM5QQgTJT32F+D3Y5z1zCU3UdSXqWON2ic2rxb95eolq5cSG+Ntmh -/LzubKh8NBpxGuga2F8ORAbtp+Dz0mEL4DKiltE48MLaARf85KxP6O6JHnSrT78e -CbY2albz4e6WiWYkBuTNQjpK3eCasMSCRbP+yatcfD7J6xcvDH1urqWPyKwlCm/6 -1UWY0jUJ9gNDlP7ZvyCVeYCYitmJNbtRG6Q3ffyZO6v/v6wNj0OxmXsWEH4db0fE -FY8ElggGQgT4hNYdvJGmQr5J1WqIP7wtUdGejeBSzFfdNTVY27SPJIjki9/ca1TS -gSuyzpJLHB9G+h3Ykst2Z7UJmQnlrBcUVXDGPKBWCgOz3GIZ38i1MH/1PCZ1Eb3X -G7OHngevZXHloM8apwkQHZOJZlvoPGIytbU6bumFAYueQ4xncyhZW+vj3CzMpSZy -YhK05pyDRPZRpOLAeiRXyg6lPzq1O4vldu5w5pLeFlwoW5cZJ5L+epJUzpM5ChaH -vGOz9bGTXOBut9Dq+WIyiET7vycotjCVXRIouZW+j1MY5aIYFuJWpLIsEPUdN6b4 -t/bQWVyJ98LVtZR00dX+G7bw5tYee9I8y6jj9RjzIR9u701oBnstXW5DiabA+aC/ -gh7PU3+06yzbXfZqfUAkBXKJOAGTy3HCOV0GEfZvePg3DTmEJwIDAQABo2MwYTAO -BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUajn6QiL3 -5okATV59M4PLuG53hq8wHwYDVR0jBBgwFoAUajn6QiL35okATV59M4PLuG53hq8w -DQYJKoZIhvcNAQENBQADggIBAJjLq0A85TMCl38th6aP1F5Kr7ge57tx+4BkJamz -Gj5oXScmp7oq4fBXgwpkTx4idBvpkF/wrM//T2h6OKQQbA2xx6R3gBi2oihEdqc0 -nXGEL8pZ0keImUEiyTCYYW49qKgFbdEfwFFEVn8nNQLdXpgKQuswv42hm1GqO+qT -RmTFAHneIWv2V6CG1wZy7HBGS4tz3aAhdT7cHcCP009zHIXZ/n9iyJVvttN7jLpT -wm+bREx50B1ws9efAvSyB7DH5fitIw6mVskpEndI2S9G/Tvw/HRwkqWOOAgfZDC2 -t0v7NqwQjqBSM2OdAzVWxWm9xiNaJ5T2pBL4LTM8oValX9YZ6e18CL13zSdkzJTa -TkZQh+D5wVOAHrut+0dSixv9ovneDiK3PTNZbNTe9ZUGMg1RGUFcPk8G97krgCf2 -o6p6fAbhQ8MTOWIaNr3gKC6UAuQpLmBVrkA9sHSSXvAgZJY/X0VdiLWK2gKgW0VU -3jg9CcCoSmVGFvyqv1ROTVu+OEO3KMqLM6oaJbolXCkvW0pujOotnCr2BXbgd5eA -iN1nE28daCSLT7d0geX0YJ96Vdc+N9oWaz53rK4YcJUIeSkDiv7BO7M/Gg+kO14f -WKGVyasvc0rQLW6aWQ9VGHgtPFGml4vmu7JwqkwR3v98KzfUetF3NI/n+UL3PIEM -S1IK ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICITCCAaagAwIBAgISESDm+Ez8JLC+BUCs2oMbNGA/MAoGCCqGSM49BAMDMEAx -CzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9wZW5U -cnVzdCBSb290IENBIEczMB4XDTE0MDUyNjAwMDAwMFoXDTM4MDExNTAwMDAwMFow -QDELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCU9wZW5UcnVzdDEdMBsGA1UEAwwUT3Bl -blRydXN0IFJvb3QgQ0EgRzMwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAARK7liuTcpm -3gY6oxH84Bjwbhy6LTAMidnW7ptzg6kjFYwvWYpa3RTqnVkrQ7cG7DK2uu5Bta1d -oYXM6h0UZqNnfkbilPPntlahFVmhTzeXuSIevRHr9LIfXsMUmuXZl5mjYzBhMA4G -A1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRHd8MUi2I5 -DMlv4VBN0BBY3JWIbTAfBgNVHSMEGDAWgBRHd8MUi2I5DMlv4VBN0BBY3JWIbTAK -BggqhkjOPQQDAwNpADBmAjEAj6jcnboMBBf6Fek9LykBl7+BFjNAk2z8+e2AcG+q -j9uEwov1NcoG3GRvaBbhj5G5AjEA2Euly8LQCGzpGPta3U1fJAuwACEl74+nBCZx -4nxp5V2a+EEfOzmTk51V6s2N8fvB ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF0DCCBLigAwIBAgIEOrZQizANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJC -TTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDElMCMGA1UECxMcUm9vdCBDZXJ0 -aWZpY2F0aW9uIEF1dGhvcml0eTEuMCwGA1UEAxMlUXVvVmFkaXMgUm9vdCBDZXJ0 -aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wMTAzMTkxODMzMzNaFw0yMTAzMTcxODMz -MzNaMH8xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMSUw -IwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MS4wLAYDVQQDEyVR -dW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG -9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2G1lVO6V/z68mcLOhrfEYBklbTRvM16z/Yp -li4kVEAkOPcahdxYTMukJ0KX0J+DisPkBgNbAKVRHnAEdOLB1Dqr1607BxgFjv2D -rOpm2RgbaIr1VxqYuvXtdj182d6UajtLF8HVj71lODqV0D1VNk7feVcxKh7YWWVJ -WCCYfqtffp/p1k3sg3Spx2zY7ilKhSoGFPlU5tPaZQeLYzcS19Dsw3sgQUSj7cug -F+FxZc4dZjH3dgEZyH0DWLaVSR2mEiboxgx24ONmy+pdpibu5cxfvWenAScOospU -xbF6lR1xHkopigPcakXBpBlebzbNw6Kwt/5cOOJSvPhEQ+aQuwIDAQABo4ICUjCC -Ak4wPQYIKwYBBQUHAQEEMTAvMC0GCCsGAQUFBzABhiFodHRwczovL29jc3AucXVv -dmFkaXNvZmZzaG9yZS5jb20wDwYDVR0TAQH/BAUwAwEB/zCCARoGA1UdIASCAREw -ggENMIIBCQYJKwYBBAG+WAABMIH7MIHUBggrBgEFBQcCAjCBxxqBxFJlbGlhbmNl -IG9uIHRoZSBRdW9WYWRpcyBSb290IENlcnRpZmljYXRlIGJ5IGFueSBwYXJ0eSBh -c3N1bWVzIGFjY2VwdGFuY2Ugb2YgdGhlIHRoZW4gYXBwbGljYWJsZSBzdGFuZGFy -ZCB0ZXJtcyBhbmQgY29uZGl0aW9ucyBvZiB1c2UsIGNlcnRpZmljYXRpb24gcHJh -Y3RpY2VzLCBhbmQgdGhlIFF1b1ZhZGlzIENlcnRpZmljYXRlIFBvbGljeS4wIgYI -KwYBBQUHAgEWFmh0dHA6Ly93d3cucXVvdmFkaXMuYm0wHQYDVR0OBBYEFItLbe3T -KbkGGew5Oanwl4Rqy+/fMIGuBgNVHSMEgaYwgaOAFItLbe3TKbkGGew5Oanwl4Rq -y+/foYGEpIGBMH8xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1p -dGVkMSUwIwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MS4wLAYD -VQQDEyVRdW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggQ6tlCL -MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAitQUtf70mpKnGdSk -fnIYj9lofFIk3WdvOXrEql494liwTXCYhGHoG+NpGA7O+0dQoE7/8CQfvbLO9Sf8 -7C9TqnN7Az10buYWnuulLsS/VidQK2K6vkscPFVcQR0kvoIgR13VRH56FmjffU1R -cHhXHTMe/QKZnAzNCgVPx7uOpHX6Sm2xgI4JVrmcGmD+XcHXetwReNDWXcG31a0y -mQM6isxUJTkxgXsTIlG6Rmyhu576BGxJJnSP0nPrzDCi5upZIof4l/UO/erMkqQW -xFIY6iHOsfHmhIHluqmGKPJDWl0Snawe2ajlCmqnf6CHKc/yiU3U7MXi5nrQNiOK -SnQ2+Q== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFYDCCA0igAwIBAgIUeFhfLq0sGUvjNwc1NBMotZbUZZMwDQYJKoZIhvcNAQEL -BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc -BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMSBHMzAeFw0xMjAxMTIxNzI3NDRaFw00 -MjAxMTIxNzI3NDRaMEgxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM -aW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDEgRzMwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQCgvlAQjunybEC0BJyFuTHK3C3kEakEPBtV -wedYMB0ktMPvhd6MLOHBPd+C5k+tR4ds7FtJwUrVu4/sh6x/gpqG7D0DmVIB0jWe -rNrwU8lmPNSsAgHaJNM7qAJGr6Qc4/hzWHa39g6QDbXwz8z6+cZM5cOGMAqNF341 -68Xfuw6cwI2H44g4hWf6Pser4BOcBRiYz5P1sZK0/CPTz9XEJ0ngnjybCKOLXSoh -4Pw5qlPafX7PGglTvF0FBM+hSo+LdoINofjSxxR3W5A2B4GbPgb6Ul5jxaYA/qXp -UhtStZI5cgMJYr2wYBZupt0lwgNm3fME0UDiTouG9G/lg6AnhF4EwfWQvTA9xO+o -abw4m6SkltFi2mnAAZauy8RRNOoMqv8hjlmPSlzkYZqn0ukqeI1RPToV7qJZjqlc -3sX5kCLliEVx3ZGZbHqfPT2YfF72vhZooF6uCyP8Wg+qInYtyaEQHeTTRCOQiJ/G -KubX9ZqzWB4vMIkIG1SitZgj7Ah3HJVdYdHLiZxfokqRmu8hqkkWCKi9YSgxyXSt -hfbZxbGL0eUQMk1fiyA6PEkfM4VZDdvLCXVDaXP7a3F98N/ETH3Goy7IlXnLc6KO -Tk0k+17kBL5yG6YnLUlamXrXXAkgt3+UuU/xDRxeiEIbEbfnkduebPRq34wGmAOt -zCjvpUfzUwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB -BjAdBgNVHQ4EFgQUo5fW816iEOGrRZ88F2Q87gFwnMwwDQYJKoZIhvcNAQELBQAD -ggIBABj6W3X8PnrHX3fHyt/PX8MSxEBd1DKquGrX1RUVRpgjpeaQWxiZTOOtQqOC -MTaIzen7xASWSIsBx40Bz1szBpZGZnQdT+3Btrm0DWHMY37XLneMlhwqI2hrhVd2 -cDMT/uFPpiN3GPoajOi9ZcnPP/TJF9zrx7zABC4tRi9pZsMbj/7sPtPKlL92CiUN -qXsCHKnQO18LwIE6PWThv6ctTr1NxNgpxiIY0MWscgKCP6o6ojoilzHdCGPDdRS5 -YCgtW2jgFqlmgiNR9etT2DGbe+m3nUvriBbP+V04ikkwj+3x6xn0dxoxGE1nVGwv -b2X52z3sIexe9PSLymBlVNFxZPT5pqOBMzYzcfCkeF9OrYMh3jRJjehZrJ3ydlo2 -8hP0r+AJx2EqbPfgna67hkooby7utHnNkDPDs3b69fBsnQGQ+p6Q9pxyz0fawx/k -NSBT8lTR32GDpgLiJTjehTItXnOQUl1CxM49S+H5GYQd1aJQzEH7QRTDvdbJWqNj -ZgKAvQU6O0ec7AAmTPWIUb+oI38YB7AL7YsmoWTTYUrrXJ/es69nA7Mf3W1daWhp -q1467HxpvMc7hU6eFbm0FU/DlXpY18ls6Wy58yljXrQs8C097Vpl4KlbQMJImYFt -nh8GKjwStIsPm6Ik8KaN1nrgS7ZklmOVhMJKzRwuJIczYOXD ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFtzCCA5+gAwIBAgICBQkwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0x -GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJv -b3QgQ0EgMjAeFw0wNjExMjQxODI3MDBaFw0zMTExMjQxODIzMzNaMEUxCzAJBgNV -BAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMRswGQYDVQQDExJRdW9W -YWRpcyBSb290IENBIDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCa -GMpLlA0ALa8DKYrwD4HIrkwZhR0In6spRIXzL4GtMh6QRr+jhiYaHv5+HBg6XJxg -Fyo6dIMzMH1hVBHL7avg5tKifvVrbxi3Cgst/ek+7wrGsxDp3MJGF/hd/aTa/55J -WpzmM+Yklvc/ulsrHHo1wtZn/qtmUIttKGAr79dgw8eTvI02kfN/+NsRE8Scd3bB -rrcCaoF6qUWD4gXmuVbBlDePSHFjIuwXZQeVikvfj8ZaCuWw419eaxGrDPmF60Tp -+ARz8un+XJiM9XOva7R+zdRcAitMOeGylZUtQofX1bOQQ7dsE/He3fbE+Ik/0XX1 -ksOR1YqI0JDs3G3eicJlcZaLDQP9nL9bFqyS2+r+eXyt66/3FsvbzSUr5R/7mp/i -Ucw6UwxI5g69ybR2BlLmEROFcmMDBOAENisgGQLodKcftslWZvB1JdxnwQ5hYIiz -PtGo/KPaHbDRsSNU30R2be1B2MGyIrZTHN81Hdyhdyox5C315eXbyOD/5YDXC2Og -/zOhD7osFRXql7PSorW+8oyWHhqPHWykYTe5hnMz15eWniN9gqRMgeKh0bpnX5UH -oycR7hYQe7xFSkyyBNKr79X9DFHOUGoIMfmR2gyPZFwDwzqLID9ujWc9Otb+fVuI -yV77zGHcizN300QyNQliBJIWENieJ0f7OyHj+OsdWwIDAQABo4GwMIGtMA8GA1Ud -EwEB/wQFMAMBAf8wCwYDVR0PBAQDAgEGMB0GA1UdDgQWBBQahGK8SEwzJQTU7tD2 -A8QZRtGUazBuBgNVHSMEZzBlgBQahGK8SEwzJQTU7tD2A8QZRtGUa6FJpEcwRTEL -MAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMT -ElF1b1ZhZGlzIFJvb3QgQ0EgMoICBQkwDQYJKoZIhvcNAQEFBQADggIBAD4KFk2f -BluornFdLwUvZ+YTRYPENvbzwCYMDbVHZF34tHLJRqUDGCdViXh9duqWNIAXINzn -g/iN/Ae42l9NLmeyhP3ZRPx3UIHmfLTJDQtyU/h2BwdBR5YM++CCJpNVjP4iH2Bl -fF/nJrP3MpCYUNQ3cVX2kiF495V5+vgtJodmVjB3pjd4M1IQWK4/YY7yarHvGH5K -WWPKjaJW1acvvFYfzznB4vsKqBUsfU16Y8Zsl0Q80m/DShcK+JDSV6IZUaUtl0Ha -B0+pUNqQjZRG4T7wlP0QADj1O+hA4bRuVhogzG9Yje0uRY/W6ZM/57Es3zrWIozc -hLsib9D45MY56QSIPMO661V6bYCZJPVsAfv4l7CUW+v90m/xd2gNNWQjrLhVoQPR -TUIZ3Ph1WVaj+ahJefivDrkRoHy3au000LYmYjgahwz46P0u05B/B5EqHdZ+XIWD -mbA4CD/pXvk1B+TJYm5Xf6dQlfe6yJvmjqIBxdZmv3lh8zwc4bmCXF2gw+nYSL0Z -ohEUGW6yhhtoPkg3Goi3XZZenMfvJ2II4pEZXNLxId26F0KCl3GBUzGpn/Z9Yr9y -4aOTHcyKJloJONDO1w2AFrR4pTqHTI2KpdVGl/IsELm8VCLAAVBpQ570su9t+Oza -8eOx79+Rj1QqCyXBJhnEUhAFZdWCEOrCMc0u ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFYDCCA0igAwIBAgIURFc0JFuBiZs18s64KztbpybwdSgwDQYJKoZIhvcNAQEL -BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc -BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMiBHMzAeFw0xMjAxMTIxODU5MzJaFw00 -MjAxMTIxODU5MzJaMEgxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM -aW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDIgRzMwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQChriWyARjcV4g/Ruv5r+LrI3HimtFhZiFf -qq8nUeVuGxbULX1QsFN3vXg6YOJkApt8hpvWGo6t/x8Vf9WVHhLL5hSEBMHfNrMW -n4rjyduYNM7YMxcoRvynyfDStNVNCXJJ+fKH46nafaF9a7I6JaltUkSs+L5u+9ym -c5GQYaYDFCDy54ejiK2toIz/pgslUiXnFgHVy7g1gQyjO/Dh4fxaXc6AcW34Sas+ -O7q414AB+6XrW7PFXmAqMaCvN+ggOp+oMiwMzAkd056OXbxMmO7FGmh77FOm6RQ1 -o9/NgJ8MSPsc9PG/Srj61YxxSscfrf5BmrODXfKEVu+lV0POKa2Mq1W/xPtbAd0j -IaFYAI7D0GoT7RPjEiuA3GfmlbLNHiJuKvhB1PLKFAeNilUSxmn1uIZoL1NesNKq -IcGY5jDjZ1XHm26sGahVpkUG0CM62+tlXSoREfA7T8pt9DTEceT/AFr2XK4jYIVz -8eQQsSWu1ZK7E8EM4DnatDlXtas1qnIhO4M15zHfeiFuuDIIfR0ykRVKYnLP43eh -vNURG3YBZwjgQQvD6xVu+KQZ2aKrr+InUlYrAoosFCT5v0ICvybIxo/gbjh9Uy3l -7ZizlWNof/k19N+IxWA1ksB8aRxhlRbQ694Lrz4EEEVlWFA4r0jyWbYW8jwNkALG -cC4BrTwV1wIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB -BjAdBgNVHQ4EFgQU7edvdlq/YOxJW8ald7tyFnGbxD0wDQYJKoZIhvcNAQELBQAD -ggIBAJHfgD9DCX5xwvfrs4iP4VGyvD11+ShdyLyZm3tdquXK4Qr36LLTn91nMX66 -AarHakE7kNQIXLJgapDwyM4DYvmL7ftuKtwGTTwpD4kWilhMSA/ohGHqPHKmd+RC -roijQ1h5fq7KpVMNqT1wvSAZYaRsOPxDMuHBR//47PERIjKWnML2W2mWeyAMQ0Ga -W/ZZGYjeVYg3UQt4XAoeo0L9x52ID8DyeAIkVJOviYeIyUqAHerQbj5hLja7NQ4n -lv1mNDthcnPxFlxHBlRJAHpYErAK74X9sbgzdWqTHBLmYF5vHX/JHyPLhGGfHoJE -+V+tYlUkmlKY7VHnoX6XOuYvHxHaU4AshZ6rNRDbIl9qxV6XU/IyAgkwo1jwDQHV -csaxfGl7w/U2Rcxhbl5MlMVerugOXou/983g7aEOGzPuVBj+D77vfoRrQ+NwmNtd -dbINWQeFFSM51vHfqSYP1kjHs6Yi9TM3WpVHn3u6GBVv/9YUZINJ0gpnIdsPNWNg -KCLjsZWDzYWm3S8P52dSbrsvhXz1SnPnxT7AvSESBT/8twNJAlvIJebiVDj1eYeM -HVOyToV7BjjHLPj4sHKNJeV3UvQDHEimUF+IIDBu8oJDqz2XhOdT+yHBTw8imoa4 -WSr2Rz0ZiC3oheGe7IUIarFsNMkd7EgrO3jtZsSOeWmD3n+M ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIGnTCCBIWgAwIBAgICBcYwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0x -GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJv -b3QgQ0EgMzAeFw0wNjExMjQxOTExMjNaFw0zMTExMjQxOTA2NDRaMEUxCzAJBgNV -BAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMRswGQYDVQQDExJRdW9W -YWRpcyBSb290IENBIDMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDM -V0IWVJzmmNPTTe7+7cefQzlKZbPoFog02w1ZkXTPkrgEQK0CSzGrvI2RaNggDhoB -4hp7Thdd4oq3P5kazethq8Jlph+3t723j/z9cI8LoGe+AaJZz3HmDyl2/7FWeUUr -H556VOijKTVopAFPD6QuN+8bv+OPEKhyq1hX51SGyMnzW9os2l2ObjyjPtr7guXd -8lyyBTNvijbO0BNO/79KDDRMpsMhvVAEVeuxu537RR5kFd5VAYwCdrXLoT9Cabwv -vWhDFlaJKjdhkf2mrk7AyxRllDdLkgbvBNDInIjbC3uBr7E9KsRlOni27tyAsdLT -mZw67mtaa7ONt9XOnMK+pUsvFrGeaDsGb659n/je7Mwpp5ijJUMv7/FfJuGITfhe -btfZFG4ZM2mnO4SJk8RTVROhUXhA+LjJou57ulJCg54U7QVSWllWp5f8nT8KKdjc -T5EOE7zelaTfi5m+rJsziO+1ga8bxiJTyPbH7pcUsMV8eFLI8M5ud2CEpukqdiDt -WAEXMJPpGovgc2PZapKUSU60rUqFxKMiMPwJ7Wgic6aIDFUhWMXhOp8q3crhkODZ -c6tsgLjoC2SToJyMGf+z0gzskSaHirOi4XCPLArlzW1oUevaPwV/izLmE1xr/l9A -4iLItLRkT9a6fUg+qGkM17uGcclzuD87nSVL2v9A6wIDAQABo4IBlTCCAZEwDwYD -VR0TAQH/BAUwAwEB/zCB4QYDVR0gBIHZMIHWMIHTBgkrBgEEAb5YAAMwgcUwgZMG -CCsGAQUFBwICMIGGGoGDQW55IHVzZSBvZiB0aGlzIENlcnRpZmljYXRlIGNvbnN0 -aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFF1b1ZhZGlzIFJvb3QgQ0EgMyBDZXJ0 -aWZpY2F0ZSBQb2xpY3kgLyBDZXJ0aWZpY2F0aW9uIFByYWN0aWNlIFN0YXRlbWVu -dC4wLQYIKwYBBQUHAgEWIWh0dHA6Ly93d3cucXVvdmFkaXNnbG9iYWwuY29tL2Nw -czALBgNVHQ8EBAMCAQYwHQYDVR0OBBYEFPLAE+CCQz777i9nMpY1XNu4ywLQMG4G -A1UdIwRnMGWAFPLAE+CCQz777i9nMpY1XNu4ywLQoUmkRzBFMQswCQYDVQQGEwJC -TTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDEbMBkGA1UEAxMSUXVvVmFkaXMg -Um9vdCBDQSAzggIFxjANBgkqhkiG9w0BAQUFAAOCAgEAT62gLEz6wPJv92ZVqyM0 -7ucp2sNbtrCD2dDQ4iH782CnO11gUyeim/YIIirnv6By5ZwkajGxkHon24QRiSem -d1o417+shvzuXYO8BsbRd2sPbSQvS3pspweWyuOEn62Iix2rFo1bZhfZFvSLgNLd -+LJ2w/w4E6oM3kJpK27zPOuAJ9v1pkQNn1pVWQvVDVJIxa6f8i+AxeoyUDUSly7B -4f/xI4hROJ/yZlZ25w9Rl6VSDE1JUZU2Pb+iSwwQHYaZTKrzchGT5Or2m9qoXadN -t54CrnMAyNojA+j56hl0YgCUyyIgvpSnWbWCar6ZeXqp8kokUvd0/bpO5qgdAm6x -DYBEwa7TIzdfu4V8K5Iu6H6li92Z4b8nby1dqnuH/grdS/yO9SbkbnBCbjPsMZ57 -k8HkyWkaPcBrTiJt7qtYTcbQQcEr6k8Sh17rRdhs9ZgC06DYVYoGmRmioHfRMJ6s -zHXug/WwYjnPbFfiTNKRCw51KBuav/0aQ/HKd/s7j2G4aSgWQgRecCocIdiP4b0j -Wy10QJLZYxkNc91pvGJHvOB0K7Lrfb5BG7XARsWhIstfTsEokt4YutUqKLsRixeT -mJlglFwjz1onl14LBQaTNx47aTbrqZ5hHY8y2o4M1nQ+ewkk2gF3R8Q7zTSMmfXK -4SVhM7JZG+Ju1zdXtg2pEto= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFYDCCA0igAwIBAgIULvWbAiin23r/1aOp7r0DoM8Sah0wDQYJKoZIhvcNAQEL -BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc -BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMyBHMzAeFw0xMjAxMTIyMDI2MzJaFw00 -MjAxMTIyMDI2MzJaMEgxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM -aW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDMgRzMwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQCzyw4QZ47qFJenMioKVjZ/aEzHs286IxSR -/xl/pcqs7rN2nXrpixurazHb+gtTTK/FpRp5PIpM/6zfJd5O2YIyC0TeytuMrKNu -FoM7pmRLMon7FhY4futD4tN0SsJiCnMK3UmzV9KwCoWdcTzeo8vAMvMBOSBDGzXR -U7Ox7sWTaYI+FrUoRqHe6okJ7UO4BUaKhvVZR74bbwEhELn9qdIoyhA5CcoTNs+c -ra1AdHkrAj80//ogaX3T7mH1urPnMNA3I4ZyYUUpSFlob3emLoG+B01vr87ERROR -FHAGjx+f+IdpsQ7vw4kZ6+ocYfx6bIrc1gMLnia6Et3UVDmrJqMz6nWB2i3ND0/k -A9HvFZcba5DFApCTZgIhsUfei5pKgLlVj7WiL8DWM2fafsSntARE60f75li59wzw -eyuxwHApw0BiLTtIadwjPEjrewl5qW3aqDCYz4ByA4imW0aucnl8CAMhZa634Ryl -sSqiMd5mBPfAdOhx3v89WcyWJhKLhZVXGqtrdQtEPREoPHtht+KPZ0/l7DxMYIBp -VzgeAVuNVejH38DMdyM0SXV89pgR6y3e7UEuFAUCf+D+IOs15xGsIs5XPd7JMG0Q -A4XN8f+MFrXBsj6IbGB/kE+V9/YtrQE5BwT6dYB9v0lQ7e/JxHwc64B+27bQ3RP+ -ydOc17KXqQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB -BjAdBgNVHQ4EFgQUxhfQvKjqAkPyGwaZXSuQILnXnOQwDQYJKoZIhvcNAQELBQAD -ggIBADRh2Va1EodVTd2jNTFGu6QHcrxfYWLopfsLN7E8trP6KZ1/AvWkyaiTt3px -KGmPc+FSkNrVvjrlt3ZqVoAh313m6Tqe5T72omnHKgqwGEfcIHB9UqM+WXzBusnI -FUBhynLWcKzSt/Ac5IYp8M7vaGPQtSCKFWGafoaYtMnCdvvMujAWzKNhxnQT5Wvv -oxXqA/4Ti2Tk08HS6IT7SdEQTXlm66r99I0xHnAUrdzeZxNMgRVhvLfZkXdxGYFg -u/BYpbWcC/ePIlUnwEsBbTuZDdQdm2NnL9DuDcpmvJRPpq3t/O5jrFc/ZSXPsoaP -0Aj/uHYUbt7lJ+yreLVTubY/6CD50qi+YUbKh4yE8/nxoGibIh6BJpsQBJFxwAYf -3KDTuVan45gtf4Od34wrnDKOMpTwATwiKp9Dwi7DmDkHOHv8XgBCH/MyJnmDhPbl -8MFREsALHgQjDFSlTC9JxUrRtm5gDWv8a4uFJGS3iQ6rJUdbPM9+Sb3H6QrG2vd+ -DhcI00iX0HGS8A85PjRqHH3Y8iKuu2n0M7SmSFXRDw4m6Oy2Cy2nhTXN/VnIn9HN -PlopNLk9hM6xZdRZkZFWdSHBd575euFgndOtBBj0fOtek49TSiIp+EgrPk2GrFt/ -ywaZWWDYWGWVjUTR939+J399roD1B0y2PpxxVJkES/1Y+Zj0 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID2DCCAsCgAwIBAgIQYFbFSyNAW2TU7SXa2dYeHjANBgkqhkiG9w0BAQsFADCB -hTELMAkGA1UEBhMCREUxKTAnBgNVBAoTIERldXRzY2hlciBTcGFya2Fzc2VuIFZl -cmxhZyBHbWJIMScwJQYDVQQLEx5TLVRSVVNUIENlcnRpZmljYXRpb24gU2Vydmlj -ZXMxIjAgBgNVBAMTGVMtVFJVU1QgVW5pdmVyc2FsIFJvb3QgQ0EwHhcNMTMxMDIy -MDAwMDAwWhcNMzgxMDIxMjM1OTU5WjCBhTELMAkGA1UEBhMCREUxKTAnBgNVBAoT -IERldXRzY2hlciBTcGFya2Fzc2VuIFZlcmxhZyBHbWJIMScwJQYDVQQLEx5TLVRS -VVNUIENlcnRpZmljYXRpb24gU2VydmljZXMxIjAgBgNVBAMTGVMtVFJVU1QgVW5p -dmVyc2FsIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCo -4wvfETeFgpq1bGZ8YT/ARxodRuOwVWTluII5KAd+F//0m4rwkYHqOD8heGxI7Gsv -otOKcrKn19nqf7TASWswJYmM67fVQGGY4tw8IJLNZUpynxqOjPolFb/zIYMoDYuv -WRGCQ1ybTSVRf1gYY2A7s7WKi1hjN0hIkETCQN1d90NpKZhcEmVeq5CSS2bf1XUS -U1QYpt6K1rtXAzlZmRgFDPn9FcaQZEYXgtfCSkE9/QC+V3IYlHcbU1qJAfYzcg6T -OtzoHv0FBda8c+CI3KtP7LUYhk95hA5IKmYq3TLIeGXIC51YAQVx7YH1aBduyw20 -S9ih7K446xxYL6FlAzQvAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P -AQH/BAQDAgEGMB0GA1UdDgQWBBSafdfr639UmEUptCCrbQuWIxmkwjANBgkqhkiG -9w0BAQsFAAOCAQEATpYS2353XpInniEXGIJ22D+8pQkEZoiJrdtVszNqxmXEj03z -MjbceQSWqXcy0Zf1GGuMuu3OEdBEx5LxtESO7YhSSJ7V/Vn4ox5R+wFS5V/let2q -JE8ii912RvaloA812MoPmLkwXSBvwoEevb3A/hXTOCoJk5gnG5N70Cs0XmilFU/R -UsOgyqCDRR319bdZc11ZAY+qwkcvFHHVKeMQtUeTJcwjKdq3ctiR1OwbSIoi5MEq -9zpok59FGW5Dt8z+uJGaYRo2aWNkkijzb2GShROfyQcsi1fc65551cLeCNVUsldO -KjKNoeI60RAgIjl9NEVvcTvDHfz/sk+o4vYwHg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIClDCCAhqgAwIBAgIILCmcWxbtBZUwCgYIKoZIzj0EAwIwfzELMAkGA1UEBhMC -VVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQKDA9T -U0wgQ29ycG9yYXRpb24xNDAyBgNVBAMMK1NTTC5jb20gRVYgUm9vdCBDZXJ0aWZp -Y2F0aW9uIEF1dGhvcml0eSBFQ0MwHhcNMTYwMjEyMTgxNTIzWhcNNDEwMjEyMTgx -NTIzWjB/MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hv -dXN0b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjE0MDIGA1UEAwwrU1NMLmNv -bSBFViBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzB2MBAGByqGSM49 -AgEGBSuBBAAiA2IABKoSR5CYG/vvw0AHgyBO8TCCogbR8pKGYfL2IWjKAMTH6kMA -VIbc/R/fALhBYlzccBYy3h+Z1MzFB8gIH2EWB1E9fVwHU+M1OIzfzZ/ZLg1Kthku -WnBaBu2+8KGwytAJKaNjMGEwHQYDVR0OBBYEFFvKXuXe0oGqzagtZFG22XKbl+ZP -MA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUW8pe5d7SgarNqC1kUbbZcpuX -5k8wDgYDVR0PAQH/BAQDAgGGMAoGCCqGSM49BAMCA2gAMGUCMQCK5kCJN+vp1RPZ -ytRrJPOwPYdGWBrssd9v+1a6cGvHOMzosYxPD/fxZ3YOg9AeUY8CMD32IygmTMZg -h5Mmm7I1HrrW9zzRHM76JTymGoEVW/MSD2zuZYrJh6j5B+BimoxcSg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF6zCCA9OgAwIBAgIIVrYpzTS8ePYwDQYJKoZIhvcNAQELBQAwgYIxCzAJBgNV -BAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4GA1UEBwwHSG91c3RvbjEYMBYGA1UE -CgwPU1NMIENvcnBvcmF0aW9uMTcwNQYDVQQDDC5TU0wuY29tIEVWIFJvb3QgQ2Vy -dGlmaWNhdGlvbiBBdXRob3JpdHkgUlNBIFIyMB4XDTE3MDUzMTE4MTQzN1oXDTQy -MDUzMDE4MTQzN1owgYIxCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4G -A1UEBwwHSG91c3RvbjEYMBYGA1UECgwPU1NMIENvcnBvcmF0aW9uMTcwNQYDVQQD -DC5TU0wuY29tIEVWIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgUlNBIFIy -MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAjzZlQOHWTcDXtOlG2mvq -M0fNTPl9fb69LT3w23jhhqXZuglXaO1XPqDQCEGD5yhBJB/jchXQARr7XnAjssuf -OePPxU7Gkm0mxnu7s9onnQqG6YE3Bf7wcXHswxzpY6IXFJ3vG2fThVUCAtZJycxa -4bH3bzKfydQ7iEGonL3Lq9ttewkfokxykNorCPzPPFTOZw+oz12WGQvE43LrrdF9 -HSfvkusQv1vrO6/PgN3B0pYEW3p+pKk8OHakYo6gOV7qd89dAFmPZiw+B6KjBSYR -aZfqhbcPlgtLyEDhULouisv3D5oi53+aNxPN8k0TayHRwMwi8qFG9kRpnMphNQcA -b9ZhCBHqurj26bNg5U257J8UZslXWNvNh2n4ioYSA0e/ZhN2rHd9NCSFg83XqpyQ -Gp8hLH94t2S42Oim9HizVcuE0jLEeK6jj2HdzghTreyI/BXkmg3mnxp3zkyPuBQV -PWKchjgGAGYS5Fl2WlPAApiiECtoRHuOec4zSnaqW4EWG7WK2NAAe15itAnWhmMO -pgWVSbooi4iTsjQc2KRVbrcc0N6ZVTsj9CLg+SlmJuwgUHfbSguPvuUCYHBBXtSu -UDkiFCbLsjtzdFVHB3mBOagwE0TlBIqulhMlQg+5U8Sb/M3kHN48+qvWBkofZ6aY -MBzdLNvcGJVXZsb/XItW9XcCAwEAAaNjMGEwDwYDVR0TAQH/BAUwAwEB/zAfBgNV -HSMEGDAWgBT5YLvU49U09rj1BoAlp3PbRmmonjAdBgNVHQ4EFgQU+WC71OPVNPa4 -9QaAJadz20ZpqJ4wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQBW -s47LCp1Jjr+kxJG7ZhcFUZh1++VQLHqe8RT6q9OKPv+RKY9ji9i0qVQBDb6Thi/5 -Sm3HXvVX+cpVHBK+Rw82xd9qt9t1wkclf7nxY/hoLVUE0fKNsKTPvDxeH3jnpaAg -cLAExbf3cqfeIg29MyVGjGSSJuM+LmOW2puMPfgYCdcDzH2GguDKBAdRUNf/ktUM -79qGn5nX67evaOI5JpS6aLe/g9Pqemc9YmeuJeVy6OLk7K4S9ksrPJ/psEDzOFSz -/bdoyNrGj1E8svuR3Bznm53htw1yj+KkxKl4+esUrMZDBcJlOSgYAsOCsp0FvmXt -ll9ldDz7CTUue5wT/RsPXcdtgTpWD8w74a8CLyKsRspGPKAcTNZEtF4uXBVmCeEm -Kf7GUmG6sXP/wwyc5WxqlD8UykAWlYTzWamsX0xhk23RO8yilQwipmdnRC652dKK -QbNmC1r7fSOl8hqw/96bg5Qu0T/fkreRrwU7ZcegbLHNYhLDkBvjJc40vG93drEQ -w/cFGsDWr3RiSBd3kmmQYRzelYB0VI8YHMPzA9C/pEN1hlMYegouCRw2n5H9gooi -S9EOUCXdywMMF8mDAAhONU2Ki+3wApRmLER/y5UnlhetCTCstnEXbosX9hwJ1C07 -mKVx01QT2WDz9UtmT/rx7iASjbSsV7FFY6GsdqnC+w== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICjTCCAhSgAwIBAgIIdebfy8FoW6gwCgYIKoZIzj0EAwIwfDELMAkGA1UEBhMC -VVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQKDA9T -U0wgQ29ycG9yYXRpb24xMTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZpY2F0 -aW9uIEF1dGhvcml0eSBFQ0MwHhcNMTYwMjEyMTgxNDAzWhcNNDEwMjEyMTgxNDAz -WjB8MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0 -b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNvbSBS -b290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzB2MBAGByqGSM49AgEGBSuB -BAAiA2IABEVuqVDEpiM2nl8ojRfLliJkP9x6jh3MCLOicSS6jkm5BBtHllirLZXI -7Z4INcgn64mMU1jrYor+8FsPazFSY0E7ic3s7LaNGdM0B9y7xgZ/wkWV7Mt/qCPg -CemB+vNH06NjMGEwHQYDVR0OBBYEFILRhXMw5zUE044CkvvlpNHEIejNMA8GA1Ud -EwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUgtGFczDnNQTTjgKS++Wk0cQh6M0wDgYD -VR0PAQH/BAQDAgGGMAoGCCqGSM49BAMCA2cAMGQCMG/n61kRpGDPYbCWe+0F+S8T -kdzt5fxQaxFGRrMcIQBiu77D5+jNB5n5DQtdcj7EqgIwH7y6C+IwJPt8bYBVCpk+ -gA0z5Wajs6O7pdWLjwkspl1+4vAHCGht0nxpbl/f5Wpl ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF3TCCA8WgAwIBAgIIeyyb0xaAMpkwDQYJKoZIhvcNAQELBQAwfDELMAkGA1UE -BhMCVVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQK -DA9TU0wgQ29ycG9yYXRpb24xMTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZp -Y2F0aW9uIEF1dGhvcml0eSBSU0EwHhcNMTYwMjEyMTczOTM5WhcNNDEwMjEyMTcz -OTM5WjB8MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hv -dXN0b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNv -bSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFJTQTCCAiIwDQYJKoZIhvcN -AQEBBQADggIPADCCAgoCggIBAPkP3aMrfcvQKv7sZ4Wm5y4bunfh4/WvpOz6Sl2R -xFdHaxh3a3by/ZPkPQ/CFp4LZsNWlJ4Xg4XOVu/yFv0AYvUiCVToZRdOQbngT0aX -qhvIuG5iXmmxX9sqAn78bMrzQdjt0Oj8P2FI7bADFB0QDksZ4LtO7IZl/zbzXmcC -C52GVWH9ejjt/uIZALdvoVBidXQ8oPrIJZK0bnoix/geoeOy3ZExqysdBP+lSgQ3 -6YWkMyv94tZVNHwZpEpox7Ko07fKoZOI68GXvIz5HdkihCR0xwQ9aqkpk8zruFvh -/l8lqjRYyMEjVJ0bmBHDOJx+PYZspQ9AhnwC9FwCTyjLrnGfDzrIM/4RJTXq/LrF -YD3ZfBjVsqnTdXgDciLKOsMf7yzlLqn6niy2UUb9rwPW6mBo6oUWNmuF6R7As93E -JNyAKoFBbZQ+yODJgUEAnl6/f8UImKIYLEJAs/lvOCdLToD0PYFH4Ih86hzOtXVc -US4cK38acijnALXRdMbX5J+tB5O2UzU1/Dfkw/ZdFr4hc96SCvigY2q8lpJqPvi8 -ZVWb3vUNiSYE/CUapiVpy8JtynziWV+XrOvvLsi81xtZPCvM8hnIk2snYxnP/Okm -+Mpxm3+T/jRnhE6Z6/yzeAkzcLpmpnbtG3PrGqUNxCITIJRWCk4sbE6x/c+cCbqi -M+2HAgMBAAGjYzBhMB0GA1UdDgQWBBTdBAkHovV6fVJTEpKV7jiAJQ2mWTAPBgNV -HRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFN0ECQei9Xp9UlMSkpXuOIAlDaZZMA4G -A1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAIBgRlCn7Jp0cHh5wYfGV -cpNxJK1ok1iOMq8bs3AD/CUrdIWQPXhq9LmLpZc7tRiRux6n+UBbkflVma8eEdBc -Hadm47GUBwwyOabqG7B52B2ccETjit3E+ZUfijhDPwGFpUenPUayvOUiaPd7nNgs -PgohyC0zrL/FgZkxdMF1ccW+sfAjRfSda/wZY52jvATGGAslu1OJD7OAUN5F7kR/ -q5R4ZJjT9ijdh9hwZXT7DrkT66cPYakylszeu+1jTBi7qUD3oFRuIIhxdRjqerQ0 -cuAjJ3dctpDqhiVAq+8zD8ufgr6iIPv2tS0a5sKFsXQP+8hlAqRSAUfdSSLBv9jr -a6x+3uxjMxW3IwiPxg+NQVrdjsW5j+VFP3jbutIbQLH+cU0/4IGiul607BXgk90I -H37hVZkLId6Tngr75qNJvTYw/ud3sqB1l7UtgYgXZSD32pAAn8lSzDLKNXz1PQ/Y -K9f1JmzJBjSWFupwWRoyeXkLtoh/D1JIPb9s2KJELtFOt3JY04kTlf5Eq/jXixtu -nLwsoFvVagCvXzfh1foQC5ichucmj87w7G6KVwuA406ywKBjYZC6VWg3dGq2ktuf -oYYitmUnDuy2n0Jg5GfCtdpBC8TTi2EbvPofkSvXRAdeuims2cXp71NIWuuA8ShY -Ic2wBlX7Jz9TkHCpBB5XJ7k= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDcjCCAlqgAwIBAgIUPopdB+xV0jLVt+O2XwHrLdzk1uQwDQYJKoZIhvcNAQEL -BQAwUTELMAkGA1UEBhMCUEwxKDAmBgNVBAoMH0tyYWpvd2EgSXpiYSBSb3psaWN6 -ZW5pb3dhIFMuQS4xGDAWBgNVBAMMD1NaQUZJUiBST09UIENBMjAeFw0xNTEwMTkw -NzQzMzBaFw0zNTEwMTkwNzQzMzBaMFExCzAJBgNVBAYTAlBMMSgwJgYDVQQKDB9L -cmFqb3dhIEl6YmEgUm96bGljemVuaW93YSBTLkEuMRgwFgYDVQQDDA9TWkFGSVIg -Uk9PVCBDQTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3vD5QqEvN -QLXOYeeWyrSh2gwisPq1e3YAd4wLz32ohswmUeQgPYUM1ljj5/QqGJ3a0a4m7utT -3PSQ1hNKDJA8w/Ta0o4NkjrcsbH/ON7Dui1fgLkCvUqdGw+0w8LBZwPd3BucPbOw -3gAeqDRHu5rr/gsUvTaE2g0gv/pby6kWIK05YO4vdbbnl5z5Pv1+TW9NL++IDWr6 -3fE9biCloBK0TXC5ztdyO4mTp4CEHCdJckm1/zuVnsHMyAHs6A6KCpbns6aH5db5 -BSsNl0BwPLqsdVqc1U2dAgrSS5tmS0YHF2Wtn2yIANwiieDhZNRnvDF5YTy7ykHN -XGoAyDw4jlivAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD -AgEGMB0GA1UdDgQWBBQuFqlKGLXLzPVvUPMjX/hd56zwyDANBgkqhkiG9w0BAQsF -AAOCAQEAtXP4A9xZWx126aMqe5Aosk3AM0+qmrHUuOQn/6mWmc5G4G18TKI4pAZw -8PRBEew/R40/cof5O/2kbytTAOD/OblqBw7rHRz2onKQy4I9EYKL0rufKq8h5mOG -nXkZ7/e7DDWQw4rtTw/1zBLZpD67oPwglV9PJi8RI4NOdQcPv5vRtB3pEAT+ymCP -oky4rc/hkA/NrgrHXXu3UNLUYfrVFdvXn4dRVOul4+vJhaAlIDf7js4MNIThPIGy -d05DpYhfhmehPea0XGG2Ptv+tyjFogeutcrKjSoS75ftwjCkySp6+/NNIxuZMzSg -LvWpCz/UXeHPhJ/iGcJfitYgHuNztw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDbTCCAlWgAwIBAgIBATANBgkqhkiG9w0BAQUFADBYMQswCQYDVQQGEwJKUDEr -MCkGA1UEChMiSmFwYW4gQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcywgSW5jLjEcMBoG -A1UEAxMTU2VjdXJlU2lnbiBSb290Q0ExMTAeFw0wOTA0MDgwNDU2NDdaFw0yOTA0 -MDgwNDU2NDdaMFgxCzAJBgNVBAYTAkpQMSswKQYDVQQKEyJKYXBhbiBDZXJ0aWZp -Y2F0aW9uIFNlcnZpY2VzLCBJbmMuMRwwGgYDVQQDExNTZWN1cmVTaWduIFJvb3RD -QTExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/XeqpRyQBTvLTJsz -i1oURaTnkBbR31fSIRCkF/3frNYfp+TbfPfs37gD2pRY/V1yfIw/XwFndBWW4wI8 -h9uuywGOwvNmxoVF9ALGOrVisq/6nL+k5tSAMJjzDbaTj6nU2DbysPyKyiyhFTOV -MdrAG/LuYpmGYz+/3ZMqg6h2uRMft85OQoWPIucuGvKVCbIFtUROd6EgvanyTgp9 -UK31BQ1FT0Zx/Sg+U/sE2C3XZR1KG/rPO7AxmjVuyIsG0wCR8pQIZUyxNAYAeoni -8McDWc/V1uinMrPmmECGxc0nEovMe863ETxiYAcjPitAbpSACW22s293bzUIUPsC -h8U+iQIDAQABo0IwQDAdBgNVHQ4EFgQUW/hNT7KlhtQ60vFjmqC+CfZXt94wDgYD -VR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEB -AKChOBZmLqdWHyGcBvod7bkixTgm2E5P7KN/ed5GIaGHd48HCJqypMWvDzKYC3xm -KbabfSVSSUOrTC4rbnpwrxYO4wJs+0LmGJ1F2FXI6Dvd5+H0LgscNFxsWEr7jIhQ -X5Ucv+2rIrVls4W6ng+4reV6G4pQOh29Dbx7VFALuUKvVaAYga1lme++5Jy/xIWr -QbJUb9wlze144o4MjQlJ3WN7WmmWAiGovVJZ6X01y8hSyn+B/tlr0/cR7SXf+Of5 -pPpyl4RTDaXQMhhRdlkUbA/r7F+AjHVDg8OFmP9Mni0N5HeDk061lgeLKBObjBmN -QSdJQO7e5iNEOdyhIta6A/I= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDuDCCAqCgAwIBAgIQDPCOXAgWpa1Cf/DrJxhZ0DANBgkqhkiG9w0BAQUFADBI -MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24x -FzAVBgNVBAMTDlNlY3VyZVRydXN0IENBMB4XDTA2MTEwNzE5MzExOFoXDTI5MTIz -MTE5NDA1NVowSDELMAkGA1UEBhMCVVMxIDAeBgNVBAoTF1NlY3VyZVRydXN0IENv -cnBvcmF0aW9uMRcwFQYDVQQDEw5TZWN1cmVUcnVzdCBDQTCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBAKukgeWVzfX2FI7CT8rU4niVWJxB4Q2ZQCQXOZEz -Zum+4YOvYlyJ0fwkW2Gz4BERQRwdbvC4u/jep4G6pkjGnx29vo6pQT64lO0pGtSO -0gMdA+9tDWccV9cGrcrI9f4Or2YlSASWC12juhbDCE/RRvgUXPLIXgGZbf2IzIao -wW8xQmxSPmjL8xk037uHGFaAJsTQ3MBv396gwpEWoGQRS0S8Hvbn+mPeZqx2pHGj -7DaUaHp3pLHnDi+BeuK1cobvomuL8A/b01k/unK8RCSc43Oz969XL0Imnal0ugBS -8kvNU3xHCzaFDmapCJcWNFfBZveA4+1wVMeT4C4oFVmHursCAwEAAaOBnTCBmjAT -BgkrBgEEAYI3FAIEBh4EAEMAQTALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB -/zAdBgNVHQ4EFgQUQjK2FvoE/f5dS3rD/fdMQB1aQ68wNAYDVR0fBC0wKzApoCeg -JYYjaHR0cDovL2NybC5zZWN1cmV0cnVzdC5jb20vU1RDQS5jcmwwEAYJKwYBBAGC -NxUBBAMCAQAwDQYJKoZIhvcNAQEFBQADggEBADDtT0rhWDpSclu1pqNlGKa7UTt3 -6Z3q059c4EVlew3KW+JwULKUBRSuSceNQQcSc5R+DCMh/bwQf2AQWnL1mA6s7Ll/ -3XpvXdMc9P+IBWlCqQVxyLesJugutIxq/3HcuLHfmbx8IVQr5Fiiu1cprp6poxkm -D5kuCLDv/WnPmRoJjeOnnyvJNjR7JLN4TJUXpAYmHrZkUjZfYGfZnMUFdAvnZyPS -CPyI6a6Lf+Ew9Dd+/cYy2i2eRDAwbO4H3tI0/NL/QPZL9GZGBlSm8jIKYyYwa5vR -3ItHuuG51WLQoqD0ZwV4KWMabwTW+MZMo5qxN7SN5ShLHZ4swrhovO0C7jE= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDvDCCAqSgAwIBAgIQB1YipOjUiolN9BPI8PjqpTANBgkqhkiG9w0BAQUFADBK -MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24x -GTAXBgNVBAMTEFNlY3VyZSBHbG9iYWwgQ0EwHhcNMDYxMTA3MTk0MjI4WhcNMjkx -MjMxMTk1MjA2WjBKMQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3Qg -Q29ycG9yYXRpb24xGTAXBgNVBAMTEFNlY3VyZSBHbG9iYWwgQ0EwggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvNS7YrGxVaQZx5RNoJLNP2MwhR/jxYDiJ -iQPpvepeRlMJ3Fz1Wuj3RSoC6zFh1ykzTM7HfAo3fg+6MpjhHZevj8fcyTiW89sa -/FHtaMbQbqR8JNGuQsiWUGMu4P51/pinX0kuleM5M2SOHqRfkNJnPLLZ/kG5VacJ -jnIFHovdRIWCQtBJwB1g8NEXLJXr9qXBkqPFwqcIYA1gBBCWeZ4WNOaptvolRTnI -HmX5k/Wq8VLcmZg9pYYaDDUz+kulBAYVHDGA76oYa8J719rO+TMg1fW9ajMtgQT7 -sFzUnKPiXB3jqUJ1XnvUd+85VLrJChgbEplJL4hL/VBi0XPnj3pDAgMBAAGjgZ0w -gZowEwYJKwYBBAGCNxQCBAYeBABDAEEwCwYDVR0PBAQDAgGGMA8GA1UdEwEB/wQF -MAMBAf8wHQYDVR0OBBYEFK9EBMJBfkiD2045AuzshHrmzsmkMDQGA1UdHwQtMCsw -KaAnoCWGI2h0dHA6Ly9jcmwuc2VjdXJldHJ1c3QuY29tL1NHQ0EuY3JsMBAGCSsG -AQQBgjcVAQQDAgEAMA0GCSqGSIb3DQEBBQUAA4IBAQBjGghAfaReUw132HquHw0L -URYD7xh8yOOvaliTFGCRsoTciE6+OYo68+aCiV0BN7OrJKQVDpI1WkpEXk5X+nXO -H0jOZvQ8QCaSmGwb7iRGDBezUqXbpZGRzzfTb+cnCDpOGR86p1hcF895P4vkp9Mm -I50mD1hp/Ed+stCNi5O/KU9DaXR2Z0vPB4zmAve14bRDtUstFJ/53CYNv6ZHdAbY -iNE6KTCEztI5gGIbqMdXSbxqVVFnFUq+NQfk1XWYN3kwFNspnWzFacxHVaIw98xc -f8LDmBxrThaA63p4ZUWiABqvDA1VZDRIuJK58bRQKfJPIx/abKwfROHdI3hRW8cW ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDdzCCAl+gAwIBAgIBADANBgkqhkiG9w0BAQsFADBdMQswCQYDVQQGEwJKUDEl -MCMGA1UEChMcU0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4sTFRELjEnMCUGA1UECxMe -U2VjdXJpdHkgQ29tbXVuaWNhdGlvbiBSb290Q0EyMB4XDTA5MDUyOTA1MDAzOVoX -DTI5MDUyOTA1MDAzOVowXTELMAkGA1UEBhMCSlAxJTAjBgNVBAoTHFNFQ09NIFRy -dXN0IFN5c3RlbXMgQ08uLExURC4xJzAlBgNVBAsTHlNlY3VyaXR5IENvbW11bmlj -YXRpb24gUm9vdENBMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANAV -OVKxUrO6xVmCxF1SrjpDZYBLx/KWvNs2l9amZIyoXvDjChz335c9S672XewhtUGr -zbl+dp+++T42NKA7wfYxEUV0kz1XgMX5iZnK5atq1LXaQZAQwdbWQonCv/Q4EpVM -VAX3NuRFg3sUZdbcDE3R3n4MqzvEFb46VqZab3ZpUql6ucjrappdUtAtCms1FgkQ -hNBqyjoGADdH5H5XTz+L62e4iKrFvlNVspHEfbmwhRkGeC7bYRr6hfVKkaHnFtWO -ojnflLhwHyg/i/xAXmODPIMqGplrz95Zajv8bxbXH/1KEOtOghY6rCcMU/Gt1SSw -awNQwS08Ft1ENCcadfsCAwEAAaNCMEAwHQYDVR0OBBYEFAqFqXdlBZh8QIH4D5cs -OPEK7DzPMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3 -DQEBCwUAA4IBAQBMOqNErLlFsceTfsgLCkLfZOoc7llsCLqJX2rKSpWeeo8HxdpF -coJxDjrSzG+ntKEju/Ykn8sX/oymzsLS28yN/HH8AynBbF0zX2S2ZTuJbxh2ePXc -okgfGT+Ok+vx+hfuzU7jBBJV1uXk3fs+BXziHV7Gp7yXT2g69ekuCkO2r1dcYmh8 -t/2jioSgrGK+KwmHNPBqAbubKVY8/gA3zyNs8U6qtnRGEmyR7jTV7JqR50S+kDFy -1UkC9gLl9B/rfNmWVan/7Ir5mUf/NVoCqgTLiluHcSmRvaS0eg29mvVXIwAHIRc/ -SjnRBUkLp7Y3gaVdjKozXoEofKd9J+sAro03 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDWjCCAkKgAwIBAgIBADANBgkqhkiG9w0BAQUFADBQMQswCQYDVQQGEwJKUDEY -MBYGA1UEChMPU0VDT00gVHJ1c3QubmV0MScwJQYDVQQLEx5TZWN1cml0eSBDb21t -dW5pY2F0aW9uIFJvb3RDQTEwHhcNMDMwOTMwMDQyMDQ5WhcNMjMwOTMwMDQyMDQ5 -WjBQMQswCQYDVQQGEwJKUDEYMBYGA1UEChMPU0VDT00gVHJ1c3QubmV0MScwJQYD -VQQLEx5TZWN1cml0eSBDb21tdW5pY2F0aW9uIFJvb3RDQTEwggEiMA0GCSqGSIb3 -DQEBAQUAA4IBDwAwggEKAoIBAQCzs/5/022x7xZ8V6UMbXaKL0u/ZPtM7orw8yl8 -9f/uKuDp6bpbZCKamm8sOiZpUQWZJtzVHGpxxpp9Hp3dfGzGjGdnSj74cbAZJ6kJ -DKaVv0uMDPpVmDvY6CKhS3E4eayXkmmziX7qIWgGmBSWh9JhNrxtJ1aeV+7AwFb9 -Ms+k2Y7CI9eNqPPYJayX5HA49LY6tJ07lyZDo6G8SVlyTCMwhwFY9k6+HGhWZq/N -QV3Is00qVUarH9oe4kA92819uZKAnDfdDJZkndwi92SL32HeFZRSFaB9UslLqCHJ -xrHty8OVYNEP8Ktw+N/LTX7s1vqr2b1/VPKl6Xn62dZ2JChzAgMBAAGjPzA9MB0G -A1UdDgQWBBSgc0mZaNyFW2XjmygvV5+9M7wHSDALBgNVHQ8EBAMCAQYwDwYDVR0T -AQH/BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAaECpqLvkT115swW1F7NgE+vG -kl3g0dNq/vu+m22/xwVtWSDEHPC32oRYAmP6SBbvT6UL90qY8j+eG61Ha2POCEfr -Uj94nK9NrvjVT8+amCoQQTlSxN3Zmw7vkwGusi7KaEIkQmywszo+zenaSMQVy+n5 -Bw+SUEmK3TGXX8npN6o7WWWXlDLJs58+OmJYxUmtYg5xpTKqL8aJdkNAExNnPaJU -JRDL8Try2frbSVa7pv6nQTXD4IhhyYjH3zYQIphZ6rBK+1YWc26sTfcioU+tHXot -RSflMMFe8toTyyVCUZVHA4xsIcx0Qu1T/zOLjw9XARYvz6buyXAiFL39vmwLAw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDIDCCAgigAwIBAgIBHTANBgkqhkiG9w0BAQUFADA5MQswCQYDVQQGEwJGSTEP -MA0GA1UEChMGU29uZXJhMRkwFwYDVQQDExBTb25lcmEgQ2xhc3MyIENBMB4XDTAx -MDQwNjA3Mjk0MFoXDTIxMDQwNjA3Mjk0MFowOTELMAkGA1UEBhMCRkkxDzANBgNV -BAoTBlNvbmVyYTEZMBcGA1UEAxMQU29uZXJhIENsYXNzMiBDQTCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAJAXSjWdyvANlsdE+hY3/Ei9vX+ALTU74W+o -Z6m/AxxNjG8yR9VBaKQTBME1DJqEQ/xcHf+Js+gXGM2RX/uJ4+q/Tl18GybTdXnt -5oTjV+WtKcT0OijnpXuENmmz/V52vaMtmdOQTiMofRhj8VQ7Jp12W5dCsv+u8E7s -3TmVToMGf+dJQMjFAbJUWmYdPfz56TwKnoG4cPABi+QjVHzIrviQHgCWctRUz2Ej -vOr7nQKV0ba5cTppCD8PtOFCx4j1P5iop7oc4HFx71hXgVB6XGt0Rg6DA5jDjqhu -8nYybieDwnPz3BjotJPqdURrBGAgcVeHnfO+oJAjPYok4doh28MCAwEAAaMzMDEw -DwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4ECgQISqCqWITTXjwwCwYDVR0PBAQDAgEG -MA0GCSqGSIb3DQEBBQUAA4IBAQBazof5FnIVV0sd2ZvnoiYw7JNn39Yt0jSv9zil -zqsWuasvfDXLrNAPtEwr/IDva4yRXzZ299uzGxnq9LIR/WFxRL8oszodv7ND6J+/ -3DEIcbCdjdY0RzKQxmUk96BKfARzjzlvF4xytb1LyHr4e4PDKE6cCepnP7JnBBvD -FNr450kkkdAdavphOe9r5yF1BgfYErQhIHBCcYHaPJo2vqZbDWpsmh+Re/n570K6 -Tk6ezAyNlNzZRZxe7EJQY670XcSxEtzKO6gunRRaBXW37Ndj4ro1tgQIkejanZz2 -ZrUYrAqmVCY0M9IbwdR/GjqOC6oybtv8TyWf2TLHllpwrN9M ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFcDCCA1igAwIBAgIEAJiWjTANBgkqhkiG9w0BAQsFADBYMQswCQYDVQQGEwJO -TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSkwJwYDVQQDDCBTdGFh -dCBkZXIgTmVkZXJsYW5kZW4gRVYgUm9vdCBDQTAeFw0xMDEyMDgxMTE5MjlaFw0y -MjEyMDgxMTEwMjhaMFgxCzAJBgNVBAYTAk5MMR4wHAYDVQQKDBVTdGFhdCBkZXIg -TmVkZXJsYW5kZW4xKTAnBgNVBAMMIFN0YWF0IGRlciBOZWRlcmxhbmRlbiBFViBS -b290IENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA48d+ifkkSzrS -M4M1LGns3Amk41GoJSt5uAg94JG6hIXGhaTK5skuU6TJJB79VWZxXSzFYGgEt9nC -UiY4iKTWO0Cmws0/zZiTs1QUWJZV1VD+hq2kY39ch/aO5ieSZxeSAgMs3NZmdO3d -Z//BYY1jTw+bbRcwJu+r0h8QoPnFfxZpgQNH7R5ojXKhTbImxrpsX23Wr9GxE46p -rfNeaXUmGD5BKyF/7otdBwadQ8QpCiv8Kj6GyzyDOvnJDdrFmeK8eEEzduG/L13l -pJhQDBXd4Pqcfzho0LKmeqfRMb1+ilgnQ7O6M5HTp5gVXJrm0w912fxBmJc+qiXb -j5IusHsMX/FjqTf5m3VpTCgmJdrV8hJwRVXj33NeN/UhbJCONVrJ0yPr08C+eKxC -KFhmpUZtcALXEPlLVPxdhkqHz3/KRawRWrUgUY0viEeXOcDPusBCAUCZSCELa6fS -/ZbV0b5GnUngC6agIk440ME8MLxwjyx1zNDFjFE7PZQIZCZhfbnDZY8UnCHQqv0X -cgOPvZuM5l5Tnrmd74K74bzickFbIZTTRTeU0d8JOV3nI6qaHcptqAqGhYqCvkIH -1vI4gnPah1vlPNOePqc7nvQDs/nxfRN0Av+7oeX6AHkcpmZBiFxgV6YuCcS6/ZrP -px9Aw7vMWgpVSzs4dlG4Y4uElBbmVvMCAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB -/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFP6rAJCYniT8qcwaivsnuL8wbqg7 -MA0GCSqGSIb3DQEBCwUAA4ICAQDPdyxuVr5Os7aEAJSrR8kN0nbHhp8dB9O2tLsI -eK9p0gtJ3jPFrK3CiAJ9Brc1AsFgyb/E6JTe1NOpEyVa/m6irn0F3H3zbPB+po3u -2dfOWBfoqSmuc0iH55vKbimhZF8ZE/euBhD/UcabTVUlT5OZEAFTdfETzsemQUHS -v4ilf0X8rLiltTMMgsT7B/Zq5SWEXwbKwYY5EdtYzXc7LMJMD16a4/CrPmEbUCTC -wPTxGfARKbalGAKb12NMcIxHowNDXLldRqANb/9Zjr7dn3LDWyvfjFvO5QxGbJKy -CqNMVEIYFRIYvdr8unRu/8G2oGTYqV9Vrp9canaW2HNnh/tNf1zuacpzEPuKqf2e -vTY4SUmH9A4U8OmHuD+nT3pajnnUk+S7aFKErGzp85hwVXIy+TSrK0m1zSBi5Dp6 -Z2Orltxtrpfs/J92VoguZs9btsmksNcFuuEnL5O7Jiqik7Ab846+HUCjuTaPPoIa -Gl6I6lD4WeKDRikL40Rc4ZW2aZCaFG+XroHPaO+Zmr615+F/+PoTRxZMzG0IQOeL -eG9QgkRQP2YGiqtDhFZKDyAthg710tvSeopLzaXoTvFeJiUBWSOgftL2fiFX1ye8 -FVdMpEbB4IMeDExNH08GGeL5qPQ6gqGyeUN51q1veieQA6TqJIc/2b3Z6fJfUEkc -7uzXLg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFyjCCA7KgAwIBAgIEAJiWjDANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJO -TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSswKQYDVQQDDCJTdGFh -dCBkZXIgTmVkZXJsYW5kZW4gUm9vdCBDQSAtIEcyMB4XDTA4MDMyNjExMTgxN1oX -DTIwMDMyNTExMDMxMFowWjELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRl -ciBOZWRlcmxhbmRlbjErMCkGA1UEAwwiU3RhYXQgZGVyIE5lZGVybGFuZGVuIFJv -b3QgQ0EgLSBHMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMVZ5291 -qj5LnLW4rJ4L5PnZyqtdj7U5EILXr1HgO+EASGrP2uEGQxGZqhQlEq0i6ABtQ8Sp -uOUfiUtnvWFI7/3S4GCI5bkYYCjDdyutsDeqN95kWSpGV+RLufg3fNU254DBtvPU -Z5uW6M7XxgpT0GtJlvOjCwV3SPcl5XCsMBQgJeN/dVrlSPhOewMHBPqCYYdu8DvE -pMfQ9XQ+pV0aCPKbJdL2rAQmPlU6Yiile7Iwr/g3wtG61jj99O9JMDeZJiFIhQGp -5Rbn3JBV3w/oOM2ZNyFPXfUib2rFEhZgF1XyZWampzCROME4HYYEhLoaJXhena/M -UGDWE4dS7WMfbWV9whUYdMrhfmQpjHLYFhN9C0lK8SgbIHRrxT3dsKpICT0ugpTN -GmXZK4iambwYfp/ufWZ8Pr2UuIHOzZgweMFvZ9C+X+Bo7d7iscksWXiSqt8rYGPy -5V6548r6f1CGPqI0GAwJaCgRHOThuVw+R7oyPxjMW4T182t0xHJ04eOLoEq9jWYv -6q012iDTiIJh8BIitrzQ1aTsr1SIJSQ8p22xcik/Plemf1WvbibG/ufMQFxRRIEK -eN5KzlW/HdXZt1bv8Hb/C3m1r737qWmRRpdogBQ2HbN/uymYNqUg+oJgYjOk7Na6 -B6duxc8UpufWkjTYgfX8HV2qXB72o007uPc5AgMBAAGjgZcwgZQwDwYDVR0TAQH/ -BAUwAwEB/zBSBgNVHSAESzBJMEcGBFUdIAAwPzA9BggrBgEFBQcCARYxaHR0cDov -L3d3dy5wa2lvdmVyaGVpZC5ubC9wb2xpY2llcy9yb290LXBvbGljeS1HMjAOBgNV -HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFJFoMocVHYnitfGsNig0jQt8YojrMA0GCSqG -SIb3DQEBCwUAA4ICAQCoQUpnKpKBglBu4dfYszk78wIVCVBR7y29JHuIhjv5tLyS -CZa59sCrI2AGeYwRTlHSeYAz+51IvuxBQ4EffkdAHOV6CMqqi3WtFMTC6GY8ggen -5ieCWxjmD27ZUD6KQhgpxrRW/FYQoAUXvQwjf/ST7ZwaUb7dRUG/kSS0H4zpX897 -IZmflZ85OkYcbPnNe5yQzSipx6lVu6xiNGI1E0sUOlWDuYaNkqbG9AclVMwWVxJK -gnjIFNkXgiYtXSAfea7+1HAWFpWD2DU5/1JddRwWxRNVz0fMdWVSSt7wsKfkCpYL -+63C4iWEst3kvX5ZbJvw8NjnyvLplzh+ib7M+zkXYT9y2zqR2GUBGR2tUKRXCnxL -vJxxcypFURmFzI79R6d0lR2o0a9OF7FpJsKqeFdbxU2n5Z4FF5TKsl+gSRiNNOkm -bEgeqmiSBeGCc1qb3AdbCG19ndeNIdn8FCCqwkXfP+cAslHkwvgFuXkajDTznlvk -N1trSt8sV4pAWja63XVECDdCcAz+3F4hoKOKwJCcaNpQ5kUQR3i2TtJlycM33+FC -Y7BXN0Ute4qcvwXqZVUz9zkQxSgqIXobisQk+T8VyJoVIPVVYpbtbZNQvOSqeK3Z -ywplh6ZmwcSBo3c6WB4L7oOLnR7SUqTMHW+wmG2UMbX4cQrcufx9MmDm66+KAQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFdDCCA1ygAwIBAgIEAJiiOTANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJO -TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSswKQYDVQQDDCJTdGFh -dCBkZXIgTmVkZXJsYW5kZW4gUm9vdCBDQSAtIEczMB4XDTEzMTExNDExMjg0MloX -DTI4MTExMzIzMDAwMFowWjELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRl -ciBOZWRlcmxhbmRlbjErMCkGA1UEAwwiU3RhYXQgZGVyIE5lZGVybGFuZGVuIFJv -b3QgQ0EgLSBHMzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAL4yolQP -cPssXFnrbMSkUeiFKrPMSjTysF/zDsccPVMeiAho2G89rcKezIJnByeHaHE6n3WW -IkYFsO2tx1ueKt6c/DrGlaf1F2cY5y9JCAxcz+bMNO14+1Cx3Gsy8KL+tjzk7FqX -xz8ecAgwoNzFs21v0IJyEavSgWhZghe3eJJg+szeP4TrjTgzkApyI/o1zCZxMdFy -KJLZWyNtZrVtB0LrpjPOktvA9mxjeM3KTj215VKb8b475lRgsGYeCasH/lSJEULR -9yS6YHgamPfJEf0WwTUaVHXvQ9Plrk7O53vDxk5hUUurmkVLoR9BvUhTFXFkC4az -5S6+zqQbwSmEorXLCCN2QyIkHxcE1G6cxvx/K2Ya7Irl1s9N9WMJtxU51nus6+N8 -6U78dULI7ViVDAZCopz35HCz33JvWjdAidiFpNfxC95DGdRKWCyMijmev4SH8RY7 -Ngzp07TKbBlBUgmhHbBqv4LvcFEhMtwFdozL92TkA1CvjJFnq8Xy7ljY3r735zHP -bMk7ccHViLVlvMDoFxcHErVc0qsgk7TmgoNwNsXNo42ti+yjwUOH5kPiNL6VizXt -BznaqB16nzaeErAMZRKQFWDZJkBE41ZgpRDUajz9QdwOWke275dhdU/Z/seyHdTt -XUmzqWrLZoQT1Vyg3N9udwbRcXXIV2+vD3dbAgMBAAGjQjBAMA8GA1UdEwEB/wQF -MAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRUrfrHkleuyjWcLhL75Lpd -INyUVzANBgkqhkiG9w0BAQsFAAOCAgEAMJmdBTLIXg47mAE6iqTnB/d6+Oea31BD -U5cqPco8R5gu4RV78ZLzYdqQJRZlwJ9UXQ4DO1t3ApyEtg2YXzTdO2PCwyiBwpwp -LiniyMMB8jPqKqrMCQj3ZWfGzd/TtiunvczRDnBfuCPRy5FOCvTIeuXZYzbB1N/8 -Ipf3YF3qKS9Ysr1YvY2WTxB1v0h7PVGHoTx0IsL8B3+A3MSs/mrBcDCw6Y5p4ixp -gZQJut3+TcCDjJRYwEYgr5wfAvg1VUkvRtTA8KCWAg8zxXHzniN9lLf9OtMJgwYh -/WA9rjLA0u6NpvDntIJ8CsxwyXmA+P5M9zWEGYox+wrZ13+b8KKaa8MFSu1BYBQw -0aoRQm7TIwIEC8Zl3d1Sd9qBa7Ko+gE4uZbqKmxnl4mUnrzhVNXkanjvSr0rmj1A -fsbAddJu+2gw7OyLnflJNZoaLNmzlTnVHpL3prllL+U9bTpITAjc5CgSKL59NVzq -4BZ+Extq1z7XnvwtdbLBFNUjA9tbbws+eC8N3jONFrdI54OagQ97wUNNVQQXOEpR -1VmiiXTTn74eS9fGbbeIJG9gkaSChVtWQbzQRKtqE77RLFi3EjNYsjdj3BP1lB0/ -QFH1T/U67cjF68IeHRaVesd+QnGTbksVtzDfqu1XhUisHWrdOWnk4Xl4vs4Fv6EM -94B7IWcnMFk= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEDzCCAvegAwIBAgIBADANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJVUzEl -MCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMp -U3RhcmZpZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQw -NjI5MTczOTE2WhcNMzQwNjI5MTczOTE2WjBoMQswCQYDVQQGEwJVUzElMCMGA1UE -ChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMpU3RhcmZp -ZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggEgMA0GCSqGSIb3 -DQEBAQUAA4IBDQAwggEIAoIBAQC3Msj+6XGmBIWtDBFk385N78gDGIc/oav7PKaf -8MOh2tTYbitTkPskpD6E8J7oX+zlJ0T1KKY/e97gKvDIr1MvnsoFAZMej2YcOadN -+lq2cwQlZut3f+dZxkqZJRRU6ybH838Z1TBwj6+wRir/resp7defqgSHo9T5iaU0 -X9tDkYI22WY8sbi5gv2cOj4QyDvvBmVmepsZGD3/cVE8MC5fvj13c7JdBmzDI1aa -K4UmkhynArPkPw2vCHmCuDY96pzTNbO8acr1zJ3o/WSNF4Azbl5KXZnJHoe0nRrA -1W4TNSNe35tfPe/W93bC6j67eA0cQmdrBNj41tpvi/JEoAGrAgEDo4HFMIHCMB0G -A1UdDgQWBBS/X7fRzt0fhvRbVazc1xDCDqmI5zCBkgYDVR0jBIGKMIGHgBS/X7fR -zt0fhvRbVazc1xDCDqmI56FspGowaDELMAkGA1UEBhMCVVMxJTAjBgNVBAoTHFN0 -YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xMjAwBgNVBAsTKVN0YXJmaWVsZCBD -bGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMAwGA1UdEwQFMAMBAf8w -DQYJKoZIhvcNAQEFBQADggEBAAWdP4id0ckaVaGsafPzWdqbAYcaT1epoXkJKtv3 -L7IezMdeatiDh6GX70k1PncGQVhiv45YuApnP+yz3SFmH8lU+nLMPUxA2IGvd56D -eruix/U0F47ZEUD0/CwqTRV/p2JdLiXTAAsgGh1o+Re49L2L7ShZ3U0WixeDyLJl -xy16paq8U4Zt3VekyvggQQto8PT7dL5WXXp59fkdheMtlb71cZBDzI0fmgAKhynp -VSJYACPq4xJDKVtHCN2MQWplBqjlIapBtJUhlbl90TSrE9atvNziPTnNvT51cKEY -WQPJIrSPnNVeKtelttQKbfi3QBFGmh95DmK/D5fs4C8fF5Q= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID3TCCAsWgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBjzELMAkGA1UEBhMCVVMx -EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoT -HFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xMjAwBgNVBAMTKVN0YXJmaWVs -ZCBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5MDkwMTAwMDAw -MFoXDTM3MTIzMTIzNTk1OVowgY8xCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6 -b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFyZmllbGQgVGVj -aG5vbG9naWVzLCBJbmMuMTIwMAYDVQQDEylTdGFyZmllbGQgUm9vdCBDZXJ0aWZp -Y2F0ZSBBdXRob3JpdHkgLSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC -ggEBAL3twQP89o/8ArFvW59I2Z154qK3A2FWGMNHttfKPTUuiUP3oWmb3ooa/RMg -nLRJdzIpVv257IzdIvpy3Cdhl+72WoTsbhm5iSzchFvVdPtrX8WJpRBSiUZV9Lh1 -HOZ/5FSuS/hVclcCGfgXcVnrHigHdMWdSL5stPSksPNkN3mSwOxGXn/hbVNMYq/N -Hwtjuzqd+/x5AJhhdM8mgkBj87JyahkNmcrUDnXMN/uLicFZ8WJ/X7NfZTD4p7dN -dloedl40wOiWVpmKs/B/pM293DIxfJHP4F8R+GuqSVzRmZTRouNjWwl2tVZi4Ut0 -HZbUJtQIBFnQmA4O5t78w+wfkPECAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAO -BgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFHwMMh+n2TB/xH1oo2Kooc6rB1snMA0G -CSqGSIb3DQEBCwUAA4IBAQARWfolTwNvlJk7mh+ChTnUdgWUXuEok21iXQnCoKjU -sHU48TRqneSfioYmUeYs0cYtbpUgSpIB7LiKZ3sx4mcujJUDJi5DnUox9g61DLu3 -4jd/IroAow57UvtruzvE03lRTs2Q9GcHGcg8RnoNAX3FWOdt5oUwF5okxBDgBPfg -8n/Uqgr/Qh037ZTlZFkSIHc40zI+OIF1lnP6aI+xy84fxez6nH7PfrHxBy22/L/K -pL/QlwVKvOoYKAKQvVR4CSFx09F9HdkWsKlhPdAKACL8x3vLCWRFCztAgfd9fDL1 -mMpYjn0q7pBZc2T5NnReJaH1ZgUufzkVqSr7UIuOhWn0 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID7zCCAtegAwIBAgIBADANBgkqhkiG9w0BAQsFADCBmDELMAkGA1UEBhMCVVMx -EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoT -HFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xOzA5BgNVBAMTMlN0YXJmaWVs -ZCBTZXJ2aWNlcyBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5 -MDkwMTAwMDAwMFoXDTM3MTIzMTIzNTk1OVowgZgxCzAJBgNVBAYTAlVTMRAwDgYD -VQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFy -ZmllbGQgVGVjaG5vbG9naWVzLCBJbmMuMTswOQYDVQQDEzJTdGFyZmllbGQgU2Vy -dmljZXMgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBANUMOsQq+U7i9b4Zl1+OiFOxHz/Lz58gE20p -OsgPfTz3a3Y4Y9k2YKibXlwAgLIvWX/2h/klQ4bnaRtSmpDhcePYLQ1Ob/bISdm2 -8xpWriu2dBTrz/sm4xq6HZYuajtYlIlHVv8loJNwU4PahHQUw2eeBGg6345AWh1K -Ts9DkTvnVtYAcMtS7nt9rjrnvDH5RfbCYM8TWQIrgMw0R9+53pBlbQLPLJGmpufe -hRhJfGZOozptqbXuNC66DQO4M99H67FrjSXZm86B0UVGMpZwh94CDklDhbZsc7tk -6mFBrMnUVN+HL8cisibMn1lUaJ/8viovxFUcdUBgF4UCVTmLfwUCAwEAAaNCMEAw -DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFJxfAN+q -AdcwKziIorhtSpzyEZGDMA0GCSqGSIb3DQEBCwUAA4IBAQBLNqaEd2ndOxmfZyMI -bw5hyf2E3F/YNoHN2BtBLZ9g3ccaaNnRbobhiCPPE95Dz+I0swSdHynVv/heyNXB -ve6SbzJ08pGCL72CQnqtKrcgfU28elUSwhXqvfdqlS5sdJ/PHLTyxQGjhdByPq1z -qwubdQxtRbeOlKyWN7Wg0I8VRw7j6IPdj/3vQQF3zCepYoUz8jcI73HPdwbeyBkd -iEDPfUYd/x7H4c7/I9vG+o1VTqkC50cRRj70/b17KSa7qWFiNyi2LSr2EIZkyXCn -0q23KXB56jzaYyWf/Wi3MOxw+3WKt21gZ7IeyLnp2KhvAotnDU0mV3HaIPzBSlCN -sSi6 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFujCCA6KgAwIBAgIJALtAHEP1Xk+wMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV -BAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcxHzAdBgNVBAMTFlN3aXNzU2ln -biBHb2xkIENBIC0gRzIwHhcNMDYxMDI1MDgzMDM1WhcNMzYxMDI1MDgzMDM1WjBF -MQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dpc3NTaWduIEFHMR8wHQYDVQQDExZT -d2lzc1NpZ24gR29sZCBDQSAtIEcyMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC -CgKCAgEAr+TufoskDhJuqVAtFkQ7kpJcyrhdhJJCEyq8ZVeCQD5XJM1QiyUqt2/8 -76LQwB8CJEoTlo8jE+YoWACjR8cGp4QjK7u9lit/VcyLwVcfDmJlD909Vopz2q5+ -bbqBHH5CjCA12UNNhPqE21Is8w4ndwtrvxEvcnifLtg+5hg3Wipy+dpikJKVyh+c -6bM8K8vzARO/Ws/BtQpgvd21mWRTuKCWs2/iJneRjOBiEAKfNA+k1ZIzUd6+jbqE -emA8atufK+ze3gE/bk3lUIbLtK/tREDFylqM2tIrfKjuvqblCqoOpd8FUrdVxyJd -MmqXl2MT28nbeTZ7hTpKxVKJ+STnnXepgv9VHKVxaSvRAiTysybUa9oEVeXBCsdt -MDeQKuSeFDNeFhdVxVu1yzSJkvGdJo+hB9TGsnhQ2wwMC3wLjEHXuendjIj3o02y -MszYF9rNt85mndT9Xv+9lz4pded+p2JYryU0pUHHPbwNUMoDAw8IWh+Vc3hiv69y -FGkOpeUDDniOJihC8AcLYiAQZzlG+qkDzAQ4embvIIO1jEpWjpEA/I5cgt6IoMPi -aG59je883WX0XaxR7ySArqpWl2/5rX3aYT+YdzylkbYcjCbaZaIJbcHiVOO5ykxM -gI93e2CaHt+28kgeDrpOVG2Y4OGiGqJ3UM/EY5LsRxmd6+ZrzsECAwEAAaOBrDCB -qTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUWyV7 -lqRlUX64OfPAeGZe6Drn8O4wHwYDVR0jBBgwFoAUWyV7lqRlUX64OfPAeGZe6Drn -8O4wRgYDVR0gBD8wPTA7BglghXQBWQECAQEwLjAsBggrBgEFBQcCARYgaHR0cDov -L3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS8wDQYJKoZIhvcNAQEFBQADggIBACe6 -45R88a7A3hfm5djV9VSwg/S7zV4Fe0+fdWavPOhWfvxyeDgD2StiGwC5+OlgzczO -UYrHUDFu4Up+GC9pWbY9ZIEr44OE5iKHjn3g7gKZYbge9LgriBIWhMIxkziWMaa5 -O1M/wySTVltpkuzFwbs4AOPsF6m43Md8AYOfMke6UiI0HTJ6CVanfCU2qT1L2sCC -bwq7EsiHSycR+R4tx5M/nttfJmtS2S6K8RTGRI0Vqbe/vd6mGu6uLftIdxf+u+yv -GPUqUfA5hJeVbG4bwyvEdGB5JbAKJ9/fXtI5z0V9QkvfsywexcZdylU6oJxpmo/a -77KwPJ+HbBIrZXAVUjEaJM9vMSNQH4xPjyPDdEFjHFWoFN0+4FFQz/EbMFYOkrCC -hdiDyyJkvC24JdVUorgG6q2SpCSgwYa1ShNqR88uC1aVVMvOmttqtKay20EIhid3 -92qgQmwLOM7XdVAyksLfKzAiSNDVQTglXaTpXZ/GlHXQRf0wl0OPkKsKx4ZzYEpp -Ld6leNcG2mqeSz53OiATIgHQv2ieY2BrNU0LbbqhPcCT4H8js1WtciVORvnSFu+w -ZMEBnunKoGqYDs/YYPIvSbjkQuE4NRb0yG5P94FW6LqjviOvrv1vA+ACOzB2+htt -Qc8Bsem4yWb02ybzOqR08kkkW8mw0FfB+j564ZfJ ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFwTCCA6mgAwIBAgIITrIAZwwDXU8wDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE -BhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEjMCEGA1UEAxMaU3dpc3NTaWdu -IFBsYXRpbnVtIENBIC0gRzIwHhcNMDYxMDI1MDgzNjAwWhcNMzYxMDI1MDgzNjAw -WjBJMQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dpc3NTaWduIEFHMSMwIQYDVQQD -ExpTd2lzc1NpZ24gUGxhdGludW0gQ0EgLSBHMjCCAiIwDQYJKoZIhvcNAQEBBQAD -ggIPADCCAgoCggIBAMrfogLi2vj8Bxax3mCq3pZcZB/HL37PZ/pEQtZ2Y5Wu669y -IIpFR4ZieIbWIDkm9K6j/SPnpZy1IiEZtzeTIsBQnIJ71NUERFzLtMKfkr4k2Htn -IuJpX+UFeNSH2XFwMyVTtIc7KZAoNppVRDBopIOXfw0enHb/FZ1glwCNioUD7IC+ -6ixuEFGSzH7VozPY1kneWCqv9hbrS3uQMpe5up1Y8fhXSQQeol0GcN1x2/ndi5ob -jM89o03Oy3z2u5yg+gnOI2Ky6Q0f4nIoj5+saCB9bzuohTEJfwvH6GXp43gOCWcw -izSC+13gzJ2BbWLuCB4ELE6b7P6pT1/9aXjvCR+htL/68++QHkwFix7qepF6w9fl -+zC8bBsQWJj3Gl/QKTIDE0ZNYWqFTFJ0LwYfexHihJfGmfNtf9dng34TaNhxKFrY -zt3oEBSa/m0jh26OWnA81Y0JAKeqvLAxN23IhBQeW71FYyBrS3SMvds6DsHPWhaP -pZjydomyExI7C3d3rLvlPClKknLKYRorXkzig3R3+jVIeoVNjZpTxN94ypeRSCtF -KwH3HBqi7Ri6Cr2D+m+8jVeTO9TUps4e8aCxzqv9KyiaTxvXw3LbpMS/XUz13XuW -ae5ogObnmLo2t/5u7Su9IPhlGdpVCX4l3P5hYnL5fhgC72O00Puv5TtjjGePAgMB -AAGjgawwgakwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O -BBYEFFCvzAeHFUdvOMW0ZdHelarp35zMMB8GA1UdIwQYMBaAFFCvzAeHFUdvOMW0 -ZdHelarp35zMMEYGA1UdIAQ/MD0wOwYJYIV0AVkBAQEBMC4wLAYIKwYBBQUHAgEW -IGh0dHA6Ly9yZXBvc2l0b3J5LnN3aXNzc2lnbi5jb20vMA0GCSqGSIb3DQEBBQUA -A4ICAQAIhab1Fgz8RBrBY+D5VUYI/HAcQiiWjrfFwUF1TglxeeVtlspLpYhg0DB0 -uMoI3LQwnkAHFmtllXcBrqS3NQuB2nEVqXQXOHtYyvkv+8Bldo1bAbl93oI9ZLi+ -FHSjClTTLJUYFzX1UWs/j6KWYTl4a0vlpqD4U99REJNi54Av4tHgvI42Rncz7Lj7 -jposiU0xEQ8mngS7twSNC/K5/FqdOxa3L8iYq/6KUFkuozv8KV2LwUvJ4ooTHbG/ -u0IdUt1O2BReEMYxB+9xJ/cbOQncguqLs5WGXv312l0xpuAxtpTmREl0xRbl9x8D -YSjFyMsSoEJL+WuICI20MhjzdZ/EfwBPBZWcoxcCw7NTm6ogOSkrZvqdr16zktK1 -puEa+S1BaYEUtLS17Yk9zvupnTVCRLEcFHOBzyoBNZox1S2PbYTfgE1X4z/FhHXa -icYwu+uPyyIIoK6q8QNsOktNCaUOcsZWayFCTiMlFGiudgp8DAdwZPmaL/YFOSbG -DI8Zf0NebvRbFS/bYV3mZy8/CJT5YLSYMdp08YSTcU1f+2BY0fvEwW2JorsgH51x -kcsymxM9Pn2SUjWskpSi0xjCfMfqr3YFFt1nJ8J+HAciIfNAChs0B0QTwoRqjt8Z -Wr9/6x3iGjjRXK9HkmuAtTClyY3YqzGBH9/CZjfTk6mFhnll0g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFvTCCA6WgAwIBAgIITxvUL1S7L0swDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UE -BhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEhMB8GA1UEAxMYU3dpc3NTaWdu -IFNpbHZlciBDQSAtIEcyMB4XDTA2MTAyNTA4MzI0NloXDTM2MTAyNTA4MzI0Nlow -RzELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEhMB8GA1UEAxMY -U3dpc3NTaWduIFNpbHZlciBDQSAtIEcyMIICIjANBgkqhkiG9w0BAQEFAAOCAg8A -MIICCgKCAgEAxPGHf9N4Mfc4yfjDmUO8x/e8N+dOcbpLj6VzHVxumK4DV644N0Mv -Fz0fyM5oEMF4rhkDKxD6LHmD9ui5aLlV8gREpzn5/ASLHvGiTSf5YXu6t+WiE7br -YT7QbNHm+/pe7R20nqA1W6GSy/BJkv6FCgU+5tkL4k+73JU3/JHpMjUi0R86TieF -nbAVlDLaYQ1HTWBCrpJH6INaUFjpiou5XaHc3ZlKHzZnu0jkg7Y360g6rw9njxcH -6ATK72oxh9TAtvmUcXtnZLi2kUpCe2UuMGoM9ZDulebyzYLs2aFK7PayS+VFheZt -eJMELpyCbTapxDFkH4aDCyr0NQp4yVXPQbBH6TCfmb5hqAaEuSh6XzjZG6k4sIN/ -c8HDO0gqgg8hm7jMqDXDhBuDsz6+pJVpATqJAHgE2cn0mRmrVn5bi4Y5FZGkECwJ -MoBgs5PAKrYYC51+jUnyEEp/+dVGLxmSo5mnJqy7jDzmDrxHB9xzUfFwZC8I+bRH -HTBsROopN4WSaGa8gzj+ezku01DwH/teYLappvonQfGbGHLy9YR0SslnxFSuSGTf -jNFusB3hB48IHpmccelM2KX3RxIfdNFRnobzwqIjQAtz20um53MGjMGg6cFZrEb6 -5i/4z3GcRm25xBWNOHkDRUjvxF3XCO6HOSKGsg0PWEP3calILv3q1h8CAwEAAaOB -rDCBqTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU -F6DNweRBtjpbO8tFnb0cwpj6hlgwHwYDVR0jBBgwFoAUF6DNweRBtjpbO8tFnb0c -wpj6hlgwRgYDVR0gBD8wPTA7BglghXQBWQEDAQEwLjAsBggrBgEFBQcCARYgaHR0 -cDovL3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS8wDQYJKoZIhvcNAQEFBQADggIB -AHPGgeAn0i0P4JUw4ppBf1AsX19iYamGamkYDHRJ1l2E6kFSGG9YrVBWIGrGvShp -WJHckRE1qTodvBqlYJ7YH39FkWnZfrt4csEGDyrOj4VwYaygzQu4OSlWhDJOhrs9 -xCrZ1x9y7v5RoSJBsXECYxqCsGKrXlcSH9/L3XWgwF15kIwb4FDm3jH+mHtwX6WQ -2K34ArZv02DdQEsixT2tOnqfGhpHkXkzuoLcMmkDlm4fS/Bx/uNncqCxv1yL5PqZ -IseEuRuNI5c/7SXgz2W79WEE790eslpBIlqhn10s6FvJbakMDHiqYMZWjwFaDGi8 -aRl5xB9+lwW/xekkUV7U1UtT7dkjWjYDZaPBA61BMPNGG4WQr2W11bHkFlt4dR2X -em1ZqSqPe97Dh4kQmUlzeMg9vVE1dCrV8X5pGyq7O70luJpaPXJhkGaH7gzWTdQR -dAtq/gsD/KNVV4n+SsuuWxcFyPKNIzFTONItaj+CuY0IavdeQXRuwxF+B6wpYJE/ -OMpXEA29MC/HpeZBoNquBYeaoKRlbEwJDIm6uNO5wJOKMPqN5ZprFQFOZ6raYlY+ -hAhm0sQ2fac+EPyI4NSA5QC9qvNOBqN6avlicuMJT+ubDgEj8Z+7fNzcbBGXJbLy -tGMU0gYqZ4yD9c7qB9iaah7s5Aq7KkzrCWA5zspi2C5u ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF2TCCA8GgAwIBAgIQHp4o6Ejy5e/DfEoeWhhntjANBgkqhkiG9w0BAQsFADBk -MQswCQYDVQQGEwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0 -YWwgQ2VydGlmaWNhdGUgU2VydmljZXMxGzAZBgNVBAMTElN3aXNzY29tIFJvb3Qg -Q0EgMjAeFw0xMTA2MjQwODM4MTRaFw0zMTA2MjUwNzM4MTRaMGQxCzAJBgNVBAYT -AmNoMREwDwYDVQQKEwhTd2lzc2NvbTElMCMGA1UECxMcRGlnaXRhbCBDZXJ0aWZp -Y2F0ZSBTZXJ2aWNlczEbMBkGA1UEAxMSU3dpc3Njb20gUm9vdCBDQSAyMIICIjAN -BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAlUJOhJ1R5tMJ6HJaI2nbeHCOFvEr -jw0DzpPMLgAIe6szjPTpQOYXTKueuEcUMncy3SgM3hhLX3af+Dk7/E6J2HzFZ++r -0rk0X2s682Q2zsKwzxNoysjL67XiPS4h3+os1OD5cJZM/2pYmLcX5BtS5X4HAB1f -2uY+lQS3aYg5oUFgJWFLlTloYhyxCwWJwDaCFCE/rtuh/bxvHGCGtlOUSbkrRsVP -ACu/obvLP+DHVxxX6NZp+MEkUp2IVd3Chy50I9AU/SpHWrumnf2U5NGKpV+GY3aF -y6//SSj8gO1MedK75MDvAe5QQQg1I3ArqRa0jG6F6bYRzzHdUyYb3y1aSgJA/MTA -tukxGggo5WDDH8SQjhBiYEQN7Aq+VRhxLKX0srwVYv8c474d2h5Xszx+zYIdkeNL -6yxSNLCK/RJOlrDrcH+eOfdmQrGrrFLadkBXeyq96G4DsguAhYidDMfCd7Camlf0 -uPoTXGiTOmekl9AbmbeGMktg2M7v0Ax/lZ9vh0+Hio5fCHyqW/xavqGRn1V9TrAL -acywlKinh/LTSlDcX3KwFnUey7QYYpqwpzmqm59m2I2mbJYV4+by+PGDYmy7Velh -k6M99bFXi08jsJvllGov34zflVEpYKELKeRcVVi3qPyZ7iVNTA6z00yPhOgpD/0Q -VAKFyPnlw4vP5w8CAwEAAaOBhjCBgzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0hBBYw -FDASBgdghXQBUwIBBgdghXQBUwIBMBIGA1UdEwEB/wQIMAYBAf8CAQcwHQYDVR0O -BBYEFE0mICKJS9PVpAqhb97iEoHF8TwuMB8GA1UdIwQYMBaAFE0mICKJS9PVpAqh -b97iEoHF8TwuMA0GCSqGSIb3DQEBCwUAA4ICAQAyCrKkG8t9voJXiblqf/P0wS4R -fbgZPnm3qKhyN2abGu2sEzsOv2LwnN+ee6FTSA5BesogpxcbtnjsQJHzQq0Qw1zv -/2BZf82Fo4s9SBwlAjxnffUy6S8w5X2lejjQ82YqZh6NM4OKb3xuqFp1mrjX2lhI -REeoTPpMSQpKwhI3qEAMw8jh0FcNlzKVxzqfl9NX+Ave5XLzo9v/tdhZsnPdTSpx -srpJ9csc1fV5yJmz/MFMdOO0vSk3FQQoHt5FRnDsr7p4DooqzgB53MBfGWcsa0vv -aGgLQ+OswWIJ76bdZWGgr4RVSJFSHMYlkSrQwSIjYVmvRRGFHQEkNI/Ps/8XciAT -woCqISxxOQ7Qj1zB09GOInJGTB2Wrk9xseEFKZZZ9LuedT3PDTcNYtsmjGOpI99n -Bjx8Oto0QuFmtEYE3saWmA9LSHokMnWRn6z3aOkquVVlzl1h0ydw2Df+n7mvoC5W -t6NlUe07qxS/TFED6F+KBZvuim6c779o+sjaC+NCydAXFJy3SuCvkychVSa1ZC+N -8f+mQAWFBVzKBxlcCxMoTFh/wqXvRdpg065lYZ1Tg3TCrvJcwhbtkj6EPnNgiLx2 -9CzP0H1907he0ZESEOnN3col49XtmS++dYFLJPlFRpTJKSFTnCZFqhMX5OfNeOI5 -wSsSnqaeG8XmDtkx2Q== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICqDCCAi2gAwIBAgIQIW4zpcvTiKRvKQe0JzzE2DAKBggqhkjOPQQDAzCBlDEL -MAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYD -VQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRlYyBD -bGFzcyAxIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0g -RzQwHhcNMTExMDA1MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBlDELMAkGA1UEBhMC -VVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYDVQQLExZTeW1h -bnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRlYyBDbGFzcyAxIFB1 -YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzQwdjAQBgcq -hkjOPQIBBgUrgQQAIgNiAATXZrUb266zYO5G6ohjdTsqlG3zXxL24w+etgoUU0hS -yNw6s8tIICYSTvqJhNTfkeQpfSgB2dsYQ2mhH7XThhbcx39nI9/fMTGDAzVwsUu3 -yBe7UcvclBfb6gk7dhLeqrWjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E -BTADAQH/MB0GA1UdDgQWBBRlwI0l9Qy6l3eQP54u4Fr1ztXh5DAKBggqhkjOPQQD -AwNpADBmAjEApa7jRlP4mDbjIvouKEkN7jB+M/PsP3FezFWJeJmssv3cHFwzjim5 -axfIEWi13IMHAjEAnMhE2mnCNsNUGRCFAtqdR+9B52wmnQk9922Q0QVEL7C8g5No -8gxFSTm/mQQc0xCg ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID9jCCAt6gAwIBAgIQJDJ18h0v0gkz97RqytDzmDANBgkqhkiG9w0BAQsFADCB -lDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8w -HQYDVQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRl -YyBDbGFzcyAxIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5 -IC0gRzYwHhcNMTExMDE4MDAwMDAwWhcNMzcxMjAxMjM1OTU5WjCBlDELMAkGA1UE -BhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYDVQQLExZT -eW1hbnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRlYyBDbGFzcyAx -IFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzYwggEi -MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHOddJZKmZgiJM6kXZBxbje/SD -6Jlz+muxNuCad6BAwoGNAcfMjL2Pffd543pMA03Z+/2HOCgs3ZqLVAjbZ/sbjP4o -ki++t7JIp4Gh2F6Iw8w5QEFa0dzl2hCfL9oBTf0uRnz5LicKaTfukaMbasxEvxvH -w9QRslBglwm9LiL1QYRmn81ApqkAgMEflZKf3vNI79sdd2H8f9/ulqRy0LY+/3gn -r8uSFWkI22MQ4uaXrG7crPaizh5HmbmJtxLmodTNWRFnw2+F2EJOKL5ZVVkElauP -N4C/DfD8HzpkMViBeNfiNfYgPym4jxZuPkjctUwH4fIa6n4KedaovetdhitNAgMB -AAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQW -BBQzQejIORIVk0jyljIuWvXalF9TYDANBgkqhkiG9w0BAQsFAAOCAQEAFeNzV7EX -tl9JaUSm9l56Z6zS3nVJq/4lVcc6yUQVEG6/MWvL2QeTfxyFYwDjMhLgzMv7OWyP -4lPiPEAz2aSMR+atWPuJr+PehilWNCxFuBL6RIluLRQlKCQBZdbqUqwFblYSCT3Q -dPTXvQbKqDqNVkL6jXI+dPEDct+HG14OelWWLDi3mIXNTTNEyZSPWjEwN0ujOhKz -5zbRIWhLLTjmU64cJVYIVgNnhJ3Gw84kYsdMNs+wBkS39V8C3dlU6S+QTnrIToNA -DJqXPDe/v+z28LSFdyjBC8hnghAXOKK3Buqbvzr46SMHv3TgmDgVVXjucgBcGaP0 -0jPg/73RVDkpDw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICqDCCAi2gAwIBAgIQNBdlEkA7t1aALYDLeVWmHjAKBggqhkjOPQQDAzCBlDEL -MAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYD -VQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRlYyBD -bGFzcyAyIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0g -RzQwHhcNMTExMDA1MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBlDELMAkGA1UEBhMC -VVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYDVQQLExZTeW1h -bnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRlYyBDbGFzcyAyIFB1 -YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzQwdjAQBgcq -hkjOPQIBBgUrgQQAIgNiAATR2UqOTA2ESlG6fO/TzPo6mrWnYxM9AeBJPvrBR8mS -szrX/m+c95o6D/UOCgrDP8jnEhSO1dVtmCyzcTIK6yq99tdqIAtnRZzSsr9TImYJ -XdsR8/EFM1ij4rjPfM2Cm72jQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E -BTADAQH/MB0GA1UdDgQWBBQ9MvM6qQyQhPmijGkGYVQvh3L+BTAKBggqhkjOPQQD -AwNpADBmAjEAyKapr0F/tckRQhZoaUxcuCcYtpjxwH+QbYfTjEYX8D5P/OqwCMR6 -S7wIL8fip29lAjEA1lnehs5fDspU1cbQFQ78i5Ry1I4AWFPPfrFLDeVQhuuea9// -KabYR9mglhjb8kWz ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID9jCCAt6gAwIBAgIQZIKe/DcedF38l/+XyLH/QTANBgkqhkiG9w0BAQsFADCB -lDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8w -HQYDVQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRl -YyBDbGFzcyAyIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5 -IC0gRzYwHhcNMTExMDE4MDAwMDAwWhcNMzcxMjAxMjM1OTU5WjCBlDELMAkGA1UE -BhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYDVQQLExZT -eW1hbnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRlYyBDbGFzcyAy -IFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzYwggEi -MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNzOkFyGOFyz9AYxe9GPo15gRn -V2WYKaRPyVyPDzTS+NqoE2KquB5QZ3iwFkygOakVeq7t0qLA8JA3KRgmXOgNPLZs -ST/B4NzZS7YUGQum05bh1gnjGSYc+R9lS/kaQxwAg9bQqkmi1NvmYji6UBRDbfkx -+FYW2TgCkc/rbN27OU6Z4TBnRfHU8I3D3/7yOAchfQBeVkSz5GC9kSucq1sEcg+y -KNlyqwUgQiWpWwNqIBDMMfAr2jUs0Pual07wgksr2F82owstr2MNHSV/oW5cYqGN -KD6h/Bwg+AEvulWaEbAZ0shQeWsOagXXqgQ2sqPy4V93p3ec5R7c6d9qwWVdAgMB -AAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQW -BBSHjCCVyJhK0daABkqQNETfHE2/sDANBgkqhkiG9w0BAQsFAAOCAQEAgY6ypWaW -tyGltu9vI1pf24HFQqV4wWn99DzX+VxrcHIa/FqXTQCAiIiCisNxDY7FiZss7Y0L -0nJU9X3UXENX6fOupQIR9nYrgVfdfdp0MP1UR/bgFm6mtApI5ud1Bw8pGTnOefS2 -bMVfmdUfS/rfbSw8DVSAcPCIC4DPxmiiuB1w2XaM/O6lyc+tHc+ZJVdaYkXLFmu9 -Sc2lo4xpeSWuuExsi0BmSxY/zwIa3eFsawdhanYVKZl/G92IgMG/tY9zxaaWI4Sm -KIYkM2oBLldzJbZev4/mHWGoQClnHYebHX+bn5nNMdZUvmK7OaxoEkiRIKXLsd3+ -b/xa5IJVWa8xqQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUx -KzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAd -BgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNl -YyBHbG9iYWxSb290IENsYXNzIDIwHhcNMDgxMDAxMTA0MDE0WhcNMzMxMDAxMjM1 -OTU5WjCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnBy -aXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50 -ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDIwggEiMA0G -CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqX9obX+hzkeXaXPSi5kfl82hVYAUd -AqSzm1nzHoqvNK38DcLZSBnuaY/JIPwhqgcZ7bBcrGXHX+0CfHt8LRvWurmAwhiC -FoT6ZrAIxlQjgeTNuUk/9k9uN0goOA/FvudocP05l03Sx5iRUKrERLMjfTlH6VJi -1hKTXrcxlkIF+3anHqP1wvzpesVsqXFP6st4vGCvx9702cu+fjOlbpSD8DT6Iavq -jnKgP6TeMFvvhk1qlVtDRKgQFRzlAVfFmPHmBiiRqiDFt1MmUUOyCxGVWOHAD3bZ -wI18gfNycJ5v/hqO2V81xrJvNHy+SE/iWjnX2J14np+GPgNeGYtEotXHAgMBAAGj -QjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBS/ -WSA2AHmgoCJrjNXyYdK4LMuCSjANBgkqhkiG9w0BAQsFAAOCAQEAMQOiYQsfdOhy -NsZt+U2e+iKo4YFWz827n+qrkRk4r6p8FU3ztqONpfSO9kSpp+ghla0+AGIWiPAC -uvxhI+YzmzB6azZie60EI4RYZeLbK4rnJVM3YlNfvNoBYimipidx5joifsFvHZVw -IEoHNN/q/xWA5brXethbdXwFeilHfkCoMRN3zUA7tFFHei4R40cR3p1m0IvVVGb6 -g1XqfMIpiRvpb7PO4gWEyS8+eIVibslfwXhjdFjASBgMmTnrpMwatXlajRWc2BQN -9noHV8cigwUtPJslJj0Ys6lDfMjIq2SPDqO/nBudMNva0Bkuqjzx+zOAduTNrRlP -BSeOE6Fuwg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUx -KzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAd -BgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNl -YyBHbG9iYWxSb290IENsYXNzIDMwHhcNMDgxMDAxMTAyOTU2WhcNMzMxMDAxMjM1 -OTU5WjCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnBy -aXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50 -ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDMwggEiMA0G -CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9dZPwYiJvJK7genasfb3ZJNW4t/zN -8ELg63iIVl6bmlQdTQyK9tPPcPRStdiTBONGhnFBSivwKixVA9ZIw+A5OO3yXDw/ -RLyTPWGrTs0NvvAgJ1gORH8EGoel15YUNpDQSXuhdfsaa3Ox+M6pCSzyU9XDFES4 -hqX2iys52qMzVNn6chr3IhUciJFrf2blw2qAsCTz34ZFiP0Zf3WHHx+xGwpzJFu5 -ZeAsVMhg02YXP+HMVDNzkQI6pn97djmiH5a2OK61yJN0HZ65tOVgnS9W0eDrXltM -EnAMbEQgqxHY9Bn20pxSN+f6tsIxO0rUFJmtxxr1XV/6B7h8DR/Wgx6zAgMBAAGj -QjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBS1 -A/d2O2GCahKqGFPrAyGUv/7OyjANBgkqhkiG9w0BAQsFAAOCAQEAVj3vlNW92nOy -WL6ukK2YJ5f+AbGwUgC4TeQbIXQbfsDuXmkqJa9c1h3a0nnJ85cp4IaH3gRZD/FZ -1GSFS5mvJQQeyUapl96Cshtwn5z2r3Ex3XsFpSzTucpH9sry9uetuUg/vBa3wW30 -6gmv7PO15wWeph6KU1HWk4HMdJP2udqmJQV0eVp+QD6CSyYRMG7hP0HHRwA11fXT -91Q+gT3aSWqas+8QPebrb9HIIkfLzM8BMZLZGOMivgkeGj5asuRrDFR6fUNOuIml -e9eiPZaGzPImNC1qkp2aGtAw4l1OBLBfiyB+d8E9lYLRRpo7PHi4b6HQDWSieB4p -TpPDpFQUWw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEqjCCA5KgAwIBAgIOSkcAAQAC5aBd1j8AUb8wDQYJKoZIhvcNAQEFBQAwdjEL -MAkGA1UEBhMCREUxHDAaBgNVBAoTE1RDIFRydXN0Q2VudGVyIEdtYkgxIjAgBgNV -BAsTGVRDIFRydXN0Q2VudGVyIENsYXNzIDMgQ0ExJTAjBgNVBAMTHFRDIFRydXN0 -Q2VudGVyIENsYXNzIDMgQ0EgSUkwHhcNMDYwMTEyMTQ0MTU3WhcNMjUxMjMxMjI1 -OTU5WjB2MQswCQYDVQQGEwJERTEcMBoGA1UEChMTVEMgVHJ1c3RDZW50ZXIgR21i -SDEiMCAGA1UECxMZVEMgVHJ1c3RDZW50ZXIgQ2xhc3MgMyBDQTElMCMGA1UEAxMc -VEMgVHJ1c3RDZW50ZXIgQ2xhc3MgMyBDQSBJSTCCASIwDQYJKoZIhvcNAQEBBQAD -ggEPADCCAQoCggEBALTgu1G7OVyLBMVMeRwjhjEQY0NVJz/GRcekPewJDRoeIMJW -Ht4bNwcwIi9v8Qbxq63WyKthoy9DxLCyLfzDlml7forkzMA5EpBCYMnMNWju2l+Q -Vl/NHE1bWEnrDgFPZPosPIlY2C8u4rBo6SI7dYnWRBpl8huXJh0obazovVkdKyT2 -1oQDZogkAHhg8fir/gKya/si+zXmFtGt9i4S5Po1auUZuV3bOx4a+9P/FRQI2Alq -ukWdFHlgfa9Aigdzs5OW03Q0jTo3Kd5c7PXuLjHCINy+8U9/I1LZW+Jk2ZyqBwi1 -Rb3R0DHBq1SfqdLDYmAD8bs5SpJKPQq5ncWg/jcCAwEAAaOCATQwggEwMA8GA1Ud -EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBTUovyfs8PYA9NX -XAek0CSnwPIA1DCB7QYDVR0fBIHlMIHiMIHfoIHcoIHZhjVodHRwOi8vd3d3LnRy -dXN0Y2VudGVyLmRlL2NybC92Mi90Y19jbGFzc18zX2NhX0lJLmNybIaBn2xkYXA6 -Ly93d3cudHJ1c3RjZW50ZXIuZGUvQ049VEMlMjBUcnVzdENlbnRlciUyMENsYXNz -JTIwMyUyMENBJTIwSUksTz1UQyUyMFRydXN0Q2VudGVyJTIwR21iSCxPVT1yb290 -Y2VydHMsREM9dHJ1c3RjZW50ZXIsREM9ZGU/Y2VydGlmaWNhdGVSZXZvY2F0aW9u -TGlzdD9iYXNlPzANBgkqhkiG9w0BAQUFAAOCAQEANmDkcPcGIEPZIxpC8vijsrlN -irTzwppVMXzEO2eatN9NDoqTSheLG43KieHPOh6sHfGcMrSOWXaiQYUlN6AT0PV8 -TtXqluJucsG7Kv5sbviRmEb8yRtXW+rIGjs/sFGYPAfaLFkB2otE6OF0/ado3VS6 -g0bsyEa1+K+XwDsJHI/OcpY9M1ZwvJbL2NV9IJqDnxrcOfHFcqMRA/07QlIp2+gB -95tejNaNhk4Z+rwcvsUhpYeeeC422wlxo3I0+GzjBgnyXlal092Y+tTmBvTwtiBj -S+opvaqCZh77gaqnN60TGOaSw4HBM7uIHqHn4rS9MWwOUT1v+5ZWgOI2F9Hc5A== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEYzCCA0ugAwIBAgIBATANBgkqhkiG9w0BAQsFADCB0jELMAkGA1UEBhMCVFIx -GDAWBgNVBAcTD0dlYnplIC0gS29jYWVsaTFCMEAGA1UEChM5VHVya2l5ZSBCaWxp -bXNlbCB2ZSBUZWtub2xvamlrIEFyYXN0aXJtYSBLdXJ1bXUgLSBUVUJJVEFLMS0w -KwYDVQQLEyRLYW11IFNlcnRpZmlrYXN5b24gTWVya2V6aSAtIEthbXUgU00xNjA0 -BgNVBAMTLVRVQklUQUsgS2FtdSBTTSBTU0wgS29rIFNlcnRpZmlrYXNpIC0gU3Vy -dW0gMTAeFw0xMzExMjUwODI1NTVaFw00MzEwMjUwODI1NTVaMIHSMQswCQYDVQQG -EwJUUjEYMBYGA1UEBxMPR2ViemUgLSBLb2NhZWxpMUIwQAYDVQQKEzlUdXJraXll -IEJpbGltc2VsIHZlIFRla25vbG9qaWsgQXJhc3Rpcm1hIEt1cnVtdSAtIFRVQklU -QUsxLTArBgNVBAsTJEthbXUgU2VydGlmaWthc3lvbiBNZXJrZXppIC0gS2FtdSBT -TTE2MDQGA1UEAxMtVFVCSVRBSyBLYW11IFNNIFNTTCBLb2sgU2VydGlmaWthc2kg -LSBTdXJ1bSAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3UwM6q7 -a9OZLBI3hNmNe5eA027n/5tQlT6QlVZC1xl8JoSNkvoBHToP4mQ4t4y86Ij5iySr -LqP1N+RAjhgleYN1Hzv/bKjFxlb4tO2KRKOrbEz8HdDc72i9z+SqzvBV96I01INr -N3wcwv61A+xXzry0tcXtAA9TNypN9E8Mg/uGz8v+jE69h/mniyFXnHrfA2eJLJ2X -YacQuFWQfw4tJzh03+f92k4S400VIgLI4OD8D62K18lUUMw7D8oWgITQUVbDjlZ/ -iSIzL+aFCr2lqBs23tPcLG07xxO9WSMs5uWk99gL7eqQQESolbuT1dCANLZGeA4f -AJNG4e7p+exPFwIDAQABo0IwQDAdBgNVHQ4EFgQUZT/HiobGPN08VFw1+DrtUgxH -V8gwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEL -BQADggEBACo/4fEyjq7hmFxLXs9rHmoJ0iKpEsdeV31zVmSAhHqT5Am5EM2fKifh -AHe+SMg1qIGf5LgsyX8OsNJLN13qudULXjS99HMpw+0mFZx+CFOKWI3QSyjfwbPf -IPP54+M638yclNhOT8NrF7f3cuitZjO1JVOr4PhMqZ398g26rrnZqsZr+ZO7rqu4 -lzwDGrpDxpa5RXI4s6ehlj2Re37AIVNMh+3yC1SVUZPVIqUNivGTDj5UDrDYyU7c -8jEyVupk+eq1nRZmQnLzf9OxMUP8pI4X8W0jq5Rm+K37DwhuJi1/FwcJsoz7UMCf -lo3Ptv0AnVoUmr8CRPXBwp8iXqIPoeM= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFQTCCAymgAwIBAgICDL4wDQYJKoZIhvcNAQELBQAwUTELMAkGA1UEBhMCVFcx -EjAQBgNVBAoTCVRBSVdBTi1DQTEQMA4GA1UECxMHUm9vdCBDQTEcMBoGA1UEAxMT -VFdDQSBHbG9iYWwgUm9vdCBDQTAeFw0xMjA2MjcwNjI4MzNaFw0zMDEyMzExNTU5 -NTlaMFExCzAJBgNVBAYTAlRXMRIwEAYDVQQKEwlUQUlXQU4tQ0ExEDAOBgNVBAsT -B1Jvb3QgQ0ExHDAaBgNVBAMTE1RXQ0EgR2xvYmFsIFJvb3QgQ0EwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQCwBdvI64zEbooh745NnHEKH1Jw7W2CnJfF -10xORUnLQEK1EjRsGcJ0pDFfhQKX7EMzClPSnIyOt7h52yvVavKOZsTuKwEHktSz -0ALfUPZVr2YOy+BHYC8rMjk1Ujoog/h7FsYYuGLWRyWRzvAZEk2tY/XTP3VfKfCh -MBwqoJimFb3u/Rk28OKRQ4/6ytYQJ0lM793B8YVwm8rqqFpD/G2Gb3PpN0Wp8DbH -zIh1HrtsBv+baz4X7GGqcXzGHaL3SekVtTzWoWH1EfcFbx39Eb7QMAfCKbAJTibc -46KokWofwpFFiFzlmLhxpRUZyXx1EcxwdE8tmx2RRP1WKKD+u4ZqyPpcC1jcxkt2 -yKsi2XMPpfRaAok/T54igu6idFMqPVMnaR1sjjIsZAAmY2E2TqNGtz99sy2sbZCi -laLOz9qC5wc0GZbpuCGqKX6mOL6OKUohZnkfs8O1CWfe1tQHRvMq2uYiN2DLgbYP -oA/pyJV/v1WRBXrPPRXAb94JlAGD1zQbzECl8LibZ9WYkTunhHiVJqRaCPgrdLQA -BDzfuBSO6N+pjWxnkjMdwLfS7JLIvgm/LCkFbwJrnu+8vyq8W8BQj0FwcYeyTbcE -qYSjMq+u7msXi7Kx/mzhkIyIqJdIzshNy/MGz19qCkKxHh53L46g5pIOBvwFItIm -4TFRfTLcDwIDAQABoyMwITAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB -/zANBgkqhkiG9w0BAQsFAAOCAgEAXzSBdu+WHdXltdkCY4QWwa6gcFGn90xHNcgL -1yg9iXHZqjNB6hQbbCEAwGxCGX6faVsgQt+i0trEfJdLjbDorMjupWkEmQqSpqsn -LhpNgb+E1HAerUf+/UqdM+DyucRFCCEK2mlpc3INvjT+lIutwx4116KD7+U4x6WF -H6vPNOw/KP4M8VeGTslV9xzU2KV9Bnpv1d8Q34FOIWWxtuEXeZVFBs5fzNxGiWNo -RI2T9GRwoD2dKAXDOXC4Ynsg/eTb6QihuJ49CcdP+yz4k3ZB3lLg4VfSnQO8d57+ -nile98FRYB/e2guyLXW3Q0iT5/Z5xoRdgFlglPx4mI88k1HtQJAH32RjJMtOcQWh -15QaiDLxInQirqWm2BJpTGCjAu4r7NRjkgtevi92a6O2JryPA9gK8kxkRr05YuWW -6zRjESjMlfGt7+/cgFhI6Uu46mWs6fyAtbXIRfmswZ/ZuepiiI7E8UuDEq3mi4TW -nsLrgxifarsbJGAzcMzs9zLzXNl5fe+epP7JI8Mk7hWSsT2RTyaGvWZzJBPqpK5j -wa19hAM8EHiGG3njxPPyBJUgriOCxLM6AGK/5jYk4Ve6xx6QddVfP5VhK8E7zeWz -aGHQRiapIVJpLesux+t3zqY6tQMzT3bR51xUAV3LePTJDL/PEo4XLSNolOer/qmy -KwbQBM0= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDezCCAmOgAwIBAgIBATANBgkqhkiG9w0BAQUFADBfMQswCQYDVQQGEwJUVzES -MBAGA1UECgwJVEFJV0FOLUNBMRAwDgYDVQQLDAdSb290IENBMSowKAYDVQQDDCFU -V0NBIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDgwODI4MDcyNDMz -WhcNMzAxMjMxMTU1OTU5WjBfMQswCQYDVQQGEwJUVzESMBAGA1UECgwJVEFJV0FO -LUNBMRAwDgYDVQQLDAdSb290IENBMSowKAYDVQQDDCFUV0NBIFJvb3QgQ2VydGlm -aWNhdGlvbiBBdXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB -AQCwfnK4pAOU5qfeCTiRShFAh6d8WWQUe7UREN3+v9XAu1bihSX0NXIP+FPQQeFE -AcK0HMMxQhZHhTMidrIKbw/lJVBPhYa+v5guEGcevhEFhgWQxFnQfHgQsIBct+HH -K3XLfJ+utdGdIzdjp9xCoi2SBBtQwXu4PhvJVgSLL1KbralW6cH/ralYhzC2gfeX -RfwZVzsrb+RH9JlF/h3x+JejiB03HFyP4HYlmlD4oFT/RJB2I9IyxsOrBr/8+7/z -rX2SYgJbKdM1o5OaQ2RgXbL6Mv87BK9NQGr5x+PvI/1ry+UPizgN7gr8/g+YnzAx -3WxSZfmLgb4i4RxYA7qRG4kHAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV -HRMBAf8EBTADAQH/MB0GA1UdDgQWBBRqOFsmjd6LWvJPelSDGRjjCDWmujANBgkq -hkiG9w0BAQUFAAOCAQEAPNV3PdrfibqHDAhUaiBQkr6wQT25JmSDCi/oQMCXKCeC -MErJk/9q56YAf4lCmtYR5VPOL8zy2gXE/uJQxDqGfczafhAJO5I1KlOy/usrBdls -XebQ79NqZp4VKIV66IIArB6nCWlWQtNoURi+VJq/REG6Sb4gumlc7rh3zc5sH62D -lhh9DrUUOYTxKOkto557HnpyWoOzeW/vtPzQCqVYT0bf+215WfKEIlKuD8z7fDvn -aspHYcN6+NOSBB+4IIThNlQWx0DeO4pz3N/GCUzf7Nr/1FNCocnyYh0igzyXxfkZ -YiesZSLX0zzG5Y6yU8xJzrww/nsOM5D77dIUkR8Hrw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFcjCCA1qgAwIBAgIQH51ZWtcvwgZEpYAIaeNe9jANBgkqhkiG9w0BAQUFADA/ -MQswCQYDVQQGEwJUVzEwMC4GA1UECgwnR292ZXJubWVudCBSb290IENlcnRpZmlj -YXRpb24gQXV0aG9yaXR5MB4XDTAyMTIwNTEzMjMzM1oXDTMyMTIwNTEzMjMzM1ow -PzELMAkGA1UEBhMCVFcxMDAuBgNVBAoMJ0dvdmVybm1lbnQgUm9vdCBDZXJ0aWZp -Y2F0aW9uIEF1dGhvcml0eTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB -AJoluOzMonWoe/fOW1mKydGGEghU7Jzy50b2iPN86aXfTEc2pBsBHH8eV4qNw8XR -IePaJD9IK/ufLqGU5ywck9G/GwGHU5nOp/UKIXZ3/6m3xnOUT0b3EEk3+qhZSV1q -gQdW8or5BtD3cCJNtLdBuTK4sfCxw5w/cP1T3YGq2GN49thTbqGsaoQkclSGxtKy -yhwOeYHWtXBiCAEuTk8O1RGvqa/lmr/czIdtJuTJV6L7lvnM4T9TjGxMfptTCAts -F/tnyMKtsc2AtJfcdgEWFelq16TheEfOhtX7MfP6Mb40qij7cEwdScevLJ1tZqa2 -jWR+tSBqnTuBto9AAGdLiYa4zGX+FVPpBMHWXx1E1wovJ5pGfaENda1UhhXcSTvx -ls4Pm6Dso3pdvtUqdULle96ltqqvKKyskKw4t9VoNSZ63Pc78/1Fm9G7Q3hub/FC -VGqY8A2tl+lSXunVanLeavcbYBT0peS2cWeqH+riTcFCQP5nRhc4L0c/cZyu5SHK -YS1tB6iEfC3uUSXxY5Ce/eFXiGvviiNtsea9P63RPZYLhY3Naye7twWb7LuRqQoH -EgKXTiCQ8P8NHuJBO9NAOueNXdpm5AKwB1KYXA6OM5zCppX7VRluTI6uSw+9wThN -Xo+EHWbNxWCWtFJaBYmOlXqYwZE8lSOyDvR5tMl8wUohAgMBAAGjajBoMB0GA1Ud -DgQWBBTMzO/MKWCkO7GStjz6MmKPrCUVOzAMBgNVHRMEBTADAQH/MDkGBGcqBwAE -MTAvMC0CAQAwCQYFKw4DAhoFADAHBgVnKgMAAAQUA5vwIhP/lSg209yewDL7MTqK -UWUwDQYJKoZIhvcNAQEFBQADggIBAECASvomyc5eMN1PhnR2WPWus4MzeKR6dBcZ -TulStbngCnRiqmjKeKBMmo4sIy7VahIkv9Ro04rQ2JyftB8M3jh+Vzj8jeJPXgyf -qzvS/3WXy6TjZwj/5cAWtUgBfen5Cv8b5Wppv3ghqMKnI6mGq3ZW6A4M9hPdKmaK -ZEk9GhiHkASfQlK3T8v+R0F2Ne//AHY2RTKbxkaFXeIksB7jSJaYV0eUVXoPQbFE -JPPB/hprv4j9wabak2BegUqZIJxIZhm1AHlUD7gsL0u8qV1bYH+Mh6XgUmMqvtg7 -hUAV/h62ZT/FS9p+tXo1KaMuephgIqP0fSdOLeq0dDzpD6QzDxARvBMB1uUO07+1 -EqLhRSPAzAhuYbeJq4PjJB7mXQfnHyA+z2fI56wwbSdLaG5LKlwCCDTb+HbkZ6Mm -nD+iMsJKxYEYMRBWqoTvLQr/uB930r+lWKBi5NdLkXWNiYCYfm3LU05er/ayl4WX -udpVBrkk7tfGOB5jGxI7leFYrPLfhNVfmS8NVVvmONsuP3LpSIXLuykTjx44Vbnz -ssQwmSNOXfJIoRIM3BKQCZBUkQM8R+XVyWXgt0t97EfTsws+rZ7QdAAO671RrcDe -LMDDav7v3Aun+kbfYNucpllQdSNpc5Oy+fwC00fmcc4QAu4njIT/rEUNE1yDMuAl -pYYsfPQS ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFODCCAyCgAwIBAgIRAJW+FqD3LkbxezmCcvqLzZYwDQYJKoZIhvcNAQEFBQAw -NzEUMBIGA1UECgwLVGVsaWFTb25lcmExHzAdBgNVBAMMFlRlbGlhU29uZXJhIFJv -b3QgQ0EgdjEwHhcNMDcxMDE4MTIwMDUwWhcNMzIxMDE4MTIwMDUwWjA3MRQwEgYD -VQQKDAtUZWxpYVNvbmVyYTEfMB0GA1UEAwwWVGVsaWFTb25lcmEgUm9vdCBDQSB2 -MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMK+6yfwIaPzaSZVfp3F -VRaRXP3vIb9TgHot0pGMYzHw7CTww6XScnwQbfQ3t+XmfHnqjLWCi65ItqwA3GV1 -7CpNX8GH9SBlK4GoRz6JI5UwFpB/6FcHSOcZrr9FZ7E3GwYq/t75rH2D+1665I+X -Z75Ljo1kB1c4VWk0Nj0TSO9P4tNmHqTPGrdeNjPUtAa9GAH9d4RQAEX1jF3oI7x+ -/jXh7VB7qTCNGdMJjmhnXb88lxhTuylixcpecsHHltTbLaC0H2kD7OriUPEMPPCs -81Mt8Bz17Ww5OXOAFshSsCPN4D7c3TxHoLs1iuKYaIu+5b9y7tL6pe0S7fyYGKkm -dtwoSxAgHNN/Fnct7W+A90m7UwW7XWjH1Mh1Fj+JWov3F0fUTPHSiXk+TT2YqGHe -Oh7S+F4D4MHJHIzTjU3TlTazN19jY5szFPAtJmtTfImMMsJu7D0hADnJoWjiUIMu -sDor8zagrC/kb2HCUQk5PotTubtn2txTuXZZNp1D5SDgPTJghSJRt8czu90VL6R4 -pgd7gUY2BIbdeTXHlSw7sKMXNeVzH7RcWe/a6hBle3rQf5+ztCo3O3CLm1u5K7fs -slESl1MpWtTwEhDcTwK7EpIvYtQ/aUN8Ddb8WHUBiJ1YFkveupD/RwGJBmr2X7KQ -arMCpgKIv7NHfirZ1fpoeDVNAgMBAAGjPzA9MA8GA1UdEwEB/wQFMAMBAf8wCwYD -VR0PBAQDAgEGMB0GA1UdDgQWBBTwj1k4ALP1j5qWDNXr+nuqF+gTEjANBgkqhkiG -9w0BAQUFAAOCAgEAvuRcYk4k9AwI//DTDGjkk0kiP0Qnb7tt3oNmzqjMDfz1mgbl -dxSR651Be5kqhOX//CHBXfDkH1e3damhXwIm/9fH907eT/j3HEbAek9ALCI18Bmx -0GtnLLCo4MBANzX2hFxc469CeP6nyQ1Q6g2EdvZR74NTxnr/DlZJLo961gzmJ1Tj -TQpgcmLNkQfWpb/ImWvtxBnmq0wROMVvMeJuScg/doAmAyYp4Db29iBT4xdwNBed -Y2gea+zDTYa4EzAvXUYNR0PVG6pZDrlcjQZIrXSHX8f8MVRBE+LHIQ6e4B4N4cB7 -Q4WQxYpYxmUKeFfyxiMPAdkgS94P+5KFdSpcc41teyWRyu5FrgZLAMzTsVlQ2jqI -OylDRl6XK1TOU2+NSueW+r9xDkKLfP0ooNBIytrEgUy7onOTJsjrDNYmiLbAJM+7 -vVvrdX3pCI6GMyx5dwlppYn8s3CQh3aP0yK7Qs69cwsgJirQmz1wHiRszYd2qReW -t88NkvuOGKmYSdGe/mBEciG5Ge3C9THxOUiIkCR1VBatzvT4aRRkOfujuLpwQMcn -HL/EVlP6Y2XQ8xwOFvVrhlhNGNTkDY6lnVuR3HYkUD/GKvvZt5y11ubQ2egZixVx -SK236thZiNSQvxaz2emsWWFUyBy6ysHK4bkgTI86k4mloMy/0/Z1pHWWbVY= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEIDCCAwigAwIBAgIJAISCLF8cYtBAMA0GCSqGSIb3DQEBCwUAMIGcMQswCQYD -VQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEgQ2l0eTEk -MCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYDVQQLDB5U -cnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxFzAVBgNVBAMMDlRydXN0Q29y -IEVDQS0xMB4XDTE2MDIwNDEyMzIzM1oXDTI5MTIzMTE3MjgwN1owgZwxCzAJBgNV -BAYTAlBBMQ8wDQYDVQQIDAZQYW5hbWExFDASBgNVBAcMC1BhbmFtYSBDaXR5MSQw -IgYDVQQKDBtUcnVzdENvciBTeXN0ZW1zIFMuIGRlIFIuTC4xJzAlBgNVBAsMHlRy -dXN0Q29yIENlcnRpZmljYXRlIEF1dGhvcml0eTEXMBUGA1UEAwwOVHJ1c3RDb3Ig -RUNBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPj+ARtZ+odnbb -3w9U73NjKYKtR8aja+3+XzP4Q1HpGjORMRegdMTUpwHmspI+ap3tDvl0mEDTPwOA -BoJA6LHip1GnHYMma6ve+heRK9jGrB6xnhkB1Zem6g23xFUfJ3zSCNV2HykVh0A5 -3ThFEXXQmqc04L/NyFIduUd+Dbi7xgz2c1cWWn5DkR9VOsZtRASqnKmcp0yJF4Ou -owReUoCLHhIlERnXDH19MURB6tuvsBzvgdAsxZohmz3tQjtQJvLsznFhBmIhVE5/ -wZ0+fyCMgMsq2JdiyIMzkX2woloPV+g7zPIlstR8L+xNxqE6FXrntl019fZISjZF -ZtS6mFjBAgMBAAGjYzBhMB0GA1UdDgQWBBREnkj1zG1I1KBLf/5ZJC+Dl5mahjAf -BgNVHSMEGDAWgBREnkj1zG1I1KBLf/5ZJC+Dl5mahjAPBgNVHRMBAf8EBTADAQH/ -MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEABT41XBVwm8nHc2Fv -civUwo/yQ10CzsSUuZQRg2dd4mdsdXa/uwyqNsatR5Nj3B5+1t4u/ukZMjgDfxT2 -AHMsWbEhBuH7rBiVDKP/mZb3Kyeb1STMHd3BOuCYRLDE5D53sXOpZCz2HAF8P11F -hcCF5yWPldwX8zyfGm6wyuMdKulMY/okYWLW2n62HGz1Ah3UKt1VkOsqEUc8Ll50 -soIipX1TH0XsJ5F95yIW6MBoNtjG8U+ARDL54dHRHareqKucBK+tIA5kmE2la8BI -WJZpTdwHjFGTot+fDz2LYLSCjaoITmJF4PkL0uDgPFveXHEnJcLmA4GLEFPjx1Wi -tJ/X5g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEMDCCAxigAwIBAgIJANqb7HHzA7AZMA0GCSqGSIb3DQEBCwUAMIGkMQswCQYD -VQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEgQ2l0eTEk -MCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYDVQQLDB5U -cnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxHzAdBgNVBAMMFlRydXN0Q29y -IFJvb3RDZXJ0IENBLTEwHhcNMTYwMjA0MTIzMjE2WhcNMjkxMjMxMTcyMzE2WjCB -pDELMAkGA1UEBhMCUEExDzANBgNVBAgMBlBhbmFtYTEUMBIGA1UEBwwLUGFuYW1h -IENpdHkxJDAiBgNVBAoMG1RydXN0Q29yIFN5c3RlbXMgUy4gZGUgUi5MLjEnMCUG -A1UECwweVHJ1c3RDb3IgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MR8wHQYDVQQDDBZU -cnVzdENvciBSb290Q2VydCBDQS0xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB -CgKCAQEAv463leLCJhJrMxnHQFgKq1mqjQCj/IDHUHuO1CAmujIS2CNUSSUQIpid -RtLByZ5OGy4sDjjzGiVoHKZaBeYei0i/mJZ0PmnK6bV4pQa81QBeCQryJ3pS/C3V -seq0iWEk8xoT26nPUu0MJLq5nux+AHT6k61sKZKuUbS701e/s/OojZz0JEsq1pme -9J7+wH5COucLlVPat2gOkEz7cD+PSiyU8ybdY2mplNgQTsVHCJCZGxdNuWxu72CV -EY4hgLW9oHPY0LJ3xEXqWib7ZnZ2+AYfYW0PVcWDtxBWcgYHpfOxGgMFZA6dWorW -hnAbJN7+KIor0Gqw/Hqi3LJ5DotlDwIDAQABo2MwYTAdBgNVHQ4EFgQU7mtJPHo/ -DeOxCbeKyKsZn3MzUOcwHwYDVR0jBBgwFoAU7mtJPHo/DeOxCbeKyKsZn3MzUOcw -DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQAD -ggEBACUY1JGPE+6PHh0RU9otRCkZoB5rMZ5NDp6tPVxBb5UrJKF5mDo4Nvu7Zp5I -/5CQ7z3UuJu0h3U/IJvOcs+hVcFNZKIZBqEHMwwLKeXx6quj7LUKdJDHfXLy11yf -ke+Ri7fc7Waiz45mO7yfOgLgJ90WmMCV1Aqk5IGadZQ1nJBfiDcGrVmVCrDRZ9MZ -yonnMlo2HD6CqFqTvsbQZJG2z9m2GM/bftJlo6bEjhcxwft+dtvTheNYsnd6djts -L1Ac59v2Z3kf9YKVmgenFK+P3CghZwnS1k1aHBkcjndcw5QkPTJrS37UeJSDvjdN -zl/HHk484IkzlQsPpTLWPFp5LBk= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIGLzCCBBegAwIBAgIIJaHfyjPLWQIwDQYJKoZIhvcNAQELBQAwgaQxCzAJBgNV -BAYTAlBBMQ8wDQYDVQQIDAZQYW5hbWExFDASBgNVBAcMC1BhbmFtYSBDaXR5MSQw -IgYDVQQKDBtUcnVzdENvciBTeXN0ZW1zIFMuIGRlIFIuTC4xJzAlBgNVBAsMHlRy -dXN0Q29yIENlcnRpZmljYXRlIEF1dGhvcml0eTEfMB0GA1UEAwwWVHJ1c3RDb3Ig -Um9vdENlcnQgQ0EtMjAeFw0xNjAyMDQxMjMyMjNaFw0zNDEyMzExNzI2MzlaMIGk -MQswCQYDVQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEg -Q2l0eTEkMCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYD -VQQLDB5UcnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxHzAdBgNVBAMMFlRy -dXN0Q29yIFJvb3RDZXJ0IENBLTIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK -AoICAQCnIG7CKqJiJJWQdsg4foDSq8GbZQWU9MEKENUCrO2fk8eHyLAnK0IMPQo+ -QVqedd2NyuCb7GgypGmSaIwLgQ5WoD4a3SwlFIIvl9NkRvRUqdw6VC0xK5mC8tkq -1+9xALgxpL56JAfDQiDyitSSBBtlVkxs1Pu2YVpHI7TYabS3OtB0PAx1oYxOdqHp -2yqlO/rOsP9+aij9JxzIsekp8VduZLTQwRVtDr4uDkbIXvRR/u8OYzo7cbrPb1nK -DOObXUm4TOJXsZiKQlecdu/vvdFoqNL0Cbt3Nb4lggjEFixEIFapRBF37120Hape -az6LMvYHL1cEksr1/p3C6eizjkxLAjHZ5DxIgif3GIJ2SDpxsROhOdUuxTTCHWKF -3wP+TfSvPd9cW436cOGlfifHhi5qjxLGhF5DUVCcGZt45vz27Ud+ez1m7xMTiF88 -oWP7+ayHNZ/zgp6kPwqcMWmLmaSISo5uZk3vFsQPeSghYA2FFn3XVDjxklb9tTNM -g9zXEJ9L/cb4Qr26fHMC4P99zVvh1Kxhe1fVSntb1IVYJ12/+CtgrKAmrhQhJ8Z3 -mjOAPF5GP/fDsaOGM8boXg25NSyqRsGFAnWAoOsk+xWq5Gd/bnc/9ASKL3x74xdh -8N0JqSDIvgmk0H5Ew7IwSjiqqewYmgeCK9u4nBit2uBGF6zPXQIDAQABo2MwYTAd -BgNVHQ4EFgQU2f4hQG6UnrybPZx9mCAZ5YwwYrIwHwYDVR0jBBgwFoAU2f4hQG6U -nrybPZx9mCAZ5YwwYrIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYw -DQYJKoZIhvcNAQELBQADggIBAJ5Fngw7tu/hOsh80QA9z+LqBrWyOrsGS2h60COX -dKcs8AjYeVrXWoSK2BKaG9l9XE1wxaX5q+WjiYndAfrs3fnpkpfbsEZC89NiqpX+ -MWcUaViQCqoL7jcjx1BRtPV+nuN79+TMQjItSQzL/0kMmx40/W5ulop5A7Zv2wnL -/V9lFDfhOPXzYRZY5LVtDQsEGz9QLX+zx3oaFoBg+Iof6Rsqxvm6ARppv9JYx1RX -CI/hOWB3S6xZhBqI8d3LT3jX5+EzLfzuQfogsL7L9ziUwOHQhQ+77Sxzq+3+knYa -ZH9bDTMJBzN7Bj8RpFxwPIXAz+OQqIN3+tvmxYxoZxBnpVIt8MSZj3+/0WvitUfW -2dCFmU2Umw9Lje4AWkcdEQOsQRivh7dvDDqPys/cA8GiCcjl/YBeyGBCARsaU1q7 -N6a3vLqE6R5sGtRk2tRD/pOLS/IseRYQ1JMLiI+h2IYURpFHmygk71dSTlxCnKr3 -Sewn6EAes6aJInKc9Q0ztFijMDvd1GpUk74aTfOTlPf8hAs/hCBcNANExdqtvArB -As8e5ZTZ845b2EzwnexhF7sUMlQMAimTHpKG9n/v55IFDlndmQguLvqcAFLTxWYp -5KeXRKQOKIETNcX2b2TmQcTVL8w0RSXPQQCWPUouwpaYT05KnJe32x+SMsj/D1Fu -1uwJ ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDZzCCAk+gAwIBAgIQGx+ttiD5JNM2a/fH8YygWTANBgkqhkiG9w0BAQUFADBF -MQswCQYDVQQGEwJHQjEYMBYGA1UEChMPVHJ1c3RpcyBMaW1pdGVkMRwwGgYDVQQL -ExNUcnVzdGlzIEZQUyBSb290IENBMB4XDTAzMTIyMzEyMTQwNloXDTI0MDEyMTEx -MzY1NFowRTELMAkGA1UEBhMCR0IxGDAWBgNVBAoTD1RydXN0aXMgTGltaXRlZDEc -MBoGA1UECxMTVHJ1c3RpcyBGUFMgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQAD -ggEPADCCAQoCggEBAMVQe547NdDfxIzNjpvto8A2mfRC6qc+gIMPpqdZh8mQRUN+ -AOqGeSoDvT03mYlmt+WKVoaTnGhLaASMk5MCPjDSNzoiYYkchU59j9WvezX2fihH -iTHcDnlkH5nSW7r+f2C/revnPDgpai/lkQtV/+xvWNUtyd5MZnGPDNcE2gfmHhjj -vSkCqPoc4Vu5g6hBSLwacY3nYuUtsuvffM/bq1rKMfFMIvMFE/eC+XN5DL7XSxzA -0RU8k0Fk0ea+IxciAIleH2ulrG6nS4zto3Lmr2NNL4XSFDWaLk6M6jKYKIahkQlB -OrTh4/L68MkKokHdqeMDx4gVOxzUGpTXn2RZEm0CAwEAAaNTMFEwDwYDVR0TAQH/ -BAUwAwEB/zAfBgNVHSMEGDAWgBS6+nEleYtXQSUhhgtx67JkDoshZzAdBgNVHQ4E -FgQUuvpxJXmLV0ElIYYLceuyZA6LIWcwDQYJKoZIhvcNAQEFBQADggEBAH5Y//01 -GX2cGE+esCu8jowU/yyg2kdbw++BLa8F6nRIW/M+TgfHbcWzk88iNVy2P3UnXwmW -zaD+vkAMXBJV+JOCyinpXj9WV4s4NvdFGkwozZ5BuO1WTISkQMi4sKUraXAEasP4 -1BIy+Q7DsdwyhEQsb8tGD+pmQQ9P8Vilpg0ND2HepZ5dfWWhPBfnqFVO76DH7cZE -f1T1o+CP8HxVIo8ptoGj4W1OLBuAZ+ytIJ8MYmHVl/9D7S3B2l0pKoU/rGXuhg8F -jZBf3+6f9L/uHfuY5H+QK4R4EA5sSVPvFVtlRkpdr7r7OnIdzfYliB6XzCGcKQEN -ZetX2fNXlrtIzYE= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEJzCCAw+gAwIBAgIHAI4X/iQggTANBgkqhkiG9w0BAQsFADCBsTELMAkGA1UE -BhMCVFIxDzANBgNVBAcMBkFua2FyYTFNMEsGA1UECgxEVMOcUktUUlVTVCBCaWxn -aSDEsGxldGnFn2ltIHZlIEJpbGnFn2ltIEfDvHZlbmxpxJ9pIEhpem1ldGxlcmkg -QS7Fni4xQjBABgNVBAMMOVTDnFJLVFJVU1QgRWxla3Ryb25payBTZXJ0aWZpa2Eg -SGl6bWV0IFNhxJ9sYXnEsWPEsXPEsSBINTAeFw0xMzA0MzAwODA3MDFaFw0yMzA0 -MjgwODA3MDFaMIGxMQswCQYDVQQGEwJUUjEPMA0GA1UEBwwGQW5rYXJhMU0wSwYD -VQQKDERUw5xSS1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUgQmlsacWfaW0gR8O8 -dmVubGnEn2kgSGl6bWV0bGVyaSBBLsWeLjFCMEAGA1UEAww5VMOcUktUUlVTVCBF -bGVrdHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxIEg1MIIB -IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCUZ4WWe60ghUEoI5RHwWrom -/4NZzkQqL/7hzmAD/I0Dpe3/a6i6zDQGn1k19uwsu537jVJp45wnEFPzpALFp/kR -Gml1bsMdi9GYjZOHp3GXDSHHmflS0yxjXVW86B8BSLlg/kJK9siArs1mep5Fimh3 -4khon6La8eHBEJ/rPCmBp+EyCNSgBbGM+42WAA4+Jd9ThiI7/PS98wl+d+yG6w8z -5UNP9FR1bSmZLmZaQ9/LXMrI5Tjxfjs1nQ/0xVqhzPMggCTTV+wVunUlm+hkS7M0 -hO8EuPbJbKoCPrZV4jI3X/xml1/N1p7HIL9Nxqw/dV8c7TKcfGkAaZHjIxhT6QID -AQABo0IwQDAdBgNVHQ4EFgQUVpkHHtOsDGlktAxQR95DLL4gwPswDgYDVR0PAQH/ -BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAJ5FdnsX -SDLyOIspve6WSk6BGLFRRyDN0GSxDsnZAdkJzsiZ3GglE9Rc8qPoBP5yCccLqh0l -VX6Wmle3usURehnmp349hQ71+S4pL+f5bFgWV1Al9j4uPqrtd3GqqpmWRgqujuwq -URawXs3qZwQcWDD1YIq9pr1N5Za0/EKJAWv2cMhQOQwt1WbZyNKzMrcbGW3LM/nf -peYVhDfwwvJllpKQd/Ct9JDpEXjXk4nAPQu6KfTomZ1yju2dL+6SfaHx/126M2CF -Yv4HAqGEVka+lgqaE9chTLd8B59OTj+RdPsnnRHM3eaxynFNExc5JsUpISuTKWqW -+qtB4Uu2NQvAmxU= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICjzCCAhWgAwIBAgIQXIuZxVqUxdJxVt7NiYDMJjAKBggqhkjOPQQDAzCBiDEL -MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl -eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT -JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAwMjAx -MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgT -Ck5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVUaGUg -VVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBFQ0MgQ2VydGlm -aWNhdGlvbiBBdXRob3JpdHkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQarFRaqflo -I+d61SRvU8Za2EurxtW20eZzca7dnNYMYf3boIkDuAUU7FfO7l0/4iGzzvfUinng -o4N+LZfQYcTxmdwlkWOrfzCjtHDix6EznPO/LlxTsV+zfTJ/ijTjeXmjQjBAMB0G -A1UdDgQWBBQ64QmG1M8ZwpZ2dEl23OA1xmNjmjAOBgNVHQ8BAf8EBAMCAQYwDwYD -VR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjA2Z6EWCNzklwBBHU6+4WMB -zzuqQhFkoJ2UOQIReVx7Hfpkue4WQrO/isIJxOzksU0CMQDpKmFHjFJKS04YcPbW -RNZu9YO6bVi9JNlWSOrvxKJGgYhqOkbRqZtNyWHa0V1Xahg= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF3jCCA8agAwIBAgIQAf1tMPyjylGoG7xkDjUDLTANBgkqhkiG9w0BAQwFADCB -iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl -cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV -BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAw -MjAxMDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBiDELMAkGA1UEBhMCVVMxEzARBgNV -BAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVU -aGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBSU0EgQ2Vy -dGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK -AoICAQCAEmUXNg7D2wiz0KxXDXbtzSfTTK1Qg2HiqiBNCS1kCdzOiZ/MPans9s/B -3PHTsdZ7NygRK0faOca8Ohm0X6a9fZ2jY0K2dvKpOyuR+OJv0OwWIJAJPuLodMkY -tJHUYmTbf6MG8YgYapAiPLz+E/CHFHv25B+O1ORRxhFnRghRy4YUVD+8M/5+bJz/ -Fp0YvVGONaanZshyZ9shZrHUm3gDwFA66Mzw3LyeTP6vBZY1H1dat//O+T23LLb2 -VN3I5xI6Ta5MirdcmrS3ID3KfyI0rn47aGYBROcBTkZTmzNg95S+UzeQc0PzMsNT -79uq/nROacdrjGCT3sTHDN/hMq7MkztReJVni+49Vv4M0GkPGw/zJSZrM233bkf6 -c0Plfg6lZrEpfDKEY1WJxA3Bk1QwGROs0303p+tdOmw1XNtB1xLaqUkL39iAigmT -Yo61Zs8liM2EuLE/pDkP2QKe6xJMlXzzawWpXhaDzLhn4ugTncxbgtNMs+1b/97l -c6wjOy0AvzVVdAlJ2ElYGn+SNuZRkg7zJn0cTRe8yexDJtC/QV9AqURE9JnnV4ee -UB9XVKg+/XRjL7FQZQnmWEIuQxpMtPAlR1n6BB6T1CZGSlCBst6+eLf8ZxXhyVeE -Hg9j1uliutZfVS7qXMYoCAQlObgOK6nyTJccBz8NUvXt7y+CDwIDAQABo0IwQDAd -BgNVHQ4EFgQUU3m/WqorSs9UgOHYm8Cd8rIDZsswDgYDVR0PAQH/BAQDAgEGMA8G -A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEMBQADggIBAFzUfA3P9wF9QZllDHPF -Up/L+M+ZBn8b2kMVn54CVVeWFPFSPCeHlCjtHzoBN6J2/FNQwISbxmtOuowhT6KO -VWKR82kV2LyI48SqC/3vqOlLVSoGIG1VeCkZ7l8wXEskEVX/JJpuXior7gtNn3/3 -ATiUFJVDBwn7YKnuHKsSjKCaXqeYalltiz8I+8jRRa8YFWSQEg9zKC7F4iRO/Fjs -8PRF/iKz6y+O0tlFYQXBl2+odnKPi4w2r78NBc5xjeambx9spnFixdjQg3IM8WcR -iQycE0xyNN+81XHfqnHd4blsjDwSXWXavVcStkNr/+XeTWYRUc+ZruwXtuhxkYze -Sf7dNXGiFSeUHM9h4ya7b6NnJSFd5t0dCy5oGzuCr+yDZ4XUmFF0sbmZgIn/f3gZ -XHlKYC6SQK5MNyosycdiyA5d9zZbyuAlJQG03RoHnHcAP9Dc1ew91Pq7P8yF1m9/ -qS3fuQL39ZeatTXaw2ewh0qpKJ4jjv9cJ2vhsE/zB+4ALtRZh8tSQZXq9EfX7mRB -VXyNWQKV3WKdwrnuWih0hKWbt5DHDAff9Yk2dDLWKMGwsAvgnEzDHNb842m1R0aB -L6KCq9NjRHDEjf8tM7qtj3u1cIiuPhnPQCjY/MiQu12ZIvVS5ljFH4gxQ+6IHdfG -jjxDah2nGN59PRbxYvnKkKj9 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEojCCA4qgAwIBAgIQRL4Mi1AAJLQR0zYlJWfJiTANBgkqhkiG9w0BAQUFADCB -rjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug -Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho -dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xNjA0BgNVBAMTLVVUTi1VU0VSRmlyc3Qt -Q2xpZW50IEF1dGhlbnRpY2F0aW9uIGFuZCBFbWFpbDAeFw05OTA3MDkxNzI4NTBa -Fw0xOTA3MDkxNzM2NThaMIGuMQswCQYDVQQGEwJVUzELMAkGA1UECBMCVVQxFzAV -BgNVBAcTDlNhbHQgTGFrZSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5l -dHdvcmsxITAfBgNVBAsTGGh0dHA6Ly93d3cudXNlcnRydXN0LmNvbTE2MDQGA1UE -AxMtVVROLVVTRVJGaXJzdC1DbGllbnQgQXV0aGVudGljYXRpb24gYW5kIEVtYWls -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjmFpPJ9q0E7YkY3rs3B -YHW8OWX5ShpHornMSMxqmNVNNRm5pELlzkniii8efNIxB8dOtINknS4p1aJkxIW9 -hVE1eaROaJB7HHqkkqgX8pgV8pPMyaQylbsMTzC9mKALi+VuG6JG+ni8om+rWV6l -L8/K2m2qL+usobNqqrcuZzWLeeEeaYji5kbNoKXqvgvOdjp6Dpvq/NonWz1zHyLm -SGHGTPNpsaguG7bUMSAsvIKKjqQOpdeJQ/wWWq8dcdcRWdq6hw2v+vPhwvCkxWeM -1tZUOt4KpLoDd7NlyP0e03RiqhjKaJMeoYV+9Udly/hNVyh00jT/MLbu9mIwFIws -6wIDAQABo4G5MIG2MAsGA1UdDwQEAwIBxjAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud -DgQWBBSJgmd9xJ0mcABLtFBIfN49rgRufTBYBgNVHR8EUTBPME2gS6BJhkdodHRw -Oi8vY3JsLnVzZXJ0cnVzdC5jb20vVVROLVVTRVJGaXJzdC1DbGllbnRBdXRoZW50 -aWNhdGlvbmFuZEVtYWlsLmNybDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUH -AwQwDQYJKoZIhvcNAQEFBQADggEBALFtYV2mGn98q0rkMPxTbyUkxsrt4jFcKw7u -7mFVbwQ+zznexRtJlOTrIEy05p5QLnLZjfWqo7NK2lYcYJeA3IKirUq9iiv/Cwm0 -xtcgBEXkzYABurorbs6q15L+5K/r9CYdFip/bDCVNy8zEqx/3cfREYxRmLLQo5HQ -rfafnoOTHh1CuEava2bwm3/q4wMC5QJRwarVNZ1yQAOJujEdxRBoUp7fooXFXAim -eOZTT7Hot9MUnpOmw2TjrH5xzbyf6QMbzPvprDHBr3wVdAKZw7JHpsIyYdfHb0gk -USeh1YdV8nuPmD0Wnu51tvjQjvLzxq4oW6fw8zYX/MMF08oDSlQ= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDhDCCAwqgAwIBAgIQL4D+I4wOIg9IZxIokYesszAKBggqhkjOPQQDAzCByjEL -MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW -ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNyBWZXJpU2ln -biwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJp -U2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9y -aXR5IC0gRzQwHhcNMDcxMTA1MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCByjELMAkG -A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJp -U2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNyBWZXJpU2lnbiwg -SW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2ln -biBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5 -IC0gRzQwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASnVnp8Utpkmw4tXNherJI9/gHm -GUo9FANL+mAnINmDiWn6VMaaGF5VKmTeBvaNSjutEDxlPZCIBIngMGGzrl0Bp3ve -fLK+ymVhAIau2o970ImtTR1ZmkGxvEeA3J5iw/mjgbIwga8wDwYDVR0TAQH/BAUw -AwEB/zAOBgNVHQ8BAf8EBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJ -aW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYj -aHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFLMW -kf3upm7ktS5Jj4d4gYDs5bG1MAoGCCqGSM49BAMDA2gAMGUCMGYhDBgmYFo4e1ZC -4Kf8NoRRkSAsdk1DPcQdhCPQrNZ8NQbOzWm9kA3bbEhCHQ6qQgIxAJw9SDkjOVga -FRJZap7v1VmyHVIsmXHNxynfGyphe3HR3vPA5Q06Sqotp9iGKt0uEA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIE0zCCA7ugAwIBAgIQGNrRniZ96LtKIVjNzGs7SjANBgkqhkiG9w0BAQUFADCB -yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL -ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp -U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW -ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0 -aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCByjEL -MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW -ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2ln -biwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJp -U2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9y -aXR5IC0gRzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1 -nmAMqudLO07cfLw8RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbex -t0uz/o9+B1fs70PbZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIz -SdhDY2pSS9KP6HBRTdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQG -BO+QueQA5N06tRn/Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+ -rCpSx4/VBEnkjWNHiDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/ -NIeWiu5T6CUVAgMBAAGjgbIwga8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8E -BAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2UvZ2lmMCEwHzAH -BgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVy -aXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFH/TZafC3ey78DAJ80M5+gKv -MzEzMA0GCSqGSIb3DQEBBQUAA4IBAQCTJEowX2LP2BqYLz3q3JktvXf2pXkiOOzE -p6B4Eq1iDkVwZMXnl2YtmAl+X6/WzChl8gGqCBpH3vn5fJJaCGkgDdk+bW48DW7Y -5gaRQBi5+MHt39tBquCWIMnNZBU4gcmU7qKEKQsTb47bDN0lAtukixlE0kF6BWlK -WE9gyn6CagsCqiUXObXbf+eEZSqVir2G3l6BFoMtEMze/aiCKm0oHw0LxOXnGiYZ -4fQRbxC1lfznQgUy286dUV4otp6F01vvpX1FQHKOtw5rDgb7MzVIcbidJ4vEZV8N -hnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNq ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEuTCCA6GgAwIBAgIQQBrEZCGzEyEDDrvkEhrFHTANBgkqhkiG9w0BAQsFADCB -vTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL -ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwOCBWZXJp -U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MTgwNgYDVQQDEy9W -ZXJpU2lnbiBVbml2ZXJzYWwgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAe -Fw0wODA0MDIwMDAwMDBaFw0zNzEyMDEyMzU5NTlaMIG9MQswCQYDVQQGEwJVUzEX -MBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0 -IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAyMDA4IFZlcmlTaWduLCBJbmMuIC0gRm9y -IGF1dGhvcml6ZWQgdXNlIG9ubHkxODA2BgNVBAMTL1ZlcmlTaWduIFVuaXZlcnNh -bCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEF -AAOCAQ8AMIIBCgKCAQEAx2E3XrEBNNti1xWb/1hajCMj1mCOkdeQmIN65lgZOIzF -9uVkhbSicfvtvbnazU0AtMgtc6XHaXGVHzk8skQHnOgO+k1KxCHfKWGPMiJhgsWH -H26MfF8WIFFE0XBPV+rjHOPMee5Y2A7Cs0WTwCznmhcrewA3ekEzeOEz4vMQGn+H -LL729fdC4uW/h2KJXwBL38Xd5HVEMkE6HnFuacsLdUYI0crSK5XQz/u5QGtkjFdN -/BMReYTtXlT2NJ8IAfMQJQYXStrxHXpma5hgZqTZ79IugvHw7wnqRMkVauIDbjPT -rJ9VAMf2CGqUuV/c4DPxhGD5WycRtPwW8rtWaoAljQIDAQABo4GyMIGvMA8GA1Ud -EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMG0GCCsGAQUFBwEMBGEwX6FdoFsw -WTBXMFUWCWltYWdlL2dpZjAhMB8wBwYFKw4DAhoEFI/l0xqGrI2Oa8PPgGrUSBgs -exkuMCUWI2h0dHA6Ly9sb2dvLnZlcmlzaWduLmNvbS92c2xvZ28uZ2lmMB0GA1Ud -DgQWBBS2d/ppSEefUxLVwuoHMnYH0ZcHGTANBgkqhkiG9w0BAQsFAAOCAQEASvj4 -sAPmLGd75JR3Y8xuTPl9Dg3cyLk1uXBPY/ok+myDjEedO2Pzmvl2MpWRsXe8rJq+ -seQxIcaBlVZaDrHC1LGmWazxY8u4TB1ZkErvkBYoH1quEPuBUDgMbMzxPcP1Y+Oz -4yHJJDnp/RVmRvQbEdBNc6N9Rvk97ahfYtTxP/jgdFcrGJ2BtMQo2pSXpXDrrB2+ -BxHw1dvd5Yzw1TKwg+ZX4o+/vqGqvz0dtdQ46tewXDpPaj+PwGZsY6rp2aQW9IHR -lRQOfc2VNNnSj3BzgXucfr2YYdhFh5iQxeuGMMY1v/D/w1WIg0vvBZIGcfK4mJO3 -7M2CYfE45k+XmCpajQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEGjCCAwICEQCLW3VWhFSFCwDPrzhIzrGkMA0GCSqGSIb3DQEBBQUAMIHKMQsw -CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl -cmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWdu -LCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlT -aWduIENsYXNzIDEgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3Jp -dHkgLSBHMzAeFw05OTEwMDEwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMIHKMQswCQYD -VQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlT -aWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJ -bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWdu -IENsYXNzIDEgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg -LSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN2E1Lm0+afY8wR4 -nN493GwTFtl63SRRZsDHJlkNrAYIwpTRMx/wgzUfbhvI3qpuFU5UJ+/EbRrsC+MO -8ESlV8dAWB6jRx9x7GD2bZTIGDnt/kIYVt/kTEkQeE4BdjVjEjbdZrwBBDajVWjV -ojYJrKshJlQGrT/KFOCsyq0GHZXi+J3x4GD/wn91K0zM2v6HmSHquv4+VNfSWXjb -PG7PoBMAGrgnoeS+Z5bKoMWznN3JdZ7rMJpfo83ZrngZPyPpXNspva1VyBtUjGP2 -6KbqxzcSXKMpHgLZ2x87tNcPVkeBFQRKr4Mn0cVYiMHd9qqnoxjaaKptEVHhv2Vr -n5Z20T0CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAq2aN17O6x5q25lXQBfGfMY1a -qtmqRiYPce2lrVNWYgFHKkTp/j90CxObufRNG7LRX7K20ohcs5/Ny9Sn2WCVhDr4 -wTcdYcrnsMXlkdpUpqwxga6X3s0IrLjAl4B/bnKk52kTlWUfxJM8/XmPBNQ+T+r3 -ns7NZ3xPZQL/kYVUc8f/NveGLezQXk//EZ9yBta4GvFMDSZl4kSAHsef493oCtrs -pSCAaWihT37ha88HQfqDjrw43bAuEbFrskLMmrz5SCJ5ShkPshw+IHTZasO+8ih4 -E1Z5T21Q6huwtVexN2ZYI/PcD98Kh8TvhgXVOBRgmaNL3gaWcSzy27YfpO8/7g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEGTCCAwECEGFwy0mMX5hFKeewptlQW3owDQYJKoZIhvcNAQEFBQAwgcoxCzAJ -BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVy -aVNpZ24gVHJ1c3QgTmV0d29yazE6MDgGA1UECxMxKGMpIDE5OTkgVmVyaVNpZ24s -IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTFFMEMGA1UEAxM8VmVyaVNp -Z24gQ2xhc3MgMiBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0 -eSAtIEczMB4XDTk5MTAwMTAwMDAwMFoXDTM2MDcxNjIzNTk1OVowgcoxCzAJBgNV -BAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVyaVNp -Z24gVHJ1c3QgTmV0d29yazE6MDgGA1UECxMxKGMpIDE5OTkgVmVyaVNpZ24sIElu -Yy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTFFMEMGA1UEAxM8VmVyaVNpZ24g -Q2xhc3MgMiBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAt -IEczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwoNwtUs22e5LeWU -J92lvuCwTY+zYVY81nzD9M0+hsuiiOLh2KRpxbXiv8GmR1BeRjmL1Za6tW8UvxDO -JxOeBUebMXoT2B/Z0wI3i60sR/COgQanDTAM6/c8DyAd3HJG7qUCyFvDyVZpTMUY -wZF7C9UTAJu878NIPkZgIIUq1ZC2zYugzDLdt/1AVbJQHFauzI13TccgTacxdu9o -koqQHgiBVrKtaaNS0MscxCM9H5n+TOgWY47GCI72MfbS+uV23bUckqNJzc0BzWjN -qWm6o+sdDZykIKbBoMXRRkwXbdKsZj+WjOCE1Db/IlnF+RFgqF8EffIa9iVCYQ/E -Srg+iQIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQA0JhU8wI1NQ0kdvekhktdmnLfe -xbjQ5F1fdiLAJvmEOjr5jLX77GDx6M4EsMjdpwOPMPOY36TmpDHf0xwLRtxyID+u -7gU8pDM/CzmscHhzS5kr3zDCVLCoO1Wh/hYozUK9dG6A2ydEp85EXdQbkJgNHkKU -sQAsBNB0owIFImNjzYO1+8FtYmtpdf1dcEG59b98377BMnMiIYtYgXsVkXq642RI -sH/7NiXaldDxJBQX3RiAa0YjOVT1jmIJBB2UkKab5iXiQkWquJCtvgiPqQtCGJTP -cjnhsUPgKM+351psE2tJs//jGHyJizNdrDPXp/naOlXJWBD5qu9ats9LS98q ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEGjCCAwICEQCbfgZJoz5iudXukEhxKe9XMA0GCSqGSIb3DQEBBQUAMIHKMQsw -CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl -cmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWdu -LCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlT -aWduIENsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3Jp -dHkgLSBHMzAeFw05OTEwMDEwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMIHKMQswCQYD -VQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlT -aWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJ -bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWdu -IENsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg -LSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMu6nFL8eB8aHm8b -N3O9+MlrlBIwT/A2R/XQkQr1F8ilYcEWQE37imGQ5XYgwREGfassbqb1EUGO+i2t -KmFZpGcmTNDovFJbcCAEWNF6yaRpvIMXZK0Fi7zQWM6NjPXr8EJJC52XJ2cybuGu -kxUccLwgTS8Y3pKI6GyFVxEa6X7jJhFUokWWVYPKMIno3Nij7SqAP395ZVc+FSBm -CC+Vk7+qRy+oRpfwEuL+wgorUeZ25rdGt+INpsyow0xZVYnm6FNcHOqd8GIWC6fJ -Xwzw3sJ2zq/3avL6QaaiMxTJ5Xpj055iN9WFZZ4O5lMkdBteHRJTW8cs54NJOxWu -imi5V5cCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAERSWwauSCPc/L8my/uRan2Te -2yFPhpk0djZX3dAVL8WtfxUfN2JzPtTnX84XA9s1+ivbrmAJXx5fj267Cz3qWhMe -DGBvtcC1IyIuBwvLqXTLR7sdwdela8wv0kL9Sd2nic9TutoAWii/gt/4uhMdUIaC -/Y4wjylGsB49Ndo4YhYYSq3mtlFs3q9i6wHQHiT+eo8SGhJouPtmmRQURVyu565p -F4ErWjfJXir0xuKhXFSbplQAz/DxwceYMBo7Nhbbo27q/a2ywtrvAkcTisDxszGt -TxzhT5yvDwyd93gN2PQ1VoDat20Xj50egWTh/sVFuq1ruQp6Tk9LhO5L8X3dEQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDojCCAoqgAwIBAgIQE4Y1TR0/BvLB+WUF1ZAcYjANBgkqhkiG9w0BAQUFADBr -MQswCQYDVQQGEwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UECxMmVmlzYSBJbnRl -cm5hdGlvbmFsIFNlcnZpY2UgQXNzb2NpYXRpb24xHDAaBgNVBAMTE1Zpc2EgZUNv -bW1lcmNlIFJvb3QwHhcNMDIwNjI2MDIxODM2WhcNMjIwNjI0MDAxNjEyWjBrMQsw -CQYDVQQGEwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UECxMmVmlzYSBJbnRlcm5h -dGlvbmFsIFNlcnZpY2UgQXNzb2NpYXRpb24xHDAaBgNVBAMTE1Zpc2EgZUNvbW1l -cmNlIFJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvV95WHm6h -2mCxlCfLF9sHP4CFT8icttD0b0/Pmdjh28JIXDqsOTPHH2qLJj0rNfVIsZHBAk4E -lpF7sDPwsRROEW+1QK8bRaVK7362rPKgH1g/EkZgPI2h4H3PVz4zHvtH8aoVlwdV -ZqW1LS7YgFmypw23RuwhY/81q6UCzyr0TP579ZRdhE2o8mCP2w4lPJ9zcc+U30rq -299yOIzzlr3xF7zSujtFWsan9sYXiwGd/BmoKoMWuDpI/k4+oKsGGelT84ATB+0t -vz8KPFUgOSwsAGl0lUq8ILKpeeUYiZGo3BxN77t+Nwtd/jmliFKMAGzsGHxBvfaL -dXe6YJ2E5/4tAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD -AgEGMB0GA1UdDgQWBBQVOIMPPyw/cDMezUb+B4wg4NfDtzANBgkqhkiG9w0BAQUF -AAOCAQEAX/FBfXxcCLkr4NWSR/pnXKUTwwMhmytMiUbPWU3J/qVAtmPN3XEolWcR -zCSs00Rsca4BIGsDoo8Ytyk6feUWYFN4PMCvFYP3j1IzJL1kk5fui/fbGKhtcbP3 -LBfQdCVp9/5rPJS+TUtBjE7ic9DjkCJzQ83z7+pzzkWKsKZJ/0x9nXGIxHYdkFsd -7v3M9+79YKWxehZx0RbQfBI8bGmX265fOZpwLwU8GUYEmSA20GBuYQa7FkKMcPcw -++DbZqMAAb3mLNqRX6BGi01qnD093QVG/na/oAo85ADmJ7f/hC3euiInlhBx6yLt -398znM/jra6O1I7mT1GvFpLgXPYHDw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEMDCCAxigAwIBAgIQUJRs7Bjq1ZxN1ZfvdY+grTANBgkqhkiG9w0BAQUFADCB -gjELMAkGA1UEBhMCVVMxHjAcBgNVBAsTFXd3dy54cmFtcHNlY3VyaXR5LmNvbTEk -MCIGA1UEChMbWFJhbXAgU2VjdXJpdHkgU2VydmljZXMgSW5jMS0wKwYDVQQDEyRY -UmFtcCBHbG9iYWwgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQxMTAxMTcx -NDA0WhcNMzUwMTAxMDUzNzE5WjCBgjELMAkGA1UEBhMCVVMxHjAcBgNVBAsTFXd3 -dy54cmFtcHNlY3VyaXR5LmNvbTEkMCIGA1UEChMbWFJhbXAgU2VjdXJpdHkgU2Vy -dmljZXMgSW5jMS0wKwYDVQQDEyRYUmFtcCBHbG9iYWwgQ2VydGlmaWNhdGlvbiBB -dXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYJB69FbS6 -38eMpSe2OAtp87ZOqCwuIR1cRN8hXX4jdP5efrRKt6atH67gBhbim1vZZ3RrXYCP -KZ2GG9mcDZhtdhAoWORlsH9KmHmf4MMxfoArtYzAQDsRhtDLooY2YKTVMIJt2W7Q -DxIEM5dfT2Fa8OT5kavnHTu86M/0ay00fOJIYRyO82FEzG+gSqmUsE3a56k0enI4 -qEHMPJQRfevIpoy3hsvKMzvZPTeL+3o+hiznc9cKV6xkmxnr9A8ECIqsAxcZZPRa -JSKNNCyy9mgdEm3Tih4U2sSPpuIjhdV6Db1q4Ons7Be7QhtnqiXtRYMh/MHJfNVi -PvryxS3T/dRlAgMBAAGjgZ8wgZwwEwYJKwYBBAGCNxQCBAYeBABDAEEwCwYDVR0P -BAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFMZPoj0GY4QJnM5i5ASs -jVy16bYbMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwueHJhbXBzZWN1cml0 -eS5jb20vWEdDQS5jcmwwEAYJKwYBBAGCNxUBBAMCAQEwDQYJKoZIhvcNAQEFBQAD -ggEBAJEVOQMBG2f7Shz5CmBbodpNl2L5JFMn14JkTpAuw0kbK5rc/Kh4ZzXxHfAR -vbdI4xD2Dd8/0sm2qlWkSLoC295ZLhVbO50WfUfXN+pfTXYSNrsf16GBBEYgoyxt -qZ4Bfj8pzgCT3/3JknOJiWSe5yvkHJEs0rnOfc5vMZnT5r7SHpDwCRR5XCOrTdLa -IR9NmXmd4c8nnxCbHIgNsIpkQTG4DmyQJKSbXHGPurt+HBvbaoAPIbzp26a3QPSy -i6mx5O+aGtA9aZnuqCij4Tyz8LIRnM98QObd50N9otg6tamN8jSZxNQQ4Qb9CYQQ -O+7ETPTsJ3xCwnR8gooJybQDJbw= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDODCCAiCgAwIBAgIGIAYFFnACMA0GCSqGSIb3DQEBBQUAMDsxCzAJBgNVBAYT -AlJPMREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJR04gUk9PVCBD -QTAeFw0wNjA3MDQxNzIwMDRaFw0zMTA3MDQxNzIwMDRaMDsxCzAJBgNVBAYTAlJP -MREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJR04gUk9PVCBDQTCC -ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALczuX7IJUqOtdu0KBuqV5Do -0SLTZLrTk+jUrIZhQGpgV2hUhE28alQCBf/fm5oqrl0Hj0rDKH/v+yv6efHHrfAQ -UySQi2bJqIirr1qjAOm+ukbuW3N7LBeCgV5iLKECZbO9xSsAfsT8AzNXDe3i+s5d -RdY4zTW2ssHQnIFKquSyAVwdj1+ZxLGt24gh65AIgoDzMKND5pCCrlUoSe1b16kQ -OA7+j0xbm0bqQfWwCHTD0IgztnzXdN/chNFDDnU5oSVAKOp4yw4sLjmdjItuFhwv -JoIQ4uNllAoEwF73XVv4EOLQunpL+943AAAaWyjj0pxzPjKHmKHJUS/X3qwzs08C -AwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAcYwHQYDVR0O -BBYEFOCMm9slSbPxfIbWskKHC9BroNnkMA0GCSqGSIb3DQEBBQUAA4IBAQA+0hyJ -LjX8+HXd5n9liPRyTMks1zJO890ZeUe9jjtbkw9QSSQTaxQGcu8J06Gh40CEyecY -MnQ8SG4Pn0vU9x7Tk4ZkVJdjclDVVc/6IJMCopvDI5NOFlV2oHB5bc0hH88vLbwZ -44gx+FkagQnIl6Z0x2DEW8xXjrJ1/RsCCdtZb3KTafcxQdaIOL+Hsr0Wefmq5L6I -Jd1hJyMctTEHBDa0GpC9oHRxUIltvBTjD4au8as+x6AJzKNI0eDbZOeStc+vckNw -i/nDhDwTqn6Sm1dTk/pwwpEOMfmbZ13pljheX7NzTogVZ96edhBiIL5VaZVDADlN -9u6wWk5JRFRYX0KD ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFsDCCA5igAwIBAgIQFci9ZUdcr7iXAF7kBtK8nTANBgkqhkiG9w0BAQUFADBe -MQswCQYDVQQGEwJUVzEjMCEGA1UECgwaQ2h1bmdod2EgVGVsZWNvbSBDby4sIEx0 -ZC4xKjAoBgNVBAsMIWVQS0kgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAe -Fw0wNDEyMjAwMjMxMjdaFw0zNDEyMjAwMjMxMjdaMF4xCzAJBgNVBAYTAlRXMSMw -IQYDVQQKDBpDaHVuZ2h3YSBUZWxlY29tIENvLiwgTHRkLjEqMCgGA1UECwwhZVBL -SSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIICIjANBgkqhkiG9w0BAQEF -AAOCAg8AMIICCgKCAgEA4SUP7o3biDN1Z82tH306Tm2d0y8U82N0ywEhajfqhFAH -SyZbCUNsIZ5qyNUD9WBpj8zwIuQf5/dqIjG3LBXy4P4AakP/h2XGtRrBp0xtInAh -ijHyl3SJCRImHJ7K2RKilTza6We/CKBk49ZCt0Xvl/T29de1ShUCWH2YWEtgvM3X -DZoTM1PRYfl61dd4s5oz9wCGzh1NlDivqOx4UXCKXBCDUSH3ET00hl7lSM2XgYI1 -TBnsZfZrxQWh7kcT1rMhJ5QQCtkkO7q+RBNGMD+XPNjX12ruOzjjK9SXDrkb5wdJ -fzcq+Xd4z1TtW0ado4AOkUPB1ltfFLqfpo0kR0BZv3I4sjZsN/+Z0V0OWQqraffA -sgRFelQArr5T9rXn4fg8ozHSqf4hUmTFpmfwdQcGlBSBVcYn5AGPF8Fqcde+S/uU -WH1+ETOxQvdibBjWzwloPn9s9h6PYq2lY9sJpx8iQkEeb5mKPtf5P0B6ebClAZLS -nT0IFaUQAS2zMnaolQ2zepr7BxB4EW/hj8e6DyUadCrlHJhBmd8hh+iVBmoKs2pH -dmX2Os+PYhcZewoozRrSgx4hxyy/vv9haLdnG7t4TY3OZ+XkwY63I2binZB1NJip -NiuKmpS5nezMirH4JYlcWrYvjB9teSSnUmjDhDXiZo1jDiVN1Rmy5nk3pyKdVDEC -AwEAAaNqMGgwHQYDVR0OBBYEFB4M97Zn8uGSJglFwFU5Lnc/QkqiMAwGA1UdEwQF -MAMBAf8wOQYEZyoHAAQxMC8wLQIBADAJBgUrDgMCGgUAMAcGBWcqAwAABBRFsMLH -ClZ87lt4DJX5GFPBphzYEDANBgkqhkiG9w0BAQUFAAOCAgEACbODU1kBPpVJufGB -uvl2ICO1J2B01GqZNF5sAFPZn/KmsSQHRGoqxqWOeBLoR9lYGxMqXnmbnwoqZ6Yl -PwZpVnPDimZI+ymBV3QGypzqKOg4ZyYr8dW1P2WT+DZdjo2NQCCHGervJ8A9tDkP -JXtoUHRVnAxZfVo9QZQlUgjgRywVMRnVvwdVxrsStZf0X4OFunHB2WyBEXYKCrC/ -gpf36j36+uwtqSiUO1bd0lEursC9CBWMd1I0ltabrNMdjmEPNXubrjlpC2JgQCA2 -j6/7Nu4tCEoduL+bXPjqpRugc6bY+G7gMwRfaKonh+3ZwZCc7b3jajWvY9+rGNm6 -5ulK6lCKD2GTHuItGeIwlDWSXQ62B68ZgI9HkFFLLk3dheLSClIKF5r8GrBQAuUB -o2M3IUxExJtRmREOc5wGj1QupyheRDmHVi03vYVElOEMSyycw5KFNGHLD7ibSkNS -/jQ6fbjpKdx2qcgw+BRxgMYeNkh0IkFch4LoGHGLQYlE535YW6i4jRPpp2zDR+2z -Gp1iro2C6pSe3VkQw63d4k3jMdXH7OjysP6SHhYKGvzZ8/gntsm+HbRsZJB/9OTE -W9c3rkIO3aQab3yIVMUWbuF6aC74Or8NpDyJO3inTmODBCEIZ43ygknQW/2xzQ+D -hNQ+IIX3Sj0rnP0qCglN6oH4EZw= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEIDCCAwigAwIBAgIQNE7VVyDV7exJ9C/ON9srbTANBgkqhkiG9w0BAQUFADCB -qTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf -Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIw -MDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNV -BAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMDYxMTE3MDAwMDAwWhcNMzYw -NzE2MjM1OTU5WjCBqTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5j -LjEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYG -A1UECxMvKGMpIDIwMDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNl -IG9ubHkxHzAdBgNVBAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsoPD7gFnUnMekz52hWXMJEEUMDSxuaPFs -W0hoSVk3/AszGcJ3f8wQLZU0HObrTQmnHNK4yZc2AreJ1CRfBsDMRJSUjQJib+ta -3RGNKJpchJAQeg29dGYvajig4tVUROsdB58Hum/u6f1OCyn1PoSgAfGcq/gcfomk -6KHYcWUNo1F77rzSImANuVud37r8UVsLr5iy6S7pBOhih94ryNdOwUxkHt3Ph1i6 -Sk/KaAcdHJ1KxtUvkcx8cXIcxcBn6zL9yZJclNqFwJu/U30rCfSMnZEfl2pSy94J -NqR32HuHUETVPm4pafs5SSYeCaWAe0At6+gnhcn+Yf1+5nyXHdWdAgMBAAGjQjBA -MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBR7W0XP -r87Lev0xkhpqtvNG61dIUDANBgkqhkiG9w0BAQUFAAOCAQEAeRHAS7ORtvzw6WfU -DW5FvlXok9LOAz/t2iWwHVfLHjp2oEzsUHboZHIMpKnxuIvW1oeEuzLlQRHAd9mz -YJ3rG9XRbkREqaYB7FViHXe4XI5ISXycO1cRrK1zN44veFyQaEfZYGDm/Ac9IiAX -xPcW6cTYcvnIc3zfFi8VqT79aie2oetaupgf1eNNZAqdE8hhuvU5HIe6uL17In/2 -/qxAeeWsEG89jxt5dovEN7MhGITlNgDrYyCZuen+MwS7QcjBAvlEYyCegc5C09Y/ -LHbTY5xZ3Y+m4Q6gLkH3LpVHz7z9M/P2C2F+fpErgUfCJzDupxBdN49cOSvkBPB7 -jVaMaA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICiDCCAg2gAwIBAgIQNfwmXNmET8k9Jj1Xm67XVjAKBggqhkjOPQQDAzCBhDEL -MAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjE4MDYGA1UECxMvKGMp -IDIwMDcgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxJDAi -BgNVBAMTG3RoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EgLSBHMjAeFw0wNzExMDUwMDAw -MDBaFw0zODAxMTgyMzU5NTlaMIGEMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhh -d3RlLCBJbmMuMTgwNgYDVQQLEy8oYykgMjAwNyB0aGF3dGUsIEluYy4gLSBGb3Ig -YXV0aG9yaXplZCB1c2Ugb25seTEkMCIGA1UEAxMbdGhhd3RlIFByaW1hcnkgUm9v -dCBDQSAtIEcyMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEotWcgnuVnfFSeIf+iha/ -BebfowJPDQfGAFG6DAJSLSKkQjnE/o/qycG+1E3/n3qe4rF8mq2nhglzh9HnmuN6 -papu+7qzcMBniKI11KOasf2twu8x+qi58/sIxpHR+ymVo0IwQDAPBgNVHRMBAf8E -BTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUmtgAMADna3+FGO6Lts6K -DPgR4bswCgYIKoZIzj0EAwMDaQAwZgIxAN344FdHW6fmCsO99YCKlzUNG4k8VIZ3 -KMqh9HneteY4sPBlcIx/AlTCv//YoT7ZzwIxAMSNlPzcU9LcnXgWHxUzI1NS41ox -XZ3Krr0TKUQNJ1uo52icEvdYPy5yAlejj6EULg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEKjCCAxKgAwIBAgIQYAGXt0an6rS0mtZLL/eQ+zANBgkqhkiG9w0BAQsFADCB -rjELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf -Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIw -MDggdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxJDAiBgNV -BAMTG3RoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EgLSBHMzAeFw0wODA0MDIwMDAwMDBa -Fw0zNzEyMDEyMzU5NTlaMIGuMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3Rl -LCBJbmMuMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9u -MTgwNgYDVQQLEy8oYykgMjAwOCB0aGF3dGUsIEluYy4gLSBGb3IgYXV0aG9yaXpl -ZCB1c2Ugb25seTEkMCIGA1UEAxMbdGhhd3RlIFByaW1hcnkgUm9vdCBDQSAtIEcz -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsr8nLPvb2FvdeHsbnndm -gcs+vHyu86YnmjSjaDFxODNi5PNxZnmxqWWjpYvVj2AtP0LMqmsywCPLLEHd5N/8 -YZzic7IilRFDGF/Eth9XbAoFWCLINkw6fKXRz4aviKdEAhN0cXMKQlkC+BsUa0Lf -b1+6a4KinVvnSr0eAXLbS3ToO39/fR8EtCab4LRarEc9VbjXsCZSKAExQGbY2SS9 -9irY7CFJXJv2eul/VTV+lmuNk5Mny5K76qxAwJ/C+IDPXfRa3M50hqY+bAtTyr2S -zhkGcuYMXDhpxwTWvGzOW/b3aJzcJRVIiKHpqfiYnODz1TEoYRFsZ5aNOZnLwkUk -OQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNV -HQ4EFgQUrWyqlGCc7eT/+j4KdCtjA/e2Wb8wDQYJKoZIhvcNAQELBQADggEBABpA -2JVlrAmSicY59BDlqQ5mU1143vokkbvnRFHfxhY0Cu9qRFHqKweKA3rD6z8KLFIW -oCtDuSWQP3CpMyVtRRooOyfPqsMpQhvfO0zAMzRbQYi/aytlryjvsvXDqmbOe1bu -t8jLZ8HJnBoYuMTDSQPxYA5QzUbF83d597YV4Djbxy8ooAw/dyZ02SUS2jHaGh7c -KUGRIjxpp7sC8rZcJwOJ9Abqm+RyguOhCcHpABnTPtRwa7pxpqpYrvS76Wy274fM -m7v/OeZWYdMKp8RcTGB7BXcmer/YB1IsYvdwY9k5vG8cwnncdimvzsUsZAReiDZu -MdRAGmI0Nj81Aa6sY6A= ------END CERTIFICATE----- diff --git a/bitnami/kaniko/1/debian-11/tags-info.yaml b/bitnami/kaniko/1/debian-11/tags-info.yaml deleted file mode 100644 index 176d4f6d745f..000000000000 --- a/bitnami/kaniko/1/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "1" -- 1-debian-11 -- 1.20.1 -- latest diff --git a/bitnami/keycloak-config-cli/5/debian-11/Dockerfile b/bitnami/keycloak-config-cli/5/debian-11/Dockerfile deleted file mode 100644 index 08829ce9ce40..000000000000 --- a/bitnami/keycloak-config-cli/5/debian-11/Dockerfile +++ /dev/null @@ -1,54 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T06:47:50Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="5.10.0-debian-11-r23" \ - org.opencontainers.image.title="keycloak-config-cli" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="5.10.0" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "java-17.0.10-13-2-linux-${OS_ARCH}-debian-11" \ - "keycloak-config-cli-5.10.0-2-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN ln -sf /opt/bitnami/keycloak-config-cli/keycloak-config-cli.jar /opt/keycloak-config-cli.jar - -ENV APP_VERSION="5.10.0" \ - BITNAMI_APP_NAME="keycloak-config-cli" \ - PATH="/opt/bitnami/java/bin:$PATH" - -WORKDIR /opt/bitnami/keycloak-config-cli -USER 1001 -ENTRYPOINT [ "java", "-jar", "./keycloak-config-cli.jar" ] diff --git a/bitnami/keycloak-config-cli/5/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/keycloak-config-cli/5/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index bc031a7b7118..000000000000 --- a/bitnami/keycloak-config-cli/5/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "java": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "17.0.10-13-2" - }, - "keycloak-config-cli": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "5.10.0-2" - } -} \ No newline at end of file diff --git a/bitnami/keycloak-config-cli/5/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/keycloak-config-cli/5/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/keycloak-config-cli/5/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/keycloak-config-cli/5/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/keycloak-config-cli/5/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/keycloak-config-cli/5/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/keycloak-config-cli/5/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/keycloak-config-cli/5/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/keycloak-config-cli/5/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/keycloak-config-cli/5/debian-11/tags-info.yaml b/bitnami/keycloak-config-cli/5/debian-11/tags-info.yaml deleted file mode 100644 index 1f10e7482931..000000000000 --- a/bitnami/keycloak-config-cli/5/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "5" -- 5-debian-11 -- 5.10.0 -- latest diff --git a/bitnami/keycloak/23/debian-11/Dockerfile b/bitnami/keycloak/23/debian-11/Dockerfile deleted file mode 100644 index 9f333732c18b..000000000000 --- a/bitnami/keycloak/23/debian-11/Dockerfile +++ /dev/null @@ -1,60 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG JAVA_EXTRA_SECURITY_DIR="/bitnami/java/extra-security" -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T06:54:48Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="23.0.6-debian-11-r19" \ - org.opencontainers.image.title="keycloak" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="23.0.6" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl krb5-user libaio1 procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "wait-for-port-1.0.7-9-linux-${OS_ARCH}-debian-11" \ - "java-17.0.10-13-2-linux-${OS_ARCH}-debian-11" \ - "keycloak-23.0.6-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/java/postunpack.sh -RUN /opt/bitnami/scripts/keycloak/postunpack.sh -ENV APP_VERSION="23.0.6" \ - BITNAMI_APP_NAME="keycloak" \ - JAVA_HOME="/opt/bitnami/java" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/java/bin:/opt/bitnami/keycloak/bin:$PATH" - -EXPOSE 8080 8443 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/keycloak/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/keycloak/run.sh" ] diff --git a/bitnami/keycloak/23/debian-11/docker-compose.yml b/bitnami/keycloak/23/debian-11/docker-compose.yml deleted file mode 100644 index e592a484c9b2..000000000000 --- a/bitnami/keycloak/23/debian-11/docker-compose.yml +++ /dev/null @@ -1,25 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' -services: - postgresql: - image: docker.io/bitnami/postgresql:15 - environment: - # ALLOW_EMPTY_PASSWORD is recommended only for development. - - ALLOW_EMPTY_PASSWORD=yes - - POSTGRESQL_USERNAME=bn_keycloak - - POSTGRESQL_DATABASE=bitnami_keycloak - volumes: - - 'postgresql_data:/bitnami/postgresql' - - keycloak: - image: docker.io/bitnami/keycloak:23 - depends_on: - - postgresql - ports: - - "80:8080" - -volumes: - postgresql_data: - driver: local diff --git a/bitnami/keycloak/23/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/keycloak/23/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 517d03ffdf2f..000000000000 --- a/bitnami/keycloak/23/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "java": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "17.0.10-13-2" - }, - "keycloak": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "23.0.6-1" - }, - "wait-for-port": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.7-9" - } -} \ No newline at end of file diff --git a/bitnami/keycloak/23/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/keycloak/23/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/keycloak/23/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/keycloak/23/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/keycloak/23/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/keycloak/23/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/keycloak/23/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/keycloak/23/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/keycloak/23/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/keycloak/23/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/keycloak/23/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/keycloak/23/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/keycloak/23/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/keycloak/23/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/keycloak/23/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/keycloak/23/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/keycloak/23/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/keycloak/23/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/keycloak/23/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/keycloak/23/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/keycloak/23/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/keycloak/23/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/keycloak/23/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/keycloak/23/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/keycloak/23/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/keycloak/23/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/keycloak/23/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/keycloak/23/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/keycloak/23/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/keycloak/23/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/keycloak/23/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/keycloak/23/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/keycloak/23/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/keycloak/23/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/keycloak/23/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/keycloak/23/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/keycloak/23/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/keycloak/23/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/keycloak/23/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/keycloak/23/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/keycloak/23/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/keycloak/23/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/keycloak/23/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh b/bitnami/keycloak/23/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh deleted file mode 100755 index c3a1e2383fa1..000000000000 --- a/bitnami/keycloak/23/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -print_welcome_page - -echo "" -exec "$@" diff --git a/bitnami/keycloak/23/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh b/bitnami/keycloak/23/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh deleted file mode 100755 index 52dbf4f13673..000000000000 --- a/bitnami/keycloak/23/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh - -# -# Java post-unpack operations -# - -# Override default files in the Java security directory. This is used for -# custom base images (with custom CA certificates or block lists is used) - -if [[ -n "${JAVA_EXTRA_SECURITY_DIR:-}" ]] && ! is_dir_empty "$JAVA_EXTRA_SECURITY_DIR"; then - info "Adding custom CAs to the Java security folder" - cp -Lr "${JAVA_EXTRA_SECURITY_DIR}/." /opt/bitnami/java/lib/security -fi diff --git a/bitnami/keycloak/23/debian-11/rootfs/opt/bitnami/scripts/keycloak-env.sh b/bitnami/keycloak/23/debian-11/rootfs/opt/bitnami/scripts/keycloak-env.sh deleted file mode 100644 index 6bf20238bcb7..000000000000 --- a/bitnami/keycloak/23/debian-11/rootfs/opt/bitnami/scripts/keycloak-env.sh +++ /dev/null @@ -1,179 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for keycloak - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-keycloak}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -keycloak_env_vars=( - KEYCLOAK_MOUNTED_CONF_DIR - KEYCLOAK_ADMIN - KEYCLOAK_ADMIN_PASSWORD - KEYCLOAK_HTTP_RELATIVE_PATH - KEYCLOAK_HTTP_PORT - KEYCLOAK_HTTPS_PORT - KEYCLOAK_BIND_ADDRESS - KEYCLOAK_HOSTNAME - KEYCLOAK_INIT_MAX_RETRIES - KEYCLOAK_CACHE_TYPE - KEYCLOAK_CACHE_STACK - KEYCLOAK_EXTRA_ARGS - KEYCLOAK_ENABLE_STATISTICS - KEYCLOAK_ENABLE_HEALTH_ENDPOINTS - KEYCLOAK_ENABLE_HTTPS - KEYCLOAK_HTTPS_TRUST_STORE_FILE - KEYCLOAK_HTTPS_TRUST_STORE_PASSWORD - KEYCLOAK_HTTPS_KEY_STORE_FILE - KEYCLOAK_HTTPS_KEY_STORE_PASSWORD - KEYCLOAK_HTTPS_USE_PEM - KEYCLOAK_HTTPS_CERTIFICATE_FILE - KEYCLOAK_HTTPS_CERTIFICATE_KEY_FILE - KEYCLOAK_SPI_TRUSTSTORE_FILE - KEYCLOAK_SPI_TRUSTSTORE_PASSWORD - KEYCLOAK_SPI_TRUSTSTORE_FILE_HOSTNAME_VERIFICATION_POLICY - KEYCLOAK_LOG_LEVEL - KEYCLOAK_LOG_OUTPUT - KEYCLOAK_ROOT_LOG_LEVEL - KEYCLOAK_PROXY - KEYCLOAK_PRODUCTION - KEYCLOAK_EXTRA_ARGS_PREPENDED - KEYCLOAK_DATABASE_VENDOR - KEYCLOAK_DATABASE_HOST - KEYCLOAK_DATABASE_PORT - KEYCLOAK_DATABASE_USER - KEYCLOAK_DATABASE_NAME - KEYCLOAK_DATABASE_PASSWORD - KEYCLOAK_DATABASE_SCHEMA - KEYCLOAK_JDBC_PARAMS - KEYCLOAK_DAEMON_USER - KEYCLOAK_DAEMON_GROUP - KEYCLOAK_ADMIN_USER - KC_HOSTNAME - KC_HTTPS_TRUST_STORE_FILE - KC_HTTPS_TRUST_STORE_PASSWORD - KC_HTTPS_KEY_STORE_FILE - KC_HTTPS_KEY_STORE_PASSWORD - KC_HTTPS_CERTIFICATE_FILE - KC_HTTPS_CERTIFICATE_KEY_FILE - KC_SPI_TRUSTSTORE_FILE_FILE - KC_SPI_TRUSTSTORE_PASSWORD - KC_SPI_TRUSTSTORE_FILE_HOSTNAME_VERIFICATION_POLICY - DB_ADDR - DB_PORT - DB_USER - DB_DATABASE - DB_PASSWORD - DB_SCHEMA - JDBC_PARAMS -) -for env_var in "${keycloak_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset keycloak_env_vars - -# Paths -export BITNAMI_VOLUME_DIR="/bitnami" -export JAVA_HOME="/opt/bitnami/java" -export KEYCLOAK_BASE_DIR="/opt/bitnami/keycloak" -export KEYCLOAK_BIN_DIR="$KEYCLOAK_BASE_DIR/bin" -export KEYCLOAK_PROVIDERS_DIR="$KEYCLOAK_BASE_DIR/providers" -export KEYCLOAK_LOG_DIR="$KEYCLOAK_PROVIDERS_DIR/log" -export KEYCLOAK_TMP_DIR="$KEYCLOAK_PROVIDERS_DIR/tmp" -export KEYCLOAK_DOMAIN_TMP_DIR="$KEYCLOAK_BASE_DIR/domain/tmp" -export WILDFLY_BASE_DIR="/opt/bitnami/wildfly" -export KEYCLOAK_VOLUME_DIR="/bitnami/keycloak" -export KEYCLOAK_CONF_DIR="$KEYCLOAK_BASE_DIR/conf" -export KEYCLOAK_MOUNTED_CONF_DIR="${KEYCLOAK_MOUNTED_CONF_DIR:-${KEYCLOAK_VOLUME_DIR}/conf}" -export KEYCLOAK_INITSCRIPTS_DIR="/docker-entrypoint-initdb.d" -export KEYCLOAK_CONF_FILE="keycloak.conf" -export KEYCLOAK_DEFAULT_CONF_FILE="keycloak.conf" - -# Keycloak configuration -KEYCLOAK_ADMIN="${KEYCLOAK_ADMIN:-"${KEYCLOAK_ADMIN_USER:-}"}" -export KEYCLOAK_ADMIN="${KEYCLOAK_ADMIN:-user}" -export KEYCLOAK_ADMIN_PASSWORD="${KEYCLOAK_ADMIN_PASSWORD:-bitnami}" -export KEYCLOAK_HTTP_RELATIVE_PATH="${KEYCLOAK_HTTP_RELATIVE_PATH:-/}" -export KEYCLOAK_HTTP_PORT="${KEYCLOAK_HTTP_PORT:-8080}" -export KEYCLOAK_HTTPS_PORT="${KEYCLOAK_HTTPS_PORT:-8443}" -export KEYCLOAK_BIND_ADDRESS="${KEYCLOAK_BIND_ADDRESS:-$(hostname --fqdn)}" -KEYCLOAK_HOSTNAME="${KEYCLOAK_HOSTNAME:-"${KC_HOSTNAME:-}"}" -export KEYCLOAK_HOSTNAME="${KEYCLOAK_HOSTNAME:-}" -export KEYCLOAK_INIT_MAX_RETRIES="${KEYCLOAK_INIT_MAX_RETRIES:-10}" -export KEYCLOAK_CACHE_TYPE="${KEYCLOAK_CACHE_TYPE:-ispn}" -export KEYCLOAK_CACHE_STACK="${KEYCLOAK_CACHE_STACK:-}" -export KEYCLOAK_EXTRA_ARGS="${KEYCLOAK_EXTRA_ARGS:-}" -export KEYCLOAK_ENABLE_STATISTICS="${KEYCLOAK_ENABLE_STATISTICS:-false}" -export KEYCLOAK_ENABLE_HEALTH_ENDPOINTS="${KEYCLOAK_ENABLE_HEALTH_ENDPOINTS:-false}" -export KEYCLOAK_ENABLE_HTTPS="${KEYCLOAK_ENABLE_HTTPS:-false}" -KEYCLOAK_HTTPS_TRUST_STORE_FILE="${KEYCLOAK_HTTPS_TRUST_STORE_FILE:-"${KC_HTTPS_TRUST_STORE_FILE:-}"}" -export KEYCLOAK_HTTPS_TRUST_STORE_FILE="${KEYCLOAK_HTTPS_TRUST_STORE_FILE:-}" -KEYCLOAK_HTTPS_TRUST_STORE_PASSWORD="${KEYCLOAK_HTTPS_TRUST_STORE_PASSWORD:-"${KC_HTTPS_TRUST_STORE_PASSWORD:-}"}" -export KEYCLOAK_HTTPS_TRUST_STORE_PASSWORD="${KEYCLOAK_HTTPS_TRUST_STORE_PASSWORD:-}" -KEYCLOAK_HTTPS_KEY_STORE_FILE="${KEYCLOAK_HTTPS_KEY_STORE_FILE:-"${KC_HTTPS_KEY_STORE_FILE:-}"}" -export KEYCLOAK_HTTPS_KEY_STORE_FILE="${KEYCLOAK_HTTPS_KEY_STORE_FILE:-}" -KEYCLOAK_HTTPS_KEY_STORE_PASSWORD="${KEYCLOAK_HTTPS_KEY_STORE_PASSWORD:-"${KC_HTTPS_KEY_STORE_PASSWORD:-}"}" -export KEYCLOAK_HTTPS_KEY_STORE_PASSWORD="${KEYCLOAK_HTTPS_KEY_STORE_PASSWORD:-}" -export KEYCLOAK_HTTPS_USE_PEM="${KEYCLOAK_HTTPS_USE_PEM:-false}" -KEYCLOAK_HTTPS_CERTIFICATE_FILE="${KEYCLOAK_HTTPS_CERTIFICATE_FILE:-"${KC_HTTPS_CERTIFICATE_FILE:-}"}" -export KEYCLOAK_HTTPS_CERTIFICATE_FILE="${KEYCLOAK_HTTPS_CERTIFICATE_FILE:-}" -KEYCLOAK_HTTPS_CERTIFICATE_KEY_FILE="${KEYCLOAK_HTTPS_CERTIFICATE_KEY_FILE:-"${KC_HTTPS_CERTIFICATE_KEY_FILE:-}"}" -export KEYCLOAK_HTTPS_CERTIFICATE_KEY_FILE="${KEYCLOAK_HTTPS_CERTIFICATE_KEY_FILE:-}" -KEYCLOAK_SPI_TRUSTSTORE_FILE="${KEYCLOAK_SPI_TRUSTSTORE_FILE:-"${KC_SPI_TRUSTSTORE_FILE_FILE:-}"}" -export KEYCLOAK_SPI_TRUSTSTORE_FILE="${KEYCLOAK_SPI_TRUSTSTORE_FILE:-}" -KEYCLOAK_SPI_TRUSTSTORE_PASSWORD="${KEYCLOAK_SPI_TRUSTSTORE_PASSWORD:-"${KC_SPI_TRUSTSTORE_PASSWORD:-}"}" -export KEYCLOAK_SPI_TRUSTSTORE_PASSWORD="${KEYCLOAK_SPI_TRUSTSTORE_PASSWORD:-}" -KEYCLOAK_SPI_TRUSTSTORE_FILE_HOSTNAME_VERIFICATION_POLICY="${KEYCLOAK_SPI_TRUSTSTORE_FILE_HOSTNAME_VERIFICATION_POLICY:-"${KC_SPI_TRUSTSTORE_FILE_HOSTNAME_VERIFICATION_POLICY:-}"}" -export KEYCLOAK_SPI_TRUSTSTORE_FILE_HOSTNAME_VERIFICATION_POLICY="${KEYCLOAK_SPI_TRUSTSTORE_FILE_HOSTNAME_VERIFICATION_POLICY:-}" -export KEYCLOAK_LOG_LEVEL="${KEYCLOAK_LOG_LEVEL:-info}" -export KEYCLOAK_LOG_OUTPUT="${KEYCLOAK_LOG_OUTPUT:-default}" -export KEYCLOAK_ROOT_LOG_LEVEL="${KEYCLOAK_ROOT_LOG_LEVEL:-INFO}" -export KEYCLOAK_PROXY="${KEYCLOAK_PROXY:-passthrough}" -export KEYCLOAK_PRODUCTION="${KEYCLOAK_PRODUCTION:-false}" -export KEYCLOAK_EXTRA_ARGS_PREPENDED="${KEYCLOAK_EXTRA_ARGS_PREPENDED:-}" -export KEYCLOAK_DATABASE_VENDOR="${KEYCLOAK_DATABASE_VENDOR:-postgresql}" -KEYCLOAK_DATABASE_HOST="${KEYCLOAK_DATABASE_HOST:-"${DB_ADDR:-}"}" -export KEYCLOAK_DATABASE_HOST="${KEYCLOAK_DATABASE_HOST:-postgresql}" -KEYCLOAK_DATABASE_PORT="${KEYCLOAK_DATABASE_PORT:-"${DB_PORT:-}"}" -export KEYCLOAK_DATABASE_PORT="${KEYCLOAK_DATABASE_PORT:-5432}" -KEYCLOAK_DATABASE_USER="${KEYCLOAK_DATABASE_USER:-"${DB_USER:-}"}" -export KEYCLOAK_DATABASE_USER="${KEYCLOAK_DATABASE_USER:-bn_keycloak}" -KEYCLOAK_DATABASE_NAME="${KEYCLOAK_DATABASE_NAME:-"${DB_DATABASE:-}"}" -export KEYCLOAK_DATABASE_NAME="${KEYCLOAK_DATABASE_NAME:-bitnami_keycloak}" -KEYCLOAK_DATABASE_PASSWORD="${KEYCLOAK_DATABASE_PASSWORD:-"${DB_PASSWORD:-}"}" -export KEYCLOAK_DATABASE_PASSWORD="${KEYCLOAK_DATABASE_PASSWORD:-}" -KEYCLOAK_DATABASE_SCHEMA="${KEYCLOAK_DATABASE_SCHEMA:-"${DB_SCHEMA:-}"}" -export KEYCLOAK_DATABASE_SCHEMA="${KEYCLOAK_DATABASE_SCHEMA:-public}" -KEYCLOAK_JDBC_PARAMS="${KEYCLOAK_JDBC_PARAMS:-"${JDBC_PARAMS:-}"}" -export KEYCLOAK_JDBC_PARAMS="${KEYCLOAK_JDBC_PARAMS:-}" - -# System users (when running with a privileged user) -export KEYCLOAK_DAEMON_USER="${KEYCLOAK_DAEMON_USER:-keycloak}" -export KEYCLOAK_DAEMON_GROUP="${KEYCLOAK_DAEMON_GROUP:-keycloak}" - -# Custom environment variables may be defined below diff --git a/bitnami/keycloak/23/debian-11/rootfs/opt/bitnami/scripts/keycloak/entrypoint.sh b/bitnami/keycloak/23/debian-11/rootfs/opt/bitnami/scripts/keycloak/entrypoint.sh deleted file mode 100755 index 61a78ef118a9..000000000000 --- a/bitnami/keycloak/23/debian-11/rootfs/opt/bitnami/scripts/keycloak/entrypoint.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -#set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libkeycloak.sh - -# Load keycloak environment variables -. /opt/bitnami/scripts/keycloak-env.sh - -print_welcome_page - -if [[ "$*" = *"/opt/bitnami/scripts/keycloak/run.sh"* ]]; then - info "** Starting keycloak setup **" - /opt/bitnami/scripts/keycloak/setup.sh - info "** keycloak setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/keycloak/23/debian-11/rootfs/opt/bitnami/scripts/keycloak/postunpack.sh b/bitnami/keycloak/23/debian-11/rootfs/opt/bitnami/scripts/keycloak/postunpack.sh deleted file mode 100755 index f9af15768fff..000000000000 --- a/bitnami/keycloak/23/debian-11/rootfs/opt/bitnami/scripts/keycloak/postunpack.sh +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libkeycloak.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh - -# Load keycloak environment variables -. /opt/bitnami/scripts/keycloak-env.sh - -ensure_user_exists "$KEYCLOAK_ADMIN" -ensure_user_exists "$KEYCLOAK_DAEMON_USER" --group "$KEYCLOAK_DAEMON_GROUP" - -for dir in "$KEYCLOAK_LOG_DIR" "$KEYCLOAK_TMP_DIR" "$KEYCLOAK_VOLUME_DIR" "$KEYCLOAK_CONF_DIR" "$KEYCLOAK_INITSCRIPTS_DIR" "${KEYCLOAK_BASE_DIR}/.installation" "${KEYCLOAK_BASE_DIR}/data" "${KEYCLOAK_BASE_DIR}/lib" "$KEYCLOAK_BASE_DIR" "$KEYCLOAK_PROVIDERS_DIR"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" - chown -R "$KEYCLOAK_DAEMON_USER" "$dir" -done diff --git a/bitnami/keycloak/23/debian-11/rootfs/opt/bitnami/scripts/keycloak/run.sh b/bitnami/keycloak/23/debian-11/rootfs/opt/bitnami/scripts/keycloak/run.sh deleted file mode 100755 index a77f56e10320..000000000000 --- a/bitnami/keycloak/23/debian-11/rootfs/opt/bitnami/scripts/keycloak/run.sh +++ /dev/null @@ -1,46 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libkeycloak.sh -. /opt/bitnami/scripts/libos.sh - -# Load keycloak environment variables -. /opt/bitnami/scripts/keycloak-env.sh - -info "** Starting keycloak **" -# Use only basename -conf_file="${KEYCLOAK_CONF_DIR}/${KEYCLOAK_CONF_FILE}" - -is_boolean_yes "$KEYCLOAK_PRODUCTION" && start_param="start" || start_param="start-dev" - -start_command=("${KEYCLOAK_BIN_DIR}/kc.sh" "-cf" "$conf_file") - -# Prepend extra args -if [[ -n "$KEYCLOAK_EXTRA_ARGS_PREPENDED" ]]; then - read -r -a extra_args_prepended <<<"$KEYCLOAK_EXTRA_ARGS_PREPENDED" - start_command+=("${extra_args_prepended[@]}") -fi - -start_command+=("$start_param") - -# Add extra args -if [[ -n "$KEYCLOAK_EXTRA_ARGS" ]]; then - read -r -a extra_args <<<"$KEYCLOAK_EXTRA_ARGS" - start_command+=("${extra_args[@]}") -fi - -if am_i_root; then - exec_as_user "$KEYCLOAK_DAEMON_USER" /bin/bash -c "${start_command[*]}" -else - exec /bin/bash -c "${start_command[*]}" -fi diff --git a/bitnami/keycloak/23/debian-11/rootfs/opt/bitnami/scripts/keycloak/setup.sh b/bitnami/keycloak/23/debian-11/rootfs/opt/bitnami/scripts/keycloak/setup.sh deleted file mode 100755 index ff583c1cce11..000000000000 --- a/bitnami/keycloak/23/debian-11/rootfs/opt/bitnami/scripts/keycloak/setup.sh +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libkeycloak.sh - -# Load keycloak environment variables -. /opt/bitnami/scripts/keycloak-env.sh - -# Ensure keycloak environment variables are valid -keycloak_validate - -# Ensure 'daemon' user exists when running as 'root' -am_i_root && ensure_user_exists "$KEYCLOAK_DAEMON_USER" --group "$KEYCLOAK_DAEMON_GROUP" - -# Ensure keycloak is initialized -keycloak_initialize - -# keycloak init scripts -keycloak_custom_init_scripts diff --git a/bitnami/keycloak/23/debian-11/rootfs/opt/bitnami/scripts/libkeycloak.sh b/bitnami/keycloak/23/debian-11/rootfs/opt/bitnami/scripts/libkeycloak.sh deleted file mode 100644 index 3ff54a241134..000000000000 --- a/bitnami/keycloak/23/debian-11/rootfs/opt/bitnami/scripts/libkeycloak.sh +++ /dev/null @@ -1,362 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Keycloak library - -# shellcheck disable=SC1090,SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/libvalidations.sh - -######################## -# Validate settings in KEYCLOAK_* env. variables -# Globals: -# KEYCLOAK_* -# Arguments: -# None -# Returns: -# None -######################### -keycloak_validate() { - info "Validating settings in KEYCLOAK_* env vars..." - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - check_allowed_port() { - local port_var="${1:?missing port variable}" - local -a validate_port_args=() - ! am_i_root && validate_port_args+=("-unprivileged") - validate_port_args+=("${!port_var}") - if ! err=$(validate_port "${validate_port_args[@]}"); then - print_validation_error "An invalid port was specified in the environment variable ${port_var}: ${err}." - fi - } - if is_boolean_yes "$KEYCLOAK_PRODUCTION"; then - if [[ "$KEYCLOAK_PROXY" == "edge" ]]; then - # https://www.keycloak.org/server/reverseproxy - if is_boolean_yes "$KEYCLOAK_ENABLE_HTTPS"; then - print_validation_error "TLS and proxy=edge are not compatible. Please set the KEYCLOAK_ENABLE_HTTPS variable to false when using KEYCLOAK_PROXY=edge. Review # https://www.keycloak.org/server/reverseproxy for more information about proxy settings." - fi - elif ! is_boolean_yes "$KEYCLOAK_ENABLE_HTTPS"; then - # keycloak proxy passthrough/reencrypt requires tls - print_validation_error "You need to have TLS enabled. Please set the KEYCLOAK_ENABLE_HTTPS variable to true" - fi - fi - - if is_boolean_yes "$KEYCLOAK_ENABLE_HTTPS"; then - if is_boolean_yes "$KEYCLOAK_HTTPS_USE_PEM"; then - if is_empty_value "$KEYCLOAK_HTTPS_CERTIFICATE_FILE"; then - print_validation_error "Path to the TLS certificate not defined. Please set the KEYCLOAK_HTTPS_CERTIFICATE_FILE variable to the mounted PEM certificate" - fi - if is_empty_value "$KEYCLOAK_HTTPS_CERTIFICATE_KEY_FILE"; then - print_validation_error "Path to the TLS key not defined. Please set the KEYCLOAK_HTTPS_CERTIFICATE_KEY_FILE variable to the mounted PEM key" - fi - else - if is_empty_value "$KEYCLOAK_HTTPS_TRUST_STORE_FILE"; then - print_validation_error "Path to the TLS truststore file not defined. Please set the KEYCLOAK_HTTPS_TRUST_STORE_FILE variable to the mounted truststore" - fi - if is_empty_value "$KEYCLOAK_HTTPS_KEY_STORE_FILE"; then - print_validation_error "Path to the TLS keystore file not defined. Please set the KEYCLOAK_HTTPS_KEY_STORE_FILE variable to the mounted keystore" - fi - fi - fi - - if ! validate_ip "${KEYCLOAK_BIND_ADDRESS}"; then - if ! is_hostname_resolved "${KEYCLOAK_BIND_ADDRESS}"; then - print_validation_error print_validation_error "The value for KEYCLOAK_BIND_ADDRESS ($KEYCLOAK_BIND_ADDRESS) should be an IPv4 or IPv6 address, or it must be a resolvable hostname" - fi - fi - - if [[ "$KEYCLOAK_HTTP_PORT" -eq "$KEYCLOAK_HTTPS_PORT" ]]; then - print_validation_error "KEYCLOAK_HTTP_PORT and KEYCLOAK_HTTPS_PORT are bound to the same port!" - fi - check_allowed_port KEYCLOAK_HTTP_PORT - check_allowed_port KEYCLOAK_HTTPS_PORT - - for var in KEYCLOAK_ENABLE_HTTPS KEYCLOAK_ENABLE_STATISTICS KEYCLOAK_ENABLE_HEALTH_ENDPOINTS; do - if ! is_true_false_value "${!var}"; then - print_validation_error "The allowed values for $var are [true, false]" - fi - done - - [[ "$error_code" -eq 0 ]] || exit "$error_code" -} - -######################## -# Add or modify an entry in the Discourse configuration file -# Globals: -# KEYCLOAK_* -# Arguments: -# $1 - Variable name -# $2 - Value to assign to the variable -# Returns: -# None -######################### -keycloak_conf_set() { - local -r key="${1:?key missing}" - local -r value="${2:-}" - # Redact sensitive values before outputting to debug log - local redacted_value="${value}" - if [[ "${key}" =~ ^(db|https-key-store|https-trust-store|spi-truststore-file)-password$ ]]; then - redacted_value="_redacted_" - fi - debug "Setting ${key} to '${redacted_value}' in Keycloak configuration" - # Sanitize key (sed does not support fixed string substitutions) - local sanitized_pattern - sanitized_pattern="^\s*(#\s*)?$(sed 's/[]\[^$.*/]/\\&/g' <<<"$key")\s*=\s*(.*)" - local entry="${key} = ${value}" - # Check if the configuration exists in the file - if grep -q -E "$sanitized_pattern" "${KEYCLOAK_CONF_DIR}/${KEYCLOAK_CONF_FILE}"; then - # It exists, so replace the line - replace_in_file "${KEYCLOAK_CONF_DIR}/${KEYCLOAK_CONF_FILE}" "$sanitized_pattern" "$entry" - else - echo "$entry" >>"${KEYCLOAK_CONF_DIR}/${KEYCLOAK_CONF_FILE}" - fi -} - -######################## -# Configure database settings -# Globals: -# KEYCLOAK_* -# Arguments: -# None -# Returns: -# None -######################### -keycloak_configure_database() { - local jdbc_params - jdbc_params="$(echo "$KEYCLOAK_JDBC_PARAMS" | sed -E '/^$|^\&.+$/!s/^/\&/;s/\&/\\&/g')" - - info "Configuring database settings" - if [[ "${KEYCLOAK_DATABASE_VENDOR}" == "postgresql" ]]; then - keycloak_conf_set "db" "postgres" - keycloak_conf_set "db-username" "$KEYCLOAK_DATABASE_USER" - keycloak_conf_set "db-password" "$KEYCLOAK_DATABASE_PASSWORD" - keycloak_conf_set "db-url" "jdbc:postgresql://${KEYCLOAK_DATABASE_HOST}:${KEYCLOAK_DATABASE_PORT}/${KEYCLOAK_DATABASE_NAME}?currentSchema=${KEYCLOAK_DATABASE_SCHEMA}${jdbc_params}" - else - keycloak_conf_set "db" "$KEYCLOAK_DATABASE_VENDOR" - fi -} - -######################## -# Configure cluster caching -# Globals: -# KEYCLOAK_* -# Arguments: -# None -# Returns: -# None -######################### -keycloak_configure_cache() { - info "Configuring cache count" - ! is_empty_value "$KEYCLOAK_CACHE_STACK" && keycloak_conf_set "cache-stack" "${KEYCLOAK_CACHE_STACK}" - keycloak_conf_set "cache" "$KEYCLOAK_CACHE_TYPE" -} - -######################## -# Enable statistics -# Globals: -# KEYCLOAK_* -# Arguments: -# None -# Returns: -# None -######################### -keycloak_configure_metrics() { - info "Enabling statistics" - keycloak_conf_set "metrics-enabled" "$KEYCLOAK_ENABLE_STATISTICS" -} - -######################## -# Enable health endpoints -# Globals: -# KEYCLOAK_* -# Arguments: -# None -# Returns: -# None -######################### -keycloak_configure_health_endpoints() { - info "Enabling health endpoints" - keycloak_conf_set "health-enabled" "$KEYCLOAK_ENABLE_HEALTH_ENDPOINTS" -} - -######################## -# Configure hostname -# Globals: -# KEYCLOAK_* -# Arguments: -# None -# Returns: -# None -######################### -keycloak_configure_hostname() { - info "Configuring hostname settings" - ! is_empty_value "$KEYCLOAK_HOSTNAME" && keycloak_conf_set "hostname" "${KEYCLOAK_HOSTNAME}" - keycloak_conf_set "hostname-strict" "false" -} - -######################## -# Configure http -# Globals: -# KEYCLOAK_* -# Arguments: -# None -# Returns: -# None -######################### -keycloak_configure_http() { - info "Configuring http settings" - keycloak_conf_set "http-enabled" "true" - keycloak_conf_set "http-relative-path" "${KEYCLOAK_HTTP_RELATIVE_PATH}" - keycloak_conf_set "http-port" "${KEYCLOAK_HTTP_PORT}" - keycloak_conf_set "https-port" "${KEYCLOAK_HTTPS_PORT}" -} - -######################## -# Configure logging settings -# Globals: -# KEYCLOAK_* -# Arguments: -# None -# Returns: -# None -######################### -keycloak_configure_loglevel() { - info "Configuring log level" - keycloak_conf_set "log-level" "${KEYCLOAK_LOG_LEVEL}" - keycloak_conf_set "log-console-output" "${KEYCLOAK_LOG_OUTPUT}" -} - -######################## -# Configure proxy settings using JBoss CLI -# Globals: -# KEYCLOAK_* -# Arguments: -# None -# Returns: -# None -######################### -keycloak_configure_proxy() { - info "Configuring proxy" - keycloak_conf_set "proxy" "${KEYCLOAK_PROXY}" -} - -######################## -# Configure HTTPS settings -# Globals: -# KEYCLOAK_* -# Arguments: -# Returns: -# None -######################### -keycloak_configure_https() { - info "Configuring Keycloak HTTPS settings" - if is_boolean_yes "$KEYCLOAK_HTTPS_USE_PEM"; then - keycloak_conf_set "https-certificate-file" "${KEYCLOAK_HTTPS_CERTIFICATE_FILE}" - keycloak_conf_set "https-certificate-key-file" "${KEYCLOAK_HTTPS_CERTIFICATE_KEY_FILE}" - else - ! is_empty_value "$KEYCLOAK_HTTPS_KEY_STORE_PASSWORD" && keycloak_conf_set "https-key-store-password" "${KEYCLOAK_HTTPS_KEY_STORE_PASSWORD}" - ! is_empty_value "$KEYCLOAK_HTTPS_TRUST_STORE_PASSWORD" && keycloak_conf_set "https-trust-store-password" "${KEYCLOAK_HTTPS_TRUST_STORE_PASSWORD}" - keycloak_conf_set "https-key-store-file" "${KEYCLOAK_HTTPS_KEY_STORE_FILE}" - keycloak_conf_set "https-trust-store-file" "${KEYCLOAK_HTTPS_TRUST_STORE_FILE}" - fi -} - -######################## -# Configure SPI TLS settings -# Globals: -# KEYCLOAK_* -# Arguments: -# Returns: -# None -######################### -keycloak_configure_spi_tls() { - info "Configuring Keycloak SPI TLS settings" - ! is_empty_value "$KEYCLOAK_SPI_TRUSTSTORE_PASSWORD" && keycloak_conf_set "spi-truststore-file-password" "${KEYCLOAK_SPI_TRUSTSTORE_PASSWORD}" - ! is_empty_value "$KEYCLOAK_SPI_TRUSTSTORE_FILE_HOSTNAME_VERIFICATION_POLICY" && keycloak_conf_set "spi-truststore-file-hostname-verification-policy" "${KEYCLOAK_SPI_TRUSTSTORE_FILE_HOSTNAME_VERIFICATION_POLICY}" - keycloak_conf_set "spi-truststore-file-file" "${KEYCLOAK_SPI_TRUSTSTORE_FILE}" - -} - -######################## -# Initialize keycloak installation -# Globals: -# KEYCLOAK_* -# Arguments: -# None -# Returns: -# None -######################### -keycloak_initialize() { - # Clean to avoid issues when running docker restart - if [[ "${KEYCLOAK_DATABASE_VENDOR}" == "postgresql" ]]; then - # Wait for database - info "Trying to connect to PostgreSQL server $KEYCLOAK_DATABASE_HOST..." - if ! retry_while "wait-for-port --host $KEYCLOAK_DATABASE_HOST --timeout 10 $KEYCLOAK_DATABASE_PORT" "$KEYCLOAK_INIT_MAX_RETRIES"; then - error "Unable to connect to host $KEYCLOAK_DATABASE_HOST" - exit 1 - else - info "Found PostgreSQL server listening at $KEYCLOAK_DATABASE_HOST:$KEYCLOAK_DATABASE_PORT" - fi - - if ! is_dir_empty "$KEYCLOAK_MOUNTED_CONF_DIR"; then - cp -Lr "$KEYCLOAK_MOUNTED_CONF_DIR"/* "$KEYCLOAK_CONF_DIR" - fi - fi - keycloak_configure_database - keycloak_configure_metrics - keycloak_configure_health_endpoints - keycloak_configure_http - keycloak_configure_hostname - keycloak_configure_cache - keycloak_configure_loglevel - keycloak_configure_proxy - is_boolean_yes "$KEYCLOAK_ENABLE_HTTPS" && keycloak_configure_https - ! is_empty_value "$KEYCLOAK_SPI_TRUSTSTORE_FILE" && keycloak_configure_spi_tls - true -} - -######################## -# Run custom initialization scripts -# Globals: -# KEYCLOAK_* -# Arguments: -# None -# Returns: -# None -######################### -keycloak_custom_init_scripts() { - if [[ -n $(find "${KEYCLOAK_INITSCRIPTS_DIR}/" -type f -regex ".*\.sh") ]] && [[ ! -f "${KEYCLOAK_INITSCRIPTS_DIR}/.user_scripts_initialized" ]]; then - info "Loading user's custom files from ${KEYCLOAK_INITSCRIPTS_DIR} ..." - local -r tmp_file="/tmp/filelist" - find "${KEYCLOAK_INITSCRIPTS_DIR}/" -type f -regex ".*\.sh" | sort >"$tmp_file" - while read -r f; do - case "$f" in - *.sh) - if [[ -x "$f" ]]; then - debug "Executing $f" - "$f" - else - debug "Sourcing $f" - . "$f" - fi - ;; - *) debug "Ignoring $f" ;; - esac - done <$tmp_file - rm -f "$tmp_file" - touch "$KEYCLOAK_VOLUME_DIR"/.user_scripts_initialized - fi -} diff --git a/bitnami/keycloak/23/debian-11/tags-info.yaml b/bitnami/keycloak/23/debian-11/tags-info.yaml deleted file mode 100644 index 16f92474a022..000000000000 --- a/bitnami/keycloak/23/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "23" -- 23-debian-11 -- 23.0.6 -- latest diff --git a/bitnami/kiam/4/debian-11/Dockerfile b/bitnami/kiam/4/debian-11/Dockerfile deleted file mode 100644 index 6a151510713e..000000000000 --- a/bitnami/kiam/4/debian-11/Dockerfile +++ /dev/null @@ -1,54 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T06:58:43Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="4.2.0-debian-11-r449" \ - org.opencontainers.image.title="kiam" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="4.2.0" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl iptables procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "kiam-4.2.0-174-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN update-alternatives --set iptables /usr/sbin/iptables-legacy && \ - update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy - -ENV APP_VERSION="4.2.0" \ - BITNAMI_APP_NAME="kiam" \ - PATH="/opt/bitnami/kiam/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "kiam" ] -CMD [ "--help" ] diff --git a/bitnami/kiam/4/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/kiam/4/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 6911054d6c07..000000000000 --- a/bitnami/kiam/4/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "kiam": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "4.2.0-174" - } -} \ No newline at end of file diff --git a/bitnami/kiam/4/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/kiam/4/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/kiam/4/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/kiam/4/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/kiam/4/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/kiam/4/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/kiam/4/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/kiam/4/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/kiam/4/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/kiam/4/debian-11/tags-info.yaml b/bitnami/kiam/4/debian-11/tags-info.yaml deleted file mode 100644 index 1273a5b0bdff..000000000000 --- a/bitnami/kiam/4/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "4" -- 4-debian-11 -- 4.2.0 -- latest diff --git a/bitnami/kibana/7/debian-11/Dockerfile b/bitnami/kibana/7/debian-11/Dockerfile deleted file mode 100644 index 2c57f8098366..000000000000 --- a/bitnami/kibana/7/debian-11/Dockerfile +++ /dev/null @@ -1,56 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T07:03:45Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="7.17.18-debian-11-r20" \ - org.opencontainers.image.title="kibana" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="7.17.18" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/kibana/bin:$PATH" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libexpat1 libgcc-s1 libnss3 libstdc++6 procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "yq-4.41.1-0-linux-${OS_ARCH}-debian-11" \ - "kibana-7.17.18-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/kibana/postunpack.sh -ENV APP_VERSION="7.17.18" \ - BITNAMI_APP_NAME="kibana" - -EXPOSE 5601 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/kibana/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/kibana/run.sh" ] diff --git a/bitnami/kibana/7/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/kibana/7/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 0961c589d41c..000000000000 --- a/bitnami/kibana/7/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "kibana": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "7.17.18-1" - }, - "yq": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "4.41.1-0" - } -} \ No newline at end of file diff --git a/bitnami/kibana/7/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/kibana/7/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/kibana/7/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/kibana/7/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/kibana/7/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/kibana/7/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/kibana/7/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/kibana/7/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/kibana/7/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/kibana/7/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/kibana/7/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/kibana/7/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/kibana/7/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/kibana/7/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/kibana/7/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/kibana/7/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/kibana/7/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/kibana/7/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/kibana/7/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/kibana/7/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/kibana/7/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/kibana/7/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/kibana/7/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/kibana/7/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/kibana/7/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/kibana/7/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/kibana/7/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/kibana/7/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/kibana/7/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/kibana/7/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/kibana/7/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/kibana/7/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/kibana/7/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/kibana/7/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/kibana/7/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/kibana/7/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/kibana/7/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/kibana/7/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/kibana/7/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/kibana/7/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/kibana/7/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/kibana/7/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/kibana/7/debian-11/rootfs/opt/bitnami/scripts/kibana-env.sh b/bitnami/kibana/7/debian-11/rootfs/opt/bitnami/scripts/kibana-env.sh deleted file mode 100644 index b77ffd7e476a..000000000000 --- a/bitnami/kibana/7/debian-11/rootfs/opt/bitnami/scripts/kibana-env.sh +++ /dev/null @@ -1,178 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for kibana - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-kibana}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -kibana_env_vars=( - KIBANA_ELASTICSEARCH_URL - KIBANA_ELASTICSEARCH_PORT_NUMBER - KIBANA_HOST - KIBANA_PORT_NUMBER - KIBANA_WAIT_READY_MAX_RETRIES - KIBANA_INITSCRIPTS_START_SERVER - KIBANA_FORCE_INITSCRIPTS - KIBANA_DISABLE_STRICT_CSP - KIBANA_CERTS_DIR - KIBANA_SERVER_ENABLE_TLS - KIBANA_SERVER_KEYSTORE_LOCATION - KIBANA_SERVER_KEYSTORE_PASSWORD - KIBANA_SERVER_TLS_USE_PEM - KIBANA_SERVER_CERT_LOCATION - KIBANA_SERVER_KEY_LOCATION - KIBANA_SERVER_KEY_PASSWORD - KIBANA_PASSWORD - KIBANA_ELASTICSEARCH_ENABLE_TLS - KIBANA_ELASTICSEARCH_TLS_VERIFICATION_MODE - KIBANA_ELASTICSEARCH_TRUSTSTORE_LOCATION - KIBANA_ELASTICSEARCH_TRUSTSTORE_PASSWORD - KIBANA_ELASTICSEARCH_TLS_USE_PEM - KIBANA_ELASTICSEARCH_CA_CERT_LOCATION - KIBANA_DISABLE_STRICT_CSP - KIBANA_CREATE_USER - KIBANA_ELASTICSEARCH_PASSWORD - KIBANA_SERVER_PUBLICBASEURL - KIBANA_XPACK_SECURITY_ENCRYPTIONKEY - KIBANA_XPACK_REPORTING_ENCRYPTIONKEY - KIBANA_NEWSFEED_ENABLED - KIBANA_ELASTICSEARCH_REQUESTTIMEOUT - ELASTICSEARCH_URL - KIBANA_ELASTICSEARCH_PORT_NUMBER - KIBANA_ELASTICSEARCH_PORT - KIBANA_PORT_NUMBER - KIBANA_INITSCRIPTS_MAX_RETRIES -) -for env_var in "${kibana_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset kibana_env_vars -export SERVER_FLAVOR="kibana" - -# Paths -export BITNAMI_VOLUME_DIR="/bitnami" -export KIBANA_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/kibana" -export SERVER_VOLUME_DIR="$KIBANA_VOLUME_DIR" -export KIBANA_BASE_DIR="${BITNAMI_ROOT_DIR}/kibana" -export SERVER_BASE_DIR="$KIBANA_BASE_DIR" -export KIBANA_CONF_DIR="${SERVER_BASE_DIR}/config" -export SERVER_CONF_DIR="$KIBANA_CONF_DIR" -export KIBANA_LOGS_DIR="${SERVER_BASE_DIR}/logs" -export SERVER_LOGS_DIR="$KIBANA_LOGS_DIR" -export KIBANA_TMP_DIR="${SERVER_BASE_DIR}/tmp" -export SERVER_TMP_DIR="$KIBANA_TMP_DIR" -export KIBANA_BIN_DIR="${SERVER_BASE_DIR}/bin" -export SERVER_BIN_DIR="$KIBANA_BIN_DIR" -export KIBANA_PLUGINS_DIR="${SERVER_BASE_DIR}/plugins" -export SERVER_PLUGINS_DIR="$KIBANA_PLUGINS_DIR" -export KIBANA_DATA_DIR="${SERVER_VOLUME_DIR}/data" -export SERVER_DATA_DIR="$KIBANA_DATA_DIR" -export KIBANA_MOUNTED_CONF_DIR="${SERVER_VOLUME_DIR}/conf" -export SERVER_MOUNTED_CONF_DIR="$KIBANA_MOUNTED_CONF_DIR" -export KIBANA_CONF_FILE="${SERVER_CONF_DIR}/kibana.yml" -export SERVER_CONF_FILE="$KIBANA_CONF_FILE" -export KIBANA_LOG_FILE="${SERVER_LOGS_DIR}/kibana.log" -export SERVER_LOG_FILE="$KIBANA_LOG_FILE" -export KIBANA_PID_FILE="${SERVER_TMP_DIR}/kibana.pid" -export SERVER_PID_FILE="$KIBANA_PID_FILE" -export KIBANA_INITSCRIPTS_DIR="/docker-entrypoint-initdb.d" -export SERVER_INITSCRIPTS_DIR="$KIBANA_INITSCRIPTS_DIR" - -# System users (when running with a privileged user) -export KIBANA_DAEMON_USER="kibana" -export SERVER_DAEMON_USER="$KIBANA_DAEMON_USER" -export KIBANA_DAEMON_GROUP="kibana" -export SERVER_DAEMON_GROUP="$KIBANA_DAEMON_GROUP" - -# Kibana configuration -KIBANA_ELASTICSEARCH_URL="${KIBANA_ELASTICSEARCH_URL:-"${ELASTICSEARCH_URL:-}"}" -export KIBANA_ELASTICSEARCH_URL="${KIBANA_ELASTICSEARCH_URL:-elasticsearch}" -export SERVER_DB_URL="$KIBANA_ELASTICSEARCH_URL" -KIBANA_ELASTICSEARCH_PORT_NUMBER="${KIBANA_ELASTICSEARCH_PORT_NUMBER:-"${KIBANA_ELASTICSEARCH_PORT_NUMBER:-}"}" -KIBANA_ELASTICSEARCH_PORT_NUMBER="${KIBANA_ELASTICSEARCH_PORT_NUMBER:-"${KIBANA_ELASTICSEARCH_PORT:-}"}" -KIBANA_ELASTICSEARCH_PORT_NUMBER="${KIBANA_ELASTICSEARCH_PORT_NUMBER:-"${KIBANA_PORT_NUMBER:-}"}" -export KIBANA_ELASTICSEARCH_PORT_NUMBER="${KIBANA_ELASTICSEARCH_PORT_NUMBER:-9200}" -export SERVER_DB_PORT_NUMBER="$KIBANA_ELASTICSEARCH_PORT_NUMBER" -export KIBANA_HOST="${KIBANA_HOST:-0.0.0.0}" -export SERVER_HOST="$KIBANA_HOST" -export KIBANA_PORT_NUMBER="${KIBANA_PORT_NUMBER:-5601}" -export SERVER_PORT_NUMBER="$KIBANA_PORT_NUMBER" -KIBANA_WAIT_READY_MAX_RETRIES="${KIBANA_WAIT_READY_MAX_RETRIES:-"${KIBANA_INITSCRIPTS_MAX_RETRIES:-}"}" -export KIBANA_WAIT_READY_MAX_RETRIES="${KIBANA_WAIT_READY_MAX_RETRIES:-30}" -export SERVER_WAIT_READY_MAX_RETRIES="$KIBANA_WAIT_READY_MAX_RETRIES" -export KIBANA_INITSCRIPTS_START_SERVER="${KIBANA_INITSCRIPTS_START_SERVER:-yes}" -export SERVER_INITSCRIPTS_START_SERVER="$KIBANA_INITSCRIPTS_START_SERVER" -export KIBANA_FORCE_INITSCRIPTS="${KIBANA_FORCE_INITSCRIPTS:-no}" -export SERVER_FORCE_INITSCRIPTS="$KIBANA_FORCE_INITSCRIPTS" -export KIBANA_DISABLE_STRICT_CSP="${KIBANA_DISABLE_STRICT_CSP:-no}" -export SERVER_DISABLE_STRICT_CSP="$KIBANA_DISABLE_STRICT_CSP" - -# Kibana server SSL/TLS configuration -export KIBANA_CERTS_DIR="${KIBANA_CERTS_DIR:-${SERVER_CONF_DIR}/certs}" -export SERVER_CERTS_DIR="$KIBANA_CERTS_DIR" -export KIBANA_SERVER_ENABLE_TLS="${KIBANA_SERVER_ENABLE_TLS:-false}" -export SERVER_ENABLE_TLS="$KIBANA_SERVER_ENABLE_TLS" -export KIBANA_SERVER_KEYSTORE_LOCATION="${KIBANA_SERVER_KEYSTORE_LOCATION:-${SERVER_CERTS_DIR}/server/kibana.keystore.p12}" -export SERVER_KEYSTORE_LOCATION="$KIBANA_SERVER_KEYSTORE_LOCATION" -export KIBANA_SERVER_KEYSTORE_PASSWORD="${KIBANA_SERVER_KEYSTORE_PASSWORD:-}" -export SERVER_KEYSTORE_PASSWORD="$KIBANA_SERVER_KEYSTORE_PASSWORD" -export KIBANA_SERVER_TLS_USE_PEM="${KIBANA_SERVER_TLS_USE_PEM:-false}" -export SERVER_TLS_USE_PEM="$KIBANA_SERVER_TLS_USE_PEM" -export KIBANA_SERVER_CERT_LOCATION="${KIBANA_SERVER_CERT_LOCATION:-${SERVER_CERTS_DIR}/server/tls.crt}" -export SERVER_CERT_LOCATION="$KIBANA_SERVER_CERT_LOCATION" -export KIBANA_SERVER_KEY_LOCATION="${KIBANA_SERVER_KEY_LOCATION:-${SERVER_CERTS_DIR}/server/tls.key}" -export SERVER_KEY_LOCATION="$KIBANA_SERVER_KEY_LOCATION" -export KIBANA_SERVER_KEY_PASSWORD="${KIBANA_SERVER_KEY_PASSWORD:-}" -export SERVER_KEY_PASSWORD="$KIBANA_SERVER_KEY_PASSWORD" - -# Elasticsearch Security configuration -export KIBANA_PASSWORD="${KIBANA_PASSWORD:-}" -export SERVER_PASSWORD="$KIBANA_PASSWORD" -export KIBANA_ELASTICSEARCH_ENABLE_TLS="${KIBANA_ELASTICSEARCH_ENABLE_TLS:-false}" -export SERVER_DB_ENABLE_TLS="$KIBANA_ELASTICSEARCH_ENABLE_TLS" -export KIBANA_ELASTICSEARCH_TLS_VERIFICATION_MODE="${KIBANA_ELASTICSEARCH_TLS_VERIFICATION_MODE:-full}" -export SERVER_DB_TLS_VERIFICATION_MODE="$KIBANA_ELASTICSEARCH_TLS_VERIFICATION_MODE" -export KIBANA_ELASTICSEARCH_TRUSTSTORE_LOCATION="${KIBANA_ELASTICSEARCH_TRUSTSTORE_LOCATION:-${SERVER_CERTS_DIR}/elasticsearch/elasticsearch.truststore.p12}" -export SERVER_DB_TRUSTSTORE_LOCATION="$KIBANA_ELASTICSEARCH_TRUSTSTORE_LOCATION" -export KIBANA_ELASTICSEARCH_TRUSTSTORE_PASSWORD="${KIBANA_ELASTICSEARCH_TRUSTSTORE_PASSWORD:-}" -export SERVER_DB_TRUSTSTORE_PASSWORD="$KIBANA_ELASTICSEARCH_TRUSTSTORE_PASSWORD" -export KIBANA_ELASTICSEARCH_TLS_USE_PEM="${KIBANA_ELASTICSEARCH_TLS_USE_PEM:-false}" -export SERVER_DB_TLS_USE_PEM="$KIBANA_ELASTICSEARCH_TLS_USE_PEM" -export KIBANA_ELASTICSEARCH_CA_CERT_LOCATION="${KIBANA_ELASTICSEARCH_CA_CERT_LOCATION:-${SERVER_CERTS_DIR}/elasticsearch/ca.crt}" -export SERVER_DB_CA_CERT_LOCATION="$KIBANA_ELASTICSEARCH_CA_CERT_LOCATION" -export KIBANA_DISABLE_STRICT_CSP="${KIBANA_DISABLE_STRICT_CSP:-no}" -export KIBANA_CREATE_USER="${KIBANA_CREATE_USER:-false}" -export KIBANA_ELASTICSEARCH_PASSWORD="${KIBANA_ELASTICSEARCH_PASSWORD:-}" -export KIBANA_SERVER_PUBLICBASEURL="${KIBANA_SERVER_PUBLICBASEURL:-}" -export KIBANA_XPACK_SECURITY_ENCRYPTIONKEY="${KIBANA_XPACK_SECURITY_ENCRYPTIONKEY:-}" -export KIBANA_XPACK_REPORTING_ENCRYPTIONKEY="${KIBANA_XPACK_REPORTING_ENCRYPTIONKEY:-}" -export KIBANA_NEWSFEED_ENABLED="${KIBANA_NEWSFEED_ENABLED:-true}" -export KIBANA_ELASTICSEARCH_REQUESTTIMEOUT="${KIBANA_ELASTICSEARCH_REQUESTTIMEOUT:-30000}" - -# Custom environment variables may be defined below diff --git a/bitnami/kibana/7/debian-11/rootfs/opt/bitnami/scripts/kibana/entrypoint.sh b/bitnami/kibana/7/debian-11/rootfs/opt/bitnami/scripts/kibana/entrypoint.sh deleted file mode 100755 index 72c0a8c9c54a..000000000000 --- a/bitnami/kibana/7/debian-11/rootfs/opt/bitnami/scripts/kibana/entrypoint.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace - -# Load libraries -. /opt/bitnami/scripts/libkibana.sh -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -# Load environment -. /opt/bitnami/scripts/kibana-env.sh - -print_welcome_page - -if [[ "$1" = "/opt/bitnami/scripts/kibana/run.sh" ]]; then - info "** Starting Kibana setup **" - /opt/bitnami/scripts/kibana/setup.sh - info "** Kibana setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/kibana/7/debian-11/rootfs/opt/bitnami/scripts/kibana/postunpack.sh b/bitnami/kibana/7/debian-11/rootfs/opt/bitnami/scripts/kibana/postunpack.sh deleted file mode 100755 index 437203e56cff..000000000000 --- a/bitnami/kibana/7/debian-11/rootfs/opt/bitnami/scripts/kibana/postunpack.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace - -# Load libraries -. /opt/bitnami/scripts/libkibana.sh -. /opt/bitnami/scripts/libfs.sh - -# Load environment -. /opt/bitnami/scripts/kibana-env.sh - -for dir in "$SERVER_TMP_DIR" "$SERVER_LOGS_DIR" "$SERVER_CONF_DIR" "$SERVER_PLUGINS_DIR" "$SERVER_VOLUME_DIR" "$SERVER_DATA_DIR" "$SERVER_INITSCRIPTS_DIR"; do - ensure_dir_exists "$dir" - chmod -R ug+rwX "$dir" -done - -kibana_conf_set "path.data" "$SERVER_DATA_DIR" -# For backwards compatibility, create a symlink to the default path -! is_dir_empty "${SERVER_BASE_DIR}/data" || rm -rf "${SERVER_BASE_DIR}/data" && ln -s "$SERVER_DATA_DIR" "${SERVER_BASE_DIR}/data" diff --git a/bitnami/kibana/7/debian-11/rootfs/opt/bitnami/scripts/kibana/run.sh b/bitnami/kibana/7/debian-11/rootfs/opt/bitnami/scripts/kibana/run.sh deleted file mode 100755 index a6007d0b2b45..000000000000 --- a/bitnami/kibana/7/debian-11/rootfs/opt/bitnami/scripts/kibana/run.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace - -# Load libraries -. /opt/bitnami/scripts/libkibana.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh - -# Load environment -. /opt/bitnami/scripts/kibana-env.sh - -info "** Starting Kibana **" -start_command=("${SERVER_BIN_DIR}/kibana" "serve") -if am_i_root; then - exec_as_user "$SERVER_DAEMON_USER" "${start_command[@]}" -else - exec "${start_command[@]}" -fi diff --git a/bitnami/kibana/7/debian-11/rootfs/opt/bitnami/scripts/kibana/setup.sh b/bitnami/kibana/7/debian-11/rootfs/opt/bitnami/scripts/kibana/setup.sh deleted file mode 100755 index ea8570b52bba..000000000000 --- a/bitnami/kibana/7/debian-11/rootfs/opt/bitnami/scripts/kibana/setup.sh +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace - -# Load libraries -. /opt/bitnami/scripts/libkibana.sh -. /opt/bitnami/scripts/libos.sh - -# Load environment -. /opt/bitnami/scripts/kibana-env.sh - -# Ensure kibana environment variables are valid -kibana_validate - -# Ensure 'daemon' user exists when running as 'root' -am_i_root && ensure_user_exists "$SERVER_DAEMON_USER" --group "$SERVER_DAEMON_GROUP" - -# Ensure kibana is initialized -kibana_initialize - -# Create kibana_system user, if necessary -is_boolean_yes "$KIBANA_CREATE_USER" && kibana_create_system_user - -# Ensure custom initialization scripts are executed -kibana_custom_init_scripts diff --git a/bitnami/kibana/7/debian-11/rootfs/opt/bitnami/scripts/libkibana.sh b/bitnami/kibana/7/debian-11/rootfs/opt/bitnami/scripts/libkibana.sh deleted file mode 100644 index 09485fa4f739..000000000000 --- a/bitnami/kibana/7/debian-11/rootfs/opt/bitnami/scripts/libkibana.sh +++ /dev/null @@ -1,540 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Kibana library - -# shellcheck disable=SC1090 -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Set Elasticsearch keystore values -# Globals: -# ELASTICSEARCH_* -# Arguments: -# None -# Returns: -# None -######################### -kibana_set_key_value() { - local key="${1:?missing key}" - local value="${2:?missing value}" - - debug "Storing key: ${key}" - kibana-keystore add --stdin --force "$key" <<<"$value" -} - -######################## -# Waits for Elasticsearch to be available and creates the user 'kibana_user', if it doesn't exists -# Globals: -# KIBANA_* -# Arguments: -# None -# Returns: -# None -######################### -kibana_create_system_user() { - local -r retries="60" - local -r sleep_time="5" - local url - url=$(kibana_sanitize_elasticsearch_hosts "${KIBANA_ELASTICSEARCH_URL}" "${KIBANA_ELASTICSEARCH_PORT_NUMBER}") - check_elasticsearch() { - local status_code="000" - status_code=$(curl -L -s -k -o /dev/null "${url}" -w "%{http_code}") - debug "Attempted to connect with Elasticserach. Status code: $status_code" - # Any status code different to 000 will be considered valid - [[ "$status_code" != "000" ]] - } - - info "Waiting for Elasticsearch to be ready." - # Wait for elasticsearch to be available - if ! retry_while "check_elasticsearch" "$retries" "$sleep_time"; then - error "Timeout waiting for the Elasticsearch to respond" - return 1 - fi - - # Check kibana_system user doesn't exists - status_code=$(curl -L -s -k -o /dev/null -u "kibana_system:${KIBANA_PASSWORD}" "${url}" -w "%{http_code}") - if [[ "$status_code" == "401" ]]; then - info "Setting password for user 'kibana_system'" - curl -L -s -k -o /dev/null -X POST -u "elastic:${KIBANA_ELASTICSEARCH_PASSWORD}" -H "Content-Type: application/json" "${url}/_security/user/kibana_system/_password" -d "{\"password\":\"${KIBANA_PASSWORD}\"}" - status_code=$(curl -L -s -k -o /dev/null -u "kibana_system:${KIBANA_PASSWORD}" "${url}" -w "%{http_code}") - if [[ "$status_code" == "200" ]]; then - info "Password for kibana_system successfully configured" - else - error "An error occurred while configuring kibana_system user" - return 1 - fi - else - info "Skipping 'kibana_system' user creation. User already exists. Status code: ${status_code}" - fi -} - -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Kibana/Opensearch Dashboards common library - -# shellcheck disable=SC1090 -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Validate settings in SERVER_* env vars -# Globals: -# SERVER_* -# Arguments: -# None -# Returns: -# 0 if the validation succeeded, 1 otherwise -######################### -kibana_validate() { - debug "Validating settings in SERVER_* environment variables..." - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - check_multi_value() { - if [[ " ${2} " != *" ${!1} "* ]]; then - print_validation_error "The allowed values for ${1} are: ${2}" - fi - } - check_empty_value() { - if is_empty_value "${!1}"; then - print_validation_error "${1} must be set" - fi - } - # Warn users in case the configuration file is not writable - is_file_writable "$SERVER_CONF_FILE" || warn "The ${SERVER_FLAVOR^} configuration file '${SERVER_CONF_FILE}' is not writable. Configurations based on environment variables will not be applied for this file." - - if [[ "$SERVER_FLAVOR" = "kibana" ]]; then - if is_boolean_yes "$KIBANA_CREATE_USER"; then - if is_empty_value "$KIBANA_PASSWORD"; then - print_validation_error "The variable KIBANA_CREATE_USER is set but no KIBANA_PASSWORD provided for the kibana_system user." - fi - if is_empty_value "$KIBANA_ELASTICSEARCH_PASSWORD"; then - print_validation_error "Password for the 'elastic' user is required in order to create the kibana_system user. Please provide it using the variable KIBANA_ELASTICSEARCH_PASSWORD." - fi - fi - fi - - # User inputs - check_empty_value "SERVER_DB_URL" - check_empty_value "SERVER_HOST" - for var in "SERVER_DB_PORT_NUMBER" "SERVER_PORT_NUMBER"; do - if ! err=$(validate_port "${!var}"); then - print_validation_error "An invalid port was specified in the environment variable $var: $err" - fi - done - - if is_boolean_yes "$SERVER_ENABLE_TLS"; then - if is_boolean_yes "$SERVER_TLS_USE_PEM"; then - if [[ ! -f "$SERVER_CERT_LOCATION" ]] || [[ ! -f "$SERVER_KEY_LOCATION" ]]; then - print_validation_error "In order to configure the TLS encryption for ${SERVER_FLAVOR^} server using PEM certs you must provide your a valid key and certificate." - fi - elif [[ ! -f "$SERVER_KEYSTORE_LOCATION" ]]; then - print_validation_error "In order to configure the TLS encryption for ${SERVER_FLAVOR^} server using PKCS12 certs you must mount a valid keystore." - fi - fi - - if is_boolean_yes "$SERVER_DB_ENABLE_TLS"; then - check_multi_value "SERVER_DB_TLS_VERIFICATION_MODE" "full certificate none" - if [[ "$SERVER_DB_TLS_VERIFICATION_MODE" != "none" ]];then - if is_boolean_yes "$SERVER_DB_TLS_USE_PEM"; then - if [[ ! -f "$SERVER_DB_CA_CERT_LOCATION" ]]; then - print_validation_error "In order to connect to Elasticsearch via HTTPS, a valid CA certificate is required." - fi - elif [[ ! -f "$SERVER_DB_TRUSTSTORE_LOCATION" ]]; then - print_validation_error "In order to connect to Elasticsearch via HTTPS, a valid PKCS12 truststore is required." - fi - fi - fi - - [[ "$error_code" -eq 0 ]] || exit "$error_code" -} - -######################## -# Configure/initialize Kibana/Dashboards -# Globals: -# SERVER_* -# Arguments: -# None -# Returns: -# None -######################### -kibana_initialize() { - info "Configuring/Initializing ${SERVER_FLAVOR^}..." - - debug "Ensuring expected directories/files exist..." - for dir in "$SERVER_TMP_DIR" "$SERVER_LOGS_DIR" "$SERVER_CONF_DIR" "$SERVER_DATA_DIR"; do - ensure_dir_exists "$dir" - am_i_root && chown -R "$SERVER_DAEMON_USER:$SERVER_DAEMON_GROUP" "$dir" - done - - if is_file_writable "$SERVER_CONF_FILE"; then - local dbFlavor="elasticsearch" - [[ "$SERVER_FLAVOR" = "opensearch-dashboards" ]] && dbFlavor="opensearch" - if is_mounted_dir_empty "$SERVER_MOUNTED_CONF_DIR"; then - info "Setting default configuration" - kibana_conf_set "pid.file" "$SERVER_PID_FILE" - kibana_conf_set "server.host" "$SERVER_HOST" - kibana_conf_set "server.port" "$SERVER_PORT_NUMBER" "int" - kibana_conf_set "${dbFlavor}.hosts" "$(kibana_sanitize_elasticsearch_hosts "${SERVER_DB_URL}" "${SERVER_DB_PORT_NUMBER}")" - - else - info "Found mounted configuration directory" - if ! cp -Lr "$SERVER_MOUNTED_CONF_DIR"/* "$SERVER_CONF_DIR"; then - error "Issue copying mounted configuration files from $SERVER_MOUNTED_CONF_DIR to $SERVER_CONF_DIR. Make sure you are not mounting configuration files in $SERVER_CONF_DIR and $SERVER_MOUNTED_CONF_DIR at the same time" - exit 1 - fi - fi - # Kibana override configuration - if [[ "$SERVER_FLAVOR" = "kibana" ]]; then - if is_boolean_yes "$KIBANA_DISABLE_STRICT_CSP"; then - kibana_conf_set "csp.strict" "false" "bool" - fi - if ! is_empty_value "$KIBANA_SERVER_PUBLICBASEURL"; then - kibana_conf_set "server.publicBaseUrl" "$KIBANA_SERVER_PUBLICBASEURL" - fi - if ! is_empty_value "$KIBANA_XPACK_SECURITY_ENCRYPTIONKEY"; then - kibana_conf_set "xpack.security.encryptionKey" "$KIBANA_XPACK_SECURITY_ENCRYPTIONKEY" - fi - if ! is_empty_value "$KIBANA_XPACK_REPORTING_ENCRYPTIONKEY"; then - kibana_conf_set "xpack.reporting.encryptionKey" "$KIBANA_XPACK_REPORTING_ENCRYPTIONKEY" - fi - if ! is_boolean_yes "$KIBANA_NEWSFEED_ENABLED"; then - kibana_conf_set "newsfeed.enabled" "false" "bool" - fi - if [[ "$KIBANA_ELASTICSEARCH_REQUESTTIMEOUT" != "30000" ]]; then - kibana_conf_set "elasticsearch.requestTimeout" "$KIBANA_ELASTICSEARCH_REQUESTTIMEOUT" - fi - fi - - # Configure Elasticsearch/Opensearch authentication - if ! is_empty_value "$SERVER_PASSWORD"; then - local user="kibana_system" - [[ "$SERVER_FLAVOR" = "opensearch-dashboards" ]] && user="kibanaserver" - kibana_conf_set "${dbFlavor}.username" "$user" - kibana_conf_set "${dbFlavor}.password" "$SERVER_PASSWORD" - elif [[ "$SERVER_FLAVOR" = "opensearch-dashboards" ]]; then - info "Security settings not provided, removing plugin" - opensearch-dashboards-plugin remove securityDashboards - replace_in_file "$SERVER_CONF_FILE" "^opensearch_security\." "#opensearch_security." - fi - - # Configure Webserver TLS settings (Client -> Kibana/Dashboards) - if is_boolean_yes "$SERVER_ENABLE_TLS"; then - kibana_conf_set "server.ssl.enabled" "true" "bool" - [[ "$SERVER_FLAVOR" = "opensearch-dashboards" ]] && kibana_conf_set "opensearch_security.cookie.secure" "true" "bool" - if is_boolean_yes "$SERVER_TLS_USE_PEM"; then - kibana_conf_set "server.ssl.certificate" "$SERVER_CERT_LOCATION" - kibana_conf_set "server.ssl.key" "$SERVER_KEY_LOCATION" - if ! is_empty_value "$SERVER_KEY_PASSWORD"; then - if [[ "$SERVER_FLAVOR" = "opensearch-dashboards" ]]; then - kibana_conf_set "server.ssl.keyPassphrase" "$SERVER_KEY_PASSWORD" - else - kibana_set_key_value "server.ssl.keyPassphrase" "$SERVER_KEY_PASSWORD" - fi - fi - else - kibana_conf_set "server.ssl.keystore.path" "$SERVER_KEYSTORE_LOCATION" - if ! is_empty_value "$SERVER_KEYSTORE_PASSWORD"; then - if [[ "$SERVER_FLAVOR" = "opensearch-dashboards" ]]; then - kibana_conf_set "server.ssl.keystore.password" "$SERVER_KEY_PASSWORD" - else - kibana_set_key_value "server.ssl.keystore.password" "$SERVER_KEY_PASSWORD" - fi - fi - fi - fi - - # Configure Database TLS settings (Kibana/Dashboards -> Elasticsearch/Opensearch) - if is_boolean_yes "$SERVER_DB_ENABLE_TLS"; then - kibana_conf_set "${dbFlavor}.ssl.verificationMode" "$SERVER_DB_TLS_VERIFICATION_MODE" - if [[ "$SERVER_DB_TLS_VERIFICATION_MODE" != "none" ]];then - if is_boolean_yes "$SERVER_DB_TLS_USE_PEM"; then - kibana_conf_set "${dbFlavor}.ssl.certificateAuthorities" "$SERVER_DB_CA_CERT_LOCATION" - else - kibana_conf_set "${dbFlavor}.ssl.truststore.path" "$SERVER_DB_TRUSTSTORE_LOCATION" - if ! is_empty_value "$SERVER_DB_TRUSTSTORE_PASSWORD"; then - if [[ "$SERVER_FLAVOR" = "opensearch-dashboards" ]]; then - kibana_conf_set "${dbFlavor}.ssl.truststore.password" "$SERVER_DB_TRUSTSTORE_PASSWORD" - else - kibana_set_key_value "${dbFlavor}.ssl.truststore.password" "$SERVER_DB_TRUSTSTORE_PASSWORD" - fi - fi - fi - fi - fi - fi -} - -######################## -# Write a configuration setting value -# Globals: -# SERVER_CONF_FILE -# Arguments: -# $1 - key -# $2 - value -# $3 - YAML type (string, int or bool) -# Returns: -# None -######################### -kibana_conf_set() { - local -r key="${1:?Missing key}" - local -r value="${2:-}" - local -r type="${3:-string}" - local -r tempfile=$(mktemp) - - case "$type" in - string) - yq eval "(.${key}) |= \"${value}\"" "$SERVER_CONF_FILE" >"$tempfile" - ;; - int) - yq eval "(.${key}) |= ${value}" "$SERVER_CONF_FILE" >"$tempfile" - ;; - bool) - yq eval "(.${key}) |= (\"${value}\" | test(\"true\"))" "$SERVER_CONF_FILE" >"$tempfile" - ;; - *) - error "Type unknown: ${type}" - return 1 - ;; - esac - cp "$tempfile" "$SERVER_CONF_FILE" -} - -######################## -# Read a configuration setting value -# Globals: -# SERVER_CONF_FILE -# Arguments: -# $1 - key -# Returns: -# Outputs the key to stdout (Empty response if key is not set) -######################### -kibana_conf_get() { - local key="${1:?missing key}" - - if [[ -r "$SERVER_CONF_FILE" ]]; then - local -r res="$(yq eval ".${key}" "$SERVER_CONF_FILE")" - if [[ ! "$res" = "null" ]]; then - echo "$res" - fi - fi -} - -######################## -# Configure/initialize Kibana/Dashboards -# For backwards compatibility, it is allowed to specify the host and port in -# different env-vars and this function will build the correct url. -# Globals: -# SERVER_* -# Arguments: -# $1 - hostUrl -# $2 - port -# Returns: -# None -######################### -kibana_sanitize_elasticsearch_hosts() { - local -r hostUrl="${1:?missing hostUrl}" - local -r port="${2:?missing port}" - local scheme - - if is_boolean_yes "$SERVER_DB_ENABLE_TLS"; then - scheme="https" - else - scheme="http" - fi - - if grep -q -E "^https?://[^:]+:[0-9]+$" <<<"$hostUrl"; then # i.e. http://localhost:9200 - echo "${hostUrl}" - elif grep -q -E "^https?://[^:]+$" <<<"$hostUrl"; then # i.e. http://localhost - echo "${hostUrl}:${port}" - elif grep -q -E "^[^:]+:[0-9]+$" <<<"$hostUrl"; then # i.e. localhost:9200 - echo "${scheme}://${hostUrl}" - else # i.e. localhost - echo "${scheme}://${hostUrl}:${port}" - fi -} - -######################## -# Check if Kibana/Dashboards is running -# Globals: -# SERVER_* -# Arguments: -# None -# Returns: -# Boolean -######################### -is_kibana_running() { - local pid - pid="$(get_pid_from_file "${SERVER_PID_FILE}")" - - if [[ -z "$pid" ]]; then - false - else - is_service_running "$pid" - fi -} - -######################## -# Check if Kibana/Dashboards is not running -# Globals: -# SERVER_* -# Arguments: -# None -# Returns: -# Boolean -######################### -is_kibana_not_running() { - ! is_kibana_running -} - -######################## -# Check if Kibana/Dashboards is ready -# Globals: -# SERVER_* -# Arguments: -# None -# Returns: -# Boolean -######################### -is_kibana_ready() { - local basePath - local rewriteBasePath - local scheme="http" - local opts=() - rewriteBasePath=$(kibana_conf_get "server.rewriteBasePath") - # The default value for is 'server.rewriteBasePath' is 'true' when ommited.' - # Therefore, we must check the value is not 'true' - ! is_boolean_yes "$rewriteBasePath" && basePath=$(kibana_conf_get "server.basePath") - - [[ "$SERVER_FLAVOR" = "opensearch-dashboards" ]] && ! is_empty_value "$SERVER_PASSWORD" && opts+=("-u" "kibanaserver:${SERVER_PASSWORD}") - if is_boolean_yes "$SERVER_DB_ENABLE_TLS"; then - scheme="https" - opts+=("-k") - fi - if is_kibana_running; then - # Kibana 7 and Opensearch expects .status.overall.state to be 'green', while 8 expects .status.overall.level to be 'available' - local -r status="$(yq eval '.status.overall | pick(["state", "level"]) | .[]' - <<<"$(curl -s "${opts[@]}" "${scheme}://127.0.0.1:${SERVER_PORT_NUMBER}${basePath}/api/status")")" - [[ "$status" = "green" || "$status" = "available" ]] && return - else - false - fi -} - -######################## -# Wait until Kibana/Dashboards is ready -# Globals: -# SERVER_* -# Arguments: -# None -# Returns: -# Boolean -######################### -wait_for_kibana_ready() { - info "Waiting for ${SERVER_FLAVOR^} to be started and ready" - retries="$SERVER_WAIT_READY_MAX_RETRIES" - until is_kibana_ready || [[ "$retries" -eq 0 ]]; do - debug "Waiting for ${SERVER_FLAVOR^} server: $((retries--)) remaining attempts..." - sleep 2 - done - if [[ "$retries" -eq 0 ]]; then - error "${SERVER_FLAVOR^} is not available after ${SERVER_WAIT_READY_MAX_RETRIES} retries" - if [[ -r "${SERVER_LOGS_DIR}/init_scripts_start.log" ]]; then - info "Dumping ${SERVER_LOGS_DIR}/init_scripts_start.log for additional diagnostics..." - cat "${SERVER_LOGS_DIR}/init_scripts_start.log" - fi - exit 1 - fi -} - -######################## -# Start Kibana/Dashboards in background mode -# Globals: -# SERVER_* -# Arguments: -# Extra arguments to pass to the command (optional array) -# Returns: -# None -######################### -kibana_start_bg() { - local extra_args=("${@}") - - info "Starting ${SERVER_FLAVOR^} in background" - local start_command=("${SERVER_BIN_DIR}/${SERVER_FLAVOR}" "serve" "${extra_args[@]}") - am_i_root && start_command=("run_as_user" "$SERVER_DAEMON_USER" "${start_command[@]}") - debug_execute "${start_command[@]}" & -} - -######################## -# Run custom initialization scripts -# Globals: -# SERVER_* -# Arguments: -# None -# Returns: -# None -######################### -kibana_custom_init_scripts() { - read -r -a init_scripts <<<"$(find "$SERVER_INITSCRIPTS_DIR" -type f -name "*.sh" -print0 | xargs -0)" - if [[ "${#init_scripts[@]}" -gt 0 ]] && [[ ! -f "$SERVER_VOLUME_DIR"/.user_scripts_initialized ]] || is_boolean_yes "$SERVER_FORCE_INITSCRIPTS"; then - if is_boolean_yes "$SERVER_FORCE_INITSCRIPTS"; then - info "Forcing execution of user files" - fi - - if is_boolean_yes "${SERVER_INITSCRIPTS_START_SERVER}"; then - # Binding to localhost to not give false positives for external connections - kibana_start_bg "--host" "127.0.0.1" "--log-file" "${SERVER_LOGS_DIR}/init_scripts_start.log" - wait_for_kibana_ready - fi - - info "Loading user's custom files from $SERVER_INITSCRIPTS_DIR" - for f in "${init_scripts[@]}"; do - debug "Executing $f" - case "$f" in - *.sh) - if [[ -x "$f" ]]; then - if ! "$f"; then - error "Failed executing $f" - return 1 - fi - else - warn "Sourcing $f as it is not executable by the current user, any error may cause initialization to fail" - . "$f" - fi - ;; - *) - warn "Skipping $f, supported formats are: .sh" - ;; - esac - done - touch "$SERVER_VOLUME_DIR"/.user_scripts_initialized - - is_kibana_running && stop_service_using_pid "$SERVER_PID_FILE" - retry_while "is_kibana_not_running" - fi -} diff --git a/bitnami/kibana/7/debian-11/tags-info.yaml b/bitnami/kibana/7/debian-11/tags-info.yaml deleted file mode 100644 index 8f5f9baf2f60..000000000000 --- a/bitnami/kibana/7/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "7" -- 7-debian-11 -- 7.17.18 diff --git a/bitnami/kibana/8/debian-11/Dockerfile b/bitnami/kibana/8/debian-11/Dockerfile deleted file mode 100644 index ca2f4005ff52..000000000000 --- a/bitnami/kibana/8/debian-11/Dockerfile +++ /dev/null @@ -1,56 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T07:15:21Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="8.12.1-debian-11-r19" \ - org.opencontainers.image.title="kibana" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="8.12.1" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/kibana/bin:$PATH" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libexpat1 libgcc-s1 libnss3 libstdc++6 procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "yq-4.41.1-0-linux-${OS_ARCH}-debian-11" \ - "kibana-8.12.1-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/kibana/postunpack.sh -ENV APP_VERSION="8.12.1" \ - BITNAMI_APP_NAME="kibana" - -EXPOSE 5601 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/kibana/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/kibana/run.sh" ] diff --git a/bitnami/kibana/8/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/kibana/8/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index eec55da10918..000000000000 --- a/bitnami/kibana/8/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "kibana": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "8.12.1-1" - }, - "yq": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "4.41.1-0" - } -} \ No newline at end of file diff --git a/bitnami/kibana/8/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/kibana/8/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/kibana/8/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/kibana/8/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/kibana/8/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/kibana/8/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/kibana/8/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/kibana/8/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/kibana/8/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/kibana/8/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/kibana/8/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/kibana/8/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/kibana/8/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/kibana/8/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/kibana/8/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/kibana/8/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/kibana/8/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/kibana/8/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/kibana/8/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/kibana/8/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/kibana/8/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/kibana/8/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/kibana/8/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/kibana/8/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/kibana/8/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/kibana/8/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/kibana/8/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/kibana/8/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/kibana/8/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/kibana/8/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/kibana/8/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/kibana/8/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/kibana/8/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/kibana/8/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/kibana/8/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/kibana/8/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/kibana/8/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/kibana/8/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/kibana/8/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/kibana/8/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/kibana/8/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/kibana/8/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/kibana/8/debian-11/rootfs/opt/bitnami/scripts/kibana-env.sh b/bitnami/kibana/8/debian-11/rootfs/opt/bitnami/scripts/kibana-env.sh deleted file mode 100644 index b77ffd7e476a..000000000000 --- a/bitnami/kibana/8/debian-11/rootfs/opt/bitnami/scripts/kibana-env.sh +++ /dev/null @@ -1,178 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for kibana - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-kibana}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -kibana_env_vars=( - KIBANA_ELASTICSEARCH_URL - KIBANA_ELASTICSEARCH_PORT_NUMBER - KIBANA_HOST - KIBANA_PORT_NUMBER - KIBANA_WAIT_READY_MAX_RETRIES - KIBANA_INITSCRIPTS_START_SERVER - KIBANA_FORCE_INITSCRIPTS - KIBANA_DISABLE_STRICT_CSP - KIBANA_CERTS_DIR - KIBANA_SERVER_ENABLE_TLS - KIBANA_SERVER_KEYSTORE_LOCATION - KIBANA_SERVER_KEYSTORE_PASSWORD - KIBANA_SERVER_TLS_USE_PEM - KIBANA_SERVER_CERT_LOCATION - KIBANA_SERVER_KEY_LOCATION - KIBANA_SERVER_KEY_PASSWORD - KIBANA_PASSWORD - KIBANA_ELASTICSEARCH_ENABLE_TLS - KIBANA_ELASTICSEARCH_TLS_VERIFICATION_MODE - KIBANA_ELASTICSEARCH_TRUSTSTORE_LOCATION - KIBANA_ELASTICSEARCH_TRUSTSTORE_PASSWORD - KIBANA_ELASTICSEARCH_TLS_USE_PEM - KIBANA_ELASTICSEARCH_CA_CERT_LOCATION - KIBANA_DISABLE_STRICT_CSP - KIBANA_CREATE_USER - KIBANA_ELASTICSEARCH_PASSWORD - KIBANA_SERVER_PUBLICBASEURL - KIBANA_XPACK_SECURITY_ENCRYPTIONKEY - KIBANA_XPACK_REPORTING_ENCRYPTIONKEY - KIBANA_NEWSFEED_ENABLED - KIBANA_ELASTICSEARCH_REQUESTTIMEOUT - ELASTICSEARCH_URL - KIBANA_ELASTICSEARCH_PORT_NUMBER - KIBANA_ELASTICSEARCH_PORT - KIBANA_PORT_NUMBER - KIBANA_INITSCRIPTS_MAX_RETRIES -) -for env_var in "${kibana_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset kibana_env_vars -export SERVER_FLAVOR="kibana" - -# Paths -export BITNAMI_VOLUME_DIR="/bitnami" -export KIBANA_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/kibana" -export SERVER_VOLUME_DIR="$KIBANA_VOLUME_DIR" -export KIBANA_BASE_DIR="${BITNAMI_ROOT_DIR}/kibana" -export SERVER_BASE_DIR="$KIBANA_BASE_DIR" -export KIBANA_CONF_DIR="${SERVER_BASE_DIR}/config" -export SERVER_CONF_DIR="$KIBANA_CONF_DIR" -export KIBANA_LOGS_DIR="${SERVER_BASE_DIR}/logs" -export SERVER_LOGS_DIR="$KIBANA_LOGS_DIR" -export KIBANA_TMP_DIR="${SERVER_BASE_DIR}/tmp" -export SERVER_TMP_DIR="$KIBANA_TMP_DIR" -export KIBANA_BIN_DIR="${SERVER_BASE_DIR}/bin" -export SERVER_BIN_DIR="$KIBANA_BIN_DIR" -export KIBANA_PLUGINS_DIR="${SERVER_BASE_DIR}/plugins" -export SERVER_PLUGINS_DIR="$KIBANA_PLUGINS_DIR" -export KIBANA_DATA_DIR="${SERVER_VOLUME_DIR}/data" -export SERVER_DATA_DIR="$KIBANA_DATA_DIR" -export KIBANA_MOUNTED_CONF_DIR="${SERVER_VOLUME_DIR}/conf" -export SERVER_MOUNTED_CONF_DIR="$KIBANA_MOUNTED_CONF_DIR" -export KIBANA_CONF_FILE="${SERVER_CONF_DIR}/kibana.yml" -export SERVER_CONF_FILE="$KIBANA_CONF_FILE" -export KIBANA_LOG_FILE="${SERVER_LOGS_DIR}/kibana.log" -export SERVER_LOG_FILE="$KIBANA_LOG_FILE" -export KIBANA_PID_FILE="${SERVER_TMP_DIR}/kibana.pid" -export SERVER_PID_FILE="$KIBANA_PID_FILE" -export KIBANA_INITSCRIPTS_DIR="/docker-entrypoint-initdb.d" -export SERVER_INITSCRIPTS_DIR="$KIBANA_INITSCRIPTS_DIR" - -# System users (when running with a privileged user) -export KIBANA_DAEMON_USER="kibana" -export SERVER_DAEMON_USER="$KIBANA_DAEMON_USER" -export KIBANA_DAEMON_GROUP="kibana" -export SERVER_DAEMON_GROUP="$KIBANA_DAEMON_GROUP" - -# Kibana configuration -KIBANA_ELASTICSEARCH_URL="${KIBANA_ELASTICSEARCH_URL:-"${ELASTICSEARCH_URL:-}"}" -export KIBANA_ELASTICSEARCH_URL="${KIBANA_ELASTICSEARCH_URL:-elasticsearch}" -export SERVER_DB_URL="$KIBANA_ELASTICSEARCH_URL" -KIBANA_ELASTICSEARCH_PORT_NUMBER="${KIBANA_ELASTICSEARCH_PORT_NUMBER:-"${KIBANA_ELASTICSEARCH_PORT_NUMBER:-}"}" -KIBANA_ELASTICSEARCH_PORT_NUMBER="${KIBANA_ELASTICSEARCH_PORT_NUMBER:-"${KIBANA_ELASTICSEARCH_PORT:-}"}" -KIBANA_ELASTICSEARCH_PORT_NUMBER="${KIBANA_ELASTICSEARCH_PORT_NUMBER:-"${KIBANA_PORT_NUMBER:-}"}" -export KIBANA_ELASTICSEARCH_PORT_NUMBER="${KIBANA_ELASTICSEARCH_PORT_NUMBER:-9200}" -export SERVER_DB_PORT_NUMBER="$KIBANA_ELASTICSEARCH_PORT_NUMBER" -export KIBANA_HOST="${KIBANA_HOST:-0.0.0.0}" -export SERVER_HOST="$KIBANA_HOST" -export KIBANA_PORT_NUMBER="${KIBANA_PORT_NUMBER:-5601}" -export SERVER_PORT_NUMBER="$KIBANA_PORT_NUMBER" -KIBANA_WAIT_READY_MAX_RETRIES="${KIBANA_WAIT_READY_MAX_RETRIES:-"${KIBANA_INITSCRIPTS_MAX_RETRIES:-}"}" -export KIBANA_WAIT_READY_MAX_RETRIES="${KIBANA_WAIT_READY_MAX_RETRIES:-30}" -export SERVER_WAIT_READY_MAX_RETRIES="$KIBANA_WAIT_READY_MAX_RETRIES" -export KIBANA_INITSCRIPTS_START_SERVER="${KIBANA_INITSCRIPTS_START_SERVER:-yes}" -export SERVER_INITSCRIPTS_START_SERVER="$KIBANA_INITSCRIPTS_START_SERVER" -export KIBANA_FORCE_INITSCRIPTS="${KIBANA_FORCE_INITSCRIPTS:-no}" -export SERVER_FORCE_INITSCRIPTS="$KIBANA_FORCE_INITSCRIPTS" -export KIBANA_DISABLE_STRICT_CSP="${KIBANA_DISABLE_STRICT_CSP:-no}" -export SERVER_DISABLE_STRICT_CSP="$KIBANA_DISABLE_STRICT_CSP" - -# Kibana server SSL/TLS configuration -export KIBANA_CERTS_DIR="${KIBANA_CERTS_DIR:-${SERVER_CONF_DIR}/certs}" -export SERVER_CERTS_DIR="$KIBANA_CERTS_DIR" -export KIBANA_SERVER_ENABLE_TLS="${KIBANA_SERVER_ENABLE_TLS:-false}" -export SERVER_ENABLE_TLS="$KIBANA_SERVER_ENABLE_TLS" -export KIBANA_SERVER_KEYSTORE_LOCATION="${KIBANA_SERVER_KEYSTORE_LOCATION:-${SERVER_CERTS_DIR}/server/kibana.keystore.p12}" -export SERVER_KEYSTORE_LOCATION="$KIBANA_SERVER_KEYSTORE_LOCATION" -export KIBANA_SERVER_KEYSTORE_PASSWORD="${KIBANA_SERVER_KEYSTORE_PASSWORD:-}" -export SERVER_KEYSTORE_PASSWORD="$KIBANA_SERVER_KEYSTORE_PASSWORD" -export KIBANA_SERVER_TLS_USE_PEM="${KIBANA_SERVER_TLS_USE_PEM:-false}" -export SERVER_TLS_USE_PEM="$KIBANA_SERVER_TLS_USE_PEM" -export KIBANA_SERVER_CERT_LOCATION="${KIBANA_SERVER_CERT_LOCATION:-${SERVER_CERTS_DIR}/server/tls.crt}" -export SERVER_CERT_LOCATION="$KIBANA_SERVER_CERT_LOCATION" -export KIBANA_SERVER_KEY_LOCATION="${KIBANA_SERVER_KEY_LOCATION:-${SERVER_CERTS_DIR}/server/tls.key}" -export SERVER_KEY_LOCATION="$KIBANA_SERVER_KEY_LOCATION" -export KIBANA_SERVER_KEY_PASSWORD="${KIBANA_SERVER_KEY_PASSWORD:-}" -export SERVER_KEY_PASSWORD="$KIBANA_SERVER_KEY_PASSWORD" - -# Elasticsearch Security configuration -export KIBANA_PASSWORD="${KIBANA_PASSWORD:-}" -export SERVER_PASSWORD="$KIBANA_PASSWORD" -export KIBANA_ELASTICSEARCH_ENABLE_TLS="${KIBANA_ELASTICSEARCH_ENABLE_TLS:-false}" -export SERVER_DB_ENABLE_TLS="$KIBANA_ELASTICSEARCH_ENABLE_TLS" -export KIBANA_ELASTICSEARCH_TLS_VERIFICATION_MODE="${KIBANA_ELASTICSEARCH_TLS_VERIFICATION_MODE:-full}" -export SERVER_DB_TLS_VERIFICATION_MODE="$KIBANA_ELASTICSEARCH_TLS_VERIFICATION_MODE" -export KIBANA_ELASTICSEARCH_TRUSTSTORE_LOCATION="${KIBANA_ELASTICSEARCH_TRUSTSTORE_LOCATION:-${SERVER_CERTS_DIR}/elasticsearch/elasticsearch.truststore.p12}" -export SERVER_DB_TRUSTSTORE_LOCATION="$KIBANA_ELASTICSEARCH_TRUSTSTORE_LOCATION" -export KIBANA_ELASTICSEARCH_TRUSTSTORE_PASSWORD="${KIBANA_ELASTICSEARCH_TRUSTSTORE_PASSWORD:-}" -export SERVER_DB_TRUSTSTORE_PASSWORD="$KIBANA_ELASTICSEARCH_TRUSTSTORE_PASSWORD" -export KIBANA_ELASTICSEARCH_TLS_USE_PEM="${KIBANA_ELASTICSEARCH_TLS_USE_PEM:-false}" -export SERVER_DB_TLS_USE_PEM="$KIBANA_ELASTICSEARCH_TLS_USE_PEM" -export KIBANA_ELASTICSEARCH_CA_CERT_LOCATION="${KIBANA_ELASTICSEARCH_CA_CERT_LOCATION:-${SERVER_CERTS_DIR}/elasticsearch/ca.crt}" -export SERVER_DB_CA_CERT_LOCATION="$KIBANA_ELASTICSEARCH_CA_CERT_LOCATION" -export KIBANA_DISABLE_STRICT_CSP="${KIBANA_DISABLE_STRICT_CSP:-no}" -export KIBANA_CREATE_USER="${KIBANA_CREATE_USER:-false}" -export KIBANA_ELASTICSEARCH_PASSWORD="${KIBANA_ELASTICSEARCH_PASSWORD:-}" -export KIBANA_SERVER_PUBLICBASEURL="${KIBANA_SERVER_PUBLICBASEURL:-}" -export KIBANA_XPACK_SECURITY_ENCRYPTIONKEY="${KIBANA_XPACK_SECURITY_ENCRYPTIONKEY:-}" -export KIBANA_XPACK_REPORTING_ENCRYPTIONKEY="${KIBANA_XPACK_REPORTING_ENCRYPTIONKEY:-}" -export KIBANA_NEWSFEED_ENABLED="${KIBANA_NEWSFEED_ENABLED:-true}" -export KIBANA_ELASTICSEARCH_REQUESTTIMEOUT="${KIBANA_ELASTICSEARCH_REQUESTTIMEOUT:-30000}" - -# Custom environment variables may be defined below diff --git a/bitnami/kibana/8/debian-11/rootfs/opt/bitnami/scripts/kibana/entrypoint.sh b/bitnami/kibana/8/debian-11/rootfs/opt/bitnami/scripts/kibana/entrypoint.sh deleted file mode 100755 index 72c0a8c9c54a..000000000000 --- a/bitnami/kibana/8/debian-11/rootfs/opt/bitnami/scripts/kibana/entrypoint.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace - -# Load libraries -. /opt/bitnami/scripts/libkibana.sh -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -# Load environment -. /opt/bitnami/scripts/kibana-env.sh - -print_welcome_page - -if [[ "$1" = "/opt/bitnami/scripts/kibana/run.sh" ]]; then - info "** Starting Kibana setup **" - /opt/bitnami/scripts/kibana/setup.sh - info "** Kibana setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/kibana/8/debian-11/rootfs/opt/bitnami/scripts/kibana/postunpack.sh b/bitnami/kibana/8/debian-11/rootfs/opt/bitnami/scripts/kibana/postunpack.sh deleted file mode 100755 index 437203e56cff..000000000000 --- a/bitnami/kibana/8/debian-11/rootfs/opt/bitnami/scripts/kibana/postunpack.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace - -# Load libraries -. /opt/bitnami/scripts/libkibana.sh -. /opt/bitnami/scripts/libfs.sh - -# Load environment -. /opt/bitnami/scripts/kibana-env.sh - -for dir in "$SERVER_TMP_DIR" "$SERVER_LOGS_DIR" "$SERVER_CONF_DIR" "$SERVER_PLUGINS_DIR" "$SERVER_VOLUME_DIR" "$SERVER_DATA_DIR" "$SERVER_INITSCRIPTS_DIR"; do - ensure_dir_exists "$dir" - chmod -R ug+rwX "$dir" -done - -kibana_conf_set "path.data" "$SERVER_DATA_DIR" -# For backwards compatibility, create a symlink to the default path -! is_dir_empty "${SERVER_BASE_DIR}/data" || rm -rf "${SERVER_BASE_DIR}/data" && ln -s "$SERVER_DATA_DIR" "${SERVER_BASE_DIR}/data" diff --git a/bitnami/kibana/8/debian-11/rootfs/opt/bitnami/scripts/kibana/run.sh b/bitnami/kibana/8/debian-11/rootfs/opt/bitnami/scripts/kibana/run.sh deleted file mode 100755 index a6007d0b2b45..000000000000 --- a/bitnami/kibana/8/debian-11/rootfs/opt/bitnami/scripts/kibana/run.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace - -# Load libraries -. /opt/bitnami/scripts/libkibana.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh - -# Load environment -. /opt/bitnami/scripts/kibana-env.sh - -info "** Starting Kibana **" -start_command=("${SERVER_BIN_DIR}/kibana" "serve") -if am_i_root; then - exec_as_user "$SERVER_DAEMON_USER" "${start_command[@]}" -else - exec "${start_command[@]}" -fi diff --git a/bitnami/kibana/8/debian-11/rootfs/opt/bitnami/scripts/kibana/setup.sh b/bitnami/kibana/8/debian-11/rootfs/opt/bitnami/scripts/kibana/setup.sh deleted file mode 100755 index ea8570b52bba..000000000000 --- a/bitnami/kibana/8/debian-11/rootfs/opt/bitnami/scripts/kibana/setup.sh +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace - -# Load libraries -. /opt/bitnami/scripts/libkibana.sh -. /opt/bitnami/scripts/libos.sh - -# Load environment -. /opt/bitnami/scripts/kibana-env.sh - -# Ensure kibana environment variables are valid -kibana_validate - -# Ensure 'daemon' user exists when running as 'root' -am_i_root && ensure_user_exists "$SERVER_DAEMON_USER" --group "$SERVER_DAEMON_GROUP" - -# Ensure kibana is initialized -kibana_initialize - -# Create kibana_system user, if necessary -is_boolean_yes "$KIBANA_CREATE_USER" && kibana_create_system_user - -# Ensure custom initialization scripts are executed -kibana_custom_init_scripts diff --git a/bitnami/kibana/8/debian-11/rootfs/opt/bitnami/scripts/libkibana.sh b/bitnami/kibana/8/debian-11/rootfs/opt/bitnami/scripts/libkibana.sh deleted file mode 100644 index 09485fa4f739..000000000000 --- a/bitnami/kibana/8/debian-11/rootfs/opt/bitnami/scripts/libkibana.sh +++ /dev/null @@ -1,540 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Kibana library - -# shellcheck disable=SC1090 -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Set Elasticsearch keystore values -# Globals: -# ELASTICSEARCH_* -# Arguments: -# None -# Returns: -# None -######################### -kibana_set_key_value() { - local key="${1:?missing key}" - local value="${2:?missing value}" - - debug "Storing key: ${key}" - kibana-keystore add --stdin --force "$key" <<<"$value" -} - -######################## -# Waits for Elasticsearch to be available and creates the user 'kibana_user', if it doesn't exists -# Globals: -# KIBANA_* -# Arguments: -# None -# Returns: -# None -######################### -kibana_create_system_user() { - local -r retries="60" - local -r sleep_time="5" - local url - url=$(kibana_sanitize_elasticsearch_hosts "${KIBANA_ELASTICSEARCH_URL}" "${KIBANA_ELASTICSEARCH_PORT_NUMBER}") - check_elasticsearch() { - local status_code="000" - status_code=$(curl -L -s -k -o /dev/null "${url}" -w "%{http_code}") - debug "Attempted to connect with Elasticserach. Status code: $status_code" - # Any status code different to 000 will be considered valid - [[ "$status_code" != "000" ]] - } - - info "Waiting for Elasticsearch to be ready." - # Wait for elasticsearch to be available - if ! retry_while "check_elasticsearch" "$retries" "$sleep_time"; then - error "Timeout waiting for the Elasticsearch to respond" - return 1 - fi - - # Check kibana_system user doesn't exists - status_code=$(curl -L -s -k -o /dev/null -u "kibana_system:${KIBANA_PASSWORD}" "${url}" -w "%{http_code}") - if [[ "$status_code" == "401" ]]; then - info "Setting password for user 'kibana_system'" - curl -L -s -k -o /dev/null -X POST -u "elastic:${KIBANA_ELASTICSEARCH_PASSWORD}" -H "Content-Type: application/json" "${url}/_security/user/kibana_system/_password" -d "{\"password\":\"${KIBANA_PASSWORD}\"}" - status_code=$(curl -L -s -k -o /dev/null -u "kibana_system:${KIBANA_PASSWORD}" "${url}" -w "%{http_code}") - if [[ "$status_code" == "200" ]]; then - info "Password for kibana_system successfully configured" - else - error "An error occurred while configuring kibana_system user" - return 1 - fi - else - info "Skipping 'kibana_system' user creation. User already exists. Status code: ${status_code}" - fi -} - -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Kibana/Opensearch Dashboards common library - -# shellcheck disable=SC1090 -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Validate settings in SERVER_* env vars -# Globals: -# SERVER_* -# Arguments: -# None -# Returns: -# 0 if the validation succeeded, 1 otherwise -######################### -kibana_validate() { - debug "Validating settings in SERVER_* environment variables..." - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - check_multi_value() { - if [[ " ${2} " != *" ${!1} "* ]]; then - print_validation_error "The allowed values for ${1} are: ${2}" - fi - } - check_empty_value() { - if is_empty_value "${!1}"; then - print_validation_error "${1} must be set" - fi - } - # Warn users in case the configuration file is not writable - is_file_writable "$SERVER_CONF_FILE" || warn "The ${SERVER_FLAVOR^} configuration file '${SERVER_CONF_FILE}' is not writable. Configurations based on environment variables will not be applied for this file." - - if [[ "$SERVER_FLAVOR" = "kibana" ]]; then - if is_boolean_yes "$KIBANA_CREATE_USER"; then - if is_empty_value "$KIBANA_PASSWORD"; then - print_validation_error "The variable KIBANA_CREATE_USER is set but no KIBANA_PASSWORD provided for the kibana_system user." - fi - if is_empty_value "$KIBANA_ELASTICSEARCH_PASSWORD"; then - print_validation_error "Password for the 'elastic' user is required in order to create the kibana_system user. Please provide it using the variable KIBANA_ELASTICSEARCH_PASSWORD." - fi - fi - fi - - # User inputs - check_empty_value "SERVER_DB_URL" - check_empty_value "SERVER_HOST" - for var in "SERVER_DB_PORT_NUMBER" "SERVER_PORT_NUMBER"; do - if ! err=$(validate_port "${!var}"); then - print_validation_error "An invalid port was specified in the environment variable $var: $err" - fi - done - - if is_boolean_yes "$SERVER_ENABLE_TLS"; then - if is_boolean_yes "$SERVER_TLS_USE_PEM"; then - if [[ ! -f "$SERVER_CERT_LOCATION" ]] || [[ ! -f "$SERVER_KEY_LOCATION" ]]; then - print_validation_error "In order to configure the TLS encryption for ${SERVER_FLAVOR^} server using PEM certs you must provide your a valid key and certificate." - fi - elif [[ ! -f "$SERVER_KEYSTORE_LOCATION" ]]; then - print_validation_error "In order to configure the TLS encryption for ${SERVER_FLAVOR^} server using PKCS12 certs you must mount a valid keystore." - fi - fi - - if is_boolean_yes "$SERVER_DB_ENABLE_TLS"; then - check_multi_value "SERVER_DB_TLS_VERIFICATION_MODE" "full certificate none" - if [[ "$SERVER_DB_TLS_VERIFICATION_MODE" != "none" ]];then - if is_boolean_yes "$SERVER_DB_TLS_USE_PEM"; then - if [[ ! -f "$SERVER_DB_CA_CERT_LOCATION" ]]; then - print_validation_error "In order to connect to Elasticsearch via HTTPS, a valid CA certificate is required." - fi - elif [[ ! -f "$SERVER_DB_TRUSTSTORE_LOCATION" ]]; then - print_validation_error "In order to connect to Elasticsearch via HTTPS, a valid PKCS12 truststore is required." - fi - fi - fi - - [[ "$error_code" -eq 0 ]] || exit "$error_code" -} - -######################## -# Configure/initialize Kibana/Dashboards -# Globals: -# SERVER_* -# Arguments: -# None -# Returns: -# None -######################### -kibana_initialize() { - info "Configuring/Initializing ${SERVER_FLAVOR^}..." - - debug "Ensuring expected directories/files exist..." - for dir in "$SERVER_TMP_DIR" "$SERVER_LOGS_DIR" "$SERVER_CONF_DIR" "$SERVER_DATA_DIR"; do - ensure_dir_exists "$dir" - am_i_root && chown -R "$SERVER_DAEMON_USER:$SERVER_DAEMON_GROUP" "$dir" - done - - if is_file_writable "$SERVER_CONF_FILE"; then - local dbFlavor="elasticsearch" - [[ "$SERVER_FLAVOR" = "opensearch-dashboards" ]] && dbFlavor="opensearch" - if is_mounted_dir_empty "$SERVER_MOUNTED_CONF_DIR"; then - info "Setting default configuration" - kibana_conf_set "pid.file" "$SERVER_PID_FILE" - kibana_conf_set "server.host" "$SERVER_HOST" - kibana_conf_set "server.port" "$SERVER_PORT_NUMBER" "int" - kibana_conf_set "${dbFlavor}.hosts" "$(kibana_sanitize_elasticsearch_hosts "${SERVER_DB_URL}" "${SERVER_DB_PORT_NUMBER}")" - - else - info "Found mounted configuration directory" - if ! cp -Lr "$SERVER_MOUNTED_CONF_DIR"/* "$SERVER_CONF_DIR"; then - error "Issue copying mounted configuration files from $SERVER_MOUNTED_CONF_DIR to $SERVER_CONF_DIR. Make sure you are not mounting configuration files in $SERVER_CONF_DIR and $SERVER_MOUNTED_CONF_DIR at the same time" - exit 1 - fi - fi - # Kibana override configuration - if [[ "$SERVER_FLAVOR" = "kibana" ]]; then - if is_boolean_yes "$KIBANA_DISABLE_STRICT_CSP"; then - kibana_conf_set "csp.strict" "false" "bool" - fi - if ! is_empty_value "$KIBANA_SERVER_PUBLICBASEURL"; then - kibana_conf_set "server.publicBaseUrl" "$KIBANA_SERVER_PUBLICBASEURL" - fi - if ! is_empty_value "$KIBANA_XPACK_SECURITY_ENCRYPTIONKEY"; then - kibana_conf_set "xpack.security.encryptionKey" "$KIBANA_XPACK_SECURITY_ENCRYPTIONKEY" - fi - if ! is_empty_value "$KIBANA_XPACK_REPORTING_ENCRYPTIONKEY"; then - kibana_conf_set "xpack.reporting.encryptionKey" "$KIBANA_XPACK_REPORTING_ENCRYPTIONKEY" - fi - if ! is_boolean_yes "$KIBANA_NEWSFEED_ENABLED"; then - kibana_conf_set "newsfeed.enabled" "false" "bool" - fi - if [[ "$KIBANA_ELASTICSEARCH_REQUESTTIMEOUT" != "30000" ]]; then - kibana_conf_set "elasticsearch.requestTimeout" "$KIBANA_ELASTICSEARCH_REQUESTTIMEOUT" - fi - fi - - # Configure Elasticsearch/Opensearch authentication - if ! is_empty_value "$SERVER_PASSWORD"; then - local user="kibana_system" - [[ "$SERVER_FLAVOR" = "opensearch-dashboards" ]] && user="kibanaserver" - kibana_conf_set "${dbFlavor}.username" "$user" - kibana_conf_set "${dbFlavor}.password" "$SERVER_PASSWORD" - elif [[ "$SERVER_FLAVOR" = "opensearch-dashboards" ]]; then - info "Security settings not provided, removing plugin" - opensearch-dashboards-plugin remove securityDashboards - replace_in_file "$SERVER_CONF_FILE" "^opensearch_security\." "#opensearch_security." - fi - - # Configure Webserver TLS settings (Client -> Kibana/Dashboards) - if is_boolean_yes "$SERVER_ENABLE_TLS"; then - kibana_conf_set "server.ssl.enabled" "true" "bool" - [[ "$SERVER_FLAVOR" = "opensearch-dashboards" ]] && kibana_conf_set "opensearch_security.cookie.secure" "true" "bool" - if is_boolean_yes "$SERVER_TLS_USE_PEM"; then - kibana_conf_set "server.ssl.certificate" "$SERVER_CERT_LOCATION" - kibana_conf_set "server.ssl.key" "$SERVER_KEY_LOCATION" - if ! is_empty_value "$SERVER_KEY_PASSWORD"; then - if [[ "$SERVER_FLAVOR" = "opensearch-dashboards" ]]; then - kibana_conf_set "server.ssl.keyPassphrase" "$SERVER_KEY_PASSWORD" - else - kibana_set_key_value "server.ssl.keyPassphrase" "$SERVER_KEY_PASSWORD" - fi - fi - else - kibana_conf_set "server.ssl.keystore.path" "$SERVER_KEYSTORE_LOCATION" - if ! is_empty_value "$SERVER_KEYSTORE_PASSWORD"; then - if [[ "$SERVER_FLAVOR" = "opensearch-dashboards" ]]; then - kibana_conf_set "server.ssl.keystore.password" "$SERVER_KEY_PASSWORD" - else - kibana_set_key_value "server.ssl.keystore.password" "$SERVER_KEY_PASSWORD" - fi - fi - fi - fi - - # Configure Database TLS settings (Kibana/Dashboards -> Elasticsearch/Opensearch) - if is_boolean_yes "$SERVER_DB_ENABLE_TLS"; then - kibana_conf_set "${dbFlavor}.ssl.verificationMode" "$SERVER_DB_TLS_VERIFICATION_MODE" - if [[ "$SERVER_DB_TLS_VERIFICATION_MODE" != "none" ]];then - if is_boolean_yes "$SERVER_DB_TLS_USE_PEM"; then - kibana_conf_set "${dbFlavor}.ssl.certificateAuthorities" "$SERVER_DB_CA_CERT_LOCATION" - else - kibana_conf_set "${dbFlavor}.ssl.truststore.path" "$SERVER_DB_TRUSTSTORE_LOCATION" - if ! is_empty_value "$SERVER_DB_TRUSTSTORE_PASSWORD"; then - if [[ "$SERVER_FLAVOR" = "opensearch-dashboards" ]]; then - kibana_conf_set "${dbFlavor}.ssl.truststore.password" "$SERVER_DB_TRUSTSTORE_PASSWORD" - else - kibana_set_key_value "${dbFlavor}.ssl.truststore.password" "$SERVER_DB_TRUSTSTORE_PASSWORD" - fi - fi - fi - fi - fi - fi -} - -######################## -# Write a configuration setting value -# Globals: -# SERVER_CONF_FILE -# Arguments: -# $1 - key -# $2 - value -# $3 - YAML type (string, int or bool) -# Returns: -# None -######################### -kibana_conf_set() { - local -r key="${1:?Missing key}" - local -r value="${2:-}" - local -r type="${3:-string}" - local -r tempfile=$(mktemp) - - case "$type" in - string) - yq eval "(.${key}) |= \"${value}\"" "$SERVER_CONF_FILE" >"$tempfile" - ;; - int) - yq eval "(.${key}) |= ${value}" "$SERVER_CONF_FILE" >"$tempfile" - ;; - bool) - yq eval "(.${key}) |= (\"${value}\" | test(\"true\"))" "$SERVER_CONF_FILE" >"$tempfile" - ;; - *) - error "Type unknown: ${type}" - return 1 - ;; - esac - cp "$tempfile" "$SERVER_CONF_FILE" -} - -######################## -# Read a configuration setting value -# Globals: -# SERVER_CONF_FILE -# Arguments: -# $1 - key -# Returns: -# Outputs the key to stdout (Empty response if key is not set) -######################### -kibana_conf_get() { - local key="${1:?missing key}" - - if [[ -r "$SERVER_CONF_FILE" ]]; then - local -r res="$(yq eval ".${key}" "$SERVER_CONF_FILE")" - if [[ ! "$res" = "null" ]]; then - echo "$res" - fi - fi -} - -######################## -# Configure/initialize Kibana/Dashboards -# For backwards compatibility, it is allowed to specify the host and port in -# different env-vars and this function will build the correct url. -# Globals: -# SERVER_* -# Arguments: -# $1 - hostUrl -# $2 - port -# Returns: -# None -######################### -kibana_sanitize_elasticsearch_hosts() { - local -r hostUrl="${1:?missing hostUrl}" - local -r port="${2:?missing port}" - local scheme - - if is_boolean_yes "$SERVER_DB_ENABLE_TLS"; then - scheme="https" - else - scheme="http" - fi - - if grep -q -E "^https?://[^:]+:[0-9]+$" <<<"$hostUrl"; then # i.e. http://localhost:9200 - echo "${hostUrl}" - elif grep -q -E "^https?://[^:]+$" <<<"$hostUrl"; then # i.e. http://localhost - echo "${hostUrl}:${port}" - elif grep -q -E "^[^:]+:[0-9]+$" <<<"$hostUrl"; then # i.e. localhost:9200 - echo "${scheme}://${hostUrl}" - else # i.e. localhost - echo "${scheme}://${hostUrl}:${port}" - fi -} - -######################## -# Check if Kibana/Dashboards is running -# Globals: -# SERVER_* -# Arguments: -# None -# Returns: -# Boolean -######################### -is_kibana_running() { - local pid - pid="$(get_pid_from_file "${SERVER_PID_FILE}")" - - if [[ -z "$pid" ]]; then - false - else - is_service_running "$pid" - fi -} - -######################## -# Check if Kibana/Dashboards is not running -# Globals: -# SERVER_* -# Arguments: -# None -# Returns: -# Boolean -######################### -is_kibana_not_running() { - ! is_kibana_running -} - -######################## -# Check if Kibana/Dashboards is ready -# Globals: -# SERVER_* -# Arguments: -# None -# Returns: -# Boolean -######################### -is_kibana_ready() { - local basePath - local rewriteBasePath - local scheme="http" - local opts=() - rewriteBasePath=$(kibana_conf_get "server.rewriteBasePath") - # The default value for is 'server.rewriteBasePath' is 'true' when ommited.' - # Therefore, we must check the value is not 'true' - ! is_boolean_yes "$rewriteBasePath" && basePath=$(kibana_conf_get "server.basePath") - - [[ "$SERVER_FLAVOR" = "opensearch-dashboards" ]] && ! is_empty_value "$SERVER_PASSWORD" && opts+=("-u" "kibanaserver:${SERVER_PASSWORD}") - if is_boolean_yes "$SERVER_DB_ENABLE_TLS"; then - scheme="https" - opts+=("-k") - fi - if is_kibana_running; then - # Kibana 7 and Opensearch expects .status.overall.state to be 'green', while 8 expects .status.overall.level to be 'available' - local -r status="$(yq eval '.status.overall | pick(["state", "level"]) | .[]' - <<<"$(curl -s "${opts[@]}" "${scheme}://127.0.0.1:${SERVER_PORT_NUMBER}${basePath}/api/status")")" - [[ "$status" = "green" || "$status" = "available" ]] && return - else - false - fi -} - -######################## -# Wait until Kibana/Dashboards is ready -# Globals: -# SERVER_* -# Arguments: -# None -# Returns: -# Boolean -######################### -wait_for_kibana_ready() { - info "Waiting for ${SERVER_FLAVOR^} to be started and ready" - retries="$SERVER_WAIT_READY_MAX_RETRIES" - until is_kibana_ready || [[ "$retries" -eq 0 ]]; do - debug "Waiting for ${SERVER_FLAVOR^} server: $((retries--)) remaining attempts..." - sleep 2 - done - if [[ "$retries" -eq 0 ]]; then - error "${SERVER_FLAVOR^} is not available after ${SERVER_WAIT_READY_MAX_RETRIES} retries" - if [[ -r "${SERVER_LOGS_DIR}/init_scripts_start.log" ]]; then - info "Dumping ${SERVER_LOGS_DIR}/init_scripts_start.log for additional diagnostics..." - cat "${SERVER_LOGS_DIR}/init_scripts_start.log" - fi - exit 1 - fi -} - -######################## -# Start Kibana/Dashboards in background mode -# Globals: -# SERVER_* -# Arguments: -# Extra arguments to pass to the command (optional array) -# Returns: -# None -######################### -kibana_start_bg() { - local extra_args=("${@}") - - info "Starting ${SERVER_FLAVOR^} in background" - local start_command=("${SERVER_BIN_DIR}/${SERVER_FLAVOR}" "serve" "${extra_args[@]}") - am_i_root && start_command=("run_as_user" "$SERVER_DAEMON_USER" "${start_command[@]}") - debug_execute "${start_command[@]}" & -} - -######################## -# Run custom initialization scripts -# Globals: -# SERVER_* -# Arguments: -# None -# Returns: -# None -######################### -kibana_custom_init_scripts() { - read -r -a init_scripts <<<"$(find "$SERVER_INITSCRIPTS_DIR" -type f -name "*.sh" -print0 | xargs -0)" - if [[ "${#init_scripts[@]}" -gt 0 ]] && [[ ! -f "$SERVER_VOLUME_DIR"/.user_scripts_initialized ]] || is_boolean_yes "$SERVER_FORCE_INITSCRIPTS"; then - if is_boolean_yes "$SERVER_FORCE_INITSCRIPTS"; then - info "Forcing execution of user files" - fi - - if is_boolean_yes "${SERVER_INITSCRIPTS_START_SERVER}"; then - # Binding to localhost to not give false positives for external connections - kibana_start_bg "--host" "127.0.0.1" "--log-file" "${SERVER_LOGS_DIR}/init_scripts_start.log" - wait_for_kibana_ready - fi - - info "Loading user's custom files from $SERVER_INITSCRIPTS_DIR" - for f in "${init_scripts[@]}"; do - debug "Executing $f" - case "$f" in - *.sh) - if [[ -x "$f" ]]; then - if ! "$f"; then - error "Failed executing $f" - return 1 - fi - else - warn "Sourcing $f as it is not executable by the current user, any error may cause initialization to fail" - . "$f" - fi - ;; - *) - warn "Skipping $f, supported formats are: .sh" - ;; - esac - done - touch "$SERVER_VOLUME_DIR"/.user_scripts_initialized - - is_kibana_running && stop_service_using_pid "$SERVER_PID_FILE" - retry_while "is_kibana_not_running" - fi -} diff --git a/bitnami/kibana/8/debian-11/tags-info.yaml b/bitnami/kibana/8/debian-11/tags-info.yaml deleted file mode 100644 index 9be5f685ddf2..000000000000 --- a/bitnami/kibana/8/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "8" -- 8-debian-11 -- 8.12.1 -- latest diff --git a/bitnami/kong-ingress-controller/2/debian-11/Dockerfile b/bitnami/kong-ingress-controller/2/debian-11/Dockerfile deleted file mode 100644 index b8174d16d1eb..000000000000 --- a/bitnami/kong-ingress-controller/2/debian-11/Dockerfile +++ /dev/null @@ -1,53 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T07:20:58Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="2.12.3-debian-11-r24" \ - org.opencontainers.image.title="kong-ingress-controller" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="2.12.3" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "wait-for-port-1.0.7-9-linux-${OS_ARCH}-debian-11" \ - "kong-ingress-controller-2.12.3-5-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="2.12.3" \ - BITNAMI_APP_NAME="kong-ingress-controller" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/kong-ingress-controller/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "kong-ingress-controller" ] -CMD [ "--help" ] diff --git a/bitnami/kong-ingress-controller/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/kong-ingress-controller/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 55529e1b94c9..000000000000 --- a/bitnami/kong-ingress-controller/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "kong-ingress-controller": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.12.3-5" - }, - "wait-for-port": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.7-9" - } -} \ No newline at end of file diff --git a/bitnami/kong-ingress-controller/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/kong-ingress-controller/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/kong-ingress-controller/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/kong-ingress-controller/2/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/kong-ingress-controller/2/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/kong-ingress-controller/2/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/kong-ingress-controller/2/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/kong-ingress-controller/2/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/kong-ingress-controller/2/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/kong-ingress-controller/2/debian-11/tags-info.yaml b/bitnami/kong-ingress-controller/2/debian-11/tags-info.yaml deleted file mode 100644 index 496575a86686..000000000000 --- a/bitnami/kong-ingress-controller/2/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "2" -- 2-debian-11 -- 2.12.3 diff --git a/bitnami/kong-ingress-controller/3/debian-11/Dockerfile b/bitnami/kong-ingress-controller/3/debian-11/Dockerfile deleted file mode 100644 index 6bb6f36af2f1..000000000000 --- a/bitnami/kong-ingress-controller/3/debian-11/Dockerfile +++ /dev/null @@ -1,53 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T07:31:04Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="3.1.0-debian-11-r18" \ - org.opencontainers.image.title="kong-ingress-controller" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="3.1.0" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "wait-for-port-1.0.7-9-linux-${OS_ARCH}-debian-11" \ - "kong-ingress-controller-3.1.0-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="3.1.0" \ - BITNAMI_APP_NAME="kong-ingress-controller" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/kong-ingress-controller/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "kong-ingress-controller" ] -CMD [ "--help" ] diff --git a/bitnami/kong-ingress-controller/3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/kong-ingress-controller/3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index f43ba3750113..000000000000 --- a/bitnami/kong-ingress-controller/3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "kong-ingress-controller": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.1.0-1" - }, - "wait-for-port": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.7-9" - } -} \ No newline at end of file diff --git a/bitnami/kong-ingress-controller/3/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/kong-ingress-controller/3/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/kong-ingress-controller/3/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/kong-ingress-controller/3/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/kong-ingress-controller/3/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/kong-ingress-controller/3/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/kong-ingress-controller/3/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/kong-ingress-controller/3/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/kong-ingress-controller/3/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/kong-ingress-controller/3/debian-11/tags-info.yaml b/bitnami/kong-ingress-controller/3/debian-11/tags-info.yaml deleted file mode 100644 index 15db7f979ad1..000000000000 --- a/bitnami/kong-ingress-controller/3/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "3" -- 3-debian-11 -- 3.1.0 -- latest diff --git a/bitnami/kong/3/debian-11/Dockerfile b/bitnami/kong/3/debian-11/Dockerfile deleted file mode 100644 index 37756ad53022..000000000000 --- a/bitnami/kong/3/debian-11/Dockerfile +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-01-29T09:30:13Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="3.5.0-debian-11-r4" \ - org.opencontainers.image.title="kong" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="3.5.0" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libcrypt1 libgeoip1 libpcre3 libprotobuf-dev libssl1.1 perl procps zlib1g zlib1g-dev -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "render-template-1.0.6-5-linux-${OS_ARCH}-debian-11" \ - "nginx-1.25.3-2-linux-${OS_ARCH}-debian-11" \ - "kong-3.5.0-2-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/kong/postunpack.sh -ENV APP_VERSION="3.5.0" \ - BITNAMI_APP_NAME="kong" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/nginx/sbin:/opt/bitnami/kong/bin:/opt/bitnami/kong/luarocks/bin:/opt/bitnami/kong/openresty/bin:/opt/bitnami/kong/openresty/luajit/bin:/opt/bitnami/kong/openresty/nginx/sbin:$PATH" - -EXPOSE 8000 8001 8443 8444 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/kong/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/kong/run.sh" ] diff --git a/bitnami/kong/3/debian-11/docker-compose.yml b/bitnami/kong/3/debian-11/docker-compose.yml deleted file mode 100644 index 3b075b4bd279..000000000000 --- a/bitnami/kong/3/debian-11/docker-compose.yml +++ /dev/null @@ -1,25 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' -services: - postgresql: - image: docker.io/bitnami/postgresql:14 - volumes: - - postgresql_data:/bitnami/postgresql - environment: - - POSTGRESQL_USERNAME=kong - - POSTGRESQL_PASSWORD=bitnami - - POSTGRESQL_DATABASE=kong - kong: - image: docker.io/bitnami/kong:3 - ports: - - 8000:8000 - - 8443:8443 - environment: - - KONG_MIGRATE=yes - - KONG_PG_HOST=postgresql - - KONG_PG_PASSWORD=bitnami -volumes: - postgresql_data: - driver: local diff --git a/bitnami/kong/3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/kong/3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 20967163b3e3..000000000000 --- a/bitnami/kong/3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "kong": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.5.0-2" - }, - "nginx": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.25.3-2" - }, - "render-template": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.6-5" - } -} \ No newline at end of file diff --git a/bitnami/kong/3/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/kong/3/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/kong/3/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/kong/3/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/kong/3/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/kong/3/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/kong/3/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/kong/3/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/kong/3/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/kong/3/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/kong/3/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/kong/3/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/kong/3/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/kong/3/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/kong/3/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/kong/3/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/kong/3/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/kong/3/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/kong/3/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/kong/3/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/kong/3/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/kong/3/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/kong/3/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/kong/3/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/kong/3/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/kong/3/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/kong/3/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/kong/3/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/kong/3/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/kong/3/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/kong/3/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/kong/3/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/kong/3/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/kong/3/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/kong/3/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/kong/3/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/kong/3/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/kong/3/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/kong/3/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/kong/3/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/kong/3/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/kong/3/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/kong/3/debian-11/rootfs/opt/bitnami/scripts/kong-env.sh b/bitnami/kong/3/debian-11/rootfs/opt/bitnami/scripts/kong-env.sh deleted file mode 100644 index 2647eb90686f..000000000000 --- a/bitnami/kong/3/debian-11/rootfs/opt/bitnami/scripts/kong-env.sh +++ /dev/null @@ -1,91 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for kong - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-kong}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -kong_env_vars=( - KONG_MIGRATE - KONG_EXIT_AFTER_MIGRATE - KONG_PROXY_LISTEN_ADDRESS - KONG_PROXY_HTTP_PORT_NUMBER - KONG_PROXY_HTTPS_PORT_NUMBER - KONG_ADMIN_LISTEN_ADDRESS - KONG_ADMIN_HTTP_PORT_NUMBER - KONG_ADMIN_HTTPS_PORT_NUMBER - KONG_NGINX_DAEMON - KONG_PROXY_LISTEN - KONG_PROXY_LISTEN_OVERRIDE - KONG_ADMIN_LISTEN - KONG_ADMIN_LISTEN_OVERRIDE - KONG_DATABASE - KONG_PG_PASSWORD -) -for env_var in "${kong_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset kong_env_vars - -# Paths -export KONG_BASE_DIR="${BITNAMI_ROOT_DIR}/kong" -export KONG_CONF_DIR="${KONG_BASE_DIR}/conf" -export KONG_CONF_FILE="${KONG_CONF_DIR}/kong.conf" -export KONG_DEFAULT_CONF_FILE="${KONG_CONF_DIR}/kong.conf.default" -export KONG_INITSCRIPTS_DIR="/docker-entrypoint-initdb.d" -export KONG_SERVER_DIR="${KONG_BASE_DIR}/server" -export KONG_LOGS_DIR="${KONG_SERVER_DIR}/logs" -export PATH="${KONG_BASE_DIR}/bin:${KONG_BASE_DIR}/openresty/bin:${KONG_BASE_DIR}/openresty/nginx/sbin:${KONG_BASE_DIR}/luarocks/bin:${PATH}" - -# System users (when running with a privileged user) -export KONG_DAEMON_USER="kong" -export KONG_DAEMON_GROUP="kong" - -# Kong cluster creation settings -export KONG_MIGRATE="${KONG_MIGRATE:-no}" -export KONG_EXIT_AFTER_MIGRATE="${KONG_EXIT_AFTER_MIGRATE:-no}" - -# Kong interface settings -export KONG_PROXY_LISTEN_ADDRESS="${KONG_PROXY_LISTEN_ADDRESS:-0.0.0.0}" -export KONG_PROXY_HTTP_PORT_NUMBER="${KONG_PROXY_HTTP_PORT_NUMBER:-8000}" -export KONG_PROXY_HTTPS_PORT_NUMBER="${KONG_PROXY_HTTPS_PORT_NUMBER:-8443}" -export KONG_ADMIN_LISTEN_ADDRESS="${KONG_ADMIN_LISTEN_ADDRESS:-0.0.0.0}" -export KONG_ADMIN_HTTP_PORT_NUMBER="${KONG_ADMIN_HTTP_PORT_NUMBER:-8001}" -export KONG_ADMIN_HTTPS_PORT_NUMBER="${KONG_ADMIN_HTTPS_PORT_NUMBER:-8444}" - -# Kong native settings -export KONG_NGINX_DAEMON="${KONG_NGINX_DAEMON:-off}" -export KONG_PROXY_LISTEN="${KONG_PROXY_LISTEN:-${KONG_PROXY_LISTEN_ADDRESS}:${KONG_PROXY_HTTP_PORT_NUMBER}, ${KONG_PROXY_LISTEN_ADDRESS}:${KONG_PROXY_HTTPS_PORT_NUMBER} ssl}" -export KONG_PROXY_LISTEN_OVERRIDE="${KONG_PROXY_LISTEN_OVERRIDE:-no}" -export KONG_ADMIN_LISTEN="${KONG_ADMIN_LISTEN:-${KONG_ADMIN_LISTEN_ADDRESS}:${KONG_ADMIN_HTTP_PORT_NUMBER}, ${KONG_ADMIN_LISTEN_ADDRESS}:${KONG_ADMIN_HTTPS_PORT_NUMBER} ssl}" -export KONG_ADMIN_LISTEN_OVERRIDE="${KONG_ADMIN_LISTEN_OVERRIDE:-no}" -export KONG_DATABASE="${KONG_DATABASE:-postgres}" -export KONG_PG_PASSWORD="${KONG_PG_PASSWORD:-}" - -# Custom environment variables may be defined below diff --git a/bitnami/kong/3/debian-11/rootfs/opt/bitnami/scripts/kong/entrypoint.sh b/bitnami/kong/3/debian-11/rootfs/opt/bitnami/scripts/kong/entrypoint.sh deleted file mode 100755 index fcce9604c854..000000000000 --- a/bitnami/kong/3/debian-11/rootfs/opt/bitnami/scripts/kong/entrypoint.sh +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -#set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libkong.sh - -. /opt/bitnami/scripts/kong-env.sh - -print_welcome_page - -if [[ "$*" = *"/opt/bitnami/scripts/kong/run.sh"* ]]; then - info "** Starting Kong setup **" - /opt/bitnami/scripts/kong/setup.sh - info "** Kong setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/kong/3/debian-11/rootfs/opt/bitnami/scripts/kong/postunpack.sh b/bitnami/kong/3/debian-11/rootfs/opt/bitnami/scripts/kong/postunpack.sh deleted file mode 100755 index 3e8277460a5b..000000000000 --- a/bitnami/kong/3/debian-11/rootfs/opt/bitnami/scripts/kong/postunpack.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libkong.sh - -# Load Kong environment variables -. /opt/bitnami/scripts/kong-env.sh - -# Ensure users and groups used by Kong exist -ensure_user_exists "$KONG_DAEMON_USER" --group "$KONG_DAEMON_GROUP" -# Ensure directories used by Kong exist and have proper permissions -ensure_dir_exists "$KONG_SERVER_DIR" -ensure_dir_exists "$KONG_INITSCRIPTS_DIR" -chmod -R g+rwX "$KONG_SERVER_DIR" "$KONG_CONF_DIR" -# Copy configuration file and set default values -cp "$KONG_DEFAULT_CONF_FILE" "$KONG_CONF_FILE" -kong_conf_set prefix "$KONG_SERVER_DIR" -kong_conf_set nginx_daemon off -kong_conf_set nginx_user "$KONG_DAEMON_USER" -kong_configure_non_empty_values -install_opentelemetry diff --git a/bitnami/kong/3/debian-11/rootfs/opt/bitnami/scripts/kong/run.sh b/bitnami/kong/3/debian-11/rootfs/opt/bitnami/scripts/kong/run.sh deleted file mode 100755 index 2b94210e3a68..000000000000 --- a/bitnami/kong/3/debian-11/rootfs/opt/bitnami/scripts/kong/run.sh +++ /dev/null @@ -1,37 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libkong.sh - -# Load Kong environment variables -. /opt/bitnami/scripts/kong-env.sh - -# In case we are working with root containers, we need to set the KONG_NGINX_USER environment variable -# before running Kong - -if am_i_root && [[ -z "${KONG_NGINX_USER:-}" ]]; then - export KONG_NGINX_USER="${KONG_DAEMON_USER} ${KONG_DAEMON_GROUP}" -fi - -if is_boolean_yes "$KONG_EXIT_AFTER_MIGRATE"; then - info "** Container configured to just perform the database migration (KONG_EXIT_AFTER_MIGRATE=yes). Exiting now **" - exit 0 -else - info "** Starting Kong **" - if am_i_root; then - exec_as_user "$KONG_DAEMON_USER" kong start - else - exec kong start - fi -fi diff --git a/bitnami/kong/3/debian-11/rootfs/opt/bitnami/scripts/kong/setup.sh b/bitnami/kong/3/debian-11/rootfs/opt/bitnami/scripts/kong/setup.sh deleted file mode 100755 index d2f8a27d8321..000000000000 --- a/bitnami/kong/3/debian-11/rootfs/opt/bitnami/scripts/kong/setup.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libkong.sh - -# Load Kong environment variables -. /opt/bitnami/scripts/kong-env.sh - -# Ensure Kong environment variables are valid -kong_validate -# Ensure file ownership is correct -am_i_root && chown -R "$KONG_DAEMON_USER":"$KONG_DAEMON_GROUP" "$KONG_SERVER_DIR" "$KONG_CONF_DIR" -# Ensure Kong is initialized -kong_initialize -# Allow running custom initialization scripts -kong_custom_init_scripts diff --git a/bitnami/kong/3/debian-11/rootfs/opt/bitnami/scripts/libkong.sh b/bitnami/kong/3/debian-11/rootfs/opt/bitnami/scripts/libkong.sh deleted file mode 100644 index 40621df30fb2..000000000000 --- a/bitnami/kong/3/debian-11/rootfs/opt/bitnami/scripts/libkong.sh +++ /dev/null @@ -1,379 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Kong library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libversion.sh - -######################## -# Validate settings in KONG_* environment variables -# Globals: -# KONG_* -# Arguments: -# None -# Returns: -# None -######################### -kong_validate() { - info "Validating settings in KONG_* env vars" - local error_code=0 - - # Auxiliary functions - - print_validation_error() { - error "$1" - error_code="1" - } - - check_yes_no_value() { - if ! is_yes_no_value "${!1}"; then - print_validation_error "The allowed values for ${1} are [yes, no]" - fi - } - - check_password_file() { - if [[ -n "${!1:-}" ]] && ! [[ -f "${!1:-}" ]]; then - print_validation_error "The variable ${1} is defined but the file ${!1} is not accessible or does not exist" - fi - } - - check_resolved_hostname() { - if ! is_hostname_resolved "$1"; then - warn "Hostname ${1} could not be resolved, this could lead to connection issues" - fi - } - - check_allowed_port() { - local validate_port_args=() - ! am_i_root && validate_port_args+=("-unprivileged") - if ! err="$(validate_port "${validate_port_args[@]}" "${!1}")"; then - print_validation_error "An invalid port was specified in the environment variable ${1}: ${err}" - fi - } - - check_conflicting_ports() { - local -r total="$#" - for i in $(seq 1 "$((total - 1))"); do - for j in $(seq "$((i + 1))" "$total"); do - if (("${!i}" == "${!j}")); then - print_validation_error "${!i} and ${!j} are bound to the same port" - fi - done - done - } - - check_yes_no_value KONG_MIGRATE - - # Validate some of the supported environment variables used by Kong - - # Database setting validations - if [[ "${KONG_DATABASE:-postgres}" = "postgres" ]]; then - # PostgreSQL is the default database type - check_password_file KONG_POSTGRESQL_PASSWORD_FILE - [[ -n "${KONG_PG_HOST:-}" ]] && check_resolved_hostname "${KONG_PG_HOST:-}" - elif [[ "${KONG_DATABASE:-}" = "off" ]]; then - warn "KONG_DATABASE is set to 'off', Kong will run but data will not be persisted" - else - print_validation_error "Wrong value '${KONG_DATABASE}' passed to KONG_DATABASE. Valid values: 'off', 'postgres'" - fi - - # Listen addresses and port validations - used_ports=() - if is_boolean_yes "$KONG_PROXY_LISTEN_OVERRIDE"; then - warn "KONG_PROXY_LISTEN was set, it will not be validated and the environment variables KONG_PROXY_LISTEN_ADDRESS, KONG_PROXY_HTTP_PORT_NUMBER and KONG_PROXY_HTTPS_PORT_NUMBER will be ignored" - else - used_ports+=(KONG_PROXY_HTTP_PORT_NUMBER KONG_PROXY_HTTPS_PORT_NUMBER) - if [[ "$KONG_PROXY_LISTEN_ADDRESS" != "0.0.0.0" && "$KONG_PROXY_LISTEN_ADDRESS" != "127.0.0.1" ]]; then - warn "Kong Proxy is set to listen at ${KONG_PROXY_LISTEN_ADDRESS} instead of 0.0.0.0 or 127.0.0.1, this could make Kong inaccessible" - fi - fi - if is_boolean_yes "$KONG_ADMIN_LISTEN_OVERRIDE"; then - warn "KONG_ADMIN_LISTEN was set, it will not be validated and the environment variables KONG_ADMIN_LISTEN_ADDRESS, KONG_ADMIN_HTTP_PORT_NUMBER and KONG_ADMIN_HTTPS_PORT_NUMBER will be ignored" - else - used_ports+=(KONG_ADMIN_HTTP_PORT_NUMBER KONG_ADMIN_HTTPS_PORT_NUMBER) - if [[ "$KONG_ADMIN_LISTEN_ADDRESS" != "127.0.0.1" ]]; then - warn "Kong Admin is set to listen at ${KONG_ADMIN_LISTEN_ADDRESS} instead of 127.0.0.1, opening it to the outside could make it insecure" - fi - fi - for port in "${used_ports[@]}"; do - check_allowed_port "${port}" - done - if [[ "${#used_ports[@]}" -ne 0 ]]; then - check_conflicting_ports "${used_ports[@]}" - fi - - # Quit if any failures occurred - [[ "$error_code" -eq 0 ]] || exit "$error_code" -} - -######################## -# Ensure Kong is initialized -# Globals: -# KONG_* -# Arguments: -# None -# Returns: -# None -######################### -kong_initialize() { - info "Initializing Kong" - - info "Waiting for database connection to succeed" - kong_configure_from_environment_variables - - while ! kong_migrations_list_output="$(kong migrations list 2>&1)"; do - if is_boolean_yes "$KONG_MIGRATE" && [[ "$kong_migrations_list_output" =~ "Database needs bootstrapping"* ]] || [[ "$kong_migrations_list_output" =~ "migrations available" ]]; then - break - fi - debug "$kong_migrations_list_output" - debug "Database is still not ready, will retry" - sleep 1 - done - - if is_boolean_yes "$KONG_MIGRATE"; then - info "Migrating database" - kong migrations bootstrap - while ! kong migrations list; do - debug "Error during the initial bootstrap for the database, will retry" - kong migrations up - kong migrations finish - done - fi - - # Fix server ownership because of running the kong migrate commands as root - am_i_root && chown -R "$KONG_DAEMON_USER":"$KONG_DAEMON_GROUP" "$KONG_SERVER_DIR" "$KONG_CONF_DIR" - - # Set return code to avoid issues in previous commands - true -} - -######################## -# Set a configuration to Kong's configuration file -# Globals: -# KONG_CONF_FILE -# Arguments: -# $1 - key -# $2 - value -# Returns: -# None -######################### -kong_conf_set() { - local -r key="${1:?missing key}" - local -r value="${2:-}" - - # Check if the value was commented or set before - if grep -q "^#*${key}\s*=[^#]*" "$KONG_CONF_FILE"; then - debug "Updating entry for property '${key}' in configuration file" - # Update the existing key (leave trailing space for comments) - sed -ri "s|^#*(${key}\s*=)[^#]*|\1 ${value} |" "$KONG_CONF_FILE" - else - debug "Adding new entry for property '${key}' in configuration file" - # Add a new key - printf '%s = %s\n' "$key" "$value" >>"$KONG_CONF_FILE" - fi -} - -######################## -# Uncomment non-empty entries in Kong configuration -# Globals: -# KONG_CONF_FILE -# Arguments: -# None -# Returns: -# None -######################### -kong_configure_non_empty_values() { - # Uncomment all non-empty keys in the main Kong configuration file - sed -ri 's/^#+([a-z_ ]+)=(\s*[^# ]+)/\1=\2 /' "$KONG_CONF_FILE" - - # Comment read-only postgres connection parameters again, as default values fail to work properly - sed -ri 's/(^pg_ro_.+)=(\s*[^# ]+)/#\1=\2 /' "$KONG_CONF_FILE" -} - -######################## -# Configure Kong configuration files from environment variables -# Globals: -# KONG_* -# Arguments: -# None -# Returns: -# None -######################### -kong_configure_from_environment_variables() { - # Map environment variables to config properties - for var in "${!KONG_CFG_@}"; do - key="$(echo "$var" | sed -e 's/^KONG_CFG_//g' | tr '[:upper:]' '[:lower:]')" - - value="${!var}" - kong_conf_set "$key" "$value" - done -} - -######################## -# Return true if kong is running -# Globals: -# KONG_* -# Arguments: -# None -# Returns: -# None -######################### -is_kong_running() { - if kong health 2>&1 | grep -E "Kong is healthy" >/dev/null; then - true - else - false - fi -} - -######################## -# Return true if kong is not running -# Globals: -# KONG_* -# Arguments: -# None -# Returns: -# None -######################### -is_kong_not_running() { - ! is_kong_running -} - -######################## -# Stop any background kong instance -# Globals: -# KONG_* -# Arguments: -# None -# Returns: -# None -######################### -kong_stop() { - local -r retries=5 - local -r sleep_time=5 - kong stop - if ! retry_while is_kong_not_running "$retries" "$sleep_time"; then - error "Kong failed to shut down" - exit 1 - fi -} - -######################## -# Start kong in background -# Globals: -# KONG_* -# Arguments: -# None -# Returns: -# None -######################### -kong_start_bg() { - local -r retries=5 - local -r sleep_time=5 - info "Starting kong in background" - kong start & - if retry_while is_kong_running "$retries" "$sleep_time"; then - info "Kong started successfully in background" - fi -} - -######################## -# Run custom initialization scripts -# Globals: -# KONG_* -# Arguments: -# None -# Returns: -# None -######################### -kong_custom_init_scripts() { - if [[ -n $(find "${KONG_INITSCRIPTS_DIR}/" -type f -regex ".*\.sh") ]]; then - info "Loading user's custom files from $KONG_INITSCRIPTS_DIR ..." - local -r tmp_file="/tmp/filelist" - kong_start_bg - find "${KONG_INITSCRIPTS_DIR}/" -type f -regex ".*\.sh" | sort >"$tmp_file" - while read -r f; do - case "$f" in - *.sh) - if [[ -x "$f" ]]; then - debug "Executing $f" - "$f" - else - debug "Sourcing $f" - . "$f" - fi - ;; - *) - debug "Ignoring $f" - ;; - esac - done <$tmp_file - kong_stop - rm -f "$tmp_file" - else - info "No custom scripts in $KONG_INITSCRIPTS_DIR" - fi -} -######################## -# Find the path to the opentelemetry include files -# Globals: -# KONG_* -# Arguments: -# None -# Returns: -# Path to opentelemetry include dir -######################### -find_opentelemetry_source() { - local path - path="$(find "$KONG_BASE_DIR" -name "opentelemetry" -print | grep "include")" - echo "$path" -} - -######################## -# Installs opentelemetry plugin -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -install_opentelemetry() { - local -r source_dir="$(find_opentelemetry_source)" - local -r destination_dir="/usr/local/kong/include" - mkdir -p "$destination_dir" - ln -s "$source_dir" "${destination_dir}/opentelemetry" -} - -######################## -# Configure LUA_PATH and LUA_CPATH in the required files -# Globals: -# None -# Arguments: -# List of files to include the configuration -# Returns: -# None -######################### -configure_lua_paths() { - local -a dest_files=("${@}") - local -r lua_paths_file="/tmp/lua-paths.sh" - # Skip the PATH environment variable. We are already setting it. - "${KONG_BASE_DIR}/luarocks/bin/luarocks" path > "$lua_paths_file" - remove_in_file "$lua_paths_file" "^export\s+PATH=.*$" - for dest_file in "${dest_files[@]}"; do - echo "# 'luarocks path' configuration" >> "$dest_file" - cat "$lua_paths_file" >> "$dest_file" - done - rm --force "$lua_paths_file" -} diff --git a/bitnami/kong/3/debian-11/tags-info.yaml b/bitnami/kong/3/debian-11/tags-info.yaml deleted file mode 100644 index 5f882132e06c..000000000000 --- a/bitnami/kong/3/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "3" -- 3-debian-11 -- 3.5.0 -- latest diff --git a/bitnami/ksql/7.1/debian-11/Dockerfile b/bitnami/ksql/7.1/debian-11/Dockerfile deleted file mode 100644 index 316cbb3a0fb7..000000000000 --- a/bitnami/ksql/7.1/debian-11/Dockerfile +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG JAVA_EXTRA_SECURITY_DIR="/bitnami/java/extra-security" -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T07:34:48Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="7.1.11-debian-11-r23" \ - org.opencontainers.image.title="ksql" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="7.1.11" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl netcat-openbsd procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "java-11.0.22-12-2-linux-${OS_ARCH}-debian-11" \ - "ksql-7.1.11-11-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/java/postunpack.sh -RUN /opt/bitnami/scripts/ksql/postunpack.sh -ENV APP_VERSION="7.1.11" \ - BITNAMI_APP_NAME="ksql" \ - JAVA_HOME="/opt/bitnami/java" \ - PATH="/opt/bitnami/java/bin:/opt/bitnami/common/bin:/opt/bitnami/ksql/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/ksql/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/ksql/run.sh" ] diff --git a/bitnami/ksql/7.1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/ksql/7.1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 5d87649787ae..000000000000 --- a/bitnami/ksql/7.1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "java": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "11.0.22-12-2" - }, - "ksql": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "7.1.11-11" - } -} \ No newline at end of file diff --git a/bitnami/ksql/7.1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/ksql/7.1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/ksql/7.1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/ksql/7.1/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/ksql/7.1/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/ksql/7.1/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/ksql/7.1/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/ksql/7.1/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/ksql/7.1/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/ksql/7.1/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/ksql/7.1/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/ksql/7.1/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/ksql/7.1/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/ksql/7.1/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/ksql/7.1/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/ksql/7.1/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/ksql/7.1/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/ksql/7.1/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/ksql/7.1/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/ksql/7.1/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/ksql/7.1/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/ksql/7.1/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/ksql/7.1/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/ksql/7.1/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/ksql/7.1/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/ksql/7.1/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/ksql/7.1/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/ksql/7.1/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/ksql/7.1/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/ksql/7.1/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/ksql/7.1/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/ksql/7.1/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/ksql/7.1/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/ksql/7.1/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/ksql/7.1/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/ksql/7.1/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/ksql/7.1/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/ksql/7.1/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/ksql/7.1/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/ksql/7.1/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/ksql/7.1/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/ksql/7.1/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/ksql/7.1/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh b/bitnami/ksql/7.1/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh deleted file mode 100755 index c3a1e2383fa1..000000000000 --- a/bitnami/ksql/7.1/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -print_welcome_page - -echo "" -exec "$@" diff --git a/bitnami/ksql/7.1/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh b/bitnami/ksql/7.1/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh deleted file mode 100755 index 52dbf4f13673..000000000000 --- a/bitnami/ksql/7.1/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh - -# -# Java post-unpack operations -# - -# Override default files in the Java security directory. This is used for -# custom base images (with custom CA certificates or block lists is used) - -if [[ -n "${JAVA_EXTRA_SECURITY_DIR:-}" ]] && ! is_dir_empty "$JAVA_EXTRA_SECURITY_DIR"; then - info "Adding custom CAs to the Java security folder" - cp -Lr "${JAVA_EXTRA_SECURITY_DIR}/." /opt/bitnami/java/lib/security -fi diff --git a/bitnami/ksql/7.1/debian-11/rootfs/opt/bitnami/scripts/ksql-env.sh b/bitnami/ksql/7.1/debian-11/rootfs/opt/bitnami/scripts/ksql-env.sh deleted file mode 100644 index cb85e657cdb1..000000000000 --- a/bitnami/ksql/7.1/debian-11/rootfs/opt/bitnami/scripts/ksql-env.sh +++ /dev/null @@ -1,71 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for ksql - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-ksql}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -ksql_env_vars=( - KSQL_MOUNTED_CONF_DIR - KSQL_LISTENERS - KSQL_SSL_KEYSTORE_PASSWORD - KSQL_SSL_TRUSTSTORE_PASSWORD - KSQL_CLIENT_AUTHENTICATION - KSQL_BOOTSTRAP_SERVERS -) -for env_var in "${ksql_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset ksql_env_vars - -# Paths -export KSQL_BASE_DIR="${BITNAMI_ROOT_DIR}/ksql" -export KSQL_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/ksql" -export KSQL_DATA_DIR="${KSQL_VOLUME_DIR}/data" -export KSQL_BIN_DIR="${KSQL_BASE_DIR}/bin" -export KSQL_CONF_DIR="${KSQL_BASE_DIR}/etc/ksqldb" -export KSQL_LOGS_DIR="${KSQL_BASE_DIR}/logs" -export KSQL_CONF_FILE="${KSQL_CONF_DIR}/ksql-server.properties" -export KSQL_MOUNTED_CONF_DIR="${KSQL_MOUNTED_CONF_DIR:-${KSQL_VOLUME_DIR}/etc}" -export KSQL_CERTS_DIR="${KSQL_BASE_DIR}/certs" - -# System users (when running with a privileged user) -export KSQL_DAEMON_USER="ksql" -export KSQL_DAEMON_GROUP="ksql" -export KSQL_DEFAULT_LISTENERS="http://0.0.0.0:8088" # only used at build time -export KSQL_DEFAULT_BOOTSTRAP_SERVERS="localhost:9092" # only used at build time - -# KSQL settings -export KSQL_LISTENERS="${KSQL_LISTENERS:-}" -export KSQL_SSL_KEYSTORE_PASSWORD="${KSQL_SSL_KEYSTORE_PASSWORD:-}" -export KSQL_SSL_TRUSTSTORE_PASSWORD="${KSQL_SSL_TRUSTSTORE_PASSWORD:-}" -export KSQL_CLIENT_AUTHENTICATION="${KSQL_CLIENT_AUTHENTICATION:-}" -export KSQL_BOOTSTRAP_SERVERS="${KSQL_BOOTSTRAP_SERVERS:-}" - -# Custom environment variables may be defined below diff --git a/bitnami/ksql/7.1/debian-11/rootfs/opt/bitnami/scripts/ksql/entrypoint.sh b/bitnami/ksql/7.1/debian-11/rootfs/opt/bitnami/scripts/ksql/entrypoint.sh deleted file mode 100755 index 93eb4a6921a3..000000000000 --- a/bitnami/ksql/7.1/debian-11/rootfs/opt/bitnami/scripts/ksql/entrypoint.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libksql.sh -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -# Load KSQL environment variables -. /opt/bitnami/scripts/ksql-env.sh - -print_welcome_page - -if [[ "$1" = "/opt/bitnami/scripts/ksql/run.sh" ]]; then - info "** Starting KSQL setup **" - /opt/bitnami/scripts/ksql/setup.sh - info "** KSQL setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/ksql/7.1/debian-11/rootfs/opt/bitnami/scripts/ksql/postunpack.sh b/bitnami/ksql/7.1/debian-11/rootfs/opt/bitnami/scripts/ksql/postunpack.sh deleted file mode 100755 index 03bc0bf3cbc9..000000000000 --- a/bitnami/ksql/7.1/debian-11/rootfs/opt/bitnami/scripts/ksql/postunpack.sh +++ /dev/null @@ -1,73 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -# Load libraries -. /opt/bitnami/scripts/libksql.sh -. /opt/bitnami/scripts/libfs.sh - -# Load KSQL environment variables -. /opt/bitnami/scripts/ksql-env.sh - -# Auxiliar functions - -######################## -# Create default config file -# Globals: -# KSQL_CONF_DIR -# Arguments: -# None -# Returns: -# None -######################### -ksql_create_default_config_file() { - cat > "${KSQL_CONF_FILE}.default" << EOF -## The address(es) the socket server listens on. -## FORMAT: listener_name://hostname:port -## -listeners = ${KSQL_DEFAULT_LISTENERS} - -## The advertised address(es) the server is advertised on. -## FORMAT: listener_name://hostname:port -## -# advertised.listener = - -## Keystore & Trustore used to expose the REST API over HTTPS -## -ssl.client.authentication = NONE -# ssl.key.password = -# ssl.keystore.location = -# ssl.keystore.password = - -## List of Kafka brokers to connect to. -## FORMAT: broker_hostname:port -## -bootstrap.servers = ${KSQL_DEFAULT_BOOTSTRAP_SERVERS} - -## Schema Registry server to connect to: -## FORMAT: schema_registry_hostname:port -## -# ksql.schema.registry.url = - -## Login configuration -## -ksql.logging.processing.topic.auto.create = true -ksql.logging.processing.stream.auto.create = true -ksql.logging.processing.rows.include = false - -## Sets the storage directory for stateful operations -## -ksql.streams.state.dir = ${KSQL_DATA_DIR} -EOF -} - -# Create default configuration file -rm "$KSQL_CONF_FILE" -ksql_create_default_config_file -# Ensure directories used by KSQL exist and have proper ownership and permissions -for dir in "$KSQL_CONF_DIR" "$KSQL_DATA_DIR" "$KSQL_LOGS_DIR" "$KSQL_CERTS_DIR"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" -done diff --git a/bitnami/ksql/7.1/debian-11/rootfs/opt/bitnami/scripts/ksql/run.sh b/bitnami/ksql/7.1/debian-11/rootfs/opt/bitnami/scripts/ksql/run.sh deleted file mode 100755 index de3220ba5673..000000000000 --- a/bitnami/ksql/7.1/debian-11/rootfs/opt/bitnami/scripts/ksql/run.sh +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Load KSQL environment variables -. /opt/bitnami/scripts/ksql-env.sh - -info "** Starting KSQL **" - -__run_cmd="${KSQL_BIN_DIR}/ksql-server-start" -__run_flags=("$KSQL_CONF_FILE" "$@") - -if am_i_root; then - exec_as_user "$KSQL_DAEMON_USER" "$__run_cmd" "${__run_flags[@]}" -else - exec "$__run_cmd" "${__run_flags[@]}" -fi diff --git a/bitnami/ksql/7.1/debian-11/rootfs/opt/bitnami/scripts/ksql/setup.sh b/bitnami/ksql/7.1/debian-11/rootfs/opt/bitnami/scripts/ksql/setup.sh deleted file mode 100755 index 9844fc758155..000000000000 --- a/bitnami/ksql/7.1/debian-11/rootfs/opt/bitnami/scripts/ksql/setup.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libksql.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh - -# Load KSQL environment variables -. /opt/bitnami/scripts/ksql-env.sh - -# Ensure KSQL environment variables are valid -ksql_validate - -# Ensure 'daemon' user exists when running as 'root' -am_i_root && ensure_user_exists "$KSQL_DAEMON_USER" --group "$KSQL_DAEMON_GROUP" -for dir in "$KSQL_CONF_DIR" "$KSQL_DATA_DIR" "$KSQL_LOGS_DIR"; do - ensure_dir_exists "$dir" - am_i_root && chown -R "${KSQL_DAEMON_USER}:${KSQL_DAEMON_GROUP}" "$dir" -done - -# Ensure KSQL is initialized -ksql_initialize diff --git a/bitnami/ksql/7.1/debian-11/rootfs/opt/bitnami/scripts/libksql.sh b/bitnami/ksql/7.1/debian-11/rootfs/opt/bitnami/scripts/libksql.sh deleted file mode 100644 index 2751ec112a1e..000000000000 --- a/bitnami/ksql/7.1/debian-11/rootfs/opt/bitnami/scripts/libksql.sh +++ /dev/null @@ -1,230 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Confluent KSQL library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Return listeners ports -# Globals: -# KSQL_LISTENERS -# Arguments: -# $1 - Bucket name -# Returns: -# Boolean -######################### -ksql_ports() { - local ports - - if [[ -n "$KSQL_LISTENERS" ]]; then - read -r -a listeners <<< "$(tr ',;' ' ' <<< "$KSQL_LISTENERS")" - for l in "${listeners[@]}"; do - if [[ "$l" =~ [a-zA-Z]*://.*:([0-9]*) ]]; then - ports+=("${BASH_REMATCH[1]}") - fi - done - echo "${ports[@]}" - else - echo "8081" - fi -} - -######################## -# Return listeners protocols -# Globals: -# KSQL_LISTENERS -# Arguments: -# $1 - Bucket name -# Returns: -# Boolean -######################### -ksql_protocols() { - local protocols - - if [[ -n "$KSQL_LISTENERS" ]]; then - read -r -a listeners <<< "$(tr ',;' ' ' <<< "$KSQL_LISTENERS")" - for l in "${listeners[@]}"; do - if [[ "$l" =~ ([a-zA-Z]*)://.*:[0-9]* ]]; then - protocols+=("${BASH_REMATCH[1]}") - fi - done - echo "${protocols[@]}" - else - echo "http" - fi -} - -######################## -# Validate settings in KSQL_* env vars -# Globals: -# KSQL_* -# Arguments: -# None -# Returns: -# None -######################### -ksql_validate() { - info "Validating settings in KSQL_* env vars" - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - check_true_false_value() { - if ! is_true_false_value "${!1}"; then - print_validation_error "The allowed values for $1 are [true, false]" - fi - } - check_conflicting_ports() { - local -r total="$#" - for i in $(seq 1 "$((total - 1))"); do - for j in $(seq "$((i + 1))" "$total"); do - if (( "${!i}" == "${!j}" )); then - print_validation_error "There are listeners bound to the same port" - fi - done - done - } - check_allowed_port() { - local validate_port_args=() - ! am_i_root && validate_port_args+=("-unprivileged") - if ! err=$(validate_port "${validate_port_args[@]}" "$1"); then - print_validation_error "An invalid port was specified in the environment variable KSQL_LISTENERS: $err" - fi - } - - if [[ -n "$KSQL_LISTENERS" ]]; then - read -r -a ports <<< "$(ksql_ports)" - for port in "${ports[@]}"; do - check_allowed_port "$port" - done - [[ "${#ports[@]}" -gt 1 ]] && check_conflicting_ports "${ports[@]}" - read -r -a protocols <<< "$(ksql_protocols)" - if [[ "${protocols[*]}" =~ https ]]; then - if [[ ! -f ${KSQL_CERTS_DIR}/ssl.keystore.jks ]]; then - print_validation_error "In order to configure HTTPS access, you must mount your ssl.keystore.jks (and optionally the ssl.truststore.jks) to the ${KSQL_CERTS_DIR} directory." - fi - fi - fi - [[ -z "$KSQL_BOOTSTRAP_SERVERS" && ! -f "$KSQL_CONF_FILE" ]] && warn "KSQL_BOOTSTRAP_SERVERS should be provided" - - [[ "$error_code" -eq 0 ]] || return "$error_code" -} - -######################## -# Set a configuration setting value to the configuration file -# Globals: -# KSQL_* -# Arguments: -# $1 - key -# $2 - values (array) -# Returns: -# None -######################### -ksql_conf_set() { - local -r key="${1:?missing key}" - shift - local -r -a values=("$@") - - if [[ "${#values[@]}" -eq 0 ]]; then - stderr_print "missing value" - return 1 - elif [[ "${#values[@]}" -ne 1 ]]; then - for i in "${!values[@]}"; do - ksql_conf_set "${key[$i]}" "${values[$i]}" - done - else - value="${values[0]}" - # Check if the value was set before - if grep -q "^[# ]*$key\s*=.*" "$KSQL_CONF_FILE"; then - # Update the existing key - replace_in_file "$KSQL_CONF_FILE" "^[# ]*${key}\s*=.*" "${key} = ${value}" false - else - # Add a new key - printf '\n%s = %s' "$key" "$value" >>"$KSQL_CONF_FILE" - fi - fi -} - -######################## -# Wait for Kafka brokers to be up -# Globals: -# KSQL_* -# Arguments: -# None -# Returns: -# None -######################### -ksql_wait_for_kafka_brokers() { - local kafka_brokers - local host - local port - - info "Waiting for Kafka brokers to be up" - kafka_brokers="$(grep "^bootstrap.servers" "$KSQL_CONF_FILE" | cut -d '=' -f 2)" - read -r -a brokers <<< "$(tr ',;' ' ' <<< "${kafka_brokers/%,/}")" - for b in "${brokers[@]}"; do - if [[ "$b" =~ [_a-zA-Z]*://(.*):([0-9]*) ]]; then - host="${BASH_REMATCH[1]}" - port="${BASH_REMATCH[2]}" - if ! retry_while "debug_execute nc -z ${host} ${port}" 10 10; then - error "Failed to connect to the broker at $host:$port" - return 1 - fi - fi - done -} - -######################## -# Initialize Confluent KSQL -# Globals: -# KSQL_* -# Arguments: -# None -# Returns: -# None -######################### -ksql_initialize() { - info "Initializing Confluent KSQL" - - # Check for mounted configuration files - if ! is_dir_empty "$KSQL_MOUNTED_CONF_DIR"; then - cp -Lr "$KSQL_MOUNTED_CONF_DIR"/* "$KSQL_CONF_DIR" - fi - if [[ -f "$KSQL_CONF_FILE" ]]; then - info "Injected configuration file found. Skipping default configuration" - else - info "No injected configuration files found, creating default config file." - mv "${KSQL_CONF_FILE}.default" "$KSQL_CONF_FILE" - - # Kafka boostrap settings - [[ -n "$KSQL_BOOTSTRAP_SERVERS" ]] && ksql_conf_set "bootstrap.servers" "$KSQL_BOOTSTRAP_SERVERS" - # Listeners settings - if [[ -n "$KSQL_LISTENERS" ]]; then - ksql_conf_set "listeners" "$KSQL_LISTENERS" - read -r -a protocols <<< "$(ksql_protocols)" - if [[ "${protocols[*]}" =~ https ]]; then - ksql_conf_set "ssl.keystore.location" "${KSQL_CERTS_DIR}/ssl.keystore.jks" - [[ -n "$KSQL_SSL_KEYSTORE_PASSWORD" ]] && ksql_conf_set "ssl.keystore.password" "$KSQL_SSL_KEYSTORE_PASSWORD" - [[ -f "${KSQL_CERTS_DIR}/ssl.truststore.jks" ]] && ksql_conf_set "ssl.truststore.location" "${KSQL_CERTS_DIR}/ssl.truststore.jks" - [[ -n "$KSQL_SSL_TRUSTSTORE_PASSWORD" ]] && ksql_conf_set "ssl.truststore.password" "$KSQL_SSL_TRUSTSTORE_PASSWORD" - fi - [[ -n "$KSQL_CLIENT_AUTHENTICATION" ]] && ksql_conf_set "ssl.client.authentication" "$KSQL_CLIENT_AUTHENTICATION" - fi - fi - ksql_wait_for_kafka_brokers -} diff --git a/bitnami/ksql/7.1/debian-11/tags-info.yaml b/bitnami/ksql/7.1/debian-11/tags-info.yaml deleted file mode 100644 index 09c1c157c0fd..000000000000 --- a/bitnami/ksql/7.1/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "7.1" -- 7.1-debian-11 -- 7.1.11 diff --git a/bitnami/ksql/7.2/debian-11/Dockerfile b/bitnami/ksql/7.2/debian-11/Dockerfile deleted file mode 100644 index 55b784e4374b..000000000000 --- a/bitnami/ksql/7.2/debian-11/Dockerfile +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG JAVA_EXTRA_SECURITY_DIR="/bitnami/java/extra-security" -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T07:42:39Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="7.2.9-debian-11-r22" \ - org.opencontainers.image.title="ksql" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="7.2.9" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl netcat-openbsd procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "java-11.0.22-12-2-linux-${OS_ARCH}-debian-11" \ - "ksql-7.2.9-2-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/java/postunpack.sh -RUN /opt/bitnami/scripts/ksql/postunpack.sh -ENV APP_VERSION="7.2.9" \ - BITNAMI_APP_NAME="ksql" \ - JAVA_HOME="/opt/bitnami/java" \ - PATH="/opt/bitnami/java/bin:/opt/bitnami/common/bin:/opt/bitnami/ksql/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/ksql/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/ksql/run.sh" ] diff --git a/bitnami/ksql/7.2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/ksql/7.2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index e35ea6db7e74..000000000000 --- a/bitnami/ksql/7.2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "java": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "11.0.22-12-2" - }, - "ksql": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "7.2.9-2" - } -} \ No newline at end of file diff --git a/bitnami/ksql/7.2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/ksql/7.2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/ksql/7.2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/ksql/7.2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/ksql/7.2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/ksql/7.2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/ksql/7.2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/ksql/7.2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/ksql/7.2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/ksql/7.2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/ksql/7.2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/ksql/7.2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/ksql/7.2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/ksql/7.2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/ksql/7.2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/ksql/7.2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/ksql/7.2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/ksql/7.2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/ksql/7.2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/ksql/7.2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/ksql/7.2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/ksql/7.2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/ksql/7.2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/ksql/7.2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/ksql/7.2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/ksql/7.2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/ksql/7.2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/ksql/7.2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/ksql/7.2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/ksql/7.2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/ksql/7.2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/ksql/7.2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/ksql/7.2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/ksql/7.2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/ksql/7.2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/ksql/7.2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/ksql/7.2/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/ksql/7.2/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/ksql/7.2/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/ksql/7.2/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/ksql/7.2/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/ksql/7.2/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/ksql/7.2/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh b/bitnami/ksql/7.2/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh deleted file mode 100755 index c3a1e2383fa1..000000000000 --- a/bitnami/ksql/7.2/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -print_welcome_page - -echo "" -exec "$@" diff --git a/bitnami/ksql/7.2/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh b/bitnami/ksql/7.2/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh deleted file mode 100755 index 52dbf4f13673..000000000000 --- a/bitnami/ksql/7.2/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh - -# -# Java post-unpack operations -# - -# Override default files in the Java security directory. This is used for -# custom base images (with custom CA certificates or block lists is used) - -if [[ -n "${JAVA_EXTRA_SECURITY_DIR:-}" ]] && ! is_dir_empty "$JAVA_EXTRA_SECURITY_DIR"; then - info "Adding custom CAs to the Java security folder" - cp -Lr "${JAVA_EXTRA_SECURITY_DIR}/." /opt/bitnami/java/lib/security -fi diff --git a/bitnami/ksql/7.2/debian-11/rootfs/opt/bitnami/scripts/ksql-env.sh b/bitnami/ksql/7.2/debian-11/rootfs/opt/bitnami/scripts/ksql-env.sh deleted file mode 100644 index cb85e657cdb1..000000000000 --- a/bitnami/ksql/7.2/debian-11/rootfs/opt/bitnami/scripts/ksql-env.sh +++ /dev/null @@ -1,71 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for ksql - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-ksql}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -ksql_env_vars=( - KSQL_MOUNTED_CONF_DIR - KSQL_LISTENERS - KSQL_SSL_KEYSTORE_PASSWORD - KSQL_SSL_TRUSTSTORE_PASSWORD - KSQL_CLIENT_AUTHENTICATION - KSQL_BOOTSTRAP_SERVERS -) -for env_var in "${ksql_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset ksql_env_vars - -# Paths -export KSQL_BASE_DIR="${BITNAMI_ROOT_DIR}/ksql" -export KSQL_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/ksql" -export KSQL_DATA_DIR="${KSQL_VOLUME_DIR}/data" -export KSQL_BIN_DIR="${KSQL_BASE_DIR}/bin" -export KSQL_CONF_DIR="${KSQL_BASE_DIR}/etc/ksqldb" -export KSQL_LOGS_DIR="${KSQL_BASE_DIR}/logs" -export KSQL_CONF_FILE="${KSQL_CONF_DIR}/ksql-server.properties" -export KSQL_MOUNTED_CONF_DIR="${KSQL_MOUNTED_CONF_DIR:-${KSQL_VOLUME_DIR}/etc}" -export KSQL_CERTS_DIR="${KSQL_BASE_DIR}/certs" - -# System users (when running with a privileged user) -export KSQL_DAEMON_USER="ksql" -export KSQL_DAEMON_GROUP="ksql" -export KSQL_DEFAULT_LISTENERS="http://0.0.0.0:8088" # only used at build time -export KSQL_DEFAULT_BOOTSTRAP_SERVERS="localhost:9092" # only used at build time - -# KSQL settings -export KSQL_LISTENERS="${KSQL_LISTENERS:-}" -export KSQL_SSL_KEYSTORE_PASSWORD="${KSQL_SSL_KEYSTORE_PASSWORD:-}" -export KSQL_SSL_TRUSTSTORE_PASSWORD="${KSQL_SSL_TRUSTSTORE_PASSWORD:-}" -export KSQL_CLIENT_AUTHENTICATION="${KSQL_CLIENT_AUTHENTICATION:-}" -export KSQL_BOOTSTRAP_SERVERS="${KSQL_BOOTSTRAP_SERVERS:-}" - -# Custom environment variables may be defined below diff --git a/bitnami/ksql/7.2/debian-11/rootfs/opt/bitnami/scripts/ksql/entrypoint.sh b/bitnami/ksql/7.2/debian-11/rootfs/opt/bitnami/scripts/ksql/entrypoint.sh deleted file mode 100755 index 93eb4a6921a3..000000000000 --- a/bitnami/ksql/7.2/debian-11/rootfs/opt/bitnami/scripts/ksql/entrypoint.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libksql.sh -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -# Load KSQL environment variables -. /opt/bitnami/scripts/ksql-env.sh - -print_welcome_page - -if [[ "$1" = "/opt/bitnami/scripts/ksql/run.sh" ]]; then - info "** Starting KSQL setup **" - /opt/bitnami/scripts/ksql/setup.sh - info "** KSQL setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/ksql/7.2/debian-11/rootfs/opt/bitnami/scripts/ksql/postunpack.sh b/bitnami/ksql/7.2/debian-11/rootfs/opt/bitnami/scripts/ksql/postunpack.sh deleted file mode 100755 index 03bc0bf3cbc9..000000000000 --- a/bitnami/ksql/7.2/debian-11/rootfs/opt/bitnami/scripts/ksql/postunpack.sh +++ /dev/null @@ -1,73 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -# Load libraries -. /opt/bitnami/scripts/libksql.sh -. /opt/bitnami/scripts/libfs.sh - -# Load KSQL environment variables -. /opt/bitnami/scripts/ksql-env.sh - -# Auxiliar functions - -######################## -# Create default config file -# Globals: -# KSQL_CONF_DIR -# Arguments: -# None -# Returns: -# None -######################### -ksql_create_default_config_file() { - cat > "${KSQL_CONF_FILE}.default" << EOF -## The address(es) the socket server listens on. -## FORMAT: listener_name://hostname:port -## -listeners = ${KSQL_DEFAULT_LISTENERS} - -## The advertised address(es) the server is advertised on. -## FORMAT: listener_name://hostname:port -## -# advertised.listener = - -## Keystore & Trustore used to expose the REST API over HTTPS -## -ssl.client.authentication = NONE -# ssl.key.password = -# ssl.keystore.location = -# ssl.keystore.password = - -## List of Kafka brokers to connect to. -## FORMAT: broker_hostname:port -## -bootstrap.servers = ${KSQL_DEFAULT_BOOTSTRAP_SERVERS} - -## Schema Registry server to connect to: -## FORMAT: schema_registry_hostname:port -## -# ksql.schema.registry.url = - -## Login configuration -## -ksql.logging.processing.topic.auto.create = true -ksql.logging.processing.stream.auto.create = true -ksql.logging.processing.rows.include = false - -## Sets the storage directory for stateful operations -## -ksql.streams.state.dir = ${KSQL_DATA_DIR} -EOF -} - -# Create default configuration file -rm "$KSQL_CONF_FILE" -ksql_create_default_config_file -# Ensure directories used by KSQL exist and have proper ownership and permissions -for dir in "$KSQL_CONF_DIR" "$KSQL_DATA_DIR" "$KSQL_LOGS_DIR" "$KSQL_CERTS_DIR"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" -done diff --git a/bitnami/ksql/7.2/debian-11/rootfs/opt/bitnami/scripts/ksql/run.sh b/bitnami/ksql/7.2/debian-11/rootfs/opt/bitnami/scripts/ksql/run.sh deleted file mode 100755 index de3220ba5673..000000000000 --- a/bitnami/ksql/7.2/debian-11/rootfs/opt/bitnami/scripts/ksql/run.sh +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Load KSQL environment variables -. /opt/bitnami/scripts/ksql-env.sh - -info "** Starting KSQL **" - -__run_cmd="${KSQL_BIN_DIR}/ksql-server-start" -__run_flags=("$KSQL_CONF_FILE" "$@") - -if am_i_root; then - exec_as_user "$KSQL_DAEMON_USER" "$__run_cmd" "${__run_flags[@]}" -else - exec "$__run_cmd" "${__run_flags[@]}" -fi diff --git a/bitnami/ksql/7.2/debian-11/rootfs/opt/bitnami/scripts/ksql/setup.sh b/bitnami/ksql/7.2/debian-11/rootfs/opt/bitnami/scripts/ksql/setup.sh deleted file mode 100755 index 9844fc758155..000000000000 --- a/bitnami/ksql/7.2/debian-11/rootfs/opt/bitnami/scripts/ksql/setup.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libksql.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh - -# Load KSQL environment variables -. /opt/bitnami/scripts/ksql-env.sh - -# Ensure KSQL environment variables are valid -ksql_validate - -# Ensure 'daemon' user exists when running as 'root' -am_i_root && ensure_user_exists "$KSQL_DAEMON_USER" --group "$KSQL_DAEMON_GROUP" -for dir in "$KSQL_CONF_DIR" "$KSQL_DATA_DIR" "$KSQL_LOGS_DIR"; do - ensure_dir_exists "$dir" - am_i_root && chown -R "${KSQL_DAEMON_USER}:${KSQL_DAEMON_GROUP}" "$dir" -done - -# Ensure KSQL is initialized -ksql_initialize diff --git a/bitnami/ksql/7.2/debian-11/rootfs/opt/bitnami/scripts/libksql.sh b/bitnami/ksql/7.2/debian-11/rootfs/opt/bitnami/scripts/libksql.sh deleted file mode 100644 index 2751ec112a1e..000000000000 --- a/bitnami/ksql/7.2/debian-11/rootfs/opt/bitnami/scripts/libksql.sh +++ /dev/null @@ -1,230 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Confluent KSQL library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Return listeners ports -# Globals: -# KSQL_LISTENERS -# Arguments: -# $1 - Bucket name -# Returns: -# Boolean -######################### -ksql_ports() { - local ports - - if [[ -n "$KSQL_LISTENERS" ]]; then - read -r -a listeners <<< "$(tr ',;' ' ' <<< "$KSQL_LISTENERS")" - for l in "${listeners[@]}"; do - if [[ "$l" =~ [a-zA-Z]*://.*:([0-9]*) ]]; then - ports+=("${BASH_REMATCH[1]}") - fi - done - echo "${ports[@]}" - else - echo "8081" - fi -} - -######################## -# Return listeners protocols -# Globals: -# KSQL_LISTENERS -# Arguments: -# $1 - Bucket name -# Returns: -# Boolean -######################### -ksql_protocols() { - local protocols - - if [[ -n "$KSQL_LISTENERS" ]]; then - read -r -a listeners <<< "$(tr ',;' ' ' <<< "$KSQL_LISTENERS")" - for l in "${listeners[@]}"; do - if [[ "$l" =~ ([a-zA-Z]*)://.*:[0-9]* ]]; then - protocols+=("${BASH_REMATCH[1]}") - fi - done - echo "${protocols[@]}" - else - echo "http" - fi -} - -######################## -# Validate settings in KSQL_* env vars -# Globals: -# KSQL_* -# Arguments: -# None -# Returns: -# None -######################### -ksql_validate() { - info "Validating settings in KSQL_* env vars" - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - check_true_false_value() { - if ! is_true_false_value "${!1}"; then - print_validation_error "The allowed values for $1 are [true, false]" - fi - } - check_conflicting_ports() { - local -r total="$#" - for i in $(seq 1 "$((total - 1))"); do - for j in $(seq "$((i + 1))" "$total"); do - if (( "${!i}" == "${!j}" )); then - print_validation_error "There are listeners bound to the same port" - fi - done - done - } - check_allowed_port() { - local validate_port_args=() - ! am_i_root && validate_port_args+=("-unprivileged") - if ! err=$(validate_port "${validate_port_args[@]}" "$1"); then - print_validation_error "An invalid port was specified in the environment variable KSQL_LISTENERS: $err" - fi - } - - if [[ -n "$KSQL_LISTENERS" ]]; then - read -r -a ports <<< "$(ksql_ports)" - for port in "${ports[@]}"; do - check_allowed_port "$port" - done - [[ "${#ports[@]}" -gt 1 ]] && check_conflicting_ports "${ports[@]}" - read -r -a protocols <<< "$(ksql_protocols)" - if [[ "${protocols[*]}" =~ https ]]; then - if [[ ! -f ${KSQL_CERTS_DIR}/ssl.keystore.jks ]]; then - print_validation_error "In order to configure HTTPS access, you must mount your ssl.keystore.jks (and optionally the ssl.truststore.jks) to the ${KSQL_CERTS_DIR} directory." - fi - fi - fi - [[ -z "$KSQL_BOOTSTRAP_SERVERS" && ! -f "$KSQL_CONF_FILE" ]] && warn "KSQL_BOOTSTRAP_SERVERS should be provided" - - [[ "$error_code" -eq 0 ]] || return "$error_code" -} - -######################## -# Set a configuration setting value to the configuration file -# Globals: -# KSQL_* -# Arguments: -# $1 - key -# $2 - values (array) -# Returns: -# None -######################### -ksql_conf_set() { - local -r key="${1:?missing key}" - shift - local -r -a values=("$@") - - if [[ "${#values[@]}" -eq 0 ]]; then - stderr_print "missing value" - return 1 - elif [[ "${#values[@]}" -ne 1 ]]; then - for i in "${!values[@]}"; do - ksql_conf_set "${key[$i]}" "${values[$i]}" - done - else - value="${values[0]}" - # Check if the value was set before - if grep -q "^[# ]*$key\s*=.*" "$KSQL_CONF_FILE"; then - # Update the existing key - replace_in_file "$KSQL_CONF_FILE" "^[# ]*${key}\s*=.*" "${key} = ${value}" false - else - # Add a new key - printf '\n%s = %s' "$key" "$value" >>"$KSQL_CONF_FILE" - fi - fi -} - -######################## -# Wait for Kafka brokers to be up -# Globals: -# KSQL_* -# Arguments: -# None -# Returns: -# None -######################### -ksql_wait_for_kafka_brokers() { - local kafka_brokers - local host - local port - - info "Waiting for Kafka brokers to be up" - kafka_brokers="$(grep "^bootstrap.servers" "$KSQL_CONF_FILE" | cut -d '=' -f 2)" - read -r -a brokers <<< "$(tr ',;' ' ' <<< "${kafka_brokers/%,/}")" - for b in "${brokers[@]}"; do - if [[ "$b" =~ [_a-zA-Z]*://(.*):([0-9]*) ]]; then - host="${BASH_REMATCH[1]}" - port="${BASH_REMATCH[2]}" - if ! retry_while "debug_execute nc -z ${host} ${port}" 10 10; then - error "Failed to connect to the broker at $host:$port" - return 1 - fi - fi - done -} - -######################## -# Initialize Confluent KSQL -# Globals: -# KSQL_* -# Arguments: -# None -# Returns: -# None -######################### -ksql_initialize() { - info "Initializing Confluent KSQL" - - # Check for mounted configuration files - if ! is_dir_empty "$KSQL_MOUNTED_CONF_DIR"; then - cp -Lr "$KSQL_MOUNTED_CONF_DIR"/* "$KSQL_CONF_DIR" - fi - if [[ -f "$KSQL_CONF_FILE" ]]; then - info "Injected configuration file found. Skipping default configuration" - else - info "No injected configuration files found, creating default config file." - mv "${KSQL_CONF_FILE}.default" "$KSQL_CONF_FILE" - - # Kafka boostrap settings - [[ -n "$KSQL_BOOTSTRAP_SERVERS" ]] && ksql_conf_set "bootstrap.servers" "$KSQL_BOOTSTRAP_SERVERS" - # Listeners settings - if [[ -n "$KSQL_LISTENERS" ]]; then - ksql_conf_set "listeners" "$KSQL_LISTENERS" - read -r -a protocols <<< "$(ksql_protocols)" - if [[ "${protocols[*]}" =~ https ]]; then - ksql_conf_set "ssl.keystore.location" "${KSQL_CERTS_DIR}/ssl.keystore.jks" - [[ -n "$KSQL_SSL_KEYSTORE_PASSWORD" ]] && ksql_conf_set "ssl.keystore.password" "$KSQL_SSL_KEYSTORE_PASSWORD" - [[ -f "${KSQL_CERTS_DIR}/ssl.truststore.jks" ]] && ksql_conf_set "ssl.truststore.location" "${KSQL_CERTS_DIR}/ssl.truststore.jks" - [[ -n "$KSQL_SSL_TRUSTSTORE_PASSWORD" ]] && ksql_conf_set "ssl.truststore.password" "$KSQL_SSL_TRUSTSTORE_PASSWORD" - fi - [[ -n "$KSQL_CLIENT_AUTHENTICATION" ]] && ksql_conf_set "ssl.client.authentication" "$KSQL_CLIENT_AUTHENTICATION" - fi - fi - ksql_wait_for_kafka_brokers -} diff --git a/bitnami/ksql/7.2/debian-11/tags-info.yaml b/bitnami/ksql/7.2/debian-11/tags-info.yaml deleted file mode 100644 index afd30095e746..000000000000 --- a/bitnami/ksql/7.2/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "7.2" -- 7.2-debian-11 -- 7.2.9 diff --git a/bitnami/ksql/7.3/debian-11/Dockerfile b/bitnami/ksql/7.3/debian-11/Dockerfile deleted file mode 100644 index 88963cd888b0..000000000000 --- a/bitnami/ksql/7.3/debian-11/Dockerfile +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG JAVA_EXTRA_SECURITY_DIR="/bitnami/java/extra-security" -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T08:16:01Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="7.3.7-debian-11-r20" \ - org.opencontainers.image.title="ksql" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="7.3.7" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl netcat-openbsd procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "java-17.0.10-13-2-linux-${OS_ARCH}-debian-11" \ - "ksql-7.3.7-2-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/java/postunpack.sh -RUN /opt/bitnami/scripts/ksql/postunpack.sh -ENV APP_VERSION="7.3.7" \ - BITNAMI_APP_NAME="ksql" \ - JAVA_HOME="/opt/bitnami/java" \ - PATH="/opt/bitnami/java/bin:/opt/bitnami/common/bin:/opt/bitnami/ksql/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/ksql/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/ksql/run.sh" ] diff --git a/bitnami/ksql/7.3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/ksql/7.3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index baac03239304..000000000000 --- a/bitnami/ksql/7.3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "java": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "17.0.10-13-2" - }, - "ksql": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "7.3.7-2" - } -} \ No newline at end of file diff --git a/bitnami/ksql/7.3/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/ksql/7.3/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/ksql/7.3/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/ksql/7.3/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/ksql/7.3/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/ksql/7.3/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/ksql/7.3/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/ksql/7.3/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/ksql/7.3/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/ksql/7.3/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/ksql/7.3/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/ksql/7.3/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/ksql/7.3/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/ksql/7.3/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/ksql/7.3/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/ksql/7.3/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/ksql/7.3/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/ksql/7.3/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/ksql/7.3/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/ksql/7.3/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/ksql/7.3/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/ksql/7.3/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/ksql/7.3/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/ksql/7.3/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/ksql/7.3/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/ksql/7.3/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/ksql/7.3/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/ksql/7.3/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/ksql/7.3/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/ksql/7.3/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/ksql/7.3/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/ksql/7.3/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/ksql/7.3/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/ksql/7.3/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/ksql/7.3/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/ksql/7.3/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/ksql/7.3/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/ksql/7.3/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/ksql/7.3/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/ksql/7.3/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/ksql/7.3/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/ksql/7.3/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/ksql/7.3/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh b/bitnami/ksql/7.3/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh deleted file mode 100755 index c3a1e2383fa1..000000000000 --- a/bitnami/ksql/7.3/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -print_welcome_page - -echo "" -exec "$@" diff --git a/bitnami/ksql/7.3/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh b/bitnami/ksql/7.3/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh deleted file mode 100755 index 52dbf4f13673..000000000000 --- a/bitnami/ksql/7.3/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh - -# -# Java post-unpack operations -# - -# Override default files in the Java security directory. This is used for -# custom base images (with custom CA certificates or block lists is used) - -if [[ -n "${JAVA_EXTRA_SECURITY_DIR:-}" ]] && ! is_dir_empty "$JAVA_EXTRA_SECURITY_DIR"; then - info "Adding custom CAs to the Java security folder" - cp -Lr "${JAVA_EXTRA_SECURITY_DIR}/." /opt/bitnami/java/lib/security -fi diff --git a/bitnami/ksql/7.3/debian-11/rootfs/opt/bitnami/scripts/ksql-env.sh b/bitnami/ksql/7.3/debian-11/rootfs/opt/bitnami/scripts/ksql-env.sh deleted file mode 100644 index cb85e657cdb1..000000000000 --- a/bitnami/ksql/7.3/debian-11/rootfs/opt/bitnami/scripts/ksql-env.sh +++ /dev/null @@ -1,71 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for ksql - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-ksql}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -ksql_env_vars=( - KSQL_MOUNTED_CONF_DIR - KSQL_LISTENERS - KSQL_SSL_KEYSTORE_PASSWORD - KSQL_SSL_TRUSTSTORE_PASSWORD - KSQL_CLIENT_AUTHENTICATION - KSQL_BOOTSTRAP_SERVERS -) -for env_var in "${ksql_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset ksql_env_vars - -# Paths -export KSQL_BASE_DIR="${BITNAMI_ROOT_DIR}/ksql" -export KSQL_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/ksql" -export KSQL_DATA_DIR="${KSQL_VOLUME_DIR}/data" -export KSQL_BIN_DIR="${KSQL_BASE_DIR}/bin" -export KSQL_CONF_DIR="${KSQL_BASE_DIR}/etc/ksqldb" -export KSQL_LOGS_DIR="${KSQL_BASE_DIR}/logs" -export KSQL_CONF_FILE="${KSQL_CONF_DIR}/ksql-server.properties" -export KSQL_MOUNTED_CONF_DIR="${KSQL_MOUNTED_CONF_DIR:-${KSQL_VOLUME_DIR}/etc}" -export KSQL_CERTS_DIR="${KSQL_BASE_DIR}/certs" - -# System users (when running with a privileged user) -export KSQL_DAEMON_USER="ksql" -export KSQL_DAEMON_GROUP="ksql" -export KSQL_DEFAULT_LISTENERS="http://0.0.0.0:8088" # only used at build time -export KSQL_DEFAULT_BOOTSTRAP_SERVERS="localhost:9092" # only used at build time - -# KSQL settings -export KSQL_LISTENERS="${KSQL_LISTENERS:-}" -export KSQL_SSL_KEYSTORE_PASSWORD="${KSQL_SSL_KEYSTORE_PASSWORD:-}" -export KSQL_SSL_TRUSTSTORE_PASSWORD="${KSQL_SSL_TRUSTSTORE_PASSWORD:-}" -export KSQL_CLIENT_AUTHENTICATION="${KSQL_CLIENT_AUTHENTICATION:-}" -export KSQL_BOOTSTRAP_SERVERS="${KSQL_BOOTSTRAP_SERVERS:-}" - -# Custom environment variables may be defined below diff --git a/bitnami/ksql/7.3/debian-11/rootfs/opt/bitnami/scripts/ksql/entrypoint.sh b/bitnami/ksql/7.3/debian-11/rootfs/opt/bitnami/scripts/ksql/entrypoint.sh deleted file mode 100755 index 93eb4a6921a3..000000000000 --- a/bitnami/ksql/7.3/debian-11/rootfs/opt/bitnami/scripts/ksql/entrypoint.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libksql.sh -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -# Load KSQL environment variables -. /opt/bitnami/scripts/ksql-env.sh - -print_welcome_page - -if [[ "$1" = "/opt/bitnami/scripts/ksql/run.sh" ]]; then - info "** Starting KSQL setup **" - /opt/bitnami/scripts/ksql/setup.sh - info "** KSQL setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/ksql/7.3/debian-11/rootfs/opt/bitnami/scripts/ksql/postunpack.sh b/bitnami/ksql/7.3/debian-11/rootfs/opt/bitnami/scripts/ksql/postunpack.sh deleted file mode 100755 index 03bc0bf3cbc9..000000000000 --- a/bitnami/ksql/7.3/debian-11/rootfs/opt/bitnami/scripts/ksql/postunpack.sh +++ /dev/null @@ -1,73 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -# Load libraries -. /opt/bitnami/scripts/libksql.sh -. /opt/bitnami/scripts/libfs.sh - -# Load KSQL environment variables -. /opt/bitnami/scripts/ksql-env.sh - -# Auxiliar functions - -######################## -# Create default config file -# Globals: -# KSQL_CONF_DIR -# Arguments: -# None -# Returns: -# None -######################### -ksql_create_default_config_file() { - cat > "${KSQL_CONF_FILE}.default" << EOF -## The address(es) the socket server listens on. -## FORMAT: listener_name://hostname:port -## -listeners = ${KSQL_DEFAULT_LISTENERS} - -## The advertised address(es) the server is advertised on. -## FORMAT: listener_name://hostname:port -## -# advertised.listener = - -## Keystore & Trustore used to expose the REST API over HTTPS -## -ssl.client.authentication = NONE -# ssl.key.password = -# ssl.keystore.location = -# ssl.keystore.password = - -## List of Kafka brokers to connect to. -## FORMAT: broker_hostname:port -## -bootstrap.servers = ${KSQL_DEFAULT_BOOTSTRAP_SERVERS} - -## Schema Registry server to connect to: -## FORMAT: schema_registry_hostname:port -## -# ksql.schema.registry.url = - -## Login configuration -## -ksql.logging.processing.topic.auto.create = true -ksql.logging.processing.stream.auto.create = true -ksql.logging.processing.rows.include = false - -## Sets the storage directory for stateful operations -## -ksql.streams.state.dir = ${KSQL_DATA_DIR} -EOF -} - -# Create default configuration file -rm "$KSQL_CONF_FILE" -ksql_create_default_config_file -# Ensure directories used by KSQL exist and have proper ownership and permissions -for dir in "$KSQL_CONF_DIR" "$KSQL_DATA_DIR" "$KSQL_LOGS_DIR" "$KSQL_CERTS_DIR"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" -done diff --git a/bitnami/ksql/7.3/debian-11/rootfs/opt/bitnami/scripts/ksql/run.sh b/bitnami/ksql/7.3/debian-11/rootfs/opt/bitnami/scripts/ksql/run.sh deleted file mode 100755 index de3220ba5673..000000000000 --- a/bitnami/ksql/7.3/debian-11/rootfs/opt/bitnami/scripts/ksql/run.sh +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Load KSQL environment variables -. /opt/bitnami/scripts/ksql-env.sh - -info "** Starting KSQL **" - -__run_cmd="${KSQL_BIN_DIR}/ksql-server-start" -__run_flags=("$KSQL_CONF_FILE" "$@") - -if am_i_root; then - exec_as_user "$KSQL_DAEMON_USER" "$__run_cmd" "${__run_flags[@]}" -else - exec "$__run_cmd" "${__run_flags[@]}" -fi diff --git a/bitnami/ksql/7.3/debian-11/rootfs/opt/bitnami/scripts/ksql/setup.sh b/bitnami/ksql/7.3/debian-11/rootfs/opt/bitnami/scripts/ksql/setup.sh deleted file mode 100755 index 9844fc758155..000000000000 --- a/bitnami/ksql/7.3/debian-11/rootfs/opt/bitnami/scripts/ksql/setup.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libksql.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh - -# Load KSQL environment variables -. /opt/bitnami/scripts/ksql-env.sh - -# Ensure KSQL environment variables are valid -ksql_validate - -# Ensure 'daemon' user exists when running as 'root' -am_i_root && ensure_user_exists "$KSQL_DAEMON_USER" --group "$KSQL_DAEMON_GROUP" -for dir in "$KSQL_CONF_DIR" "$KSQL_DATA_DIR" "$KSQL_LOGS_DIR"; do - ensure_dir_exists "$dir" - am_i_root && chown -R "${KSQL_DAEMON_USER}:${KSQL_DAEMON_GROUP}" "$dir" -done - -# Ensure KSQL is initialized -ksql_initialize diff --git a/bitnami/ksql/7.3/debian-11/rootfs/opt/bitnami/scripts/libksql.sh b/bitnami/ksql/7.3/debian-11/rootfs/opt/bitnami/scripts/libksql.sh deleted file mode 100644 index 2751ec112a1e..000000000000 --- a/bitnami/ksql/7.3/debian-11/rootfs/opt/bitnami/scripts/libksql.sh +++ /dev/null @@ -1,230 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Confluent KSQL library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Return listeners ports -# Globals: -# KSQL_LISTENERS -# Arguments: -# $1 - Bucket name -# Returns: -# Boolean -######################### -ksql_ports() { - local ports - - if [[ -n "$KSQL_LISTENERS" ]]; then - read -r -a listeners <<< "$(tr ',;' ' ' <<< "$KSQL_LISTENERS")" - for l in "${listeners[@]}"; do - if [[ "$l" =~ [a-zA-Z]*://.*:([0-9]*) ]]; then - ports+=("${BASH_REMATCH[1]}") - fi - done - echo "${ports[@]}" - else - echo "8081" - fi -} - -######################## -# Return listeners protocols -# Globals: -# KSQL_LISTENERS -# Arguments: -# $1 - Bucket name -# Returns: -# Boolean -######################### -ksql_protocols() { - local protocols - - if [[ -n "$KSQL_LISTENERS" ]]; then - read -r -a listeners <<< "$(tr ',;' ' ' <<< "$KSQL_LISTENERS")" - for l in "${listeners[@]}"; do - if [[ "$l" =~ ([a-zA-Z]*)://.*:[0-9]* ]]; then - protocols+=("${BASH_REMATCH[1]}") - fi - done - echo "${protocols[@]}" - else - echo "http" - fi -} - -######################## -# Validate settings in KSQL_* env vars -# Globals: -# KSQL_* -# Arguments: -# None -# Returns: -# None -######################### -ksql_validate() { - info "Validating settings in KSQL_* env vars" - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - check_true_false_value() { - if ! is_true_false_value "${!1}"; then - print_validation_error "The allowed values for $1 are [true, false]" - fi - } - check_conflicting_ports() { - local -r total="$#" - for i in $(seq 1 "$((total - 1))"); do - for j in $(seq "$((i + 1))" "$total"); do - if (( "${!i}" == "${!j}" )); then - print_validation_error "There are listeners bound to the same port" - fi - done - done - } - check_allowed_port() { - local validate_port_args=() - ! am_i_root && validate_port_args+=("-unprivileged") - if ! err=$(validate_port "${validate_port_args[@]}" "$1"); then - print_validation_error "An invalid port was specified in the environment variable KSQL_LISTENERS: $err" - fi - } - - if [[ -n "$KSQL_LISTENERS" ]]; then - read -r -a ports <<< "$(ksql_ports)" - for port in "${ports[@]}"; do - check_allowed_port "$port" - done - [[ "${#ports[@]}" -gt 1 ]] && check_conflicting_ports "${ports[@]}" - read -r -a protocols <<< "$(ksql_protocols)" - if [[ "${protocols[*]}" =~ https ]]; then - if [[ ! -f ${KSQL_CERTS_DIR}/ssl.keystore.jks ]]; then - print_validation_error "In order to configure HTTPS access, you must mount your ssl.keystore.jks (and optionally the ssl.truststore.jks) to the ${KSQL_CERTS_DIR} directory." - fi - fi - fi - [[ -z "$KSQL_BOOTSTRAP_SERVERS" && ! -f "$KSQL_CONF_FILE" ]] && warn "KSQL_BOOTSTRAP_SERVERS should be provided" - - [[ "$error_code" -eq 0 ]] || return "$error_code" -} - -######################## -# Set a configuration setting value to the configuration file -# Globals: -# KSQL_* -# Arguments: -# $1 - key -# $2 - values (array) -# Returns: -# None -######################### -ksql_conf_set() { - local -r key="${1:?missing key}" - shift - local -r -a values=("$@") - - if [[ "${#values[@]}" -eq 0 ]]; then - stderr_print "missing value" - return 1 - elif [[ "${#values[@]}" -ne 1 ]]; then - for i in "${!values[@]}"; do - ksql_conf_set "${key[$i]}" "${values[$i]}" - done - else - value="${values[0]}" - # Check if the value was set before - if grep -q "^[# ]*$key\s*=.*" "$KSQL_CONF_FILE"; then - # Update the existing key - replace_in_file "$KSQL_CONF_FILE" "^[# ]*${key}\s*=.*" "${key} = ${value}" false - else - # Add a new key - printf '\n%s = %s' "$key" "$value" >>"$KSQL_CONF_FILE" - fi - fi -} - -######################## -# Wait for Kafka brokers to be up -# Globals: -# KSQL_* -# Arguments: -# None -# Returns: -# None -######################### -ksql_wait_for_kafka_brokers() { - local kafka_brokers - local host - local port - - info "Waiting for Kafka brokers to be up" - kafka_brokers="$(grep "^bootstrap.servers" "$KSQL_CONF_FILE" | cut -d '=' -f 2)" - read -r -a brokers <<< "$(tr ',;' ' ' <<< "${kafka_brokers/%,/}")" - for b in "${brokers[@]}"; do - if [[ "$b" =~ [_a-zA-Z]*://(.*):([0-9]*) ]]; then - host="${BASH_REMATCH[1]}" - port="${BASH_REMATCH[2]}" - if ! retry_while "debug_execute nc -z ${host} ${port}" 10 10; then - error "Failed to connect to the broker at $host:$port" - return 1 - fi - fi - done -} - -######################## -# Initialize Confluent KSQL -# Globals: -# KSQL_* -# Arguments: -# None -# Returns: -# None -######################### -ksql_initialize() { - info "Initializing Confluent KSQL" - - # Check for mounted configuration files - if ! is_dir_empty "$KSQL_MOUNTED_CONF_DIR"; then - cp -Lr "$KSQL_MOUNTED_CONF_DIR"/* "$KSQL_CONF_DIR" - fi - if [[ -f "$KSQL_CONF_FILE" ]]; then - info "Injected configuration file found. Skipping default configuration" - else - info "No injected configuration files found, creating default config file." - mv "${KSQL_CONF_FILE}.default" "$KSQL_CONF_FILE" - - # Kafka boostrap settings - [[ -n "$KSQL_BOOTSTRAP_SERVERS" ]] && ksql_conf_set "bootstrap.servers" "$KSQL_BOOTSTRAP_SERVERS" - # Listeners settings - if [[ -n "$KSQL_LISTENERS" ]]; then - ksql_conf_set "listeners" "$KSQL_LISTENERS" - read -r -a protocols <<< "$(ksql_protocols)" - if [[ "${protocols[*]}" =~ https ]]; then - ksql_conf_set "ssl.keystore.location" "${KSQL_CERTS_DIR}/ssl.keystore.jks" - [[ -n "$KSQL_SSL_KEYSTORE_PASSWORD" ]] && ksql_conf_set "ssl.keystore.password" "$KSQL_SSL_KEYSTORE_PASSWORD" - [[ -f "${KSQL_CERTS_DIR}/ssl.truststore.jks" ]] && ksql_conf_set "ssl.truststore.location" "${KSQL_CERTS_DIR}/ssl.truststore.jks" - [[ -n "$KSQL_SSL_TRUSTSTORE_PASSWORD" ]] && ksql_conf_set "ssl.truststore.password" "$KSQL_SSL_TRUSTSTORE_PASSWORD" - fi - [[ -n "$KSQL_CLIENT_AUTHENTICATION" ]] && ksql_conf_set "ssl.client.authentication" "$KSQL_CLIENT_AUTHENTICATION" - fi - fi - ksql_wait_for_kafka_brokers -} diff --git a/bitnami/ksql/7.3/debian-11/tags-info.yaml b/bitnami/ksql/7.3/debian-11/tags-info.yaml deleted file mode 100644 index 6a883e4c35d9..000000000000 --- a/bitnami/ksql/7.3/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "7.3" -- 7.3-debian-11 -- 7.3.7 diff --git a/bitnami/ksql/7.4/debian-11/Dockerfile b/bitnami/ksql/7.4/debian-11/Dockerfile deleted file mode 100644 index 5b2688a313fa..000000000000 --- a/bitnami/ksql/7.4/debian-11/Dockerfile +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG JAVA_EXTRA_SECURITY_DIR="/bitnami/java/extra-security" -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T16:54:57Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="7.4.4-debian-11-r21" \ - org.opencontainers.image.title="ksql" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="7.4.4" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl netcat-openbsd procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "java-17.0.10-13-1-linux-${OS_ARCH}-debian-11" \ - "ksql-7.4.4-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/java/postunpack.sh -RUN /opt/bitnami/scripts/ksql/postunpack.sh -ENV APP_VERSION="7.4.4" \ - BITNAMI_APP_NAME="ksql" \ - JAVA_HOME="/opt/bitnami/java" \ - PATH="/opt/bitnami/java/bin:/opt/bitnami/common/bin:/opt/bitnami/ksql/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/ksql/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/ksql/run.sh" ] diff --git a/bitnami/ksql/7.4/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/ksql/7.4/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index f44308fa7fcf..000000000000 --- a/bitnami/ksql/7.4/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "java": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "17.0.10-13-1" - }, - "ksql": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "7.4.4-1" - } -} \ No newline at end of file diff --git a/bitnami/ksql/7.4/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/ksql/7.4/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/ksql/7.4/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/ksql/7.4/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/ksql/7.4/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/ksql/7.4/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/ksql/7.4/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/ksql/7.4/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/ksql/7.4/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/ksql/7.4/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/ksql/7.4/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/ksql/7.4/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/ksql/7.4/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/ksql/7.4/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/ksql/7.4/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/ksql/7.4/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/ksql/7.4/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/ksql/7.4/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/ksql/7.4/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/ksql/7.4/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/ksql/7.4/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/ksql/7.4/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/ksql/7.4/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/ksql/7.4/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/ksql/7.4/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/ksql/7.4/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/ksql/7.4/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/ksql/7.4/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/ksql/7.4/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/ksql/7.4/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/ksql/7.4/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/ksql/7.4/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/ksql/7.4/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/ksql/7.4/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/ksql/7.4/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/ksql/7.4/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/ksql/7.4/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/ksql/7.4/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/ksql/7.4/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/ksql/7.4/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/ksql/7.4/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/ksql/7.4/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/ksql/7.4/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh b/bitnami/ksql/7.4/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh deleted file mode 100755 index c3a1e2383fa1..000000000000 --- a/bitnami/ksql/7.4/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -print_welcome_page - -echo "" -exec "$@" diff --git a/bitnami/ksql/7.4/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh b/bitnami/ksql/7.4/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh deleted file mode 100755 index 52dbf4f13673..000000000000 --- a/bitnami/ksql/7.4/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh - -# -# Java post-unpack operations -# - -# Override default files in the Java security directory. This is used for -# custom base images (with custom CA certificates or block lists is used) - -if [[ -n "${JAVA_EXTRA_SECURITY_DIR:-}" ]] && ! is_dir_empty "$JAVA_EXTRA_SECURITY_DIR"; then - info "Adding custom CAs to the Java security folder" - cp -Lr "${JAVA_EXTRA_SECURITY_DIR}/." /opt/bitnami/java/lib/security -fi diff --git a/bitnami/ksql/7.4/debian-11/rootfs/opt/bitnami/scripts/ksql-env.sh b/bitnami/ksql/7.4/debian-11/rootfs/opt/bitnami/scripts/ksql-env.sh deleted file mode 100644 index cb85e657cdb1..000000000000 --- a/bitnami/ksql/7.4/debian-11/rootfs/opt/bitnami/scripts/ksql-env.sh +++ /dev/null @@ -1,71 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for ksql - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-ksql}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -ksql_env_vars=( - KSQL_MOUNTED_CONF_DIR - KSQL_LISTENERS - KSQL_SSL_KEYSTORE_PASSWORD - KSQL_SSL_TRUSTSTORE_PASSWORD - KSQL_CLIENT_AUTHENTICATION - KSQL_BOOTSTRAP_SERVERS -) -for env_var in "${ksql_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset ksql_env_vars - -# Paths -export KSQL_BASE_DIR="${BITNAMI_ROOT_DIR}/ksql" -export KSQL_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/ksql" -export KSQL_DATA_DIR="${KSQL_VOLUME_DIR}/data" -export KSQL_BIN_DIR="${KSQL_BASE_DIR}/bin" -export KSQL_CONF_DIR="${KSQL_BASE_DIR}/etc/ksqldb" -export KSQL_LOGS_DIR="${KSQL_BASE_DIR}/logs" -export KSQL_CONF_FILE="${KSQL_CONF_DIR}/ksql-server.properties" -export KSQL_MOUNTED_CONF_DIR="${KSQL_MOUNTED_CONF_DIR:-${KSQL_VOLUME_DIR}/etc}" -export KSQL_CERTS_DIR="${KSQL_BASE_DIR}/certs" - -# System users (when running with a privileged user) -export KSQL_DAEMON_USER="ksql" -export KSQL_DAEMON_GROUP="ksql" -export KSQL_DEFAULT_LISTENERS="http://0.0.0.0:8088" # only used at build time -export KSQL_DEFAULT_BOOTSTRAP_SERVERS="localhost:9092" # only used at build time - -# KSQL settings -export KSQL_LISTENERS="${KSQL_LISTENERS:-}" -export KSQL_SSL_KEYSTORE_PASSWORD="${KSQL_SSL_KEYSTORE_PASSWORD:-}" -export KSQL_SSL_TRUSTSTORE_PASSWORD="${KSQL_SSL_TRUSTSTORE_PASSWORD:-}" -export KSQL_CLIENT_AUTHENTICATION="${KSQL_CLIENT_AUTHENTICATION:-}" -export KSQL_BOOTSTRAP_SERVERS="${KSQL_BOOTSTRAP_SERVERS:-}" - -# Custom environment variables may be defined below diff --git a/bitnami/ksql/7.4/debian-11/rootfs/opt/bitnami/scripts/ksql/entrypoint.sh b/bitnami/ksql/7.4/debian-11/rootfs/opt/bitnami/scripts/ksql/entrypoint.sh deleted file mode 100755 index 93eb4a6921a3..000000000000 --- a/bitnami/ksql/7.4/debian-11/rootfs/opt/bitnami/scripts/ksql/entrypoint.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libksql.sh -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -# Load KSQL environment variables -. /opt/bitnami/scripts/ksql-env.sh - -print_welcome_page - -if [[ "$1" = "/opt/bitnami/scripts/ksql/run.sh" ]]; then - info "** Starting KSQL setup **" - /opt/bitnami/scripts/ksql/setup.sh - info "** KSQL setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/ksql/7.4/debian-11/rootfs/opt/bitnami/scripts/ksql/postunpack.sh b/bitnami/ksql/7.4/debian-11/rootfs/opt/bitnami/scripts/ksql/postunpack.sh deleted file mode 100755 index 03bc0bf3cbc9..000000000000 --- a/bitnami/ksql/7.4/debian-11/rootfs/opt/bitnami/scripts/ksql/postunpack.sh +++ /dev/null @@ -1,73 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -# Load libraries -. /opt/bitnami/scripts/libksql.sh -. /opt/bitnami/scripts/libfs.sh - -# Load KSQL environment variables -. /opt/bitnami/scripts/ksql-env.sh - -# Auxiliar functions - -######################## -# Create default config file -# Globals: -# KSQL_CONF_DIR -# Arguments: -# None -# Returns: -# None -######################### -ksql_create_default_config_file() { - cat > "${KSQL_CONF_FILE}.default" << EOF -## The address(es) the socket server listens on. -## FORMAT: listener_name://hostname:port -## -listeners = ${KSQL_DEFAULT_LISTENERS} - -## The advertised address(es) the server is advertised on. -## FORMAT: listener_name://hostname:port -## -# advertised.listener = - -## Keystore & Trustore used to expose the REST API over HTTPS -## -ssl.client.authentication = NONE -# ssl.key.password = -# ssl.keystore.location = -# ssl.keystore.password = - -## List of Kafka brokers to connect to. -## FORMAT: broker_hostname:port -## -bootstrap.servers = ${KSQL_DEFAULT_BOOTSTRAP_SERVERS} - -## Schema Registry server to connect to: -## FORMAT: schema_registry_hostname:port -## -# ksql.schema.registry.url = - -## Login configuration -## -ksql.logging.processing.topic.auto.create = true -ksql.logging.processing.stream.auto.create = true -ksql.logging.processing.rows.include = false - -## Sets the storage directory for stateful operations -## -ksql.streams.state.dir = ${KSQL_DATA_DIR} -EOF -} - -# Create default configuration file -rm "$KSQL_CONF_FILE" -ksql_create_default_config_file -# Ensure directories used by KSQL exist and have proper ownership and permissions -for dir in "$KSQL_CONF_DIR" "$KSQL_DATA_DIR" "$KSQL_LOGS_DIR" "$KSQL_CERTS_DIR"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" -done diff --git a/bitnami/ksql/7.4/debian-11/rootfs/opt/bitnami/scripts/ksql/run.sh b/bitnami/ksql/7.4/debian-11/rootfs/opt/bitnami/scripts/ksql/run.sh deleted file mode 100755 index de3220ba5673..000000000000 --- a/bitnami/ksql/7.4/debian-11/rootfs/opt/bitnami/scripts/ksql/run.sh +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Load KSQL environment variables -. /opt/bitnami/scripts/ksql-env.sh - -info "** Starting KSQL **" - -__run_cmd="${KSQL_BIN_DIR}/ksql-server-start" -__run_flags=("$KSQL_CONF_FILE" "$@") - -if am_i_root; then - exec_as_user "$KSQL_DAEMON_USER" "$__run_cmd" "${__run_flags[@]}" -else - exec "$__run_cmd" "${__run_flags[@]}" -fi diff --git a/bitnami/ksql/7.4/debian-11/rootfs/opt/bitnami/scripts/ksql/setup.sh b/bitnami/ksql/7.4/debian-11/rootfs/opt/bitnami/scripts/ksql/setup.sh deleted file mode 100755 index 9844fc758155..000000000000 --- a/bitnami/ksql/7.4/debian-11/rootfs/opt/bitnami/scripts/ksql/setup.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libksql.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh - -# Load KSQL environment variables -. /opt/bitnami/scripts/ksql-env.sh - -# Ensure KSQL environment variables are valid -ksql_validate - -# Ensure 'daemon' user exists when running as 'root' -am_i_root && ensure_user_exists "$KSQL_DAEMON_USER" --group "$KSQL_DAEMON_GROUP" -for dir in "$KSQL_CONF_DIR" "$KSQL_DATA_DIR" "$KSQL_LOGS_DIR"; do - ensure_dir_exists "$dir" - am_i_root && chown -R "${KSQL_DAEMON_USER}:${KSQL_DAEMON_GROUP}" "$dir" -done - -# Ensure KSQL is initialized -ksql_initialize diff --git a/bitnami/ksql/7.4/debian-11/rootfs/opt/bitnami/scripts/libksql.sh b/bitnami/ksql/7.4/debian-11/rootfs/opt/bitnami/scripts/libksql.sh deleted file mode 100644 index 2751ec112a1e..000000000000 --- a/bitnami/ksql/7.4/debian-11/rootfs/opt/bitnami/scripts/libksql.sh +++ /dev/null @@ -1,230 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Confluent KSQL library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Return listeners ports -# Globals: -# KSQL_LISTENERS -# Arguments: -# $1 - Bucket name -# Returns: -# Boolean -######################### -ksql_ports() { - local ports - - if [[ -n "$KSQL_LISTENERS" ]]; then - read -r -a listeners <<< "$(tr ',;' ' ' <<< "$KSQL_LISTENERS")" - for l in "${listeners[@]}"; do - if [[ "$l" =~ [a-zA-Z]*://.*:([0-9]*) ]]; then - ports+=("${BASH_REMATCH[1]}") - fi - done - echo "${ports[@]}" - else - echo "8081" - fi -} - -######################## -# Return listeners protocols -# Globals: -# KSQL_LISTENERS -# Arguments: -# $1 - Bucket name -# Returns: -# Boolean -######################### -ksql_protocols() { - local protocols - - if [[ -n "$KSQL_LISTENERS" ]]; then - read -r -a listeners <<< "$(tr ',;' ' ' <<< "$KSQL_LISTENERS")" - for l in "${listeners[@]}"; do - if [[ "$l" =~ ([a-zA-Z]*)://.*:[0-9]* ]]; then - protocols+=("${BASH_REMATCH[1]}") - fi - done - echo "${protocols[@]}" - else - echo "http" - fi -} - -######################## -# Validate settings in KSQL_* env vars -# Globals: -# KSQL_* -# Arguments: -# None -# Returns: -# None -######################### -ksql_validate() { - info "Validating settings in KSQL_* env vars" - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - check_true_false_value() { - if ! is_true_false_value "${!1}"; then - print_validation_error "The allowed values for $1 are [true, false]" - fi - } - check_conflicting_ports() { - local -r total="$#" - for i in $(seq 1 "$((total - 1))"); do - for j in $(seq "$((i + 1))" "$total"); do - if (( "${!i}" == "${!j}" )); then - print_validation_error "There are listeners bound to the same port" - fi - done - done - } - check_allowed_port() { - local validate_port_args=() - ! am_i_root && validate_port_args+=("-unprivileged") - if ! err=$(validate_port "${validate_port_args[@]}" "$1"); then - print_validation_error "An invalid port was specified in the environment variable KSQL_LISTENERS: $err" - fi - } - - if [[ -n "$KSQL_LISTENERS" ]]; then - read -r -a ports <<< "$(ksql_ports)" - for port in "${ports[@]}"; do - check_allowed_port "$port" - done - [[ "${#ports[@]}" -gt 1 ]] && check_conflicting_ports "${ports[@]}" - read -r -a protocols <<< "$(ksql_protocols)" - if [[ "${protocols[*]}" =~ https ]]; then - if [[ ! -f ${KSQL_CERTS_DIR}/ssl.keystore.jks ]]; then - print_validation_error "In order to configure HTTPS access, you must mount your ssl.keystore.jks (and optionally the ssl.truststore.jks) to the ${KSQL_CERTS_DIR} directory." - fi - fi - fi - [[ -z "$KSQL_BOOTSTRAP_SERVERS" && ! -f "$KSQL_CONF_FILE" ]] && warn "KSQL_BOOTSTRAP_SERVERS should be provided" - - [[ "$error_code" -eq 0 ]] || return "$error_code" -} - -######################## -# Set a configuration setting value to the configuration file -# Globals: -# KSQL_* -# Arguments: -# $1 - key -# $2 - values (array) -# Returns: -# None -######################### -ksql_conf_set() { - local -r key="${1:?missing key}" - shift - local -r -a values=("$@") - - if [[ "${#values[@]}" -eq 0 ]]; then - stderr_print "missing value" - return 1 - elif [[ "${#values[@]}" -ne 1 ]]; then - for i in "${!values[@]}"; do - ksql_conf_set "${key[$i]}" "${values[$i]}" - done - else - value="${values[0]}" - # Check if the value was set before - if grep -q "^[# ]*$key\s*=.*" "$KSQL_CONF_FILE"; then - # Update the existing key - replace_in_file "$KSQL_CONF_FILE" "^[# ]*${key}\s*=.*" "${key} = ${value}" false - else - # Add a new key - printf '\n%s = %s' "$key" "$value" >>"$KSQL_CONF_FILE" - fi - fi -} - -######################## -# Wait for Kafka brokers to be up -# Globals: -# KSQL_* -# Arguments: -# None -# Returns: -# None -######################### -ksql_wait_for_kafka_brokers() { - local kafka_brokers - local host - local port - - info "Waiting for Kafka brokers to be up" - kafka_brokers="$(grep "^bootstrap.servers" "$KSQL_CONF_FILE" | cut -d '=' -f 2)" - read -r -a brokers <<< "$(tr ',;' ' ' <<< "${kafka_brokers/%,/}")" - for b in "${brokers[@]}"; do - if [[ "$b" =~ [_a-zA-Z]*://(.*):([0-9]*) ]]; then - host="${BASH_REMATCH[1]}" - port="${BASH_REMATCH[2]}" - if ! retry_while "debug_execute nc -z ${host} ${port}" 10 10; then - error "Failed to connect to the broker at $host:$port" - return 1 - fi - fi - done -} - -######################## -# Initialize Confluent KSQL -# Globals: -# KSQL_* -# Arguments: -# None -# Returns: -# None -######################### -ksql_initialize() { - info "Initializing Confluent KSQL" - - # Check for mounted configuration files - if ! is_dir_empty "$KSQL_MOUNTED_CONF_DIR"; then - cp -Lr "$KSQL_MOUNTED_CONF_DIR"/* "$KSQL_CONF_DIR" - fi - if [[ -f "$KSQL_CONF_FILE" ]]; then - info "Injected configuration file found. Skipping default configuration" - else - info "No injected configuration files found, creating default config file." - mv "${KSQL_CONF_FILE}.default" "$KSQL_CONF_FILE" - - # Kafka boostrap settings - [[ -n "$KSQL_BOOTSTRAP_SERVERS" ]] && ksql_conf_set "bootstrap.servers" "$KSQL_BOOTSTRAP_SERVERS" - # Listeners settings - if [[ -n "$KSQL_LISTENERS" ]]; then - ksql_conf_set "listeners" "$KSQL_LISTENERS" - read -r -a protocols <<< "$(ksql_protocols)" - if [[ "${protocols[*]}" =~ https ]]; then - ksql_conf_set "ssl.keystore.location" "${KSQL_CERTS_DIR}/ssl.keystore.jks" - [[ -n "$KSQL_SSL_KEYSTORE_PASSWORD" ]] && ksql_conf_set "ssl.keystore.password" "$KSQL_SSL_KEYSTORE_PASSWORD" - [[ -f "${KSQL_CERTS_DIR}/ssl.truststore.jks" ]] && ksql_conf_set "ssl.truststore.location" "${KSQL_CERTS_DIR}/ssl.truststore.jks" - [[ -n "$KSQL_SSL_TRUSTSTORE_PASSWORD" ]] && ksql_conf_set "ssl.truststore.password" "$KSQL_SSL_TRUSTSTORE_PASSWORD" - fi - [[ -n "$KSQL_CLIENT_AUTHENTICATION" ]] && ksql_conf_set "ssl.client.authentication" "$KSQL_CLIENT_AUTHENTICATION" - fi - fi - ksql_wait_for_kafka_brokers -} diff --git a/bitnami/ksql/7.4/debian-11/tags-info.yaml b/bitnami/ksql/7.4/debian-11/tags-info.yaml deleted file mode 100644 index 1882725ec65e..000000000000 --- a/bitnami/ksql/7.4/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "7.4" -- 7.4-debian-11 -- 7.4.4 diff --git a/bitnami/ksql/7.5/debian-11/Dockerfile b/bitnami/ksql/7.5/debian-11/Dockerfile deleted file mode 100644 index 9a639a394c9e..000000000000 --- a/bitnami/ksql/7.5/debian-11/Dockerfile +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG JAVA_EXTRA_SECURITY_DIR="/bitnami/java/extra-security" -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T16:57:28Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="7.5.3-debian-11-r22" \ - org.opencontainers.image.title="ksql" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="7.5.3" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl netcat-openbsd procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "java-17.0.10-13-1-linux-${OS_ARCH}-debian-11" \ - "ksql-7.5.3-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/java/postunpack.sh -RUN /opt/bitnami/scripts/ksql/postunpack.sh -ENV APP_VERSION="7.5.3" \ - BITNAMI_APP_NAME="ksql" \ - JAVA_HOME="/opt/bitnami/java" \ - PATH="/opt/bitnami/java/bin:/opt/bitnami/common/bin:/opt/bitnami/ksql/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/ksql/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/ksql/run.sh" ] diff --git a/bitnami/ksql/7.5/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/ksql/7.5/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 667ad766befa..000000000000 --- a/bitnami/ksql/7.5/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "java": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "17.0.10-13-1" - }, - "ksql": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "7.5.3-1" - } -} \ No newline at end of file diff --git a/bitnami/ksql/7.5/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/ksql/7.5/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/ksql/7.5/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/ksql/7.5/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/ksql/7.5/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/ksql/7.5/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/ksql/7.5/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/ksql/7.5/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/ksql/7.5/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/ksql/7.5/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/ksql/7.5/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/ksql/7.5/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/ksql/7.5/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/ksql/7.5/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/ksql/7.5/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/ksql/7.5/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/ksql/7.5/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/ksql/7.5/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/ksql/7.5/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/ksql/7.5/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/ksql/7.5/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/ksql/7.5/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/ksql/7.5/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/ksql/7.5/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/ksql/7.5/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/ksql/7.5/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/ksql/7.5/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/ksql/7.5/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/ksql/7.5/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/ksql/7.5/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/ksql/7.5/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/ksql/7.5/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/ksql/7.5/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/ksql/7.5/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/ksql/7.5/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/ksql/7.5/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/ksql/7.5/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/ksql/7.5/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/ksql/7.5/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/ksql/7.5/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/ksql/7.5/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/ksql/7.5/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/ksql/7.5/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh b/bitnami/ksql/7.5/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh deleted file mode 100755 index c3a1e2383fa1..000000000000 --- a/bitnami/ksql/7.5/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -print_welcome_page - -echo "" -exec "$@" diff --git a/bitnami/ksql/7.5/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh b/bitnami/ksql/7.5/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh deleted file mode 100755 index 52dbf4f13673..000000000000 --- a/bitnami/ksql/7.5/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh - -# -# Java post-unpack operations -# - -# Override default files in the Java security directory. This is used for -# custom base images (with custom CA certificates or block lists is used) - -if [[ -n "${JAVA_EXTRA_SECURITY_DIR:-}" ]] && ! is_dir_empty "$JAVA_EXTRA_SECURITY_DIR"; then - info "Adding custom CAs to the Java security folder" - cp -Lr "${JAVA_EXTRA_SECURITY_DIR}/." /opt/bitnami/java/lib/security -fi diff --git a/bitnami/ksql/7.5/debian-11/rootfs/opt/bitnami/scripts/ksql-env.sh b/bitnami/ksql/7.5/debian-11/rootfs/opt/bitnami/scripts/ksql-env.sh deleted file mode 100644 index cb85e657cdb1..000000000000 --- a/bitnami/ksql/7.5/debian-11/rootfs/opt/bitnami/scripts/ksql-env.sh +++ /dev/null @@ -1,71 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for ksql - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-ksql}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -ksql_env_vars=( - KSQL_MOUNTED_CONF_DIR - KSQL_LISTENERS - KSQL_SSL_KEYSTORE_PASSWORD - KSQL_SSL_TRUSTSTORE_PASSWORD - KSQL_CLIENT_AUTHENTICATION - KSQL_BOOTSTRAP_SERVERS -) -for env_var in "${ksql_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset ksql_env_vars - -# Paths -export KSQL_BASE_DIR="${BITNAMI_ROOT_DIR}/ksql" -export KSQL_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/ksql" -export KSQL_DATA_DIR="${KSQL_VOLUME_DIR}/data" -export KSQL_BIN_DIR="${KSQL_BASE_DIR}/bin" -export KSQL_CONF_DIR="${KSQL_BASE_DIR}/etc/ksqldb" -export KSQL_LOGS_DIR="${KSQL_BASE_DIR}/logs" -export KSQL_CONF_FILE="${KSQL_CONF_DIR}/ksql-server.properties" -export KSQL_MOUNTED_CONF_DIR="${KSQL_MOUNTED_CONF_DIR:-${KSQL_VOLUME_DIR}/etc}" -export KSQL_CERTS_DIR="${KSQL_BASE_DIR}/certs" - -# System users (when running with a privileged user) -export KSQL_DAEMON_USER="ksql" -export KSQL_DAEMON_GROUP="ksql" -export KSQL_DEFAULT_LISTENERS="http://0.0.0.0:8088" # only used at build time -export KSQL_DEFAULT_BOOTSTRAP_SERVERS="localhost:9092" # only used at build time - -# KSQL settings -export KSQL_LISTENERS="${KSQL_LISTENERS:-}" -export KSQL_SSL_KEYSTORE_PASSWORD="${KSQL_SSL_KEYSTORE_PASSWORD:-}" -export KSQL_SSL_TRUSTSTORE_PASSWORD="${KSQL_SSL_TRUSTSTORE_PASSWORD:-}" -export KSQL_CLIENT_AUTHENTICATION="${KSQL_CLIENT_AUTHENTICATION:-}" -export KSQL_BOOTSTRAP_SERVERS="${KSQL_BOOTSTRAP_SERVERS:-}" - -# Custom environment variables may be defined below diff --git a/bitnami/ksql/7.5/debian-11/rootfs/opt/bitnami/scripts/ksql/entrypoint.sh b/bitnami/ksql/7.5/debian-11/rootfs/opt/bitnami/scripts/ksql/entrypoint.sh deleted file mode 100755 index 93eb4a6921a3..000000000000 --- a/bitnami/ksql/7.5/debian-11/rootfs/opt/bitnami/scripts/ksql/entrypoint.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libksql.sh -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -# Load KSQL environment variables -. /opt/bitnami/scripts/ksql-env.sh - -print_welcome_page - -if [[ "$1" = "/opt/bitnami/scripts/ksql/run.sh" ]]; then - info "** Starting KSQL setup **" - /opt/bitnami/scripts/ksql/setup.sh - info "** KSQL setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/ksql/7.5/debian-11/rootfs/opt/bitnami/scripts/ksql/postunpack.sh b/bitnami/ksql/7.5/debian-11/rootfs/opt/bitnami/scripts/ksql/postunpack.sh deleted file mode 100755 index 03bc0bf3cbc9..000000000000 --- a/bitnami/ksql/7.5/debian-11/rootfs/opt/bitnami/scripts/ksql/postunpack.sh +++ /dev/null @@ -1,73 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -# Load libraries -. /opt/bitnami/scripts/libksql.sh -. /opt/bitnami/scripts/libfs.sh - -# Load KSQL environment variables -. /opt/bitnami/scripts/ksql-env.sh - -# Auxiliar functions - -######################## -# Create default config file -# Globals: -# KSQL_CONF_DIR -# Arguments: -# None -# Returns: -# None -######################### -ksql_create_default_config_file() { - cat > "${KSQL_CONF_FILE}.default" << EOF -## The address(es) the socket server listens on. -## FORMAT: listener_name://hostname:port -## -listeners = ${KSQL_DEFAULT_LISTENERS} - -## The advertised address(es) the server is advertised on. -## FORMAT: listener_name://hostname:port -## -# advertised.listener = - -## Keystore & Trustore used to expose the REST API over HTTPS -## -ssl.client.authentication = NONE -# ssl.key.password = -# ssl.keystore.location = -# ssl.keystore.password = - -## List of Kafka brokers to connect to. -## FORMAT: broker_hostname:port -## -bootstrap.servers = ${KSQL_DEFAULT_BOOTSTRAP_SERVERS} - -## Schema Registry server to connect to: -## FORMAT: schema_registry_hostname:port -## -# ksql.schema.registry.url = - -## Login configuration -## -ksql.logging.processing.topic.auto.create = true -ksql.logging.processing.stream.auto.create = true -ksql.logging.processing.rows.include = false - -## Sets the storage directory for stateful operations -## -ksql.streams.state.dir = ${KSQL_DATA_DIR} -EOF -} - -# Create default configuration file -rm "$KSQL_CONF_FILE" -ksql_create_default_config_file -# Ensure directories used by KSQL exist and have proper ownership and permissions -for dir in "$KSQL_CONF_DIR" "$KSQL_DATA_DIR" "$KSQL_LOGS_DIR" "$KSQL_CERTS_DIR"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" -done diff --git a/bitnami/ksql/7.5/debian-11/rootfs/opt/bitnami/scripts/ksql/run.sh b/bitnami/ksql/7.5/debian-11/rootfs/opt/bitnami/scripts/ksql/run.sh deleted file mode 100755 index de3220ba5673..000000000000 --- a/bitnami/ksql/7.5/debian-11/rootfs/opt/bitnami/scripts/ksql/run.sh +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Load KSQL environment variables -. /opt/bitnami/scripts/ksql-env.sh - -info "** Starting KSQL **" - -__run_cmd="${KSQL_BIN_DIR}/ksql-server-start" -__run_flags=("$KSQL_CONF_FILE" "$@") - -if am_i_root; then - exec_as_user "$KSQL_DAEMON_USER" "$__run_cmd" "${__run_flags[@]}" -else - exec "$__run_cmd" "${__run_flags[@]}" -fi diff --git a/bitnami/ksql/7.5/debian-11/rootfs/opt/bitnami/scripts/ksql/setup.sh b/bitnami/ksql/7.5/debian-11/rootfs/opt/bitnami/scripts/ksql/setup.sh deleted file mode 100755 index 9844fc758155..000000000000 --- a/bitnami/ksql/7.5/debian-11/rootfs/opt/bitnami/scripts/ksql/setup.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libksql.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh - -# Load KSQL environment variables -. /opt/bitnami/scripts/ksql-env.sh - -# Ensure KSQL environment variables are valid -ksql_validate - -# Ensure 'daemon' user exists when running as 'root' -am_i_root && ensure_user_exists "$KSQL_DAEMON_USER" --group "$KSQL_DAEMON_GROUP" -for dir in "$KSQL_CONF_DIR" "$KSQL_DATA_DIR" "$KSQL_LOGS_DIR"; do - ensure_dir_exists "$dir" - am_i_root && chown -R "${KSQL_DAEMON_USER}:${KSQL_DAEMON_GROUP}" "$dir" -done - -# Ensure KSQL is initialized -ksql_initialize diff --git a/bitnami/ksql/7.5/debian-11/rootfs/opt/bitnami/scripts/libksql.sh b/bitnami/ksql/7.5/debian-11/rootfs/opt/bitnami/scripts/libksql.sh deleted file mode 100644 index 2751ec112a1e..000000000000 --- a/bitnami/ksql/7.5/debian-11/rootfs/opt/bitnami/scripts/libksql.sh +++ /dev/null @@ -1,230 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Confluent KSQL library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Return listeners ports -# Globals: -# KSQL_LISTENERS -# Arguments: -# $1 - Bucket name -# Returns: -# Boolean -######################### -ksql_ports() { - local ports - - if [[ -n "$KSQL_LISTENERS" ]]; then - read -r -a listeners <<< "$(tr ',;' ' ' <<< "$KSQL_LISTENERS")" - for l in "${listeners[@]}"; do - if [[ "$l" =~ [a-zA-Z]*://.*:([0-9]*) ]]; then - ports+=("${BASH_REMATCH[1]}") - fi - done - echo "${ports[@]}" - else - echo "8081" - fi -} - -######################## -# Return listeners protocols -# Globals: -# KSQL_LISTENERS -# Arguments: -# $1 - Bucket name -# Returns: -# Boolean -######################### -ksql_protocols() { - local protocols - - if [[ -n "$KSQL_LISTENERS" ]]; then - read -r -a listeners <<< "$(tr ',;' ' ' <<< "$KSQL_LISTENERS")" - for l in "${listeners[@]}"; do - if [[ "$l" =~ ([a-zA-Z]*)://.*:[0-9]* ]]; then - protocols+=("${BASH_REMATCH[1]}") - fi - done - echo "${protocols[@]}" - else - echo "http" - fi -} - -######################## -# Validate settings in KSQL_* env vars -# Globals: -# KSQL_* -# Arguments: -# None -# Returns: -# None -######################### -ksql_validate() { - info "Validating settings in KSQL_* env vars" - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - check_true_false_value() { - if ! is_true_false_value "${!1}"; then - print_validation_error "The allowed values for $1 are [true, false]" - fi - } - check_conflicting_ports() { - local -r total="$#" - for i in $(seq 1 "$((total - 1))"); do - for j in $(seq "$((i + 1))" "$total"); do - if (( "${!i}" == "${!j}" )); then - print_validation_error "There are listeners bound to the same port" - fi - done - done - } - check_allowed_port() { - local validate_port_args=() - ! am_i_root && validate_port_args+=("-unprivileged") - if ! err=$(validate_port "${validate_port_args[@]}" "$1"); then - print_validation_error "An invalid port was specified in the environment variable KSQL_LISTENERS: $err" - fi - } - - if [[ -n "$KSQL_LISTENERS" ]]; then - read -r -a ports <<< "$(ksql_ports)" - for port in "${ports[@]}"; do - check_allowed_port "$port" - done - [[ "${#ports[@]}" -gt 1 ]] && check_conflicting_ports "${ports[@]}" - read -r -a protocols <<< "$(ksql_protocols)" - if [[ "${protocols[*]}" =~ https ]]; then - if [[ ! -f ${KSQL_CERTS_DIR}/ssl.keystore.jks ]]; then - print_validation_error "In order to configure HTTPS access, you must mount your ssl.keystore.jks (and optionally the ssl.truststore.jks) to the ${KSQL_CERTS_DIR} directory." - fi - fi - fi - [[ -z "$KSQL_BOOTSTRAP_SERVERS" && ! -f "$KSQL_CONF_FILE" ]] && warn "KSQL_BOOTSTRAP_SERVERS should be provided" - - [[ "$error_code" -eq 0 ]] || return "$error_code" -} - -######################## -# Set a configuration setting value to the configuration file -# Globals: -# KSQL_* -# Arguments: -# $1 - key -# $2 - values (array) -# Returns: -# None -######################### -ksql_conf_set() { - local -r key="${1:?missing key}" - shift - local -r -a values=("$@") - - if [[ "${#values[@]}" -eq 0 ]]; then - stderr_print "missing value" - return 1 - elif [[ "${#values[@]}" -ne 1 ]]; then - for i in "${!values[@]}"; do - ksql_conf_set "${key[$i]}" "${values[$i]}" - done - else - value="${values[0]}" - # Check if the value was set before - if grep -q "^[# ]*$key\s*=.*" "$KSQL_CONF_FILE"; then - # Update the existing key - replace_in_file "$KSQL_CONF_FILE" "^[# ]*${key}\s*=.*" "${key} = ${value}" false - else - # Add a new key - printf '\n%s = %s' "$key" "$value" >>"$KSQL_CONF_FILE" - fi - fi -} - -######################## -# Wait for Kafka brokers to be up -# Globals: -# KSQL_* -# Arguments: -# None -# Returns: -# None -######################### -ksql_wait_for_kafka_brokers() { - local kafka_brokers - local host - local port - - info "Waiting for Kafka brokers to be up" - kafka_brokers="$(grep "^bootstrap.servers" "$KSQL_CONF_FILE" | cut -d '=' -f 2)" - read -r -a brokers <<< "$(tr ',;' ' ' <<< "${kafka_brokers/%,/}")" - for b in "${brokers[@]}"; do - if [[ "$b" =~ [_a-zA-Z]*://(.*):([0-9]*) ]]; then - host="${BASH_REMATCH[1]}" - port="${BASH_REMATCH[2]}" - if ! retry_while "debug_execute nc -z ${host} ${port}" 10 10; then - error "Failed to connect to the broker at $host:$port" - return 1 - fi - fi - done -} - -######################## -# Initialize Confluent KSQL -# Globals: -# KSQL_* -# Arguments: -# None -# Returns: -# None -######################### -ksql_initialize() { - info "Initializing Confluent KSQL" - - # Check for mounted configuration files - if ! is_dir_empty "$KSQL_MOUNTED_CONF_DIR"; then - cp -Lr "$KSQL_MOUNTED_CONF_DIR"/* "$KSQL_CONF_DIR" - fi - if [[ -f "$KSQL_CONF_FILE" ]]; then - info "Injected configuration file found. Skipping default configuration" - else - info "No injected configuration files found, creating default config file." - mv "${KSQL_CONF_FILE}.default" "$KSQL_CONF_FILE" - - # Kafka boostrap settings - [[ -n "$KSQL_BOOTSTRAP_SERVERS" ]] && ksql_conf_set "bootstrap.servers" "$KSQL_BOOTSTRAP_SERVERS" - # Listeners settings - if [[ -n "$KSQL_LISTENERS" ]]; then - ksql_conf_set "listeners" "$KSQL_LISTENERS" - read -r -a protocols <<< "$(ksql_protocols)" - if [[ "${protocols[*]}" =~ https ]]; then - ksql_conf_set "ssl.keystore.location" "${KSQL_CERTS_DIR}/ssl.keystore.jks" - [[ -n "$KSQL_SSL_KEYSTORE_PASSWORD" ]] && ksql_conf_set "ssl.keystore.password" "$KSQL_SSL_KEYSTORE_PASSWORD" - [[ -f "${KSQL_CERTS_DIR}/ssl.truststore.jks" ]] && ksql_conf_set "ssl.truststore.location" "${KSQL_CERTS_DIR}/ssl.truststore.jks" - [[ -n "$KSQL_SSL_TRUSTSTORE_PASSWORD" ]] && ksql_conf_set "ssl.truststore.password" "$KSQL_SSL_TRUSTSTORE_PASSWORD" - fi - [[ -n "$KSQL_CLIENT_AUTHENTICATION" ]] && ksql_conf_set "ssl.client.authentication" "$KSQL_CLIENT_AUTHENTICATION" - fi - fi - ksql_wait_for_kafka_brokers -} diff --git a/bitnami/ksql/7.5/debian-11/tags-info.yaml b/bitnami/ksql/7.5/debian-11/tags-info.yaml deleted file mode 100644 index 130877d91744..000000000000 --- a/bitnami/ksql/7.5/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "7.5" -- 7.5-debian-11 -- 7.5.3 -- latest diff --git a/bitnami/kube-rbac-proxy/0/debian-11/Dockerfile b/bitnami/kube-rbac-proxy/0/debian-11/Dockerfile deleted file mode 100644 index f6231306b384..000000000000 --- a/bitnami/kube-rbac-proxy/0/debian-11/Dockerfile +++ /dev/null @@ -1,56 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye as builder - -ARG TARGETARCH - -ENV OS_ARCH="${TARGETARCH:-amd64}" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] - -# Install required system packages and dependencies -RUN install_packages ca-certificates curl -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "kube-rbac-proxy-0.16.0-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done - -###### - -FROM scratch - -ARG TARGETARCH - -ENV OS_ARCH="${TARGETARCH:-amd64}" - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="scratch" \ - org.opencontainers.image.created="2024-02-20T07:46:17Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="0.16.0-debian-11-r1" \ - org.opencontainers.image.title="kube-rbac-proxy" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="0.16.0" - -COPY prebuildfs / -COPY rootfs / -COPY --from=builder /opt/bitnami/kube-rbac-proxy/bin/kube-rbac-proxy /kube-rbac-proxy - -ENV APP_VERSION="0.16.0" \ - BITNAMI_APP_NAME="kube-rbac-proxy" - -USER 1001 - -ENTRYPOINT [ "/kube-rbac-proxy" ] diff --git a/bitnami/kube-rbac-proxy/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/kube-rbac-proxy/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 929c7db8ca44..000000000000 --- a/bitnami/kube-rbac-proxy/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "kube-rbac-proxy": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "0.16.0-1" - } -} \ No newline at end of file diff --git a/bitnami/kube-rbac-proxy/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/kube-rbac-proxy/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/kube-rbac-proxy/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/kube-rbac-proxy/0/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/kube-rbac-proxy/0/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/kube-rbac-proxy/0/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/kube-rbac-proxy/0/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/kube-rbac-proxy/0/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/kube-rbac-proxy/0/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/kube-rbac-proxy/0/debian-11/rootfs/etc/ssl/certs/ca-certificates.crt b/bitnami/kube-rbac-proxy/0/debian-11/rootfs/etc/ssl/certs/ca-certificates.crt deleted file mode 100644 index 2d584626cce6..000000000000 --- a/bitnami/kube-rbac-proxy/0/debian-11/rootfs/etc/ssl/certs/ca-certificates.crt +++ /dev/null @@ -1,3864 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIH0zCCBbugAwIBAgIIXsO3pkN/pOAwDQYJKoZIhvcNAQEFBQAwQjESMBAGA1UE -AwwJQUNDVlJBSVoxMRAwDgYDVQQLDAdQS0lBQ0NWMQ0wCwYDVQQKDARBQ0NWMQsw -CQYDVQQGEwJFUzAeFw0xMTA1MDUwOTM3MzdaFw0zMDEyMzEwOTM3MzdaMEIxEjAQ -BgNVBAMMCUFDQ1ZSQUlaMTEQMA4GA1UECwwHUEtJQUNDVjENMAsGA1UECgwEQUND -VjELMAkGA1UEBhMCRVMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCb -qau/YUqXry+XZpp0X9DZlv3P4uRm7x8fRzPCRKPfmt4ftVTdFXxpNRFvu8gMjmoY -HtiP2Ra8EEg2XPBjs5BaXCQ316PWywlxufEBcoSwfdtNgM3802/J+Nq2DoLSRYWo -G2ioPej0RGy9ocLLA76MPhMAhN9KSMDjIgro6TenGEyxCQ0jVn8ETdkXhBilyNpA -lHPrzg5XPAOBOp0KoVdDaaxXbXmQeOW1tDvYvEyNKKGno6e6Ak4l0Squ7a4DIrhr -IA8wKFSVf+DuzgpmndFALW4ir50awQUZ0m/A8p/4e7MCQvtQqR0tkw8jq8bBD5L/ -0KIV9VMJcRz/RROE5iZe+OCIHAr8Fraocwa48GOEAqDGWuzndN9wrqODJerWx5eH -k6fGioozl2A3ED6XPm4pFdahD9GILBKfb6qkxkLrQaLjlUPTAYVtjrs78yM2x/47 -4KElB0iryYl0/wiPgL/AlmXz7uxLaL2diMMxs0Dx6M/2OLuc5NF/1OVYm3z61PMO -m3WR5LpSLhl+0fXNWhn8ugb2+1KoS5kE3fj5tItQo05iifCHJPqDQsGH+tUtKSpa -cXpkatcnYGMN285J9Y0fkIkyF/hzQ7jSWpOGYdbhdQrqeWZ2iE9x6wQl1gpaepPl -uUsXQA+xtrn13k/c4LOsOxFwYIRKQ26ZIMApcQrAZQIDAQABo4ICyzCCAscwfQYI -KwYBBQUHAQEEcTBvMEwGCCsGAQUFBzAChkBodHRwOi8vd3d3LmFjY3YuZXMvZmls -ZWFkbWluL0FyY2hpdm9zL2NlcnRpZmljYWRvcy9yYWl6YWNjdjEuY3J0MB8GCCsG -AQUFBzABhhNodHRwOi8vb2NzcC5hY2N2LmVzMB0GA1UdDgQWBBTSh7Tj3zcnk1X2 -VuqB5TbMjB4/vTAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFNKHtOPfNyeT -VfZW6oHlNsyMHj+9MIIBcwYDVR0gBIIBajCCAWYwggFiBgRVHSAAMIIBWDCCASIG -CCsGAQUFBwICMIIBFB6CARAAQQB1AHQAbwByAGkAZABhAGQAIABkAGUAIABDAGUA -cgB0AGkAZgBpAGMAYQBjAGkA8wBuACAAUgBhAO0AegAgAGQAZQAgAGwAYQAgAEEA -QwBDAFYAIAAoAEEAZwBlAG4AYwBpAGEAIABkAGUAIABUAGUAYwBuAG8AbABvAGcA -7QBhACAAeQAgAEMAZQByAHQAaQBmAGkAYwBhAGMAaQDzAG4AIABFAGwAZQBjAHQA -cgDzAG4AaQBjAGEALAAgAEMASQBGACAAUQA0ADYAMAAxADEANQA2AEUAKQAuACAA -QwBQAFMAIABlAG4AIABoAHQAdABwADoALwAvAHcAdwB3AC4AYQBjAGMAdgAuAGUA -czAwBggrBgEFBQcCARYkaHR0cDovL3d3dy5hY2N2LmVzL2xlZ2lzbGFjaW9uX2Mu -aHRtMFUGA1UdHwROMEwwSqBIoEaGRGh0dHA6Ly93d3cuYWNjdi5lcy9maWxlYWRt -aW4vQXJjaGl2b3MvY2VydGlmaWNhZG9zL3JhaXphY2N2MV9kZXIuY3JsMA4GA1Ud -DwEB/wQEAwIBBjAXBgNVHREEEDAOgQxhY2N2QGFjY3YuZXMwDQYJKoZIhvcNAQEF -BQADggIBAJcxAp/n/UNnSEQU5CmH7UwoZtCPNdpNYbdKl02125DgBS4OxnnQ8pdp -D70ER9m+27Up2pvZrqmZ1dM8MJP1jaGo/AaNRPTKFpV8M9xii6g3+CfYCS0b78gU -JyCpZET/LtZ1qmxNYEAZSUNUY9rizLpm5U9EelvZaoErQNV/+QEnWCzI7UiRfD+m -AM/EKXMRNt6GGT6d7hmKG9Ww7Y49nCrADdg9ZuM8Db3VlFzi4qc1GwQA9j9ajepD -vV+JHanBsMyZ4k0ACtrJJ1vnE5Bc5PUzolVt3OAJTS+xJlsndQAJxGJ3KQhfnlms -tn6tn1QwIgPBHnFk/vk4CpYY3QIUrCPLBhwepH2NDd4nQeit2hW3sCPdK6jT2iWH -7ehVRE2I9DZ+hJp4rPcOVkkO1jMl1oRQQmwgEh0q1b688nCBpHBgvgW1m54ERL5h -I6zppSSMEYCUWqKiuUnSwdzRp+0xESyeGabu4VXhwOrPDYTkF7eifKXeVSUG7szA -h1xA2syVP1XgNce4hL60Xc16gwFy7ofmXx2utYXGJt/mwZrpHgJHnyqobalbz+xF -d3+YJ5oyXSrjhO7FmGYvliAd3djDJ9ew+f7Zfc3Qn48LFFhRny+Lwzgt3uiP1o2H -pPVWQxaZLPSkVrQ0uGE3ycJYgBugl6H8WY3pEfbRD0tVNEYqi4Y7 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFgzCCA2ugAwIBAgIPXZONMGc2yAYdGsdUhGkHMA0GCSqGSIb3DQEBCwUAMDsx -CzAJBgNVBAYTAkVTMREwDwYDVQQKDAhGTk1ULVJDTTEZMBcGA1UECwwQQUMgUkFJ -WiBGTk1ULVJDTTAeFw0wODEwMjkxNTU5NTZaFw0zMDAxMDEwMDAwMDBaMDsxCzAJ -BgNVBAYTAkVTMREwDwYDVQQKDAhGTk1ULVJDTTEZMBcGA1UECwwQQUMgUkFJWiBG -Tk1ULVJDTTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALpxgHpMhm5/ -yBNtwMZ9HACXjywMI7sQmkCpGreHiPibVmr75nuOi5KOpyVdWRHbNi63URcfqQgf -BBckWKo3Shjf5TnUV/3XwSyRAZHiItQDwFj8d0fsjz50Q7qsNI1NOHZnjrDIbzAz -WHFctPVrbtQBULgTfmxKo0nRIBnuvMApGGWn3v7v3QqQIecaZ5JCEJhfTzC8PhxF -tBDXaEAUwED653cXeuYLj2VbPNmaUtu1vZ5Gzz3rkQUCwJaydkxNEJY7kvqcfw+Z -374jNUUeAlz+taibmSXaXvMiwzn15Cou08YfxGyqxRxqAQVKL9LFwag0Jl1mpdIC -IfkYtwb1TplvqKtMUejPUBjFd8g5CSxJkjKZqLsXF3mwWsXmo8RZZUc1g16p6DUL -mbvkzSDGm0oGObVo/CK67lWMK07q87Hj/LaZmtVC+nFNCM+HHmpxffnTtOmlcYF7 -wk5HlqX2doWjKI/pgG6BU6VtX7hI+cL5NqYuSf+4lsKMB7ObiFj86xsc3i1w4peS -MKGJ47xVqCfWS+2QrYv6YyVZLag13cqXM7zlzced0ezvXg5KkAYmY6252TUtB7p2 -ZSysV4999AeU14ECll2jB0nVetBX+RvnU0Z1qrB5QstocQjpYL05ac70r8NWQMet -UqIJ5G+GR4of6ygnXYMgrwTJbFaai0b1AgMBAAGjgYMwgYAwDwYDVR0TAQH/BAUw -AwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFPd9xf3E6Jobd2Sn9R2gzL+H -YJptMD4GA1UdIAQ3MDUwMwYEVR0gADArMCkGCCsGAQUFBwIBFh1odHRwOi8vd3d3 -LmNlcnQuZm5tdC5lcy9kcGNzLzANBgkqhkiG9w0BAQsFAAOCAgEAB5BK3/MjTvDD -nFFlm5wioooMhfNzKWtN/gHiqQxjAb8EZ6WdmF/9ARP67Jpi6Yb+tmLSbkyU+8B1 -RXxlDPiyN8+sD8+Nb/kZ94/sHvJwnvDKuO+3/3Y3dlv2bojzr2IyIpMNOmqOFGYM -LVN0V2Ue1bLdI4E7pWYjJ2cJj+F3qkPNZVEI7VFY/uY5+ctHhKQV8Xa7pO6kO8Rf -77IzlhEYt8llvhjho6Tc+hj507wTmzl6NLrTQfv6MooqtyuGC2mDOL7Nii4LcK2N -JpLuHvUBKwrZ1pebbuCoGRw6IYsMHkCtA+fdZn71uSANA+iW+YJF1DngoABd15jm -fZ5nc8OaKveri6E6FO80vFIOiZiaBECEHX5FaZNXzuvO+FB8TxxuBEOb+dY7Ixjp -6o7RTUaN8Tvkasq6+yO3m/qZASlaWFot4/nUbQ4mrcFuNLwy+AwF+mWj2zs3gyLp -1txyM/1d8iC9djwj2ij3+RvrWWTV3F9yfiD8zYm1kGdNYno/Tq0dwzn+evQoFt9B -9kiABdcPUXmsEKvU7ANm5mqwujGSQkBqvjrTcuFqN1W8rB2Vt2lh8kORdOag0wok -RqEIr9baRRmW1FMdW4R58MD3R++Lj8UGrp1MYp3/RgT408m2ECVAdf4WqslKYIYv -uu8wd+RU4riEmViAqhOLUTpPSPaLtrM= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIGZjCCBE6gAwIBAgIPB35Sk3vgFeNX8GmMy+wMMA0GCSqGSIb3DQEBBQUAMHsx -CzAJBgNVBAYTAkNPMUcwRQYDVQQKDD5Tb2NpZWRhZCBDYW1lcmFsIGRlIENlcnRp -ZmljYWNpw7NuIERpZ2l0YWwgLSBDZXJ0aWPDoW1hcmEgUy5BLjEjMCEGA1UEAwwa -QUMgUmHDrXogQ2VydGljw6FtYXJhIFMuQS4wHhcNMDYxMTI3MjA0NjI5WhcNMzAw -NDAyMjE0MjAyWjB7MQswCQYDVQQGEwJDTzFHMEUGA1UECgw+U29jaWVkYWQgQ2Ft -ZXJhbCBkZSBDZXJ0aWZpY2FjacOzbiBEaWdpdGFsIC0gQ2VydGljw6FtYXJhIFMu -QS4xIzAhBgNVBAMMGkFDIFJhw616IENlcnRpY8OhbWFyYSBTLkEuMIICIjANBgkq -hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAq2uJo1PMSCMI+8PPUZYILrgIem08kBeG -qentLhM0R7LQcNzJPNCNyu5LF6vQhbCnIwTLqKL85XXbQMpiiY9QngE9JlsYhBzL -fDe3fezTf3MZsGqy2IiKLUV0qPezuMDU2s0iiXRNWhU5cxh0T7XrmafBHoi0wpOQ -Y5fzp6cSsgkiBzPZkc0OnB8OIMfuuzONj8LSWKdf/WU34ojC2I+GdV75LaeHM/J4 -Ny+LvB2GNzmxlPLYvEqcgxhaBvzz1NS6jBUJJfD5to0EfhcSM2tXSExP2yYe68yQ -54v5aHxwD6Mq0Do43zeX4lvegGHTgNiRg0JaTASJaBE8rF9ogEHMYELODVoqDA+b -MMCm8Ibbq0nXl21Ii/kDwFJnmxL3wvIumGVC2daa49AZMQyth9VXAnow6IYm+48j -ilSH5L887uvDdUhfHjlvgWJsxS3EF1QZtzeNnDeRyPYL1epjb4OsOMLzP96a++Ej -YfDIJss2yKHzMI+ko6Kh3VOz3vCaMh+DkXkwwakfU5tTohVTP92dsxA7SH2JD/zt -A/X7JWR1DhcZDY8AFmd5ekD8LVkH2ZD6mq093ICK5lw1omdMEWux+IBkAC1vImHF -rEsm5VoQgpukg3s0956JkSCXjrdCx2bD0Omk1vUgjcTDlaxECp1bczwmPS9KvqfJ -pxAe+59QafMCAwEAAaOB5jCB4zAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE -AwIBBjAdBgNVHQ4EFgQU0QnQ6dfOeXRU+Tows/RtLAMDG2gwgaAGA1UdIASBmDCB -lTCBkgYEVR0gADCBiTArBggrBgEFBQcCARYfaHR0cDovL3d3dy5jZXJ0aWNhbWFy -YS5jb20vZHBjLzBaBggrBgEFBQcCAjBOGkxMaW1pdGFjaW9uZXMgZGUgZ2FyYW50 -7WFzIGRlIGVzdGUgY2VydGlmaWNhZG8gc2UgcHVlZGVuIGVuY29udHJhciBlbiBs -YSBEUEMuMA0GCSqGSIb3DQEBBQUAA4ICAQBclLW4RZFNjmEfAygPU3zmpFmps4p6 -xbD/CHwso3EcIRNnoZUSQDWDg4902zNc8El2CoFS3UnUmjIz75uny3XlesuXEpBc -unvFm9+7OSPI/5jOCk0iAUgHforA1SBClETvv3eiiWdIG0ADBaGJ7M9i4z0ldma/ -Jre7Ir5v/zlXdLp6yQGVwZVR6Kss+LGGIOk/yzVb0hfpKv6DExdA7ohiZVvVO2Dp -ezy4ydV/NgIlqmjCMRW3MGXrfx1IebHPOeJCgBbT9ZMj/EyXyVo3bHwi2ErN0o42 -gzmRkBDI8ck1fj+404HGIGQatlDCIaR43NAvO2STdPCWkPHv+wlaNECW8DYSwaN0 -jJN+Qd53i+yG2dIPPy3RzECiiWZIHiCznCNZc6lEc7wkeZBWN7PGKX6jD/EpOe9+ -XCgycDWs2rjIdWb8m0w5R44bb5tNAlQiM+9hup4phO9OSzNHdpdqy35f/RWmnkJD -W2ZaiogN9xa5P1FlK2Zqi9E4UqLWRhH6/JocdJ6PlwsCT2TG9WjTSy3/pDceiz+/ -RL5hRqGEPQgnTIEgd4kI6mdAXmwIUV80WoyWaM3X94nCHNMyAK9Sy9NgWyo6R35r -MDOhYil/SrnhLecUIw4OGEfhefwVVdCx/CVxY3UzHCMrr1zZ7Ud3YA47Dx7SwNxk -BYn8eNZcLCZDqQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFuzCCA6OgAwIBAgIIVwoRl0LE48wwDQYJKoZIhvcNAQELBQAwazELMAkGA1UE -BhMCSVQxDjAMBgNVBAcMBU1pbGFuMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8w -MzM1ODUyMDk2NzEnMCUGA1UEAwweQWN0YWxpcyBBdXRoZW50aWNhdGlvbiBSb290 -IENBMB4XDTExMDkyMjExMjIwMloXDTMwMDkyMjExMjIwMlowazELMAkGA1UEBhMC -SVQxDjAMBgNVBAcMBU1pbGFuMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8wMzM1 -ODUyMDk2NzEnMCUGA1UEAwweQWN0YWxpcyBBdXRoZW50aWNhdGlvbiBSb290IENB -MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAp8bEpSmkLO/lGMWwUKNv -UTufClrJwkg4CsIcoBh/kbWHuUA/3R1oHwiD1S0eiKD4j1aPbZkCkpAW1V8IbInX -4ay8IMKx4INRimlNAJZaby/ARH6jDuSRzVju3PvHHkVH3Se5CAGfpiEd9UEtL0z9 -KK3giq0itFZljoZUj5NDKd45RnijMCO6zfB9E1fAXdKDa0hMxKufgFpbOr3JpyI/ -gCczWw63igxdBzcIy2zSekciRDXFzMwujt0q7bd9Zg1fYVEiVRvjRuPjPdA1Yprb -rxTIW6HMiRvhMCb8oJsfgadHHwTrozmSBp+Z07/T6k9QnBn+locePGX2oxgkg4YQ -51Q+qDp2JE+BIcXjDwL4k5RHILv+1A7TaLndxHqEguNTVHnd25zS8gebLra8Pu2F -be8lEfKXGkJh90qX6IuxEAf6ZYGyojnP9zz/GPvG8VqLWeICrHuS0E4UT1lF9gxe -KF+w6D9Fz8+vm2/7hNN3WpVvrJSEnu68wEqPSpP4RCHiMUVhUE4Q2OM1fEwZtN4F -v6MGn8i1zeQf1xcGDXqVdFUNaBr8EBtiZJ1t4JWgw5QHVw0U5r0F+7if5t+L4sbn -fpb2U8WANFAoWPASUHEXMLrmeGO89LKtmyuy/uE5jF66CyCU3nuDuP/jVo23Eek7 -jPKxwV2dpAtMK9myGPW1n0sCAwEAAaNjMGEwHQYDVR0OBBYEFFLYiDrIn3hm7Ynz -ezhwlMkCAjbQMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUUtiIOsifeGbt -ifN7OHCUyQICNtAwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4ICAQAL -e3KHwGCmSUyIWOYdiPcUZEim2FgKDk8TNd81HdTtBjHIgT5q1d07GjLukD0R0i70 -jsNjLiNmsGe+b7bAEzlgqqI0JZN1Ut6nna0Oh4lScWoWPBkdg/iaKWW+9D+a2fDz -WochcYBNy+A4mz+7+uAwTc+G02UQGRjRlwKxK3JCaKygvU5a2hi/a5iB0P2avl4V -SM0RFbnAKVy06Ij3Pjaut2L9HmLecHgQHEhb2rykOLpn7VU+Xlff1ANATIGk0k9j -pwlCCRT8AKnCgHNPLsBA2RF7SOp6AsDT6ygBJlh0wcBzIm2Tlf05fbsq4/aC4yyX -X04fkZT6/iyj2HYauE2yOE+b+h1IYHkm4vP9qdCa6HCPSXrW5b0KDtst842/6+Ok -fcvHlXHo2qN8xcL4dJIEG4aspCJTQLas/kx2z/uUMsA1n3Y/buWQbqCmJqK4LL7R -K4X9p2jIugErsWx0Hbhzlefut8cl8ABMALJ+tguLHPPAUJ4lueAI3jZm/zel0btU -ZCzJJ7VLkn5l/9Mt4blOvH+kQSGQQXemOR/qnuOf0GZvBeyqdn6/axag67XH/JJU -LysRJyU3eExRarDzzFhdFPFqSBX/wge2sY0PjlxQRrM9vwGYT7JZVEc+NHt4bVaT -LnPqZih4zR0Uv6CPLy64Lo7yFIrM6bV8+2ydDKXhlg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIENjCCAx6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBvMQswCQYDVQQGEwJTRTEU -MBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4dGVybmFs -IFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBFeHRlcm5hbCBDQSBSb290 -MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFowbzELMAkGA1UEBhMCU0Ux -FDASBgNVBAoTC0FkZFRydXN0IEFCMSYwJAYDVQQLEx1BZGRUcnVzdCBFeHRlcm5h -bCBUVFAgTmV0d29yazEiMCAGA1UEAxMZQWRkVHJ1c3QgRXh0ZXJuYWwgQ0EgUm9v -dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALf3GjPm8gAELTngTlvt -H7xsD821+iO2zt6bETOXpClMfZOfvUq8k+0DGuOPz+VtUFrWlymUWoCwSXrbLpX9 -uMq/NzgtHj6RQa1wVsfwTz/oMp50ysiQVOnGXw94nZpAPA6sYapeFI+eh6FqUNzX -mk6vBbOmcZSccbNQYArHE504B4YCqOmoaSYYkKtMsE8jqzpPhNjfzp/haW+710LX -a0Tkx63ubUFfclpxCDezeWWkWaCUN/cALw3CknLa0Dhy2xSoRcRdKn23tNbE7qzN -E0S3ySvdQwAl+mG5aWpYIxG3pzOPVnVZ9c0p10a3CitlttNCbxWyuHv77+ldU9U0 -WicCAwEAAaOB3DCB2TAdBgNVHQ4EFgQUrb2YejS0Jvf6xCZU7wO94CTLVBowCwYD -VR0PBAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wgZkGA1UdIwSBkTCBjoAUrb2YejS0 -Jvf6xCZU7wO94CTLVBqhc6RxMG8xCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRU -cnVzdCBBQjEmMCQGA1UECxMdQWRkVHJ1c3QgRXh0ZXJuYWwgVFRQIE5ldHdvcmsx -IjAgBgNVBAMTGUFkZFRydXN0IEV4dGVybmFsIENBIFJvb3SCAQEwDQYJKoZIhvcN -AQEFBQADggEBALCb4IUlwtYj4g+WBpKdQZic2YR5gdkeWxQHIzZlj7DYd7usQWxH -YINRsPkyPef89iYTx4AWpb9a/IfPeHmJIZriTAcKhjW88t5RxNKWt9x+Tu5w/Rw5 -6wwCURQtjr0W4MHfRnXnJK3s9EK0hZNwEGe6nQY1ShjTK3rMUUKhemPR5ruhxSvC -Nr4TDea9Y355e6cJDUCrat2PisP29owaQgVR1EX1n6diIWgVIEM8med8vSTYqZEX -c4g/VhsxOBi0cQ+azcgOno4uG+GMmIPLHzHxREzGBHNJdmAPx/i9F4BrLunMTA5a -mnkPIAou1Z5jJh5VkpTYghdae9C8x49OhgQ= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEGDCCAwCgAwIBAgIBATANBgkqhkiG9w0BAQUFADBlMQswCQYDVQQGEwJTRTEU -MBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3 -b3JrMSEwHwYDVQQDExhBZGRUcnVzdCBDbGFzcyAxIENBIFJvb3QwHhcNMDAwNTMw -MTAzODMxWhcNMjAwNTMwMTAzODMxWjBlMQswCQYDVQQGEwJTRTEUMBIGA1UEChML -QWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3b3JrMSEwHwYD -VQQDExhBZGRUcnVzdCBDbGFzcyAxIENBIFJvb3QwggEiMA0GCSqGSIb3DQEBAQUA -A4IBDwAwggEKAoIBAQCWltQhSWDia+hBBwzexODcEyPNwTXH+9ZOEQpnXvUGW2ul -CDtbKRY654eyNAbFvAWlA3yCyykQruGIgb3WntP+LVbBFc7jJp0VLhD7Bo8wBN6n -tGO0/7Gcrjyvd7ZWxbWroulpOj0OM3kyP3CCkplhbY0wCI9xP6ZIVxn4JdxLZlyl -dI+Yrsj5wAYi56xz36Uu+1LcsRVlIPo1Zmne3yzxbrww2ywkEtvrNTVokMsAsJch -PXQhI2U0K7t4WaPW4XY5mqRJjox0r26kmqPZm9I4XJuiGMx1I4S+6+JNM3GOGvDC -+Mcdoq0Dlyz4zyXG9rgkMbFjXZJ/Y/AlyVMuH79NAgMBAAGjgdIwgc8wHQYDVR0O -BBYEFJWxtPCUtr3H2tERCSG+wa9J/RB7MAsGA1UdDwQEAwIBBjAPBgNVHRMBAf8E -BTADAQH/MIGPBgNVHSMEgYcwgYSAFJWxtPCUtr3H2tERCSG+wa9J/RB7oWmkZzBl -MQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFk -ZFRydXN0IFRUUCBOZXR3b3JrMSEwHwYDVQQDExhBZGRUcnVzdCBDbGFzcyAxIENB -IFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBACxtZBsfzQ3duQH6lmM0MkhHma6X -7f1yFqZzR1r0693p9db7RcwpiURdv0Y5PejuvE1Uhh4dbOMXJ0PhiVYrqW9yTkkz -43J8KiOavD7/KCrto/8cI7pDVwlnTUtiBi34/2ydYB7YHEt9tTEv2dB8Xfjea4MY -eDdXL+gzB2ffHsdrKpV2ro9Xo/D0UrSpUwjP4E/TelOL/bscVjby/rK25Xa71SJl -pz/+0WatC7xrmYbvP33zGDLKe8bjq2RGlfgmadlVg3sslgf/WSxEo8bl6ancoWOA -WiFeIc9TVPC6b4nbqKqVz4vjccweGyBECMB6tkD9xOQ14R0WHNC8K47Wcdk= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDTDCCAjSgAwIBAgIId3cGJyapsXwwDQYJKoZIhvcNAQELBQAwRDELMAkGA1UE -BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVz -dCBDb21tZXJjaWFsMB4XDTEwMDEyOTE0MDYwNloXDTMwMTIzMTE0MDYwNlowRDEL -MAkGA1UEBhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZp -cm1UcnVzdCBDb21tZXJjaWFsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC -AQEA9htPZwcroRX1BiLLHwGy43NFBkRJLLtJJRTWzsO3qyxPxkEylFf6EqdbDuKP -Hx6GGaeqtS25Xw2Kwq+FNXkyLbscYjfysVtKPcrNcV/pQr6U6Mje+SJIZMblq8Yr -ba0F8PrVC8+a5fBQpIs7R6UjW3p6+DM/uO+Zl+MgwdYoic+U+7lF7eNAFxHUdPAL -MeIrJmqbTFeurCA+ukV6BfO9m2kVrn1OIGPENXY6BwLJN/3HR+7o8XYdcxXyl6S1 -yHp52UKqK39c/s4mT6NmgTWvRLpUHhwwMmWd5jyTXlBOeuM61G7MGvv50jeuJCqr -VwMiKA1JdX+3KNp1v47j3A55MQIDAQABo0IwQDAdBgNVHQ4EFgQUnZPGU4teyq8/ -nx4P5ZmVvCT2lI8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwDQYJ -KoZIhvcNAQELBQADggEBAFis9AQOzcAN/wr91LoWXym9e2iZWEnStB03TX8nfUYG -XUPGhi4+c7ImfU+TqbbEKpqrIZcUsd6M06uJFdhrJNTxFq7YpFzUf1GO7RgBsZNj -vbz4YYCanrHOQnDiqX0GJX0nof5v7LMeJNrjS1UaADs1tDvZ110w/YETifLCBivt -Z8SOyUOyXGsViQK8YvxO8rUzqrJv0wqiUOP2O+guRMLbZjipM1ZI8W0bM40NjD9g -N53Tym1+NH4Nn3J2ixufcv1SNUFFApYvHLKac0khsUlHRUe072o0EclNmsxZt9YC -nlpOZbWUrhvfKbAW8b8Angc6F2S1BLUjIZkKlTuXfO8= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDTDCCAjSgAwIBAgIIfE8EORzUmS0wDQYJKoZIhvcNAQEFBQAwRDELMAkGA1UE -BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVz -dCBOZXR3b3JraW5nMB4XDTEwMDEyOTE0MDgyNFoXDTMwMTIzMTE0MDgyNFowRDEL -MAkGA1UEBhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZp -cm1UcnVzdCBOZXR3b3JraW5nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC -AQEAtITMMxcua5Rsa2FSoOujz3mUTOWUgJnLVWREZY9nZOIG41w3SfYvm4SEHi3y -YJ0wTsyEheIszx6e/jarM3c1RNg1lho9Nuh6DtjVR6FqaYvZ/Ls6rnla1fTWcbua -kCNrmreIdIcMHl+5ni36q1Mr3Lt2PpNMCAiMHqIjHNRqrSK6mQEubWXLviRmVSRL -QESxG9fhwoXA3hA/Pe24/PHxI1Pcv2WXb9n5QHGNfb2V1M6+oF4nI979ptAmDgAp -6zxG8D1gvz9Q0twmQVGeFDdCBKNwV6gbh+0t+nvujArjqWaJGctB+d1ENmHP4ndG -yH329JKBNv3bNPFyfvMMFr20FQIDAQABo0IwQDAdBgNVHQ4EFgQUBx/S55zawm6i -QLSwelAQUHTEyL0wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwDQYJ -KoZIhvcNAQEFBQADggEBAIlXshZ6qML91tmbmzTCnLQyFE2npN/svqe++EPbkTfO -tDIuUFUaNU52Q3Eg75N3ThVwLofDwR1t3Mu1J9QsVtFSUzpE0nPIxBsFZVpikpzu -QY0x2+c06lkh1QF612S4ZDnNye2v7UsDSKegmQGA3GWjNq5lWUhPgkvIZfFXHeVZ -Lgo/bNjR9eUJtGxUAArgFU2HdW23WJZa3W3SAKD0m0i+wzekujbgfIeFlxoVot4u -olu9rxj5kFDNcFn4J2dHy8egBzp90SxdbBk6ZrV9/ZFvgrG+CJPbFEfxojfHRZ48 -x3evZKiT3/Zpg4Jg8klCNO1aAFSFHBY2kgxc+qatv9s= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFRjCCAy6gAwIBAgIIbYwURrGmCu4wDQYJKoZIhvcNAQEMBQAwQTELMAkGA1UE -BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MRwwGgYDVQQDDBNBZmZpcm1UcnVz -dCBQcmVtaXVtMB4XDTEwMDEyOTE0MTAzNloXDTQwMTIzMTE0MTAzNlowQTELMAkG -A1UEBhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MRwwGgYDVQQDDBNBZmZpcm1U -cnVzdCBQcmVtaXVtMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxBLf -qV/+Qd3d9Z+K4/as4Tx4mrzY8H96oDMq3I0gW64tb+eT2TZwamjPjlGjhVtnBKAQ -JG9dKILBl1fYSCkTtuG+kU3fhQxTGJoeJKJPj/CihQvL9Cl/0qRY7iZNyaqoe5rZ -+jjeRFcV5fiMyNlI4g0WJx0eyIOFJbe6qlVBzAMiSy2RjYvmia9mx+n/K+k8rNrS -s8PhaJyJ+HoAVt70VZVs+7pk3WKL3wt3MutizCaam7uqYoNMtAZ6MMgpv+0GTZe5 -HMQxK9VfvFMSF5yZVylmd2EhMQcuJUmdGPLu8ytxjLW6OQdJd/zvLpKQBY0tL3d7 -70O/Nbua2Plzpyzy0FfuKE4mX4+QaAkvuPjcBukumj5Rp9EixAqnOEhss/n/fauG -V+O61oV4d7pD6kh/9ti+I20ev9E2bFhc8e6kGVQa9QPSdubhjL08s9NIS+LI+H+S -qHZGnEJlPqQewQcDWkYtuJfzt9WyVSHvutxMAJf7FJUnM7/oQ0dG0giZFmA7mn7S -5u046uwBHjxIVkkJx0w3AJ6IDsBz4W9m6XJHMD4Q5QsDyZpCAGzFlH5hxIrff4Ia -C1nEWTJ3s7xgaVY5/bQGeyzWZDbZvUjthB9+pSKPKrhC9IK31FOQeE4tGv2Bb0TX -OwF0lkLgAOIua+rF7nKsu7/+6qqo+Nz2snmKtmcCAwEAAaNCMEAwHQYDVR0OBBYE -FJ3AZ6YMItkm9UWrpmVSESfYRaxjMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/ -BAQDAgEGMA0GCSqGSIb3DQEBDAUAA4ICAQCzV00QYk465KzquByvMiPIs0laUZx2 -KI15qldGF9X1Uva3ROgIRL8YhNILgM3FEv0AVQVhh0HctSSePMTYyPtwni94loMg -Nt58D2kTiKV1NpgIpsbfrM7jWNa3Pt668+s0QNiigfV4Py/VpfzZotReBA4Xrf5B -8OWycvpEgjNC6C1Y91aMYj+6QrCcDFx+LmUmXFNPALJ4fqENmS2NuB2OosSw/WDQ -MKSOyARiqcTtNd56l+0OOF6SL5Nwpamcb6d9Ex1+xghIsV5n61EIJenmJWtSKZGc -0jlzCFfemQa0W50QBuHCAKi4HEoCChTQwUHK+4w1IX2COPKpVJEZNZOUbWo6xbLQ -u4mGk+ibyQ86p3q4ofB4Rvr8Ny/lioTz3/4E2aFooC8k4gmVBtWVyuEklut89pMF -u+1z6S3RdTnX5yTb2E5fQ4+e0BQ5v1VwSJlXMbSc7kqYA5YwH2AG7hsj/oFgIxpH -YoWlzBk0gG+zrBrjn/B7SK3VAdlntqlyk+otZrWyuOQ9PLLvTIzq6we/qzWaVYa8 -GKa1qF60g2xraUDTn9zxw2lrueFtCfTxqlB2Cnp9ehehVZZCmTEJ3WARjQUwfuaO -RtGdFNrHF+QFlozEJLUbzxQHskD4o55BhrwE0GuWyCqANP2/7waj3VjFhT0+j/6e -KeC2uAloGRwYQw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB/jCCAYWgAwIBAgIIdJclisc/elQwCgYIKoZIzj0EAwMwRTELMAkGA1UEBhMC -VVMxFDASBgNVBAoMC0FmZmlybVRydXN0MSAwHgYDVQQDDBdBZmZpcm1UcnVzdCBQ -cmVtaXVtIEVDQzAeFw0xMDAxMjkxNDIwMjRaFw00MDEyMzExNDIwMjRaMEUxCzAJ -BgNVBAYTAlVTMRQwEgYDVQQKDAtBZmZpcm1UcnVzdDEgMB4GA1UEAwwXQWZmaXJt -VHJ1c3QgUHJlbWl1bSBFQ0MwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQNMF4bFZ0D -0KF5Nbc6PJJ6yhUczWLznCZcBz3lVPqj1swS6vQUX+iOGasvLkjmrBhDeKzQN8O9 -ss0s5kfiGuZjuD0uL3jET9v0D6RoTFVya5UdThhClXjMNzyR4ptlKymjQjBAMB0G -A1UdDgQWBBSaryl6wBE1NSZRMADDav5A1a7WPDAPBgNVHRMBAf8EBTADAQH/MA4G -A1UdDwEB/wQEAwIBBjAKBggqhkjOPQQDAwNnADBkAjAXCfOHiFBar8jAQr9HX/Vs -aobgxCd05DhT1wV/GzTjxi+zygk8N53X57hG8f2h4nECMEJZh0PUUd+60wkyWs6I -flc9nF9Ca/UHLbXwgpP5WW+uZPpY5Yse42O+tYHNbwKMeQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDQTCCAimgAwIBAgITBmyfz5m/jAo54vB4ikPmljZbyjANBgkqhkiG9w0BAQsF -ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6 -b24gUm9vdCBDQSAxMB4XDTE1MDUyNjAwMDAwMFoXDTM4MDExNzAwMDAwMFowOTEL -MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv -b3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALJ4gHHKeNXj -ca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgHFzZM -9O6II8c+6zf1tRn4SWiw3te5djgdYZ6k/oI2peVKVuRF4fn9tBb6dNqcmzU5L/qw -IFAGbHrQgLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6 -VOujw5H5SNz/0egwLX0tdHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L -93FcXmn/6pUCyziKrlA4b9v7LWIbxcceVOF34GfID5yHI9Y/QCB/IIDEgEw+OyQm -jgSubJrIqg0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC -AYYwHQYDVR0OBBYEFIQYzIU07LwMlJQuCFmcx7IQTgoIMA0GCSqGSIb3DQEBCwUA -A4IBAQCY8jdaQZChGsV2USggNiMOruYou6r4lK5IpDB/G/wkjUu0yKGX9rbxenDI -U5PMCCjjmCXPI6T53iHTfIUJrU6adTrCC2qJeHZERxhlbI1Bjjt/msv0tadQ1wUs -N+gDS63pYaACbvXy8MWy7Vu33PqUXHeeE6V/Uq2V8viTO96LXFvKWlJbYK8U90vv -o/ufQJVtMVT8QtPHRh8jrdkPSHCa2XV4cdFyQzR1bldZwgJcJmApzyMZFo6IQ6XU -5MsI+yMRQ+hDKXJioaldXgjUkK642M4UwtBV8ob2xJNDd2ZhwLnoQdeXeGADbkpy -rqXRfboQnoZsG4q5WTP468SQvvG5 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFQTCCAymgAwIBAgITBmyf0pY1hp8KD+WGePhbJruKNzANBgkqhkiG9w0BAQwF -ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6 -b24gUm9vdCBDQSAyMB4XDTE1MDUyNjAwMDAwMFoXDTQwMDUyNjAwMDAwMFowOTEL -MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv -b3QgQ0EgMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK2Wny2cSkxK -gXlRmeyKy2tgURO8TW0G/LAIjd0ZEGrHJgw12MBvIITplLGbhQPDW9tK6Mj4kHbZ -W0/jTOgGNk3Mmqw9DJArktQGGWCsN0R5hYGCrVo34A3MnaZMUnbqQ523BNFQ9lXg -1dKmSYXpN+nKfq5clU1Imj+uIFptiJXZNLhSGkOQsL9sBbm2eLfq0OQ6PBJTYv9K -8nu+NQWpEjTj82R0Yiw9AElaKP4yRLuH3WUnAnE72kr3H9rN9yFVkE8P7K6C4Z9r -2UXTu/Bfh+08LDmG2j/e7HJV63mjrdvdfLC6HM783k81ds8P+HgfajZRRidhW+me -z/CiVX18JYpvL7TFz4QuK/0NURBs+18bvBt+xa47mAExkv8LV/SasrlX6avvDXbR -8O70zoan4G7ptGmh32n2M8ZpLpcTnqWHsFcQgTfJU7O7f/aS0ZzQGPSSbtqDT6Zj -mUyl+17vIWR6IF9sZIUVyzfpYgwLKhbcAS4y2j5L9Z469hdAlO+ekQiG+r5jqFoz -7Mt0Q5X5bGlSNscpb/xVA1wf+5+9R+vnSUeVC06JIglJ4PVhHvG/LopyboBZ/1c6 -+XUyo05f7O0oYtlNc/LMgRdg7c3r3NunysV+Ar3yVAhU/bQtCSwXVEqY0VThUWcI -0u1ufm8/0i2BWSlmy5A5lREedCf+3euvAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMB -Af8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBSwDPBMMPQFWAJI/TPlUq9LhONm -UjANBgkqhkiG9w0BAQwFAAOCAgEAqqiAjw54o+Ci1M3m9Zh6O+oAA7CXDpO8Wqj2 -LIxyh6mx/H9z/WNxeKWHWc8w4Q0QshNabYL1auaAn6AFC2jkR2vHat+2/XcycuUY -+gn0oJMsXdKMdYV2ZZAMA3m3MSNjrXiDCYZohMr/+c8mmpJ5581LxedhpxfL86kS -k5Nrp+gvU5LEYFiwzAJRGFuFjWJZY7attN6a+yb3ACfAXVU3dJnJUH/jWS5E4ywl -7uxMMne0nxrpS10gxdr9HIcWxkPo1LsmmkVwXqkLN1PiRnsn/eBG8om3zEK2yygm -btmlyTrIQRNg91CMFa6ybRoVGld45pIq2WWQgj9sAq+uEjonljYE1x2igGOpm/Hl -urR8FLBOybEfdF849lHqm/osohHUqS0nGkWxr7JOcQ3AWEbWaQbLU8uz/mtBzUF+ -fUwPfHJ5elnNXkoOrJupmHN5fLT0zLm4BwyydFy4x2+IoZCn9Kr5v2c69BoVYh63 -n749sSmvZ6ES8lgQGVMDMBu4Gon2nL2XA46jCfMdiyHxtN/kHNGfZQIG6lzWE7OE -76KlXIx3KadowGuuQNKotOrN8I1LOJwZmhsoVLiJkO/KdYE+HvJkJMcYr07/R54H -9jVlpNMKVv/1F2Rs76giJUmTtt8AF9pYfl3uxRuw0dFfIRDH+fO6AgonB8Xx1sfT -4PsJYGw= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIBtjCCAVugAwIBAgITBmyf1XSXNmY/Owua2eiedgPySjAKBggqhkjOPQQDAjA5 -MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24g -Um9vdCBDQSAzMB4XDTE1MDUyNjAwMDAwMFoXDTQwMDUyNjAwMDAwMFowOTELMAkG -A1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJvb3Qg -Q0EgMzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABCmXp8ZBf8ANm+gBG1bG8lKl -ui2yEujSLtf6ycXYqm0fc4E7O5hrOXwzpcVOho6AF2hiRVd9RFgdszflZwjrZt6j -QjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBSr -ttvXBp43rDCGB5Fwx5zEGbF4wDAKBggqhkjOPQQDAgNJADBGAiEA4IWSoxe3jfkr -BqWTrBqYaGFy+uGh0PsceGCmQ5nFuMQCIQCcAu/xlJyzlvnrxir4tiz+OpAUFteM -YyRIHN8wfdVoOw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB8jCCAXigAwIBAgITBmyf18G7EEwpQ+Vxe3ssyBrBDjAKBggqhkjOPQQDAzA5 -MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24g -Um9vdCBDQSA0MB4XDTE1MDUyNjAwMDAwMFoXDTQwMDUyNjAwMDAwMFowOTELMAkG -A1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJvb3Qg -Q0EgNDB2MBAGByqGSM49AgEGBSuBBAAiA2IABNKrijdPo1MN/sGKe0uoe0ZLY7Bi -9i0b2whxIdIA6GO9mif78DluXeo9pcmBqqNbIJhFXRbb/egQbeOc4OO9X4Ri83Bk -M6DLJC9wuoihKqB1+IGuYgbEgds5bimwHvouXKNCMEAwDwYDVR0TAQH/BAUwAwEB -/zAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0OBBYEFNPsxzplbszh2naaVvuc84ZtV+WB -MAoGCCqGSM49BAMDA2gAMGUCMDqLIfG9fhGt0O9Yli/W651+kI0rz2ZVwyzjKKlw -CkcO8DdZEv8tmZQoTipPNU0zWgIxAOp1AE47xDqUEpHJWEadIRNyp4iciuRMStuW -1KyLa2tJElMzrdfkviT8tQp21KW8EA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDdzCCAl+gAwIBAgIIXDPLYixfszIwDQYJKoZIhvcNAQELBQAwPDEeMBwGA1UE -AwwVQXRvcyBUcnVzdGVkUm9vdCAyMDExMQ0wCwYDVQQKDARBdG9zMQswCQYDVQQG -EwJERTAeFw0xMTA3MDcxNDU4MzBaFw0zMDEyMzEyMzU5NTlaMDwxHjAcBgNVBAMM -FUF0b3MgVHJ1c3RlZFJvb3QgMjAxMTENMAsGA1UECgwEQXRvczELMAkGA1UEBhMC -REUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVhTuXbyo7LjvPpvMp -Nb7PGKw+qtn4TaA+Gke5vJrf8v7MPkfoepbCJI419KkM/IL9bcFyYie96mvr54rM -VD6QUM+A1JX76LWC1BTFtqlVJVfbsVD2sGBkWXppzwO3bw2+yj5vdHLqqjAqc2K+ -SZFhyBH+DgMq92og3AIVDV4VavzjgsG1xZ1kCWyjWZgHJ8cblithdHFsQ/H3NYkQ -4J7sVaE3IqKHBAUsR320HLliKWYoyrfhk/WklAOZuXCFteZI6o1Q/NnezG8HDt0L -cp2AMBYHlT8oDv3FdU9T1nSatCQujgKRz3bFmx5VdJx4IbHwLfELn8LVlhgf8FQi -eowHAgMBAAGjfTB7MB0GA1UdDgQWBBSnpQaxLKYJYO7Rl+lwrrw7GWzbITAPBgNV -HRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFKelBrEspglg7tGX6XCuvDsZbNshMBgG -A1UdIAQRMA8wDQYLKwYBBAGwLQMEAQEwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3 -DQEBCwUAA4IBAQAmdzTblEiGKkGdLD4GkGDEjKwLVLgfuXvTBznk+j57sj1O7Z8j -vZfza1zv7v1Apt+hk6EKhqzvINB5Ab149xnYJDE0BAGmuhWawyfc2E8PzBhj/5kP -DpFrdRbhIfzYJsdHt6bPWHJxfrrhTZVHO8mvbaG0weyJ9rQPOLXiZNwlz6bb65pc -maHFCN795trV1lpFDMS3wrUU77QR/w4VtfX128a961qn8FYiqTxlVMYVqL2Gns2D -lmh6cYGJ4Qvh6hEbaAjMaZ7snkGeRDImeuKHCnE96+RapNLbxc3G3mB/ufNPRJLv -KrcYPqcZ2Qt9sTdBQrC6YB3y/gkRsPCHe6ed ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIGFDCCA/ygAwIBAgIIU+w77vuySF8wDQYJKoZIhvcNAQEFBQAwUTELMAkGA1UE -BhMCRVMxQjBABgNVBAMMOUF1dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIEZpcm1h -cHJvZmVzaW9uYWwgQ0lGIEE2MjYzNDA2ODAeFw0wOTA1MjAwODM4MTVaFw0zMDEy -MzEwODM4MTVaMFExCzAJBgNVBAYTAkVTMUIwQAYDVQQDDDlBdXRvcmlkYWQgZGUg -Q2VydGlmaWNhY2lvbiBGaXJtYXByb2Zlc2lvbmFsIENJRiBBNjI2MzQwNjgwggIi -MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDKlmuO6vj78aI14H9M2uDDUtd9 -thDIAl6zQyrET2qyyhxdKJp4ERppWVevtSBC5IsP5t9bpgOSL/UR5GLXMnE42QQM -cas9UX4PB99jBVzpv5RvwSmCwLTaUbDBPLutN0pcyvFLNg4kq7/DhHf9qFD0sefG -L9ItWY16Ck6WaVICqjaY7Pz6FIMMNx/Jkjd/14Et5cS54D40/mf0PmbR0/RAz15i -NA9wBj4gGFrO93IbJWyTdBSTo3OxDqqHECNZXyAFGUftaI6SEspd/NYrspI8IM/h -X68gvqB2f3bl7BqGYTM+53u0P6APjqK5am+5hyZvQWyIplD9amML9ZMWGxmPsu2b -m8mQ9QEM3xk9Dz44I8kvjwzRAv4bVdZO0I08r0+k8/6vKtMFnXkIoctXMbScyJCy -Z/QYFpM6/EfY0XiWMR+6KwxfXZmtY4laJCB22N/9q06mIqqdXuYnin1oKaPnirja -EbsXLZmdEyRG98Xi2J+Of8ePdG1asuhy9azuJBCtLxTa/y2aRnFHvkLfuwHb9H/T -KI8xWVvTyQKmtFLKbpf7Q8UIJm+K9Lv9nyiqDdVF8xM6HdjAeI9BZzwelGSuewvF -6NkBiDkal4ZkQdU7hwxu+g/GvUgUvzlN1J5Bto+WHWOWk9mVBngxaJ43BjuAiUVh -OSPHG0SjFeUc+JIwuwIDAQABo4HvMIHsMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYD -VR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRlzeurNR4APn7VdMActHNHDhpkLzCBpgYD -VR0gBIGeMIGbMIGYBgRVHSAAMIGPMC8GCCsGAQUFBwIBFiNodHRwOi8vd3d3LmZp -cm1hcHJvZmVzaW9uYWwuY29tL2NwczBcBggrBgEFBQcCAjBQHk4AUABhAHMAZQBv -ACAAZABlACAAbABhACAAQgBvAG4AYQBuAG8AdgBhACAANAA3ACAAQgBhAHIAYwBl -AGwAbwBuAGEAIAAwADgAMAAxADcwDQYJKoZIhvcNAQEFBQADggIBABd9oPm03cXF -661LJLWhAqvdpYhKsg9VSytXjDvlMd3+xDLx51tkljYyGOylMnfX40S2wBEqgLk9 -am58m9Ot/MPWo+ZkKXzR4Tgegiv/J2Wv+xYVxC5xhOW1//qkR71kMrv2JYSiJ0L1 -ILDCExARzRAVukKQKtJE4ZYm6zFIEv0q2skGz3QeqUvVhyj5eTSSPi5E6PaPT481 -PyWzOdxjKpBrIF/EUhJOlywqrJ2X3kjyo2bbwtKDlaZmp54lD+kLM5FlClrD2VQS -3a/DTg4fJl4N3LON7NWBcN7STyQF82xO9UxJZo3R/9ILJUFI/lGExkKvgATP0H5k -SeTy36LssUzAKh3ntLFlosS88Zj0qnAHY7S42jtM+kAiMFsRpvAFDsYCA0irhpuF -3dvd6qJ2gHN99ZwExEWN57kci57q13XRcrHedUTnQn3iV2t93Jm8PYMo6oCTjcVM -ZcFwgbg4/EMxsvYDNEeyrPsiBsse3RdHHF9mudMaotoRsaS8I8nkvof/uZS2+F0g -StRf571oe2XyFR7SOqkt6dhrJKyXWERHrVkY8SFlcN7ONGCoQPHzPKTDKCOM/icz -Q0CgFzzr6juwcqajuUpLXhZI9LK8yIySxZ2frHI2vDSANGupi5LAuBft7HZT9SQB -jLMi6Et8Vcad+qMUu2WFbm5PEn4KPJ2V ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDdzCCAl+gAwIBAgIEAgAAuTANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJ -RTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYD -VQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTAwMDUxMjE4NDYwMFoX -DTI1MDUxMjIzNTkwMFowWjELMAkGA1UEBhMCSUUxEjAQBgNVBAoTCUJhbHRpbW9y -ZTETMBEGA1UECxMKQ3liZXJUcnVzdDEiMCAGA1UEAxMZQmFsdGltb3JlIEN5YmVy -VHJ1c3QgUm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKMEuyKr -mD1X6CZymrV51Cni4eiVgLGw41uOKymaZN+hXe2wCQVt2yguzmKiYv60iNoS6zjr -IZ3AQSsBUnuId9Mcj8e6uYi1agnnc+gRQKfRzMpijS3ljwumUNKoUMMo6vWrJYeK -mpYcqWe4PwzV9/lSEy/CG9VwcPCPwBLKBsua4dnKM3p31vjsufFoREJIE9LAwqSu -XmD+tqYF/LTdB1kC1FkYmGP1pWPgkAx9XbIGevOF6uvUA65ehD5f/xXtabz5OTZy -dc93Uk3zyZAsuT3lySNTPx8kmCFcB5kpvcY67Oduhjprl3RjM71oGDHweI12v/ye -jl0qhqdNkNwnGjkCAwEAAaNFMEMwHQYDVR0OBBYEFOWdWTCCR1jMrPoIVDaGezq1 -BE3wMBIGA1UdEwEB/wQIMAYBAf8CAQMwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3 -DQEBBQUAA4IBAQCFDF2O5G9RaEIFoN27TyclhAO992T9Ldcw46QQF+vaKSm2eT92 -9hkTI7gQCvlYpNRhcL0EYWoSihfVCr3FvDB81ukMJY2GQE/szKN+OMY3EU/t3Wgx -jkzSswF07r51XgdIGn9w/xZchMB5hbgF/X++ZRGjD8ACtPhSNzkE1akxehi/oCr0 -Epn3o0WC4zxe9Z2etciefC7IpJ5OCBRLbf1wbWsaY71k5h+3zvDyny67G7fyUIhz -ksLi4xaNmjICq44Y3ekQEe5+NauQrz4wlHrQMz2nZQ/1/I6eYs9HRCwBXbsdtTLS -R9I4LtD+gdwyah617jzV/OeBHRnDJELqYzmp ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFWTCCA0GgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJOTzEd -MBsGA1UECgwUQnV5cGFzcyBBUy05ODMxNjMzMjcxIDAeBgNVBAMMF0J1eXBhc3Mg -Q2xhc3MgMiBSb290IENBMB4XDTEwMTAyNjA4MzgwM1oXDTQwMTAyNjA4MzgwM1ow -TjELMAkGA1UEBhMCTk8xHTAbBgNVBAoMFEJ1eXBhc3MgQVMtOTgzMTYzMzI3MSAw -HgYDVQQDDBdCdXlwYXNzIENsYXNzIDIgUm9vdCBDQTCCAiIwDQYJKoZIhvcNAQEB -BQADggIPADCCAgoCggIBANfHXvfBB9R3+0Mh9PT1aeTuMgHbo4Yf5FkNuud1g1Lr -6hxhFUi7HQfKjK6w3Jad6sNgkoaCKHOcVgb/S2TwDCo3SbXlzwx87vFKu3MwZfPV -L4O2fuPn9Z6rYPnT8Z2SdIrkHJasW4DptfQxh6NR/Md+oW+OU3fUl8FVM5I+GC91 -1K2GScuVr1QGbNgGE41b/+EmGVnAJLqBcXmQRFBoJJRfuLMR8SlBYaNByyM21cHx -MlAQTn/0hpPshNOOvEu/XAFOBz3cFIqUCqTqc/sLUegTBxj6DvEr0VQVfTzh97QZ -QmdiXnfgolXsttlpF9U6r0TtSsWe5HonfOV116rLJeffawrbD02TTqigzXsu8lkB -arcNuAeBfos4GzjmCleZPe4h6KP1DBbdi+w0jpwqHAAVF41og9JwnxgIzRFo1clr -Us3ERo/ctfPYV3Me6ZQ5BL/T3jjetFPsaRyifsSP5BtwrfKi+fv3FmRmaZ9JUaLi -FRhnBkp/1Wy1TbMz4GHrXb7pmA8y1x1LPC5aAVKRCfLf6o3YBkBjqhHk/sM3nhRS -P/TizPJhk9H9Z2vXUq6/aKtAQ6BXNVN48FP4YUIHZMbXb5tMOA1jrGKvNouicwoN -9SG9dKpN6nIDSdvHXx1iY8f93ZHsM+71bbRuMGjeyNYmsHVee7QHIJihdjK4TWxP -AgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFMmAd+BikoL1Rpzz -uvdMw964o605MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEAU18h -9bqwOlI5LJKwbADJ784g7wbylp7ppHR/ehb8t/W2+xUbP6umwHJdELFx7rxP462s -A20ucS6vxOOto70MEae0/0qyexAQH6dXQbLArvQsWdZHEIjzIVEpMMpghq9Gqx3t -OluwlN5E40EIosHsHdb9T7bWR9AUC8rmyrV7d35BH16Dx7aMOZawP5aBQW9gkOLo -+fsicdl9sz1Gv7SEr5AcD48Saq/v7h56rgJKihcrdv6sVIkkLE8/trKnToyokZf7 -KcZ7XC25y2a2t6hbElGFtQl+Ynhw/qlqYLYdDnkM/crqJIByw5c/8nerQyIKx+u2 -DISCLIBrQYoIwOula9+ZEsuK1V6ADJHgJgg2SMX6OBE1/yWDLfJ6v9r9jv6ly0Us -H8SIU653DtmadsWOLB2jutXsMq7Aqqz30XpN69QH4kj3Io6wpJ9qzo6ysmD0oyLQ -I+uUWnpp3Q+/QFesa1lQ2aOZ4W7+jQF5JyMV3pKdewlNWudLSDBaGOYKbeaP4NK7 -5t98biGCwWg5TbSYWGZizEqQXsP6JwSxeRV0mcy+rSDeJmAc61ZRpqPq5KM/p/9h -3PFaTWwyI0PurKju7koSCTxdccK+efrCh2gdC/1cacwG0Jp9VJkqyTkaGa9LKkPz -Y11aWOIv4x3kqdbQCtCev9eBCfHJxyYNrJgWVqA= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFWTCCA0GgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJOTzEd -MBsGA1UECgwUQnV5cGFzcyBBUy05ODMxNjMzMjcxIDAeBgNVBAMMF0J1eXBhc3Mg -Q2xhc3MgMyBSb290IENBMB4XDTEwMTAyNjA4Mjg1OFoXDTQwMTAyNjA4Mjg1OFow -TjELMAkGA1UEBhMCTk8xHTAbBgNVBAoMFEJ1eXBhc3MgQVMtOTgzMTYzMzI3MSAw -HgYDVQQDDBdCdXlwYXNzIENsYXNzIDMgUm9vdCBDQTCCAiIwDQYJKoZIhvcNAQEB -BQADggIPADCCAgoCggIBAKXaCpUWUOOV8l6ddjEGMnqb8RB2uACatVI2zSRHsJ8Y -ZLya9vrVediQYkwiL944PdbgqOkcLNt4EemOaFEVcsfzM4fkoF0LXOBXByow9c3E -N3coTRiR5r/VUv1xLXA+58bEiuPwKAv0dpihi4dVsjoT/Lc+JzeOIuOoTyrvYLs9 -tznDDgFHmV0ST9tD+leh7fmdvhFHJlsTmKtdFoqwNxxXnUX/iJY2v7vKB3tvh2PX -0DJq1l1sDPGzbjniazEuOQAnFN44wOwZZoYS6J1yFhNkUsepNxz9gjDthBgd9K5c -/3ATAOux9TN6S9ZV+AWNS2mw9bMoNlwUxFFzTWsL8TQH2xc519woe2v1n/MuwU8X -KhDzzMro6/1rqy6any2CbgTUUgGTLT2G/H783+9CHaZr77kgxve9oKeV/afmiSTY -zIw0bOIjL9kSGiG5VZFvC5F5GQytQIgLcOJ60g7YaEi7ghM5EFjp2CoHxhLbWNvS -O1UQRwUVZ2J+GGOmRj8JDlQyXr8NYnon74Do29lLBlo3WiXQCBJ31G8JUJc9yB3D -34xFMFbG02SrZvPAXpacw8Tvw3xrizp5f7NJzz3iiZ+gMEuFuZyUJHmPfWupRWgP -K9Dx2hzLabjKSWJtyNBjYt1gD1iqj6G8BaVmos8bdrKEZLFMOVLAMLrwjEsCsLa3 -AgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFEe4zf/lb+74suwv -Tg75JbCOPGvDMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEAACAj -QTUEkMJAYmDv4jVM1z+s4jSQuKFvdvoWFqRINyzpkMLyPPgKn9iB5btb2iUspKdV -cSQy9sgL8rxq+JOssgfCX5/bzMiKqr5qb+FJEMwx14C7u8jYog5kV+qi9cKpMRXS -IGrs/CIBKM+GuIAeqcwRpTzyFrNHnfzSgCHEy9BHcEGhyoMZCCxt8l13nIoUE9Q2 -HJLw5QY33KbmkJs4j1xrG0aGQ0JfPgEHU1RdZX33inOhmlRaHylDFCfChQ+1iHsa -O5S3HWCntZznKWlXWpuTekMwGwPXYshApqr8ZORK15FTAaggiG6cX0S5y2CBNOxv -033aSF/rtJC8LakcC6wc1aJoIIAE1vyxjy+7SjENSoYc6+I2KSb12tjE8nVhz36u -dmNKekBlk4f4HoCMhuWG1o8O/FMsYOgWYRqiPkN7zTlgVGr18okmAWiDSKIz6MkE -kbIRNBE+6tBDGR8Dk5AM/1E9V/RBbuHLoL7ryWPNbczk+DaqaJ3tvV2XcEQNtg41 -3OEMXbugUZTLfhbrES+jkkXITHHZvMmZUldGL1DPvTVp9D0VzgalLA8+9oG6lLvD -u79leNKGef9JOxqDDPDeeOzI8k1MGt6CKfjBWtrt7uYnXuhF0J0cUahoq0Tj0Itq -4/g7u9xN12TyUb7mqqta6THuBrxzvxNiCp/HuZc= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFaTCCA1GgAwIBAgIJAJK4iNuwisFjMA0GCSqGSIb3DQEBCwUAMFIxCzAJBgNV -BAYTAlNLMRMwEQYDVQQHEwpCcmF0aXNsYXZhMRMwEQYDVQQKEwpEaXNpZyBhLnMu -MRkwFwYDVQQDExBDQSBEaXNpZyBSb290IFIyMB4XDTEyMDcxOTA5MTUzMFoXDTQy -MDcxOTA5MTUzMFowUjELMAkGA1UEBhMCU0sxEzARBgNVBAcTCkJyYXRpc2xhdmEx -EzARBgNVBAoTCkRpc2lnIGEucy4xGTAXBgNVBAMTEENBIERpc2lnIFJvb3QgUjIw -ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCio8QACdaFXS1tFPbCw3Oe -NcJxVX6B+6tGUODBfEl45qt5WDza/3wcn9iXAng+a0EE6UG9vgMsRfYvZNSrXaNH -PWSb6WiaxswbP7q+sos0Ai6YVRn8jG+qX9pMzk0DIaPY0jSTVpbLTAwAFjxfGs3I -x2ymrdMxp7zo5eFm1tL7A7RBZckQrg4FY8aAamkw/dLukO8NJ9+flXP04SXabBbe -QTg06ov80egEFGEtQX6sx3dOy1FU+16SGBsEWmjGycT6txOgmLcRK7fWV8x8nhfR -yyX+hk4kLlYMeE2eARKmK6cBZW58Yh2EhN/qwGu1pSqVg8NTEQxzHQuyRpDRQjrO -QG6Vrf/GlK1ul4SOfW+eioANSW1z4nuSHsPzwfPrLgVv2RvPN3YEyLRa5Beny912 -H9AZdugsBbPWnDTYltxhh5EF5EQIM8HauQhl1K6yNg3ruji6DOWbnuuNZt2Zz9aJ -QfYEkoopKW1rOhzndX0CcQ7zwOe9yxndnWCywmZgtrEE7snmhrmaZkCo5xHtgUUD -i/ZnWejBBhG93c+AAk9lQHhcR1DIm+YfgXvkRKhbhZri3lrVx/k6RGZL5DJUfORs -nLMOPReisjQS1n6yqEm70XooQL6iFh/f5DcfEXP7kAplQ6INfPgGAVUzfbANuPT1 -rqVCV3w2EYx7XsQDnYx5nQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud -DwEB/wQEAwIBBjAdBgNVHQ4EFgQUtZn4r7CU9eMg1gqtzk5WpC5uQu0wDQYJKoZI -hvcNAQELBQADggIBACYGXnDnZTPIgm7ZnBc6G3pmsgH2eDtpXi/q/075KMOYKmFM -tCQSin1tERT3nLXK5ryeJ45MGcipvXrA1zYObYVybqjGom32+nNjf7xueQgcnYqf -GopTpti72TVVsRHFqQOzVju5hJMiXn7B9hJSi+osZ7z+Nkz1uM/Rs0mSO9MpDpkb -lvdhuDvEK7Z4bLQjb/D907JedR+Zlais9trhxTF7+9FGs9K8Z7RiVLoJ92Owk6Ka -+elSLotgEqv89WBW7xBci8QaQtyDW2QOy7W81k/BfDxujRNt+3vrMNDcTa/F1bal -TFtxyegxvug4BkihGuLq0t4SOVga/4AOgnXmt8kHbA7v/zjxmHHEt38OFdAlab0i -nSvtBfZGR6ztwPDUO+Ls7pZbkBNOHlY667DvlruWIxG68kOGdGSVyCh13x01utI3 -gzhTODY7z2zp+WsO0PsE6E9312UBeIYMej4hYvF/Y3EMyZ9E26gnonW+boE+18Dr -G5gPcFw0sorMwIUY6256s/daoQe/qUKS82Ail+QUoQebTnbAjn39pCXHR+3/H3Os -zMOl6W8KjptlwlCFtaOgUxLMVYdh84GuEEZhvUQhuMI9dM9+JDX6HAcOmz0iyu8x -L4ysEr3vQCj8KWefshNPZiTEUxnpHikV7+ZtsH8tZ/3zbBt1RqPlShfppNcL ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFjTCCA3WgAwIBAgIEGErM1jANBgkqhkiG9w0BAQsFADBWMQswCQYDVQQGEwJD -TjEwMC4GA1UECgwnQ2hpbmEgRmluYW5jaWFsIENlcnRpZmljYXRpb24gQXV0aG9y -aXR5MRUwEwYDVQQDDAxDRkNBIEVWIFJPT1QwHhcNMTIwODA4MDMwNzAxWhcNMjkx -MjMxMDMwNzAxWjBWMQswCQYDVQQGEwJDTjEwMC4GA1UECgwnQ2hpbmEgRmluYW5j -aWFsIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRUwEwYDVQQDDAxDRkNBIEVWIFJP -T1QwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDXXWvNED8fBVnVBU03 -sQ7smCuOFR36k0sXgiFxEFLXUWRwFsJVaU2OFW2fvwwbwuCjZ9YMrM8irq93VCpL -TIpTUnrD7i7es3ElweldPe6hL6P3KjzJIx1qqx2hp/Hz7KDVRM8Vz3IvHWOX6Jn5 -/ZOkVIBMUtRSqy5J35DNuF++P96hyk0g1CXohClTt7GIH//62pCfCqktQT+x8Rgp -7hZZLDRJGqgG16iI0gNyejLi6mhNbiyWZXvKWfry4t3uMCz7zEasxGPrb382KzRz -EpR/38wmnvFyXVBlWY9ps4deMm/DGIq1lY+wejfeWkU7xzbh72fROdOXW3NiGUgt -hxwG+3SYIElz8AXSG7Ggo7cbcNOIabla1jj0Ytwli3i/+Oh+uFzJlU9fpy25IGvP -a931DfSCt/SyZi4QKPaXWnuWFo8BGS1sbn85WAZkgwGDg8NNkt0yxoekN+kWzqot -aK8KgWU6cMGbrU1tVMoqLUuFG7OA5nBFDWteNfB/O7ic5ARwiRIlk9oKmSJgamNg -TnYGmE69g60dWIolhdLHZR4tjsbftsbhf4oEIRUpdPA+nJCdDC7xij5aqgwJHsfV -PKPtl8MeNPo4+QgO48BdK4PRVmrJtqhUUy54Mmc9gn900PvhtgVguXDbjgv5E1hv -cWAQUhC5wUEJ73IfZzF4/5YFjQIDAQABo2MwYTAfBgNVHSMEGDAWgBTj/i39KNAL -tbq2osS/BqoFjJP7LzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAd -BgNVHQ4EFgQU4/4t/SjQC7W6tqLEvwaqBYyT+y8wDQYJKoZIhvcNAQELBQADggIB -ACXGumvrh8vegjmWPfBEp2uEcwPenStPuiB/vHiyz5ewG5zz13ku9Ui20vsXiObT -ej/tUxPQ4i9qecsAIyjmHjdXNYmEwnZPNDatZ8POQQaIxffu2Bq41gt/UP+TqhdL -jOztUmCypAbqTuv0axn96/Ua4CUqmtzHQTb3yHQFhDmVOdYLO6Qn+gjYXB74BGBS -ESgoA//vU2YApUo0FmZ8/Qmkrp5nGm9BC2sGE5uPhnEFtC+NiWYzKXZUmhH4J/qy -P5Hgzg0b8zAarb8iXRvTvyUFTeGSGn+ZnzxEk8rUQElsgIfXBDrDMlI1Dlb4pd19 -xIsNER9Tyx6yF7Zod1rg1MvIB671Oi6ON7fQAUtDKXeMOZePglr4UeWJoBjnaH9d -Ci77o0cOPaYjesYBx4/IXr9tgFa+iiS6M+qf4TIRnvHST4D2G0CvOJ4RUHlzEhLN -5mydLIhyPDCBBpEi6lmt2hkuIsKNuYyH4Ga8cyNfIWRjgEj1oDwYPZTISEEdQLpe -/v5WOaHIz16eGWRGENoXkbcFgKyLmZJ956LYBws2J+dIeWCKw9cTXPhyQN9Ky8+Z -AAoACxGV2lZFA4gKn2fQ1XmxqI1AbQ3CekD6819kR5LLU7m7Wc5P/dAVUwHY3+vZ -5nbv0CO7O6l5s9UCKc2Jo5YPSjXnTkLAdc0Hz+Ys63su ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEHTCCAwWgAwIBAgIQToEtioJl4AsC7j41AkblPTANBgkqhkiG9w0BAQUFADCB -gTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G -A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxJzAlBgNV -BAMTHkNPTU9ETyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNjEyMDEwMDAw -MDBaFw0yOTEyMzEyMzU5NTlaMIGBMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3Jl -YXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFDT01P -RE8gQ0EgTGltaXRlZDEnMCUGA1UEAxMeQ09NT0RPIENlcnRpZmljYXRpb24gQXV0 -aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ECLi3LjkRv3 -UcEbVASY06m/weaKXTuH+7uIzg3jLz8GlvCiKVCZrts7oVewdFFxze1CkU1B/qnI -2GqGd0S7WWaXUF601CxwRM/aN5VCaTwwxHGzUvAhTaHYujl8HJ6jJJ3ygxaYqhZ8 -Q5sVW7euNJH+1GImGEaaP+vB+fGQV+useg2L23IwambV4EajcNxo2f8ESIl33rXp -+2dtQem8Ob0y2WIC8bGoPW43nOIv4tOiJovGuFVDiOEjPqXSJDlqR6sA1KGzqSX+ -DT+nHbrTUcELpNqsOO9VUCQFZUaTNE8tja3G1CEZ0o7KBWFxB3NH5YoZEr0ETc5O -nKVIrLsm9wIDAQABo4GOMIGLMB0GA1UdDgQWBBQLWOWLxkwVN6RAqTCpIb5HNlpW -/zAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBJBgNVHR8EQjBAMD6g -PKA6hjhodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9DZXJ0aWZpY2F0aW9u -QXV0aG9yaXR5LmNybDANBgkqhkiG9w0BAQUFAAOCAQEAPpiem/Yb6dc5t3iuHXIY -SdOH5EOC6z/JqvWote9VfCFSZfnVDeFs9D6Mk3ORLgLETgdxb8CPOGEIqB6BCsAv -IC9Bi5HcSEW88cbeunZrM8gALTFGTO3nnc+IlP8zwFboJIYmuNg4ON8qa90SzMc/ -RxdMosIGlgnW2/4/PEZB31jiVg88O8EckzXZOFKs7sjsLjBOlDW0JB9LeGna8gI4 -zJVSk/BwJVmcIGfE7vmLV2H0knZ9P4SNVbfo5azV8fUZVqZa+5Acr5Pr5RzUZ5dd -BA6+C4OmF4O5MBKgxTMVBbkN+8cFduPYSo38NBejxiEovjBFMR7HeL5YYTisO+IB -ZQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICiTCCAg+gAwIBAgIQH0evqmIAcFBUTAGem2OZKjAKBggqhkjOPQQDAzCBhTEL -MAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE -BxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMT -IkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDgwMzA2MDAw -MDAwWhcNMzgwMTE4MjM1OTU5WjCBhTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdy -ZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09N -T0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlv -biBBdXRob3JpdHkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQDR3svdcmCFYX7deSR -FtSrYpn1PlILBs5BAH+X4QokPB0BBO490o0JlwzgdeT6+3eKKvUDYEs2ixYjFq0J -cfRK9ChQtP6IHG4/bC8vCVlbpVsLM5niwz2J+Wos77LTBumjQjBAMB0GA1UdDgQW -BBR1cacZSBm8nZ3qQUfflMRId5nTeTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/ -BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjEA7wNbeqy3eApyt4jf/7VGFAkK+qDm -fQjGGoe9GKhzvSbKYAydzpmfz1wPMOG+FDHqAjAU9JM8SaczepBGR7NjfRObTrdv -GDeAU/7dIOA1mjbRxwG55tzd8/8dLDoWV9mSOdY= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF2DCCA8CgAwIBAgIQTKr5yttjb+Af907YWwOGnTANBgkqhkiG9w0BAQwFADCB -hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G -A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNV -BAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAwMTE5 -MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBhTELMAkGA1UEBhMCR0IxGzAZBgNVBAgT -EkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR -Q09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNh -dGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCR -6FSS0gpWsawNJN3Fz0RndJkrN6N9I3AAcbxT38T6KhKPS38QVr2fcHK3YX/JSw8X -pz3jsARh7v8Rl8f0hj4K+j5c+ZPmNHrZFGvnnLOFoIJ6dq9xkNfs/Q36nGz637CC -9BR++b7Epi9Pf5l/tfxnQ3K9DADWietrLNPtj5gcFKt+5eNu/Nio5JIk2kNrYrhV -/erBvGy2i/MOjZrkm2xpmfh4SDBF1a3hDTxFYPwyllEnvGfDyi62a+pGx8cgoLEf -Zd5ICLqkTqnyg0Y3hOvozIFIQ2dOciqbXL1MGyiKXCJ7tKuY2e7gUYPDCUZObT6Z -+pUX2nwzV0E8jVHtC7ZcryxjGt9XyD+86V3Em69FmeKjWiS0uqlWPc9vqv9JWL7w -qP/0uK3pN/u6uPQLOvnoQ0IeidiEyxPx2bvhiWC4jChWrBQdnArncevPDt09qZah -SL0896+1DSJMwBGB7FY79tOi4lu3sgQiUpWAk2nojkxl8ZEDLXB0AuqLZxUpaVIC -u9ffUGpVRr+goyhhf3DQw6KqLCGqR84onAZFdr+CGCe01a60y1Dma/RMhnEw6abf -Fobg2P9A3fvQQoh/ozM6LlweQRGBY84YcWsr7KaKtzFcOmpH4MN5WdYgGq/yapiq -crxXStJLnbsQ/LBMQeXtHT1eKJ2czL+zUdqnR+WEUwIDAQABo0IwQDAdBgNVHQ4E -FgQUu69+Aj36pvE8hI6t7jiY7NkyMtQwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB -/wQFMAMBAf8wDQYJKoZIhvcNAQEMBQADggIBAArx1UaEt65Ru2yyTUEUAJNMnMvl -wFTPoCWOAvn9sKIN9SCYPBMtrFaisNZ+EZLpLrqeLppysb0ZRGxhNaKatBYSaVqM -4dc+pBroLwP0rmEdEBsqpIt6xf4FpuHA1sj+nq6PK7o9mfjYcwlYRm6mnPTXJ9OV -2jeDchzTc+CiR5kDOF3VSXkAKRzH7JsgHAckaVd4sjn8OoSgtZx8jb8uk2Intzna -FxiuvTwJaP+EmzzV1gsD41eeFPfR60/IvYcjt7ZJQ3mFXLrrkguhxuhoqEwWsRqZ -CuhTLJK7oQkYdQxlqHvLI7cawiiFwxv/0Cti76R7CZGYZ4wUAc1oBmpjIXUDgIiK -boHGhfKppC3n9KUkEEeDys30jXlYsQab5xoq2Z0B15R97QNKyvDb6KkBPvVWmcke -jkk9u+UJueBPSZI9FoJAzMxZxuY67RIuaTxslbH9qh17f4a+Hg4yRvv7E491f0yL -S0Zj/gA0QHDBw7mh3aZw4gSzQbzpgJHqZJx64SIDqZxubw5lT2yHh17zbqD5daWb -QOhTsiedSrnAdyGN/4fy3ryM7xfft0kL0fJuMAsaDk527RH89elWsn2/x20Kk4yl -0MC2Hb46TpSi125sC8KKfPog88Tk5c0NqMuRkrF8hey1FGlmDoLnzc7ILaZRfyHB -NVOFBkpdn627G190 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEvTCCA6WgAwIBAgIBADANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJFVTEn -MCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQL -ExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEiMCAGA1UEAxMZQ2hhbWJlcnMg -b2YgQ29tbWVyY2UgUm9vdDAeFw0wMzA5MzAxNjEzNDNaFw0zNzA5MzAxNjEzNDRa -MH8xCzAJBgNVBAYTAkVVMScwJQYDVQQKEx5BQyBDYW1lcmZpcm1hIFNBIENJRiBB -ODI3NDMyODcxIzAhBgNVBAsTGmh0dHA6Ly93d3cuY2hhbWJlcnNpZ24ub3JnMSIw -IAYDVQQDExlDaGFtYmVycyBvZiBDb21tZXJjZSBSb290MIIBIDANBgkqhkiG9w0B -AQEFAAOCAQ0AMIIBCAKCAQEAtzZV5aVdGDDg2olUkfzIx1L4L1DZ77F1c2VHfRtb -unXF/KGIJPov7coISjlUxFF6tdpg6jg8gbLL8bvZkSM/SAFwdakFKq0fcfPJVD0d -BmpAPrMMhe5cG3nCYsS4No41XQEMIwRHNaqbYE6gZj3LJgqcQKH0XZi/caulAGgq -7YN6D6IUtdQis4CwPAxaUWktWBiP7Zme8a7ileb2R6jWDA+wWFjbw2Y3npuRVDM3 -0pQcakjJyfKl2qUMI/cjDpwyVV5xnIQFUZot/eZOKjRa3spAN2cMVCFVd9oKDMyX -roDclDZK9D7ONhMeU+SsTjoF7Nuucpw4i9A5O4kKPnf+dQIBA6OCAUQwggFAMBIG -A1UdEwEB/wQIMAYBAf8CAQwwPAYDVR0fBDUwMzAxoC+gLYYraHR0cDovL2NybC5j -aGFtYmVyc2lnbi5vcmcvY2hhbWJlcnNyb290LmNybDAdBgNVHQ4EFgQU45T1sU3p -26EpW1eLTXYGduHRooowDgYDVR0PAQH/BAQDAgEGMBEGCWCGSAGG+EIBAQQEAwIA -BzAnBgNVHREEIDAegRxjaGFtYmVyc3Jvb3RAY2hhbWJlcnNpZ24ub3JnMCcGA1Ud -EgQgMB6BHGNoYW1iZXJzcm9vdEBjaGFtYmVyc2lnbi5vcmcwWAYDVR0gBFEwTzBN -BgsrBgEEAYGHLgoDATA+MDwGCCsGAQUFBwIBFjBodHRwOi8vY3BzLmNoYW1iZXJz -aWduLm9yZy9jcHMvY2hhbWJlcnNyb290Lmh0bWwwDQYJKoZIhvcNAQEFBQADggEB -AAxBl8IahsAifJ/7kPMa0QOx7xP5IV8EnNrJpY0nbJaHkb5BkAFyk+cefV/2icZd -p0AJPaxJRUXcLo0waLIJuvvDL8y6C98/d3tGfToSJI6WjzwFCm/SlCgdbQzALogi -1djPHRPH8EjX1wWnz8dHnjs8NMiAT9QUu/wNUPf6s+xCX6ndbcj0dc97wXImsQEc -XCz9ek60AcUFV7nnPKoF2YjpB0ZBzu9Bga5Y34OirsrXdx/nADydb47kMgkdTXg0 -eDQ8lJsm7U9xxhl6vSAiSFr+S30Dt+dYvsYyTnQeaN2oaFuzPu5ifdmA6Ap1erfu -tGWaIZDgqtCYvDi1czyL+Nw= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIExTCCA62gAwIBAgIBADANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJFVTEn -MCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQL -ExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEgMB4GA1UEAxMXR2xvYmFsIENo -YW1iZXJzaWduIFJvb3QwHhcNMDMwOTMwMTYxNDE4WhcNMzcwOTMwMTYxNDE4WjB9 -MQswCQYDVQQGEwJFVTEnMCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgy -NzQzMjg3MSMwIQYDVQQLExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEgMB4G -A1UEAxMXR2xvYmFsIENoYW1iZXJzaWduIFJvb3QwggEgMA0GCSqGSIb3DQEBAQUA -A4IBDQAwggEIAoIBAQCicKLQn0KuWxfH2H3PFIP8T8mhtxOviteePgQKkotgVvq0 -Mi+ITaFgCPS3CU6gSS9J1tPfnZdan5QEcOw/Wdm3zGaLmFIoCQLfxS+EjXqXd7/s -QJ0lcqu1PzKY+7e3/HKE5TWH+VX6ox8Oby4o3Wmg2UIQxvi1RMLQQ3/bvOSiPGpV -eAp3qdjqGTK3L/5cPxvusZjsyq16aUXjlg9V9ubtdepl6DJWk0aJqCWKZQbua795 -B9Dxt6/tLE2Su8CoX6dnfQTyFQhwrJLWfQTSM/tMtgsL+xrJxI0DqX5c8lCrEqWh -z0hQpe/SyBoT+rB/sYIcd2oPX9wLlY/vQ37mRQklAgEDo4IBUDCCAUwwEgYDVR0T -AQH/BAgwBgEB/wIBDDA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vY3JsLmNoYW1i -ZXJzaWduLm9yZy9jaGFtYmVyc2lnbnJvb3QuY3JsMB0GA1UdDgQWBBRDnDafsJ4w -TcbOX60Qq+UDpfqpFDAOBgNVHQ8BAf8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgAH -MCoGA1UdEQQjMCGBH2NoYW1iZXJzaWducm9vdEBjaGFtYmVyc2lnbi5vcmcwKgYD -VR0SBCMwIYEfY2hhbWJlcnNpZ25yb290QGNoYW1iZXJzaWduLm9yZzBbBgNVHSAE -VDBSMFAGCysGAQQBgYcuCgEBMEEwPwYIKwYBBQUHAgEWM2h0dHA6Ly9jcHMuY2hh -bWJlcnNpZ24ub3JnL2Nwcy9jaGFtYmVyc2lnbnJvb3QuaHRtbDANBgkqhkiG9w0B -AQUFAAOCAQEAPDtwkfkEVCeR4e3t/mh/YV3lQWVPMvEYBZRqHN4fcNs+ezICNLUM -bKGKfKX0j//U2K0X1S0E0T9YgOKBWYi+wONGkyT+kL0mojAt6JcmVzWJdJYY9hXi -ryQZVgICsroPFOrGimbBhkVVi76SvpykBMdJPJ7oKXqJ1/6v/2j1pReQvayZzKWG -VwlnRtvWFsJG8eSpUPWP0ZIV018+xgBJOm5YstHRJw0lyDL4IBHNfTIzSJRUTN3c -ecQwn+uOuFW114hcxWokPbLTBQNRxgfvzBRydD1ucs4YKIxKoHflCStFREest2d/ -AYoFWpO+ocH/+OcOZ6RHSXZddZAa9SaP8A== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDqDCCApCgAwIBAgIJAP7c4wEPyUj/MA0GCSqGSIb3DQEBBQUAMDQxCzAJBgNV -BAYTAkZSMRIwEAYDVQQKDAlEaGlteW90aXMxETAPBgNVBAMMCENlcnRpZ25hMB4X -DTA3MDYyOTE1MTMwNVoXDTI3MDYyOTE1MTMwNVowNDELMAkGA1UEBhMCRlIxEjAQ -BgNVBAoMCURoaW15b3RpczERMA8GA1UEAwwIQ2VydGlnbmEwggEiMA0GCSqGSIb3 -DQEBAQUAA4IBDwAwggEKAoIBAQDIaPHJ1tazNHUmgh7stL7qXOEm7RFHYeGifBZ4 -QCHkYJ5ayGPhxLGWkv8YbWkj4Sti993iNi+RB7lIzw7sebYs5zRLcAglozyHGxny -gQcPOJAZ0xH+hrTy0V4eHpbNgGzOOzGTtvKg0KmVEn2lmsxryIRWijOp5yIVUxbw -zBfsV1/pogqYCd7jX5xv3EjjhQsVWqa6n6xI4wmy9/Qy3l40vhx4XUJbzg4ij02Q -130yGLMLLGq/jj8UEYkgDncUtT2UCIf3JR7VsmAA7G8qKCVuKj4YYxclPz5EIBb2 -JsglrgVKtOdjLPOMFlN+XPsRGgjBRmKfIrjxwo1p3Po6WAbfAgMBAAGjgbwwgbkw -DwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUGu3+QTmQtCRZvgHyUtVF9lo53BEw -ZAYDVR0jBF0wW4AUGu3+QTmQtCRZvgHyUtVF9lo53BGhOKQ2MDQxCzAJBgNVBAYT -AkZSMRIwEAYDVQQKDAlEaGlteW90aXMxETAPBgNVBAMMCENlcnRpZ25hggkA/tzj -AQ/JSP8wDgYDVR0PAQH/BAQDAgEGMBEGCWCGSAGG+EIBAQQEAwIABzANBgkqhkiG -9w0BAQUFAAOCAQEAhQMeknH2Qq/ho2Ge6/PAD/Kl1NqV5ta+aDY9fm4fTIrv0Q8h -bV6lUmPOEvjvKtpv6zf+EwLHyzs+ImvaYS5/1HI93TDhHkxAGYwP15zRgzB7mFnc -fca5DClMoTOi62c6ZYTTluLtdkVwj7Ur3vkj1kluPBS1xp81HlDQwY9qcEQCYsuu -HWhBp6pX6FOqB9IG9tUUBguRA3UsbHK1YZWaDYu5Def131TN3ubY1gkIl2PlwS6w -t0QmwCbAr1UwnjvVNioZBPRcHv/PLLf/0P2HQBHVESO7SMAhqaQoLf0V+LBOK/Qw -WyH8EZE0vkHve52Xdf+XlcCWWC/qu0bXu+TZLg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFkjCCA3qgAwIBAgIBATANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJGUjET -MBEGA1UEChMKQ2VydGlub21pczEXMBUGA1UECxMOMDAwMiA0MzM5OTg5MDMxHTAb -BgNVBAMTFENlcnRpbm9taXMgLSBSb290IENBMB4XDTEzMTAyMTA5MTcxOFoXDTMz -MTAyMTA5MTcxOFowWjELMAkGA1UEBhMCRlIxEzARBgNVBAoTCkNlcnRpbm9taXMx -FzAVBgNVBAsTDjAwMDIgNDMzOTk4OTAzMR0wGwYDVQQDExRDZXJ0aW5vbWlzIC0g -Um9vdCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANTMCQosP5L2 -fxSeC5yaah1AMGT9qt8OHgZbn1CF6s2Nq0Nn3rD6foCWnoR4kkjW4znuzuRZWJfl -LieY6pOod5tK8O90gC3rMB+12ceAnGInkYjwSond3IjmFPnVAy//ldu9n+ws+hQV -WZUKxkd8aRi5pwP5ynapz8dvtF4F/u7BUrJ1Mofs7SlmO/NKFoL21prbcpjp3vDF -TKWrteoB4owuZH9kb/2jJZOLyKIOSY008B/sWEUuNKqEUL3nskoTuLAPrjhdsKkb -5nPJWqHZZkCqqU2mNAKthH6yI8H7KsZn9DS2sJVqM09xRLWtwHkziOC/7aOgFLSc -CbAK42C++PhmiM1b8XcF4LVzbsF9Ri6OSyemzTUK/eVNfaoqoynHWmgE6OXWk6Ri -wsXm9E/G+Z8ajYJJGYrKWUM66A0ywfRMEwNvbqY/kXPLynNvEiCL7sCCeN5LLsJJ -wx3tFvYk9CcbXFcx3FXuqB5vbKziRcxXV4p1VxngtViZSTYxPDMBbRZKzbgqg4SG -m/lg0h9tkQPTYKbVPZrdd5A9NaSfD171UkRpucC63M9933zZxKyGIjK8e2uR73r4 -F2iw4lNVYC2vPsKD2NkJK/DAZNuHi5HMkesE/Xa0lZrmFAYb1TQdvtj/dBxThZng -WVJKYe2InmtJiUZ+IFrZ50rlau7SZRFDAgMBAAGjYzBhMA4GA1UdDwEB/wQEAwIB -BjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTvkUz1pcMw6C8I6tNxIqSSaHh0 -2TAfBgNVHSMEGDAWgBTvkUz1pcMw6C8I6tNxIqSSaHh02TANBgkqhkiG9w0BAQsF -AAOCAgEAfj1U2iJdGlg+O1QnurrMyOMaauo++RLrVl89UM7g6kgmJs95Vn6RHJk/ -0KGRHCwPT5iVWVO90CLYiF2cN/z7ZMF4jIuaYAnq1fohX9B0ZedQxb8uuQsLrbWw -F6YSjNRieOpWauwK0kDDPAUwPk2Ut59KA9N9J0u2/kTO+hkzGm2kQtHdzMjI1xZS -g081lLMSVX3l4kLr5JyTCcBMWwerx20RoFAXlCOotQqSD7J6wWAsOMwaplv/8gzj -qh8c3LigkyfeY+N/IZ865Z764BNqdeuWXGKRlI5nU7aJ+BIJy29SWwNyhlCVCNSN -h4YVH5Uk2KRvms6knZtt0rJ2BobGVgjF6wnaNsIbW0G+YSrjcOa4pvi2WsS9Iff/ -ql+hbHY5ZtbqTFXhADObE5hjyW/QASAJN1LnDE8+zbz1X5YnpyACleAu6AdBBR8V -btaw5BngDwKTACdyxYvRVB9dSsNAl35VpnzBMwQUAR1JIGkLGZOdblgi90AMRgwj -Y/M50n92Uaf0yKHxDHYiI0ZSKS3io0EHVmmY0gUJvGnHWmHNj4FgFU2A3ZDifcRQ -8ow7bkrHxuaAKzyBvBGAFhAn1/DNP3nMcyrDflOR1m749fPH0FFNjkulW+YZFzvW -gQncItzujrnEj1PhZ7szuIgVRs/taTX/dQ1G885x4cVrhkIGuUE= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDkjCCAnqgAwIBAgIRAIW9S/PY2uNp9pTXX8OlRCMwDQYJKoZIhvcNAQEFBQAw -PTELMAkGA1UEBhMCRlIxETAPBgNVBAoTCENlcnRwbHVzMRswGQYDVQQDExJDbGFz -cyAyIFByaW1hcnkgQ0EwHhcNOTkwNzA3MTcwNTAwWhcNMTkwNzA2MjM1OTU5WjA9 -MQswCQYDVQQGEwJGUjERMA8GA1UEChMIQ2VydHBsdXMxGzAZBgNVBAMTEkNsYXNz -IDIgUHJpbWFyeSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANxQ -ltAS+DXSCHh6tlJw/W/uz7kRy1134ezpfgSN1sxvc0NXYKwzCkTsA18cgCSR5aiR -VhKC9+Ar9NuuYS6JEI1rbLqzAr3VNsVINyPi8Fo3UjMXEuLRYE2+L0ER4/YXJQyL -kcAbmXuZVg2v7tK8R1fjeUl7NIknJITesezpWE7+Tt9avkGtrAjFGA7v0lPubNCd -EgETjdyAYveVqUSISnFOYFWe2yMZeVYHDD9jC1yw4r5+FfyUM1hBOHTE4Y+L3yas -H7WLO7dDWWuwJKZtkIvEcupdM5i3y95ee++U8Rs+yskhwcWYAqqi9lt3m/V+llU0 -HGdpwPFC40es/CgcZlUCAwEAAaOBjDCBiTAPBgNVHRMECDAGAQH/AgEKMAsGA1Ud -DwQEAwIBBjAdBgNVHQ4EFgQU43Mt38sOKAze3bOkynm4jrvoMIkwEQYJYIZIAYb4 -QgEBBAQDAgEGMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly93d3cuY2VydHBsdXMu -Y29tL0NSTC9jbGFzczIuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQCnVM+IRBnL39R/ -AN9WM2K191EBkOvDP9GIROkkXe/nFL0gt5o8AP5tn9uQ3Nf0YtaLcF3n5QRIqWh8 -yfFC82x/xXp8HVGIutIKPidd3i1RTtMTZGnkLuPT55sJmabglZvOGtd/vjzOUrMR -FcEPF80Du5wlFbqidon8BvEY0JNLDnyCt6X09l/+7UCmnYR0ObncHoUW2ikbhiMA -ybuJfm6AiB4vFLQDJKgybwOaRywwvlbGp0ICcBvqQNi6BQNwB6SW//1IMwrh3KWB -kJtN3X3n57LNXMhqlfil9o3EXXgIvnsG1knPGTZQIy4I5p4FTUcY1Rbpsda2ENW7 -l7+ijrRU ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFazCCA1OgAwIBAgISESBVg+QtPlRWhS2DN7cs3EYRMA0GCSqGSIb3DQEBDQUA -MD4xCzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2Vy -dHBsdXMgUm9vdCBDQSBHMTAeFw0xNDA1MjYwMDAwMDBaFw0zODAxMTUwMDAwMDBa -MD4xCzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2Vy -dHBsdXMgUm9vdCBDQSBHMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB -ANpQh7bauKk+nWT6VjOaVj0W5QOVsjQcmm1iBdTYj+eJZJ+622SLZOZ5KmHNr49a -iZFluVj8tANfkT8tEBXgfs+8/H9DZ6itXjYj2JizTfNDnjl8KvzsiNWI7nC9hRYt -6kuJPKNxQv4c/dMcLRC4hlTqQ7jbxofaqK6AJc96Jh2qkbBIb6613p7Y1/oA/caP -0FG7Yn2ksYyy/yARujVjBYZHYEMzkPZHogNPlk2dT8Hq6pyi/jQu3rfKG3akt62f -6ajUeD94/vI4CTYd0hYCyOwqaK/1jpTvLRN6HkJKHRUxrgwEV/xhc/MxVoYxgKDE -EW4wduOU8F8ExKyHcomYxZ3MVwia9Az8fXoFOvpHgDm2z4QTd28n6v+WZxcIbekN -1iNQMLAVdBM+5S//Ds3EC0pd8NgAM0lm66EYfFkuPSi5YXHLtaW6uOrc4nBvCGrc -h2c0798wct3zyT8j/zXhviEpIDCB5BmlIOklynMxdCm+4kLV87ImZsdo/Rmz5yCT -mehd4F6H50boJZwKKSTUzViGUkAksnsPmBIgJPaQbEfIDbsYIC7Z/fyL8inqh3SV -4EJQeIQEQWGw9CEjjy3LKCHyamz0GqbFFLQ3ZU+V/YDI+HLlJWvEYLF7bY5KinPO -WftwenMGE9nTdDckQQoRb5fc5+R+ob0V8rqHDz1oihYHAgMBAAGjYzBhMA4GA1Ud -DwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSowcCbkahDFXxd -Bie0KlHYlwuBsTAfBgNVHSMEGDAWgBSowcCbkahDFXxdBie0KlHYlwuBsTANBgkq -hkiG9w0BAQ0FAAOCAgEAnFZvAX7RvUz1isbwJh/k4DgYzDLDKTudQSk0YcbX8ACh -66Ryj5QXvBMsdbRX7gp8CXrc1cqh0DQT+Hern+X+2B50ioUHj3/MeXrKls3N/U/7 -/SMNkPX0XtPGYX2eEeAC7gkE2Qfdpoq3DIMku4NQkv5gdRE+2J2winq14J2by5BS -S7CTKtQ+FjPlnsZlFT5kOwQ/2wyPX1wdaR+v8+khjPPvl/aatxm2hHSco1S1cE5j -2FddUyGbQJJD+tZ3VTNPZNX70Cxqjm0lpu+F6ALEUz65noe8zDUa3qHpimOHZR4R -Kttjd5cUvpoUmRGywO6wT/gUITJDT5+rosuoD6o7BlXGEilXCNQ314cnrUlZp5Gr -RHpejXDbl85IULFzk/bwg2D5zfHhMf1bfHEhYxQUqq/F3pN+aLHsIqKqkHWetUNy -6mSjhEv9DKgma3GX7lZjZuhCVPnHHd/Qj1vfyDBviP4NxDMcU6ij/UgQ8uQKTuEV -V/xuZDDCVRHc6qnNSlSsKWNEz0pAoNZoWRsz+e86i9sgktxChL8Bq4fA1SCC28a5 -g4VCXA9DO2pJNdWY9BW/+mGBDAkgGNLQFwzLSABQ6XaCjGTXOqAHVcweMcDvOrRl -++O/QmueD6i9a5jc2NvLi6Td11n0bt3+qsOR0C5CB8AMTVPNJLFMWx5R9N/pkvo= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICHDCCAaKgAwIBAgISESDZkc6uo+jF5//pAq/Pc7xVMAoGCCqGSM49BAMDMD4x -CzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2VydHBs -dXMgUm9vdCBDQSBHMjAeFw0xNDA1MjYwMDAwMDBaFw0zODAxMTUwMDAwMDBaMD4x -CzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2VydHBs -dXMgUm9vdCBDQSBHMjB2MBAGByqGSM49AgEGBSuBBAAiA2IABM0PW1aC3/BFGtat -93nwHcmsltaeTpwftEIRyoa/bfuFo8XlGVzX7qY/aWfYeOKmycTbLXku54uNAm8x -Ik0G42ByRZ0OQneezs/lf4WbGOT8zC5y0xaTTsqZY1yhBSpsBqNjMGEwDgYDVR0P -AQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNqDYwJ5jtpMxjwj -FNiPwyCrKGBZMB8GA1UdIwQYMBaAFNqDYwJ5jtpMxjwjFNiPwyCrKGBZMAoGCCqG -SM49BAMDA2gAMGUCMHD+sAvZ94OX7PNVHdTcswYO/jOYnYs5kGuUIe22113WTNch -p+e/IQ8rzfcq3IUHnQIxAIYUFuXcsGXCwI4Un78kFmjlvPl5adytRSv3tjFzzAal -U5ORGpOucGpnutee5WEaXw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDDDCCAfSgAwIBAgIDAQAgMA0GCSqGSIb3DQEBBQUAMD4xCzAJBgNVBAYTAlBM -MRswGQYDVQQKExJVbml6ZXRvIFNwLiB6IG8uby4xEjAQBgNVBAMTCUNlcnR1bSBD -QTAeFw0wMjA2MTExMDQ2MzlaFw0yNzA2MTExMDQ2MzlaMD4xCzAJBgNVBAYTAlBM -MRswGQYDVQQKExJVbml6ZXRvIFNwLiB6IG8uby4xEjAQBgNVBAMTCUNlcnR1bSBD -QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM6xwS7TT3zNJc4YPk/E -jG+AanPIW1H4m9LcuwBcsaD8dQPugfCI7iNS6eYVM42sLQnFdvkrOYCJ5JdLkKWo -ePhzQ3ukYbDYWMzhbGZ+nPMJXlVjhNWo7/OxLjBos8Q82KxujZlakE403Daaj4GI -ULdtlkIJ89eVgw1BS7Bqa/j8D35in2fE7SZfECYPCE/wpFcozo+47UX2bu4lXapu -Ob7kky/ZR6By6/qmW6/KUz/iDsaWVhFu9+lmqSbYf5VT7QqFiLpPKaVCjF62/IUg -AKpoC6EahQGcxEZjgoi2IrHu/qpGWX7PNSzVttpd90gzFFS269lvzs2I1qsb2pY7 -HVkCAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEA -uI3O7+cUus/usESSbLQ5PqKEbq24IXfS1HeCh+YgQYHu4vgRt2PRFze+GXYkHAQa -TOs9qmdvLdTN/mUxcMUbpgIKumB7bVjCmkn+YzILa+M6wKyrO7Do0wlRjBCDxjTg -xSvgGrZgFCdsMneMvLJymM/NzD+5yCRCFNZX/OYmQ6kd5YCQzgNUKD73P9P4Te1q -CjqTE5s7FCMTY5w/0YcneeVMUeMBrYVdGjux1XMQpNPyvG5k9VpWkKjHDkx0Dy5x -O/fIR/RpbxXyEV6DHpx8Uq79AtoSqFlnGNu8cN2bsWntgM6JQEhqDjXKKWYVIZQs -6GAqm4VKQPNriiTsBhYscw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDuzCCAqOgAwIBAgIDBETAMA0GCSqGSIb3DQEBBQUAMH4xCzAJBgNVBAYTAlBM -MSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2llcyBTLkEuMScwJQYDVQQLEx5D -ZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxIjAgBgNVBAMTGUNlcnR1bSBU -cnVzdGVkIE5ldHdvcmsgQ0EwHhcNMDgxMDIyMTIwNzM3WhcNMjkxMjMxMTIwNzM3 -WjB+MQswCQYDVQQGEwJQTDEiMCAGA1UEChMZVW5pemV0byBUZWNobm9sb2dpZXMg -Uy5BLjEnMCUGA1UECxMeQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MSIw -IAYDVQQDExlDZXJ0dW0gVHJ1c3RlZCBOZXR3b3JrIENBMIIBIjANBgkqhkiG9w0B -AQEFAAOCAQ8AMIIBCgKCAQEA4/t9o3K6wvDJFIf1awFO4W5AB7ptJ11/91sts1rH -UV+rpDKmYYe2bg+G0jACl/jXaVehGDldamR5xgFZrDwxSjh80gTSSyjoIF87B6LM -TXPb865Px1bVWqeWifrzq2jUI4ZZJ88JJ7ysbnKDHDBy3+Ci6dLhdHUZvSqeexVU -BBvXQzmtVSjF4hq79MDkrjhJM8x2hZ85RdKknvISjFH4fOQtf/WsX+sWn7Et0brM -kUJ3TCXJkDhv2/DM+44el1k+1WBO5gUo7Ul5E0u6SNsv+XLTOcr+H9g0cvW0QM8x -AcPs3hEtF10fuFDRXhmnad4HMyjKUJX5p1TLVIZQRan5SQIDAQABo0IwQDAPBgNV -HRMBAf8EBTADAQH/MB0GA1UdDgQWBBQIds3LB/8k9sXN7buQvOKEN0Z19zAOBgNV -HQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQEFBQADggEBAKaorSLOAT2mo/9i0Eidi15y -sHhE49wcrwn9I0j6vSrEuVUEtRCjjSfeC4Jj0O7eDDd5QVsisrCaQVymcODU0HfL -I9MA4GxWL+FpDQ3Zqr8hgVDZBqWo/5U30Kr+4rP1mS1FhIrlQgnXdAIv94nYmem8 -J9RHjboNRhx3zxSkHLmkMcScKHQDNP8zGSal6Q10tz6XxnboJ5ajZt3hrvJBW8qY -VoNzcOSGGtIxQbovvi0TWnZvTuhOgQ4/WwMioBK+ZlgRSssDxLQqKi2WF+A5VLxI -03YnnZotBqbJ7DnSq9ufmgsnAjUpsUCV5/nonFWIGUbWtzT1fs45mtk48VH3Tyw= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF0jCCA7qgAwIBAgIQIdbQSk8lD8kyN/yqXhKN6TANBgkqhkiG9w0BAQ0FADCB -gDELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMu -QS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEkMCIG -A1UEAxMbQ2VydHVtIFRydXN0ZWQgTmV0d29yayBDQSAyMCIYDzIwMTExMDA2MDgz -OTU2WhgPMjA0NjEwMDYwODM5NTZaMIGAMQswCQYDVQQGEwJQTDEiMCAGA1UEChMZ -VW5pemV0byBUZWNobm9sb2dpZXMgUy5BLjEnMCUGA1UECxMeQ2VydHVtIENlcnRp -ZmljYXRpb24gQXV0aG9yaXR5MSQwIgYDVQQDExtDZXJ0dW0gVHJ1c3RlZCBOZXR3 -b3JrIENBIDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC9+Xj45tWA -DGSdhhuWZGc/IjoedQF97/tcZ4zJzFxrqZHmuULlIEub2pt7uZld2ZuAS9eEQCsn -0+i6MLs+CRqnSZXvK0AkwpfHp+6bJe+oCgCXhVqqndwpyeI1B+twTUrWwbNWuKFB -OJvR+zF/j+Bf4bE/D44WSWDXBo0Y+aomEKsq09DRZ40bRr5HMNUuctHFY9rnY3lE -fktjJImGLjQ/KUxSiyqnwOKRKIm5wFv5HdnnJ63/mgKXwcZQkpsCLL2puTRZCr+E -Sv/f/rOf69me4Jgj7KZrdxYq28ytOxykh9xGc14ZYmhFV+SQgkK7QtbwYeDBoz1m -o130GO6IyY0XRSmZMnUCMe4pJshrAua1YkV/NxVaI2iJ1D7eTiew8EAMvE0Xy02i -sx7QBlrd9pPPV3WZ9fqGGmd4s7+W/jTcvedSVuWz5XV710GRBdxdaeOVDUO5/IOW -OZV7bIBaTxNyxtd9KXpEulKkKtVBRgkg/iKgtlswjbyJDNXXcPiHUv3a76xRLgez -Tv7QCdpw75j6VuZt27VXS9zlLCUVyJ4ueE742pyehizKV/Ma5ciSixqClnrDvFAS -adgOWkaLOusm+iPJtrCBvkIApPjW/jAux9JG9uWOdf3yzLnQh1vMBhBgu4M1t15n -3kfsmUjxpKEV/q2MYo45VU85FrmxY53/twIDAQABo0IwQDAPBgNVHRMBAf8EBTAD -AQH/MB0GA1UdDgQWBBS2oVQ5AsOgP46KvPrU+Bym0ToO/TAOBgNVHQ8BAf8EBAMC -AQYwDQYJKoZIhvcNAQENBQADggIBAHGlDs7k6b8/ONWJWsQCYftMxRQXLYtPU2sQ -F/xlhMcQSZDe28cmk4gmb3DWAl45oPePq5a1pRNcgRRtDoGCERuKTsZPpd1iHkTf -CVn0W3cLN+mLIMb4Ck4uWBzrM9DPhmDJ2vuAL55MYIR4PSFk1vtBHxgP58l1cb29 -XN40hz5BsA72udY/CROWFC/emh1auVbONTqwX3BNXuMp8SMoclm2q8KMZiYcdywm -djWLKKdpoPk79SPdhRB0yZADVpHnr7pH1BKXESLjokmUbOe3lEu6LaTaM4tMpkT/ -WjzGHWTYtTHkpjx6qFcL2+1hGsvxznN3Y6SHb0xRONbkX8eftoEq5IVIeVheO/jb -AoJnwTnbw3RLPTYe+SmTiGhbqEQZIfCn6IENLOiTNrQ3ssqwGyZ6miUfmpqAnksq -P/ujmv5zMnHCnsZy4YpoJ/HkD7TETKVhk/iXEAcqMCWpuchxuO9ozC1+9eB+D4Ko -b7a6bINDd82Kkhehnlt4Fj1F4jNy3eFmypnTycUm/Q1oBEauttmbjL4ZvrHG8hnj -XALKLNhvSgfZyTXaQHXyxKcZb55CEJh15pWLYLztxRLXis7VmFxWlgPF7ncGNf/P -5O4/E2Hu29othfDNrp2yGAlFw5Khchf8R7agCyzxxN5DaAhqXzvwdmP7zAYspsbi -DrW5viSP ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIHTzCCBTegAwIBAgIJAKPaQn6ksa7aMA0GCSqGSIb3DQEBBQUAMIGuMQswCQYD -VQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0 -IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAGA1UEBRMJQTgyNzQzMjg3 -MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xKTAnBgNVBAMTIENoYW1iZXJz -IG9mIENvbW1lcmNlIFJvb3QgLSAyMDA4MB4XDTA4MDgwMTEyMjk1MFoXDTM4MDcz -MTEyMjk1MFowga4xCzAJBgNVBAYTAkVVMUMwQQYDVQQHEzpNYWRyaWQgKHNlZSBj -dXJyZW50IGFkZHJlc3MgYXQgd3d3LmNhbWVyZmlybWEuY29tL2FkZHJlc3MpMRIw -EAYDVQQFEwlBODI3NDMyODcxGzAZBgNVBAoTEkFDIENhbWVyZmlybWEgUy5BLjEp -MCcGA1UEAxMgQ2hhbWJlcnMgb2YgQ29tbWVyY2UgUm9vdCAtIDIwMDgwggIiMA0G -CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCvAMtwNyuAWko6bHiUfaN/Gh/2NdW9 -28sNRHI+JrKQUrpjOyhYb6WzbZSm891kDFX29ufyIiKAXuFixrYp4YFs8r/lfTJq -VKAyGVn+H4vXPWCGhSRv4xGzdz4gljUha7MI2XAuZPeEklPWDrCQiorjh40G072Q -DuKZoRuGDtqaCrsLYVAGUvGef3bsyw/QHg3PmTA9HMRFEFis1tPo1+XqxQEHd9ZR -5gN/ikilTWh1uem8nk4ZcfUyS5xtYBkL+8ydddy/Js2Pk3g5eXNeJQ7KXOt3EgfL -ZEFHcpOrUMPrCXZkNNI5t3YRCQ12RcSprj1qr7V9ZS+UWBDsXHyvfuK2GNnQm05a -Sd+pZgvMPMZ4fKecHePOjlO+Bd5gD2vlGts/4+EhySnB8esHnFIbAURRPHsl18Tl -UlRdJQfKFiC4reRB7noI/plvg6aRArBsNlVq5331lubKgdaX8ZSD6e2wsWsSaR6s -+12pxZjptFtYer49okQ6Y1nUCyXeG0+95QGezdIp1Z8XGQpvvwyQ0wlf2eOKNcx5 -Wk0ZN5K3xMGtr/R5JJqyAQuxr1yW84Ay+1w9mPGgP0revq+ULtlVmhduYJ1jbLhj -ya6BXBg14JC7vjxPNyK5fuvPnnchpj04gftI2jE9K+OJ9dC1vX7gUMQSibMjmhAx -hduub+84Mxh2EQIDAQABo4IBbDCCAWgwEgYDVR0TAQH/BAgwBgEB/wIBDDAdBgNV -HQ4EFgQU+SSsD7K1+HnA+mCIG8TZTQKeFxkwgeMGA1UdIwSB2zCB2IAU+SSsD7K1 -+HnA+mCIG8TZTQKeFxmhgbSkgbEwga4xCzAJBgNVBAYTAkVVMUMwQQYDVQQHEzpN -YWRyaWQgKHNlZSBjdXJyZW50IGFkZHJlc3MgYXQgd3d3LmNhbWVyZmlybWEuY29t -L2FkZHJlc3MpMRIwEAYDVQQFEwlBODI3NDMyODcxGzAZBgNVBAoTEkFDIENhbWVy -ZmlybWEgUy5BLjEpMCcGA1UEAxMgQ2hhbWJlcnMgb2YgQ29tbWVyY2UgUm9vdCAt -IDIwMDiCCQCj2kJ+pLGu2jAOBgNVHQ8BAf8EBAMCAQYwPQYDVR0gBDYwNDAyBgRV -HSAAMCowKAYIKwYBBQUHAgEWHGh0dHA6Ly9wb2xpY3kuY2FtZXJmaXJtYS5jb20w -DQYJKoZIhvcNAQEFBQADggIBAJASryI1wqM58C7e6bXpeHxIvj99RZJe6dqxGfwW -PJ+0W2aeaufDuV2I6A+tzyMP3iU6XsxPpcG1Lawk0lgH3qLPaYRgM+gQDROpI9CF -5Y57pp49chNyM/WqfcZjHwj0/gF/JM8rLFQJ3uIrbZLGOU8W6jx+ekbURWpGqOt1 -glanq6B8aBMz9p0w8G8nOSQjKpD9kCk18pPfNKXG9/jvjA9iSnyu0/VU+I22mlaH -FoI6M6taIgj3grrqLuBHmrS1RaMFO9ncLkVAO+rcf+g769HsJtg1pDDFOqxXnrN2 -pSB7+R5KBWIBpih1YJeSDW4+TTdDDZIVnBgizVGZoCkaPF+KMjNbMMeJL0eYD6MD -xvbxrN8y8NmBGuScvfaAFPDRLLmF9dijscilIeUcE5fuDr3fKanvNFNb0+RqE4QG -tjICxFKuItLcsiFCGtpA8CnJ7AoMXOLQusxI0zcKzBIKinmwPQN/aUv0NCB9szTq -jktk9T79syNnFQ0EuPAtwQlRPLJsFfClI9eDdOTlLsn+mCdCxqvGnrDQWzilm1De -fhiYtUU79nm06PcaewaD+9CL2rvHvRirCG88gGtAPxkZumWK5r7VXNM21+9AUiRg -OGcEMeyP84LG3rlV8zsxkVrctQgVrXYlCg17LofiDKYGvCYQbTed7N14jHyAxfDZ -d0jQ ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDkzCCAnugAwIBAgIQFBOWgxRVjOp7Y+X8NId3RDANBgkqhkiG9w0BAQUFADA0 -MRMwEQYDVQQDEwpDb21TaWduIENBMRAwDgYDVQQKEwdDb21TaWduMQswCQYDVQQG -EwJJTDAeFw0wNDAzMjQxMTMyMThaFw0yOTAzMTkxNTAyMThaMDQxEzARBgNVBAMT -CkNvbVNpZ24gQ0ExEDAOBgNVBAoTB0NvbVNpZ24xCzAJBgNVBAYTAklMMIIBIjAN -BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8ORUaSvTx49qROR+WCf4C9DklBKK -8Rs4OC8fMZwG1Cyn3gsqrhqg455qv588x26i+YtkbDqthVVRVKU4VbirgwTyP2Q2 -98CNQ0NqZtH3FyrV7zb6MBBC11PN+fozc0yz6YQgitZBJzXkOPqUm7h65HkfM/sb -2CEJKHxNGGleZIp6GZPKfuzzcuc3B1hZKKxC+cX/zT/npfo4sdAMx9lSGlPWgcxC -ejVb7Us6eva1jsz/D3zkYDaHL63woSV9/9JLEYhwVKZBqGdTUkJe5DSe5L6j7Kpi -Xd3DTKaCQeQzC6zJMw9kglcq/QytNuEMrkvF7zuZ2SOzW120V+x0cAwqTwIDAQAB -o4GgMIGdMAwGA1UdEwQFMAMBAf8wPQYDVR0fBDYwNDAyoDCgLoYsaHR0cDovL2Zl -ZGlyLmNvbXNpZ24uY28uaWwvY3JsL0NvbVNpZ25DQS5jcmwwDgYDVR0PAQH/BAQD -AgGGMB8GA1UdIwQYMBaAFEsBmz5WGmU2dst7l6qSBe4y5ygxMB0GA1UdDgQWBBRL -AZs+VhplNnbLe5eqkgXuMucoMTANBgkqhkiG9w0BAQUFAAOCAQEA0Nmlfv4pYEWd -foPPbrxHbvUanlR2QnG0PFg/LUAlQvaBnPGJEMgOqnhPOAlXsDzACPw1jvFIUY0M -cXS6hMTXcpuEfDhOZAYnKuGntewImbQKDdSFc8gS4TXt8QUxHXOZDOuWyt3T5oWq -8Ir7dcHyCTxlZWTzTNity4hp8+SDtwy9F1qWF8pb/627HOkthIDYIb6FUtnUdLlp -hbpN7Sgy6/lhSuTENh4Z3G+EER+V9YMoGKgzkkMn3V0TBEVPh9VGzT2ouvDzuFYk -Res3x+F2T3I5GN9+dHLHcy056mDmrRGiVod7w2ia/viMcKjfZTL0pECMocJEAw6U -AGegcQCCSA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEMjCCAxqgAwIBAgIBATANBgkqhkiG9w0BAQUFADB7MQswCQYDVQQGEwJHQjEb -MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow -GAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UEAwwYQUFBIENlcnRpZmlj -YXRlIFNlcnZpY2VzMB4XDTA0MDEwMTAwMDAwMFoXDTI4MTIzMTIzNTk1OVowezEL -MAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE -BwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxITAfBgNVBAMM -GEFBQSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczCCASIwDQYJKoZIhvcNAQEBBQADggEP -ADCCAQoCggEBAL5AnfRu4ep2hxxNRUSOvkbIgwadwSr+GB+O5AL686tdUIoWMQua -BtDFcCLNSS1UY8y2bmhGC1Pqy0wkwLxyTurxFa70VJoSCsN6sjNg4tqJVfMiWPPe -3M/vg4aijJRPn2jymJBGhCfHdr/jzDUsi14HZGWCwEiwqJH5YZ92IFCokcdmtet4 -YgNW8IoaE+oxox6gmf049vYnMlhvB/VruPsUK6+3qszWY19zjNoFmag4qMsXeDZR -rOme9Hg6jc8P2ULimAyrL58OAd7vn5lJ8S3frHRNG5i1R8XlKdH5kBjHYpy+g8cm -ez6KJcfA3Z3mNWgQIJ2P2N7Sw4ScDV7oL8kCAwEAAaOBwDCBvTAdBgNVHQ4EFgQU -oBEKIz6W8Qfs4q8p74Klf9AwpLQwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQF -MAMBAf8wewYDVR0fBHQwcjA4oDagNIYyaHR0cDovL2NybC5jb21vZG9jYS5jb20v -QUFBQ2VydGlmaWNhdGVTZXJ2aWNlcy5jcmwwNqA0oDKGMGh0dHA6Ly9jcmwuY29t -b2RvLm5ldC9BQUFDZXJ0aWZpY2F0ZVNlcnZpY2VzLmNybDANBgkqhkiG9w0BAQUF -AAOCAQEACFb8AvCb6P+k+tZ7xkSAzk/ExfYAWMymtrwUSWgEdujm7l3sAg9g1o1Q -GE8mTgHj5rCl7r+8dFRBv/38ErjHT1r0iWAFf2C3BUrz9vHCv8S5dIa2LX1rzNLz -Rt0vxuBqw8M0Ayx9lt1awg6nCpnBBYurDC/zXDrPbDdVCYfeU0BsWO/8tqtlbgT2 -G9w84FoVxp7Z8VlIMCFlA2zs6SFz7JsDoeA3raAVGI/6ugLOpyypEBMs1OUIJqsi -l2D4kF501KKaU73yqWjgom7C12yxow+ev+to51byrvLjKzg6CYG1a4XXvi3tPxq3 -smPi9WIsgtRqAEFQ8TmDn5XpNpaYbg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDoTCCAomgAwIBAgILBAAAAAABD4WqLUgwDQYJKoZIhvcNAQEFBQAwOzEYMBYG -A1UEChMPQ3liZXJ0cnVzdCwgSW5jMR8wHQYDVQQDExZDeWJlcnRydXN0IEdsb2Jh -bCBSb290MB4XDTA2MTIxNTA4MDAwMFoXDTIxMTIxNTA4MDAwMFowOzEYMBYGA1UE -ChMPQ3liZXJ0cnVzdCwgSW5jMR8wHQYDVQQDExZDeWJlcnRydXN0IEdsb2JhbCBS -b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+Mi8vRRQZhP/8NN5 -7CPytxrHjoXxEnOmGaoQ25yiZXRadz5RfVb23CO21O1fWLE3TdVJDm71aofW0ozS -J8bi/zafmGWgE07GKmSb1ZASzxQG9Dvj1Ci+6A74q05IlG2OlTEQXO2iLb3VOm2y -HLtgwEZLAfVJrn5GitB0jaEMAs7u/OePuGtm839EAL9mJRQr3RAwHQeWP032a7iP -t3sMpTjr3kfb1V05/Iin89cqdPHoWqI7n1C6poxFNcJQZZXcY4Lv3b93TZxiyWNz -FtApD0mpSPCzqrdsxacwOUBdrsTiXSZT8M4cIwhhqJQZugRiQOwfOHB3EgZxpzAY -XSUnpQIDAQABo4GlMIGiMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/ -MB0GA1UdDgQWBBS2CHsNesysIEyGVjJez6tuhS1wVzA/BgNVHR8EODA2MDSgMqAw -hi5odHRwOi8vd3d3Mi5wdWJsaWMtdHJ1c3QuY29tL2NybC9jdC9jdHJvb3QuY3Js -MB8GA1UdIwQYMBaAFLYIew16zKwgTIZWMl7Pq26FLXBXMA0GCSqGSIb3DQEBBQUA -A4IBAQBW7wojoFROlZfJ+InaRcHUowAl9B8Tq7ejhVhpwjCt2BWKLePJzYFa+HMj -Wqd8BfP9IjsO0QbE2zZMcwSO5bAi5MXzLqXZI+O4Tkogp24CJJ8iYGd7ix1yCcUx -XOl5n4BHPa2hCwcUPUf/A2kaDAtE52Mlp3+yybh2hO0j9n0Hq0V+09+zv+mKts2o -omcrUtW3ZfA5TGOgkXmTUg9U3YO7n9GPp1Nzw8v/MOx8BLjYRB+TX3EJIrduPuoc -A06dGiBh+4E37F78CkWr1+cXVdCg6mCbpvbjjFspwgZgFJ0tl0ypkxWdYcQBX0jW -WL1WMRJOEcgh4LMRkWXbtKaIOM5V ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEDjCCAvagAwIBAgIDD92sMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNVBAYTAkRF -MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxHzAdBgNVBAMMFkQtVFJVU1QgUm9vdCBD -QSAzIDIwMTMwHhcNMTMwOTIwMDgyNTUxWhcNMjgwOTIwMDgyNTUxWjBFMQswCQYD -VQQGEwJERTEVMBMGA1UECgwMRC1UcnVzdCBHbWJIMR8wHQYDVQQDDBZELVRSVVNU -IFJvb3QgQ0EgMyAyMDEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA -xHtCkoIf7O1UmI4SwMoJ35NuOpNcG+QQd55OaYhs9uFp8vabomGxvQcgdJhl8Ywm -CM2oNcqANtFjbehEeoLDbF7eu+g20sRoNoyfMr2EIuDcwu4QRjltr5M5rofmw7wJ -ySxrZ1vZm3Z1TAvgu8XXvD558l++0ZBX+a72Zl8xv9Ntj6e6SvMjZbu376Ml1wrq -WLbviPr6ebJSWNXwrIyhUXQplapRO5AyA58ccnSQ3j3tYdLl4/1kR+W5t0qp9x+u -loYErC/jpIF3t1oW/9gPP/a3eMykr/pbPBJbqFKJcu+I89VEgYaVI5973bzZNO98 -lDyqwEHC451QGsDkGSL8swIDAQABo4IBBTCCAQEwDwYDVR0TAQH/BAUwAwEB/zAd -BgNVHQ4EFgQUP5DIfccVb/Mkj6nDL0uiDyGyL+cwDgYDVR0PAQH/BAQDAgEGMIG+ -BgNVHR8EgbYwgbMwdKByoHCGbmxkYXA6Ly9kaXJlY3RvcnkuZC10cnVzdC5uZXQv -Q049RC1UUlVTVCUyMFJvb3QlMjBDQSUyMDMlMjAyMDEzLE89RC1UcnVzdCUyMEdt -YkgsQz1ERT9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0MDugOaA3hjVodHRwOi8v -Y3JsLmQtdHJ1c3QubmV0L2NybC9kLXRydXN0X3Jvb3RfY2FfM18yMDEzLmNybDAN -BgkqhkiG9w0BAQsFAAOCAQEADlkOWOR0SCNEzzQhtZwUGq2aS7eziG1cqRdw8Cqf -jXv5e4X6xznoEAiwNStfzwLS05zICx7uBVSuN5MECX1sj8J0vPgclL4xAUAt8yQg -t4RVLFzI9XRKEBmLo8ftNdYJSNMOwLo5qLBGArDbxohZwr78e7Erz35ih1WWzAFv -m2chlTWL+BD8cRu3SzdppjvW7IvuwbDzJcmPkn2h6sPKRL8mpXSSnON065102ctN -h9j8tGlsi6BDB2B4l+nZk3zCRrybN1Kj7Yo8E6l7U0tJmhEFLAtuVqwfLoJs4Gln -tQ5tLdnkwBXxP/oYcuEVbSdbLTAoK59ImmQrme/ydUlfXA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEMzCCAxugAwIBAgIDCYPzMA0GCSqGSIb3DQEBCwUAME0xCzAJBgNVBAYTAkRF -MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxJzAlBgNVBAMMHkQtVFJVU1QgUm9vdCBD -bGFzcyAzIENBIDIgMjAwOTAeFw0wOTExMDUwODM1NThaFw0yOTExMDUwODM1NTha -ME0xCzAJBgNVBAYTAkRFMRUwEwYDVQQKDAxELVRydXN0IEdtYkgxJzAlBgNVBAMM -HkQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgMjAwOTCCASIwDQYJKoZIhvcNAQEB -BQADggEPADCCAQoCggEBANOySs96R+91myP6Oi/WUEWJNTrGa9v+2wBoqOADER03 -UAifTUpolDWzU9GUY6cgVq/eUXjsKj3zSEhQPgrfRlWLJ23DEE0NkVJD2IfgXU42 -tSHKXzlABF9bfsyjxiupQB7ZNoTWSPOSHjRGICTBpFGOShrvUD9pXRl/RcPHAY9R -ySPocq60vFYJfxLLHLGvKZAKyVXMD9O0Gu1HNVpK7ZxzBCHQqr0ME7UAyiZsxGsM -lFqVlNpQmvH/pStmMaTJOKDfHR+4CS7zp+hnUquVH+BGPtikw8paxTGA6Eian5Rp -/hnd2HN8gcqW3o7tszIFZYQ05ub9VxC1X3a/L7AQDcUCAwEAAaOCARowggEWMA8G -A1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFP3aFMSfMN4hvR5COfyrYyNJ4PGEMA4G -A1UdDwEB/wQEAwIBBjCB0wYDVR0fBIHLMIHIMIGAoH6gfIZ6bGRhcDovL2RpcmVj -dG9yeS5kLXRydXN0Lm5ldC9DTj1ELVRSVVNUJTIwUm9vdCUyMENsYXNzJTIwMyUy -MENBJTIwMiUyMDIwMDksTz1ELVRydXN0JTIwR21iSCxDPURFP2NlcnRpZmljYXRl -cmV2b2NhdGlvbmxpc3QwQ6BBoD+GPWh0dHA6Ly93d3cuZC10cnVzdC5uZXQvY3Js -L2QtdHJ1c3Rfcm9vdF9jbGFzc18zX2NhXzJfMjAwOS5jcmwwDQYJKoZIhvcNAQEL -BQADggEBAH+X2zDI36ScfSF6gHDOFBJpiBSVYEQBrLLpME+bUMJm2H6NMLVwMeni -acfzcNsgFYbQDfC+rAF1hM5+n02/t2A7nPPKHeJeaNijnZflQGDSNiH+0LS4F9p0 -o3/U37CYAqxva2ssJSRyoWXuJVrl5jLn8t+rSfrzkGkj2wTZ51xY/GXUl77M/C4K -zCUqNQT4YJEVdT1B/yMfGchs64JTBKbkTCJNjYy6zltz7GRUUG3RnFX7acM2w4y8 -PIWmawomDeCTmGCufsYkl4phX5GOZpIJhzbNi5stPvZR1FDUWSi9g/LMKHtThm3Y -Johw1+qRzT65ysCQblrGXnRl11z+o+I= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEQzCCAyugAwIBAgIDCYP0MA0GCSqGSIb3DQEBCwUAMFAxCzAJBgNVBAYTAkRF -MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxKjAoBgNVBAMMIUQtVFJVU1QgUm9vdCBD -bGFzcyAzIENBIDIgRVYgMjAwOTAeFw0wOTExMDUwODUwNDZaFw0yOTExMDUwODUw -NDZaMFAxCzAJBgNVBAYTAkRFMRUwEwYDVQQKDAxELVRydXN0IEdtYkgxKjAoBgNV -BAMMIUQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgRVYgMjAwOTCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAJnxhDRwui+3MKCOvXwEz75ivJn9gpfSegpn -ljgJ9hBOlSJzmY3aFS3nBfwZcyK3jpgAvDw9rKFs+9Z5JUut8Mxk2og+KbgPCdM0 -3TP1YtHhzRnp7hhPTFiu4h7WDFsVWtg6uMQYZB7jM7K1iXdODL/ZlGsTl28So/6Z -qQTMFexgaDbtCHu39b+T7WYxg4zGcTSHThfqr4uRjRxWQa4iN1438h3Z0S0NL2lR -p75mpoo6Kr3HGrHhFPC+Oh25z1uxav60sUYgovseO3Dvk5h9jHOW8sXvhXCtKSb8 -HgQ+HKDYD8tSg2J87otTlZCpV6LqYQXY+U3EJ/pure3511H3a6UCAwEAAaOCASQw -ggEgMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNOUikxiEyoZLsyvcop9Ntea -HNxnMA4GA1UdDwEB/wQEAwIBBjCB3QYDVR0fBIHVMIHSMIGHoIGEoIGBhn9sZGFw -Oi8vZGlyZWN0b3J5LmQtdHJ1c3QubmV0L0NOPUQtVFJVU1QlMjBSb290JTIwQ2xh -c3MlMjAzJTIwQ0ElMjAyJTIwRVYlMjAyMDA5LE89RC1UcnVzdCUyMEdtYkgsQz1E -RT9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0MEagRKBChkBodHRwOi8vd3d3LmQt -dHJ1c3QubmV0L2NybC9kLXRydXN0X3Jvb3RfY2xhc3NfM19jYV8yX2V2XzIwMDku -Y3JsMA0GCSqGSIb3DQEBCwUAA4IBAQA07XtaPKSUiO8aEXUHL7P+PPoeUSbrh/Yp -3uDx1MYkCenBz1UbtDDZzhr+BlGmFaQt77JLvyAoJUnRpjZ3NOhk31KxEcdzes05 -nsKtjHEh8lprr988TlWvsoRlFIm5d8sqMb7Po23Pb0iUMkZv53GMoKaEGTcH8gNF -CSuGdXzfX2lXANtu2KZyIktQ1HWYVt+3GP9DQ1CuekR78HlR10M9p9OB0/DJT7na -xpeG0ILD5EJt/rDiZE4OJudANCa1CInXCGNjOCd1HjPqbqjdn5lPdE2BiYBL3ZqX -KVwvvoFBuYz/6n1gBp7N1z3TLqMVvKjmJuVvw9y4AyHqnxbxLFS1 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/ -MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT -DkRTVCBSb290IENBIFgzMB4XDTAwMDkzMDIxMTIxOVoXDTIxMDkzMDE0MDExNVow -PzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQD -Ew5EU1QgUm9vdCBDQSBYMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB -AN+v6ZdQCINXtMxiZfaQguzH0yxrMMpb7NnDfcdAwRgUi+DoM3ZJKuM/IUmTrE4O -rz5Iy2Xu/NMhD2XSKtkyj4zl93ewEnu1lcCJo6m67XMuegwGMoOifooUMM0RoOEq -OLl5CjH9UL2AZd+3UWODyOKIYepLYYHsUmu5ouJLGiifSKOeDNoJjj4XLh7dIN9b -xiqKqy69cK3FCxolkHRyxXtqqzTWMIn/5WgTe1QLyNau7Fqckh49ZLOMxt+/yUFw -7BZy1SbsOFU5Q9D8/RhcQPGX69Wam40dutolucbY38EVAjqr2m7xPi71XAicPNaD -aeQQmxkqtilX4+U9m5/wAl0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNV -HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMSnsaR7LHH62+FLkHX/xBVghYkQMA0GCSqG -SIb3DQEBBQUAA4IBAQCjGiybFwBcqR7uKGY3Or+Dxz9LwwmglSBd49lZRNI+DT69 -ikugdB/OEIKcdBodfpga3csTS7MgROSR6cz8faXbauX+5v3gTt23ADq1cEmv8uXr -AvHRAosZy5Q6XkjEGB5YGV8eAlrwDPGxrancWYaLbumR9YbK+rlmM6pZW87ipxZz -R8srzJmwN0jP41ZL9c8PDHIyh8bwRLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5 -JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubSfZGL+T0yjWW06XyxV3bqxbYo -Ob8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDnzCCAoegAwIBAgIBJjANBgkqhkiG9w0BAQUFADBxMQswCQYDVQQGEwJERTEc -MBoGA1UEChMTRGV1dHNjaGUgVGVsZWtvbSBBRzEfMB0GA1UECxMWVC1UZWxlU2Vj -IFRydXN0IENlbnRlcjEjMCEGA1UEAxMaRGV1dHNjaGUgVGVsZWtvbSBSb290IENB -IDIwHhcNOTkwNzA5MTIxMTAwWhcNMTkwNzA5MjM1OTAwWjBxMQswCQYDVQQGEwJE -RTEcMBoGA1UEChMTRGV1dHNjaGUgVGVsZWtvbSBBRzEfMB0GA1UECxMWVC1UZWxl -U2VjIFRydXN0IENlbnRlcjEjMCEGA1UEAxMaRGV1dHNjaGUgVGVsZWtvbSBSb290 -IENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrC6M14IspFLEU -ha88EOQ5bzVdSq7d6mGNlUn0b2SjGmBmpKlAIoTZ1KXleJMOaAGtuU1cOs7TuKhC -QN/Po7qCWWqSG6wcmtoIKyUn+WkjR/Hg6yx6m/UTAtB+NHzCnjwAWav12gz1Mjwr -rFDa1sPeg5TKqAyZMg4ISFZbavva4VhYAUlfckE8FQYBjl2tqriTtM2e66foai1S -NNs671x1Udrb8zH57nGYMsRUFUQM+ZtV7a3fGAigo4aKSe5TBY8ZTNXeWHmb0moc -QqvF1afPaA+W5OFhmHZhyJF81j4A4pFQh+GdCuatl9Idxjp9y7zaAzTVjlsB9WoH -txa2bkp/AgMBAAGjQjBAMB0GA1UdDgQWBBQxw3kbuvVT1xfgiXotF2wKsyudMzAP -BgNVHRMECDAGAQH/AgEFMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOC -AQEAlGRZrTlk5ynrE/5aw4sTV8gEJPB0d8Bg42f76Ymmg7+Wgnxu1MM9756Abrsp -tJh6sTtU6zkXR34ajgv8HzFZMQSyzhfzLMdiNlXiItiJVbSYSKpk+tYcNthEeFpa -IzpXl/V6ME+un2pMSyuOoAPjPuCp1NJ70rOo4nI8rZ7/gFnkm0W09juwzTkZmDLl -6iFhkOQxIY40sfcvNUqFENrnijchvllj4PKFiDFT1FQUhXB59C4Gdyd1Lx+4ivn+ -xbrYNuSD7Odlt79jWvNGr4GUN9RBjNYj1h7P9WgbRGOiWrqnNVmh5XAFmw4jV5mU -Cm26OWMohpLzGITY+9HPBVZkVw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDtzCCAp+gAwIBAgIQDOfg5RfYRv6P5WD8G/AwOTANBgkqhkiG9w0BAQUFADBl -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv -b3QgQ0EwHhcNMDYxMTEwMDAwMDAwWhcNMzExMTEwMDAwMDAwWjBlMQswCQYDVQQG -EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNl -cnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgQ0EwggEi -MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtDhXO5EOAXLGH87dg+XESpa7c -JpSIqvTO9SA5KFhgDPiA2qkVlTJhPLWxKISKityfCgyDF3qPkKyK53lTXDGEKvYP -mDI2dsze3Tyoou9q+yHyUmHfnyDXH+Kx2f4YZNISW1/5WBg1vEfNoTb5a3/UsDg+ -wRvDjDPZ2C8Y/igPs6eD1sNuRMBhNZYW/lmci3Zt1/GiSw0r/wty2p5g0I6QNcZ4 -VYcgoc/lbQrISXwxmDNsIumH0DJaoroTghHtORedmTpyoeb6pNnVFzF1roV9Iq4/ -AUaG9ih5yLHa5FcXxH4cDrC0kqZWs72yl+2qp/C3xag/lRbQ/6GW6whfGHdPAgMB -AAGjYzBhMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQW -BBRF66Kv9JLLgjEtUYunpyGd823IDzAfBgNVHSMEGDAWgBRF66Kv9JLLgjEtUYun -pyGd823IDzANBgkqhkiG9w0BAQUFAAOCAQEAog683+Lt8ONyc3pklL/3cmbYMuRC -dWKuh+vy1dneVrOfzM4UKLkNl2BcEkxY5NM9g0lFWJc1aRqoR+pWxnmrEthngYTf -fwk8lOa4JiwgvT2zKIn3X/8i4peEH+ll74fg38FnSbNd67IJKusm7Xi+fT8r87cm -NW1fiQG2SVufAQWbqz0lwcy2f8Lxb4bG+mRo64EtlOtCt/qMHt1i8b5QZ7dsvfPx -H2sMNgcWfzd8qVttevESRmCD1ycEvkvOl77DZypoEd+A5wwzZr8TDRRu838fYxAe -+o0bJW1sj6W3YQGx0qMmoRBxna3iw/nDmVG3KwcIzi7mULKn+gpFL6Lw8g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDljCCAn6gAwIBAgIQC5McOtY5Z+pnI7/Dr5r0SzANBgkqhkiG9w0BAQsFADBl -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv -b3QgRzIwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1MTIwMDAwWjBlMQswCQYDVQQG -EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNl -cnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgRzIwggEi -MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ5ygvUj82ckmIkzTz+GoeMVSA -n61UQbVH35ao1K+ALbkKz3X9iaV9JPrjIgwrvJUXCzO/GU1BBpAAvQxNEP4Htecc -biJVMWWXvdMX0h5i89vqbFCMP4QMls+3ywPgym2hFEwbid3tALBSfK+RbLE4E9Hp -EgjAALAcKxHad3A2m67OeYfcgnDmCXRwVWmvo2ifv922ebPynXApVfSr/5Vh88lA -bx3RvpO704gqu52/clpWcTs/1PPRCv4o76Pu2ZmvA9OPYLfykqGxvYmJHzDNw6Yu -YjOuFgJ3RFrngQo8p0Quebg/BLxcoIfhG69Rjs3sLPr4/m3wOnyqi+RnlTGNAgMB -AAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQW -BBTOw0q5mVXyuNtgv6l+vVa1lzan1jANBgkqhkiG9w0BAQsFAAOCAQEAyqVVjOPI -QW5pJ6d1Ee88hjZv0p3GeDgdaZaikmkuOGybfQTUiaWxMTeKySHMq2zNixya1r9I -0jJmwYrA8y8678Dj1JGG0VDjA9tzd29KOVPt3ibHtX2vK0LRdWLjSisCx1BL4Gni -lmwORGYQRI+tBev4eaymG+g3NJ1TyWGqolKvSnAWhsI6yLETcDbYz+70CjTVW0z9 -B5yiutkBclzzTcHdDrEcDcRjvq30FPuJ7KJBDkzMyFdA0G4Dqs0MjomZmWzwPDCv -ON9vvKO+KSAnq3T/EyJ43pdSVR6DtVQgA+6uwE9W3jfMw3+qBCe703e4YtsXfJwo -IhNzbM8m9Yop5w== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICRjCCAc2gAwIBAgIQC6Fa+h3foLVJRK/NJKBs7DAKBggqhkjOPQQDAzBlMQsw -CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu -ZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3Qg -RzMwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1MTIwMDAwWjBlMQswCQYDVQQGEwJV -UzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQu -Y29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgRzMwdjAQBgcq -hkjOPQIBBgUrgQQAIgNiAAQZ57ysRGXtzbg/WPuNsVepRC0FFfLvC/8QdJ+1YlJf -Zn4f5dwbRXkLzMZTCp2NXQLZqVneAlr2lSoOjThKiknGvMYDOAdfVdp+CW7if17Q -RSAPWXYQ1qAk8C3eNvJsKTmjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/ -BAQDAgGGMB0GA1UdDgQWBBTL0L2p4ZgFUaFNN6KDec6NHSrkhDAKBggqhkjOPQQD -AwNnADBkAjAlpIFFAmsSS3V0T8gj43DydXLefInwz5FyYZ5eEJJZVrmDxxDnOOlY -JjZ91eQ0hjkCMHw2U/Aw5WJjOpnitqM7mzT6HtoQknFekROn3aRukswy1vUhZscv -6pZjamVFkpUBtA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD -QTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT -MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j -b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG -9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB -CSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97 -nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt -43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P -T19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4 -gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO -BgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR -TLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw -DQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr -hMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg -06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF -PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls -YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk -CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDjjCCAnagAwIBAgIQAzrx5qcRqaC7KGSxHQn65TANBgkqhkiG9w0BAQsFADBh -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH -MjAeFw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAwMDBaMGExCzAJBgNVBAYTAlVT -MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j -b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEcyMIIBIjANBgkqhkiG -9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzfNNNx7a8myaJCtSnX/RrohCgiN9RlUyfuI -2/Ou8jqJkTx65qsGGmvPrC3oXgkkRLpimn7Wo6h+4FR1IAWsULecYxpsMNzaHxmx -1x7e/dfgy5SDN67sH0NO3Xss0r0upS/kqbitOtSZpLYl6ZtrAGCSYP9PIUkY92eQ -q2EGnI/yuum06ZIya7XzV+hdG82MHauVBJVJ8zUtluNJbd134/tJS7SsVQepj5Wz -tCO7TG1F8PapspUwtP1MVYwnSlcUfIKdzXOS0xZKBgyMUNGPHgm+F6HmIcr9g+UQ -vIOlCsRnKPZzFBQ9RnbDhxSJITRNrw9FDKZJobq7nMWxM4MphQIDAQABo0IwQDAP -BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUTiJUIBiV -5uNu5g/6+rkS7QYXjzkwDQYJKoZIhvcNAQELBQADggEBAGBnKJRvDkhj6zHd6mcY -1Yl9PMWLSn/pvtsrF9+wX3N3KjITOYFnQoQj8kVnNeyIv/iPsGEMNKSuIEyExtv4 -NeF22d+mQrvHRAiGfzZ0JFrabA0UWTW98kndth/Jsw1HKj2ZL7tcu7XUIOGZX1NG -Fdtom/DzMNU+MeKNhJ7jitralj41E6Vf8PlwUHBHQRFXGU7Aj64GxJUTFy8bJZ91 -8rGOmaFvE7FBcf6IKshPECBV1/MUReXgRPTqh5Uykw7+U0b6LJ3/iyK5S9kJRaTe -pLiaWN0bfVKfjllDiIGknibVb63dDcY3fe0Dkhvld1927jyNxF1WW6LZZm6zNTfl -MrY= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICPzCCAcWgAwIBAgIQBVVWvPJepDU1w6QP1atFcjAKBggqhkjOPQQDAzBhMQsw -CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu -ZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBHMzAe -Fw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAwMDBaMGExCzAJBgNVBAYTAlVTMRUw -EwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20x -IDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEczMHYwEAYHKoZIzj0CAQYF -K4EEACIDYgAE3afZu4q4C/sLfyHS8L6+c/MzXRq8NOrexpu80JX28MzQC7phW1FG -fp4tn+6OYwwX7Adw9c+ELkCDnOg/QW07rdOkFFk2eJ0DQ+4QE2xy3q6Ip6FrtUPO -Z9wj/wMco+I+o0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAd -BgNVHQ4EFgQUs9tIpPmhxdiuNkHMEWNpYim8S8YwCgYIKoZIzj0EAwMDaAAwZQIx -AK288mw/EkrRLTnDCgmXc/SINoyIJ7vmiI1Qhadj+Z4y3maTD/HMsQmP3Wyr+mt/ -oAIwOWZbwmSNuJ5Q3KjVSaLtx9zRSX8XAbjIho9OjIgrqJqpisXRAL34VOKa5Vt8 -sycX ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDxTCCAq2gAwIBAgIQAqxcJmoLQJuPC3nyrkYldzANBgkqhkiG9w0BAQUFADBs -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j -ZSBFViBSb290IENBMB4XDTA2MTExMDAwMDAwMFoXDTMxMTExMDAwMDAwMFowbDEL -MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3 -LmRpZ2ljZXJ0LmNvbTErMCkGA1UEAxMiRGlnaUNlcnQgSGlnaCBBc3N1cmFuY2Ug -RVYgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMbM5XPm -+9S75S0tMqbf5YE/yc0lSbZxKsPVlDRnogocsF9ppkCxxLeyj9CYpKlBWTrT3JTW -PNt0OKRKzE0lgvdKpVMSOO7zSW1xkX5jtqumX8OkhPhPYlG++MXs2ziS4wblCJEM -xChBVfvLWokVfnHoNb9Ncgk9vjo4UFt3MRuNs8ckRZqnrG0AFFoEt7oT61EKmEFB -Ik5lYYeBQVCmeVyJ3hlKV9Uu5l0cUyx+mM0aBhakaHPQNAQTXKFx01p8VdteZOE3 -hzBWBOURtCmAEvF5OYiiAhF8J2a3iLd48soKqDirCmTCv2ZdlYTBoSUeh10aUAsg -EsxBu24LUTi4S8sCAwEAAaNjMGEwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQF -MAMBAf8wHQYDVR0OBBYEFLE+w2kD+L9HAdSYJhoIAu9jZCvDMB8GA1UdIwQYMBaA -FLE+w2kD+L9HAdSYJhoIAu9jZCvDMA0GCSqGSIb3DQEBBQUAA4IBAQAcGgaX3Nec -nzyIZgYIVyHbIUf4KmeqvxgydkAQV8GK83rZEWWONfqe/EW1ntlMMUu4kehDLI6z -eM7b41N5cdblIZQB2lWHmiRk9opmzN6cN82oNLFpmyPInngiK3BD41VHMWEZ71jF -hS9OMPagMRYjyOfiZRYzy78aG6A9+MpeizGLYAiJLQwGXFK3xPkKmNEVX58Svnw2 -Yzi9RKR/5CYrCsSXaQ3pjOLAEFe4yHYSkVXySGnYvCoCWw9E1CAx2/S6cCZdkGCe -vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep -+OkuE6N36B9K ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFkDCCA3igAwIBAgIQBZsbV56OITLiOQe9p3d1XDANBgkqhkiG9w0BAQwFADBi -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSEwHwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3Qg -RzQwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1MTIwMDAwWjBiMQswCQYDVQQGEwJV -UzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQu -Y29tMSEwHwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3QgRzQwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQC/5pBzaN675F1KPDAiMGkz7MKnJS7JIT3y -ithZwuEppz1Yq3aaza57G4QNxDAf8xukOBbrVsaXbR2rsnnyyhHS5F/WBTxSD1If -xp4VpX6+n6lXFllVcq9ok3DCsrp1mWpzMpTREEQQLt+C8weE5nQ7bXHiLQwb7iDV -ySAdYyktzuxeTsiT+CFhmzTrBcZe7FsavOvJz82sNEBfsXpm7nfISKhmV1efVFiO -DCu3T6cw2Vbuyntd463JT17lNecxy9qTXtyOj4DatpGYQJB5w3jHtrHEtWoYOAMQ -jdjUN6QuBX2I9YI+EJFwq1WCQTLX2wRzKm6RAXwhTNS8rhsDdV14Ztk6MUSaM0C/ -CNdaSaTC5qmgZ92kJ7yhTzm1EVgX9yRcRo9k98FpiHaYdj1ZXUJ2h4mXaXpI8OCi -EhtmmnTK3kse5w5jrubU75KSOp493ADkRSWJtppEGSt+wJS00mFt6zPZxd9LBADM -fRyVw4/3IbKyEbe7f/LVjHAsQWCqsWMYRJUadmJ+9oCw++hkpjPRiQfhvbfmQ6QY -uKZ3AeEPlAwhHbJUKSWJbOUOUlFHdL4mrLZBdd56rF+NP8m800ERElvlEFDrMcXK -chYiCd98THU/Y+whX8QgUWtvsauGi0/C1kVfnSD8oR7FwI+isX4KJpn15GkvmB0t -9dmpsh3lGwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB -hjAdBgNVHQ4EFgQU7NfjgtJxXWRM3y5nP+e6mK4cD08wDQYJKoZIhvcNAQEMBQAD -ggIBALth2X2pbL4XxJEbw6GiAI3jZGgPVs93rnD5/ZpKmbnJeFwMDF/k5hQpVgs2 -SV1EY+CtnJYYZhsjDT156W1r1lT40jzBQ0CuHVD1UvyQO7uYmWlrx8GnqGikJ9yd -+SeuMIW59mdNOj6PWTkiU0TryF0Dyu1Qen1iIQqAyHNm0aAFYF/opbSnr6j3bTWc -fFqK1qI4mfN4i/RN0iAL3gTujJtHgXINwBQy7zBZLq7gcfJW5GqXb5JQbZaNaHqa -sjYUegbyJLkJEVDXCLG4iXqEI2FCKeWjzaIgQdfRnGTZ6iahixTXTBmyUEFxPT9N -cCOGDErcgdLMMpSEDQgJlxxPwO5rIHQw0uA5NBCFIRUBCOhVMt5xSdkoF1BN5r5N -0XWs0Mr7QbhDparTwwVETyw2m+L64kW4I1NsBm9nVX9GtUw/bihaeSbSpKhil9Ie -4u1Ki7wb/UdKDd9nZn6yW0HQO+T0O/QEY+nvwlQAUaCKKsnOeMzV6ocEGLPOr0mI -r/OSmbaz5mEP0oUA51Aa5BuVnRmhuZyxm7EAHu/QD09CbMkKvO5D+jpxpchNJqU1 -/YldvIViHTLSoCtU7ZpXwdv6EM8Zt4tKG48BtieVU+i2iW1bvGjUI+iLUaJW+fCm -gKDWHrO8Dw9TdSmq6hN35N6MgSGtBxBHEa2HPQfRdbzP82Z+ ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIGSzCCBDOgAwIBAgIIamg+nFGby1MwDQYJKoZIhvcNAQELBQAwgbIxCzAJBgNV -BAYTAlRSMQ8wDQYDVQQHDAZBbmthcmExQDA+BgNVBAoMN0UtVHXEn3JhIEVCRyBC -aWxpxZ9pbSBUZWtub2xvamlsZXJpIHZlIEhpem1ldGxlcmkgQS7Fni4xJjAkBgNV -BAsMHUUtVHVncmEgU2VydGlmaWthc3lvbiBNZXJrZXppMSgwJgYDVQQDDB9FLVR1 -Z3JhIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTEzMDMwNTEyMDk0OFoXDTIz -MDMwMzEyMDk0OFowgbIxCzAJBgNVBAYTAlRSMQ8wDQYDVQQHDAZBbmthcmExQDA+ -BgNVBAoMN0UtVHXEn3JhIEVCRyBCaWxpxZ9pbSBUZWtub2xvamlsZXJpIHZlIEhp -em1ldGxlcmkgQS7Fni4xJjAkBgNVBAsMHUUtVHVncmEgU2VydGlmaWthc3lvbiBN -ZXJrZXppMSgwJgYDVQQDDB9FLVR1Z3JhIENlcnRpZmljYXRpb24gQXV0aG9yaXR5 -MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA4vU/kwVRHoViVF56C/UY -B4Oufq9899SKa6VjQzm5S/fDxmSJPZQuVIBSOTkHS0vdhQd2h8y/L5VMzH2nPbxH -D5hw+IyFHnSOkm0bQNGZDbt1bsipa5rAhDGvykPL6ys06I+XawGb1Q5KCKpbknSF -Q9OArqGIW66z6l7LFpp3RMih9lRozt6Plyu6W0ACDGQXwLWTzeHxE2bODHnv0ZEo -q1+gElIwcxmOj+GMB6LDu0rw6h8VqO4lzKRG+Bsi77MOQ7osJLjFLFzUHPhdZL3D -k14opz8n8Y4e0ypQBaNV2cvnOVPAmJ6MVGKLJrD3fY185MaeZkJVgkfnsliNZvcH -fC425lAcP9tDJMW/hkd5s3kc91r0E+xs+D/iWR+V7kI+ua2oMoVJl0b+SzGPWsut -dEcf6ZG33ygEIqDUD13ieU/qbIWGvaimzuT6w+Gzrt48Ue7LE3wBf4QOXVGUnhMM -ti6lTPk5cDZvlsouDERVxcr6XQKj39ZkjFqzAQqptQpHF//vkUAqjqFGOjGY5RH8 -zLtJVor8udBhmm9lbObDyz51Sf6Pp+KJxWfXnUYTTjF2OySznhFlhqt/7x3U+Lzn -rFpct1pHXFXOVbQicVtbC/DP3KBhZOqp12gKY6fgDT+gr9Oq0n7vUaDmUStVkhUX -U8u3Zg5mTPj5dUyQ5xJwx0UCAwEAAaNjMGEwHQYDVR0OBBYEFC7j27JJ0JxUeVz6 -Jyr+zE7S6E5UMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAULuPbsknQnFR5 -XPonKv7MTtLoTlQwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4ICAQAF -Nzr0TbdF4kV1JI+2d1LoHNgQk2Xz8lkGpD4eKexd0dCrfOAKkEh47U6YA5n+KGCR -HTAduGN8qOY1tfrTYXbm1gdLymmasoR6d5NFFxWfJNCYExL/u6Au/U5Mh/jOXKqY -GwXgAEZKgoClM4so3O0409/lPun++1ndYYRP0lSWE2ETPo+Aab6TR7U1Q9Jauz1c -77NCR807VRMGsAnb/WP2OogKmW9+4c4bU2pEZiNRCHu8W1Ki/QY3OEBhj0qWuJA3 -+GbHeJAAFS6LrVE1Uweoa2iu+U48BybNCAVwzDk/dr2l02cmAYamU9JgO3xDf1WK -vJUawSg5TB9D0pH0clmKuVb8P7Sd2nCcdlqMQ1DujjByTd//SffGqWfZbawCEeI6 -FiWnWAjLb1NBnEg4R2gz0dfHj9R0IdTDBZB6/86WiLEVKV0jq9BgoRJP3vQXzTLl -yb/IQ639Lo7xr+L0mPoSHyDYwKcMhcWQ9DstliaxLL5Mq+ux0orJ23gTDx4JnW2P -AJ8C2sH6H3p6CcRK5ogql5+Ji/03X186zjhZhkuvcQu02PJwT58yE+Owp1fl2tpD -y4Q08ijE6m30Ku/Ba3ba+367hTzSU8JNvnHhRdH9I2cNE3X7z2VnIp2usAnRCf8d -NL/+I5c30jn6PQ0GC7TbO6Orb1wdtn7os4I07QZcJA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFVjCCBD6gAwIBAgIQ7is969Qh3hSoYqwE893EATANBgkqhkiG9w0BAQUFADCB -8zELMAkGA1UEBhMCRVMxOzA5BgNVBAoTMkFnZW5jaWEgQ2F0YWxhbmEgZGUgQ2Vy -dGlmaWNhY2lvIChOSUYgUS0wODAxMTc2LUkpMSgwJgYDVQQLEx9TZXJ2ZWlzIFB1 -YmxpY3MgZGUgQ2VydGlmaWNhY2lvMTUwMwYDVQQLEyxWZWdldSBodHRwczovL3d3 -dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbCAoYykwMzE1MDMGA1UECxMsSmVyYXJxdWlh -IEVudGl0YXRzIGRlIENlcnRpZmljYWNpbyBDYXRhbGFuZXMxDzANBgNVBAMTBkVD -LUFDQzAeFw0wMzAxMDcyMzAwMDBaFw0zMTAxMDcyMjU5NTlaMIHzMQswCQYDVQQG -EwJFUzE7MDkGA1UEChMyQWdlbmNpYSBDYXRhbGFuYSBkZSBDZXJ0aWZpY2FjaW8g -KE5JRiBRLTA4MDExNzYtSSkxKDAmBgNVBAsTH1NlcnZlaXMgUHVibGljcyBkZSBD -ZXJ0aWZpY2FjaW8xNTAzBgNVBAsTLFZlZ2V1IGh0dHBzOi8vd3d3LmNhdGNlcnQu -bmV0L3ZlcmFycmVsIChjKTAzMTUwMwYDVQQLEyxKZXJhcnF1aWEgRW50aXRhdHMg -ZGUgQ2VydGlmaWNhY2lvIENhdGFsYW5lczEPMA0GA1UEAxMGRUMtQUNDMIIBIjAN -BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyLHT+KXQpWIR4NA9h0X84NzJB5R -85iKw5K4/0CQBXCHYMkAqbWUZRkiFRfCQ2xmRJoNBD45b6VLeqpjt4pEndljkYRm -4CgPukLjbo73FCeTae6RDqNfDrHrZqJyTxIThmV6PttPB/SnCWDaOkKZx7J/sxaV -HMf5NLWUhdWZXqBIoH7nF2W4onW4HvPlQn2v7fOKSGRdghST2MDk/7NQcvJ29rNd -QlB50JQ+awwAvthrDk4q7D7SzIKiGGUzE3eeml0aE9jD2z3Il3rucO2n5nzbcc8t -lGLfbdb1OL4/pYUKGbio2Al1QnDE6u/LDsg0qBIimAy4E5S2S+zw0JDnJwIDAQAB -o4HjMIHgMB0GA1UdEQQWMBSBEmVjX2FjY0BjYXRjZXJ0Lm5ldDAPBgNVHRMBAf8E -BTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUoMOLRKo3pUW/l4Ba0fF4 -opvpXY0wfwYDVR0gBHgwdjB0BgsrBgEEAfV4AQMBCjBlMCwGCCsGAQUFBwIBFiBo -dHRwczovL3d3dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbDA1BggrBgEFBQcCAjApGidW -ZWdldSBodHRwczovL3d3dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbCAwDQYJKoZIhvcN -AQEFBQADggEBAKBIW4IB9k1IuDlVNZyAelOZ1Vr/sXE7zDkJlF7W2u++AVtd0x7Y -/X1PzaBB4DSTv8vihpw3kpBWHNzrKQXlxJ7HNd+KDM3FIUPpqojlNcAZQmNaAl6k -SBg6hW/cnbw/nZzBh7h6YQjpdwt/cKt63dmXLGQehb+8dJahw3oS7AwaboMMPOhy -Rp/7SNVel+axofjk70YllJyJ22k4vuxcDlbHZVHlUIiIv0LVKz3l+bqeLrPK9HOS -Agu+TGbrIP65y7WZf+a2E/rKS03Z7lNGBjvGTq2TWoF+bCpLagVFjPIhpDGQh2xl -nJ2lYJU6Un/10asIbvPuW/mIPX64b24D5EI= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEAzCCAuugAwIBAgIQVID5oHPtPwBMyonY43HmSjANBgkqhkiG9w0BAQUFADB1 -MQswCQYDVQQGEwJFRTEiMCAGA1UECgwZQVMgU2VydGlmaXRzZWVyaW1pc2tlc2t1 -czEoMCYGA1UEAwwfRUUgQ2VydGlmaWNhdGlvbiBDZW50cmUgUm9vdCBDQTEYMBYG -CSqGSIb3DQEJARYJcGtpQHNrLmVlMCIYDzIwMTAxMDMwMTAxMDMwWhgPMjAzMDEy -MTcyMzU5NTlaMHUxCzAJBgNVBAYTAkVFMSIwIAYDVQQKDBlBUyBTZXJ0aWZpdHNl -ZXJpbWlza2Vza3VzMSgwJgYDVQQDDB9FRSBDZXJ0aWZpY2F0aW9uIENlbnRyZSBS -b290IENBMRgwFgYJKoZIhvcNAQkBFglwa2lAc2suZWUwggEiMA0GCSqGSIb3DQEB -AQUAA4IBDwAwggEKAoIBAQDIIMDs4MVLqwd4lfNE7vsLDP90jmG7sWLqI9iroWUy -euuOF0+W2Ap7kaJjbMeMTC55v6kF/GlclY1i+blw7cNRfdCT5mzrMEvhvH2/UpvO -bntl8jixwKIy72KyaOBhU8E2lf/slLo2rpwcpzIP5Xy0xm90/XsY6KxX7QYgSzIw -WFv9zajmofxwvI6Sc9uXp3whrj3B9UiHbCe9nyV0gVWw93X2PaRka9ZP585ArQ/d -MtO8ihJTmMmJ+xAdTX7Nfh9WDSFwhfYggx/2uh8Ej+p3iDXE/+pOoYtNP2MbRMNE -1CV2yreN1x5KZmTNXMWcg+HCCIia7E6j8T4cLNlsHaFLAgMBAAGjgYowgYcwDwYD -VR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFBLyWj7qVhy/ -zQas8fElyalL1BSZMEUGA1UdJQQ+MDwGCCsGAQUFBwMCBggrBgEFBQcDAQYIKwYB -BQUHAwMGCCsGAQUFBwMEBggrBgEFBQcDCAYIKwYBBQUHAwkwDQYJKoZIhvcNAQEF -BQADggEBAHv25MANqhlHt01Xo/6tu7Fq1Q+e2+RjxY6hUFaTlrg4wCQiZrxTFGGV -v9DHKpY5P30osxBAIWrEr7BSdxjhlthWXePdNl4dp1BUoMUq5KqMlIpPnTX/dqQG -E5Gion0ARD9V04I8GtVbvFZMIi5GQ4okQC3zErg7cBqklrkar4dBGmoYDQZPxz5u -uSlNDUmJEYcyW+ZLBMjkXOZ0c5RdFpgTlf7727FE5TpwrDdr5rMzcijJs1eg9gIW -iAYLtqZLICjU3j2LrTcFU3T+bsy8QxdxXvnFzBqpYe73dgzzcvRyrc9yAjYHR8/v -GVCJYMzpJJUPwssd8m92kMfMdcGWxZ0= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEKjCCAxKgAwIBAgIEOGPe+DANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChML -RW50cnVzdC5uZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNfMjA0OCBp -bmNvcnAuIGJ5IHJlZi4gKGxpbWl0cyBsaWFiLikxJTAjBgNVBAsTHChjKSAxOTk5 -IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNVBAMTKkVudHJ1c3QubmV0IENlcnRp -ZmljYXRpb24gQXV0aG9yaXR5ICgyMDQ4KTAeFw05OTEyMjQxNzUwNTFaFw0yOTA3 -MjQxNDE1MTJaMIG0MRQwEgYDVQQKEwtFbnRydXN0Lm5ldDFAMD4GA1UECxQ3d3d3 -LmVudHJ1c3QubmV0L0NQU18yMDQ4IGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxp -YWIuKTElMCMGA1UECxMcKGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDEzMDEG -A1UEAxMqRW50cnVzdC5uZXQgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgKDIwNDgp -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArU1LqRKGsuqjIAcVFmQq -K0vRvwtKTY7tgHalZ7d4QMBzQshowNtTK91euHaYNZOLGp18EzoOH1u3Hs/lJBQe -sYGpjX24zGtLA/ECDNyrpUAkAH90lKGdCCmziAv1h3edVc3kw37XamSrhRSGlVuX -MlBvPci6Zgzj/L24ScF2iUkZ/cCovYmjZy/Gn7xxGWC4LeksyZB2ZnuU4q941mVT -XTzWnLLPKQP5L6RQstRIzgUyVYr9smRMDuSYB3Xbf9+5CFVghTAp+XtIpGmG4zU/ -HoZdenoVve8AjhUiVBcAkCaTvA5JaJG/+EfTnZVCwQ5N328mz8MYIWJmQ3DW1cAH -4QIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV -HQ4EFgQUVeSB0RGAvtiJuQijMfmhJAkWuXAwDQYJKoZIhvcNAQEFBQADggEBADub -j1abMOdTmXx6eadNl9cZlZD7Bh/KM3xGY4+WZiT6QBshJ8rmcnPyT/4xmf3IDExo -U8aAghOY+rat2l098c5u9hURlIIM7j+VrxGrD9cv3h8Dj1csHsm7mhpElesYT6Yf -zX1XEC+bBAlahLVu2B064dae0Wx5XnkcFMXj0EyTO2U87d89vqbllRrDtRnDvV5b -u/8j72gZyxKTJ1wDLW8w0B62GqzeWvfRqqgnpv55gcR5mTNXuhKwqeBCbJPKVt7+ -bYQLCIt+jerXmCHG8+c8eS9enNFMFY3h7CI3zJpDC5fcgJCNs2ebb0gIFVbPv/Er -fF6adulZkMV8gzURZVE= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEkTCCA3mgAwIBAgIERWtQVDANBgkqhkiG9w0BAQUFADCBsDELMAkGA1UEBhMC -VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xOTA3BgNVBAsTMHd3dy5lbnRydXN0 -Lm5ldC9DUFMgaXMgaW5jb3Jwb3JhdGVkIGJ5IHJlZmVyZW5jZTEfMB0GA1UECxMW -KGMpIDIwMDYgRW50cnVzdCwgSW5jLjEtMCsGA1UEAxMkRW50cnVzdCBSb290IENl -cnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA2MTEyNzIwMjM0MloXDTI2MTEyNzIw -NTM0MlowgbAxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMTkw -NwYDVQQLEzB3d3cuZW50cnVzdC5uZXQvQ1BTIGlzIGluY29ycG9yYXRlZCBieSBy -ZWZlcmVuY2UxHzAdBgNVBAsTFihjKSAyMDA2IEVudHJ1c3QsIEluYy4xLTArBgNV -BAMTJEVudHJ1c3QgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASIwDQYJ -KoZIhvcNAQEBBQADggEPADCCAQoCggEBALaVtkNC+sZtKm9I35RMOVcF7sN5EUFo -Nu3s/poBj6E4KPz3EEZmLk0eGrEaTsbRwJWIsMn/MYszA9u3g3s+IIRe7bJWKKf4 -4LlAcTfFy0cOlypowCKVYhXbR9n10Cv/gkvJrT7eTNuQgFA/CYqEAOwwCj0Yzfv9 -KlmaI5UXLEWeH25DeW0MXJj+SKfFI0dcXv1u5x609mhF0YaDW6KKjbHjKYD+JXGI -rb68j6xSlkuqUY3kEzEZ6E5Nn9uss2rVvDlUccp6en+Q3X0dgNmBu1kmwhH+5pPi -94DkZfs0Nw4pgHBNrziGLp5/V6+eF67rHMsoIV+2HNjnogQi+dPa2MsCAwEAAaOB -sDCBrTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zArBgNVHRAEJDAi -gA8yMDA2MTEyNzIwMjM0MlqBDzIwMjYxMTI3MjA1MzQyWjAfBgNVHSMEGDAWgBRo -kORnpKZTgMeGZqTx90tD+4S9bTAdBgNVHQ4EFgQUaJDkZ6SmU4DHhmak8fdLQ/uE -vW0wHQYJKoZIhvZ9B0EABBAwDhsIVjcuMTo0LjADAgSQMA0GCSqGSIb3DQEBBQUA -A4IBAQCT1DCw1wMgKtD5Y+iRDAUgqV8ZyntyTtSx29CW+1RaGSwMCPeyvIWonX9t -O1KzKtvn1ISMY/YPyyYBkVBs9F8U4pN0wBOeMDpQ47RgxRzwIkSNcUesyBrJ6Zua -AGAT/3B+XxFNSRuzFVJ7yVTav52Vr2ua2J7p8eRDjeIRRDq/r72DQnNSi6q7pynP -9WQcCk3RvKqsnyrQ/39/2n3qse0wJcGE2jTSW3iDVuycNsMm4hH2Z0kdkquM++v/ -eu6FSqdQgPCnXEqULl8FmTxSQeDNtGPPAUO6nIPcj2A781q0tHuu2guQOHXvgR1m -0vdXcDazv/wor3ElhVsT/h5/WrQ8 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIC+TCCAoCgAwIBAgINAKaLeSkAAAAAUNCR+TAKBggqhkjOPQQDAzCBvzELMAkG -A1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3 -d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDEyIEVu -dHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEzMDEGA1UEAxMq -RW50cnVzdCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRUMxMB4XDTEy -MTIxODE1MjUzNloXDTM3MTIxODE1NTUzNlowgb8xCzAJBgNVBAYTAlVTMRYwFAYD -VQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQLEx9TZWUgd3d3LmVudHJ1c3QubmV0 -L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykgMjAxMiBFbnRydXN0LCBJbmMuIC0g -Zm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxMzAxBgNVBAMTKkVudHJ1c3QgUm9vdCBD -ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEVDMTB2MBAGByqGSM49AgEGBSuBBAAi -A2IABIQTydC6bUF74mzQ61VfZgIaJPRbiWlH47jCffHyAsWfoPZb1YsGGYZPUxBt -ByQnoaD41UcZYUx9ypMn6nQM72+WCf5j7HBdNq1nd67JnXxVRDqiY1Ef9eNi1KlH -Bz7MIKNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O -BBYEFLdj5xrdjekIplWDpOBqUEFlEUJJMAoGCCqGSM49BAMDA2cAMGQCMGF52OVC -R98crlOZF7ZvHH3hvxGU0QOIdeSNiaSKd0bebWHvAvX7td/M/k7//qnmpwIwW5nX -hTcGtXsI/esni0qU+eH6p44mCOh8kmhtc9hvJqwhAriZtyZBWyVgrtBIGu4G ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEPjCCAyagAwIBAgIESlOMKDANBgkqhkiG9w0BAQsFADCBvjELMAkGA1UEBhMC -VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50 -cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDA5IEVudHJ1c3Qs -IEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEyMDAGA1UEAxMpRW50cnVz -dCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzIwHhcNMDkwNzA3MTcy -NTU0WhcNMzAxMjA3MTc1NTU0WjCBvjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVu -dHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwt -dGVybXMxOTA3BgNVBAsTMChjKSAyMDA5IEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0 -aG9yaXplZCB1c2Ugb25seTEyMDAGA1UEAxMpRW50cnVzdCBSb290IENlcnRpZmlj -YXRpb24gQXV0aG9yaXR5IC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK -AoIBAQC6hLZy254Ma+KZ6TABp3bqMriVQRrJ2mFOWHLP/vaCeb9zYQYKpSfYs1/T -RU4cctZOMvJyig/3gxnQaoCAAEUesMfnmr8SVycco2gvCoe9amsOXmXzHHfV1IWN -cCG0szLni6LVhjkCsbjSR87kyUnEO6fe+1R9V77w6G7CebI6C1XiUJgWMhNcL3hW -wcKUs/Ja5CeanyTXxuzQmyWC48zCxEXFjJd6BmsqEZ+pCm5IO2/b1BEZQvePB7/1 -U1+cPvQXLOZprE4yTGJ36rfo5bs0vBmLrpxR57d+tVOxMyLlbc9wPBr64ptntoP0 -jaWvYkxN4FisZDQSA/i2jZRjJKRxAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAP -BgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRqciZ60B7vfec7aVHUbI2fkBJmqzAN -BgkqhkiG9w0BAQsFAAOCAQEAeZ8dlsa2eT8ijYfThwMEYGprmi5ZiXMRrEPR9RP/ -jTkrwPK9T3CMqS/qF8QLVJ7UG5aYMzyorWKiAHarWWluBh1+xLlEjZivEtRh2woZ -Rkfz6/djwUAFQKXSt/S1mja/qYh2iARVBCuch38aNzx+LaUa2NSJXsq9rD1s2G2v -1fN2D807iDginWyTmsQ9v4IbZT+mD12q/OWyFcq1rca8PdCE6OoGcrBNOTJ4vz4R -nAuknZoh8/CbCzB428Hch0P+vGOaysXCHMnHjf87ElgI5rY97HosTvuDls4MPGmH -VHOkc8KT/1EQrBVUAdj8BbGJoX90g5pJ19xOe4pIb4tF9g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFiDCCA3CgAwIBAgIIfQmX/vBH6nowDQYJKoZIhvcNAQELBQAwYjELMAkGA1UE -BhMCQ04xMjAwBgNVBAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZ -IENPLixMVEQuMR8wHQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMB4XDTE0 -MTEyNjA1MTMxNVoXDTQwMTIzMTE1NTk1OVowYjELMAkGA1UEBhMCQ04xMjAwBgNV -BAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZIENPLixMVEQuMR8w -HQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMIICIjANBgkqhkiG9w0BAQEF -AAOCAg8AMIICCgKCAgEA2aMW8Mh0dHeb7zMNOwZ+Vfy1YI92hhJCfVZmPoiC7XJj -Dp6L3TQsAlFRwxn9WVSEyfFrs0yw6ehGXTjGoqcuEVe6ghWinI9tsJlKCvLriXBj -TnnEt1u9ol2x8kECK62pOqPseQrsXzrj/e+APK00mxqriCZ7VqKChh/rNYmDf1+u -KU49tm7srsHwJ5uu4/Ts765/94Y9cnrrpftZTqfrlYwiOXnhLQiPzLyRuEH3FMEj -qcOtmkVEs7LXLM3GKeJQEK5cy4KOFxg2fZfmiJqwTTQJ9Cy5WmYqsBebnh52nUpm -MUHfP/vFBu8btn4aRjb3ZGM74zkYI+dndRTVdVeSN72+ahsmUPI2JgaQxXABZG12 -ZuGR224HwGGALrIuL4xwp9E7PLOR5G62xDtw8mySlwnNR30YwPO7ng/Wi64HtloP -zgsMR6flPri9fcebNaBhlzpBdRfMK5Z3KpIhHtmVdiBnaM8Nvd/WHwlqmuLMc3Gk -L30SgLdTMEZeS1SZD2fJpcjyIMGC7J0R38IC+xo70e0gmu9lZJIQDSri3nDxGGeC -jGHeuLzRL5z7D9Ar7Rt2ueQ5Vfj4oR24qoAATILnsn8JuLwwoC8N9VKejveSswoA -HQBUlwbgsQfZxw9cZX08bVlX5O2ljelAU58VS6Bx9hoh49pwBiFYFIeFd3mqgnkC -AwEAAaNCMEAwHQYDVR0OBBYEFOLJQJ9NzuiaoXzPDj9lxSmIahlRMA8GA1UdEwEB -/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQDRSVfg -p8xoWLoBDysZzY2wYUWsEe1jUGn4H3++Fo/9nesLqjJHdtJnJO29fDMylyrHBYZm -DRd9FBUb1Ov9H5r2XpdptxolpAqzkT9fNqyL7FeoPueBihhXOYV0GkLH6VsTX4/5 -COmSdI31R9KrO9b7eGZONn356ZLpBN79SWP8bfsUcZNnL0dKt7n/HipzcEYwv1ry -L3ml4Y0M2fmyYzeMN2WFcGpcWwlyua1jPLHd+PwyvzeG5LuOmCd+uh8W4XAR8gPf -JWIyJyYYMoSf/wA6E7qaTfRPuBRwIrHKK5DOKcFw9C+df/KQHtZa37dG/OaG+svg -IHZ6uqbL9XzeYqWxi+7egmaKTjowHz+Ay60nugxe19CxVsp3cbK1daFQqUBDF8Io -2c9Si1vIY9RCPqAzekYu9wogRlR+ak8x8YF+QnQ4ZXMn7sZ8uI7XpTrXmKGcjBBV -09tL7ECQ8s1uV9JiDnxXk7Gnbc2dg7sq5+W2O3FYrf3RRbxake5TFW/TRQl1brqQ -XR4EzzffHqhmsYzmIGrv/EhOdJhCrylvLmrH+33RZjEizIYAfmaDDEL0vTSSwxrq -T8p+ck0LcIymSLumoRT2+1hEmRSuqguTaaApJUqlyyvdimYHFngVV3Eb7PVHhPOe -MTd61X8kreS8/f3MboPoDKi3QWwH3b08hpcv0g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT -MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i -YWwgQ0EwHhcNMDIwNTIxMDQwMDAwWhcNMjIwNTIxMDQwMDAwWjBCMQswCQYDVQQG -EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMSR2VvVHJ1c3Qg -R2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2swYYzD9 -9BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9mOSm9BXiLnTjoBbdq -fnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIuT8rxh0PBFpVXLVDv -iS2Aelet8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6cJmTM386DGXHKTubU -1XupGc1V3sjs0l44U+VcT4wt/lAjNvxm5suOpDkZALeVAjmRCw7+OC7RHQWa9k0+ -bw8HHa8sHo9gOeL6NlMTOdReJivbPagUvTLrGAMoUgRx5aszPeE4uwc2hGKceeoW -MPRfwCvocWvk+QIDAQABo1MwUTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTA -ephojYn7qwVkDBF9qn1luMrMTjAfBgNVHSMEGDAWgBTAephojYn7qwVkDBF9qn1l -uMrMTjANBgkqhkiG9w0BAQUFAAOCAQEANeMpauUvXVSOKVCUn5kaFOSPeCpilKIn -Z57QzxpeR+nBsqTP3UEaBU6bS+5Kb1VSsyShNwrrZHYqLizz/Tt1kL/6cdjHPTfS -tQWVYrmm3ok9Nns4d0iXrKYgjy6myQzCsplFAMfOEVEiIuCl6rYVSAlk6l5PdPcF -PseKUgzbFbS9bZvlxrFUaKnjaZC2mqUPuLk/IH2uSrW4nOQdtqvmlKXBx4Ot2/Un -hw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6pXE0zX5IJL4hmXXeXxx12E6nV -5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvmMw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDfDCCAmSgAwIBAgIQGKy1av1pthU6Y2yv2vrEoTANBgkqhkiG9w0BAQUFADBY -MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjExMC8GA1UEAxMo -R2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNjEx -MjcwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMFgxCzAJBgNVBAYTAlVTMRYwFAYDVQQK -Ew1HZW9UcnVzdCBJbmMuMTEwLwYDVQQDEyhHZW9UcnVzdCBQcmltYXJ5IENlcnRp -ZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC -AQEAvrgVe//UfH1nrYNke8hCUy3f9oQIIGHWAVlqnEQRr+92/ZV+zmEwu3qDXwK9 -AWbK7hWNb6EwnL2hhZ6UOvNWiAAxz9juapYC2e0DjPt1befquFUWBRaa9OBesYjA -ZIVcFU2Ix7e64HXprQU9nceJSOC7KMgD4TCTZF5SwFlwIjVXiIrxlQqD17wxcwE0 -7e9GceBrAqg1cmuXm2bgyxx5X9gaBGgeRwLmnWDiNpcB3841kt++Z8dtd1k7j53W -kBWUvEI0EME5+bEnPn7WinXFsq+W06Lem+SYvn3h6YGttm/81w7a4DSwDRp35+MI -mO9Y+pyEtzavwt+s0vQQBnBxNQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4G -A1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQULNVQQZcVi/CPNmFbSvtr2ZnJM5IwDQYJ -KoZIhvcNAQEFBQADggEBAFpwfyzdtzRP9YZRqSa+S7iq8XEN3GHHoOo0Hnp3DwQ1 -6CePbJC/kRYkRj5KTs4rFtULUh38H2eiAkUxT87z+gOneZ1TatnaYzr4gNfTmeGl -4b7UVXGYNTq+k+qurUKykG/g/CFNNWMziUnWm07Kx+dOCQD32sfvmWKZd7aVIl6K -oKv0uHiYyjgZmclynnjNS6yvGaBzEi38wkG6gZHaFloxt/m0cYASSJlyc1pZU8Fj -UjPtp8nSOQJw+uCxQmYpqptR7TBUIhRf2asdweSU8Pj1K/fqynhG1riR/aYNKxoU -AT6A8EKglQdebc3MS6RFjasS6LPeWuWgfOgPIh1a6Vk= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICrjCCAjWgAwIBAgIQPLL0SAoA4v7rJDteYD7DazAKBggqhkjOPQQDAzCBmDEL -MAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsTMChj -KSAyMDA3IEdlb1RydXN0IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTE2 -MDQGA1UEAxMtR2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0 -eSAtIEcyMB4XDTA3MTEwNTAwMDAwMFoXDTM4MDExODIzNTk1OVowgZgxCzAJBgNV -BAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMTkwNwYDVQQLEzAoYykgMjAw -NyBHZW9UcnVzdCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxNjA0BgNV -BAMTLUdlb1RydXN0IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBH -MjB2MBAGByqGSM49AgEGBSuBBAAiA2IABBWx6P0DFUPlrOuHNxFi79KDNlJ9RVcL -So17VDs6bl8VAsBQps8lL33KSLjHUGMcKiEIfJo22Av+0SbFWDEwKCXzXV2juLal -tJLtbCyf691DiaI8S0iRHVDsJt/WYC69IaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAO -BgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFBVfNVdRVfslsq0DafwBo/q+EVXVMAoG -CCqGSM49BAMDA2cAMGQCMGSWWaboCd6LuvpaiIjwH5HTRqjySkwCY/tsXzjbLkGT -qQ7mndwxHLKgpxgceeHHNgIwOlavmnRs9vuD4DPTCF+hnMJbn0bWtsuRBmOiBucz -rD6ogRLQy7rQkgu2npaqBA+K ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID/jCCAuagAwIBAgIQFaxulBmyeUtB9iepwxgPHzANBgkqhkiG9w0BAQsFADCB -mDELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsT -MChjKSAyMDA4IEdlb1RydXN0IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25s -eTE2MDQGA1UEAxMtR2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhv -cml0eSAtIEczMB4XDTA4MDQwMjAwMDAwMFoXDTM3MTIwMTIzNTk1OVowgZgxCzAJ -BgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMTkwNwYDVQQLEzAoYykg -MjAwOCBHZW9UcnVzdCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxNjA0 -BgNVBAMTLUdlb1RydXN0IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg -LSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANziXmJYHTNXOTIz -+uvLh4yn1ErdBojqZI4xmKU4kB6Yzy5jK/BGvESyiaHAKAxJcCGVn2TAppMSAmUm -hsalifD614SgcK9PGpc/BkTVyetyEH3kMSj7HGHmKAdEc5IiaacDiGydY8hS2pgn -5whMcD60yRLBxWeDXTPzAxHsatBT4tG6NmCUgLthY2xbF37fQJQeqw3CIShwiP/W -JmxsYAQlTlV+fe+/lEjetx3dcI0FX4ilm/LC7urRQEFtYjgdVgbFA0dRIBn8exAL -DmKudlW/X3e+PkkBUz2YJQN2JFodtNuJ6nnltrM7P7pMKEF/BqxqjsHQ9gUdfeZC -huOl1UcCAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw -HQYDVR0OBBYEFMR5yo6hTgMdHNxr2zFblD4/MH8tMA0GCSqGSIb3DQEBCwUAA4IB -AQAtxRPPVoB7eni9n64smefv2t+UXglpp+duaIy9cr5HqQ6XErhK8WTTOd8lNNTB -zU6B8A8ExCSzNJbGpqow32hhc9f5joWJ7w5elShKKiePEI4ufIbEAp7aDHdlDkQN -kv39sxY2+hENHYwOB4lqKVb3cvTdFZx3NWZXqxNT2I7BQMXXExZacse3aQHEerGD -AWh9jUGhlBjBJVz88P6DAod8DQ3PLghcSkANPuyBYeYk28rgDi0Hsj5W3I31QYUH -SJsMC8tJP33st/3LjWeJGqvtux6jAAgIFyqCXDFdRootD4abdNlF+9RAsXqqaC2G -spki4cErx5z481+oghLrGREt ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFaDCCA1CgAwIBAgIBATANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJVUzEW -MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEeMBwGA1UEAxMVR2VvVHJ1c3QgVW5pdmVy -c2FsIENBMB4XDTA0MDMwNDA1MDAwMFoXDTI5MDMwNDA1MDAwMFowRTELMAkGA1UE -BhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xHjAcBgNVBAMTFUdlb1RydXN0 -IFVuaXZlcnNhbCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKYV -VaCjxuAfjJ0hUNfBvitbtaSeodlyWL0AG0y/YckUHUWCq8YdgNY96xCcOq9tJPi8 -cQGeBvV8Xx7BDlXKg5pZMK4ZyzBIle0iN430SppyZj6tlcDgFgDgEB8rMQ7XlFTT -QjOgNB0eRXbdT8oYN+yFFXoZCPzVx5zw8qkuEKmS5j1YPakWaDwvdSEYfyh3peFh -F7em6fgemdtzbvQKoiFs7tqqhZJmr/Z6a4LauiIINQ/PQvE1+mrufislzDoR5G2v -c7J2Ha3QsnhnGqQ5HFELZ1aD/ThdDc7d8Lsrlh/eezJS/R27tQahsiFepdaVaH/w -mZ7cRQg+59IJDTWU3YBOU5fXtQlEIGQWFwMCTFMNaN7VqnJNk22CDtucvc+081xd -VHppCZbW2xHBjXWotM85yM48vCR85mLK4b19p71XZQvk/iXttmkQ3CgaRr0BHdCX -teGYO8A3ZNY9lO4L4fUorgtWv3GLIylBjobFS1J72HGrH4oVpjuDWtdYAVHGTEHZ -f9hBZ3KiKN9gg6meyHv8U3NyWfWTehd2Ds735VzZC1U0oqpbtWpU5xPKV+yXbfRe -Bi9Fi1jUIxaS5BZuKGNZMN9QAZxjiRqf2xeUgnA3wySemkfWWspOqGmJch+RbNt+ -nhutxx9z3SxPGWX9f5NAEC7S8O08ni4oPmkmM8V7AgMBAAGjYzBhMA8GA1UdEwEB -/wQFMAMBAf8wHQYDVR0OBBYEFNq7LqqwDLiIJlF0XG0D08DYj3rWMB8GA1UdIwQY -MBaAFNq7LqqwDLiIJlF0XG0D08DYj3rWMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG -9w0BAQUFAAOCAgEAMXjmx7XfuJRAyXHEqDXsRh3ChfMoWIawC/yOsjmPRFWrZIRc -aanQmjg8+uUfNeVE44B5lGiku8SfPeE0zTBGi1QrlaXv9z+ZhP015s8xxtxqv6fX -IwjhmF7DWgh2qaavdy+3YL1ERmrvl/9zlcGO6JP7/TG37FcREUWbMPEaiDnBTzyn -ANXH/KttgCJwpQzgXQQpAvvLoJHRfNbDflDVnVi+QTjruXU8FdmbyUqDWcDaU/0z -uzYYm4UPFd3uLax2k7nZAY1IEKj79TiG8dsKxr2EoyNB3tZ3b4XUhRxQ4K5RirqN -Pnbiucon8l+f725ZDQbYKxek0nxru18UGkiPGkzns0ccjkxFKyDuSN/n3QmOGKja -QI2SJhFTYXNd673nxE0pN2HrrDktZy4W1vUAg4WhzH92xH3kt0tm7wNFYGm2DFKW -koRepqO1pD4r2czYG0eq8kTaT/kD6PAUyz/zg97QwVTjt+gKN02LIFkDMBmhLMi9 -ER/frslKxfMnZmaGrGiR/9nmUxwPi1xpZQomyB40w11Re9epnAahNt3ViZS82eQt -DF4JbAiXfKM9fJP/P6EUp8+1Xevb2xzEdt+Iub1FBZUbrvxGakyvSOPOrg/Sfuvm -bJxPgWp6ZKy7PtXny3YuxadIwVyQD8vIP/rmMuGNG2+k5o7Y+SlIis5z/iw= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFbDCCA1SgAwIBAgIBATANBgkqhkiG9w0BAQUFADBHMQswCQYDVQQGEwJVUzEW -MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMXR2VvVHJ1c3QgVW5pdmVy -c2FsIENBIDIwHhcNMDQwMzA0MDUwMDAwWhcNMjkwMzA0MDUwMDAwWjBHMQswCQYD -VQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMXR2VvVHJ1 -c3QgVW5pdmVyc2FsIENBIDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC -AQCzVFLByT7y2dyxUxpZKeexw0Uo5dfR7cXFS6GqdHtXr0om/Nj1XqduGdt0DE81 -WzILAePb63p3NeqqWuDW6KFXlPCQo3RWlEQwAx5cTiuFJnSCegx2oG9NzkEtoBUG -FF+3Qs17j1hhNNwqCPkuwwGmIkQcTAeC5lvO0Ep8BNMZcyfwqph/Lq9O64ceJHdq -XbboW0W63MOhBW9Wjo8QJqVJwy7XQYci4E+GymC16qFjwAGXEHm9ADwSbSsVsaxL -se4YuU6W3Nx2/zu+z18DwPw76L5GG//aQMJS9/7jOvdqdzXQ2o3rXhhqMcceujwb -KNZrVMaqW9eiLBsZzKIC9ptZvTdrhrVtgrrY6slWvKk2WP0+GfPtDCapkzj4T8Fd -IgbQl+rhrcZV4IErKIM6+vR7IVEAvlI4zs1meaj0gVbi0IMJR1FbUGrP20gaXT73 -y/Zl92zxlfgCOzJWgjl6W70viRu/obTo/3+NjN8D8WBOWBFM66M/ECuDmgFz2ZRt -hAAnZqzwcEAJQpKtT5MNYQlRJNiS1QuUYbKHsu3/mjX/hVTK7URDrBs8FmtISgoc -QIgfksILAAX/8sgCSqSqqcyZlpwvWOB94b67B9xfBHJcMTTD7F8t4D1kkCLm0ey4 -Lt1ZrtmhN79UNdxzMk+MBB4zsslG8dhcyFVQyWi9qLo2CQIDAQABo2MwYTAPBgNV -HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR281Xh+qQ2+/CfXGJx7Tz0RzgQKzAfBgNV -HSMEGDAWgBR281Xh+qQ2+/CfXGJx7Tz0RzgQKzAOBgNVHQ8BAf8EBAMCAYYwDQYJ -KoZIhvcNAQEFBQADggIBAGbBxiPz2eAubl/oz66wsCVNK/g7WJtAJDday6sWSf+z -dXkzoS9tcBc0kf5nfo/sm+VegqlVHy/c1FEHEv6sFj4sNcZj/NwQ6w2jqtB8zNHQ -L1EuxBRa3ugZ4T7GzKQp5y6EqgYweHZUcyiYWTjgAA1i00J9IZ+uPTqM1fp3DRgr -Fg5fNuH8KrUwJM/gYwx7WBr+mbpCErGR9Hxo4sjoryzqyX6uuyo9DRXcNJW2GHSo -ag/HtPQTxORb7QrSpJdMKu0vbBKJPfEncKpqA1Ihn0CoZ1Dy81of398j9tx4TuaY -T1U6U+Pv8vSfx3zYWK8pIpe44L2RLrB27FcRz+8pRPPphXpgY+RdM4kX2TGq2tbz -GDVyz4crL2MjhF2EjD9XoIj8mZEoJmmZ1I+XRL6O1UixpCgp8RW04eWe3fiPpm8m -1wk8OhwRDqZsN/etRIcsKMfYdIKz0G9KV7s1KSegi+ghp4dkNl3M2Basx7InQJJV -OCiNUW7dFGdTbHFcJoRNdVq2fmBWqU2t+5sel/MN2dKXVHfaPRK34B7vCAas+YWH -6aLcr34YEoP9VhdBLtUpgn2Z9DH2canPLAEnpQW5qrJITirvn5NSUZU8UnOOVkwX -QMAJKOSLakhT2+zNVVXxxvjpoixMptEmX36vWkzaH6byHCx+rgIW0lbQL1dTR+iS ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB4TCCAYegAwIBAgIRKjikHJYKBN5CsiilC+g0mAIwCgYIKoZIzj0EAwIwUDEk -MCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI0MRMwEQYDVQQKEwpH -bG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWduMB4XDTEyMTExMzAwMDAwMFoX -DTM4MDExOTAzMTQwN1owUDEkMCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBD -QSAtIFI0MRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWdu -MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEuMZ5049sJQ6fLjkZHAOkrprlOQcJ -FspjsbmG+IpXwVfOQvpzofdlQv8ewQCybnMO/8ch5RikqtlxP6jUuc6MHaNCMEAw -DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFFSwe61F -uOJAf/sKbvu+M8k8o4TVMAoGCCqGSM49BAMCA0gAMEUCIQDckqGgE6bPA7DmxCGX -kPoUVy0D7O48027KqGx2vKLeuwIgJ6iFJzWbVsaj8kfSt24bAgAXqmemFZHe+pTs -ewv4n4Q= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICHjCCAaSgAwIBAgIRYFlJ4CYuu1X5CneKcflK2GwwCgYIKoZIzj0EAwMwUDEk -MCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI1MRMwEQYDVQQKEwpH -bG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWduMB4XDTEyMTExMzAwMDAwMFoX -DTM4MDExOTAzMTQwN1owUDEkMCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBD -QSAtIFI1MRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWdu -MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAER0UOlvt9Xb/pOdEh+J8LttV7HpI6SFkc -8GIxLcB6KP4ap1yztsyX50XUWPrRd21DosCHZTQKH3rd6zwzocWdTaRvQZU4f8ke -hOvRnkmSh5SHDDqFSmafnVmTTZdhBoZKo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYD -VR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUPeYpSJvqB8ohREom3m7e0oPQn1kwCgYI -KoZIzj0EAwMDaAAwZQIxAOVpEslu28YxuglB4Zf4+/2a4n0Sye18ZNPLBSWLVtmg -515dTguDnFt2KaAJJiFqYgIwcdK1j1zqO+F4CYWodZI7yFz9SO8NdCKoCOJuxUnO -xwy8p2Fp8fc74SrL+SvzZpA3 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG -A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv -b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw -MDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i -YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT -aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ -jc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp -xy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp -1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdG -snUOhugZitVtbNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJ -U26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N8 -9iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E -BTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0B -AQUFAAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOz -yj1hTdNGCbM+w6DjY1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE -38NflNUVyRRBnMRddWQVDf9VMOyGj/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymP -AbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad -DKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME -HMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4G -A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp -Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDYxMjE1MDgwMDAwWhcNMjExMjE1 -MDgwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEG -A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAKbPJA6+Lm8omUVCxKs+IVSbC9N/hHD6ErPL -v4dfxn+G07IwXNb9rfF73OX4YJYJkhD10FPe+3t+c4isUoh7SqbKSaZeqKeMWhG8 -eoLrvozps6yWJQeXSpkqBy+0Hne/ig+1AnwblrjFuTosvNYSuetZfeLQBoZfXklq -tTleiDTsvHgMCJiEbKjNS7SgfQx5TfC4LcshytVsW33hoCmEofnTlEnLJGKRILzd -C9XZzPnqJworc5HGnRusyMvo4KD0L5CLTfuwNhv2GXqF4G3yYROIXJ/gkwpRl4pa -zq+r1feqCapgvdzZX99yqWATXgAByUr6P6TqBwMhAo6CygPCm48CAwEAAaOBnDCB -mTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUm+IH -V2ccHsBqBt5ZtJot39wZhi4wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5n -bG9iYWxzaWduLm5ldC9yb290LXIyLmNybDAfBgNVHSMEGDAWgBSb4gdXZxwewGoG -3lm0mi3f3BmGLjANBgkqhkiG9w0BAQUFAAOCAQEAmYFThxxol4aR7OBKuEQLq4Gs -J0/WwbgcQ3izDJr86iw8bmEbTUsp9Z8FHSbBuOmDAGJFtqkIk7mpM0sYmsL4h4hO -291xNBrBVNpGP+DTKqttVCL1OmLNIG+6KYnX3ZHu01yiPqFbQfXf5WRDLenVOavS -ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd -AfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7 -TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDXzCCAkegAwIBAgILBAAAAAABIVhTCKIwDQYJKoZIhvcNAQELBQAwTDEgMB4G -A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbFNp -Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDkwMzE4MTAwMDAwWhcNMjkwMzE4 -MTAwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEG -A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAMwldpB5BngiFvXAg7aEyiie/QV2EcWtiHL8 -RgJDx7KKnQRfJMsuS+FggkbhUqsMgUdwbN1k0ev1LKMPgj0MK66X17YUhhB5uzsT -gHeMCOFJ0mpiLx9e+pZo34knlTifBtc+ycsmWQ1z3rDI6SYOgxXG71uL0gRgykmm -KPZpO/bLyCiR5Z2KYVc3rHQU3HTgOu5yLy6c+9C7v/U9AOEGM+iCK65TpjoWc4zd -QQ4gOsC0p6Hpsk+QLjJg6VfLuQSSaGjlOCZgdbKfd/+RFO+uIEn8rUAVSNECMWEZ -XriX7613t2Saer9fwRPvm2L7DWzgVGkWqQPabumDk3F2xmmFghcCAwEAAaNCMEAw -DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFI/wS3+o -LkUkrk1Q+mOai97i3Ru8MA0GCSqGSIb3DQEBCwUAA4IBAQBLQNvAUKr+yAzv95ZU -RUm7lgAJQayzE4aGKAczymvmdLm6AC2upArT9fHxD4q/c2dKg8dEe3jgr25sbwMp -jjM5RcOO5LlXbKr8EpbsU8Yt5CRsuZRj+9xTaGdWPoO4zzUhw8lo/s7awlOqzJCK -6fBdRoyV3XpYKBovHd7NADdBj+1EbddTKJd+82cEHhXXipa0095MJ6RMG3NzdvQX -mcIfeg7jLQitChws/zyrVQ4PkX4268NXSb7hLi18YIvDQVETI53O9zJrlAGomecs -Mx86OyXShkDOOyyGeMlhLxS67ttVb9+E7gUJTb0o2HLO02JQZR7rkpeDMdmztcpH -WD9f ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIHSTCCBTGgAwIBAgIJAMnN0+nVfSPOMA0GCSqGSIb3DQEBBQUAMIGsMQswCQYD -VQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0 -IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAGA1UEBRMJQTgyNzQzMjg3 -MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xJzAlBgNVBAMTHkdsb2JhbCBD -aGFtYmVyc2lnbiBSb290IC0gMjAwODAeFw0wODA4MDExMjMxNDBaFw0zODA3MzEx -MjMxNDBaMIGsMQswCQYDVQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3Vy -cmVudCBhZGRyZXNzIGF0IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAG -A1UEBRMJQTgyNzQzMjg3MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xJzAl -BgNVBAMTHkdsb2JhbCBDaGFtYmVyc2lnbiBSb290IC0gMjAwODCCAiIwDQYJKoZI -hvcNAQEBBQADggIPADCCAgoCggIBAMDfVtPkOpt2RbQT2//BthmLN0EYlVJH6xed -KYiONWwGMi5HYvNJBL99RDaxccy9Wglz1dmFRP+RVyXfXjaOcNFccUMd2drvXNL7 -G706tcuto8xEpw2uIRU/uXpbknXYpBI4iRmKt4DS4jJvVpyR1ogQC7N0ZJJ0YPP2 -zxhPYLIj0Mc7zmFLmY/CDNBAspjcDahOo7kKrmCgrUVSY7pmvWjg+b4aqIG7HkF4 -ddPB/gBVsIdU6CeQNR1MM62X/JcumIS/LMmjv9GYERTtY/jKmIhYF5ntRQOXfjyG -HoiMvvKRhI9lNNgATH23MRdaKXoKGCQwoze1eqkBfSbW+Q6OWfH9GzO1KTsXO0G2 -Id3UwD2ln58fQ1DJu7xsepeY7s2MH/ucUa6LcL0nn3HAa6x9kGbo1106DbDVwo3V -yJ2dwW3Q0L9R5OP4wzg2rtandeavhENdk5IMagfeOx2YItaswTXbo6Al/3K1dh3e -beksZixShNBFks4c5eUzHdwHU1SjqoI7mjcv3N2gZOnm3b2u/GSFHTynyQbehP9r -6GsaPMWis0L7iwk+XwhSx2LE1AVxv8Rk5Pihg+g+EpuoHtQ2TS9x9o0o9oOpE9Jh -wZG7SMA0j0GMS0zbaRL/UJScIINZc+18ofLx/d33SdNDWKBWY8o9PeU1VlnpDsog -zCtLkykPAgMBAAGjggFqMIIBZjASBgNVHRMBAf8ECDAGAQH/AgEMMB0GA1UdDgQW -BBS5CcqcHtvTbDprru1U8VuTBjUuXjCB4QYDVR0jBIHZMIHWgBS5CcqcHtvTbDpr -ru1U8VuTBjUuXqGBsqSBrzCBrDELMAkGA1UEBhMCRVUxQzBBBgNVBAcTOk1hZHJp -ZCAoc2VlIGN1cnJlbnQgYWRkcmVzcyBhdCB3d3cuY2FtZXJmaXJtYS5jb20vYWRk -cmVzcykxEjAQBgNVBAUTCUE4Mjc0MzI4NzEbMBkGA1UEChMSQUMgQ2FtZXJmaXJt -YSBTLkEuMScwJQYDVQQDEx5HbG9iYWwgQ2hhbWJlcnNpZ24gUm9vdCAtIDIwMDiC -CQDJzdPp1X0jzjAOBgNVHQ8BAf8EBAMCAQYwPQYDVR0gBDYwNDAyBgRVHSAAMCow -KAYIKwYBBQUHAgEWHGh0dHA6Ly9wb2xpY3kuY2FtZXJmaXJtYS5jb20wDQYJKoZI -hvcNAQEFBQADggIBAICIf3DekijZBZRG/5BXqfEv3xoNa/p8DhxJJHkn2EaqbylZ -UohwEurdPfWbU1Rv4WCiqAm57OtZfMY18dwY6fFn5a+6ReAJ3spED8IXDneRRXoz -X1+WLGiLwUePmJs9wOzL9dWCkoQ10b42OFZyMVtHLaoXpGNR6woBrX/sdZ7LoR/x -fxKxueRkf2fWIyr0uDldmOghp+G9PUIadJpwr2hsUF1Jz//7Dl3mLEfXgTpZALVz -a2Mg9jFFCDkO9HB+QHBaP9BrQql0PSgvAm11cpUJjUhjxsYjV5KTXjXBjfkK9yyd -Yhz2rXzdpjEetrHHfoUm+qRqtdpjMNHvkzeyZi99Bffnt0uYlDXA2TopwZ2yUDMd -SqlapskD7+3056huirRXhOukP9DuqqqHW2Pok+JrqNS4cnhrG+055F3Lm6qH1U9O -AP7Zap88MQ8oAgF9mOinsKJknnn4SPIVqczmyETrP3iZ8ntxPjzxmKfFGBI/5rso -M0LpRQp8bfKGeS/Fghl9CYl8slR2iK7ewfPM4W7bMdaTrpmg7yVqc5iJWzouE4ge -v8CSlDQb4ye3ix5vQv/n6TebUB0tovkC7stYWDpxvGjjqsGvHCgfotwjZT+B6q6Z -09gwzxMNTxXJhLynSC34MCN32EZLeW32jO06f2ARePTpm67VVMB0gNELQp/B ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEADCCAuigAwIBAgIBADANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEh -MB8GA1UEChMYVGhlIEdvIERhZGR5IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBE -YWRkeSBDbGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA0MDYyOTE3 -MDYyMFoXDTM0MDYyOTE3MDYyMFowYzELMAkGA1UEBhMCVVMxITAfBgNVBAoTGFRo -ZSBHbyBEYWRkeSBHcm91cCwgSW5jLjExMC8GA1UECxMoR28gRGFkZHkgQ2xhc3Mg -MiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASAwDQYJKoZIhvcNAQEBBQADggEN -ADCCAQgCggEBAN6d1+pXGEmhW+vXX0iG6r7d/+TvZxz0ZWizV3GgXne77ZtJ6XCA -PVYYYwhv2vLM0D9/AlQiVBDYsoHUwHU9S3/Hd8M+eKsaA7Ugay9qK7HFiH7Eux6w -wdhFJ2+qN1j3hybX2C32qRe3H3I2TqYXP2WYktsqbl2i/ojgC95/5Y0V4evLOtXi -EqITLdiOr18SPaAIBQi2XKVlOARFmR6jYGB0xUGlcmIbYsUfb18aQr4CUWWoriMY -avx4A6lNf4DD+qta/KFApMoZFv6yyO9ecw3ud72a9nmYvLEHZ6IVDd2gWMZEewo+ -YihfukEHU1jPEX44dMX4/7VpkI+EdOqXG68CAQOjgcAwgb0wHQYDVR0OBBYEFNLE -sNKR1EwRcbNhyz2h/t2oatTjMIGNBgNVHSMEgYUwgYKAFNLEsNKR1EwRcbNhyz2h -/t2oatTjoWekZTBjMQswCQYDVQQGEwJVUzEhMB8GA1UEChMYVGhlIEdvIERhZGR5 -IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBEYWRkeSBDbGFzcyAyIENlcnRpZmlj -YXRpb24gQXV0aG9yaXR5ggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQAD -ggEBADJL87LKPpH8EsahB4yOd6AzBhRckB4Y9wimPQoZ+YeAEW5p5JYXMP80kWNy -OO7MHAGjHZQopDH2esRU1/blMVgDoszOYtuURXO1v0XJJLXVggKtI3lpjbi2Tc7P -TMozI+gciKqdi0FuFskg5YmezTvacPd+mSYgFFQlq25zheabIZ0KbIIOqPjCDPoQ -HmyW74cNxA9hi63ugyuV+I6ShHI56yDqg+2DzZduCLzrTia2cyvk0/ZM/iZx4mER -dEr/VxqHD3VILs9RaRegAhJhldXRQLIQTO7ErBBDpqWeCtWVYpoNz4iCxTIM5Cuf -ReYNnyicsbkqWletNw+vHX/bvZ8= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDxTCCAq2gAwIBAgIBADANBgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhMCVVMx -EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoT -EUdvRGFkZHkuY29tLCBJbmMuMTEwLwYDVQQDEyhHbyBEYWRkeSBSb290IENlcnRp -ZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5MDkwMTAwMDAwMFoXDTM3MTIzMTIz -NTk1OVowgYMxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQH -EwpTY290dHNkYWxlMRowGAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjExMC8GA1UE -AxMoR28gRGFkZHkgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjCCASIw -DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL9xYgjx+lk09xvJGKP3gElY6SKD -E6bFIEMBO4Tx5oVJnyfq9oQbTqC023CYxzIBsQU+B07u9PpPL1kwIuerGVZr4oAH -/PMWdYA5UXvl+TW2dE6pjYIT5LY/qQOD+qK+ihVqf94Lw7YZFAXK6sOoBJQ7Rnwy -DfMAZiLIjWltNowRGLfTshxgtDj6AozO091GB94KPutdfMh8+7ArU6SSYmlRJQVh -GkSBjCypQ5Yj36w6gZoOKcUcqeldHraenjAKOc7xiID7S13MMuyFYkMlNAJWJwGR -tDtwKj9useiciAF9n9T521NtYJ2/LOdYq7hfRvzOxBsDPAnrSTFcaUaz4EcCAwEA -AaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYE -FDqahQcQZyi27/a9BUFuIMGU2g/eMA0GCSqGSIb3DQEBCwUAA4IBAQCZ21151fmX -WWcDYfF+OwYxdS2hII5PZYe096acvNjpL9DbWu7PdIxztDhC2gV7+AJ1uP2lsdeu -9tfeE8tTEH6KRtGX+rcuKxGrkLAngPnon1rpN5+r5N9ss4UXnT3ZJE95kTXWXwTr -gIOrmgIttRD02JDHBHNA7XIloKmf7J6raBKZV8aPEjoJpL1E/QYVN8Gb5DKj7Tjo -2GTzLH4U/ALqn83/B2gX2yKQOC16jdFU8WnjXzPKej17CuPKf1855eJ1usV2GDPO -LPAvTK33sefOT6jEm0pUBsV/fdUID+Ic/n4XuKxe9tQWskMJDE32p2u0mYRlynqI -4uJEvlz36hz1 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICwzCCAkqgAwIBAgIBADAKBggqhkjOPQQDAjCBqjELMAkGA1UEBhMCR1IxDzAN -BgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl -c2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRob3JpdHkxRDBCBgNVBAMTO0hl -bGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgRUNDIFJv -b3RDQSAyMDE1MB4XDTE1MDcwNzEwMzcxMloXDTQwMDYzMDEwMzcxMlowgaoxCzAJ -BgNVBAYTAkdSMQ8wDQYDVQQHEwZBdGhlbnMxRDBCBgNVBAoTO0hlbGxlbmljIEFj -YWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgQ2VydC4gQXV0aG9yaXR5 -MUQwQgYDVQQDEztIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0 -dXRpb25zIEVDQyBSb290Q0EgMjAxNTB2MBAGByqGSM49AgEGBSuBBAAiA2IABJKg -QehLgoRc4vgxEZmGZE4JJS+dQS8KrjVPdJWyUWRrjWvmP3CV8AVER6ZyOFB2lQJa -jq4onvktTpnvLEhvTCUp6NFxW98dwXU3tNf6e3pCnGoKVlp8aQuqgAkkbH7BRqNC -MEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFLQi -C4KZJAEOnLvkDv2/+5cgk5kqMAoGCCqGSM49BAMCA2cAMGQCMGfOFmI4oqxiRaep -lSTAGiecMjvAwNW6qef4BENThe5SId6d9SWDPp5YSy/XZxMOIQIwBeF1Ad5o7Sof -TUwJCA3sS61kFyjndc5FZXIhF8siQQ6ME5g4mlRtm8rifOoCWCKR ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEMTCCAxmgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBlTELMAkGA1UEBhMCR1Ix -RDBCBgNVBAoTO0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1 -dGlvbnMgQ2VydC4gQXV0aG9yaXR5MUAwPgYDVQQDEzdIZWxsZW5pYyBBY2FkZW1p -YyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIFJvb3RDQSAyMDExMB4XDTExMTIw -NjEzNDk1MloXDTMxMTIwMTEzNDk1MlowgZUxCzAJBgNVBAYTAkdSMUQwQgYDVQQK -EztIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIENl -cnQuIEF1dGhvcml0eTFAMD4GA1UEAxM3SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl -c2VhcmNoIEluc3RpdHV0aW9ucyBSb290Q0EgMjAxMTCCASIwDQYJKoZIhvcNAQEB -BQADggEPADCCAQoCggEBAKlTAOMupvaO+mDYLZU++CwqVE7NuYRhlFhPjz2L5EPz -dYmNUeTDN9KKiE15HrcS3UN4SoqS5tdI1Q+kOilENbgH9mgdVc04UfCMJDGFr4PJ -fel3r+0ae50X+bOdOFAPplp5kYCvN66m0zH7tSYJnTxa71HFK9+WXesyHgLacEns -bgzImjeN9/E2YEsmLIKe0HjzDQ9jpFEw4fkrJxIH2Oq9GGKYsFk3fb7u8yBRQlqD -75O6aRXxYp2fmTmCobd0LovUxQt7L/DICto9eQqakxylKHJzkUOap9FNhYS5qXSP -FEDH3N6sQWRstBmbAmNtJGSPRLIl6s5ddAxjMlyNh+UCAwEAAaOBiTCBhjAPBgNV -HRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQUppFC/RNhSiOeCKQp -5dgTBCPuQSUwRwYDVR0eBEAwPqA8MAWCAy5ncjAFggMuZXUwBoIELmVkdTAGggQu -b3JnMAWBAy5ncjAFgQMuZXUwBoEELmVkdTAGgQQub3JnMA0GCSqGSIb3DQEBBQUA -A4IBAQAf73lB4XtuP7KMhjdCSk4cNx6NZrokgclPEg8hwAOXhiVtXdMiKahsog2p -6z0GW5k6x8zDmjR/qw7IThzh+uTczQ2+vyT+bOdrwg3IBp5OjWEopmr95fZi6hg8 -TqBTnbI6nOulnJEWtk2C4AwFSKls9cz4y51JtPACpf1wA+2KIaWuE4ZJwzNzvoc7 -dIsXRSZMFpGD/md9zU1jZ/rzAxKWeAaNsWftjj++n08C9bMJL/NMh98qy5V8Acys -Nnq/onN694/BtZqhFLKPM58N7yLcZnuEvUUXBj08yrl3NI/K6s8/MT7jiOOASSXI -l7WdmplNsDz4SgCbZN2fOUvRJ9e4 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIGCzCCA/OgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBpjELMAkGA1UEBhMCR1Ix -DzANBgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNhZGVtaWMgYW5k -IFJlc2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRob3JpdHkxQDA+BgNVBAMT -N0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgUm9v -dENBIDIwMTUwHhcNMTUwNzA3MTAxMTIxWhcNNDAwNjMwMTAxMTIxWjCBpjELMAkG -A1UEBhMCR1IxDzANBgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNh -ZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRob3JpdHkx -QDA+BgNVBAMTN0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1 -dGlvbnMgUm9vdENBIDIwMTUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC -AQDC+Kk/G4n8PDwEXT2QNrCROnk8ZlrvbTkBSRq0t89/TSNTt5AA4xMqKKYx8ZEA -4yjsriFBzh/a/X0SWwGDD7mwX5nh8hKDgE0GPt+sr+ehiGsxr/CL0BgzuNtFajT0 -AoAkKAoCFZVedioNmToUW/bLy1O8E00BiDeUJRtCvCLYjqOWXjrZMts+6PAQZe10 -4S+nfK8nNLspfZu2zwnI5dMK/IhlZXQK3HMcXM1AsRzUtoSMTFDPaI6oWa7CJ06C -ojXdFPQf/7J31Ycvqm59JCfnxssm5uX+Zwdj2EUN3TpZZTlYepKZcj2chF6IIbjV -9Cz82XBST3i4vTwri5WY9bPRaM8gFH5MXF/ni+X1NYEZN9cRCLdmvtNKzoNXADrD -gfgXy5I2XdGj2HUb4Ysn6npIQf1FGQatJ5lOwXBH3bWfgVMS5bGMSF0xQxfjjMZ6 -Y5ZLKTBOhE5iGV48zpeQpX8B653g+IuJ3SWYPZK2fu/Z8VFRfS0myGlZYeCsargq -NhEEelC9MoS+L9xy1dcdFkfkR2YgP/SWxa+OAXqlD3pk9Q0Yh9muiNX6hME6wGko -LfINaFGq46V3xqSQDqE3izEjR8EJCOtu93ib14L8hCCZSRm2Ekax+0VVFqmjZayc -Bw/qa9wfLgZy7IaIEuQt218FL+TwA9MmM+eAws1CoRc0CwIDAQABo0IwQDAPBgNV -HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUcRVnyMjJvXVd -ctA4GGqd83EkVAswDQYJKoZIhvcNAQELBQADggIBAHW7bVRLqhBYRjTyYtcWNl0I -XtVsyIe9tC5G8jH4fOpCtZMWVdyhDBKg2mF+D1hYc2Ryx+hFjtyp8iY/xnmMsVMI -M4GwVhO+5lFc2JsKT0ucVlMC6U/2DWDqTUJV6HwbISHTGzrMd/K4kPFox/la/vot -9L/J9UUbzjgQKjeKeaO04wlshYaT/4mWJ3iBj2fjRnRUjtkNaeJK9E10A/+yd+2V -Z5fkscWrv2oj6NSU4kQoYsRL4vDY4ilrGnB+JGGTe08DMiUNRSQrlrRGar9KC/ea -j8GsGsVn82800vpzY4zvFrCopEYq+OsS7HK07/grfoxSwIuEVPkvPuNVqNxmsdnh -X9izjFk0WaSrT2y7HxjbdavYy5LNlDhhDgcGH0tGEPEVvo2FXDtKK4F5D7Rpn0lQ -l033DlZdwJVqwjbDG2jJ9SrcR5q+ss7FJej6A7na+RZukYT1HCjI/CbM1xyQVqdf -bzoEvM14iQuODy+jqk+iGxI9FghAD/FGTNeqewjBCvVtJ94Cj8rDtSvK6evIIVM4 -pcw72Hc3MKJP2W/R8kCtQXoXxdZKNYm3QdV8hn9VTYNKpXMgwDqvkPGaJI7ZjnHK -e7iG2rKPmT4dEw0SEe7Uq/DpFXYC5ODfqiAeW2GFZECpkJcNrVPSWh2HagCXZWK0 -vm9qp/UsQu0yrbYhnr68 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDMDCCAhigAwIBAgICA+gwDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UEBhMCSEsx -FjAUBgNVBAoTDUhvbmdrb25nIFBvc3QxIDAeBgNVBAMTF0hvbmdrb25nIFBvc3Qg -Um9vdCBDQSAxMB4XDTAzMDUxNTA1MTMxNFoXDTIzMDUxNTA0NTIyOVowRzELMAkG -A1UEBhMCSEsxFjAUBgNVBAoTDUhvbmdrb25nIFBvc3QxIDAeBgNVBAMTF0hvbmdr -b25nIFBvc3QgUm9vdCBDQSAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC -AQEArP84tulmAknjorThkPlAj3n54r15/gK97iSSHSL22oVyaf7XPwnU3ZG1ApzQ -jVrhVcNQhrkpJsLj2aDxaQMoIIBFIi1WpztUlVYiWR8o3x8gPW2iNr4joLFutbEn -PzlTCeqrauh0ssJlXI6/fMN4hM2eFvz1Lk8gKgifd/PFHsSaUmYeSF7jEAaPIpjh -ZY4bXSNmO7ilMlHIhqqhqZ5/dpTCpmy3QfDVyAY45tQM4vM7TG1QjMSDJ8EThFk9 -nnV0ttgCXjqQesBCNnLsak3c78QA3xMYV18meMjWCnl3v/evt3a5pQuEF10Q6m/h -q5URX208o1xNg1vysxmKgIsLhwIDAQABoyYwJDASBgNVHRMBAf8ECDAGAQH/AgED -MA4GA1UdDwEB/wQEAwIBxjANBgkqhkiG9w0BAQUFAAOCAQEADkbVPK7ih9legYsC -mEEIjEy82tvuJxuC52pF7BaLT4Wg87JwvVqWuspube5Gi27nKi6Wsxkz67SfqLI3 -7piol7Yutmcn1KZJ/RyTZXaeQi/cImyaT/JaFTmxcdcrUehtHJjA2Sr0oYJ71clB -oiMBdDhViw+5LmeiIAQ32pwL0xch4I+XeTRvhEgCIDMb5jREn5Fw9IBehEPCKdJs -EhTkYY2sEJCehFC78JZvRZ+K88psT/oROhUVRsPNH4NbLUES7VBnQRM9IauUiqpO -fMGx+6fWtScvl6tu4B3i0RwsH0Ti/L6RoZz71ilTc4afU9hDDl3WY4JxHYB0yvbi -AmvZWg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw -TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh -cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4 -WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu -ZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY -MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc -h77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+ -0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U -A5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW -T8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH -B5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC -B5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv -KBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn -OlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn -jh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw -qHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI -rU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV -HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq -hkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL -ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ -3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK -NFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5 -ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur -TkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC -jNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc -oyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq -4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA -mRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d -emyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFYDCCA0igAwIBAgIQCgFCgAAAAUUjyES1AAAAAjANBgkqhkiG9w0BAQsFADBK -MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MScwJQYDVQQDEx5JZGVu -VHJ1c3QgQ29tbWVyY2lhbCBSb290IENBIDEwHhcNMTQwMTE2MTgxMjIzWhcNMzQw -MTE2MTgxMjIzWjBKMQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MScw -JQYDVQQDEx5JZGVuVHJ1c3QgQ29tbWVyY2lhbCBSb290IENBIDEwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQCnUBneP5k91DNG8W9RYYKyqU+PZ4ldhNlT -3Qwo2dfw/66VQ3KZ+bVdfIrBQuExUHTRgQ18zZshq0PirK1ehm7zCYofWjK9ouuU -+ehcCuz/mNKvcbO0U59Oh++SvL3sTzIwiEsXXlfEU8L2ApeN2WIrvyQfYo3fw7gp -S0l4PJNgiCL8mdo2yMKi1CxUAGc1bnO/AljwpN3lsKImesrgNqUZFvX9t++uP0D1 -bVoE/c40yiTcdCMbXTMTEl3EASX2MN0CXZ/g1Ue9tOsbobtJSdifWwLziuQkkORi -T0/Br4sOdBeo0XKIanoBScy0RnnGF7HamB4HWfp1IYVl3ZBWzvurpWCdxJ35UrCL -vYf5jysjCiN2O/cz4ckA82n5S6LgTrx+kzmEB/dEcH7+B1rlsazRGMzyNeVJSQjK -Vsk9+w8YfYs7wRPCTY/JTw436R+hDmrfYi7LNQZReSzIJTj0+kuniVyc0uMNOYZK -dHzVWYfCP04MXFL0PfdSgvHqo6z9STQaKPNBiDoT7uje/5kdX7rL6B7yuVBgwDHT -c+XvvqDtMwt0viAgxGds8AgDelWAf0ZOlqf0Hj7h9tgJ4TNkK2PXMl6f+cB7D3hv -l7yTmvmcEpB4eoCHFddydJxVdHixuuFucAS6T6C6aMN7/zHwcz09lCqxC0EOoP5N -iGVreTO01wIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB -/zAdBgNVHQ4EFgQU7UQZwNPwBovupHu+QucmVMiONnYwDQYJKoZIhvcNAQELBQAD -ggIBAA2ukDL2pkt8RHYZYR4nKM1eVO8lvOMIkPkp165oCOGUAFjvLi5+U1KMtlwH -6oi6mYtQlNeCgN9hCQCTrQ0U5s7B8jeUeLBfnLOic7iPBZM4zY0+sLj7wM+x8uwt -LRvM7Kqas6pgghstO8OEPVeKlh6cdbjTMM1gCIOQ045U8U1mwF10A0Cj7oV+wh93 -nAbowacYXVKV7cndJZ5t+qntozo00Fl72u1Q8zW/7esUTTHHYPTa8Yec4kjixsU3 -+wYQ+nVZZjFHKdp2mhzpgq7vmrlR94gjmmmVYjzlVYA211QC//G5Xc7UI2/YRYRK -W2XviQzdFKcgyxilJbQN+QHwotL0AMh0jqEqSI5l2xPE4iUXfeu+h1sXIFRRk0pT -AwvsXcoz7WL9RccvW9xYoIA55vrX/hMUpu09lEpCdNTDd1lzzY9GvlU47/rokTLq -l1gEIt44w8y8bckzOmoKaT+gyOpyj4xjhiO9bTyWnpXgSUyqorkqG5w2gXjtw+hG -4iZZRHUe2XWJUc0QhJ1hYMtd+ZciTY6Y5uN/9lu7rs3KSoFrXgvzUeF0K+l+J6fZ -mUlO+KWA2yUPHGNiiskzZ2s8EIPGrd6ozRaOjfAHN3Gf8qv8QfXBi+wAN10J5U6A -7/qxXDgGpRtK4dw4LTzcqx+QGtVKnO7RcGzM7vRX+Bi6hG6H ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFZjCCA06gAwIBAgIQCgFCgAAAAUUjz0Z8AAAAAjANBgkqhkiG9w0BAQsFADBN -MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MSowKAYDVQQDEyFJZGVu -VHJ1c3QgUHVibGljIFNlY3RvciBSb290IENBIDEwHhcNMTQwMTE2MTc1MzMyWhcN -MzQwMTE2MTc1MzMyWjBNMQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0 -MSowKAYDVQQDEyFJZGVuVHJ1c3QgUHVibGljIFNlY3RvciBSb290IENBIDEwggIi -MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC2IpT8pEiv6EdrCvsnduTyP4o7 -ekosMSqMjbCpwzFrqHd2hCa2rIFCDQjrVVi7evi8ZX3yoG2LqEfpYnYeEe4IFNGy -RBb06tD6Hi9e28tzQa68ALBKK0CyrOE7S8ItneShm+waOh7wCLPQ5CQ1B5+ctMlS -bdsHyo+1W/CD80/HLaXIrcuVIKQxKFdYWuSNG5qrng0M8gozOSI5Cpcu81N3uURF -/YTLNiCBWS2ab21ISGHKTN9T0a9SvESfqy9rg3LvdYDaBjMbXcjaY8ZNzaxmMc3R -3j6HEDbhuaR672BQssvKplbgN6+rNBM5Jeg5ZuSYeqoSmJxZZoY+rfGwyj4GD3vw -EUs3oERte8uojHH01bWRNszwFcYr3lEXsZdMUD2xlVl8BX0tIdUAvwFnol57plzy -9yLxkA2T26pEUWbMfXYD62qoKjgZl3YNa4ph+bz27nb9cCvdKTz4Ch5bQhyLVi9V -GxyhLrXHFub4qjySjmm2AcG1hp2JDws4lFTo6tyePSW8Uybt1as5qsVATFSrsrTZ -2fjXctscvG29ZV/viDUqZi/u9rNl8DONfJhBaUYPQxxp+pu10GFqzcpL2UyQRqsV -WaFHVCkugyhfHMKiq3IXAAaOReyL4jM9f9oZRORicsPfIsbyVtTdX5Vy7W1f90gD -W/3FKqD2cyOEEBsB5wIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/ -BAUwAwEB/zAdBgNVHQ4EFgQU43HgntinQtnbcZFrlJPrw6PRFKMwDQYJKoZIhvcN -AQELBQADggIBAEf63QqwEZE4rU1d9+UOl1QZgkiHVIyqZJnYWv6IAcVYpZmxI1Qj -t2odIFflAWJBF9MJ23XLblSQdf4an4EKwt3X9wnQW3IV5B4Jaj0z8yGa5hV+rVHV -DRDtfULAj+7AmgjVQdZcDiFpboBhDhXAuM/FSRJSzL46zNQuOAXeNf0fb7iAaJg9 -TaDKQGXSc3z1i9kKlT/YPyNtGtEqJBnZhbMX73huqVjRI9PHE+1yJX9dsXNw0H8G -lwmEKYBhHfpe/3OsoOOJuBxxFcbeMX8S3OFtm6/n6J91eEyrRjuazr8FGF1NFTwW -mhlQBJqymm9li1JfPFgEKCXAZmExfrngdbkaqIHWchezxQMxNRF4eKLg6TCMf4Df -WN88uieW4oA0beOY02QnrEh+KHdcxiVhJfiFDGX6xDIvpZgF5PgLZxYWxoK4Mhn5 -+bl53B/N66+rDt0b20XkeucC4pVd/GnwU2lhlXV5C15V5jgclKlZM57IcXR5f1GJ -tshquDDIajjDbp7hNxbqBWJMWxJH7ae0s1hWx0nzfxJoCTFx8G34Tkf71oXuxVhA -GaQdp/lLQzfcaFpPz+vCZHTetBXZ9FRUGi8c15dxVJCO2SCdUyt/q4/i6jC8UDfv -8Ue1fXwsBOxonbRJRBD0ckscZOf85muQ3Wl9af0AVqW3rLatt8o+Ae+c ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF8TCCA9mgAwIBAgIQALC3WhZIX7/hy/WL1xnmfTANBgkqhkiG9w0BAQsFADA4 -MQswCQYDVQQGEwJFUzEUMBIGA1UECgwLSVpFTlBFIFMuQS4xEzARBgNVBAMMCkl6 -ZW5wZS5jb20wHhcNMDcxMjEzMTMwODI4WhcNMzcxMjEzMDgyNzI1WjA4MQswCQYD -VQQGEwJFUzEUMBIGA1UECgwLSVpFTlBFIFMuQS4xEzARBgNVBAMMCkl6ZW5wZS5j -b20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDJ03rKDx6sp4boFmVq -scIbRTJxldn+EFvMr+eleQGPicPK8lVx93e+d5TzcqQsRNiekpsUOqHnJJAKClaO -xdgmlOHZSOEtPtoKct2jmRXagaKH9HtuJneJWK3W6wyyQXpzbm3benhB6QiIEn6H -LmYRY2xU+zydcsC8Lv/Ct90NduM61/e0aL6i9eOBbsFGb12N4E3GVFWJGjMxCrFX -uaOKmMPsOzTFlUFpfnXCPCDFYbpRR6AgkJOhkEvzTnyFRVSa0QUmQbC1TR0zvsQD -yCV8wXDbO/QJLVQnSKwv4cSsPsjLkkxTOTcj7NMB+eAJRE1NZMDhDVqHIrytG6P+ -JrUV86f8hBnp7KGItERphIPzidF0BqnMC9bC3ieFUCbKF7jJeodWLBoBHmy+E60Q -rLUk9TiRodZL2vG70t5HtfG8gfZZa88ZU+mNFctKy6lvROUbQc/hhqfK0GqfvEyN -BjNaooXlkDWgYlwWTvDjovoDGrQscbNYLN57C9saD+veIR8GdwYDsMnvmfzAuU8L -hij+0rnq49qlw0dpEuDb8PYZi+17cNcC1u2HGCgsBCRMd+RIihrGO5rUD8r6ddIB -QFqNeb+Lz0vPqhbBleStTIo+F5HUsWLlguWABKQDfo2/2n+iD5dPDNMN+9fR5XJ+ -HMh3/1uaD7euBUbl8agW7EekFwIDAQABo4H2MIHzMIGwBgNVHREEgagwgaWBD2lu -Zm9AaXplbnBlLmNvbaSBkTCBjjFHMEUGA1UECgw+SVpFTlBFIFMuQS4gLSBDSUYg -QTAxMzM3MjYwLVJNZXJjLlZpdG9yaWEtR2FzdGVpeiBUMTA1NSBGNjIgUzgxQzBB -BgNVBAkMOkF2ZGEgZGVsIE1lZGl0ZXJyYW5lbyBFdG9yYmlkZWEgMTQgLSAwMTAx -MCBWaXRvcmlhLUdhc3RlaXowDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC -AQYwHQYDVR0OBBYEFB0cZQ6o8iV7tJHP5LGx5r1VdGwFMA0GCSqGSIb3DQEBCwUA -A4ICAQB4pgwWSp9MiDrAyw6lFn2fuUhfGI8NYjb2zRlrrKvV9pF9rnHzP7MOeIWb -laQnIUdCSnxIOvVFfLMMjlF4rJUT3sb9fbgakEyrkgPH7UIBzg/YsfqikuFgba56 -awmqxinuaElnMIAkejEWOVt+8Rwu3WwJrfIxwYJOubv5vr8qhT/AQKM6WfxZSzwo -JNu0FXWuDYi6LnPAvViH5ULy617uHjAimcs30cQhbIHsvm0m5hzkQiCeR7Csg1lw -LDXWrzY0tM07+DKo7+N4ifuNRSzanLh+QBxh5z6ikixL8s36mLYp//Pye6kfLqCT -VyvehQP5aTfLnnhqBbTFMXiJ7HqnheG5ezzevh55hM6fcA5ZwjUukCox2eRFekGk -LhObNA5me0mrZJfQRsN5nXJQY6aYWwa9SG3YOYNw6DXwBdGqvOPbyALqfP2C2sJb -UjWumDqtujWTI6cfSN01RpiyEGjkpTHCClguGYEQyVB1/OpaFs4R1+7vUIgtYf8/ -QnMFlEPVjjxOAToZpR9GTnfQXeWBIiGH/pR9hNiTrdZoQ0iy2+tzJOeRf1SktoA+ -naM8THLCV8Sg1Mw4J87VBp6iSNnpn86CcDaTmjvfliHjWbcM2pE38P1ZWrOZyGls -QyYBNWNgVYkDOnXYukrZVP/u3oDYLdE41V4tC5h9Pmzb/CaIxw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFwzCCA6ugAwIBAgIUCn6m30tEntpqJIWe5rgV0xZ/u7EwDQYJKoZIhvcNAQEL -BQAwRjELMAkGA1UEBhMCTFUxFjAUBgNVBAoMDUx1eFRydXN0IFMuQS4xHzAdBgNV -BAMMFkx1eFRydXN0IEdsb2JhbCBSb290IDIwHhcNMTUwMzA1MTMyMTU3WhcNMzUw -MzA1MTMyMTU3WjBGMQswCQYDVQQGEwJMVTEWMBQGA1UECgwNTHV4VHJ1c3QgUy5B -LjEfMB0GA1UEAwwWTHV4VHJ1c3QgR2xvYmFsIFJvb3QgMjCCAiIwDQYJKoZIhvcN -AQEBBQADggIPADCCAgoCggIBANeFl78RmOnwYoNMPIf5U2o3C/IPPIfOb9wmKb3F -ibrJgz337spbxm1Jc7TJRqMbNBM/wYlFV/TZsfs2ZUv7COJIcRHIbjuend+JZTem -hfY7RBi2xjcwYkSSl2l9QjAk5A0MiWtj3sXh306pFGxT4GHO9hcvHTy95iJMHZP1 -EMShduxq3sVs35a0VkBCwGKSMKEtFZSg0iAGCW5qbeXrt77U8PEVfIvmTroTzEsn -Xpk8F12PgX8zPU/TPxvsXD/wPEx1bvKm1Z3aLQdjAsZy6ZS8TEmVT4hSyNvoaYL4 -zDRbIvCGp4m9SAptZoFtyMhk+wHh9OHe2Z7d21vUKpkmFRseTJIpgp7VkoGSQXAZ -96Tlk0u8d2cx3Rz9MXANF5kM+Qw5GSoXtTBxVdUPrljhPS80m8+f9niFwpN6cj5m -j5wWEWCPnolvZ77gR1o7DJpni89Gxq44o/KnvObWhWszJHAiS8sIm7vI+AIpHb4g -DEa/a4ebsypmQjVGbKq6rfmYe+lQVRQxv7HaLe2ArWgk+2mr2HETMOZns4dA/Yl+ -8kPREd8vZS9kzl8UubG/Mb2HeFpZZYiq/FkySIbWTLkpS5XTdvN3JW1CHDiDTf2j -X5t/Lax5Gw5CMZdjpPuKadUiDTSQMC6otOBttpSsvItO13D8xTiOZCXhTTmQzsmH -hFhxAgMBAAGjgagwgaUwDwYDVR0TAQH/BAUwAwEB/zBCBgNVHSAEOzA5MDcGByuB -KwEBAQowLDAqBggrBgEFBQcCARYeaHR0cHM6Ly9yZXBvc2l0b3J5Lmx1eHRydXN0 -Lmx1MA4GA1UdDwEB/wQEAwIBBjAfBgNVHSMEGDAWgBT/GCh2+UgFLKGu8SsbK7JT -+Et8szAdBgNVHQ4EFgQU/xgodvlIBSyhrvErGyuyU/hLfLMwDQYJKoZIhvcNAQEL -BQADggIBAGoZFO1uecEsh9QNcH7X9njJCwROxLHOk3D+sFTAMs2ZMGQXvw/l4jP9 -BzZAcg4atmpZ1gDlaCDdLnINH2pkMSCEfUmmWjfrRcmF9dTHF5kH5ptV5AzoqbTO -jFu1EVzPig4N1qx3gf4ynCSecs5U89BvolbW7MM3LGVYvlcAGvI1+ut7MV3CwRI9 -loGIlonBWVx65n9wNOeD4rHh4bhY79SV5GCc8JaXcozrhAIuZY+kt9J/Z93I055c -qqmkoCUUBpvsT34tC38ddfEz2O3OuHVtPlu5mB0xDVbYQw8wkbIEa91WvpWAVWe+ -2M2D2RjuLg+GLZKecBPs3lHJQ3gCpU3I+V/EkVhGFndadKpAvAefMLmx9xIX3eP/ -JEAdemrRTxgKqpAd60Ae36EeRJIQmvKN4dFLRp7oRUKX6kWZ8+xm1QL68qZKJKre -zrnK+T+Tb/mjuuqlPpmt/f97mfVl7vBZKGfXkJWkE4SphMHozs51k2MavDzq1WQf -LSoSOcbDWjLtR5EWDrw4wVDej8oqkDQc7kGUnF4ZLvhFSZl0kbAEb+MEWrGrKqv+ -x9CWttrhSmQGbmBNvUJO/3jaJMobtNeWOWyu8Q6qp31IiyBMz2TWuJdGsE7RKlY6 -oJO9r4Ak4Ap+58rVyuiFVdw2KuGUaJPHZnJED4AhMmwlxyOAgwrr ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIECjCCAvKgAwIBAgIJAMJ+QwRORz8ZMA0GCSqGSIb3DQEBCwUAMIGCMQswCQYD -VQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0 -ZC4xJzAlBgNVBAMMHk1pY3Jvc2VjIGUtU3ppZ25vIFJvb3QgQ0EgMjAwOTEfMB0G -CSqGSIb3DQEJARYQaW5mb0BlLXN6aWduby5odTAeFw0wOTA2MTYxMTMwMThaFw0y -OTEyMzAxMTMwMThaMIGCMQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3Qx -FjAUBgNVBAoMDU1pY3Jvc2VjIEx0ZC4xJzAlBgNVBAMMHk1pY3Jvc2VjIGUtU3pp -Z25vIFJvb3QgQ0EgMjAwOTEfMB0GCSqGSIb3DQEJARYQaW5mb0BlLXN6aWduby5o -dTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOn4j/NjrdqG2KfgQvvP -kd6mJviZpWNwrZuuyjNAfW2WbqEORO7hE52UQlKavXWFdCyoDh2Tthi3jCyoz/tc -cbna7P7ofo/kLx2yqHWH2Leh5TvPmUpG0IMZfcChEhyVbUr02MelTTMuhTlAdX4U -fIASmFDHQWe4oIBhVKZsTh/gnQ4H6cm6M+f+wFUoLAKApxn1ntxVUwOXewdI/5n7 -N4okxFnMUBBjjqqpGrCEGob5X7uxUG6k0QrM1XF+H6cbfPVTbiJfyyvm1HxdrtbC -xkzlBQHZ7Vf8wSN5/PrIJIOV87VqUQHQd9bpEqH5GoP7ghu5sJf0dgYzQ0mg/wu1 -+rUCAwEAAaOBgDB+MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0G -A1UdDgQWBBTLD8bfQkPMPcu1SCOhGnqmKrs0aDAfBgNVHSMEGDAWgBTLD8bfQkPM -Pcu1SCOhGnqmKrs0aDAbBgNVHREEFDASgRBpbmZvQGUtc3ppZ25vLmh1MA0GCSqG -SIb3DQEBCwUAA4IBAQDJ0Q5eLtXMs3w+y/w9/w0olZMEyL/azXm4Q5DwpL7v8u8h -mLzU1F0G9u5C7DBsoKqpyvGvivo/C3NqPuouQH4frlRheesuCDfXI/OMn74dseGk -ddug4lQUsbocKaQY9hK6ohQU4zE1yED/t+AFdlfBHFny+L/k7SViXITwfn4fs775 -tyERzAMBVnCnEJIeGzSBHq2cGsMEPO0CYdYeBvNfOofyK/FFh+U9rNHHV4S9a67c -2Pm2G2JwCz02yULyMtd6YebS2z3PyKnJm9zbWETXbzivf3jTo60adbocwTZ8jx5t -HMN1Rq41Bab2XD0h7lbwyYIiLXpUq3DDfSJlgnCW ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEFTCCAv2gAwIBAgIGSUEs5AAQMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQG -EwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3 -MDUGA1UECwwuVGFuw7pzw610dsOhbnlraWFkw7NrIChDZXJ0aWZpY2F0aW9uIFNl -cnZpY2VzKTE1MDMGA1UEAwwsTmV0TG9jayBBcmFueSAoQ2xhc3MgR29sZCkgRsWR -dGFuw7pzw610dsOhbnkwHhcNMDgxMjExMTUwODIxWhcNMjgxMjA2MTUwODIxWjCB -pzELMAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRUwEwYDVQQKDAxOZXRM -b2NrIEtmdC4xNzA1BgNVBAsMLlRhbsO6c8OtdHbDoW55a2lhZMOzayAoQ2VydGlm -aWNhdGlvbiBTZXJ2aWNlcykxNTAzBgNVBAMMLE5ldExvY2sgQXJhbnkgKENsYXNz -IEdvbGQpIEbFkXRhbsO6c8OtdHbDoW55MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A -MIIBCgKCAQEAxCRec75LbRTDofTjl5Bu0jBFHjzuZ9lk4BqKf8owyoPjIMHj9DrT -lF8afFttvzBPhCf2nx9JvMaZCpDyD/V/Q4Q3Y1GLeqVw/HpYzY6b7cNGbIRwXdrz -AZAj/E4wqX7hJ2Pn7WQ8oLjJM2P+FpD/sLj916jAwJRDC7bVWaaeVtAkH3B5r9s5 -VA1lddkVQZQBr17s9o3x/61k/iCa11zr/qYfCGSji3ZVrR47KGAuhyXoqq8fxmRG -ILdwfzzeSNuWU7c5d+Qa4scWhHaXWy+7GRWF+GmF9ZmnqfI0p6m2pgP8b4Y9VHx2 -BJtr+UBdADTHLpl1neWIA6pN+APSQnbAGwIDAKiLo0UwQzASBgNVHRMBAf8ECDAG -AQH/AgEEMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUzPpnk/C2uNClwB7zU/2M -U9+D15YwDQYJKoZIhvcNAQELBQADggEBAKt/7hwWqZw8UQCgwBEIBaeZ5m8BiFRh -bvG5GK1Krf6BQCOUL/t1fC8oS2IkgYIL9WHxHG64YTjrgfpioTtaYtOUZcTh5m2C -+C8lcLIhJsFyUR+MLMOEkMNaj7rP9KdlpeuY0fsFskZ1FSNqb4VjMIDw1Z4fKRzC -bLBQWV2QWzuoDTDPv31/zvGdg73JRm4gpvlhUbohL3u+pRVjodSVh/GeufOJ8z2F -uLjbvrW5KfnaNwUASZQDhETnv0Mxz3WLJdH0pmT1kvarBes96aULNmLazAZfNou2 -XjG4Kvte9nHfRCaexOYNkbQudZWAUWpLMKawYqGT8ZvYzsRjdT9ZR7E= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID5jCCAs6gAwIBAgIQV8szb8JcFuZHFhfjkDFo4DANBgkqhkiG9w0BAQUFADBi -MQswCQYDVQQGEwJVUzEhMB8GA1UEChMYTmV0d29yayBTb2x1dGlvbnMgTC5MLkMu -MTAwLgYDVQQDEydOZXR3b3JrIFNvbHV0aW9ucyBDZXJ0aWZpY2F0ZSBBdXRob3Jp -dHkwHhcNMDYxMjAxMDAwMDAwWhcNMjkxMjMxMjM1OTU5WjBiMQswCQYDVQQGEwJV -UzEhMB8GA1UEChMYTmV0d29yayBTb2x1dGlvbnMgTC5MLkMuMTAwLgYDVQQDEydO -ZXR3b3JrIFNvbHV0aW9ucyBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkvH6SMG3G2I4rC7xGzuAnlt7e+foS0zwz -c7MEL7xxjOWftiJgPl9dzgn/ggwbmlFQGiaJ3dVhXRncEg8tCqJDXRfQNJIg6nPP -OCwGJgl6cvf6UDL4wpPTaaIjzkGxzOTVHzbRijr4jGPiFFlp7Q3Tf2vouAPlT2rl -mGNpSAW+Lv8ztumXWWn4Zxmuk2GWRBXTcrA/vGp97Eh/jcOrqnErU2lBUzS1sLnF -BgrEsEX1QV1uiUV7PTsmjHTC5dLRfbIR1PtYMiKagMnc/Qzpf14Dl847ABSHJ3A4 -qY5usyd2mFHgBeMhqxrVhSI8KbWaFsWAqPS7azCPL0YCorEMIuDTAgMBAAGjgZcw -gZQwHQYDVR0OBBYEFCEwyfsA106Y2oeqKtCnLrFAMadMMA4GA1UdDwEB/wQEAwIB -BjAPBgNVHRMBAf8EBTADAQH/MFIGA1UdHwRLMEkwR6BFoEOGQWh0dHA6Ly9jcmwu -bmV0c29sc3NsLmNvbS9OZXR3b3JrU29sdXRpb25zQ2VydGlmaWNhdGVBdXRob3Jp -dHkuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQC7rkvnt1frf6ott3NHhWrB5KUd5Oc8 -6fRZZXe1eltajSU24HqXLjjAV2CDmAaDn7l2em5Q4LqILPxFzBiwmZVRDuwduIj/ -h1AcgsLj4DKAv6ALR8jDMe+ZZzKATxcheQxpXN5eNK4CtSbqUN9/GGUsyfJj4akH -/nxxH2szJGoeBfcFaMBqEssuXmHLrijTfsK0ZpEmXzwuJF/LWA/rKOyvEZbz3Htv -wKeI8lN3s2Berq4o2jUsbzRF0ybh3uxbTydrFny9RAQYgrOJeRcQcT16ohZO9QHN -pGxlaKFJdlxDydi8NmdspZS11My5vWo1ViHe2MPr+8ukYEywVaCge1ey ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID8TCCAtmgAwIBAgIQQT1yx/RrH4FDffHSKFTfmjANBgkqhkiG9w0BAQUFADCB -ijELMAkGA1UEBhMCQ0gxEDAOBgNVBAoTB1dJU2VLZXkxGzAZBgNVBAsTEkNvcHly -aWdodCAoYykgMjAwNTEiMCAGA1UECxMZT0lTVEUgRm91bmRhdGlvbiBFbmRvcnNl -ZDEoMCYGA1UEAxMfT0lTVEUgV0lTZUtleSBHbG9iYWwgUm9vdCBHQSBDQTAeFw0w -NTEyMTExNjAzNDRaFw0zNzEyMTExNjA5NTFaMIGKMQswCQYDVQQGEwJDSDEQMA4G -A1UEChMHV0lTZUtleTEbMBkGA1UECxMSQ29weXJpZ2h0IChjKSAyMDA1MSIwIAYD -VQQLExlPSVNURSBGb3VuZGF0aW9uIEVuZG9yc2VkMSgwJgYDVQQDEx9PSVNURSBX -SVNlS2V5IEdsb2JhbCBSb290IEdBIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A -MIIBCgKCAQEAy0+zAJs9Nt350UlqaxBJH+zYK7LG+DKBKUOVTJoZIyEVRd7jyBxR -VVuuk+g3/ytr6dTqvirdqFEr12bDYVxgAsj1znJ7O7jyTmUIms2kahnBAbtzptf2 -w93NvKSLtZlhuAGio9RN1AU9ka34tAhxZK9w8RxrfvbDd50kc3vkDIzh2TbhmYsF -mQvtRTEJysIA2/dyoJaqlYfQjse2YXMNdmaM3Bu0Y6Kff5MTMPGhJ9vZ/yxViJGg -4E8HsChWjBgbl0SOid3gF27nKu+POQoxhILYQBRJLnpB5Kf+42TMwVlxSywhp1t9 -4B3RLoGbw9ho972WG6xwsRYUC9tguSYBBQIDAQABo1EwTzALBgNVHQ8EBAMCAYYw -DwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUswN+rja8sHnR3JQmthG+IbJphpQw -EAYJKwYBBAGCNxUBBAMCAQAwDQYJKoZIhvcNAQEFBQADggEBAEuh/wuHbrP5wUOx -SPMowB0uyQlB+pQAHKSkq0lPjz0e701vvbyk9vImMMkQyh2I+3QZH4VFvbBsUfk2 -ftv1TDI6QU9bR8/oCy22xBmddMVHxjtqD6wU2zz0c5ypBd8A3HR4+vg1YFkCExh8 -vPtNsCBtQ7tgMHpnM1zFmdH4LTlSc/uMqpclXHLZCB6rTjzjgTGfA6b7wP4piFXa -hNVQA7bihKOmNqoROgHhGEvWRGizPflTdISzRpFGlgC3gCy24eMQ4tui5yiPAZZi -Fj4A4xylNoEYokxSdsARo27mHbrjWr42U8U+dY+GaSlYU7Wcu2+fXMUY7N0v4ZjJ -/L7fCg0= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDtTCCAp2gAwIBAgIQdrEgUnTwhYdGs/gjGvbCwDANBgkqhkiG9w0BAQsFADBt -MQswCQYDVQQGEwJDSDEQMA4GA1UEChMHV0lTZUtleTEiMCAGA1UECxMZT0lTVEUg -Rm91bmRhdGlvbiBFbmRvcnNlZDEoMCYGA1UEAxMfT0lTVEUgV0lTZUtleSBHbG9i -YWwgUm9vdCBHQiBDQTAeFw0xNDEyMDExNTAwMzJaFw0zOTEyMDExNTEwMzFaMG0x -CzAJBgNVBAYTAkNIMRAwDgYDVQQKEwdXSVNlS2V5MSIwIAYDVQQLExlPSVNURSBG -b3VuZGF0aW9uIEVuZG9yc2VkMSgwJgYDVQQDEx9PSVNURSBXSVNlS2V5IEdsb2Jh -bCBSb290IEdCIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Be3 -HEokKtaXscriHvt9OO+Y9bI5mE4nuBFde9IllIiCFSZqGzG7qFshISvYD06fWvGx -WuR51jIjK+FTzJlFXHtPrby/h0oLS5daqPZI7H17Dc0hBt+eFf1Biki3IPShehtX -1F1Q/7pn2COZH8g/497/b1t3sWtuuMlk9+HKQUYOKXHQuSP8yYFfTvdv37+ErXNk -u7dCjmn21HYdfp2nuFeKUWdy19SouJVUQHMD9ur06/4oQnc/nSMbsrY9gBQHTC5P -99UKFg29ZkM3fiNDecNAhvVMKdqOmq0NpQSHiB6F4+lT1ZvIiwNjeOvgGUpuuy9r -M2RYk61pv48b74JIxwIDAQABo1EwTzALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUw -AwEB/zAdBgNVHQ4EFgQUNQ/INmNe4qPs+TtmFc5RUuORmj0wEAYJKwYBBAGCNxUB -BAMCAQAwDQYJKoZIhvcNAQELBQADggEBAEBM+4eymYGQfp3FsLAmzYh7KzKNbrgh -cViXfa43FK8+5/ea4n32cZiZBKpDdHij40lhPnOMTZTg+XHEthYOU3gf1qKHLwI5 -gSk8rxWYITD+KJAAjNHhy/peyP34EEY7onhCkRd0VQreUGdNZtGn//3ZwLWoo4rO -ZvUPQ82nK1d7Y0Zqqi5S2PTt4W2tKZB4SLrhI6qjiey1q5bAtEuiHZeeevJuQHHf -aPFlTc58Bd9TZaml8LGXBHAVRgOY1NK/VLSgWH1Sb9pWJmLU2NuJMW8c8CLC02Ic -Nc1MaRVUGpCY3useX8p3x8uOPUNpnJpY0CQ73xtAln41rYHHTnG6iBM= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFbzCCA1egAwIBAgISESCzkFU5fX82bWTCp59rY45nMA0GCSqGSIb3DQEBCwUA -MEAxCzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9w -ZW5UcnVzdCBSb290IENBIEcxMB4XDTE0MDUyNjA4NDU1MFoXDTM4MDExNTAwMDAw -MFowQDELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCU9wZW5UcnVzdDEdMBsGA1UEAwwU -T3BlblRydXN0IFJvb3QgQ0EgRzEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK -AoICAQD4eUbalsUwXopxAy1wpLuwxQjczeY1wICkES3d5oeuXT2R0odsN7faYp6b -wiTXj/HbpqbfRm9RpnHLPhsxZ2L3EVs0J9V5ToybWL0iEA1cJwzdMOWo010hOHQX -/uMftk87ay3bfWAfjH1MBcLrARYVmBSO0ZB3Ij/swjm4eTrwSSTilZHcYTSSjFR0 -77F9jAHiOH3BX2pfJLKOYheteSCtqx234LSWSE9mQxAGFiQD4eCcjsZGT44ameGP -uY4zbGneWK2gDqdkVBFpRGZPTBKnjix9xNRbxQA0MMHZmf4yzgeEtE7NCv82TWLx -p2NX5Ntqp66/K7nJ5rInieV+mhxNaMbBGN4zK1FGSxyO9z0M+Yo0FMT7MzUj8czx -Kselu7Cizv5Ta01BG2Yospb6p64KTrk5M0ScdMGTHPjgniQlQ/GbI4Kq3ywgsNw2 -TgOzfALU5nsaqocTvz6hdLubDuHAk5/XpGbKuxs74zD0M1mKB3IDVedzagMxbm+W -G+Oin6+Sx+31QrclTDsTBM8clq8cIqPQqwWyTBIjUtz9GVsnnB47ev1CI9sjgBPw -vFEVVJSmdz7QdFG9URQIOTfLHzSpMJ1ShC5VkLG631UAC9hWLbFJSXKAqWLXwPYY -EQRVzXR7z2FwefR7LFxckvzluFqrTJOVoSfupb7PcSNCupt2LQIDAQABo2MwYTAO -BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUl0YhVyE1 -2jZVx/PxN3DlCPaTKbYwHwYDVR0jBBgwFoAUl0YhVyE12jZVx/PxN3DlCPaTKbYw -DQYJKoZIhvcNAQELBQADggIBAB3dAmB84DWn5ph76kTOZ0BP8pNuZtQ5iSas000E -PLuHIT839HEl2ku6q5aCgZG27dmxpGWX4m9kWaSW7mDKHyP7Rbr/jyTwyqkxf3kf -gLMtMrpkZ2CvuVnN35pJ06iCsfmYlIrM4LvgBBuZYLFGZdwIorJGnkSI6pN+VxbS -FXJfLkur1J1juONI5f6ELlgKn0Md/rcYkoZDSw6cMoYsYPXpSOqV7XAp8dUv/TW0 -V8/bhUiZucJvbI/NeJWsZCj9VrDDb8O+WVLhX4SPgPL0DTatdrOjteFkdjpY3H1P -XlZs5VVZV6Xf8YpmMIzUUmI4d7S+KNfKNsSbBfD4Fdvb8e80nR14SohWZ25g/4/I -i+GOvUKpMwpZQhISKvqxnUOOBZuZ2mKtVzazHbYNeS2WuOvyDEsMpZTGMKcmGS3t -TAZQMPH9WD25SxdfGbRqhFS0OE85og2WaMMolP3tLR9Ka0OWLpABEPs4poEL0L91 -09S5zvE/bw4cHjdx5RiHdRk/ULlepEU0rbDK5uUTdg8xFKmOLZTW1YVNcxVPS/Ky -Pu1svf0OnWZzsD2097+o4BGkxK51CUpjAEggpsadCwmKtODmzj7HPiY46SvepghJ -AwSQiumPv+i2tCqjI40cHLI5kqiPAlxAOXXUc0ECd97N4EOH1uS6SsNsEn/+KuYj -1oxx ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFbzCCA1egAwIBAgISESChaRu/vbm9UpaPI+hIvyYRMA0GCSqGSIb3DQEBDQUA -MEAxCzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9w -ZW5UcnVzdCBSb290IENBIEcyMB4XDTE0MDUyNjAwMDAwMFoXDTM4MDExNTAwMDAw -MFowQDELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCU9wZW5UcnVzdDEdMBsGA1UEAwwU -T3BlblRydXN0IFJvb3QgQ0EgRzIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK -AoICAQDMtlelM5QQgTJT32F+D3Y5z1zCU3UdSXqWON2ic2rxb95eolq5cSG+Ntmh -/LzubKh8NBpxGuga2F8ORAbtp+Dz0mEL4DKiltE48MLaARf85KxP6O6JHnSrT78e -CbY2albz4e6WiWYkBuTNQjpK3eCasMSCRbP+yatcfD7J6xcvDH1urqWPyKwlCm/6 -1UWY0jUJ9gNDlP7ZvyCVeYCYitmJNbtRG6Q3ffyZO6v/v6wNj0OxmXsWEH4db0fE -FY8ElggGQgT4hNYdvJGmQr5J1WqIP7wtUdGejeBSzFfdNTVY27SPJIjki9/ca1TS -gSuyzpJLHB9G+h3Ykst2Z7UJmQnlrBcUVXDGPKBWCgOz3GIZ38i1MH/1PCZ1Eb3X -G7OHngevZXHloM8apwkQHZOJZlvoPGIytbU6bumFAYueQ4xncyhZW+vj3CzMpSZy -YhK05pyDRPZRpOLAeiRXyg6lPzq1O4vldu5w5pLeFlwoW5cZJ5L+epJUzpM5ChaH -vGOz9bGTXOBut9Dq+WIyiET7vycotjCVXRIouZW+j1MY5aIYFuJWpLIsEPUdN6b4 -t/bQWVyJ98LVtZR00dX+G7bw5tYee9I8y6jj9RjzIR9u701oBnstXW5DiabA+aC/ -gh7PU3+06yzbXfZqfUAkBXKJOAGTy3HCOV0GEfZvePg3DTmEJwIDAQABo2MwYTAO -BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUajn6QiL3 -5okATV59M4PLuG53hq8wHwYDVR0jBBgwFoAUajn6QiL35okATV59M4PLuG53hq8w -DQYJKoZIhvcNAQENBQADggIBAJjLq0A85TMCl38th6aP1F5Kr7ge57tx+4BkJamz -Gj5oXScmp7oq4fBXgwpkTx4idBvpkF/wrM//T2h6OKQQbA2xx6R3gBi2oihEdqc0 -nXGEL8pZ0keImUEiyTCYYW49qKgFbdEfwFFEVn8nNQLdXpgKQuswv42hm1GqO+qT -RmTFAHneIWv2V6CG1wZy7HBGS4tz3aAhdT7cHcCP009zHIXZ/n9iyJVvttN7jLpT -wm+bREx50B1ws9efAvSyB7DH5fitIw6mVskpEndI2S9G/Tvw/HRwkqWOOAgfZDC2 -t0v7NqwQjqBSM2OdAzVWxWm9xiNaJ5T2pBL4LTM8oValX9YZ6e18CL13zSdkzJTa -TkZQh+D5wVOAHrut+0dSixv9ovneDiK3PTNZbNTe9ZUGMg1RGUFcPk8G97krgCf2 -o6p6fAbhQ8MTOWIaNr3gKC6UAuQpLmBVrkA9sHSSXvAgZJY/X0VdiLWK2gKgW0VU -3jg9CcCoSmVGFvyqv1ROTVu+OEO3KMqLM6oaJbolXCkvW0pujOotnCr2BXbgd5eA -iN1nE28daCSLT7d0geX0YJ96Vdc+N9oWaz53rK4YcJUIeSkDiv7BO7M/Gg+kO14f -WKGVyasvc0rQLW6aWQ9VGHgtPFGml4vmu7JwqkwR3v98KzfUetF3NI/n+UL3PIEM -S1IK ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICITCCAaagAwIBAgISESDm+Ez8JLC+BUCs2oMbNGA/MAoGCCqGSM49BAMDMEAx -CzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9wZW5U -cnVzdCBSb290IENBIEczMB4XDTE0MDUyNjAwMDAwMFoXDTM4MDExNTAwMDAwMFow -QDELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCU9wZW5UcnVzdDEdMBsGA1UEAwwUT3Bl -blRydXN0IFJvb3QgQ0EgRzMwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAARK7liuTcpm -3gY6oxH84Bjwbhy6LTAMidnW7ptzg6kjFYwvWYpa3RTqnVkrQ7cG7DK2uu5Bta1d -oYXM6h0UZqNnfkbilPPntlahFVmhTzeXuSIevRHr9LIfXsMUmuXZl5mjYzBhMA4G -A1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRHd8MUi2I5 -DMlv4VBN0BBY3JWIbTAfBgNVHSMEGDAWgBRHd8MUi2I5DMlv4VBN0BBY3JWIbTAK -BggqhkjOPQQDAwNpADBmAjEAj6jcnboMBBf6Fek9LykBl7+BFjNAk2z8+e2AcG+q -j9uEwov1NcoG3GRvaBbhj5G5AjEA2Euly8LQCGzpGPta3U1fJAuwACEl74+nBCZx -4nxp5V2a+EEfOzmTk51V6s2N8fvB ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF0DCCBLigAwIBAgIEOrZQizANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJC -TTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDElMCMGA1UECxMcUm9vdCBDZXJ0 -aWZpY2F0aW9uIEF1dGhvcml0eTEuMCwGA1UEAxMlUXVvVmFkaXMgUm9vdCBDZXJ0 -aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wMTAzMTkxODMzMzNaFw0yMTAzMTcxODMz -MzNaMH8xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMSUw -IwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MS4wLAYDVQQDEyVR -dW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG -9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2G1lVO6V/z68mcLOhrfEYBklbTRvM16z/Yp -li4kVEAkOPcahdxYTMukJ0KX0J+DisPkBgNbAKVRHnAEdOLB1Dqr1607BxgFjv2D -rOpm2RgbaIr1VxqYuvXtdj182d6UajtLF8HVj71lODqV0D1VNk7feVcxKh7YWWVJ -WCCYfqtffp/p1k3sg3Spx2zY7ilKhSoGFPlU5tPaZQeLYzcS19Dsw3sgQUSj7cug -F+FxZc4dZjH3dgEZyH0DWLaVSR2mEiboxgx24ONmy+pdpibu5cxfvWenAScOospU -xbF6lR1xHkopigPcakXBpBlebzbNw6Kwt/5cOOJSvPhEQ+aQuwIDAQABo4ICUjCC -Ak4wPQYIKwYBBQUHAQEEMTAvMC0GCCsGAQUFBzABhiFodHRwczovL29jc3AucXVv -dmFkaXNvZmZzaG9yZS5jb20wDwYDVR0TAQH/BAUwAwEB/zCCARoGA1UdIASCAREw -ggENMIIBCQYJKwYBBAG+WAABMIH7MIHUBggrBgEFBQcCAjCBxxqBxFJlbGlhbmNl -IG9uIHRoZSBRdW9WYWRpcyBSb290IENlcnRpZmljYXRlIGJ5IGFueSBwYXJ0eSBh -c3N1bWVzIGFjY2VwdGFuY2Ugb2YgdGhlIHRoZW4gYXBwbGljYWJsZSBzdGFuZGFy -ZCB0ZXJtcyBhbmQgY29uZGl0aW9ucyBvZiB1c2UsIGNlcnRpZmljYXRpb24gcHJh -Y3RpY2VzLCBhbmQgdGhlIFF1b1ZhZGlzIENlcnRpZmljYXRlIFBvbGljeS4wIgYI -KwYBBQUHAgEWFmh0dHA6Ly93d3cucXVvdmFkaXMuYm0wHQYDVR0OBBYEFItLbe3T -KbkGGew5Oanwl4Rqy+/fMIGuBgNVHSMEgaYwgaOAFItLbe3TKbkGGew5Oanwl4Rq -y+/foYGEpIGBMH8xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1p -dGVkMSUwIwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MS4wLAYD -VQQDEyVRdW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggQ6tlCL -MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAitQUtf70mpKnGdSk -fnIYj9lofFIk3WdvOXrEql494liwTXCYhGHoG+NpGA7O+0dQoE7/8CQfvbLO9Sf8 -7C9TqnN7Az10buYWnuulLsS/VidQK2K6vkscPFVcQR0kvoIgR13VRH56FmjffU1R -cHhXHTMe/QKZnAzNCgVPx7uOpHX6Sm2xgI4JVrmcGmD+XcHXetwReNDWXcG31a0y -mQM6isxUJTkxgXsTIlG6Rmyhu576BGxJJnSP0nPrzDCi5upZIof4l/UO/erMkqQW -xFIY6iHOsfHmhIHluqmGKPJDWl0Snawe2ajlCmqnf6CHKc/yiU3U7MXi5nrQNiOK -SnQ2+Q== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFYDCCA0igAwIBAgIUeFhfLq0sGUvjNwc1NBMotZbUZZMwDQYJKoZIhvcNAQEL -BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc -BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMSBHMzAeFw0xMjAxMTIxNzI3NDRaFw00 -MjAxMTIxNzI3NDRaMEgxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM -aW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDEgRzMwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQCgvlAQjunybEC0BJyFuTHK3C3kEakEPBtV -wedYMB0ktMPvhd6MLOHBPd+C5k+tR4ds7FtJwUrVu4/sh6x/gpqG7D0DmVIB0jWe -rNrwU8lmPNSsAgHaJNM7qAJGr6Qc4/hzWHa39g6QDbXwz8z6+cZM5cOGMAqNF341 -68Xfuw6cwI2H44g4hWf6Pser4BOcBRiYz5P1sZK0/CPTz9XEJ0ngnjybCKOLXSoh -4Pw5qlPafX7PGglTvF0FBM+hSo+LdoINofjSxxR3W5A2B4GbPgb6Ul5jxaYA/qXp -UhtStZI5cgMJYr2wYBZupt0lwgNm3fME0UDiTouG9G/lg6AnhF4EwfWQvTA9xO+o -abw4m6SkltFi2mnAAZauy8RRNOoMqv8hjlmPSlzkYZqn0ukqeI1RPToV7qJZjqlc -3sX5kCLliEVx3ZGZbHqfPT2YfF72vhZooF6uCyP8Wg+qInYtyaEQHeTTRCOQiJ/G -KubX9ZqzWB4vMIkIG1SitZgj7Ah3HJVdYdHLiZxfokqRmu8hqkkWCKi9YSgxyXSt -hfbZxbGL0eUQMk1fiyA6PEkfM4VZDdvLCXVDaXP7a3F98N/ETH3Goy7IlXnLc6KO -Tk0k+17kBL5yG6YnLUlamXrXXAkgt3+UuU/xDRxeiEIbEbfnkduebPRq34wGmAOt -zCjvpUfzUwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB -BjAdBgNVHQ4EFgQUo5fW816iEOGrRZ88F2Q87gFwnMwwDQYJKoZIhvcNAQELBQAD -ggIBABj6W3X8PnrHX3fHyt/PX8MSxEBd1DKquGrX1RUVRpgjpeaQWxiZTOOtQqOC -MTaIzen7xASWSIsBx40Bz1szBpZGZnQdT+3Btrm0DWHMY37XLneMlhwqI2hrhVd2 -cDMT/uFPpiN3GPoajOi9ZcnPP/TJF9zrx7zABC4tRi9pZsMbj/7sPtPKlL92CiUN -qXsCHKnQO18LwIE6PWThv6ctTr1NxNgpxiIY0MWscgKCP6o6ojoilzHdCGPDdRS5 -YCgtW2jgFqlmgiNR9etT2DGbe+m3nUvriBbP+V04ikkwj+3x6xn0dxoxGE1nVGwv -b2X52z3sIexe9PSLymBlVNFxZPT5pqOBMzYzcfCkeF9OrYMh3jRJjehZrJ3ydlo2 -8hP0r+AJx2EqbPfgna67hkooby7utHnNkDPDs3b69fBsnQGQ+p6Q9pxyz0fawx/k -NSBT8lTR32GDpgLiJTjehTItXnOQUl1CxM49S+H5GYQd1aJQzEH7QRTDvdbJWqNj -ZgKAvQU6O0ec7AAmTPWIUb+oI38YB7AL7YsmoWTTYUrrXJ/es69nA7Mf3W1daWhp -q1467HxpvMc7hU6eFbm0FU/DlXpY18ls6Wy58yljXrQs8C097Vpl4KlbQMJImYFt -nh8GKjwStIsPm6Ik8KaN1nrgS7ZklmOVhMJKzRwuJIczYOXD ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFtzCCA5+gAwIBAgICBQkwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0x -GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJv -b3QgQ0EgMjAeFw0wNjExMjQxODI3MDBaFw0zMTExMjQxODIzMzNaMEUxCzAJBgNV -BAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMRswGQYDVQQDExJRdW9W -YWRpcyBSb290IENBIDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCa -GMpLlA0ALa8DKYrwD4HIrkwZhR0In6spRIXzL4GtMh6QRr+jhiYaHv5+HBg6XJxg -Fyo6dIMzMH1hVBHL7avg5tKifvVrbxi3Cgst/ek+7wrGsxDp3MJGF/hd/aTa/55J -WpzmM+Yklvc/ulsrHHo1wtZn/qtmUIttKGAr79dgw8eTvI02kfN/+NsRE8Scd3bB -rrcCaoF6qUWD4gXmuVbBlDePSHFjIuwXZQeVikvfj8ZaCuWw419eaxGrDPmF60Tp -+ARz8un+XJiM9XOva7R+zdRcAitMOeGylZUtQofX1bOQQ7dsE/He3fbE+Ik/0XX1 -ksOR1YqI0JDs3G3eicJlcZaLDQP9nL9bFqyS2+r+eXyt66/3FsvbzSUr5R/7mp/i -Ucw6UwxI5g69ybR2BlLmEROFcmMDBOAENisgGQLodKcftslWZvB1JdxnwQ5hYIiz -PtGo/KPaHbDRsSNU30R2be1B2MGyIrZTHN81Hdyhdyox5C315eXbyOD/5YDXC2Og -/zOhD7osFRXql7PSorW+8oyWHhqPHWykYTe5hnMz15eWniN9gqRMgeKh0bpnX5UH -oycR7hYQe7xFSkyyBNKr79X9DFHOUGoIMfmR2gyPZFwDwzqLID9ujWc9Otb+fVuI -yV77zGHcizN300QyNQliBJIWENieJ0f7OyHj+OsdWwIDAQABo4GwMIGtMA8GA1Ud -EwEB/wQFMAMBAf8wCwYDVR0PBAQDAgEGMB0GA1UdDgQWBBQahGK8SEwzJQTU7tD2 -A8QZRtGUazBuBgNVHSMEZzBlgBQahGK8SEwzJQTU7tD2A8QZRtGUa6FJpEcwRTEL -MAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMT -ElF1b1ZhZGlzIFJvb3QgQ0EgMoICBQkwDQYJKoZIhvcNAQEFBQADggIBAD4KFk2f -BluornFdLwUvZ+YTRYPENvbzwCYMDbVHZF34tHLJRqUDGCdViXh9duqWNIAXINzn -g/iN/Ae42l9NLmeyhP3ZRPx3UIHmfLTJDQtyU/h2BwdBR5YM++CCJpNVjP4iH2Bl -fF/nJrP3MpCYUNQ3cVX2kiF495V5+vgtJodmVjB3pjd4M1IQWK4/YY7yarHvGH5K -WWPKjaJW1acvvFYfzznB4vsKqBUsfU16Y8Zsl0Q80m/DShcK+JDSV6IZUaUtl0Ha -B0+pUNqQjZRG4T7wlP0QADj1O+hA4bRuVhogzG9Yje0uRY/W6ZM/57Es3zrWIozc -hLsib9D45MY56QSIPMO661V6bYCZJPVsAfv4l7CUW+v90m/xd2gNNWQjrLhVoQPR -TUIZ3Ph1WVaj+ahJefivDrkRoHy3au000LYmYjgahwz46P0u05B/B5EqHdZ+XIWD -mbA4CD/pXvk1B+TJYm5Xf6dQlfe6yJvmjqIBxdZmv3lh8zwc4bmCXF2gw+nYSL0Z -ohEUGW6yhhtoPkg3Goi3XZZenMfvJ2II4pEZXNLxId26F0KCl3GBUzGpn/Z9Yr9y -4aOTHcyKJloJONDO1w2AFrR4pTqHTI2KpdVGl/IsELm8VCLAAVBpQ570su9t+Oza -8eOx79+Rj1QqCyXBJhnEUhAFZdWCEOrCMc0u ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFYDCCA0igAwIBAgIURFc0JFuBiZs18s64KztbpybwdSgwDQYJKoZIhvcNAQEL -BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc -BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMiBHMzAeFw0xMjAxMTIxODU5MzJaFw00 -MjAxMTIxODU5MzJaMEgxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM -aW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDIgRzMwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQChriWyARjcV4g/Ruv5r+LrI3HimtFhZiFf -qq8nUeVuGxbULX1QsFN3vXg6YOJkApt8hpvWGo6t/x8Vf9WVHhLL5hSEBMHfNrMW -n4rjyduYNM7YMxcoRvynyfDStNVNCXJJ+fKH46nafaF9a7I6JaltUkSs+L5u+9ym -c5GQYaYDFCDy54ejiK2toIz/pgslUiXnFgHVy7g1gQyjO/Dh4fxaXc6AcW34Sas+ -O7q414AB+6XrW7PFXmAqMaCvN+ggOp+oMiwMzAkd056OXbxMmO7FGmh77FOm6RQ1 -o9/NgJ8MSPsc9PG/Srj61YxxSscfrf5BmrODXfKEVu+lV0POKa2Mq1W/xPtbAd0j -IaFYAI7D0GoT7RPjEiuA3GfmlbLNHiJuKvhB1PLKFAeNilUSxmn1uIZoL1NesNKq -IcGY5jDjZ1XHm26sGahVpkUG0CM62+tlXSoREfA7T8pt9DTEceT/AFr2XK4jYIVz -8eQQsSWu1ZK7E8EM4DnatDlXtas1qnIhO4M15zHfeiFuuDIIfR0ykRVKYnLP43eh -vNURG3YBZwjgQQvD6xVu+KQZ2aKrr+InUlYrAoosFCT5v0ICvybIxo/gbjh9Uy3l -7ZizlWNof/k19N+IxWA1ksB8aRxhlRbQ694Lrz4EEEVlWFA4r0jyWbYW8jwNkALG -cC4BrTwV1wIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB -BjAdBgNVHQ4EFgQU7edvdlq/YOxJW8ald7tyFnGbxD0wDQYJKoZIhvcNAQELBQAD -ggIBAJHfgD9DCX5xwvfrs4iP4VGyvD11+ShdyLyZm3tdquXK4Qr36LLTn91nMX66 -AarHakE7kNQIXLJgapDwyM4DYvmL7ftuKtwGTTwpD4kWilhMSA/ohGHqPHKmd+RC -roijQ1h5fq7KpVMNqT1wvSAZYaRsOPxDMuHBR//47PERIjKWnML2W2mWeyAMQ0Ga -W/ZZGYjeVYg3UQt4XAoeo0L9x52ID8DyeAIkVJOviYeIyUqAHerQbj5hLja7NQ4n -lv1mNDthcnPxFlxHBlRJAHpYErAK74X9sbgzdWqTHBLmYF5vHX/JHyPLhGGfHoJE -+V+tYlUkmlKY7VHnoX6XOuYvHxHaU4AshZ6rNRDbIl9qxV6XU/IyAgkwo1jwDQHV -csaxfGl7w/U2Rcxhbl5MlMVerugOXou/983g7aEOGzPuVBj+D77vfoRrQ+NwmNtd -dbINWQeFFSM51vHfqSYP1kjHs6Yi9TM3WpVHn3u6GBVv/9YUZINJ0gpnIdsPNWNg -KCLjsZWDzYWm3S8P52dSbrsvhXz1SnPnxT7AvSESBT/8twNJAlvIJebiVDj1eYeM -HVOyToV7BjjHLPj4sHKNJeV3UvQDHEimUF+IIDBu8oJDqz2XhOdT+yHBTw8imoa4 -WSr2Rz0ZiC3oheGe7IUIarFsNMkd7EgrO3jtZsSOeWmD3n+M ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIGnTCCBIWgAwIBAgICBcYwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0x -GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJv -b3QgQ0EgMzAeFw0wNjExMjQxOTExMjNaFw0zMTExMjQxOTA2NDRaMEUxCzAJBgNV -BAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMRswGQYDVQQDExJRdW9W -YWRpcyBSb290IENBIDMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDM -V0IWVJzmmNPTTe7+7cefQzlKZbPoFog02w1ZkXTPkrgEQK0CSzGrvI2RaNggDhoB -4hp7Thdd4oq3P5kazethq8Jlph+3t723j/z9cI8LoGe+AaJZz3HmDyl2/7FWeUUr -H556VOijKTVopAFPD6QuN+8bv+OPEKhyq1hX51SGyMnzW9os2l2ObjyjPtr7guXd -8lyyBTNvijbO0BNO/79KDDRMpsMhvVAEVeuxu537RR5kFd5VAYwCdrXLoT9Cabwv -vWhDFlaJKjdhkf2mrk7AyxRllDdLkgbvBNDInIjbC3uBr7E9KsRlOni27tyAsdLT -mZw67mtaa7ONt9XOnMK+pUsvFrGeaDsGb659n/je7Mwpp5ijJUMv7/FfJuGITfhe -btfZFG4ZM2mnO4SJk8RTVROhUXhA+LjJou57ulJCg54U7QVSWllWp5f8nT8KKdjc -T5EOE7zelaTfi5m+rJsziO+1ga8bxiJTyPbH7pcUsMV8eFLI8M5ud2CEpukqdiDt -WAEXMJPpGovgc2PZapKUSU60rUqFxKMiMPwJ7Wgic6aIDFUhWMXhOp8q3crhkODZ -c6tsgLjoC2SToJyMGf+z0gzskSaHirOi4XCPLArlzW1oUevaPwV/izLmE1xr/l9A -4iLItLRkT9a6fUg+qGkM17uGcclzuD87nSVL2v9A6wIDAQABo4IBlTCCAZEwDwYD -VR0TAQH/BAUwAwEB/zCB4QYDVR0gBIHZMIHWMIHTBgkrBgEEAb5YAAMwgcUwgZMG -CCsGAQUFBwICMIGGGoGDQW55IHVzZSBvZiB0aGlzIENlcnRpZmljYXRlIGNvbnN0 -aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFF1b1ZhZGlzIFJvb3QgQ0EgMyBDZXJ0 -aWZpY2F0ZSBQb2xpY3kgLyBDZXJ0aWZpY2F0aW9uIFByYWN0aWNlIFN0YXRlbWVu -dC4wLQYIKwYBBQUHAgEWIWh0dHA6Ly93d3cucXVvdmFkaXNnbG9iYWwuY29tL2Nw -czALBgNVHQ8EBAMCAQYwHQYDVR0OBBYEFPLAE+CCQz777i9nMpY1XNu4ywLQMG4G -A1UdIwRnMGWAFPLAE+CCQz777i9nMpY1XNu4ywLQoUmkRzBFMQswCQYDVQQGEwJC -TTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDEbMBkGA1UEAxMSUXVvVmFkaXMg -Um9vdCBDQSAzggIFxjANBgkqhkiG9w0BAQUFAAOCAgEAT62gLEz6wPJv92ZVqyM0 -7ucp2sNbtrCD2dDQ4iH782CnO11gUyeim/YIIirnv6By5ZwkajGxkHon24QRiSem -d1o417+shvzuXYO8BsbRd2sPbSQvS3pspweWyuOEn62Iix2rFo1bZhfZFvSLgNLd -+LJ2w/w4E6oM3kJpK27zPOuAJ9v1pkQNn1pVWQvVDVJIxa6f8i+AxeoyUDUSly7B -4f/xI4hROJ/yZlZ25w9Rl6VSDE1JUZU2Pb+iSwwQHYaZTKrzchGT5Or2m9qoXadN -t54CrnMAyNojA+j56hl0YgCUyyIgvpSnWbWCar6ZeXqp8kokUvd0/bpO5qgdAm6x -DYBEwa7TIzdfu4V8K5Iu6H6li92Z4b8nby1dqnuH/grdS/yO9SbkbnBCbjPsMZ57 -k8HkyWkaPcBrTiJt7qtYTcbQQcEr6k8Sh17rRdhs9ZgC06DYVYoGmRmioHfRMJ6s -zHXug/WwYjnPbFfiTNKRCw51KBuav/0aQ/HKd/s7j2G4aSgWQgRecCocIdiP4b0j -Wy10QJLZYxkNc91pvGJHvOB0K7Lrfb5BG7XARsWhIstfTsEokt4YutUqKLsRixeT -mJlglFwjz1onl14LBQaTNx47aTbrqZ5hHY8y2o4M1nQ+ewkk2gF3R8Q7zTSMmfXK -4SVhM7JZG+Ju1zdXtg2pEto= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFYDCCA0igAwIBAgIULvWbAiin23r/1aOp7r0DoM8Sah0wDQYJKoZIhvcNAQEL -BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc -BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMyBHMzAeFw0xMjAxMTIyMDI2MzJaFw00 -MjAxMTIyMDI2MzJaMEgxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM -aW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDMgRzMwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQCzyw4QZ47qFJenMioKVjZ/aEzHs286IxSR -/xl/pcqs7rN2nXrpixurazHb+gtTTK/FpRp5PIpM/6zfJd5O2YIyC0TeytuMrKNu -FoM7pmRLMon7FhY4futD4tN0SsJiCnMK3UmzV9KwCoWdcTzeo8vAMvMBOSBDGzXR -U7Ox7sWTaYI+FrUoRqHe6okJ7UO4BUaKhvVZR74bbwEhELn9qdIoyhA5CcoTNs+c -ra1AdHkrAj80//ogaX3T7mH1urPnMNA3I4ZyYUUpSFlob3emLoG+B01vr87ERROR -FHAGjx+f+IdpsQ7vw4kZ6+ocYfx6bIrc1gMLnia6Et3UVDmrJqMz6nWB2i3ND0/k -A9HvFZcba5DFApCTZgIhsUfei5pKgLlVj7WiL8DWM2fafsSntARE60f75li59wzw -eyuxwHApw0BiLTtIadwjPEjrewl5qW3aqDCYz4ByA4imW0aucnl8CAMhZa634Ryl -sSqiMd5mBPfAdOhx3v89WcyWJhKLhZVXGqtrdQtEPREoPHtht+KPZ0/l7DxMYIBp -VzgeAVuNVejH38DMdyM0SXV89pgR6y3e7UEuFAUCf+D+IOs15xGsIs5XPd7JMG0Q -A4XN8f+MFrXBsj6IbGB/kE+V9/YtrQE5BwT6dYB9v0lQ7e/JxHwc64B+27bQ3RP+ -ydOc17KXqQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB -BjAdBgNVHQ4EFgQUxhfQvKjqAkPyGwaZXSuQILnXnOQwDQYJKoZIhvcNAQELBQAD -ggIBADRh2Va1EodVTd2jNTFGu6QHcrxfYWLopfsLN7E8trP6KZ1/AvWkyaiTt3px -KGmPc+FSkNrVvjrlt3ZqVoAh313m6Tqe5T72omnHKgqwGEfcIHB9UqM+WXzBusnI -FUBhynLWcKzSt/Ac5IYp8M7vaGPQtSCKFWGafoaYtMnCdvvMujAWzKNhxnQT5Wvv -oxXqA/4Ti2Tk08HS6IT7SdEQTXlm66r99I0xHnAUrdzeZxNMgRVhvLfZkXdxGYFg -u/BYpbWcC/ePIlUnwEsBbTuZDdQdm2NnL9DuDcpmvJRPpq3t/O5jrFc/ZSXPsoaP -0Aj/uHYUbt7lJ+yreLVTubY/6CD50qi+YUbKh4yE8/nxoGibIh6BJpsQBJFxwAYf -3KDTuVan45gtf4Od34wrnDKOMpTwATwiKp9Dwi7DmDkHOHv8XgBCH/MyJnmDhPbl -8MFREsALHgQjDFSlTC9JxUrRtm5gDWv8a4uFJGS3iQ6rJUdbPM9+Sb3H6QrG2vd+ -DhcI00iX0HGS8A85PjRqHH3Y8iKuu2n0M7SmSFXRDw4m6Oy2Cy2nhTXN/VnIn9HN -PlopNLk9hM6xZdRZkZFWdSHBd575euFgndOtBBj0fOtek49TSiIp+EgrPk2GrFt/ -ywaZWWDYWGWVjUTR939+J399roD1B0y2PpxxVJkES/1Y+Zj0 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID2DCCAsCgAwIBAgIQYFbFSyNAW2TU7SXa2dYeHjANBgkqhkiG9w0BAQsFADCB -hTELMAkGA1UEBhMCREUxKTAnBgNVBAoTIERldXRzY2hlciBTcGFya2Fzc2VuIFZl -cmxhZyBHbWJIMScwJQYDVQQLEx5TLVRSVVNUIENlcnRpZmljYXRpb24gU2Vydmlj -ZXMxIjAgBgNVBAMTGVMtVFJVU1QgVW5pdmVyc2FsIFJvb3QgQ0EwHhcNMTMxMDIy -MDAwMDAwWhcNMzgxMDIxMjM1OTU5WjCBhTELMAkGA1UEBhMCREUxKTAnBgNVBAoT -IERldXRzY2hlciBTcGFya2Fzc2VuIFZlcmxhZyBHbWJIMScwJQYDVQQLEx5TLVRS -VVNUIENlcnRpZmljYXRpb24gU2VydmljZXMxIjAgBgNVBAMTGVMtVFJVU1QgVW5p -dmVyc2FsIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCo -4wvfETeFgpq1bGZ8YT/ARxodRuOwVWTluII5KAd+F//0m4rwkYHqOD8heGxI7Gsv -otOKcrKn19nqf7TASWswJYmM67fVQGGY4tw8IJLNZUpynxqOjPolFb/zIYMoDYuv -WRGCQ1ybTSVRf1gYY2A7s7WKi1hjN0hIkETCQN1d90NpKZhcEmVeq5CSS2bf1XUS -U1QYpt6K1rtXAzlZmRgFDPn9FcaQZEYXgtfCSkE9/QC+V3IYlHcbU1qJAfYzcg6T -OtzoHv0FBda8c+CI3KtP7LUYhk95hA5IKmYq3TLIeGXIC51YAQVx7YH1aBduyw20 -S9ih7K446xxYL6FlAzQvAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P -AQH/BAQDAgEGMB0GA1UdDgQWBBSafdfr639UmEUptCCrbQuWIxmkwjANBgkqhkiG -9w0BAQsFAAOCAQEATpYS2353XpInniEXGIJ22D+8pQkEZoiJrdtVszNqxmXEj03z -MjbceQSWqXcy0Zf1GGuMuu3OEdBEx5LxtESO7YhSSJ7V/Vn4ox5R+wFS5V/let2q -JE8ii912RvaloA812MoPmLkwXSBvwoEevb3A/hXTOCoJk5gnG5N70Cs0XmilFU/R -UsOgyqCDRR319bdZc11ZAY+qwkcvFHHVKeMQtUeTJcwjKdq3ctiR1OwbSIoi5MEq -9zpok59FGW5Dt8z+uJGaYRo2aWNkkijzb2GShROfyQcsi1fc65551cLeCNVUsldO -KjKNoeI60RAgIjl9NEVvcTvDHfz/sk+o4vYwHg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIClDCCAhqgAwIBAgIILCmcWxbtBZUwCgYIKoZIzj0EAwIwfzELMAkGA1UEBhMC -VVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQKDA9T -U0wgQ29ycG9yYXRpb24xNDAyBgNVBAMMK1NTTC5jb20gRVYgUm9vdCBDZXJ0aWZp -Y2F0aW9uIEF1dGhvcml0eSBFQ0MwHhcNMTYwMjEyMTgxNTIzWhcNNDEwMjEyMTgx -NTIzWjB/MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hv -dXN0b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjE0MDIGA1UEAwwrU1NMLmNv -bSBFViBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzB2MBAGByqGSM49 -AgEGBSuBBAAiA2IABKoSR5CYG/vvw0AHgyBO8TCCogbR8pKGYfL2IWjKAMTH6kMA -VIbc/R/fALhBYlzccBYy3h+Z1MzFB8gIH2EWB1E9fVwHU+M1OIzfzZ/ZLg1Kthku -WnBaBu2+8KGwytAJKaNjMGEwHQYDVR0OBBYEFFvKXuXe0oGqzagtZFG22XKbl+ZP -MA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUW8pe5d7SgarNqC1kUbbZcpuX -5k8wDgYDVR0PAQH/BAQDAgGGMAoGCCqGSM49BAMCA2gAMGUCMQCK5kCJN+vp1RPZ -ytRrJPOwPYdGWBrssd9v+1a6cGvHOMzosYxPD/fxZ3YOg9AeUY8CMD32IygmTMZg -h5Mmm7I1HrrW9zzRHM76JTymGoEVW/MSD2zuZYrJh6j5B+BimoxcSg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF6zCCA9OgAwIBAgIIVrYpzTS8ePYwDQYJKoZIhvcNAQELBQAwgYIxCzAJBgNV -BAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4GA1UEBwwHSG91c3RvbjEYMBYGA1UE -CgwPU1NMIENvcnBvcmF0aW9uMTcwNQYDVQQDDC5TU0wuY29tIEVWIFJvb3QgQ2Vy -dGlmaWNhdGlvbiBBdXRob3JpdHkgUlNBIFIyMB4XDTE3MDUzMTE4MTQzN1oXDTQy -MDUzMDE4MTQzN1owgYIxCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4G -A1UEBwwHSG91c3RvbjEYMBYGA1UECgwPU1NMIENvcnBvcmF0aW9uMTcwNQYDVQQD -DC5TU0wuY29tIEVWIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgUlNBIFIy -MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAjzZlQOHWTcDXtOlG2mvq -M0fNTPl9fb69LT3w23jhhqXZuglXaO1XPqDQCEGD5yhBJB/jchXQARr7XnAjssuf -OePPxU7Gkm0mxnu7s9onnQqG6YE3Bf7wcXHswxzpY6IXFJ3vG2fThVUCAtZJycxa -4bH3bzKfydQ7iEGonL3Lq9ttewkfokxykNorCPzPPFTOZw+oz12WGQvE43LrrdF9 -HSfvkusQv1vrO6/PgN3B0pYEW3p+pKk8OHakYo6gOV7qd89dAFmPZiw+B6KjBSYR -aZfqhbcPlgtLyEDhULouisv3D5oi53+aNxPN8k0TayHRwMwi8qFG9kRpnMphNQcA -b9ZhCBHqurj26bNg5U257J8UZslXWNvNh2n4ioYSA0e/ZhN2rHd9NCSFg83XqpyQ -Gp8hLH94t2S42Oim9HizVcuE0jLEeK6jj2HdzghTreyI/BXkmg3mnxp3zkyPuBQV -PWKchjgGAGYS5Fl2WlPAApiiECtoRHuOec4zSnaqW4EWG7WK2NAAe15itAnWhmMO -pgWVSbooi4iTsjQc2KRVbrcc0N6ZVTsj9CLg+SlmJuwgUHfbSguPvuUCYHBBXtSu -UDkiFCbLsjtzdFVHB3mBOagwE0TlBIqulhMlQg+5U8Sb/M3kHN48+qvWBkofZ6aY -MBzdLNvcGJVXZsb/XItW9XcCAwEAAaNjMGEwDwYDVR0TAQH/BAUwAwEB/zAfBgNV -HSMEGDAWgBT5YLvU49U09rj1BoAlp3PbRmmonjAdBgNVHQ4EFgQU+WC71OPVNPa4 -9QaAJadz20ZpqJ4wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQBW -s47LCp1Jjr+kxJG7ZhcFUZh1++VQLHqe8RT6q9OKPv+RKY9ji9i0qVQBDb6Thi/5 -Sm3HXvVX+cpVHBK+Rw82xd9qt9t1wkclf7nxY/hoLVUE0fKNsKTPvDxeH3jnpaAg -cLAExbf3cqfeIg29MyVGjGSSJuM+LmOW2puMPfgYCdcDzH2GguDKBAdRUNf/ktUM -79qGn5nX67evaOI5JpS6aLe/g9Pqemc9YmeuJeVy6OLk7K4S9ksrPJ/psEDzOFSz -/bdoyNrGj1E8svuR3Bznm53htw1yj+KkxKl4+esUrMZDBcJlOSgYAsOCsp0FvmXt -ll9ldDz7CTUue5wT/RsPXcdtgTpWD8w74a8CLyKsRspGPKAcTNZEtF4uXBVmCeEm -Kf7GUmG6sXP/wwyc5WxqlD8UykAWlYTzWamsX0xhk23RO8yilQwipmdnRC652dKK -QbNmC1r7fSOl8hqw/96bg5Qu0T/fkreRrwU7ZcegbLHNYhLDkBvjJc40vG93drEQ -w/cFGsDWr3RiSBd3kmmQYRzelYB0VI8YHMPzA9C/pEN1hlMYegouCRw2n5H9gooi -S9EOUCXdywMMF8mDAAhONU2Ki+3wApRmLER/y5UnlhetCTCstnEXbosX9hwJ1C07 -mKVx01QT2WDz9UtmT/rx7iASjbSsV7FFY6GsdqnC+w== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICjTCCAhSgAwIBAgIIdebfy8FoW6gwCgYIKoZIzj0EAwIwfDELMAkGA1UEBhMC -VVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQKDA9T -U0wgQ29ycG9yYXRpb24xMTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZpY2F0 -aW9uIEF1dGhvcml0eSBFQ0MwHhcNMTYwMjEyMTgxNDAzWhcNNDEwMjEyMTgxNDAz -WjB8MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0 -b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNvbSBS -b290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzB2MBAGByqGSM49AgEGBSuB -BAAiA2IABEVuqVDEpiM2nl8ojRfLliJkP9x6jh3MCLOicSS6jkm5BBtHllirLZXI -7Z4INcgn64mMU1jrYor+8FsPazFSY0E7ic3s7LaNGdM0B9y7xgZ/wkWV7Mt/qCPg -CemB+vNH06NjMGEwHQYDVR0OBBYEFILRhXMw5zUE044CkvvlpNHEIejNMA8GA1Ud -EwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUgtGFczDnNQTTjgKS++Wk0cQh6M0wDgYD -VR0PAQH/BAQDAgGGMAoGCCqGSM49BAMCA2cAMGQCMG/n61kRpGDPYbCWe+0F+S8T -kdzt5fxQaxFGRrMcIQBiu77D5+jNB5n5DQtdcj7EqgIwH7y6C+IwJPt8bYBVCpk+ -gA0z5Wajs6O7pdWLjwkspl1+4vAHCGht0nxpbl/f5Wpl ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF3TCCA8WgAwIBAgIIeyyb0xaAMpkwDQYJKoZIhvcNAQELBQAwfDELMAkGA1UE -BhMCVVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQK -DA9TU0wgQ29ycG9yYXRpb24xMTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZp -Y2F0aW9uIEF1dGhvcml0eSBSU0EwHhcNMTYwMjEyMTczOTM5WhcNNDEwMjEyMTcz -OTM5WjB8MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hv -dXN0b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNv -bSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFJTQTCCAiIwDQYJKoZIhvcN -AQEBBQADggIPADCCAgoCggIBAPkP3aMrfcvQKv7sZ4Wm5y4bunfh4/WvpOz6Sl2R -xFdHaxh3a3by/ZPkPQ/CFp4LZsNWlJ4Xg4XOVu/yFv0AYvUiCVToZRdOQbngT0aX -qhvIuG5iXmmxX9sqAn78bMrzQdjt0Oj8P2FI7bADFB0QDksZ4LtO7IZl/zbzXmcC -C52GVWH9ejjt/uIZALdvoVBidXQ8oPrIJZK0bnoix/geoeOy3ZExqysdBP+lSgQ3 -6YWkMyv94tZVNHwZpEpox7Ko07fKoZOI68GXvIz5HdkihCR0xwQ9aqkpk8zruFvh -/l8lqjRYyMEjVJ0bmBHDOJx+PYZspQ9AhnwC9FwCTyjLrnGfDzrIM/4RJTXq/LrF -YD3ZfBjVsqnTdXgDciLKOsMf7yzlLqn6niy2UUb9rwPW6mBo6oUWNmuF6R7As93E -JNyAKoFBbZQ+yODJgUEAnl6/f8UImKIYLEJAs/lvOCdLToD0PYFH4Ih86hzOtXVc -US4cK38acijnALXRdMbX5J+tB5O2UzU1/Dfkw/ZdFr4hc96SCvigY2q8lpJqPvi8 -ZVWb3vUNiSYE/CUapiVpy8JtynziWV+XrOvvLsi81xtZPCvM8hnIk2snYxnP/Okm -+Mpxm3+T/jRnhE6Z6/yzeAkzcLpmpnbtG3PrGqUNxCITIJRWCk4sbE6x/c+cCbqi -M+2HAgMBAAGjYzBhMB0GA1UdDgQWBBTdBAkHovV6fVJTEpKV7jiAJQ2mWTAPBgNV -HRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFN0ECQei9Xp9UlMSkpXuOIAlDaZZMA4G -A1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAIBgRlCn7Jp0cHh5wYfGV -cpNxJK1ok1iOMq8bs3AD/CUrdIWQPXhq9LmLpZc7tRiRux6n+UBbkflVma8eEdBc -Hadm47GUBwwyOabqG7B52B2ccETjit3E+ZUfijhDPwGFpUenPUayvOUiaPd7nNgs -PgohyC0zrL/FgZkxdMF1ccW+sfAjRfSda/wZY52jvATGGAslu1OJD7OAUN5F7kR/ -q5R4ZJjT9ijdh9hwZXT7DrkT66cPYakylszeu+1jTBi7qUD3oFRuIIhxdRjqerQ0 -cuAjJ3dctpDqhiVAq+8zD8ufgr6iIPv2tS0a5sKFsXQP+8hlAqRSAUfdSSLBv9jr -a6x+3uxjMxW3IwiPxg+NQVrdjsW5j+VFP3jbutIbQLH+cU0/4IGiul607BXgk90I -H37hVZkLId6Tngr75qNJvTYw/ud3sqB1l7UtgYgXZSD32pAAn8lSzDLKNXz1PQ/Y -K9f1JmzJBjSWFupwWRoyeXkLtoh/D1JIPb9s2KJELtFOt3JY04kTlf5Eq/jXixtu -nLwsoFvVagCvXzfh1foQC5ichucmj87w7G6KVwuA406ywKBjYZC6VWg3dGq2ktuf -oYYitmUnDuy2n0Jg5GfCtdpBC8TTi2EbvPofkSvXRAdeuims2cXp71NIWuuA8ShY -Ic2wBlX7Jz9TkHCpBB5XJ7k= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDcjCCAlqgAwIBAgIUPopdB+xV0jLVt+O2XwHrLdzk1uQwDQYJKoZIhvcNAQEL -BQAwUTELMAkGA1UEBhMCUEwxKDAmBgNVBAoMH0tyYWpvd2EgSXpiYSBSb3psaWN6 -ZW5pb3dhIFMuQS4xGDAWBgNVBAMMD1NaQUZJUiBST09UIENBMjAeFw0xNTEwMTkw -NzQzMzBaFw0zNTEwMTkwNzQzMzBaMFExCzAJBgNVBAYTAlBMMSgwJgYDVQQKDB9L -cmFqb3dhIEl6YmEgUm96bGljemVuaW93YSBTLkEuMRgwFgYDVQQDDA9TWkFGSVIg -Uk9PVCBDQTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3vD5QqEvN -QLXOYeeWyrSh2gwisPq1e3YAd4wLz32ohswmUeQgPYUM1ljj5/QqGJ3a0a4m7utT -3PSQ1hNKDJA8w/Ta0o4NkjrcsbH/ON7Dui1fgLkCvUqdGw+0w8LBZwPd3BucPbOw -3gAeqDRHu5rr/gsUvTaE2g0gv/pby6kWIK05YO4vdbbnl5z5Pv1+TW9NL++IDWr6 -3fE9biCloBK0TXC5ztdyO4mTp4CEHCdJckm1/zuVnsHMyAHs6A6KCpbns6aH5db5 -BSsNl0BwPLqsdVqc1U2dAgrSS5tmS0YHF2Wtn2yIANwiieDhZNRnvDF5YTy7ykHN -XGoAyDw4jlivAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD -AgEGMB0GA1UdDgQWBBQuFqlKGLXLzPVvUPMjX/hd56zwyDANBgkqhkiG9w0BAQsF -AAOCAQEAtXP4A9xZWx126aMqe5Aosk3AM0+qmrHUuOQn/6mWmc5G4G18TKI4pAZw -8PRBEew/R40/cof5O/2kbytTAOD/OblqBw7rHRz2onKQy4I9EYKL0rufKq8h5mOG -nXkZ7/e7DDWQw4rtTw/1zBLZpD67oPwglV9PJi8RI4NOdQcPv5vRtB3pEAT+ymCP -oky4rc/hkA/NrgrHXXu3UNLUYfrVFdvXn4dRVOul4+vJhaAlIDf7js4MNIThPIGy -d05DpYhfhmehPea0XGG2Ptv+tyjFogeutcrKjSoS75ftwjCkySp6+/NNIxuZMzSg -LvWpCz/UXeHPhJ/iGcJfitYgHuNztw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDbTCCAlWgAwIBAgIBATANBgkqhkiG9w0BAQUFADBYMQswCQYDVQQGEwJKUDEr -MCkGA1UEChMiSmFwYW4gQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcywgSW5jLjEcMBoG -A1UEAxMTU2VjdXJlU2lnbiBSb290Q0ExMTAeFw0wOTA0MDgwNDU2NDdaFw0yOTA0 -MDgwNDU2NDdaMFgxCzAJBgNVBAYTAkpQMSswKQYDVQQKEyJKYXBhbiBDZXJ0aWZp -Y2F0aW9uIFNlcnZpY2VzLCBJbmMuMRwwGgYDVQQDExNTZWN1cmVTaWduIFJvb3RD -QTExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/XeqpRyQBTvLTJsz -i1oURaTnkBbR31fSIRCkF/3frNYfp+TbfPfs37gD2pRY/V1yfIw/XwFndBWW4wI8 -h9uuywGOwvNmxoVF9ALGOrVisq/6nL+k5tSAMJjzDbaTj6nU2DbysPyKyiyhFTOV -MdrAG/LuYpmGYz+/3ZMqg6h2uRMft85OQoWPIucuGvKVCbIFtUROd6EgvanyTgp9 -UK31BQ1FT0Zx/Sg+U/sE2C3XZR1KG/rPO7AxmjVuyIsG0wCR8pQIZUyxNAYAeoni -8McDWc/V1uinMrPmmECGxc0nEovMe863ETxiYAcjPitAbpSACW22s293bzUIUPsC -h8U+iQIDAQABo0IwQDAdBgNVHQ4EFgQUW/hNT7KlhtQ60vFjmqC+CfZXt94wDgYD -VR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEB -AKChOBZmLqdWHyGcBvod7bkixTgm2E5P7KN/ed5GIaGHd48HCJqypMWvDzKYC3xm -KbabfSVSSUOrTC4rbnpwrxYO4wJs+0LmGJ1F2FXI6Dvd5+H0LgscNFxsWEr7jIhQ -X5Ucv+2rIrVls4W6ng+4reV6G4pQOh29Dbx7VFALuUKvVaAYga1lme++5Jy/xIWr -QbJUb9wlze144o4MjQlJ3WN7WmmWAiGovVJZ6X01y8hSyn+B/tlr0/cR7SXf+Of5 -pPpyl4RTDaXQMhhRdlkUbA/r7F+AjHVDg8OFmP9Mni0N5HeDk061lgeLKBObjBmN -QSdJQO7e5iNEOdyhIta6A/I= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDuDCCAqCgAwIBAgIQDPCOXAgWpa1Cf/DrJxhZ0DANBgkqhkiG9w0BAQUFADBI -MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24x -FzAVBgNVBAMTDlNlY3VyZVRydXN0IENBMB4XDTA2MTEwNzE5MzExOFoXDTI5MTIz -MTE5NDA1NVowSDELMAkGA1UEBhMCVVMxIDAeBgNVBAoTF1NlY3VyZVRydXN0IENv -cnBvcmF0aW9uMRcwFQYDVQQDEw5TZWN1cmVUcnVzdCBDQTCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBAKukgeWVzfX2FI7CT8rU4niVWJxB4Q2ZQCQXOZEz -Zum+4YOvYlyJ0fwkW2Gz4BERQRwdbvC4u/jep4G6pkjGnx29vo6pQT64lO0pGtSO -0gMdA+9tDWccV9cGrcrI9f4Or2YlSASWC12juhbDCE/RRvgUXPLIXgGZbf2IzIao -wW8xQmxSPmjL8xk037uHGFaAJsTQ3MBv396gwpEWoGQRS0S8Hvbn+mPeZqx2pHGj -7DaUaHp3pLHnDi+BeuK1cobvomuL8A/b01k/unK8RCSc43Oz969XL0Imnal0ugBS -8kvNU3xHCzaFDmapCJcWNFfBZveA4+1wVMeT4C4oFVmHursCAwEAAaOBnTCBmjAT -BgkrBgEEAYI3FAIEBh4EAEMAQTALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB -/zAdBgNVHQ4EFgQUQjK2FvoE/f5dS3rD/fdMQB1aQ68wNAYDVR0fBC0wKzApoCeg -JYYjaHR0cDovL2NybC5zZWN1cmV0cnVzdC5jb20vU1RDQS5jcmwwEAYJKwYBBAGC -NxUBBAMCAQAwDQYJKoZIhvcNAQEFBQADggEBADDtT0rhWDpSclu1pqNlGKa7UTt3 -6Z3q059c4EVlew3KW+JwULKUBRSuSceNQQcSc5R+DCMh/bwQf2AQWnL1mA6s7Ll/ -3XpvXdMc9P+IBWlCqQVxyLesJugutIxq/3HcuLHfmbx8IVQr5Fiiu1cprp6poxkm -D5kuCLDv/WnPmRoJjeOnnyvJNjR7JLN4TJUXpAYmHrZkUjZfYGfZnMUFdAvnZyPS -CPyI6a6Lf+Ew9Dd+/cYy2i2eRDAwbO4H3tI0/NL/QPZL9GZGBlSm8jIKYyYwa5vR -3ItHuuG51WLQoqD0ZwV4KWMabwTW+MZMo5qxN7SN5ShLHZ4swrhovO0C7jE= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDvDCCAqSgAwIBAgIQB1YipOjUiolN9BPI8PjqpTANBgkqhkiG9w0BAQUFADBK -MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24x -GTAXBgNVBAMTEFNlY3VyZSBHbG9iYWwgQ0EwHhcNMDYxMTA3MTk0MjI4WhcNMjkx -MjMxMTk1MjA2WjBKMQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3Qg -Q29ycG9yYXRpb24xGTAXBgNVBAMTEFNlY3VyZSBHbG9iYWwgQ0EwggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvNS7YrGxVaQZx5RNoJLNP2MwhR/jxYDiJ -iQPpvepeRlMJ3Fz1Wuj3RSoC6zFh1ykzTM7HfAo3fg+6MpjhHZevj8fcyTiW89sa -/FHtaMbQbqR8JNGuQsiWUGMu4P51/pinX0kuleM5M2SOHqRfkNJnPLLZ/kG5VacJ -jnIFHovdRIWCQtBJwB1g8NEXLJXr9qXBkqPFwqcIYA1gBBCWeZ4WNOaptvolRTnI -HmX5k/Wq8VLcmZg9pYYaDDUz+kulBAYVHDGA76oYa8J719rO+TMg1fW9ajMtgQT7 -sFzUnKPiXB3jqUJ1XnvUd+85VLrJChgbEplJL4hL/VBi0XPnj3pDAgMBAAGjgZ0w -gZowEwYJKwYBBAGCNxQCBAYeBABDAEEwCwYDVR0PBAQDAgGGMA8GA1UdEwEB/wQF -MAMBAf8wHQYDVR0OBBYEFK9EBMJBfkiD2045AuzshHrmzsmkMDQGA1UdHwQtMCsw -KaAnoCWGI2h0dHA6Ly9jcmwuc2VjdXJldHJ1c3QuY29tL1NHQ0EuY3JsMBAGCSsG -AQQBgjcVAQQDAgEAMA0GCSqGSIb3DQEBBQUAA4IBAQBjGghAfaReUw132HquHw0L -URYD7xh8yOOvaliTFGCRsoTciE6+OYo68+aCiV0BN7OrJKQVDpI1WkpEXk5X+nXO -H0jOZvQ8QCaSmGwb7iRGDBezUqXbpZGRzzfTb+cnCDpOGR86p1hcF895P4vkp9Mm -I50mD1hp/Ed+stCNi5O/KU9DaXR2Z0vPB4zmAve14bRDtUstFJ/53CYNv6ZHdAbY -iNE6KTCEztI5gGIbqMdXSbxqVVFnFUq+NQfk1XWYN3kwFNspnWzFacxHVaIw98xc -f8LDmBxrThaA63p4ZUWiABqvDA1VZDRIuJK58bRQKfJPIx/abKwfROHdI3hRW8cW ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDdzCCAl+gAwIBAgIBADANBgkqhkiG9w0BAQsFADBdMQswCQYDVQQGEwJKUDEl -MCMGA1UEChMcU0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4sTFRELjEnMCUGA1UECxMe -U2VjdXJpdHkgQ29tbXVuaWNhdGlvbiBSb290Q0EyMB4XDTA5MDUyOTA1MDAzOVoX -DTI5MDUyOTA1MDAzOVowXTELMAkGA1UEBhMCSlAxJTAjBgNVBAoTHFNFQ09NIFRy -dXN0IFN5c3RlbXMgQ08uLExURC4xJzAlBgNVBAsTHlNlY3VyaXR5IENvbW11bmlj -YXRpb24gUm9vdENBMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANAV -OVKxUrO6xVmCxF1SrjpDZYBLx/KWvNs2l9amZIyoXvDjChz335c9S672XewhtUGr -zbl+dp+++T42NKA7wfYxEUV0kz1XgMX5iZnK5atq1LXaQZAQwdbWQonCv/Q4EpVM -VAX3NuRFg3sUZdbcDE3R3n4MqzvEFb46VqZab3ZpUql6ucjrappdUtAtCms1FgkQ -hNBqyjoGADdH5H5XTz+L62e4iKrFvlNVspHEfbmwhRkGeC7bYRr6hfVKkaHnFtWO -ojnflLhwHyg/i/xAXmODPIMqGplrz95Zajv8bxbXH/1KEOtOghY6rCcMU/Gt1SSw -awNQwS08Ft1ENCcadfsCAwEAAaNCMEAwHQYDVR0OBBYEFAqFqXdlBZh8QIH4D5cs -OPEK7DzPMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3 -DQEBCwUAA4IBAQBMOqNErLlFsceTfsgLCkLfZOoc7llsCLqJX2rKSpWeeo8HxdpF -coJxDjrSzG+ntKEju/Ykn8sX/oymzsLS28yN/HH8AynBbF0zX2S2ZTuJbxh2ePXc -okgfGT+Ok+vx+hfuzU7jBBJV1uXk3fs+BXziHV7Gp7yXT2g69ekuCkO2r1dcYmh8 -t/2jioSgrGK+KwmHNPBqAbubKVY8/gA3zyNs8U6qtnRGEmyR7jTV7JqR50S+kDFy -1UkC9gLl9B/rfNmWVan/7Ir5mUf/NVoCqgTLiluHcSmRvaS0eg29mvVXIwAHIRc/ -SjnRBUkLp7Y3gaVdjKozXoEofKd9J+sAro03 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDWjCCAkKgAwIBAgIBADANBgkqhkiG9w0BAQUFADBQMQswCQYDVQQGEwJKUDEY -MBYGA1UEChMPU0VDT00gVHJ1c3QubmV0MScwJQYDVQQLEx5TZWN1cml0eSBDb21t -dW5pY2F0aW9uIFJvb3RDQTEwHhcNMDMwOTMwMDQyMDQ5WhcNMjMwOTMwMDQyMDQ5 -WjBQMQswCQYDVQQGEwJKUDEYMBYGA1UEChMPU0VDT00gVHJ1c3QubmV0MScwJQYD -VQQLEx5TZWN1cml0eSBDb21tdW5pY2F0aW9uIFJvb3RDQTEwggEiMA0GCSqGSIb3 -DQEBAQUAA4IBDwAwggEKAoIBAQCzs/5/022x7xZ8V6UMbXaKL0u/ZPtM7orw8yl8 -9f/uKuDp6bpbZCKamm8sOiZpUQWZJtzVHGpxxpp9Hp3dfGzGjGdnSj74cbAZJ6kJ -DKaVv0uMDPpVmDvY6CKhS3E4eayXkmmziX7qIWgGmBSWh9JhNrxtJ1aeV+7AwFb9 -Ms+k2Y7CI9eNqPPYJayX5HA49LY6tJ07lyZDo6G8SVlyTCMwhwFY9k6+HGhWZq/N -QV3Is00qVUarH9oe4kA92819uZKAnDfdDJZkndwi92SL32HeFZRSFaB9UslLqCHJ -xrHty8OVYNEP8Ktw+N/LTX7s1vqr2b1/VPKl6Xn62dZ2JChzAgMBAAGjPzA9MB0G -A1UdDgQWBBSgc0mZaNyFW2XjmygvV5+9M7wHSDALBgNVHQ8EBAMCAQYwDwYDVR0T -AQH/BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAaECpqLvkT115swW1F7NgE+vG -kl3g0dNq/vu+m22/xwVtWSDEHPC32oRYAmP6SBbvT6UL90qY8j+eG61Ha2POCEfr -Uj94nK9NrvjVT8+amCoQQTlSxN3Zmw7vkwGusi7KaEIkQmywszo+zenaSMQVy+n5 -Bw+SUEmK3TGXX8npN6o7WWWXlDLJs58+OmJYxUmtYg5xpTKqL8aJdkNAExNnPaJU -JRDL8Try2frbSVa7pv6nQTXD4IhhyYjH3zYQIphZ6rBK+1YWc26sTfcioU+tHXot -RSflMMFe8toTyyVCUZVHA4xsIcx0Qu1T/zOLjw9XARYvz6buyXAiFL39vmwLAw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDIDCCAgigAwIBAgIBHTANBgkqhkiG9w0BAQUFADA5MQswCQYDVQQGEwJGSTEP -MA0GA1UEChMGU29uZXJhMRkwFwYDVQQDExBTb25lcmEgQ2xhc3MyIENBMB4XDTAx -MDQwNjA3Mjk0MFoXDTIxMDQwNjA3Mjk0MFowOTELMAkGA1UEBhMCRkkxDzANBgNV -BAoTBlNvbmVyYTEZMBcGA1UEAxMQU29uZXJhIENsYXNzMiBDQTCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAJAXSjWdyvANlsdE+hY3/Ei9vX+ALTU74W+o -Z6m/AxxNjG8yR9VBaKQTBME1DJqEQ/xcHf+Js+gXGM2RX/uJ4+q/Tl18GybTdXnt -5oTjV+WtKcT0OijnpXuENmmz/V52vaMtmdOQTiMofRhj8VQ7Jp12W5dCsv+u8E7s -3TmVToMGf+dJQMjFAbJUWmYdPfz56TwKnoG4cPABi+QjVHzIrviQHgCWctRUz2Ej -vOr7nQKV0ba5cTppCD8PtOFCx4j1P5iop7oc4HFx71hXgVB6XGt0Rg6DA5jDjqhu -8nYybieDwnPz3BjotJPqdURrBGAgcVeHnfO+oJAjPYok4doh28MCAwEAAaMzMDEw -DwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4ECgQISqCqWITTXjwwCwYDVR0PBAQDAgEG -MA0GCSqGSIb3DQEBBQUAA4IBAQBazof5FnIVV0sd2ZvnoiYw7JNn39Yt0jSv9zil -zqsWuasvfDXLrNAPtEwr/IDva4yRXzZ299uzGxnq9LIR/WFxRL8oszodv7ND6J+/ -3DEIcbCdjdY0RzKQxmUk96BKfARzjzlvF4xytb1LyHr4e4PDKE6cCepnP7JnBBvD -FNr450kkkdAdavphOe9r5yF1BgfYErQhIHBCcYHaPJo2vqZbDWpsmh+Re/n570K6 -Tk6ezAyNlNzZRZxe7EJQY670XcSxEtzKO6gunRRaBXW37Ndj4ro1tgQIkejanZz2 -ZrUYrAqmVCY0M9IbwdR/GjqOC6oybtv8TyWf2TLHllpwrN9M ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFcDCCA1igAwIBAgIEAJiWjTANBgkqhkiG9w0BAQsFADBYMQswCQYDVQQGEwJO -TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSkwJwYDVQQDDCBTdGFh -dCBkZXIgTmVkZXJsYW5kZW4gRVYgUm9vdCBDQTAeFw0xMDEyMDgxMTE5MjlaFw0y -MjEyMDgxMTEwMjhaMFgxCzAJBgNVBAYTAk5MMR4wHAYDVQQKDBVTdGFhdCBkZXIg -TmVkZXJsYW5kZW4xKTAnBgNVBAMMIFN0YWF0IGRlciBOZWRlcmxhbmRlbiBFViBS -b290IENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA48d+ifkkSzrS -M4M1LGns3Amk41GoJSt5uAg94JG6hIXGhaTK5skuU6TJJB79VWZxXSzFYGgEt9nC -UiY4iKTWO0Cmws0/zZiTs1QUWJZV1VD+hq2kY39ch/aO5ieSZxeSAgMs3NZmdO3d -Z//BYY1jTw+bbRcwJu+r0h8QoPnFfxZpgQNH7R5ojXKhTbImxrpsX23Wr9GxE46p -rfNeaXUmGD5BKyF/7otdBwadQ8QpCiv8Kj6GyzyDOvnJDdrFmeK8eEEzduG/L13l -pJhQDBXd4Pqcfzho0LKmeqfRMb1+ilgnQ7O6M5HTp5gVXJrm0w912fxBmJc+qiXb -j5IusHsMX/FjqTf5m3VpTCgmJdrV8hJwRVXj33NeN/UhbJCONVrJ0yPr08C+eKxC -KFhmpUZtcALXEPlLVPxdhkqHz3/KRawRWrUgUY0viEeXOcDPusBCAUCZSCELa6fS -/ZbV0b5GnUngC6agIk440ME8MLxwjyx1zNDFjFE7PZQIZCZhfbnDZY8UnCHQqv0X -cgOPvZuM5l5Tnrmd74K74bzickFbIZTTRTeU0d8JOV3nI6qaHcptqAqGhYqCvkIH -1vI4gnPah1vlPNOePqc7nvQDs/nxfRN0Av+7oeX6AHkcpmZBiFxgV6YuCcS6/ZrP -px9Aw7vMWgpVSzs4dlG4Y4uElBbmVvMCAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB -/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFP6rAJCYniT8qcwaivsnuL8wbqg7 -MA0GCSqGSIb3DQEBCwUAA4ICAQDPdyxuVr5Os7aEAJSrR8kN0nbHhp8dB9O2tLsI -eK9p0gtJ3jPFrK3CiAJ9Brc1AsFgyb/E6JTe1NOpEyVa/m6irn0F3H3zbPB+po3u -2dfOWBfoqSmuc0iH55vKbimhZF8ZE/euBhD/UcabTVUlT5OZEAFTdfETzsemQUHS -v4ilf0X8rLiltTMMgsT7B/Zq5SWEXwbKwYY5EdtYzXc7LMJMD16a4/CrPmEbUCTC -wPTxGfARKbalGAKb12NMcIxHowNDXLldRqANb/9Zjr7dn3LDWyvfjFvO5QxGbJKy -CqNMVEIYFRIYvdr8unRu/8G2oGTYqV9Vrp9canaW2HNnh/tNf1zuacpzEPuKqf2e -vTY4SUmH9A4U8OmHuD+nT3pajnnUk+S7aFKErGzp85hwVXIy+TSrK0m1zSBi5Dp6 -Z2Orltxtrpfs/J92VoguZs9btsmksNcFuuEnL5O7Jiqik7Ab846+HUCjuTaPPoIa -Gl6I6lD4WeKDRikL40Rc4ZW2aZCaFG+XroHPaO+Zmr615+F/+PoTRxZMzG0IQOeL -eG9QgkRQP2YGiqtDhFZKDyAthg710tvSeopLzaXoTvFeJiUBWSOgftL2fiFX1ye8 -FVdMpEbB4IMeDExNH08GGeL5qPQ6gqGyeUN51q1veieQA6TqJIc/2b3Z6fJfUEkc -7uzXLg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFyjCCA7KgAwIBAgIEAJiWjDANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJO -TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSswKQYDVQQDDCJTdGFh -dCBkZXIgTmVkZXJsYW5kZW4gUm9vdCBDQSAtIEcyMB4XDTA4MDMyNjExMTgxN1oX -DTIwMDMyNTExMDMxMFowWjELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRl -ciBOZWRlcmxhbmRlbjErMCkGA1UEAwwiU3RhYXQgZGVyIE5lZGVybGFuZGVuIFJv -b3QgQ0EgLSBHMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMVZ5291 -qj5LnLW4rJ4L5PnZyqtdj7U5EILXr1HgO+EASGrP2uEGQxGZqhQlEq0i6ABtQ8Sp -uOUfiUtnvWFI7/3S4GCI5bkYYCjDdyutsDeqN95kWSpGV+RLufg3fNU254DBtvPU -Z5uW6M7XxgpT0GtJlvOjCwV3SPcl5XCsMBQgJeN/dVrlSPhOewMHBPqCYYdu8DvE -pMfQ9XQ+pV0aCPKbJdL2rAQmPlU6Yiile7Iwr/g3wtG61jj99O9JMDeZJiFIhQGp -5Rbn3JBV3w/oOM2ZNyFPXfUib2rFEhZgF1XyZWampzCROME4HYYEhLoaJXhena/M -UGDWE4dS7WMfbWV9whUYdMrhfmQpjHLYFhN9C0lK8SgbIHRrxT3dsKpICT0ugpTN -GmXZK4iambwYfp/ufWZ8Pr2UuIHOzZgweMFvZ9C+X+Bo7d7iscksWXiSqt8rYGPy -5V6548r6f1CGPqI0GAwJaCgRHOThuVw+R7oyPxjMW4T182t0xHJ04eOLoEq9jWYv -6q012iDTiIJh8BIitrzQ1aTsr1SIJSQ8p22xcik/Plemf1WvbibG/ufMQFxRRIEK -eN5KzlW/HdXZt1bv8Hb/C3m1r737qWmRRpdogBQ2HbN/uymYNqUg+oJgYjOk7Na6 -B6duxc8UpufWkjTYgfX8HV2qXB72o007uPc5AgMBAAGjgZcwgZQwDwYDVR0TAQH/ -BAUwAwEB/zBSBgNVHSAESzBJMEcGBFUdIAAwPzA9BggrBgEFBQcCARYxaHR0cDov -L3d3dy5wa2lvdmVyaGVpZC5ubC9wb2xpY2llcy9yb290LXBvbGljeS1HMjAOBgNV -HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFJFoMocVHYnitfGsNig0jQt8YojrMA0GCSqG -SIb3DQEBCwUAA4ICAQCoQUpnKpKBglBu4dfYszk78wIVCVBR7y29JHuIhjv5tLyS -CZa59sCrI2AGeYwRTlHSeYAz+51IvuxBQ4EffkdAHOV6CMqqi3WtFMTC6GY8ggen -5ieCWxjmD27ZUD6KQhgpxrRW/FYQoAUXvQwjf/ST7ZwaUb7dRUG/kSS0H4zpX897 -IZmflZ85OkYcbPnNe5yQzSipx6lVu6xiNGI1E0sUOlWDuYaNkqbG9AclVMwWVxJK -gnjIFNkXgiYtXSAfea7+1HAWFpWD2DU5/1JddRwWxRNVz0fMdWVSSt7wsKfkCpYL -+63C4iWEst3kvX5ZbJvw8NjnyvLplzh+ib7M+zkXYT9y2zqR2GUBGR2tUKRXCnxL -vJxxcypFURmFzI79R6d0lR2o0a9OF7FpJsKqeFdbxU2n5Z4FF5TKsl+gSRiNNOkm -bEgeqmiSBeGCc1qb3AdbCG19ndeNIdn8FCCqwkXfP+cAslHkwvgFuXkajDTznlvk -N1trSt8sV4pAWja63XVECDdCcAz+3F4hoKOKwJCcaNpQ5kUQR3i2TtJlycM33+FC -Y7BXN0Ute4qcvwXqZVUz9zkQxSgqIXobisQk+T8VyJoVIPVVYpbtbZNQvOSqeK3Z -ywplh6ZmwcSBo3c6WB4L7oOLnR7SUqTMHW+wmG2UMbX4cQrcufx9MmDm66+KAQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFdDCCA1ygAwIBAgIEAJiiOTANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJO -TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSswKQYDVQQDDCJTdGFh -dCBkZXIgTmVkZXJsYW5kZW4gUm9vdCBDQSAtIEczMB4XDTEzMTExNDExMjg0MloX -DTI4MTExMzIzMDAwMFowWjELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRl -ciBOZWRlcmxhbmRlbjErMCkGA1UEAwwiU3RhYXQgZGVyIE5lZGVybGFuZGVuIFJv -b3QgQ0EgLSBHMzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAL4yolQP -cPssXFnrbMSkUeiFKrPMSjTysF/zDsccPVMeiAho2G89rcKezIJnByeHaHE6n3WW -IkYFsO2tx1ueKt6c/DrGlaf1F2cY5y9JCAxcz+bMNO14+1Cx3Gsy8KL+tjzk7FqX -xz8ecAgwoNzFs21v0IJyEavSgWhZghe3eJJg+szeP4TrjTgzkApyI/o1zCZxMdFy -KJLZWyNtZrVtB0LrpjPOktvA9mxjeM3KTj215VKb8b475lRgsGYeCasH/lSJEULR -9yS6YHgamPfJEf0WwTUaVHXvQ9Plrk7O53vDxk5hUUurmkVLoR9BvUhTFXFkC4az -5S6+zqQbwSmEorXLCCN2QyIkHxcE1G6cxvx/K2Ya7Irl1s9N9WMJtxU51nus6+N8 -6U78dULI7ViVDAZCopz35HCz33JvWjdAidiFpNfxC95DGdRKWCyMijmev4SH8RY7 -Ngzp07TKbBlBUgmhHbBqv4LvcFEhMtwFdozL92TkA1CvjJFnq8Xy7ljY3r735zHP -bMk7ccHViLVlvMDoFxcHErVc0qsgk7TmgoNwNsXNo42ti+yjwUOH5kPiNL6VizXt -BznaqB16nzaeErAMZRKQFWDZJkBE41ZgpRDUajz9QdwOWke275dhdU/Z/seyHdTt -XUmzqWrLZoQT1Vyg3N9udwbRcXXIV2+vD3dbAgMBAAGjQjBAMA8GA1UdEwEB/wQF -MAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRUrfrHkleuyjWcLhL75Lpd -INyUVzANBgkqhkiG9w0BAQsFAAOCAgEAMJmdBTLIXg47mAE6iqTnB/d6+Oea31BD -U5cqPco8R5gu4RV78ZLzYdqQJRZlwJ9UXQ4DO1t3ApyEtg2YXzTdO2PCwyiBwpwp -LiniyMMB8jPqKqrMCQj3ZWfGzd/TtiunvczRDnBfuCPRy5FOCvTIeuXZYzbB1N/8 -Ipf3YF3qKS9Ysr1YvY2WTxB1v0h7PVGHoTx0IsL8B3+A3MSs/mrBcDCw6Y5p4ixp -gZQJut3+TcCDjJRYwEYgr5wfAvg1VUkvRtTA8KCWAg8zxXHzniN9lLf9OtMJgwYh -/WA9rjLA0u6NpvDntIJ8CsxwyXmA+P5M9zWEGYox+wrZ13+b8KKaa8MFSu1BYBQw -0aoRQm7TIwIEC8Zl3d1Sd9qBa7Ko+gE4uZbqKmxnl4mUnrzhVNXkanjvSr0rmj1A -fsbAddJu+2gw7OyLnflJNZoaLNmzlTnVHpL3prllL+U9bTpITAjc5CgSKL59NVzq -4BZ+Extq1z7XnvwtdbLBFNUjA9tbbws+eC8N3jONFrdI54OagQ97wUNNVQQXOEpR -1VmiiXTTn74eS9fGbbeIJG9gkaSChVtWQbzQRKtqE77RLFi3EjNYsjdj3BP1lB0/ -QFH1T/U67cjF68IeHRaVesd+QnGTbksVtzDfqu1XhUisHWrdOWnk4Xl4vs4Fv6EM -94B7IWcnMFk= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEDzCCAvegAwIBAgIBADANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJVUzEl -MCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMp -U3RhcmZpZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQw -NjI5MTczOTE2WhcNMzQwNjI5MTczOTE2WjBoMQswCQYDVQQGEwJVUzElMCMGA1UE -ChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMpU3RhcmZp -ZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggEgMA0GCSqGSIb3 -DQEBAQUAA4IBDQAwggEIAoIBAQC3Msj+6XGmBIWtDBFk385N78gDGIc/oav7PKaf -8MOh2tTYbitTkPskpD6E8J7oX+zlJ0T1KKY/e97gKvDIr1MvnsoFAZMej2YcOadN -+lq2cwQlZut3f+dZxkqZJRRU6ybH838Z1TBwj6+wRir/resp7defqgSHo9T5iaU0 -X9tDkYI22WY8sbi5gv2cOj4QyDvvBmVmepsZGD3/cVE8MC5fvj13c7JdBmzDI1aa -K4UmkhynArPkPw2vCHmCuDY96pzTNbO8acr1zJ3o/WSNF4Azbl5KXZnJHoe0nRrA -1W4TNSNe35tfPe/W93bC6j67eA0cQmdrBNj41tpvi/JEoAGrAgEDo4HFMIHCMB0G -A1UdDgQWBBS/X7fRzt0fhvRbVazc1xDCDqmI5zCBkgYDVR0jBIGKMIGHgBS/X7fR -zt0fhvRbVazc1xDCDqmI56FspGowaDELMAkGA1UEBhMCVVMxJTAjBgNVBAoTHFN0 -YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xMjAwBgNVBAsTKVN0YXJmaWVsZCBD -bGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMAwGA1UdEwQFMAMBAf8w -DQYJKoZIhvcNAQEFBQADggEBAAWdP4id0ckaVaGsafPzWdqbAYcaT1epoXkJKtv3 -L7IezMdeatiDh6GX70k1PncGQVhiv45YuApnP+yz3SFmH8lU+nLMPUxA2IGvd56D -eruix/U0F47ZEUD0/CwqTRV/p2JdLiXTAAsgGh1o+Re49L2L7ShZ3U0WixeDyLJl -xy16paq8U4Zt3VekyvggQQto8PT7dL5WXXp59fkdheMtlb71cZBDzI0fmgAKhynp -VSJYACPq4xJDKVtHCN2MQWplBqjlIapBtJUhlbl90TSrE9atvNziPTnNvT51cKEY -WQPJIrSPnNVeKtelttQKbfi3QBFGmh95DmK/D5fs4C8fF5Q= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID3TCCAsWgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBjzELMAkGA1UEBhMCVVMx -EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoT -HFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xMjAwBgNVBAMTKVN0YXJmaWVs -ZCBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5MDkwMTAwMDAw -MFoXDTM3MTIzMTIzNTk1OVowgY8xCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6 -b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFyZmllbGQgVGVj -aG5vbG9naWVzLCBJbmMuMTIwMAYDVQQDEylTdGFyZmllbGQgUm9vdCBDZXJ0aWZp -Y2F0ZSBBdXRob3JpdHkgLSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC -ggEBAL3twQP89o/8ArFvW59I2Z154qK3A2FWGMNHttfKPTUuiUP3oWmb3ooa/RMg -nLRJdzIpVv257IzdIvpy3Cdhl+72WoTsbhm5iSzchFvVdPtrX8WJpRBSiUZV9Lh1 -HOZ/5FSuS/hVclcCGfgXcVnrHigHdMWdSL5stPSksPNkN3mSwOxGXn/hbVNMYq/N -Hwtjuzqd+/x5AJhhdM8mgkBj87JyahkNmcrUDnXMN/uLicFZ8WJ/X7NfZTD4p7dN -dloedl40wOiWVpmKs/B/pM293DIxfJHP4F8R+GuqSVzRmZTRouNjWwl2tVZi4Ut0 -HZbUJtQIBFnQmA4O5t78w+wfkPECAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAO -BgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFHwMMh+n2TB/xH1oo2Kooc6rB1snMA0G -CSqGSIb3DQEBCwUAA4IBAQARWfolTwNvlJk7mh+ChTnUdgWUXuEok21iXQnCoKjU -sHU48TRqneSfioYmUeYs0cYtbpUgSpIB7LiKZ3sx4mcujJUDJi5DnUox9g61DLu3 -4jd/IroAow57UvtruzvE03lRTs2Q9GcHGcg8RnoNAX3FWOdt5oUwF5okxBDgBPfg -8n/Uqgr/Qh037ZTlZFkSIHc40zI+OIF1lnP6aI+xy84fxez6nH7PfrHxBy22/L/K -pL/QlwVKvOoYKAKQvVR4CSFx09F9HdkWsKlhPdAKACL8x3vLCWRFCztAgfd9fDL1 -mMpYjn0q7pBZc2T5NnReJaH1ZgUufzkVqSr7UIuOhWn0 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID7zCCAtegAwIBAgIBADANBgkqhkiG9w0BAQsFADCBmDELMAkGA1UEBhMCVVMx -EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoT -HFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xOzA5BgNVBAMTMlN0YXJmaWVs -ZCBTZXJ2aWNlcyBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5 -MDkwMTAwMDAwMFoXDTM3MTIzMTIzNTk1OVowgZgxCzAJBgNVBAYTAlVTMRAwDgYD -VQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFy -ZmllbGQgVGVjaG5vbG9naWVzLCBJbmMuMTswOQYDVQQDEzJTdGFyZmllbGQgU2Vy -dmljZXMgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBANUMOsQq+U7i9b4Zl1+OiFOxHz/Lz58gE20p -OsgPfTz3a3Y4Y9k2YKibXlwAgLIvWX/2h/klQ4bnaRtSmpDhcePYLQ1Ob/bISdm2 -8xpWriu2dBTrz/sm4xq6HZYuajtYlIlHVv8loJNwU4PahHQUw2eeBGg6345AWh1K -Ts9DkTvnVtYAcMtS7nt9rjrnvDH5RfbCYM8TWQIrgMw0R9+53pBlbQLPLJGmpufe -hRhJfGZOozptqbXuNC66DQO4M99H67FrjSXZm86B0UVGMpZwh94CDklDhbZsc7tk -6mFBrMnUVN+HL8cisibMn1lUaJ/8viovxFUcdUBgF4UCVTmLfwUCAwEAAaNCMEAw -DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFJxfAN+q -AdcwKziIorhtSpzyEZGDMA0GCSqGSIb3DQEBCwUAA4IBAQBLNqaEd2ndOxmfZyMI -bw5hyf2E3F/YNoHN2BtBLZ9g3ccaaNnRbobhiCPPE95Dz+I0swSdHynVv/heyNXB -ve6SbzJ08pGCL72CQnqtKrcgfU28elUSwhXqvfdqlS5sdJ/PHLTyxQGjhdByPq1z -qwubdQxtRbeOlKyWN7Wg0I8VRw7j6IPdj/3vQQF3zCepYoUz8jcI73HPdwbeyBkd -iEDPfUYd/x7H4c7/I9vG+o1VTqkC50cRRj70/b17KSa7qWFiNyi2LSr2EIZkyXCn -0q23KXB56jzaYyWf/Wi3MOxw+3WKt21gZ7IeyLnp2KhvAotnDU0mV3HaIPzBSlCN -sSi6 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFujCCA6KgAwIBAgIJALtAHEP1Xk+wMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV -BAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcxHzAdBgNVBAMTFlN3aXNzU2ln -biBHb2xkIENBIC0gRzIwHhcNMDYxMDI1MDgzMDM1WhcNMzYxMDI1MDgzMDM1WjBF -MQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dpc3NTaWduIEFHMR8wHQYDVQQDExZT -d2lzc1NpZ24gR29sZCBDQSAtIEcyMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC -CgKCAgEAr+TufoskDhJuqVAtFkQ7kpJcyrhdhJJCEyq8ZVeCQD5XJM1QiyUqt2/8 -76LQwB8CJEoTlo8jE+YoWACjR8cGp4QjK7u9lit/VcyLwVcfDmJlD909Vopz2q5+ -bbqBHH5CjCA12UNNhPqE21Is8w4ndwtrvxEvcnifLtg+5hg3Wipy+dpikJKVyh+c -6bM8K8vzARO/Ws/BtQpgvd21mWRTuKCWs2/iJneRjOBiEAKfNA+k1ZIzUd6+jbqE -emA8atufK+ze3gE/bk3lUIbLtK/tREDFylqM2tIrfKjuvqblCqoOpd8FUrdVxyJd -MmqXl2MT28nbeTZ7hTpKxVKJ+STnnXepgv9VHKVxaSvRAiTysybUa9oEVeXBCsdt -MDeQKuSeFDNeFhdVxVu1yzSJkvGdJo+hB9TGsnhQ2wwMC3wLjEHXuendjIj3o02y -MszYF9rNt85mndT9Xv+9lz4pded+p2JYryU0pUHHPbwNUMoDAw8IWh+Vc3hiv69y -FGkOpeUDDniOJihC8AcLYiAQZzlG+qkDzAQ4embvIIO1jEpWjpEA/I5cgt6IoMPi -aG59je883WX0XaxR7ySArqpWl2/5rX3aYT+YdzylkbYcjCbaZaIJbcHiVOO5ykxM -gI93e2CaHt+28kgeDrpOVG2Y4OGiGqJ3UM/EY5LsRxmd6+ZrzsECAwEAAaOBrDCB -qTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUWyV7 -lqRlUX64OfPAeGZe6Drn8O4wHwYDVR0jBBgwFoAUWyV7lqRlUX64OfPAeGZe6Drn -8O4wRgYDVR0gBD8wPTA7BglghXQBWQECAQEwLjAsBggrBgEFBQcCARYgaHR0cDov -L3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS8wDQYJKoZIhvcNAQEFBQADggIBACe6 -45R88a7A3hfm5djV9VSwg/S7zV4Fe0+fdWavPOhWfvxyeDgD2StiGwC5+OlgzczO -UYrHUDFu4Up+GC9pWbY9ZIEr44OE5iKHjn3g7gKZYbge9LgriBIWhMIxkziWMaa5 -O1M/wySTVltpkuzFwbs4AOPsF6m43Md8AYOfMke6UiI0HTJ6CVanfCU2qT1L2sCC -bwq7EsiHSycR+R4tx5M/nttfJmtS2S6K8RTGRI0Vqbe/vd6mGu6uLftIdxf+u+yv -GPUqUfA5hJeVbG4bwyvEdGB5JbAKJ9/fXtI5z0V9QkvfsywexcZdylU6oJxpmo/a -77KwPJ+HbBIrZXAVUjEaJM9vMSNQH4xPjyPDdEFjHFWoFN0+4FFQz/EbMFYOkrCC -hdiDyyJkvC24JdVUorgG6q2SpCSgwYa1ShNqR88uC1aVVMvOmttqtKay20EIhid3 -92qgQmwLOM7XdVAyksLfKzAiSNDVQTglXaTpXZ/GlHXQRf0wl0OPkKsKx4ZzYEpp -Ld6leNcG2mqeSz53OiATIgHQv2ieY2BrNU0LbbqhPcCT4H8js1WtciVORvnSFu+w -ZMEBnunKoGqYDs/YYPIvSbjkQuE4NRb0yG5P94FW6LqjviOvrv1vA+ACOzB2+htt -Qc8Bsem4yWb02ybzOqR08kkkW8mw0FfB+j564ZfJ ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFwTCCA6mgAwIBAgIITrIAZwwDXU8wDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE -BhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEjMCEGA1UEAxMaU3dpc3NTaWdu -IFBsYXRpbnVtIENBIC0gRzIwHhcNMDYxMDI1MDgzNjAwWhcNMzYxMDI1MDgzNjAw -WjBJMQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dpc3NTaWduIEFHMSMwIQYDVQQD -ExpTd2lzc1NpZ24gUGxhdGludW0gQ0EgLSBHMjCCAiIwDQYJKoZIhvcNAQEBBQAD -ggIPADCCAgoCggIBAMrfogLi2vj8Bxax3mCq3pZcZB/HL37PZ/pEQtZ2Y5Wu669y -IIpFR4ZieIbWIDkm9K6j/SPnpZy1IiEZtzeTIsBQnIJ71NUERFzLtMKfkr4k2Htn -IuJpX+UFeNSH2XFwMyVTtIc7KZAoNppVRDBopIOXfw0enHb/FZ1glwCNioUD7IC+ -6ixuEFGSzH7VozPY1kneWCqv9hbrS3uQMpe5up1Y8fhXSQQeol0GcN1x2/ndi5ob -jM89o03Oy3z2u5yg+gnOI2Ky6Q0f4nIoj5+saCB9bzuohTEJfwvH6GXp43gOCWcw -izSC+13gzJ2BbWLuCB4ELE6b7P6pT1/9aXjvCR+htL/68++QHkwFix7qepF6w9fl -+zC8bBsQWJj3Gl/QKTIDE0ZNYWqFTFJ0LwYfexHihJfGmfNtf9dng34TaNhxKFrY -zt3oEBSa/m0jh26OWnA81Y0JAKeqvLAxN23IhBQeW71FYyBrS3SMvds6DsHPWhaP -pZjydomyExI7C3d3rLvlPClKknLKYRorXkzig3R3+jVIeoVNjZpTxN94ypeRSCtF -KwH3HBqi7Ri6Cr2D+m+8jVeTO9TUps4e8aCxzqv9KyiaTxvXw3LbpMS/XUz13XuW -ae5ogObnmLo2t/5u7Su9IPhlGdpVCX4l3P5hYnL5fhgC72O00Puv5TtjjGePAgMB -AAGjgawwgakwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O -BBYEFFCvzAeHFUdvOMW0ZdHelarp35zMMB8GA1UdIwQYMBaAFFCvzAeHFUdvOMW0 -ZdHelarp35zMMEYGA1UdIAQ/MD0wOwYJYIV0AVkBAQEBMC4wLAYIKwYBBQUHAgEW -IGh0dHA6Ly9yZXBvc2l0b3J5LnN3aXNzc2lnbi5jb20vMA0GCSqGSIb3DQEBBQUA -A4ICAQAIhab1Fgz8RBrBY+D5VUYI/HAcQiiWjrfFwUF1TglxeeVtlspLpYhg0DB0 -uMoI3LQwnkAHFmtllXcBrqS3NQuB2nEVqXQXOHtYyvkv+8Bldo1bAbl93oI9ZLi+ -FHSjClTTLJUYFzX1UWs/j6KWYTl4a0vlpqD4U99REJNi54Av4tHgvI42Rncz7Lj7 -jposiU0xEQ8mngS7twSNC/K5/FqdOxa3L8iYq/6KUFkuozv8KV2LwUvJ4ooTHbG/ -u0IdUt1O2BReEMYxB+9xJ/cbOQncguqLs5WGXv312l0xpuAxtpTmREl0xRbl9x8D -YSjFyMsSoEJL+WuICI20MhjzdZ/EfwBPBZWcoxcCw7NTm6ogOSkrZvqdr16zktK1 -puEa+S1BaYEUtLS17Yk9zvupnTVCRLEcFHOBzyoBNZox1S2PbYTfgE1X4z/FhHXa -icYwu+uPyyIIoK6q8QNsOktNCaUOcsZWayFCTiMlFGiudgp8DAdwZPmaL/YFOSbG -DI8Zf0NebvRbFS/bYV3mZy8/CJT5YLSYMdp08YSTcU1f+2BY0fvEwW2JorsgH51x -kcsymxM9Pn2SUjWskpSi0xjCfMfqr3YFFt1nJ8J+HAciIfNAChs0B0QTwoRqjt8Z -Wr9/6x3iGjjRXK9HkmuAtTClyY3YqzGBH9/CZjfTk6mFhnll0g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFvTCCA6WgAwIBAgIITxvUL1S7L0swDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UE -BhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEhMB8GA1UEAxMYU3dpc3NTaWdu -IFNpbHZlciBDQSAtIEcyMB4XDTA2MTAyNTA4MzI0NloXDTM2MTAyNTA4MzI0Nlow -RzELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEhMB8GA1UEAxMY -U3dpc3NTaWduIFNpbHZlciBDQSAtIEcyMIICIjANBgkqhkiG9w0BAQEFAAOCAg8A -MIICCgKCAgEAxPGHf9N4Mfc4yfjDmUO8x/e8N+dOcbpLj6VzHVxumK4DV644N0Mv -Fz0fyM5oEMF4rhkDKxD6LHmD9ui5aLlV8gREpzn5/ASLHvGiTSf5YXu6t+WiE7br -YT7QbNHm+/pe7R20nqA1W6GSy/BJkv6FCgU+5tkL4k+73JU3/JHpMjUi0R86TieF -nbAVlDLaYQ1HTWBCrpJH6INaUFjpiou5XaHc3ZlKHzZnu0jkg7Y360g6rw9njxcH -6ATK72oxh9TAtvmUcXtnZLi2kUpCe2UuMGoM9ZDulebyzYLs2aFK7PayS+VFheZt -eJMELpyCbTapxDFkH4aDCyr0NQp4yVXPQbBH6TCfmb5hqAaEuSh6XzjZG6k4sIN/ -c8HDO0gqgg8hm7jMqDXDhBuDsz6+pJVpATqJAHgE2cn0mRmrVn5bi4Y5FZGkECwJ -MoBgs5PAKrYYC51+jUnyEEp/+dVGLxmSo5mnJqy7jDzmDrxHB9xzUfFwZC8I+bRH -HTBsROopN4WSaGa8gzj+ezku01DwH/teYLappvonQfGbGHLy9YR0SslnxFSuSGTf -jNFusB3hB48IHpmccelM2KX3RxIfdNFRnobzwqIjQAtz20um53MGjMGg6cFZrEb6 -5i/4z3GcRm25xBWNOHkDRUjvxF3XCO6HOSKGsg0PWEP3calILv3q1h8CAwEAAaOB -rDCBqTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU -F6DNweRBtjpbO8tFnb0cwpj6hlgwHwYDVR0jBBgwFoAUF6DNweRBtjpbO8tFnb0c -wpj6hlgwRgYDVR0gBD8wPTA7BglghXQBWQEDAQEwLjAsBggrBgEFBQcCARYgaHR0 -cDovL3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS8wDQYJKoZIhvcNAQEFBQADggIB -AHPGgeAn0i0P4JUw4ppBf1AsX19iYamGamkYDHRJ1l2E6kFSGG9YrVBWIGrGvShp -WJHckRE1qTodvBqlYJ7YH39FkWnZfrt4csEGDyrOj4VwYaygzQu4OSlWhDJOhrs9 -xCrZ1x9y7v5RoSJBsXECYxqCsGKrXlcSH9/L3XWgwF15kIwb4FDm3jH+mHtwX6WQ -2K34ArZv02DdQEsixT2tOnqfGhpHkXkzuoLcMmkDlm4fS/Bx/uNncqCxv1yL5PqZ -IseEuRuNI5c/7SXgz2W79WEE790eslpBIlqhn10s6FvJbakMDHiqYMZWjwFaDGi8 -aRl5xB9+lwW/xekkUV7U1UtT7dkjWjYDZaPBA61BMPNGG4WQr2W11bHkFlt4dR2X -em1ZqSqPe97Dh4kQmUlzeMg9vVE1dCrV8X5pGyq7O70luJpaPXJhkGaH7gzWTdQR -dAtq/gsD/KNVV4n+SsuuWxcFyPKNIzFTONItaj+CuY0IavdeQXRuwxF+B6wpYJE/ -OMpXEA29MC/HpeZBoNquBYeaoKRlbEwJDIm6uNO5wJOKMPqN5ZprFQFOZ6raYlY+ -hAhm0sQ2fac+EPyI4NSA5QC9qvNOBqN6avlicuMJT+ubDgEj8Z+7fNzcbBGXJbLy -tGMU0gYqZ4yD9c7qB9iaah7s5Aq7KkzrCWA5zspi2C5u ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF2TCCA8GgAwIBAgIQHp4o6Ejy5e/DfEoeWhhntjANBgkqhkiG9w0BAQsFADBk -MQswCQYDVQQGEwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0 -YWwgQ2VydGlmaWNhdGUgU2VydmljZXMxGzAZBgNVBAMTElN3aXNzY29tIFJvb3Qg -Q0EgMjAeFw0xMTA2MjQwODM4MTRaFw0zMTA2MjUwNzM4MTRaMGQxCzAJBgNVBAYT -AmNoMREwDwYDVQQKEwhTd2lzc2NvbTElMCMGA1UECxMcRGlnaXRhbCBDZXJ0aWZp -Y2F0ZSBTZXJ2aWNlczEbMBkGA1UEAxMSU3dpc3Njb20gUm9vdCBDQSAyMIICIjAN -BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAlUJOhJ1R5tMJ6HJaI2nbeHCOFvEr -jw0DzpPMLgAIe6szjPTpQOYXTKueuEcUMncy3SgM3hhLX3af+Dk7/E6J2HzFZ++r -0rk0X2s682Q2zsKwzxNoysjL67XiPS4h3+os1OD5cJZM/2pYmLcX5BtS5X4HAB1f -2uY+lQS3aYg5oUFgJWFLlTloYhyxCwWJwDaCFCE/rtuh/bxvHGCGtlOUSbkrRsVP -ACu/obvLP+DHVxxX6NZp+MEkUp2IVd3Chy50I9AU/SpHWrumnf2U5NGKpV+GY3aF -y6//SSj8gO1MedK75MDvAe5QQQg1I3ArqRa0jG6F6bYRzzHdUyYb3y1aSgJA/MTA -tukxGggo5WDDH8SQjhBiYEQN7Aq+VRhxLKX0srwVYv8c474d2h5Xszx+zYIdkeNL -6yxSNLCK/RJOlrDrcH+eOfdmQrGrrFLadkBXeyq96G4DsguAhYidDMfCd7Camlf0 -uPoTXGiTOmekl9AbmbeGMktg2M7v0Ax/lZ9vh0+Hio5fCHyqW/xavqGRn1V9TrAL -acywlKinh/LTSlDcX3KwFnUey7QYYpqwpzmqm59m2I2mbJYV4+by+PGDYmy7Velh -k6M99bFXi08jsJvllGov34zflVEpYKELKeRcVVi3qPyZ7iVNTA6z00yPhOgpD/0Q -VAKFyPnlw4vP5w8CAwEAAaOBhjCBgzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0hBBYw -FDASBgdghXQBUwIBBgdghXQBUwIBMBIGA1UdEwEB/wQIMAYBAf8CAQcwHQYDVR0O -BBYEFE0mICKJS9PVpAqhb97iEoHF8TwuMB8GA1UdIwQYMBaAFE0mICKJS9PVpAqh -b97iEoHF8TwuMA0GCSqGSIb3DQEBCwUAA4ICAQAyCrKkG8t9voJXiblqf/P0wS4R -fbgZPnm3qKhyN2abGu2sEzsOv2LwnN+ee6FTSA5BesogpxcbtnjsQJHzQq0Qw1zv -/2BZf82Fo4s9SBwlAjxnffUy6S8w5X2lejjQ82YqZh6NM4OKb3xuqFp1mrjX2lhI -REeoTPpMSQpKwhI3qEAMw8jh0FcNlzKVxzqfl9NX+Ave5XLzo9v/tdhZsnPdTSpx -srpJ9csc1fV5yJmz/MFMdOO0vSk3FQQoHt5FRnDsr7p4DooqzgB53MBfGWcsa0vv -aGgLQ+OswWIJ76bdZWGgr4RVSJFSHMYlkSrQwSIjYVmvRRGFHQEkNI/Ps/8XciAT -woCqISxxOQ7Qj1zB09GOInJGTB2Wrk9xseEFKZZZ9LuedT3PDTcNYtsmjGOpI99n -Bjx8Oto0QuFmtEYE3saWmA9LSHokMnWRn6z3aOkquVVlzl1h0ydw2Df+n7mvoC5W -t6NlUe07qxS/TFED6F+KBZvuim6c779o+sjaC+NCydAXFJy3SuCvkychVSa1ZC+N -8f+mQAWFBVzKBxlcCxMoTFh/wqXvRdpg065lYZ1Tg3TCrvJcwhbtkj6EPnNgiLx2 -9CzP0H1907he0ZESEOnN3col49XtmS++dYFLJPlFRpTJKSFTnCZFqhMX5OfNeOI5 -wSsSnqaeG8XmDtkx2Q== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICqDCCAi2gAwIBAgIQIW4zpcvTiKRvKQe0JzzE2DAKBggqhkjOPQQDAzCBlDEL -MAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYD -VQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRlYyBD -bGFzcyAxIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0g -RzQwHhcNMTExMDA1MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBlDELMAkGA1UEBhMC -VVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYDVQQLExZTeW1h -bnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRlYyBDbGFzcyAxIFB1 -YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzQwdjAQBgcq -hkjOPQIBBgUrgQQAIgNiAATXZrUb266zYO5G6ohjdTsqlG3zXxL24w+etgoUU0hS -yNw6s8tIICYSTvqJhNTfkeQpfSgB2dsYQ2mhH7XThhbcx39nI9/fMTGDAzVwsUu3 -yBe7UcvclBfb6gk7dhLeqrWjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E -BTADAQH/MB0GA1UdDgQWBBRlwI0l9Qy6l3eQP54u4Fr1ztXh5DAKBggqhkjOPQQD -AwNpADBmAjEApa7jRlP4mDbjIvouKEkN7jB+M/PsP3FezFWJeJmssv3cHFwzjim5 -axfIEWi13IMHAjEAnMhE2mnCNsNUGRCFAtqdR+9B52wmnQk9922Q0QVEL7C8g5No -8gxFSTm/mQQc0xCg ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID9jCCAt6gAwIBAgIQJDJ18h0v0gkz97RqytDzmDANBgkqhkiG9w0BAQsFADCB -lDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8w -HQYDVQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRl -YyBDbGFzcyAxIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5 -IC0gRzYwHhcNMTExMDE4MDAwMDAwWhcNMzcxMjAxMjM1OTU5WjCBlDELMAkGA1UE -BhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYDVQQLExZT -eW1hbnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRlYyBDbGFzcyAx -IFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzYwggEi -MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHOddJZKmZgiJM6kXZBxbje/SD -6Jlz+muxNuCad6BAwoGNAcfMjL2Pffd543pMA03Z+/2HOCgs3ZqLVAjbZ/sbjP4o -ki++t7JIp4Gh2F6Iw8w5QEFa0dzl2hCfL9oBTf0uRnz5LicKaTfukaMbasxEvxvH -w9QRslBglwm9LiL1QYRmn81ApqkAgMEflZKf3vNI79sdd2H8f9/ulqRy0LY+/3gn -r8uSFWkI22MQ4uaXrG7crPaizh5HmbmJtxLmodTNWRFnw2+F2EJOKL5ZVVkElauP -N4C/DfD8HzpkMViBeNfiNfYgPym4jxZuPkjctUwH4fIa6n4KedaovetdhitNAgMB -AAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQW -BBQzQejIORIVk0jyljIuWvXalF9TYDANBgkqhkiG9w0BAQsFAAOCAQEAFeNzV7EX -tl9JaUSm9l56Z6zS3nVJq/4lVcc6yUQVEG6/MWvL2QeTfxyFYwDjMhLgzMv7OWyP -4lPiPEAz2aSMR+atWPuJr+PehilWNCxFuBL6RIluLRQlKCQBZdbqUqwFblYSCT3Q -dPTXvQbKqDqNVkL6jXI+dPEDct+HG14OelWWLDi3mIXNTTNEyZSPWjEwN0ujOhKz -5zbRIWhLLTjmU64cJVYIVgNnhJ3Gw84kYsdMNs+wBkS39V8C3dlU6S+QTnrIToNA -DJqXPDe/v+z28LSFdyjBC8hnghAXOKK3Buqbvzr46SMHv3TgmDgVVXjucgBcGaP0 -0jPg/73RVDkpDw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICqDCCAi2gAwIBAgIQNBdlEkA7t1aALYDLeVWmHjAKBggqhkjOPQQDAzCBlDEL -MAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYD -VQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRlYyBD -bGFzcyAyIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0g -RzQwHhcNMTExMDA1MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBlDELMAkGA1UEBhMC -VVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYDVQQLExZTeW1h -bnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRlYyBDbGFzcyAyIFB1 -YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzQwdjAQBgcq -hkjOPQIBBgUrgQQAIgNiAATR2UqOTA2ESlG6fO/TzPo6mrWnYxM9AeBJPvrBR8mS -szrX/m+c95o6D/UOCgrDP8jnEhSO1dVtmCyzcTIK6yq99tdqIAtnRZzSsr9TImYJ -XdsR8/EFM1ij4rjPfM2Cm72jQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E -BTADAQH/MB0GA1UdDgQWBBQ9MvM6qQyQhPmijGkGYVQvh3L+BTAKBggqhkjOPQQD -AwNpADBmAjEAyKapr0F/tckRQhZoaUxcuCcYtpjxwH+QbYfTjEYX8D5P/OqwCMR6 -S7wIL8fip29lAjEA1lnehs5fDspU1cbQFQ78i5Ry1I4AWFPPfrFLDeVQhuuea9// -KabYR9mglhjb8kWz ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID9jCCAt6gAwIBAgIQZIKe/DcedF38l/+XyLH/QTANBgkqhkiG9w0BAQsFADCB -lDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8w -HQYDVQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRl -YyBDbGFzcyAyIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5 -IC0gRzYwHhcNMTExMDE4MDAwMDAwWhcNMzcxMjAxMjM1OTU5WjCBlDELMAkGA1UE -BhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYDVQQLExZT -eW1hbnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRlYyBDbGFzcyAy -IFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzYwggEi -MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNzOkFyGOFyz9AYxe9GPo15gRn -V2WYKaRPyVyPDzTS+NqoE2KquB5QZ3iwFkygOakVeq7t0qLA8JA3KRgmXOgNPLZs -ST/B4NzZS7YUGQum05bh1gnjGSYc+R9lS/kaQxwAg9bQqkmi1NvmYji6UBRDbfkx -+FYW2TgCkc/rbN27OU6Z4TBnRfHU8I3D3/7yOAchfQBeVkSz5GC9kSucq1sEcg+y -KNlyqwUgQiWpWwNqIBDMMfAr2jUs0Pual07wgksr2F82owstr2MNHSV/oW5cYqGN -KD6h/Bwg+AEvulWaEbAZ0shQeWsOagXXqgQ2sqPy4V93p3ec5R7c6d9qwWVdAgMB -AAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQW -BBSHjCCVyJhK0daABkqQNETfHE2/sDANBgkqhkiG9w0BAQsFAAOCAQEAgY6ypWaW -tyGltu9vI1pf24HFQqV4wWn99DzX+VxrcHIa/FqXTQCAiIiCisNxDY7FiZss7Y0L -0nJU9X3UXENX6fOupQIR9nYrgVfdfdp0MP1UR/bgFm6mtApI5ud1Bw8pGTnOefS2 -bMVfmdUfS/rfbSw8DVSAcPCIC4DPxmiiuB1w2XaM/O6lyc+tHc+ZJVdaYkXLFmu9 -Sc2lo4xpeSWuuExsi0BmSxY/zwIa3eFsawdhanYVKZl/G92IgMG/tY9zxaaWI4Sm -KIYkM2oBLldzJbZev4/mHWGoQClnHYebHX+bn5nNMdZUvmK7OaxoEkiRIKXLsd3+ -b/xa5IJVWa8xqQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUx -KzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAd -BgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNl -YyBHbG9iYWxSb290IENsYXNzIDIwHhcNMDgxMDAxMTA0MDE0WhcNMzMxMDAxMjM1 -OTU5WjCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnBy -aXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50 -ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDIwggEiMA0G -CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqX9obX+hzkeXaXPSi5kfl82hVYAUd -AqSzm1nzHoqvNK38DcLZSBnuaY/JIPwhqgcZ7bBcrGXHX+0CfHt8LRvWurmAwhiC -FoT6ZrAIxlQjgeTNuUk/9k9uN0goOA/FvudocP05l03Sx5iRUKrERLMjfTlH6VJi -1hKTXrcxlkIF+3anHqP1wvzpesVsqXFP6st4vGCvx9702cu+fjOlbpSD8DT6Iavq -jnKgP6TeMFvvhk1qlVtDRKgQFRzlAVfFmPHmBiiRqiDFt1MmUUOyCxGVWOHAD3bZ -wI18gfNycJ5v/hqO2V81xrJvNHy+SE/iWjnX2J14np+GPgNeGYtEotXHAgMBAAGj -QjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBS/ -WSA2AHmgoCJrjNXyYdK4LMuCSjANBgkqhkiG9w0BAQsFAAOCAQEAMQOiYQsfdOhy -NsZt+U2e+iKo4YFWz827n+qrkRk4r6p8FU3ztqONpfSO9kSpp+ghla0+AGIWiPAC -uvxhI+YzmzB6azZie60EI4RYZeLbK4rnJVM3YlNfvNoBYimipidx5joifsFvHZVw -IEoHNN/q/xWA5brXethbdXwFeilHfkCoMRN3zUA7tFFHei4R40cR3p1m0IvVVGb6 -g1XqfMIpiRvpb7PO4gWEyS8+eIVibslfwXhjdFjASBgMmTnrpMwatXlajRWc2BQN -9noHV8cigwUtPJslJj0Ys6lDfMjIq2SPDqO/nBudMNva0Bkuqjzx+zOAduTNrRlP -BSeOE6Fuwg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUx -KzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAd -BgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNl -YyBHbG9iYWxSb290IENsYXNzIDMwHhcNMDgxMDAxMTAyOTU2WhcNMzMxMDAxMjM1 -OTU5WjCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnBy -aXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50 -ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDMwggEiMA0G -CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9dZPwYiJvJK7genasfb3ZJNW4t/zN -8ELg63iIVl6bmlQdTQyK9tPPcPRStdiTBONGhnFBSivwKixVA9ZIw+A5OO3yXDw/ -RLyTPWGrTs0NvvAgJ1gORH8EGoel15YUNpDQSXuhdfsaa3Ox+M6pCSzyU9XDFES4 -hqX2iys52qMzVNn6chr3IhUciJFrf2blw2qAsCTz34ZFiP0Zf3WHHx+xGwpzJFu5 -ZeAsVMhg02YXP+HMVDNzkQI6pn97djmiH5a2OK61yJN0HZ65tOVgnS9W0eDrXltM -EnAMbEQgqxHY9Bn20pxSN+f6tsIxO0rUFJmtxxr1XV/6B7h8DR/Wgx6zAgMBAAGj -QjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBS1 -A/d2O2GCahKqGFPrAyGUv/7OyjANBgkqhkiG9w0BAQsFAAOCAQEAVj3vlNW92nOy -WL6ukK2YJ5f+AbGwUgC4TeQbIXQbfsDuXmkqJa9c1h3a0nnJ85cp4IaH3gRZD/FZ -1GSFS5mvJQQeyUapl96Cshtwn5z2r3Ex3XsFpSzTucpH9sry9uetuUg/vBa3wW30 -6gmv7PO15wWeph6KU1HWk4HMdJP2udqmJQV0eVp+QD6CSyYRMG7hP0HHRwA11fXT -91Q+gT3aSWqas+8QPebrb9HIIkfLzM8BMZLZGOMivgkeGj5asuRrDFR6fUNOuIml -e9eiPZaGzPImNC1qkp2aGtAw4l1OBLBfiyB+d8E9lYLRRpo7PHi4b6HQDWSieB4p -TpPDpFQUWw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEqjCCA5KgAwIBAgIOSkcAAQAC5aBd1j8AUb8wDQYJKoZIhvcNAQEFBQAwdjEL -MAkGA1UEBhMCREUxHDAaBgNVBAoTE1RDIFRydXN0Q2VudGVyIEdtYkgxIjAgBgNV -BAsTGVRDIFRydXN0Q2VudGVyIENsYXNzIDMgQ0ExJTAjBgNVBAMTHFRDIFRydXN0 -Q2VudGVyIENsYXNzIDMgQ0EgSUkwHhcNMDYwMTEyMTQ0MTU3WhcNMjUxMjMxMjI1 -OTU5WjB2MQswCQYDVQQGEwJERTEcMBoGA1UEChMTVEMgVHJ1c3RDZW50ZXIgR21i -SDEiMCAGA1UECxMZVEMgVHJ1c3RDZW50ZXIgQ2xhc3MgMyBDQTElMCMGA1UEAxMc -VEMgVHJ1c3RDZW50ZXIgQ2xhc3MgMyBDQSBJSTCCASIwDQYJKoZIhvcNAQEBBQAD -ggEPADCCAQoCggEBALTgu1G7OVyLBMVMeRwjhjEQY0NVJz/GRcekPewJDRoeIMJW -Ht4bNwcwIi9v8Qbxq63WyKthoy9DxLCyLfzDlml7forkzMA5EpBCYMnMNWju2l+Q -Vl/NHE1bWEnrDgFPZPosPIlY2C8u4rBo6SI7dYnWRBpl8huXJh0obazovVkdKyT2 -1oQDZogkAHhg8fir/gKya/si+zXmFtGt9i4S5Po1auUZuV3bOx4a+9P/FRQI2Alq -ukWdFHlgfa9Aigdzs5OW03Q0jTo3Kd5c7PXuLjHCINy+8U9/I1LZW+Jk2ZyqBwi1 -Rb3R0DHBq1SfqdLDYmAD8bs5SpJKPQq5ncWg/jcCAwEAAaOCATQwggEwMA8GA1Ud -EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBTUovyfs8PYA9NX -XAek0CSnwPIA1DCB7QYDVR0fBIHlMIHiMIHfoIHcoIHZhjVodHRwOi8vd3d3LnRy -dXN0Y2VudGVyLmRlL2NybC92Mi90Y19jbGFzc18zX2NhX0lJLmNybIaBn2xkYXA6 -Ly93d3cudHJ1c3RjZW50ZXIuZGUvQ049VEMlMjBUcnVzdENlbnRlciUyMENsYXNz -JTIwMyUyMENBJTIwSUksTz1UQyUyMFRydXN0Q2VudGVyJTIwR21iSCxPVT1yb290 -Y2VydHMsREM9dHJ1c3RjZW50ZXIsREM9ZGU/Y2VydGlmaWNhdGVSZXZvY2F0aW9u -TGlzdD9iYXNlPzANBgkqhkiG9w0BAQUFAAOCAQEANmDkcPcGIEPZIxpC8vijsrlN -irTzwppVMXzEO2eatN9NDoqTSheLG43KieHPOh6sHfGcMrSOWXaiQYUlN6AT0PV8 -TtXqluJucsG7Kv5sbviRmEb8yRtXW+rIGjs/sFGYPAfaLFkB2otE6OF0/ado3VS6 -g0bsyEa1+K+XwDsJHI/OcpY9M1ZwvJbL2NV9IJqDnxrcOfHFcqMRA/07QlIp2+gB -95tejNaNhk4Z+rwcvsUhpYeeeC422wlxo3I0+GzjBgnyXlal092Y+tTmBvTwtiBj -S+opvaqCZh77gaqnN60TGOaSw4HBM7uIHqHn4rS9MWwOUT1v+5ZWgOI2F9Hc5A== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEYzCCA0ugAwIBAgIBATANBgkqhkiG9w0BAQsFADCB0jELMAkGA1UEBhMCVFIx -GDAWBgNVBAcTD0dlYnplIC0gS29jYWVsaTFCMEAGA1UEChM5VHVya2l5ZSBCaWxp -bXNlbCB2ZSBUZWtub2xvamlrIEFyYXN0aXJtYSBLdXJ1bXUgLSBUVUJJVEFLMS0w -KwYDVQQLEyRLYW11IFNlcnRpZmlrYXN5b24gTWVya2V6aSAtIEthbXUgU00xNjA0 -BgNVBAMTLVRVQklUQUsgS2FtdSBTTSBTU0wgS29rIFNlcnRpZmlrYXNpIC0gU3Vy -dW0gMTAeFw0xMzExMjUwODI1NTVaFw00MzEwMjUwODI1NTVaMIHSMQswCQYDVQQG -EwJUUjEYMBYGA1UEBxMPR2ViemUgLSBLb2NhZWxpMUIwQAYDVQQKEzlUdXJraXll -IEJpbGltc2VsIHZlIFRla25vbG9qaWsgQXJhc3Rpcm1hIEt1cnVtdSAtIFRVQklU -QUsxLTArBgNVBAsTJEthbXUgU2VydGlmaWthc3lvbiBNZXJrZXppIC0gS2FtdSBT -TTE2MDQGA1UEAxMtVFVCSVRBSyBLYW11IFNNIFNTTCBLb2sgU2VydGlmaWthc2kg -LSBTdXJ1bSAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3UwM6q7 -a9OZLBI3hNmNe5eA027n/5tQlT6QlVZC1xl8JoSNkvoBHToP4mQ4t4y86Ij5iySr -LqP1N+RAjhgleYN1Hzv/bKjFxlb4tO2KRKOrbEz8HdDc72i9z+SqzvBV96I01INr -N3wcwv61A+xXzry0tcXtAA9TNypN9E8Mg/uGz8v+jE69h/mniyFXnHrfA2eJLJ2X -YacQuFWQfw4tJzh03+f92k4S400VIgLI4OD8D62K18lUUMw7D8oWgITQUVbDjlZ/ -iSIzL+aFCr2lqBs23tPcLG07xxO9WSMs5uWk99gL7eqQQESolbuT1dCANLZGeA4f -AJNG4e7p+exPFwIDAQABo0IwQDAdBgNVHQ4EFgQUZT/HiobGPN08VFw1+DrtUgxH -V8gwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEL -BQADggEBACo/4fEyjq7hmFxLXs9rHmoJ0iKpEsdeV31zVmSAhHqT5Am5EM2fKifh -AHe+SMg1qIGf5LgsyX8OsNJLN13qudULXjS99HMpw+0mFZx+CFOKWI3QSyjfwbPf -IPP54+M638yclNhOT8NrF7f3cuitZjO1JVOr4PhMqZ398g26rrnZqsZr+ZO7rqu4 -lzwDGrpDxpa5RXI4s6ehlj2Re37AIVNMh+3yC1SVUZPVIqUNivGTDj5UDrDYyU7c -8jEyVupk+eq1nRZmQnLzf9OxMUP8pI4X8W0jq5Rm+K37DwhuJi1/FwcJsoz7UMCf -lo3Ptv0AnVoUmr8CRPXBwp8iXqIPoeM= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFQTCCAymgAwIBAgICDL4wDQYJKoZIhvcNAQELBQAwUTELMAkGA1UEBhMCVFcx -EjAQBgNVBAoTCVRBSVdBTi1DQTEQMA4GA1UECxMHUm9vdCBDQTEcMBoGA1UEAxMT -VFdDQSBHbG9iYWwgUm9vdCBDQTAeFw0xMjA2MjcwNjI4MzNaFw0zMDEyMzExNTU5 -NTlaMFExCzAJBgNVBAYTAlRXMRIwEAYDVQQKEwlUQUlXQU4tQ0ExEDAOBgNVBAsT -B1Jvb3QgQ0ExHDAaBgNVBAMTE1RXQ0EgR2xvYmFsIFJvb3QgQ0EwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQCwBdvI64zEbooh745NnHEKH1Jw7W2CnJfF -10xORUnLQEK1EjRsGcJ0pDFfhQKX7EMzClPSnIyOt7h52yvVavKOZsTuKwEHktSz -0ALfUPZVr2YOy+BHYC8rMjk1Ujoog/h7FsYYuGLWRyWRzvAZEk2tY/XTP3VfKfCh -MBwqoJimFb3u/Rk28OKRQ4/6ytYQJ0lM793B8YVwm8rqqFpD/G2Gb3PpN0Wp8DbH -zIh1HrtsBv+baz4X7GGqcXzGHaL3SekVtTzWoWH1EfcFbx39Eb7QMAfCKbAJTibc -46KokWofwpFFiFzlmLhxpRUZyXx1EcxwdE8tmx2RRP1WKKD+u4ZqyPpcC1jcxkt2 -yKsi2XMPpfRaAok/T54igu6idFMqPVMnaR1sjjIsZAAmY2E2TqNGtz99sy2sbZCi -laLOz9qC5wc0GZbpuCGqKX6mOL6OKUohZnkfs8O1CWfe1tQHRvMq2uYiN2DLgbYP -oA/pyJV/v1WRBXrPPRXAb94JlAGD1zQbzECl8LibZ9WYkTunhHiVJqRaCPgrdLQA -BDzfuBSO6N+pjWxnkjMdwLfS7JLIvgm/LCkFbwJrnu+8vyq8W8BQj0FwcYeyTbcE -qYSjMq+u7msXi7Kx/mzhkIyIqJdIzshNy/MGz19qCkKxHh53L46g5pIOBvwFItIm -4TFRfTLcDwIDAQABoyMwITAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB -/zANBgkqhkiG9w0BAQsFAAOCAgEAXzSBdu+WHdXltdkCY4QWwa6gcFGn90xHNcgL -1yg9iXHZqjNB6hQbbCEAwGxCGX6faVsgQt+i0trEfJdLjbDorMjupWkEmQqSpqsn -LhpNgb+E1HAerUf+/UqdM+DyucRFCCEK2mlpc3INvjT+lIutwx4116KD7+U4x6WF -H6vPNOw/KP4M8VeGTslV9xzU2KV9Bnpv1d8Q34FOIWWxtuEXeZVFBs5fzNxGiWNo -RI2T9GRwoD2dKAXDOXC4Ynsg/eTb6QihuJ49CcdP+yz4k3ZB3lLg4VfSnQO8d57+ -nile98FRYB/e2guyLXW3Q0iT5/Z5xoRdgFlglPx4mI88k1HtQJAH32RjJMtOcQWh -15QaiDLxInQirqWm2BJpTGCjAu4r7NRjkgtevi92a6O2JryPA9gK8kxkRr05YuWW -6zRjESjMlfGt7+/cgFhI6Uu46mWs6fyAtbXIRfmswZ/ZuepiiI7E8UuDEq3mi4TW -nsLrgxifarsbJGAzcMzs9zLzXNl5fe+epP7JI8Mk7hWSsT2RTyaGvWZzJBPqpK5j -wa19hAM8EHiGG3njxPPyBJUgriOCxLM6AGK/5jYk4Ve6xx6QddVfP5VhK8E7zeWz -aGHQRiapIVJpLesux+t3zqY6tQMzT3bR51xUAV3LePTJDL/PEo4XLSNolOer/qmy -KwbQBM0= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDezCCAmOgAwIBAgIBATANBgkqhkiG9w0BAQUFADBfMQswCQYDVQQGEwJUVzES -MBAGA1UECgwJVEFJV0FOLUNBMRAwDgYDVQQLDAdSb290IENBMSowKAYDVQQDDCFU -V0NBIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDgwODI4MDcyNDMz -WhcNMzAxMjMxMTU1OTU5WjBfMQswCQYDVQQGEwJUVzESMBAGA1UECgwJVEFJV0FO -LUNBMRAwDgYDVQQLDAdSb290IENBMSowKAYDVQQDDCFUV0NBIFJvb3QgQ2VydGlm -aWNhdGlvbiBBdXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB -AQCwfnK4pAOU5qfeCTiRShFAh6d8WWQUe7UREN3+v9XAu1bihSX0NXIP+FPQQeFE -AcK0HMMxQhZHhTMidrIKbw/lJVBPhYa+v5guEGcevhEFhgWQxFnQfHgQsIBct+HH -K3XLfJ+utdGdIzdjp9xCoi2SBBtQwXu4PhvJVgSLL1KbralW6cH/ralYhzC2gfeX -RfwZVzsrb+RH9JlF/h3x+JejiB03HFyP4HYlmlD4oFT/RJB2I9IyxsOrBr/8+7/z -rX2SYgJbKdM1o5OaQ2RgXbL6Mv87BK9NQGr5x+PvI/1ry+UPizgN7gr8/g+YnzAx -3WxSZfmLgb4i4RxYA7qRG4kHAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV -HRMBAf8EBTADAQH/MB0GA1UdDgQWBBRqOFsmjd6LWvJPelSDGRjjCDWmujANBgkq -hkiG9w0BAQUFAAOCAQEAPNV3PdrfibqHDAhUaiBQkr6wQT25JmSDCi/oQMCXKCeC -MErJk/9q56YAf4lCmtYR5VPOL8zy2gXE/uJQxDqGfczafhAJO5I1KlOy/usrBdls -XebQ79NqZp4VKIV66IIArB6nCWlWQtNoURi+VJq/REG6Sb4gumlc7rh3zc5sH62D -lhh9DrUUOYTxKOkto557HnpyWoOzeW/vtPzQCqVYT0bf+215WfKEIlKuD8z7fDvn -aspHYcN6+NOSBB+4IIThNlQWx0DeO4pz3N/GCUzf7Nr/1FNCocnyYh0igzyXxfkZ -YiesZSLX0zzG5Y6yU8xJzrww/nsOM5D77dIUkR8Hrw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFcjCCA1qgAwIBAgIQH51ZWtcvwgZEpYAIaeNe9jANBgkqhkiG9w0BAQUFADA/ -MQswCQYDVQQGEwJUVzEwMC4GA1UECgwnR292ZXJubWVudCBSb290IENlcnRpZmlj -YXRpb24gQXV0aG9yaXR5MB4XDTAyMTIwNTEzMjMzM1oXDTMyMTIwNTEzMjMzM1ow -PzELMAkGA1UEBhMCVFcxMDAuBgNVBAoMJ0dvdmVybm1lbnQgUm9vdCBDZXJ0aWZp -Y2F0aW9uIEF1dGhvcml0eTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB -AJoluOzMonWoe/fOW1mKydGGEghU7Jzy50b2iPN86aXfTEc2pBsBHH8eV4qNw8XR -IePaJD9IK/ufLqGU5ywck9G/GwGHU5nOp/UKIXZ3/6m3xnOUT0b3EEk3+qhZSV1q -gQdW8or5BtD3cCJNtLdBuTK4sfCxw5w/cP1T3YGq2GN49thTbqGsaoQkclSGxtKy -yhwOeYHWtXBiCAEuTk8O1RGvqa/lmr/czIdtJuTJV6L7lvnM4T9TjGxMfptTCAts -F/tnyMKtsc2AtJfcdgEWFelq16TheEfOhtX7MfP6Mb40qij7cEwdScevLJ1tZqa2 -jWR+tSBqnTuBto9AAGdLiYa4zGX+FVPpBMHWXx1E1wovJ5pGfaENda1UhhXcSTvx -ls4Pm6Dso3pdvtUqdULle96ltqqvKKyskKw4t9VoNSZ63Pc78/1Fm9G7Q3hub/FC -VGqY8A2tl+lSXunVanLeavcbYBT0peS2cWeqH+riTcFCQP5nRhc4L0c/cZyu5SHK -YS1tB6iEfC3uUSXxY5Ce/eFXiGvviiNtsea9P63RPZYLhY3Naye7twWb7LuRqQoH -EgKXTiCQ8P8NHuJBO9NAOueNXdpm5AKwB1KYXA6OM5zCppX7VRluTI6uSw+9wThN -Xo+EHWbNxWCWtFJaBYmOlXqYwZE8lSOyDvR5tMl8wUohAgMBAAGjajBoMB0GA1Ud -DgQWBBTMzO/MKWCkO7GStjz6MmKPrCUVOzAMBgNVHRMEBTADAQH/MDkGBGcqBwAE -MTAvMC0CAQAwCQYFKw4DAhoFADAHBgVnKgMAAAQUA5vwIhP/lSg209yewDL7MTqK -UWUwDQYJKoZIhvcNAQEFBQADggIBAECASvomyc5eMN1PhnR2WPWus4MzeKR6dBcZ -TulStbngCnRiqmjKeKBMmo4sIy7VahIkv9Ro04rQ2JyftB8M3jh+Vzj8jeJPXgyf -qzvS/3WXy6TjZwj/5cAWtUgBfen5Cv8b5Wppv3ghqMKnI6mGq3ZW6A4M9hPdKmaK -ZEk9GhiHkASfQlK3T8v+R0F2Ne//AHY2RTKbxkaFXeIksB7jSJaYV0eUVXoPQbFE -JPPB/hprv4j9wabak2BegUqZIJxIZhm1AHlUD7gsL0u8qV1bYH+Mh6XgUmMqvtg7 -hUAV/h62ZT/FS9p+tXo1KaMuephgIqP0fSdOLeq0dDzpD6QzDxARvBMB1uUO07+1 -EqLhRSPAzAhuYbeJq4PjJB7mXQfnHyA+z2fI56wwbSdLaG5LKlwCCDTb+HbkZ6Mm -nD+iMsJKxYEYMRBWqoTvLQr/uB930r+lWKBi5NdLkXWNiYCYfm3LU05er/ayl4WX -udpVBrkk7tfGOB5jGxI7leFYrPLfhNVfmS8NVVvmONsuP3LpSIXLuykTjx44Vbnz -ssQwmSNOXfJIoRIM3BKQCZBUkQM8R+XVyWXgt0t97EfTsws+rZ7QdAAO671RrcDe -LMDDav7v3Aun+kbfYNucpllQdSNpc5Oy+fwC00fmcc4QAu4njIT/rEUNE1yDMuAl -pYYsfPQS ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFODCCAyCgAwIBAgIRAJW+FqD3LkbxezmCcvqLzZYwDQYJKoZIhvcNAQEFBQAw -NzEUMBIGA1UECgwLVGVsaWFTb25lcmExHzAdBgNVBAMMFlRlbGlhU29uZXJhIFJv -b3QgQ0EgdjEwHhcNMDcxMDE4MTIwMDUwWhcNMzIxMDE4MTIwMDUwWjA3MRQwEgYD -VQQKDAtUZWxpYVNvbmVyYTEfMB0GA1UEAwwWVGVsaWFTb25lcmEgUm9vdCBDQSB2 -MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMK+6yfwIaPzaSZVfp3F -VRaRXP3vIb9TgHot0pGMYzHw7CTww6XScnwQbfQ3t+XmfHnqjLWCi65ItqwA3GV1 -7CpNX8GH9SBlK4GoRz6JI5UwFpB/6FcHSOcZrr9FZ7E3GwYq/t75rH2D+1665I+X -Z75Ljo1kB1c4VWk0Nj0TSO9P4tNmHqTPGrdeNjPUtAa9GAH9d4RQAEX1jF3oI7x+ -/jXh7VB7qTCNGdMJjmhnXb88lxhTuylixcpecsHHltTbLaC0H2kD7OriUPEMPPCs -81Mt8Bz17Ww5OXOAFshSsCPN4D7c3TxHoLs1iuKYaIu+5b9y7tL6pe0S7fyYGKkm -dtwoSxAgHNN/Fnct7W+A90m7UwW7XWjH1Mh1Fj+JWov3F0fUTPHSiXk+TT2YqGHe -Oh7S+F4D4MHJHIzTjU3TlTazN19jY5szFPAtJmtTfImMMsJu7D0hADnJoWjiUIMu -sDor8zagrC/kb2HCUQk5PotTubtn2txTuXZZNp1D5SDgPTJghSJRt8czu90VL6R4 -pgd7gUY2BIbdeTXHlSw7sKMXNeVzH7RcWe/a6hBle3rQf5+ztCo3O3CLm1u5K7fs -slESl1MpWtTwEhDcTwK7EpIvYtQ/aUN8Ddb8WHUBiJ1YFkveupD/RwGJBmr2X7KQ -arMCpgKIv7NHfirZ1fpoeDVNAgMBAAGjPzA9MA8GA1UdEwEB/wQFMAMBAf8wCwYD -VR0PBAQDAgEGMB0GA1UdDgQWBBTwj1k4ALP1j5qWDNXr+nuqF+gTEjANBgkqhkiG -9w0BAQUFAAOCAgEAvuRcYk4k9AwI//DTDGjkk0kiP0Qnb7tt3oNmzqjMDfz1mgbl -dxSR651Be5kqhOX//CHBXfDkH1e3damhXwIm/9fH907eT/j3HEbAek9ALCI18Bmx -0GtnLLCo4MBANzX2hFxc469CeP6nyQ1Q6g2EdvZR74NTxnr/DlZJLo961gzmJ1Tj -TQpgcmLNkQfWpb/ImWvtxBnmq0wROMVvMeJuScg/doAmAyYp4Db29iBT4xdwNBed -Y2gea+zDTYa4EzAvXUYNR0PVG6pZDrlcjQZIrXSHX8f8MVRBE+LHIQ6e4B4N4cB7 -Q4WQxYpYxmUKeFfyxiMPAdkgS94P+5KFdSpcc41teyWRyu5FrgZLAMzTsVlQ2jqI -OylDRl6XK1TOU2+NSueW+r9xDkKLfP0ooNBIytrEgUy7onOTJsjrDNYmiLbAJM+7 -vVvrdX3pCI6GMyx5dwlppYn8s3CQh3aP0yK7Qs69cwsgJirQmz1wHiRszYd2qReW -t88NkvuOGKmYSdGe/mBEciG5Ge3C9THxOUiIkCR1VBatzvT4aRRkOfujuLpwQMcn -HL/EVlP6Y2XQ8xwOFvVrhlhNGNTkDY6lnVuR3HYkUD/GKvvZt5y11ubQ2egZixVx -SK236thZiNSQvxaz2emsWWFUyBy6ysHK4bkgTI86k4mloMy/0/Z1pHWWbVY= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEIDCCAwigAwIBAgIJAISCLF8cYtBAMA0GCSqGSIb3DQEBCwUAMIGcMQswCQYD -VQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEgQ2l0eTEk -MCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYDVQQLDB5U -cnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxFzAVBgNVBAMMDlRydXN0Q29y -IEVDQS0xMB4XDTE2MDIwNDEyMzIzM1oXDTI5MTIzMTE3MjgwN1owgZwxCzAJBgNV -BAYTAlBBMQ8wDQYDVQQIDAZQYW5hbWExFDASBgNVBAcMC1BhbmFtYSBDaXR5MSQw -IgYDVQQKDBtUcnVzdENvciBTeXN0ZW1zIFMuIGRlIFIuTC4xJzAlBgNVBAsMHlRy -dXN0Q29yIENlcnRpZmljYXRlIEF1dGhvcml0eTEXMBUGA1UEAwwOVHJ1c3RDb3Ig -RUNBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPj+ARtZ+odnbb -3w9U73NjKYKtR8aja+3+XzP4Q1HpGjORMRegdMTUpwHmspI+ap3tDvl0mEDTPwOA -BoJA6LHip1GnHYMma6ve+heRK9jGrB6xnhkB1Zem6g23xFUfJ3zSCNV2HykVh0A5 -3ThFEXXQmqc04L/NyFIduUd+Dbi7xgz2c1cWWn5DkR9VOsZtRASqnKmcp0yJF4Ou -owReUoCLHhIlERnXDH19MURB6tuvsBzvgdAsxZohmz3tQjtQJvLsznFhBmIhVE5/ -wZ0+fyCMgMsq2JdiyIMzkX2woloPV+g7zPIlstR8L+xNxqE6FXrntl019fZISjZF -ZtS6mFjBAgMBAAGjYzBhMB0GA1UdDgQWBBREnkj1zG1I1KBLf/5ZJC+Dl5mahjAf -BgNVHSMEGDAWgBREnkj1zG1I1KBLf/5ZJC+Dl5mahjAPBgNVHRMBAf8EBTADAQH/ -MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEABT41XBVwm8nHc2Fv -civUwo/yQ10CzsSUuZQRg2dd4mdsdXa/uwyqNsatR5Nj3B5+1t4u/ukZMjgDfxT2 -AHMsWbEhBuH7rBiVDKP/mZb3Kyeb1STMHd3BOuCYRLDE5D53sXOpZCz2HAF8P11F -hcCF5yWPldwX8zyfGm6wyuMdKulMY/okYWLW2n62HGz1Ah3UKt1VkOsqEUc8Ll50 -soIipX1TH0XsJ5F95yIW6MBoNtjG8U+ARDL54dHRHareqKucBK+tIA5kmE2la8BI -WJZpTdwHjFGTot+fDz2LYLSCjaoITmJF4PkL0uDgPFveXHEnJcLmA4GLEFPjx1Wi -tJ/X5g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEMDCCAxigAwIBAgIJANqb7HHzA7AZMA0GCSqGSIb3DQEBCwUAMIGkMQswCQYD -VQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEgQ2l0eTEk -MCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYDVQQLDB5U -cnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxHzAdBgNVBAMMFlRydXN0Q29y -IFJvb3RDZXJ0IENBLTEwHhcNMTYwMjA0MTIzMjE2WhcNMjkxMjMxMTcyMzE2WjCB -pDELMAkGA1UEBhMCUEExDzANBgNVBAgMBlBhbmFtYTEUMBIGA1UEBwwLUGFuYW1h -IENpdHkxJDAiBgNVBAoMG1RydXN0Q29yIFN5c3RlbXMgUy4gZGUgUi5MLjEnMCUG -A1UECwweVHJ1c3RDb3IgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MR8wHQYDVQQDDBZU -cnVzdENvciBSb290Q2VydCBDQS0xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB -CgKCAQEAv463leLCJhJrMxnHQFgKq1mqjQCj/IDHUHuO1CAmujIS2CNUSSUQIpid -RtLByZ5OGy4sDjjzGiVoHKZaBeYei0i/mJZ0PmnK6bV4pQa81QBeCQryJ3pS/C3V -seq0iWEk8xoT26nPUu0MJLq5nux+AHT6k61sKZKuUbS701e/s/OojZz0JEsq1pme -9J7+wH5COucLlVPat2gOkEz7cD+PSiyU8ybdY2mplNgQTsVHCJCZGxdNuWxu72CV -EY4hgLW9oHPY0LJ3xEXqWib7ZnZ2+AYfYW0PVcWDtxBWcgYHpfOxGgMFZA6dWorW -hnAbJN7+KIor0Gqw/Hqi3LJ5DotlDwIDAQABo2MwYTAdBgNVHQ4EFgQU7mtJPHo/ -DeOxCbeKyKsZn3MzUOcwHwYDVR0jBBgwFoAU7mtJPHo/DeOxCbeKyKsZn3MzUOcw -DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQAD -ggEBACUY1JGPE+6PHh0RU9otRCkZoB5rMZ5NDp6tPVxBb5UrJKF5mDo4Nvu7Zp5I -/5CQ7z3UuJu0h3U/IJvOcs+hVcFNZKIZBqEHMwwLKeXx6quj7LUKdJDHfXLy11yf -ke+Ri7fc7Waiz45mO7yfOgLgJ90WmMCV1Aqk5IGadZQ1nJBfiDcGrVmVCrDRZ9MZ -yonnMlo2HD6CqFqTvsbQZJG2z9m2GM/bftJlo6bEjhcxwft+dtvTheNYsnd6djts -L1Ac59v2Z3kf9YKVmgenFK+P3CghZwnS1k1aHBkcjndcw5QkPTJrS37UeJSDvjdN -zl/HHk484IkzlQsPpTLWPFp5LBk= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIGLzCCBBegAwIBAgIIJaHfyjPLWQIwDQYJKoZIhvcNAQELBQAwgaQxCzAJBgNV -BAYTAlBBMQ8wDQYDVQQIDAZQYW5hbWExFDASBgNVBAcMC1BhbmFtYSBDaXR5MSQw -IgYDVQQKDBtUcnVzdENvciBTeXN0ZW1zIFMuIGRlIFIuTC4xJzAlBgNVBAsMHlRy -dXN0Q29yIENlcnRpZmljYXRlIEF1dGhvcml0eTEfMB0GA1UEAwwWVHJ1c3RDb3Ig -Um9vdENlcnQgQ0EtMjAeFw0xNjAyMDQxMjMyMjNaFw0zNDEyMzExNzI2MzlaMIGk -MQswCQYDVQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEg -Q2l0eTEkMCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYD -VQQLDB5UcnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxHzAdBgNVBAMMFlRy -dXN0Q29yIFJvb3RDZXJ0IENBLTIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK -AoICAQCnIG7CKqJiJJWQdsg4foDSq8GbZQWU9MEKENUCrO2fk8eHyLAnK0IMPQo+ -QVqedd2NyuCb7GgypGmSaIwLgQ5WoD4a3SwlFIIvl9NkRvRUqdw6VC0xK5mC8tkq -1+9xALgxpL56JAfDQiDyitSSBBtlVkxs1Pu2YVpHI7TYabS3OtB0PAx1oYxOdqHp -2yqlO/rOsP9+aij9JxzIsekp8VduZLTQwRVtDr4uDkbIXvRR/u8OYzo7cbrPb1nK -DOObXUm4TOJXsZiKQlecdu/vvdFoqNL0Cbt3Nb4lggjEFixEIFapRBF37120Hape -az6LMvYHL1cEksr1/p3C6eizjkxLAjHZ5DxIgif3GIJ2SDpxsROhOdUuxTTCHWKF -3wP+TfSvPd9cW436cOGlfifHhi5qjxLGhF5DUVCcGZt45vz27Ud+ez1m7xMTiF88 -oWP7+ayHNZ/zgp6kPwqcMWmLmaSISo5uZk3vFsQPeSghYA2FFn3XVDjxklb9tTNM -g9zXEJ9L/cb4Qr26fHMC4P99zVvh1Kxhe1fVSntb1IVYJ12/+CtgrKAmrhQhJ8Z3 -mjOAPF5GP/fDsaOGM8boXg25NSyqRsGFAnWAoOsk+xWq5Gd/bnc/9ASKL3x74xdh -8N0JqSDIvgmk0H5Ew7IwSjiqqewYmgeCK9u4nBit2uBGF6zPXQIDAQABo2MwYTAd -BgNVHQ4EFgQU2f4hQG6UnrybPZx9mCAZ5YwwYrIwHwYDVR0jBBgwFoAU2f4hQG6U -nrybPZx9mCAZ5YwwYrIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYw -DQYJKoZIhvcNAQELBQADggIBAJ5Fngw7tu/hOsh80QA9z+LqBrWyOrsGS2h60COX -dKcs8AjYeVrXWoSK2BKaG9l9XE1wxaX5q+WjiYndAfrs3fnpkpfbsEZC89NiqpX+ -MWcUaViQCqoL7jcjx1BRtPV+nuN79+TMQjItSQzL/0kMmx40/W5ulop5A7Zv2wnL -/V9lFDfhOPXzYRZY5LVtDQsEGz9QLX+zx3oaFoBg+Iof6Rsqxvm6ARppv9JYx1RX -CI/hOWB3S6xZhBqI8d3LT3jX5+EzLfzuQfogsL7L9ziUwOHQhQ+77Sxzq+3+knYa -ZH9bDTMJBzN7Bj8RpFxwPIXAz+OQqIN3+tvmxYxoZxBnpVIt8MSZj3+/0WvitUfW -2dCFmU2Umw9Lje4AWkcdEQOsQRivh7dvDDqPys/cA8GiCcjl/YBeyGBCARsaU1q7 -N6a3vLqE6R5sGtRk2tRD/pOLS/IseRYQ1JMLiI+h2IYURpFHmygk71dSTlxCnKr3 -Sewn6EAes6aJInKc9Q0ztFijMDvd1GpUk74aTfOTlPf8hAs/hCBcNANExdqtvArB -As8e5ZTZ845b2EzwnexhF7sUMlQMAimTHpKG9n/v55IFDlndmQguLvqcAFLTxWYp -5KeXRKQOKIETNcX2b2TmQcTVL8w0RSXPQQCWPUouwpaYT05KnJe32x+SMsj/D1Fu -1uwJ ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDZzCCAk+gAwIBAgIQGx+ttiD5JNM2a/fH8YygWTANBgkqhkiG9w0BAQUFADBF -MQswCQYDVQQGEwJHQjEYMBYGA1UEChMPVHJ1c3RpcyBMaW1pdGVkMRwwGgYDVQQL -ExNUcnVzdGlzIEZQUyBSb290IENBMB4XDTAzMTIyMzEyMTQwNloXDTI0MDEyMTEx -MzY1NFowRTELMAkGA1UEBhMCR0IxGDAWBgNVBAoTD1RydXN0aXMgTGltaXRlZDEc -MBoGA1UECxMTVHJ1c3RpcyBGUFMgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQAD -ggEPADCCAQoCggEBAMVQe547NdDfxIzNjpvto8A2mfRC6qc+gIMPpqdZh8mQRUN+ -AOqGeSoDvT03mYlmt+WKVoaTnGhLaASMk5MCPjDSNzoiYYkchU59j9WvezX2fihH -iTHcDnlkH5nSW7r+f2C/revnPDgpai/lkQtV/+xvWNUtyd5MZnGPDNcE2gfmHhjj -vSkCqPoc4Vu5g6hBSLwacY3nYuUtsuvffM/bq1rKMfFMIvMFE/eC+XN5DL7XSxzA -0RU8k0Fk0ea+IxciAIleH2ulrG6nS4zto3Lmr2NNL4XSFDWaLk6M6jKYKIahkQlB -OrTh4/L68MkKokHdqeMDx4gVOxzUGpTXn2RZEm0CAwEAAaNTMFEwDwYDVR0TAQH/ -BAUwAwEB/zAfBgNVHSMEGDAWgBS6+nEleYtXQSUhhgtx67JkDoshZzAdBgNVHQ4E -FgQUuvpxJXmLV0ElIYYLceuyZA6LIWcwDQYJKoZIhvcNAQEFBQADggEBAH5Y//01 -GX2cGE+esCu8jowU/yyg2kdbw++BLa8F6nRIW/M+TgfHbcWzk88iNVy2P3UnXwmW -zaD+vkAMXBJV+JOCyinpXj9WV4s4NvdFGkwozZ5BuO1WTISkQMi4sKUraXAEasP4 -1BIy+Q7DsdwyhEQsb8tGD+pmQQ9P8Vilpg0ND2HepZ5dfWWhPBfnqFVO76DH7cZE -f1T1o+CP8HxVIo8ptoGj4W1OLBuAZ+ytIJ8MYmHVl/9D7S3B2l0pKoU/rGXuhg8F -jZBf3+6f9L/uHfuY5H+QK4R4EA5sSVPvFVtlRkpdr7r7OnIdzfYliB6XzCGcKQEN -ZetX2fNXlrtIzYE= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEJzCCAw+gAwIBAgIHAI4X/iQggTANBgkqhkiG9w0BAQsFADCBsTELMAkGA1UE -BhMCVFIxDzANBgNVBAcMBkFua2FyYTFNMEsGA1UECgxEVMOcUktUUlVTVCBCaWxn -aSDEsGxldGnFn2ltIHZlIEJpbGnFn2ltIEfDvHZlbmxpxJ9pIEhpem1ldGxlcmkg -QS7Fni4xQjBABgNVBAMMOVTDnFJLVFJVU1QgRWxla3Ryb25payBTZXJ0aWZpa2Eg -SGl6bWV0IFNhxJ9sYXnEsWPEsXPEsSBINTAeFw0xMzA0MzAwODA3MDFaFw0yMzA0 -MjgwODA3MDFaMIGxMQswCQYDVQQGEwJUUjEPMA0GA1UEBwwGQW5rYXJhMU0wSwYD -VQQKDERUw5xSS1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUgQmlsacWfaW0gR8O8 -dmVubGnEn2kgSGl6bWV0bGVyaSBBLsWeLjFCMEAGA1UEAww5VMOcUktUUlVTVCBF -bGVrdHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxIEg1MIIB -IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCUZ4WWe60ghUEoI5RHwWrom -/4NZzkQqL/7hzmAD/I0Dpe3/a6i6zDQGn1k19uwsu537jVJp45wnEFPzpALFp/kR -Gml1bsMdi9GYjZOHp3GXDSHHmflS0yxjXVW86B8BSLlg/kJK9siArs1mep5Fimh3 -4khon6La8eHBEJ/rPCmBp+EyCNSgBbGM+42WAA4+Jd9ThiI7/PS98wl+d+yG6w8z -5UNP9FR1bSmZLmZaQ9/LXMrI5Tjxfjs1nQ/0xVqhzPMggCTTV+wVunUlm+hkS7M0 -hO8EuPbJbKoCPrZV4jI3X/xml1/N1p7HIL9Nxqw/dV8c7TKcfGkAaZHjIxhT6QID -AQABo0IwQDAdBgNVHQ4EFgQUVpkHHtOsDGlktAxQR95DLL4gwPswDgYDVR0PAQH/ -BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAJ5FdnsX -SDLyOIspve6WSk6BGLFRRyDN0GSxDsnZAdkJzsiZ3GglE9Rc8qPoBP5yCccLqh0l -VX6Wmle3usURehnmp349hQ71+S4pL+f5bFgWV1Al9j4uPqrtd3GqqpmWRgqujuwq -URawXs3qZwQcWDD1YIq9pr1N5Za0/EKJAWv2cMhQOQwt1WbZyNKzMrcbGW3LM/nf -peYVhDfwwvJllpKQd/Ct9JDpEXjXk4nAPQu6KfTomZ1yju2dL+6SfaHx/126M2CF -Yv4HAqGEVka+lgqaE9chTLd8B59OTj+RdPsnnRHM3eaxynFNExc5JsUpISuTKWqW -+qtB4Uu2NQvAmxU= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICjzCCAhWgAwIBAgIQXIuZxVqUxdJxVt7NiYDMJjAKBggqhkjOPQQDAzCBiDEL -MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl -eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT -JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAwMjAx -MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgT -Ck5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVUaGUg -VVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBFQ0MgQ2VydGlm -aWNhdGlvbiBBdXRob3JpdHkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQarFRaqflo -I+d61SRvU8Za2EurxtW20eZzca7dnNYMYf3boIkDuAUU7FfO7l0/4iGzzvfUinng -o4N+LZfQYcTxmdwlkWOrfzCjtHDix6EznPO/LlxTsV+zfTJ/ijTjeXmjQjBAMB0G -A1UdDgQWBBQ64QmG1M8ZwpZ2dEl23OA1xmNjmjAOBgNVHQ8BAf8EBAMCAQYwDwYD -VR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjA2Z6EWCNzklwBBHU6+4WMB -zzuqQhFkoJ2UOQIReVx7Hfpkue4WQrO/isIJxOzksU0CMQDpKmFHjFJKS04YcPbW -RNZu9YO6bVi9JNlWSOrvxKJGgYhqOkbRqZtNyWHa0V1Xahg= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF3jCCA8agAwIBAgIQAf1tMPyjylGoG7xkDjUDLTANBgkqhkiG9w0BAQwFADCB -iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl -cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV -BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAw -MjAxMDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBiDELMAkGA1UEBhMCVVMxEzARBgNV -BAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVU -aGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBSU0EgQ2Vy -dGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK -AoICAQCAEmUXNg7D2wiz0KxXDXbtzSfTTK1Qg2HiqiBNCS1kCdzOiZ/MPans9s/B -3PHTsdZ7NygRK0faOca8Ohm0X6a9fZ2jY0K2dvKpOyuR+OJv0OwWIJAJPuLodMkY -tJHUYmTbf6MG8YgYapAiPLz+E/CHFHv25B+O1ORRxhFnRghRy4YUVD+8M/5+bJz/ -Fp0YvVGONaanZshyZ9shZrHUm3gDwFA66Mzw3LyeTP6vBZY1H1dat//O+T23LLb2 -VN3I5xI6Ta5MirdcmrS3ID3KfyI0rn47aGYBROcBTkZTmzNg95S+UzeQc0PzMsNT -79uq/nROacdrjGCT3sTHDN/hMq7MkztReJVni+49Vv4M0GkPGw/zJSZrM233bkf6 -c0Plfg6lZrEpfDKEY1WJxA3Bk1QwGROs0303p+tdOmw1XNtB1xLaqUkL39iAigmT -Yo61Zs8liM2EuLE/pDkP2QKe6xJMlXzzawWpXhaDzLhn4ugTncxbgtNMs+1b/97l -c6wjOy0AvzVVdAlJ2ElYGn+SNuZRkg7zJn0cTRe8yexDJtC/QV9AqURE9JnnV4ee -UB9XVKg+/XRjL7FQZQnmWEIuQxpMtPAlR1n6BB6T1CZGSlCBst6+eLf8ZxXhyVeE -Hg9j1uliutZfVS7qXMYoCAQlObgOK6nyTJccBz8NUvXt7y+CDwIDAQABo0IwQDAd -BgNVHQ4EFgQUU3m/WqorSs9UgOHYm8Cd8rIDZsswDgYDVR0PAQH/BAQDAgEGMA8G -A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEMBQADggIBAFzUfA3P9wF9QZllDHPF -Up/L+M+ZBn8b2kMVn54CVVeWFPFSPCeHlCjtHzoBN6J2/FNQwISbxmtOuowhT6KO -VWKR82kV2LyI48SqC/3vqOlLVSoGIG1VeCkZ7l8wXEskEVX/JJpuXior7gtNn3/3 -ATiUFJVDBwn7YKnuHKsSjKCaXqeYalltiz8I+8jRRa8YFWSQEg9zKC7F4iRO/Fjs -8PRF/iKz6y+O0tlFYQXBl2+odnKPi4w2r78NBc5xjeambx9spnFixdjQg3IM8WcR -iQycE0xyNN+81XHfqnHd4blsjDwSXWXavVcStkNr/+XeTWYRUc+ZruwXtuhxkYze -Sf7dNXGiFSeUHM9h4ya7b6NnJSFd5t0dCy5oGzuCr+yDZ4XUmFF0sbmZgIn/f3gZ -XHlKYC6SQK5MNyosycdiyA5d9zZbyuAlJQG03RoHnHcAP9Dc1ew91Pq7P8yF1m9/ -qS3fuQL39ZeatTXaw2ewh0qpKJ4jjv9cJ2vhsE/zB+4ALtRZh8tSQZXq9EfX7mRB -VXyNWQKV3WKdwrnuWih0hKWbt5DHDAff9Yk2dDLWKMGwsAvgnEzDHNb842m1R0aB -L6KCq9NjRHDEjf8tM7qtj3u1cIiuPhnPQCjY/MiQu12ZIvVS5ljFH4gxQ+6IHdfG -jjxDah2nGN59PRbxYvnKkKj9 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEojCCA4qgAwIBAgIQRL4Mi1AAJLQR0zYlJWfJiTANBgkqhkiG9w0BAQUFADCB -rjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug -Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho -dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xNjA0BgNVBAMTLVVUTi1VU0VSRmlyc3Qt -Q2xpZW50IEF1dGhlbnRpY2F0aW9uIGFuZCBFbWFpbDAeFw05OTA3MDkxNzI4NTBa -Fw0xOTA3MDkxNzM2NThaMIGuMQswCQYDVQQGEwJVUzELMAkGA1UECBMCVVQxFzAV -BgNVBAcTDlNhbHQgTGFrZSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5l -dHdvcmsxITAfBgNVBAsTGGh0dHA6Ly93d3cudXNlcnRydXN0LmNvbTE2MDQGA1UE -AxMtVVROLVVTRVJGaXJzdC1DbGllbnQgQXV0aGVudGljYXRpb24gYW5kIEVtYWls -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjmFpPJ9q0E7YkY3rs3B -YHW8OWX5ShpHornMSMxqmNVNNRm5pELlzkniii8efNIxB8dOtINknS4p1aJkxIW9 -hVE1eaROaJB7HHqkkqgX8pgV8pPMyaQylbsMTzC9mKALi+VuG6JG+ni8om+rWV6l -L8/K2m2qL+usobNqqrcuZzWLeeEeaYji5kbNoKXqvgvOdjp6Dpvq/NonWz1zHyLm -SGHGTPNpsaguG7bUMSAsvIKKjqQOpdeJQ/wWWq8dcdcRWdq6hw2v+vPhwvCkxWeM -1tZUOt4KpLoDd7NlyP0e03RiqhjKaJMeoYV+9Udly/hNVyh00jT/MLbu9mIwFIws -6wIDAQABo4G5MIG2MAsGA1UdDwQEAwIBxjAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud -DgQWBBSJgmd9xJ0mcABLtFBIfN49rgRufTBYBgNVHR8EUTBPME2gS6BJhkdodHRw -Oi8vY3JsLnVzZXJ0cnVzdC5jb20vVVROLVVTRVJGaXJzdC1DbGllbnRBdXRoZW50 -aWNhdGlvbmFuZEVtYWlsLmNybDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUH -AwQwDQYJKoZIhvcNAQEFBQADggEBALFtYV2mGn98q0rkMPxTbyUkxsrt4jFcKw7u -7mFVbwQ+zznexRtJlOTrIEy05p5QLnLZjfWqo7NK2lYcYJeA3IKirUq9iiv/Cwm0 -xtcgBEXkzYABurorbs6q15L+5K/r9CYdFip/bDCVNy8zEqx/3cfREYxRmLLQo5HQ -rfafnoOTHh1CuEava2bwm3/q4wMC5QJRwarVNZ1yQAOJujEdxRBoUp7fooXFXAim -eOZTT7Hot9MUnpOmw2TjrH5xzbyf6QMbzPvprDHBr3wVdAKZw7JHpsIyYdfHb0gk -USeh1YdV8nuPmD0Wnu51tvjQjvLzxq4oW6fw8zYX/MMF08oDSlQ= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDhDCCAwqgAwIBAgIQL4D+I4wOIg9IZxIokYesszAKBggqhkjOPQQDAzCByjEL -MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW -ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNyBWZXJpU2ln -biwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJp -U2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9y -aXR5IC0gRzQwHhcNMDcxMTA1MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCByjELMAkG -A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJp -U2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNyBWZXJpU2lnbiwg -SW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2ln -biBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5 -IC0gRzQwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASnVnp8Utpkmw4tXNherJI9/gHm -GUo9FANL+mAnINmDiWn6VMaaGF5VKmTeBvaNSjutEDxlPZCIBIngMGGzrl0Bp3ve -fLK+ymVhAIau2o970ImtTR1ZmkGxvEeA3J5iw/mjgbIwga8wDwYDVR0TAQH/BAUw -AwEB/zAOBgNVHQ8BAf8EBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJ -aW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYj -aHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFLMW -kf3upm7ktS5Jj4d4gYDs5bG1MAoGCCqGSM49BAMDA2gAMGUCMGYhDBgmYFo4e1ZC -4Kf8NoRRkSAsdk1DPcQdhCPQrNZ8NQbOzWm9kA3bbEhCHQ6qQgIxAJw9SDkjOVga -FRJZap7v1VmyHVIsmXHNxynfGyphe3HR3vPA5Q06Sqotp9iGKt0uEA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIE0zCCA7ugAwIBAgIQGNrRniZ96LtKIVjNzGs7SjANBgkqhkiG9w0BAQUFADCB -yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL -ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp -U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW -ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0 -aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCByjEL -MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW -ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2ln -biwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJp -U2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9y -aXR5IC0gRzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1 -nmAMqudLO07cfLw8RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbex -t0uz/o9+B1fs70PbZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIz -SdhDY2pSS9KP6HBRTdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQG -BO+QueQA5N06tRn/Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+ -rCpSx4/VBEnkjWNHiDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/ -NIeWiu5T6CUVAgMBAAGjgbIwga8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8E -BAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2UvZ2lmMCEwHzAH -BgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVy -aXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFH/TZafC3ey78DAJ80M5+gKv -MzEzMA0GCSqGSIb3DQEBBQUAA4IBAQCTJEowX2LP2BqYLz3q3JktvXf2pXkiOOzE -p6B4Eq1iDkVwZMXnl2YtmAl+X6/WzChl8gGqCBpH3vn5fJJaCGkgDdk+bW48DW7Y -5gaRQBi5+MHt39tBquCWIMnNZBU4gcmU7qKEKQsTb47bDN0lAtukixlE0kF6BWlK -WE9gyn6CagsCqiUXObXbf+eEZSqVir2G3l6BFoMtEMze/aiCKm0oHw0LxOXnGiYZ -4fQRbxC1lfznQgUy286dUV4otp6F01vvpX1FQHKOtw5rDgb7MzVIcbidJ4vEZV8N -hnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNq ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEuTCCA6GgAwIBAgIQQBrEZCGzEyEDDrvkEhrFHTANBgkqhkiG9w0BAQsFADCB -vTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL -ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwOCBWZXJp -U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MTgwNgYDVQQDEy9W -ZXJpU2lnbiBVbml2ZXJzYWwgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAe -Fw0wODA0MDIwMDAwMDBaFw0zNzEyMDEyMzU5NTlaMIG9MQswCQYDVQQGEwJVUzEX -MBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0 -IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAyMDA4IFZlcmlTaWduLCBJbmMuIC0gRm9y -IGF1dGhvcml6ZWQgdXNlIG9ubHkxODA2BgNVBAMTL1ZlcmlTaWduIFVuaXZlcnNh -bCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEF -AAOCAQ8AMIIBCgKCAQEAx2E3XrEBNNti1xWb/1hajCMj1mCOkdeQmIN65lgZOIzF -9uVkhbSicfvtvbnazU0AtMgtc6XHaXGVHzk8skQHnOgO+k1KxCHfKWGPMiJhgsWH -H26MfF8WIFFE0XBPV+rjHOPMee5Y2A7Cs0WTwCznmhcrewA3ekEzeOEz4vMQGn+H -LL729fdC4uW/h2KJXwBL38Xd5HVEMkE6HnFuacsLdUYI0crSK5XQz/u5QGtkjFdN -/BMReYTtXlT2NJ8IAfMQJQYXStrxHXpma5hgZqTZ79IugvHw7wnqRMkVauIDbjPT -rJ9VAMf2CGqUuV/c4DPxhGD5WycRtPwW8rtWaoAljQIDAQABo4GyMIGvMA8GA1Ud -EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMG0GCCsGAQUFBwEMBGEwX6FdoFsw -WTBXMFUWCWltYWdlL2dpZjAhMB8wBwYFKw4DAhoEFI/l0xqGrI2Oa8PPgGrUSBgs -exkuMCUWI2h0dHA6Ly9sb2dvLnZlcmlzaWduLmNvbS92c2xvZ28uZ2lmMB0GA1Ud -DgQWBBS2d/ppSEefUxLVwuoHMnYH0ZcHGTANBgkqhkiG9w0BAQsFAAOCAQEASvj4 -sAPmLGd75JR3Y8xuTPl9Dg3cyLk1uXBPY/ok+myDjEedO2Pzmvl2MpWRsXe8rJq+ -seQxIcaBlVZaDrHC1LGmWazxY8u4TB1ZkErvkBYoH1quEPuBUDgMbMzxPcP1Y+Oz -4yHJJDnp/RVmRvQbEdBNc6N9Rvk97ahfYtTxP/jgdFcrGJ2BtMQo2pSXpXDrrB2+ -BxHw1dvd5Yzw1TKwg+ZX4o+/vqGqvz0dtdQ46tewXDpPaj+PwGZsY6rp2aQW9IHR -lRQOfc2VNNnSj3BzgXucfr2YYdhFh5iQxeuGMMY1v/D/w1WIg0vvBZIGcfK4mJO3 -7M2CYfE45k+XmCpajQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEGjCCAwICEQCLW3VWhFSFCwDPrzhIzrGkMA0GCSqGSIb3DQEBBQUAMIHKMQsw -CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl -cmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWdu -LCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlT -aWduIENsYXNzIDEgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3Jp -dHkgLSBHMzAeFw05OTEwMDEwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMIHKMQswCQYD -VQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlT -aWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJ -bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWdu -IENsYXNzIDEgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg -LSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN2E1Lm0+afY8wR4 -nN493GwTFtl63SRRZsDHJlkNrAYIwpTRMx/wgzUfbhvI3qpuFU5UJ+/EbRrsC+MO -8ESlV8dAWB6jRx9x7GD2bZTIGDnt/kIYVt/kTEkQeE4BdjVjEjbdZrwBBDajVWjV -ojYJrKshJlQGrT/KFOCsyq0GHZXi+J3x4GD/wn91K0zM2v6HmSHquv4+VNfSWXjb -PG7PoBMAGrgnoeS+Z5bKoMWznN3JdZ7rMJpfo83ZrngZPyPpXNspva1VyBtUjGP2 -6KbqxzcSXKMpHgLZ2x87tNcPVkeBFQRKr4Mn0cVYiMHd9qqnoxjaaKptEVHhv2Vr -n5Z20T0CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAq2aN17O6x5q25lXQBfGfMY1a -qtmqRiYPce2lrVNWYgFHKkTp/j90CxObufRNG7LRX7K20ohcs5/Ny9Sn2WCVhDr4 -wTcdYcrnsMXlkdpUpqwxga6X3s0IrLjAl4B/bnKk52kTlWUfxJM8/XmPBNQ+T+r3 -ns7NZ3xPZQL/kYVUc8f/NveGLezQXk//EZ9yBta4GvFMDSZl4kSAHsef493oCtrs -pSCAaWihT37ha88HQfqDjrw43bAuEbFrskLMmrz5SCJ5ShkPshw+IHTZasO+8ih4 -E1Z5T21Q6huwtVexN2ZYI/PcD98Kh8TvhgXVOBRgmaNL3gaWcSzy27YfpO8/7g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEGTCCAwECEGFwy0mMX5hFKeewptlQW3owDQYJKoZIhvcNAQEFBQAwgcoxCzAJ -BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVy -aVNpZ24gVHJ1c3QgTmV0d29yazE6MDgGA1UECxMxKGMpIDE5OTkgVmVyaVNpZ24s -IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTFFMEMGA1UEAxM8VmVyaVNp -Z24gQ2xhc3MgMiBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0 -eSAtIEczMB4XDTk5MTAwMTAwMDAwMFoXDTM2MDcxNjIzNTk1OVowgcoxCzAJBgNV -BAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVyaVNp -Z24gVHJ1c3QgTmV0d29yazE6MDgGA1UECxMxKGMpIDE5OTkgVmVyaVNpZ24sIElu -Yy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTFFMEMGA1UEAxM8VmVyaVNpZ24g -Q2xhc3MgMiBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAt -IEczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwoNwtUs22e5LeWU -J92lvuCwTY+zYVY81nzD9M0+hsuiiOLh2KRpxbXiv8GmR1BeRjmL1Za6tW8UvxDO -JxOeBUebMXoT2B/Z0wI3i60sR/COgQanDTAM6/c8DyAd3HJG7qUCyFvDyVZpTMUY -wZF7C9UTAJu878NIPkZgIIUq1ZC2zYugzDLdt/1AVbJQHFauzI13TccgTacxdu9o -koqQHgiBVrKtaaNS0MscxCM9H5n+TOgWY47GCI72MfbS+uV23bUckqNJzc0BzWjN -qWm6o+sdDZykIKbBoMXRRkwXbdKsZj+WjOCE1Db/IlnF+RFgqF8EffIa9iVCYQ/E -Srg+iQIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQA0JhU8wI1NQ0kdvekhktdmnLfe -xbjQ5F1fdiLAJvmEOjr5jLX77GDx6M4EsMjdpwOPMPOY36TmpDHf0xwLRtxyID+u -7gU8pDM/CzmscHhzS5kr3zDCVLCoO1Wh/hYozUK9dG6A2ydEp85EXdQbkJgNHkKU -sQAsBNB0owIFImNjzYO1+8FtYmtpdf1dcEG59b98377BMnMiIYtYgXsVkXq642RI -sH/7NiXaldDxJBQX3RiAa0YjOVT1jmIJBB2UkKab5iXiQkWquJCtvgiPqQtCGJTP -cjnhsUPgKM+351psE2tJs//jGHyJizNdrDPXp/naOlXJWBD5qu9ats9LS98q ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEGjCCAwICEQCbfgZJoz5iudXukEhxKe9XMA0GCSqGSIb3DQEBBQUAMIHKMQsw -CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl -cmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWdu -LCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlT -aWduIENsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3Jp -dHkgLSBHMzAeFw05OTEwMDEwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMIHKMQswCQYD -VQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlT -aWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJ -bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWdu -IENsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg -LSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMu6nFL8eB8aHm8b -N3O9+MlrlBIwT/A2R/XQkQr1F8ilYcEWQE37imGQ5XYgwREGfassbqb1EUGO+i2t -KmFZpGcmTNDovFJbcCAEWNF6yaRpvIMXZK0Fi7zQWM6NjPXr8EJJC52XJ2cybuGu -kxUccLwgTS8Y3pKI6GyFVxEa6X7jJhFUokWWVYPKMIno3Nij7SqAP395ZVc+FSBm -CC+Vk7+qRy+oRpfwEuL+wgorUeZ25rdGt+INpsyow0xZVYnm6FNcHOqd8GIWC6fJ -Xwzw3sJ2zq/3avL6QaaiMxTJ5Xpj055iN9WFZZ4O5lMkdBteHRJTW8cs54NJOxWu -imi5V5cCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAERSWwauSCPc/L8my/uRan2Te -2yFPhpk0djZX3dAVL8WtfxUfN2JzPtTnX84XA9s1+ivbrmAJXx5fj267Cz3qWhMe -DGBvtcC1IyIuBwvLqXTLR7sdwdela8wv0kL9Sd2nic9TutoAWii/gt/4uhMdUIaC -/Y4wjylGsB49Ndo4YhYYSq3mtlFs3q9i6wHQHiT+eo8SGhJouPtmmRQURVyu565p -F4ErWjfJXir0xuKhXFSbplQAz/DxwceYMBo7Nhbbo27q/a2ywtrvAkcTisDxszGt -TxzhT5yvDwyd93gN2PQ1VoDat20Xj50egWTh/sVFuq1ruQp6Tk9LhO5L8X3dEQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDojCCAoqgAwIBAgIQE4Y1TR0/BvLB+WUF1ZAcYjANBgkqhkiG9w0BAQUFADBr -MQswCQYDVQQGEwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UECxMmVmlzYSBJbnRl -cm5hdGlvbmFsIFNlcnZpY2UgQXNzb2NpYXRpb24xHDAaBgNVBAMTE1Zpc2EgZUNv -bW1lcmNlIFJvb3QwHhcNMDIwNjI2MDIxODM2WhcNMjIwNjI0MDAxNjEyWjBrMQsw -CQYDVQQGEwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UECxMmVmlzYSBJbnRlcm5h -dGlvbmFsIFNlcnZpY2UgQXNzb2NpYXRpb24xHDAaBgNVBAMTE1Zpc2EgZUNvbW1l -cmNlIFJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvV95WHm6h -2mCxlCfLF9sHP4CFT8icttD0b0/Pmdjh28JIXDqsOTPHH2qLJj0rNfVIsZHBAk4E -lpF7sDPwsRROEW+1QK8bRaVK7362rPKgH1g/EkZgPI2h4H3PVz4zHvtH8aoVlwdV -ZqW1LS7YgFmypw23RuwhY/81q6UCzyr0TP579ZRdhE2o8mCP2w4lPJ9zcc+U30rq -299yOIzzlr3xF7zSujtFWsan9sYXiwGd/BmoKoMWuDpI/k4+oKsGGelT84ATB+0t -vz8KPFUgOSwsAGl0lUq8ILKpeeUYiZGo3BxN77t+Nwtd/jmliFKMAGzsGHxBvfaL -dXe6YJ2E5/4tAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD -AgEGMB0GA1UdDgQWBBQVOIMPPyw/cDMezUb+B4wg4NfDtzANBgkqhkiG9w0BAQUF -AAOCAQEAX/FBfXxcCLkr4NWSR/pnXKUTwwMhmytMiUbPWU3J/qVAtmPN3XEolWcR -zCSs00Rsca4BIGsDoo8Ytyk6feUWYFN4PMCvFYP3j1IzJL1kk5fui/fbGKhtcbP3 -LBfQdCVp9/5rPJS+TUtBjE7ic9DjkCJzQ83z7+pzzkWKsKZJ/0x9nXGIxHYdkFsd -7v3M9+79YKWxehZx0RbQfBI8bGmX265fOZpwLwU8GUYEmSA20GBuYQa7FkKMcPcw -++DbZqMAAb3mLNqRX6BGi01qnD093QVG/na/oAo85ADmJ7f/hC3euiInlhBx6yLt -398znM/jra6O1I7mT1GvFpLgXPYHDw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEMDCCAxigAwIBAgIQUJRs7Bjq1ZxN1ZfvdY+grTANBgkqhkiG9w0BAQUFADCB -gjELMAkGA1UEBhMCVVMxHjAcBgNVBAsTFXd3dy54cmFtcHNlY3VyaXR5LmNvbTEk -MCIGA1UEChMbWFJhbXAgU2VjdXJpdHkgU2VydmljZXMgSW5jMS0wKwYDVQQDEyRY -UmFtcCBHbG9iYWwgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQxMTAxMTcx -NDA0WhcNMzUwMTAxMDUzNzE5WjCBgjELMAkGA1UEBhMCVVMxHjAcBgNVBAsTFXd3 -dy54cmFtcHNlY3VyaXR5LmNvbTEkMCIGA1UEChMbWFJhbXAgU2VjdXJpdHkgU2Vy -dmljZXMgSW5jMS0wKwYDVQQDEyRYUmFtcCBHbG9iYWwgQ2VydGlmaWNhdGlvbiBB -dXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYJB69FbS6 -38eMpSe2OAtp87ZOqCwuIR1cRN8hXX4jdP5efrRKt6atH67gBhbim1vZZ3RrXYCP -KZ2GG9mcDZhtdhAoWORlsH9KmHmf4MMxfoArtYzAQDsRhtDLooY2YKTVMIJt2W7Q -DxIEM5dfT2Fa8OT5kavnHTu86M/0ay00fOJIYRyO82FEzG+gSqmUsE3a56k0enI4 -qEHMPJQRfevIpoy3hsvKMzvZPTeL+3o+hiznc9cKV6xkmxnr9A8ECIqsAxcZZPRa -JSKNNCyy9mgdEm3Tih4U2sSPpuIjhdV6Db1q4Ons7Be7QhtnqiXtRYMh/MHJfNVi -PvryxS3T/dRlAgMBAAGjgZ8wgZwwEwYJKwYBBAGCNxQCBAYeBABDAEEwCwYDVR0P -BAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFMZPoj0GY4QJnM5i5ASs -jVy16bYbMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwueHJhbXBzZWN1cml0 -eS5jb20vWEdDQS5jcmwwEAYJKwYBBAGCNxUBBAMCAQEwDQYJKoZIhvcNAQEFBQAD -ggEBAJEVOQMBG2f7Shz5CmBbodpNl2L5JFMn14JkTpAuw0kbK5rc/Kh4ZzXxHfAR -vbdI4xD2Dd8/0sm2qlWkSLoC295ZLhVbO50WfUfXN+pfTXYSNrsf16GBBEYgoyxt -qZ4Bfj8pzgCT3/3JknOJiWSe5yvkHJEs0rnOfc5vMZnT5r7SHpDwCRR5XCOrTdLa -IR9NmXmd4c8nnxCbHIgNsIpkQTG4DmyQJKSbXHGPurt+HBvbaoAPIbzp26a3QPSy -i6mx5O+aGtA9aZnuqCij4Tyz8LIRnM98QObd50N9otg6tamN8jSZxNQQ4Qb9CYQQ -O+7ETPTsJ3xCwnR8gooJybQDJbw= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDODCCAiCgAwIBAgIGIAYFFnACMA0GCSqGSIb3DQEBBQUAMDsxCzAJBgNVBAYT -AlJPMREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJR04gUk9PVCBD -QTAeFw0wNjA3MDQxNzIwMDRaFw0zMTA3MDQxNzIwMDRaMDsxCzAJBgNVBAYTAlJP -MREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJR04gUk9PVCBDQTCC -ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALczuX7IJUqOtdu0KBuqV5Do -0SLTZLrTk+jUrIZhQGpgV2hUhE28alQCBf/fm5oqrl0Hj0rDKH/v+yv6efHHrfAQ -UySQi2bJqIirr1qjAOm+ukbuW3N7LBeCgV5iLKECZbO9xSsAfsT8AzNXDe3i+s5d -RdY4zTW2ssHQnIFKquSyAVwdj1+ZxLGt24gh65AIgoDzMKND5pCCrlUoSe1b16kQ -OA7+j0xbm0bqQfWwCHTD0IgztnzXdN/chNFDDnU5oSVAKOp4yw4sLjmdjItuFhwv -JoIQ4uNllAoEwF73XVv4EOLQunpL+943AAAaWyjj0pxzPjKHmKHJUS/X3qwzs08C -AwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAcYwHQYDVR0O -BBYEFOCMm9slSbPxfIbWskKHC9BroNnkMA0GCSqGSIb3DQEBBQUAA4IBAQA+0hyJ -LjX8+HXd5n9liPRyTMks1zJO890ZeUe9jjtbkw9QSSQTaxQGcu8J06Gh40CEyecY -MnQ8SG4Pn0vU9x7Tk4ZkVJdjclDVVc/6IJMCopvDI5NOFlV2oHB5bc0hH88vLbwZ -44gx+FkagQnIl6Z0x2DEW8xXjrJ1/RsCCdtZb3KTafcxQdaIOL+Hsr0Wefmq5L6I -Jd1hJyMctTEHBDa0GpC9oHRxUIltvBTjD4au8as+x6AJzKNI0eDbZOeStc+vckNw -i/nDhDwTqn6Sm1dTk/pwwpEOMfmbZ13pljheX7NzTogVZ96edhBiIL5VaZVDADlN -9u6wWk5JRFRYX0KD ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFsDCCA5igAwIBAgIQFci9ZUdcr7iXAF7kBtK8nTANBgkqhkiG9w0BAQUFADBe -MQswCQYDVQQGEwJUVzEjMCEGA1UECgwaQ2h1bmdod2EgVGVsZWNvbSBDby4sIEx0 -ZC4xKjAoBgNVBAsMIWVQS0kgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAe -Fw0wNDEyMjAwMjMxMjdaFw0zNDEyMjAwMjMxMjdaMF4xCzAJBgNVBAYTAlRXMSMw -IQYDVQQKDBpDaHVuZ2h3YSBUZWxlY29tIENvLiwgTHRkLjEqMCgGA1UECwwhZVBL -SSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIICIjANBgkqhkiG9w0BAQEF -AAOCAg8AMIICCgKCAgEA4SUP7o3biDN1Z82tH306Tm2d0y8U82N0ywEhajfqhFAH -SyZbCUNsIZ5qyNUD9WBpj8zwIuQf5/dqIjG3LBXy4P4AakP/h2XGtRrBp0xtInAh -ijHyl3SJCRImHJ7K2RKilTza6We/CKBk49ZCt0Xvl/T29de1ShUCWH2YWEtgvM3X -DZoTM1PRYfl61dd4s5oz9wCGzh1NlDivqOx4UXCKXBCDUSH3ET00hl7lSM2XgYI1 -TBnsZfZrxQWh7kcT1rMhJ5QQCtkkO7q+RBNGMD+XPNjX12ruOzjjK9SXDrkb5wdJ -fzcq+Xd4z1TtW0ado4AOkUPB1ltfFLqfpo0kR0BZv3I4sjZsN/+Z0V0OWQqraffA -sgRFelQArr5T9rXn4fg8ozHSqf4hUmTFpmfwdQcGlBSBVcYn5AGPF8Fqcde+S/uU -WH1+ETOxQvdibBjWzwloPn9s9h6PYq2lY9sJpx8iQkEeb5mKPtf5P0B6ebClAZLS -nT0IFaUQAS2zMnaolQ2zepr7BxB4EW/hj8e6DyUadCrlHJhBmd8hh+iVBmoKs2pH -dmX2Os+PYhcZewoozRrSgx4hxyy/vv9haLdnG7t4TY3OZ+XkwY63I2binZB1NJip -NiuKmpS5nezMirH4JYlcWrYvjB9teSSnUmjDhDXiZo1jDiVN1Rmy5nk3pyKdVDEC -AwEAAaNqMGgwHQYDVR0OBBYEFB4M97Zn8uGSJglFwFU5Lnc/QkqiMAwGA1UdEwQF -MAMBAf8wOQYEZyoHAAQxMC8wLQIBADAJBgUrDgMCGgUAMAcGBWcqAwAABBRFsMLH -ClZ87lt4DJX5GFPBphzYEDANBgkqhkiG9w0BAQUFAAOCAgEACbODU1kBPpVJufGB -uvl2ICO1J2B01GqZNF5sAFPZn/KmsSQHRGoqxqWOeBLoR9lYGxMqXnmbnwoqZ6Yl -PwZpVnPDimZI+ymBV3QGypzqKOg4ZyYr8dW1P2WT+DZdjo2NQCCHGervJ8A9tDkP -JXtoUHRVnAxZfVo9QZQlUgjgRywVMRnVvwdVxrsStZf0X4OFunHB2WyBEXYKCrC/ -gpf36j36+uwtqSiUO1bd0lEursC9CBWMd1I0ltabrNMdjmEPNXubrjlpC2JgQCA2 -j6/7Nu4tCEoduL+bXPjqpRugc6bY+G7gMwRfaKonh+3ZwZCc7b3jajWvY9+rGNm6 -5ulK6lCKD2GTHuItGeIwlDWSXQ62B68ZgI9HkFFLLk3dheLSClIKF5r8GrBQAuUB -o2M3IUxExJtRmREOc5wGj1QupyheRDmHVi03vYVElOEMSyycw5KFNGHLD7ibSkNS -/jQ6fbjpKdx2qcgw+BRxgMYeNkh0IkFch4LoGHGLQYlE535YW6i4jRPpp2zDR+2z -Gp1iro2C6pSe3VkQw63d4k3jMdXH7OjysP6SHhYKGvzZ8/gntsm+HbRsZJB/9OTE -W9c3rkIO3aQab3yIVMUWbuF6aC74Or8NpDyJO3inTmODBCEIZ43ygknQW/2xzQ+D -hNQ+IIX3Sj0rnP0qCglN6oH4EZw= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEIDCCAwigAwIBAgIQNE7VVyDV7exJ9C/ON9srbTANBgkqhkiG9w0BAQUFADCB -qTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf -Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIw -MDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNV -BAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMDYxMTE3MDAwMDAwWhcNMzYw -NzE2MjM1OTU5WjCBqTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5j -LjEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYG -A1UECxMvKGMpIDIwMDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNl -IG9ubHkxHzAdBgNVBAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsoPD7gFnUnMekz52hWXMJEEUMDSxuaPFs -W0hoSVk3/AszGcJ3f8wQLZU0HObrTQmnHNK4yZc2AreJ1CRfBsDMRJSUjQJib+ta -3RGNKJpchJAQeg29dGYvajig4tVUROsdB58Hum/u6f1OCyn1PoSgAfGcq/gcfomk -6KHYcWUNo1F77rzSImANuVud37r8UVsLr5iy6S7pBOhih94ryNdOwUxkHt3Ph1i6 -Sk/KaAcdHJ1KxtUvkcx8cXIcxcBn6zL9yZJclNqFwJu/U30rCfSMnZEfl2pSy94J -NqR32HuHUETVPm4pafs5SSYeCaWAe0At6+gnhcn+Yf1+5nyXHdWdAgMBAAGjQjBA -MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBR7W0XP -r87Lev0xkhpqtvNG61dIUDANBgkqhkiG9w0BAQUFAAOCAQEAeRHAS7ORtvzw6WfU -DW5FvlXok9LOAz/t2iWwHVfLHjp2oEzsUHboZHIMpKnxuIvW1oeEuzLlQRHAd9mz -YJ3rG9XRbkREqaYB7FViHXe4XI5ISXycO1cRrK1zN44veFyQaEfZYGDm/Ac9IiAX -xPcW6cTYcvnIc3zfFi8VqT79aie2oetaupgf1eNNZAqdE8hhuvU5HIe6uL17In/2 -/qxAeeWsEG89jxt5dovEN7MhGITlNgDrYyCZuen+MwS7QcjBAvlEYyCegc5C09Y/ -LHbTY5xZ3Y+m4Q6gLkH3LpVHz7z9M/P2C2F+fpErgUfCJzDupxBdN49cOSvkBPB7 -jVaMaA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICiDCCAg2gAwIBAgIQNfwmXNmET8k9Jj1Xm67XVjAKBggqhkjOPQQDAzCBhDEL -MAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjE4MDYGA1UECxMvKGMp -IDIwMDcgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxJDAi -BgNVBAMTG3RoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EgLSBHMjAeFw0wNzExMDUwMDAw -MDBaFw0zODAxMTgyMzU5NTlaMIGEMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhh -d3RlLCBJbmMuMTgwNgYDVQQLEy8oYykgMjAwNyB0aGF3dGUsIEluYy4gLSBGb3Ig -YXV0aG9yaXplZCB1c2Ugb25seTEkMCIGA1UEAxMbdGhhd3RlIFByaW1hcnkgUm9v -dCBDQSAtIEcyMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEotWcgnuVnfFSeIf+iha/ -BebfowJPDQfGAFG6DAJSLSKkQjnE/o/qycG+1E3/n3qe4rF8mq2nhglzh9HnmuN6 -papu+7qzcMBniKI11KOasf2twu8x+qi58/sIxpHR+ymVo0IwQDAPBgNVHRMBAf8E -BTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUmtgAMADna3+FGO6Lts6K -DPgR4bswCgYIKoZIzj0EAwMDaQAwZgIxAN344FdHW6fmCsO99YCKlzUNG4k8VIZ3 -KMqh9HneteY4sPBlcIx/AlTCv//YoT7ZzwIxAMSNlPzcU9LcnXgWHxUzI1NS41ox -XZ3Krr0TKUQNJ1uo52icEvdYPy5yAlejj6EULg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEKjCCAxKgAwIBAgIQYAGXt0an6rS0mtZLL/eQ+zANBgkqhkiG9w0BAQsFADCB -rjELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf -Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIw -MDggdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxJDAiBgNV -BAMTG3RoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EgLSBHMzAeFw0wODA0MDIwMDAwMDBa -Fw0zNzEyMDEyMzU5NTlaMIGuMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3Rl -LCBJbmMuMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9u -MTgwNgYDVQQLEy8oYykgMjAwOCB0aGF3dGUsIEluYy4gLSBGb3IgYXV0aG9yaXpl -ZCB1c2Ugb25seTEkMCIGA1UEAxMbdGhhd3RlIFByaW1hcnkgUm9vdCBDQSAtIEcz -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsr8nLPvb2FvdeHsbnndm -gcs+vHyu86YnmjSjaDFxODNi5PNxZnmxqWWjpYvVj2AtP0LMqmsywCPLLEHd5N/8 -YZzic7IilRFDGF/Eth9XbAoFWCLINkw6fKXRz4aviKdEAhN0cXMKQlkC+BsUa0Lf -b1+6a4KinVvnSr0eAXLbS3ToO39/fR8EtCab4LRarEc9VbjXsCZSKAExQGbY2SS9 -9irY7CFJXJv2eul/VTV+lmuNk5Mny5K76qxAwJ/C+IDPXfRa3M50hqY+bAtTyr2S -zhkGcuYMXDhpxwTWvGzOW/b3aJzcJRVIiKHpqfiYnODz1TEoYRFsZ5aNOZnLwkUk -OQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNV -HQ4EFgQUrWyqlGCc7eT/+j4KdCtjA/e2Wb8wDQYJKoZIhvcNAQELBQADggEBABpA -2JVlrAmSicY59BDlqQ5mU1143vokkbvnRFHfxhY0Cu9qRFHqKweKA3rD6z8KLFIW -oCtDuSWQP3CpMyVtRRooOyfPqsMpQhvfO0zAMzRbQYi/aytlryjvsvXDqmbOe1bu -t8jLZ8HJnBoYuMTDSQPxYA5QzUbF83d597YV4Djbxy8ooAw/dyZ02SUS2jHaGh7c -KUGRIjxpp7sC8rZcJwOJ9Abqm+RyguOhCcHpABnTPtRwa7pxpqpYrvS76Wy274fM -m7v/OeZWYdMKp8RcTGB7BXcmer/YB1IsYvdwY9k5vG8cwnncdimvzsUsZAReiDZu -MdRAGmI0Nj81Aa6sY6A= ------END CERTIFICATE----- diff --git a/bitnami/kube-rbac-proxy/0/debian-11/tags-info.yaml b/bitnami/kube-rbac-proxy/0/debian-11/tags-info.yaml deleted file mode 100644 index d85b7fa29e9f..000000000000 --- a/bitnami/kube-rbac-proxy/0/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "0" -- 0-debian-11 -- 0.16.0 -- latest diff --git a/bitnami/kube-state-metrics/2/debian-11/Dockerfile b/bitnami/kube-state-metrics/2/debian-11/Dockerfile deleted file mode 100644 index b9138650f041..000000000000 --- a/bitnami/kube-state-metrics/2/debian-11/Dockerfile +++ /dev/null @@ -1,54 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T08:25:10Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="2.10.1-debian-11-r27" \ - org.opencontainers.image.title="kube-state-metrics" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="2.10.1" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "kube-state-metrics-2.10.1-6-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="2.10.1" \ - BITNAMI_APP_NAME="kube-state-metrics" \ - PATH="/opt/bitnami/kube-state-metrics/bin:$PATH" - -EXPOSE 8080 8081 - -WORKDIR /opt/bitnami/kube-state-metrics -USER 1001 -ENTRYPOINT [ "kube-state-metrics", "--port=8080", "--telemetry-port=8081" ] diff --git a/bitnami/kube-state-metrics/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/kube-state-metrics/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index b4e189775248..000000000000 --- a/bitnami/kube-state-metrics/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "kube-state-metrics": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.10.1-6" - } -} \ No newline at end of file diff --git a/bitnami/kube-state-metrics/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/kube-state-metrics/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/kube-state-metrics/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/kube-state-metrics/2/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/kube-state-metrics/2/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/kube-state-metrics/2/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/kube-state-metrics/2/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/kube-state-metrics/2/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/kube-state-metrics/2/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/kube-state-metrics/2/debian-11/tags-info.yaml b/bitnami/kube-state-metrics/2/debian-11/tags-info.yaml deleted file mode 100644 index ebbf92d52aae..000000000000 --- a/bitnami/kube-state-metrics/2/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "2" -- 2-debian-11 -- 2.10.1 -- latest diff --git a/bitnami/kubeapps-apis/2/debian-11/Dockerfile b/bitnami/kubeapps-apis/2/debian-11/Dockerfile deleted file mode 100644 index cdccb36b6ca4..000000000000 --- a/bitnami/kubeapps-apis/2/debian-11/Dockerfile +++ /dev/null @@ -1,56 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T13:24:19Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="2.9.0-debian-11-r38" \ - org.opencontainers.image.title="kubeapps-apis" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="2.9.0" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "kubeapps-apis-2.9.0-11-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN mkdir -p /opt/bitnami/kubeapps-apis/.kube && chown 1001:1001 /opt/bitnami/kubeapps-apis/.kube -RUN ln -s /opt/bitnami/kubeapps-apis/plugins /plugins && ln -s /opt/bitnami/kubeapps-apis/bin/kubeapps-apis /kubeapps-apis && ln -s /opt/bitnami/kubeapps-apis/.kube /.kube - -ENV APP_VERSION="2.9.0" \ - BITNAMI_APP_NAME="kubeapps-apis" \ - PATH="/opt/bitnami/kubeapps-apis/bin:$PATH" - -EXPOSE 50051 - -USER 1001 -ENTRYPOINT [ "kubeapps-apis" ] -CMD [ "--help" ] diff --git a/bitnami/kubeapps-apis/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/kubeapps-apis/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 220714dc7263..000000000000 --- a/bitnami/kubeapps-apis/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "kubeapps-apis": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.9.0-11" - } -} \ No newline at end of file diff --git a/bitnami/kubeapps-apis/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/kubeapps-apis/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/kubeapps-apis/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/kubeapps-apis/2/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/kubeapps-apis/2/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/kubeapps-apis/2/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/kubeapps-apis/2/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/kubeapps-apis/2/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/kubeapps-apis/2/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/kubeapps-apis/2/debian-11/tags-info.yaml b/bitnami/kubeapps-apis/2/debian-11/tags-info.yaml deleted file mode 100644 index 6a4080a5f75e..000000000000 --- a/bitnami/kubeapps-apis/2/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "2" -- 2-debian-11 -- 2.9.0 -- latest diff --git a/bitnami/kubeapps-apprepository-controller/2/debian-11/Dockerfile b/bitnami/kubeapps-apprepository-controller/2/debian-11/Dockerfile deleted file mode 100644 index 53eb04dbaa71..000000000000 --- a/bitnami/kubeapps-apprepository-controller/2/debian-11/Dockerfile +++ /dev/null @@ -1,56 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye as builder - -ARG TARGETARCH - -ENV OS_ARCH="${TARGETARCH:-amd64}" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] - -# Install required system packages and dependencies -RUN install_packages ca-certificates curl -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "kubeapps-apprepository-controller-2.9.0-11-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done - -###### - -FROM scratch - -ARG TARGETARCH - -ENV OS_ARCH="${TARGETARCH:-amd64}" - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="scratch" \ - org.opencontainers.image.created="2024-02-20T08:37:49Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="2.9.0-debian-11-r21" \ - org.opencontainers.image.title="kubeapps-apprepository-controller" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="2.9.0" - -COPY prebuildfs / -COPY rootfs / -COPY --from=builder /opt/bitnami/kubeapps-apprepository-controller/bin/apprepository-controller /apprepository-controller - -ENV APP_VERSION="2.9.0" \ - BITNAMI_APP_NAME="kubeapps-apprepository-controller" - -USER 1001 - -CMD [ "/apprepository-controller" ] diff --git a/bitnami/kubeapps-apprepository-controller/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/kubeapps-apprepository-controller/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 0cadb8705756..000000000000 --- a/bitnami/kubeapps-apprepository-controller/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "kubeapps-apprepository-controller": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.9.0-11" - } -} \ No newline at end of file diff --git a/bitnami/kubeapps-apprepository-controller/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/kubeapps-apprepository-controller/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/kubeapps-apprepository-controller/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/kubeapps-apprepository-controller/2/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/kubeapps-apprepository-controller/2/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/kubeapps-apprepository-controller/2/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/kubeapps-apprepository-controller/2/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/kubeapps-apprepository-controller/2/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/kubeapps-apprepository-controller/2/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/kubeapps-apprepository-controller/2/debian-11/rootfs/etc/ssl/certs/ca-certificates.crt b/bitnami/kubeapps-apprepository-controller/2/debian-11/rootfs/etc/ssl/certs/ca-certificates.crt deleted file mode 100644 index 2d584626cce6..000000000000 --- a/bitnami/kubeapps-apprepository-controller/2/debian-11/rootfs/etc/ssl/certs/ca-certificates.crt +++ /dev/null @@ -1,3864 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIH0zCCBbugAwIBAgIIXsO3pkN/pOAwDQYJKoZIhvcNAQEFBQAwQjESMBAGA1UE -AwwJQUNDVlJBSVoxMRAwDgYDVQQLDAdQS0lBQ0NWMQ0wCwYDVQQKDARBQ0NWMQsw -CQYDVQQGEwJFUzAeFw0xMTA1MDUwOTM3MzdaFw0zMDEyMzEwOTM3MzdaMEIxEjAQ -BgNVBAMMCUFDQ1ZSQUlaMTEQMA4GA1UECwwHUEtJQUNDVjENMAsGA1UECgwEQUND -VjELMAkGA1UEBhMCRVMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCb -qau/YUqXry+XZpp0X9DZlv3P4uRm7x8fRzPCRKPfmt4ftVTdFXxpNRFvu8gMjmoY -HtiP2Ra8EEg2XPBjs5BaXCQ316PWywlxufEBcoSwfdtNgM3802/J+Nq2DoLSRYWo -G2ioPej0RGy9ocLLA76MPhMAhN9KSMDjIgro6TenGEyxCQ0jVn8ETdkXhBilyNpA -lHPrzg5XPAOBOp0KoVdDaaxXbXmQeOW1tDvYvEyNKKGno6e6Ak4l0Squ7a4DIrhr -IA8wKFSVf+DuzgpmndFALW4ir50awQUZ0m/A8p/4e7MCQvtQqR0tkw8jq8bBD5L/ -0KIV9VMJcRz/RROE5iZe+OCIHAr8Fraocwa48GOEAqDGWuzndN9wrqODJerWx5eH -k6fGioozl2A3ED6XPm4pFdahD9GILBKfb6qkxkLrQaLjlUPTAYVtjrs78yM2x/47 -4KElB0iryYl0/wiPgL/AlmXz7uxLaL2diMMxs0Dx6M/2OLuc5NF/1OVYm3z61PMO -m3WR5LpSLhl+0fXNWhn8ugb2+1KoS5kE3fj5tItQo05iifCHJPqDQsGH+tUtKSpa -cXpkatcnYGMN285J9Y0fkIkyF/hzQ7jSWpOGYdbhdQrqeWZ2iE9x6wQl1gpaepPl -uUsXQA+xtrn13k/c4LOsOxFwYIRKQ26ZIMApcQrAZQIDAQABo4ICyzCCAscwfQYI -KwYBBQUHAQEEcTBvMEwGCCsGAQUFBzAChkBodHRwOi8vd3d3LmFjY3YuZXMvZmls -ZWFkbWluL0FyY2hpdm9zL2NlcnRpZmljYWRvcy9yYWl6YWNjdjEuY3J0MB8GCCsG -AQUFBzABhhNodHRwOi8vb2NzcC5hY2N2LmVzMB0GA1UdDgQWBBTSh7Tj3zcnk1X2 -VuqB5TbMjB4/vTAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFNKHtOPfNyeT -VfZW6oHlNsyMHj+9MIIBcwYDVR0gBIIBajCCAWYwggFiBgRVHSAAMIIBWDCCASIG -CCsGAQUFBwICMIIBFB6CARAAQQB1AHQAbwByAGkAZABhAGQAIABkAGUAIABDAGUA -cgB0AGkAZgBpAGMAYQBjAGkA8wBuACAAUgBhAO0AegAgAGQAZQAgAGwAYQAgAEEA -QwBDAFYAIAAoAEEAZwBlAG4AYwBpAGEAIABkAGUAIABUAGUAYwBuAG8AbABvAGcA -7QBhACAAeQAgAEMAZQByAHQAaQBmAGkAYwBhAGMAaQDzAG4AIABFAGwAZQBjAHQA -cgDzAG4AaQBjAGEALAAgAEMASQBGACAAUQA0ADYAMAAxADEANQA2AEUAKQAuACAA -QwBQAFMAIABlAG4AIABoAHQAdABwADoALwAvAHcAdwB3AC4AYQBjAGMAdgAuAGUA -czAwBggrBgEFBQcCARYkaHR0cDovL3d3dy5hY2N2LmVzL2xlZ2lzbGFjaW9uX2Mu -aHRtMFUGA1UdHwROMEwwSqBIoEaGRGh0dHA6Ly93d3cuYWNjdi5lcy9maWxlYWRt -aW4vQXJjaGl2b3MvY2VydGlmaWNhZG9zL3JhaXphY2N2MV9kZXIuY3JsMA4GA1Ud -DwEB/wQEAwIBBjAXBgNVHREEEDAOgQxhY2N2QGFjY3YuZXMwDQYJKoZIhvcNAQEF -BQADggIBAJcxAp/n/UNnSEQU5CmH7UwoZtCPNdpNYbdKl02125DgBS4OxnnQ8pdp -D70ER9m+27Up2pvZrqmZ1dM8MJP1jaGo/AaNRPTKFpV8M9xii6g3+CfYCS0b78gU -JyCpZET/LtZ1qmxNYEAZSUNUY9rizLpm5U9EelvZaoErQNV/+QEnWCzI7UiRfD+m -AM/EKXMRNt6GGT6d7hmKG9Ww7Y49nCrADdg9ZuM8Db3VlFzi4qc1GwQA9j9ajepD -vV+JHanBsMyZ4k0ACtrJJ1vnE5Bc5PUzolVt3OAJTS+xJlsndQAJxGJ3KQhfnlms -tn6tn1QwIgPBHnFk/vk4CpYY3QIUrCPLBhwepH2NDd4nQeit2hW3sCPdK6jT2iWH -7ehVRE2I9DZ+hJp4rPcOVkkO1jMl1oRQQmwgEh0q1b688nCBpHBgvgW1m54ERL5h -I6zppSSMEYCUWqKiuUnSwdzRp+0xESyeGabu4VXhwOrPDYTkF7eifKXeVSUG7szA -h1xA2syVP1XgNce4hL60Xc16gwFy7ofmXx2utYXGJt/mwZrpHgJHnyqobalbz+xF -d3+YJ5oyXSrjhO7FmGYvliAd3djDJ9ew+f7Zfc3Qn48LFFhRny+Lwzgt3uiP1o2H -pPVWQxaZLPSkVrQ0uGE3ycJYgBugl6H8WY3pEfbRD0tVNEYqi4Y7 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFgzCCA2ugAwIBAgIPXZONMGc2yAYdGsdUhGkHMA0GCSqGSIb3DQEBCwUAMDsx -CzAJBgNVBAYTAkVTMREwDwYDVQQKDAhGTk1ULVJDTTEZMBcGA1UECwwQQUMgUkFJ -WiBGTk1ULVJDTTAeFw0wODEwMjkxNTU5NTZaFw0zMDAxMDEwMDAwMDBaMDsxCzAJ -BgNVBAYTAkVTMREwDwYDVQQKDAhGTk1ULVJDTTEZMBcGA1UECwwQQUMgUkFJWiBG -Tk1ULVJDTTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALpxgHpMhm5/ -yBNtwMZ9HACXjywMI7sQmkCpGreHiPibVmr75nuOi5KOpyVdWRHbNi63URcfqQgf -BBckWKo3Shjf5TnUV/3XwSyRAZHiItQDwFj8d0fsjz50Q7qsNI1NOHZnjrDIbzAz -WHFctPVrbtQBULgTfmxKo0nRIBnuvMApGGWn3v7v3QqQIecaZ5JCEJhfTzC8PhxF -tBDXaEAUwED653cXeuYLj2VbPNmaUtu1vZ5Gzz3rkQUCwJaydkxNEJY7kvqcfw+Z -374jNUUeAlz+taibmSXaXvMiwzn15Cou08YfxGyqxRxqAQVKL9LFwag0Jl1mpdIC -IfkYtwb1TplvqKtMUejPUBjFd8g5CSxJkjKZqLsXF3mwWsXmo8RZZUc1g16p6DUL -mbvkzSDGm0oGObVo/CK67lWMK07q87Hj/LaZmtVC+nFNCM+HHmpxffnTtOmlcYF7 -wk5HlqX2doWjKI/pgG6BU6VtX7hI+cL5NqYuSf+4lsKMB7ObiFj86xsc3i1w4peS -MKGJ47xVqCfWS+2QrYv6YyVZLag13cqXM7zlzced0ezvXg5KkAYmY6252TUtB7p2 -ZSysV4999AeU14ECll2jB0nVetBX+RvnU0Z1qrB5QstocQjpYL05ac70r8NWQMet -UqIJ5G+GR4of6ygnXYMgrwTJbFaai0b1AgMBAAGjgYMwgYAwDwYDVR0TAQH/BAUw -AwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFPd9xf3E6Jobd2Sn9R2gzL+H -YJptMD4GA1UdIAQ3MDUwMwYEVR0gADArMCkGCCsGAQUFBwIBFh1odHRwOi8vd3d3 -LmNlcnQuZm5tdC5lcy9kcGNzLzANBgkqhkiG9w0BAQsFAAOCAgEAB5BK3/MjTvDD -nFFlm5wioooMhfNzKWtN/gHiqQxjAb8EZ6WdmF/9ARP67Jpi6Yb+tmLSbkyU+8B1 -RXxlDPiyN8+sD8+Nb/kZ94/sHvJwnvDKuO+3/3Y3dlv2bojzr2IyIpMNOmqOFGYM -LVN0V2Ue1bLdI4E7pWYjJ2cJj+F3qkPNZVEI7VFY/uY5+ctHhKQV8Xa7pO6kO8Rf -77IzlhEYt8llvhjho6Tc+hj507wTmzl6NLrTQfv6MooqtyuGC2mDOL7Nii4LcK2N -JpLuHvUBKwrZ1pebbuCoGRw6IYsMHkCtA+fdZn71uSANA+iW+YJF1DngoABd15jm -fZ5nc8OaKveri6E6FO80vFIOiZiaBECEHX5FaZNXzuvO+FB8TxxuBEOb+dY7Ixjp -6o7RTUaN8Tvkasq6+yO3m/qZASlaWFot4/nUbQ4mrcFuNLwy+AwF+mWj2zs3gyLp -1txyM/1d8iC9djwj2ij3+RvrWWTV3F9yfiD8zYm1kGdNYno/Tq0dwzn+evQoFt9B -9kiABdcPUXmsEKvU7ANm5mqwujGSQkBqvjrTcuFqN1W8rB2Vt2lh8kORdOag0wok -RqEIr9baRRmW1FMdW4R58MD3R++Lj8UGrp1MYp3/RgT408m2ECVAdf4WqslKYIYv -uu8wd+RU4riEmViAqhOLUTpPSPaLtrM= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIGZjCCBE6gAwIBAgIPB35Sk3vgFeNX8GmMy+wMMA0GCSqGSIb3DQEBBQUAMHsx -CzAJBgNVBAYTAkNPMUcwRQYDVQQKDD5Tb2NpZWRhZCBDYW1lcmFsIGRlIENlcnRp -ZmljYWNpw7NuIERpZ2l0YWwgLSBDZXJ0aWPDoW1hcmEgUy5BLjEjMCEGA1UEAwwa -QUMgUmHDrXogQ2VydGljw6FtYXJhIFMuQS4wHhcNMDYxMTI3MjA0NjI5WhcNMzAw -NDAyMjE0MjAyWjB7MQswCQYDVQQGEwJDTzFHMEUGA1UECgw+U29jaWVkYWQgQ2Ft -ZXJhbCBkZSBDZXJ0aWZpY2FjacOzbiBEaWdpdGFsIC0gQ2VydGljw6FtYXJhIFMu -QS4xIzAhBgNVBAMMGkFDIFJhw616IENlcnRpY8OhbWFyYSBTLkEuMIICIjANBgkq -hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAq2uJo1PMSCMI+8PPUZYILrgIem08kBeG -qentLhM0R7LQcNzJPNCNyu5LF6vQhbCnIwTLqKL85XXbQMpiiY9QngE9JlsYhBzL -fDe3fezTf3MZsGqy2IiKLUV0qPezuMDU2s0iiXRNWhU5cxh0T7XrmafBHoi0wpOQ -Y5fzp6cSsgkiBzPZkc0OnB8OIMfuuzONj8LSWKdf/WU34ojC2I+GdV75LaeHM/J4 -Ny+LvB2GNzmxlPLYvEqcgxhaBvzz1NS6jBUJJfD5to0EfhcSM2tXSExP2yYe68yQ -54v5aHxwD6Mq0Do43zeX4lvegGHTgNiRg0JaTASJaBE8rF9ogEHMYELODVoqDA+b -MMCm8Ibbq0nXl21Ii/kDwFJnmxL3wvIumGVC2daa49AZMQyth9VXAnow6IYm+48j -ilSH5L887uvDdUhfHjlvgWJsxS3EF1QZtzeNnDeRyPYL1epjb4OsOMLzP96a++Ej -YfDIJss2yKHzMI+ko6Kh3VOz3vCaMh+DkXkwwakfU5tTohVTP92dsxA7SH2JD/zt -A/X7JWR1DhcZDY8AFmd5ekD8LVkH2ZD6mq093ICK5lw1omdMEWux+IBkAC1vImHF -rEsm5VoQgpukg3s0956JkSCXjrdCx2bD0Omk1vUgjcTDlaxECp1bczwmPS9KvqfJ -pxAe+59QafMCAwEAAaOB5jCB4zAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE -AwIBBjAdBgNVHQ4EFgQU0QnQ6dfOeXRU+Tows/RtLAMDG2gwgaAGA1UdIASBmDCB -lTCBkgYEVR0gADCBiTArBggrBgEFBQcCARYfaHR0cDovL3d3dy5jZXJ0aWNhbWFy -YS5jb20vZHBjLzBaBggrBgEFBQcCAjBOGkxMaW1pdGFjaW9uZXMgZGUgZ2FyYW50 -7WFzIGRlIGVzdGUgY2VydGlmaWNhZG8gc2UgcHVlZGVuIGVuY29udHJhciBlbiBs -YSBEUEMuMA0GCSqGSIb3DQEBBQUAA4ICAQBclLW4RZFNjmEfAygPU3zmpFmps4p6 -xbD/CHwso3EcIRNnoZUSQDWDg4902zNc8El2CoFS3UnUmjIz75uny3XlesuXEpBc -unvFm9+7OSPI/5jOCk0iAUgHforA1SBClETvv3eiiWdIG0ADBaGJ7M9i4z0ldma/ -Jre7Ir5v/zlXdLp6yQGVwZVR6Kss+LGGIOk/yzVb0hfpKv6DExdA7ohiZVvVO2Dp -ezy4ydV/NgIlqmjCMRW3MGXrfx1IebHPOeJCgBbT9ZMj/EyXyVo3bHwi2ErN0o42 -gzmRkBDI8ck1fj+404HGIGQatlDCIaR43NAvO2STdPCWkPHv+wlaNECW8DYSwaN0 -jJN+Qd53i+yG2dIPPy3RzECiiWZIHiCznCNZc6lEc7wkeZBWN7PGKX6jD/EpOe9+ -XCgycDWs2rjIdWb8m0w5R44bb5tNAlQiM+9hup4phO9OSzNHdpdqy35f/RWmnkJD -W2ZaiogN9xa5P1FlK2Zqi9E4UqLWRhH6/JocdJ6PlwsCT2TG9WjTSy3/pDceiz+/ -RL5hRqGEPQgnTIEgd4kI6mdAXmwIUV80WoyWaM3X94nCHNMyAK9Sy9NgWyo6R35r -MDOhYil/SrnhLecUIw4OGEfhefwVVdCx/CVxY3UzHCMrr1zZ7Ud3YA47Dx7SwNxk -BYn8eNZcLCZDqQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFuzCCA6OgAwIBAgIIVwoRl0LE48wwDQYJKoZIhvcNAQELBQAwazELMAkGA1UE -BhMCSVQxDjAMBgNVBAcMBU1pbGFuMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8w -MzM1ODUyMDk2NzEnMCUGA1UEAwweQWN0YWxpcyBBdXRoZW50aWNhdGlvbiBSb290 -IENBMB4XDTExMDkyMjExMjIwMloXDTMwMDkyMjExMjIwMlowazELMAkGA1UEBhMC -SVQxDjAMBgNVBAcMBU1pbGFuMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8wMzM1 -ODUyMDk2NzEnMCUGA1UEAwweQWN0YWxpcyBBdXRoZW50aWNhdGlvbiBSb290IENB -MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAp8bEpSmkLO/lGMWwUKNv -UTufClrJwkg4CsIcoBh/kbWHuUA/3R1oHwiD1S0eiKD4j1aPbZkCkpAW1V8IbInX -4ay8IMKx4INRimlNAJZaby/ARH6jDuSRzVju3PvHHkVH3Se5CAGfpiEd9UEtL0z9 -KK3giq0itFZljoZUj5NDKd45RnijMCO6zfB9E1fAXdKDa0hMxKufgFpbOr3JpyI/ -gCczWw63igxdBzcIy2zSekciRDXFzMwujt0q7bd9Zg1fYVEiVRvjRuPjPdA1Yprb -rxTIW6HMiRvhMCb8oJsfgadHHwTrozmSBp+Z07/T6k9QnBn+locePGX2oxgkg4YQ -51Q+qDp2JE+BIcXjDwL4k5RHILv+1A7TaLndxHqEguNTVHnd25zS8gebLra8Pu2F -be8lEfKXGkJh90qX6IuxEAf6ZYGyojnP9zz/GPvG8VqLWeICrHuS0E4UT1lF9gxe -KF+w6D9Fz8+vm2/7hNN3WpVvrJSEnu68wEqPSpP4RCHiMUVhUE4Q2OM1fEwZtN4F -v6MGn8i1zeQf1xcGDXqVdFUNaBr8EBtiZJ1t4JWgw5QHVw0U5r0F+7if5t+L4sbn -fpb2U8WANFAoWPASUHEXMLrmeGO89LKtmyuy/uE5jF66CyCU3nuDuP/jVo23Eek7 -jPKxwV2dpAtMK9myGPW1n0sCAwEAAaNjMGEwHQYDVR0OBBYEFFLYiDrIn3hm7Ynz -ezhwlMkCAjbQMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUUtiIOsifeGbt -ifN7OHCUyQICNtAwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4ICAQAL -e3KHwGCmSUyIWOYdiPcUZEim2FgKDk8TNd81HdTtBjHIgT5q1d07GjLukD0R0i70 -jsNjLiNmsGe+b7bAEzlgqqI0JZN1Ut6nna0Oh4lScWoWPBkdg/iaKWW+9D+a2fDz -WochcYBNy+A4mz+7+uAwTc+G02UQGRjRlwKxK3JCaKygvU5a2hi/a5iB0P2avl4V -SM0RFbnAKVy06Ij3Pjaut2L9HmLecHgQHEhb2rykOLpn7VU+Xlff1ANATIGk0k9j -pwlCCRT8AKnCgHNPLsBA2RF7SOp6AsDT6ygBJlh0wcBzIm2Tlf05fbsq4/aC4yyX -X04fkZT6/iyj2HYauE2yOE+b+h1IYHkm4vP9qdCa6HCPSXrW5b0KDtst842/6+Ok -fcvHlXHo2qN8xcL4dJIEG4aspCJTQLas/kx2z/uUMsA1n3Y/buWQbqCmJqK4LL7R -K4X9p2jIugErsWx0Hbhzlefut8cl8ABMALJ+tguLHPPAUJ4lueAI3jZm/zel0btU -ZCzJJ7VLkn5l/9Mt4blOvH+kQSGQQXemOR/qnuOf0GZvBeyqdn6/axag67XH/JJU -LysRJyU3eExRarDzzFhdFPFqSBX/wge2sY0PjlxQRrM9vwGYT7JZVEc+NHt4bVaT -LnPqZih4zR0Uv6CPLy64Lo7yFIrM6bV8+2ydDKXhlg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIENjCCAx6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBvMQswCQYDVQQGEwJTRTEU -MBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4dGVybmFs -IFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBFeHRlcm5hbCBDQSBSb290 -MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFowbzELMAkGA1UEBhMCU0Ux -FDASBgNVBAoTC0FkZFRydXN0IEFCMSYwJAYDVQQLEx1BZGRUcnVzdCBFeHRlcm5h -bCBUVFAgTmV0d29yazEiMCAGA1UEAxMZQWRkVHJ1c3QgRXh0ZXJuYWwgQ0EgUm9v -dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALf3GjPm8gAELTngTlvt -H7xsD821+iO2zt6bETOXpClMfZOfvUq8k+0DGuOPz+VtUFrWlymUWoCwSXrbLpX9 -uMq/NzgtHj6RQa1wVsfwTz/oMp50ysiQVOnGXw94nZpAPA6sYapeFI+eh6FqUNzX -mk6vBbOmcZSccbNQYArHE504B4YCqOmoaSYYkKtMsE8jqzpPhNjfzp/haW+710LX -a0Tkx63ubUFfclpxCDezeWWkWaCUN/cALw3CknLa0Dhy2xSoRcRdKn23tNbE7qzN -E0S3ySvdQwAl+mG5aWpYIxG3pzOPVnVZ9c0p10a3CitlttNCbxWyuHv77+ldU9U0 -WicCAwEAAaOB3DCB2TAdBgNVHQ4EFgQUrb2YejS0Jvf6xCZU7wO94CTLVBowCwYD -VR0PBAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wgZkGA1UdIwSBkTCBjoAUrb2YejS0 -Jvf6xCZU7wO94CTLVBqhc6RxMG8xCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRU -cnVzdCBBQjEmMCQGA1UECxMdQWRkVHJ1c3QgRXh0ZXJuYWwgVFRQIE5ldHdvcmsx -IjAgBgNVBAMTGUFkZFRydXN0IEV4dGVybmFsIENBIFJvb3SCAQEwDQYJKoZIhvcN -AQEFBQADggEBALCb4IUlwtYj4g+WBpKdQZic2YR5gdkeWxQHIzZlj7DYd7usQWxH -YINRsPkyPef89iYTx4AWpb9a/IfPeHmJIZriTAcKhjW88t5RxNKWt9x+Tu5w/Rw5 -6wwCURQtjr0W4MHfRnXnJK3s9EK0hZNwEGe6nQY1ShjTK3rMUUKhemPR5ruhxSvC -Nr4TDea9Y355e6cJDUCrat2PisP29owaQgVR1EX1n6diIWgVIEM8med8vSTYqZEX -c4g/VhsxOBi0cQ+azcgOno4uG+GMmIPLHzHxREzGBHNJdmAPx/i9F4BrLunMTA5a -mnkPIAou1Z5jJh5VkpTYghdae9C8x49OhgQ= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEGDCCAwCgAwIBAgIBATANBgkqhkiG9w0BAQUFADBlMQswCQYDVQQGEwJTRTEU -MBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3 -b3JrMSEwHwYDVQQDExhBZGRUcnVzdCBDbGFzcyAxIENBIFJvb3QwHhcNMDAwNTMw -MTAzODMxWhcNMjAwNTMwMTAzODMxWjBlMQswCQYDVQQGEwJTRTEUMBIGA1UEChML -QWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3b3JrMSEwHwYD -VQQDExhBZGRUcnVzdCBDbGFzcyAxIENBIFJvb3QwggEiMA0GCSqGSIb3DQEBAQUA -A4IBDwAwggEKAoIBAQCWltQhSWDia+hBBwzexODcEyPNwTXH+9ZOEQpnXvUGW2ul -CDtbKRY654eyNAbFvAWlA3yCyykQruGIgb3WntP+LVbBFc7jJp0VLhD7Bo8wBN6n -tGO0/7Gcrjyvd7ZWxbWroulpOj0OM3kyP3CCkplhbY0wCI9xP6ZIVxn4JdxLZlyl -dI+Yrsj5wAYi56xz36Uu+1LcsRVlIPo1Zmne3yzxbrww2ywkEtvrNTVokMsAsJch -PXQhI2U0K7t4WaPW4XY5mqRJjox0r26kmqPZm9I4XJuiGMx1I4S+6+JNM3GOGvDC -+Mcdoq0Dlyz4zyXG9rgkMbFjXZJ/Y/AlyVMuH79NAgMBAAGjgdIwgc8wHQYDVR0O -BBYEFJWxtPCUtr3H2tERCSG+wa9J/RB7MAsGA1UdDwQEAwIBBjAPBgNVHRMBAf8E -BTADAQH/MIGPBgNVHSMEgYcwgYSAFJWxtPCUtr3H2tERCSG+wa9J/RB7oWmkZzBl -MQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFk -ZFRydXN0IFRUUCBOZXR3b3JrMSEwHwYDVQQDExhBZGRUcnVzdCBDbGFzcyAxIENB -IFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBACxtZBsfzQ3duQH6lmM0MkhHma6X -7f1yFqZzR1r0693p9db7RcwpiURdv0Y5PejuvE1Uhh4dbOMXJ0PhiVYrqW9yTkkz -43J8KiOavD7/KCrto/8cI7pDVwlnTUtiBi34/2ydYB7YHEt9tTEv2dB8Xfjea4MY -eDdXL+gzB2ffHsdrKpV2ro9Xo/D0UrSpUwjP4E/TelOL/bscVjby/rK25Xa71SJl -pz/+0WatC7xrmYbvP33zGDLKe8bjq2RGlfgmadlVg3sslgf/WSxEo8bl6ancoWOA -WiFeIc9TVPC6b4nbqKqVz4vjccweGyBECMB6tkD9xOQ14R0WHNC8K47Wcdk= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDTDCCAjSgAwIBAgIId3cGJyapsXwwDQYJKoZIhvcNAQELBQAwRDELMAkGA1UE -BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVz -dCBDb21tZXJjaWFsMB4XDTEwMDEyOTE0MDYwNloXDTMwMTIzMTE0MDYwNlowRDEL -MAkGA1UEBhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZp -cm1UcnVzdCBDb21tZXJjaWFsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC -AQEA9htPZwcroRX1BiLLHwGy43NFBkRJLLtJJRTWzsO3qyxPxkEylFf6EqdbDuKP -Hx6GGaeqtS25Xw2Kwq+FNXkyLbscYjfysVtKPcrNcV/pQr6U6Mje+SJIZMblq8Yr -ba0F8PrVC8+a5fBQpIs7R6UjW3p6+DM/uO+Zl+MgwdYoic+U+7lF7eNAFxHUdPAL -MeIrJmqbTFeurCA+ukV6BfO9m2kVrn1OIGPENXY6BwLJN/3HR+7o8XYdcxXyl6S1 -yHp52UKqK39c/s4mT6NmgTWvRLpUHhwwMmWd5jyTXlBOeuM61G7MGvv50jeuJCqr -VwMiKA1JdX+3KNp1v47j3A55MQIDAQABo0IwQDAdBgNVHQ4EFgQUnZPGU4teyq8/ -nx4P5ZmVvCT2lI8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwDQYJ -KoZIhvcNAQELBQADggEBAFis9AQOzcAN/wr91LoWXym9e2iZWEnStB03TX8nfUYG -XUPGhi4+c7ImfU+TqbbEKpqrIZcUsd6M06uJFdhrJNTxFq7YpFzUf1GO7RgBsZNj -vbz4YYCanrHOQnDiqX0GJX0nof5v7LMeJNrjS1UaADs1tDvZ110w/YETifLCBivt -Z8SOyUOyXGsViQK8YvxO8rUzqrJv0wqiUOP2O+guRMLbZjipM1ZI8W0bM40NjD9g -N53Tym1+NH4Nn3J2ixufcv1SNUFFApYvHLKac0khsUlHRUe072o0EclNmsxZt9YC -nlpOZbWUrhvfKbAW8b8Angc6F2S1BLUjIZkKlTuXfO8= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDTDCCAjSgAwIBAgIIfE8EORzUmS0wDQYJKoZIhvcNAQEFBQAwRDELMAkGA1UE -BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVz -dCBOZXR3b3JraW5nMB4XDTEwMDEyOTE0MDgyNFoXDTMwMTIzMTE0MDgyNFowRDEL -MAkGA1UEBhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZp -cm1UcnVzdCBOZXR3b3JraW5nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC -AQEAtITMMxcua5Rsa2FSoOujz3mUTOWUgJnLVWREZY9nZOIG41w3SfYvm4SEHi3y -YJ0wTsyEheIszx6e/jarM3c1RNg1lho9Nuh6DtjVR6FqaYvZ/Ls6rnla1fTWcbua -kCNrmreIdIcMHl+5ni36q1Mr3Lt2PpNMCAiMHqIjHNRqrSK6mQEubWXLviRmVSRL -QESxG9fhwoXA3hA/Pe24/PHxI1Pcv2WXb9n5QHGNfb2V1M6+oF4nI979ptAmDgAp -6zxG8D1gvz9Q0twmQVGeFDdCBKNwV6gbh+0t+nvujArjqWaJGctB+d1ENmHP4ndG -yH329JKBNv3bNPFyfvMMFr20FQIDAQABo0IwQDAdBgNVHQ4EFgQUBx/S55zawm6i -QLSwelAQUHTEyL0wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwDQYJ -KoZIhvcNAQEFBQADggEBAIlXshZ6qML91tmbmzTCnLQyFE2npN/svqe++EPbkTfO -tDIuUFUaNU52Q3Eg75N3ThVwLofDwR1t3Mu1J9QsVtFSUzpE0nPIxBsFZVpikpzu -QY0x2+c06lkh1QF612S4ZDnNye2v7UsDSKegmQGA3GWjNq5lWUhPgkvIZfFXHeVZ -Lgo/bNjR9eUJtGxUAArgFU2HdW23WJZa3W3SAKD0m0i+wzekujbgfIeFlxoVot4u -olu9rxj5kFDNcFn4J2dHy8egBzp90SxdbBk6ZrV9/ZFvgrG+CJPbFEfxojfHRZ48 -x3evZKiT3/Zpg4Jg8klCNO1aAFSFHBY2kgxc+qatv9s= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFRjCCAy6gAwIBAgIIbYwURrGmCu4wDQYJKoZIhvcNAQEMBQAwQTELMAkGA1UE -BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MRwwGgYDVQQDDBNBZmZpcm1UcnVz -dCBQcmVtaXVtMB4XDTEwMDEyOTE0MTAzNloXDTQwMTIzMTE0MTAzNlowQTELMAkG -A1UEBhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MRwwGgYDVQQDDBNBZmZpcm1U -cnVzdCBQcmVtaXVtMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxBLf -qV/+Qd3d9Z+K4/as4Tx4mrzY8H96oDMq3I0gW64tb+eT2TZwamjPjlGjhVtnBKAQ -JG9dKILBl1fYSCkTtuG+kU3fhQxTGJoeJKJPj/CihQvL9Cl/0qRY7iZNyaqoe5rZ -+jjeRFcV5fiMyNlI4g0WJx0eyIOFJbe6qlVBzAMiSy2RjYvmia9mx+n/K+k8rNrS -s8PhaJyJ+HoAVt70VZVs+7pk3WKL3wt3MutizCaam7uqYoNMtAZ6MMgpv+0GTZe5 -HMQxK9VfvFMSF5yZVylmd2EhMQcuJUmdGPLu8ytxjLW6OQdJd/zvLpKQBY0tL3d7 -70O/Nbua2Plzpyzy0FfuKE4mX4+QaAkvuPjcBukumj5Rp9EixAqnOEhss/n/fauG -V+O61oV4d7pD6kh/9ti+I20ev9E2bFhc8e6kGVQa9QPSdubhjL08s9NIS+LI+H+S -qHZGnEJlPqQewQcDWkYtuJfzt9WyVSHvutxMAJf7FJUnM7/oQ0dG0giZFmA7mn7S -5u046uwBHjxIVkkJx0w3AJ6IDsBz4W9m6XJHMD4Q5QsDyZpCAGzFlH5hxIrff4Ia -C1nEWTJ3s7xgaVY5/bQGeyzWZDbZvUjthB9+pSKPKrhC9IK31FOQeE4tGv2Bb0TX -OwF0lkLgAOIua+rF7nKsu7/+6qqo+Nz2snmKtmcCAwEAAaNCMEAwHQYDVR0OBBYE -FJ3AZ6YMItkm9UWrpmVSESfYRaxjMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/ -BAQDAgEGMA0GCSqGSIb3DQEBDAUAA4ICAQCzV00QYk465KzquByvMiPIs0laUZx2 -KI15qldGF9X1Uva3ROgIRL8YhNILgM3FEv0AVQVhh0HctSSePMTYyPtwni94loMg -Nt58D2kTiKV1NpgIpsbfrM7jWNa3Pt668+s0QNiigfV4Py/VpfzZotReBA4Xrf5B -8OWycvpEgjNC6C1Y91aMYj+6QrCcDFx+LmUmXFNPALJ4fqENmS2NuB2OosSw/WDQ -MKSOyARiqcTtNd56l+0OOF6SL5Nwpamcb6d9Ex1+xghIsV5n61EIJenmJWtSKZGc -0jlzCFfemQa0W50QBuHCAKi4HEoCChTQwUHK+4w1IX2COPKpVJEZNZOUbWo6xbLQ -u4mGk+ibyQ86p3q4ofB4Rvr8Ny/lioTz3/4E2aFooC8k4gmVBtWVyuEklut89pMF -u+1z6S3RdTnX5yTb2E5fQ4+e0BQ5v1VwSJlXMbSc7kqYA5YwH2AG7hsj/oFgIxpH -YoWlzBk0gG+zrBrjn/B7SK3VAdlntqlyk+otZrWyuOQ9PLLvTIzq6we/qzWaVYa8 -GKa1qF60g2xraUDTn9zxw2lrueFtCfTxqlB2Cnp9ehehVZZCmTEJ3WARjQUwfuaO -RtGdFNrHF+QFlozEJLUbzxQHskD4o55BhrwE0GuWyCqANP2/7waj3VjFhT0+j/6e -KeC2uAloGRwYQw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB/jCCAYWgAwIBAgIIdJclisc/elQwCgYIKoZIzj0EAwMwRTELMAkGA1UEBhMC -VVMxFDASBgNVBAoMC0FmZmlybVRydXN0MSAwHgYDVQQDDBdBZmZpcm1UcnVzdCBQ -cmVtaXVtIEVDQzAeFw0xMDAxMjkxNDIwMjRaFw00MDEyMzExNDIwMjRaMEUxCzAJ -BgNVBAYTAlVTMRQwEgYDVQQKDAtBZmZpcm1UcnVzdDEgMB4GA1UEAwwXQWZmaXJt -VHJ1c3QgUHJlbWl1bSBFQ0MwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQNMF4bFZ0D -0KF5Nbc6PJJ6yhUczWLznCZcBz3lVPqj1swS6vQUX+iOGasvLkjmrBhDeKzQN8O9 -ss0s5kfiGuZjuD0uL3jET9v0D6RoTFVya5UdThhClXjMNzyR4ptlKymjQjBAMB0G -A1UdDgQWBBSaryl6wBE1NSZRMADDav5A1a7WPDAPBgNVHRMBAf8EBTADAQH/MA4G -A1UdDwEB/wQEAwIBBjAKBggqhkjOPQQDAwNnADBkAjAXCfOHiFBar8jAQr9HX/Vs -aobgxCd05DhT1wV/GzTjxi+zygk8N53X57hG8f2h4nECMEJZh0PUUd+60wkyWs6I -flc9nF9Ca/UHLbXwgpP5WW+uZPpY5Yse42O+tYHNbwKMeQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDQTCCAimgAwIBAgITBmyfz5m/jAo54vB4ikPmljZbyjANBgkqhkiG9w0BAQsF -ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6 -b24gUm9vdCBDQSAxMB4XDTE1MDUyNjAwMDAwMFoXDTM4MDExNzAwMDAwMFowOTEL -MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv -b3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALJ4gHHKeNXj -ca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgHFzZM -9O6II8c+6zf1tRn4SWiw3te5djgdYZ6k/oI2peVKVuRF4fn9tBb6dNqcmzU5L/qw -IFAGbHrQgLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6 -VOujw5H5SNz/0egwLX0tdHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L -93FcXmn/6pUCyziKrlA4b9v7LWIbxcceVOF34GfID5yHI9Y/QCB/IIDEgEw+OyQm -jgSubJrIqg0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC -AYYwHQYDVR0OBBYEFIQYzIU07LwMlJQuCFmcx7IQTgoIMA0GCSqGSIb3DQEBCwUA -A4IBAQCY8jdaQZChGsV2USggNiMOruYou6r4lK5IpDB/G/wkjUu0yKGX9rbxenDI -U5PMCCjjmCXPI6T53iHTfIUJrU6adTrCC2qJeHZERxhlbI1Bjjt/msv0tadQ1wUs -N+gDS63pYaACbvXy8MWy7Vu33PqUXHeeE6V/Uq2V8viTO96LXFvKWlJbYK8U90vv -o/ufQJVtMVT8QtPHRh8jrdkPSHCa2XV4cdFyQzR1bldZwgJcJmApzyMZFo6IQ6XU -5MsI+yMRQ+hDKXJioaldXgjUkK642M4UwtBV8ob2xJNDd2ZhwLnoQdeXeGADbkpy -rqXRfboQnoZsG4q5WTP468SQvvG5 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFQTCCAymgAwIBAgITBmyf0pY1hp8KD+WGePhbJruKNzANBgkqhkiG9w0BAQwF -ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6 -b24gUm9vdCBDQSAyMB4XDTE1MDUyNjAwMDAwMFoXDTQwMDUyNjAwMDAwMFowOTEL -MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv -b3QgQ0EgMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK2Wny2cSkxK -gXlRmeyKy2tgURO8TW0G/LAIjd0ZEGrHJgw12MBvIITplLGbhQPDW9tK6Mj4kHbZ -W0/jTOgGNk3Mmqw9DJArktQGGWCsN0R5hYGCrVo34A3MnaZMUnbqQ523BNFQ9lXg -1dKmSYXpN+nKfq5clU1Imj+uIFptiJXZNLhSGkOQsL9sBbm2eLfq0OQ6PBJTYv9K -8nu+NQWpEjTj82R0Yiw9AElaKP4yRLuH3WUnAnE72kr3H9rN9yFVkE8P7K6C4Z9r -2UXTu/Bfh+08LDmG2j/e7HJV63mjrdvdfLC6HM783k81ds8P+HgfajZRRidhW+me -z/CiVX18JYpvL7TFz4QuK/0NURBs+18bvBt+xa47mAExkv8LV/SasrlX6avvDXbR -8O70zoan4G7ptGmh32n2M8ZpLpcTnqWHsFcQgTfJU7O7f/aS0ZzQGPSSbtqDT6Zj -mUyl+17vIWR6IF9sZIUVyzfpYgwLKhbcAS4y2j5L9Z469hdAlO+ekQiG+r5jqFoz -7Mt0Q5X5bGlSNscpb/xVA1wf+5+9R+vnSUeVC06JIglJ4PVhHvG/LopyboBZ/1c6 -+XUyo05f7O0oYtlNc/LMgRdg7c3r3NunysV+Ar3yVAhU/bQtCSwXVEqY0VThUWcI -0u1ufm8/0i2BWSlmy5A5lREedCf+3euvAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMB -Af8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBSwDPBMMPQFWAJI/TPlUq9LhONm -UjANBgkqhkiG9w0BAQwFAAOCAgEAqqiAjw54o+Ci1M3m9Zh6O+oAA7CXDpO8Wqj2 -LIxyh6mx/H9z/WNxeKWHWc8w4Q0QshNabYL1auaAn6AFC2jkR2vHat+2/XcycuUY -+gn0oJMsXdKMdYV2ZZAMA3m3MSNjrXiDCYZohMr/+c8mmpJ5581LxedhpxfL86kS -k5Nrp+gvU5LEYFiwzAJRGFuFjWJZY7attN6a+yb3ACfAXVU3dJnJUH/jWS5E4ywl -7uxMMne0nxrpS10gxdr9HIcWxkPo1LsmmkVwXqkLN1PiRnsn/eBG8om3zEK2yygm -btmlyTrIQRNg91CMFa6ybRoVGld45pIq2WWQgj9sAq+uEjonljYE1x2igGOpm/Hl -urR8FLBOybEfdF849lHqm/osohHUqS0nGkWxr7JOcQ3AWEbWaQbLU8uz/mtBzUF+ -fUwPfHJ5elnNXkoOrJupmHN5fLT0zLm4BwyydFy4x2+IoZCn9Kr5v2c69BoVYh63 -n749sSmvZ6ES8lgQGVMDMBu4Gon2nL2XA46jCfMdiyHxtN/kHNGfZQIG6lzWE7OE -76KlXIx3KadowGuuQNKotOrN8I1LOJwZmhsoVLiJkO/KdYE+HvJkJMcYr07/R54H -9jVlpNMKVv/1F2Rs76giJUmTtt8AF9pYfl3uxRuw0dFfIRDH+fO6AgonB8Xx1sfT -4PsJYGw= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIBtjCCAVugAwIBAgITBmyf1XSXNmY/Owua2eiedgPySjAKBggqhkjOPQQDAjA5 -MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24g -Um9vdCBDQSAzMB4XDTE1MDUyNjAwMDAwMFoXDTQwMDUyNjAwMDAwMFowOTELMAkG -A1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJvb3Qg -Q0EgMzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABCmXp8ZBf8ANm+gBG1bG8lKl -ui2yEujSLtf6ycXYqm0fc4E7O5hrOXwzpcVOho6AF2hiRVd9RFgdszflZwjrZt6j -QjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBSr -ttvXBp43rDCGB5Fwx5zEGbF4wDAKBggqhkjOPQQDAgNJADBGAiEA4IWSoxe3jfkr -BqWTrBqYaGFy+uGh0PsceGCmQ5nFuMQCIQCcAu/xlJyzlvnrxir4tiz+OpAUFteM -YyRIHN8wfdVoOw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB8jCCAXigAwIBAgITBmyf18G7EEwpQ+Vxe3ssyBrBDjAKBggqhkjOPQQDAzA5 -MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24g -Um9vdCBDQSA0MB4XDTE1MDUyNjAwMDAwMFoXDTQwMDUyNjAwMDAwMFowOTELMAkG -A1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJvb3Qg -Q0EgNDB2MBAGByqGSM49AgEGBSuBBAAiA2IABNKrijdPo1MN/sGKe0uoe0ZLY7Bi -9i0b2whxIdIA6GO9mif78DluXeo9pcmBqqNbIJhFXRbb/egQbeOc4OO9X4Ri83Bk -M6DLJC9wuoihKqB1+IGuYgbEgds5bimwHvouXKNCMEAwDwYDVR0TAQH/BAUwAwEB -/zAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0OBBYEFNPsxzplbszh2naaVvuc84ZtV+WB -MAoGCCqGSM49BAMDA2gAMGUCMDqLIfG9fhGt0O9Yli/W651+kI0rz2ZVwyzjKKlw -CkcO8DdZEv8tmZQoTipPNU0zWgIxAOp1AE47xDqUEpHJWEadIRNyp4iciuRMStuW -1KyLa2tJElMzrdfkviT8tQp21KW8EA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDdzCCAl+gAwIBAgIIXDPLYixfszIwDQYJKoZIhvcNAQELBQAwPDEeMBwGA1UE -AwwVQXRvcyBUcnVzdGVkUm9vdCAyMDExMQ0wCwYDVQQKDARBdG9zMQswCQYDVQQG -EwJERTAeFw0xMTA3MDcxNDU4MzBaFw0zMDEyMzEyMzU5NTlaMDwxHjAcBgNVBAMM -FUF0b3MgVHJ1c3RlZFJvb3QgMjAxMTENMAsGA1UECgwEQXRvczELMAkGA1UEBhMC -REUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVhTuXbyo7LjvPpvMp -Nb7PGKw+qtn4TaA+Gke5vJrf8v7MPkfoepbCJI419KkM/IL9bcFyYie96mvr54rM -VD6QUM+A1JX76LWC1BTFtqlVJVfbsVD2sGBkWXppzwO3bw2+yj5vdHLqqjAqc2K+ -SZFhyBH+DgMq92og3AIVDV4VavzjgsG1xZ1kCWyjWZgHJ8cblithdHFsQ/H3NYkQ -4J7sVaE3IqKHBAUsR320HLliKWYoyrfhk/WklAOZuXCFteZI6o1Q/NnezG8HDt0L -cp2AMBYHlT8oDv3FdU9T1nSatCQujgKRz3bFmx5VdJx4IbHwLfELn8LVlhgf8FQi -eowHAgMBAAGjfTB7MB0GA1UdDgQWBBSnpQaxLKYJYO7Rl+lwrrw7GWzbITAPBgNV -HRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFKelBrEspglg7tGX6XCuvDsZbNshMBgG -A1UdIAQRMA8wDQYLKwYBBAGwLQMEAQEwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3 -DQEBCwUAA4IBAQAmdzTblEiGKkGdLD4GkGDEjKwLVLgfuXvTBznk+j57sj1O7Z8j -vZfza1zv7v1Apt+hk6EKhqzvINB5Ab149xnYJDE0BAGmuhWawyfc2E8PzBhj/5kP -DpFrdRbhIfzYJsdHt6bPWHJxfrrhTZVHO8mvbaG0weyJ9rQPOLXiZNwlz6bb65pc -maHFCN795trV1lpFDMS3wrUU77QR/w4VtfX128a961qn8FYiqTxlVMYVqL2Gns2D -lmh6cYGJ4Qvh6hEbaAjMaZ7snkGeRDImeuKHCnE96+RapNLbxc3G3mB/ufNPRJLv -KrcYPqcZ2Qt9sTdBQrC6YB3y/gkRsPCHe6ed ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIGFDCCA/ygAwIBAgIIU+w77vuySF8wDQYJKoZIhvcNAQEFBQAwUTELMAkGA1UE -BhMCRVMxQjBABgNVBAMMOUF1dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIEZpcm1h -cHJvZmVzaW9uYWwgQ0lGIEE2MjYzNDA2ODAeFw0wOTA1MjAwODM4MTVaFw0zMDEy -MzEwODM4MTVaMFExCzAJBgNVBAYTAkVTMUIwQAYDVQQDDDlBdXRvcmlkYWQgZGUg -Q2VydGlmaWNhY2lvbiBGaXJtYXByb2Zlc2lvbmFsIENJRiBBNjI2MzQwNjgwggIi -MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDKlmuO6vj78aI14H9M2uDDUtd9 -thDIAl6zQyrET2qyyhxdKJp4ERppWVevtSBC5IsP5t9bpgOSL/UR5GLXMnE42QQM -cas9UX4PB99jBVzpv5RvwSmCwLTaUbDBPLutN0pcyvFLNg4kq7/DhHf9qFD0sefG -L9ItWY16Ck6WaVICqjaY7Pz6FIMMNx/Jkjd/14Et5cS54D40/mf0PmbR0/RAz15i -NA9wBj4gGFrO93IbJWyTdBSTo3OxDqqHECNZXyAFGUftaI6SEspd/NYrspI8IM/h -X68gvqB2f3bl7BqGYTM+53u0P6APjqK5am+5hyZvQWyIplD9amML9ZMWGxmPsu2b -m8mQ9QEM3xk9Dz44I8kvjwzRAv4bVdZO0I08r0+k8/6vKtMFnXkIoctXMbScyJCy -Z/QYFpM6/EfY0XiWMR+6KwxfXZmtY4laJCB22N/9q06mIqqdXuYnin1oKaPnirja -EbsXLZmdEyRG98Xi2J+Of8ePdG1asuhy9azuJBCtLxTa/y2aRnFHvkLfuwHb9H/T -KI8xWVvTyQKmtFLKbpf7Q8UIJm+K9Lv9nyiqDdVF8xM6HdjAeI9BZzwelGSuewvF -6NkBiDkal4ZkQdU7hwxu+g/GvUgUvzlN1J5Bto+WHWOWk9mVBngxaJ43BjuAiUVh -OSPHG0SjFeUc+JIwuwIDAQABo4HvMIHsMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYD -VR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRlzeurNR4APn7VdMActHNHDhpkLzCBpgYD -VR0gBIGeMIGbMIGYBgRVHSAAMIGPMC8GCCsGAQUFBwIBFiNodHRwOi8vd3d3LmZp -cm1hcHJvZmVzaW9uYWwuY29tL2NwczBcBggrBgEFBQcCAjBQHk4AUABhAHMAZQBv -ACAAZABlACAAbABhACAAQgBvAG4AYQBuAG8AdgBhACAANAA3ACAAQgBhAHIAYwBl -AGwAbwBuAGEAIAAwADgAMAAxADcwDQYJKoZIhvcNAQEFBQADggIBABd9oPm03cXF -661LJLWhAqvdpYhKsg9VSytXjDvlMd3+xDLx51tkljYyGOylMnfX40S2wBEqgLk9 -am58m9Ot/MPWo+ZkKXzR4Tgegiv/J2Wv+xYVxC5xhOW1//qkR71kMrv2JYSiJ0L1 -ILDCExARzRAVukKQKtJE4ZYm6zFIEv0q2skGz3QeqUvVhyj5eTSSPi5E6PaPT481 -PyWzOdxjKpBrIF/EUhJOlywqrJ2X3kjyo2bbwtKDlaZmp54lD+kLM5FlClrD2VQS -3a/DTg4fJl4N3LON7NWBcN7STyQF82xO9UxJZo3R/9ILJUFI/lGExkKvgATP0H5k -SeTy36LssUzAKh3ntLFlosS88Zj0qnAHY7S42jtM+kAiMFsRpvAFDsYCA0irhpuF -3dvd6qJ2gHN99ZwExEWN57kci57q13XRcrHedUTnQn3iV2t93Jm8PYMo6oCTjcVM -ZcFwgbg4/EMxsvYDNEeyrPsiBsse3RdHHF9mudMaotoRsaS8I8nkvof/uZS2+F0g -StRf571oe2XyFR7SOqkt6dhrJKyXWERHrVkY8SFlcN7ONGCoQPHzPKTDKCOM/icz -Q0CgFzzr6juwcqajuUpLXhZI9LK8yIySxZ2frHI2vDSANGupi5LAuBft7HZT9SQB -jLMi6Et8Vcad+qMUu2WFbm5PEn4KPJ2V ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDdzCCAl+gAwIBAgIEAgAAuTANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJ -RTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYD -VQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTAwMDUxMjE4NDYwMFoX -DTI1MDUxMjIzNTkwMFowWjELMAkGA1UEBhMCSUUxEjAQBgNVBAoTCUJhbHRpbW9y -ZTETMBEGA1UECxMKQ3liZXJUcnVzdDEiMCAGA1UEAxMZQmFsdGltb3JlIEN5YmVy -VHJ1c3QgUm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKMEuyKr -mD1X6CZymrV51Cni4eiVgLGw41uOKymaZN+hXe2wCQVt2yguzmKiYv60iNoS6zjr -IZ3AQSsBUnuId9Mcj8e6uYi1agnnc+gRQKfRzMpijS3ljwumUNKoUMMo6vWrJYeK -mpYcqWe4PwzV9/lSEy/CG9VwcPCPwBLKBsua4dnKM3p31vjsufFoREJIE9LAwqSu -XmD+tqYF/LTdB1kC1FkYmGP1pWPgkAx9XbIGevOF6uvUA65ehD5f/xXtabz5OTZy -dc93Uk3zyZAsuT3lySNTPx8kmCFcB5kpvcY67Oduhjprl3RjM71oGDHweI12v/ye -jl0qhqdNkNwnGjkCAwEAAaNFMEMwHQYDVR0OBBYEFOWdWTCCR1jMrPoIVDaGezq1 -BE3wMBIGA1UdEwEB/wQIMAYBAf8CAQMwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3 -DQEBBQUAA4IBAQCFDF2O5G9RaEIFoN27TyclhAO992T9Ldcw46QQF+vaKSm2eT92 -9hkTI7gQCvlYpNRhcL0EYWoSihfVCr3FvDB81ukMJY2GQE/szKN+OMY3EU/t3Wgx -jkzSswF07r51XgdIGn9w/xZchMB5hbgF/X++ZRGjD8ACtPhSNzkE1akxehi/oCr0 -Epn3o0WC4zxe9Z2etciefC7IpJ5OCBRLbf1wbWsaY71k5h+3zvDyny67G7fyUIhz -ksLi4xaNmjICq44Y3ekQEe5+NauQrz4wlHrQMz2nZQ/1/I6eYs9HRCwBXbsdtTLS -R9I4LtD+gdwyah617jzV/OeBHRnDJELqYzmp ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFWTCCA0GgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJOTzEd -MBsGA1UECgwUQnV5cGFzcyBBUy05ODMxNjMzMjcxIDAeBgNVBAMMF0J1eXBhc3Mg -Q2xhc3MgMiBSb290IENBMB4XDTEwMTAyNjA4MzgwM1oXDTQwMTAyNjA4MzgwM1ow -TjELMAkGA1UEBhMCTk8xHTAbBgNVBAoMFEJ1eXBhc3MgQVMtOTgzMTYzMzI3MSAw -HgYDVQQDDBdCdXlwYXNzIENsYXNzIDIgUm9vdCBDQTCCAiIwDQYJKoZIhvcNAQEB -BQADggIPADCCAgoCggIBANfHXvfBB9R3+0Mh9PT1aeTuMgHbo4Yf5FkNuud1g1Lr -6hxhFUi7HQfKjK6w3Jad6sNgkoaCKHOcVgb/S2TwDCo3SbXlzwx87vFKu3MwZfPV -L4O2fuPn9Z6rYPnT8Z2SdIrkHJasW4DptfQxh6NR/Md+oW+OU3fUl8FVM5I+GC91 -1K2GScuVr1QGbNgGE41b/+EmGVnAJLqBcXmQRFBoJJRfuLMR8SlBYaNByyM21cHx -MlAQTn/0hpPshNOOvEu/XAFOBz3cFIqUCqTqc/sLUegTBxj6DvEr0VQVfTzh97QZ -QmdiXnfgolXsttlpF9U6r0TtSsWe5HonfOV116rLJeffawrbD02TTqigzXsu8lkB -arcNuAeBfos4GzjmCleZPe4h6KP1DBbdi+w0jpwqHAAVF41og9JwnxgIzRFo1clr -Us3ERo/ctfPYV3Me6ZQ5BL/T3jjetFPsaRyifsSP5BtwrfKi+fv3FmRmaZ9JUaLi -FRhnBkp/1Wy1TbMz4GHrXb7pmA8y1x1LPC5aAVKRCfLf6o3YBkBjqhHk/sM3nhRS -P/TizPJhk9H9Z2vXUq6/aKtAQ6BXNVN48FP4YUIHZMbXb5tMOA1jrGKvNouicwoN -9SG9dKpN6nIDSdvHXx1iY8f93ZHsM+71bbRuMGjeyNYmsHVee7QHIJihdjK4TWxP -AgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFMmAd+BikoL1Rpzz -uvdMw964o605MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEAU18h -9bqwOlI5LJKwbADJ784g7wbylp7ppHR/ehb8t/W2+xUbP6umwHJdELFx7rxP462s -A20ucS6vxOOto70MEae0/0qyexAQH6dXQbLArvQsWdZHEIjzIVEpMMpghq9Gqx3t -OluwlN5E40EIosHsHdb9T7bWR9AUC8rmyrV7d35BH16Dx7aMOZawP5aBQW9gkOLo -+fsicdl9sz1Gv7SEr5AcD48Saq/v7h56rgJKihcrdv6sVIkkLE8/trKnToyokZf7 -KcZ7XC25y2a2t6hbElGFtQl+Ynhw/qlqYLYdDnkM/crqJIByw5c/8nerQyIKx+u2 -DISCLIBrQYoIwOula9+ZEsuK1V6ADJHgJgg2SMX6OBE1/yWDLfJ6v9r9jv6ly0Us -H8SIU653DtmadsWOLB2jutXsMq7Aqqz30XpN69QH4kj3Io6wpJ9qzo6ysmD0oyLQ -I+uUWnpp3Q+/QFesa1lQ2aOZ4W7+jQF5JyMV3pKdewlNWudLSDBaGOYKbeaP4NK7 -5t98biGCwWg5TbSYWGZizEqQXsP6JwSxeRV0mcy+rSDeJmAc61ZRpqPq5KM/p/9h -3PFaTWwyI0PurKju7koSCTxdccK+efrCh2gdC/1cacwG0Jp9VJkqyTkaGa9LKkPz -Y11aWOIv4x3kqdbQCtCev9eBCfHJxyYNrJgWVqA= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFWTCCA0GgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJOTzEd -MBsGA1UECgwUQnV5cGFzcyBBUy05ODMxNjMzMjcxIDAeBgNVBAMMF0J1eXBhc3Mg -Q2xhc3MgMyBSb290IENBMB4XDTEwMTAyNjA4Mjg1OFoXDTQwMTAyNjA4Mjg1OFow -TjELMAkGA1UEBhMCTk8xHTAbBgNVBAoMFEJ1eXBhc3MgQVMtOTgzMTYzMzI3MSAw -HgYDVQQDDBdCdXlwYXNzIENsYXNzIDMgUm9vdCBDQTCCAiIwDQYJKoZIhvcNAQEB -BQADggIPADCCAgoCggIBAKXaCpUWUOOV8l6ddjEGMnqb8RB2uACatVI2zSRHsJ8Y -ZLya9vrVediQYkwiL944PdbgqOkcLNt4EemOaFEVcsfzM4fkoF0LXOBXByow9c3E -N3coTRiR5r/VUv1xLXA+58bEiuPwKAv0dpihi4dVsjoT/Lc+JzeOIuOoTyrvYLs9 -tznDDgFHmV0ST9tD+leh7fmdvhFHJlsTmKtdFoqwNxxXnUX/iJY2v7vKB3tvh2PX -0DJq1l1sDPGzbjniazEuOQAnFN44wOwZZoYS6J1yFhNkUsepNxz9gjDthBgd9K5c -/3ATAOux9TN6S9ZV+AWNS2mw9bMoNlwUxFFzTWsL8TQH2xc519woe2v1n/MuwU8X -KhDzzMro6/1rqy6any2CbgTUUgGTLT2G/H783+9CHaZr77kgxve9oKeV/afmiSTY -zIw0bOIjL9kSGiG5VZFvC5F5GQytQIgLcOJ60g7YaEi7ghM5EFjp2CoHxhLbWNvS -O1UQRwUVZ2J+GGOmRj8JDlQyXr8NYnon74Do29lLBlo3WiXQCBJ31G8JUJc9yB3D -34xFMFbG02SrZvPAXpacw8Tvw3xrizp5f7NJzz3iiZ+gMEuFuZyUJHmPfWupRWgP -K9Dx2hzLabjKSWJtyNBjYt1gD1iqj6G8BaVmos8bdrKEZLFMOVLAMLrwjEsCsLa3 -AgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFEe4zf/lb+74suwv -Tg75JbCOPGvDMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEAACAj -QTUEkMJAYmDv4jVM1z+s4jSQuKFvdvoWFqRINyzpkMLyPPgKn9iB5btb2iUspKdV -cSQy9sgL8rxq+JOssgfCX5/bzMiKqr5qb+FJEMwx14C7u8jYog5kV+qi9cKpMRXS -IGrs/CIBKM+GuIAeqcwRpTzyFrNHnfzSgCHEy9BHcEGhyoMZCCxt8l13nIoUE9Q2 -HJLw5QY33KbmkJs4j1xrG0aGQ0JfPgEHU1RdZX33inOhmlRaHylDFCfChQ+1iHsa -O5S3HWCntZznKWlXWpuTekMwGwPXYshApqr8ZORK15FTAaggiG6cX0S5y2CBNOxv -033aSF/rtJC8LakcC6wc1aJoIIAE1vyxjy+7SjENSoYc6+I2KSb12tjE8nVhz36u -dmNKekBlk4f4HoCMhuWG1o8O/FMsYOgWYRqiPkN7zTlgVGr18okmAWiDSKIz6MkE -kbIRNBE+6tBDGR8Dk5AM/1E9V/RBbuHLoL7ryWPNbczk+DaqaJ3tvV2XcEQNtg41 -3OEMXbugUZTLfhbrES+jkkXITHHZvMmZUldGL1DPvTVp9D0VzgalLA8+9oG6lLvD -u79leNKGef9JOxqDDPDeeOzI8k1MGt6CKfjBWtrt7uYnXuhF0J0cUahoq0Tj0Itq -4/g7u9xN12TyUb7mqqta6THuBrxzvxNiCp/HuZc= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFaTCCA1GgAwIBAgIJAJK4iNuwisFjMA0GCSqGSIb3DQEBCwUAMFIxCzAJBgNV -BAYTAlNLMRMwEQYDVQQHEwpCcmF0aXNsYXZhMRMwEQYDVQQKEwpEaXNpZyBhLnMu -MRkwFwYDVQQDExBDQSBEaXNpZyBSb290IFIyMB4XDTEyMDcxOTA5MTUzMFoXDTQy -MDcxOTA5MTUzMFowUjELMAkGA1UEBhMCU0sxEzARBgNVBAcTCkJyYXRpc2xhdmEx -EzARBgNVBAoTCkRpc2lnIGEucy4xGTAXBgNVBAMTEENBIERpc2lnIFJvb3QgUjIw -ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCio8QACdaFXS1tFPbCw3Oe -NcJxVX6B+6tGUODBfEl45qt5WDza/3wcn9iXAng+a0EE6UG9vgMsRfYvZNSrXaNH -PWSb6WiaxswbP7q+sos0Ai6YVRn8jG+qX9pMzk0DIaPY0jSTVpbLTAwAFjxfGs3I -x2ymrdMxp7zo5eFm1tL7A7RBZckQrg4FY8aAamkw/dLukO8NJ9+flXP04SXabBbe -QTg06ov80egEFGEtQX6sx3dOy1FU+16SGBsEWmjGycT6txOgmLcRK7fWV8x8nhfR -yyX+hk4kLlYMeE2eARKmK6cBZW58Yh2EhN/qwGu1pSqVg8NTEQxzHQuyRpDRQjrO -QG6Vrf/GlK1ul4SOfW+eioANSW1z4nuSHsPzwfPrLgVv2RvPN3YEyLRa5Beny912 -H9AZdugsBbPWnDTYltxhh5EF5EQIM8HauQhl1K6yNg3ruji6DOWbnuuNZt2Zz9aJ -QfYEkoopKW1rOhzndX0CcQ7zwOe9yxndnWCywmZgtrEE7snmhrmaZkCo5xHtgUUD -i/ZnWejBBhG93c+AAk9lQHhcR1DIm+YfgXvkRKhbhZri3lrVx/k6RGZL5DJUfORs -nLMOPReisjQS1n6yqEm70XooQL6iFh/f5DcfEXP7kAplQ6INfPgGAVUzfbANuPT1 -rqVCV3w2EYx7XsQDnYx5nQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud -DwEB/wQEAwIBBjAdBgNVHQ4EFgQUtZn4r7CU9eMg1gqtzk5WpC5uQu0wDQYJKoZI -hvcNAQELBQADggIBACYGXnDnZTPIgm7ZnBc6G3pmsgH2eDtpXi/q/075KMOYKmFM -tCQSin1tERT3nLXK5ryeJ45MGcipvXrA1zYObYVybqjGom32+nNjf7xueQgcnYqf -GopTpti72TVVsRHFqQOzVju5hJMiXn7B9hJSi+osZ7z+Nkz1uM/Rs0mSO9MpDpkb -lvdhuDvEK7Z4bLQjb/D907JedR+Zlais9trhxTF7+9FGs9K8Z7RiVLoJ92Owk6Ka -+elSLotgEqv89WBW7xBci8QaQtyDW2QOy7W81k/BfDxujRNt+3vrMNDcTa/F1bal -TFtxyegxvug4BkihGuLq0t4SOVga/4AOgnXmt8kHbA7v/zjxmHHEt38OFdAlab0i -nSvtBfZGR6ztwPDUO+Ls7pZbkBNOHlY667DvlruWIxG68kOGdGSVyCh13x01utI3 -gzhTODY7z2zp+WsO0PsE6E9312UBeIYMej4hYvF/Y3EMyZ9E26gnonW+boE+18Dr -G5gPcFw0sorMwIUY6256s/daoQe/qUKS82Ail+QUoQebTnbAjn39pCXHR+3/H3Os -zMOl6W8KjptlwlCFtaOgUxLMVYdh84GuEEZhvUQhuMI9dM9+JDX6HAcOmz0iyu8x -L4ysEr3vQCj8KWefshNPZiTEUxnpHikV7+ZtsH8tZ/3zbBt1RqPlShfppNcL ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFjTCCA3WgAwIBAgIEGErM1jANBgkqhkiG9w0BAQsFADBWMQswCQYDVQQGEwJD -TjEwMC4GA1UECgwnQ2hpbmEgRmluYW5jaWFsIENlcnRpZmljYXRpb24gQXV0aG9y -aXR5MRUwEwYDVQQDDAxDRkNBIEVWIFJPT1QwHhcNMTIwODA4MDMwNzAxWhcNMjkx -MjMxMDMwNzAxWjBWMQswCQYDVQQGEwJDTjEwMC4GA1UECgwnQ2hpbmEgRmluYW5j -aWFsIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRUwEwYDVQQDDAxDRkNBIEVWIFJP -T1QwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDXXWvNED8fBVnVBU03 -sQ7smCuOFR36k0sXgiFxEFLXUWRwFsJVaU2OFW2fvwwbwuCjZ9YMrM8irq93VCpL -TIpTUnrD7i7es3ElweldPe6hL6P3KjzJIx1qqx2hp/Hz7KDVRM8Vz3IvHWOX6Jn5 -/ZOkVIBMUtRSqy5J35DNuF++P96hyk0g1CXohClTt7GIH//62pCfCqktQT+x8Rgp -7hZZLDRJGqgG16iI0gNyejLi6mhNbiyWZXvKWfry4t3uMCz7zEasxGPrb382KzRz -EpR/38wmnvFyXVBlWY9ps4deMm/DGIq1lY+wejfeWkU7xzbh72fROdOXW3NiGUgt -hxwG+3SYIElz8AXSG7Ggo7cbcNOIabla1jj0Ytwli3i/+Oh+uFzJlU9fpy25IGvP -a931DfSCt/SyZi4QKPaXWnuWFo8BGS1sbn85WAZkgwGDg8NNkt0yxoekN+kWzqot -aK8KgWU6cMGbrU1tVMoqLUuFG7OA5nBFDWteNfB/O7ic5ARwiRIlk9oKmSJgamNg -TnYGmE69g60dWIolhdLHZR4tjsbftsbhf4oEIRUpdPA+nJCdDC7xij5aqgwJHsfV -PKPtl8MeNPo4+QgO48BdK4PRVmrJtqhUUy54Mmc9gn900PvhtgVguXDbjgv5E1hv -cWAQUhC5wUEJ73IfZzF4/5YFjQIDAQABo2MwYTAfBgNVHSMEGDAWgBTj/i39KNAL -tbq2osS/BqoFjJP7LzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAd -BgNVHQ4EFgQU4/4t/SjQC7W6tqLEvwaqBYyT+y8wDQYJKoZIhvcNAQELBQADggIB -ACXGumvrh8vegjmWPfBEp2uEcwPenStPuiB/vHiyz5ewG5zz13ku9Ui20vsXiObT -ej/tUxPQ4i9qecsAIyjmHjdXNYmEwnZPNDatZ8POQQaIxffu2Bq41gt/UP+TqhdL -jOztUmCypAbqTuv0axn96/Ua4CUqmtzHQTb3yHQFhDmVOdYLO6Qn+gjYXB74BGBS -ESgoA//vU2YApUo0FmZ8/Qmkrp5nGm9BC2sGE5uPhnEFtC+NiWYzKXZUmhH4J/qy -P5Hgzg0b8zAarb8iXRvTvyUFTeGSGn+ZnzxEk8rUQElsgIfXBDrDMlI1Dlb4pd19 -xIsNER9Tyx6yF7Zod1rg1MvIB671Oi6ON7fQAUtDKXeMOZePglr4UeWJoBjnaH9d -Ci77o0cOPaYjesYBx4/IXr9tgFa+iiS6M+qf4TIRnvHST4D2G0CvOJ4RUHlzEhLN -5mydLIhyPDCBBpEi6lmt2hkuIsKNuYyH4Ga8cyNfIWRjgEj1oDwYPZTISEEdQLpe -/v5WOaHIz16eGWRGENoXkbcFgKyLmZJ956LYBws2J+dIeWCKw9cTXPhyQN9Ky8+Z -AAoACxGV2lZFA4gKn2fQ1XmxqI1AbQ3CekD6819kR5LLU7m7Wc5P/dAVUwHY3+vZ -5nbv0CO7O6l5s9UCKc2Jo5YPSjXnTkLAdc0Hz+Ys63su ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEHTCCAwWgAwIBAgIQToEtioJl4AsC7j41AkblPTANBgkqhkiG9w0BAQUFADCB -gTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G -A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxJzAlBgNV -BAMTHkNPTU9ETyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNjEyMDEwMDAw -MDBaFw0yOTEyMzEyMzU5NTlaMIGBMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3Jl -YXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFDT01P -RE8gQ0EgTGltaXRlZDEnMCUGA1UEAxMeQ09NT0RPIENlcnRpZmljYXRpb24gQXV0 -aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ECLi3LjkRv3 -UcEbVASY06m/weaKXTuH+7uIzg3jLz8GlvCiKVCZrts7oVewdFFxze1CkU1B/qnI -2GqGd0S7WWaXUF601CxwRM/aN5VCaTwwxHGzUvAhTaHYujl8HJ6jJJ3ygxaYqhZ8 -Q5sVW7euNJH+1GImGEaaP+vB+fGQV+useg2L23IwambV4EajcNxo2f8ESIl33rXp -+2dtQem8Ob0y2WIC8bGoPW43nOIv4tOiJovGuFVDiOEjPqXSJDlqR6sA1KGzqSX+ -DT+nHbrTUcELpNqsOO9VUCQFZUaTNE8tja3G1CEZ0o7KBWFxB3NH5YoZEr0ETc5O -nKVIrLsm9wIDAQABo4GOMIGLMB0GA1UdDgQWBBQLWOWLxkwVN6RAqTCpIb5HNlpW -/zAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBJBgNVHR8EQjBAMD6g -PKA6hjhodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9DZXJ0aWZpY2F0aW9u -QXV0aG9yaXR5LmNybDANBgkqhkiG9w0BAQUFAAOCAQEAPpiem/Yb6dc5t3iuHXIY -SdOH5EOC6z/JqvWote9VfCFSZfnVDeFs9D6Mk3ORLgLETgdxb8CPOGEIqB6BCsAv -IC9Bi5HcSEW88cbeunZrM8gALTFGTO3nnc+IlP8zwFboJIYmuNg4ON8qa90SzMc/ -RxdMosIGlgnW2/4/PEZB31jiVg88O8EckzXZOFKs7sjsLjBOlDW0JB9LeGna8gI4 -zJVSk/BwJVmcIGfE7vmLV2H0knZ9P4SNVbfo5azV8fUZVqZa+5Acr5Pr5RzUZ5dd -BA6+C4OmF4O5MBKgxTMVBbkN+8cFduPYSo38NBejxiEovjBFMR7HeL5YYTisO+IB -ZQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICiTCCAg+gAwIBAgIQH0evqmIAcFBUTAGem2OZKjAKBggqhkjOPQQDAzCBhTEL -MAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE -BxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMT -IkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDgwMzA2MDAw -MDAwWhcNMzgwMTE4MjM1OTU5WjCBhTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdy -ZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09N -T0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlv -biBBdXRob3JpdHkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQDR3svdcmCFYX7deSR -FtSrYpn1PlILBs5BAH+X4QokPB0BBO490o0JlwzgdeT6+3eKKvUDYEs2ixYjFq0J -cfRK9ChQtP6IHG4/bC8vCVlbpVsLM5niwz2J+Wos77LTBumjQjBAMB0GA1UdDgQW -BBR1cacZSBm8nZ3qQUfflMRId5nTeTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/ -BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjEA7wNbeqy3eApyt4jf/7VGFAkK+qDm -fQjGGoe9GKhzvSbKYAydzpmfz1wPMOG+FDHqAjAU9JM8SaczepBGR7NjfRObTrdv -GDeAU/7dIOA1mjbRxwG55tzd8/8dLDoWV9mSOdY= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF2DCCA8CgAwIBAgIQTKr5yttjb+Af907YWwOGnTANBgkqhkiG9w0BAQwFADCB -hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G -A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNV -BAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAwMTE5 -MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBhTELMAkGA1UEBhMCR0IxGzAZBgNVBAgT -EkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR -Q09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNh -dGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCR -6FSS0gpWsawNJN3Fz0RndJkrN6N9I3AAcbxT38T6KhKPS38QVr2fcHK3YX/JSw8X -pz3jsARh7v8Rl8f0hj4K+j5c+ZPmNHrZFGvnnLOFoIJ6dq9xkNfs/Q36nGz637CC -9BR++b7Epi9Pf5l/tfxnQ3K9DADWietrLNPtj5gcFKt+5eNu/Nio5JIk2kNrYrhV -/erBvGy2i/MOjZrkm2xpmfh4SDBF1a3hDTxFYPwyllEnvGfDyi62a+pGx8cgoLEf -Zd5ICLqkTqnyg0Y3hOvozIFIQ2dOciqbXL1MGyiKXCJ7tKuY2e7gUYPDCUZObT6Z -+pUX2nwzV0E8jVHtC7ZcryxjGt9XyD+86V3Em69FmeKjWiS0uqlWPc9vqv9JWL7w -qP/0uK3pN/u6uPQLOvnoQ0IeidiEyxPx2bvhiWC4jChWrBQdnArncevPDt09qZah -SL0896+1DSJMwBGB7FY79tOi4lu3sgQiUpWAk2nojkxl8ZEDLXB0AuqLZxUpaVIC -u9ffUGpVRr+goyhhf3DQw6KqLCGqR84onAZFdr+CGCe01a60y1Dma/RMhnEw6abf -Fobg2P9A3fvQQoh/ozM6LlweQRGBY84YcWsr7KaKtzFcOmpH4MN5WdYgGq/yapiq -crxXStJLnbsQ/LBMQeXtHT1eKJ2czL+zUdqnR+WEUwIDAQABo0IwQDAdBgNVHQ4E -FgQUu69+Aj36pvE8hI6t7jiY7NkyMtQwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB -/wQFMAMBAf8wDQYJKoZIhvcNAQEMBQADggIBAArx1UaEt65Ru2yyTUEUAJNMnMvl -wFTPoCWOAvn9sKIN9SCYPBMtrFaisNZ+EZLpLrqeLppysb0ZRGxhNaKatBYSaVqM -4dc+pBroLwP0rmEdEBsqpIt6xf4FpuHA1sj+nq6PK7o9mfjYcwlYRm6mnPTXJ9OV -2jeDchzTc+CiR5kDOF3VSXkAKRzH7JsgHAckaVd4sjn8OoSgtZx8jb8uk2Intzna -FxiuvTwJaP+EmzzV1gsD41eeFPfR60/IvYcjt7ZJQ3mFXLrrkguhxuhoqEwWsRqZ -CuhTLJK7oQkYdQxlqHvLI7cawiiFwxv/0Cti76R7CZGYZ4wUAc1oBmpjIXUDgIiK -boHGhfKppC3n9KUkEEeDys30jXlYsQab5xoq2Z0B15R97QNKyvDb6KkBPvVWmcke -jkk9u+UJueBPSZI9FoJAzMxZxuY67RIuaTxslbH9qh17f4a+Hg4yRvv7E491f0yL -S0Zj/gA0QHDBw7mh3aZw4gSzQbzpgJHqZJx64SIDqZxubw5lT2yHh17zbqD5daWb -QOhTsiedSrnAdyGN/4fy3ryM7xfft0kL0fJuMAsaDk527RH89elWsn2/x20Kk4yl -0MC2Hb46TpSi125sC8KKfPog88Tk5c0NqMuRkrF8hey1FGlmDoLnzc7ILaZRfyHB -NVOFBkpdn627G190 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEvTCCA6WgAwIBAgIBADANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJFVTEn -MCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQL -ExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEiMCAGA1UEAxMZQ2hhbWJlcnMg -b2YgQ29tbWVyY2UgUm9vdDAeFw0wMzA5MzAxNjEzNDNaFw0zNzA5MzAxNjEzNDRa -MH8xCzAJBgNVBAYTAkVVMScwJQYDVQQKEx5BQyBDYW1lcmZpcm1hIFNBIENJRiBB -ODI3NDMyODcxIzAhBgNVBAsTGmh0dHA6Ly93d3cuY2hhbWJlcnNpZ24ub3JnMSIw -IAYDVQQDExlDaGFtYmVycyBvZiBDb21tZXJjZSBSb290MIIBIDANBgkqhkiG9w0B -AQEFAAOCAQ0AMIIBCAKCAQEAtzZV5aVdGDDg2olUkfzIx1L4L1DZ77F1c2VHfRtb -unXF/KGIJPov7coISjlUxFF6tdpg6jg8gbLL8bvZkSM/SAFwdakFKq0fcfPJVD0d -BmpAPrMMhe5cG3nCYsS4No41XQEMIwRHNaqbYE6gZj3LJgqcQKH0XZi/caulAGgq -7YN6D6IUtdQis4CwPAxaUWktWBiP7Zme8a7ileb2R6jWDA+wWFjbw2Y3npuRVDM3 -0pQcakjJyfKl2qUMI/cjDpwyVV5xnIQFUZot/eZOKjRa3spAN2cMVCFVd9oKDMyX -roDclDZK9D7ONhMeU+SsTjoF7Nuucpw4i9A5O4kKPnf+dQIBA6OCAUQwggFAMBIG -A1UdEwEB/wQIMAYBAf8CAQwwPAYDVR0fBDUwMzAxoC+gLYYraHR0cDovL2NybC5j -aGFtYmVyc2lnbi5vcmcvY2hhbWJlcnNyb290LmNybDAdBgNVHQ4EFgQU45T1sU3p -26EpW1eLTXYGduHRooowDgYDVR0PAQH/BAQDAgEGMBEGCWCGSAGG+EIBAQQEAwIA -BzAnBgNVHREEIDAegRxjaGFtYmVyc3Jvb3RAY2hhbWJlcnNpZ24ub3JnMCcGA1Ud -EgQgMB6BHGNoYW1iZXJzcm9vdEBjaGFtYmVyc2lnbi5vcmcwWAYDVR0gBFEwTzBN -BgsrBgEEAYGHLgoDATA+MDwGCCsGAQUFBwIBFjBodHRwOi8vY3BzLmNoYW1iZXJz -aWduLm9yZy9jcHMvY2hhbWJlcnNyb290Lmh0bWwwDQYJKoZIhvcNAQEFBQADggEB -AAxBl8IahsAifJ/7kPMa0QOx7xP5IV8EnNrJpY0nbJaHkb5BkAFyk+cefV/2icZd -p0AJPaxJRUXcLo0waLIJuvvDL8y6C98/d3tGfToSJI6WjzwFCm/SlCgdbQzALogi -1djPHRPH8EjX1wWnz8dHnjs8NMiAT9QUu/wNUPf6s+xCX6ndbcj0dc97wXImsQEc -XCz9ek60AcUFV7nnPKoF2YjpB0ZBzu9Bga5Y34OirsrXdx/nADydb47kMgkdTXg0 -eDQ8lJsm7U9xxhl6vSAiSFr+S30Dt+dYvsYyTnQeaN2oaFuzPu5ifdmA6Ap1erfu -tGWaIZDgqtCYvDi1czyL+Nw= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIExTCCA62gAwIBAgIBADANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJFVTEn -MCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQL -ExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEgMB4GA1UEAxMXR2xvYmFsIENo -YW1iZXJzaWduIFJvb3QwHhcNMDMwOTMwMTYxNDE4WhcNMzcwOTMwMTYxNDE4WjB9 -MQswCQYDVQQGEwJFVTEnMCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgy -NzQzMjg3MSMwIQYDVQQLExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEgMB4G -A1UEAxMXR2xvYmFsIENoYW1iZXJzaWduIFJvb3QwggEgMA0GCSqGSIb3DQEBAQUA -A4IBDQAwggEIAoIBAQCicKLQn0KuWxfH2H3PFIP8T8mhtxOviteePgQKkotgVvq0 -Mi+ITaFgCPS3CU6gSS9J1tPfnZdan5QEcOw/Wdm3zGaLmFIoCQLfxS+EjXqXd7/s -QJ0lcqu1PzKY+7e3/HKE5TWH+VX6ox8Oby4o3Wmg2UIQxvi1RMLQQ3/bvOSiPGpV -eAp3qdjqGTK3L/5cPxvusZjsyq16aUXjlg9V9ubtdepl6DJWk0aJqCWKZQbua795 -B9Dxt6/tLE2Su8CoX6dnfQTyFQhwrJLWfQTSM/tMtgsL+xrJxI0DqX5c8lCrEqWh -z0hQpe/SyBoT+rB/sYIcd2oPX9wLlY/vQ37mRQklAgEDo4IBUDCCAUwwEgYDVR0T -AQH/BAgwBgEB/wIBDDA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vY3JsLmNoYW1i -ZXJzaWduLm9yZy9jaGFtYmVyc2lnbnJvb3QuY3JsMB0GA1UdDgQWBBRDnDafsJ4w -TcbOX60Qq+UDpfqpFDAOBgNVHQ8BAf8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgAH -MCoGA1UdEQQjMCGBH2NoYW1iZXJzaWducm9vdEBjaGFtYmVyc2lnbi5vcmcwKgYD -VR0SBCMwIYEfY2hhbWJlcnNpZ25yb290QGNoYW1iZXJzaWduLm9yZzBbBgNVHSAE -VDBSMFAGCysGAQQBgYcuCgEBMEEwPwYIKwYBBQUHAgEWM2h0dHA6Ly9jcHMuY2hh -bWJlcnNpZ24ub3JnL2Nwcy9jaGFtYmVyc2lnbnJvb3QuaHRtbDANBgkqhkiG9w0B -AQUFAAOCAQEAPDtwkfkEVCeR4e3t/mh/YV3lQWVPMvEYBZRqHN4fcNs+ezICNLUM -bKGKfKX0j//U2K0X1S0E0T9YgOKBWYi+wONGkyT+kL0mojAt6JcmVzWJdJYY9hXi -ryQZVgICsroPFOrGimbBhkVVi76SvpykBMdJPJ7oKXqJ1/6v/2j1pReQvayZzKWG -VwlnRtvWFsJG8eSpUPWP0ZIV018+xgBJOm5YstHRJw0lyDL4IBHNfTIzSJRUTN3c -ecQwn+uOuFW114hcxWokPbLTBQNRxgfvzBRydD1ucs4YKIxKoHflCStFREest2d/ -AYoFWpO+ocH/+OcOZ6RHSXZddZAa9SaP8A== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDqDCCApCgAwIBAgIJAP7c4wEPyUj/MA0GCSqGSIb3DQEBBQUAMDQxCzAJBgNV -BAYTAkZSMRIwEAYDVQQKDAlEaGlteW90aXMxETAPBgNVBAMMCENlcnRpZ25hMB4X -DTA3MDYyOTE1MTMwNVoXDTI3MDYyOTE1MTMwNVowNDELMAkGA1UEBhMCRlIxEjAQ -BgNVBAoMCURoaW15b3RpczERMA8GA1UEAwwIQ2VydGlnbmEwggEiMA0GCSqGSIb3 -DQEBAQUAA4IBDwAwggEKAoIBAQDIaPHJ1tazNHUmgh7stL7qXOEm7RFHYeGifBZ4 -QCHkYJ5ayGPhxLGWkv8YbWkj4Sti993iNi+RB7lIzw7sebYs5zRLcAglozyHGxny -gQcPOJAZ0xH+hrTy0V4eHpbNgGzOOzGTtvKg0KmVEn2lmsxryIRWijOp5yIVUxbw -zBfsV1/pogqYCd7jX5xv3EjjhQsVWqa6n6xI4wmy9/Qy3l40vhx4XUJbzg4ij02Q -130yGLMLLGq/jj8UEYkgDncUtT2UCIf3JR7VsmAA7G8qKCVuKj4YYxclPz5EIBb2 -JsglrgVKtOdjLPOMFlN+XPsRGgjBRmKfIrjxwo1p3Po6WAbfAgMBAAGjgbwwgbkw -DwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUGu3+QTmQtCRZvgHyUtVF9lo53BEw -ZAYDVR0jBF0wW4AUGu3+QTmQtCRZvgHyUtVF9lo53BGhOKQ2MDQxCzAJBgNVBAYT -AkZSMRIwEAYDVQQKDAlEaGlteW90aXMxETAPBgNVBAMMCENlcnRpZ25hggkA/tzj -AQ/JSP8wDgYDVR0PAQH/BAQDAgEGMBEGCWCGSAGG+EIBAQQEAwIABzANBgkqhkiG -9w0BAQUFAAOCAQEAhQMeknH2Qq/ho2Ge6/PAD/Kl1NqV5ta+aDY9fm4fTIrv0Q8h -bV6lUmPOEvjvKtpv6zf+EwLHyzs+ImvaYS5/1HI93TDhHkxAGYwP15zRgzB7mFnc -fca5DClMoTOi62c6ZYTTluLtdkVwj7Ur3vkj1kluPBS1xp81HlDQwY9qcEQCYsuu -HWhBp6pX6FOqB9IG9tUUBguRA3UsbHK1YZWaDYu5Def131TN3ubY1gkIl2PlwS6w -t0QmwCbAr1UwnjvVNioZBPRcHv/PLLf/0P2HQBHVESO7SMAhqaQoLf0V+LBOK/Qw -WyH8EZE0vkHve52Xdf+XlcCWWC/qu0bXu+TZLg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFkjCCA3qgAwIBAgIBATANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJGUjET -MBEGA1UEChMKQ2VydGlub21pczEXMBUGA1UECxMOMDAwMiA0MzM5OTg5MDMxHTAb -BgNVBAMTFENlcnRpbm9taXMgLSBSb290IENBMB4XDTEzMTAyMTA5MTcxOFoXDTMz -MTAyMTA5MTcxOFowWjELMAkGA1UEBhMCRlIxEzARBgNVBAoTCkNlcnRpbm9taXMx -FzAVBgNVBAsTDjAwMDIgNDMzOTk4OTAzMR0wGwYDVQQDExRDZXJ0aW5vbWlzIC0g -Um9vdCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANTMCQosP5L2 -fxSeC5yaah1AMGT9qt8OHgZbn1CF6s2Nq0Nn3rD6foCWnoR4kkjW4znuzuRZWJfl -LieY6pOod5tK8O90gC3rMB+12ceAnGInkYjwSond3IjmFPnVAy//ldu9n+ws+hQV -WZUKxkd8aRi5pwP5ynapz8dvtF4F/u7BUrJ1Mofs7SlmO/NKFoL21prbcpjp3vDF -TKWrteoB4owuZH9kb/2jJZOLyKIOSY008B/sWEUuNKqEUL3nskoTuLAPrjhdsKkb -5nPJWqHZZkCqqU2mNAKthH6yI8H7KsZn9DS2sJVqM09xRLWtwHkziOC/7aOgFLSc -CbAK42C++PhmiM1b8XcF4LVzbsF9Ri6OSyemzTUK/eVNfaoqoynHWmgE6OXWk6Ri -wsXm9E/G+Z8ajYJJGYrKWUM66A0ywfRMEwNvbqY/kXPLynNvEiCL7sCCeN5LLsJJ -wx3tFvYk9CcbXFcx3FXuqB5vbKziRcxXV4p1VxngtViZSTYxPDMBbRZKzbgqg4SG -m/lg0h9tkQPTYKbVPZrdd5A9NaSfD171UkRpucC63M9933zZxKyGIjK8e2uR73r4 -F2iw4lNVYC2vPsKD2NkJK/DAZNuHi5HMkesE/Xa0lZrmFAYb1TQdvtj/dBxThZng -WVJKYe2InmtJiUZ+IFrZ50rlau7SZRFDAgMBAAGjYzBhMA4GA1UdDwEB/wQEAwIB -BjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTvkUz1pcMw6C8I6tNxIqSSaHh0 -2TAfBgNVHSMEGDAWgBTvkUz1pcMw6C8I6tNxIqSSaHh02TANBgkqhkiG9w0BAQsF -AAOCAgEAfj1U2iJdGlg+O1QnurrMyOMaauo++RLrVl89UM7g6kgmJs95Vn6RHJk/ -0KGRHCwPT5iVWVO90CLYiF2cN/z7ZMF4jIuaYAnq1fohX9B0ZedQxb8uuQsLrbWw -F6YSjNRieOpWauwK0kDDPAUwPk2Ut59KA9N9J0u2/kTO+hkzGm2kQtHdzMjI1xZS -g081lLMSVX3l4kLr5JyTCcBMWwerx20RoFAXlCOotQqSD7J6wWAsOMwaplv/8gzj -qh8c3LigkyfeY+N/IZ865Z764BNqdeuWXGKRlI5nU7aJ+BIJy29SWwNyhlCVCNSN -h4YVH5Uk2KRvms6knZtt0rJ2BobGVgjF6wnaNsIbW0G+YSrjcOa4pvi2WsS9Iff/ -ql+hbHY5ZtbqTFXhADObE5hjyW/QASAJN1LnDE8+zbz1X5YnpyACleAu6AdBBR8V -btaw5BngDwKTACdyxYvRVB9dSsNAl35VpnzBMwQUAR1JIGkLGZOdblgi90AMRgwj -Y/M50n92Uaf0yKHxDHYiI0ZSKS3io0EHVmmY0gUJvGnHWmHNj4FgFU2A3ZDifcRQ -8ow7bkrHxuaAKzyBvBGAFhAn1/DNP3nMcyrDflOR1m749fPH0FFNjkulW+YZFzvW -gQncItzujrnEj1PhZ7szuIgVRs/taTX/dQ1G885x4cVrhkIGuUE= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDkjCCAnqgAwIBAgIRAIW9S/PY2uNp9pTXX8OlRCMwDQYJKoZIhvcNAQEFBQAw -PTELMAkGA1UEBhMCRlIxETAPBgNVBAoTCENlcnRwbHVzMRswGQYDVQQDExJDbGFz -cyAyIFByaW1hcnkgQ0EwHhcNOTkwNzA3MTcwNTAwWhcNMTkwNzA2MjM1OTU5WjA9 -MQswCQYDVQQGEwJGUjERMA8GA1UEChMIQ2VydHBsdXMxGzAZBgNVBAMTEkNsYXNz -IDIgUHJpbWFyeSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANxQ -ltAS+DXSCHh6tlJw/W/uz7kRy1134ezpfgSN1sxvc0NXYKwzCkTsA18cgCSR5aiR -VhKC9+Ar9NuuYS6JEI1rbLqzAr3VNsVINyPi8Fo3UjMXEuLRYE2+L0ER4/YXJQyL -kcAbmXuZVg2v7tK8R1fjeUl7NIknJITesezpWE7+Tt9avkGtrAjFGA7v0lPubNCd -EgETjdyAYveVqUSISnFOYFWe2yMZeVYHDD9jC1yw4r5+FfyUM1hBOHTE4Y+L3yas -H7WLO7dDWWuwJKZtkIvEcupdM5i3y95ee++U8Rs+yskhwcWYAqqi9lt3m/V+llU0 -HGdpwPFC40es/CgcZlUCAwEAAaOBjDCBiTAPBgNVHRMECDAGAQH/AgEKMAsGA1Ud -DwQEAwIBBjAdBgNVHQ4EFgQU43Mt38sOKAze3bOkynm4jrvoMIkwEQYJYIZIAYb4 -QgEBBAQDAgEGMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly93d3cuY2VydHBsdXMu -Y29tL0NSTC9jbGFzczIuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQCnVM+IRBnL39R/ -AN9WM2K191EBkOvDP9GIROkkXe/nFL0gt5o8AP5tn9uQ3Nf0YtaLcF3n5QRIqWh8 -yfFC82x/xXp8HVGIutIKPidd3i1RTtMTZGnkLuPT55sJmabglZvOGtd/vjzOUrMR -FcEPF80Du5wlFbqidon8BvEY0JNLDnyCt6X09l/+7UCmnYR0ObncHoUW2ikbhiMA -ybuJfm6AiB4vFLQDJKgybwOaRywwvlbGp0ICcBvqQNi6BQNwB6SW//1IMwrh3KWB -kJtN3X3n57LNXMhqlfil9o3EXXgIvnsG1knPGTZQIy4I5p4FTUcY1Rbpsda2ENW7 -l7+ijrRU ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFazCCA1OgAwIBAgISESBVg+QtPlRWhS2DN7cs3EYRMA0GCSqGSIb3DQEBDQUA -MD4xCzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2Vy -dHBsdXMgUm9vdCBDQSBHMTAeFw0xNDA1MjYwMDAwMDBaFw0zODAxMTUwMDAwMDBa -MD4xCzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2Vy -dHBsdXMgUm9vdCBDQSBHMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB -ANpQh7bauKk+nWT6VjOaVj0W5QOVsjQcmm1iBdTYj+eJZJ+622SLZOZ5KmHNr49a -iZFluVj8tANfkT8tEBXgfs+8/H9DZ6itXjYj2JizTfNDnjl8KvzsiNWI7nC9hRYt -6kuJPKNxQv4c/dMcLRC4hlTqQ7jbxofaqK6AJc96Jh2qkbBIb6613p7Y1/oA/caP -0FG7Yn2ksYyy/yARujVjBYZHYEMzkPZHogNPlk2dT8Hq6pyi/jQu3rfKG3akt62f -6ajUeD94/vI4CTYd0hYCyOwqaK/1jpTvLRN6HkJKHRUxrgwEV/xhc/MxVoYxgKDE -EW4wduOU8F8ExKyHcomYxZ3MVwia9Az8fXoFOvpHgDm2z4QTd28n6v+WZxcIbekN -1iNQMLAVdBM+5S//Ds3EC0pd8NgAM0lm66EYfFkuPSi5YXHLtaW6uOrc4nBvCGrc -h2c0798wct3zyT8j/zXhviEpIDCB5BmlIOklynMxdCm+4kLV87ImZsdo/Rmz5yCT -mehd4F6H50boJZwKKSTUzViGUkAksnsPmBIgJPaQbEfIDbsYIC7Z/fyL8inqh3SV -4EJQeIQEQWGw9CEjjy3LKCHyamz0GqbFFLQ3ZU+V/YDI+HLlJWvEYLF7bY5KinPO -WftwenMGE9nTdDckQQoRb5fc5+R+ob0V8rqHDz1oihYHAgMBAAGjYzBhMA4GA1Ud -DwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSowcCbkahDFXxd -Bie0KlHYlwuBsTAfBgNVHSMEGDAWgBSowcCbkahDFXxdBie0KlHYlwuBsTANBgkq -hkiG9w0BAQ0FAAOCAgEAnFZvAX7RvUz1isbwJh/k4DgYzDLDKTudQSk0YcbX8ACh -66Ryj5QXvBMsdbRX7gp8CXrc1cqh0DQT+Hern+X+2B50ioUHj3/MeXrKls3N/U/7 -/SMNkPX0XtPGYX2eEeAC7gkE2Qfdpoq3DIMku4NQkv5gdRE+2J2winq14J2by5BS -S7CTKtQ+FjPlnsZlFT5kOwQ/2wyPX1wdaR+v8+khjPPvl/aatxm2hHSco1S1cE5j -2FddUyGbQJJD+tZ3VTNPZNX70Cxqjm0lpu+F6ALEUz65noe8zDUa3qHpimOHZR4R -Kttjd5cUvpoUmRGywO6wT/gUITJDT5+rosuoD6o7BlXGEilXCNQ314cnrUlZp5Gr -RHpejXDbl85IULFzk/bwg2D5zfHhMf1bfHEhYxQUqq/F3pN+aLHsIqKqkHWetUNy -6mSjhEv9DKgma3GX7lZjZuhCVPnHHd/Qj1vfyDBviP4NxDMcU6ij/UgQ8uQKTuEV -V/xuZDDCVRHc6qnNSlSsKWNEz0pAoNZoWRsz+e86i9sgktxChL8Bq4fA1SCC28a5 -g4VCXA9DO2pJNdWY9BW/+mGBDAkgGNLQFwzLSABQ6XaCjGTXOqAHVcweMcDvOrRl -++O/QmueD6i9a5jc2NvLi6Td11n0bt3+qsOR0C5CB8AMTVPNJLFMWx5R9N/pkvo= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICHDCCAaKgAwIBAgISESDZkc6uo+jF5//pAq/Pc7xVMAoGCCqGSM49BAMDMD4x -CzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2VydHBs -dXMgUm9vdCBDQSBHMjAeFw0xNDA1MjYwMDAwMDBaFw0zODAxMTUwMDAwMDBaMD4x -CzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2VydHBs -dXMgUm9vdCBDQSBHMjB2MBAGByqGSM49AgEGBSuBBAAiA2IABM0PW1aC3/BFGtat -93nwHcmsltaeTpwftEIRyoa/bfuFo8XlGVzX7qY/aWfYeOKmycTbLXku54uNAm8x -Ik0G42ByRZ0OQneezs/lf4WbGOT8zC5y0xaTTsqZY1yhBSpsBqNjMGEwDgYDVR0P -AQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNqDYwJ5jtpMxjwj -FNiPwyCrKGBZMB8GA1UdIwQYMBaAFNqDYwJ5jtpMxjwjFNiPwyCrKGBZMAoGCCqG -SM49BAMDA2gAMGUCMHD+sAvZ94OX7PNVHdTcswYO/jOYnYs5kGuUIe22113WTNch -p+e/IQ8rzfcq3IUHnQIxAIYUFuXcsGXCwI4Un78kFmjlvPl5adytRSv3tjFzzAal -U5ORGpOucGpnutee5WEaXw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDDDCCAfSgAwIBAgIDAQAgMA0GCSqGSIb3DQEBBQUAMD4xCzAJBgNVBAYTAlBM -MRswGQYDVQQKExJVbml6ZXRvIFNwLiB6IG8uby4xEjAQBgNVBAMTCUNlcnR1bSBD -QTAeFw0wMjA2MTExMDQ2MzlaFw0yNzA2MTExMDQ2MzlaMD4xCzAJBgNVBAYTAlBM -MRswGQYDVQQKExJVbml6ZXRvIFNwLiB6IG8uby4xEjAQBgNVBAMTCUNlcnR1bSBD -QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM6xwS7TT3zNJc4YPk/E -jG+AanPIW1H4m9LcuwBcsaD8dQPugfCI7iNS6eYVM42sLQnFdvkrOYCJ5JdLkKWo -ePhzQ3ukYbDYWMzhbGZ+nPMJXlVjhNWo7/OxLjBos8Q82KxujZlakE403Daaj4GI -ULdtlkIJ89eVgw1BS7Bqa/j8D35in2fE7SZfECYPCE/wpFcozo+47UX2bu4lXapu -Ob7kky/ZR6By6/qmW6/KUz/iDsaWVhFu9+lmqSbYf5VT7QqFiLpPKaVCjF62/IUg -AKpoC6EahQGcxEZjgoi2IrHu/qpGWX7PNSzVttpd90gzFFS269lvzs2I1qsb2pY7 -HVkCAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEA -uI3O7+cUus/usESSbLQ5PqKEbq24IXfS1HeCh+YgQYHu4vgRt2PRFze+GXYkHAQa -TOs9qmdvLdTN/mUxcMUbpgIKumB7bVjCmkn+YzILa+M6wKyrO7Do0wlRjBCDxjTg -xSvgGrZgFCdsMneMvLJymM/NzD+5yCRCFNZX/OYmQ6kd5YCQzgNUKD73P9P4Te1q -CjqTE5s7FCMTY5w/0YcneeVMUeMBrYVdGjux1XMQpNPyvG5k9VpWkKjHDkx0Dy5x -O/fIR/RpbxXyEV6DHpx8Uq79AtoSqFlnGNu8cN2bsWntgM6JQEhqDjXKKWYVIZQs -6GAqm4VKQPNriiTsBhYscw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDuzCCAqOgAwIBAgIDBETAMA0GCSqGSIb3DQEBBQUAMH4xCzAJBgNVBAYTAlBM -MSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2llcyBTLkEuMScwJQYDVQQLEx5D -ZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxIjAgBgNVBAMTGUNlcnR1bSBU -cnVzdGVkIE5ldHdvcmsgQ0EwHhcNMDgxMDIyMTIwNzM3WhcNMjkxMjMxMTIwNzM3 -WjB+MQswCQYDVQQGEwJQTDEiMCAGA1UEChMZVW5pemV0byBUZWNobm9sb2dpZXMg -Uy5BLjEnMCUGA1UECxMeQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MSIw -IAYDVQQDExlDZXJ0dW0gVHJ1c3RlZCBOZXR3b3JrIENBMIIBIjANBgkqhkiG9w0B -AQEFAAOCAQ8AMIIBCgKCAQEA4/t9o3K6wvDJFIf1awFO4W5AB7ptJ11/91sts1rH -UV+rpDKmYYe2bg+G0jACl/jXaVehGDldamR5xgFZrDwxSjh80gTSSyjoIF87B6LM -TXPb865Px1bVWqeWifrzq2jUI4ZZJ88JJ7ysbnKDHDBy3+Ci6dLhdHUZvSqeexVU -BBvXQzmtVSjF4hq79MDkrjhJM8x2hZ85RdKknvISjFH4fOQtf/WsX+sWn7Et0brM -kUJ3TCXJkDhv2/DM+44el1k+1WBO5gUo7Ul5E0u6SNsv+XLTOcr+H9g0cvW0QM8x -AcPs3hEtF10fuFDRXhmnad4HMyjKUJX5p1TLVIZQRan5SQIDAQABo0IwQDAPBgNV -HRMBAf8EBTADAQH/MB0GA1UdDgQWBBQIds3LB/8k9sXN7buQvOKEN0Z19zAOBgNV -HQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQEFBQADggEBAKaorSLOAT2mo/9i0Eidi15y -sHhE49wcrwn9I0j6vSrEuVUEtRCjjSfeC4Jj0O7eDDd5QVsisrCaQVymcODU0HfL -I9MA4GxWL+FpDQ3Zqr8hgVDZBqWo/5U30Kr+4rP1mS1FhIrlQgnXdAIv94nYmem8 -J9RHjboNRhx3zxSkHLmkMcScKHQDNP8zGSal6Q10tz6XxnboJ5ajZt3hrvJBW8qY -VoNzcOSGGtIxQbovvi0TWnZvTuhOgQ4/WwMioBK+ZlgRSssDxLQqKi2WF+A5VLxI -03YnnZotBqbJ7DnSq9ufmgsnAjUpsUCV5/nonFWIGUbWtzT1fs45mtk48VH3Tyw= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF0jCCA7qgAwIBAgIQIdbQSk8lD8kyN/yqXhKN6TANBgkqhkiG9w0BAQ0FADCB -gDELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMu -QS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEkMCIG -A1UEAxMbQ2VydHVtIFRydXN0ZWQgTmV0d29yayBDQSAyMCIYDzIwMTExMDA2MDgz -OTU2WhgPMjA0NjEwMDYwODM5NTZaMIGAMQswCQYDVQQGEwJQTDEiMCAGA1UEChMZ -VW5pemV0byBUZWNobm9sb2dpZXMgUy5BLjEnMCUGA1UECxMeQ2VydHVtIENlcnRp -ZmljYXRpb24gQXV0aG9yaXR5MSQwIgYDVQQDExtDZXJ0dW0gVHJ1c3RlZCBOZXR3 -b3JrIENBIDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC9+Xj45tWA -DGSdhhuWZGc/IjoedQF97/tcZ4zJzFxrqZHmuULlIEub2pt7uZld2ZuAS9eEQCsn -0+i6MLs+CRqnSZXvK0AkwpfHp+6bJe+oCgCXhVqqndwpyeI1B+twTUrWwbNWuKFB -OJvR+zF/j+Bf4bE/D44WSWDXBo0Y+aomEKsq09DRZ40bRr5HMNUuctHFY9rnY3lE -fktjJImGLjQ/KUxSiyqnwOKRKIm5wFv5HdnnJ63/mgKXwcZQkpsCLL2puTRZCr+E -Sv/f/rOf69me4Jgj7KZrdxYq28ytOxykh9xGc14ZYmhFV+SQgkK7QtbwYeDBoz1m -o130GO6IyY0XRSmZMnUCMe4pJshrAua1YkV/NxVaI2iJ1D7eTiew8EAMvE0Xy02i -sx7QBlrd9pPPV3WZ9fqGGmd4s7+W/jTcvedSVuWz5XV710GRBdxdaeOVDUO5/IOW -OZV7bIBaTxNyxtd9KXpEulKkKtVBRgkg/iKgtlswjbyJDNXXcPiHUv3a76xRLgez -Tv7QCdpw75j6VuZt27VXS9zlLCUVyJ4ueE742pyehizKV/Ma5ciSixqClnrDvFAS -adgOWkaLOusm+iPJtrCBvkIApPjW/jAux9JG9uWOdf3yzLnQh1vMBhBgu4M1t15n -3kfsmUjxpKEV/q2MYo45VU85FrmxY53/twIDAQABo0IwQDAPBgNVHRMBAf8EBTAD -AQH/MB0GA1UdDgQWBBS2oVQ5AsOgP46KvPrU+Bym0ToO/TAOBgNVHQ8BAf8EBAMC -AQYwDQYJKoZIhvcNAQENBQADggIBAHGlDs7k6b8/ONWJWsQCYftMxRQXLYtPU2sQ -F/xlhMcQSZDe28cmk4gmb3DWAl45oPePq5a1pRNcgRRtDoGCERuKTsZPpd1iHkTf -CVn0W3cLN+mLIMb4Ck4uWBzrM9DPhmDJ2vuAL55MYIR4PSFk1vtBHxgP58l1cb29 -XN40hz5BsA72udY/CROWFC/emh1auVbONTqwX3BNXuMp8SMoclm2q8KMZiYcdywm -djWLKKdpoPk79SPdhRB0yZADVpHnr7pH1BKXESLjokmUbOe3lEu6LaTaM4tMpkT/ -WjzGHWTYtTHkpjx6qFcL2+1hGsvxznN3Y6SHb0xRONbkX8eftoEq5IVIeVheO/jb -AoJnwTnbw3RLPTYe+SmTiGhbqEQZIfCn6IENLOiTNrQ3ssqwGyZ6miUfmpqAnksq -P/ujmv5zMnHCnsZy4YpoJ/HkD7TETKVhk/iXEAcqMCWpuchxuO9ozC1+9eB+D4Ko -b7a6bINDd82Kkhehnlt4Fj1F4jNy3eFmypnTycUm/Q1oBEauttmbjL4ZvrHG8hnj -XALKLNhvSgfZyTXaQHXyxKcZb55CEJh15pWLYLztxRLXis7VmFxWlgPF7ncGNf/P -5O4/E2Hu29othfDNrp2yGAlFw5Khchf8R7agCyzxxN5DaAhqXzvwdmP7zAYspsbi -DrW5viSP ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIHTzCCBTegAwIBAgIJAKPaQn6ksa7aMA0GCSqGSIb3DQEBBQUAMIGuMQswCQYD -VQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0 -IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAGA1UEBRMJQTgyNzQzMjg3 -MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xKTAnBgNVBAMTIENoYW1iZXJz -IG9mIENvbW1lcmNlIFJvb3QgLSAyMDA4MB4XDTA4MDgwMTEyMjk1MFoXDTM4MDcz -MTEyMjk1MFowga4xCzAJBgNVBAYTAkVVMUMwQQYDVQQHEzpNYWRyaWQgKHNlZSBj -dXJyZW50IGFkZHJlc3MgYXQgd3d3LmNhbWVyZmlybWEuY29tL2FkZHJlc3MpMRIw -EAYDVQQFEwlBODI3NDMyODcxGzAZBgNVBAoTEkFDIENhbWVyZmlybWEgUy5BLjEp -MCcGA1UEAxMgQ2hhbWJlcnMgb2YgQ29tbWVyY2UgUm9vdCAtIDIwMDgwggIiMA0G -CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCvAMtwNyuAWko6bHiUfaN/Gh/2NdW9 -28sNRHI+JrKQUrpjOyhYb6WzbZSm891kDFX29ufyIiKAXuFixrYp4YFs8r/lfTJq -VKAyGVn+H4vXPWCGhSRv4xGzdz4gljUha7MI2XAuZPeEklPWDrCQiorjh40G072Q -DuKZoRuGDtqaCrsLYVAGUvGef3bsyw/QHg3PmTA9HMRFEFis1tPo1+XqxQEHd9ZR -5gN/ikilTWh1uem8nk4ZcfUyS5xtYBkL+8ydddy/Js2Pk3g5eXNeJQ7KXOt3EgfL -ZEFHcpOrUMPrCXZkNNI5t3YRCQ12RcSprj1qr7V9ZS+UWBDsXHyvfuK2GNnQm05a -Sd+pZgvMPMZ4fKecHePOjlO+Bd5gD2vlGts/4+EhySnB8esHnFIbAURRPHsl18Tl -UlRdJQfKFiC4reRB7noI/plvg6aRArBsNlVq5331lubKgdaX8ZSD6e2wsWsSaR6s -+12pxZjptFtYer49okQ6Y1nUCyXeG0+95QGezdIp1Z8XGQpvvwyQ0wlf2eOKNcx5 -Wk0ZN5K3xMGtr/R5JJqyAQuxr1yW84Ay+1w9mPGgP0revq+ULtlVmhduYJ1jbLhj -ya6BXBg14JC7vjxPNyK5fuvPnnchpj04gftI2jE9K+OJ9dC1vX7gUMQSibMjmhAx -hduub+84Mxh2EQIDAQABo4IBbDCCAWgwEgYDVR0TAQH/BAgwBgEB/wIBDDAdBgNV -HQ4EFgQU+SSsD7K1+HnA+mCIG8TZTQKeFxkwgeMGA1UdIwSB2zCB2IAU+SSsD7K1 -+HnA+mCIG8TZTQKeFxmhgbSkgbEwga4xCzAJBgNVBAYTAkVVMUMwQQYDVQQHEzpN -YWRyaWQgKHNlZSBjdXJyZW50IGFkZHJlc3MgYXQgd3d3LmNhbWVyZmlybWEuY29t -L2FkZHJlc3MpMRIwEAYDVQQFEwlBODI3NDMyODcxGzAZBgNVBAoTEkFDIENhbWVy -ZmlybWEgUy5BLjEpMCcGA1UEAxMgQ2hhbWJlcnMgb2YgQ29tbWVyY2UgUm9vdCAt -IDIwMDiCCQCj2kJ+pLGu2jAOBgNVHQ8BAf8EBAMCAQYwPQYDVR0gBDYwNDAyBgRV -HSAAMCowKAYIKwYBBQUHAgEWHGh0dHA6Ly9wb2xpY3kuY2FtZXJmaXJtYS5jb20w -DQYJKoZIhvcNAQEFBQADggIBAJASryI1wqM58C7e6bXpeHxIvj99RZJe6dqxGfwW -PJ+0W2aeaufDuV2I6A+tzyMP3iU6XsxPpcG1Lawk0lgH3qLPaYRgM+gQDROpI9CF -5Y57pp49chNyM/WqfcZjHwj0/gF/JM8rLFQJ3uIrbZLGOU8W6jx+ekbURWpGqOt1 -glanq6B8aBMz9p0w8G8nOSQjKpD9kCk18pPfNKXG9/jvjA9iSnyu0/VU+I22mlaH -FoI6M6taIgj3grrqLuBHmrS1RaMFO9ncLkVAO+rcf+g769HsJtg1pDDFOqxXnrN2 -pSB7+R5KBWIBpih1YJeSDW4+TTdDDZIVnBgizVGZoCkaPF+KMjNbMMeJL0eYD6MD -xvbxrN8y8NmBGuScvfaAFPDRLLmF9dijscilIeUcE5fuDr3fKanvNFNb0+RqE4QG -tjICxFKuItLcsiFCGtpA8CnJ7AoMXOLQusxI0zcKzBIKinmwPQN/aUv0NCB9szTq -jktk9T79syNnFQ0EuPAtwQlRPLJsFfClI9eDdOTlLsn+mCdCxqvGnrDQWzilm1De -fhiYtUU79nm06PcaewaD+9CL2rvHvRirCG88gGtAPxkZumWK5r7VXNM21+9AUiRg -OGcEMeyP84LG3rlV8zsxkVrctQgVrXYlCg17LofiDKYGvCYQbTed7N14jHyAxfDZ -d0jQ ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDkzCCAnugAwIBAgIQFBOWgxRVjOp7Y+X8NId3RDANBgkqhkiG9w0BAQUFADA0 -MRMwEQYDVQQDEwpDb21TaWduIENBMRAwDgYDVQQKEwdDb21TaWduMQswCQYDVQQG -EwJJTDAeFw0wNDAzMjQxMTMyMThaFw0yOTAzMTkxNTAyMThaMDQxEzARBgNVBAMT -CkNvbVNpZ24gQ0ExEDAOBgNVBAoTB0NvbVNpZ24xCzAJBgNVBAYTAklMMIIBIjAN -BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8ORUaSvTx49qROR+WCf4C9DklBKK -8Rs4OC8fMZwG1Cyn3gsqrhqg455qv588x26i+YtkbDqthVVRVKU4VbirgwTyP2Q2 -98CNQ0NqZtH3FyrV7zb6MBBC11PN+fozc0yz6YQgitZBJzXkOPqUm7h65HkfM/sb -2CEJKHxNGGleZIp6GZPKfuzzcuc3B1hZKKxC+cX/zT/npfo4sdAMx9lSGlPWgcxC -ejVb7Us6eva1jsz/D3zkYDaHL63woSV9/9JLEYhwVKZBqGdTUkJe5DSe5L6j7Kpi -Xd3DTKaCQeQzC6zJMw9kglcq/QytNuEMrkvF7zuZ2SOzW120V+x0cAwqTwIDAQAB -o4GgMIGdMAwGA1UdEwQFMAMBAf8wPQYDVR0fBDYwNDAyoDCgLoYsaHR0cDovL2Zl -ZGlyLmNvbXNpZ24uY28uaWwvY3JsL0NvbVNpZ25DQS5jcmwwDgYDVR0PAQH/BAQD -AgGGMB8GA1UdIwQYMBaAFEsBmz5WGmU2dst7l6qSBe4y5ygxMB0GA1UdDgQWBBRL -AZs+VhplNnbLe5eqkgXuMucoMTANBgkqhkiG9w0BAQUFAAOCAQEA0Nmlfv4pYEWd -foPPbrxHbvUanlR2QnG0PFg/LUAlQvaBnPGJEMgOqnhPOAlXsDzACPw1jvFIUY0M -cXS6hMTXcpuEfDhOZAYnKuGntewImbQKDdSFc8gS4TXt8QUxHXOZDOuWyt3T5oWq -8Ir7dcHyCTxlZWTzTNity4hp8+SDtwy9F1qWF8pb/627HOkthIDYIb6FUtnUdLlp -hbpN7Sgy6/lhSuTENh4Z3G+EER+V9YMoGKgzkkMn3V0TBEVPh9VGzT2ouvDzuFYk -Res3x+F2T3I5GN9+dHLHcy056mDmrRGiVod7w2ia/viMcKjfZTL0pECMocJEAw6U -AGegcQCCSA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEMjCCAxqgAwIBAgIBATANBgkqhkiG9w0BAQUFADB7MQswCQYDVQQGEwJHQjEb -MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow -GAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UEAwwYQUFBIENlcnRpZmlj -YXRlIFNlcnZpY2VzMB4XDTA0MDEwMTAwMDAwMFoXDTI4MTIzMTIzNTk1OVowezEL -MAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE -BwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxITAfBgNVBAMM -GEFBQSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczCCASIwDQYJKoZIhvcNAQEBBQADggEP -ADCCAQoCggEBAL5AnfRu4ep2hxxNRUSOvkbIgwadwSr+GB+O5AL686tdUIoWMQua -BtDFcCLNSS1UY8y2bmhGC1Pqy0wkwLxyTurxFa70VJoSCsN6sjNg4tqJVfMiWPPe -3M/vg4aijJRPn2jymJBGhCfHdr/jzDUsi14HZGWCwEiwqJH5YZ92IFCokcdmtet4 -YgNW8IoaE+oxox6gmf049vYnMlhvB/VruPsUK6+3qszWY19zjNoFmag4qMsXeDZR -rOme9Hg6jc8P2ULimAyrL58OAd7vn5lJ8S3frHRNG5i1R8XlKdH5kBjHYpy+g8cm -ez6KJcfA3Z3mNWgQIJ2P2N7Sw4ScDV7oL8kCAwEAAaOBwDCBvTAdBgNVHQ4EFgQU -oBEKIz6W8Qfs4q8p74Klf9AwpLQwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQF -MAMBAf8wewYDVR0fBHQwcjA4oDagNIYyaHR0cDovL2NybC5jb21vZG9jYS5jb20v -QUFBQ2VydGlmaWNhdGVTZXJ2aWNlcy5jcmwwNqA0oDKGMGh0dHA6Ly9jcmwuY29t -b2RvLm5ldC9BQUFDZXJ0aWZpY2F0ZVNlcnZpY2VzLmNybDANBgkqhkiG9w0BAQUF -AAOCAQEACFb8AvCb6P+k+tZ7xkSAzk/ExfYAWMymtrwUSWgEdujm7l3sAg9g1o1Q -GE8mTgHj5rCl7r+8dFRBv/38ErjHT1r0iWAFf2C3BUrz9vHCv8S5dIa2LX1rzNLz -Rt0vxuBqw8M0Ayx9lt1awg6nCpnBBYurDC/zXDrPbDdVCYfeU0BsWO/8tqtlbgT2 -G9w84FoVxp7Z8VlIMCFlA2zs6SFz7JsDoeA3raAVGI/6ugLOpyypEBMs1OUIJqsi -l2D4kF501KKaU73yqWjgom7C12yxow+ev+to51byrvLjKzg6CYG1a4XXvi3tPxq3 -smPi9WIsgtRqAEFQ8TmDn5XpNpaYbg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDoTCCAomgAwIBAgILBAAAAAABD4WqLUgwDQYJKoZIhvcNAQEFBQAwOzEYMBYG -A1UEChMPQ3liZXJ0cnVzdCwgSW5jMR8wHQYDVQQDExZDeWJlcnRydXN0IEdsb2Jh -bCBSb290MB4XDTA2MTIxNTA4MDAwMFoXDTIxMTIxNTA4MDAwMFowOzEYMBYGA1UE -ChMPQ3liZXJ0cnVzdCwgSW5jMR8wHQYDVQQDExZDeWJlcnRydXN0IEdsb2JhbCBS -b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+Mi8vRRQZhP/8NN5 -7CPytxrHjoXxEnOmGaoQ25yiZXRadz5RfVb23CO21O1fWLE3TdVJDm71aofW0ozS -J8bi/zafmGWgE07GKmSb1ZASzxQG9Dvj1Ci+6A74q05IlG2OlTEQXO2iLb3VOm2y -HLtgwEZLAfVJrn5GitB0jaEMAs7u/OePuGtm839EAL9mJRQr3RAwHQeWP032a7iP -t3sMpTjr3kfb1V05/Iin89cqdPHoWqI7n1C6poxFNcJQZZXcY4Lv3b93TZxiyWNz -FtApD0mpSPCzqrdsxacwOUBdrsTiXSZT8M4cIwhhqJQZugRiQOwfOHB3EgZxpzAY -XSUnpQIDAQABo4GlMIGiMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/ -MB0GA1UdDgQWBBS2CHsNesysIEyGVjJez6tuhS1wVzA/BgNVHR8EODA2MDSgMqAw -hi5odHRwOi8vd3d3Mi5wdWJsaWMtdHJ1c3QuY29tL2NybC9jdC9jdHJvb3QuY3Js -MB8GA1UdIwQYMBaAFLYIew16zKwgTIZWMl7Pq26FLXBXMA0GCSqGSIb3DQEBBQUA -A4IBAQBW7wojoFROlZfJ+InaRcHUowAl9B8Tq7ejhVhpwjCt2BWKLePJzYFa+HMj -Wqd8BfP9IjsO0QbE2zZMcwSO5bAi5MXzLqXZI+O4Tkogp24CJJ8iYGd7ix1yCcUx -XOl5n4BHPa2hCwcUPUf/A2kaDAtE52Mlp3+yybh2hO0j9n0Hq0V+09+zv+mKts2o -omcrUtW3ZfA5TGOgkXmTUg9U3YO7n9GPp1Nzw8v/MOx8BLjYRB+TX3EJIrduPuoc -A06dGiBh+4E37F78CkWr1+cXVdCg6mCbpvbjjFspwgZgFJ0tl0ypkxWdYcQBX0jW -WL1WMRJOEcgh4LMRkWXbtKaIOM5V ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEDjCCAvagAwIBAgIDD92sMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNVBAYTAkRF -MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxHzAdBgNVBAMMFkQtVFJVU1QgUm9vdCBD -QSAzIDIwMTMwHhcNMTMwOTIwMDgyNTUxWhcNMjgwOTIwMDgyNTUxWjBFMQswCQYD -VQQGEwJERTEVMBMGA1UECgwMRC1UcnVzdCBHbWJIMR8wHQYDVQQDDBZELVRSVVNU -IFJvb3QgQ0EgMyAyMDEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA -xHtCkoIf7O1UmI4SwMoJ35NuOpNcG+QQd55OaYhs9uFp8vabomGxvQcgdJhl8Ywm -CM2oNcqANtFjbehEeoLDbF7eu+g20sRoNoyfMr2EIuDcwu4QRjltr5M5rofmw7wJ -ySxrZ1vZm3Z1TAvgu8XXvD558l++0ZBX+a72Zl8xv9Ntj6e6SvMjZbu376Ml1wrq -WLbviPr6ebJSWNXwrIyhUXQplapRO5AyA58ccnSQ3j3tYdLl4/1kR+W5t0qp9x+u -loYErC/jpIF3t1oW/9gPP/a3eMykr/pbPBJbqFKJcu+I89VEgYaVI5973bzZNO98 -lDyqwEHC451QGsDkGSL8swIDAQABo4IBBTCCAQEwDwYDVR0TAQH/BAUwAwEB/zAd -BgNVHQ4EFgQUP5DIfccVb/Mkj6nDL0uiDyGyL+cwDgYDVR0PAQH/BAQDAgEGMIG+ -BgNVHR8EgbYwgbMwdKByoHCGbmxkYXA6Ly9kaXJlY3RvcnkuZC10cnVzdC5uZXQv -Q049RC1UUlVTVCUyMFJvb3QlMjBDQSUyMDMlMjAyMDEzLE89RC1UcnVzdCUyMEdt -YkgsQz1ERT9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0MDugOaA3hjVodHRwOi8v -Y3JsLmQtdHJ1c3QubmV0L2NybC9kLXRydXN0X3Jvb3RfY2FfM18yMDEzLmNybDAN -BgkqhkiG9w0BAQsFAAOCAQEADlkOWOR0SCNEzzQhtZwUGq2aS7eziG1cqRdw8Cqf -jXv5e4X6xznoEAiwNStfzwLS05zICx7uBVSuN5MECX1sj8J0vPgclL4xAUAt8yQg -t4RVLFzI9XRKEBmLo8ftNdYJSNMOwLo5qLBGArDbxohZwr78e7Erz35ih1WWzAFv -m2chlTWL+BD8cRu3SzdppjvW7IvuwbDzJcmPkn2h6sPKRL8mpXSSnON065102ctN -h9j8tGlsi6BDB2B4l+nZk3zCRrybN1Kj7Yo8E6l7U0tJmhEFLAtuVqwfLoJs4Gln -tQ5tLdnkwBXxP/oYcuEVbSdbLTAoK59ImmQrme/ydUlfXA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEMzCCAxugAwIBAgIDCYPzMA0GCSqGSIb3DQEBCwUAME0xCzAJBgNVBAYTAkRF -MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxJzAlBgNVBAMMHkQtVFJVU1QgUm9vdCBD -bGFzcyAzIENBIDIgMjAwOTAeFw0wOTExMDUwODM1NThaFw0yOTExMDUwODM1NTha -ME0xCzAJBgNVBAYTAkRFMRUwEwYDVQQKDAxELVRydXN0IEdtYkgxJzAlBgNVBAMM -HkQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgMjAwOTCCASIwDQYJKoZIhvcNAQEB -BQADggEPADCCAQoCggEBANOySs96R+91myP6Oi/WUEWJNTrGa9v+2wBoqOADER03 -UAifTUpolDWzU9GUY6cgVq/eUXjsKj3zSEhQPgrfRlWLJ23DEE0NkVJD2IfgXU42 -tSHKXzlABF9bfsyjxiupQB7ZNoTWSPOSHjRGICTBpFGOShrvUD9pXRl/RcPHAY9R -ySPocq60vFYJfxLLHLGvKZAKyVXMD9O0Gu1HNVpK7ZxzBCHQqr0ME7UAyiZsxGsM -lFqVlNpQmvH/pStmMaTJOKDfHR+4CS7zp+hnUquVH+BGPtikw8paxTGA6Eian5Rp -/hnd2HN8gcqW3o7tszIFZYQ05ub9VxC1X3a/L7AQDcUCAwEAAaOCARowggEWMA8G -A1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFP3aFMSfMN4hvR5COfyrYyNJ4PGEMA4G -A1UdDwEB/wQEAwIBBjCB0wYDVR0fBIHLMIHIMIGAoH6gfIZ6bGRhcDovL2RpcmVj -dG9yeS5kLXRydXN0Lm5ldC9DTj1ELVRSVVNUJTIwUm9vdCUyMENsYXNzJTIwMyUy -MENBJTIwMiUyMDIwMDksTz1ELVRydXN0JTIwR21iSCxDPURFP2NlcnRpZmljYXRl -cmV2b2NhdGlvbmxpc3QwQ6BBoD+GPWh0dHA6Ly93d3cuZC10cnVzdC5uZXQvY3Js -L2QtdHJ1c3Rfcm9vdF9jbGFzc18zX2NhXzJfMjAwOS5jcmwwDQYJKoZIhvcNAQEL -BQADggEBAH+X2zDI36ScfSF6gHDOFBJpiBSVYEQBrLLpME+bUMJm2H6NMLVwMeni -acfzcNsgFYbQDfC+rAF1hM5+n02/t2A7nPPKHeJeaNijnZflQGDSNiH+0LS4F9p0 -o3/U37CYAqxva2ssJSRyoWXuJVrl5jLn8t+rSfrzkGkj2wTZ51xY/GXUl77M/C4K -zCUqNQT4YJEVdT1B/yMfGchs64JTBKbkTCJNjYy6zltz7GRUUG3RnFX7acM2w4y8 -PIWmawomDeCTmGCufsYkl4phX5GOZpIJhzbNi5stPvZR1FDUWSi9g/LMKHtThm3Y -Johw1+qRzT65ysCQblrGXnRl11z+o+I= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEQzCCAyugAwIBAgIDCYP0MA0GCSqGSIb3DQEBCwUAMFAxCzAJBgNVBAYTAkRF -MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxKjAoBgNVBAMMIUQtVFJVU1QgUm9vdCBD -bGFzcyAzIENBIDIgRVYgMjAwOTAeFw0wOTExMDUwODUwNDZaFw0yOTExMDUwODUw -NDZaMFAxCzAJBgNVBAYTAkRFMRUwEwYDVQQKDAxELVRydXN0IEdtYkgxKjAoBgNV -BAMMIUQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgRVYgMjAwOTCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAJnxhDRwui+3MKCOvXwEz75ivJn9gpfSegpn -ljgJ9hBOlSJzmY3aFS3nBfwZcyK3jpgAvDw9rKFs+9Z5JUut8Mxk2og+KbgPCdM0 -3TP1YtHhzRnp7hhPTFiu4h7WDFsVWtg6uMQYZB7jM7K1iXdODL/ZlGsTl28So/6Z -qQTMFexgaDbtCHu39b+T7WYxg4zGcTSHThfqr4uRjRxWQa4iN1438h3Z0S0NL2lR -p75mpoo6Kr3HGrHhFPC+Oh25z1uxav60sUYgovseO3Dvk5h9jHOW8sXvhXCtKSb8 -HgQ+HKDYD8tSg2J87otTlZCpV6LqYQXY+U3EJ/pure3511H3a6UCAwEAAaOCASQw -ggEgMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNOUikxiEyoZLsyvcop9Ntea -HNxnMA4GA1UdDwEB/wQEAwIBBjCB3QYDVR0fBIHVMIHSMIGHoIGEoIGBhn9sZGFw -Oi8vZGlyZWN0b3J5LmQtdHJ1c3QubmV0L0NOPUQtVFJVU1QlMjBSb290JTIwQ2xh -c3MlMjAzJTIwQ0ElMjAyJTIwRVYlMjAyMDA5LE89RC1UcnVzdCUyMEdtYkgsQz1E -RT9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0MEagRKBChkBodHRwOi8vd3d3LmQt -dHJ1c3QubmV0L2NybC9kLXRydXN0X3Jvb3RfY2xhc3NfM19jYV8yX2V2XzIwMDku -Y3JsMA0GCSqGSIb3DQEBCwUAA4IBAQA07XtaPKSUiO8aEXUHL7P+PPoeUSbrh/Yp -3uDx1MYkCenBz1UbtDDZzhr+BlGmFaQt77JLvyAoJUnRpjZ3NOhk31KxEcdzes05 -nsKtjHEh8lprr988TlWvsoRlFIm5d8sqMb7Po23Pb0iUMkZv53GMoKaEGTcH8gNF -CSuGdXzfX2lXANtu2KZyIktQ1HWYVt+3GP9DQ1CuekR78HlR10M9p9OB0/DJT7na -xpeG0ILD5EJt/rDiZE4OJudANCa1CInXCGNjOCd1HjPqbqjdn5lPdE2BiYBL3ZqX -KVwvvoFBuYz/6n1gBp7N1z3TLqMVvKjmJuVvw9y4AyHqnxbxLFS1 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/ -MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT -DkRTVCBSb290IENBIFgzMB4XDTAwMDkzMDIxMTIxOVoXDTIxMDkzMDE0MDExNVow -PzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQD -Ew5EU1QgUm9vdCBDQSBYMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB -AN+v6ZdQCINXtMxiZfaQguzH0yxrMMpb7NnDfcdAwRgUi+DoM3ZJKuM/IUmTrE4O -rz5Iy2Xu/NMhD2XSKtkyj4zl93ewEnu1lcCJo6m67XMuegwGMoOifooUMM0RoOEq -OLl5CjH9UL2AZd+3UWODyOKIYepLYYHsUmu5ouJLGiifSKOeDNoJjj4XLh7dIN9b -xiqKqy69cK3FCxolkHRyxXtqqzTWMIn/5WgTe1QLyNau7Fqckh49ZLOMxt+/yUFw -7BZy1SbsOFU5Q9D8/RhcQPGX69Wam40dutolucbY38EVAjqr2m7xPi71XAicPNaD -aeQQmxkqtilX4+U9m5/wAl0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNV -HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMSnsaR7LHH62+FLkHX/xBVghYkQMA0GCSqG -SIb3DQEBBQUAA4IBAQCjGiybFwBcqR7uKGY3Or+Dxz9LwwmglSBd49lZRNI+DT69 -ikugdB/OEIKcdBodfpga3csTS7MgROSR6cz8faXbauX+5v3gTt23ADq1cEmv8uXr -AvHRAosZy5Q6XkjEGB5YGV8eAlrwDPGxrancWYaLbumR9YbK+rlmM6pZW87ipxZz -R8srzJmwN0jP41ZL9c8PDHIyh8bwRLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5 -JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubSfZGL+T0yjWW06XyxV3bqxbYo -Ob8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDnzCCAoegAwIBAgIBJjANBgkqhkiG9w0BAQUFADBxMQswCQYDVQQGEwJERTEc -MBoGA1UEChMTRGV1dHNjaGUgVGVsZWtvbSBBRzEfMB0GA1UECxMWVC1UZWxlU2Vj -IFRydXN0IENlbnRlcjEjMCEGA1UEAxMaRGV1dHNjaGUgVGVsZWtvbSBSb290IENB -IDIwHhcNOTkwNzA5MTIxMTAwWhcNMTkwNzA5MjM1OTAwWjBxMQswCQYDVQQGEwJE -RTEcMBoGA1UEChMTRGV1dHNjaGUgVGVsZWtvbSBBRzEfMB0GA1UECxMWVC1UZWxl -U2VjIFRydXN0IENlbnRlcjEjMCEGA1UEAxMaRGV1dHNjaGUgVGVsZWtvbSBSb290 -IENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrC6M14IspFLEU -ha88EOQ5bzVdSq7d6mGNlUn0b2SjGmBmpKlAIoTZ1KXleJMOaAGtuU1cOs7TuKhC -QN/Po7qCWWqSG6wcmtoIKyUn+WkjR/Hg6yx6m/UTAtB+NHzCnjwAWav12gz1Mjwr -rFDa1sPeg5TKqAyZMg4ISFZbavva4VhYAUlfckE8FQYBjl2tqriTtM2e66foai1S -NNs671x1Udrb8zH57nGYMsRUFUQM+ZtV7a3fGAigo4aKSe5TBY8ZTNXeWHmb0moc -QqvF1afPaA+W5OFhmHZhyJF81j4A4pFQh+GdCuatl9Idxjp9y7zaAzTVjlsB9WoH -txa2bkp/AgMBAAGjQjBAMB0GA1UdDgQWBBQxw3kbuvVT1xfgiXotF2wKsyudMzAP -BgNVHRMECDAGAQH/AgEFMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOC -AQEAlGRZrTlk5ynrE/5aw4sTV8gEJPB0d8Bg42f76Ymmg7+Wgnxu1MM9756Abrsp -tJh6sTtU6zkXR34ajgv8HzFZMQSyzhfzLMdiNlXiItiJVbSYSKpk+tYcNthEeFpa -IzpXl/V6ME+un2pMSyuOoAPjPuCp1NJ70rOo4nI8rZ7/gFnkm0W09juwzTkZmDLl -6iFhkOQxIY40sfcvNUqFENrnijchvllj4PKFiDFT1FQUhXB59C4Gdyd1Lx+4ivn+ -xbrYNuSD7Odlt79jWvNGr4GUN9RBjNYj1h7P9WgbRGOiWrqnNVmh5XAFmw4jV5mU -Cm26OWMohpLzGITY+9HPBVZkVw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDtzCCAp+gAwIBAgIQDOfg5RfYRv6P5WD8G/AwOTANBgkqhkiG9w0BAQUFADBl -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv -b3QgQ0EwHhcNMDYxMTEwMDAwMDAwWhcNMzExMTEwMDAwMDAwWjBlMQswCQYDVQQG -EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNl -cnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgQ0EwggEi -MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtDhXO5EOAXLGH87dg+XESpa7c -JpSIqvTO9SA5KFhgDPiA2qkVlTJhPLWxKISKityfCgyDF3qPkKyK53lTXDGEKvYP -mDI2dsze3Tyoou9q+yHyUmHfnyDXH+Kx2f4YZNISW1/5WBg1vEfNoTb5a3/UsDg+ -wRvDjDPZ2C8Y/igPs6eD1sNuRMBhNZYW/lmci3Zt1/GiSw0r/wty2p5g0I6QNcZ4 -VYcgoc/lbQrISXwxmDNsIumH0DJaoroTghHtORedmTpyoeb6pNnVFzF1roV9Iq4/ -AUaG9ih5yLHa5FcXxH4cDrC0kqZWs72yl+2qp/C3xag/lRbQ/6GW6whfGHdPAgMB -AAGjYzBhMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQW -BBRF66Kv9JLLgjEtUYunpyGd823IDzAfBgNVHSMEGDAWgBRF66Kv9JLLgjEtUYun -pyGd823IDzANBgkqhkiG9w0BAQUFAAOCAQEAog683+Lt8ONyc3pklL/3cmbYMuRC -dWKuh+vy1dneVrOfzM4UKLkNl2BcEkxY5NM9g0lFWJc1aRqoR+pWxnmrEthngYTf -fwk8lOa4JiwgvT2zKIn3X/8i4peEH+ll74fg38FnSbNd67IJKusm7Xi+fT8r87cm -NW1fiQG2SVufAQWbqz0lwcy2f8Lxb4bG+mRo64EtlOtCt/qMHt1i8b5QZ7dsvfPx -H2sMNgcWfzd8qVttevESRmCD1ycEvkvOl77DZypoEd+A5wwzZr8TDRRu838fYxAe -+o0bJW1sj6W3YQGx0qMmoRBxna3iw/nDmVG3KwcIzi7mULKn+gpFL6Lw8g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDljCCAn6gAwIBAgIQC5McOtY5Z+pnI7/Dr5r0SzANBgkqhkiG9w0BAQsFADBl -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv -b3QgRzIwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1MTIwMDAwWjBlMQswCQYDVQQG -EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNl -cnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgRzIwggEi -MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ5ygvUj82ckmIkzTz+GoeMVSA -n61UQbVH35ao1K+ALbkKz3X9iaV9JPrjIgwrvJUXCzO/GU1BBpAAvQxNEP4Htecc -biJVMWWXvdMX0h5i89vqbFCMP4QMls+3ywPgym2hFEwbid3tALBSfK+RbLE4E9Hp -EgjAALAcKxHad3A2m67OeYfcgnDmCXRwVWmvo2ifv922ebPynXApVfSr/5Vh88lA -bx3RvpO704gqu52/clpWcTs/1PPRCv4o76Pu2ZmvA9OPYLfykqGxvYmJHzDNw6Yu -YjOuFgJ3RFrngQo8p0Quebg/BLxcoIfhG69Rjs3sLPr4/m3wOnyqi+RnlTGNAgMB -AAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQW -BBTOw0q5mVXyuNtgv6l+vVa1lzan1jANBgkqhkiG9w0BAQsFAAOCAQEAyqVVjOPI -QW5pJ6d1Ee88hjZv0p3GeDgdaZaikmkuOGybfQTUiaWxMTeKySHMq2zNixya1r9I -0jJmwYrA8y8678Dj1JGG0VDjA9tzd29KOVPt3ibHtX2vK0LRdWLjSisCx1BL4Gni -lmwORGYQRI+tBev4eaymG+g3NJ1TyWGqolKvSnAWhsI6yLETcDbYz+70CjTVW0z9 -B5yiutkBclzzTcHdDrEcDcRjvq30FPuJ7KJBDkzMyFdA0G4Dqs0MjomZmWzwPDCv -ON9vvKO+KSAnq3T/EyJ43pdSVR6DtVQgA+6uwE9W3jfMw3+qBCe703e4YtsXfJwo -IhNzbM8m9Yop5w== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICRjCCAc2gAwIBAgIQC6Fa+h3foLVJRK/NJKBs7DAKBggqhkjOPQQDAzBlMQsw -CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu -ZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3Qg -RzMwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1MTIwMDAwWjBlMQswCQYDVQQGEwJV -UzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQu -Y29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgRzMwdjAQBgcq -hkjOPQIBBgUrgQQAIgNiAAQZ57ysRGXtzbg/WPuNsVepRC0FFfLvC/8QdJ+1YlJf -Zn4f5dwbRXkLzMZTCp2NXQLZqVneAlr2lSoOjThKiknGvMYDOAdfVdp+CW7if17Q -RSAPWXYQ1qAk8C3eNvJsKTmjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/ -BAQDAgGGMB0GA1UdDgQWBBTL0L2p4ZgFUaFNN6KDec6NHSrkhDAKBggqhkjOPQQD -AwNnADBkAjAlpIFFAmsSS3V0T8gj43DydXLefInwz5FyYZ5eEJJZVrmDxxDnOOlY -JjZ91eQ0hjkCMHw2U/Aw5WJjOpnitqM7mzT6HtoQknFekROn3aRukswy1vUhZscv -6pZjamVFkpUBtA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD -QTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT -MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j -b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG -9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB -CSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97 -nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt -43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P -T19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4 -gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO -BgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR -TLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw -DQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr -hMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg -06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF -PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls -YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk -CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDjjCCAnagAwIBAgIQAzrx5qcRqaC7KGSxHQn65TANBgkqhkiG9w0BAQsFADBh -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH -MjAeFw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAwMDBaMGExCzAJBgNVBAYTAlVT -MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j -b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEcyMIIBIjANBgkqhkiG -9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzfNNNx7a8myaJCtSnX/RrohCgiN9RlUyfuI -2/Ou8jqJkTx65qsGGmvPrC3oXgkkRLpimn7Wo6h+4FR1IAWsULecYxpsMNzaHxmx -1x7e/dfgy5SDN67sH0NO3Xss0r0upS/kqbitOtSZpLYl6ZtrAGCSYP9PIUkY92eQ -q2EGnI/yuum06ZIya7XzV+hdG82MHauVBJVJ8zUtluNJbd134/tJS7SsVQepj5Wz -tCO7TG1F8PapspUwtP1MVYwnSlcUfIKdzXOS0xZKBgyMUNGPHgm+F6HmIcr9g+UQ -vIOlCsRnKPZzFBQ9RnbDhxSJITRNrw9FDKZJobq7nMWxM4MphQIDAQABo0IwQDAP -BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUTiJUIBiV -5uNu5g/6+rkS7QYXjzkwDQYJKoZIhvcNAQELBQADggEBAGBnKJRvDkhj6zHd6mcY -1Yl9PMWLSn/pvtsrF9+wX3N3KjITOYFnQoQj8kVnNeyIv/iPsGEMNKSuIEyExtv4 -NeF22d+mQrvHRAiGfzZ0JFrabA0UWTW98kndth/Jsw1HKj2ZL7tcu7XUIOGZX1NG -Fdtom/DzMNU+MeKNhJ7jitralj41E6Vf8PlwUHBHQRFXGU7Aj64GxJUTFy8bJZ91 -8rGOmaFvE7FBcf6IKshPECBV1/MUReXgRPTqh5Uykw7+U0b6LJ3/iyK5S9kJRaTe -pLiaWN0bfVKfjllDiIGknibVb63dDcY3fe0Dkhvld1927jyNxF1WW6LZZm6zNTfl -MrY= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICPzCCAcWgAwIBAgIQBVVWvPJepDU1w6QP1atFcjAKBggqhkjOPQQDAzBhMQsw -CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu -ZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBHMzAe -Fw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAwMDBaMGExCzAJBgNVBAYTAlVTMRUw -EwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20x -IDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEczMHYwEAYHKoZIzj0CAQYF -K4EEACIDYgAE3afZu4q4C/sLfyHS8L6+c/MzXRq8NOrexpu80JX28MzQC7phW1FG -fp4tn+6OYwwX7Adw9c+ELkCDnOg/QW07rdOkFFk2eJ0DQ+4QE2xy3q6Ip6FrtUPO -Z9wj/wMco+I+o0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAd -BgNVHQ4EFgQUs9tIpPmhxdiuNkHMEWNpYim8S8YwCgYIKoZIzj0EAwMDaAAwZQIx -AK288mw/EkrRLTnDCgmXc/SINoyIJ7vmiI1Qhadj+Z4y3maTD/HMsQmP3Wyr+mt/ -oAIwOWZbwmSNuJ5Q3KjVSaLtx9zRSX8XAbjIho9OjIgrqJqpisXRAL34VOKa5Vt8 -sycX ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDxTCCAq2gAwIBAgIQAqxcJmoLQJuPC3nyrkYldzANBgkqhkiG9w0BAQUFADBs -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j -ZSBFViBSb290IENBMB4XDTA2MTExMDAwMDAwMFoXDTMxMTExMDAwMDAwMFowbDEL -MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3 -LmRpZ2ljZXJ0LmNvbTErMCkGA1UEAxMiRGlnaUNlcnQgSGlnaCBBc3N1cmFuY2Ug -RVYgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMbM5XPm -+9S75S0tMqbf5YE/yc0lSbZxKsPVlDRnogocsF9ppkCxxLeyj9CYpKlBWTrT3JTW -PNt0OKRKzE0lgvdKpVMSOO7zSW1xkX5jtqumX8OkhPhPYlG++MXs2ziS4wblCJEM -xChBVfvLWokVfnHoNb9Ncgk9vjo4UFt3MRuNs8ckRZqnrG0AFFoEt7oT61EKmEFB -Ik5lYYeBQVCmeVyJ3hlKV9Uu5l0cUyx+mM0aBhakaHPQNAQTXKFx01p8VdteZOE3 -hzBWBOURtCmAEvF5OYiiAhF8J2a3iLd48soKqDirCmTCv2ZdlYTBoSUeh10aUAsg -EsxBu24LUTi4S8sCAwEAAaNjMGEwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQF -MAMBAf8wHQYDVR0OBBYEFLE+w2kD+L9HAdSYJhoIAu9jZCvDMB8GA1UdIwQYMBaA -FLE+w2kD+L9HAdSYJhoIAu9jZCvDMA0GCSqGSIb3DQEBBQUAA4IBAQAcGgaX3Nec -nzyIZgYIVyHbIUf4KmeqvxgydkAQV8GK83rZEWWONfqe/EW1ntlMMUu4kehDLI6z -eM7b41N5cdblIZQB2lWHmiRk9opmzN6cN82oNLFpmyPInngiK3BD41VHMWEZ71jF -hS9OMPagMRYjyOfiZRYzy78aG6A9+MpeizGLYAiJLQwGXFK3xPkKmNEVX58Svnw2 -Yzi9RKR/5CYrCsSXaQ3pjOLAEFe4yHYSkVXySGnYvCoCWw9E1CAx2/S6cCZdkGCe -vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep -+OkuE6N36B9K ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFkDCCA3igAwIBAgIQBZsbV56OITLiOQe9p3d1XDANBgkqhkiG9w0BAQwFADBi -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSEwHwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3Qg -RzQwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1MTIwMDAwWjBiMQswCQYDVQQGEwJV -UzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQu -Y29tMSEwHwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3QgRzQwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQC/5pBzaN675F1KPDAiMGkz7MKnJS7JIT3y -ithZwuEppz1Yq3aaza57G4QNxDAf8xukOBbrVsaXbR2rsnnyyhHS5F/WBTxSD1If -xp4VpX6+n6lXFllVcq9ok3DCsrp1mWpzMpTREEQQLt+C8weE5nQ7bXHiLQwb7iDV -ySAdYyktzuxeTsiT+CFhmzTrBcZe7FsavOvJz82sNEBfsXpm7nfISKhmV1efVFiO -DCu3T6cw2Vbuyntd463JT17lNecxy9qTXtyOj4DatpGYQJB5w3jHtrHEtWoYOAMQ -jdjUN6QuBX2I9YI+EJFwq1WCQTLX2wRzKm6RAXwhTNS8rhsDdV14Ztk6MUSaM0C/ -CNdaSaTC5qmgZ92kJ7yhTzm1EVgX9yRcRo9k98FpiHaYdj1ZXUJ2h4mXaXpI8OCi -EhtmmnTK3kse5w5jrubU75KSOp493ADkRSWJtppEGSt+wJS00mFt6zPZxd9LBADM -fRyVw4/3IbKyEbe7f/LVjHAsQWCqsWMYRJUadmJ+9oCw++hkpjPRiQfhvbfmQ6QY -uKZ3AeEPlAwhHbJUKSWJbOUOUlFHdL4mrLZBdd56rF+NP8m800ERElvlEFDrMcXK -chYiCd98THU/Y+whX8QgUWtvsauGi0/C1kVfnSD8oR7FwI+isX4KJpn15GkvmB0t -9dmpsh3lGwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB -hjAdBgNVHQ4EFgQU7NfjgtJxXWRM3y5nP+e6mK4cD08wDQYJKoZIhvcNAQEMBQAD -ggIBALth2X2pbL4XxJEbw6GiAI3jZGgPVs93rnD5/ZpKmbnJeFwMDF/k5hQpVgs2 -SV1EY+CtnJYYZhsjDT156W1r1lT40jzBQ0CuHVD1UvyQO7uYmWlrx8GnqGikJ9yd -+SeuMIW59mdNOj6PWTkiU0TryF0Dyu1Qen1iIQqAyHNm0aAFYF/opbSnr6j3bTWc -fFqK1qI4mfN4i/RN0iAL3gTujJtHgXINwBQy7zBZLq7gcfJW5GqXb5JQbZaNaHqa -sjYUegbyJLkJEVDXCLG4iXqEI2FCKeWjzaIgQdfRnGTZ6iahixTXTBmyUEFxPT9N -cCOGDErcgdLMMpSEDQgJlxxPwO5rIHQw0uA5NBCFIRUBCOhVMt5xSdkoF1BN5r5N -0XWs0Mr7QbhDparTwwVETyw2m+L64kW4I1NsBm9nVX9GtUw/bihaeSbSpKhil9Ie -4u1Ki7wb/UdKDd9nZn6yW0HQO+T0O/QEY+nvwlQAUaCKKsnOeMzV6ocEGLPOr0mI -r/OSmbaz5mEP0oUA51Aa5BuVnRmhuZyxm7EAHu/QD09CbMkKvO5D+jpxpchNJqU1 -/YldvIViHTLSoCtU7ZpXwdv6EM8Zt4tKG48BtieVU+i2iW1bvGjUI+iLUaJW+fCm -gKDWHrO8Dw9TdSmq6hN35N6MgSGtBxBHEa2HPQfRdbzP82Z+ ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIGSzCCBDOgAwIBAgIIamg+nFGby1MwDQYJKoZIhvcNAQELBQAwgbIxCzAJBgNV -BAYTAlRSMQ8wDQYDVQQHDAZBbmthcmExQDA+BgNVBAoMN0UtVHXEn3JhIEVCRyBC -aWxpxZ9pbSBUZWtub2xvamlsZXJpIHZlIEhpem1ldGxlcmkgQS7Fni4xJjAkBgNV -BAsMHUUtVHVncmEgU2VydGlmaWthc3lvbiBNZXJrZXppMSgwJgYDVQQDDB9FLVR1 -Z3JhIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTEzMDMwNTEyMDk0OFoXDTIz -MDMwMzEyMDk0OFowgbIxCzAJBgNVBAYTAlRSMQ8wDQYDVQQHDAZBbmthcmExQDA+ -BgNVBAoMN0UtVHXEn3JhIEVCRyBCaWxpxZ9pbSBUZWtub2xvamlsZXJpIHZlIEhp -em1ldGxlcmkgQS7Fni4xJjAkBgNVBAsMHUUtVHVncmEgU2VydGlmaWthc3lvbiBN -ZXJrZXppMSgwJgYDVQQDDB9FLVR1Z3JhIENlcnRpZmljYXRpb24gQXV0aG9yaXR5 -MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA4vU/kwVRHoViVF56C/UY -B4Oufq9899SKa6VjQzm5S/fDxmSJPZQuVIBSOTkHS0vdhQd2h8y/L5VMzH2nPbxH -D5hw+IyFHnSOkm0bQNGZDbt1bsipa5rAhDGvykPL6ys06I+XawGb1Q5KCKpbknSF -Q9OArqGIW66z6l7LFpp3RMih9lRozt6Plyu6W0ACDGQXwLWTzeHxE2bODHnv0ZEo -q1+gElIwcxmOj+GMB6LDu0rw6h8VqO4lzKRG+Bsi77MOQ7osJLjFLFzUHPhdZL3D -k14opz8n8Y4e0ypQBaNV2cvnOVPAmJ6MVGKLJrD3fY185MaeZkJVgkfnsliNZvcH -fC425lAcP9tDJMW/hkd5s3kc91r0E+xs+D/iWR+V7kI+ua2oMoVJl0b+SzGPWsut -dEcf6ZG33ygEIqDUD13ieU/qbIWGvaimzuT6w+Gzrt48Ue7LE3wBf4QOXVGUnhMM -ti6lTPk5cDZvlsouDERVxcr6XQKj39ZkjFqzAQqptQpHF//vkUAqjqFGOjGY5RH8 -zLtJVor8udBhmm9lbObDyz51Sf6Pp+KJxWfXnUYTTjF2OySznhFlhqt/7x3U+Lzn -rFpct1pHXFXOVbQicVtbC/DP3KBhZOqp12gKY6fgDT+gr9Oq0n7vUaDmUStVkhUX -U8u3Zg5mTPj5dUyQ5xJwx0UCAwEAAaNjMGEwHQYDVR0OBBYEFC7j27JJ0JxUeVz6 -Jyr+zE7S6E5UMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAULuPbsknQnFR5 -XPonKv7MTtLoTlQwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4ICAQAF -Nzr0TbdF4kV1JI+2d1LoHNgQk2Xz8lkGpD4eKexd0dCrfOAKkEh47U6YA5n+KGCR -HTAduGN8qOY1tfrTYXbm1gdLymmasoR6d5NFFxWfJNCYExL/u6Au/U5Mh/jOXKqY -GwXgAEZKgoClM4so3O0409/lPun++1ndYYRP0lSWE2ETPo+Aab6TR7U1Q9Jauz1c -77NCR807VRMGsAnb/WP2OogKmW9+4c4bU2pEZiNRCHu8W1Ki/QY3OEBhj0qWuJA3 -+GbHeJAAFS6LrVE1Uweoa2iu+U48BybNCAVwzDk/dr2l02cmAYamU9JgO3xDf1WK -vJUawSg5TB9D0pH0clmKuVb8P7Sd2nCcdlqMQ1DujjByTd//SffGqWfZbawCEeI6 -FiWnWAjLb1NBnEg4R2gz0dfHj9R0IdTDBZB6/86WiLEVKV0jq9BgoRJP3vQXzTLl -yb/IQ639Lo7xr+L0mPoSHyDYwKcMhcWQ9DstliaxLL5Mq+ux0orJ23gTDx4JnW2P -AJ8C2sH6H3p6CcRK5ogql5+Ji/03X186zjhZhkuvcQu02PJwT58yE+Owp1fl2tpD -y4Q08ijE6m30Ku/Ba3ba+367hTzSU8JNvnHhRdH9I2cNE3X7z2VnIp2usAnRCf8d -NL/+I5c30jn6PQ0GC7TbO6Orb1wdtn7os4I07QZcJA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFVjCCBD6gAwIBAgIQ7is969Qh3hSoYqwE893EATANBgkqhkiG9w0BAQUFADCB -8zELMAkGA1UEBhMCRVMxOzA5BgNVBAoTMkFnZW5jaWEgQ2F0YWxhbmEgZGUgQ2Vy -dGlmaWNhY2lvIChOSUYgUS0wODAxMTc2LUkpMSgwJgYDVQQLEx9TZXJ2ZWlzIFB1 -YmxpY3MgZGUgQ2VydGlmaWNhY2lvMTUwMwYDVQQLEyxWZWdldSBodHRwczovL3d3 -dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbCAoYykwMzE1MDMGA1UECxMsSmVyYXJxdWlh -IEVudGl0YXRzIGRlIENlcnRpZmljYWNpbyBDYXRhbGFuZXMxDzANBgNVBAMTBkVD -LUFDQzAeFw0wMzAxMDcyMzAwMDBaFw0zMTAxMDcyMjU5NTlaMIHzMQswCQYDVQQG -EwJFUzE7MDkGA1UEChMyQWdlbmNpYSBDYXRhbGFuYSBkZSBDZXJ0aWZpY2FjaW8g -KE5JRiBRLTA4MDExNzYtSSkxKDAmBgNVBAsTH1NlcnZlaXMgUHVibGljcyBkZSBD -ZXJ0aWZpY2FjaW8xNTAzBgNVBAsTLFZlZ2V1IGh0dHBzOi8vd3d3LmNhdGNlcnQu -bmV0L3ZlcmFycmVsIChjKTAzMTUwMwYDVQQLEyxKZXJhcnF1aWEgRW50aXRhdHMg -ZGUgQ2VydGlmaWNhY2lvIENhdGFsYW5lczEPMA0GA1UEAxMGRUMtQUNDMIIBIjAN -BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyLHT+KXQpWIR4NA9h0X84NzJB5R -85iKw5K4/0CQBXCHYMkAqbWUZRkiFRfCQ2xmRJoNBD45b6VLeqpjt4pEndljkYRm -4CgPukLjbo73FCeTae6RDqNfDrHrZqJyTxIThmV6PttPB/SnCWDaOkKZx7J/sxaV -HMf5NLWUhdWZXqBIoH7nF2W4onW4HvPlQn2v7fOKSGRdghST2MDk/7NQcvJ29rNd -QlB50JQ+awwAvthrDk4q7D7SzIKiGGUzE3eeml0aE9jD2z3Il3rucO2n5nzbcc8t -lGLfbdb1OL4/pYUKGbio2Al1QnDE6u/LDsg0qBIimAy4E5S2S+zw0JDnJwIDAQAB -o4HjMIHgMB0GA1UdEQQWMBSBEmVjX2FjY0BjYXRjZXJ0Lm5ldDAPBgNVHRMBAf8E -BTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUoMOLRKo3pUW/l4Ba0fF4 -opvpXY0wfwYDVR0gBHgwdjB0BgsrBgEEAfV4AQMBCjBlMCwGCCsGAQUFBwIBFiBo -dHRwczovL3d3dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbDA1BggrBgEFBQcCAjApGidW -ZWdldSBodHRwczovL3d3dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbCAwDQYJKoZIhvcN -AQEFBQADggEBAKBIW4IB9k1IuDlVNZyAelOZ1Vr/sXE7zDkJlF7W2u++AVtd0x7Y -/X1PzaBB4DSTv8vihpw3kpBWHNzrKQXlxJ7HNd+KDM3FIUPpqojlNcAZQmNaAl6k -SBg6hW/cnbw/nZzBh7h6YQjpdwt/cKt63dmXLGQehb+8dJahw3oS7AwaboMMPOhy -Rp/7SNVel+axofjk70YllJyJ22k4vuxcDlbHZVHlUIiIv0LVKz3l+bqeLrPK9HOS -Agu+TGbrIP65y7WZf+a2E/rKS03Z7lNGBjvGTq2TWoF+bCpLagVFjPIhpDGQh2xl -nJ2lYJU6Un/10asIbvPuW/mIPX64b24D5EI= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEAzCCAuugAwIBAgIQVID5oHPtPwBMyonY43HmSjANBgkqhkiG9w0BAQUFADB1 -MQswCQYDVQQGEwJFRTEiMCAGA1UECgwZQVMgU2VydGlmaXRzZWVyaW1pc2tlc2t1 -czEoMCYGA1UEAwwfRUUgQ2VydGlmaWNhdGlvbiBDZW50cmUgUm9vdCBDQTEYMBYG -CSqGSIb3DQEJARYJcGtpQHNrLmVlMCIYDzIwMTAxMDMwMTAxMDMwWhgPMjAzMDEy -MTcyMzU5NTlaMHUxCzAJBgNVBAYTAkVFMSIwIAYDVQQKDBlBUyBTZXJ0aWZpdHNl -ZXJpbWlza2Vza3VzMSgwJgYDVQQDDB9FRSBDZXJ0aWZpY2F0aW9uIENlbnRyZSBS -b290IENBMRgwFgYJKoZIhvcNAQkBFglwa2lAc2suZWUwggEiMA0GCSqGSIb3DQEB -AQUAA4IBDwAwggEKAoIBAQDIIMDs4MVLqwd4lfNE7vsLDP90jmG7sWLqI9iroWUy -euuOF0+W2Ap7kaJjbMeMTC55v6kF/GlclY1i+blw7cNRfdCT5mzrMEvhvH2/UpvO -bntl8jixwKIy72KyaOBhU8E2lf/slLo2rpwcpzIP5Xy0xm90/XsY6KxX7QYgSzIw -WFv9zajmofxwvI6Sc9uXp3whrj3B9UiHbCe9nyV0gVWw93X2PaRka9ZP585ArQ/d -MtO8ihJTmMmJ+xAdTX7Nfh9WDSFwhfYggx/2uh8Ej+p3iDXE/+pOoYtNP2MbRMNE -1CV2yreN1x5KZmTNXMWcg+HCCIia7E6j8T4cLNlsHaFLAgMBAAGjgYowgYcwDwYD -VR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFBLyWj7qVhy/ -zQas8fElyalL1BSZMEUGA1UdJQQ+MDwGCCsGAQUFBwMCBggrBgEFBQcDAQYIKwYB -BQUHAwMGCCsGAQUFBwMEBggrBgEFBQcDCAYIKwYBBQUHAwkwDQYJKoZIhvcNAQEF -BQADggEBAHv25MANqhlHt01Xo/6tu7Fq1Q+e2+RjxY6hUFaTlrg4wCQiZrxTFGGV -v9DHKpY5P30osxBAIWrEr7BSdxjhlthWXePdNl4dp1BUoMUq5KqMlIpPnTX/dqQG -E5Gion0ARD9V04I8GtVbvFZMIi5GQ4okQC3zErg7cBqklrkar4dBGmoYDQZPxz5u -uSlNDUmJEYcyW+ZLBMjkXOZ0c5RdFpgTlf7727FE5TpwrDdr5rMzcijJs1eg9gIW -iAYLtqZLICjU3j2LrTcFU3T+bsy8QxdxXvnFzBqpYe73dgzzcvRyrc9yAjYHR8/v -GVCJYMzpJJUPwssd8m92kMfMdcGWxZ0= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEKjCCAxKgAwIBAgIEOGPe+DANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChML -RW50cnVzdC5uZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNfMjA0OCBp -bmNvcnAuIGJ5IHJlZi4gKGxpbWl0cyBsaWFiLikxJTAjBgNVBAsTHChjKSAxOTk5 -IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNVBAMTKkVudHJ1c3QubmV0IENlcnRp -ZmljYXRpb24gQXV0aG9yaXR5ICgyMDQ4KTAeFw05OTEyMjQxNzUwNTFaFw0yOTA3 -MjQxNDE1MTJaMIG0MRQwEgYDVQQKEwtFbnRydXN0Lm5ldDFAMD4GA1UECxQ3d3d3 -LmVudHJ1c3QubmV0L0NQU18yMDQ4IGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxp -YWIuKTElMCMGA1UECxMcKGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDEzMDEG -A1UEAxMqRW50cnVzdC5uZXQgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgKDIwNDgp -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArU1LqRKGsuqjIAcVFmQq -K0vRvwtKTY7tgHalZ7d4QMBzQshowNtTK91euHaYNZOLGp18EzoOH1u3Hs/lJBQe -sYGpjX24zGtLA/ECDNyrpUAkAH90lKGdCCmziAv1h3edVc3kw37XamSrhRSGlVuX -MlBvPci6Zgzj/L24ScF2iUkZ/cCovYmjZy/Gn7xxGWC4LeksyZB2ZnuU4q941mVT -XTzWnLLPKQP5L6RQstRIzgUyVYr9smRMDuSYB3Xbf9+5CFVghTAp+XtIpGmG4zU/ -HoZdenoVve8AjhUiVBcAkCaTvA5JaJG/+EfTnZVCwQ5N328mz8MYIWJmQ3DW1cAH -4QIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV -HQ4EFgQUVeSB0RGAvtiJuQijMfmhJAkWuXAwDQYJKoZIhvcNAQEFBQADggEBADub -j1abMOdTmXx6eadNl9cZlZD7Bh/KM3xGY4+WZiT6QBshJ8rmcnPyT/4xmf3IDExo -U8aAghOY+rat2l098c5u9hURlIIM7j+VrxGrD9cv3h8Dj1csHsm7mhpElesYT6Yf -zX1XEC+bBAlahLVu2B064dae0Wx5XnkcFMXj0EyTO2U87d89vqbllRrDtRnDvV5b -u/8j72gZyxKTJ1wDLW8w0B62GqzeWvfRqqgnpv55gcR5mTNXuhKwqeBCbJPKVt7+ -bYQLCIt+jerXmCHG8+c8eS9enNFMFY3h7CI3zJpDC5fcgJCNs2ebb0gIFVbPv/Er -fF6adulZkMV8gzURZVE= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEkTCCA3mgAwIBAgIERWtQVDANBgkqhkiG9w0BAQUFADCBsDELMAkGA1UEBhMC -VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xOTA3BgNVBAsTMHd3dy5lbnRydXN0 -Lm5ldC9DUFMgaXMgaW5jb3Jwb3JhdGVkIGJ5IHJlZmVyZW5jZTEfMB0GA1UECxMW -KGMpIDIwMDYgRW50cnVzdCwgSW5jLjEtMCsGA1UEAxMkRW50cnVzdCBSb290IENl -cnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA2MTEyNzIwMjM0MloXDTI2MTEyNzIw -NTM0MlowgbAxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMTkw -NwYDVQQLEzB3d3cuZW50cnVzdC5uZXQvQ1BTIGlzIGluY29ycG9yYXRlZCBieSBy -ZWZlcmVuY2UxHzAdBgNVBAsTFihjKSAyMDA2IEVudHJ1c3QsIEluYy4xLTArBgNV -BAMTJEVudHJ1c3QgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASIwDQYJ -KoZIhvcNAQEBBQADggEPADCCAQoCggEBALaVtkNC+sZtKm9I35RMOVcF7sN5EUFo -Nu3s/poBj6E4KPz3EEZmLk0eGrEaTsbRwJWIsMn/MYszA9u3g3s+IIRe7bJWKKf4 -4LlAcTfFy0cOlypowCKVYhXbR9n10Cv/gkvJrT7eTNuQgFA/CYqEAOwwCj0Yzfv9 -KlmaI5UXLEWeH25DeW0MXJj+SKfFI0dcXv1u5x609mhF0YaDW6KKjbHjKYD+JXGI -rb68j6xSlkuqUY3kEzEZ6E5Nn9uss2rVvDlUccp6en+Q3X0dgNmBu1kmwhH+5pPi -94DkZfs0Nw4pgHBNrziGLp5/V6+eF67rHMsoIV+2HNjnogQi+dPa2MsCAwEAAaOB -sDCBrTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zArBgNVHRAEJDAi -gA8yMDA2MTEyNzIwMjM0MlqBDzIwMjYxMTI3MjA1MzQyWjAfBgNVHSMEGDAWgBRo -kORnpKZTgMeGZqTx90tD+4S9bTAdBgNVHQ4EFgQUaJDkZ6SmU4DHhmak8fdLQ/uE -vW0wHQYJKoZIhvZ9B0EABBAwDhsIVjcuMTo0LjADAgSQMA0GCSqGSIb3DQEBBQUA -A4IBAQCT1DCw1wMgKtD5Y+iRDAUgqV8ZyntyTtSx29CW+1RaGSwMCPeyvIWonX9t -O1KzKtvn1ISMY/YPyyYBkVBs9F8U4pN0wBOeMDpQ47RgxRzwIkSNcUesyBrJ6Zua -AGAT/3B+XxFNSRuzFVJ7yVTav52Vr2ua2J7p8eRDjeIRRDq/r72DQnNSi6q7pynP -9WQcCk3RvKqsnyrQ/39/2n3qse0wJcGE2jTSW3iDVuycNsMm4hH2Z0kdkquM++v/ -eu6FSqdQgPCnXEqULl8FmTxSQeDNtGPPAUO6nIPcj2A781q0tHuu2guQOHXvgR1m -0vdXcDazv/wor3ElhVsT/h5/WrQ8 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIC+TCCAoCgAwIBAgINAKaLeSkAAAAAUNCR+TAKBggqhkjOPQQDAzCBvzELMAkG -A1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3 -d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDEyIEVu -dHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEzMDEGA1UEAxMq -RW50cnVzdCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRUMxMB4XDTEy -MTIxODE1MjUzNloXDTM3MTIxODE1NTUzNlowgb8xCzAJBgNVBAYTAlVTMRYwFAYD -VQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQLEx9TZWUgd3d3LmVudHJ1c3QubmV0 -L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykgMjAxMiBFbnRydXN0LCBJbmMuIC0g -Zm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxMzAxBgNVBAMTKkVudHJ1c3QgUm9vdCBD -ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEVDMTB2MBAGByqGSM49AgEGBSuBBAAi -A2IABIQTydC6bUF74mzQ61VfZgIaJPRbiWlH47jCffHyAsWfoPZb1YsGGYZPUxBt -ByQnoaD41UcZYUx9ypMn6nQM72+WCf5j7HBdNq1nd67JnXxVRDqiY1Ef9eNi1KlH -Bz7MIKNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O -BBYEFLdj5xrdjekIplWDpOBqUEFlEUJJMAoGCCqGSM49BAMDA2cAMGQCMGF52OVC -R98crlOZF7ZvHH3hvxGU0QOIdeSNiaSKd0bebWHvAvX7td/M/k7//qnmpwIwW5nX -hTcGtXsI/esni0qU+eH6p44mCOh8kmhtc9hvJqwhAriZtyZBWyVgrtBIGu4G ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEPjCCAyagAwIBAgIESlOMKDANBgkqhkiG9w0BAQsFADCBvjELMAkGA1UEBhMC -VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50 -cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDA5IEVudHJ1c3Qs -IEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEyMDAGA1UEAxMpRW50cnVz -dCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzIwHhcNMDkwNzA3MTcy -NTU0WhcNMzAxMjA3MTc1NTU0WjCBvjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVu -dHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwt -dGVybXMxOTA3BgNVBAsTMChjKSAyMDA5IEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0 -aG9yaXplZCB1c2Ugb25seTEyMDAGA1UEAxMpRW50cnVzdCBSb290IENlcnRpZmlj -YXRpb24gQXV0aG9yaXR5IC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK -AoIBAQC6hLZy254Ma+KZ6TABp3bqMriVQRrJ2mFOWHLP/vaCeb9zYQYKpSfYs1/T -RU4cctZOMvJyig/3gxnQaoCAAEUesMfnmr8SVycco2gvCoe9amsOXmXzHHfV1IWN -cCG0szLni6LVhjkCsbjSR87kyUnEO6fe+1R9V77w6G7CebI6C1XiUJgWMhNcL3hW -wcKUs/Ja5CeanyTXxuzQmyWC48zCxEXFjJd6BmsqEZ+pCm5IO2/b1BEZQvePB7/1 -U1+cPvQXLOZprE4yTGJ36rfo5bs0vBmLrpxR57d+tVOxMyLlbc9wPBr64ptntoP0 -jaWvYkxN4FisZDQSA/i2jZRjJKRxAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAP -BgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRqciZ60B7vfec7aVHUbI2fkBJmqzAN -BgkqhkiG9w0BAQsFAAOCAQEAeZ8dlsa2eT8ijYfThwMEYGprmi5ZiXMRrEPR9RP/ -jTkrwPK9T3CMqS/qF8QLVJ7UG5aYMzyorWKiAHarWWluBh1+xLlEjZivEtRh2woZ -Rkfz6/djwUAFQKXSt/S1mja/qYh2iARVBCuch38aNzx+LaUa2NSJXsq9rD1s2G2v -1fN2D807iDginWyTmsQ9v4IbZT+mD12q/OWyFcq1rca8PdCE6OoGcrBNOTJ4vz4R -nAuknZoh8/CbCzB428Hch0P+vGOaysXCHMnHjf87ElgI5rY97HosTvuDls4MPGmH -VHOkc8KT/1EQrBVUAdj8BbGJoX90g5pJ19xOe4pIb4tF9g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFiDCCA3CgAwIBAgIIfQmX/vBH6nowDQYJKoZIhvcNAQELBQAwYjELMAkGA1UE -BhMCQ04xMjAwBgNVBAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZ -IENPLixMVEQuMR8wHQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMB4XDTE0 -MTEyNjA1MTMxNVoXDTQwMTIzMTE1NTk1OVowYjELMAkGA1UEBhMCQ04xMjAwBgNV -BAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZIENPLixMVEQuMR8w -HQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMIICIjANBgkqhkiG9w0BAQEF -AAOCAg8AMIICCgKCAgEA2aMW8Mh0dHeb7zMNOwZ+Vfy1YI92hhJCfVZmPoiC7XJj -Dp6L3TQsAlFRwxn9WVSEyfFrs0yw6ehGXTjGoqcuEVe6ghWinI9tsJlKCvLriXBj -TnnEt1u9ol2x8kECK62pOqPseQrsXzrj/e+APK00mxqriCZ7VqKChh/rNYmDf1+u -KU49tm7srsHwJ5uu4/Ts765/94Y9cnrrpftZTqfrlYwiOXnhLQiPzLyRuEH3FMEj -qcOtmkVEs7LXLM3GKeJQEK5cy4KOFxg2fZfmiJqwTTQJ9Cy5WmYqsBebnh52nUpm -MUHfP/vFBu8btn4aRjb3ZGM74zkYI+dndRTVdVeSN72+ahsmUPI2JgaQxXABZG12 -ZuGR224HwGGALrIuL4xwp9E7PLOR5G62xDtw8mySlwnNR30YwPO7ng/Wi64HtloP -zgsMR6flPri9fcebNaBhlzpBdRfMK5Z3KpIhHtmVdiBnaM8Nvd/WHwlqmuLMc3Gk -L30SgLdTMEZeS1SZD2fJpcjyIMGC7J0R38IC+xo70e0gmu9lZJIQDSri3nDxGGeC -jGHeuLzRL5z7D9Ar7Rt2ueQ5Vfj4oR24qoAATILnsn8JuLwwoC8N9VKejveSswoA -HQBUlwbgsQfZxw9cZX08bVlX5O2ljelAU58VS6Bx9hoh49pwBiFYFIeFd3mqgnkC -AwEAAaNCMEAwHQYDVR0OBBYEFOLJQJ9NzuiaoXzPDj9lxSmIahlRMA8GA1UdEwEB -/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQDRSVfg -p8xoWLoBDysZzY2wYUWsEe1jUGn4H3++Fo/9nesLqjJHdtJnJO29fDMylyrHBYZm -DRd9FBUb1Ov9H5r2XpdptxolpAqzkT9fNqyL7FeoPueBihhXOYV0GkLH6VsTX4/5 -COmSdI31R9KrO9b7eGZONn356ZLpBN79SWP8bfsUcZNnL0dKt7n/HipzcEYwv1ry -L3ml4Y0M2fmyYzeMN2WFcGpcWwlyua1jPLHd+PwyvzeG5LuOmCd+uh8W4XAR8gPf -JWIyJyYYMoSf/wA6E7qaTfRPuBRwIrHKK5DOKcFw9C+df/KQHtZa37dG/OaG+svg -IHZ6uqbL9XzeYqWxi+7egmaKTjowHz+Ay60nugxe19CxVsp3cbK1daFQqUBDF8Io -2c9Si1vIY9RCPqAzekYu9wogRlR+ak8x8YF+QnQ4ZXMn7sZ8uI7XpTrXmKGcjBBV -09tL7ECQ8s1uV9JiDnxXk7Gnbc2dg7sq5+W2O3FYrf3RRbxake5TFW/TRQl1brqQ -XR4EzzffHqhmsYzmIGrv/EhOdJhCrylvLmrH+33RZjEizIYAfmaDDEL0vTSSwxrq -T8p+ck0LcIymSLumoRT2+1hEmRSuqguTaaApJUqlyyvdimYHFngVV3Eb7PVHhPOe -MTd61X8kreS8/f3MboPoDKi3QWwH3b08hpcv0g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT -MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i -YWwgQ0EwHhcNMDIwNTIxMDQwMDAwWhcNMjIwNTIxMDQwMDAwWjBCMQswCQYDVQQG -EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMSR2VvVHJ1c3Qg -R2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2swYYzD9 -9BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9mOSm9BXiLnTjoBbdq -fnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIuT8rxh0PBFpVXLVDv -iS2Aelet8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6cJmTM386DGXHKTubU -1XupGc1V3sjs0l44U+VcT4wt/lAjNvxm5suOpDkZALeVAjmRCw7+OC7RHQWa9k0+ -bw8HHa8sHo9gOeL6NlMTOdReJivbPagUvTLrGAMoUgRx5aszPeE4uwc2hGKceeoW -MPRfwCvocWvk+QIDAQABo1MwUTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTA -ephojYn7qwVkDBF9qn1luMrMTjAfBgNVHSMEGDAWgBTAephojYn7qwVkDBF9qn1l -uMrMTjANBgkqhkiG9w0BAQUFAAOCAQEANeMpauUvXVSOKVCUn5kaFOSPeCpilKIn -Z57QzxpeR+nBsqTP3UEaBU6bS+5Kb1VSsyShNwrrZHYqLizz/Tt1kL/6cdjHPTfS -tQWVYrmm3ok9Nns4d0iXrKYgjy6myQzCsplFAMfOEVEiIuCl6rYVSAlk6l5PdPcF -PseKUgzbFbS9bZvlxrFUaKnjaZC2mqUPuLk/IH2uSrW4nOQdtqvmlKXBx4Ot2/Un -hw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6pXE0zX5IJL4hmXXeXxx12E6nV -5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvmMw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDfDCCAmSgAwIBAgIQGKy1av1pthU6Y2yv2vrEoTANBgkqhkiG9w0BAQUFADBY -MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjExMC8GA1UEAxMo -R2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNjEx -MjcwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMFgxCzAJBgNVBAYTAlVTMRYwFAYDVQQK -Ew1HZW9UcnVzdCBJbmMuMTEwLwYDVQQDEyhHZW9UcnVzdCBQcmltYXJ5IENlcnRp -ZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC -AQEAvrgVe//UfH1nrYNke8hCUy3f9oQIIGHWAVlqnEQRr+92/ZV+zmEwu3qDXwK9 -AWbK7hWNb6EwnL2hhZ6UOvNWiAAxz9juapYC2e0DjPt1befquFUWBRaa9OBesYjA -ZIVcFU2Ix7e64HXprQU9nceJSOC7KMgD4TCTZF5SwFlwIjVXiIrxlQqD17wxcwE0 -7e9GceBrAqg1cmuXm2bgyxx5X9gaBGgeRwLmnWDiNpcB3841kt++Z8dtd1k7j53W -kBWUvEI0EME5+bEnPn7WinXFsq+W06Lem+SYvn3h6YGttm/81w7a4DSwDRp35+MI -mO9Y+pyEtzavwt+s0vQQBnBxNQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4G -A1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQULNVQQZcVi/CPNmFbSvtr2ZnJM5IwDQYJ -KoZIhvcNAQEFBQADggEBAFpwfyzdtzRP9YZRqSa+S7iq8XEN3GHHoOo0Hnp3DwQ1 -6CePbJC/kRYkRj5KTs4rFtULUh38H2eiAkUxT87z+gOneZ1TatnaYzr4gNfTmeGl -4b7UVXGYNTq+k+qurUKykG/g/CFNNWMziUnWm07Kx+dOCQD32sfvmWKZd7aVIl6K -oKv0uHiYyjgZmclynnjNS6yvGaBzEi38wkG6gZHaFloxt/m0cYASSJlyc1pZU8Fj -UjPtp8nSOQJw+uCxQmYpqptR7TBUIhRf2asdweSU8Pj1K/fqynhG1riR/aYNKxoU -AT6A8EKglQdebc3MS6RFjasS6LPeWuWgfOgPIh1a6Vk= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICrjCCAjWgAwIBAgIQPLL0SAoA4v7rJDteYD7DazAKBggqhkjOPQQDAzCBmDEL -MAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsTMChj -KSAyMDA3IEdlb1RydXN0IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTE2 -MDQGA1UEAxMtR2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0 -eSAtIEcyMB4XDTA3MTEwNTAwMDAwMFoXDTM4MDExODIzNTk1OVowgZgxCzAJBgNV -BAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMTkwNwYDVQQLEzAoYykgMjAw -NyBHZW9UcnVzdCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxNjA0BgNV -BAMTLUdlb1RydXN0IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBH -MjB2MBAGByqGSM49AgEGBSuBBAAiA2IABBWx6P0DFUPlrOuHNxFi79KDNlJ9RVcL -So17VDs6bl8VAsBQps8lL33KSLjHUGMcKiEIfJo22Av+0SbFWDEwKCXzXV2juLal -tJLtbCyf691DiaI8S0iRHVDsJt/WYC69IaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAO -BgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFBVfNVdRVfslsq0DafwBo/q+EVXVMAoG -CCqGSM49BAMDA2cAMGQCMGSWWaboCd6LuvpaiIjwH5HTRqjySkwCY/tsXzjbLkGT -qQ7mndwxHLKgpxgceeHHNgIwOlavmnRs9vuD4DPTCF+hnMJbn0bWtsuRBmOiBucz -rD6ogRLQy7rQkgu2npaqBA+K ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID/jCCAuagAwIBAgIQFaxulBmyeUtB9iepwxgPHzANBgkqhkiG9w0BAQsFADCB -mDELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsT -MChjKSAyMDA4IEdlb1RydXN0IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25s -eTE2MDQGA1UEAxMtR2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhv -cml0eSAtIEczMB4XDTA4MDQwMjAwMDAwMFoXDTM3MTIwMTIzNTk1OVowgZgxCzAJ -BgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMTkwNwYDVQQLEzAoYykg -MjAwOCBHZW9UcnVzdCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxNjA0 -BgNVBAMTLUdlb1RydXN0IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg -LSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANziXmJYHTNXOTIz -+uvLh4yn1ErdBojqZI4xmKU4kB6Yzy5jK/BGvESyiaHAKAxJcCGVn2TAppMSAmUm -hsalifD614SgcK9PGpc/BkTVyetyEH3kMSj7HGHmKAdEc5IiaacDiGydY8hS2pgn -5whMcD60yRLBxWeDXTPzAxHsatBT4tG6NmCUgLthY2xbF37fQJQeqw3CIShwiP/W -JmxsYAQlTlV+fe+/lEjetx3dcI0FX4ilm/LC7urRQEFtYjgdVgbFA0dRIBn8exAL -DmKudlW/X3e+PkkBUz2YJQN2JFodtNuJ6nnltrM7P7pMKEF/BqxqjsHQ9gUdfeZC -huOl1UcCAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw -HQYDVR0OBBYEFMR5yo6hTgMdHNxr2zFblD4/MH8tMA0GCSqGSIb3DQEBCwUAA4IB -AQAtxRPPVoB7eni9n64smefv2t+UXglpp+duaIy9cr5HqQ6XErhK8WTTOd8lNNTB -zU6B8A8ExCSzNJbGpqow32hhc9f5joWJ7w5elShKKiePEI4ufIbEAp7aDHdlDkQN -kv39sxY2+hENHYwOB4lqKVb3cvTdFZx3NWZXqxNT2I7BQMXXExZacse3aQHEerGD -AWh9jUGhlBjBJVz88P6DAod8DQ3PLghcSkANPuyBYeYk28rgDi0Hsj5W3I31QYUH -SJsMC8tJP33st/3LjWeJGqvtux6jAAgIFyqCXDFdRootD4abdNlF+9RAsXqqaC2G -spki4cErx5z481+oghLrGREt ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFaDCCA1CgAwIBAgIBATANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJVUzEW -MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEeMBwGA1UEAxMVR2VvVHJ1c3QgVW5pdmVy -c2FsIENBMB4XDTA0MDMwNDA1MDAwMFoXDTI5MDMwNDA1MDAwMFowRTELMAkGA1UE -BhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xHjAcBgNVBAMTFUdlb1RydXN0 -IFVuaXZlcnNhbCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKYV -VaCjxuAfjJ0hUNfBvitbtaSeodlyWL0AG0y/YckUHUWCq8YdgNY96xCcOq9tJPi8 -cQGeBvV8Xx7BDlXKg5pZMK4ZyzBIle0iN430SppyZj6tlcDgFgDgEB8rMQ7XlFTT -QjOgNB0eRXbdT8oYN+yFFXoZCPzVx5zw8qkuEKmS5j1YPakWaDwvdSEYfyh3peFh -F7em6fgemdtzbvQKoiFs7tqqhZJmr/Z6a4LauiIINQ/PQvE1+mrufislzDoR5G2v -c7J2Ha3QsnhnGqQ5HFELZ1aD/ThdDc7d8Lsrlh/eezJS/R27tQahsiFepdaVaH/w -mZ7cRQg+59IJDTWU3YBOU5fXtQlEIGQWFwMCTFMNaN7VqnJNk22CDtucvc+081xd -VHppCZbW2xHBjXWotM85yM48vCR85mLK4b19p71XZQvk/iXttmkQ3CgaRr0BHdCX -teGYO8A3ZNY9lO4L4fUorgtWv3GLIylBjobFS1J72HGrH4oVpjuDWtdYAVHGTEHZ -f9hBZ3KiKN9gg6meyHv8U3NyWfWTehd2Ds735VzZC1U0oqpbtWpU5xPKV+yXbfRe -Bi9Fi1jUIxaS5BZuKGNZMN9QAZxjiRqf2xeUgnA3wySemkfWWspOqGmJch+RbNt+ -nhutxx9z3SxPGWX9f5NAEC7S8O08ni4oPmkmM8V7AgMBAAGjYzBhMA8GA1UdEwEB -/wQFMAMBAf8wHQYDVR0OBBYEFNq7LqqwDLiIJlF0XG0D08DYj3rWMB8GA1UdIwQY -MBaAFNq7LqqwDLiIJlF0XG0D08DYj3rWMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG -9w0BAQUFAAOCAgEAMXjmx7XfuJRAyXHEqDXsRh3ChfMoWIawC/yOsjmPRFWrZIRc -aanQmjg8+uUfNeVE44B5lGiku8SfPeE0zTBGi1QrlaXv9z+ZhP015s8xxtxqv6fX -IwjhmF7DWgh2qaavdy+3YL1ERmrvl/9zlcGO6JP7/TG37FcREUWbMPEaiDnBTzyn -ANXH/KttgCJwpQzgXQQpAvvLoJHRfNbDflDVnVi+QTjruXU8FdmbyUqDWcDaU/0z -uzYYm4UPFd3uLax2k7nZAY1IEKj79TiG8dsKxr2EoyNB3tZ3b4XUhRxQ4K5RirqN -Pnbiucon8l+f725ZDQbYKxek0nxru18UGkiPGkzns0ccjkxFKyDuSN/n3QmOGKja -QI2SJhFTYXNd673nxE0pN2HrrDktZy4W1vUAg4WhzH92xH3kt0tm7wNFYGm2DFKW -koRepqO1pD4r2czYG0eq8kTaT/kD6PAUyz/zg97QwVTjt+gKN02LIFkDMBmhLMi9 -ER/frslKxfMnZmaGrGiR/9nmUxwPi1xpZQomyB40w11Re9epnAahNt3ViZS82eQt -DF4JbAiXfKM9fJP/P6EUp8+1Xevb2xzEdt+Iub1FBZUbrvxGakyvSOPOrg/Sfuvm -bJxPgWp6ZKy7PtXny3YuxadIwVyQD8vIP/rmMuGNG2+k5o7Y+SlIis5z/iw= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFbDCCA1SgAwIBAgIBATANBgkqhkiG9w0BAQUFADBHMQswCQYDVQQGEwJVUzEW -MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMXR2VvVHJ1c3QgVW5pdmVy -c2FsIENBIDIwHhcNMDQwMzA0MDUwMDAwWhcNMjkwMzA0MDUwMDAwWjBHMQswCQYD -VQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMXR2VvVHJ1 -c3QgVW5pdmVyc2FsIENBIDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC -AQCzVFLByT7y2dyxUxpZKeexw0Uo5dfR7cXFS6GqdHtXr0om/Nj1XqduGdt0DE81 -WzILAePb63p3NeqqWuDW6KFXlPCQo3RWlEQwAx5cTiuFJnSCegx2oG9NzkEtoBUG -FF+3Qs17j1hhNNwqCPkuwwGmIkQcTAeC5lvO0Ep8BNMZcyfwqph/Lq9O64ceJHdq -XbboW0W63MOhBW9Wjo8QJqVJwy7XQYci4E+GymC16qFjwAGXEHm9ADwSbSsVsaxL -se4YuU6W3Nx2/zu+z18DwPw76L5GG//aQMJS9/7jOvdqdzXQ2o3rXhhqMcceujwb -KNZrVMaqW9eiLBsZzKIC9ptZvTdrhrVtgrrY6slWvKk2WP0+GfPtDCapkzj4T8Fd -IgbQl+rhrcZV4IErKIM6+vR7IVEAvlI4zs1meaj0gVbi0IMJR1FbUGrP20gaXT73 -y/Zl92zxlfgCOzJWgjl6W70viRu/obTo/3+NjN8D8WBOWBFM66M/ECuDmgFz2ZRt -hAAnZqzwcEAJQpKtT5MNYQlRJNiS1QuUYbKHsu3/mjX/hVTK7URDrBs8FmtISgoc -QIgfksILAAX/8sgCSqSqqcyZlpwvWOB94b67B9xfBHJcMTTD7F8t4D1kkCLm0ey4 -Lt1ZrtmhN79UNdxzMk+MBB4zsslG8dhcyFVQyWi9qLo2CQIDAQABo2MwYTAPBgNV -HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR281Xh+qQ2+/CfXGJx7Tz0RzgQKzAfBgNV -HSMEGDAWgBR281Xh+qQ2+/CfXGJx7Tz0RzgQKzAOBgNVHQ8BAf8EBAMCAYYwDQYJ -KoZIhvcNAQEFBQADggIBAGbBxiPz2eAubl/oz66wsCVNK/g7WJtAJDday6sWSf+z -dXkzoS9tcBc0kf5nfo/sm+VegqlVHy/c1FEHEv6sFj4sNcZj/NwQ6w2jqtB8zNHQ -L1EuxBRa3ugZ4T7GzKQp5y6EqgYweHZUcyiYWTjgAA1i00J9IZ+uPTqM1fp3DRgr -Fg5fNuH8KrUwJM/gYwx7WBr+mbpCErGR9Hxo4sjoryzqyX6uuyo9DRXcNJW2GHSo -ag/HtPQTxORb7QrSpJdMKu0vbBKJPfEncKpqA1Ihn0CoZ1Dy81of398j9tx4TuaY -T1U6U+Pv8vSfx3zYWK8pIpe44L2RLrB27FcRz+8pRPPphXpgY+RdM4kX2TGq2tbz -GDVyz4crL2MjhF2EjD9XoIj8mZEoJmmZ1I+XRL6O1UixpCgp8RW04eWe3fiPpm8m -1wk8OhwRDqZsN/etRIcsKMfYdIKz0G9KV7s1KSegi+ghp4dkNl3M2Basx7InQJJV -OCiNUW7dFGdTbHFcJoRNdVq2fmBWqU2t+5sel/MN2dKXVHfaPRK34B7vCAas+YWH -6aLcr34YEoP9VhdBLtUpgn2Z9DH2canPLAEnpQW5qrJITirvn5NSUZU8UnOOVkwX -QMAJKOSLakhT2+zNVVXxxvjpoixMptEmX36vWkzaH6byHCx+rgIW0lbQL1dTR+iS ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB4TCCAYegAwIBAgIRKjikHJYKBN5CsiilC+g0mAIwCgYIKoZIzj0EAwIwUDEk -MCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI0MRMwEQYDVQQKEwpH -bG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWduMB4XDTEyMTExMzAwMDAwMFoX -DTM4MDExOTAzMTQwN1owUDEkMCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBD -QSAtIFI0MRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWdu -MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEuMZ5049sJQ6fLjkZHAOkrprlOQcJ -FspjsbmG+IpXwVfOQvpzofdlQv8ewQCybnMO/8ch5RikqtlxP6jUuc6MHaNCMEAw -DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFFSwe61F -uOJAf/sKbvu+M8k8o4TVMAoGCCqGSM49BAMCA0gAMEUCIQDckqGgE6bPA7DmxCGX -kPoUVy0D7O48027KqGx2vKLeuwIgJ6iFJzWbVsaj8kfSt24bAgAXqmemFZHe+pTs -ewv4n4Q= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICHjCCAaSgAwIBAgIRYFlJ4CYuu1X5CneKcflK2GwwCgYIKoZIzj0EAwMwUDEk -MCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI1MRMwEQYDVQQKEwpH -bG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWduMB4XDTEyMTExMzAwMDAwMFoX -DTM4MDExOTAzMTQwN1owUDEkMCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBD -QSAtIFI1MRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWdu -MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAER0UOlvt9Xb/pOdEh+J8LttV7HpI6SFkc -8GIxLcB6KP4ap1yztsyX50XUWPrRd21DosCHZTQKH3rd6zwzocWdTaRvQZU4f8ke -hOvRnkmSh5SHDDqFSmafnVmTTZdhBoZKo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYD -VR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUPeYpSJvqB8ohREom3m7e0oPQn1kwCgYI -KoZIzj0EAwMDaAAwZQIxAOVpEslu28YxuglB4Zf4+/2a4n0Sye18ZNPLBSWLVtmg -515dTguDnFt2KaAJJiFqYgIwcdK1j1zqO+F4CYWodZI7yFz9SO8NdCKoCOJuxUnO -xwy8p2Fp8fc74SrL+SvzZpA3 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG -A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv -b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw -MDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i -YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT -aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ -jc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp -xy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp -1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdG -snUOhugZitVtbNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJ -U26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N8 -9iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E -BTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0B -AQUFAAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOz -yj1hTdNGCbM+w6DjY1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE -38NflNUVyRRBnMRddWQVDf9VMOyGj/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymP -AbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad -DKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME -HMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4G -A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp -Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDYxMjE1MDgwMDAwWhcNMjExMjE1 -MDgwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEG -A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAKbPJA6+Lm8omUVCxKs+IVSbC9N/hHD6ErPL -v4dfxn+G07IwXNb9rfF73OX4YJYJkhD10FPe+3t+c4isUoh7SqbKSaZeqKeMWhG8 -eoLrvozps6yWJQeXSpkqBy+0Hne/ig+1AnwblrjFuTosvNYSuetZfeLQBoZfXklq -tTleiDTsvHgMCJiEbKjNS7SgfQx5TfC4LcshytVsW33hoCmEofnTlEnLJGKRILzd -C9XZzPnqJworc5HGnRusyMvo4KD0L5CLTfuwNhv2GXqF4G3yYROIXJ/gkwpRl4pa -zq+r1feqCapgvdzZX99yqWATXgAByUr6P6TqBwMhAo6CygPCm48CAwEAAaOBnDCB -mTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUm+IH -V2ccHsBqBt5ZtJot39wZhi4wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5n -bG9iYWxzaWduLm5ldC9yb290LXIyLmNybDAfBgNVHSMEGDAWgBSb4gdXZxwewGoG -3lm0mi3f3BmGLjANBgkqhkiG9w0BAQUFAAOCAQEAmYFThxxol4aR7OBKuEQLq4Gs -J0/WwbgcQ3izDJr86iw8bmEbTUsp9Z8FHSbBuOmDAGJFtqkIk7mpM0sYmsL4h4hO -291xNBrBVNpGP+DTKqttVCL1OmLNIG+6KYnX3ZHu01yiPqFbQfXf5WRDLenVOavS -ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd -AfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7 -TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDXzCCAkegAwIBAgILBAAAAAABIVhTCKIwDQYJKoZIhvcNAQELBQAwTDEgMB4G -A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbFNp -Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDkwMzE4MTAwMDAwWhcNMjkwMzE4 -MTAwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEG -A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAMwldpB5BngiFvXAg7aEyiie/QV2EcWtiHL8 -RgJDx7KKnQRfJMsuS+FggkbhUqsMgUdwbN1k0ev1LKMPgj0MK66X17YUhhB5uzsT -gHeMCOFJ0mpiLx9e+pZo34knlTifBtc+ycsmWQ1z3rDI6SYOgxXG71uL0gRgykmm -KPZpO/bLyCiR5Z2KYVc3rHQU3HTgOu5yLy6c+9C7v/U9AOEGM+iCK65TpjoWc4zd -QQ4gOsC0p6Hpsk+QLjJg6VfLuQSSaGjlOCZgdbKfd/+RFO+uIEn8rUAVSNECMWEZ -XriX7613t2Saer9fwRPvm2L7DWzgVGkWqQPabumDk3F2xmmFghcCAwEAAaNCMEAw -DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFI/wS3+o -LkUkrk1Q+mOai97i3Ru8MA0GCSqGSIb3DQEBCwUAA4IBAQBLQNvAUKr+yAzv95ZU -RUm7lgAJQayzE4aGKAczymvmdLm6AC2upArT9fHxD4q/c2dKg8dEe3jgr25sbwMp -jjM5RcOO5LlXbKr8EpbsU8Yt5CRsuZRj+9xTaGdWPoO4zzUhw8lo/s7awlOqzJCK -6fBdRoyV3XpYKBovHd7NADdBj+1EbddTKJd+82cEHhXXipa0095MJ6RMG3NzdvQX -mcIfeg7jLQitChws/zyrVQ4PkX4268NXSb7hLi18YIvDQVETI53O9zJrlAGomecs -Mx86OyXShkDOOyyGeMlhLxS67ttVb9+E7gUJTb0o2HLO02JQZR7rkpeDMdmztcpH -WD9f ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIHSTCCBTGgAwIBAgIJAMnN0+nVfSPOMA0GCSqGSIb3DQEBBQUAMIGsMQswCQYD -VQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0 -IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAGA1UEBRMJQTgyNzQzMjg3 -MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xJzAlBgNVBAMTHkdsb2JhbCBD -aGFtYmVyc2lnbiBSb290IC0gMjAwODAeFw0wODA4MDExMjMxNDBaFw0zODA3MzEx -MjMxNDBaMIGsMQswCQYDVQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3Vy -cmVudCBhZGRyZXNzIGF0IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAG -A1UEBRMJQTgyNzQzMjg3MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xJzAl -BgNVBAMTHkdsb2JhbCBDaGFtYmVyc2lnbiBSb290IC0gMjAwODCCAiIwDQYJKoZI -hvcNAQEBBQADggIPADCCAgoCggIBAMDfVtPkOpt2RbQT2//BthmLN0EYlVJH6xed -KYiONWwGMi5HYvNJBL99RDaxccy9Wglz1dmFRP+RVyXfXjaOcNFccUMd2drvXNL7 -G706tcuto8xEpw2uIRU/uXpbknXYpBI4iRmKt4DS4jJvVpyR1ogQC7N0ZJJ0YPP2 -zxhPYLIj0Mc7zmFLmY/CDNBAspjcDahOo7kKrmCgrUVSY7pmvWjg+b4aqIG7HkF4 -ddPB/gBVsIdU6CeQNR1MM62X/JcumIS/LMmjv9GYERTtY/jKmIhYF5ntRQOXfjyG -HoiMvvKRhI9lNNgATH23MRdaKXoKGCQwoze1eqkBfSbW+Q6OWfH9GzO1KTsXO0G2 -Id3UwD2ln58fQ1DJu7xsepeY7s2MH/ucUa6LcL0nn3HAa6x9kGbo1106DbDVwo3V -yJ2dwW3Q0L9R5OP4wzg2rtandeavhENdk5IMagfeOx2YItaswTXbo6Al/3K1dh3e -beksZixShNBFks4c5eUzHdwHU1SjqoI7mjcv3N2gZOnm3b2u/GSFHTynyQbehP9r -6GsaPMWis0L7iwk+XwhSx2LE1AVxv8Rk5Pihg+g+EpuoHtQ2TS9x9o0o9oOpE9Jh -wZG7SMA0j0GMS0zbaRL/UJScIINZc+18ofLx/d33SdNDWKBWY8o9PeU1VlnpDsog -zCtLkykPAgMBAAGjggFqMIIBZjASBgNVHRMBAf8ECDAGAQH/AgEMMB0GA1UdDgQW -BBS5CcqcHtvTbDprru1U8VuTBjUuXjCB4QYDVR0jBIHZMIHWgBS5CcqcHtvTbDpr -ru1U8VuTBjUuXqGBsqSBrzCBrDELMAkGA1UEBhMCRVUxQzBBBgNVBAcTOk1hZHJp -ZCAoc2VlIGN1cnJlbnQgYWRkcmVzcyBhdCB3d3cuY2FtZXJmaXJtYS5jb20vYWRk -cmVzcykxEjAQBgNVBAUTCUE4Mjc0MzI4NzEbMBkGA1UEChMSQUMgQ2FtZXJmaXJt -YSBTLkEuMScwJQYDVQQDEx5HbG9iYWwgQ2hhbWJlcnNpZ24gUm9vdCAtIDIwMDiC -CQDJzdPp1X0jzjAOBgNVHQ8BAf8EBAMCAQYwPQYDVR0gBDYwNDAyBgRVHSAAMCow -KAYIKwYBBQUHAgEWHGh0dHA6Ly9wb2xpY3kuY2FtZXJmaXJtYS5jb20wDQYJKoZI -hvcNAQEFBQADggIBAICIf3DekijZBZRG/5BXqfEv3xoNa/p8DhxJJHkn2EaqbylZ -UohwEurdPfWbU1Rv4WCiqAm57OtZfMY18dwY6fFn5a+6ReAJ3spED8IXDneRRXoz -X1+WLGiLwUePmJs9wOzL9dWCkoQ10b42OFZyMVtHLaoXpGNR6woBrX/sdZ7LoR/x -fxKxueRkf2fWIyr0uDldmOghp+G9PUIadJpwr2hsUF1Jz//7Dl3mLEfXgTpZALVz -a2Mg9jFFCDkO9HB+QHBaP9BrQql0PSgvAm11cpUJjUhjxsYjV5KTXjXBjfkK9yyd -Yhz2rXzdpjEetrHHfoUm+qRqtdpjMNHvkzeyZi99Bffnt0uYlDXA2TopwZ2yUDMd -SqlapskD7+3056huirRXhOukP9DuqqqHW2Pok+JrqNS4cnhrG+055F3Lm6qH1U9O -AP7Zap88MQ8oAgF9mOinsKJknnn4SPIVqczmyETrP3iZ8ntxPjzxmKfFGBI/5rso -M0LpRQp8bfKGeS/Fghl9CYl8slR2iK7ewfPM4W7bMdaTrpmg7yVqc5iJWzouE4ge -v8CSlDQb4ye3ix5vQv/n6TebUB0tovkC7stYWDpxvGjjqsGvHCgfotwjZT+B6q6Z -09gwzxMNTxXJhLynSC34MCN32EZLeW32jO06f2ARePTpm67VVMB0gNELQp/B ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEADCCAuigAwIBAgIBADANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEh -MB8GA1UEChMYVGhlIEdvIERhZGR5IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBE -YWRkeSBDbGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA0MDYyOTE3 -MDYyMFoXDTM0MDYyOTE3MDYyMFowYzELMAkGA1UEBhMCVVMxITAfBgNVBAoTGFRo -ZSBHbyBEYWRkeSBHcm91cCwgSW5jLjExMC8GA1UECxMoR28gRGFkZHkgQ2xhc3Mg -MiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASAwDQYJKoZIhvcNAQEBBQADggEN -ADCCAQgCggEBAN6d1+pXGEmhW+vXX0iG6r7d/+TvZxz0ZWizV3GgXne77ZtJ6XCA -PVYYYwhv2vLM0D9/AlQiVBDYsoHUwHU9S3/Hd8M+eKsaA7Ugay9qK7HFiH7Eux6w -wdhFJ2+qN1j3hybX2C32qRe3H3I2TqYXP2WYktsqbl2i/ojgC95/5Y0V4evLOtXi -EqITLdiOr18SPaAIBQi2XKVlOARFmR6jYGB0xUGlcmIbYsUfb18aQr4CUWWoriMY -avx4A6lNf4DD+qta/KFApMoZFv6yyO9ecw3ud72a9nmYvLEHZ6IVDd2gWMZEewo+ -YihfukEHU1jPEX44dMX4/7VpkI+EdOqXG68CAQOjgcAwgb0wHQYDVR0OBBYEFNLE -sNKR1EwRcbNhyz2h/t2oatTjMIGNBgNVHSMEgYUwgYKAFNLEsNKR1EwRcbNhyz2h -/t2oatTjoWekZTBjMQswCQYDVQQGEwJVUzEhMB8GA1UEChMYVGhlIEdvIERhZGR5 -IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBEYWRkeSBDbGFzcyAyIENlcnRpZmlj -YXRpb24gQXV0aG9yaXR5ggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQAD -ggEBADJL87LKPpH8EsahB4yOd6AzBhRckB4Y9wimPQoZ+YeAEW5p5JYXMP80kWNy -OO7MHAGjHZQopDH2esRU1/blMVgDoszOYtuURXO1v0XJJLXVggKtI3lpjbi2Tc7P -TMozI+gciKqdi0FuFskg5YmezTvacPd+mSYgFFQlq25zheabIZ0KbIIOqPjCDPoQ -HmyW74cNxA9hi63ugyuV+I6ShHI56yDqg+2DzZduCLzrTia2cyvk0/ZM/iZx4mER -dEr/VxqHD3VILs9RaRegAhJhldXRQLIQTO7ErBBDpqWeCtWVYpoNz4iCxTIM5Cuf -ReYNnyicsbkqWletNw+vHX/bvZ8= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDxTCCAq2gAwIBAgIBADANBgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhMCVVMx -EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoT -EUdvRGFkZHkuY29tLCBJbmMuMTEwLwYDVQQDEyhHbyBEYWRkeSBSb290IENlcnRp -ZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5MDkwMTAwMDAwMFoXDTM3MTIzMTIz -NTk1OVowgYMxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQH -EwpTY290dHNkYWxlMRowGAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjExMC8GA1UE -AxMoR28gRGFkZHkgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjCCASIw -DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL9xYgjx+lk09xvJGKP3gElY6SKD -E6bFIEMBO4Tx5oVJnyfq9oQbTqC023CYxzIBsQU+B07u9PpPL1kwIuerGVZr4oAH -/PMWdYA5UXvl+TW2dE6pjYIT5LY/qQOD+qK+ihVqf94Lw7YZFAXK6sOoBJQ7Rnwy -DfMAZiLIjWltNowRGLfTshxgtDj6AozO091GB94KPutdfMh8+7ArU6SSYmlRJQVh -GkSBjCypQ5Yj36w6gZoOKcUcqeldHraenjAKOc7xiID7S13MMuyFYkMlNAJWJwGR -tDtwKj9useiciAF9n9T521NtYJ2/LOdYq7hfRvzOxBsDPAnrSTFcaUaz4EcCAwEA -AaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYE -FDqahQcQZyi27/a9BUFuIMGU2g/eMA0GCSqGSIb3DQEBCwUAA4IBAQCZ21151fmX -WWcDYfF+OwYxdS2hII5PZYe096acvNjpL9DbWu7PdIxztDhC2gV7+AJ1uP2lsdeu -9tfeE8tTEH6KRtGX+rcuKxGrkLAngPnon1rpN5+r5N9ss4UXnT3ZJE95kTXWXwTr -gIOrmgIttRD02JDHBHNA7XIloKmf7J6raBKZV8aPEjoJpL1E/QYVN8Gb5DKj7Tjo -2GTzLH4U/ALqn83/B2gX2yKQOC16jdFU8WnjXzPKej17CuPKf1855eJ1usV2GDPO -LPAvTK33sefOT6jEm0pUBsV/fdUID+Ic/n4XuKxe9tQWskMJDE32p2u0mYRlynqI -4uJEvlz36hz1 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICwzCCAkqgAwIBAgIBADAKBggqhkjOPQQDAjCBqjELMAkGA1UEBhMCR1IxDzAN -BgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl -c2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRob3JpdHkxRDBCBgNVBAMTO0hl -bGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgRUNDIFJv -b3RDQSAyMDE1MB4XDTE1MDcwNzEwMzcxMloXDTQwMDYzMDEwMzcxMlowgaoxCzAJ -BgNVBAYTAkdSMQ8wDQYDVQQHEwZBdGhlbnMxRDBCBgNVBAoTO0hlbGxlbmljIEFj -YWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgQ2VydC4gQXV0aG9yaXR5 -MUQwQgYDVQQDEztIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0 -dXRpb25zIEVDQyBSb290Q0EgMjAxNTB2MBAGByqGSM49AgEGBSuBBAAiA2IABJKg -QehLgoRc4vgxEZmGZE4JJS+dQS8KrjVPdJWyUWRrjWvmP3CV8AVER6ZyOFB2lQJa -jq4onvktTpnvLEhvTCUp6NFxW98dwXU3tNf6e3pCnGoKVlp8aQuqgAkkbH7BRqNC -MEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFLQi -C4KZJAEOnLvkDv2/+5cgk5kqMAoGCCqGSM49BAMCA2cAMGQCMGfOFmI4oqxiRaep -lSTAGiecMjvAwNW6qef4BENThe5SId6d9SWDPp5YSy/XZxMOIQIwBeF1Ad5o7Sof -TUwJCA3sS61kFyjndc5FZXIhF8siQQ6ME5g4mlRtm8rifOoCWCKR ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEMTCCAxmgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBlTELMAkGA1UEBhMCR1Ix -RDBCBgNVBAoTO0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1 -dGlvbnMgQ2VydC4gQXV0aG9yaXR5MUAwPgYDVQQDEzdIZWxsZW5pYyBBY2FkZW1p -YyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIFJvb3RDQSAyMDExMB4XDTExMTIw -NjEzNDk1MloXDTMxMTIwMTEzNDk1MlowgZUxCzAJBgNVBAYTAkdSMUQwQgYDVQQK -EztIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIENl -cnQuIEF1dGhvcml0eTFAMD4GA1UEAxM3SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl -c2VhcmNoIEluc3RpdHV0aW9ucyBSb290Q0EgMjAxMTCCASIwDQYJKoZIhvcNAQEB -BQADggEPADCCAQoCggEBAKlTAOMupvaO+mDYLZU++CwqVE7NuYRhlFhPjz2L5EPz -dYmNUeTDN9KKiE15HrcS3UN4SoqS5tdI1Q+kOilENbgH9mgdVc04UfCMJDGFr4PJ -fel3r+0ae50X+bOdOFAPplp5kYCvN66m0zH7tSYJnTxa71HFK9+WXesyHgLacEns -bgzImjeN9/E2YEsmLIKe0HjzDQ9jpFEw4fkrJxIH2Oq9GGKYsFk3fb7u8yBRQlqD -75O6aRXxYp2fmTmCobd0LovUxQt7L/DICto9eQqakxylKHJzkUOap9FNhYS5qXSP -FEDH3N6sQWRstBmbAmNtJGSPRLIl6s5ddAxjMlyNh+UCAwEAAaOBiTCBhjAPBgNV -HRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQUppFC/RNhSiOeCKQp -5dgTBCPuQSUwRwYDVR0eBEAwPqA8MAWCAy5ncjAFggMuZXUwBoIELmVkdTAGggQu -b3JnMAWBAy5ncjAFgQMuZXUwBoEELmVkdTAGgQQub3JnMA0GCSqGSIb3DQEBBQUA -A4IBAQAf73lB4XtuP7KMhjdCSk4cNx6NZrokgclPEg8hwAOXhiVtXdMiKahsog2p -6z0GW5k6x8zDmjR/qw7IThzh+uTczQ2+vyT+bOdrwg3IBp5OjWEopmr95fZi6hg8 -TqBTnbI6nOulnJEWtk2C4AwFSKls9cz4y51JtPACpf1wA+2KIaWuE4ZJwzNzvoc7 -dIsXRSZMFpGD/md9zU1jZ/rzAxKWeAaNsWftjj++n08C9bMJL/NMh98qy5V8Acys -Nnq/onN694/BtZqhFLKPM58N7yLcZnuEvUUXBj08yrl3NI/K6s8/MT7jiOOASSXI -l7WdmplNsDz4SgCbZN2fOUvRJ9e4 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIGCzCCA/OgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBpjELMAkGA1UEBhMCR1Ix -DzANBgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNhZGVtaWMgYW5k -IFJlc2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRob3JpdHkxQDA+BgNVBAMT -N0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgUm9v -dENBIDIwMTUwHhcNMTUwNzA3MTAxMTIxWhcNNDAwNjMwMTAxMTIxWjCBpjELMAkG -A1UEBhMCR1IxDzANBgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNh -ZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRob3JpdHkx -QDA+BgNVBAMTN0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1 -dGlvbnMgUm9vdENBIDIwMTUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC -AQDC+Kk/G4n8PDwEXT2QNrCROnk8ZlrvbTkBSRq0t89/TSNTt5AA4xMqKKYx8ZEA -4yjsriFBzh/a/X0SWwGDD7mwX5nh8hKDgE0GPt+sr+ehiGsxr/CL0BgzuNtFajT0 -AoAkKAoCFZVedioNmToUW/bLy1O8E00BiDeUJRtCvCLYjqOWXjrZMts+6PAQZe10 -4S+nfK8nNLspfZu2zwnI5dMK/IhlZXQK3HMcXM1AsRzUtoSMTFDPaI6oWa7CJ06C -ojXdFPQf/7J31Ycvqm59JCfnxssm5uX+Zwdj2EUN3TpZZTlYepKZcj2chF6IIbjV -9Cz82XBST3i4vTwri5WY9bPRaM8gFH5MXF/ni+X1NYEZN9cRCLdmvtNKzoNXADrD -gfgXy5I2XdGj2HUb4Ysn6npIQf1FGQatJ5lOwXBH3bWfgVMS5bGMSF0xQxfjjMZ6 -Y5ZLKTBOhE5iGV48zpeQpX8B653g+IuJ3SWYPZK2fu/Z8VFRfS0myGlZYeCsargq -NhEEelC9MoS+L9xy1dcdFkfkR2YgP/SWxa+OAXqlD3pk9Q0Yh9muiNX6hME6wGko -LfINaFGq46V3xqSQDqE3izEjR8EJCOtu93ib14L8hCCZSRm2Ekax+0VVFqmjZayc -Bw/qa9wfLgZy7IaIEuQt218FL+TwA9MmM+eAws1CoRc0CwIDAQABo0IwQDAPBgNV -HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUcRVnyMjJvXVd -ctA4GGqd83EkVAswDQYJKoZIhvcNAQELBQADggIBAHW7bVRLqhBYRjTyYtcWNl0I -XtVsyIe9tC5G8jH4fOpCtZMWVdyhDBKg2mF+D1hYc2Ryx+hFjtyp8iY/xnmMsVMI -M4GwVhO+5lFc2JsKT0ucVlMC6U/2DWDqTUJV6HwbISHTGzrMd/K4kPFox/la/vot -9L/J9UUbzjgQKjeKeaO04wlshYaT/4mWJ3iBj2fjRnRUjtkNaeJK9E10A/+yd+2V -Z5fkscWrv2oj6NSU4kQoYsRL4vDY4ilrGnB+JGGTe08DMiUNRSQrlrRGar9KC/ea -j8GsGsVn82800vpzY4zvFrCopEYq+OsS7HK07/grfoxSwIuEVPkvPuNVqNxmsdnh -X9izjFk0WaSrT2y7HxjbdavYy5LNlDhhDgcGH0tGEPEVvo2FXDtKK4F5D7Rpn0lQ -l033DlZdwJVqwjbDG2jJ9SrcR5q+ss7FJej6A7na+RZukYT1HCjI/CbM1xyQVqdf -bzoEvM14iQuODy+jqk+iGxI9FghAD/FGTNeqewjBCvVtJ94Cj8rDtSvK6evIIVM4 -pcw72Hc3MKJP2W/R8kCtQXoXxdZKNYm3QdV8hn9VTYNKpXMgwDqvkPGaJI7ZjnHK -e7iG2rKPmT4dEw0SEe7Uq/DpFXYC5ODfqiAeW2GFZECpkJcNrVPSWh2HagCXZWK0 -vm9qp/UsQu0yrbYhnr68 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDMDCCAhigAwIBAgICA+gwDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UEBhMCSEsx -FjAUBgNVBAoTDUhvbmdrb25nIFBvc3QxIDAeBgNVBAMTF0hvbmdrb25nIFBvc3Qg -Um9vdCBDQSAxMB4XDTAzMDUxNTA1MTMxNFoXDTIzMDUxNTA0NTIyOVowRzELMAkG -A1UEBhMCSEsxFjAUBgNVBAoTDUhvbmdrb25nIFBvc3QxIDAeBgNVBAMTF0hvbmdr -b25nIFBvc3QgUm9vdCBDQSAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC -AQEArP84tulmAknjorThkPlAj3n54r15/gK97iSSHSL22oVyaf7XPwnU3ZG1ApzQ -jVrhVcNQhrkpJsLj2aDxaQMoIIBFIi1WpztUlVYiWR8o3x8gPW2iNr4joLFutbEn -PzlTCeqrauh0ssJlXI6/fMN4hM2eFvz1Lk8gKgifd/PFHsSaUmYeSF7jEAaPIpjh -ZY4bXSNmO7ilMlHIhqqhqZ5/dpTCpmy3QfDVyAY45tQM4vM7TG1QjMSDJ8EThFk9 -nnV0ttgCXjqQesBCNnLsak3c78QA3xMYV18meMjWCnl3v/evt3a5pQuEF10Q6m/h -q5URX208o1xNg1vysxmKgIsLhwIDAQABoyYwJDASBgNVHRMBAf8ECDAGAQH/AgED -MA4GA1UdDwEB/wQEAwIBxjANBgkqhkiG9w0BAQUFAAOCAQEADkbVPK7ih9legYsC -mEEIjEy82tvuJxuC52pF7BaLT4Wg87JwvVqWuspube5Gi27nKi6Wsxkz67SfqLI3 -7piol7Yutmcn1KZJ/RyTZXaeQi/cImyaT/JaFTmxcdcrUehtHJjA2Sr0oYJ71clB -oiMBdDhViw+5LmeiIAQ32pwL0xch4I+XeTRvhEgCIDMb5jREn5Fw9IBehEPCKdJs -EhTkYY2sEJCehFC78JZvRZ+K88psT/oROhUVRsPNH4NbLUES7VBnQRM9IauUiqpO -fMGx+6fWtScvl6tu4B3i0RwsH0Ti/L6RoZz71ilTc4afU9hDDl3WY4JxHYB0yvbi -AmvZWg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw -TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh -cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4 -WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu -ZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY -MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc -h77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+ -0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U -A5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW -T8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH -B5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC -B5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv -KBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn -OlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn -jh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw -qHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI -rU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV -HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq -hkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL -ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ -3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK -NFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5 -ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur -TkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC -jNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc -oyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq -4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA -mRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d -emyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFYDCCA0igAwIBAgIQCgFCgAAAAUUjyES1AAAAAjANBgkqhkiG9w0BAQsFADBK -MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MScwJQYDVQQDEx5JZGVu -VHJ1c3QgQ29tbWVyY2lhbCBSb290IENBIDEwHhcNMTQwMTE2MTgxMjIzWhcNMzQw -MTE2MTgxMjIzWjBKMQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MScw -JQYDVQQDEx5JZGVuVHJ1c3QgQ29tbWVyY2lhbCBSb290IENBIDEwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQCnUBneP5k91DNG8W9RYYKyqU+PZ4ldhNlT -3Qwo2dfw/66VQ3KZ+bVdfIrBQuExUHTRgQ18zZshq0PirK1ehm7zCYofWjK9ouuU -+ehcCuz/mNKvcbO0U59Oh++SvL3sTzIwiEsXXlfEU8L2ApeN2WIrvyQfYo3fw7gp -S0l4PJNgiCL8mdo2yMKi1CxUAGc1bnO/AljwpN3lsKImesrgNqUZFvX9t++uP0D1 -bVoE/c40yiTcdCMbXTMTEl3EASX2MN0CXZ/g1Ue9tOsbobtJSdifWwLziuQkkORi -T0/Br4sOdBeo0XKIanoBScy0RnnGF7HamB4HWfp1IYVl3ZBWzvurpWCdxJ35UrCL -vYf5jysjCiN2O/cz4ckA82n5S6LgTrx+kzmEB/dEcH7+B1rlsazRGMzyNeVJSQjK -Vsk9+w8YfYs7wRPCTY/JTw436R+hDmrfYi7LNQZReSzIJTj0+kuniVyc0uMNOYZK -dHzVWYfCP04MXFL0PfdSgvHqo6z9STQaKPNBiDoT7uje/5kdX7rL6B7yuVBgwDHT -c+XvvqDtMwt0viAgxGds8AgDelWAf0ZOlqf0Hj7h9tgJ4TNkK2PXMl6f+cB7D3hv -l7yTmvmcEpB4eoCHFddydJxVdHixuuFucAS6T6C6aMN7/zHwcz09lCqxC0EOoP5N -iGVreTO01wIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB -/zAdBgNVHQ4EFgQU7UQZwNPwBovupHu+QucmVMiONnYwDQYJKoZIhvcNAQELBQAD -ggIBAA2ukDL2pkt8RHYZYR4nKM1eVO8lvOMIkPkp165oCOGUAFjvLi5+U1KMtlwH -6oi6mYtQlNeCgN9hCQCTrQ0U5s7B8jeUeLBfnLOic7iPBZM4zY0+sLj7wM+x8uwt -LRvM7Kqas6pgghstO8OEPVeKlh6cdbjTMM1gCIOQ045U8U1mwF10A0Cj7oV+wh93 -nAbowacYXVKV7cndJZ5t+qntozo00Fl72u1Q8zW/7esUTTHHYPTa8Yec4kjixsU3 -+wYQ+nVZZjFHKdp2mhzpgq7vmrlR94gjmmmVYjzlVYA211QC//G5Xc7UI2/YRYRK -W2XviQzdFKcgyxilJbQN+QHwotL0AMh0jqEqSI5l2xPE4iUXfeu+h1sXIFRRk0pT -AwvsXcoz7WL9RccvW9xYoIA55vrX/hMUpu09lEpCdNTDd1lzzY9GvlU47/rokTLq -l1gEIt44w8y8bckzOmoKaT+gyOpyj4xjhiO9bTyWnpXgSUyqorkqG5w2gXjtw+hG -4iZZRHUe2XWJUc0QhJ1hYMtd+ZciTY6Y5uN/9lu7rs3KSoFrXgvzUeF0K+l+J6fZ -mUlO+KWA2yUPHGNiiskzZ2s8EIPGrd6ozRaOjfAHN3Gf8qv8QfXBi+wAN10J5U6A -7/qxXDgGpRtK4dw4LTzcqx+QGtVKnO7RcGzM7vRX+Bi6hG6H ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFZjCCA06gAwIBAgIQCgFCgAAAAUUjz0Z8AAAAAjANBgkqhkiG9w0BAQsFADBN -MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MSowKAYDVQQDEyFJZGVu -VHJ1c3QgUHVibGljIFNlY3RvciBSb290IENBIDEwHhcNMTQwMTE2MTc1MzMyWhcN -MzQwMTE2MTc1MzMyWjBNMQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0 -MSowKAYDVQQDEyFJZGVuVHJ1c3QgUHVibGljIFNlY3RvciBSb290IENBIDEwggIi -MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC2IpT8pEiv6EdrCvsnduTyP4o7 -ekosMSqMjbCpwzFrqHd2hCa2rIFCDQjrVVi7evi8ZX3yoG2LqEfpYnYeEe4IFNGy -RBb06tD6Hi9e28tzQa68ALBKK0CyrOE7S8ItneShm+waOh7wCLPQ5CQ1B5+ctMlS -bdsHyo+1W/CD80/HLaXIrcuVIKQxKFdYWuSNG5qrng0M8gozOSI5Cpcu81N3uURF -/YTLNiCBWS2ab21ISGHKTN9T0a9SvESfqy9rg3LvdYDaBjMbXcjaY8ZNzaxmMc3R -3j6HEDbhuaR672BQssvKplbgN6+rNBM5Jeg5ZuSYeqoSmJxZZoY+rfGwyj4GD3vw -EUs3oERte8uojHH01bWRNszwFcYr3lEXsZdMUD2xlVl8BX0tIdUAvwFnol57plzy -9yLxkA2T26pEUWbMfXYD62qoKjgZl3YNa4ph+bz27nb9cCvdKTz4Ch5bQhyLVi9V -GxyhLrXHFub4qjySjmm2AcG1hp2JDws4lFTo6tyePSW8Uybt1as5qsVATFSrsrTZ -2fjXctscvG29ZV/viDUqZi/u9rNl8DONfJhBaUYPQxxp+pu10GFqzcpL2UyQRqsV -WaFHVCkugyhfHMKiq3IXAAaOReyL4jM9f9oZRORicsPfIsbyVtTdX5Vy7W1f90gD -W/3FKqD2cyOEEBsB5wIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/ -BAUwAwEB/zAdBgNVHQ4EFgQU43HgntinQtnbcZFrlJPrw6PRFKMwDQYJKoZIhvcN -AQELBQADggIBAEf63QqwEZE4rU1d9+UOl1QZgkiHVIyqZJnYWv6IAcVYpZmxI1Qj -t2odIFflAWJBF9MJ23XLblSQdf4an4EKwt3X9wnQW3IV5B4Jaj0z8yGa5hV+rVHV -DRDtfULAj+7AmgjVQdZcDiFpboBhDhXAuM/FSRJSzL46zNQuOAXeNf0fb7iAaJg9 -TaDKQGXSc3z1i9kKlT/YPyNtGtEqJBnZhbMX73huqVjRI9PHE+1yJX9dsXNw0H8G -lwmEKYBhHfpe/3OsoOOJuBxxFcbeMX8S3OFtm6/n6J91eEyrRjuazr8FGF1NFTwW -mhlQBJqymm9li1JfPFgEKCXAZmExfrngdbkaqIHWchezxQMxNRF4eKLg6TCMf4Df -WN88uieW4oA0beOY02QnrEh+KHdcxiVhJfiFDGX6xDIvpZgF5PgLZxYWxoK4Mhn5 -+bl53B/N66+rDt0b20XkeucC4pVd/GnwU2lhlXV5C15V5jgclKlZM57IcXR5f1GJ -tshquDDIajjDbp7hNxbqBWJMWxJH7ae0s1hWx0nzfxJoCTFx8G34Tkf71oXuxVhA -GaQdp/lLQzfcaFpPz+vCZHTetBXZ9FRUGi8c15dxVJCO2SCdUyt/q4/i6jC8UDfv -8Ue1fXwsBOxonbRJRBD0ckscZOf85muQ3Wl9af0AVqW3rLatt8o+Ae+c ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF8TCCA9mgAwIBAgIQALC3WhZIX7/hy/WL1xnmfTANBgkqhkiG9w0BAQsFADA4 -MQswCQYDVQQGEwJFUzEUMBIGA1UECgwLSVpFTlBFIFMuQS4xEzARBgNVBAMMCkl6 -ZW5wZS5jb20wHhcNMDcxMjEzMTMwODI4WhcNMzcxMjEzMDgyNzI1WjA4MQswCQYD -VQQGEwJFUzEUMBIGA1UECgwLSVpFTlBFIFMuQS4xEzARBgNVBAMMCkl6ZW5wZS5j -b20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDJ03rKDx6sp4boFmVq -scIbRTJxldn+EFvMr+eleQGPicPK8lVx93e+d5TzcqQsRNiekpsUOqHnJJAKClaO -xdgmlOHZSOEtPtoKct2jmRXagaKH9HtuJneJWK3W6wyyQXpzbm3benhB6QiIEn6H -LmYRY2xU+zydcsC8Lv/Ct90NduM61/e0aL6i9eOBbsFGb12N4E3GVFWJGjMxCrFX -uaOKmMPsOzTFlUFpfnXCPCDFYbpRR6AgkJOhkEvzTnyFRVSa0QUmQbC1TR0zvsQD -yCV8wXDbO/QJLVQnSKwv4cSsPsjLkkxTOTcj7NMB+eAJRE1NZMDhDVqHIrytG6P+ -JrUV86f8hBnp7KGItERphIPzidF0BqnMC9bC3ieFUCbKF7jJeodWLBoBHmy+E60Q -rLUk9TiRodZL2vG70t5HtfG8gfZZa88ZU+mNFctKy6lvROUbQc/hhqfK0GqfvEyN -BjNaooXlkDWgYlwWTvDjovoDGrQscbNYLN57C9saD+veIR8GdwYDsMnvmfzAuU8L -hij+0rnq49qlw0dpEuDb8PYZi+17cNcC1u2HGCgsBCRMd+RIihrGO5rUD8r6ddIB -QFqNeb+Lz0vPqhbBleStTIo+F5HUsWLlguWABKQDfo2/2n+iD5dPDNMN+9fR5XJ+ -HMh3/1uaD7euBUbl8agW7EekFwIDAQABo4H2MIHzMIGwBgNVHREEgagwgaWBD2lu -Zm9AaXplbnBlLmNvbaSBkTCBjjFHMEUGA1UECgw+SVpFTlBFIFMuQS4gLSBDSUYg -QTAxMzM3MjYwLVJNZXJjLlZpdG9yaWEtR2FzdGVpeiBUMTA1NSBGNjIgUzgxQzBB -BgNVBAkMOkF2ZGEgZGVsIE1lZGl0ZXJyYW5lbyBFdG9yYmlkZWEgMTQgLSAwMTAx -MCBWaXRvcmlhLUdhc3RlaXowDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC -AQYwHQYDVR0OBBYEFB0cZQ6o8iV7tJHP5LGx5r1VdGwFMA0GCSqGSIb3DQEBCwUA -A4ICAQB4pgwWSp9MiDrAyw6lFn2fuUhfGI8NYjb2zRlrrKvV9pF9rnHzP7MOeIWb -laQnIUdCSnxIOvVFfLMMjlF4rJUT3sb9fbgakEyrkgPH7UIBzg/YsfqikuFgba56 -awmqxinuaElnMIAkejEWOVt+8Rwu3WwJrfIxwYJOubv5vr8qhT/AQKM6WfxZSzwo -JNu0FXWuDYi6LnPAvViH5ULy617uHjAimcs30cQhbIHsvm0m5hzkQiCeR7Csg1lw -LDXWrzY0tM07+DKo7+N4ifuNRSzanLh+QBxh5z6ikixL8s36mLYp//Pye6kfLqCT -VyvehQP5aTfLnnhqBbTFMXiJ7HqnheG5ezzevh55hM6fcA5ZwjUukCox2eRFekGk -LhObNA5me0mrZJfQRsN5nXJQY6aYWwa9SG3YOYNw6DXwBdGqvOPbyALqfP2C2sJb -UjWumDqtujWTI6cfSN01RpiyEGjkpTHCClguGYEQyVB1/OpaFs4R1+7vUIgtYf8/ -QnMFlEPVjjxOAToZpR9GTnfQXeWBIiGH/pR9hNiTrdZoQ0iy2+tzJOeRf1SktoA+ -naM8THLCV8Sg1Mw4J87VBp6iSNnpn86CcDaTmjvfliHjWbcM2pE38P1ZWrOZyGls -QyYBNWNgVYkDOnXYukrZVP/u3oDYLdE41V4tC5h9Pmzb/CaIxw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFwzCCA6ugAwIBAgIUCn6m30tEntpqJIWe5rgV0xZ/u7EwDQYJKoZIhvcNAQEL -BQAwRjELMAkGA1UEBhMCTFUxFjAUBgNVBAoMDUx1eFRydXN0IFMuQS4xHzAdBgNV -BAMMFkx1eFRydXN0IEdsb2JhbCBSb290IDIwHhcNMTUwMzA1MTMyMTU3WhcNMzUw -MzA1MTMyMTU3WjBGMQswCQYDVQQGEwJMVTEWMBQGA1UECgwNTHV4VHJ1c3QgUy5B -LjEfMB0GA1UEAwwWTHV4VHJ1c3QgR2xvYmFsIFJvb3QgMjCCAiIwDQYJKoZIhvcN -AQEBBQADggIPADCCAgoCggIBANeFl78RmOnwYoNMPIf5U2o3C/IPPIfOb9wmKb3F -ibrJgz337spbxm1Jc7TJRqMbNBM/wYlFV/TZsfs2ZUv7COJIcRHIbjuend+JZTem -hfY7RBi2xjcwYkSSl2l9QjAk5A0MiWtj3sXh306pFGxT4GHO9hcvHTy95iJMHZP1 -EMShduxq3sVs35a0VkBCwGKSMKEtFZSg0iAGCW5qbeXrt77U8PEVfIvmTroTzEsn -Xpk8F12PgX8zPU/TPxvsXD/wPEx1bvKm1Z3aLQdjAsZy6ZS8TEmVT4hSyNvoaYL4 -zDRbIvCGp4m9SAptZoFtyMhk+wHh9OHe2Z7d21vUKpkmFRseTJIpgp7VkoGSQXAZ -96Tlk0u8d2cx3Rz9MXANF5kM+Qw5GSoXtTBxVdUPrljhPS80m8+f9niFwpN6cj5m -j5wWEWCPnolvZ77gR1o7DJpni89Gxq44o/KnvObWhWszJHAiS8sIm7vI+AIpHb4g -DEa/a4ebsypmQjVGbKq6rfmYe+lQVRQxv7HaLe2ArWgk+2mr2HETMOZns4dA/Yl+ -8kPREd8vZS9kzl8UubG/Mb2HeFpZZYiq/FkySIbWTLkpS5XTdvN3JW1CHDiDTf2j -X5t/Lax5Gw5CMZdjpPuKadUiDTSQMC6otOBttpSsvItO13D8xTiOZCXhTTmQzsmH -hFhxAgMBAAGjgagwgaUwDwYDVR0TAQH/BAUwAwEB/zBCBgNVHSAEOzA5MDcGByuB -KwEBAQowLDAqBggrBgEFBQcCARYeaHR0cHM6Ly9yZXBvc2l0b3J5Lmx1eHRydXN0 -Lmx1MA4GA1UdDwEB/wQEAwIBBjAfBgNVHSMEGDAWgBT/GCh2+UgFLKGu8SsbK7JT -+Et8szAdBgNVHQ4EFgQU/xgodvlIBSyhrvErGyuyU/hLfLMwDQYJKoZIhvcNAQEL -BQADggIBAGoZFO1uecEsh9QNcH7X9njJCwROxLHOk3D+sFTAMs2ZMGQXvw/l4jP9 -BzZAcg4atmpZ1gDlaCDdLnINH2pkMSCEfUmmWjfrRcmF9dTHF5kH5ptV5AzoqbTO -jFu1EVzPig4N1qx3gf4ynCSecs5U89BvolbW7MM3LGVYvlcAGvI1+ut7MV3CwRI9 -loGIlonBWVx65n9wNOeD4rHh4bhY79SV5GCc8JaXcozrhAIuZY+kt9J/Z93I055c -qqmkoCUUBpvsT34tC38ddfEz2O3OuHVtPlu5mB0xDVbYQw8wkbIEa91WvpWAVWe+ -2M2D2RjuLg+GLZKecBPs3lHJQ3gCpU3I+V/EkVhGFndadKpAvAefMLmx9xIX3eP/ -JEAdemrRTxgKqpAd60Ae36EeRJIQmvKN4dFLRp7oRUKX6kWZ8+xm1QL68qZKJKre -zrnK+T+Tb/mjuuqlPpmt/f97mfVl7vBZKGfXkJWkE4SphMHozs51k2MavDzq1WQf -LSoSOcbDWjLtR5EWDrw4wVDej8oqkDQc7kGUnF4ZLvhFSZl0kbAEb+MEWrGrKqv+ -x9CWttrhSmQGbmBNvUJO/3jaJMobtNeWOWyu8Q6qp31IiyBMz2TWuJdGsE7RKlY6 -oJO9r4Ak4Ap+58rVyuiFVdw2KuGUaJPHZnJED4AhMmwlxyOAgwrr ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIECjCCAvKgAwIBAgIJAMJ+QwRORz8ZMA0GCSqGSIb3DQEBCwUAMIGCMQswCQYD -VQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0 -ZC4xJzAlBgNVBAMMHk1pY3Jvc2VjIGUtU3ppZ25vIFJvb3QgQ0EgMjAwOTEfMB0G -CSqGSIb3DQEJARYQaW5mb0BlLXN6aWduby5odTAeFw0wOTA2MTYxMTMwMThaFw0y -OTEyMzAxMTMwMThaMIGCMQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3Qx -FjAUBgNVBAoMDU1pY3Jvc2VjIEx0ZC4xJzAlBgNVBAMMHk1pY3Jvc2VjIGUtU3pp -Z25vIFJvb3QgQ0EgMjAwOTEfMB0GCSqGSIb3DQEJARYQaW5mb0BlLXN6aWduby5o -dTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOn4j/NjrdqG2KfgQvvP -kd6mJviZpWNwrZuuyjNAfW2WbqEORO7hE52UQlKavXWFdCyoDh2Tthi3jCyoz/tc -cbna7P7ofo/kLx2yqHWH2Leh5TvPmUpG0IMZfcChEhyVbUr02MelTTMuhTlAdX4U -fIASmFDHQWe4oIBhVKZsTh/gnQ4H6cm6M+f+wFUoLAKApxn1ntxVUwOXewdI/5n7 -N4okxFnMUBBjjqqpGrCEGob5X7uxUG6k0QrM1XF+H6cbfPVTbiJfyyvm1HxdrtbC -xkzlBQHZ7Vf8wSN5/PrIJIOV87VqUQHQd9bpEqH5GoP7ghu5sJf0dgYzQ0mg/wu1 -+rUCAwEAAaOBgDB+MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0G -A1UdDgQWBBTLD8bfQkPMPcu1SCOhGnqmKrs0aDAfBgNVHSMEGDAWgBTLD8bfQkPM -Pcu1SCOhGnqmKrs0aDAbBgNVHREEFDASgRBpbmZvQGUtc3ppZ25vLmh1MA0GCSqG -SIb3DQEBCwUAA4IBAQDJ0Q5eLtXMs3w+y/w9/w0olZMEyL/azXm4Q5DwpL7v8u8h -mLzU1F0G9u5C7DBsoKqpyvGvivo/C3NqPuouQH4frlRheesuCDfXI/OMn74dseGk -ddug4lQUsbocKaQY9hK6ohQU4zE1yED/t+AFdlfBHFny+L/k7SViXITwfn4fs775 -tyERzAMBVnCnEJIeGzSBHq2cGsMEPO0CYdYeBvNfOofyK/FFh+U9rNHHV4S9a67c -2Pm2G2JwCz02yULyMtd6YebS2z3PyKnJm9zbWETXbzivf3jTo60adbocwTZ8jx5t -HMN1Rq41Bab2XD0h7lbwyYIiLXpUq3DDfSJlgnCW ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEFTCCAv2gAwIBAgIGSUEs5AAQMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQG -EwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3 -MDUGA1UECwwuVGFuw7pzw610dsOhbnlraWFkw7NrIChDZXJ0aWZpY2F0aW9uIFNl -cnZpY2VzKTE1MDMGA1UEAwwsTmV0TG9jayBBcmFueSAoQ2xhc3MgR29sZCkgRsWR -dGFuw7pzw610dsOhbnkwHhcNMDgxMjExMTUwODIxWhcNMjgxMjA2MTUwODIxWjCB -pzELMAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRUwEwYDVQQKDAxOZXRM -b2NrIEtmdC4xNzA1BgNVBAsMLlRhbsO6c8OtdHbDoW55a2lhZMOzayAoQ2VydGlm -aWNhdGlvbiBTZXJ2aWNlcykxNTAzBgNVBAMMLE5ldExvY2sgQXJhbnkgKENsYXNz -IEdvbGQpIEbFkXRhbsO6c8OtdHbDoW55MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A -MIIBCgKCAQEAxCRec75LbRTDofTjl5Bu0jBFHjzuZ9lk4BqKf8owyoPjIMHj9DrT -lF8afFttvzBPhCf2nx9JvMaZCpDyD/V/Q4Q3Y1GLeqVw/HpYzY6b7cNGbIRwXdrz -AZAj/E4wqX7hJ2Pn7WQ8oLjJM2P+FpD/sLj916jAwJRDC7bVWaaeVtAkH3B5r9s5 -VA1lddkVQZQBr17s9o3x/61k/iCa11zr/qYfCGSji3ZVrR47KGAuhyXoqq8fxmRG -ILdwfzzeSNuWU7c5d+Qa4scWhHaXWy+7GRWF+GmF9ZmnqfI0p6m2pgP8b4Y9VHx2 -BJtr+UBdADTHLpl1neWIA6pN+APSQnbAGwIDAKiLo0UwQzASBgNVHRMBAf8ECDAG -AQH/AgEEMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUzPpnk/C2uNClwB7zU/2M -U9+D15YwDQYJKoZIhvcNAQELBQADggEBAKt/7hwWqZw8UQCgwBEIBaeZ5m8BiFRh -bvG5GK1Krf6BQCOUL/t1fC8oS2IkgYIL9WHxHG64YTjrgfpioTtaYtOUZcTh5m2C -+C8lcLIhJsFyUR+MLMOEkMNaj7rP9KdlpeuY0fsFskZ1FSNqb4VjMIDw1Z4fKRzC -bLBQWV2QWzuoDTDPv31/zvGdg73JRm4gpvlhUbohL3u+pRVjodSVh/GeufOJ8z2F -uLjbvrW5KfnaNwUASZQDhETnv0Mxz3WLJdH0pmT1kvarBes96aULNmLazAZfNou2 -XjG4Kvte9nHfRCaexOYNkbQudZWAUWpLMKawYqGT8ZvYzsRjdT9ZR7E= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID5jCCAs6gAwIBAgIQV8szb8JcFuZHFhfjkDFo4DANBgkqhkiG9w0BAQUFADBi -MQswCQYDVQQGEwJVUzEhMB8GA1UEChMYTmV0d29yayBTb2x1dGlvbnMgTC5MLkMu -MTAwLgYDVQQDEydOZXR3b3JrIFNvbHV0aW9ucyBDZXJ0aWZpY2F0ZSBBdXRob3Jp -dHkwHhcNMDYxMjAxMDAwMDAwWhcNMjkxMjMxMjM1OTU5WjBiMQswCQYDVQQGEwJV -UzEhMB8GA1UEChMYTmV0d29yayBTb2x1dGlvbnMgTC5MLkMuMTAwLgYDVQQDEydO -ZXR3b3JrIFNvbHV0aW9ucyBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkvH6SMG3G2I4rC7xGzuAnlt7e+foS0zwz -c7MEL7xxjOWftiJgPl9dzgn/ggwbmlFQGiaJ3dVhXRncEg8tCqJDXRfQNJIg6nPP -OCwGJgl6cvf6UDL4wpPTaaIjzkGxzOTVHzbRijr4jGPiFFlp7Q3Tf2vouAPlT2rl -mGNpSAW+Lv8ztumXWWn4Zxmuk2GWRBXTcrA/vGp97Eh/jcOrqnErU2lBUzS1sLnF -BgrEsEX1QV1uiUV7PTsmjHTC5dLRfbIR1PtYMiKagMnc/Qzpf14Dl847ABSHJ3A4 -qY5usyd2mFHgBeMhqxrVhSI8KbWaFsWAqPS7azCPL0YCorEMIuDTAgMBAAGjgZcw -gZQwHQYDVR0OBBYEFCEwyfsA106Y2oeqKtCnLrFAMadMMA4GA1UdDwEB/wQEAwIB -BjAPBgNVHRMBAf8EBTADAQH/MFIGA1UdHwRLMEkwR6BFoEOGQWh0dHA6Ly9jcmwu -bmV0c29sc3NsLmNvbS9OZXR3b3JrU29sdXRpb25zQ2VydGlmaWNhdGVBdXRob3Jp -dHkuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQC7rkvnt1frf6ott3NHhWrB5KUd5Oc8 -6fRZZXe1eltajSU24HqXLjjAV2CDmAaDn7l2em5Q4LqILPxFzBiwmZVRDuwduIj/ -h1AcgsLj4DKAv6ALR8jDMe+ZZzKATxcheQxpXN5eNK4CtSbqUN9/GGUsyfJj4akH -/nxxH2szJGoeBfcFaMBqEssuXmHLrijTfsK0ZpEmXzwuJF/LWA/rKOyvEZbz3Htv -wKeI8lN3s2Berq4o2jUsbzRF0ybh3uxbTydrFny9RAQYgrOJeRcQcT16ohZO9QHN -pGxlaKFJdlxDydi8NmdspZS11My5vWo1ViHe2MPr+8ukYEywVaCge1ey ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID8TCCAtmgAwIBAgIQQT1yx/RrH4FDffHSKFTfmjANBgkqhkiG9w0BAQUFADCB -ijELMAkGA1UEBhMCQ0gxEDAOBgNVBAoTB1dJU2VLZXkxGzAZBgNVBAsTEkNvcHly -aWdodCAoYykgMjAwNTEiMCAGA1UECxMZT0lTVEUgRm91bmRhdGlvbiBFbmRvcnNl -ZDEoMCYGA1UEAxMfT0lTVEUgV0lTZUtleSBHbG9iYWwgUm9vdCBHQSBDQTAeFw0w -NTEyMTExNjAzNDRaFw0zNzEyMTExNjA5NTFaMIGKMQswCQYDVQQGEwJDSDEQMA4G -A1UEChMHV0lTZUtleTEbMBkGA1UECxMSQ29weXJpZ2h0IChjKSAyMDA1MSIwIAYD -VQQLExlPSVNURSBGb3VuZGF0aW9uIEVuZG9yc2VkMSgwJgYDVQQDEx9PSVNURSBX -SVNlS2V5IEdsb2JhbCBSb290IEdBIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A -MIIBCgKCAQEAy0+zAJs9Nt350UlqaxBJH+zYK7LG+DKBKUOVTJoZIyEVRd7jyBxR -VVuuk+g3/ytr6dTqvirdqFEr12bDYVxgAsj1znJ7O7jyTmUIms2kahnBAbtzptf2 -w93NvKSLtZlhuAGio9RN1AU9ka34tAhxZK9w8RxrfvbDd50kc3vkDIzh2TbhmYsF -mQvtRTEJysIA2/dyoJaqlYfQjse2YXMNdmaM3Bu0Y6Kff5MTMPGhJ9vZ/yxViJGg -4E8HsChWjBgbl0SOid3gF27nKu+POQoxhILYQBRJLnpB5Kf+42TMwVlxSywhp1t9 -4B3RLoGbw9ho972WG6xwsRYUC9tguSYBBQIDAQABo1EwTzALBgNVHQ8EBAMCAYYw -DwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUswN+rja8sHnR3JQmthG+IbJphpQw -EAYJKwYBBAGCNxUBBAMCAQAwDQYJKoZIhvcNAQEFBQADggEBAEuh/wuHbrP5wUOx -SPMowB0uyQlB+pQAHKSkq0lPjz0e701vvbyk9vImMMkQyh2I+3QZH4VFvbBsUfk2 -ftv1TDI6QU9bR8/oCy22xBmddMVHxjtqD6wU2zz0c5ypBd8A3HR4+vg1YFkCExh8 -vPtNsCBtQ7tgMHpnM1zFmdH4LTlSc/uMqpclXHLZCB6rTjzjgTGfA6b7wP4piFXa -hNVQA7bihKOmNqoROgHhGEvWRGizPflTdISzRpFGlgC3gCy24eMQ4tui5yiPAZZi -Fj4A4xylNoEYokxSdsARo27mHbrjWr42U8U+dY+GaSlYU7Wcu2+fXMUY7N0v4ZjJ -/L7fCg0= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDtTCCAp2gAwIBAgIQdrEgUnTwhYdGs/gjGvbCwDANBgkqhkiG9w0BAQsFADBt -MQswCQYDVQQGEwJDSDEQMA4GA1UEChMHV0lTZUtleTEiMCAGA1UECxMZT0lTVEUg -Rm91bmRhdGlvbiBFbmRvcnNlZDEoMCYGA1UEAxMfT0lTVEUgV0lTZUtleSBHbG9i -YWwgUm9vdCBHQiBDQTAeFw0xNDEyMDExNTAwMzJaFw0zOTEyMDExNTEwMzFaMG0x -CzAJBgNVBAYTAkNIMRAwDgYDVQQKEwdXSVNlS2V5MSIwIAYDVQQLExlPSVNURSBG -b3VuZGF0aW9uIEVuZG9yc2VkMSgwJgYDVQQDEx9PSVNURSBXSVNlS2V5IEdsb2Jh -bCBSb290IEdCIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Be3 -HEokKtaXscriHvt9OO+Y9bI5mE4nuBFde9IllIiCFSZqGzG7qFshISvYD06fWvGx -WuR51jIjK+FTzJlFXHtPrby/h0oLS5daqPZI7H17Dc0hBt+eFf1Biki3IPShehtX -1F1Q/7pn2COZH8g/497/b1t3sWtuuMlk9+HKQUYOKXHQuSP8yYFfTvdv37+ErXNk -u7dCjmn21HYdfp2nuFeKUWdy19SouJVUQHMD9ur06/4oQnc/nSMbsrY9gBQHTC5P -99UKFg29ZkM3fiNDecNAhvVMKdqOmq0NpQSHiB6F4+lT1ZvIiwNjeOvgGUpuuy9r -M2RYk61pv48b74JIxwIDAQABo1EwTzALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUw -AwEB/zAdBgNVHQ4EFgQUNQ/INmNe4qPs+TtmFc5RUuORmj0wEAYJKwYBBAGCNxUB -BAMCAQAwDQYJKoZIhvcNAQELBQADggEBAEBM+4eymYGQfp3FsLAmzYh7KzKNbrgh -cViXfa43FK8+5/ea4n32cZiZBKpDdHij40lhPnOMTZTg+XHEthYOU3gf1qKHLwI5 -gSk8rxWYITD+KJAAjNHhy/peyP34EEY7onhCkRd0VQreUGdNZtGn//3ZwLWoo4rO -ZvUPQ82nK1d7Y0Zqqi5S2PTt4W2tKZB4SLrhI6qjiey1q5bAtEuiHZeeevJuQHHf -aPFlTc58Bd9TZaml8LGXBHAVRgOY1NK/VLSgWH1Sb9pWJmLU2NuJMW8c8CLC02Ic -Nc1MaRVUGpCY3useX8p3x8uOPUNpnJpY0CQ73xtAln41rYHHTnG6iBM= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFbzCCA1egAwIBAgISESCzkFU5fX82bWTCp59rY45nMA0GCSqGSIb3DQEBCwUA -MEAxCzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9w -ZW5UcnVzdCBSb290IENBIEcxMB4XDTE0MDUyNjA4NDU1MFoXDTM4MDExNTAwMDAw -MFowQDELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCU9wZW5UcnVzdDEdMBsGA1UEAwwU -T3BlblRydXN0IFJvb3QgQ0EgRzEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK -AoICAQD4eUbalsUwXopxAy1wpLuwxQjczeY1wICkES3d5oeuXT2R0odsN7faYp6b -wiTXj/HbpqbfRm9RpnHLPhsxZ2L3EVs0J9V5ToybWL0iEA1cJwzdMOWo010hOHQX -/uMftk87ay3bfWAfjH1MBcLrARYVmBSO0ZB3Ij/swjm4eTrwSSTilZHcYTSSjFR0 -77F9jAHiOH3BX2pfJLKOYheteSCtqx234LSWSE9mQxAGFiQD4eCcjsZGT44ameGP -uY4zbGneWK2gDqdkVBFpRGZPTBKnjix9xNRbxQA0MMHZmf4yzgeEtE7NCv82TWLx -p2NX5Ntqp66/K7nJ5rInieV+mhxNaMbBGN4zK1FGSxyO9z0M+Yo0FMT7MzUj8czx -Kselu7Cizv5Ta01BG2Yospb6p64KTrk5M0ScdMGTHPjgniQlQ/GbI4Kq3ywgsNw2 -TgOzfALU5nsaqocTvz6hdLubDuHAk5/XpGbKuxs74zD0M1mKB3IDVedzagMxbm+W -G+Oin6+Sx+31QrclTDsTBM8clq8cIqPQqwWyTBIjUtz9GVsnnB47ev1CI9sjgBPw -vFEVVJSmdz7QdFG9URQIOTfLHzSpMJ1ShC5VkLG631UAC9hWLbFJSXKAqWLXwPYY -EQRVzXR7z2FwefR7LFxckvzluFqrTJOVoSfupb7PcSNCupt2LQIDAQABo2MwYTAO -BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUl0YhVyE1 -2jZVx/PxN3DlCPaTKbYwHwYDVR0jBBgwFoAUl0YhVyE12jZVx/PxN3DlCPaTKbYw -DQYJKoZIhvcNAQELBQADggIBAB3dAmB84DWn5ph76kTOZ0BP8pNuZtQ5iSas000E -PLuHIT839HEl2ku6q5aCgZG27dmxpGWX4m9kWaSW7mDKHyP7Rbr/jyTwyqkxf3kf -gLMtMrpkZ2CvuVnN35pJ06iCsfmYlIrM4LvgBBuZYLFGZdwIorJGnkSI6pN+VxbS -FXJfLkur1J1juONI5f6ELlgKn0Md/rcYkoZDSw6cMoYsYPXpSOqV7XAp8dUv/TW0 -V8/bhUiZucJvbI/NeJWsZCj9VrDDb8O+WVLhX4SPgPL0DTatdrOjteFkdjpY3H1P -XlZs5VVZV6Xf8YpmMIzUUmI4d7S+KNfKNsSbBfD4Fdvb8e80nR14SohWZ25g/4/I -i+GOvUKpMwpZQhISKvqxnUOOBZuZ2mKtVzazHbYNeS2WuOvyDEsMpZTGMKcmGS3t -TAZQMPH9WD25SxdfGbRqhFS0OE85og2WaMMolP3tLR9Ka0OWLpABEPs4poEL0L91 -09S5zvE/bw4cHjdx5RiHdRk/ULlepEU0rbDK5uUTdg8xFKmOLZTW1YVNcxVPS/Ky -Pu1svf0OnWZzsD2097+o4BGkxK51CUpjAEggpsadCwmKtODmzj7HPiY46SvepghJ -AwSQiumPv+i2tCqjI40cHLI5kqiPAlxAOXXUc0ECd97N4EOH1uS6SsNsEn/+KuYj -1oxx ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFbzCCA1egAwIBAgISESChaRu/vbm9UpaPI+hIvyYRMA0GCSqGSIb3DQEBDQUA -MEAxCzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9w -ZW5UcnVzdCBSb290IENBIEcyMB4XDTE0MDUyNjAwMDAwMFoXDTM4MDExNTAwMDAw -MFowQDELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCU9wZW5UcnVzdDEdMBsGA1UEAwwU -T3BlblRydXN0IFJvb3QgQ0EgRzIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK -AoICAQDMtlelM5QQgTJT32F+D3Y5z1zCU3UdSXqWON2ic2rxb95eolq5cSG+Ntmh -/LzubKh8NBpxGuga2F8ORAbtp+Dz0mEL4DKiltE48MLaARf85KxP6O6JHnSrT78e -CbY2albz4e6WiWYkBuTNQjpK3eCasMSCRbP+yatcfD7J6xcvDH1urqWPyKwlCm/6 -1UWY0jUJ9gNDlP7ZvyCVeYCYitmJNbtRG6Q3ffyZO6v/v6wNj0OxmXsWEH4db0fE -FY8ElggGQgT4hNYdvJGmQr5J1WqIP7wtUdGejeBSzFfdNTVY27SPJIjki9/ca1TS -gSuyzpJLHB9G+h3Ykst2Z7UJmQnlrBcUVXDGPKBWCgOz3GIZ38i1MH/1PCZ1Eb3X -G7OHngevZXHloM8apwkQHZOJZlvoPGIytbU6bumFAYueQ4xncyhZW+vj3CzMpSZy -YhK05pyDRPZRpOLAeiRXyg6lPzq1O4vldu5w5pLeFlwoW5cZJ5L+epJUzpM5ChaH -vGOz9bGTXOBut9Dq+WIyiET7vycotjCVXRIouZW+j1MY5aIYFuJWpLIsEPUdN6b4 -t/bQWVyJ98LVtZR00dX+G7bw5tYee9I8y6jj9RjzIR9u701oBnstXW5DiabA+aC/ -gh7PU3+06yzbXfZqfUAkBXKJOAGTy3HCOV0GEfZvePg3DTmEJwIDAQABo2MwYTAO -BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUajn6QiL3 -5okATV59M4PLuG53hq8wHwYDVR0jBBgwFoAUajn6QiL35okATV59M4PLuG53hq8w -DQYJKoZIhvcNAQENBQADggIBAJjLq0A85TMCl38th6aP1F5Kr7ge57tx+4BkJamz -Gj5oXScmp7oq4fBXgwpkTx4idBvpkF/wrM//T2h6OKQQbA2xx6R3gBi2oihEdqc0 -nXGEL8pZ0keImUEiyTCYYW49qKgFbdEfwFFEVn8nNQLdXpgKQuswv42hm1GqO+qT -RmTFAHneIWv2V6CG1wZy7HBGS4tz3aAhdT7cHcCP009zHIXZ/n9iyJVvttN7jLpT -wm+bREx50B1ws9efAvSyB7DH5fitIw6mVskpEndI2S9G/Tvw/HRwkqWOOAgfZDC2 -t0v7NqwQjqBSM2OdAzVWxWm9xiNaJ5T2pBL4LTM8oValX9YZ6e18CL13zSdkzJTa -TkZQh+D5wVOAHrut+0dSixv9ovneDiK3PTNZbNTe9ZUGMg1RGUFcPk8G97krgCf2 -o6p6fAbhQ8MTOWIaNr3gKC6UAuQpLmBVrkA9sHSSXvAgZJY/X0VdiLWK2gKgW0VU -3jg9CcCoSmVGFvyqv1ROTVu+OEO3KMqLM6oaJbolXCkvW0pujOotnCr2BXbgd5eA -iN1nE28daCSLT7d0geX0YJ96Vdc+N9oWaz53rK4YcJUIeSkDiv7BO7M/Gg+kO14f -WKGVyasvc0rQLW6aWQ9VGHgtPFGml4vmu7JwqkwR3v98KzfUetF3NI/n+UL3PIEM -S1IK ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICITCCAaagAwIBAgISESDm+Ez8JLC+BUCs2oMbNGA/MAoGCCqGSM49BAMDMEAx -CzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9wZW5U -cnVzdCBSb290IENBIEczMB4XDTE0MDUyNjAwMDAwMFoXDTM4MDExNTAwMDAwMFow -QDELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCU9wZW5UcnVzdDEdMBsGA1UEAwwUT3Bl -blRydXN0IFJvb3QgQ0EgRzMwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAARK7liuTcpm -3gY6oxH84Bjwbhy6LTAMidnW7ptzg6kjFYwvWYpa3RTqnVkrQ7cG7DK2uu5Bta1d -oYXM6h0UZqNnfkbilPPntlahFVmhTzeXuSIevRHr9LIfXsMUmuXZl5mjYzBhMA4G -A1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRHd8MUi2I5 -DMlv4VBN0BBY3JWIbTAfBgNVHSMEGDAWgBRHd8MUi2I5DMlv4VBN0BBY3JWIbTAK -BggqhkjOPQQDAwNpADBmAjEAj6jcnboMBBf6Fek9LykBl7+BFjNAk2z8+e2AcG+q -j9uEwov1NcoG3GRvaBbhj5G5AjEA2Euly8LQCGzpGPta3U1fJAuwACEl74+nBCZx -4nxp5V2a+EEfOzmTk51V6s2N8fvB ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF0DCCBLigAwIBAgIEOrZQizANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJC -TTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDElMCMGA1UECxMcUm9vdCBDZXJ0 -aWZpY2F0aW9uIEF1dGhvcml0eTEuMCwGA1UEAxMlUXVvVmFkaXMgUm9vdCBDZXJ0 -aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wMTAzMTkxODMzMzNaFw0yMTAzMTcxODMz -MzNaMH8xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMSUw -IwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MS4wLAYDVQQDEyVR -dW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG -9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2G1lVO6V/z68mcLOhrfEYBklbTRvM16z/Yp -li4kVEAkOPcahdxYTMukJ0KX0J+DisPkBgNbAKVRHnAEdOLB1Dqr1607BxgFjv2D -rOpm2RgbaIr1VxqYuvXtdj182d6UajtLF8HVj71lODqV0D1VNk7feVcxKh7YWWVJ -WCCYfqtffp/p1k3sg3Spx2zY7ilKhSoGFPlU5tPaZQeLYzcS19Dsw3sgQUSj7cug -F+FxZc4dZjH3dgEZyH0DWLaVSR2mEiboxgx24ONmy+pdpibu5cxfvWenAScOospU -xbF6lR1xHkopigPcakXBpBlebzbNw6Kwt/5cOOJSvPhEQ+aQuwIDAQABo4ICUjCC -Ak4wPQYIKwYBBQUHAQEEMTAvMC0GCCsGAQUFBzABhiFodHRwczovL29jc3AucXVv -dmFkaXNvZmZzaG9yZS5jb20wDwYDVR0TAQH/BAUwAwEB/zCCARoGA1UdIASCAREw -ggENMIIBCQYJKwYBBAG+WAABMIH7MIHUBggrBgEFBQcCAjCBxxqBxFJlbGlhbmNl -IG9uIHRoZSBRdW9WYWRpcyBSb290IENlcnRpZmljYXRlIGJ5IGFueSBwYXJ0eSBh -c3N1bWVzIGFjY2VwdGFuY2Ugb2YgdGhlIHRoZW4gYXBwbGljYWJsZSBzdGFuZGFy -ZCB0ZXJtcyBhbmQgY29uZGl0aW9ucyBvZiB1c2UsIGNlcnRpZmljYXRpb24gcHJh -Y3RpY2VzLCBhbmQgdGhlIFF1b1ZhZGlzIENlcnRpZmljYXRlIFBvbGljeS4wIgYI -KwYBBQUHAgEWFmh0dHA6Ly93d3cucXVvdmFkaXMuYm0wHQYDVR0OBBYEFItLbe3T -KbkGGew5Oanwl4Rqy+/fMIGuBgNVHSMEgaYwgaOAFItLbe3TKbkGGew5Oanwl4Rq -y+/foYGEpIGBMH8xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1p -dGVkMSUwIwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MS4wLAYD -VQQDEyVRdW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggQ6tlCL -MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAitQUtf70mpKnGdSk -fnIYj9lofFIk3WdvOXrEql494liwTXCYhGHoG+NpGA7O+0dQoE7/8CQfvbLO9Sf8 -7C9TqnN7Az10buYWnuulLsS/VidQK2K6vkscPFVcQR0kvoIgR13VRH56FmjffU1R -cHhXHTMe/QKZnAzNCgVPx7uOpHX6Sm2xgI4JVrmcGmD+XcHXetwReNDWXcG31a0y -mQM6isxUJTkxgXsTIlG6Rmyhu576BGxJJnSP0nPrzDCi5upZIof4l/UO/erMkqQW -xFIY6iHOsfHmhIHluqmGKPJDWl0Snawe2ajlCmqnf6CHKc/yiU3U7MXi5nrQNiOK -SnQ2+Q== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFYDCCA0igAwIBAgIUeFhfLq0sGUvjNwc1NBMotZbUZZMwDQYJKoZIhvcNAQEL -BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc -BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMSBHMzAeFw0xMjAxMTIxNzI3NDRaFw00 -MjAxMTIxNzI3NDRaMEgxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM -aW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDEgRzMwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQCgvlAQjunybEC0BJyFuTHK3C3kEakEPBtV -wedYMB0ktMPvhd6MLOHBPd+C5k+tR4ds7FtJwUrVu4/sh6x/gpqG7D0DmVIB0jWe -rNrwU8lmPNSsAgHaJNM7qAJGr6Qc4/hzWHa39g6QDbXwz8z6+cZM5cOGMAqNF341 -68Xfuw6cwI2H44g4hWf6Pser4BOcBRiYz5P1sZK0/CPTz9XEJ0ngnjybCKOLXSoh -4Pw5qlPafX7PGglTvF0FBM+hSo+LdoINofjSxxR3W5A2B4GbPgb6Ul5jxaYA/qXp -UhtStZI5cgMJYr2wYBZupt0lwgNm3fME0UDiTouG9G/lg6AnhF4EwfWQvTA9xO+o -abw4m6SkltFi2mnAAZauy8RRNOoMqv8hjlmPSlzkYZqn0ukqeI1RPToV7qJZjqlc -3sX5kCLliEVx3ZGZbHqfPT2YfF72vhZooF6uCyP8Wg+qInYtyaEQHeTTRCOQiJ/G -KubX9ZqzWB4vMIkIG1SitZgj7Ah3HJVdYdHLiZxfokqRmu8hqkkWCKi9YSgxyXSt -hfbZxbGL0eUQMk1fiyA6PEkfM4VZDdvLCXVDaXP7a3F98N/ETH3Goy7IlXnLc6KO -Tk0k+17kBL5yG6YnLUlamXrXXAkgt3+UuU/xDRxeiEIbEbfnkduebPRq34wGmAOt -zCjvpUfzUwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB -BjAdBgNVHQ4EFgQUo5fW816iEOGrRZ88F2Q87gFwnMwwDQYJKoZIhvcNAQELBQAD -ggIBABj6W3X8PnrHX3fHyt/PX8MSxEBd1DKquGrX1RUVRpgjpeaQWxiZTOOtQqOC -MTaIzen7xASWSIsBx40Bz1szBpZGZnQdT+3Btrm0DWHMY37XLneMlhwqI2hrhVd2 -cDMT/uFPpiN3GPoajOi9ZcnPP/TJF9zrx7zABC4tRi9pZsMbj/7sPtPKlL92CiUN -qXsCHKnQO18LwIE6PWThv6ctTr1NxNgpxiIY0MWscgKCP6o6ojoilzHdCGPDdRS5 -YCgtW2jgFqlmgiNR9etT2DGbe+m3nUvriBbP+V04ikkwj+3x6xn0dxoxGE1nVGwv -b2X52z3sIexe9PSLymBlVNFxZPT5pqOBMzYzcfCkeF9OrYMh3jRJjehZrJ3ydlo2 -8hP0r+AJx2EqbPfgna67hkooby7utHnNkDPDs3b69fBsnQGQ+p6Q9pxyz0fawx/k -NSBT8lTR32GDpgLiJTjehTItXnOQUl1CxM49S+H5GYQd1aJQzEH7QRTDvdbJWqNj -ZgKAvQU6O0ec7AAmTPWIUb+oI38YB7AL7YsmoWTTYUrrXJ/es69nA7Mf3W1daWhp -q1467HxpvMc7hU6eFbm0FU/DlXpY18ls6Wy58yljXrQs8C097Vpl4KlbQMJImYFt -nh8GKjwStIsPm6Ik8KaN1nrgS7ZklmOVhMJKzRwuJIczYOXD ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFtzCCA5+gAwIBAgICBQkwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0x -GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJv -b3QgQ0EgMjAeFw0wNjExMjQxODI3MDBaFw0zMTExMjQxODIzMzNaMEUxCzAJBgNV -BAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMRswGQYDVQQDExJRdW9W -YWRpcyBSb290IENBIDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCa -GMpLlA0ALa8DKYrwD4HIrkwZhR0In6spRIXzL4GtMh6QRr+jhiYaHv5+HBg6XJxg -Fyo6dIMzMH1hVBHL7avg5tKifvVrbxi3Cgst/ek+7wrGsxDp3MJGF/hd/aTa/55J -WpzmM+Yklvc/ulsrHHo1wtZn/qtmUIttKGAr79dgw8eTvI02kfN/+NsRE8Scd3bB -rrcCaoF6qUWD4gXmuVbBlDePSHFjIuwXZQeVikvfj8ZaCuWw419eaxGrDPmF60Tp -+ARz8un+XJiM9XOva7R+zdRcAitMOeGylZUtQofX1bOQQ7dsE/He3fbE+Ik/0XX1 -ksOR1YqI0JDs3G3eicJlcZaLDQP9nL9bFqyS2+r+eXyt66/3FsvbzSUr5R/7mp/i -Ucw6UwxI5g69ybR2BlLmEROFcmMDBOAENisgGQLodKcftslWZvB1JdxnwQ5hYIiz -PtGo/KPaHbDRsSNU30R2be1B2MGyIrZTHN81Hdyhdyox5C315eXbyOD/5YDXC2Og -/zOhD7osFRXql7PSorW+8oyWHhqPHWykYTe5hnMz15eWniN9gqRMgeKh0bpnX5UH -oycR7hYQe7xFSkyyBNKr79X9DFHOUGoIMfmR2gyPZFwDwzqLID9ujWc9Otb+fVuI -yV77zGHcizN300QyNQliBJIWENieJ0f7OyHj+OsdWwIDAQABo4GwMIGtMA8GA1Ud -EwEB/wQFMAMBAf8wCwYDVR0PBAQDAgEGMB0GA1UdDgQWBBQahGK8SEwzJQTU7tD2 -A8QZRtGUazBuBgNVHSMEZzBlgBQahGK8SEwzJQTU7tD2A8QZRtGUa6FJpEcwRTEL -MAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMT -ElF1b1ZhZGlzIFJvb3QgQ0EgMoICBQkwDQYJKoZIhvcNAQEFBQADggIBAD4KFk2f -BluornFdLwUvZ+YTRYPENvbzwCYMDbVHZF34tHLJRqUDGCdViXh9duqWNIAXINzn -g/iN/Ae42l9NLmeyhP3ZRPx3UIHmfLTJDQtyU/h2BwdBR5YM++CCJpNVjP4iH2Bl -fF/nJrP3MpCYUNQ3cVX2kiF495V5+vgtJodmVjB3pjd4M1IQWK4/YY7yarHvGH5K -WWPKjaJW1acvvFYfzznB4vsKqBUsfU16Y8Zsl0Q80m/DShcK+JDSV6IZUaUtl0Ha -B0+pUNqQjZRG4T7wlP0QADj1O+hA4bRuVhogzG9Yje0uRY/W6ZM/57Es3zrWIozc -hLsib9D45MY56QSIPMO661V6bYCZJPVsAfv4l7CUW+v90m/xd2gNNWQjrLhVoQPR -TUIZ3Ph1WVaj+ahJefivDrkRoHy3au000LYmYjgahwz46P0u05B/B5EqHdZ+XIWD -mbA4CD/pXvk1B+TJYm5Xf6dQlfe6yJvmjqIBxdZmv3lh8zwc4bmCXF2gw+nYSL0Z -ohEUGW6yhhtoPkg3Goi3XZZenMfvJ2II4pEZXNLxId26F0KCl3GBUzGpn/Z9Yr9y -4aOTHcyKJloJONDO1w2AFrR4pTqHTI2KpdVGl/IsELm8VCLAAVBpQ570su9t+Oza -8eOx79+Rj1QqCyXBJhnEUhAFZdWCEOrCMc0u ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFYDCCA0igAwIBAgIURFc0JFuBiZs18s64KztbpybwdSgwDQYJKoZIhvcNAQEL -BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc -BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMiBHMzAeFw0xMjAxMTIxODU5MzJaFw00 -MjAxMTIxODU5MzJaMEgxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM -aW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDIgRzMwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQChriWyARjcV4g/Ruv5r+LrI3HimtFhZiFf -qq8nUeVuGxbULX1QsFN3vXg6YOJkApt8hpvWGo6t/x8Vf9WVHhLL5hSEBMHfNrMW -n4rjyduYNM7YMxcoRvynyfDStNVNCXJJ+fKH46nafaF9a7I6JaltUkSs+L5u+9ym -c5GQYaYDFCDy54ejiK2toIz/pgslUiXnFgHVy7g1gQyjO/Dh4fxaXc6AcW34Sas+ -O7q414AB+6XrW7PFXmAqMaCvN+ggOp+oMiwMzAkd056OXbxMmO7FGmh77FOm6RQ1 -o9/NgJ8MSPsc9PG/Srj61YxxSscfrf5BmrODXfKEVu+lV0POKa2Mq1W/xPtbAd0j -IaFYAI7D0GoT7RPjEiuA3GfmlbLNHiJuKvhB1PLKFAeNilUSxmn1uIZoL1NesNKq -IcGY5jDjZ1XHm26sGahVpkUG0CM62+tlXSoREfA7T8pt9DTEceT/AFr2XK4jYIVz -8eQQsSWu1ZK7E8EM4DnatDlXtas1qnIhO4M15zHfeiFuuDIIfR0ykRVKYnLP43eh -vNURG3YBZwjgQQvD6xVu+KQZ2aKrr+InUlYrAoosFCT5v0ICvybIxo/gbjh9Uy3l -7ZizlWNof/k19N+IxWA1ksB8aRxhlRbQ694Lrz4EEEVlWFA4r0jyWbYW8jwNkALG -cC4BrTwV1wIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB -BjAdBgNVHQ4EFgQU7edvdlq/YOxJW8ald7tyFnGbxD0wDQYJKoZIhvcNAQELBQAD -ggIBAJHfgD9DCX5xwvfrs4iP4VGyvD11+ShdyLyZm3tdquXK4Qr36LLTn91nMX66 -AarHakE7kNQIXLJgapDwyM4DYvmL7ftuKtwGTTwpD4kWilhMSA/ohGHqPHKmd+RC -roijQ1h5fq7KpVMNqT1wvSAZYaRsOPxDMuHBR//47PERIjKWnML2W2mWeyAMQ0Ga -W/ZZGYjeVYg3UQt4XAoeo0L9x52ID8DyeAIkVJOviYeIyUqAHerQbj5hLja7NQ4n -lv1mNDthcnPxFlxHBlRJAHpYErAK74X9sbgzdWqTHBLmYF5vHX/JHyPLhGGfHoJE -+V+tYlUkmlKY7VHnoX6XOuYvHxHaU4AshZ6rNRDbIl9qxV6XU/IyAgkwo1jwDQHV -csaxfGl7w/U2Rcxhbl5MlMVerugOXou/983g7aEOGzPuVBj+D77vfoRrQ+NwmNtd -dbINWQeFFSM51vHfqSYP1kjHs6Yi9TM3WpVHn3u6GBVv/9YUZINJ0gpnIdsPNWNg -KCLjsZWDzYWm3S8P52dSbrsvhXz1SnPnxT7AvSESBT/8twNJAlvIJebiVDj1eYeM -HVOyToV7BjjHLPj4sHKNJeV3UvQDHEimUF+IIDBu8oJDqz2XhOdT+yHBTw8imoa4 -WSr2Rz0ZiC3oheGe7IUIarFsNMkd7EgrO3jtZsSOeWmD3n+M ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIGnTCCBIWgAwIBAgICBcYwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0x -GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJv -b3QgQ0EgMzAeFw0wNjExMjQxOTExMjNaFw0zMTExMjQxOTA2NDRaMEUxCzAJBgNV -BAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMRswGQYDVQQDExJRdW9W -YWRpcyBSb290IENBIDMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDM -V0IWVJzmmNPTTe7+7cefQzlKZbPoFog02w1ZkXTPkrgEQK0CSzGrvI2RaNggDhoB -4hp7Thdd4oq3P5kazethq8Jlph+3t723j/z9cI8LoGe+AaJZz3HmDyl2/7FWeUUr -H556VOijKTVopAFPD6QuN+8bv+OPEKhyq1hX51SGyMnzW9os2l2ObjyjPtr7guXd -8lyyBTNvijbO0BNO/79KDDRMpsMhvVAEVeuxu537RR5kFd5VAYwCdrXLoT9Cabwv -vWhDFlaJKjdhkf2mrk7AyxRllDdLkgbvBNDInIjbC3uBr7E9KsRlOni27tyAsdLT -mZw67mtaa7ONt9XOnMK+pUsvFrGeaDsGb659n/je7Mwpp5ijJUMv7/FfJuGITfhe -btfZFG4ZM2mnO4SJk8RTVROhUXhA+LjJou57ulJCg54U7QVSWllWp5f8nT8KKdjc -T5EOE7zelaTfi5m+rJsziO+1ga8bxiJTyPbH7pcUsMV8eFLI8M5ud2CEpukqdiDt -WAEXMJPpGovgc2PZapKUSU60rUqFxKMiMPwJ7Wgic6aIDFUhWMXhOp8q3crhkODZ -c6tsgLjoC2SToJyMGf+z0gzskSaHirOi4XCPLArlzW1oUevaPwV/izLmE1xr/l9A -4iLItLRkT9a6fUg+qGkM17uGcclzuD87nSVL2v9A6wIDAQABo4IBlTCCAZEwDwYD -VR0TAQH/BAUwAwEB/zCB4QYDVR0gBIHZMIHWMIHTBgkrBgEEAb5YAAMwgcUwgZMG -CCsGAQUFBwICMIGGGoGDQW55IHVzZSBvZiB0aGlzIENlcnRpZmljYXRlIGNvbnN0 -aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFF1b1ZhZGlzIFJvb3QgQ0EgMyBDZXJ0 -aWZpY2F0ZSBQb2xpY3kgLyBDZXJ0aWZpY2F0aW9uIFByYWN0aWNlIFN0YXRlbWVu -dC4wLQYIKwYBBQUHAgEWIWh0dHA6Ly93d3cucXVvdmFkaXNnbG9iYWwuY29tL2Nw -czALBgNVHQ8EBAMCAQYwHQYDVR0OBBYEFPLAE+CCQz777i9nMpY1XNu4ywLQMG4G -A1UdIwRnMGWAFPLAE+CCQz777i9nMpY1XNu4ywLQoUmkRzBFMQswCQYDVQQGEwJC -TTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDEbMBkGA1UEAxMSUXVvVmFkaXMg -Um9vdCBDQSAzggIFxjANBgkqhkiG9w0BAQUFAAOCAgEAT62gLEz6wPJv92ZVqyM0 -7ucp2sNbtrCD2dDQ4iH782CnO11gUyeim/YIIirnv6By5ZwkajGxkHon24QRiSem -d1o417+shvzuXYO8BsbRd2sPbSQvS3pspweWyuOEn62Iix2rFo1bZhfZFvSLgNLd -+LJ2w/w4E6oM3kJpK27zPOuAJ9v1pkQNn1pVWQvVDVJIxa6f8i+AxeoyUDUSly7B -4f/xI4hROJ/yZlZ25w9Rl6VSDE1JUZU2Pb+iSwwQHYaZTKrzchGT5Or2m9qoXadN -t54CrnMAyNojA+j56hl0YgCUyyIgvpSnWbWCar6ZeXqp8kokUvd0/bpO5qgdAm6x -DYBEwa7TIzdfu4V8K5Iu6H6li92Z4b8nby1dqnuH/grdS/yO9SbkbnBCbjPsMZ57 -k8HkyWkaPcBrTiJt7qtYTcbQQcEr6k8Sh17rRdhs9ZgC06DYVYoGmRmioHfRMJ6s -zHXug/WwYjnPbFfiTNKRCw51KBuav/0aQ/HKd/s7j2G4aSgWQgRecCocIdiP4b0j -Wy10QJLZYxkNc91pvGJHvOB0K7Lrfb5BG7XARsWhIstfTsEokt4YutUqKLsRixeT -mJlglFwjz1onl14LBQaTNx47aTbrqZ5hHY8y2o4M1nQ+ewkk2gF3R8Q7zTSMmfXK -4SVhM7JZG+Ju1zdXtg2pEto= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFYDCCA0igAwIBAgIULvWbAiin23r/1aOp7r0DoM8Sah0wDQYJKoZIhvcNAQEL -BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc -BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMyBHMzAeFw0xMjAxMTIyMDI2MzJaFw00 -MjAxMTIyMDI2MzJaMEgxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM -aW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDMgRzMwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQCzyw4QZ47qFJenMioKVjZ/aEzHs286IxSR -/xl/pcqs7rN2nXrpixurazHb+gtTTK/FpRp5PIpM/6zfJd5O2YIyC0TeytuMrKNu -FoM7pmRLMon7FhY4futD4tN0SsJiCnMK3UmzV9KwCoWdcTzeo8vAMvMBOSBDGzXR -U7Ox7sWTaYI+FrUoRqHe6okJ7UO4BUaKhvVZR74bbwEhELn9qdIoyhA5CcoTNs+c -ra1AdHkrAj80//ogaX3T7mH1urPnMNA3I4ZyYUUpSFlob3emLoG+B01vr87ERROR -FHAGjx+f+IdpsQ7vw4kZ6+ocYfx6bIrc1gMLnia6Et3UVDmrJqMz6nWB2i3ND0/k -A9HvFZcba5DFApCTZgIhsUfei5pKgLlVj7WiL8DWM2fafsSntARE60f75li59wzw -eyuxwHApw0BiLTtIadwjPEjrewl5qW3aqDCYz4ByA4imW0aucnl8CAMhZa634Ryl -sSqiMd5mBPfAdOhx3v89WcyWJhKLhZVXGqtrdQtEPREoPHtht+KPZ0/l7DxMYIBp -VzgeAVuNVejH38DMdyM0SXV89pgR6y3e7UEuFAUCf+D+IOs15xGsIs5XPd7JMG0Q -A4XN8f+MFrXBsj6IbGB/kE+V9/YtrQE5BwT6dYB9v0lQ7e/JxHwc64B+27bQ3RP+ -ydOc17KXqQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB -BjAdBgNVHQ4EFgQUxhfQvKjqAkPyGwaZXSuQILnXnOQwDQYJKoZIhvcNAQELBQAD -ggIBADRh2Va1EodVTd2jNTFGu6QHcrxfYWLopfsLN7E8trP6KZ1/AvWkyaiTt3px -KGmPc+FSkNrVvjrlt3ZqVoAh313m6Tqe5T72omnHKgqwGEfcIHB9UqM+WXzBusnI -FUBhynLWcKzSt/Ac5IYp8M7vaGPQtSCKFWGafoaYtMnCdvvMujAWzKNhxnQT5Wvv -oxXqA/4Ti2Tk08HS6IT7SdEQTXlm66r99I0xHnAUrdzeZxNMgRVhvLfZkXdxGYFg -u/BYpbWcC/ePIlUnwEsBbTuZDdQdm2NnL9DuDcpmvJRPpq3t/O5jrFc/ZSXPsoaP -0Aj/uHYUbt7lJ+yreLVTubY/6CD50qi+YUbKh4yE8/nxoGibIh6BJpsQBJFxwAYf -3KDTuVan45gtf4Od34wrnDKOMpTwATwiKp9Dwi7DmDkHOHv8XgBCH/MyJnmDhPbl -8MFREsALHgQjDFSlTC9JxUrRtm5gDWv8a4uFJGS3iQ6rJUdbPM9+Sb3H6QrG2vd+ -DhcI00iX0HGS8A85PjRqHH3Y8iKuu2n0M7SmSFXRDw4m6Oy2Cy2nhTXN/VnIn9HN -PlopNLk9hM6xZdRZkZFWdSHBd575euFgndOtBBj0fOtek49TSiIp+EgrPk2GrFt/ -ywaZWWDYWGWVjUTR939+J399roD1B0y2PpxxVJkES/1Y+Zj0 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID2DCCAsCgAwIBAgIQYFbFSyNAW2TU7SXa2dYeHjANBgkqhkiG9w0BAQsFADCB -hTELMAkGA1UEBhMCREUxKTAnBgNVBAoTIERldXRzY2hlciBTcGFya2Fzc2VuIFZl -cmxhZyBHbWJIMScwJQYDVQQLEx5TLVRSVVNUIENlcnRpZmljYXRpb24gU2Vydmlj -ZXMxIjAgBgNVBAMTGVMtVFJVU1QgVW5pdmVyc2FsIFJvb3QgQ0EwHhcNMTMxMDIy -MDAwMDAwWhcNMzgxMDIxMjM1OTU5WjCBhTELMAkGA1UEBhMCREUxKTAnBgNVBAoT -IERldXRzY2hlciBTcGFya2Fzc2VuIFZlcmxhZyBHbWJIMScwJQYDVQQLEx5TLVRS -VVNUIENlcnRpZmljYXRpb24gU2VydmljZXMxIjAgBgNVBAMTGVMtVFJVU1QgVW5p -dmVyc2FsIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCo -4wvfETeFgpq1bGZ8YT/ARxodRuOwVWTluII5KAd+F//0m4rwkYHqOD8heGxI7Gsv -otOKcrKn19nqf7TASWswJYmM67fVQGGY4tw8IJLNZUpynxqOjPolFb/zIYMoDYuv -WRGCQ1ybTSVRf1gYY2A7s7WKi1hjN0hIkETCQN1d90NpKZhcEmVeq5CSS2bf1XUS -U1QYpt6K1rtXAzlZmRgFDPn9FcaQZEYXgtfCSkE9/QC+V3IYlHcbU1qJAfYzcg6T -OtzoHv0FBda8c+CI3KtP7LUYhk95hA5IKmYq3TLIeGXIC51YAQVx7YH1aBduyw20 -S9ih7K446xxYL6FlAzQvAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P -AQH/BAQDAgEGMB0GA1UdDgQWBBSafdfr639UmEUptCCrbQuWIxmkwjANBgkqhkiG -9w0BAQsFAAOCAQEATpYS2353XpInniEXGIJ22D+8pQkEZoiJrdtVszNqxmXEj03z -MjbceQSWqXcy0Zf1GGuMuu3OEdBEx5LxtESO7YhSSJ7V/Vn4ox5R+wFS5V/let2q -JE8ii912RvaloA812MoPmLkwXSBvwoEevb3A/hXTOCoJk5gnG5N70Cs0XmilFU/R -UsOgyqCDRR319bdZc11ZAY+qwkcvFHHVKeMQtUeTJcwjKdq3ctiR1OwbSIoi5MEq -9zpok59FGW5Dt8z+uJGaYRo2aWNkkijzb2GShROfyQcsi1fc65551cLeCNVUsldO -KjKNoeI60RAgIjl9NEVvcTvDHfz/sk+o4vYwHg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIClDCCAhqgAwIBAgIILCmcWxbtBZUwCgYIKoZIzj0EAwIwfzELMAkGA1UEBhMC -VVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQKDA9T -U0wgQ29ycG9yYXRpb24xNDAyBgNVBAMMK1NTTC5jb20gRVYgUm9vdCBDZXJ0aWZp -Y2F0aW9uIEF1dGhvcml0eSBFQ0MwHhcNMTYwMjEyMTgxNTIzWhcNNDEwMjEyMTgx -NTIzWjB/MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hv -dXN0b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjE0MDIGA1UEAwwrU1NMLmNv -bSBFViBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzB2MBAGByqGSM49 -AgEGBSuBBAAiA2IABKoSR5CYG/vvw0AHgyBO8TCCogbR8pKGYfL2IWjKAMTH6kMA -VIbc/R/fALhBYlzccBYy3h+Z1MzFB8gIH2EWB1E9fVwHU+M1OIzfzZ/ZLg1Kthku -WnBaBu2+8KGwytAJKaNjMGEwHQYDVR0OBBYEFFvKXuXe0oGqzagtZFG22XKbl+ZP -MA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUW8pe5d7SgarNqC1kUbbZcpuX -5k8wDgYDVR0PAQH/BAQDAgGGMAoGCCqGSM49BAMCA2gAMGUCMQCK5kCJN+vp1RPZ -ytRrJPOwPYdGWBrssd9v+1a6cGvHOMzosYxPD/fxZ3YOg9AeUY8CMD32IygmTMZg -h5Mmm7I1HrrW9zzRHM76JTymGoEVW/MSD2zuZYrJh6j5B+BimoxcSg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF6zCCA9OgAwIBAgIIVrYpzTS8ePYwDQYJKoZIhvcNAQELBQAwgYIxCzAJBgNV -BAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4GA1UEBwwHSG91c3RvbjEYMBYGA1UE -CgwPU1NMIENvcnBvcmF0aW9uMTcwNQYDVQQDDC5TU0wuY29tIEVWIFJvb3QgQ2Vy -dGlmaWNhdGlvbiBBdXRob3JpdHkgUlNBIFIyMB4XDTE3MDUzMTE4MTQzN1oXDTQy -MDUzMDE4MTQzN1owgYIxCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4G -A1UEBwwHSG91c3RvbjEYMBYGA1UECgwPU1NMIENvcnBvcmF0aW9uMTcwNQYDVQQD -DC5TU0wuY29tIEVWIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgUlNBIFIy -MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAjzZlQOHWTcDXtOlG2mvq -M0fNTPl9fb69LT3w23jhhqXZuglXaO1XPqDQCEGD5yhBJB/jchXQARr7XnAjssuf -OePPxU7Gkm0mxnu7s9onnQqG6YE3Bf7wcXHswxzpY6IXFJ3vG2fThVUCAtZJycxa -4bH3bzKfydQ7iEGonL3Lq9ttewkfokxykNorCPzPPFTOZw+oz12WGQvE43LrrdF9 -HSfvkusQv1vrO6/PgN3B0pYEW3p+pKk8OHakYo6gOV7qd89dAFmPZiw+B6KjBSYR -aZfqhbcPlgtLyEDhULouisv3D5oi53+aNxPN8k0TayHRwMwi8qFG9kRpnMphNQcA -b9ZhCBHqurj26bNg5U257J8UZslXWNvNh2n4ioYSA0e/ZhN2rHd9NCSFg83XqpyQ -Gp8hLH94t2S42Oim9HizVcuE0jLEeK6jj2HdzghTreyI/BXkmg3mnxp3zkyPuBQV -PWKchjgGAGYS5Fl2WlPAApiiECtoRHuOec4zSnaqW4EWG7WK2NAAe15itAnWhmMO -pgWVSbooi4iTsjQc2KRVbrcc0N6ZVTsj9CLg+SlmJuwgUHfbSguPvuUCYHBBXtSu -UDkiFCbLsjtzdFVHB3mBOagwE0TlBIqulhMlQg+5U8Sb/M3kHN48+qvWBkofZ6aY -MBzdLNvcGJVXZsb/XItW9XcCAwEAAaNjMGEwDwYDVR0TAQH/BAUwAwEB/zAfBgNV -HSMEGDAWgBT5YLvU49U09rj1BoAlp3PbRmmonjAdBgNVHQ4EFgQU+WC71OPVNPa4 -9QaAJadz20ZpqJ4wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQBW -s47LCp1Jjr+kxJG7ZhcFUZh1++VQLHqe8RT6q9OKPv+RKY9ji9i0qVQBDb6Thi/5 -Sm3HXvVX+cpVHBK+Rw82xd9qt9t1wkclf7nxY/hoLVUE0fKNsKTPvDxeH3jnpaAg -cLAExbf3cqfeIg29MyVGjGSSJuM+LmOW2puMPfgYCdcDzH2GguDKBAdRUNf/ktUM -79qGn5nX67evaOI5JpS6aLe/g9Pqemc9YmeuJeVy6OLk7K4S9ksrPJ/psEDzOFSz -/bdoyNrGj1E8svuR3Bznm53htw1yj+KkxKl4+esUrMZDBcJlOSgYAsOCsp0FvmXt -ll9ldDz7CTUue5wT/RsPXcdtgTpWD8w74a8CLyKsRspGPKAcTNZEtF4uXBVmCeEm -Kf7GUmG6sXP/wwyc5WxqlD8UykAWlYTzWamsX0xhk23RO8yilQwipmdnRC652dKK -QbNmC1r7fSOl8hqw/96bg5Qu0T/fkreRrwU7ZcegbLHNYhLDkBvjJc40vG93drEQ -w/cFGsDWr3RiSBd3kmmQYRzelYB0VI8YHMPzA9C/pEN1hlMYegouCRw2n5H9gooi -S9EOUCXdywMMF8mDAAhONU2Ki+3wApRmLER/y5UnlhetCTCstnEXbosX9hwJ1C07 -mKVx01QT2WDz9UtmT/rx7iASjbSsV7FFY6GsdqnC+w== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICjTCCAhSgAwIBAgIIdebfy8FoW6gwCgYIKoZIzj0EAwIwfDELMAkGA1UEBhMC -VVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQKDA9T -U0wgQ29ycG9yYXRpb24xMTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZpY2F0 -aW9uIEF1dGhvcml0eSBFQ0MwHhcNMTYwMjEyMTgxNDAzWhcNNDEwMjEyMTgxNDAz -WjB8MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0 -b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNvbSBS -b290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzB2MBAGByqGSM49AgEGBSuB -BAAiA2IABEVuqVDEpiM2nl8ojRfLliJkP9x6jh3MCLOicSS6jkm5BBtHllirLZXI -7Z4INcgn64mMU1jrYor+8FsPazFSY0E7ic3s7LaNGdM0B9y7xgZ/wkWV7Mt/qCPg -CemB+vNH06NjMGEwHQYDVR0OBBYEFILRhXMw5zUE044CkvvlpNHEIejNMA8GA1Ud -EwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUgtGFczDnNQTTjgKS++Wk0cQh6M0wDgYD -VR0PAQH/BAQDAgGGMAoGCCqGSM49BAMCA2cAMGQCMG/n61kRpGDPYbCWe+0F+S8T -kdzt5fxQaxFGRrMcIQBiu77D5+jNB5n5DQtdcj7EqgIwH7y6C+IwJPt8bYBVCpk+ -gA0z5Wajs6O7pdWLjwkspl1+4vAHCGht0nxpbl/f5Wpl ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF3TCCA8WgAwIBAgIIeyyb0xaAMpkwDQYJKoZIhvcNAQELBQAwfDELMAkGA1UE -BhMCVVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQK -DA9TU0wgQ29ycG9yYXRpb24xMTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZp -Y2F0aW9uIEF1dGhvcml0eSBSU0EwHhcNMTYwMjEyMTczOTM5WhcNNDEwMjEyMTcz -OTM5WjB8MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hv -dXN0b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNv -bSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFJTQTCCAiIwDQYJKoZIhvcN -AQEBBQADggIPADCCAgoCggIBAPkP3aMrfcvQKv7sZ4Wm5y4bunfh4/WvpOz6Sl2R -xFdHaxh3a3by/ZPkPQ/CFp4LZsNWlJ4Xg4XOVu/yFv0AYvUiCVToZRdOQbngT0aX -qhvIuG5iXmmxX9sqAn78bMrzQdjt0Oj8P2FI7bADFB0QDksZ4LtO7IZl/zbzXmcC -C52GVWH9ejjt/uIZALdvoVBidXQ8oPrIJZK0bnoix/geoeOy3ZExqysdBP+lSgQ3 -6YWkMyv94tZVNHwZpEpox7Ko07fKoZOI68GXvIz5HdkihCR0xwQ9aqkpk8zruFvh -/l8lqjRYyMEjVJ0bmBHDOJx+PYZspQ9AhnwC9FwCTyjLrnGfDzrIM/4RJTXq/LrF -YD3ZfBjVsqnTdXgDciLKOsMf7yzlLqn6niy2UUb9rwPW6mBo6oUWNmuF6R7As93E -JNyAKoFBbZQ+yODJgUEAnl6/f8UImKIYLEJAs/lvOCdLToD0PYFH4Ih86hzOtXVc -US4cK38acijnALXRdMbX5J+tB5O2UzU1/Dfkw/ZdFr4hc96SCvigY2q8lpJqPvi8 -ZVWb3vUNiSYE/CUapiVpy8JtynziWV+XrOvvLsi81xtZPCvM8hnIk2snYxnP/Okm -+Mpxm3+T/jRnhE6Z6/yzeAkzcLpmpnbtG3PrGqUNxCITIJRWCk4sbE6x/c+cCbqi -M+2HAgMBAAGjYzBhMB0GA1UdDgQWBBTdBAkHovV6fVJTEpKV7jiAJQ2mWTAPBgNV -HRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFN0ECQei9Xp9UlMSkpXuOIAlDaZZMA4G -A1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAIBgRlCn7Jp0cHh5wYfGV -cpNxJK1ok1iOMq8bs3AD/CUrdIWQPXhq9LmLpZc7tRiRux6n+UBbkflVma8eEdBc -Hadm47GUBwwyOabqG7B52B2ccETjit3E+ZUfijhDPwGFpUenPUayvOUiaPd7nNgs -PgohyC0zrL/FgZkxdMF1ccW+sfAjRfSda/wZY52jvATGGAslu1OJD7OAUN5F7kR/ -q5R4ZJjT9ijdh9hwZXT7DrkT66cPYakylszeu+1jTBi7qUD3oFRuIIhxdRjqerQ0 -cuAjJ3dctpDqhiVAq+8zD8ufgr6iIPv2tS0a5sKFsXQP+8hlAqRSAUfdSSLBv9jr -a6x+3uxjMxW3IwiPxg+NQVrdjsW5j+VFP3jbutIbQLH+cU0/4IGiul607BXgk90I -H37hVZkLId6Tngr75qNJvTYw/ud3sqB1l7UtgYgXZSD32pAAn8lSzDLKNXz1PQ/Y -K9f1JmzJBjSWFupwWRoyeXkLtoh/D1JIPb9s2KJELtFOt3JY04kTlf5Eq/jXixtu -nLwsoFvVagCvXzfh1foQC5ichucmj87w7G6KVwuA406ywKBjYZC6VWg3dGq2ktuf -oYYitmUnDuy2n0Jg5GfCtdpBC8TTi2EbvPofkSvXRAdeuims2cXp71NIWuuA8ShY -Ic2wBlX7Jz9TkHCpBB5XJ7k= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDcjCCAlqgAwIBAgIUPopdB+xV0jLVt+O2XwHrLdzk1uQwDQYJKoZIhvcNAQEL -BQAwUTELMAkGA1UEBhMCUEwxKDAmBgNVBAoMH0tyYWpvd2EgSXpiYSBSb3psaWN6 -ZW5pb3dhIFMuQS4xGDAWBgNVBAMMD1NaQUZJUiBST09UIENBMjAeFw0xNTEwMTkw -NzQzMzBaFw0zNTEwMTkwNzQzMzBaMFExCzAJBgNVBAYTAlBMMSgwJgYDVQQKDB9L -cmFqb3dhIEl6YmEgUm96bGljemVuaW93YSBTLkEuMRgwFgYDVQQDDA9TWkFGSVIg -Uk9PVCBDQTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3vD5QqEvN -QLXOYeeWyrSh2gwisPq1e3YAd4wLz32ohswmUeQgPYUM1ljj5/QqGJ3a0a4m7utT -3PSQ1hNKDJA8w/Ta0o4NkjrcsbH/ON7Dui1fgLkCvUqdGw+0w8LBZwPd3BucPbOw -3gAeqDRHu5rr/gsUvTaE2g0gv/pby6kWIK05YO4vdbbnl5z5Pv1+TW9NL++IDWr6 -3fE9biCloBK0TXC5ztdyO4mTp4CEHCdJckm1/zuVnsHMyAHs6A6KCpbns6aH5db5 -BSsNl0BwPLqsdVqc1U2dAgrSS5tmS0YHF2Wtn2yIANwiieDhZNRnvDF5YTy7ykHN -XGoAyDw4jlivAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD -AgEGMB0GA1UdDgQWBBQuFqlKGLXLzPVvUPMjX/hd56zwyDANBgkqhkiG9w0BAQsF -AAOCAQEAtXP4A9xZWx126aMqe5Aosk3AM0+qmrHUuOQn/6mWmc5G4G18TKI4pAZw -8PRBEew/R40/cof5O/2kbytTAOD/OblqBw7rHRz2onKQy4I9EYKL0rufKq8h5mOG -nXkZ7/e7DDWQw4rtTw/1zBLZpD67oPwglV9PJi8RI4NOdQcPv5vRtB3pEAT+ymCP -oky4rc/hkA/NrgrHXXu3UNLUYfrVFdvXn4dRVOul4+vJhaAlIDf7js4MNIThPIGy -d05DpYhfhmehPea0XGG2Ptv+tyjFogeutcrKjSoS75ftwjCkySp6+/NNIxuZMzSg -LvWpCz/UXeHPhJ/iGcJfitYgHuNztw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDbTCCAlWgAwIBAgIBATANBgkqhkiG9w0BAQUFADBYMQswCQYDVQQGEwJKUDEr -MCkGA1UEChMiSmFwYW4gQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcywgSW5jLjEcMBoG -A1UEAxMTU2VjdXJlU2lnbiBSb290Q0ExMTAeFw0wOTA0MDgwNDU2NDdaFw0yOTA0 -MDgwNDU2NDdaMFgxCzAJBgNVBAYTAkpQMSswKQYDVQQKEyJKYXBhbiBDZXJ0aWZp -Y2F0aW9uIFNlcnZpY2VzLCBJbmMuMRwwGgYDVQQDExNTZWN1cmVTaWduIFJvb3RD -QTExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/XeqpRyQBTvLTJsz -i1oURaTnkBbR31fSIRCkF/3frNYfp+TbfPfs37gD2pRY/V1yfIw/XwFndBWW4wI8 -h9uuywGOwvNmxoVF9ALGOrVisq/6nL+k5tSAMJjzDbaTj6nU2DbysPyKyiyhFTOV -MdrAG/LuYpmGYz+/3ZMqg6h2uRMft85OQoWPIucuGvKVCbIFtUROd6EgvanyTgp9 -UK31BQ1FT0Zx/Sg+U/sE2C3XZR1KG/rPO7AxmjVuyIsG0wCR8pQIZUyxNAYAeoni -8McDWc/V1uinMrPmmECGxc0nEovMe863ETxiYAcjPitAbpSACW22s293bzUIUPsC -h8U+iQIDAQABo0IwQDAdBgNVHQ4EFgQUW/hNT7KlhtQ60vFjmqC+CfZXt94wDgYD -VR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEB -AKChOBZmLqdWHyGcBvod7bkixTgm2E5P7KN/ed5GIaGHd48HCJqypMWvDzKYC3xm -KbabfSVSSUOrTC4rbnpwrxYO4wJs+0LmGJ1F2FXI6Dvd5+H0LgscNFxsWEr7jIhQ -X5Ucv+2rIrVls4W6ng+4reV6G4pQOh29Dbx7VFALuUKvVaAYga1lme++5Jy/xIWr -QbJUb9wlze144o4MjQlJ3WN7WmmWAiGovVJZ6X01y8hSyn+B/tlr0/cR7SXf+Of5 -pPpyl4RTDaXQMhhRdlkUbA/r7F+AjHVDg8OFmP9Mni0N5HeDk061lgeLKBObjBmN -QSdJQO7e5iNEOdyhIta6A/I= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDuDCCAqCgAwIBAgIQDPCOXAgWpa1Cf/DrJxhZ0DANBgkqhkiG9w0BAQUFADBI -MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24x -FzAVBgNVBAMTDlNlY3VyZVRydXN0IENBMB4XDTA2MTEwNzE5MzExOFoXDTI5MTIz -MTE5NDA1NVowSDELMAkGA1UEBhMCVVMxIDAeBgNVBAoTF1NlY3VyZVRydXN0IENv -cnBvcmF0aW9uMRcwFQYDVQQDEw5TZWN1cmVUcnVzdCBDQTCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBAKukgeWVzfX2FI7CT8rU4niVWJxB4Q2ZQCQXOZEz -Zum+4YOvYlyJ0fwkW2Gz4BERQRwdbvC4u/jep4G6pkjGnx29vo6pQT64lO0pGtSO -0gMdA+9tDWccV9cGrcrI9f4Or2YlSASWC12juhbDCE/RRvgUXPLIXgGZbf2IzIao -wW8xQmxSPmjL8xk037uHGFaAJsTQ3MBv396gwpEWoGQRS0S8Hvbn+mPeZqx2pHGj -7DaUaHp3pLHnDi+BeuK1cobvomuL8A/b01k/unK8RCSc43Oz969XL0Imnal0ugBS -8kvNU3xHCzaFDmapCJcWNFfBZveA4+1wVMeT4C4oFVmHursCAwEAAaOBnTCBmjAT -BgkrBgEEAYI3FAIEBh4EAEMAQTALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB -/zAdBgNVHQ4EFgQUQjK2FvoE/f5dS3rD/fdMQB1aQ68wNAYDVR0fBC0wKzApoCeg -JYYjaHR0cDovL2NybC5zZWN1cmV0cnVzdC5jb20vU1RDQS5jcmwwEAYJKwYBBAGC -NxUBBAMCAQAwDQYJKoZIhvcNAQEFBQADggEBADDtT0rhWDpSclu1pqNlGKa7UTt3 -6Z3q059c4EVlew3KW+JwULKUBRSuSceNQQcSc5R+DCMh/bwQf2AQWnL1mA6s7Ll/ -3XpvXdMc9P+IBWlCqQVxyLesJugutIxq/3HcuLHfmbx8IVQr5Fiiu1cprp6poxkm -D5kuCLDv/WnPmRoJjeOnnyvJNjR7JLN4TJUXpAYmHrZkUjZfYGfZnMUFdAvnZyPS -CPyI6a6Lf+Ew9Dd+/cYy2i2eRDAwbO4H3tI0/NL/QPZL9GZGBlSm8jIKYyYwa5vR -3ItHuuG51WLQoqD0ZwV4KWMabwTW+MZMo5qxN7SN5ShLHZ4swrhovO0C7jE= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDvDCCAqSgAwIBAgIQB1YipOjUiolN9BPI8PjqpTANBgkqhkiG9w0BAQUFADBK -MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24x -GTAXBgNVBAMTEFNlY3VyZSBHbG9iYWwgQ0EwHhcNMDYxMTA3MTk0MjI4WhcNMjkx -MjMxMTk1MjA2WjBKMQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3Qg -Q29ycG9yYXRpb24xGTAXBgNVBAMTEFNlY3VyZSBHbG9iYWwgQ0EwggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvNS7YrGxVaQZx5RNoJLNP2MwhR/jxYDiJ -iQPpvepeRlMJ3Fz1Wuj3RSoC6zFh1ykzTM7HfAo3fg+6MpjhHZevj8fcyTiW89sa -/FHtaMbQbqR8JNGuQsiWUGMu4P51/pinX0kuleM5M2SOHqRfkNJnPLLZ/kG5VacJ -jnIFHovdRIWCQtBJwB1g8NEXLJXr9qXBkqPFwqcIYA1gBBCWeZ4WNOaptvolRTnI -HmX5k/Wq8VLcmZg9pYYaDDUz+kulBAYVHDGA76oYa8J719rO+TMg1fW9ajMtgQT7 -sFzUnKPiXB3jqUJ1XnvUd+85VLrJChgbEplJL4hL/VBi0XPnj3pDAgMBAAGjgZ0w -gZowEwYJKwYBBAGCNxQCBAYeBABDAEEwCwYDVR0PBAQDAgGGMA8GA1UdEwEB/wQF -MAMBAf8wHQYDVR0OBBYEFK9EBMJBfkiD2045AuzshHrmzsmkMDQGA1UdHwQtMCsw -KaAnoCWGI2h0dHA6Ly9jcmwuc2VjdXJldHJ1c3QuY29tL1NHQ0EuY3JsMBAGCSsG -AQQBgjcVAQQDAgEAMA0GCSqGSIb3DQEBBQUAA4IBAQBjGghAfaReUw132HquHw0L -URYD7xh8yOOvaliTFGCRsoTciE6+OYo68+aCiV0BN7OrJKQVDpI1WkpEXk5X+nXO -H0jOZvQ8QCaSmGwb7iRGDBezUqXbpZGRzzfTb+cnCDpOGR86p1hcF895P4vkp9Mm -I50mD1hp/Ed+stCNi5O/KU9DaXR2Z0vPB4zmAve14bRDtUstFJ/53CYNv6ZHdAbY -iNE6KTCEztI5gGIbqMdXSbxqVVFnFUq+NQfk1XWYN3kwFNspnWzFacxHVaIw98xc -f8LDmBxrThaA63p4ZUWiABqvDA1VZDRIuJK58bRQKfJPIx/abKwfROHdI3hRW8cW ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDdzCCAl+gAwIBAgIBADANBgkqhkiG9w0BAQsFADBdMQswCQYDVQQGEwJKUDEl -MCMGA1UEChMcU0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4sTFRELjEnMCUGA1UECxMe -U2VjdXJpdHkgQ29tbXVuaWNhdGlvbiBSb290Q0EyMB4XDTA5MDUyOTA1MDAzOVoX -DTI5MDUyOTA1MDAzOVowXTELMAkGA1UEBhMCSlAxJTAjBgNVBAoTHFNFQ09NIFRy -dXN0IFN5c3RlbXMgQ08uLExURC4xJzAlBgNVBAsTHlNlY3VyaXR5IENvbW11bmlj -YXRpb24gUm9vdENBMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANAV -OVKxUrO6xVmCxF1SrjpDZYBLx/KWvNs2l9amZIyoXvDjChz335c9S672XewhtUGr -zbl+dp+++T42NKA7wfYxEUV0kz1XgMX5iZnK5atq1LXaQZAQwdbWQonCv/Q4EpVM -VAX3NuRFg3sUZdbcDE3R3n4MqzvEFb46VqZab3ZpUql6ucjrappdUtAtCms1FgkQ -hNBqyjoGADdH5H5XTz+L62e4iKrFvlNVspHEfbmwhRkGeC7bYRr6hfVKkaHnFtWO -ojnflLhwHyg/i/xAXmODPIMqGplrz95Zajv8bxbXH/1KEOtOghY6rCcMU/Gt1SSw -awNQwS08Ft1ENCcadfsCAwEAAaNCMEAwHQYDVR0OBBYEFAqFqXdlBZh8QIH4D5cs -OPEK7DzPMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3 -DQEBCwUAA4IBAQBMOqNErLlFsceTfsgLCkLfZOoc7llsCLqJX2rKSpWeeo8HxdpF -coJxDjrSzG+ntKEju/Ykn8sX/oymzsLS28yN/HH8AynBbF0zX2S2ZTuJbxh2ePXc -okgfGT+Ok+vx+hfuzU7jBBJV1uXk3fs+BXziHV7Gp7yXT2g69ekuCkO2r1dcYmh8 -t/2jioSgrGK+KwmHNPBqAbubKVY8/gA3zyNs8U6qtnRGEmyR7jTV7JqR50S+kDFy -1UkC9gLl9B/rfNmWVan/7Ir5mUf/NVoCqgTLiluHcSmRvaS0eg29mvVXIwAHIRc/ -SjnRBUkLp7Y3gaVdjKozXoEofKd9J+sAro03 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDWjCCAkKgAwIBAgIBADANBgkqhkiG9w0BAQUFADBQMQswCQYDVQQGEwJKUDEY -MBYGA1UEChMPU0VDT00gVHJ1c3QubmV0MScwJQYDVQQLEx5TZWN1cml0eSBDb21t -dW5pY2F0aW9uIFJvb3RDQTEwHhcNMDMwOTMwMDQyMDQ5WhcNMjMwOTMwMDQyMDQ5 -WjBQMQswCQYDVQQGEwJKUDEYMBYGA1UEChMPU0VDT00gVHJ1c3QubmV0MScwJQYD -VQQLEx5TZWN1cml0eSBDb21tdW5pY2F0aW9uIFJvb3RDQTEwggEiMA0GCSqGSIb3 -DQEBAQUAA4IBDwAwggEKAoIBAQCzs/5/022x7xZ8V6UMbXaKL0u/ZPtM7orw8yl8 -9f/uKuDp6bpbZCKamm8sOiZpUQWZJtzVHGpxxpp9Hp3dfGzGjGdnSj74cbAZJ6kJ -DKaVv0uMDPpVmDvY6CKhS3E4eayXkmmziX7qIWgGmBSWh9JhNrxtJ1aeV+7AwFb9 -Ms+k2Y7CI9eNqPPYJayX5HA49LY6tJ07lyZDo6G8SVlyTCMwhwFY9k6+HGhWZq/N -QV3Is00qVUarH9oe4kA92819uZKAnDfdDJZkndwi92SL32HeFZRSFaB9UslLqCHJ -xrHty8OVYNEP8Ktw+N/LTX7s1vqr2b1/VPKl6Xn62dZ2JChzAgMBAAGjPzA9MB0G -A1UdDgQWBBSgc0mZaNyFW2XjmygvV5+9M7wHSDALBgNVHQ8EBAMCAQYwDwYDVR0T -AQH/BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAaECpqLvkT115swW1F7NgE+vG -kl3g0dNq/vu+m22/xwVtWSDEHPC32oRYAmP6SBbvT6UL90qY8j+eG61Ha2POCEfr -Uj94nK9NrvjVT8+amCoQQTlSxN3Zmw7vkwGusi7KaEIkQmywszo+zenaSMQVy+n5 -Bw+SUEmK3TGXX8npN6o7WWWXlDLJs58+OmJYxUmtYg5xpTKqL8aJdkNAExNnPaJU -JRDL8Try2frbSVa7pv6nQTXD4IhhyYjH3zYQIphZ6rBK+1YWc26sTfcioU+tHXot -RSflMMFe8toTyyVCUZVHA4xsIcx0Qu1T/zOLjw9XARYvz6buyXAiFL39vmwLAw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDIDCCAgigAwIBAgIBHTANBgkqhkiG9w0BAQUFADA5MQswCQYDVQQGEwJGSTEP -MA0GA1UEChMGU29uZXJhMRkwFwYDVQQDExBTb25lcmEgQ2xhc3MyIENBMB4XDTAx -MDQwNjA3Mjk0MFoXDTIxMDQwNjA3Mjk0MFowOTELMAkGA1UEBhMCRkkxDzANBgNV -BAoTBlNvbmVyYTEZMBcGA1UEAxMQU29uZXJhIENsYXNzMiBDQTCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAJAXSjWdyvANlsdE+hY3/Ei9vX+ALTU74W+o -Z6m/AxxNjG8yR9VBaKQTBME1DJqEQ/xcHf+Js+gXGM2RX/uJ4+q/Tl18GybTdXnt -5oTjV+WtKcT0OijnpXuENmmz/V52vaMtmdOQTiMofRhj8VQ7Jp12W5dCsv+u8E7s -3TmVToMGf+dJQMjFAbJUWmYdPfz56TwKnoG4cPABi+QjVHzIrviQHgCWctRUz2Ej -vOr7nQKV0ba5cTppCD8PtOFCx4j1P5iop7oc4HFx71hXgVB6XGt0Rg6DA5jDjqhu -8nYybieDwnPz3BjotJPqdURrBGAgcVeHnfO+oJAjPYok4doh28MCAwEAAaMzMDEw -DwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4ECgQISqCqWITTXjwwCwYDVR0PBAQDAgEG -MA0GCSqGSIb3DQEBBQUAA4IBAQBazof5FnIVV0sd2ZvnoiYw7JNn39Yt0jSv9zil -zqsWuasvfDXLrNAPtEwr/IDva4yRXzZ299uzGxnq9LIR/WFxRL8oszodv7ND6J+/ -3DEIcbCdjdY0RzKQxmUk96BKfARzjzlvF4xytb1LyHr4e4PDKE6cCepnP7JnBBvD -FNr450kkkdAdavphOe9r5yF1BgfYErQhIHBCcYHaPJo2vqZbDWpsmh+Re/n570K6 -Tk6ezAyNlNzZRZxe7EJQY670XcSxEtzKO6gunRRaBXW37Ndj4ro1tgQIkejanZz2 -ZrUYrAqmVCY0M9IbwdR/GjqOC6oybtv8TyWf2TLHllpwrN9M ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFcDCCA1igAwIBAgIEAJiWjTANBgkqhkiG9w0BAQsFADBYMQswCQYDVQQGEwJO -TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSkwJwYDVQQDDCBTdGFh -dCBkZXIgTmVkZXJsYW5kZW4gRVYgUm9vdCBDQTAeFw0xMDEyMDgxMTE5MjlaFw0y -MjEyMDgxMTEwMjhaMFgxCzAJBgNVBAYTAk5MMR4wHAYDVQQKDBVTdGFhdCBkZXIg -TmVkZXJsYW5kZW4xKTAnBgNVBAMMIFN0YWF0IGRlciBOZWRlcmxhbmRlbiBFViBS -b290IENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA48d+ifkkSzrS -M4M1LGns3Amk41GoJSt5uAg94JG6hIXGhaTK5skuU6TJJB79VWZxXSzFYGgEt9nC -UiY4iKTWO0Cmws0/zZiTs1QUWJZV1VD+hq2kY39ch/aO5ieSZxeSAgMs3NZmdO3d -Z//BYY1jTw+bbRcwJu+r0h8QoPnFfxZpgQNH7R5ojXKhTbImxrpsX23Wr9GxE46p -rfNeaXUmGD5BKyF/7otdBwadQ8QpCiv8Kj6GyzyDOvnJDdrFmeK8eEEzduG/L13l -pJhQDBXd4Pqcfzho0LKmeqfRMb1+ilgnQ7O6M5HTp5gVXJrm0w912fxBmJc+qiXb -j5IusHsMX/FjqTf5m3VpTCgmJdrV8hJwRVXj33NeN/UhbJCONVrJ0yPr08C+eKxC -KFhmpUZtcALXEPlLVPxdhkqHz3/KRawRWrUgUY0viEeXOcDPusBCAUCZSCELa6fS -/ZbV0b5GnUngC6agIk440ME8MLxwjyx1zNDFjFE7PZQIZCZhfbnDZY8UnCHQqv0X -cgOPvZuM5l5Tnrmd74K74bzickFbIZTTRTeU0d8JOV3nI6qaHcptqAqGhYqCvkIH -1vI4gnPah1vlPNOePqc7nvQDs/nxfRN0Av+7oeX6AHkcpmZBiFxgV6YuCcS6/ZrP -px9Aw7vMWgpVSzs4dlG4Y4uElBbmVvMCAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB -/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFP6rAJCYniT8qcwaivsnuL8wbqg7 -MA0GCSqGSIb3DQEBCwUAA4ICAQDPdyxuVr5Os7aEAJSrR8kN0nbHhp8dB9O2tLsI -eK9p0gtJ3jPFrK3CiAJ9Brc1AsFgyb/E6JTe1NOpEyVa/m6irn0F3H3zbPB+po3u -2dfOWBfoqSmuc0iH55vKbimhZF8ZE/euBhD/UcabTVUlT5OZEAFTdfETzsemQUHS -v4ilf0X8rLiltTMMgsT7B/Zq5SWEXwbKwYY5EdtYzXc7LMJMD16a4/CrPmEbUCTC -wPTxGfARKbalGAKb12NMcIxHowNDXLldRqANb/9Zjr7dn3LDWyvfjFvO5QxGbJKy -CqNMVEIYFRIYvdr8unRu/8G2oGTYqV9Vrp9canaW2HNnh/tNf1zuacpzEPuKqf2e -vTY4SUmH9A4U8OmHuD+nT3pajnnUk+S7aFKErGzp85hwVXIy+TSrK0m1zSBi5Dp6 -Z2Orltxtrpfs/J92VoguZs9btsmksNcFuuEnL5O7Jiqik7Ab846+HUCjuTaPPoIa -Gl6I6lD4WeKDRikL40Rc4ZW2aZCaFG+XroHPaO+Zmr615+F/+PoTRxZMzG0IQOeL -eG9QgkRQP2YGiqtDhFZKDyAthg710tvSeopLzaXoTvFeJiUBWSOgftL2fiFX1ye8 -FVdMpEbB4IMeDExNH08GGeL5qPQ6gqGyeUN51q1veieQA6TqJIc/2b3Z6fJfUEkc -7uzXLg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFyjCCA7KgAwIBAgIEAJiWjDANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJO -TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSswKQYDVQQDDCJTdGFh -dCBkZXIgTmVkZXJsYW5kZW4gUm9vdCBDQSAtIEcyMB4XDTA4MDMyNjExMTgxN1oX -DTIwMDMyNTExMDMxMFowWjELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRl -ciBOZWRlcmxhbmRlbjErMCkGA1UEAwwiU3RhYXQgZGVyIE5lZGVybGFuZGVuIFJv -b3QgQ0EgLSBHMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMVZ5291 -qj5LnLW4rJ4L5PnZyqtdj7U5EILXr1HgO+EASGrP2uEGQxGZqhQlEq0i6ABtQ8Sp -uOUfiUtnvWFI7/3S4GCI5bkYYCjDdyutsDeqN95kWSpGV+RLufg3fNU254DBtvPU -Z5uW6M7XxgpT0GtJlvOjCwV3SPcl5XCsMBQgJeN/dVrlSPhOewMHBPqCYYdu8DvE -pMfQ9XQ+pV0aCPKbJdL2rAQmPlU6Yiile7Iwr/g3wtG61jj99O9JMDeZJiFIhQGp -5Rbn3JBV3w/oOM2ZNyFPXfUib2rFEhZgF1XyZWampzCROME4HYYEhLoaJXhena/M -UGDWE4dS7WMfbWV9whUYdMrhfmQpjHLYFhN9C0lK8SgbIHRrxT3dsKpICT0ugpTN -GmXZK4iambwYfp/ufWZ8Pr2UuIHOzZgweMFvZ9C+X+Bo7d7iscksWXiSqt8rYGPy -5V6548r6f1CGPqI0GAwJaCgRHOThuVw+R7oyPxjMW4T182t0xHJ04eOLoEq9jWYv -6q012iDTiIJh8BIitrzQ1aTsr1SIJSQ8p22xcik/Plemf1WvbibG/ufMQFxRRIEK -eN5KzlW/HdXZt1bv8Hb/C3m1r737qWmRRpdogBQ2HbN/uymYNqUg+oJgYjOk7Na6 -B6duxc8UpufWkjTYgfX8HV2qXB72o007uPc5AgMBAAGjgZcwgZQwDwYDVR0TAQH/ -BAUwAwEB/zBSBgNVHSAESzBJMEcGBFUdIAAwPzA9BggrBgEFBQcCARYxaHR0cDov -L3d3dy5wa2lvdmVyaGVpZC5ubC9wb2xpY2llcy9yb290LXBvbGljeS1HMjAOBgNV -HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFJFoMocVHYnitfGsNig0jQt8YojrMA0GCSqG -SIb3DQEBCwUAA4ICAQCoQUpnKpKBglBu4dfYszk78wIVCVBR7y29JHuIhjv5tLyS -CZa59sCrI2AGeYwRTlHSeYAz+51IvuxBQ4EffkdAHOV6CMqqi3WtFMTC6GY8ggen -5ieCWxjmD27ZUD6KQhgpxrRW/FYQoAUXvQwjf/ST7ZwaUb7dRUG/kSS0H4zpX897 -IZmflZ85OkYcbPnNe5yQzSipx6lVu6xiNGI1E0sUOlWDuYaNkqbG9AclVMwWVxJK -gnjIFNkXgiYtXSAfea7+1HAWFpWD2DU5/1JddRwWxRNVz0fMdWVSSt7wsKfkCpYL -+63C4iWEst3kvX5ZbJvw8NjnyvLplzh+ib7M+zkXYT9y2zqR2GUBGR2tUKRXCnxL -vJxxcypFURmFzI79R6d0lR2o0a9OF7FpJsKqeFdbxU2n5Z4FF5TKsl+gSRiNNOkm -bEgeqmiSBeGCc1qb3AdbCG19ndeNIdn8FCCqwkXfP+cAslHkwvgFuXkajDTznlvk -N1trSt8sV4pAWja63XVECDdCcAz+3F4hoKOKwJCcaNpQ5kUQR3i2TtJlycM33+FC -Y7BXN0Ute4qcvwXqZVUz9zkQxSgqIXobisQk+T8VyJoVIPVVYpbtbZNQvOSqeK3Z -ywplh6ZmwcSBo3c6WB4L7oOLnR7SUqTMHW+wmG2UMbX4cQrcufx9MmDm66+KAQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFdDCCA1ygAwIBAgIEAJiiOTANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJO -TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSswKQYDVQQDDCJTdGFh -dCBkZXIgTmVkZXJsYW5kZW4gUm9vdCBDQSAtIEczMB4XDTEzMTExNDExMjg0MloX -DTI4MTExMzIzMDAwMFowWjELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRl -ciBOZWRlcmxhbmRlbjErMCkGA1UEAwwiU3RhYXQgZGVyIE5lZGVybGFuZGVuIFJv -b3QgQ0EgLSBHMzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAL4yolQP -cPssXFnrbMSkUeiFKrPMSjTysF/zDsccPVMeiAho2G89rcKezIJnByeHaHE6n3WW -IkYFsO2tx1ueKt6c/DrGlaf1F2cY5y9JCAxcz+bMNO14+1Cx3Gsy8KL+tjzk7FqX -xz8ecAgwoNzFs21v0IJyEavSgWhZghe3eJJg+szeP4TrjTgzkApyI/o1zCZxMdFy -KJLZWyNtZrVtB0LrpjPOktvA9mxjeM3KTj215VKb8b475lRgsGYeCasH/lSJEULR -9yS6YHgamPfJEf0WwTUaVHXvQ9Plrk7O53vDxk5hUUurmkVLoR9BvUhTFXFkC4az -5S6+zqQbwSmEorXLCCN2QyIkHxcE1G6cxvx/K2Ya7Irl1s9N9WMJtxU51nus6+N8 -6U78dULI7ViVDAZCopz35HCz33JvWjdAidiFpNfxC95DGdRKWCyMijmev4SH8RY7 -Ngzp07TKbBlBUgmhHbBqv4LvcFEhMtwFdozL92TkA1CvjJFnq8Xy7ljY3r735zHP -bMk7ccHViLVlvMDoFxcHErVc0qsgk7TmgoNwNsXNo42ti+yjwUOH5kPiNL6VizXt -BznaqB16nzaeErAMZRKQFWDZJkBE41ZgpRDUajz9QdwOWke275dhdU/Z/seyHdTt -XUmzqWrLZoQT1Vyg3N9udwbRcXXIV2+vD3dbAgMBAAGjQjBAMA8GA1UdEwEB/wQF -MAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRUrfrHkleuyjWcLhL75Lpd -INyUVzANBgkqhkiG9w0BAQsFAAOCAgEAMJmdBTLIXg47mAE6iqTnB/d6+Oea31BD -U5cqPco8R5gu4RV78ZLzYdqQJRZlwJ9UXQ4DO1t3ApyEtg2YXzTdO2PCwyiBwpwp -LiniyMMB8jPqKqrMCQj3ZWfGzd/TtiunvczRDnBfuCPRy5FOCvTIeuXZYzbB1N/8 -Ipf3YF3qKS9Ysr1YvY2WTxB1v0h7PVGHoTx0IsL8B3+A3MSs/mrBcDCw6Y5p4ixp -gZQJut3+TcCDjJRYwEYgr5wfAvg1VUkvRtTA8KCWAg8zxXHzniN9lLf9OtMJgwYh -/WA9rjLA0u6NpvDntIJ8CsxwyXmA+P5M9zWEGYox+wrZ13+b8KKaa8MFSu1BYBQw -0aoRQm7TIwIEC8Zl3d1Sd9qBa7Ko+gE4uZbqKmxnl4mUnrzhVNXkanjvSr0rmj1A -fsbAddJu+2gw7OyLnflJNZoaLNmzlTnVHpL3prllL+U9bTpITAjc5CgSKL59NVzq -4BZ+Extq1z7XnvwtdbLBFNUjA9tbbws+eC8N3jONFrdI54OagQ97wUNNVQQXOEpR -1VmiiXTTn74eS9fGbbeIJG9gkaSChVtWQbzQRKtqE77RLFi3EjNYsjdj3BP1lB0/ -QFH1T/U67cjF68IeHRaVesd+QnGTbksVtzDfqu1XhUisHWrdOWnk4Xl4vs4Fv6EM -94B7IWcnMFk= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEDzCCAvegAwIBAgIBADANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJVUzEl -MCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMp -U3RhcmZpZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQw -NjI5MTczOTE2WhcNMzQwNjI5MTczOTE2WjBoMQswCQYDVQQGEwJVUzElMCMGA1UE -ChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMpU3RhcmZp -ZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggEgMA0GCSqGSIb3 -DQEBAQUAA4IBDQAwggEIAoIBAQC3Msj+6XGmBIWtDBFk385N78gDGIc/oav7PKaf -8MOh2tTYbitTkPskpD6E8J7oX+zlJ0T1KKY/e97gKvDIr1MvnsoFAZMej2YcOadN -+lq2cwQlZut3f+dZxkqZJRRU6ybH838Z1TBwj6+wRir/resp7defqgSHo9T5iaU0 -X9tDkYI22WY8sbi5gv2cOj4QyDvvBmVmepsZGD3/cVE8MC5fvj13c7JdBmzDI1aa -K4UmkhynArPkPw2vCHmCuDY96pzTNbO8acr1zJ3o/WSNF4Azbl5KXZnJHoe0nRrA -1W4TNSNe35tfPe/W93bC6j67eA0cQmdrBNj41tpvi/JEoAGrAgEDo4HFMIHCMB0G -A1UdDgQWBBS/X7fRzt0fhvRbVazc1xDCDqmI5zCBkgYDVR0jBIGKMIGHgBS/X7fR -zt0fhvRbVazc1xDCDqmI56FspGowaDELMAkGA1UEBhMCVVMxJTAjBgNVBAoTHFN0 -YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xMjAwBgNVBAsTKVN0YXJmaWVsZCBD -bGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMAwGA1UdEwQFMAMBAf8w -DQYJKoZIhvcNAQEFBQADggEBAAWdP4id0ckaVaGsafPzWdqbAYcaT1epoXkJKtv3 -L7IezMdeatiDh6GX70k1PncGQVhiv45YuApnP+yz3SFmH8lU+nLMPUxA2IGvd56D -eruix/U0F47ZEUD0/CwqTRV/p2JdLiXTAAsgGh1o+Re49L2L7ShZ3U0WixeDyLJl -xy16paq8U4Zt3VekyvggQQto8PT7dL5WXXp59fkdheMtlb71cZBDzI0fmgAKhynp -VSJYACPq4xJDKVtHCN2MQWplBqjlIapBtJUhlbl90TSrE9atvNziPTnNvT51cKEY -WQPJIrSPnNVeKtelttQKbfi3QBFGmh95DmK/D5fs4C8fF5Q= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID3TCCAsWgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBjzELMAkGA1UEBhMCVVMx -EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoT -HFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xMjAwBgNVBAMTKVN0YXJmaWVs -ZCBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5MDkwMTAwMDAw -MFoXDTM3MTIzMTIzNTk1OVowgY8xCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6 -b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFyZmllbGQgVGVj -aG5vbG9naWVzLCBJbmMuMTIwMAYDVQQDEylTdGFyZmllbGQgUm9vdCBDZXJ0aWZp -Y2F0ZSBBdXRob3JpdHkgLSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC -ggEBAL3twQP89o/8ArFvW59I2Z154qK3A2FWGMNHttfKPTUuiUP3oWmb3ooa/RMg -nLRJdzIpVv257IzdIvpy3Cdhl+72WoTsbhm5iSzchFvVdPtrX8WJpRBSiUZV9Lh1 -HOZ/5FSuS/hVclcCGfgXcVnrHigHdMWdSL5stPSksPNkN3mSwOxGXn/hbVNMYq/N -Hwtjuzqd+/x5AJhhdM8mgkBj87JyahkNmcrUDnXMN/uLicFZ8WJ/X7NfZTD4p7dN -dloedl40wOiWVpmKs/B/pM293DIxfJHP4F8R+GuqSVzRmZTRouNjWwl2tVZi4Ut0 -HZbUJtQIBFnQmA4O5t78w+wfkPECAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAO -BgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFHwMMh+n2TB/xH1oo2Kooc6rB1snMA0G -CSqGSIb3DQEBCwUAA4IBAQARWfolTwNvlJk7mh+ChTnUdgWUXuEok21iXQnCoKjU -sHU48TRqneSfioYmUeYs0cYtbpUgSpIB7LiKZ3sx4mcujJUDJi5DnUox9g61DLu3 -4jd/IroAow57UvtruzvE03lRTs2Q9GcHGcg8RnoNAX3FWOdt5oUwF5okxBDgBPfg -8n/Uqgr/Qh037ZTlZFkSIHc40zI+OIF1lnP6aI+xy84fxez6nH7PfrHxBy22/L/K -pL/QlwVKvOoYKAKQvVR4CSFx09F9HdkWsKlhPdAKACL8x3vLCWRFCztAgfd9fDL1 -mMpYjn0q7pBZc2T5NnReJaH1ZgUufzkVqSr7UIuOhWn0 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID7zCCAtegAwIBAgIBADANBgkqhkiG9w0BAQsFADCBmDELMAkGA1UEBhMCVVMx -EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoT -HFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xOzA5BgNVBAMTMlN0YXJmaWVs -ZCBTZXJ2aWNlcyBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5 -MDkwMTAwMDAwMFoXDTM3MTIzMTIzNTk1OVowgZgxCzAJBgNVBAYTAlVTMRAwDgYD -VQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFy -ZmllbGQgVGVjaG5vbG9naWVzLCBJbmMuMTswOQYDVQQDEzJTdGFyZmllbGQgU2Vy -dmljZXMgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBANUMOsQq+U7i9b4Zl1+OiFOxHz/Lz58gE20p -OsgPfTz3a3Y4Y9k2YKibXlwAgLIvWX/2h/klQ4bnaRtSmpDhcePYLQ1Ob/bISdm2 -8xpWriu2dBTrz/sm4xq6HZYuajtYlIlHVv8loJNwU4PahHQUw2eeBGg6345AWh1K -Ts9DkTvnVtYAcMtS7nt9rjrnvDH5RfbCYM8TWQIrgMw0R9+53pBlbQLPLJGmpufe -hRhJfGZOozptqbXuNC66DQO4M99H67FrjSXZm86B0UVGMpZwh94CDklDhbZsc7tk -6mFBrMnUVN+HL8cisibMn1lUaJ/8viovxFUcdUBgF4UCVTmLfwUCAwEAAaNCMEAw -DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFJxfAN+q -AdcwKziIorhtSpzyEZGDMA0GCSqGSIb3DQEBCwUAA4IBAQBLNqaEd2ndOxmfZyMI -bw5hyf2E3F/YNoHN2BtBLZ9g3ccaaNnRbobhiCPPE95Dz+I0swSdHynVv/heyNXB -ve6SbzJ08pGCL72CQnqtKrcgfU28elUSwhXqvfdqlS5sdJ/PHLTyxQGjhdByPq1z -qwubdQxtRbeOlKyWN7Wg0I8VRw7j6IPdj/3vQQF3zCepYoUz8jcI73HPdwbeyBkd -iEDPfUYd/x7H4c7/I9vG+o1VTqkC50cRRj70/b17KSa7qWFiNyi2LSr2EIZkyXCn -0q23KXB56jzaYyWf/Wi3MOxw+3WKt21gZ7IeyLnp2KhvAotnDU0mV3HaIPzBSlCN -sSi6 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFujCCA6KgAwIBAgIJALtAHEP1Xk+wMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV -BAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcxHzAdBgNVBAMTFlN3aXNzU2ln -biBHb2xkIENBIC0gRzIwHhcNMDYxMDI1MDgzMDM1WhcNMzYxMDI1MDgzMDM1WjBF -MQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dpc3NTaWduIEFHMR8wHQYDVQQDExZT -d2lzc1NpZ24gR29sZCBDQSAtIEcyMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC -CgKCAgEAr+TufoskDhJuqVAtFkQ7kpJcyrhdhJJCEyq8ZVeCQD5XJM1QiyUqt2/8 -76LQwB8CJEoTlo8jE+YoWACjR8cGp4QjK7u9lit/VcyLwVcfDmJlD909Vopz2q5+ -bbqBHH5CjCA12UNNhPqE21Is8w4ndwtrvxEvcnifLtg+5hg3Wipy+dpikJKVyh+c -6bM8K8vzARO/Ws/BtQpgvd21mWRTuKCWs2/iJneRjOBiEAKfNA+k1ZIzUd6+jbqE -emA8atufK+ze3gE/bk3lUIbLtK/tREDFylqM2tIrfKjuvqblCqoOpd8FUrdVxyJd -MmqXl2MT28nbeTZ7hTpKxVKJ+STnnXepgv9VHKVxaSvRAiTysybUa9oEVeXBCsdt -MDeQKuSeFDNeFhdVxVu1yzSJkvGdJo+hB9TGsnhQ2wwMC3wLjEHXuendjIj3o02y -MszYF9rNt85mndT9Xv+9lz4pded+p2JYryU0pUHHPbwNUMoDAw8IWh+Vc3hiv69y -FGkOpeUDDniOJihC8AcLYiAQZzlG+qkDzAQ4embvIIO1jEpWjpEA/I5cgt6IoMPi -aG59je883WX0XaxR7ySArqpWl2/5rX3aYT+YdzylkbYcjCbaZaIJbcHiVOO5ykxM -gI93e2CaHt+28kgeDrpOVG2Y4OGiGqJ3UM/EY5LsRxmd6+ZrzsECAwEAAaOBrDCB -qTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUWyV7 -lqRlUX64OfPAeGZe6Drn8O4wHwYDVR0jBBgwFoAUWyV7lqRlUX64OfPAeGZe6Drn -8O4wRgYDVR0gBD8wPTA7BglghXQBWQECAQEwLjAsBggrBgEFBQcCARYgaHR0cDov -L3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS8wDQYJKoZIhvcNAQEFBQADggIBACe6 -45R88a7A3hfm5djV9VSwg/S7zV4Fe0+fdWavPOhWfvxyeDgD2StiGwC5+OlgzczO -UYrHUDFu4Up+GC9pWbY9ZIEr44OE5iKHjn3g7gKZYbge9LgriBIWhMIxkziWMaa5 -O1M/wySTVltpkuzFwbs4AOPsF6m43Md8AYOfMke6UiI0HTJ6CVanfCU2qT1L2sCC -bwq7EsiHSycR+R4tx5M/nttfJmtS2S6K8RTGRI0Vqbe/vd6mGu6uLftIdxf+u+yv -GPUqUfA5hJeVbG4bwyvEdGB5JbAKJ9/fXtI5z0V9QkvfsywexcZdylU6oJxpmo/a -77KwPJ+HbBIrZXAVUjEaJM9vMSNQH4xPjyPDdEFjHFWoFN0+4FFQz/EbMFYOkrCC -hdiDyyJkvC24JdVUorgG6q2SpCSgwYa1ShNqR88uC1aVVMvOmttqtKay20EIhid3 -92qgQmwLOM7XdVAyksLfKzAiSNDVQTglXaTpXZ/GlHXQRf0wl0OPkKsKx4ZzYEpp -Ld6leNcG2mqeSz53OiATIgHQv2ieY2BrNU0LbbqhPcCT4H8js1WtciVORvnSFu+w -ZMEBnunKoGqYDs/YYPIvSbjkQuE4NRb0yG5P94FW6LqjviOvrv1vA+ACOzB2+htt -Qc8Bsem4yWb02ybzOqR08kkkW8mw0FfB+j564ZfJ ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFwTCCA6mgAwIBAgIITrIAZwwDXU8wDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE -BhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEjMCEGA1UEAxMaU3dpc3NTaWdu -IFBsYXRpbnVtIENBIC0gRzIwHhcNMDYxMDI1MDgzNjAwWhcNMzYxMDI1MDgzNjAw -WjBJMQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dpc3NTaWduIEFHMSMwIQYDVQQD -ExpTd2lzc1NpZ24gUGxhdGludW0gQ0EgLSBHMjCCAiIwDQYJKoZIhvcNAQEBBQAD -ggIPADCCAgoCggIBAMrfogLi2vj8Bxax3mCq3pZcZB/HL37PZ/pEQtZ2Y5Wu669y -IIpFR4ZieIbWIDkm9K6j/SPnpZy1IiEZtzeTIsBQnIJ71NUERFzLtMKfkr4k2Htn -IuJpX+UFeNSH2XFwMyVTtIc7KZAoNppVRDBopIOXfw0enHb/FZ1glwCNioUD7IC+ -6ixuEFGSzH7VozPY1kneWCqv9hbrS3uQMpe5up1Y8fhXSQQeol0GcN1x2/ndi5ob -jM89o03Oy3z2u5yg+gnOI2Ky6Q0f4nIoj5+saCB9bzuohTEJfwvH6GXp43gOCWcw -izSC+13gzJ2BbWLuCB4ELE6b7P6pT1/9aXjvCR+htL/68++QHkwFix7qepF6w9fl -+zC8bBsQWJj3Gl/QKTIDE0ZNYWqFTFJ0LwYfexHihJfGmfNtf9dng34TaNhxKFrY -zt3oEBSa/m0jh26OWnA81Y0JAKeqvLAxN23IhBQeW71FYyBrS3SMvds6DsHPWhaP -pZjydomyExI7C3d3rLvlPClKknLKYRorXkzig3R3+jVIeoVNjZpTxN94ypeRSCtF -KwH3HBqi7Ri6Cr2D+m+8jVeTO9TUps4e8aCxzqv9KyiaTxvXw3LbpMS/XUz13XuW -ae5ogObnmLo2t/5u7Su9IPhlGdpVCX4l3P5hYnL5fhgC72O00Puv5TtjjGePAgMB -AAGjgawwgakwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O -BBYEFFCvzAeHFUdvOMW0ZdHelarp35zMMB8GA1UdIwQYMBaAFFCvzAeHFUdvOMW0 -ZdHelarp35zMMEYGA1UdIAQ/MD0wOwYJYIV0AVkBAQEBMC4wLAYIKwYBBQUHAgEW -IGh0dHA6Ly9yZXBvc2l0b3J5LnN3aXNzc2lnbi5jb20vMA0GCSqGSIb3DQEBBQUA -A4ICAQAIhab1Fgz8RBrBY+D5VUYI/HAcQiiWjrfFwUF1TglxeeVtlspLpYhg0DB0 -uMoI3LQwnkAHFmtllXcBrqS3NQuB2nEVqXQXOHtYyvkv+8Bldo1bAbl93oI9ZLi+ -FHSjClTTLJUYFzX1UWs/j6KWYTl4a0vlpqD4U99REJNi54Av4tHgvI42Rncz7Lj7 -jposiU0xEQ8mngS7twSNC/K5/FqdOxa3L8iYq/6KUFkuozv8KV2LwUvJ4ooTHbG/ -u0IdUt1O2BReEMYxB+9xJ/cbOQncguqLs5WGXv312l0xpuAxtpTmREl0xRbl9x8D -YSjFyMsSoEJL+WuICI20MhjzdZ/EfwBPBZWcoxcCw7NTm6ogOSkrZvqdr16zktK1 -puEa+S1BaYEUtLS17Yk9zvupnTVCRLEcFHOBzyoBNZox1S2PbYTfgE1X4z/FhHXa -icYwu+uPyyIIoK6q8QNsOktNCaUOcsZWayFCTiMlFGiudgp8DAdwZPmaL/YFOSbG -DI8Zf0NebvRbFS/bYV3mZy8/CJT5YLSYMdp08YSTcU1f+2BY0fvEwW2JorsgH51x -kcsymxM9Pn2SUjWskpSi0xjCfMfqr3YFFt1nJ8J+HAciIfNAChs0B0QTwoRqjt8Z -Wr9/6x3iGjjRXK9HkmuAtTClyY3YqzGBH9/CZjfTk6mFhnll0g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFvTCCA6WgAwIBAgIITxvUL1S7L0swDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UE -BhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEhMB8GA1UEAxMYU3dpc3NTaWdu -IFNpbHZlciBDQSAtIEcyMB4XDTA2MTAyNTA4MzI0NloXDTM2MTAyNTA4MzI0Nlow -RzELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEhMB8GA1UEAxMY -U3dpc3NTaWduIFNpbHZlciBDQSAtIEcyMIICIjANBgkqhkiG9w0BAQEFAAOCAg8A -MIICCgKCAgEAxPGHf9N4Mfc4yfjDmUO8x/e8N+dOcbpLj6VzHVxumK4DV644N0Mv -Fz0fyM5oEMF4rhkDKxD6LHmD9ui5aLlV8gREpzn5/ASLHvGiTSf5YXu6t+WiE7br -YT7QbNHm+/pe7R20nqA1W6GSy/BJkv6FCgU+5tkL4k+73JU3/JHpMjUi0R86TieF -nbAVlDLaYQ1HTWBCrpJH6INaUFjpiou5XaHc3ZlKHzZnu0jkg7Y360g6rw9njxcH -6ATK72oxh9TAtvmUcXtnZLi2kUpCe2UuMGoM9ZDulebyzYLs2aFK7PayS+VFheZt -eJMELpyCbTapxDFkH4aDCyr0NQp4yVXPQbBH6TCfmb5hqAaEuSh6XzjZG6k4sIN/ -c8HDO0gqgg8hm7jMqDXDhBuDsz6+pJVpATqJAHgE2cn0mRmrVn5bi4Y5FZGkECwJ -MoBgs5PAKrYYC51+jUnyEEp/+dVGLxmSo5mnJqy7jDzmDrxHB9xzUfFwZC8I+bRH -HTBsROopN4WSaGa8gzj+ezku01DwH/teYLappvonQfGbGHLy9YR0SslnxFSuSGTf -jNFusB3hB48IHpmccelM2KX3RxIfdNFRnobzwqIjQAtz20um53MGjMGg6cFZrEb6 -5i/4z3GcRm25xBWNOHkDRUjvxF3XCO6HOSKGsg0PWEP3calILv3q1h8CAwEAAaOB -rDCBqTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU -F6DNweRBtjpbO8tFnb0cwpj6hlgwHwYDVR0jBBgwFoAUF6DNweRBtjpbO8tFnb0c -wpj6hlgwRgYDVR0gBD8wPTA7BglghXQBWQEDAQEwLjAsBggrBgEFBQcCARYgaHR0 -cDovL3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS8wDQYJKoZIhvcNAQEFBQADggIB -AHPGgeAn0i0P4JUw4ppBf1AsX19iYamGamkYDHRJ1l2E6kFSGG9YrVBWIGrGvShp -WJHckRE1qTodvBqlYJ7YH39FkWnZfrt4csEGDyrOj4VwYaygzQu4OSlWhDJOhrs9 -xCrZ1x9y7v5RoSJBsXECYxqCsGKrXlcSH9/L3XWgwF15kIwb4FDm3jH+mHtwX6WQ -2K34ArZv02DdQEsixT2tOnqfGhpHkXkzuoLcMmkDlm4fS/Bx/uNncqCxv1yL5PqZ -IseEuRuNI5c/7SXgz2W79WEE790eslpBIlqhn10s6FvJbakMDHiqYMZWjwFaDGi8 -aRl5xB9+lwW/xekkUV7U1UtT7dkjWjYDZaPBA61BMPNGG4WQr2W11bHkFlt4dR2X -em1ZqSqPe97Dh4kQmUlzeMg9vVE1dCrV8X5pGyq7O70luJpaPXJhkGaH7gzWTdQR -dAtq/gsD/KNVV4n+SsuuWxcFyPKNIzFTONItaj+CuY0IavdeQXRuwxF+B6wpYJE/ -OMpXEA29MC/HpeZBoNquBYeaoKRlbEwJDIm6uNO5wJOKMPqN5ZprFQFOZ6raYlY+ -hAhm0sQ2fac+EPyI4NSA5QC9qvNOBqN6avlicuMJT+ubDgEj8Z+7fNzcbBGXJbLy -tGMU0gYqZ4yD9c7qB9iaah7s5Aq7KkzrCWA5zspi2C5u ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF2TCCA8GgAwIBAgIQHp4o6Ejy5e/DfEoeWhhntjANBgkqhkiG9w0BAQsFADBk -MQswCQYDVQQGEwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0 -YWwgQ2VydGlmaWNhdGUgU2VydmljZXMxGzAZBgNVBAMTElN3aXNzY29tIFJvb3Qg -Q0EgMjAeFw0xMTA2MjQwODM4MTRaFw0zMTA2MjUwNzM4MTRaMGQxCzAJBgNVBAYT -AmNoMREwDwYDVQQKEwhTd2lzc2NvbTElMCMGA1UECxMcRGlnaXRhbCBDZXJ0aWZp -Y2F0ZSBTZXJ2aWNlczEbMBkGA1UEAxMSU3dpc3Njb20gUm9vdCBDQSAyMIICIjAN -BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAlUJOhJ1R5tMJ6HJaI2nbeHCOFvEr -jw0DzpPMLgAIe6szjPTpQOYXTKueuEcUMncy3SgM3hhLX3af+Dk7/E6J2HzFZ++r -0rk0X2s682Q2zsKwzxNoysjL67XiPS4h3+os1OD5cJZM/2pYmLcX5BtS5X4HAB1f -2uY+lQS3aYg5oUFgJWFLlTloYhyxCwWJwDaCFCE/rtuh/bxvHGCGtlOUSbkrRsVP -ACu/obvLP+DHVxxX6NZp+MEkUp2IVd3Chy50I9AU/SpHWrumnf2U5NGKpV+GY3aF -y6//SSj8gO1MedK75MDvAe5QQQg1I3ArqRa0jG6F6bYRzzHdUyYb3y1aSgJA/MTA -tukxGggo5WDDH8SQjhBiYEQN7Aq+VRhxLKX0srwVYv8c474d2h5Xszx+zYIdkeNL -6yxSNLCK/RJOlrDrcH+eOfdmQrGrrFLadkBXeyq96G4DsguAhYidDMfCd7Camlf0 -uPoTXGiTOmekl9AbmbeGMktg2M7v0Ax/lZ9vh0+Hio5fCHyqW/xavqGRn1V9TrAL -acywlKinh/LTSlDcX3KwFnUey7QYYpqwpzmqm59m2I2mbJYV4+by+PGDYmy7Velh -k6M99bFXi08jsJvllGov34zflVEpYKELKeRcVVi3qPyZ7iVNTA6z00yPhOgpD/0Q -VAKFyPnlw4vP5w8CAwEAAaOBhjCBgzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0hBBYw -FDASBgdghXQBUwIBBgdghXQBUwIBMBIGA1UdEwEB/wQIMAYBAf8CAQcwHQYDVR0O -BBYEFE0mICKJS9PVpAqhb97iEoHF8TwuMB8GA1UdIwQYMBaAFE0mICKJS9PVpAqh -b97iEoHF8TwuMA0GCSqGSIb3DQEBCwUAA4ICAQAyCrKkG8t9voJXiblqf/P0wS4R -fbgZPnm3qKhyN2abGu2sEzsOv2LwnN+ee6FTSA5BesogpxcbtnjsQJHzQq0Qw1zv -/2BZf82Fo4s9SBwlAjxnffUy6S8w5X2lejjQ82YqZh6NM4OKb3xuqFp1mrjX2lhI -REeoTPpMSQpKwhI3qEAMw8jh0FcNlzKVxzqfl9NX+Ave5XLzo9v/tdhZsnPdTSpx -srpJ9csc1fV5yJmz/MFMdOO0vSk3FQQoHt5FRnDsr7p4DooqzgB53MBfGWcsa0vv -aGgLQ+OswWIJ76bdZWGgr4RVSJFSHMYlkSrQwSIjYVmvRRGFHQEkNI/Ps/8XciAT -woCqISxxOQ7Qj1zB09GOInJGTB2Wrk9xseEFKZZZ9LuedT3PDTcNYtsmjGOpI99n -Bjx8Oto0QuFmtEYE3saWmA9LSHokMnWRn6z3aOkquVVlzl1h0ydw2Df+n7mvoC5W -t6NlUe07qxS/TFED6F+KBZvuim6c779o+sjaC+NCydAXFJy3SuCvkychVSa1ZC+N -8f+mQAWFBVzKBxlcCxMoTFh/wqXvRdpg065lYZ1Tg3TCrvJcwhbtkj6EPnNgiLx2 -9CzP0H1907he0ZESEOnN3col49XtmS++dYFLJPlFRpTJKSFTnCZFqhMX5OfNeOI5 -wSsSnqaeG8XmDtkx2Q== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICqDCCAi2gAwIBAgIQIW4zpcvTiKRvKQe0JzzE2DAKBggqhkjOPQQDAzCBlDEL -MAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYD -VQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRlYyBD -bGFzcyAxIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0g -RzQwHhcNMTExMDA1MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBlDELMAkGA1UEBhMC -VVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYDVQQLExZTeW1h -bnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRlYyBDbGFzcyAxIFB1 -YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzQwdjAQBgcq -hkjOPQIBBgUrgQQAIgNiAATXZrUb266zYO5G6ohjdTsqlG3zXxL24w+etgoUU0hS -yNw6s8tIICYSTvqJhNTfkeQpfSgB2dsYQ2mhH7XThhbcx39nI9/fMTGDAzVwsUu3 -yBe7UcvclBfb6gk7dhLeqrWjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E -BTADAQH/MB0GA1UdDgQWBBRlwI0l9Qy6l3eQP54u4Fr1ztXh5DAKBggqhkjOPQQD -AwNpADBmAjEApa7jRlP4mDbjIvouKEkN7jB+M/PsP3FezFWJeJmssv3cHFwzjim5 -axfIEWi13IMHAjEAnMhE2mnCNsNUGRCFAtqdR+9B52wmnQk9922Q0QVEL7C8g5No -8gxFSTm/mQQc0xCg ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID9jCCAt6gAwIBAgIQJDJ18h0v0gkz97RqytDzmDANBgkqhkiG9w0BAQsFADCB -lDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8w -HQYDVQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRl -YyBDbGFzcyAxIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5 -IC0gRzYwHhcNMTExMDE4MDAwMDAwWhcNMzcxMjAxMjM1OTU5WjCBlDELMAkGA1UE -BhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYDVQQLExZT -eW1hbnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRlYyBDbGFzcyAx -IFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzYwggEi -MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHOddJZKmZgiJM6kXZBxbje/SD -6Jlz+muxNuCad6BAwoGNAcfMjL2Pffd543pMA03Z+/2HOCgs3ZqLVAjbZ/sbjP4o -ki++t7JIp4Gh2F6Iw8w5QEFa0dzl2hCfL9oBTf0uRnz5LicKaTfukaMbasxEvxvH -w9QRslBglwm9LiL1QYRmn81ApqkAgMEflZKf3vNI79sdd2H8f9/ulqRy0LY+/3gn -r8uSFWkI22MQ4uaXrG7crPaizh5HmbmJtxLmodTNWRFnw2+F2EJOKL5ZVVkElauP -N4C/DfD8HzpkMViBeNfiNfYgPym4jxZuPkjctUwH4fIa6n4KedaovetdhitNAgMB -AAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQW -BBQzQejIORIVk0jyljIuWvXalF9TYDANBgkqhkiG9w0BAQsFAAOCAQEAFeNzV7EX -tl9JaUSm9l56Z6zS3nVJq/4lVcc6yUQVEG6/MWvL2QeTfxyFYwDjMhLgzMv7OWyP -4lPiPEAz2aSMR+atWPuJr+PehilWNCxFuBL6RIluLRQlKCQBZdbqUqwFblYSCT3Q -dPTXvQbKqDqNVkL6jXI+dPEDct+HG14OelWWLDi3mIXNTTNEyZSPWjEwN0ujOhKz -5zbRIWhLLTjmU64cJVYIVgNnhJ3Gw84kYsdMNs+wBkS39V8C3dlU6S+QTnrIToNA -DJqXPDe/v+z28LSFdyjBC8hnghAXOKK3Buqbvzr46SMHv3TgmDgVVXjucgBcGaP0 -0jPg/73RVDkpDw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICqDCCAi2gAwIBAgIQNBdlEkA7t1aALYDLeVWmHjAKBggqhkjOPQQDAzCBlDEL -MAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYD -VQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRlYyBD -bGFzcyAyIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0g -RzQwHhcNMTExMDA1MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBlDELMAkGA1UEBhMC -VVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYDVQQLExZTeW1h -bnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRlYyBDbGFzcyAyIFB1 -YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzQwdjAQBgcq -hkjOPQIBBgUrgQQAIgNiAATR2UqOTA2ESlG6fO/TzPo6mrWnYxM9AeBJPvrBR8mS -szrX/m+c95o6D/UOCgrDP8jnEhSO1dVtmCyzcTIK6yq99tdqIAtnRZzSsr9TImYJ -XdsR8/EFM1ij4rjPfM2Cm72jQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E -BTADAQH/MB0GA1UdDgQWBBQ9MvM6qQyQhPmijGkGYVQvh3L+BTAKBggqhkjOPQQD -AwNpADBmAjEAyKapr0F/tckRQhZoaUxcuCcYtpjxwH+QbYfTjEYX8D5P/OqwCMR6 -S7wIL8fip29lAjEA1lnehs5fDspU1cbQFQ78i5Ry1I4AWFPPfrFLDeVQhuuea9// -KabYR9mglhjb8kWz ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID9jCCAt6gAwIBAgIQZIKe/DcedF38l/+XyLH/QTANBgkqhkiG9w0BAQsFADCB -lDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8w -HQYDVQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRl -YyBDbGFzcyAyIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5 -IC0gRzYwHhcNMTExMDE4MDAwMDAwWhcNMzcxMjAxMjM1OTU5WjCBlDELMAkGA1UE -BhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYDVQQLExZT -eW1hbnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRlYyBDbGFzcyAy -IFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzYwggEi -MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNzOkFyGOFyz9AYxe9GPo15gRn -V2WYKaRPyVyPDzTS+NqoE2KquB5QZ3iwFkygOakVeq7t0qLA8JA3KRgmXOgNPLZs -ST/B4NzZS7YUGQum05bh1gnjGSYc+R9lS/kaQxwAg9bQqkmi1NvmYji6UBRDbfkx -+FYW2TgCkc/rbN27OU6Z4TBnRfHU8I3D3/7yOAchfQBeVkSz5GC9kSucq1sEcg+y -KNlyqwUgQiWpWwNqIBDMMfAr2jUs0Pual07wgksr2F82owstr2MNHSV/oW5cYqGN -KD6h/Bwg+AEvulWaEbAZ0shQeWsOagXXqgQ2sqPy4V93p3ec5R7c6d9qwWVdAgMB -AAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQW -BBSHjCCVyJhK0daABkqQNETfHE2/sDANBgkqhkiG9w0BAQsFAAOCAQEAgY6ypWaW -tyGltu9vI1pf24HFQqV4wWn99DzX+VxrcHIa/FqXTQCAiIiCisNxDY7FiZss7Y0L -0nJU9X3UXENX6fOupQIR9nYrgVfdfdp0MP1UR/bgFm6mtApI5ud1Bw8pGTnOefS2 -bMVfmdUfS/rfbSw8DVSAcPCIC4DPxmiiuB1w2XaM/O6lyc+tHc+ZJVdaYkXLFmu9 -Sc2lo4xpeSWuuExsi0BmSxY/zwIa3eFsawdhanYVKZl/G92IgMG/tY9zxaaWI4Sm -KIYkM2oBLldzJbZev4/mHWGoQClnHYebHX+bn5nNMdZUvmK7OaxoEkiRIKXLsd3+ -b/xa5IJVWa8xqQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUx -KzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAd -BgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNl -YyBHbG9iYWxSb290IENsYXNzIDIwHhcNMDgxMDAxMTA0MDE0WhcNMzMxMDAxMjM1 -OTU5WjCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnBy -aXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50 -ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDIwggEiMA0G -CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqX9obX+hzkeXaXPSi5kfl82hVYAUd -AqSzm1nzHoqvNK38DcLZSBnuaY/JIPwhqgcZ7bBcrGXHX+0CfHt8LRvWurmAwhiC -FoT6ZrAIxlQjgeTNuUk/9k9uN0goOA/FvudocP05l03Sx5iRUKrERLMjfTlH6VJi -1hKTXrcxlkIF+3anHqP1wvzpesVsqXFP6st4vGCvx9702cu+fjOlbpSD8DT6Iavq -jnKgP6TeMFvvhk1qlVtDRKgQFRzlAVfFmPHmBiiRqiDFt1MmUUOyCxGVWOHAD3bZ -wI18gfNycJ5v/hqO2V81xrJvNHy+SE/iWjnX2J14np+GPgNeGYtEotXHAgMBAAGj -QjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBS/ -WSA2AHmgoCJrjNXyYdK4LMuCSjANBgkqhkiG9w0BAQsFAAOCAQEAMQOiYQsfdOhy -NsZt+U2e+iKo4YFWz827n+qrkRk4r6p8FU3ztqONpfSO9kSpp+ghla0+AGIWiPAC -uvxhI+YzmzB6azZie60EI4RYZeLbK4rnJVM3YlNfvNoBYimipidx5joifsFvHZVw -IEoHNN/q/xWA5brXethbdXwFeilHfkCoMRN3zUA7tFFHei4R40cR3p1m0IvVVGb6 -g1XqfMIpiRvpb7PO4gWEyS8+eIVibslfwXhjdFjASBgMmTnrpMwatXlajRWc2BQN -9noHV8cigwUtPJslJj0Ys6lDfMjIq2SPDqO/nBudMNva0Bkuqjzx+zOAduTNrRlP -BSeOE6Fuwg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUx -KzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAd -BgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNl -YyBHbG9iYWxSb290IENsYXNzIDMwHhcNMDgxMDAxMTAyOTU2WhcNMzMxMDAxMjM1 -OTU5WjCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnBy -aXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50 -ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDMwggEiMA0G -CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9dZPwYiJvJK7genasfb3ZJNW4t/zN -8ELg63iIVl6bmlQdTQyK9tPPcPRStdiTBONGhnFBSivwKixVA9ZIw+A5OO3yXDw/ -RLyTPWGrTs0NvvAgJ1gORH8EGoel15YUNpDQSXuhdfsaa3Ox+M6pCSzyU9XDFES4 -hqX2iys52qMzVNn6chr3IhUciJFrf2blw2qAsCTz34ZFiP0Zf3WHHx+xGwpzJFu5 -ZeAsVMhg02YXP+HMVDNzkQI6pn97djmiH5a2OK61yJN0HZ65tOVgnS9W0eDrXltM -EnAMbEQgqxHY9Bn20pxSN+f6tsIxO0rUFJmtxxr1XV/6B7h8DR/Wgx6zAgMBAAGj -QjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBS1 -A/d2O2GCahKqGFPrAyGUv/7OyjANBgkqhkiG9w0BAQsFAAOCAQEAVj3vlNW92nOy -WL6ukK2YJ5f+AbGwUgC4TeQbIXQbfsDuXmkqJa9c1h3a0nnJ85cp4IaH3gRZD/FZ -1GSFS5mvJQQeyUapl96Cshtwn5z2r3Ex3XsFpSzTucpH9sry9uetuUg/vBa3wW30 -6gmv7PO15wWeph6KU1HWk4HMdJP2udqmJQV0eVp+QD6CSyYRMG7hP0HHRwA11fXT -91Q+gT3aSWqas+8QPebrb9HIIkfLzM8BMZLZGOMivgkeGj5asuRrDFR6fUNOuIml -e9eiPZaGzPImNC1qkp2aGtAw4l1OBLBfiyB+d8E9lYLRRpo7PHi4b6HQDWSieB4p -TpPDpFQUWw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEqjCCA5KgAwIBAgIOSkcAAQAC5aBd1j8AUb8wDQYJKoZIhvcNAQEFBQAwdjEL -MAkGA1UEBhMCREUxHDAaBgNVBAoTE1RDIFRydXN0Q2VudGVyIEdtYkgxIjAgBgNV -BAsTGVRDIFRydXN0Q2VudGVyIENsYXNzIDMgQ0ExJTAjBgNVBAMTHFRDIFRydXN0 -Q2VudGVyIENsYXNzIDMgQ0EgSUkwHhcNMDYwMTEyMTQ0MTU3WhcNMjUxMjMxMjI1 -OTU5WjB2MQswCQYDVQQGEwJERTEcMBoGA1UEChMTVEMgVHJ1c3RDZW50ZXIgR21i -SDEiMCAGA1UECxMZVEMgVHJ1c3RDZW50ZXIgQ2xhc3MgMyBDQTElMCMGA1UEAxMc -VEMgVHJ1c3RDZW50ZXIgQ2xhc3MgMyBDQSBJSTCCASIwDQYJKoZIhvcNAQEBBQAD -ggEPADCCAQoCggEBALTgu1G7OVyLBMVMeRwjhjEQY0NVJz/GRcekPewJDRoeIMJW -Ht4bNwcwIi9v8Qbxq63WyKthoy9DxLCyLfzDlml7forkzMA5EpBCYMnMNWju2l+Q -Vl/NHE1bWEnrDgFPZPosPIlY2C8u4rBo6SI7dYnWRBpl8huXJh0obazovVkdKyT2 -1oQDZogkAHhg8fir/gKya/si+zXmFtGt9i4S5Po1auUZuV3bOx4a+9P/FRQI2Alq -ukWdFHlgfa9Aigdzs5OW03Q0jTo3Kd5c7PXuLjHCINy+8U9/I1LZW+Jk2ZyqBwi1 -Rb3R0DHBq1SfqdLDYmAD8bs5SpJKPQq5ncWg/jcCAwEAAaOCATQwggEwMA8GA1Ud -EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBTUovyfs8PYA9NX -XAek0CSnwPIA1DCB7QYDVR0fBIHlMIHiMIHfoIHcoIHZhjVodHRwOi8vd3d3LnRy -dXN0Y2VudGVyLmRlL2NybC92Mi90Y19jbGFzc18zX2NhX0lJLmNybIaBn2xkYXA6 -Ly93d3cudHJ1c3RjZW50ZXIuZGUvQ049VEMlMjBUcnVzdENlbnRlciUyMENsYXNz -JTIwMyUyMENBJTIwSUksTz1UQyUyMFRydXN0Q2VudGVyJTIwR21iSCxPVT1yb290 -Y2VydHMsREM9dHJ1c3RjZW50ZXIsREM9ZGU/Y2VydGlmaWNhdGVSZXZvY2F0aW9u -TGlzdD9iYXNlPzANBgkqhkiG9w0BAQUFAAOCAQEANmDkcPcGIEPZIxpC8vijsrlN -irTzwppVMXzEO2eatN9NDoqTSheLG43KieHPOh6sHfGcMrSOWXaiQYUlN6AT0PV8 -TtXqluJucsG7Kv5sbviRmEb8yRtXW+rIGjs/sFGYPAfaLFkB2otE6OF0/ado3VS6 -g0bsyEa1+K+XwDsJHI/OcpY9M1ZwvJbL2NV9IJqDnxrcOfHFcqMRA/07QlIp2+gB -95tejNaNhk4Z+rwcvsUhpYeeeC422wlxo3I0+GzjBgnyXlal092Y+tTmBvTwtiBj -S+opvaqCZh77gaqnN60TGOaSw4HBM7uIHqHn4rS9MWwOUT1v+5ZWgOI2F9Hc5A== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEYzCCA0ugAwIBAgIBATANBgkqhkiG9w0BAQsFADCB0jELMAkGA1UEBhMCVFIx -GDAWBgNVBAcTD0dlYnplIC0gS29jYWVsaTFCMEAGA1UEChM5VHVya2l5ZSBCaWxp -bXNlbCB2ZSBUZWtub2xvamlrIEFyYXN0aXJtYSBLdXJ1bXUgLSBUVUJJVEFLMS0w -KwYDVQQLEyRLYW11IFNlcnRpZmlrYXN5b24gTWVya2V6aSAtIEthbXUgU00xNjA0 -BgNVBAMTLVRVQklUQUsgS2FtdSBTTSBTU0wgS29rIFNlcnRpZmlrYXNpIC0gU3Vy -dW0gMTAeFw0xMzExMjUwODI1NTVaFw00MzEwMjUwODI1NTVaMIHSMQswCQYDVQQG -EwJUUjEYMBYGA1UEBxMPR2ViemUgLSBLb2NhZWxpMUIwQAYDVQQKEzlUdXJraXll -IEJpbGltc2VsIHZlIFRla25vbG9qaWsgQXJhc3Rpcm1hIEt1cnVtdSAtIFRVQklU -QUsxLTArBgNVBAsTJEthbXUgU2VydGlmaWthc3lvbiBNZXJrZXppIC0gS2FtdSBT -TTE2MDQGA1UEAxMtVFVCSVRBSyBLYW11IFNNIFNTTCBLb2sgU2VydGlmaWthc2kg -LSBTdXJ1bSAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3UwM6q7 -a9OZLBI3hNmNe5eA027n/5tQlT6QlVZC1xl8JoSNkvoBHToP4mQ4t4y86Ij5iySr -LqP1N+RAjhgleYN1Hzv/bKjFxlb4tO2KRKOrbEz8HdDc72i9z+SqzvBV96I01INr -N3wcwv61A+xXzry0tcXtAA9TNypN9E8Mg/uGz8v+jE69h/mniyFXnHrfA2eJLJ2X -YacQuFWQfw4tJzh03+f92k4S400VIgLI4OD8D62K18lUUMw7D8oWgITQUVbDjlZ/ -iSIzL+aFCr2lqBs23tPcLG07xxO9WSMs5uWk99gL7eqQQESolbuT1dCANLZGeA4f -AJNG4e7p+exPFwIDAQABo0IwQDAdBgNVHQ4EFgQUZT/HiobGPN08VFw1+DrtUgxH -V8gwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEL -BQADggEBACo/4fEyjq7hmFxLXs9rHmoJ0iKpEsdeV31zVmSAhHqT5Am5EM2fKifh -AHe+SMg1qIGf5LgsyX8OsNJLN13qudULXjS99HMpw+0mFZx+CFOKWI3QSyjfwbPf -IPP54+M638yclNhOT8NrF7f3cuitZjO1JVOr4PhMqZ398g26rrnZqsZr+ZO7rqu4 -lzwDGrpDxpa5RXI4s6ehlj2Re37AIVNMh+3yC1SVUZPVIqUNivGTDj5UDrDYyU7c -8jEyVupk+eq1nRZmQnLzf9OxMUP8pI4X8W0jq5Rm+K37DwhuJi1/FwcJsoz7UMCf -lo3Ptv0AnVoUmr8CRPXBwp8iXqIPoeM= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFQTCCAymgAwIBAgICDL4wDQYJKoZIhvcNAQELBQAwUTELMAkGA1UEBhMCVFcx -EjAQBgNVBAoTCVRBSVdBTi1DQTEQMA4GA1UECxMHUm9vdCBDQTEcMBoGA1UEAxMT -VFdDQSBHbG9iYWwgUm9vdCBDQTAeFw0xMjA2MjcwNjI4MzNaFw0zMDEyMzExNTU5 -NTlaMFExCzAJBgNVBAYTAlRXMRIwEAYDVQQKEwlUQUlXQU4tQ0ExEDAOBgNVBAsT -B1Jvb3QgQ0ExHDAaBgNVBAMTE1RXQ0EgR2xvYmFsIFJvb3QgQ0EwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQCwBdvI64zEbooh745NnHEKH1Jw7W2CnJfF -10xORUnLQEK1EjRsGcJ0pDFfhQKX7EMzClPSnIyOt7h52yvVavKOZsTuKwEHktSz -0ALfUPZVr2YOy+BHYC8rMjk1Ujoog/h7FsYYuGLWRyWRzvAZEk2tY/XTP3VfKfCh -MBwqoJimFb3u/Rk28OKRQ4/6ytYQJ0lM793B8YVwm8rqqFpD/G2Gb3PpN0Wp8DbH -zIh1HrtsBv+baz4X7GGqcXzGHaL3SekVtTzWoWH1EfcFbx39Eb7QMAfCKbAJTibc -46KokWofwpFFiFzlmLhxpRUZyXx1EcxwdE8tmx2RRP1WKKD+u4ZqyPpcC1jcxkt2 -yKsi2XMPpfRaAok/T54igu6idFMqPVMnaR1sjjIsZAAmY2E2TqNGtz99sy2sbZCi -laLOz9qC5wc0GZbpuCGqKX6mOL6OKUohZnkfs8O1CWfe1tQHRvMq2uYiN2DLgbYP -oA/pyJV/v1WRBXrPPRXAb94JlAGD1zQbzECl8LibZ9WYkTunhHiVJqRaCPgrdLQA -BDzfuBSO6N+pjWxnkjMdwLfS7JLIvgm/LCkFbwJrnu+8vyq8W8BQj0FwcYeyTbcE -qYSjMq+u7msXi7Kx/mzhkIyIqJdIzshNy/MGz19qCkKxHh53L46g5pIOBvwFItIm -4TFRfTLcDwIDAQABoyMwITAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB -/zANBgkqhkiG9w0BAQsFAAOCAgEAXzSBdu+WHdXltdkCY4QWwa6gcFGn90xHNcgL -1yg9iXHZqjNB6hQbbCEAwGxCGX6faVsgQt+i0trEfJdLjbDorMjupWkEmQqSpqsn -LhpNgb+E1HAerUf+/UqdM+DyucRFCCEK2mlpc3INvjT+lIutwx4116KD7+U4x6WF -H6vPNOw/KP4M8VeGTslV9xzU2KV9Bnpv1d8Q34FOIWWxtuEXeZVFBs5fzNxGiWNo -RI2T9GRwoD2dKAXDOXC4Ynsg/eTb6QihuJ49CcdP+yz4k3ZB3lLg4VfSnQO8d57+ -nile98FRYB/e2guyLXW3Q0iT5/Z5xoRdgFlglPx4mI88k1HtQJAH32RjJMtOcQWh -15QaiDLxInQirqWm2BJpTGCjAu4r7NRjkgtevi92a6O2JryPA9gK8kxkRr05YuWW -6zRjESjMlfGt7+/cgFhI6Uu46mWs6fyAtbXIRfmswZ/ZuepiiI7E8UuDEq3mi4TW -nsLrgxifarsbJGAzcMzs9zLzXNl5fe+epP7JI8Mk7hWSsT2RTyaGvWZzJBPqpK5j -wa19hAM8EHiGG3njxPPyBJUgriOCxLM6AGK/5jYk4Ve6xx6QddVfP5VhK8E7zeWz -aGHQRiapIVJpLesux+t3zqY6tQMzT3bR51xUAV3LePTJDL/PEo4XLSNolOer/qmy -KwbQBM0= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDezCCAmOgAwIBAgIBATANBgkqhkiG9w0BAQUFADBfMQswCQYDVQQGEwJUVzES -MBAGA1UECgwJVEFJV0FOLUNBMRAwDgYDVQQLDAdSb290IENBMSowKAYDVQQDDCFU -V0NBIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDgwODI4MDcyNDMz -WhcNMzAxMjMxMTU1OTU5WjBfMQswCQYDVQQGEwJUVzESMBAGA1UECgwJVEFJV0FO -LUNBMRAwDgYDVQQLDAdSb290IENBMSowKAYDVQQDDCFUV0NBIFJvb3QgQ2VydGlm -aWNhdGlvbiBBdXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB -AQCwfnK4pAOU5qfeCTiRShFAh6d8WWQUe7UREN3+v9XAu1bihSX0NXIP+FPQQeFE -AcK0HMMxQhZHhTMidrIKbw/lJVBPhYa+v5guEGcevhEFhgWQxFnQfHgQsIBct+HH -K3XLfJ+utdGdIzdjp9xCoi2SBBtQwXu4PhvJVgSLL1KbralW6cH/ralYhzC2gfeX -RfwZVzsrb+RH9JlF/h3x+JejiB03HFyP4HYlmlD4oFT/RJB2I9IyxsOrBr/8+7/z -rX2SYgJbKdM1o5OaQ2RgXbL6Mv87BK9NQGr5x+PvI/1ry+UPizgN7gr8/g+YnzAx -3WxSZfmLgb4i4RxYA7qRG4kHAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV -HRMBAf8EBTADAQH/MB0GA1UdDgQWBBRqOFsmjd6LWvJPelSDGRjjCDWmujANBgkq -hkiG9w0BAQUFAAOCAQEAPNV3PdrfibqHDAhUaiBQkr6wQT25JmSDCi/oQMCXKCeC -MErJk/9q56YAf4lCmtYR5VPOL8zy2gXE/uJQxDqGfczafhAJO5I1KlOy/usrBdls -XebQ79NqZp4VKIV66IIArB6nCWlWQtNoURi+VJq/REG6Sb4gumlc7rh3zc5sH62D -lhh9DrUUOYTxKOkto557HnpyWoOzeW/vtPzQCqVYT0bf+215WfKEIlKuD8z7fDvn -aspHYcN6+NOSBB+4IIThNlQWx0DeO4pz3N/GCUzf7Nr/1FNCocnyYh0igzyXxfkZ -YiesZSLX0zzG5Y6yU8xJzrww/nsOM5D77dIUkR8Hrw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFcjCCA1qgAwIBAgIQH51ZWtcvwgZEpYAIaeNe9jANBgkqhkiG9w0BAQUFADA/ -MQswCQYDVQQGEwJUVzEwMC4GA1UECgwnR292ZXJubWVudCBSb290IENlcnRpZmlj -YXRpb24gQXV0aG9yaXR5MB4XDTAyMTIwNTEzMjMzM1oXDTMyMTIwNTEzMjMzM1ow -PzELMAkGA1UEBhMCVFcxMDAuBgNVBAoMJ0dvdmVybm1lbnQgUm9vdCBDZXJ0aWZp -Y2F0aW9uIEF1dGhvcml0eTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB -AJoluOzMonWoe/fOW1mKydGGEghU7Jzy50b2iPN86aXfTEc2pBsBHH8eV4qNw8XR -IePaJD9IK/ufLqGU5ywck9G/GwGHU5nOp/UKIXZ3/6m3xnOUT0b3EEk3+qhZSV1q -gQdW8or5BtD3cCJNtLdBuTK4sfCxw5w/cP1T3YGq2GN49thTbqGsaoQkclSGxtKy -yhwOeYHWtXBiCAEuTk8O1RGvqa/lmr/czIdtJuTJV6L7lvnM4T9TjGxMfptTCAts -F/tnyMKtsc2AtJfcdgEWFelq16TheEfOhtX7MfP6Mb40qij7cEwdScevLJ1tZqa2 -jWR+tSBqnTuBto9AAGdLiYa4zGX+FVPpBMHWXx1E1wovJ5pGfaENda1UhhXcSTvx -ls4Pm6Dso3pdvtUqdULle96ltqqvKKyskKw4t9VoNSZ63Pc78/1Fm9G7Q3hub/FC -VGqY8A2tl+lSXunVanLeavcbYBT0peS2cWeqH+riTcFCQP5nRhc4L0c/cZyu5SHK -YS1tB6iEfC3uUSXxY5Ce/eFXiGvviiNtsea9P63RPZYLhY3Naye7twWb7LuRqQoH -EgKXTiCQ8P8NHuJBO9NAOueNXdpm5AKwB1KYXA6OM5zCppX7VRluTI6uSw+9wThN -Xo+EHWbNxWCWtFJaBYmOlXqYwZE8lSOyDvR5tMl8wUohAgMBAAGjajBoMB0GA1Ud -DgQWBBTMzO/MKWCkO7GStjz6MmKPrCUVOzAMBgNVHRMEBTADAQH/MDkGBGcqBwAE -MTAvMC0CAQAwCQYFKw4DAhoFADAHBgVnKgMAAAQUA5vwIhP/lSg209yewDL7MTqK -UWUwDQYJKoZIhvcNAQEFBQADggIBAECASvomyc5eMN1PhnR2WPWus4MzeKR6dBcZ -TulStbngCnRiqmjKeKBMmo4sIy7VahIkv9Ro04rQ2JyftB8M3jh+Vzj8jeJPXgyf -qzvS/3WXy6TjZwj/5cAWtUgBfen5Cv8b5Wppv3ghqMKnI6mGq3ZW6A4M9hPdKmaK -ZEk9GhiHkASfQlK3T8v+R0F2Ne//AHY2RTKbxkaFXeIksB7jSJaYV0eUVXoPQbFE -JPPB/hprv4j9wabak2BegUqZIJxIZhm1AHlUD7gsL0u8qV1bYH+Mh6XgUmMqvtg7 -hUAV/h62ZT/FS9p+tXo1KaMuephgIqP0fSdOLeq0dDzpD6QzDxARvBMB1uUO07+1 -EqLhRSPAzAhuYbeJq4PjJB7mXQfnHyA+z2fI56wwbSdLaG5LKlwCCDTb+HbkZ6Mm -nD+iMsJKxYEYMRBWqoTvLQr/uB930r+lWKBi5NdLkXWNiYCYfm3LU05er/ayl4WX -udpVBrkk7tfGOB5jGxI7leFYrPLfhNVfmS8NVVvmONsuP3LpSIXLuykTjx44Vbnz -ssQwmSNOXfJIoRIM3BKQCZBUkQM8R+XVyWXgt0t97EfTsws+rZ7QdAAO671RrcDe -LMDDav7v3Aun+kbfYNucpllQdSNpc5Oy+fwC00fmcc4QAu4njIT/rEUNE1yDMuAl -pYYsfPQS ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFODCCAyCgAwIBAgIRAJW+FqD3LkbxezmCcvqLzZYwDQYJKoZIhvcNAQEFBQAw -NzEUMBIGA1UECgwLVGVsaWFTb25lcmExHzAdBgNVBAMMFlRlbGlhU29uZXJhIFJv -b3QgQ0EgdjEwHhcNMDcxMDE4MTIwMDUwWhcNMzIxMDE4MTIwMDUwWjA3MRQwEgYD -VQQKDAtUZWxpYVNvbmVyYTEfMB0GA1UEAwwWVGVsaWFTb25lcmEgUm9vdCBDQSB2 -MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMK+6yfwIaPzaSZVfp3F -VRaRXP3vIb9TgHot0pGMYzHw7CTww6XScnwQbfQ3t+XmfHnqjLWCi65ItqwA3GV1 -7CpNX8GH9SBlK4GoRz6JI5UwFpB/6FcHSOcZrr9FZ7E3GwYq/t75rH2D+1665I+X -Z75Ljo1kB1c4VWk0Nj0TSO9P4tNmHqTPGrdeNjPUtAa9GAH9d4RQAEX1jF3oI7x+ -/jXh7VB7qTCNGdMJjmhnXb88lxhTuylixcpecsHHltTbLaC0H2kD7OriUPEMPPCs -81Mt8Bz17Ww5OXOAFshSsCPN4D7c3TxHoLs1iuKYaIu+5b9y7tL6pe0S7fyYGKkm -dtwoSxAgHNN/Fnct7W+A90m7UwW7XWjH1Mh1Fj+JWov3F0fUTPHSiXk+TT2YqGHe -Oh7S+F4D4MHJHIzTjU3TlTazN19jY5szFPAtJmtTfImMMsJu7D0hADnJoWjiUIMu -sDor8zagrC/kb2HCUQk5PotTubtn2txTuXZZNp1D5SDgPTJghSJRt8czu90VL6R4 -pgd7gUY2BIbdeTXHlSw7sKMXNeVzH7RcWe/a6hBle3rQf5+ztCo3O3CLm1u5K7fs -slESl1MpWtTwEhDcTwK7EpIvYtQ/aUN8Ddb8WHUBiJ1YFkveupD/RwGJBmr2X7KQ -arMCpgKIv7NHfirZ1fpoeDVNAgMBAAGjPzA9MA8GA1UdEwEB/wQFMAMBAf8wCwYD -VR0PBAQDAgEGMB0GA1UdDgQWBBTwj1k4ALP1j5qWDNXr+nuqF+gTEjANBgkqhkiG -9w0BAQUFAAOCAgEAvuRcYk4k9AwI//DTDGjkk0kiP0Qnb7tt3oNmzqjMDfz1mgbl -dxSR651Be5kqhOX//CHBXfDkH1e3damhXwIm/9fH907eT/j3HEbAek9ALCI18Bmx -0GtnLLCo4MBANzX2hFxc469CeP6nyQ1Q6g2EdvZR74NTxnr/DlZJLo961gzmJ1Tj -TQpgcmLNkQfWpb/ImWvtxBnmq0wROMVvMeJuScg/doAmAyYp4Db29iBT4xdwNBed -Y2gea+zDTYa4EzAvXUYNR0PVG6pZDrlcjQZIrXSHX8f8MVRBE+LHIQ6e4B4N4cB7 -Q4WQxYpYxmUKeFfyxiMPAdkgS94P+5KFdSpcc41teyWRyu5FrgZLAMzTsVlQ2jqI -OylDRl6XK1TOU2+NSueW+r9xDkKLfP0ooNBIytrEgUy7onOTJsjrDNYmiLbAJM+7 -vVvrdX3pCI6GMyx5dwlppYn8s3CQh3aP0yK7Qs69cwsgJirQmz1wHiRszYd2qReW -t88NkvuOGKmYSdGe/mBEciG5Ge3C9THxOUiIkCR1VBatzvT4aRRkOfujuLpwQMcn -HL/EVlP6Y2XQ8xwOFvVrhlhNGNTkDY6lnVuR3HYkUD/GKvvZt5y11ubQ2egZixVx -SK236thZiNSQvxaz2emsWWFUyBy6ysHK4bkgTI86k4mloMy/0/Z1pHWWbVY= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEIDCCAwigAwIBAgIJAISCLF8cYtBAMA0GCSqGSIb3DQEBCwUAMIGcMQswCQYD -VQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEgQ2l0eTEk -MCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYDVQQLDB5U -cnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxFzAVBgNVBAMMDlRydXN0Q29y -IEVDQS0xMB4XDTE2MDIwNDEyMzIzM1oXDTI5MTIzMTE3MjgwN1owgZwxCzAJBgNV -BAYTAlBBMQ8wDQYDVQQIDAZQYW5hbWExFDASBgNVBAcMC1BhbmFtYSBDaXR5MSQw -IgYDVQQKDBtUcnVzdENvciBTeXN0ZW1zIFMuIGRlIFIuTC4xJzAlBgNVBAsMHlRy -dXN0Q29yIENlcnRpZmljYXRlIEF1dGhvcml0eTEXMBUGA1UEAwwOVHJ1c3RDb3Ig -RUNBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPj+ARtZ+odnbb -3w9U73NjKYKtR8aja+3+XzP4Q1HpGjORMRegdMTUpwHmspI+ap3tDvl0mEDTPwOA -BoJA6LHip1GnHYMma6ve+heRK9jGrB6xnhkB1Zem6g23xFUfJ3zSCNV2HykVh0A5 -3ThFEXXQmqc04L/NyFIduUd+Dbi7xgz2c1cWWn5DkR9VOsZtRASqnKmcp0yJF4Ou -owReUoCLHhIlERnXDH19MURB6tuvsBzvgdAsxZohmz3tQjtQJvLsznFhBmIhVE5/ -wZ0+fyCMgMsq2JdiyIMzkX2woloPV+g7zPIlstR8L+xNxqE6FXrntl019fZISjZF -ZtS6mFjBAgMBAAGjYzBhMB0GA1UdDgQWBBREnkj1zG1I1KBLf/5ZJC+Dl5mahjAf -BgNVHSMEGDAWgBREnkj1zG1I1KBLf/5ZJC+Dl5mahjAPBgNVHRMBAf8EBTADAQH/ -MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEABT41XBVwm8nHc2Fv -civUwo/yQ10CzsSUuZQRg2dd4mdsdXa/uwyqNsatR5Nj3B5+1t4u/ukZMjgDfxT2 -AHMsWbEhBuH7rBiVDKP/mZb3Kyeb1STMHd3BOuCYRLDE5D53sXOpZCz2HAF8P11F -hcCF5yWPldwX8zyfGm6wyuMdKulMY/okYWLW2n62HGz1Ah3UKt1VkOsqEUc8Ll50 -soIipX1TH0XsJ5F95yIW6MBoNtjG8U+ARDL54dHRHareqKucBK+tIA5kmE2la8BI -WJZpTdwHjFGTot+fDz2LYLSCjaoITmJF4PkL0uDgPFveXHEnJcLmA4GLEFPjx1Wi -tJ/X5g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEMDCCAxigAwIBAgIJANqb7HHzA7AZMA0GCSqGSIb3DQEBCwUAMIGkMQswCQYD -VQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEgQ2l0eTEk -MCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYDVQQLDB5U -cnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxHzAdBgNVBAMMFlRydXN0Q29y -IFJvb3RDZXJ0IENBLTEwHhcNMTYwMjA0MTIzMjE2WhcNMjkxMjMxMTcyMzE2WjCB -pDELMAkGA1UEBhMCUEExDzANBgNVBAgMBlBhbmFtYTEUMBIGA1UEBwwLUGFuYW1h -IENpdHkxJDAiBgNVBAoMG1RydXN0Q29yIFN5c3RlbXMgUy4gZGUgUi5MLjEnMCUG -A1UECwweVHJ1c3RDb3IgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MR8wHQYDVQQDDBZU -cnVzdENvciBSb290Q2VydCBDQS0xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB -CgKCAQEAv463leLCJhJrMxnHQFgKq1mqjQCj/IDHUHuO1CAmujIS2CNUSSUQIpid -RtLByZ5OGy4sDjjzGiVoHKZaBeYei0i/mJZ0PmnK6bV4pQa81QBeCQryJ3pS/C3V -seq0iWEk8xoT26nPUu0MJLq5nux+AHT6k61sKZKuUbS701e/s/OojZz0JEsq1pme -9J7+wH5COucLlVPat2gOkEz7cD+PSiyU8ybdY2mplNgQTsVHCJCZGxdNuWxu72CV -EY4hgLW9oHPY0LJ3xEXqWib7ZnZ2+AYfYW0PVcWDtxBWcgYHpfOxGgMFZA6dWorW -hnAbJN7+KIor0Gqw/Hqi3LJ5DotlDwIDAQABo2MwYTAdBgNVHQ4EFgQU7mtJPHo/ -DeOxCbeKyKsZn3MzUOcwHwYDVR0jBBgwFoAU7mtJPHo/DeOxCbeKyKsZn3MzUOcw -DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQAD -ggEBACUY1JGPE+6PHh0RU9otRCkZoB5rMZ5NDp6tPVxBb5UrJKF5mDo4Nvu7Zp5I -/5CQ7z3UuJu0h3U/IJvOcs+hVcFNZKIZBqEHMwwLKeXx6quj7LUKdJDHfXLy11yf -ke+Ri7fc7Waiz45mO7yfOgLgJ90WmMCV1Aqk5IGadZQ1nJBfiDcGrVmVCrDRZ9MZ -yonnMlo2HD6CqFqTvsbQZJG2z9m2GM/bftJlo6bEjhcxwft+dtvTheNYsnd6djts -L1Ac59v2Z3kf9YKVmgenFK+P3CghZwnS1k1aHBkcjndcw5QkPTJrS37UeJSDvjdN -zl/HHk484IkzlQsPpTLWPFp5LBk= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIGLzCCBBegAwIBAgIIJaHfyjPLWQIwDQYJKoZIhvcNAQELBQAwgaQxCzAJBgNV -BAYTAlBBMQ8wDQYDVQQIDAZQYW5hbWExFDASBgNVBAcMC1BhbmFtYSBDaXR5MSQw -IgYDVQQKDBtUcnVzdENvciBTeXN0ZW1zIFMuIGRlIFIuTC4xJzAlBgNVBAsMHlRy -dXN0Q29yIENlcnRpZmljYXRlIEF1dGhvcml0eTEfMB0GA1UEAwwWVHJ1c3RDb3Ig -Um9vdENlcnQgQ0EtMjAeFw0xNjAyMDQxMjMyMjNaFw0zNDEyMzExNzI2MzlaMIGk -MQswCQYDVQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEg -Q2l0eTEkMCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYD -VQQLDB5UcnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxHzAdBgNVBAMMFlRy -dXN0Q29yIFJvb3RDZXJ0IENBLTIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK -AoICAQCnIG7CKqJiJJWQdsg4foDSq8GbZQWU9MEKENUCrO2fk8eHyLAnK0IMPQo+ -QVqedd2NyuCb7GgypGmSaIwLgQ5WoD4a3SwlFIIvl9NkRvRUqdw6VC0xK5mC8tkq -1+9xALgxpL56JAfDQiDyitSSBBtlVkxs1Pu2YVpHI7TYabS3OtB0PAx1oYxOdqHp -2yqlO/rOsP9+aij9JxzIsekp8VduZLTQwRVtDr4uDkbIXvRR/u8OYzo7cbrPb1nK -DOObXUm4TOJXsZiKQlecdu/vvdFoqNL0Cbt3Nb4lggjEFixEIFapRBF37120Hape -az6LMvYHL1cEksr1/p3C6eizjkxLAjHZ5DxIgif3GIJ2SDpxsROhOdUuxTTCHWKF -3wP+TfSvPd9cW436cOGlfifHhi5qjxLGhF5DUVCcGZt45vz27Ud+ez1m7xMTiF88 -oWP7+ayHNZ/zgp6kPwqcMWmLmaSISo5uZk3vFsQPeSghYA2FFn3XVDjxklb9tTNM -g9zXEJ9L/cb4Qr26fHMC4P99zVvh1Kxhe1fVSntb1IVYJ12/+CtgrKAmrhQhJ8Z3 -mjOAPF5GP/fDsaOGM8boXg25NSyqRsGFAnWAoOsk+xWq5Gd/bnc/9ASKL3x74xdh -8N0JqSDIvgmk0H5Ew7IwSjiqqewYmgeCK9u4nBit2uBGF6zPXQIDAQABo2MwYTAd -BgNVHQ4EFgQU2f4hQG6UnrybPZx9mCAZ5YwwYrIwHwYDVR0jBBgwFoAU2f4hQG6U -nrybPZx9mCAZ5YwwYrIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYw -DQYJKoZIhvcNAQELBQADggIBAJ5Fngw7tu/hOsh80QA9z+LqBrWyOrsGS2h60COX -dKcs8AjYeVrXWoSK2BKaG9l9XE1wxaX5q+WjiYndAfrs3fnpkpfbsEZC89NiqpX+ -MWcUaViQCqoL7jcjx1BRtPV+nuN79+TMQjItSQzL/0kMmx40/W5ulop5A7Zv2wnL -/V9lFDfhOPXzYRZY5LVtDQsEGz9QLX+zx3oaFoBg+Iof6Rsqxvm6ARppv9JYx1RX -CI/hOWB3S6xZhBqI8d3LT3jX5+EzLfzuQfogsL7L9ziUwOHQhQ+77Sxzq+3+knYa -ZH9bDTMJBzN7Bj8RpFxwPIXAz+OQqIN3+tvmxYxoZxBnpVIt8MSZj3+/0WvitUfW -2dCFmU2Umw9Lje4AWkcdEQOsQRivh7dvDDqPys/cA8GiCcjl/YBeyGBCARsaU1q7 -N6a3vLqE6R5sGtRk2tRD/pOLS/IseRYQ1JMLiI+h2IYURpFHmygk71dSTlxCnKr3 -Sewn6EAes6aJInKc9Q0ztFijMDvd1GpUk74aTfOTlPf8hAs/hCBcNANExdqtvArB -As8e5ZTZ845b2EzwnexhF7sUMlQMAimTHpKG9n/v55IFDlndmQguLvqcAFLTxWYp -5KeXRKQOKIETNcX2b2TmQcTVL8w0RSXPQQCWPUouwpaYT05KnJe32x+SMsj/D1Fu -1uwJ ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDZzCCAk+gAwIBAgIQGx+ttiD5JNM2a/fH8YygWTANBgkqhkiG9w0BAQUFADBF -MQswCQYDVQQGEwJHQjEYMBYGA1UEChMPVHJ1c3RpcyBMaW1pdGVkMRwwGgYDVQQL -ExNUcnVzdGlzIEZQUyBSb290IENBMB4XDTAzMTIyMzEyMTQwNloXDTI0MDEyMTEx -MzY1NFowRTELMAkGA1UEBhMCR0IxGDAWBgNVBAoTD1RydXN0aXMgTGltaXRlZDEc -MBoGA1UECxMTVHJ1c3RpcyBGUFMgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQAD -ggEPADCCAQoCggEBAMVQe547NdDfxIzNjpvto8A2mfRC6qc+gIMPpqdZh8mQRUN+ -AOqGeSoDvT03mYlmt+WKVoaTnGhLaASMk5MCPjDSNzoiYYkchU59j9WvezX2fihH -iTHcDnlkH5nSW7r+f2C/revnPDgpai/lkQtV/+xvWNUtyd5MZnGPDNcE2gfmHhjj -vSkCqPoc4Vu5g6hBSLwacY3nYuUtsuvffM/bq1rKMfFMIvMFE/eC+XN5DL7XSxzA -0RU8k0Fk0ea+IxciAIleH2ulrG6nS4zto3Lmr2NNL4XSFDWaLk6M6jKYKIahkQlB -OrTh4/L68MkKokHdqeMDx4gVOxzUGpTXn2RZEm0CAwEAAaNTMFEwDwYDVR0TAQH/ -BAUwAwEB/zAfBgNVHSMEGDAWgBS6+nEleYtXQSUhhgtx67JkDoshZzAdBgNVHQ4E -FgQUuvpxJXmLV0ElIYYLceuyZA6LIWcwDQYJKoZIhvcNAQEFBQADggEBAH5Y//01 -GX2cGE+esCu8jowU/yyg2kdbw++BLa8F6nRIW/M+TgfHbcWzk88iNVy2P3UnXwmW -zaD+vkAMXBJV+JOCyinpXj9WV4s4NvdFGkwozZ5BuO1WTISkQMi4sKUraXAEasP4 -1BIy+Q7DsdwyhEQsb8tGD+pmQQ9P8Vilpg0ND2HepZ5dfWWhPBfnqFVO76DH7cZE -f1T1o+CP8HxVIo8ptoGj4W1OLBuAZ+ytIJ8MYmHVl/9D7S3B2l0pKoU/rGXuhg8F -jZBf3+6f9L/uHfuY5H+QK4R4EA5sSVPvFVtlRkpdr7r7OnIdzfYliB6XzCGcKQEN -ZetX2fNXlrtIzYE= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEJzCCAw+gAwIBAgIHAI4X/iQggTANBgkqhkiG9w0BAQsFADCBsTELMAkGA1UE -BhMCVFIxDzANBgNVBAcMBkFua2FyYTFNMEsGA1UECgxEVMOcUktUUlVTVCBCaWxn -aSDEsGxldGnFn2ltIHZlIEJpbGnFn2ltIEfDvHZlbmxpxJ9pIEhpem1ldGxlcmkg -QS7Fni4xQjBABgNVBAMMOVTDnFJLVFJVU1QgRWxla3Ryb25payBTZXJ0aWZpa2Eg -SGl6bWV0IFNhxJ9sYXnEsWPEsXPEsSBINTAeFw0xMzA0MzAwODA3MDFaFw0yMzA0 -MjgwODA3MDFaMIGxMQswCQYDVQQGEwJUUjEPMA0GA1UEBwwGQW5rYXJhMU0wSwYD -VQQKDERUw5xSS1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUgQmlsacWfaW0gR8O8 -dmVubGnEn2kgSGl6bWV0bGVyaSBBLsWeLjFCMEAGA1UEAww5VMOcUktUUlVTVCBF -bGVrdHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxIEg1MIIB -IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCUZ4WWe60ghUEoI5RHwWrom -/4NZzkQqL/7hzmAD/I0Dpe3/a6i6zDQGn1k19uwsu537jVJp45wnEFPzpALFp/kR -Gml1bsMdi9GYjZOHp3GXDSHHmflS0yxjXVW86B8BSLlg/kJK9siArs1mep5Fimh3 -4khon6La8eHBEJ/rPCmBp+EyCNSgBbGM+42WAA4+Jd9ThiI7/PS98wl+d+yG6w8z -5UNP9FR1bSmZLmZaQ9/LXMrI5Tjxfjs1nQ/0xVqhzPMggCTTV+wVunUlm+hkS7M0 -hO8EuPbJbKoCPrZV4jI3X/xml1/N1p7HIL9Nxqw/dV8c7TKcfGkAaZHjIxhT6QID -AQABo0IwQDAdBgNVHQ4EFgQUVpkHHtOsDGlktAxQR95DLL4gwPswDgYDVR0PAQH/ -BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAJ5FdnsX -SDLyOIspve6WSk6BGLFRRyDN0GSxDsnZAdkJzsiZ3GglE9Rc8qPoBP5yCccLqh0l -VX6Wmle3usURehnmp349hQ71+S4pL+f5bFgWV1Al9j4uPqrtd3GqqpmWRgqujuwq -URawXs3qZwQcWDD1YIq9pr1N5Za0/EKJAWv2cMhQOQwt1WbZyNKzMrcbGW3LM/nf -peYVhDfwwvJllpKQd/Ct9JDpEXjXk4nAPQu6KfTomZ1yju2dL+6SfaHx/126M2CF -Yv4HAqGEVka+lgqaE9chTLd8B59OTj+RdPsnnRHM3eaxynFNExc5JsUpISuTKWqW -+qtB4Uu2NQvAmxU= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICjzCCAhWgAwIBAgIQXIuZxVqUxdJxVt7NiYDMJjAKBggqhkjOPQQDAzCBiDEL -MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl -eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT -JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAwMjAx -MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgT -Ck5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVUaGUg -VVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBFQ0MgQ2VydGlm -aWNhdGlvbiBBdXRob3JpdHkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQarFRaqflo -I+d61SRvU8Za2EurxtW20eZzca7dnNYMYf3boIkDuAUU7FfO7l0/4iGzzvfUinng -o4N+LZfQYcTxmdwlkWOrfzCjtHDix6EznPO/LlxTsV+zfTJ/ijTjeXmjQjBAMB0G -A1UdDgQWBBQ64QmG1M8ZwpZ2dEl23OA1xmNjmjAOBgNVHQ8BAf8EBAMCAQYwDwYD -VR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjA2Z6EWCNzklwBBHU6+4WMB -zzuqQhFkoJ2UOQIReVx7Hfpkue4WQrO/isIJxOzksU0CMQDpKmFHjFJKS04YcPbW -RNZu9YO6bVi9JNlWSOrvxKJGgYhqOkbRqZtNyWHa0V1Xahg= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF3jCCA8agAwIBAgIQAf1tMPyjylGoG7xkDjUDLTANBgkqhkiG9w0BAQwFADCB -iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl -cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV -BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAw -MjAxMDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBiDELMAkGA1UEBhMCVVMxEzARBgNV -BAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVU -aGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBSU0EgQ2Vy -dGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK -AoICAQCAEmUXNg7D2wiz0KxXDXbtzSfTTK1Qg2HiqiBNCS1kCdzOiZ/MPans9s/B -3PHTsdZ7NygRK0faOca8Ohm0X6a9fZ2jY0K2dvKpOyuR+OJv0OwWIJAJPuLodMkY -tJHUYmTbf6MG8YgYapAiPLz+E/CHFHv25B+O1ORRxhFnRghRy4YUVD+8M/5+bJz/ -Fp0YvVGONaanZshyZ9shZrHUm3gDwFA66Mzw3LyeTP6vBZY1H1dat//O+T23LLb2 -VN3I5xI6Ta5MirdcmrS3ID3KfyI0rn47aGYBROcBTkZTmzNg95S+UzeQc0PzMsNT -79uq/nROacdrjGCT3sTHDN/hMq7MkztReJVni+49Vv4M0GkPGw/zJSZrM233bkf6 -c0Plfg6lZrEpfDKEY1WJxA3Bk1QwGROs0303p+tdOmw1XNtB1xLaqUkL39iAigmT -Yo61Zs8liM2EuLE/pDkP2QKe6xJMlXzzawWpXhaDzLhn4ugTncxbgtNMs+1b/97l -c6wjOy0AvzVVdAlJ2ElYGn+SNuZRkg7zJn0cTRe8yexDJtC/QV9AqURE9JnnV4ee -UB9XVKg+/XRjL7FQZQnmWEIuQxpMtPAlR1n6BB6T1CZGSlCBst6+eLf8ZxXhyVeE -Hg9j1uliutZfVS7qXMYoCAQlObgOK6nyTJccBz8NUvXt7y+CDwIDAQABo0IwQDAd -BgNVHQ4EFgQUU3m/WqorSs9UgOHYm8Cd8rIDZsswDgYDVR0PAQH/BAQDAgEGMA8G -A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEMBQADggIBAFzUfA3P9wF9QZllDHPF -Up/L+M+ZBn8b2kMVn54CVVeWFPFSPCeHlCjtHzoBN6J2/FNQwISbxmtOuowhT6KO -VWKR82kV2LyI48SqC/3vqOlLVSoGIG1VeCkZ7l8wXEskEVX/JJpuXior7gtNn3/3 -ATiUFJVDBwn7YKnuHKsSjKCaXqeYalltiz8I+8jRRa8YFWSQEg9zKC7F4iRO/Fjs -8PRF/iKz6y+O0tlFYQXBl2+odnKPi4w2r78NBc5xjeambx9spnFixdjQg3IM8WcR -iQycE0xyNN+81XHfqnHd4blsjDwSXWXavVcStkNr/+XeTWYRUc+ZruwXtuhxkYze -Sf7dNXGiFSeUHM9h4ya7b6NnJSFd5t0dCy5oGzuCr+yDZ4XUmFF0sbmZgIn/f3gZ -XHlKYC6SQK5MNyosycdiyA5d9zZbyuAlJQG03RoHnHcAP9Dc1ew91Pq7P8yF1m9/ -qS3fuQL39ZeatTXaw2ewh0qpKJ4jjv9cJ2vhsE/zB+4ALtRZh8tSQZXq9EfX7mRB -VXyNWQKV3WKdwrnuWih0hKWbt5DHDAff9Yk2dDLWKMGwsAvgnEzDHNb842m1R0aB -L6KCq9NjRHDEjf8tM7qtj3u1cIiuPhnPQCjY/MiQu12ZIvVS5ljFH4gxQ+6IHdfG -jjxDah2nGN59PRbxYvnKkKj9 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEojCCA4qgAwIBAgIQRL4Mi1AAJLQR0zYlJWfJiTANBgkqhkiG9w0BAQUFADCB -rjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug -Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho -dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xNjA0BgNVBAMTLVVUTi1VU0VSRmlyc3Qt -Q2xpZW50IEF1dGhlbnRpY2F0aW9uIGFuZCBFbWFpbDAeFw05OTA3MDkxNzI4NTBa -Fw0xOTA3MDkxNzM2NThaMIGuMQswCQYDVQQGEwJVUzELMAkGA1UECBMCVVQxFzAV -BgNVBAcTDlNhbHQgTGFrZSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5l -dHdvcmsxITAfBgNVBAsTGGh0dHA6Ly93d3cudXNlcnRydXN0LmNvbTE2MDQGA1UE -AxMtVVROLVVTRVJGaXJzdC1DbGllbnQgQXV0aGVudGljYXRpb24gYW5kIEVtYWls -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjmFpPJ9q0E7YkY3rs3B -YHW8OWX5ShpHornMSMxqmNVNNRm5pELlzkniii8efNIxB8dOtINknS4p1aJkxIW9 -hVE1eaROaJB7HHqkkqgX8pgV8pPMyaQylbsMTzC9mKALi+VuG6JG+ni8om+rWV6l -L8/K2m2qL+usobNqqrcuZzWLeeEeaYji5kbNoKXqvgvOdjp6Dpvq/NonWz1zHyLm -SGHGTPNpsaguG7bUMSAsvIKKjqQOpdeJQ/wWWq8dcdcRWdq6hw2v+vPhwvCkxWeM -1tZUOt4KpLoDd7NlyP0e03RiqhjKaJMeoYV+9Udly/hNVyh00jT/MLbu9mIwFIws -6wIDAQABo4G5MIG2MAsGA1UdDwQEAwIBxjAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud -DgQWBBSJgmd9xJ0mcABLtFBIfN49rgRufTBYBgNVHR8EUTBPME2gS6BJhkdodHRw -Oi8vY3JsLnVzZXJ0cnVzdC5jb20vVVROLVVTRVJGaXJzdC1DbGllbnRBdXRoZW50 -aWNhdGlvbmFuZEVtYWlsLmNybDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUH -AwQwDQYJKoZIhvcNAQEFBQADggEBALFtYV2mGn98q0rkMPxTbyUkxsrt4jFcKw7u -7mFVbwQ+zznexRtJlOTrIEy05p5QLnLZjfWqo7NK2lYcYJeA3IKirUq9iiv/Cwm0 -xtcgBEXkzYABurorbs6q15L+5K/r9CYdFip/bDCVNy8zEqx/3cfREYxRmLLQo5HQ -rfafnoOTHh1CuEava2bwm3/q4wMC5QJRwarVNZ1yQAOJujEdxRBoUp7fooXFXAim -eOZTT7Hot9MUnpOmw2TjrH5xzbyf6QMbzPvprDHBr3wVdAKZw7JHpsIyYdfHb0gk -USeh1YdV8nuPmD0Wnu51tvjQjvLzxq4oW6fw8zYX/MMF08oDSlQ= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDhDCCAwqgAwIBAgIQL4D+I4wOIg9IZxIokYesszAKBggqhkjOPQQDAzCByjEL -MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW -ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNyBWZXJpU2ln -biwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJp -U2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9y -aXR5IC0gRzQwHhcNMDcxMTA1MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCByjELMAkG -A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJp -U2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNyBWZXJpU2lnbiwg -SW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2ln -biBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5 -IC0gRzQwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASnVnp8Utpkmw4tXNherJI9/gHm -GUo9FANL+mAnINmDiWn6VMaaGF5VKmTeBvaNSjutEDxlPZCIBIngMGGzrl0Bp3ve -fLK+ymVhAIau2o970ImtTR1ZmkGxvEeA3J5iw/mjgbIwga8wDwYDVR0TAQH/BAUw -AwEB/zAOBgNVHQ8BAf8EBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJ -aW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYj -aHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFLMW -kf3upm7ktS5Jj4d4gYDs5bG1MAoGCCqGSM49BAMDA2gAMGUCMGYhDBgmYFo4e1ZC -4Kf8NoRRkSAsdk1DPcQdhCPQrNZ8NQbOzWm9kA3bbEhCHQ6qQgIxAJw9SDkjOVga -FRJZap7v1VmyHVIsmXHNxynfGyphe3HR3vPA5Q06Sqotp9iGKt0uEA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIE0zCCA7ugAwIBAgIQGNrRniZ96LtKIVjNzGs7SjANBgkqhkiG9w0BAQUFADCB -yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL -ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp -U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW -ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0 -aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCByjEL -MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW -ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2ln -biwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJp -U2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9y -aXR5IC0gRzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1 -nmAMqudLO07cfLw8RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbex -t0uz/o9+B1fs70PbZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIz -SdhDY2pSS9KP6HBRTdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQG -BO+QueQA5N06tRn/Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+ -rCpSx4/VBEnkjWNHiDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/ -NIeWiu5T6CUVAgMBAAGjgbIwga8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8E -BAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2UvZ2lmMCEwHzAH -BgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVy -aXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFH/TZafC3ey78DAJ80M5+gKv -MzEzMA0GCSqGSIb3DQEBBQUAA4IBAQCTJEowX2LP2BqYLz3q3JktvXf2pXkiOOzE -p6B4Eq1iDkVwZMXnl2YtmAl+X6/WzChl8gGqCBpH3vn5fJJaCGkgDdk+bW48DW7Y -5gaRQBi5+MHt39tBquCWIMnNZBU4gcmU7qKEKQsTb47bDN0lAtukixlE0kF6BWlK -WE9gyn6CagsCqiUXObXbf+eEZSqVir2G3l6BFoMtEMze/aiCKm0oHw0LxOXnGiYZ -4fQRbxC1lfznQgUy286dUV4otp6F01vvpX1FQHKOtw5rDgb7MzVIcbidJ4vEZV8N -hnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNq ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEuTCCA6GgAwIBAgIQQBrEZCGzEyEDDrvkEhrFHTANBgkqhkiG9w0BAQsFADCB -vTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL -ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwOCBWZXJp -U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MTgwNgYDVQQDEy9W -ZXJpU2lnbiBVbml2ZXJzYWwgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAe -Fw0wODA0MDIwMDAwMDBaFw0zNzEyMDEyMzU5NTlaMIG9MQswCQYDVQQGEwJVUzEX -MBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0 -IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAyMDA4IFZlcmlTaWduLCBJbmMuIC0gRm9y -IGF1dGhvcml6ZWQgdXNlIG9ubHkxODA2BgNVBAMTL1ZlcmlTaWduIFVuaXZlcnNh -bCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEF -AAOCAQ8AMIIBCgKCAQEAx2E3XrEBNNti1xWb/1hajCMj1mCOkdeQmIN65lgZOIzF -9uVkhbSicfvtvbnazU0AtMgtc6XHaXGVHzk8skQHnOgO+k1KxCHfKWGPMiJhgsWH -H26MfF8WIFFE0XBPV+rjHOPMee5Y2A7Cs0WTwCznmhcrewA3ekEzeOEz4vMQGn+H -LL729fdC4uW/h2KJXwBL38Xd5HVEMkE6HnFuacsLdUYI0crSK5XQz/u5QGtkjFdN -/BMReYTtXlT2NJ8IAfMQJQYXStrxHXpma5hgZqTZ79IugvHw7wnqRMkVauIDbjPT -rJ9VAMf2CGqUuV/c4DPxhGD5WycRtPwW8rtWaoAljQIDAQABo4GyMIGvMA8GA1Ud -EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMG0GCCsGAQUFBwEMBGEwX6FdoFsw -WTBXMFUWCWltYWdlL2dpZjAhMB8wBwYFKw4DAhoEFI/l0xqGrI2Oa8PPgGrUSBgs -exkuMCUWI2h0dHA6Ly9sb2dvLnZlcmlzaWduLmNvbS92c2xvZ28uZ2lmMB0GA1Ud -DgQWBBS2d/ppSEefUxLVwuoHMnYH0ZcHGTANBgkqhkiG9w0BAQsFAAOCAQEASvj4 -sAPmLGd75JR3Y8xuTPl9Dg3cyLk1uXBPY/ok+myDjEedO2Pzmvl2MpWRsXe8rJq+ -seQxIcaBlVZaDrHC1LGmWazxY8u4TB1ZkErvkBYoH1quEPuBUDgMbMzxPcP1Y+Oz -4yHJJDnp/RVmRvQbEdBNc6N9Rvk97ahfYtTxP/jgdFcrGJ2BtMQo2pSXpXDrrB2+ -BxHw1dvd5Yzw1TKwg+ZX4o+/vqGqvz0dtdQ46tewXDpPaj+PwGZsY6rp2aQW9IHR -lRQOfc2VNNnSj3BzgXucfr2YYdhFh5iQxeuGMMY1v/D/w1WIg0vvBZIGcfK4mJO3 -7M2CYfE45k+XmCpajQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEGjCCAwICEQCLW3VWhFSFCwDPrzhIzrGkMA0GCSqGSIb3DQEBBQUAMIHKMQsw -CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl -cmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWdu -LCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlT -aWduIENsYXNzIDEgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3Jp -dHkgLSBHMzAeFw05OTEwMDEwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMIHKMQswCQYD -VQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlT -aWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJ -bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWdu -IENsYXNzIDEgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg -LSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN2E1Lm0+afY8wR4 -nN493GwTFtl63SRRZsDHJlkNrAYIwpTRMx/wgzUfbhvI3qpuFU5UJ+/EbRrsC+MO -8ESlV8dAWB6jRx9x7GD2bZTIGDnt/kIYVt/kTEkQeE4BdjVjEjbdZrwBBDajVWjV -ojYJrKshJlQGrT/KFOCsyq0GHZXi+J3x4GD/wn91K0zM2v6HmSHquv4+VNfSWXjb -PG7PoBMAGrgnoeS+Z5bKoMWznN3JdZ7rMJpfo83ZrngZPyPpXNspva1VyBtUjGP2 -6KbqxzcSXKMpHgLZ2x87tNcPVkeBFQRKr4Mn0cVYiMHd9qqnoxjaaKptEVHhv2Vr -n5Z20T0CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAq2aN17O6x5q25lXQBfGfMY1a -qtmqRiYPce2lrVNWYgFHKkTp/j90CxObufRNG7LRX7K20ohcs5/Ny9Sn2WCVhDr4 -wTcdYcrnsMXlkdpUpqwxga6X3s0IrLjAl4B/bnKk52kTlWUfxJM8/XmPBNQ+T+r3 -ns7NZ3xPZQL/kYVUc8f/NveGLezQXk//EZ9yBta4GvFMDSZl4kSAHsef493oCtrs -pSCAaWihT37ha88HQfqDjrw43bAuEbFrskLMmrz5SCJ5ShkPshw+IHTZasO+8ih4 -E1Z5T21Q6huwtVexN2ZYI/PcD98Kh8TvhgXVOBRgmaNL3gaWcSzy27YfpO8/7g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEGTCCAwECEGFwy0mMX5hFKeewptlQW3owDQYJKoZIhvcNAQEFBQAwgcoxCzAJ -BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVy -aVNpZ24gVHJ1c3QgTmV0d29yazE6MDgGA1UECxMxKGMpIDE5OTkgVmVyaVNpZ24s -IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTFFMEMGA1UEAxM8VmVyaVNp -Z24gQ2xhc3MgMiBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0 -eSAtIEczMB4XDTk5MTAwMTAwMDAwMFoXDTM2MDcxNjIzNTk1OVowgcoxCzAJBgNV -BAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVyaVNp -Z24gVHJ1c3QgTmV0d29yazE6MDgGA1UECxMxKGMpIDE5OTkgVmVyaVNpZ24sIElu -Yy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTFFMEMGA1UEAxM8VmVyaVNpZ24g -Q2xhc3MgMiBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAt -IEczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwoNwtUs22e5LeWU -J92lvuCwTY+zYVY81nzD9M0+hsuiiOLh2KRpxbXiv8GmR1BeRjmL1Za6tW8UvxDO -JxOeBUebMXoT2B/Z0wI3i60sR/COgQanDTAM6/c8DyAd3HJG7qUCyFvDyVZpTMUY -wZF7C9UTAJu878NIPkZgIIUq1ZC2zYugzDLdt/1AVbJQHFauzI13TccgTacxdu9o -koqQHgiBVrKtaaNS0MscxCM9H5n+TOgWY47GCI72MfbS+uV23bUckqNJzc0BzWjN -qWm6o+sdDZykIKbBoMXRRkwXbdKsZj+WjOCE1Db/IlnF+RFgqF8EffIa9iVCYQ/E -Srg+iQIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQA0JhU8wI1NQ0kdvekhktdmnLfe -xbjQ5F1fdiLAJvmEOjr5jLX77GDx6M4EsMjdpwOPMPOY36TmpDHf0xwLRtxyID+u -7gU8pDM/CzmscHhzS5kr3zDCVLCoO1Wh/hYozUK9dG6A2ydEp85EXdQbkJgNHkKU -sQAsBNB0owIFImNjzYO1+8FtYmtpdf1dcEG59b98377BMnMiIYtYgXsVkXq642RI -sH/7NiXaldDxJBQX3RiAa0YjOVT1jmIJBB2UkKab5iXiQkWquJCtvgiPqQtCGJTP -cjnhsUPgKM+351psE2tJs//jGHyJizNdrDPXp/naOlXJWBD5qu9ats9LS98q ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEGjCCAwICEQCbfgZJoz5iudXukEhxKe9XMA0GCSqGSIb3DQEBBQUAMIHKMQsw -CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl -cmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWdu -LCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlT -aWduIENsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3Jp -dHkgLSBHMzAeFw05OTEwMDEwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMIHKMQswCQYD -VQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlT -aWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJ -bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWdu -IENsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg -LSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMu6nFL8eB8aHm8b -N3O9+MlrlBIwT/A2R/XQkQr1F8ilYcEWQE37imGQ5XYgwREGfassbqb1EUGO+i2t -KmFZpGcmTNDovFJbcCAEWNF6yaRpvIMXZK0Fi7zQWM6NjPXr8EJJC52XJ2cybuGu -kxUccLwgTS8Y3pKI6GyFVxEa6X7jJhFUokWWVYPKMIno3Nij7SqAP395ZVc+FSBm -CC+Vk7+qRy+oRpfwEuL+wgorUeZ25rdGt+INpsyow0xZVYnm6FNcHOqd8GIWC6fJ -Xwzw3sJ2zq/3avL6QaaiMxTJ5Xpj055iN9WFZZ4O5lMkdBteHRJTW8cs54NJOxWu -imi5V5cCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAERSWwauSCPc/L8my/uRan2Te -2yFPhpk0djZX3dAVL8WtfxUfN2JzPtTnX84XA9s1+ivbrmAJXx5fj267Cz3qWhMe -DGBvtcC1IyIuBwvLqXTLR7sdwdela8wv0kL9Sd2nic9TutoAWii/gt/4uhMdUIaC -/Y4wjylGsB49Ndo4YhYYSq3mtlFs3q9i6wHQHiT+eo8SGhJouPtmmRQURVyu565p -F4ErWjfJXir0xuKhXFSbplQAz/DxwceYMBo7Nhbbo27q/a2ywtrvAkcTisDxszGt -TxzhT5yvDwyd93gN2PQ1VoDat20Xj50egWTh/sVFuq1ruQp6Tk9LhO5L8X3dEQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDojCCAoqgAwIBAgIQE4Y1TR0/BvLB+WUF1ZAcYjANBgkqhkiG9w0BAQUFADBr -MQswCQYDVQQGEwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UECxMmVmlzYSBJbnRl -cm5hdGlvbmFsIFNlcnZpY2UgQXNzb2NpYXRpb24xHDAaBgNVBAMTE1Zpc2EgZUNv -bW1lcmNlIFJvb3QwHhcNMDIwNjI2MDIxODM2WhcNMjIwNjI0MDAxNjEyWjBrMQsw -CQYDVQQGEwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UECxMmVmlzYSBJbnRlcm5h -dGlvbmFsIFNlcnZpY2UgQXNzb2NpYXRpb24xHDAaBgNVBAMTE1Zpc2EgZUNvbW1l -cmNlIFJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvV95WHm6h -2mCxlCfLF9sHP4CFT8icttD0b0/Pmdjh28JIXDqsOTPHH2qLJj0rNfVIsZHBAk4E -lpF7sDPwsRROEW+1QK8bRaVK7362rPKgH1g/EkZgPI2h4H3PVz4zHvtH8aoVlwdV -ZqW1LS7YgFmypw23RuwhY/81q6UCzyr0TP579ZRdhE2o8mCP2w4lPJ9zcc+U30rq -299yOIzzlr3xF7zSujtFWsan9sYXiwGd/BmoKoMWuDpI/k4+oKsGGelT84ATB+0t -vz8KPFUgOSwsAGl0lUq8ILKpeeUYiZGo3BxN77t+Nwtd/jmliFKMAGzsGHxBvfaL -dXe6YJ2E5/4tAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD -AgEGMB0GA1UdDgQWBBQVOIMPPyw/cDMezUb+B4wg4NfDtzANBgkqhkiG9w0BAQUF -AAOCAQEAX/FBfXxcCLkr4NWSR/pnXKUTwwMhmytMiUbPWU3J/qVAtmPN3XEolWcR -zCSs00Rsca4BIGsDoo8Ytyk6feUWYFN4PMCvFYP3j1IzJL1kk5fui/fbGKhtcbP3 -LBfQdCVp9/5rPJS+TUtBjE7ic9DjkCJzQ83z7+pzzkWKsKZJ/0x9nXGIxHYdkFsd -7v3M9+79YKWxehZx0RbQfBI8bGmX265fOZpwLwU8GUYEmSA20GBuYQa7FkKMcPcw -++DbZqMAAb3mLNqRX6BGi01qnD093QVG/na/oAo85ADmJ7f/hC3euiInlhBx6yLt -398znM/jra6O1I7mT1GvFpLgXPYHDw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEMDCCAxigAwIBAgIQUJRs7Bjq1ZxN1ZfvdY+grTANBgkqhkiG9w0BAQUFADCB -gjELMAkGA1UEBhMCVVMxHjAcBgNVBAsTFXd3dy54cmFtcHNlY3VyaXR5LmNvbTEk -MCIGA1UEChMbWFJhbXAgU2VjdXJpdHkgU2VydmljZXMgSW5jMS0wKwYDVQQDEyRY -UmFtcCBHbG9iYWwgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQxMTAxMTcx -NDA0WhcNMzUwMTAxMDUzNzE5WjCBgjELMAkGA1UEBhMCVVMxHjAcBgNVBAsTFXd3 -dy54cmFtcHNlY3VyaXR5LmNvbTEkMCIGA1UEChMbWFJhbXAgU2VjdXJpdHkgU2Vy -dmljZXMgSW5jMS0wKwYDVQQDEyRYUmFtcCBHbG9iYWwgQ2VydGlmaWNhdGlvbiBB -dXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYJB69FbS6 -38eMpSe2OAtp87ZOqCwuIR1cRN8hXX4jdP5efrRKt6atH67gBhbim1vZZ3RrXYCP -KZ2GG9mcDZhtdhAoWORlsH9KmHmf4MMxfoArtYzAQDsRhtDLooY2YKTVMIJt2W7Q -DxIEM5dfT2Fa8OT5kavnHTu86M/0ay00fOJIYRyO82FEzG+gSqmUsE3a56k0enI4 -qEHMPJQRfevIpoy3hsvKMzvZPTeL+3o+hiznc9cKV6xkmxnr9A8ECIqsAxcZZPRa -JSKNNCyy9mgdEm3Tih4U2sSPpuIjhdV6Db1q4Ons7Be7QhtnqiXtRYMh/MHJfNVi -PvryxS3T/dRlAgMBAAGjgZ8wgZwwEwYJKwYBBAGCNxQCBAYeBABDAEEwCwYDVR0P -BAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFMZPoj0GY4QJnM5i5ASs -jVy16bYbMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwueHJhbXBzZWN1cml0 -eS5jb20vWEdDQS5jcmwwEAYJKwYBBAGCNxUBBAMCAQEwDQYJKoZIhvcNAQEFBQAD -ggEBAJEVOQMBG2f7Shz5CmBbodpNl2L5JFMn14JkTpAuw0kbK5rc/Kh4ZzXxHfAR -vbdI4xD2Dd8/0sm2qlWkSLoC295ZLhVbO50WfUfXN+pfTXYSNrsf16GBBEYgoyxt -qZ4Bfj8pzgCT3/3JknOJiWSe5yvkHJEs0rnOfc5vMZnT5r7SHpDwCRR5XCOrTdLa -IR9NmXmd4c8nnxCbHIgNsIpkQTG4DmyQJKSbXHGPurt+HBvbaoAPIbzp26a3QPSy -i6mx5O+aGtA9aZnuqCij4Tyz8LIRnM98QObd50N9otg6tamN8jSZxNQQ4Qb9CYQQ -O+7ETPTsJ3xCwnR8gooJybQDJbw= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDODCCAiCgAwIBAgIGIAYFFnACMA0GCSqGSIb3DQEBBQUAMDsxCzAJBgNVBAYT -AlJPMREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJR04gUk9PVCBD -QTAeFw0wNjA3MDQxNzIwMDRaFw0zMTA3MDQxNzIwMDRaMDsxCzAJBgNVBAYTAlJP -MREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJR04gUk9PVCBDQTCC -ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALczuX7IJUqOtdu0KBuqV5Do -0SLTZLrTk+jUrIZhQGpgV2hUhE28alQCBf/fm5oqrl0Hj0rDKH/v+yv6efHHrfAQ -UySQi2bJqIirr1qjAOm+ukbuW3N7LBeCgV5iLKECZbO9xSsAfsT8AzNXDe3i+s5d -RdY4zTW2ssHQnIFKquSyAVwdj1+ZxLGt24gh65AIgoDzMKND5pCCrlUoSe1b16kQ -OA7+j0xbm0bqQfWwCHTD0IgztnzXdN/chNFDDnU5oSVAKOp4yw4sLjmdjItuFhwv -JoIQ4uNllAoEwF73XVv4EOLQunpL+943AAAaWyjj0pxzPjKHmKHJUS/X3qwzs08C -AwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAcYwHQYDVR0O -BBYEFOCMm9slSbPxfIbWskKHC9BroNnkMA0GCSqGSIb3DQEBBQUAA4IBAQA+0hyJ -LjX8+HXd5n9liPRyTMks1zJO890ZeUe9jjtbkw9QSSQTaxQGcu8J06Gh40CEyecY -MnQ8SG4Pn0vU9x7Tk4ZkVJdjclDVVc/6IJMCopvDI5NOFlV2oHB5bc0hH88vLbwZ -44gx+FkagQnIl6Z0x2DEW8xXjrJ1/RsCCdtZb3KTafcxQdaIOL+Hsr0Wefmq5L6I -Jd1hJyMctTEHBDa0GpC9oHRxUIltvBTjD4au8as+x6AJzKNI0eDbZOeStc+vckNw -i/nDhDwTqn6Sm1dTk/pwwpEOMfmbZ13pljheX7NzTogVZ96edhBiIL5VaZVDADlN -9u6wWk5JRFRYX0KD ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFsDCCA5igAwIBAgIQFci9ZUdcr7iXAF7kBtK8nTANBgkqhkiG9w0BAQUFADBe -MQswCQYDVQQGEwJUVzEjMCEGA1UECgwaQ2h1bmdod2EgVGVsZWNvbSBDby4sIEx0 -ZC4xKjAoBgNVBAsMIWVQS0kgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAe -Fw0wNDEyMjAwMjMxMjdaFw0zNDEyMjAwMjMxMjdaMF4xCzAJBgNVBAYTAlRXMSMw -IQYDVQQKDBpDaHVuZ2h3YSBUZWxlY29tIENvLiwgTHRkLjEqMCgGA1UECwwhZVBL -SSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIICIjANBgkqhkiG9w0BAQEF -AAOCAg8AMIICCgKCAgEA4SUP7o3biDN1Z82tH306Tm2d0y8U82N0ywEhajfqhFAH -SyZbCUNsIZ5qyNUD9WBpj8zwIuQf5/dqIjG3LBXy4P4AakP/h2XGtRrBp0xtInAh -ijHyl3SJCRImHJ7K2RKilTza6We/CKBk49ZCt0Xvl/T29de1ShUCWH2YWEtgvM3X -DZoTM1PRYfl61dd4s5oz9wCGzh1NlDivqOx4UXCKXBCDUSH3ET00hl7lSM2XgYI1 -TBnsZfZrxQWh7kcT1rMhJ5QQCtkkO7q+RBNGMD+XPNjX12ruOzjjK9SXDrkb5wdJ -fzcq+Xd4z1TtW0ado4AOkUPB1ltfFLqfpo0kR0BZv3I4sjZsN/+Z0V0OWQqraffA -sgRFelQArr5T9rXn4fg8ozHSqf4hUmTFpmfwdQcGlBSBVcYn5AGPF8Fqcde+S/uU -WH1+ETOxQvdibBjWzwloPn9s9h6PYq2lY9sJpx8iQkEeb5mKPtf5P0B6ebClAZLS -nT0IFaUQAS2zMnaolQ2zepr7BxB4EW/hj8e6DyUadCrlHJhBmd8hh+iVBmoKs2pH -dmX2Os+PYhcZewoozRrSgx4hxyy/vv9haLdnG7t4TY3OZ+XkwY63I2binZB1NJip -NiuKmpS5nezMirH4JYlcWrYvjB9teSSnUmjDhDXiZo1jDiVN1Rmy5nk3pyKdVDEC -AwEAAaNqMGgwHQYDVR0OBBYEFB4M97Zn8uGSJglFwFU5Lnc/QkqiMAwGA1UdEwQF -MAMBAf8wOQYEZyoHAAQxMC8wLQIBADAJBgUrDgMCGgUAMAcGBWcqAwAABBRFsMLH -ClZ87lt4DJX5GFPBphzYEDANBgkqhkiG9w0BAQUFAAOCAgEACbODU1kBPpVJufGB -uvl2ICO1J2B01GqZNF5sAFPZn/KmsSQHRGoqxqWOeBLoR9lYGxMqXnmbnwoqZ6Yl -PwZpVnPDimZI+ymBV3QGypzqKOg4ZyYr8dW1P2WT+DZdjo2NQCCHGervJ8A9tDkP -JXtoUHRVnAxZfVo9QZQlUgjgRywVMRnVvwdVxrsStZf0X4OFunHB2WyBEXYKCrC/ -gpf36j36+uwtqSiUO1bd0lEursC9CBWMd1I0ltabrNMdjmEPNXubrjlpC2JgQCA2 -j6/7Nu4tCEoduL+bXPjqpRugc6bY+G7gMwRfaKonh+3ZwZCc7b3jajWvY9+rGNm6 -5ulK6lCKD2GTHuItGeIwlDWSXQ62B68ZgI9HkFFLLk3dheLSClIKF5r8GrBQAuUB -o2M3IUxExJtRmREOc5wGj1QupyheRDmHVi03vYVElOEMSyycw5KFNGHLD7ibSkNS -/jQ6fbjpKdx2qcgw+BRxgMYeNkh0IkFch4LoGHGLQYlE535YW6i4jRPpp2zDR+2z -Gp1iro2C6pSe3VkQw63d4k3jMdXH7OjysP6SHhYKGvzZ8/gntsm+HbRsZJB/9OTE -W9c3rkIO3aQab3yIVMUWbuF6aC74Or8NpDyJO3inTmODBCEIZ43ygknQW/2xzQ+D -hNQ+IIX3Sj0rnP0qCglN6oH4EZw= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEIDCCAwigAwIBAgIQNE7VVyDV7exJ9C/ON9srbTANBgkqhkiG9w0BAQUFADCB -qTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf -Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIw -MDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNV -BAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMDYxMTE3MDAwMDAwWhcNMzYw -NzE2MjM1OTU5WjCBqTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5j -LjEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYG -A1UECxMvKGMpIDIwMDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNl -IG9ubHkxHzAdBgNVBAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsoPD7gFnUnMekz52hWXMJEEUMDSxuaPFs -W0hoSVk3/AszGcJ3f8wQLZU0HObrTQmnHNK4yZc2AreJ1CRfBsDMRJSUjQJib+ta -3RGNKJpchJAQeg29dGYvajig4tVUROsdB58Hum/u6f1OCyn1PoSgAfGcq/gcfomk -6KHYcWUNo1F77rzSImANuVud37r8UVsLr5iy6S7pBOhih94ryNdOwUxkHt3Ph1i6 -Sk/KaAcdHJ1KxtUvkcx8cXIcxcBn6zL9yZJclNqFwJu/U30rCfSMnZEfl2pSy94J -NqR32HuHUETVPm4pafs5SSYeCaWAe0At6+gnhcn+Yf1+5nyXHdWdAgMBAAGjQjBA -MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBR7W0XP -r87Lev0xkhpqtvNG61dIUDANBgkqhkiG9w0BAQUFAAOCAQEAeRHAS7ORtvzw6WfU -DW5FvlXok9LOAz/t2iWwHVfLHjp2oEzsUHboZHIMpKnxuIvW1oeEuzLlQRHAd9mz -YJ3rG9XRbkREqaYB7FViHXe4XI5ISXycO1cRrK1zN44veFyQaEfZYGDm/Ac9IiAX -xPcW6cTYcvnIc3zfFi8VqT79aie2oetaupgf1eNNZAqdE8hhuvU5HIe6uL17In/2 -/qxAeeWsEG89jxt5dovEN7MhGITlNgDrYyCZuen+MwS7QcjBAvlEYyCegc5C09Y/ -LHbTY5xZ3Y+m4Q6gLkH3LpVHz7z9M/P2C2F+fpErgUfCJzDupxBdN49cOSvkBPB7 -jVaMaA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICiDCCAg2gAwIBAgIQNfwmXNmET8k9Jj1Xm67XVjAKBggqhkjOPQQDAzCBhDEL -MAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjE4MDYGA1UECxMvKGMp -IDIwMDcgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxJDAi -BgNVBAMTG3RoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EgLSBHMjAeFw0wNzExMDUwMDAw -MDBaFw0zODAxMTgyMzU5NTlaMIGEMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhh -d3RlLCBJbmMuMTgwNgYDVQQLEy8oYykgMjAwNyB0aGF3dGUsIEluYy4gLSBGb3Ig -YXV0aG9yaXplZCB1c2Ugb25seTEkMCIGA1UEAxMbdGhhd3RlIFByaW1hcnkgUm9v -dCBDQSAtIEcyMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEotWcgnuVnfFSeIf+iha/ -BebfowJPDQfGAFG6DAJSLSKkQjnE/o/qycG+1E3/n3qe4rF8mq2nhglzh9HnmuN6 -papu+7qzcMBniKI11KOasf2twu8x+qi58/sIxpHR+ymVo0IwQDAPBgNVHRMBAf8E -BTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUmtgAMADna3+FGO6Lts6K -DPgR4bswCgYIKoZIzj0EAwMDaQAwZgIxAN344FdHW6fmCsO99YCKlzUNG4k8VIZ3 -KMqh9HneteY4sPBlcIx/AlTCv//YoT7ZzwIxAMSNlPzcU9LcnXgWHxUzI1NS41ox -XZ3Krr0TKUQNJ1uo52icEvdYPy5yAlejj6EULg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEKjCCAxKgAwIBAgIQYAGXt0an6rS0mtZLL/eQ+zANBgkqhkiG9w0BAQsFADCB -rjELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf -Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIw -MDggdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxJDAiBgNV -BAMTG3RoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EgLSBHMzAeFw0wODA0MDIwMDAwMDBa -Fw0zNzEyMDEyMzU5NTlaMIGuMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3Rl -LCBJbmMuMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9u -MTgwNgYDVQQLEy8oYykgMjAwOCB0aGF3dGUsIEluYy4gLSBGb3IgYXV0aG9yaXpl -ZCB1c2Ugb25seTEkMCIGA1UEAxMbdGhhd3RlIFByaW1hcnkgUm9vdCBDQSAtIEcz -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsr8nLPvb2FvdeHsbnndm -gcs+vHyu86YnmjSjaDFxODNi5PNxZnmxqWWjpYvVj2AtP0LMqmsywCPLLEHd5N/8 -YZzic7IilRFDGF/Eth9XbAoFWCLINkw6fKXRz4aviKdEAhN0cXMKQlkC+BsUa0Lf -b1+6a4KinVvnSr0eAXLbS3ToO39/fR8EtCab4LRarEc9VbjXsCZSKAExQGbY2SS9 -9irY7CFJXJv2eul/VTV+lmuNk5Mny5K76qxAwJ/C+IDPXfRa3M50hqY+bAtTyr2S -zhkGcuYMXDhpxwTWvGzOW/b3aJzcJRVIiKHpqfiYnODz1TEoYRFsZ5aNOZnLwkUk -OQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNV -HQ4EFgQUrWyqlGCc7eT/+j4KdCtjA/e2Wb8wDQYJKoZIhvcNAQELBQADggEBABpA -2JVlrAmSicY59BDlqQ5mU1143vokkbvnRFHfxhY0Cu9qRFHqKweKA3rD6z8KLFIW -oCtDuSWQP3CpMyVtRRooOyfPqsMpQhvfO0zAMzRbQYi/aytlryjvsvXDqmbOe1bu -t8jLZ8HJnBoYuMTDSQPxYA5QzUbF83d597YV4Djbxy8ooAw/dyZ02SUS2jHaGh7c -KUGRIjxpp7sC8rZcJwOJ9Abqm+RyguOhCcHpABnTPtRwa7pxpqpYrvS76Wy274fM -m7v/OeZWYdMKp8RcTGB7BXcmer/YB1IsYvdwY9k5vG8cwnncdimvzsUsZAReiDZu -MdRAGmI0Nj81Aa6sY6A= ------END CERTIFICATE----- diff --git a/bitnami/kubeapps-apprepository-controller/2/debian-11/tags-info.yaml b/bitnami/kubeapps-apprepository-controller/2/debian-11/tags-info.yaml deleted file mode 100644 index 6a4080a5f75e..000000000000 --- a/bitnami/kubeapps-apprepository-controller/2/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "2" -- 2-debian-11 -- 2.9.0 -- latest diff --git a/bitnami/kubeapps-asset-syncer/2/debian-11/Dockerfile b/bitnami/kubeapps-asset-syncer/2/debian-11/Dockerfile deleted file mode 100644 index 111b34af4e2f..000000000000 --- a/bitnami/kubeapps-asset-syncer/2/debian-11/Dockerfile +++ /dev/null @@ -1,56 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye as builder - -ARG TARGETARCH - -ENV OS_ARCH="${TARGETARCH:-amd64}" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] - -# Install required system packages and dependencies -RUN install_packages ca-certificates curl -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "kubeapps-asset-syncer-2.9.0-11-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done - -###### - -FROM scratch - -ARG TARGETARCH - -ENV OS_ARCH="${TARGETARCH:-amd64}" - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="scratch" \ - org.opencontainers.image.created="2024-02-07T05:45:46Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="2.9.0-debian-11-r21" \ - org.opencontainers.image.title="kubeapps-asset-syncer" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="2.9.0" - -COPY prebuildfs / -COPY rootfs / -COPY --from=builder /opt/bitnami/kubeapps-asset-syncer/bin/asset-syncer /asset-syncer - -ENV APP_VERSION="2.9.0" \ - BITNAMI_APP_NAME="kubeapps-asset-syncer" - -USER 1001 - -CMD [ "/asset-syncer" ] diff --git a/bitnami/kubeapps-asset-syncer/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/kubeapps-asset-syncer/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 4f59c7f056c9..000000000000 --- a/bitnami/kubeapps-asset-syncer/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "kubeapps-asset-syncer": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.9.0-11" - } -} \ No newline at end of file diff --git a/bitnami/kubeapps-asset-syncer/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/kubeapps-asset-syncer/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/kubeapps-asset-syncer/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/kubeapps-asset-syncer/2/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/kubeapps-asset-syncer/2/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/kubeapps-asset-syncer/2/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/kubeapps-asset-syncer/2/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/kubeapps-asset-syncer/2/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/kubeapps-asset-syncer/2/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/kubeapps-asset-syncer/2/debian-11/rootfs/etc/ssl/certs/ca-certificates.crt b/bitnami/kubeapps-asset-syncer/2/debian-11/rootfs/etc/ssl/certs/ca-certificates.crt deleted file mode 100644 index 2d584626cce6..000000000000 --- a/bitnami/kubeapps-asset-syncer/2/debian-11/rootfs/etc/ssl/certs/ca-certificates.crt +++ /dev/null @@ -1,3864 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIH0zCCBbugAwIBAgIIXsO3pkN/pOAwDQYJKoZIhvcNAQEFBQAwQjESMBAGA1UE -AwwJQUNDVlJBSVoxMRAwDgYDVQQLDAdQS0lBQ0NWMQ0wCwYDVQQKDARBQ0NWMQsw -CQYDVQQGEwJFUzAeFw0xMTA1MDUwOTM3MzdaFw0zMDEyMzEwOTM3MzdaMEIxEjAQ -BgNVBAMMCUFDQ1ZSQUlaMTEQMA4GA1UECwwHUEtJQUNDVjENMAsGA1UECgwEQUND -VjELMAkGA1UEBhMCRVMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCb -qau/YUqXry+XZpp0X9DZlv3P4uRm7x8fRzPCRKPfmt4ftVTdFXxpNRFvu8gMjmoY -HtiP2Ra8EEg2XPBjs5BaXCQ316PWywlxufEBcoSwfdtNgM3802/J+Nq2DoLSRYWo -G2ioPej0RGy9ocLLA76MPhMAhN9KSMDjIgro6TenGEyxCQ0jVn8ETdkXhBilyNpA -lHPrzg5XPAOBOp0KoVdDaaxXbXmQeOW1tDvYvEyNKKGno6e6Ak4l0Squ7a4DIrhr -IA8wKFSVf+DuzgpmndFALW4ir50awQUZ0m/A8p/4e7MCQvtQqR0tkw8jq8bBD5L/ -0KIV9VMJcRz/RROE5iZe+OCIHAr8Fraocwa48GOEAqDGWuzndN9wrqODJerWx5eH -k6fGioozl2A3ED6XPm4pFdahD9GILBKfb6qkxkLrQaLjlUPTAYVtjrs78yM2x/47 -4KElB0iryYl0/wiPgL/AlmXz7uxLaL2diMMxs0Dx6M/2OLuc5NF/1OVYm3z61PMO -m3WR5LpSLhl+0fXNWhn8ugb2+1KoS5kE3fj5tItQo05iifCHJPqDQsGH+tUtKSpa -cXpkatcnYGMN285J9Y0fkIkyF/hzQ7jSWpOGYdbhdQrqeWZ2iE9x6wQl1gpaepPl -uUsXQA+xtrn13k/c4LOsOxFwYIRKQ26ZIMApcQrAZQIDAQABo4ICyzCCAscwfQYI -KwYBBQUHAQEEcTBvMEwGCCsGAQUFBzAChkBodHRwOi8vd3d3LmFjY3YuZXMvZmls -ZWFkbWluL0FyY2hpdm9zL2NlcnRpZmljYWRvcy9yYWl6YWNjdjEuY3J0MB8GCCsG -AQUFBzABhhNodHRwOi8vb2NzcC5hY2N2LmVzMB0GA1UdDgQWBBTSh7Tj3zcnk1X2 -VuqB5TbMjB4/vTAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFNKHtOPfNyeT -VfZW6oHlNsyMHj+9MIIBcwYDVR0gBIIBajCCAWYwggFiBgRVHSAAMIIBWDCCASIG -CCsGAQUFBwICMIIBFB6CARAAQQB1AHQAbwByAGkAZABhAGQAIABkAGUAIABDAGUA -cgB0AGkAZgBpAGMAYQBjAGkA8wBuACAAUgBhAO0AegAgAGQAZQAgAGwAYQAgAEEA -QwBDAFYAIAAoAEEAZwBlAG4AYwBpAGEAIABkAGUAIABUAGUAYwBuAG8AbABvAGcA -7QBhACAAeQAgAEMAZQByAHQAaQBmAGkAYwBhAGMAaQDzAG4AIABFAGwAZQBjAHQA -cgDzAG4AaQBjAGEALAAgAEMASQBGACAAUQA0ADYAMAAxADEANQA2AEUAKQAuACAA -QwBQAFMAIABlAG4AIABoAHQAdABwADoALwAvAHcAdwB3AC4AYQBjAGMAdgAuAGUA -czAwBggrBgEFBQcCARYkaHR0cDovL3d3dy5hY2N2LmVzL2xlZ2lzbGFjaW9uX2Mu -aHRtMFUGA1UdHwROMEwwSqBIoEaGRGh0dHA6Ly93d3cuYWNjdi5lcy9maWxlYWRt -aW4vQXJjaGl2b3MvY2VydGlmaWNhZG9zL3JhaXphY2N2MV9kZXIuY3JsMA4GA1Ud -DwEB/wQEAwIBBjAXBgNVHREEEDAOgQxhY2N2QGFjY3YuZXMwDQYJKoZIhvcNAQEF -BQADggIBAJcxAp/n/UNnSEQU5CmH7UwoZtCPNdpNYbdKl02125DgBS4OxnnQ8pdp -D70ER9m+27Up2pvZrqmZ1dM8MJP1jaGo/AaNRPTKFpV8M9xii6g3+CfYCS0b78gU -JyCpZET/LtZ1qmxNYEAZSUNUY9rizLpm5U9EelvZaoErQNV/+QEnWCzI7UiRfD+m -AM/EKXMRNt6GGT6d7hmKG9Ww7Y49nCrADdg9ZuM8Db3VlFzi4qc1GwQA9j9ajepD -vV+JHanBsMyZ4k0ACtrJJ1vnE5Bc5PUzolVt3OAJTS+xJlsndQAJxGJ3KQhfnlms -tn6tn1QwIgPBHnFk/vk4CpYY3QIUrCPLBhwepH2NDd4nQeit2hW3sCPdK6jT2iWH -7ehVRE2I9DZ+hJp4rPcOVkkO1jMl1oRQQmwgEh0q1b688nCBpHBgvgW1m54ERL5h -I6zppSSMEYCUWqKiuUnSwdzRp+0xESyeGabu4VXhwOrPDYTkF7eifKXeVSUG7szA -h1xA2syVP1XgNce4hL60Xc16gwFy7ofmXx2utYXGJt/mwZrpHgJHnyqobalbz+xF -d3+YJ5oyXSrjhO7FmGYvliAd3djDJ9ew+f7Zfc3Qn48LFFhRny+Lwzgt3uiP1o2H -pPVWQxaZLPSkVrQ0uGE3ycJYgBugl6H8WY3pEfbRD0tVNEYqi4Y7 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFgzCCA2ugAwIBAgIPXZONMGc2yAYdGsdUhGkHMA0GCSqGSIb3DQEBCwUAMDsx -CzAJBgNVBAYTAkVTMREwDwYDVQQKDAhGTk1ULVJDTTEZMBcGA1UECwwQQUMgUkFJ -WiBGTk1ULVJDTTAeFw0wODEwMjkxNTU5NTZaFw0zMDAxMDEwMDAwMDBaMDsxCzAJ -BgNVBAYTAkVTMREwDwYDVQQKDAhGTk1ULVJDTTEZMBcGA1UECwwQQUMgUkFJWiBG -Tk1ULVJDTTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALpxgHpMhm5/ -yBNtwMZ9HACXjywMI7sQmkCpGreHiPibVmr75nuOi5KOpyVdWRHbNi63URcfqQgf -BBckWKo3Shjf5TnUV/3XwSyRAZHiItQDwFj8d0fsjz50Q7qsNI1NOHZnjrDIbzAz -WHFctPVrbtQBULgTfmxKo0nRIBnuvMApGGWn3v7v3QqQIecaZ5JCEJhfTzC8PhxF -tBDXaEAUwED653cXeuYLj2VbPNmaUtu1vZ5Gzz3rkQUCwJaydkxNEJY7kvqcfw+Z -374jNUUeAlz+taibmSXaXvMiwzn15Cou08YfxGyqxRxqAQVKL9LFwag0Jl1mpdIC -IfkYtwb1TplvqKtMUejPUBjFd8g5CSxJkjKZqLsXF3mwWsXmo8RZZUc1g16p6DUL -mbvkzSDGm0oGObVo/CK67lWMK07q87Hj/LaZmtVC+nFNCM+HHmpxffnTtOmlcYF7 -wk5HlqX2doWjKI/pgG6BU6VtX7hI+cL5NqYuSf+4lsKMB7ObiFj86xsc3i1w4peS -MKGJ47xVqCfWS+2QrYv6YyVZLag13cqXM7zlzced0ezvXg5KkAYmY6252TUtB7p2 -ZSysV4999AeU14ECll2jB0nVetBX+RvnU0Z1qrB5QstocQjpYL05ac70r8NWQMet -UqIJ5G+GR4of6ygnXYMgrwTJbFaai0b1AgMBAAGjgYMwgYAwDwYDVR0TAQH/BAUw -AwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFPd9xf3E6Jobd2Sn9R2gzL+H -YJptMD4GA1UdIAQ3MDUwMwYEVR0gADArMCkGCCsGAQUFBwIBFh1odHRwOi8vd3d3 -LmNlcnQuZm5tdC5lcy9kcGNzLzANBgkqhkiG9w0BAQsFAAOCAgEAB5BK3/MjTvDD -nFFlm5wioooMhfNzKWtN/gHiqQxjAb8EZ6WdmF/9ARP67Jpi6Yb+tmLSbkyU+8B1 -RXxlDPiyN8+sD8+Nb/kZ94/sHvJwnvDKuO+3/3Y3dlv2bojzr2IyIpMNOmqOFGYM -LVN0V2Ue1bLdI4E7pWYjJ2cJj+F3qkPNZVEI7VFY/uY5+ctHhKQV8Xa7pO6kO8Rf -77IzlhEYt8llvhjho6Tc+hj507wTmzl6NLrTQfv6MooqtyuGC2mDOL7Nii4LcK2N -JpLuHvUBKwrZ1pebbuCoGRw6IYsMHkCtA+fdZn71uSANA+iW+YJF1DngoABd15jm -fZ5nc8OaKveri6E6FO80vFIOiZiaBECEHX5FaZNXzuvO+FB8TxxuBEOb+dY7Ixjp -6o7RTUaN8Tvkasq6+yO3m/qZASlaWFot4/nUbQ4mrcFuNLwy+AwF+mWj2zs3gyLp -1txyM/1d8iC9djwj2ij3+RvrWWTV3F9yfiD8zYm1kGdNYno/Tq0dwzn+evQoFt9B -9kiABdcPUXmsEKvU7ANm5mqwujGSQkBqvjrTcuFqN1W8rB2Vt2lh8kORdOag0wok -RqEIr9baRRmW1FMdW4R58MD3R++Lj8UGrp1MYp3/RgT408m2ECVAdf4WqslKYIYv -uu8wd+RU4riEmViAqhOLUTpPSPaLtrM= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIGZjCCBE6gAwIBAgIPB35Sk3vgFeNX8GmMy+wMMA0GCSqGSIb3DQEBBQUAMHsx -CzAJBgNVBAYTAkNPMUcwRQYDVQQKDD5Tb2NpZWRhZCBDYW1lcmFsIGRlIENlcnRp -ZmljYWNpw7NuIERpZ2l0YWwgLSBDZXJ0aWPDoW1hcmEgUy5BLjEjMCEGA1UEAwwa -QUMgUmHDrXogQ2VydGljw6FtYXJhIFMuQS4wHhcNMDYxMTI3MjA0NjI5WhcNMzAw -NDAyMjE0MjAyWjB7MQswCQYDVQQGEwJDTzFHMEUGA1UECgw+U29jaWVkYWQgQ2Ft -ZXJhbCBkZSBDZXJ0aWZpY2FjacOzbiBEaWdpdGFsIC0gQ2VydGljw6FtYXJhIFMu -QS4xIzAhBgNVBAMMGkFDIFJhw616IENlcnRpY8OhbWFyYSBTLkEuMIICIjANBgkq -hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAq2uJo1PMSCMI+8PPUZYILrgIem08kBeG -qentLhM0R7LQcNzJPNCNyu5LF6vQhbCnIwTLqKL85XXbQMpiiY9QngE9JlsYhBzL -fDe3fezTf3MZsGqy2IiKLUV0qPezuMDU2s0iiXRNWhU5cxh0T7XrmafBHoi0wpOQ -Y5fzp6cSsgkiBzPZkc0OnB8OIMfuuzONj8LSWKdf/WU34ojC2I+GdV75LaeHM/J4 -Ny+LvB2GNzmxlPLYvEqcgxhaBvzz1NS6jBUJJfD5to0EfhcSM2tXSExP2yYe68yQ -54v5aHxwD6Mq0Do43zeX4lvegGHTgNiRg0JaTASJaBE8rF9ogEHMYELODVoqDA+b -MMCm8Ibbq0nXl21Ii/kDwFJnmxL3wvIumGVC2daa49AZMQyth9VXAnow6IYm+48j -ilSH5L887uvDdUhfHjlvgWJsxS3EF1QZtzeNnDeRyPYL1epjb4OsOMLzP96a++Ej -YfDIJss2yKHzMI+ko6Kh3VOz3vCaMh+DkXkwwakfU5tTohVTP92dsxA7SH2JD/zt -A/X7JWR1DhcZDY8AFmd5ekD8LVkH2ZD6mq093ICK5lw1omdMEWux+IBkAC1vImHF -rEsm5VoQgpukg3s0956JkSCXjrdCx2bD0Omk1vUgjcTDlaxECp1bczwmPS9KvqfJ -pxAe+59QafMCAwEAAaOB5jCB4zAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE -AwIBBjAdBgNVHQ4EFgQU0QnQ6dfOeXRU+Tows/RtLAMDG2gwgaAGA1UdIASBmDCB -lTCBkgYEVR0gADCBiTArBggrBgEFBQcCARYfaHR0cDovL3d3dy5jZXJ0aWNhbWFy -YS5jb20vZHBjLzBaBggrBgEFBQcCAjBOGkxMaW1pdGFjaW9uZXMgZGUgZ2FyYW50 -7WFzIGRlIGVzdGUgY2VydGlmaWNhZG8gc2UgcHVlZGVuIGVuY29udHJhciBlbiBs -YSBEUEMuMA0GCSqGSIb3DQEBBQUAA4ICAQBclLW4RZFNjmEfAygPU3zmpFmps4p6 -xbD/CHwso3EcIRNnoZUSQDWDg4902zNc8El2CoFS3UnUmjIz75uny3XlesuXEpBc -unvFm9+7OSPI/5jOCk0iAUgHforA1SBClETvv3eiiWdIG0ADBaGJ7M9i4z0ldma/ -Jre7Ir5v/zlXdLp6yQGVwZVR6Kss+LGGIOk/yzVb0hfpKv6DExdA7ohiZVvVO2Dp -ezy4ydV/NgIlqmjCMRW3MGXrfx1IebHPOeJCgBbT9ZMj/EyXyVo3bHwi2ErN0o42 -gzmRkBDI8ck1fj+404HGIGQatlDCIaR43NAvO2STdPCWkPHv+wlaNECW8DYSwaN0 -jJN+Qd53i+yG2dIPPy3RzECiiWZIHiCznCNZc6lEc7wkeZBWN7PGKX6jD/EpOe9+ -XCgycDWs2rjIdWb8m0w5R44bb5tNAlQiM+9hup4phO9OSzNHdpdqy35f/RWmnkJD -W2ZaiogN9xa5P1FlK2Zqi9E4UqLWRhH6/JocdJ6PlwsCT2TG9WjTSy3/pDceiz+/ -RL5hRqGEPQgnTIEgd4kI6mdAXmwIUV80WoyWaM3X94nCHNMyAK9Sy9NgWyo6R35r -MDOhYil/SrnhLecUIw4OGEfhefwVVdCx/CVxY3UzHCMrr1zZ7Ud3YA47Dx7SwNxk -BYn8eNZcLCZDqQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFuzCCA6OgAwIBAgIIVwoRl0LE48wwDQYJKoZIhvcNAQELBQAwazELMAkGA1UE -BhMCSVQxDjAMBgNVBAcMBU1pbGFuMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8w -MzM1ODUyMDk2NzEnMCUGA1UEAwweQWN0YWxpcyBBdXRoZW50aWNhdGlvbiBSb290 -IENBMB4XDTExMDkyMjExMjIwMloXDTMwMDkyMjExMjIwMlowazELMAkGA1UEBhMC -SVQxDjAMBgNVBAcMBU1pbGFuMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8wMzM1 -ODUyMDk2NzEnMCUGA1UEAwweQWN0YWxpcyBBdXRoZW50aWNhdGlvbiBSb290IENB -MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAp8bEpSmkLO/lGMWwUKNv -UTufClrJwkg4CsIcoBh/kbWHuUA/3R1oHwiD1S0eiKD4j1aPbZkCkpAW1V8IbInX -4ay8IMKx4INRimlNAJZaby/ARH6jDuSRzVju3PvHHkVH3Se5CAGfpiEd9UEtL0z9 -KK3giq0itFZljoZUj5NDKd45RnijMCO6zfB9E1fAXdKDa0hMxKufgFpbOr3JpyI/ -gCczWw63igxdBzcIy2zSekciRDXFzMwujt0q7bd9Zg1fYVEiVRvjRuPjPdA1Yprb -rxTIW6HMiRvhMCb8oJsfgadHHwTrozmSBp+Z07/T6k9QnBn+locePGX2oxgkg4YQ -51Q+qDp2JE+BIcXjDwL4k5RHILv+1A7TaLndxHqEguNTVHnd25zS8gebLra8Pu2F -be8lEfKXGkJh90qX6IuxEAf6ZYGyojnP9zz/GPvG8VqLWeICrHuS0E4UT1lF9gxe -KF+w6D9Fz8+vm2/7hNN3WpVvrJSEnu68wEqPSpP4RCHiMUVhUE4Q2OM1fEwZtN4F -v6MGn8i1zeQf1xcGDXqVdFUNaBr8EBtiZJ1t4JWgw5QHVw0U5r0F+7if5t+L4sbn -fpb2U8WANFAoWPASUHEXMLrmeGO89LKtmyuy/uE5jF66CyCU3nuDuP/jVo23Eek7 -jPKxwV2dpAtMK9myGPW1n0sCAwEAAaNjMGEwHQYDVR0OBBYEFFLYiDrIn3hm7Ynz -ezhwlMkCAjbQMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUUtiIOsifeGbt -ifN7OHCUyQICNtAwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4ICAQAL -e3KHwGCmSUyIWOYdiPcUZEim2FgKDk8TNd81HdTtBjHIgT5q1d07GjLukD0R0i70 -jsNjLiNmsGe+b7bAEzlgqqI0JZN1Ut6nna0Oh4lScWoWPBkdg/iaKWW+9D+a2fDz -WochcYBNy+A4mz+7+uAwTc+G02UQGRjRlwKxK3JCaKygvU5a2hi/a5iB0P2avl4V -SM0RFbnAKVy06Ij3Pjaut2L9HmLecHgQHEhb2rykOLpn7VU+Xlff1ANATIGk0k9j -pwlCCRT8AKnCgHNPLsBA2RF7SOp6AsDT6ygBJlh0wcBzIm2Tlf05fbsq4/aC4yyX -X04fkZT6/iyj2HYauE2yOE+b+h1IYHkm4vP9qdCa6HCPSXrW5b0KDtst842/6+Ok -fcvHlXHo2qN8xcL4dJIEG4aspCJTQLas/kx2z/uUMsA1n3Y/buWQbqCmJqK4LL7R -K4X9p2jIugErsWx0Hbhzlefut8cl8ABMALJ+tguLHPPAUJ4lueAI3jZm/zel0btU -ZCzJJ7VLkn5l/9Mt4blOvH+kQSGQQXemOR/qnuOf0GZvBeyqdn6/axag67XH/JJU -LysRJyU3eExRarDzzFhdFPFqSBX/wge2sY0PjlxQRrM9vwGYT7JZVEc+NHt4bVaT -LnPqZih4zR0Uv6CPLy64Lo7yFIrM6bV8+2ydDKXhlg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIENjCCAx6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBvMQswCQYDVQQGEwJTRTEU -MBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4dGVybmFs -IFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBFeHRlcm5hbCBDQSBSb290 -MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFowbzELMAkGA1UEBhMCU0Ux -FDASBgNVBAoTC0FkZFRydXN0IEFCMSYwJAYDVQQLEx1BZGRUcnVzdCBFeHRlcm5h -bCBUVFAgTmV0d29yazEiMCAGA1UEAxMZQWRkVHJ1c3QgRXh0ZXJuYWwgQ0EgUm9v -dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALf3GjPm8gAELTngTlvt -H7xsD821+iO2zt6bETOXpClMfZOfvUq8k+0DGuOPz+VtUFrWlymUWoCwSXrbLpX9 -uMq/NzgtHj6RQa1wVsfwTz/oMp50ysiQVOnGXw94nZpAPA6sYapeFI+eh6FqUNzX -mk6vBbOmcZSccbNQYArHE504B4YCqOmoaSYYkKtMsE8jqzpPhNjfzp/haW+710LX -a0Tkx63ubUFfclpxCDezeWWkWaCUN/cALw3CknLa0Dhy2xSoRcRdKn23tNbE7qzN -E0S3ySvdQwAl+mG5aWpYIxG3pzOPVnVZ9c0p10a3CitlttNCbxWyuHv77+ldU9U0 -WicCAwEAAaOB3DCB2TAdBgNVHQ4EFgQUrb2YejS0Jvf6xCZU7wO94CTLVBowCwYD -VR0PBAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wgZkGA1UdIwSBkTCBjoAUrb2YejS0 -Jvf6xCZU7wO94CTLVBqhc6RxMG8xCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRU -cnVzdCBBQjEmMCQGA1UECxMdQWRkVHJ1c3QgRXh0ZXJuYWwgVFRQIE5ldHdvcmsx -IjAgBgNVBAMTGUFkZFRydXN0IEV4dGVybmFsIENBIFJvb3SCAQEwDQYJKoZIhvcN -AQEFBQADggEBALCb4IUlwtYj4g+WBpKdQZic2YR5gdkeWxQHIzZlj7DYd7usQWxH -YINRsPkyPef89iYTx4AWpb9a/IfPeHmJIZriTAcKhjW88t5RxNKWt9x+Tu5w/Rw5 -6wwCURQtjr0W4MHfRnXnJK3s9EK0hZNwEGe6nQY1ShjTK3rMUUKhemPR5ruhxSvC -Nr4TDea9Y355e6cJDUCrat2PisP29owaQgVR1EX1n6diIWgVIEM8med8vSTYqZEX -c4g/VhsxOBi0cQ+azcgOno4uG+GMmIPLHzHxREzGBHNJdmAPx/i9F4BrLunMTA5a -mnkPIAou1Z5jJh5VkpTYghdae9C8x49OhgQ= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEGDCCAwCgAwIBAgIBATANBgkqhkiG9w0BAQUFADBlMQswCQYDVQQGEwJTRTEU -MBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3 -b3JrMSEwHwYDVQQDExhBZGRUcnVzdCBDbGFzcyAxIENBIFJvb3QwHhcNMDAwNTMw -MTAzODMxWhcNMjAwNTMwMTAzODMxWjBlMQswCQYDVQQGEwJTRTEUMBIGA1UEChML -QWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3b3JrMSEwHwYD -VQQDExhBZGRUcnVzdCBDbGFzcyAxIENBIFJvb3QwggEiMA0GCSqGSIb3DQEBAQUA -A4IBDwAwggEKAoIBAQCWltQhSWDia+hBBwzexODcEyPNwTXH+9ZOEQpnXvUGW2ul -CDtbKRY654eyNAbFvAWlA3yCyykQruGIgb3WntP+LVbBFc7jJp0VLhD7Bo8wBN6n -tGO0/7Gcrjyvd7ZWxbWroulpOj0OM3kyP3CCkplhbY0wCI9xP6ZIVxn4JdxLZlyl -dI+Yrsj5wAYi56xz36Uu+1LcsRVlIPo1Zmne3yzxbrww2ywkEtvrNTVokMsAsJch -PXQhI2U0K7t4WaPW4XY5mqRJjox0r26kmqPZm9I4XJuiGMx1I4S+6+JNM3GOGvDC -+Mcdoq0Dlyz4zyXG9rgkMbFjXZJ/Y/AlyVMuH79NAgMBAAGjgdIwgc8wHQYDVR0O -BBYEFJWxtPCUtr3H2tERCSG+wa9J/RB7MAsGA1UdDwQEAwIBBjAPBgNVHRMBAf8E -BTADAQH/MIGPBgNVHSMEgYcwgYSAFJWxtPCUtr3H2tERCSG+wa9J/RB7oWmkZzBl -MQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFk -ZFRydXN0IFRUUCBOZXR3b3JrMSEwHwYDVQQDExhBZGRUcnVzdCBDbGFzcyAxIENB -IFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBACxtZBsfzQ3duQH6lmM0MkhHma6X -7f1yFqZzR1r0693p9db7RcwpiURdv0Y5PejuvE1Uhh4dbOMXJ0PhiVYrqW9yTkkz -43J8KiOavD7/KCrto/8cI7pDVwlnTUtiBi34/2ydYB7YHEt9tTEv2dB8Xfjea4MY -eDdXL+gzB2ffHsdrKpV2ro9Xo/D0UrSpUwjP4E/TelOL/bscVjby/rK25Xa71SJl -pz/+0WatC7xrmYbvP33zGDLKe8bjq2RGlfgmadlVg3sslgf/WSxEo8bl6ancoWOA -WiFeIc9TVPC6b4nbqKqVz4vjccweGyBECMB6tkD9xOQ14R0WHNC8K47Wcdk= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDTDCCAjSgAwIBAgIId3cGJyapsXwwDQYJKoZIhvcNAQELBQAwRDELMAkGA1UE -BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVz -dCBDb21tZXJjaWFsMB4XDTEwMDEyOTE0MDYwNloXDTMwMTIzMTE0MDYwNlowRDEL -MAkGA1UEBhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZp -cm1UcnVzdCBDb21tZXJjaWFsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC -AQEA9htPZwcroRX1BiLLHwGy43NFBkRJLLtJJRTWzsO3qyxPxkEylFf6EqdbDuKP -Hx6GGaeqtS25Xw2Kwq+FNXkyLbscYjfysVtKPcrNcV/pQr6U6Mje+SJIZMblq8Yr -ba0F8PrVC8+a5fBQpIs7R6UjW3p6+DM/uO+Zl+MgwdYoic+U+7lF7eNAFxHUdPAL -MeIrJmqbTFeurCA+ukV6BfO9m2kVrn1OIGPENXY6BwLJN/3HR+7o8XYdcxXyl6S1 -yHp52UKqK39c/s4mT6NmgTWvRLpUHhwwMmWd5jyTXlBOeuM61G7MGvv50jeuJCqr -VwMiKA1JdX+3KNp1v47j3A55MQIDAQABo0IwQDAdBgNVHQ4EFgQUnZPGU4teyq8/ -nx4P5ZmVvCT2lI8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwDQYJ -KoZIhvcNAQELBQADggEBAFis9AQOzcAN/wr91LoWXym9e2iZWEnStB03TX8nfUYG -XUPGhi4+c7ImfU+TqbbEKpqrIZcUsd6M06uJFdhrJNTxFq7YpFzUf1GO7RgBsZNj -vbz4YYCanrHOQnDiqX0GJX0nof5v7LMeJNrjS1UaADs1tDvZ110w/YETifLCBivt -Z8SOyUOyXGsViQK8YvxO8rUzqrJv0wqiUOP2O+guRMLbZjipM1ZI8W0bM40NjD9g -N53Tym1+NH4Nn3J2ixufcv1SNUFFApYvHLKac0khsUlHRUe072o0EclNmsxZt9YC -nlpOZbWUrhvfKbAW8b8Angc6F2S1BLUjIZkKlTuXfO8= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDTDCCAjSgAwIBAgIIfE8EORzUmS0wDQYJKoZIhvcNAQEFBQAwRDELMAkGA1UE -BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVz -dCBOZXR3b3JraW5nMB4XDTEwMDEyOTE0MDgyNFoXDTMwMTIzMTE0MDgyNFowRDEL -MAkGA1UEBhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZp -cm1UcnVzdCBOZXR3b3JraW5nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC -AQEAtITMMxcua5Rsa2FSoOujz3mUTOWUgJnLVWREZY9nZOIG41w3SfYvm4SEHi3y -YJ0wTsyEheIszx6e/jarM3c1RNg1lho9Nuh6DtjVR6FqaYvZ/Ls6rnla1fTWcbua -kCNrmreIdIcMHl+5ni36q1Mr3Lt2PpNMCAiMHqIjHNRqrSK6mQEubWXLviRmVSRL -QESxG9fhwoXA3hA/Pe24/PHxI1Pcv2WXb9n5QHGNfb2V1M6+oF4nI979ptAmDgAp -6zxG8D1gvz9Q0twmQVGeFDdCBKNwV6gbh+0t+nvujArjqWaJGctB+d1ENmHP4ndG -yH329JKBNv3bNPFyfvMMFr20FQIDAQABo0IwQDAdBgNVHQ4EFgQUBx/S55zawm6i -QLSwelAQUHTEyL0wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwDQYJ -KoZIhvcNAQEFBQADggEBAIlXshZ6qML91tmbmzTCnLQyFE2npN/svqe++EPbkTfO -tDIuUFUaNU52Q3Eg75N3ThVwLofDwR1t3Mu1J9QsVtFSUzpE0nPIxBsFZVpikpzu -QY0x2+c06lkh1QF612S4ZDnNye2v7UsDSKegmQGA3GWjNq5lWUhPgkvIZfFXHeVZ -Lgo/bNjR9eUJtGxUAArgFU2HdW23WJZa3W3SAKD0m0i+wzekujbgfIeFlxoVot4u -olu9rxj5kFDNcFn4J2dHy8egBzp90SxdbBk6ZrV9/ZFvgrG+CJPbFEfxojfHRZ48 -x3evZKiT3/Zpg4Jg8klCNO1aAFSFHBY2kgxc+qatv9s= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFRjCCAy6gAwIBAgIIbYwURrGmCu4wDQYJKoZIhvcNAQEMBQAwQTELMAkGA1UE -BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MRwwGgYDVQQDDBNBZmZpcm1UcnVz -dCBQcmVtaXVtMB4XDTEwMDEyOTE0MTAzNloXDTQwMTIzMTE0MTAzNlowQTELMAkG -A1UEBhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MRwwGgYDVQQDDBNBZmZpcm1U -cnVzdCBQcmVtaXVtMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxBLf -qV/+Qd3d9Z+K4/as4Tx4mrzY8H96oDMq3I0gW64tb+eT2TZwamjPjlGjhVtnBKAQ -JG9dKILBl1fYSCkTtuG+kU3fhQxTGJoeJKJPj/CihQvL9Cl/0qRY7iZNyaqoe5rZ -+jjeRFcV5fiMyNlI4g0WJx0eyIOFJbe6qlVBzAMiSy2RjYvmia9mx+n/K+k8rNrS -s8PhaJyJ+HoAVt70VZVs+7pk3WKL3wt3MutizCaam7uqYoNMtAZ6MMgpv+0GTZe5 -HMQxK9VfvFMSF5yZVylmd2EhMQcuJUmdGPLu8ytxjLW6OQdJd/zvLpKQBY0tL3d7 -70O/Nbua2Plzpyzy0FfuKE4mX4+QaAkvuPjcBukumj5Rp9EixAqnOEhss/n/fauG -V+O61oV4d7pD6kh/9ti+I20ev9E2bFhc8e6kGVQa9QPSdubhjL08s9NIS+LI+H+S -qHZGnEJlPqQewQcDWkYtuJfzt9WyVSHvutxMAJf7FJUnM7/oQ0dG0giZFmA7mn7S -5u046uwBHjxIVkkJx0w3AJ6IDsBz4W9m6XJHMD4Q5QsDyZpCAGzFlH5hxIrff4Ia -C1nEWTJ3s7xgaVY5/bQGeyzWZDbZvUjthB9+pSKPKrhC9IK31FOQeE4tGv2Bb0TX -OwF0lkLgAOIua+rF7nKsu7/+6qqo+Nz2snmKtmcCAwEAAaNCMEAwHQYDVR0OBBYE -FJ3AZ6YMItkm9UWrpmVSESfYRaxjMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/ -BAQDAgEGMA0GCSqGSIb3DQEBDAUAA4ICAQCzV00QYk465KzquByvMiPIs0laUZx2 -KI15qldGF9X1Uva3ROgIRL8YhNILgM3FEv0AVQVhh0HctSSePMTYyPtwni94loMg -Nt58D2kTiKV1NpgIpsbfrM7jWNa3Pt668+s0QNiigfV4Py/VpfzZotReBA4Xrf5B -8OWycvpEgjNC6C1Y91aMYj+6QrCcDFx+LmUmXFNPALJ4fqENmS2NuB2OosSw/WDQ -MKSOyARiqcTtNd56l+0OOF6SL5Nwpamcb6d9Ex1+xghIsV5n61EIJenmJWtSKZGc -0jlzCFfemQa0W50QBuHCAKi4HEoCChTQwUHK+4w1IX2COPKpVJEZNZOUbWo6xbLQ -u4mGk+ibyQ86p3q4ofB4Rvr8Ny/lioTz3/4E2aFooC8k4gmVBtWVyuEklut89pMF -u+1z6S3RdTnX5yTb2E5fQ4+e0BQ5v1VwSJlXMbSc7kqYA5YwH2AG7hsj/oFgIxpH -YoWlzBk0gG+zrBrjn/B7SK3VAdlntqlyk+otZrWyuOQ9PLLvTIzq6we/qzWaVYa8 -GKa1qF60g2xraUDTn9zxw2lrueFtCfTxqlB2Cnp9ehehVZZCmTEJ3WARjQUwfuaO -RtGdFNrHF+QFlozEJLUbzxQHskD4o55BhrwE0GuWyCqANP2/7waj3VjFhT0+j/6e -KeC2uAloGRwYQw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB/jCCAYWgAwIBAgIIdJclisc/elQwCgYIKoZIzj0EAwMwRTELMAkGA1UEBhMC -VVMxFDASBgNVBAoMC0FmZmlybVRydXN0MSAwHgYDVQQDDBdBZmZpcm1UcnVzdCBQ -cmVtaXVtIEVDQzAeFw0xMDAxMjkxNDIwMjRaFw00MDEyMzExNDIwMjRaMEUxCzAJ -BgNVBAYTAlVTMRQwEgYDVQQKDAtBZmZpcm1UcnVzdDEgMB4GA1UEAwwXQWZmaXJt -VHJ1c3QgUHJlbWl1bSBFQ0MwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQNMF4bFZ0D -0KF5Nbc6PJJ6yhUczWLznCZcBz3lVPqj1swS6vQUX+iOGasvLkjmrBhDeKzQN8O9 -ss0s5kfiGuZjuD0uL3jET9v0D6RoTFVya5UdThhClXjMNzyR4ptlKymjQjBAMB0G -A1UdDgQWBBSaryl6wBE1NSZRMADDav5A1a7WPDAPBgNVHRMBAf8EBTADAQH/MA4G -A1UdDwEB/wQEAwIBBjAKBggqhkjOPQQDAwNnADBkAjAXCfOHiFBar8jAQr9HX/Vs -aobgxCd05DhT1wV/GzTjxi+zygk8N53X57hG8f2h4nECMEJZh0PUUd+60wkyWs6I -flc9nF9Ca/UHLbXwgpP5WW+uZPpY5Yse42O+tYHNbwKMeQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDQTCCAimgAwIBAgITBmyfz5m/jAo54vB4ikPmljZbyjANBgkqhkiG9w0BAQsF -ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6 -b24gUm9vdCBDQSAxMB4XDTE1MDUyNjAwMDAwMFoXDTM4MDExNzAwMDAwMFowOTEL -MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv -b3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALJ4gHHKeNXj -ca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgHFzZM -9O6II8c+6zf1tRn4SWiw3te5djgdYZ6k/oI2peVKVuRF4fn9tBb6dNqcmzU5L/qw -IFAGbHrQgLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6 -VOujw5H5SNz/0egwLX0tdHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L -93FcXmn/6pUCyziKrlA4b9v7LWIbxcceVOF34GfID5yHI9Y/QCB/IIDEgEw+OyQm -jgSubJrIqg0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC -AYYwHQYDVR0OBBYEFIQYzIU07LwMlJQuCFmcx7IQTgoIMA0GCSqGSIb3DQEBCwUA -A4IBAQCY8jdaQZChGsV2USggNiMOruYou6r4lK5IpDB/G/wkjUu0yKGX9rbxenDI -U5PMCCjjmCXPI6T53iHTfIUJrU6adTrCC2qJeHZERxhlbI1Bjjt/msv0tadQ1wUs -N+gDS63pYaACbvXy8MWy7Vu33PqUXHeeE6V/Uq2V8viTO96LXFvKWlJbYK8U90vv -o/ufQJVtMVT8QtPHRh8jrdkPSHCa2XV4cdFyQzR1bldZwgJcJmApzyMZFo6IQ6XU -5MsI+yMRQ+hDKXJioaldXgjUkK642M4UwtBV8ob2xJNDd2ZhwLnoQdeXeGADbkpy -rqXRfboQnoZsG4q5WTP468SQvvG5 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFQTCCAymgAwIBAgITBmyf0pY1hp8KD+WGePhbJruKNzANBgkqhkiG9w0BAQwF -ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6 -b24gUm9vdCBDQSAyMB4XDTE1MDUyNjAwMDAwMFoXDTQwMDUyNjAwMDAwMFowOTEL -MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv -b3QgQ0EgMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK2Wny2cSkxK -gXlRmeyKy2tgURO8TW0G/LAIjd0ZEGrHJgw12MBvIITplLGbhQPDW9tK6Mj4kHbZ -W0/jTOgGNk3Mmqw9DJArktQGGWCsN0R5hYGCrVo34A3MnaZMUnbqQ523BNFQ9lXg -1dKmSYXpN+nKfq5clU1Imj+uIFptiJXZNLhSGkOQsL9sBbm2eLfq0OQ6PBJTYv9K -8nu+NQWpEjTj82R0Yiw9AElaKP4yRLuH3WUnAnE72kr3H9rN9yFVkE8P7K6C4Z9r -2UXTu/Bfh+08LDmG2j/e7HJV63mjrdvdfLC6HM783k81ds8P+HgfajZRRidhW+me -z/CiVX18JYpvL7TFz4QuK/0NURBs+18bvBt+xa47mAExkv8LV/SasrlX6avvDXbR -8O70zoan4G7ptGmh32n2M8ZpLpcTnqWHsFcQgTfJU7O7f/aS0ZzQGPSSbtqDT6Zj -mUyl+17vIWR6IF9sZIUVyzfpYgwLKhbcAS4y2j5L9Z469hdAlO+ekQiG+r5jqFoz -7Mt0Q5X5bGlSNscpb/xVA1wf+5+9R+vnSUeVC06JIglJ4PVhHvG/LopyboBZ/1c6 -+XUyo05f7O0oYtlNc/LMgRdg7c3r3NunysV+Ar3yVAhU/bQtCSwXVEqY0VThUWcI -0u1ufm8/0i2BWSlmy5A5lREedCf+3euvAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMB -Af8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBSwDPBMMPQFWAJI/TPlUq9LhONm -UjANBgkqhkiG9w0BAQwFAAOCAgEAqqiAjw54o+Ci1M3m9Zh6O+oAA7CXDpO8Wqj2 -LIxyh6mx/H9z/WNxeKWHWc8w4Q0QshNabYL1auaAn6AFC2jkR2vHat+2/XcycuUY -+gn0oJMsXdKMdYV2ZZAMA3m3MSNjrXiDCYZohMr/+c8mmpJ5581LxedhpxfL86kS -k5Nrp+gvU5LEYFiwzAJRGFuFjWJZY7attN6a+yb3ACfAXVU3dJnJUH/jWS5E4ywl -7uxMMne0nxrpS10gxdr9HIcWxkPo1LsmmkVwXqkLN1PiRnsn/eBG8om3zEK2yygm -btmlyTrIQRNg91CMFa6ybRoVGld45pIq2WWQgj9sAq+uEjonljYE1x2igGOpm/Hl -urR8FLBOybEfdF849lHqm/osohHUqS0nGkWxr7JOcQ3AWEbWaQbLU8uz/mtBzUF+ -fUwPfHJ5elnNXkoOrJupmHN5fLT0zLm4BwyydFy4x2+IoZCn9Kr5v2c69BoVYh63 -n749sSmvZ6ES8lgQGVMDMBu4Gon2nL2XA46jCfMdiyHxtN/kHNGfZQIG6lzWE7OE -76KlXIx3KadowGuuQNKotOrN8I1LOJwZmhsoVLiJkO/KdYE+HvJkJMcYr07/R54H -9jVlpNMKVv/1F2Rs76giJUmTtt8AF9pYfl3uxRuw0dFfIRDH+fO6AgonB8Xx1sfT -4PsJYGw= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIBtjCCAVugAwIBAgITBmyf1XSXNmY/Owua2eiedgPySjAKBggqhkjOPQQDAjA5 -MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24g -Um9vdCBDQSAzMB4XDTE1MDUyNjAwMDAwMFoXDTQwMDUyNjAwMDAwMFowOTELMAkG -A1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJvb3Qg -Q0EgMzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABCmXp8ZBf8ANm+gBG1bG8lKl -ui2yEujSLtf6ycXYqm0fc4E7O5hrOXwzpcVOho6AF2hiRVd9RFgdszflZwjrZt6j -QjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBSr -ttvXBp43rDCGB5Fwx5zEGbF4wDAKBggqhkjOPQQDAgNJADBGAiEA4IWSoxe3jfkr -BqWTrBqYaGFy+uGh0PsceGCmQ5nFuMQCIQCcAu/xlJyzlvnrxir4tiz+OpAUFteM -YyRIHN8wfdVoOw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB8jCCAXigAwIBAgITBmyf18G7EEwpQ+Vxe3ssyBrBDjAKBggqhkjOPQQDAzA5 -MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24g -Um9vdCBDQSA0MB4XDTE1MDUyNjAwMDAwMFoXDTQwMDUyNjAwMDAwMFowOTELMAkG -A1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJvb3Qg -Q0EgNDB2MBAGByqGSM49AgEGBSuBBAAiA2IABNKrijdPo1MN/sGKe0uoe0ZLY7Bi -9i0b2whxIdIA6GO9mif78DluXeo9pcmBqqNbIJhFXRbb/egQbeOc4OO9X4Ri83Bk -M6DLJC9wuoihKqB1+IGuYgbEgds5bimwHvouXKNCMEAwDwYDVR0TAQH/BAUwAwEB -/zAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0OBBYEFNPsxzplbszh2naaVvuc84ZtV+WB -MAoGCCqGSM49BAMDA2gAMGUCMDqLIfG9fhGt0O9Yli/W651+kI0rz2ZVwyzjKKlw -CkcO8DdZEv8tmZQoTipPNU0zWgIxAOp1AE47xDqUEpHJWEadIRNyp4iciuRMStuW -1KyLa2tJElMzrdfkviT8tQp21KW8EA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDdzCCAl+gAwIBAgIIXDPLYixfszIwDQYJKoZIhvcNAQELBQAwPDEeMBwGA1UE -AwwVQXRvcyBUcnVzdGVkUm9vdCAyMDExMQ0wCwYDVQQKDARBdG9zMQswCQYDVQQG -EwJERTAeFw0xMTA3MDcxNDU4MzBaFw0zMDEyMzEyMzU5NTlaMDwxHjAcBgNVBAMM -FUF0b3MgVHJ1c3RlZFJvb3QgMjAxMTENMAsGA1UECgwEQXRvczELMAkGA1UEBhMC -REUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVhTuXbyo7LjvPpvMp -Nb7PGKw+qtn4TaA+Gke5vJrf8v7MPkfoepbCJI419KkM/IL9bcFyYie96mvr54rM -VD6QUM+A1JX76LWC1BTFtqlVJVfbsVD2sGBkWXppzwO3bw2+yj5vdHLqqjAqc2K+ -SZFhyBH+DgMq92og3AIVDV4VavzjgsG1xZ1kCWyjWZgHJ8cblithdHFsQ/H3NYkQ -4J7sVaE3IqKHBAUsR320HLliKWYoyrfhk/WklAOZuXCFteZI6o1Q/NnezG8HDt0L -cp2AMBYHlT8oDv3FdU9T1nSatCQujgKRz3bFmx5VdJx4IbHwLfELn8LVlhgf8FQi -eowHAgMBAAGjfTB7MB0GA1UdDgQWBBSnpQaxLKYJYO7Rl+lwrrw7GWzbITAPBgNV -HRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFKelBrEspglg7tGX6XCuvDsZbNshMBgG -A1UdIAQRMA8wDQYLKwYBBAGwLQMEAQEwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3 -DQEBCwUAA4IBAQAmdzTblEiGKkGdLD4GkGDEjKwLVLgfuXvTBznk+j57sj1O7Z8j -vZfza1zv7v1Apt+hk6EKhqzvINB5Ab149xnYJDE0BAGmuhWawyfc2E8PzBhj/5kP -DpFrdRbhIfzYJsdHt6bPWHJxfrrhTZVHO8mvbaG0weyJ9rQPOLXiZNwlz6bb65pc -maHFCN795trV1lpFDMS3wrUU77QR/w4VtfX128a961qn8FYiqTxlVMYVqL2Gns2D -lmh6cYGJ4Qvh6hEbaAjMaZ7snkGeRDImeuKHCnE96+RapNLbxc3G3mB/ufNPRJLv -KrcYPqcZ2Qt9sTdBQrC6YB3y/gkRsPCHe6ed ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIGFDCCA/ygAwIBAgIIU+w77vuySF8wDQYJKoZIhvcNAQEFBQAwUTELMAkGA1UE -BhMCRVMxQjBABgNVBAMMOUF1dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIEZpcm1h -cHJvZmVzaW9uYWwgQ0lGIEE2MjYzNDA2ODAeFw0wOTA1MjAwODM4MTVaFw0zMDEy -MzEwODM4MTVaMFExCzAJBgNVBAYTAkVTMUIwQAYDVQQDDDlBdXRvcmlkYWQgZGUg -Q2VydGlmaWNhY2lvbiBGaXJtYXByb2Zlc2lvbmFsIENJRiBBNjI2MzQwNjgwggIi -MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDKlmuO6vj78aI14H9M2uDDUtd9 -thDIAl6zQyrET2qyyhxdKJp4ERppWVevtSBC5IsP5t9bpgOSL/UR5GLXMnE42QQM -cas9UX4PB99jBVzpv5RvwSmCwLTaUbDBPLutN0pcyvFLNg4kq7/DhHf9qFD0sefG -L9ItWY16Ck6WaVICqjaY7Pz6FIMMNx/Jkjd/14Et5cS54D40/mf0PmbR0/RAz15i -NA9wBj4gGFrO93IbJWyTdBSTo3OxDqqHECNZXyAFGUftaI6SEspd/NYrspI8IM/h -X68gvqB2f3bl7BqGYTM+53u0P6APjqK5am+5hyZvQWyIplD9amML9ZMWGxmPsu2b -m8mQ9QEM3xk9Dz44I8kvjwzRAv4bVdZO0I08r0+k8/6vKtMFnXkIoctXMbScyJCy -Z/QYFpM6/EfY0XiWMR+6KwxfXZmtY4laJCB22N/9q06mIqqdXuYnin1oKaPnirja -EbsXLZmdEyRG98Xi2J+Of8ePdG1asuhy9azuJBCtLxTa/y2aRnFHvkLfuwHb9H/T -KI8xWVvTyQKmtFLKbpf7Q8UIJm+K9Lv9nyiqDdVF8xM6HdjAeI9BZzwelGSuewvF -6NkBiDkal4ZkQdU7hwxu+g/GvUgUvzlN1J5Bto+WHWOWk9mVBngxaJ43BjuAiUVh -OSPHG0SjFeUc+JIwuwIDAQABo4HvMIHsMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYD -VR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRlzeurNR4APn7VdMActHNHDhpkLzCBpgYD -VR0gBIGeMIGbMIGYBgRVHSAAMIGPMC8GCCsGAQUFBwIBFiNodHRwOi8vd3d3LmZp -cm1hcHJvZmVzaW9uYWwuY29tL2NwczBcBggrBgEFBQcCAjBQHk4AUABhAHMAZQBv -ACAAZABlACAAbABhACAAQgBvAG4AYQBuAG8AdgBhACAANAA3ACAAQgBhAHIAYwBl -AGwAbwBuAGEAIAAwADgAMAAxADcwDQYJKoZIhvcNAQEFBQADggIBABd9oPm03cXF -661LJLWhAqvdpYhKsg9VSytXjDvlMd3+xDLx51tkljYyGOylMnfX40S2wBEqgLk9 -am58m9Ot/MPWo+ZkKXzR4Tgegiv/J2Wv+xYVxC5xhOW1//qkR71kMrv2JYSiJ0L1 -ILDCExARzRAVukKQKtJE4ZYm6zFIEv0q2skGz3QeqUvVhyj5eTSSPi5E6PaPT481 -PyWzOdxjKpBrIF/EUhJOlywqrJ2X3kjyo2bbwtKDlaZmp54lD+kLM5FlClrD2VQS -3a/DTg4fJl4N3LON7NWBcN7STyQF82xO9UxJZo3R/9ILJUFI/lGExkKvgATP0H5k -SeTy36LssUzAKh3ntLFlosS88Zj0qnAHY7S42jtM+kAiMFsRpvAFDsYCA0irhpuF -3dvd6qJ2gHN99ZwExEWN57kci57q13XRcrHedUTnQn3iV2t93Jm8PYMo6oCTjcVM -ZcFwgbg4/EMxsvYDNEeyrPsiBsse3RdHHF9mudMaotoRsaS8I8nkvof/uZS2+F0g -StRf571oe2XyFR7SOqkt6dhrJKyXWERHrVkY8SFlcN7ONGCoQPHzPKTDKCOM/icz -Q0CgFzzr6juwcqajuUpLXhZI9LK8yIySxZ2frHI2vDSANGupi5LAuBft7HZT9SQB -jLMi6Et8Vcad+qMUu2WFbm5PEn4KPJ2V ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDdzCCAl+gAwIBAgIEAgAAuTANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJ -RTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYD -VQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTAwMDUxMjE4NDYwMFoX -DTI1MDUxMjIzNTkwMFowWjELMAkGA1UEBhMCSUUxEjAQBgNVBAoTCUJhbHRpbW9y -ZTETMBEGA1UECxMKQ3liZXJUcnVzdDEiMCAGA1UEAxMZQmFsdGltb3JlIEN5YmVy -VHJ1c3QgUm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKMEuyKr -mD1X6CZymrV51Cni4eiVgLGw41uOKymaZN+hXe2wCQVt2yguzmKiYv60iNoS6zjr -IZ3AQSsBUnuId9Mcj8e6uYi1agnnc+gRQKfRzMpijS3ljwumUNKoUMMo6vWrJYeK -mpYcqWe4PwzV9/lSEy/CG9VwcPCPwBLKBsua4dnKM3p31vjsufFoREJIE9LAwqSu -XmD+tqYF/LTdB1kC1FkYmGP1pWPgkAx9XbIGevOF6uvUA65ehD5f/xXtabz5OTZy -dc93Uk3zyZAsuT3lySNTPx8kmCFcB5kpvcY67Oduhjprl3RjM71oGDHweI12v/ye -jl0qhqdNkNwnGjkCAwEAAaNFMEMwHQYDVR0OBBYEFOWdWTCCR1jMrPoIVDaGezq1 -BE3wMBIGA1UdEwEB/wQIMAYBAf8CAQMwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3 -DQEBBQUAA4IBAQCFDF2O5G9RaEIFoN27TyclhAO992T9Ldcw46QQF+vaKSm2eT92 -9hkTI7gQCvlYpNRhcL0EYWoSihfVCr3FvDB81ukMJY2GQE/szKN+OMY3EU/t3Wgx -jkzSswF07r51XgdIGn9w/xZchMB5hbgF/X++ZRGjD8ACtPhSNzkE1akxehi/oCr0 -Epn3o0WC4zxe9Z2etciefC7IpJ5OCBRLbf1wbWsaY71k5h+3zvDyny67G7fyUIhz -ksLi4xaNmjICq44Y3ekQEe5+NauQrz4wlHrQMz2nZQ/1/I6eYs9HRCwBXbsdtTLS -R9I4LtD+gdwyah617jzV/OeBHRnDJELqYzmp ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFWTCCA0GgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJOTzEd -MBsGA1UECgwUQnV5cGFzcyBBUy05ODMxNjMzMjcxIDAeBgNVBAMMF0J1eXBhc3Mg -Q2xhc3MgMiBSb290IENBMB4XDTEwMTAyNjA4MzgwM1oXDTQwMTAyNjA4MzgwM1ow -TjELMAkGA1UEBhMCTk8xHTAbBgNVBAoMFEJ1eXBhc3MgQVMtOTgzMTYzMzI3MSAw -HgYDVQQDDBdCdXlwYXNzIENsYXNzIDIgUm9vdCBDQTCCAiIwDQYJKoZIhvcNAQEB -BQADggIPADCCAgoCggIBANfHXvfBB9R3+0Mh9PT1aeTuMgHbo4Yf5FkNuud1g1Lr -6hxhFUi7HQfKjK6w3Jad6sNgkoaCKHOcVgb/S2TwDCo3SbXlzwx87vFKu3MwZfPV -L4O2fuPn9Z6rYPnT8Z2SdIrkHJasW4DptfQxh6NR/Md+oW+OU3fUl8FVM5I+GC91 -1K2GScuVr1QGbNgGE41b/+EmGVnAJLqBcXmQRFBoJJRfuLMR8SlBYaNByyM21cHx -MlAQTn/0hpPshNOOvEu/XAFOBz3cFIqUCqTqc/sLUegTBxj6DvEr0VQVfTzh97QZ -QmdiXnfgolXsttlpF9U6r0TtSsWe5HonfOV116rLJeffawrbD02TTqigzXsu8lkB -arcNuAeBfos4GzjmCleZPe4h6KP1DBbdi+w0jpwqHAAVF41og9JwnxgIzRFo1clr -Us3ERo/ctfPYV3Me6ZQ5BL/T3jjetFPsaRyifsSP5BtwrfKi+fv3FmRmaZ9JUaLi -FRhnBkp/1Wy1TbMz4GHrXb7pmA8y1x1LPC5aAVKRCfLf6o3YBkBjqhHk/sM3nhRS -P/TizPJhk9H9Z2vXUq6/aKtAQ6BXNVN48FP4YUIHZMbXb5tMOA1jrGKvNouicwoN -9SG9dKpN6nIDSdvHXx1iY8f93ZHsM+71bbRuMGjeyNYmsHVee7QHIJihdjK4TWxP -AgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFMmAd+BikoL1Rpzz -uvdMw964o605MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEAU18h -9bqwOlI5LJKwbADJ784g7wbylp7ppHR/ehb8t/W2+xUbP6umwHJdELFx7rxP462s -A20ucS6vxOOto70MEae0/0qyexAQH6dXQbLArvQsWdZHEIjzIVEpMMpghq9Gqx3t -OluwlN5E40EIosHsHdb9T7bWR9AUC8rmyrV7d35BH16Dx7aMOZawP5aBQW9gkOLo -+fsicdl9sz1Gv7SEr5AcD48Saq/v7h56rgJKihcrdv6sVIkkLE8/trKnToyokZf7 -KcZ7XC25y2a2t6hbElGFtQl+Ynhw/qlqYLYdDnkM/crqJIByw5c/8nerQyIKx+u2 -DISCLIBrQYoIwOula9+ZEsuK1V6ADJHgJgg2SMX6OBE1/yWDLfJ6v9r9jv6ly0Us -H8SIU653DtmadsWOLB2jutXsMq7Aqqz30XpN69QH4kj3Io6wpJ9qzo6ysmD0oyLQ -I+uUWnpp3Q+/QFesa1lQ2aOZ4W7+jQF5JyMV3pKdewlNWudLSDBaGOYKbeaP4NK7 -5t98biGCwWg5TbSYWGZizEqQXsP6JwSxeRV0mcy+rSDeJmAc61ZRpqPq5KM/p/9h -3PFaTWwyI0PurKju7koSCTxdccK+efrCh2gdC/1cacwG0Jp9VJkqyTkaGa9LKkPz -Y11aWOIv4x3kqdbQCtCev9eBCfHJxyYNrJgWVqA= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFWTCCA0GgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJOTzEd -MBsGA1UECgwUQnV5cGFzcyBBUy05ODMxNjMzMjcxIDAeBgNVBAMMF0J1eXBhc3Mg -Q2xhc3MgMyBSb290IENBMB4XDTEwMTAyNjA4Mjg1OFoXDTQwMTAyNjA4Mjg1OFow -TjELMAkGA1UEBhMCTk8xHTAbBgNVBAoMFEJ1eXBhc3MgQVMtOTgzMTYzMzI3MSAw -HgYDVQQDDBdCdXlwYXNzIENsYXNzIDMgUm9vdCBDQTCCAiIwDQYJKoZIhvcNAQEB -BQADggIPADCCAgoCggIBAKXaCpUWUOOV8l6ddjEGMnqb8RB2uACatVI2zSRHsJ8Y -ZLya9vrVediQYkwiL944PdbgqOkcLNt4EemOaFEVcsfzM4fkoF0LXOBXByow9c3E -N3coTRiR5r/VUv1xLXA+58bEiuPwKAv0dpihi4dVsjoT/Lc+JzeOIuOoTyrvYLs9 -tznDDgFHmV0ST9tD+leh7fmdvhFHJlsTmKtdFoqwNxxXnUX/iJY2v7vKB3tvh2PX -0DJq1l1sDPGzbjniazEuOQAnFN44wOwZZoYS6J1yFhNkUsepNxz9gjDthBgd9K5c -/3ATAOux9TN6S9ZV+AWNS2mw9bMoNlwUxFFzTWsL8TQH2xc519woe2v1n/MuwU8X -KhDzzMro6/1rqy6any2CbgTUUgGTLT2G/H783+9CHaZr77kgxve9oKeV/afmiSTY -zIw0bOIjL9kSGiG5VZFvC5F5GQytQIgLcOJ60g7YaEi7ghM5EFjp2CoHxhLbWNvS -O1UQRwUVZ2J+GGOmRj8JDlQyXr8NYnon74Do29lLBlo3WiXQCBJ31G8JUJc9yB3D -34xFMFbG02SrZvPAXpacw8Tvw3xrizp5f7NJzz3iiZ+gMEuFuZyUJHmPfWupRWgP -K9Dx2hzLabjKSWJtyNBjYt1gD1iqj6G8BaVmos8bdrKEZLFMOVLAMLrwjEsCsLa3 -AgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFEe4zf/lb+74suwv -Tg75JbCOPGvDMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEAACAj -QTUEkMJAYmDv4jVM1z+s4jSQuKFvdvoWFqRINyzpkMLyPPgKn9iB5btb2iUspKdV -cSQy9sgL8rxq+JOssgfCX5/bzMiKqr5qb+FJEMwx14C7u8jYog5kV+qi9cKpMRXS -IGrs/CIBKM+GuIAeqcwRpTzyFrNHnfzSgCHEy9BHcEGhyoMZCCxt8l13nIoUE9Q2 -HJLw5QY33KbmkJs4j1xrG0aGQ0JfPgEHU1RdZX33inOhmlRaHylDFCfChQ+1iHsa -O5S3HWCntZznKWlXWpuTekMwGwPXYshApqr8ZORK15FTAaggiG6cX0S5y2CBNOxv -033aSF/rtJC8LakcC6wc1aJoIIAE1vyxjy+7SjENSoYc6+I2KSb12tjE8nVhz36u -dmNKekBlk4f4HoCMhuWG1o8O/FMsYOgWYRqiPkN7zTlgVGr18okmAWiDSKIz6MkE -kbIRNBE+6tBDGR8Dk5AM/1E9V/RBbuHLoL7ryWPNbczk+DaqaJ3tvV2XcEQNtg41 -3OEMXbugUZTLfhbrES+jkkXITHHZvMmZUldGL1DPvTVp9D0VzgalLA8+9oG6lLvD -u79leNKGef9JOxqDDPDeeOzI8k1MGt6CKfjBWtrt7uYnXuhF0J0cUahoq0Tj0Itq -4/g7u9xN12TyUb7mqqta6THuBrxzvxNiCp/HuZc= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFaTCCA1GgAwIBAgIJAJK4iNuwisFjMA0GCSqGSIb3DQEBCwUAMFIxCzAJBgNV -BAYTAlNLMRMwEQYDVQQHEwpCcmF0aXNsYXZhMRMwEQYDVQQKEwpEaXNpZyBhLnMu -MRkwFwYDVQQDExBDQSBEaXNpZyBSb290IFIyMB4XDTEyMDcxOTA5MTUzMFoXDTQy -MDcxOTA5MTUzMFowUjELMAkGA1UEBhMCU0sxEzARBgNVBAcTCkJyYXRpc2xhdmEx -EzARBgNVBAoTCkRpc2lnIGEucy4xGTAXBgNVBAMTEENBIERpc2lnIFJvb3QgUjIw -ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCio8QACdaFXS1tFPbCw3Oe -NcJxVX6B+6tGUODBfEl45qt5WDza/3wcn9iXAng+a0EE6UG9vgMsRfYvZNSrXaNH -PWSb6WiaxswbP7q+sos0Ai6YVRn8jG+qX9pMzk0DIaPY0jSTVpbLTAwAFjxfGs3I -x2ymrdMxp7zo5eFm1tL7A7RBZckQrg4FY8aAamkw/dLukO8NJ9+flXP04SXabBbe -QTg06ov80egEFGEtQX6sx3dOy1FU+16SGBsEWmjGycT6txOgmLcRK7fWV8x8nhfR -yyX+hk4kLlYMeE2eARKmK6cBZW58Yh2EhN/qwGu1pSqVg8NTEQxzHQuyRpDRQjrO -QG6Vrf/GlK1ul4SOfW+eioANSW1z4nuSHsPzwfPrLgVv2RvPN3YEyLRa5Beny912 -H9AZdugsBbPWnDTYltxhh5EF5EQIM8HauQhl1K6yNg3ruji6DOWbnuuNZt2Zz9aJ -QfYEkoopKW1rOhzndX0CcQ7zwOe9yxndnWCywmZgtrEE7snmhrmaZkCo5xHtgUUD -i/ZnWejBBhG93c+AAk9lQHhcR1DIm+YfgXvkRKhbhZri3lrVx/k6RGZL5DJUfORs -nLMOPReisjQS1n6yqEm70XooQL6iFh/f5DcfEXP7kAplQ6INfPgGAVUzfbANuPT1 -rqVCV3w2EYx7XsQDnYx5nQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud -DwEB/wQEAwIBBjAdBgNVHQ4EFgQUtZn4r7CU9eMg1gqtzk5WpC5uQu0wDQYJKoZI -hvcNAQELBQADggIBACYGXnDnZTPIgm7ZnBc6G3pmsgH2eDtpXi/q/075KMOYKmFM -tCQSin1tERT3nLXK5ryeJ45MGcipvXrA1zYObYVybqjGom32+nNjf7xueQgcnYqf -GopTpti72TVVsRHFqQOzVju5hJMiXn7B9hJSi+osZ7z+Nkz1uM/Rs0mSO9MpDpkb -lvdhuDvEK7Z4bLQjb/D907JedR+Zlais9trhxTF7+9FGs9K8Z7RiVLoJ92Owk6Ka -+elSLotgEqv89WBW7xBci8QaQtyDW2QOy7W81k/BfDxujRNt+3vrMNDcTa/F1bal -TFtxyegxvug4BkihGuLq0t4SOVga/4AOgnXmt8kHbA7v/zjxmHHEt38OFdAlab0i -nSvtBfZGR6ztwPDUO+Ls7pZbkBNOHlY667DvlruWIxG68kOGdGSVyCh13x01utI3 -gzhTODY7z2zp+WsO0PsE6E9312UBeIYMej4hYvF/Y3EMyZ9E26gnonW+boE+18Dr -G5gPcFw0sorMwIUY6256s/daoQe/qUKS82Ail+QUoQebTnbAjn39pCXHR+3/H3Os -zMOl6W8KjptlwlCFtaOgUxLMVYdh84GuEEZhvUQhuMI9dM9+JDX6HAcOmz0iyu8x -L4ysEr3vQCj8KWefshNPZiTEUxnpHikV7+ZtsH8tZ/3zbBt1RqPlShfppNcL ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFjTCCA3WgAwIBAgIEGErM1jANBgkqhkiG9w0BAQsFADBWMQswCQYDVQQGEwJD -TjEwMC4GA1UECgwnQ2hpbmEgRmluYW5jaWFsIENlcnRpZmljYXRpb24gQXV0aG9y -aXR5MRUwEwYDVQQDDAxDRkNBIEVWIFJPT1QwHhcNMTIwODA4MDMwNzAxWhcNMjkx -MjMxMDMwNzAxWjBWMQswCQYDVQQGEwJDTjEwMC4GA1UECgwnQ2hpbmEgRmluYW5j -aWFsIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRUwEwYDVQQDDAxDRkNBIEVWIFJP -T1QwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDXXWvNED8fBVnVBU03 -sQ7smCuOFR36k0sXgiFxEFLXUWRwFsJVaU2OFW2fvwwbwuCjZ9YMrM8irq93VCpL -TIpTUnrD7i7es3ElweldPe6hL6P3KjzJIx1qqx2hp/Hz7KDVRM8Vz3IvHWOX6Jn5 -/ZOkVIBMUtRSqy5J35DNuF++P96hyk0g1CXohClTt7GIH//62pCfCqktQT+x8Rgp -7hZZLDRJGqgG16iI0gNyejLi6mhNbiyWZXvKWfry4t3uMCz7zEasxGPrb382KzRz -EpR/38wmnvFyXVBlWY9ps4deMm/DGIq1lY+wejfeWkU7xzbh72fROdOXW3NiGUgt -hxwG+3SYIElz8AXSG7Ggo7cbcNOIabla1jj0Ytwli3i/+Oh+uFzJlU9fpy25IGvP -a931DfSCt/SyZi4QKPaXWnuWFo8BGS1sbn85WAZkgwGDg8NNkt0yxoekN+kWzqot -aK8KgWU6cMGbrU1tVMoqLUuFG7OA5nBFDWteNfB/O7ic5ARwiRIlk9oKmSJgamNg -TnYGmE69g60dWIolhdLHZR4tjsbftsbhf4oEIRUpdPA+nJCdDC7xij5aqgwJHsfV -PKPtl8MeNPo4+QgO48BdK4PRVmrJtqhUUy54Mmc9gn900PvhtgVguXDbjgv5E1hv -cWAQUhC5wUEJ73IfZzF4/5YFjQIDAQABo2MwYTAfBgNVHSMEGDAWgBTj/i39KNAL -tbq2osS/BqoFjJP7LzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAd -BgNVHQ4EFgQU4/4t/SjQC7W6tqLEvwaqBYyT+y8wDQYJKoZIhvcNAQELBQADggIB -ACXGumvrh8vegjmWPfBEp2uEcwPenStPuiB/vHiyz5ewG5zz13ku9Ui20vsXiObT -ej/tUxPQ4i9qecsAIyjmHjdXNYmEwnZPNDatZ8POQQaIxffu2Bq41gt/UP+TqhdL -jOztUmCypAbqTuv0axn96/Ua4CUqmtzHQTb3yHQFhDmVOdYLO6Qn+gjYXB74BGBS -ESgoA//vU2YApUo0FmZ8/Qmkrp5nGm9BC2sGE5uPhnEFtC+NiWYzKXZUmhH4J/qy -P5Hgzg0b8zAarb8iXRvTvyUFTeGSGn+ZnzxEk8rUQElsgIfXBDrDMlI1Dlb4pd19 -xIsNER9Tyx6yF7Zod1rg1MvIB671Oi6ON7fQAUtDKXeMOZePglr4UeWJoBjnaH9d -Ci77o0cOPaYjesYBx4/IXr9tgFa+iiS6M+qf4TIRnvHST4D2G0CvOJ4RUHlzEhLN -5mydLIhyPDCBBpEi6lmt2hkuIsKNuYyH4Ga8cyNfIWRjgEj1oDwYPZTISEEdQLpe -/v5WOaHIz16eGWRGENoXkbcFgKyLmZJ956LYBws2J+dIeWCKw9cTXPhyQN9Ky8+Z -AAoACxGV2lZFA4gKn2fQ1XmxqI1AbQ3CekD6819kR5LLU7m7Wc5P/dAVUwHY3+vZ -5nbv0CO7O6l5s9UCKc2Jo5YPSjXnTkLAdc0Hz+Ys63su ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEHTCCAwWgAwIBAgIQToEtioJl4AsC7j41AkblPTANBgkqhkiG9w0BAQUFADCB -gTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G -A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxJzAlBgNV -BAMTHkNPTU9ETyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNjEyMDEwMDAw -MDBaFw0yOTEyMzEyMzU5NTlaMIGBMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3Jl -YXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFDT01P -RE8gQ0EgTGltaXRlZDEnMCUGA1UEAxMeQ09NT0RPIENlcnRpZmljYXRpb24gQXV0 -aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ECLi3LjkRv3 -UcEbVASY06m/weaKXTuH+7uIzg3jLz8GlvCiKVCZrts7oVewdFFxze1CkU1B/qnI -2GqGd0S7WWaXUF601CxwRM/aN5VCaTwwxHGzUvAhTaHYujl8HJ6jJJ3ygxaYqhZ8 -Q5sVW7euNJH+1GImGEaaP+vB+fGQV+useg2L23IwambV4EajcNxo2f8ESIl33rXp -+2dtQem8Ob0y2WIC8bGoPW43nOIv4tOiJovGuFVDiOEjPqXSJDlqR6sA1KGzqSX+ -DT+nHbrTUcELpNqsOO9VUCQFZUaTNE8tja3G1CEZ0o7KBWFxB3NH5YoZEr0ETc5O -nKVIrLsm9wIDAQABo4GOMIGLMB0GA1UdDgQWBBQLWOWLxkwVN6RAqTCpIb5HNlpW -/zAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBJBgNVHR8EQjBAMD6g -PKA6hjhodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9DZXJ0aWZpY2F0aW9u -QXV0aG9yaXR5LmNybDANBgkqhkiG9w0BAQUFAAOCAQEAPpiem/Yb6dc5t3iuHXIY -SdOH5EOC6z/JqvWote9VfCFSZfnVDeFs9D6Mk3ORLgLETgdxb8CPOGEIqB6BCsAv -IC9Bi5HcSEW88cbeunZrM8gALTFGTO3nnc+IlP8zwFboJIYmuNg4ON8qa90SzMc/ -RxdMosIGlgnW2/4/PEZB31jiVg88O8EckzXZOFKs7sjsLjBOlDW0JB9LeGna8gI4 -zJVSk/BwJVmcIGfE7vmLV2H0knZ9P4SNVbfo5azV8fUZVqZa+5Acr5Pr5RzUZ5dd -BA6+C4OmF4O5MBKgxTMVBbkN+8cFduPYSo38NBejxiEovjBFMR7HeL5YYTisO+IB -ZQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICiTCCAg+gAwIBAgIQH0evqmIAcFBUTAGem2OZKjAKBggqhkjOPQQDAzCBhTEL -MAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE -BxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMT -IkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDgwMzA2MDAw -MDAwWhcNMzgwMTE4MjM1OTU5WjCBhTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdy -ZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09N -T0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlv -biBBdXRob3JpdHkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQDR3svdcmCFYX7deSR -FtSrYpn1PlILBs5BAH+X4QokPB0BBO490o0JlwzgdeT6+3eKKvUDYEs2ixYjFq0J -cfRK9ChQtP6IHG4/bC8vCVlbpVsLM5niwz2J+Wos77LTBumjQjBAMB0GA1UdDgQW -BBR1cacZSBm8nZ3qQUfflMRId5nTeTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/ -BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjEA7wNbeqy3eApyt4jf/7VGFAkK+qDm -fQjGGoe9GKhzvSbKYAydzpmfz1wPMOG+FDHqAjAU9JM8SaczepBGR7NjfRObTrdv -GDeAU/7dIOA1mjbRxwG55tzd8/8dLDoWV9mSOdY= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF2DCCA8CgAwIBAgIQTKr5yttjb+Af907YWwOGnTANBgkqhkiG9w0BAQwFADCB -hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G -A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNV -BAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAwMTE5 -MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBhTELMAkGA1UEBhMCR0IxGzAZBgNVBAgT -EkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR -Q09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNh -dGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCR -6FSS0gpWsawNJN3Fz0RndJkrN6N9I3AAcbxT38T6KhKPS38QVr2fcHK3YX/JSw8X -pz3jsARh7v8Rl8f0hj4K+j5c+ZPmNHrZFGvnnLOFoIJ6dq9xkNfs/Q36nGz637CC -9BR++b7Epi9Pf5l/tfxnQ3K9DADWietrLNPtj5gcFKt+5eNu/Nio5JIk2kNrYrhV -/erBvGy2i/MOjZrkm2xpmfh4SDBF1a3hDTxFYPwyllEnvGfDyi62a+pGx8cgoLEf -Zd5ICLqkTqnyg0Y3hOvozIFIQ2dOciqbXL1MGyiKXCJ7tKuY2e7gUYPDCUZObT6Z -+pUX2nwzV0E8jVHtC7ZcryxjGt9XyD+86V3Em69FmeKjWiS0uqlWPc9vqv9JWL7w -qP/0uK3pN/u6uPQLOvnoQ0IeidiEyxPx2bvhiWC4jChWrBQdnArncevPDt09qZah -SL0896+1DSJMwBGB7FY79tOi4lu3sgQiUpWAk2nojkxl8ZEDLXB0AuqLZxUpaVIC -u9ffUGpVRr+goyhhf3DQw6KqLCGqR84onAZFdr+CGCe01a60y1Dma/RMhnEw6abf -Fobg2P9A3fvQQoh/ozM6LlweQRGBY84YcWsr7KaKtzFcOmpH4MN5WdYgGq/yapiq -crxXStJLnbsQ/LBMQeXtHT1eKJ2czL+zUdqnR+WEUwIDAQABo0IwQDAdBgNVHQ4E -FgQUu69+Aj36pvE8hI6t7jiY7NkyMtQwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB -/wQFMAMBAf8wDQYJKoZIhvcNAQEMBQADggIBAArx1UaEt65Ru2yyTUEUAJNMnMvl -wFTPoCWOAvn9sKIN9SCYPBMtrFaisNZ+EZLpLrqeLppysb0ZRGxhNaKatBYSaVqM -4dc+pBroLwP0rmEdEBsqpIt6xf4FpuHA1sj+nq6PK7o9mfjYcwlYRm6mnPTXJ9OV -2jeDchzTc+CiR5kDOF3VSXkAKRzH7JsgHAckaVd4sjn8OoSgtZx8jb8uk2Intzna -FxiuvTwJaP+EmzzV1gsD41eeFPfR60/IvYcjt7ZJQ3mFXLrrkguhxuhoqEwWsRqZ -CuhTLJK7oQkYdQxlqHvLI7cawiiFwxv/0Cti76R7CZGYZ4wUAc1oBmpjIXUDgIiK -boHGhfKppC3n9KUkEEeDys30jXlYsQab5xoq2Z0B15R97QNKyvDb6KkBPvVWmcke -jkk9u+UJueBPSZI9FoJAzMxZxuY67RIuaTxslbH9qh17f4a+Hg4yRvv7E491f0yL -S0Zj/gA0QHDBw7mh3aZw4gSzQbzpgJHqZJx64SIDqZxubw5lT2yHh17zbqD5daWb -QOhTsiedSrnAdyGN/4fy3ryM7xfft0kL0fJuMAsaDk527RH89elWsn2/x20Kk4yl -0MC2Hb46TpSi125sC8KKfPog88Tk5c0NqMuRkrF8hey1FGlmDoLnzc7ILaZRfyHB -NVOFBkpdn627G190 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEvTCCA6WgAwIBAgIBADANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJFVTEn -MCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQL -ExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEiMCAGA1UEAxMZQ2hhbWJlcnMg -b2YgQ29tbWVyY2UgUm9vdDAeFw0wMzA5MzAxNjEzNDNaFw0zNzA5MzAxNjEzNDRa -MH8xCzAJBgNVBAYTAkVVMScwJQYDVQQKEx5BQyBDYW1lcmZpcm1hIFNBIENJRiBB -ODI3NDMyODcxIzAhBgNVBAsTGmh0dHA6Ly93d3cuY2hhbWJlcnNpZ24ub3JnMSIw -IAYDVQQDExlDaGFtYmVycyBvZiBDb21tZXJjZSBSb290MIIBIDANBgkqhkiG9w0B -AQEFAAOCAQ0AMIIBCAKCAQEAtzZV5aVdGDDg2olUkfzIx1L4L1DZ77F1c2VHfRtb -unXF/KGIJPov7coISjlUxFF6tdpg6jg8gbLL8bvZkSM/SAFwdakFKq0fcfPJVD0d -BmpAPrMMhe5cG3nCYsS4No41XQEMIwRHNaqbYE6gZj3LJgqcQKH0XZi/caulAGgq -7YN6D6IUtdQis4CwPAxaUWktWBiP7Zme8a7ileb2R6jWDA+wWFjbw2Y3npuRVDM3 -0pQcakjJyfKl2qUMI/cjDpwyVV5xnIQFUZot/eZOKjRa3spAN2cMVCFVd9oKDMyX -roDclDZK9D7ONhMeU+SsTjoF7Nuucpw4i9A5O4kKPnf+dQIBA6OCAUQwggFAMBIG -A1UdEwEB/wQIMAYBAf8CAQwwPAYDVR0fBDUwMzAxoC+gLYYraHR0cDovL2NybC5j -aGFtYmVyc2lnbi5vcmcvY2hhbWJlcnNyb290LmNybDAdBgNVHQ4EFgQU45T1sU3p -26EpW1eLTXYGduHRooowDgYDVR0PAQH/BAQDAgEGMBEGCWCGSAGG+EIBAQQEAwIA -BzAnBgNVHREEIDAegRxjaGFtYmVyc3Jvb3RAY2hhbWJlcnNpZ24ub3JnMCcGA1Ud -EgQgMB6BHGNoYW1iZXJzcm9vdEBjaGFtYmVyc2lnbi5vcmcwWAYDVR0gBFEwTzBN -BgsrBgEEAYGHLgoDATA+MDwGCCsGAQUFBwIBFjBodHRwOi8vY3BzLmNoYW1iZXJz -aWduLm9yZy9jcHMvY2hhbWJlcnNyb290Lmh0bWwwDQYJKoZIhvcNAQEFBQADggEB -AAxBl8IahsAifJ/7kPMa0QOx7xP5IV8EnNrJpY0nbJaHkb5BkAFyk+cefV/2icZd -p0AJPaxJRUXcLo0waLIJuvvDL8y6C98/d3tGfToSJI6WjzwFCm/SlCgdbQzALogi -1djPHRPH8EjX1wWnz8dHnjs8NMiAT9QUu/wNUPf6s+xCX6ndbcj0dc97wXImsQEc -XCz9ek60AcUFV7nnPKoF2YjpB0ZBzu9Bga5Y34OirsrXdx/nADydb47kMgkdTXg0 -eDQ8lJsm7U9xxhl6vSAiSFr+S30Dt+dYvsYyTnQeaN2oaFuzPu5ifdmA6Ap1erfu -tGWaIZDgqtCYvDi1czyL+Nw= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIExTCCA62gAwIBAgIBADANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJFVTEn -MCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQL -ExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEgMB4GA1UEAxMXR2xvYmFsIENo -YW1iZXJzaWduIFJvb3QwHhcNMDMwOTMwMTYxNDE4WhcNMzcwOTMwMTYxNDE4WjB9 -MQswCQYDVQQGEwJFVTEnMCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgy -NzQzMjg3MSMwIQYDVQQLExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEgMB4G -A1UEAxMXR2xvYmFsIENoYW1iZXJzaWduIFJvb3QwggEgMA0GCSqGSIb3DQEBAQUA -A4IBDQAwggEIAoIBAQCicKLQn0KuWxfH2H3PFIP8T8mhtxOviteePgQKkotgVvq0 -Mi+ITaFgCPS3CU6gSS9J1tPfnZdan5QEcOw/Wdm3zGaLmFIoCQLfxS+EjXqXd7/s -QJ0lcqu1PzKY+7e3/HKE5TWH+VX6ox8Oby4o3Wmg2UIQxvi1RMLQQ3/bvOSiPGpV -eAp3qdjqGTK3L/5cPxvusZjsyq16aUXjlg9V9ubtdepl6DJWk0aJqCWKZQbua795 -B9Dxt6/tLE2Su8CoX6dnfQTyFQhwrJLWfQTSM/tMtgsL+xrJxI0DqX5c8lCrEqWh -z0hQpe/SyBoT+rB/sYIcd2oPX9wLlY/vQ37mRQklAgEDo4IBUDCCAUwwEgYDVR0T -AQH/BAgwBgEB/wIBDDA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vY3JsLmNoYW1i -ZXJzaWduLm9yZy9jaGFtYmVyc2lnbnJvb3QuY3JsMB0GA1UdDgQWBBRDnDafsJ4w -TcbOX60Qq+UDpfqpFDAOBgNVHQ8BAf8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgAH -MCoGA1UdEQQjMCGBH2NoYW1iZXJzaWducm9vdEBjaGFtYmVyc2lnbi5vcmcwKgYD -VR0SBCMwIYEfY2hhbWJlcnNpZ25yb290QGNoYW1iZXJzaWduLm9yZzBbBgNVHSAE -VDBSMFAGCysGAQQBgYcuCgEBMEEwPwYIKwYBBQUHAgEWM2h0dHA6Ly9jcHMuY2hh -bWJlcnNpZ24ub3JnL2Nwcy9jaGFtYmVyc2lnbnJvb3QuaHRtbDANBgkqhkiG9w0B -AQUFAAOCAQEAPDtwkfkEVCeR4e3t/mh/YV3lQWVPMvEYBZRqHN4fcNs+ezICNLUM -bKGKfKX0j//U2K0X1S0E0T9YgOKBWYi+wONGkyT+kL0mojAt6JcmVzWJdJYY9hXi -ryQZVgICsroPFOrGimbBhkVVi76SvpykBMdJPJ7oKXqJ1/6v/2j1pReQvayZzKWG -VwlnRtvWFsJG8eSpUPWP0ZIV018+xgBJOm5YstHRJw0lyDL4IBHNfTIzSJRUTN3c -ecQwn+uOuFW114hcxWokPbLTBQNRxgfvzBRydD1ucs4YKIxKoHflCStFREest2d/ -AYoFWpO+ocH/+OcOZ6RHSXZddZAa9SaP8A== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDqDCCApCgAwIBAgIJAP7c4wEPyUj/MA0GCSqGSIb3DQEBBQUAMDQxCzAJBgNV -BAYTAkZSMRIwEAYDVQQKDAlEaGlteW90aXMxETAPBgNVBAMMCENlcnRpZ25hMB4X -DTA3MDYyOTE1MTMwNVoXDTI3MDYyOTE1MTMwNVowNDELMAkGA1UEBhMCRlIxEjAQ -BgNVBAoMCURoaW15b3RpczERMA8GA1UEAwwIQ2VydGlnbmEwggEiMA0GCSqGSIb3 -DQEBAQUAA4IBDwAwggEKAoIBAQDIaPHJ1tazNHUmgh7stL7qXOEm7RFHYeGifBZ4 -QCHkYJ5ayGPhxLGWkv8YbWkj4Sti993iNi+RB7lIzw7sebYs5zRLcAglozyHGxny -gQcPOJAZ0xH+hrTy0V4eHpbNgGzOOzGTtvKg0KmVEn2lmsxryIRWijOp5yIVUxbw -zBfsV1/pogqYCd7jX5xv3EjjhQsVWqa6n6xI4wmy9/Qy3l40vhx4XUJbzg4ij02Q -130yGLMLLGq/jj8UEYkgDncUtT2UCIf3JR7VsmAA7G8qKCVuKj4YYxclPz5EIBb2 -JsglrgVKtOdjLPOMFlN+XPsRGgjBRmKfIrjxwo1p3Po6WAbfAgMBAAGjgbwwgbkw -DwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUGu3+QTmQtCRZvgHyUtVF9lo53BEw -ZAYDVR0jBF0wW4AUGu3+QTmQtCRZvgHyUtVF9lo53BGhOKQ2MDQxCzAJBgNVBAYT -AkZSMRIwEAYDVQQKDAlEaGlteW90aXMxETAPBgNVBAMMCENlcnRpZ25hggkA/tzj -AQ/JSP8wDgYDVR0PAQH/BAQDAgEGMBEGCWCGSAGG+EIBAQQEAwIABzANBgkqhkiG -9w0BAQUFAAOCAQEAhQMeknH2Qq/ho2Ge6/PAD/Kl1NqV5ta+aDY9fm4fTIrv0Q8h -bV6lUmPOEvjvKtpv6zf+EwLHyzs+ImvaYS5/1HI93TDhHkxAGYwP15zRgzB7mFnc -fca5DClMoTOi62c6ZYTTluLtdkVwj7Ur3vkj1kluPBS1xp81HlDQwY9qcEQCYsuu -HWhBp6pX6FOqB9IG9tUUBguRA3UsbHK1YZWaDYu5Def131TN3ubY1gkIl2PlwS6w -t0QmwCbAr1UwnjvVNioZBPRcHv/PLLf/0P2HQBHVESO7SMAhqaQoLf0V+LBOK/Qw -WyH8EZE0vkHve52Xdf+XlcCWWC/qu0bXu+TZLg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFkjCCA3qgAwIBAgIBATANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJGUjET -MBEGA1UEChMKQ2VydGlub21pczEXMBUGA1UECxMOMDAwMiA0MzM5OTg5MDMxHTAb -BgNVBAMTFENlcnRpbm9taXMgLSBSb290IENBMB4XDTEzMTAyMTA5MTcxOFoXDTMz -MTAyMTA5MTcxOFowWjELMAkGA1UEBhMCRlIxEzARBgNVBAoTCkNlcnRpbm9taXMx -FzAVBgNVBAsTDjAwMDIgNDMzOTk4OTAzMR0wGwYDVQQDExRDZXJ0aW5vbWlzIC0g -Um9vdCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANTMCQosP5L2 -fxSeC5yaah1AMGT9qt8OHgZbn1CF6s2Nq0Nn3rD6foCWnoR4kkjW4znuzuRZWJfl -LieY6pOod5tK8O90gC3rMB+12ceAnGInkYjwSond3IjmFPnVAy//ldu9n+ws+hQV -WZUKxkd8aRi5pwP5ynapz8dvtF4F/u7BUrJ1Mofs7SlmO/NKFoL21prbcpjp3vDF -TKWrteoB4owuZH9kb/2jJZOLyKIOSY008B/sWEUuNKqEUL3nskoTuLAPrjhdsKkb -5nPJWqHZZkCqqU2mNAKthH6yI8H7KsZn9DS2sJVqM09xRLWtwHkziOC/7aOgFLSc -CbAK42C++PhmiM1b8XcF4LVzbsF9Ri6OSyemzTUK/eVNfaoqoynHWmgE6OXWk6Ri -wsXm9E/G+Z8ajYJJGYrKWUM66A0ywfRMEwNvbqY/kXPLynNvEiCL7sCCeN5LLsJJ -wx3tFvYk9CcbXFcx3FXuqB5vbKziRcxXV4p1VxngtViZSTYxPDMBbRZKzbgqg4SG -m/lg0h9tkQPTYKbVPZrdd5A9NaSfD171UkRpucC63M9933zZxKyGIjK8e2uR73r4 -F2iw4lNVYC2vPsKD2NkJK/DAZNuHi5HMkesE/Xa0lZrmFAYb1TQdvtj/dBxThZng -WVJKYe2InmtJiUZ+IFrZ50rlau7SZRFDAgMBAAGjYzBhMA4GA1UdDwEB/wQEAwIB -BjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTvkUz1pcMw6C8I6tNxIqSSaHh0 -2TAfBgNVHSMEGDAWgBTvkUz1pcMw6C8I6tNxIqSSaHh02TANBgkqhkiG9w0BAQsF -AAOCAgEAfj1U2iJdGlg+O1QnurrMyOMaauo++RLrVl89UM7g6kgmJs95Vn6RHJk/ -0KGRHCwPT5iVWVO90CLYiF2cN/z7ZMF4jIuaYAnq1fohX9B0ZedQxb8uuQsLrbWw -F6YSjNRieOpWauwK0kDDPAUwPk2Ut59KA9N9J0u2/kTO+hkzGm2kQtHdzMjI1xZS -g081lLMSVX3l4kLr5JyTCcBMWwerx20RoFAXlCOotQqSD7J6wWAsOMwaplv/8gzj -qh8c3LigkyfeY+N/IZ865Z764BNqdeuWXGKRlI5nU7aJ+BIJy29SWwNyhlCVCNSN -h4YVH5Uk2KRvms6knZtt0rJ2BobGVgjF6wnaNsIbW0G+YSrjcOa4pvi2WsS9Iff/ -ql+hbHY5ZtbqTFXhADObE5hjyW/QASAJN1LnDE8+zbz1X5YnpyACleAu6AdBBR8V -btaw5BngDwKTACdyxYvRVB9dSsNAl35VpnzBMwQUAR1JIGkLGZOdblgi90AMRgwj -Y/M50n92Uaf0yKHxDHYiI0ZSKS3io0EHVmmY0gUJvGnHWmHNj4FgFU2A3ZDifcRQ -8ow7bkrHxuaAKzyBvBGAFhAn1/DNP3nMcyrDflOR1m749fPH0FFNjkulW+YZFzvW -gQncItzujrnEj1PhZ7szuIgVRs/taTX/dQ1G885x4cVrhkIGuUE= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDkjCCAnqgAwIBAgIRAIW9S/PY2uNp9pTXX8OlRCMwDQYJKoZIhvcNAQEFBQAw -PTELMAkGA1UEBhMCRlIxETAPBgNVBAoTCENlcnRwbHVzMRswGQYDVQQDExJDbGFz -cyAyIFByaW1hcnkgQ0EwHhcNOTkwNzA3MTcwNTAwWhcNMTkwNzA2MjM1OTU5WjA9 -MQswCQYDVQQGEwJGUjERMA8GA1UEChMIQ2VydHBsdXMxGzAZBgNVBAMTEkNsYXNz -IDIgUHJpbWFyeSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANxQ -ltAS+DXSCHh6tlJw/W/uz7kRy1134ezpfgSN1sxvc0NXYKwzCkTsA18cgCSR5aiR -VhKC9+Ar9NuuYS6JEI1rbLqzAr3VNsVINyPi8Fo3UjMXEuLRYE2+L0ER4/YXJQyL -kcAbmXuZVg2v7tK8R1fjeUl7NIknJITesezpWE7+Tt9avkGtrAjFGA7v0lPubNCd -EgETjdyAYveVqUSISnFOYFWe2yMZeVYHDD9jC1yw4r5+FfyUM1hBOHTE4Y+L3yas -H7WLO7dDWWuwJKZtkIvEcupdM5i3y95ee++U8Rs+yskhwcWYAqqi9lt3m/V+llU0 -HGdpwPFC40es/CgcZlUCAwEAAaOBjDCBiTAPBgNVHRMECDAGAQH/AgEKMAsGA1Ud -DwQEAwIBBjAdBgNVHQ4EFgQU43Mt38sOKAze3bOkynm4jrvoMIkwEQYJYIZIAYb4 -QgEBBAQDAgEGMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly93d3cuY2VydHBsdXMu -Y29tL0NSTC9jbGFzczIuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQCnVM+IRBnL39R/ -AN9WM2K191EBkOvDP9GIROkkXe/nFL0gt5o8AP5tn9uQ3Nf0YtaLcF3n5QRIqWh8 -yfFC82x/xXp8HVGIutIKPidd3i1RTtMTZGnkLuPT55sJmabglZvOGtd/vjzOUrMR -FcEPF80Du5wlFbqidon8BvEY0JNLDnyCt6X09l/+7UCmnYR0ObncHoUW2ikbhiMA -ybuJfm6AiB4vFLQDJKgybwOaRywwvlbGp0ICcBvqQNi6BQNwB6SW//1IMwrh3KWB -kJtN3X3n57LNXMhqlfil9o3EXXgIvnsG1knPGTZQIy4I5p4FTUcY1Rbpsda2ENW7 -l7+ijrRU ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFazCCA1OgAwIBAgISESBVg+QtPlRWhS2DN7cs3EYRMA0GCSqGSIb3DQEBDQUA -MD4xCzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2Vy -dHBsdXMgUm9vdCBDQSBHMTAeFw0xNDA1MjYwMDAwMDBaFw0zODAxMTUwMDAwMDBa -MD4xCzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2Vy -dHBsdXMgUm9vdCBDQSBHMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB -ANpQh7bauKk+nWT6VjOaVj0W5QOVsjQcmm1iBdTYj+eJZJ+622SLZOZ5KmHNr49a -iZFluVj8tANfkT8tEBXgfs+8/H9DZ6itXjYj2JizTfNDnjl8KvzsiNWI7nC9hRYt -6kuJPKNxQv4c/dMcLRC4hlTqQ7jbxofaqK6AJc96Jh2qkbBIb6613p7Y1/oA/caP -0FG7Yn2ksYyy/yARujVjBYZHYEMzkPZHogNPlk2dT8Hq6pyi/jQu3rfKG3akt62f -6ajUeD94/vI4CTYd0hYCyOwqaK/1jpTvLRN6HkJKHRUxrgwEV/xhc/MxVoYxgKDE -EW4wduOU8F8ExKyHcomYxZ3MVwia9Az8fXoFOvpHgDm2z4QTd28n6v+WZxcIbekN -1iNQMLAVdBM+5S//Ds3EC0pd8NgAM0lm66EYfFkuPSi5YXHLtaW6uOrc4nBvCGrc -h2c0798wct3zyT8j/zXhviEpIDCB5BmlIOklynMxdCm+4kLV87ImZsdo/Rmz5yCT -mehd4F6H50boJZwKKSTUzViGUkAksnsPmBIgJPaQbEfIDbsYIC7Z/fyL8inqh3SV -4EJQeIQEQWGw9CEjjy3LKCHyamz0GqbFFLQ3ZU+V/YDI+HLlJWvEYLF7bY5KinPO -WftwenMGE9nTdDckQQoRb5fc5+R+ob0V8rqHDz1oihYHAgMBAAGjYzBhMA4GA1Ud -DwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSowcCbkahDFXxd -Bie0KlHYlwuBsTAfBgNVHSMEGDAWgBSowcCbkahDFXxdBie0KlHYlwuBsTANBgkq -hkiG9w0BAQ0FAAOCAgEAnFZvAX7RvUz1isbwJh/k4DgYzDLDKTudQSk0YcbX8ACh -66Ryj5QXvBMsdbRX7gp8CXrc1cqh0DQT+Hern+X+2B50ioUHj3/MeXrKls3N/U/7 -/SMNkPX0XtPGYX2eEeAC7gkE2Qfdpoq3DIMku4NQkv5gdRE+2J2winq14J2by5BS -S7CTKtQ+FjPlnsZlFT5kOwQ/2wyPX1wdaR+v8+khjPPvl/aatxm2hHSco1S1cE5j -2FddUyGbQJJD+tZ3VTNPZNX70Cxqjm0lpu+F6ALEUz65noe8zDUa3qHpimOHZR4R -Kttjd5cUvpoUmRGywO6wT/gUITJDT5+rosuoD6o7BlXGEilXCNQ314cnrUlZp5Gr -RHpejXDbl85IULFzk/bwg2D5zfHhMf1bfHEhYxQUqq/F3pN+aLHsIqKqkHWetUNy -6mSjhEv9DKgma3GX7lZjZuhCVPnHHd/Qj1vfyDBviP4NxDMcU6ij/UgQ8uQKTuEV -V/xuZDDCVRHc6qnNSlSsKWNEz0pAoNZoWRsz+e86i9sgktxChL8Bq4fA1SCC28a5 -g4VCXA9DO2pJNdWY9BW/+mGBDAkgGNLQFwzLSABQ6XaCjGTXOqAHVcweMcDvOrRl -++O/QmueD6i9a5jc2NvLi6Td11n0bt3+qsOR0C5CB8AMTVPNJLFMWx5R9N/pkvo= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICHDCCAaKgAwIBAgISESDZkc6uo+jF5//pAq/Pc7xVMAoGCCqGSM49BAMDMD4x -CzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2VydHBs -dXMgUm9vdCBDQSBHMjAeFw0xNDA1MjYwMDAwMDBaFw0zODAxMTUwMDAwMDBaMD4x -CzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2VydHBs -dXMgUm9vdCBDQSBHMjB2MBAGByqGSM49AgEGBSuBBAAiA2IABM0PW1aC3/BFGtat -93nwHcmsltaeTpwftEIRyoa/bfuFo8XlGVzX7qY/aWfYeOKmycTbLXku54uNAm8x -Ik0G42ByRZ0OQneezs/lf4WbGOT8zC5y0xaTTsqZY1yhBSpsBqNjMGEwDgYDVR0P -AQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNqDYwJ5jtpMxjwj -FNiPwyCrKGBZMB8GA1UdIwQYMBaAFNqDYwJ5jtpMxjwjFNiPwyCrKGBZMAoGCCqG -SM49BAMDA2gAMGUCMHD+sAvZ94OX7PNVHdTcswYO/jOYnYs5kGuUIe22113WTNch -p+e/IQ8rzfcq3IUHnQIxAIYUFuXcsGXCwI4Un78kFmjlvPl5adytRSv3tjFzzAal -U5ORGpOucGpnutee5WEaXw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDDDCCAfSgAwIBAgIDAQAgMA0GCSqGSIb3DQEBBQUAMD4xCzAJBgNVBAYTAlBM -MRswGQYDVQQKExJVbml6ZXRvIFNwLiB6IG8uby4xEjAQBgNVBAMTCUNlcnR1bSBD -QTAeFw0wMjA2MTExMDQ2MzlaFw0yNzA2MTExMDQ2MzlaMD4xCzAJBgNVBAYTAlBM -MRswGQYDVQQKExJVbml6ZXRvIFNwLiB6IG8uby4xEjAQBgNVBAMTCUNlcnR1bSBD -QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM6xwS7TT3zNJc4YPk/E -jG+AanPIW1H4m9LcuwBcsaD8dQPugfCI7iNS6eYVM42sLQnFdvkrOYCJ5JdLkKWo -ePhzQ3ukYbDYWMzhbGZ+nPMJXlVjhNWo7/OxLjBos8Q82KxujZlakE403Daaj4GI -ULdtlkIJ89eVgw1BS7Bqa/j8D35in2fE7SZfECYPCE/wpFcozo+47UX2bu4lXapu -Ob7kky/ZR6By6/qmW6/KUz/iDsaWVhFu9+lmqSbYf5VT7QqFiLpPKaVCjF62/IUg -AKpoC6EahQGcxEZjgoi2IrHu/qpGWX7PNSzVttpd90gzFFS269lvzs2I1qsb2pY7 -HVkCAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEA -uI3O7+cUus/usESSbLQ5PqKEbq24IXfS1HeCh+YgQYHu4vgRt2PRFze+GXYkHAQa -TOs9qmdvLdTN/mUxcMUbpgIKumB7bVjCmkn+YzILa+M6wKyrO7Do0wlRjBCDxjTg -xSvgGrZgFCdsMneMvLJymM/NzD+5yCRCFNZX/OYmQ6kd5YCQzgNUKD73P9P4Te1q -CjqTE5s7FCMTY5w/0YcneeVMUeMBrYVdGjux1XMQpNPyvG5k9VpWkKjHDkx0Dy5x -O/fIR/RpbxXyEV6DHpx8Uq79AtoSqFlnGNu8cN2bsWntgM6JQEhqDjXKKWYVIZQs -6GAqm4VKQPNriiTsBhYscw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDuzCCAqOgAwIBAgIDBETAMA0GCSqGSIb3DQEBBQUAMH4xCzAJBgNVBAYTAlBM -MSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2llcyBTLkEuMScwJQYDVQQLEx5D -ZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxIjAgBgNVBAMTGUNlcnR1bSBU -cnVzdGVkIE5ldHdvcmsgQ0EwHhcNMDgxMDIyMTIwNzM3WhcNMjkxMjMxMTIwNzM3 -WjB+MQswCQYDVQQGEwJQTDEiMCAGA1UEChMZVW5pemV0byBUZWNobm9sb2dpZXMg -Uy5BLjEnMCUGA1UECxMeQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MSIw -IAYDVQQDExlDZXJ0dW0gVHJ1c3RlZCBOZXR3b3JrIENBMIIBIjANBgkqhkiG9w0B -AQEFAAOCAQ8AMIIBCgKCAQEA4/t9o3K6wvDJFIf1awFO4W5AB7ptJ11/91sts1rH -UV+rpDKmYYe2bg+G0jACl/jXaVehGDldamR5xgFZrDwxSjh80gTSSyjoIF87B6LM -TXPb865Px1bVWqeWifrzq2jUI4ZZJ88JJ7ysbnKDHDBy3+Ci6dLhdHUZvSqeexVU -BBvXQzmtVSjF4hq79MDkrjhJM8x2hZ85RdKknvISjFH4fOQtf/WsX+sWn7Et0brM -kUJ3TCXJkDhv2/DM+44el1k+1WBO5gUo7Ul5E0u6SNsv+XLTOcr+H9g0cvW0QM8x -AcPs3hEtF10fuFDRXhmnad4HMyjKUJX5p1TLVIZQRan5SQIDAQABo0IwQDAPBgNV -HRMBAf8EBTADAQH/MB0GA1UdDgQWBBQIds3LB/8k9sXN7buQvOKEN0Z19zAOBgNV -HQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQEFBQADggEBAKaorSLOAT2mo/9i0Eidi15y -sHhE49wcrwn9I0j6vSrEuVUEtRCjjSfeC4Jj0O7eDDd5QVsisrCaQVymcODU0HfL -I9MA4GxWL+FpDQ3Zqr8hgVDZBqWo/5U30Kr+4rP1mS1FhIrlQgnXdAIv94nYmem8 -J9RHjboNRhx3zxSkHLmkMcScKHQDNP8zGSal6Q10tz6XxnboJ5ajZt3hrvJBW8qY -VoNzcOSGGtIxQbovvi0TWnZvTuhOgQ4/WwMioBK+ZlgRSssDxLQqKi2WF+A5VLxI -03YnnZotBqbJ7DnSq9ufmgsnAjUpsUCV5/nonFWIGUbWtzT1fs45mtk48VH3Tyw= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF0jCCA7qgAwIBAgIQIdbQSk8lD8kyN/yqXhKN6TANBgkqhkiG9w0BAQ0FADCB -gDELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMu -QS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEkMCIG -A1UEAxMbQ2VydHVtIFRydXN0ZWQgTmV0d29yayBDQSAyMCIYDzIwMTExMDA2MDgz -OTU2WhgPMjA0NjEwMDYwODM5NTZaMIGAMQswCQYDVQQGEwJQTDEiMCAGA1UEChMZ -VW5pemV0byBUZWNobm9sb2dpZXMgUy5BLjEnMCUGA1UECxMeQ2VydHVtIENlcnRp -ZmljYXRpb24gQXV0aG9yaXR5MSQwIgYDVQQDExtDZXJ0dW0gVHJ1c3RlZCBOZXR3 -b3JrIENBIDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC9+Xj45tWA -DGSdhhuWZGc/IjoedQF97/tcZ4zJzFxrqZHmuULlIEub2pt7uZld2ZuAS9eEQCsn -0+i6MLs+CRqnSZXvK0AkwpfHp+6bJe+oCgCXhVqqndwpyeI1B+twTUrWwbNWuKFB -OJvR+zF/j+Bf4bE/D44WSWDXBo0Y+aomEKsq09DRZ40bRr5HMNUuctHFY9rnY3lE -fktjJImGLjQ/KUxSiyqnwOKRKIm5wFv5HdnnJ63/mgKXwcZQkpsCLL2puTRZCr+E -Sv/f/rOf69me4Jgj7KZrdxYq28ytOxykh9xGc14ZYmhFV+SQgkK7QtbwYeDBoz1m -o130GO6IyY0XRSmZMnUCMe4pJshrAua1YkV/NxVaI2iJ1D7eTiew8EAMvE0Xy02i -sx7QBlrd9pPPV3WZ9fqGGmd4s7+W/jTcvedSVuWz5XV710GRBdxdaeOVDUO5/IOW -OZV7bIBaTxNyxtd9KXpEulKkKtVBRgkg/iKgtlswjbyJDNXXcPiHUv3a76xRLgez -Tv7QCdpw75j6VuZt27VXS9zlLCUVyJ4ueE742pyehizKV/Ma5ciSixqClnrDvFAS -adgOWkaLOusm+iPJtrCBvkIApPjW/jAux9JG9uWOdf3yzLnQh1vMBhBgu4M1t15n -3kfsmUjxpKEV/q2MYo45VU85FrmxY53/twIDAQABo0IwQDAPBgNVHRMBAf8EBTAD -AQH/MB0GA1UdDgQWBBS2oVQ5AsOgP46KvPrU+Bym0ToO/TAOBgNVHQ8BAf8EBAMC -AQYwDQYJKoZIhvcNAQENBQADggIBAHGlDs7k6b8/ONWJWsQCYftMxRQXLYtPU2sQ -F/xlhMcQSZDe28cmk4gmb3DWAl45oPePq5a1pRNcgRRtDoGCERuKTsZPpd1iHkTf -CVn0W3cLN+mLIMb4Ck4uWBzrM9DPhmDJ2vuAL55MYIR4PSFk1vtBHxgP58l1cb29 -XN40hz5BsA72udY/CROWFC/emh1auVbONTqwX3BNXuMp8SMoclm2q8KMZiYcdywm -djWLKKdpoPk79SPdhRB0yZADVpHnr7pH1BKXESLjokmUbOe3lEu6LaTaM4tMpkT/ -WjzGHWTYtTHkpjx6qFcL2+1hGsvxznN3Y6SHb0xRONbkX8eftoEq5IVIeVheO/jb -AoJnwTnbw3RLPTYe+SmTiGhbqEQZIfCn6IENLOiTNrQ3ssqwGyZ6miUfmpqAnksq -P/ujmv5zMnHCnsZy4YpoJ/HkD7TETKVhk/iXEAcqMCWpuchxuO9ozC1+9eB+D4Ko -b7a6bINDd82Kkhehnlt4Fj1F4jNy3eFmypnTycUm/Q1oBEauttmbjL4ZvrHG8hnj -XALKLNhvSgfZyTXaQHXyxKcZb55CEJh15pWLYLztxRLXis7VmFxWlgPF7ncGNf/P -5O4/E2Hu29othfDNrp2yGAlFw5Khchf8R7agCyzxxN5DaAhqXzvwdmP7zAYspsbi -DrW5viSP ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIHTzCCBTegAwIBAgIJAKPaQn6ksa7aMA0GCSqGSIb3DQEBBQUAMIGuMQswCQYD -VQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0 -IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAGA1UEBRMJQTgyNzQzMjg3 -MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xKTAnBgNVBAMTIENoYW1iZXJz -IG9mIENvbW1lcmNlIFJvb3QgLSAyMDA4MB4XDTA4MDgwMTEyMjk1MFoXDTM4MDcz -MTEyMjk1MFowga4xCzAJBgNVBAYTAkVVMUMwQQYDVQQHEzpNYWRyaWQgKHNlZSBj -dXJyZW50IGFkZHJlc3MgYXQgd3d3LmNhbWVyZmlybWEuY29tL2FkZHJlc3MpMRIw -EAYDVQQFEwlBODI3NDMyODcxGzAZBgNVBAoTEkFDIENhbWVyZmlybWEgUy5BLjEp -MCcGA1UEAxMgQ2hhbWJlcnMgb2YgQ29tbWVyY2UgUm9vdCAtIDIwMDgwggIiMA0G -CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCvAMtwNyuAWko6bHiUfaN/Gh/2NdW9 -28sNRHI+JrKQUrpjOyhYb6WzbZSm891kDFX29ufyIiKAXuFixrYp4YFs8r/lfTJq -VKAyGVn+H4vXPWCGhSRv4xGzdz4gljUha7MI2XAuZPeEklPWDrCQiorjh40G072Q -DuKZoRuGDtqaCrsLYVAGUvGef3bsyw/QHg3PmTA9HMRFEFis1tPo1+XqxQEHd9ZR -5gN/ikilTWh1uem8nk4ZcfUyS5xtYBkL+8ydddy/Js2Pk3g5eXNeJQ7KXOt3EgfL -ZEFHcpOrUMPrCXZkNNI5t3YRCQ12RcSprj1qr7V9ZS+UWBDsXHyvfuK2GNnQm05a -Sd+pZgvMPMZ4fKecHePOjlO+Bd5gD2vlGts/4+EhySnB8esHnFIbAURRPHsl18Tl -UlRdJQfKFiC4reRB7noI/plvg6aRArBsNlVq5331lubKgdaX8ZSD6e2wsWsSaR6s -+12pxZjptFtYer49okQ6Y1nUCyXeG0+95QGezdIp1Z8XGQpvvwyQ0wlf2eOKNcx5 -Wk0ZN5K3xMGtr/R5JJqyAQuxr1yW84Ay+1w9mPGgP0revq+ULtlVmhduYJ1jbLhj -ya6BXBg14JC7vjxPNyK5fuvPnnchpj04gftI2jE9K+OJ9dC1vX7gUMQSibMjmhAx -hduub+84Mxh2EQIDAQABo4IBbDCCAWgwEgYDVR0TAQH/BAgwBgEB/wIBDDAdBgNV -HQ4EFgQU+SSsD7K1+HnA+mCIG8TZTQKeFxkwgeMGA1UdIwSB2zCB2IAU+SSsD7K1 -+HnA+mCIG8TZTQKeFxmhgbSkgbEwga4xCzAJBgNVBAYTAkVVMUMwQQYDVQQHEzpN -YWRyaWQgKHNlZSBjdXJyZW50IGFkZHJlc3MgYXQgd3d3LmNhbWVyZmlybWEuY29t -L2FkZHJlc3MpMRIwEAYDVQQFEwlBODI3NDMyODcxGzAZBgNVBAoTEkFDIENhbWVy -ZmlybWEgUy5BLjEpMCcGA1UEAxMgQ2hhbWJlcnMgb2YgQ29tbWVyY2UgUm9vdCAt -IDIwMDiCCQCj2kJ+pLGu2jAOBgNVHQ8BAf8EBAMCAQYwPQYDVR0gBDYwNDAyBgRV -HSAAMCowKAYIKwYBBQUHAgEWHGh0dHA6Ly9wb2xpY3kuY2FtZXJmaXJtYS5jb20w -DQYJKoZIhvcNAQEFBQADggIBAJASryI1wqM58C7e6bXpeHxIvj99RZJe6dqxGfwW -PJ+0W2aeaufDuV2I6A+tzyMP3iU6XsxPpcG1Lawk0lgH3qLPaYRgM+gQDROpI9CF -5Y57pp49chNyM/WqfcZjHwj0/gF/JM8rLFQJ3uIrbZLGOU8W6jx+ekbURWpGqOt1 -glanq6B8aBMz9p0w8G8nOSQjKpD9kCk18pPfNKXG9/jvjA9iSnyu0/VU+I22mlaH -FoI6M6taIgj3grrqLuBHmrS1RaMFO9ncLkVAO+rcf+g769HsJtg1pDDFOqxXnrN2 -pSB7+R5KBWIBpih1YJeSDW4+TTdDDZIVnBgizVGZoCkaPF+KMjNbMMeJL0eYD6MD -xvbxrN8y8NmBGuScvfaAFPDRLLmF9dijscilIeUcE5fuDr3fKanvNFNb0+RqE4QG -tjICxFKuItLcsiFCGtpA8CnJ7AoMXOLQusxI0zcKzBIKinmwPQN/aUv0NCB9szTq -jktk9T79syNnFQ0EuPAtwQlRPLJsFfClI9eDdOTlLsn+mCdCxqvGnrDQWzilm1De -fhiYtUU79nm06PcaewaD+9CL2rvHvRirCG88gGtAPxkZumWK5r7VXNM21+9AUiRg -OGcEMeyP84LG3rlV8zsxkVrctQgVrXYlCg17LofiDKYGvCYQbTed7N14jHyAxfDZ -d0jQ ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDkzCCAnugAwIBAgIQFBOWgxRVjOp7Y+X8NId3RDANBgkqhkiG9w0BAQUFADA0 -MRMwEQYDVQQDEwpDb21TaWduIENBMRAwDgYDVQQKEwdDb21TaWduMQswCQYDVQQG -EwJJTDAeFw0wNDAzMjQxMTMyMThaFw0yOTAzMTkxNTAyMThaMDQxEzARBgNVBAMT -CkNvbVNpZ24gQ0ExEDAOBgNVBAoTB0NvbVNpZ24xCzAJBgNVBAYTAklMMIIBIjAN -BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8ORUaSvTx49qROR+WCf4C9DklBKK -8Rs4OC8fMZwG1Cyn3gsqrhqg455qv588x26i+YtkbDqthVVRVKU4VbirgwTyP2Q2 -98CNQ0NqZtH3FyrV7zb6MBBC11PN+fozc0yz6YQgitZBJzXkOPqUm7h65HkfM/sb -2CEJKHxNGGleZIp6GZPKfuzzcuc3B1hZKKxC+cX/zT/npfo4sdAMx9lSGlPWgcxC -ejVb7Us6eva1jsz/D3zkYDaHL63woSV9/9JLEYhwVKZBqGdTUkJe5DSe5L6j7Kpi -Xd3DTKaCQeQzC6zJMw9kglcq/QytNuEMrkvF7zuZ2SOzW120V+x0cAwqTwIDAQAB -o4GgMIGdMAwGA1UdEwQFMAMBAf8wPQYDVR0fBDYwNDAyoDCgLoYsaHR0cDovL2Zl -ZGlyLmNvbXNpZ24uY28uaWwvY3JsL0NvbVNpZ25DQS5jcmwwDgYDVR0PAQH/BAQD -AgGGMB8GA1UdIwQYMBaAFEsBmz5WGmU2dst7l6qSBe4y5ygxMB0GA1UdDgQWBBRL -AZs+VhplNnbLe5eqkgXuMucoMTANBgkqhkiG9w0BAQUFAAOCAQEA0Nmlfv4pYEWd -foPPbrxHbvUanlR2QnG0PFg/LUAlQvaBnPGJEMgOqnhPOAlXsDzACPw1jvFIUY0M -cXS6hMTXcpuEfDhOZAYnKuGntewImbQKDdSFc8gS4TXt8QUxHXOZDOuWyt3T5oWq -8Ir7dcHyCTxlZWTzTNity4hp8+SDtwy9F1qWF8pb/627HOkthIDYIb6FUtnUdLlp -hbpN7Sgy6/lhSuTENh4Z3G+EER+V9YMoGKgzkkMn3V0TBEVPh9VGzT2ouvDzuFYk -Res3x+F2T3I5GN9+dHLHcy056mDmrRGiVod7w2ia/viMcKjfZTL0pECMocJEAw6U -AGegcQCCSA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEMjCCAxqgAwIBAgIBATANBgkqhkiG9w0BAQUFADB7MQswCQYDVQQGEwJHQjEb -MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow -GAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UEAwwYQUFBIENlcnRpZmlj -YXRlIFNlcnZpY2VzMB4XDTA0MDEwMTAwMDAwMFoXDTI4MTIzMTIzNTk1OVowezEL -MAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE -BwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxITAfBgNVBAMM -GEFBQSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczCCASIwDQYJKoZIhvcNAQEBBQADggEP -ADCCAQoCggEBAL5AnfRu4ep2hxxNRUSOvkbIgwadwSr+GB+O5AL686tdUIoWMQua -BtDFcCLNSS1UY8y2bmhGC1Pqy0wkwLxyTurxFa70VJoSCsN6sjNg4tqJVfMiWPPe -3M/vg4aijJRPn2jymJBGhCfHdr/jzDUsi14HZGWCwEiwqJH5YZ92IFCokcdmtet4 -YgNW8IoaE+oxox6gmf049vYnMlhvB/VruPsUK6+3qszWY19zjNoFmag4qMsXeDZR -rOme9Hg6jc8P2ULimAyrL58OAd7vn5lJ8S3frHRNG5i1R8XlKdH5kBjHYpy+g8cm -ez6KJcfA3Z3mNWgQIJ2P2N7Sw4ScDV7oL8kCAwEAAaOBwDCBvTAdBgNVHQ4EFgQU -oBEKIz6W8Qfs4q8p74Klf9AwpLQwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQF -MAMBAf8wewYDVR0fBHQwcjA4oDagNIYyaHR0cDovL2NybC5jb21vZG9jYS5jb20v -QUFBQ2VydGlmaWNhdGVTZXJ2aWNlcy5jcmwwNqA0oDKGMGh0dHA6Ly9jcmwuY29t -b2RvLm5ldC9BQUFDZXJ0aWZpY2F0ZVNlcnZpY2VzLmNybDANBgkqhkiG9w0BAQUF -AAOCAQEACFb8AvCb6P+k+tZ7xkSAzk/ExfYAWMymtrwUSWgEdujm7l3sAg9g1o1Q -GE8mTgHj5rCl7r+8dFRBv/38ErjHT1r0iWAFf2C3BUrz9vHCv8S5dIa2LX1rzNLz -Rt0vxuBqw8M0Ayx9lt1awg6nCpnBBYurDC/zXDrPbDdVCYfeU0BsWO/8tqtlbgT2 -G9w84FoVxp7Z8VlIMCFlA2zs6SFz7JsDoeA3raAVGI/6ugLOpyypEBMs1OUIJqsi -l2D4kF501KKaU73yqWjgom7C12yxow+ev+to51byrvLjKzg6CYG1a4XXvi3tPxq3 -smPi9WIsgtRqAEFQ8TmDn5XpNpaYbg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDoTCCAomgAwIBAgILBAAAAAABD4WqLUgwDQYJKoZIhvcNAQEFBQAwOzEYMBYG -A1UEChMPQ3liZXJ0cnVzdCwgSW5jMR8wHQYDVQQDExZDeWJlcnRydXN0IEdsb2Jh -bCBSb290MB4XDTA2MTIxNTA4MDAwMFoXDTIxMTIxNTA4MDAwMFowOzEYMBYGA1UE -ChMPQ3liZXJ0cnVzdCwgSW5jMR8wHQYDVQQDExZDeWJlcnRydXN0IEdsb2JhbCBS -b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+Mi8vRRQZhP/8NN5 -7CPytxrHjoXxEnOmGaoQ25yiZXRadz5RfVb23CO21O1fWLE3TdVJDm71aofW0ozS -J8bi/zafmGWgE07GKmSb1ZASzxQG9Dvj1Ci+6A74q05IlG2OlTEQXO2iLb3VOm2y -HLtgwEZLAfVJrn5GitB0jaEMAs7u/OePuGtm839EAL9mJRQr3RAwHQeWP032a7iP -t3sMpTjr3kfb1V05/Iin89cqdPHoWqI7n1C6poxFNcJQZZXcY4Lv3b93TZxiyWNz -FtApD0mpSPCzqrdsxacwOUBdrsTiXSZT8M4cIwhhqJQZugRiQOwfOHB3EgZxpzAY -XSUnpQIDAQABo4GlMIGiMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/ -MB0GA1UdDgQWBBS2CHsNesysIEyGVjJez6tuhS1wVzA/BgNVHR8EODA2MDSgMqAw -hi5odHRwOi8vd3d3Mi5wdWJsaWMtdHJ1c3QuY29tL2NybC9jdC9jdHJvb3QuY3Js -MB8GA1UdIwQYMBaAFLYIew16zKwgTIZWMl7Pq26FLXBXMA0GCSqGSIb3DQEBBQUA -A4IBAQBW7wojoFROlZfJ+InaRcHUowAl9B8Tq7ejhVhpwjCt2BWKLePJzYFa+HMj -Wqd8BfP9IjsO0QbE2zZMcwSO5bAi5MXzLqXZI+O4Tkogp24CJJ8iYGd7ix1yCcUx -XOl5n4BHPa2hCwcUPUf/A2kaDAtE52Mlp3+yybh2hO0j9n0Hq0V+09+zv+mKts2o -omcrUtW3ZfA5TGOgkXmTUg9U3YO7n9GPp1Nzw8v/MOx8BLjYRB+TX3EJIrduPuoc -A06dGiBh+4E37F78CkWr1+cXVdCg6mCbpvbjjFspwgZgFJ0tl0ypkxWdYcQBX0jW -WL1WMRJOEcgh4LMRkWXbtKaIOM5V ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEDjCCAvagAwIBAgIDD92sMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNVBAYTAkRF -MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxHzAdBgNVBAMMFkQtVFJVU1QgUm9vdCBD -QSAzIDIwMTMwHhcNMTMwOTIwMDgyNTUxWhcNMjgwOTIwMDgyNTUxWjBFMQswCQYD -VQQGEwJERTEVMBMGA1UECgwMRC1UcnVzdCBHbWJIMR8wHQYDVQQDDBZELVRSVVNU -IFJvb3QgQ0EgMyAyMDEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA -xHtCkoIf7O1UmI4SwMoJ35NuOpNcG+QQd55OaYhs9uFp8vabomGxvQcgdJhl8Ywm -CM2oNcqANtFjbehEeoLDbF7eu+g20sRoNoyfMr2EIuDcwu4QRjltr5M5rofmw7wJ -ySxrZ1vZm3Z1TAvgu8XXvD558l++0ZBX+a72Zl8xv9Ntj6e6SvMjZbu376Ml1wrq -WLbviPr6ebJSWNXwrIyhUXQplapRO5AyA58ccnSQ3j3tYdLl4/1kR+W5t0qp9x+u -loYErC/jpIF3t1oW/9gPP/a3eMykr/pbPBJbqFKJcu+I89VEgYaVI5973bzZNO98 -lDyqwEHC451QGsDkGSL8swIDAQABo4IBBTCCAQEwDwYDVR0TAQH/BAUwAwEB/zAd -BgNVHQ4EFgQUP5DIfccVb/Mkj6nDL0uiDyGyL+cwDgYDVR0PAQH/BAQDAgEGMIG+ -BgNVHR8EgbYwgbMwdKByoHCGbmxkYXA6Ly9kaXJlY3RvcnkuZC10cnVzdC5uZXQv -Q049RC1UUlVTVCUyMFJvb3QlMjBDQSUyMDMlMjAyMDEzLE89RC1UcnVzdCUyMEdt -YkgsQz1ERT9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0MDugOaA3hjVodHRwOi8v -Y3JsLmQtdHJ1c3QubmV0L2NybC9kLXRydXN0X3Jvb3RfY2FfM18yMDEzLmNybDAN -BgkqhkiG9w0BAQsFAAOCAQEADlkOWOR0SCNEzzQhtZwUGq2aS7eziG1cqRdw8Cqf -jXv5e4X6xznoEAiwNStfzwLS05zICx7uBVSuN5MECX1sj8J0vPgclL4xAUAt8yQg -t4RVLFzI9XRKEBmLo8ftNdYJSNMOwLo5qLBGArDbxohZwr78e7Erz35ih1WWzAFv -m2chlTWL+BD8cRu3SzdppjvW7IvuwbDzJcmPkn2h6sPKRL8mpXSSnON065102ctN -h9j8tGlsi6BDB2B4l+nZk3zCRrybN1Kj7Yo8E6l7U0tJmhEFLAtuVqwfLoJs4Gln -tQ5tLdnkwBXxP/oYcuEVbSdbLTAoK59ImmQrme/ydUlfXA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEMzCCAxugAwIBAgIDCYPzMA0GCSqGSIb3DQEBCwUAME0xCzAJBgNVBAYTAkRF -MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxJzAlBgNVBAMMHkQtVFJVU1QgUm9vdCBD -bGFzcyAzIENBIDIgMjAwOTAeFw0wOTExMDUwODM1NThaFw0yOTExMDUwODM1NTha -ME0xCzAJBgNVBAYTAkRFMRUwEwYDVQQKDAxELVRydXN0IEdtYkgxJzAlBgNVBAMM -HkQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgMjAwOTCCASIwDQYJKoZIhvcNAQEB -BQADggEPADCCAQoCggEBANOySs96R+91myP6Oi/WUEWJNTrGa9v+2wBoqOADER03 -UAifTUpolDWzU9GUY6cgVq/eUXjsKj3zSEhQPgrfRlWLJ23DEE0NkVJD2IfgXU42 -tSHKXzlABF9bfsyjxiupQB7ZNoTWSPOSHjRGICTBpFGOShrvUD9pXRl/RcPHAY9R -ySPocq60vFYJfxLLHLGvKZAKyVXMD9O0Gu1HNVpK7ZxzBCHQqr0ME7UAyiZsxGsM -lFqVlNpQmvH/pStmMaTJOKDfHR+4CS7zp+hnUquVH+BGPtikw8paxTGA6Eian5Rp -/hnd2HN8gcqW3o7tszIFZYQ05ub9VxC1X3a/L7AQDcUCAwEAAaOCARowggEWMA8G -A1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFP3aFMSfMN4hvR5COfyrYyNJ4PGEMA4G -A1UdDwEB/wQEAwIBBjCB0wYDVR0fBIHLMIHIMIGAoH6gfIZ6bGRhcDovL2RpcmVj -dG9yeS5kLXRydXN0Lm5ldC9DTj1ELVRSVVNUJTIwUm9vdCUyMENsYXNzJTIwMyUy -MENBJTIwMiUyMDIwMDksTz1ELVRydXN0JTIwR21iSCxDPURFP2NlcnRpZmljYXRl -cmV2b2NhdGlvbmxpc3QwQ6BBoD+GPWh0dHA6Ly93d3cuZC10cnVzdC5uZXQvY3Js -L2QtdHJ1c3Rfcm9vdF9jbGFzc18zX2NhXzJfMjAwOS5jcmwwDQYJKoZIhvcNAQEL -BQADggEBAH+X2zDI36ScfSF6gHDOFBJpiBSVYEQBrLLpME+bUMJm2H6NMLVwMeni -acfzcNsgFYbQDfC+rAF1hM5+n02/t2A7nPPKHeJeaNijnZflQGDSNiH+0LS4F9p0 -o3/U37CYAqxva2ssJSRyoWXuJVrl5jLn8t+rSfrzkGkj2wTZ51xY/GXUl77M/C4K -zCUqNQT4YJEVdT1B/yMfGchs64JTBKbkTCJNjYy6zltz7GRUUG3RnFX7acM2w4y8 -PIWmawomDeCTmGCufsYkl4phX5GOZpIJhzbNi5stPvZR1FDUWSi9g/LMKHtThm3Y -Johw1+qRzT65ysCQblrGXnRl11z+o+I= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEQzCCAyugAwIBAgIDCYP0MA0GCSqGSIb3DQEBCwUAMFAxCzAJBgNVBAYTAkRF -MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxKjAoBgNVBAMMIUQtVFJVU1QgUm9vdCBD -bGFzcyAzIENBIDIgRVYgMjAwOTAeFw0wOTExMDUwODUwNDZaFw0yOTExMDUwODUw -NDZaMFAxCzAJBgNVBAYTAkRFMRUwEwYDVQQKDAxELVRydXN0IEdtYkgxKjAoBgNV -BAMMIUQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgRVYgMjAwOTCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAJnxhDRwui+3MKCOvXwEz75ivJn9gpfSegpn -ljgJ9hBOlSJzmY3aFS3nBfwZcyK3jpgAvDw9rKFs+9Z5JUut8Mxk2og+KbgPCdM0 -3TP1YtHhzRnp7hhPTFiu4h7WDFsVWtg6uMQYZB7jM7K1iXdODL/ZlGsTl28So/6Z -qQTMFexgaDbtCHu39b+T7WYxg4zGcTSHThfqr4uRjRxWQa4iN1438h3Z0S0NL2lR -p75mpoo6Kr3HGrHhFPC+Oh25z1uxav60sUYgovseO3Dvk5h9jHOW8sXvhXCtKSb8 -HgQ+HKDYD8tSg2J87otTlZCpV6LqYQXY+U3EJ/pure3511H3a6UCAwEAAaOCASQw -ggEgMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNOUikxiEyoZLsyvcop9Ntea -HNxnMA4GA1UdDwEB/wQEAwIBBjCB3QYDVR0fBIHVMIHSMIGHoIGEoIGBhn9sZGFw -Oi8vZGlyZWN0b3J5LmQtdHJ1c3QubmV0L0NOPUQtVFJVU1QlMjBSb290JTIwQ2xh -c3MlMjAzJTIwQ0ElMjAyJTIwRVYlMjAyMDA5LE89RC1UcnVzdCUyMEdtYkgsQz1E -RT9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0MEagRKBChkBodHRwOi8vd3d3LmQt -dHJ1c3QubmV0L2NybC9kLXRydXN0X3Jvb3RfY2xhc3NfM19jYV8yX2V2XzIwMDku -Y3JsMA0GCSqGSIb3DQEBCwUAA4IBAQA07XtaPKSUiO8aEXUHL7P+PPoeUSbrh/Yp -3uDx1MYkCenBz1UbtDDZzhr+BlGmFaQt77JLvyAoJUnRpjZ3NOhk31KxEcdzes05 -nsKtjHEh8lprr988TlWvsoRlFIm5d8sqMb7Po23Pb0iUMkZv53GMoKaEGTcH8gNF -CSuGdXzfX2lXANtu2KZyIktQ1HWYVt+3GP9DQ1CuekR78HlR10M9p9OB0/DJT7na -xpeG0ILD5EJt/rDiZE4OJudANCa1CInXCGNjOCd1HjPqbqjdn5lPdE2BiYBL3ZqX -KVwvvoFBuYz/6n1gBp7N1z3TLqMVvKjmJuVvw9y4AyHqnxbxLFS1 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/ -MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT -DkRTVCBSb290IENBIFgzMB4XDTAwMDkzMDIxMTIxOVoXDTIxMDkzMDE0MDExNVow -PzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQD -Ew5EU1QgUm9vdCBDQSBYMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB -AN+v6ZdQCINXtMxiZfaQguzH0yxrMMpb7NnDfcdAwRgUi+DoM3ZJKuM/IUmTrE4O -rz5Iy2Xu/NMhD2XSKtkyj4zl93ewEnu1lcCJo6m67XMuegwGMoOifooUMM0RoOEq -OLl5CjH9UL2AZd+3UWODyOKIYepLYYHsUmu5ouJLGiifSKOeDNoJjj4XLh7dIN9b -xiqKqy69cK3FCxolkHRyxXtqqzTWMIn/5WgTe1QLyNau7Fqckh49ZLOMxt+/yUFw -7BZy1SbsOFU5Q9D8/RhcQPGX69Wam40dutolucbY38EVAjqr2m7xPi71XAicPNaD -aeQQmxkqtilX4+U9m5/wAl0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNV -HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMSnsaR7LHH62+FLkHX/xBVghYkQMA0GCSqG -SIb3DQEBBQUAA4IBAQCjGiybFwBcqR7uKGY3Or+Dxz9LwwmglSBd49lZRNI+DT69 -ikugdB/OEIKcdBodfpga3csTS7MgROSR6cz8faXbauX+5v3gTt23ADq1cEmv8uXr -AvHRAosZy5Q6XkjEGB5YGV8eAlrwDPGxrancWYaLbumR9YbK+rlmM6pZW87ipxZz -R8srzJmwN0jP41ZL9c8PDHIyh8bwRLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5 -JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubSfZGL+T0yjWW06XyxV3bqxbYo -Ob8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDnzCCAoegAwIBAgIBJjANBgkqhkiG9w0BAQUFADBxMQswCQYDVQQGEwJERTEc -MBoGA1UEChMTRGV1dHNjaGUgVGVsZWtvbSBBRzEfMB0GA1UECxMWVC1UZWxlU2Vj -IFRydXN0IENlbnRlcjEjMCEGA1UEAxMaRGV1dHNjaGUgVGVsZWtvbSBSb290IENB -IDIwHhcNOTkwNzA5MTIxMTAwWhcNMTkwNzA5MjM1OTAwWjBxMQswCQYDVQQGEwJE -RTEcMBoGA1UEChMTRGV1dHNjaGUgVGVsZWtvbSBBRzEfMB0GA1UECxMWVC1UZWxl -U2VjIFRydXN0IENlbnRlcjEjMCEGA1UEAxMaRGV1dHNjaGUgVGVsZWtvbSBSb290 -IENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrC6M14IspFLEU -ha88EOQ5bzVdSq7d6mGNlUn0b2SjGmBmpKlAIoTZ1KXleJMOaAGtuU1cOs7TuKhC -QN/Po7qCWWqSG6wcmtoIKyUn+WkjR/Hg6yx6m/UTAtB+NHzCnjwAWav12gz1Mjwr -rFDa1sPeg5TKqAyZMg4ISFZbavva4VhYAUlfckE8FQYBjl2tqriTtM2e66foai1S -NNs671x1Udrb8zH57nGYMsRUFUQM+ZtV7a3fGAigo4aKSe5TBY8ZTNXeWHmb0moc -QqvF1afPaA+W5OFhmHZhyJF81j4A4pFQh+GdCuatl9Idxjp9y7zaAzTVjlsB9WoH -txa2bkp/AgMBAAGjQjBAMB0GA1UdDgQWBBQxw3kbuvVT1xfgiXotF2wKsyudMzAP -BgNVHRMECDAGAQH/AgEFMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOC -AQEAlGRZrTlk5ynrE/5aw4sTV8gEJPB0d8Bg42f76Ymmg7+Wgnxu1MM9756Abrsp -tJh6sTtU6zkXR34ajgv8HzFZMQSyzhfzLMdiNlXiItiJVbSYSKpk+tYcNthEeFpa -IzpXl/V6ME+un2pMSyuOoAPjPuCp1NJ70rOo4nI8rZ7/gFnkm0W09juwzTkZmDLl -6iFhkOQxIY40sfcvNUqFENrnijchvllj4PKFiDFT1FQUhXB59C4Gdyd1Lx+4ivn+ -xbrYNuSD7Odlt79jWvNGr4GUN9RBjNYj1h7P9WgbRGOiWrqnNVmh5XAFmw4jV5mU -Cm26OWMohpLzGITY+9HPBVZkVw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDtzCCAp+gAwIBAgIQDOfg5RfYRv6P5WD8G/AwOTANBgkqhkiG9w0BAQUFADBl -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv -b3QgQ0EwHhcNMDYxMTEwMDAwMDAwWhcNMzExMTEwMDAwMDAwWjBlMQswCQYDVQQG -EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNl -cnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgQ0EwggEi -MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtDhXO5EOAXLGH87dg+XESpa7c -JpSIqvTO9SA5KFhgDPiA2qkVlTJhPLWxKISKityfCgyDF3qPkKyK53lTXDGEKvYP -mDI2dsze3Tyoou9q+yHyUmHfnyDXH+Kx2f4YZNISW1/5WBg1vEfNoTb5a3/UsDg+ -wRvDjDPZ2C8Y/igPs6eD1sNuRMBhNZYW/lmci3Zt1/GiSw0r/wty2p5g0I6QNcZ4 -VYcgoc/lbQrISXwxmDNsIumH0DJaoroTghHtORedmTpyoeb6pNnVFzF1roV9Iq4/ -AUaG9ih5yLHa5FcXxH4cDrC0kqZWs72yl+2qp/C3xag/lRbQ/6GW6whfGHdPAgMB -AAGjYzBhMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQW -BBRF66Kv9JLLgjEtUYunpyGd823IDzAfBgNVHSMEGDAWgBRF66Kv9JLLgjEtUYun -pyGd823IDzANBgkqhkiG9w0BAQUFAAOCAQEAog683+Lt8ONyc3pklL/3cmbYMuRC -dWKuh+vy1dneVrOfzM4UKLkNl2BcEkxY5NM9g0lFWJc1aRqoR+pWxnmrEthngYTf -fwk8lOa4JiwgvT2zKIn3X/8i4peEH+ll74fg38FnSbNd67IJKusm7Xi+fT8r87cm -NW1fiQG2SVufAQWbqz0lwcy2f8Lxb4bG+mRo64EtlOtCt/qMHt1i8b5QZ7dsvfPx -H2sMNgcWfzd8qVttevESRmCD1ycEvkvOl77DZypoEd+A5wwzZr8TDRRu838fYxAe -+o0bJW1sj6W3YQGx0qMmoRBxna3iw/nDmVG3KwcIzi7mULKn+gpFL6Lw8g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDljCCAn6gAwIBAgIQC5McOtY5Z+pnI7/Dr5r0SzANBgkqhkiG9w0BAQsFADBl -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv -b3QgRzIwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1MTIwMDAwWjBlMQswCQYDVQQG -EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNl -cnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgRzIwggEi -MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ5ygvUj82ckmIkzTz+GoeMVSA -n61UQbVH35ao1K+ALbkKz3X9iaV9JPrjIgwrvJUXCzO/GU1BBpAAvQxNEP4Htecc -biJVMWWXvdMX0h5i89vqbFCMP4QMls+3ywPgym2hFEwbid3tALBSfK+RbLE4E9Hp -EgjAALAcKxHad3A2m67OeYfcgnDmCXRwVWmvo2ifv922ebPynXApVfSr/5Vh88lA -bx3RvpO704gqu52/clpWcTs/1PPRCv4o76Pu2ZmvA9OPYLfykqGxvYmJHzDNw6Yu -YjOuFgJ3RFrngQo8p0Quebg/BLxcoIfhG69Rjs3sLPr4/m3wOnyqi+RnlTGNAgMB -AAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQW -BBTOw0q5mVXyuNtgv6l+vVa1lzan1jANBgkqhkiG9w0BAQsFAAOCAQEAyqVVjOPI -QW5pJ6d1Ee88hjZv0p3GeDgdaZaikmkuOGybfQTUiaWxMTeKySHMq2zNixya1r9I -0jJmwYrA8y8678Dj1JGG0VDjA9tzd29KOVPt3ibHtX2vK0LRdWLjSisCx1BL4Gni -lmwORGYQRI+tBev4eaymG+g3NJ1TyWGqolKvSnAWhsI6yLETcDbYz+70CjTVW0z9 -B5yiutkBclzzTcHdDrEcDcRjvq30FPuJ7KJBDkzMyFdA0G4Dqs0MjomZmWzwPDCv -ON9vvKO+KSAnq3T/EyJ43pdSVR6DtVQgA+6uwE9W3jfMw3+qBCe703e4YtsXfJwo -IhNzbM8m9Yop5w== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICRjCCAc2gAwIBAgIQC6Fa+h3foLVJRK/NJKBs7DAKBggqhkjOPQQDAzBlMQsw -CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu -ZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3Qg -RzMwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1MTIwMDAwWjBlMQswCQYDVQQGEwJV -UzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQu -Y29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgRzMwdjAQBgcq -hkjOPQIBBgUrgQQAIgNiAAQZ57ysRGXtzbg/WPuNsVepRC0FFfLvC/8QdJ+1YlJf -Zn4f5dwbRXkLzMZTCp2NXQLZqVneAlr2lSoOjThKiknGvMYDOAdfVdp+CW7if17Q -RSAPWXYQ1qAk8C3eNvJsKTmjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/ -BAQDAgGGMB0GA1UdDgQWBBTL0L2p4ZgFUaFNN6KDec6NHSrkhDAKBggqhkjOPQQD -AwNnADBkAjAlpIFFAmsSS3V0T8gj43DydXLefInwz5FyYZ5eEJJZVrmDxxDnOOlY -JjZ91eQ0hjkCMHw2U/Aw5WJjOpnitqM7mzT6HtoQknFekROn3aRukswy1vUhZscv -6pZjamVFkpUBtA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD -QTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT -MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j -b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG -9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB -CSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97 -nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt -43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P -T19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4 -gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO -BgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR -TLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw -DQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr -hMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg -06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF -PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls -YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk -CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDjjCCAnagAwIBAgIQAzrx5qcRqaC7KGSxHQn65TANBgkqhkiG9w0BAQsFADBh -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH -MjAeFw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAwMDBaMGExCzAJBgNVBAYTAlVT -MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j -b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEcyMIIBIjANBgkqhkiG -9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzfNNNx7a8myaJCtSnX/RrohCgiN9RlUyfuI -2/Ou8jqJkTx65qsGGmvPrC3oXgkkRLpimn7Wo6h+4FR1IAWsULecYxpsMNzaHxmx -1x7e/dfgy5SDN67sH0NO3Xss0r0upS/kqbitOtSZpLYl6ZtrAGCSYP9PIUkY92eQ -q2EGnI/yuum06ZIya7XzV+hdG82MHauVBJVJ8zUtluNJbd134/tJS7SsVQepj5Wz -tCO7TG1F8PapspUwtP1MVYwnSlcUfIKdzXOS0xZKBgyMUNGPHgm+F6HmIcr9g+UQ -vIOlCsRnKPZzFBQ9RnbDhxSJITRNrw9FDKZJobq7nMWxM4MphQIDAQABo0IwQDAP -BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUTiJUIBiV -5uNu5g/6+rkS7QYXjzkwDQYJKoZIhvcNAQELBQADggEBAGBnKJRvDkhj6zHd6mcY -1Yl9PMWLSn/pvtsrF9+wX3N3KjITOYFnQoQj8kVnNeyIv/iPsGEMNKSuIEyExtv4 -NeF22d+mQrvHRAiGfzZ0JFrabA0UWTW98kndth/Jsw1HKj2ZL7tcu7XUIOGZX1NG -Fdtom/DzMNU+MeKNhJ7jitralj41E6Vf8PlwUHBHQRFXGU7Aj64GxJUTFy8bJZ91 -8rGOmaFvE7FBcf6IKshPECBV1/MUReXgRPTqh5Uykw7+U0b6LJ3/iyK5S9kJRaTe -pLiaWN0bfVKfjllDiIGknibVb63dDcY3fe0Dkhvld1927jyNxF1WW6LZZm6zNTfl -MrY= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICPzCCAcWgAwIBAgIQBVVWvPJepDU1w6QP1atFcjAKBggqhkjOPQQDAzBhMQsw -CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu -ZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBHMzAe -Fw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAwMDBaMGExCzAJBgNVBAYTAlVTMRUw -EwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20x -IDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEczMHYwEAYHKoZIzj0CAQYF -K4EEACIDYgAE3afZu4q4C/sLfyHS8L6+c/MzXRq8NOrexpu80JX28MzQC7phW1FG -fp4tn+6OYwwX7Adw9c+ELkCDnOg/QW07rdOkFFk2eJ0DQ+4QE2xy3q6Ip6FrtUPO -Z9wj/wMco+I+o0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAd -BgNVHQ4EFgQUs9tIpPmhxdiuNkHMEWNpYim8S8YwCgYIKoZIzj0EAwMDaAAwZQIx -AK288mw/EkrRLTnDCgmXc/SINoyIJ7vmiI1Qhadj+Z4y3maTD/HMsQmP3Wyr+mt/ -oAIwOWZbwmSNuJ5Q3KjVSaLtx9zRSX8XAbjIho9OjIgrqJqpisXRAL34VOKa5Vt8 -sycX ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDxTCCAq2gAwIBAgIQAqxcJmoLQJuPC3nyrkYldzANBgkqhkiG9w0BAQUFADBs -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j -ZSBFViBSb290IENBMB4XDTA2MTExMDAwMDAwMFoXDTMxMTExMDAwMDAwMFowbDEL -MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3 -LmRpZ2ljZXJ0LmNvbTErMCkGA1UEAxMiRGlnaUNlcnQgSGlnaCBBc3N1cmFuY2Ug -RVYgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMbM5XPm -+9S75S0tMqbf5YE/yc0lSbZxKsPVlDRnogocsF9ppkCxxLeyj9CYpKlBWTrT3JTW -PNt0OKRKzE0lgvdKpVMSOO7zSW1xkX5jtqumX8OkhPhPYlG++MXs2ziS4wblCJEM -xChBVfvLWokVfnHoNb9Ncgk9vjo4UFt3MRuNs8ckRZqnrG0AFFoEt7oT61EKmEFB -Ik5lYYeBQVCmeVyJ3hlKV9Uu5l0cUyx+mM0aBhakaHPQNAQTXKFx01p8VdteZOE3 -hzBWBOURtCmAEvF5OYiiAhF8J2a3iLd48soKqDirCmTCv2ZdlYTBoSUeh10aUAsg -EsxBu24LUTi4S8sCAwEAAaNjMGEwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQF -MAMBAf8wHQYDVR0OBBYEFLE+w2kD+L9HAdSYJhoIAu9jZCvDMB8GA1UdIwQYMBaA -FLE+w2kD+L9HAdSYJhoIAu9jZCvDMA0GCSqGSIb3DQEBBQUAA4IBAQAcGgaX3Nec -nzyIZgYIVyHbIUf4KmeqvxgydkAQV8GK83rZEWWONfqe/EW1ntlMMUu4kehDLI6z -eM7b41N5cdblIZQB2lWHmiRk9opmzN6cN82oNLFpmyPInngiK3BD41VHMWEZ71jF -hS9OMPagMRYjyOfiZRYzy78aG6A9+MpeizGLYAiJLQwGXFK3xPkKmNEVX58Svnw2 -Yzi9RKR/5CYrCsSXaQ3pjOLAEFe4yHYSkVXySGnYvCoCWw9E1CAx2/S6cCZdkGCe -vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep -+OkuE6N36B9K ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFkDCCA3igAwIBAgIQBZsbV56OITLiOQe9p3d1XDANBgkqhkiG9w0BAQwFADBi -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSEwHwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3Qg -RzQwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1MTIwMDAwWjBiMQswCQYDVQQGEwJV -UzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQu -Y29tMSEwHwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3QgRzQwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQC/5pBzaN675F1KPDAiMGkz7MKnJS7JIT3y -ithZwuEppz1Yq3aaza57G4QNxDAf8xukOBbrVsaXbR2rsnnyyhHS5F/WBTxSD1If -xp4VpX6+n6lXFllVcq9ok3DCsrp1mWpzMpTREEQQLt+C8weE5nQ7bXHiLQwb7iDV -ySAdYyktzuxeTsiT+CFhmzTrBcZe7FsavOvJz82sNEBfsXpm7nfISKhmV1efVFiO -DCu3T6cw2Vbuyntd463JT17lNecxy9qTXtyOj4DatpGYQJB5w3jHtrHEtWoYOAMQ -jdjUN6QuBX2I9YI+EJFwq1WCQTLX2wRzKm6RAXwhTNS8rhsDdV14Ztk6MUSaM0C/ -CNdaSaTC5qmgZ92kJ7yhTzm1EVgX9yRcRo9k98FpiHaYdj1ZXUJ2h4mXaXpI8OCi -EhtmmnTK3kse5w5jrubU75KSOp493ADkRSWJtppEGSt+wJS00mFt6zPZxd9LBADM -fRyVw4/3IbKyEbe7f/LVjHAsQWCqsWMYRJUadmJ+9oCw++hkpjPRiQfhvbfmQ6QY -uKZ3AeEPlAwhHbJUKSWJbOUOUlFHdL4mrLZBdd56rF+NP8m800ERElvlEFDrMcXK -chYiCd98THU/Y+whX8QgUWtvsauGi0/C1kVfnSD8oR7FwI+isX4KJpn15GkvmB0t -9dmpsh3lGwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB -hjAdBgNVHQ4EFgQU7NfjgtJxXWRM3y5nP+e6mK4cD08wDQYJKoZIhvcNAQEMBQAD -ggIBALth2X2pbL4XxJEbw6GiAI3jZGgPVs93rnD5/ZpKmbnJeFwMDF/k5hQpVgs2 -SV1EY+CtnJYYZhsjDT156W1r1lT40jzBQ0CuHVD1UvyQO7uYmWlrx8GnqGikJ9yd -+SeuMIW59mdNOj6PWTkiU0TryF0Dyu1Qen1iIQqAyHNm0aAFYF/opbSnr6j3bTWc -fFqK1qI4mfN4i/RN0iAL3gTujJtHgXINwBQy7zBZLq7gcfJW5GqXb5JQbZaNaHqa -sjYUegbyJLkJEVDXCLG4iXqEI2FCKeWjzaIgQdfRnGTZ6iahixTXTBmyUEFxPT9N -cCOGDErcgdLMMpSEDQgJlxxPwO5rIHQw0uA5NBCFIRUBCOhVMt5xSdkoF1BN5r5N -0XWs0Mr7QbhDparTwwVETyw2m+L64kW4I1NsBm9nVX9GtUw/bihaeSbSpKhil9Ie -4u1Ki7wb/UdKDd9nZn6yW0HQO+T0O/QEY+nvwlQAUaCKKsnOeMzV6ocEGLPOr0mI -r/OSmbaz5mEP0oUA51Aa5BuVnRmhuZyxm7EAHu/QD09CbMkKvO5D+jpxpchNJqU1 -/YldvIViHTLSoCtU7ZpXwdv6EM8Zt4tKG48BtieVU+i2iW1bvGjUI+iLUaJW+fCm -gKDWHrO8Dw9TdSmq6hN35N6MgSGtBxBHEa2HPQfRdbzP82Z+ ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIGSzCCBDOgAwIBAgIIamg+nFGby1MwDQYJKoZIhvcNAQELBQAwgbIxCzAJBgNV -BAYTAlRSMQ8wDQYDVQQHDAZBbmthcmExQDA+BgNVBAoMN0UtVHXEn3JhIEVCRyBC -aWxpxZ9pbSBUZWtub2xvamlsZXJpIHZlIEhpem1ldGxlcmkgQS7Fni4xJjAkBgNV -BAsMHUUtVHVncmEgU2VydGlmaWthc3lvbiBNZXJrZXppMSgwJgYDVQQDDB9FLVR1 -Z3JhIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTEzMDMwNTEyMDk0OFoXDTIz -MDMwMzEyMDk0OFowgbIxCzAJBgNVBAYTAlRSMQ8wDQYDVQQHDAZBbmthcmExQDA+ -BgNVBAoMN0UtVHXEn3JhIEVCRyBCaWxpxZ9pbSBUZWtub2xvamlsZXJpIHZlIEhp -em1ldGxlcmkgQS7Fni4xJjAkBgNVBAsMHUUtVHVncmEgU2VydGlmaWthc3lvbiBN -ZXJrZXppMSgwJgYDVQQDDB9FLVR1Z3JhIENlcnRpZmljYXRpb24gQXV0aG9yaXR5 -MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA4vU/kwVRHoViVF56C/UY -B4Oufq9899SKa6VjQzm5S/fDxmSJPZQuVIBSOTkHS0vdhQd2h8y/L5VMzH2nPbxH -D5hw+IyFHnSOkm0bQNGZDbt1bsipa5rAhDGvykPL6ys06I+XawGb1Q5KCKpbknSF -Q9OArqGIW66z6l7LFpp3RMih9lRozt6Plyu6W0ACDGQXwLWTzeHxE2bODHnv0ZEo -q1+gElIwcxmOj+GMB6LDu0rw6h8VqO4lzKRG+Bsi77MOQ7osJLjFLFzUHPhdZL3D -k14opz8n8Y4e0ypQBaNV2cvnOVPAmJ6MVGKLJrD3fY185MaeZkJVgkfnsliNZvcH -fC425lAcP9tDJMW/hkd5s3kc91r0E+xs+D/iWR+V7kI+ua2oMoVJl0b+SzGPWsut -dEcf6ZG33ygEIqDUD13ieU/qbIWGvaimzuT6w+Gzrt48Ue7LE3wBf4QOXVGUnhMM -ti6lTPk5cDZvlsouDERVxcr6XQKj39ZkjFqzAQqptQpHF//vkUAqjqFGOjGY5RH8 -zLtJVor8udBhmm9lbObDyz51Sf6Pp+KJxWfXnUYTTjF2OySznhFlhqt/7x3U+Lzn -rFpct1pHXFXOVbQicVtbC/DP3KBhZOqp12gKY6fgDT+gr9Oq0n7vUaDmUStVkhUX -U8u3Zg5mTPj5dUyQ5xJwx0UCAwEAAaNjMGEwHQYDVR0OBBYEFC7j27JJ0JxUeVz6 -Jyr+zE7S6E5UMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAULuPbsknQnFR5 -XPonKv7MTtLoTlQwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4ICAQAF -Nzr0TbdF4kV1JI+2d1LoHNgQk2Xz8lkGpD4eKexd0dCrfOAKkEh47U6YA5n+KGCR -HTAduGN8qOY1tfrTYXbm1gdLymmasoR6d5NFFxWfJNCYExL/u6Au/U5Mh/jOXKqY -GwXgAEZKgoClM4so3O0409/lPun++1ndYYRP0lSWE2ETPo+Aab6TR7U1Q9Jauz1c -77NCR807VRMGsAnb/WP2OogKmW9+4c4bU2pEZiNRCHu8W1Ki/QY3OEBhj0qWuJA3 -+GbHeJAAFS6LrVE1Uweoa2iu+U48BybNCAVwzDk/dr2l02cmAYamU9JgO3xDf1WK -vJUawSg5TB9D0pH0clmKuVb8P7Sd2nCcdlqMQ1DujjByTd//SffGqWfZbawCEeI6 -FiWnWAjLb1NBnEg4R2gz0dfHj9R0IdTDBZB6/86WiLEVKV0jq9BgoRJP3vQXzTLl -yb/IQ639Lo7xr+L0mPoSHyDYwKcMhcWQ9DstliaxLL5Mq+ux0orJ23gTDx4JnW2P -AJ8C2sH6H3p6CcRK5ogql5+Ji/03X186zjhZhkuvcQu02PJwT58yE+Owp1fl2tpD -y4Q08ijE6m30Ku/Ba3ba+367hTzSU8JNvnHhRdH9I2cNE3X7z2VnIp2usAnRCf8d -NL/+I5c30jn6PQ0GC7TbO6Orb1wdtn7os4I07QZcJA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFVjCCBD6gAwIBAgIQ7is969Qh3hSoYqwE893EATANBgkqhkiG9w0BAQUFADCB -8zELMAkGA1UEBhMCRVMxOzA5BgNVBAoTMkFnZW5jaWEgQ2F0YWxhbmEgZGUgQ2Vy -dGlmaWNhY2lvIChOSUYgUS0wODAxMTc2LUkpMSgwJgYDVQQLEx9TZXJ2ZWlzIFB1 -YmxpY3MgZGUgQ2VydGlmaWNhY2lvMTUwMwYDVQQLEyxWZWdldSBodHRwczovL3d3 -dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbCAoYykwMzE1MDMGA1UECxMsSmVyYXJxdWlh -IEVudGl0YXRzIGRlIENlcnRpZmljYWNpbyBDYXRhbGFuZXMxDzANBgNVBAMTBkVD -LUFDQzAeFw0wMzAxMDcyMzAwMDBaFw0zMTAxMDcyMjU5NTlaMIHzMQswCQYDVQQG -EwJFUzE7MDkGA1UEChMyQWdlbmNpYSBDYXRhbGFuYSBkZSBDZXJ0aWZpY2FjaW8g -KE5JRiBRLTA4MDExNzYtSSkxKDAmBgNVBAsTH1NlcnZlaXMgUHVibGljcyBkZSBD -ZXJ0aWZpY2FjaW8xNTAzBgNVBAsTLFZlZ2V1IGh0dHBzOi8vd3d3LmNhdGNlcnQu -bmV0L3ZlcmFycmVsIChjKTAzMTUwMwYDVQQLEyxKZXJhcnF1aWEgRW50aXRhdHMg -ZGUgQ2VydGlmaWNhY2lvIENhdGFsYW5lczEPMA0GA1UEAxMGRUMtQUNDMIIBIjAN -BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyLHT+KXQpWIR4NA9h0X84NzJB5R -85iKw5K4/0CQBXCHYMkAqbWUZRkiFRfCQ2xmRJoNBD45b6VLeqpjt4pEndljkYRm -4CgPukLjbo73FCeTae6RDqNfDrHrZqJyTxIThmV6PttPB/SnCWDaOkKZx7J/sxaV -HMf5NLWUhdWZXqBIoH7nF2W4onW4HvPlQn2v7fOKSGRdghST2MDk/7NQcvJ29rNd -QlB50JQ+awwAvthrDk4q7D7SzIKiGGUzE3eeml0aE9jD2z3Il3rucO2n5nzbcc8t -lGLfbdb1OL4/pYUKGbio2Al1QnDE6u/LDsg0qBIimAy4E5S2S+zw0JDnJwIDAQAB -o4HjMIHgMB0GA1UdEQQWMBSBEmVjX2FjY0BjYXRjZXJ0Lm5ldDAPBgNVHRMBAf8E -BTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUoMOLRKo3pUW/l4Ba0fF4 -opvpXY0wfwYDVR0gBHgwdjB0BgsrBgEEAfV4AQMBCjBlMCwGCCsGAQUFBwIBFiBo -dHRwczovL3d3dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbDA1BggrBgEFBQcCAjApGidW -ZWdldSBodHRwczovL3d3dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbCAwDQYJKoZIhvcN -AQEFBQADggEBAKBIW4IB9k1IuDlVNZyAelOZ1Vr/sXE7zDkJlF7W2u++AVtd0x7Y -/X1PzaBB4DSTv8vihpw3kpBWHNzrKQXlxJ7HNd+KDM3FIUPpqojlNcAZQmNaAl6k -SBg6hW/cnbw/nZzBh7h6YQjpdwt/cKt63dmXLGQehb+8dJahw3oS7AwaboMMPOhy -Rp/7SNVel+axofjk70YllJyJ22k4vuxcDlbHZVHlUIiIv0LVKz3l+bqeLrPK9HOS -Agu+TGbrIP65y7WZf+a2E/rKS03Z7lNGBjvGTq2TWoF+bCpLagVFjPIhpDGQh2xl -nJ2lYJU6Un/10asIbvPuW/mIPX64b24D5EI= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEAzCCAuugAwIBAgIQVID5oHPtPwBMyonY43HmSjANBgkqhkiG9w0BAQUFADB1 -MQswCQYDVQQGEwJFRTEiMCAGA1UECgwZQVMgU2VydGlmaXRzZWVyaW1pc2tlc2t1 -czEoMCYGA1UEAwwfRUUgQ2VydGlmaWNhdGlvbiBDZW50cmUgUm9vdCBDQTEYMBYG -CSqGSIb3DQEJARYJcGtpQHNrLmVlMCIYDzIwMTAxMDMwMTAxMDMwWhgPMjAzMDEy -MTcyMzU5NTlaMHUxCzAJBgNVBAYTAkVFMSIwIAYDVQQKDBlBUyBTZXJ0aWZpdHNl -ZXJpbWlza2Vza3VzMSgwJgYDVQQDDB9FRSBDZXJ0aWZpY2F0aW9uIENlbnRyZSBS -b290IENBMRgwFgYJKoZIhvcNAQkBFglwa2lAc2suZWUwggEiMA0GCSqGSIb3DQEB -AQUAA4IBDwAwggEKAoIBAQDIIMDs4MVLqwd4lfNE7vsLDP90jmG7sWLqI9iroWUy -euuOF0+W2Ap7kaJjbMeMTC55v6kF/GlclY1i+blw7cNRfdCT5mzrMEvhvH2/UpvO -bntl8jixwKIy72KyaOBhU8E2lf/slLo2rpwcpzIP5Xy0xm90/XsY6KxX7QYgSzIw -WFv9zajmofxwvI6Sc9uXp3whrj3B9UiHbCe9nyV0gVWw93X2PaRka9ZP585ArQ/d -MtO8ihJTmMmJ+xAdTX7Nfh9WDSFwhfYggx/2uh8Ej+p3iDXE/+pOoYtNP2MbRMNE -1CV2yreN1x5KZmTNXMWcg+HCCIia7E6j8T4cLNlsHaFLAgMBAAGjgYowgYcwDwYD -VR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFBLyWj7qVhy/ -zQas8fElyalL1BSZMEUGA1UdJQQ+MDwGCCsGAQUFBwMCBggrBgEFBQcDAQYIKwYB -BQUHAwMGCCsGAQUFBwMEBggrBgEFBQcDCAYIKwYBBQUHAwkwDQYJKoZIhvcNAQEF -BQADggEBAHv25MANqhlHt01Xo/6tu7Fq1Q+e2+RjxY6hUFaTlrg4wCQiZrxTFGGV -v9DHKpY5P30osxBAIWrEr7BSdxjhlthWXePdNl4dp1BUoMUq5KqMlIpPnTX/dqQG -E5Gion0ARD9V04I8GtVbvFZMIi5GQ4okQC3zErg7cBqklrkar4dBGmoYDQZPxz5u -uSlNDUmJEYcyW+ZLBMjkXOZ0c5RdFpgTlf7727FE5TpwrDdr5rMzcijJs1eg9gIW -iAYLtqZLICjU3j2LrTcFU3T+bsy8QxdxXvnFzBqpYe73dgzzcvRyrc9yAjYHR8/v -GVCJYMzpJJUPwssd8m92kMfMdcGWxZ0= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEKjCCAxKgAwIBAgIEOGPe+DANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChML -RW50cnVzdC5uZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNfMjA0OCBp -bmNvcnAuIGJ5IHJlZi4gKGxpbWl0cyBsaWFiLikxJTAjBgNVBAsTHChjKSAxOTk5 -IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNVBAMTKkVudHJ1c3QubmV0IENlcnRp -ZmljYXRpb24gQXV0aG9yaXR5ICgyMDQ4KTAeFw05OTEyMjQxNzUwNTFaFw0yOTA3 -MjQxNDE1MTJaMIG0MRQwEgYDVQQKEwtFbnRydXN0Lm5ldDFAMD4GA1UECxQ3d3d3 -LmVudHJ1c3QubmV0L0NQU18yMDQ4IGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxp -YWIuKTElMCMGA1UECxMcKGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDEzMDEG -A1UEAxMqRW50cnVzdC5uZXQgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgKDIwNDgp -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArU1LqRKGsuqjIAcVFmQq -K0vRvwtKTY7tgHalZ7d4QMBzQshowNtTK91euHaYNZOLGp18EzoOH1u3Hs/lJBQe -sYGpjX24zGtLA/ECDNyrpUAkAH90lKGdCCmziAv1h3edVc3kw37XamSrhRSGlVuX -MlBvPci6Zgzj/L24ScF2iUkZ/cCovYmjZy/Gn7xxGWC4LeksyZB2ZnuU4q941mVT -XTzWnLLPKQP5L6RQstRIzgUyVYr9smRMDuSYB3Xbf9+5CFVghTAp+XtIpGmG4zU/ -HoZdenoVve8AjhUiVBcAkCaTvA5JaJG/+EfTnZVCwQ5N328mz8MYIWJmQ3DW1cAH -4QIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV -HQ4EFgQUVeSB0RGAvtiJuQijMfmhJAkWuXAwDQYJKoZIhvcNAQEFBQADggEBADub -j1abMOdTmXx6eadNl9cZlZD7Bh/KM3xGY4+WZiT6QBshJ8rmcnPyT/4xmf3IDExo -U8aAghOY+rat2l098c5u9hURlIIM7j+VrxGrD9cv3h8Dj1csHsm7mhpElesYT6Yf -zX1XEC+bBAlahLVu2B064dae0Wx5XnkcFMXj0EyTO2U87d89vqbllRrDtRnDvV5b -u/8j72gZyxKTJ1wDLW8w0B62GqzeWvfRqqgnpv55gcR5mTNXuhKwqeBCbJPKVt7+ -bYQLCIt+jerXmCHG8+c8eS9enNFMFY3h7CI3zJpDC5fcgJCNs2ebb0gIFVbPv/Er -fF6adulZkMV8gzURZVE= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEkTCCA3mgAwIBAgIERWtQVDANBgkqhkiG9w0BAQUFADCBsDELMAkGA1UEBhMC -VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xOTA3BgNVBAsTMHd3dy5lbnRydXN0 -Lm5ldC9DUFMgaXMgaW5jb3Jwb3JhdGVkIGJ5IHJlZmVyZW5jZTEfMB0GA1UECxMW -KGMpIDIwMDYgRW50cnVzdCwgSW5jLjEtMCsGA1UEAxMkRW50cnVzdCBSb290IENl -cnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA2MTEyNzIwMjM0MloXDTI2MTEyNzIw -NTM0MlowgbAxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMTkw -NwYDVQQLEzB3d3cuZW50cnVzdC5uZXQvQ1BTIGlzIGluY29ycG9yYXRlZCBieSBy -ZWZlcmVuY2UxHzAdBgNVBAsTFihjKSAyMDA2IEVudHJ1c3QsIEluYy4xLTArBgNV -BAMTJEVudHJ1c3QgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASIwDQYJ -KoZIhvcNAQEBBQADggEPADCCAQoCggEBALaVtkNC+sZtKm9I35RMOVcF7sN5EUFo -Nu3s/poBj6E4KPz3EEZmLk0eGrEaTsbRwJWIsMn/MYszA9u3g3s+IIRe7bJWKKf4 -4LlAcTfFy0cOlypowCKVYhXbR9n10Cv/gkvJrT7eTNuQgFA/CYqEAOwwCj0Yzfv9 -KlmaI5UXLEWeH25DeW0MXJj+SKfFI0dcXv1u5x609mhF0YaDW6KKjbHjKYD+JXGI -rb68j6xSlkuqUY3kEzEZ6E5Nn9uss2rVvDlUccp6en+Q3X0dgNmBu1kmwhH+5pPi -94DkZfs0Nw4pgHBNrziGLp5/V6+eF67rHMsoIV+2HNjnogQi+dPa2MsCAwEAAaOB -sDCBrTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zArBgNVHRAEJDAi -gA8yMDA2MTEyNzIwMjM0MlqBDzIwMjYxMTI3MjA1MzQyWjAfBgNVHSMEGDAWgBRo -kORnpKZTgMeGZqTx90tD+4S9bTAdBgNVHQ4EFgQUaJDkZ6SmU4DHhmak8fdLQ/uE -vW0wHQYJKoZIhvZ9B0EABBAwDhsIVjcuMTo0LjADAgSQMA0GCSqGSIb3DQEBBQUA -A4IBAQCT1DCw1wMgKtD5Y+iRDAUgqV8ZyntyTtSx29CW+1RaGSwMCPeyvIWonX9t -O1KzKtvn1ISMY/YPyyYBkVBs9F8U4pN0wBOeMDpQ47RgxRzwIkSNcUesyBrJ6Zua -AGAT/3B+XxFNSRuzFVJ7yVTav52Vr2ua2J7p8eRDjeIRRDq/r72DQnNSi6q7pynP -9WQcCk3RvKqsnyrQ/39/2n3qse0wJcGE2jTSW3iDVuycNsMm4hH2Z0kdkquM++v/ -eu6FSqdQgPCnXEqULl8FmTxSQeDNtGPPAUO6nIPcj2A781q0tHuu2guQOHXvgR1m -0vdXcDazv/wor3ElhVsT/h5/WrQ8 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIC+TCCAoCgAwIBAgINAKaLeSkAAAAAUNCR+TAKBggqhkjOPQQDAzCBvzELMAkG -A1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3 -d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDEyIEVu -dHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEzMDEGA1UEAxMq -RW50cnVzdCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRUMxMB4XDTEy -MTIxODE1MjUzNloXDTM3MTIxODE1NTUzNlowgb8xCzAJBgNVBAYTAlVTMRYwFAYD -VQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQLEx9TZWUgd3d3LmVudHJ1c3QubmV0 -L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykgMjAxMiBFbnRydXN0LCBJbmMuIC0g -Zm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxMzAxBgNVBAMTKkVudHJ1c3QgUm9vdCBD -ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEVDMTB2MBAGByqGSM49AgEGBSuBBAAi -A2IABIQTydC6bUF74mzQ61VfZgIaJPRbiWlH47jCffHyAsWfoPZb1YsGGYZPUxBt -ByQnoaD41UcZYUx9ypMn6nQM72+WCf5j7HBdNq1nd67JnXxVRDqiY1Ef9eNi1KlH -Bz7MIKNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O -BBYEFLdj5xrdjekIplWDpOBqUEFlEUJJMAoGCCqGSM49BAMDA2cAMGQCMGF52OVC -R98crlOZF7ZvHH3hvxGU0QOIdeSNiaSKd0bebWHvAvX7td/M/k7//qnmpwIwW5nX -hTcGtXsI/esni0qU+eH6p44mCOh8kmhtc9hvJqwhAriZtyZBWyVgrtBIGu4G ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEPjCCAyagAwIBAgIESlOMKDANBgkqhkiG9w0BAQsFADCBvjELMAkGA1UEBhMC -VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50 -cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDA5IEVudHJ1c3Qs -IEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEyMDAGA1UEAxMpRW50cnVz -dCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzIwHhcNMDkwNzA3MTcy -NTU0WhcNMzAxMjA3MTc1NTU0WjCBvjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVu -dHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwt -dGVybXMxOTA3BgNVBAsTMChjKSAyMDA5IEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0 -aG9yaXplZCB1c2Ugb25seTEyMDAGA1UEAxMpRW50cnVzdCBSb290IENlcnRpZmlj -YXRpb24gQXV0aG9yaXR5IC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK -AoIBAQC6hLZy254Ma+KZ6TABp3bqMriVQRrJ2mFOWHLP/vaCeb9zYQYKpSfYs1/T -RU4cctZOMvJyig/3gxnQaoCAAEUesMfnmr8SVycco2gvCoe9amsOXmXzHHfV1IWN -cCG0szLni6LVhjkCsbjSR87kyUnEO6fe+1R9V77w6G7CebI6C1XiUJgWMhNcL3hW -wcKUs/Ja5CeanyTXxuzQmyWC48zCxEXFjJd6BmsqEZ+pCm5IO2/b1BEZQvePB7/1 -U1+cPvQXLOZprE4yTGJ36rfo5bs0vBmLrpxR57d+tVOxMyLlbc9wPBr64ptntoP0 -jaWvYkxN4FisZDQSA/i2jZRjJKRxAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAP -BgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRqciZ60B7vfec7aVHUbI2fkBJmqzAN -BgkqhkiG9w0BAQsFAAOCAQEAeZ8dlsa2eT8ijYfThwMEYGprmi5ZiXMRrEPR9RP/ -jTkrwPK9T3CMqS/qF8QLVJ7UG5aYMzyorWKiAHarWWluBh1+xLlEjZivEtRh2woZ -Rkfz6/djwUAFQKXSt/S1mja/qYh2iARVBCuch38aNzx+LaUa2NSJXsq9rD1s2G2v -1fN2D807iDginWyTmsQ9v4IbZT+mD12q/OWyFcq1rca8PdCE6OoGcrBNOTJ4vz4R -nAuknZoh8/CbCzB428Hch0P+vGOaysXCHMnHjf87ElgI5rY97HosTvuDls4MPGmH -VHOkc8KT/1EQrBVUAdj8BbGJoX90g5pJ19xOe4pIb4tF9g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFiDCCA3CgAwIBAgIIfQmX/vBH6nowDQYJKoZIhvcNAQELBQAwYjELMAkGA1UE -BhMCQ04xMjAwBgNVBAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZ -IENPLixMVEQuMR8wHQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMB4XDTE0 -MTEyNjA1MTMxNVoXDTQwMTIzMTE1NTk1OVowYjELMAkGA1UEBhMCQ04xMjAwBgNV -BAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZIENPLixMVEQuMR8w -HQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMIICIjANBgkqhkiG9w0BAQEF -AAOCAg8AMIICCgKCAgEA2aMW8Mh0dHeb7zMNOwZ+Vfy1YI92hhJCfVZmPoiC7XJj -Dp6L3TQsAlFRwxn9WVSEyfFrs0yw6ehGXTjGoqcuEVe6ghWinI9tsJlKCvLriXBj -TnnEt1u9ol2x8kECK62pOqPseQrsXzrj/e+APK00mxqriCZ7VqKChh/rNYmDf1+u -KU49tm7srsHwJ5uu4/Ts765/94Y9cnrrpftZTqfrlYwiOXnhLQiPzLyRuEH3FMEj -qcOtmkVEs7LXLM3GKeJQEK5cy4KOFxg2fZfmiJqwTTQJ9Cy5WmYqsBebnh52nUpm -MUHfP/vFBu8btn4aRjb3ZGM74zkYI+dndRTVdVeSN72+ahsmUPI2JgaQxXABZG12 -ZuGR224HwGGALrIuL4xwp9E7PLOR5G62xDtw8mySlwnNR30YwPO7ng/Wi64HtloP -zgsMR6flPri9fcebNaBhlzpBdRfMK5Z3KpIhHtmVdiBnaM8Nvd/WHwlqmuLMc3Gk -L30SgLdTMEZeS1SZD2fJpcjyIMGC7J0R38IC+xo70e0gmu9lZJIQDSri3nDxGGeC -jGHeuLzRL5z7D9Ar7Rt2ueQ5Vfj4oR24qoAATILnsn8JuLwwoC8N9VKejveSswoA -HQBUlwbgsQfZxw9cZX08bVlX5O2ljelAU58VS6Bx9hoh49pwBiFYFIeFd3mqgnkC -AwEAAaNCMEAwHQYDVR0OBBYEFOLJQJ9NzuiaoXzPDj9lxSmIahlRMA8GA1UdEwEB -/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQDRSVfg -p8xoWLoBDysZzY2wYUWsEe1jUGn4H3++Fo/9nesLqjJHdtJnJO29fDMylyrHBYZm -DRd9FBUb1Ov9H5r2XpdptxolpAqzkT9fNqyL7FeoPueBihhXOYV0GkLH6VsTX4/5 -COmSdI31R9KrO9b7eGZONn356ZLpBN79SWP8bfsUcZNnL0dKt7n/HipzcEYwv1ry -L3ml4Y0M2fmyYzeMN2WFcGpcWwlyua1jPLHd+PwyvzeG5LuOmCd+uh8W4XAR8gPf -JWIyJyYYMoSf/wA6E7qaTfRPuBRwIrHKK5DOKcFw9C+df/KQHtZa37dG/OaG+svg -IHZ6uqbL9XzeYqWxi+7egmaKTjowHz+Ay60nugxe19CxVsp3cbK1daFQqUBDF8Io -2c9Si1vIY9RCPqAzekYu9wogRlR+ak8x8YF+QnQ4ZXMn7sZ8uI7XpTrXmKGcjBBV -09tL7ECQ8s1uV9JiDnxXk7Gnbc2dg7sq5+W2O3FYrf3RRbxake5TFW/TRQl1brqQ -XR4EzzffHqhmsYzmIGrv/EhOdJhCrylvLmrH+33RZjEizIYAfmaDDEL0vTSSwxrq -T8p+ck0LcIymSLumoRT2+1hEmRSuqguTaaApJUqlyyvdimYHFngVV3Eb7PVHhPOe -MTd61X8kreS8/f3MboPoDKi3QWwH3b08hpcv0g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT -MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i -YWwgQ0EwHhcNMDIwNTIxMDQwMDAwWhcNMjIwNTIxMDQwMDAwWjBCMQswCQYDVQQG -EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMSR2VvVHJ1c3Qg -R2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2swYYzD9 -9BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9mOSm9BXiLnTjoBbdq -fnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIuT8rxh0PBFpVXLVDv -iS2Aelet8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6cJmTM386DGXHKTubU -1XupGc1V3sjs0l44U+VcT4wt/lAjNvxm5suOpDkZALeVAjmRCw7+OC7RHQWa9k0+ -bw8HHa8sHo9gOeL6NlMTOdReJivbPagUvTLrGAMoUgRx5aszPeE4uwc2hGKceeoW -MPRfwCvocWvk+QIDAQABo1MwUTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTA -ephojYn7qwVkDBF9qn1luMrMTjAfBgNVHSMEGDAWgBTAephojYn7qwVkDBF9qn1l -uMrMTjANBgkqhkiG9w0BAQUFAAOCAQEANeMpauUvXVSOKVCUn5kaFOSPeCpilKIn -Z57QzxpeR+nBsqTP3UEaBU6bS+5Kb1VSsyShNwrrZHYqLizz/Tt1kL/6cdjHPTfS -tQWVYrmm3ok9Nns4d0iXrKYgjy6myQzCsplFAMfOEVEiIuCl6rYVSAlk6l5PdPcF -PseKUgzbFbS9bZvlxrFUaKnjaZC2mqUPuLk/IH2uSrW4nOQdtqvmlKXBx4Ot2/Un -hw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6pXE0zX5IJL4hmXXeXxx12E6nV -5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvmMw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDfDCCAmSgAwIBAgIQGKy1av1pthU6Y2yv2vrEoTANBgkqhkiG9w0BAQUFADBY -MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjExMC8GA1UEAxMo -R2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNjEx -MjcwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMFgxCzAJBgNVBAYTAlVTMRYwFAYDVQQK -Ew1HZW9UcnVzdCBJbmMuMTEwLwYDVQQDEyhHZW9UcnVzdCBQcmltYXJ5IENlcnRp -ZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC -AQEAvrgVe//UfH1nrYNke8hCUy3f9oQIIGHWAVlqnEQRr+92/ZV+zmEwu3qDXwK9 -AWbK7hWNb6EwnL2hhZ6UOvNWiAAxz9juapYC2e0DjPt1befquFUWBRaa9OBesYjA -ZIVcFU2Ix7e64HXprQU9nceJSOC7KMgD4TCTZF5SwFlwIjVXiIrxlQqD17wxcwE0 -7e9GceBrAqg1cmuXm2bgyxx5X9gaBGgeRwLmnWDiNpcB3841kt++Z8dtd1k7j53W -kBWUvEI0EME5+bEnPn7WinXFsq+W06Lem+SYvn3h6YGttm/81w7a4DSwDRp35+MI -mO9Y+pyEtzavwt+s0vQQBnBxNQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4G -A1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQULNVQQZcVi/CPNmFbSvtr2ZnJM5IwDQYJ -KoZIhvcNAQEFBQADggEBAFpwfyzdtzRP9YZRqSa+S7iq8XEN3GHHoOo0Hnp3DwQ1 -6CePbJC/kRYkRj5KTs4rFtULUh38H2eiAkUxT87z+gOneZ1TatnaYzr4gNfTmeGl -4b7UVXGYNTq+k+qurUKykG/g/CFNNWMziUnWm07Kx+dOCQD32sfvmWKZd7aVIl6K -oKv0uHiYyjgZmclynnjNS6yvGaBzEi38wkG6gZHaFloxt/m0cYASSJlyc1pZU8Fj -UjPtp8nSOQJw+uCxQmYpqptR7TBUIhRf2asdweSU8Pj1K/fqynhG1riR/aYNKxoU -AT6A8EKglQdebc3MS6RFjasS6LPeWuWgfOgPIh1a6Vk= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICrjCCAjWgAwIBAgIQPLL0SAoA4v7rJDteYD7DazAKBggqhkjOPQQDAzCBmDEL -MAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsTMChj -KSAyMDA3IEdlb1RydXN0IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTE2 -MDQGA1UEAxMtR2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0 -eSAtIEcyMB4XDTA3MTEwNTAwMDAwMFoXDTM4MDExODIzNTk1OVowgZgxCzAJBgNV -BAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMTkwNwYDVQQLEzAoYykgMjAw -NyBHZW9UcnVzdCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxNjA0BgNV -BAMTLUdlb1RydXN0IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBH -MjB2MBAGByqGSM49AgEGBSuBBAAiA2IABBWx6P0DFUPlrOuHNxFi79KDNlJ9RVcL -So17VDs6bl8VAsBQps8lL33KSLjHUGMcKiEIfJo22Av+0SbFWDEwKCXzXV2juLal -tJLtbCyf691DiaI8S0iRHVDsJt/WYC69IaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAO -BgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFBVfNVdRVfslsq0DafwBo/q+EVXVMAoG -CCqGSM49BAMDA2cAMGQCMGSWWaboCd6LuvpaiIjwH5HTRqjySkwCY/tsXzjbLkGT -qQ7mndwxHLKgpxgceeHHNgIwOlavmnRs9vuD4DPTCF+hnMJbn0bWtsuRBmOiBucz -rD6ogRLQy7rQkgu2npaqBA+K ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID/jCCAuagAwIBAgIQFaxulBmyeUtB9iepwxgPHzANBgkqhkiG9w0BAQsFADCB -mDELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsT -MChjKSAyMDA4IEdlb1RydXN0IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25s -eTE2MDQGA1UEAxMtR2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhv -cml0eSAtIEczMB4XDTA4MDQwMjAwMDAwMFoXDTM3MTIwMTIzNTk1OVowgZgxCzAJ -BgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMTkwNwYDVQQLEzAoYykg -MjAwOCBHZW9UcnVzdCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxNjA0 -BgNVBAMTLUdlb1RydXN0IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg -LSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANziXmJYHTNXOTIz -+uvLh4yn1ErdBojqZI4xmKU4kB6Yzy5jK/BGvESyiaHAKAxJcCGVn2TAppMSAmUm -hsalifD614SgcK9PGpc/BkTVyetyEH3kMSj7HGHmKAdEc5IiaacDiGydY8hS2pgn -5whMcD60yRLBxWeDXTPzAxHsatBT4tG6NmCUgLthY2xbF37fQJQeqw3CIShwiP/W -JmxsYAQlTlV+fe+/lEjetx3dcI0FX4ilm/LC7urRQEFtYjgdVgbFA0dRIBn8exAL -DmKudlW/X3e+PkkBUz2YJQN2JFodtNuJ6nnltrM7P7pMKEF/BqxqjsHQ9gUdfeZC -huOl1UcCAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw -HQYDVR0OBBYEFMR5yo6hTgMdHNxr2zFblD4/MH8tMA0GCSqGSIb3DQEBCwUAA4IB -AQAtxRPPVoB7eni9n64smefv2t+UXglpp+duaIy9cr5HqQ6XErhK8WTTOd8lNNTB -zU6B8A8ExCSzNJbGpqow32hhc9f5joWJ7w5elShKKiePEI4ufIbEAp7aDHdlDkQN -kv39sxY2+hENHYwOB4lqKVb3cvTdFZx3NWZXqxNT2I7BQMXXExZacse3aQHEerGD -AWh9jUGhlBjBJVz88P6DAod8DQ3PLghcSkANPuyBYeYk28rgDi0Hsj5W3I31QYUH -SJsMC8tJP33st/3LjWeJGqvtux6jAAgIFyqCXDFdRootD4abdNlF+9RAsXqqaC2G -spki4cErx5z481+oghLrGREt ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFaDCCA1CgAwIBAgIBATANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJVUzEW -MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEeMBwGA1UEAxMVR2VvVHJ1c3QgVW5pdmVy -c2FsIENBMB4XDTA0MDMwNDA1MDAwMFoXDTI5MDMwNDA1MDAwMFowRTELMAkGA1UE -BhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xHjAcBgNVBAMTFUdlb1RydXN0 -IFVuaXZlcnNhbCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKYV -VaCjxuAfjJ0hUNfBvitbtaSeodlyWL0AG0y/YckUHUWCq8YdgNY96xCcOq9tJPi8 -cQGeBvV8Xx7BDlXKg5pZMK4ZyzBIle0iN430SppyZj6tlcDgFgDgEB8rMQ7XlFTT -QjOgNB0eRXbdT8oYN+yFFXoZCPzVx5zw8qkuEKmS5j1YPakWaDwvdSEYfyh3peFh -F7em6fgemdtzbvQKoiFs7tqqhZJmr/Z6a4LauiIINQ/PQvE1+mrufislzDoR5G2v -c7J2Ha3QsnhnGqQ5HFELZ1aD/ThdDc7d8Lsrlh/eezJS/R27tQahsiFepdaVaH/w -mZ7cRQg+59IJDTWU3YBOU5fXtQlEIGQWFwMCTFMNaN7VqnJNk22CDtucvc+081xd -VHppCZbW2xHBjXWotM85yM48vCR85mLK4b19p71XZQvk/iXttmkQ3CgaRr0BHdCX -teGYO8A3ZNY9lO4L4fUorgtWv3GLIylBjobFS1J72HGrH4oVpjuDWtdYAVHGTEHZ -f9hBZ3KiKN9gg6meyHv8U3NyWfWTehd2Ds735VzZC1U0oqpbtWpU5xPKV+yXbfRe -Bi9Fi1jUIxaS5BZuKGNZMN9QAZxjiRqf2xeUgnA3wySemkfWWspOqGmJch+RbNt+ -nhutxx9z3SxPGWX9f5NAEC7S8O08ni4oPmkmM8V7AgMBAAGjYzBhMA8GA1UdEwEB -/wQFMAMBAf8wHQYDVR0OBBYEFNq7LqqwDLiIJlF0XG0D08DYj3rWMB8GA1UdIwQY -MBaAFNq7LqqwDLiIJlF0XG0D08DYj3rWMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG -9w0BAQUFAAOCAgEAMXjmx7XfuJRAyXHEqDXsRh3ChfMoWIawC/yOsjmPRFWrZIRc -aanQmjg8+uUfNeVE44B5lGiku8SfPeE0zTBGi1QrlaXv9z+ZhP015s8xxtxqv6fX -IwjhmF7DWgh2qaavdy+3YL1ERmrvl/9zlcGO6JP7/TG37FcREUWbMPEaiDnBTzyn -ANXH/KttgCJwpQzgXQQpAvvLoJHRfNbDflDVnVi+QTjruXU8FdmbyUqDWcDaU/0z -uzYYm4UPFd3uLax2k7nZAY1IEKj79TiG8dsKxr2EoyNB3tZ3b4XUhRxQ4K5RirqN -Pnbiucon8l+f725ZDQbYKxek0nxru18UGkiPGkzns0ccjkxFKyDuSN/n3QmOGKja -QI2SJhFTYXNd673nxE0pN2HrrDktZy4W1vUAg4WhzH92xH3kt0tm7wNFYGm2DFKW -koRepqO1pD4r2czYG0eq8kTaT/kD6PAUyz/zg97QwVTjt+gKN02LIFkDMBmhLMi9 -ER/frslKxfMnZmaGrGiR/9nmUxwPi1xpZQomyB40w11Re9epnAahNt3ViZS82eQt -DF4JbAiXfKM9fJP/P6EUp8+1Xevb2xzEdt+Iub1FBZUbrvxGakyvSOPOrg/Sfuvm -bJxPgWp6ZKy7PtXny3YuxadIwVyQD8vIP/rmMuGNG2+k5o7Y+SlIis5z/iw= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFbDCCA1SgAwIBAgIBATANBgkqhkiG9w0BAQUFADBHMQswCQYDVQQGEwJVUzEW -MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMXR2VvVHJ1c3QgVW5pdmVy -c2FsIENBIDIwHhcNMDQwMzA0MDUwMDAwWhcNMjkwMzA0MDUwMDAwWjBHMQswCQYD -VQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMXR2VvVHJ1 -c3QgVW5pdmVyc2FsIENBIDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC -AQCzVFLByT7y2dyxUxpZKeexw0Uo5dfR7cXFS6GqdHtXr0om/Nj1XqduGdt0DE81 -WzILAePb63p3NeqqWuDW6KFXlPCQo3RWlEQwAx5cTiuFJnSCegx2oG9NzkEtoBUG -FF+3Qs17j1hhNNwqCPkuwwGmIkQcTAeC5lvO0Ep8BNMZcyfwqph/Lq9O64ceJHdq -XbboW0W63MOhBW9Wjo8QJqVJwy7XQYci4E+GymC16qFjwAGXEHm9ADwSbSsVsaxL -se4YuU6W3Nx2/zu+z18DwPw76L5GG//aQMJS9/7jOvdqdzXQ2o3rXhhqMcceujwb -KNZrVMaqW9eiLBsZzKIC9ptZvTdrhrVtgrrY6slWvKk2WP0+GfPtDCapkzj4T8Fd -IgbQl+rhrcZV4IErKIM6+vR7IVEAvlI4zs1meaj0gVbi0IMJR1FbUGrP20gaXT73 -y/Zl92zxlfgCOzJWgjl6W70viRu/obTo/3+NjN8D8WBOWBFM66M/ECuDmgFz2ZRt -hAAnZqzwcEAJQpKtT5MNYQlRJNiS1QuUYbKHsu3/mjX/hVTK7URDrBs8FmtISgoc -QIgfksILAAX/8sgCSqSqqcyZlpwvWOB94b67B9xfBHJcMTTD7F8t4D1kkCLm0ey4 -Lt1ZrtmhN79UNdxzMk+MBB4zsslG8dhcyFVQyWi9qLo2CQIDAQABo2MwYTAPBgNV -HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR281Xh+qQ2+/CfXGJx7Tz0RzgQKzAfBgNV -HSMEGDAWgBR281Xh+qQ2+/CfXGJx7Tz0RzgQKzAOBgNVHQ8BAf8EBAMCAYYwDQYJ -KoZIhvcNAQEFBQADggIBAGbBxiPz2eAubl/oz66wsCVNK/g7WJtAJDday6sWSf+z -dXkzoS9tcBc0kf5nfo/sm+VegqlVHy/c1FEHEv6sFj4sNcZj/NwQ6w2jqtB8zNHQ -L1EuxBRa3ugZ4T7GzKQp5y6EqgYweHZUcyiYWTjgAA1i00J9IZ+uPTqM1fp3DRgr -Fg5fNuH8KrUwJM/gYwx7WBr+mbpCErGR9Hxo4sjoryzqyX6uuyo9DRXcNJW2GHSo -ag/HtPQTxORb7QrSpJdMKu0vbBKJPfEncKpqA1Ihn0CoZ1Dy81of398j9tx4TuaY -T1U6U+Pv8vSfx3zYWK8pIpe44L2RLrB27FcRz+8pRPPphXpgY+RdM4kX2TGq2tbz -GDVyz4crL2MjhF2EjD9XoIj8mZEoJmmZ1I+XRL6O1UixpCgp8RW04eWe3fiPpm8m -1wk8OhwRDqZsN/etRIcsKMfYdIKz0G9KV7s1KSegi+ghp4dkNl3M2Basx7InQJJV -OCiNUW7dFGdTbHFcJoRNdVq2fmBWqU2t+5sel/MN2dKXVHfaPRK34B7vCAas+YWH -6aLcr34YEoP9VhdBLtUpgn2Z9DH2canPLAEnpQW5qrJITirvn5NSUZU8UnOOVkwX -QMAJKOSLakhT2+zNVVXxxvjpoixMptEmX36vWkzaH6byHCx+rgIW0lbQL1dTR+iS ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIB4TCCAYegAwIBAgIRKjikHJYKBN5CsiilC+g0mAIwCgYIKoZIzj0EAwIwUDEk -MCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI0MRMwEQYDVQQKEwpH -bG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWduMB4XDTEyMTExMzAwMDAwMFoX -DTM4MDExOTAzMTQwN1owUDEkMCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBD -QSAtIFI0MRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWdu -MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEuMZ5049sJQ6fLjkZHAOkrprlOQcJ -FspjsbmG+IpXwVfOQvpzofdlQv8ewQCybnMO/8ch5RikqtlxP6jUuc6MHaNCMEAw -DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFFSwe61F -uOJAf/sKbvu+M8k8o4TVMAoGCCqGSM49BAMCA0gAMEUCIQDckqGgE6bPA7DmxCGX -kPoUVy0D7O48027KqGx2vKLeuwIgJ6iFJzWbVsaj8kfSt24bAgAXqmemFZHe+pTs -ewv4n4Q= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICHjCCAaSgAwIBAgIRYFlJ4CYuu1X5CneKcflK2GwwCgYIKoZIzj0EAwMwUDEk -MCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI1MRMwEQYDVQQKEwpH -bG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWduMB4XDTEyMTExMzAwMDAwMFoX -DTM4MDExOTAzMTQwN1owUDEkMCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBD -QSAtIFI1MRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWdu -MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAER0UOlvt9Xb/pOdEh+J8LttV7HpI6SFkc -8GIxLcB6KP4ap1yztsyX50XUWPrRd21DosCHZTQKH3rd6zwzocWdTaRvQZU4f8ke -hOvRnkmSh5SHDDqFSmafnVmTTZdhBoZKo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYD -VR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUPeYpSJvqB8ohREom3m7e0oPQn1kwCgYI -KoZIzj0EAwMDaAAwZQIxAOVpEslu28YxuglB4Zf4+/2a4n0Sye18ZNPLBSWLVtmg -515dTguDnFt2KaAJJiFqYgIwcdK1j1zqO+F4CYWodZI7yFz9SO8NdCKoCOJuxUnO -xwy8p2Fp8fc74SrL+SvzZpA3 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG -A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv -b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw -MDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i -YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT -aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ -jc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp -xy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp -1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdG -snUOhugZitVtbNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJ -U26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N8 -9iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E -BTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0B -AQUFAAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOz -yj1hTdNGCbM+w6DjY1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE -38NflNUVyRRBnMRddWQVDf9VMOyGj/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymP -AbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad -DKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME -HMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4G -A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp -Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDYxMjE1MDgwMDAwWhcNMjExMjE1 -MDgwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEG -A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAKbPJA6+Lm8omUVCxKs+IVSbC9N/hHD6ErPL -v4dfxn+G07IwXNb9rfF73OX4YJYJkhD10FPe+3t+c4isUoh7SqbKSaZeqKeMWhG8 -eoLrvozps6yWJQeXSpkqBy+0Hne/ig+1AnwblrjFuTosvNYSuetZfeLQBoZfXklq -tTleiDTsvHgMCJiEbKjNS7SgfQx5TfC4LcshytVsW33hoCmEofnTlEnLJGKRILzd -C9XZzPnqJworc5HGnRusyMvo4KD0L5CLTfuwNhv2GXqF4G3yYROIXJ/gkwpRl4pa -zq+r1feqCapgvdzZX99yqWATXgAByUr6P6TqBwMhAo6CygPCm48CAwEAAaOBnDCB -mTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUm+IH -V2ccHsBqBt5ZtJot39wZhi4wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5n -bG9iYWxzaWduLm5ldC9yb290LXIyLmNybDAfBgNVHSMEGDAWgBSb4gdXZxwewGoG -3lm0mi3f3BmGLjANBgkqhkiG9w0BAQUFAAOCAQEAmYFThxxol4aR7OBKuEQLq4Gs -J0/WwbgcQ3izDJr86iw8bmEbTUsp9Z8FHSbBuOmDAGJFtqkIk7mpM0sYmsL4h4hO -291xNBrBVNpGP+DTKqttVCL1OmLNIG+6KYnX3ZHu01yiPqFbQfXf5WRDLenVOavS -ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd -AfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7 -TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDXzCCAkegAwIBAgILBAAAAAABIVhTCKIwDQYJKoZIhvcNAQELBQAwTDEgMB4G -A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbFNp -Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDkwMzE4MTAwMDAwWhcNMjkwMzE4 -MTAwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEG -A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAMwldpB5BngiFvXAg7aEyiie/QV2EcWtiHL8 -RgJDx7KKnQRfJMsuS+FggkbhUqsMgUdwbN1k0ev1LKMPgj0MK66X17YUhhB5uzsT -gHeMCOFJ0mpiLx9e+pZo34knlTifBtc+ycsmWQ1z3rDI6SYOgxXG71uL0gRgykmm -KPZpO/bLyCiR5Z2KYVc3rHQU3HTgOu5yLy6c+9C7v/U9AOEGM+iCK65TpjoWc4zd -QQ4gOsC0p6Hpsk+QLjJg6VfLuQSSaGjlOCZgdbKfd/+RFO+uIEn8rUAVSNECMWEZ -XriX7613t2Saer9fwRPvm2L7DWzgVGkWqQPabumDk3F2xmmFghcCAwEAAaNCMEAw -DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFI/wS3+o -LkUkrk1Q+mOai97i3Ru8MA0GCSqGSIb3DQEBCwUAA4IBAQBLQNvAUKr+yAzv95ZU -RUm7lgAJQayzE4aGKAczymvmdLm6AC2upArT9fHxD4q/c2dKg8dEe3jgr25sbwMp -jjM5RcOO5LlXbKr8EpbsU8Yt5CRsuZRj+9xTaGdWPoO4zzUhw8lo/s7awlOqzJCK -6fBdRoyV3XpYKBovHd7NADdBj+1EbddTKJd+82cEHhXXipa0095MJ6RMG3NzdvQX -mcIfeg7jLQitChws/zyrVQ4PkX4268NXSb7hLi18YIvDQVETI53O9zJrlAGomecs -Mx86OyXShkDOOyyGeMlhLxS67ttVb9+E7gUJTb0o2HLO02JQZR7rkpeDMdmztcpH -WD9f ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIHSTCCBTGgAwIBAgIJAMnN0+nVfSPOMA0GCSqGSIb3DQEBBQUAMIGsMQswCQYD -VQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0 -IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAGA1UEBRMJQTgyNzQzMjg3 -MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xJzAlBgNVBAMTHkdsb2JhbCBD -aGFtYmVyc2lnbiBSb290IC0gMjAwODAeFw0wODA4MDExMjMxNDBaFw0zODA3MzEx -MjMxNDBaMIGsMQswCQYDVQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3Vy -cmVudCBhZGRyZXNzIGF0IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAG -A1UEBRMJQTgyNzQzMjg3MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xJzAl -BgNVBAMTHkdsb2JhbCBDaGFtYmVyc2lnbiBSb290IC0gMjAwODCCAiIwDQYJKoZI -hvcNAQEBBQADggIPADCCAgoCggIBAMDfVtPkOpt2RbQT2//BthmLN0EYlVJH6xed -KYiONWwGMi5HYvNJBL99RDaxccy9Wglz1dmFRP+RVyXfXjaOcNFccUMd2drvXNL7 -G706tcuto8xEpw2uIRU/uXpbknXYpBI4iRmKt4DS4jJvVpyR1ogQC7N0ZJJ0YPP2 -zxhPYLIj0Mc7zmFLmY/CDNBAspjcDahOo7kKrmCgrUVSY7pmvWjg+b4aqIG7HkF4 -ddPB/gBVsIdU6CeQNR1MM62X/JcumIS/LMmjv9GYERTtY/jKmIhYF5ntRQOXfjyG -HoiMvvKRhI9lNNgATH23MRdaKXoKGCQwoze1eqkBfSbW+Q6OWfH9GzO1KTsXO0G2 -Id3UwD2ln58fQ1DJu7xsepeY7s2MH/ucUa6LcL0nn3HAa6x9kGbo1106DbDVwo3V -yJ2dwW3Q0L9R5OP4wzg2rtandeavhENdk5IMagfeOx2YItaswTXbo6Al/3K1dh3e -beksZixShNBFks4c5eUzHdwHU1SjqoI7mjcv3N2gZOnm3b2u/GSFHTynyQbehP9r -6GsaPMWis0L7iwk+XwhSx2LE1AVxv8Rk5Pihg+g+EpuoHtQ2TS9x9o0o9oOpE9Jh -wZG7SMA0j0GMS0zbaRL/UJScIINZc+18ofLx/d33SdNDWKBWY8o9PeU1VlnpDsog -zCtLkykPAgMBAAGjggFqMIIBZjASBgNVHRMBAf8ECDAGAQH/AgEMMB0GA1UdDgQW -BBS5CcqcHtvTbDprru1U8VuTBjUuXjCB4QYDVR0jBIHZMIHWgBS5CcqcHtvTbDpr -ru1U8VuTBjUuXqGBsqSBrzCBrDELMAkGA1UEBhMCRVUxQzBBBgNVBAcTOk1hZHJp -ZCAoc2VlIGN1cnJlbnQgYWRkcmVzcyBhdCB3d3cuY2FtZXJmaXJtYS5jb20vYWRk -cmVzcykxEjAQBgNVBAUTCUE4Mjc0MzI4NzEbMBkGA1UEChMSQUMgQ2FtZXJmaXJt -YSBTLkEuMScwJQYDVQQDEx5HbG9iYWwgQ2hhbWJlcnNpZ24gUm9vdCAtIDIwMDiC -CQDJzdPp1X0jzjAOBgNVHQ8BAf8EBAMCAQYwPQYDVR0gBDYwNDAyBgRVHSAAMCow -KAYIKwYBBQUHAgEWHGh0dHA6Ly9wb2xpY3kuY2FtZXJmaXJtYS5jb20wDQYJKoZI -hvcNAQEFBQADggIBAICIf3DekijZBZRG/5BXqfEv3xoNa/p8DhxJJHkn2EaqbylZ -UohwEurdPfWbU1Rv4WCiqAm57OtZfMY18dwY6fFn5a+6ReAJ3spED8IXDneRRXoz -X1+WLGiLwUePmJs9wOzL9dWCkoQ10b42OFZyMVtHLaoXpGNR6woBrX/sdZ7LoR/x -fxKxueRkf2fWIyr0uDldmOghp+G9PUIadJpwr2hsUF1Jz//7Dl3mLEfXgTpZALVz -a2Mg9jFFCDkO9HB+QHBaP9BrQql0PSgvAm11cpUJjUhjxsYjV5KTXjXBjfkK9yyd -Yhz2rXzdpjEetrHHfoUm+qRqtdpjMNHvkzeyZi99Bffnt0uYlDXA2TopwZ2yUDMd -SqlapskD7+3056huirRXhOukP9DuqqqHW2Pok+JrqNS4cnhrG+055F3Lm6qH1U9O -AP7Zap88MQ8oAgF9mOinsKJknnn4SPIVqczmyETrP3iZ8ntxPjzxmKfFGBI/5rso -M0LpRQp8bfKGeS/Fghl9CYl8slR2iK7ewfPM4W7bMdaTrpmg7yVqc5iJWzouE4ge -v8CSlDQb4ye3ix5vQv/n6TebUB0tovkC7stYWDpxvGjjqsGvHCgfotwjZT+B6q6Z -09gwzxMNTxXJhLynSC34MCN32EZLeW32jO06f2ARePTpm67VVMB0gNELQp/B ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEADCCAuigAwIBAgIBADANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEh -MB8GA1UEChMYVGhlIEdvIERhZGR5IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBE -YWRkeSBDbGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA0MDYyOTE3 -MDYyMFoXDTM0MDYyOTE3MDYyMFowYzELMAkGA1UEBhMCVVMxITAfBgNVBAoTGFRo -ZSBHbyBEYWRkeSBHcm91cCwgSW5jLjExMC8GA1UECxMoR28gRGFkZHkgQ2xhc3Mg -MiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASAwDQYJKoZIhvcNAQEBBQADggEN -ADCCAQgCggEBAN6d1+pXGEmhW+vXX0iG6r7d/+TvZxz0ZWizV3GgXne77ZtJ6XCA -PVYYYwhv2vLM0D9/AlQiVBDYsoHUwHU9S3/Hd8M+eKsaA7Ugay9qK7HFiH7Eux6w -wdhFJ2+qN1j3hybX2C32qRe3H3I2TqYXP2WYktsqbl2i/ojgC95/5Y0V4evLOtXi -EqITLdiOr18SPaAIBQi2XKVlOARFmR6jYGB0xUGlcmIbYsUfb18aQr4CUWWoriMY -avx4A6lNf4DD+qta/KFApMoZFv6yyO9ecw3ud72a9nmYvLEHZ6IVDd2gWMZEewo+ -YihfukEHU1jPEX44dMX4/7VpkI+EdOqXG68CAQOjgcAwgb0wHQYDVR0OBBYEFNLE -sNKR1EwRcbNhyz2h/t2oatTjMIGNBgNVHSMEgYUwgYKAFNLEsNKR1EwRcbNhyz2h -/t2oatTjoWekZTBjMQswCQYDVQQGEwJVUzEhMB8GA1UEChMYVGhlIEdvIERhZGR5 -IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBEYWRkeSBDbGFzcyAyIENlcnRpZmlj -YXRpb24gQXV0aG9yaXR5ggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQAD -ggEBADJL87LKPpH8EsahB4yOd6AzBhRckB4Y9wimPQoZ+YeAEW5p5JYXMP80kWNy -OO7MHAGjHZQopDH2esRU1/blMVgDoszOYtuURXO1v0XJJLXVggKtI3lpjbi2Tc7P -TMozI+gciKqdi0FuFskg5YmezTvacPd+mSYgFFQlq25zheabIZ0KbIIOqPjCDPoQ -HmyW74cNxA9hi63ugyuV+I6ShHI56yDqg+2DzZduCLzrTia2cyvk0/ZM/iZx4mER -dEr/VxqHD3VILs9RaRegAhJhldXRQLIQTO7ErBBDpqWeCtWVYpoNz4iCxTIM5Cuf -ReYNnyicsbkqWletNw+vHX/bvZ8= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDxTCCAq2gAwIBAgIBADANBgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhMCVVMx -EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoT -EUdvRGFkZHkuY29tLCBJbmMuMTEwLwYDVQQDEyhHbyBEYWRkeSBSb290IENlcnRp -ZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5MDkwMTAwMDAwMFoXDTM3MTIzMTIz -NTk1OVowgYMxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQH -EwpTY290dHNkYWxlMRowGAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjExMC8GA1UE -AxMoR28gRGFkZHkgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjCCASIw -DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL9xYgjx+lk09xvJGKP3gElY6SKD -E6bFIEMBO4Tx5oVJnyfq9oQbTqC023CYxzIBsQU+B07u9PpPL1kwIuerGVZr4oAH -/PMWdYA5UXvl+TW2dE6pjYIT5LY/qQOD+qK+ihVqf94Lw7YZFAXK6sOoBJQ7Rnwy -DfMAZiLIjWltNowRGLfTshxgtDj6AozO091GB94KPutdfMh8+7ArU6SSYmlRJQVh -GkSBjCypQ5Yj36w6gZoOKcUcqeldHraenjAKOc7xiID7S13MMuyFYkMlNAJWJwGR -tDtwKj9useiciAF9n9T521NtYJ2/LOdYq7hfRvzOxBsDPAnrSTFcaUaz4EcCAwEA -AaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYE -FDqahQcQZyi27/a9BUFuIMGU2g/eMA0GCSqGSIb3DQEBCwUAA4IBAQCZ21151fmX -WWcDYfF+OwYxdS2hII5PZYe096acvNjpL9DbWu7PdIxztDhC2gV7+AJ1uP2lsdeu -9tfeE8tTEH6KRtGX+rcuKxGrkLAngPnon1rpN5+r5N9ss4UXnT3ZJE95kTXWXwTr -gIOrmgIttRD02JDHBHNA7XIloKmf7J6raBKZV8aPEjoJpL1E/QYVN8Gb5DKj7Tjo -2GTzLH4U/ALqn83/B2gX2yKQOC16jdFU8WnjXzPKej17CuPKf1855eJ1usV2GDPO -LPAvTK33sefOT6jEm0pUBsV/fdUID+Ic/n4XuKxe9tQWskMJDE32p2u0mYRlynqI -4uJEvlz36hz1 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICwzCCAkqgAwIBAgIBADAKBggqhkjOPQQDAjCBqjELMAkGA1UEBhMCR1IxDzAN -BgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl -c2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRob3JpdHkxRDBCBgNVBAMTO0hl -bGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgRUNDIFJv -b3RDQSAyMDE1MB4XDTE1MDcwNzEwMzcxMloXDTQwMDYzMDEwMzcxMlowgaoxCzAJ -BgNVBAYTAkdSMQ8wDQYDVQQHEwZBdGhlbnMxRDBCBgNVBAoTO0hlbGxlbmljIEFj -YWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgQ2VydC4gQXV0aG9yaXR5 -MUQwQgYDVQQDEztIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0 -dXRpb25zIEVDQyBSb290Q0EgMjAxNTB2MBAGByqGSM49AgEGBSuBBAAiA2IABJKg -QehLgoRc4vgxEZmGZE4JJS+dQS8KrjVPdJWyUWRrjWvmP3CV8AVER6ZyOFB2lQJa -jq4onvktTpnvLEhvTCUp6NFxW98dwXU3tNf6e3pCnGoKVlp8aQuqgAkkbH7BRqNC -MEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFLQi -C4KZJAEOnLvkDv2/+5cgk5kqMAoGCCqGSM49BAMCA2cAMGQCMGfOFmI4oqxiRaep -lSTAGiecMjvAwNW6qef4BENThe5SId6d9SWDPp5YSy/XZxMOIQIwBeF1Ad5o7Sof -TUwJCA3sS61kFyjndc5FZXIhF8siQQ6ME5g4mlRtm8rifOoCWCKR ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEMTCCAxmgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBlTELMAkGA1UEBhMCR1Ix -RDBCBgNVBAoTO0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1 -dGlvbnMgQ2VydC4gQXV0aG9yaXR5MUAwPgYDVQQDEzdIZWxsZW5pYyBBY2FkZW1p -YyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIFJvb3RDQSAyMDExMB4XDTExMTIw -NjEzNDk1MloXDTMxMTIwMTEzNDk1MlowgZUxCzAJBgNVBAYTAkdSMUQwQgYDVQQK -EztIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIENl -cnQuIEF1dGhvcml0eTFAMD4GA1UEAxM3SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl -c2VhcmNoIEluc3RpdHV0aW9ucyBSb290Q0EgMjAxMTCCASIwDQYJKoZIhvcNAQEB -BQADggEPADCCAQoCggEBAKlTAOMupvaO+mDYLZU++CwqVE7NuYRhlFhPjz2L5EPz -dYmNUeTDN9KKiE15HrcS3UN4SoqS5tdI1Q+kOilENbgH9mgdVc04UfCMJDGFr4PJ -fel3r+0ae50X+bOdOFAPplp5kYCvN66m0zH7tSYJnTxa71HFK9+WXesyHgLacEns -bgzImjeN9/E2YEsmLIKe0HjzDQ9jpFEw4fkrJxIH2Oq9GGKYsFk3fb7u8yBRQlqD -75O6aRXxYp2fmTmCobd0LovUxQt7L/DICto9eQqakxylKHJzkUOap9FNhYS5qXSP -FEDH3N6sQWRstBmbAmNtJGSPRLIl6s5ddAxjMlyNh+UCAwEAAaOBiTCBhjAPBgNV -HRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQUppFC/RNhSiOeCKQp -5dgTBCPuQSUwRwYDVR0eBEAwPqA8MAWCAy5ncjAFggMuZXUwBoIELmVkdTAGggQu -b3JnMAWBAy5ncjAFgQMuZXUwBoEELmVkdTAGgQQub3JnMA0GCSqGSIb3DQEBBQUA -A4IBAQAf73lB4XtuP7KMhjdCSk4cNx6NZrokgclPEg8hwAOXhiVtXdMiKahsog2p -6z0GW5k6x8zDmjR/qw7IThzh+uTczQ2+vyT+bOdrwg3IBp5OjWEopmr95fZi6hg8 -TqBTnbI6nOulnJEWtk2C4AwFSKls9cz4y51JtPACpf1wA+2KIaWuE4ZJwzNzvoc7 -dIsXRSZMFpGD/md9zU1jZ/rzAxKWeAaNsWftjj++n08C9bMJL/NMh98qy5V8Acys -Nnq/onN694/BtZqhFLKPM58N7yLcZnuEvUUXBj08yrl3NI/K6s8/MT7jiOOASSXI -l7WdmplNsDz4SgCbZN2fOUvRJ9e4 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIGCzCCA/OgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBpjELMAkGA1UEBhMCR1Ix -DzANBgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNhZGVtaWMgYW5k -IFJlc2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRob3JpdHkxQDA+BgNVBAMT -N0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgUm9v -dENBIDIwMTUwHhcNMTUwNzA3MTAxMTIxWhcNNDAwNjMwMTAxMTIxWjCBpjELMAkG -A1UEBhMCR1IxDzANBgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNh -ZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRob3JpdHkx -QDA+BgNVBAMTN0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1 -dGlvbnMgUm9vdENBIDIwMTUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC -AQDC+Kk/G4n8PDwEXT2QNrCROnk8ZlrvbTkBSRq0t89/TSNTt5AA4xMqKKYx8ZEA -4yjsriFBzh/a/X0SWwGDD7mwX5nh8hKDgE0GPt+sr+ehiGsxr/CL0BgzuNtFajT0 -AoAkKAoCFZVedioNmToUW/bLy1O8E00BiDeUJRtCvCLYjqOWXjrZMts+6PAQZe10 -4S+nfK8nNLspfZu2zwnI5dMK/IhlZXQK3HMcXM1AsRzUtoSMTFDPaI6oWa7CJ06C -ojXdFPQf/7J31Ycvqm59JCfnxssm5uX+Zwdj2EUN3TpZZTlYepKZcj2chF6IIbjV -9Cz82XBST3i4vTwri5WY9bPRaM8gFH5MXF/ni+X1NYEZN9cRCLdmvtNKzoNXADrD -gfgXy5I2XdGj2HUb4Ysn6npIQf1FGQatJ5lOwXBH3bWfgVMS5bGMSF0xQxfjjMZ6 -Y5ZLKTBOhE5iGV48zpeQpX8B653g+IuJ3SWYPZK2fu/Z8VFRfS0myGlZYeCsargq -NhEEelC9MoS+L9xy1dcdFkfkR2YgP/SWxa+OAXqlD3pk9Q0Yh9muiNX6hME6wGko -LfINaFGq46V3xqSQDqE3izEjR8EJCOtu93ib14L8hCCZSRm2Ekax+0VVFqmjZayc -Bw/qa9wfLgZy7IaIEuQt218FL+TwA9MmM+eAws1CoRc0CwIDAQABo0IwQDAPBgNV -HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUcRVnyMjJvXVd -ctA4GGqd83EkVAswDQYJKoZIhvcNAQELBQADggIBAHW7bVRLqhBYRjTyYtcWNl0I -XtVsyIe9tC5G8jH4fOpCtZMWVdyhDBKg2mF+D1hYc2Ryx+hFjtyp8iY/xnmMsVMI -M4GwVhO+5lFc2JsKT0ucVlMC6U/2DWDqTUJV6HwbISHTGzrMd/K4kPFox/la/vot -9L/J9UUbzjgQKjeKeaO04wlshYaT/4mWJ3iBj2fjRnRUjtkNaeJK9E10A/+yd+2V -Z5fkscWrv2oj6NSU4kQoYsRL4vDY4ilrGnB+JGGTe08DMiUNRSQrlrRGar9KC/ea -j8GsGsVn82800vpzY4zvFrCopEYq+OsS7HK07/grfoxSwIuEVPkvPuNVqNxmsdnh -X9izjFk0WaSrT2y7HxjbdavYy5LNlDhhDgcGH0tGEPEVvo2FXDtKK4F5D7Rpn0lQ -l033DlZdwJVqwjbDG2jJ9SrcR5q+ss7FJej6A7na+RZukYT1HCjI/CbM1xyQVqdf -bzoEvM14iQuODy+jqk+iGxI9FghAD/FGTNeqewjBCvVtJ94Cj8rDtSvK6evIIVM4 -pcw72Hc3MKJP2W/R8kCtQXoXxdZKNYm3QdV8hn9VTYNKpXMgwDqvkPGaJI7ZjnHK -e7iG2rKPmT4dEw0SEe7Uq/DpFXYC5ODfqiAeW2GFZECpkJcNrVPSWh2HagCXZWK0 -vm9qp/UsQu0yrbYhnr68 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDMDCCAhigAwIBAgICA+gwDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UEBhMCSEsx -FjAUBgNVBAoTDUhvbmdrb25nIFBvc3QxIDAeBgNVBAMTF0hvbmdrb25nIFBvc3Qg -Um9vdCBDQSAxMB4XDTAzMDUxNTA1MTMxNFoXDTIzMDUxNTA0NTIyOVowRzELMAkG -A1UEBhMCSEsxFjAUBgNVBAoTDUhvbmdrb25nIFBvc3QxIDAeBgNVBAMTF0hvbmdr -b25nIFBvc3QgUm9vdCBDQSAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC -AQEArP84tulmAknjorThkPlAj3n54r15/gK97iSSHSL22oVyaf7XPwnU3ZG1ApzQ -jVrhVcNQhrkpJsLj2aDxaQMoIIBFIi1WpztUlVYiWR8o3x8gPW2iNr4joLFutbEn -PzlTCeqrauh0ssJlXI6/fMN4hM2eFvz1Lk8gKgifd/PFHsSaUmYeSF7jEAaPIpjh -ZY4bXSNmO7ilMlHIhqqhqZ5/dpTCpmy3QfDVyAY45tQM4vM7TG1QjMSDJ8EThFk9 -nnV0ttgCXjqQesBCNnLsak3c78QA3xMYV18meMjWCnl3v/evt3a5pQuEF10Q6m/h -q5URX208o1xNg1vysxmKgIsLhwIDAQABoyYwJDASBgNVHRMBAf8ECDAGAQH/AgED -MA4GA1UdDwEB/wQEAwIBxjANBgkqhkiG9w0BAQUFAAOCAQEADkbVPK7ih9legYsC -mEEIjEy82tvuJxuC52pF7BaLT4Wg87JwvVqWuspube5Gi27nKi6Wsxkz67SfqLI3 -7piol7Yutmcn1KZJ/RyTZXaeQi/cImyaT/JaFTmxcdcrUehtHJjA2Sr0oYJ71clB -oiMBdDhViw+5LmeiIAQ32pwL0xch4I+XeTRvhEgCIDMb5jREn5Fw9IBehEPCKdJs -EhTkYY2sEJCehFC78JZvRZ+K88psT/oROhUVRsPNH4NbLUES7VBnQRM9IauUiqpO -fMGx+6fWtScvl6tu4B3i0RwsH0Ti/L6RoZz71ilTc4afU9hDDl3WY4JxHYB0yvbi -AmvZWg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw -TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh -cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4 -WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu -ZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY -MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc -h77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+ -0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U -A5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW -T8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH -B5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC -B5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv -KBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn -OlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn -jh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw -qHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI -rU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV -HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq -hkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL -ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ -3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK -NFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5 -ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur -TkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC -jNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc -oyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq -4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA -mRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d -emyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFYDCCA0igAwIBAgIQCgFCgAAAAUUjyES1AAAAAjANBgkqhkiG9w0BAQsFADBK -MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MScwJQYDVQQDEx5JZGVu -VHJ1c3QgQ29tbWVyY2lhbCBSb290IENBIDEwHhcNMTQwMTE2MTgxMjIzWhcNMzQw -MTE2MTgxMjIzWjBKMQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MScw -JQYDVQQDEx5JZGVuVHJ1c3QgQ29tbWVyY2lhbCBSb290IENBIDEwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQCnUBneP5k91DNG8W9RYYKyqU+PZ4ldhNlT -3Qwo2dfw/66VQ3KZ+bVdfIrBQuExUHTRgQ18zZshq0PirK1ehm7zCYofWjK9ouuU -+ehcCuz/mNKvcbO0U59Oh++SvL3sTzIwiEsXXlfEU8L2ApeN2WIrvyQfYo3fw7gp -S0l4PJNgiCL8mdo2yMKi1CxUAGc1bnO/AljwpN3lsKImesrgNqUZFvX9t++uP0D1 -bVoE/c40yiTcdCMbXTMTEl3EASX2MN0CXZ/g1Ue9tOsbobtJSdifWwLziuQkkORi -T0/Br4sOdBeo0XKIanoBScy0RnnGF7HamB4HWfp1IYVl3ZBWzvurpWCdxJ35UrCL -vYf5jysjCiN2O/cz4ckA82n5S6LgTrx+kzmEB/dEcH7+B1rlsazRGMzyNeVJSQjK -Vsk9+w8YfYs7wRPCTY/JTw436R+hDmrfYi7LNQZReSzIJTj0+kuniVyc0uMNOYZK -dHzVWYfCP04MXFL0PfdSgvHqo6z9STQaKPNBiDoT7uje/5kdX7rL6B7yuVBgwDHT -c+XvvqDtMwt0viAgxGds8AgDelWAf0ZOlqf0Hj7h9tgJ4TNkK2PXMl6f+cB7D3hv -l7yTmvmcEpB4eoCHFddydJxVdHixuuFucAS6T6C6aMN7/zHwcz09lCqxC0EOoP5N -iGVreTO01wIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB -/zAdBgNVHQ4EFgQU7UQZwNPwBovupHu+QucmVMiONnYwDQYJKoZIhvcNAQELBQAD -ggIBAA2ukDL2pkt8RHYZYR4nKM1eVO8lvOMIkPkp165oCOGUAFjvLi5+U1KMtlwH -6oi6mYtQlNeCgN9hCQCTrQ0U5s7B8jeUeLBfnLOic7iPBZM4zY0+sLj7wM+x8uwt -LRvM7Kqas6pgghstO8OEPVeKlh6cdbjTMM1gCIOQ045U8U1mwF10A0Cj7oV+wh93 -nAbowacYXVKV7cndJZ5t+qntozo00Fl72u1Q8zW/7esUTTHHYPTa8Yec4kjixsU3 -+wYQ+nVZZjFHKdp2mhzpgq7vmrlR94gjmmmVYjzlVYA211QC//G5Xc7UI2/YRYRK -W2XviQzdFKcgyxilJbQN+QHwotL0AMh0jqEqSI5l2xPE4iUXfeu+h1sXIFRRk0pT -AwvsXcoz7WL9RccvW9xYoIA55vrX/hMUpu09lEpCdNTDd1lzzY9GvlU47/rokTLq -l1gEIt44w8y8bckzOmoKaT+gyOpyj4xjhiO9bTyWnpXgSUyqorkqG5w2gXjtw+hG -4iZZRHUe2XWJUc0QhJ1hYMtd+ZciTY6Y5uN/9lu7rs3KSoFrXgvzUeF0K+l+J6fZ -mUlO+KWA2yUPHGNiiskzZ2s8EIPGrd6ozRaOjfAHN3Gf8qv8QfXBi+wAN10J5U6A -7/qxXDgGpRtK4dw4LTzcqx+QGtVKnO7RcGzM7vRX+Bi6hG6H ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFZjCCA06gAwIBAgIQCgFCgAAAAUUjz0Z8AAAAAjANBgkqhkiG9w0BAQsFADBN -MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MSowKAYDVQQDEyFJZGVu -VHJ1c3QgUHVibGljIFNlY3RvciBSb290IENBIDEwHhcNMTQwMTE2MTc1MzMyWhcN -MzQwMTE2MTc1MzMyWjBNMQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0 -MSowKAYDVQQDEyFJZGVuVHJ1c3QgUHVibGljIFNlY3RvciBSb290IENBIDEwggIi -MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC2IpT8pEiv6EdrCvsnduTyP4o7 -ekosMSqMjbCpwzFrqHd2hCa2rIFCDQjrVVi7evi8ZX3yoG2LqEfpYnYeEe4IFNGy -RBb06tD6Hi9e28tzQa68ALBKK0CyrOE7S8ItneShm+waOh7wCLPQ5CQ1B5+ctMlS -bdsHyo+1W/CD80/HLaXIrcuVIKQxKFdYWuSNG5qrng0M8gozOSI5Cpcu81N3uURF -/YTLNiCBWS2ab21ISGHKTN9T0a9SvESfqy9rg3LvdYDaBjMbXcjaY8ZNzaxmMc3R -3j6HEDbhuaR672BQssvKplbgN6+rNBM5Jeg5ZuSYeqoSmJxZZoY+rfGwyj4GD3vw -EUs3oERte8uojHH01bWRNszwFcYr3lEXsZdMUD2xlVl8BX0tIdUAvwFnol57plzy -9yLxkA2T26pEUWbMfXYD62qoKjgZl3YNa4ph+bz27nb9cCvdKTz4Ch5bQhyLVi9V -GxyhLrXHFub4qjySjmm2AcG1hp2JDws4lFTo6tyePSW8Uybt1as5qsVATFSrsrTZ -2fjXctscvG29ZV/viDUqZi/u9rNl8DONfJhBaUYPQxxp+pu10GFqzcpL2UyQRqsV -WaFHVCkugyhfHMKiq3IXAAaOReyL4jM9f9oZRORicsPfIsbyVtTdX5Vy7W1f90gD -W/3FKqD2cyOEEBsB5wIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/ -BAUwAwEB/zAdBgNVHQ4EFgQU43HgntinQtnbcZFrlJPrw6PRFKMwDQYJKoZIhvcN -AQELBQADggIBAEf63QqwEZE4rU1d9+UOl1QZgkiHVIyqZJnYWv6IAcVYpZmxI1Qj -t2odIFflAWJBF9MJ23XLblSQdf4an4EKwt3X9wnQW3IV5B4Jaj0z8yGa5hV+rVHV -DRDtfULAj+7AmgjVQdZcDiFpboBhDhXAuM/FSRJSzL46zNQuOAXeNf0fb7iAaJg9 -TaDKQGXSc3z1i9kKlT/YPyNtGtEqJBnZhbMX73huqVjRI9PHE+1yJX9dsXNw0H8G -lwmEKYBhHfpe/3OsoOOJuBxxFcbeMX8S3OFtm6/n6J91eEyrRjuazr8FGF1NFTwW -mhlQBJqymm9li1JfPFgEKCXAZmExfrngdbkaqIHWchezxQMxNRF4eKLg6TCMf4Df -WN88uieW4oA0beOY02QnrEh+KHdcxiVhJfiFDGX6xDIvpZgF5PgLZxYWxoK4Mhn5 -+bl53B/N66+rDt0b20XkeucC4pVd/GnwU2lhlXV5C15V5jgclKlZM57IcXR5f1GJ -tshquDDIajjDbp7hNxbqBWJMWxJH7ae0s1hWx0nzfxJoCTFx8G34Tkf71oXuxVhA -GaQdp/lLQzfcaFpPz+vCZHTetBXZ9FRUGi8c15dxVJCO2SCdUyt/q4/i6jC8UDfv -8Ue1fXwsBOxonbRJRBD0ckscZOf85muQ3Wl9af0AVqW3rLatt8o+Ae+c ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF8TCCA9mgAwIBAgIQALC3WhZIX7/hy/WL1xnmfTANBgkqhkiG9w0BAQsFADA4 -MQswCQYDVQQGEwJFUzEUMBIGA1UECgwLSVpFTlBFIFMuQS4xEzARBgNVBAMMCkl6 -ZW5wZS5jb20wHhcNMDcxMjEzMTMwODI4WhcNMzcxMjEzMDgyNzI1WjA4MQswCQYD -VQQGEwJFUzEUMBIGA1UECgwLSVpFTlBFIFMuQS4xEzARBgNVBAMMCkl6ZW5wZS5j -b20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDJ03rKDx6sp4boFmVq -scIbRTJxldn+EFvMr+eleQGPicPK8lVx93e+d5TzcqQsRNiekpsUOqHnJJAKClaO -xdgmlOHZSOEtPtoKct2jmRXagaKH9HtuJneJWK3W6wyyQXpzbm3benhB6QiIEn6H -LmYRY2xU+zydcsC8Lv/Ct90NduM61/e0aL6i9eOBbsFGb12N4E3GVFWJGjMxCrFX -uaOKmMPsOzTFlUFpfnXCPCDFYbpRR6AgkJOhkEvzTnyFRVSa0QUmQbC1TR0zvsQD -yCV8wXDbO/QJLVQnSKwv4cSsPsjLkkxTOTcj7NMB+eAJRE1NZMDhDVqHIrytG6P+ -JrUV86f8hBnp7KGItERphIPzidF0BqnMC9bC3ieFUCbKF7jJeodWLBoBHmy+E60Q -rLUk9TiRodZL2vG70t5HtfG8gfZZa88ZU+mNFctKy6lvROUbQc/hhqfK0GqfvEyN -BjNaooXlkDWgYlwWTvDjovoDGrQscbNYLN57C9saD+veIR8GdwYDsMnvmfzAuU8L -hij+0rnq49qlw0dpEuDb8PYZi+17cNcC1u2HGCgsBCRMd+RIihrGO5rUD8r6ddIB -QFqNeb+Lz0vPqhbBleStTIo+F5HUsWLlguWABKQDfo2/2n+iD5dPDNMN+9fR5XJ+ -HMh3/1uaD7euBUbl8agW7EekFwIDAQABo4H2MIHzMIGwBgNVHREEgagwgaWBD2lu -Zm9AaXplbnBlLmNvbaSBkTCBjjFHMEUGA1UECgw+SVpFTlBFIFMuQS4gLSBDSUYg -QTAxMzM3MjYwLVJNZXJjLlZpdG9yaWEtR2FzdGVpeiBUMTA1NSBGNjIgUzgxQzBB -BgNVBAkMOkF2ZGEgZGVsIE1lZGl0ZXJyYW5lbyBFdG9yYmlkZWEgMTQgLSAwMTAx -MCBWaXRvcmlhLUdhc3RlaXowDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC -AQYwHQYDVR0OBBYEFB0cZQ6o8iV7tJHP5LGx5r1VdGwFMA0GCSqGSIb3DQEBCwUA -A4ICAQB4pgwWSp9MiDrAyw6lFn2fuUhfGI8NYjb2zRlrrKvV9pF9rnHzP7MOeIWb -laQnIUdCSnxIOvVFfLMMjlF4rJUT3sb9fbgakEyrkgPH7UIBzg/YsfqikuFgba56 -awmqxinuaElnMIAkejEWOVt+8Rwu3WwJrfIxwYJOubv5vr8qhT/AQKM6WfxZSzwo -JNu0FXWuDYi6LnPAvViH5ULy617uHjAimcs30cQhbIHsvm0m5hzkQiCeR7Csg1lw -LDXWrzY0tM07+DKo7+N4ifuNRSzanLh+QBxh5z6ikixL8s36mLYp//Pye6kfLqCT -VyvehQP5aTfLnnhqBbTFMXiJ7HqnheG5ezzevh55hM6fcA5ZwjUukCox2eRFekGk -LhObNA5me0mrZJfQRsN5nXJQY6aYWwa9SG3YOYNw6DXwBdGqvOPbyALqfP2C2sJb -UjWumDqtujWTI6cfSN01RpiyEGjkpTHCClguGYEQyVB1/OpaFs4R1+7vUIgtYf8/ -QnMFlEPVjjxOAToZpR9GTnfQXeWBIiGH/pR9hNiTrdZoQ0iy2+tzJOeRf1SktoA+ -naM8THLCV8Sg1Mw4J87VBp6iSNnpn86CcDaTmjvfliHjWbcM2pE38P1ZWrOZyGls -QyYBNWNgVYkDOnXYukrZVP/u3oDYLdE41V4tC5h9Pmzb/CaIxw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFwzCCA6ugAwIBAgIUCn6m30tEntpqJIWe5rgV0xZ/u7EwDQYJKoZIhvcNAQEL -BQAwRjELMAkGA1UEBhMCTFUxFjAUBgNVBAoMDUx1eFRydXN0IFMuQS4xHzAdBgNV -BAMMFkx1eFRydXN0IEdsb2JhbCBSb290IDIwHhcNMTUwMzA1MTMyMTU3WhcNMzUw -MzA1MTMyMTU3WjBGMQswCQYDVQQGEwJMVTEWMBQGA1UECgwNTHV4VHJ1c3QgUy5B -LjEfMB0GA1UEAwwWTHV4VHJ1c3QgR2xvYmFsIFJvb3QgMjCCAiIwDQYJKoZIhvcN -AQEBBQADggIPADCCAgoCggIBANeFl78RmOnwYoNMPIf5U2o3C/IPPIfOb9wmKb3F -ibrJgz337spbxm1Jc7TJRqMbNBM/wYlFV/TZsfs2ZUv7COJIcRHIbjuend+JZTem -hfY7RBi2xjcwYkSSl2l9QjAk5A0MiWtj3sXh306pFGxT4GHO9hcvHTy95iJMHZP1 -EMShduxq3sVs35a0VkBCwGKSMKEtFZSg0iAGCW5qbeXrt77U8PEVfIvmTroTzEsn -Xpk8F12PgX8zPU/TPxvsXD/wPEx1bvKm1Z3aLQdjAsZy6ZS8TEmVT4hSyNvoaYL4 -zDRbIvCGp4m9SAptZoFtyMhk+wHh9OHe2Z7d21vUKpkmFRseTJIpgp7VkoGSQXAZ -96Tlk0u8d2cx3Rz9MXANF5kM+Qw5GSoXtTBxVdUPrljhPS80m8+f9niFwpN6cj5m -j5wWEWCPnolvZ77gR1o7DJpni89Gxq44o/KnvObWhWszJHAiS8sIm7vI+AIpHb4g -DEa/a4ebsypmQjVGbKq6rfmYe+lQVRQxv7HaLe2ArWgk+2mr2HETMOZns4dA/Yl+ -8kPREd8vZS9kzl8UubG/Mb2HeFpZZYiq/FkySIbWTLkpS5XTdvN3JW1CHDiDTf2j -X5t/Lax5Gw5CMZdjpPuKadUiDTSQMC6otOBttpSsvItO13D8xTiOZCXhTTmQzsmH -hFhxAgMBAAGjgagwgaUwDwYDVR0TAQH/BAUwAwEB/zBCBgNVHSAEOzA5MDcGByuB -KwEBAQowLDAqBggrBgEFBQcCARYeaHR0cHM6Ly9yZXBvc2l0b3J5Lmx1eHRydXN0 -Lmx1MA4GA1UdDwEB/wQEAwIBBjAfBgNVHSMEGDAWgBT/GCh2+UgFLKGu8SsbK7JT -+Et8szAdBgNVHQ4EFgQU/xgodvlIBSyhrvErGyuyU/hLfLMwDQYJKoZIhvcNAQEL -BQADggIBAGoZFO1uecEsh9QNcH7X9njJCwROxLHOk3D+sFTAMs2ZMGQXvw/l4jP9 -BzZAcg4atmpZ1gDlaCDdLnINH2pkMSCEfUmmWjfrRcmF9dTHF5kH5ptV5AzoqbTO -jFu1EVzPig4N1qx3gf4ynCSecs5U89BvolbW7MM3LGVYvlcAGvI1+ut7MV3CwRI9 -loGIlonBWVx65n9wNOeD4rHh4bhY79SV5GCc8JaXcozrhAIuZY+kt9J/Z93I055c -qqmkoCUUBpvsT34tC38ddfEz2O3OuHVtPlu5mB0xDVbYQw8wkbIEa91WvpWAVWe+ -2M2D2RjuLg+GLZKecBPs3lHJQ3gCpU3I+V/EkVhGFndadKpAvAefMLmx9xIX3eP/ -JEAdemrRTxgKqpAd60Ae36EeRJIQmvKN4dFLRp7oRUKX6kWZ8+xm1QL68qZKJKre -zrnK+T+Tb/mjuuqlPpmt/f97mfVl7vBZKGfXkJWkE4SphMHozs51k2MavDzq1WQf -LSoSOcbDWjLtR5EWDrw4wVDej8oqkDQc7kGUnF4ZLvhFSZl0kbAEb+MEWrGrKqv+ -x9CWttrhSmQGbmBNvUJO/3jaJMobtNeWOWyu8Q6qp31IiyBMz2TWuJdGsE7RKlY6 -oJO9r4Ak4Ap+58rVyuiFVdw2KuGUaJPHZnJED4AhMmwlxyOAgwrr ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIECjCCAvKgAwIBAgIJAMJ+QwRORz8ZMA0GCSqGSIb3DQEBCwUAMIGCMQswCQYD -VQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0 -ZC4xJzAlBgNVBAMMHk1pY3Jvc2VjIGUtU3ppZ25vIFJvb3QgQ0EgMjAwOTEfMB0G -CSqGSIb3DQEJARYQaW5mb0BlLXN6aWduby5odTAeFw0wOTA2MTYxMTMwMThaFw0y -OTEyMzAxMTMwMThaMIGCMQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3Qx -FjAUBgNVBAoMDU1pY3Jvc2VjIEx0ZC4xJzAlBgNVBAMMHk1pY3Jvc2VjIGUtU3pp -Z25vIFJvb3QgQ0EgMjAwOTEfMB0GCSqGSIb3DQEJARYQaW5mb0BlLXN6aWduby5o -dTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOn4j/NjrdqG2KfgQvvP -kd6mJviZpWNwrZuuyjNAfW2WbqEORO7hE52UQlKavXWFdCyoDh2Tthi3jCyoz/tc -cbna7P7ofo/kLx2yqHWH2Leh5TvPmUpG0IMZfcChEhyVbUr02MelTTMuhTlAdX4U -fIASmFDHQWe4oIBhVKZsTh/gnQ4H6cm6M+f+wFUoLAKApxn1ntxVUwOXewdI/5n7 -N4okxFnMUBBjjqqpGrCEGob5X7uxUG6k0QrM1XF+H6cbfPVTbiJfyyvm1HxdrtbC -xkzlBQHZ7Vf8wSN5/PrIJIOV87VqUQHQd9bpEqH5GoP7ghu5sJf0dgYzQ0mg/wu1 -+rUCAwEAAaOBgDB+MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0G -A1UdDgQWBBTLD8bfQkPMPcu1SCOhGnqmKrs0aDAfBgNVHSMEGDAWgBTLD8bfQkPM -Pcu1SCOhGnqmKrs0aDAbBgNVHREEFDASgRBpbmZvQGUtc3ppZ25vLmh1MA0GCSqG -SIb3DQEBCwUAA4IBAQDJ0Q5eLtXMs3w+y/w9/w0olZMEyL/azXm4Q5DwpL7v8u8h -mLzU1F0G9u5C7DBsoKqpyvGvivo/C3NqPuouQH4frlRheesuCDfXI/OMn74dseGk -ddug4lQUsbocKaQY9hK6ohQU4zE1yED/t+AFdlfBHFny+L/k7SViXITwfn4fs775 -tyERzAMBVnCnEJIeGzSBHq2cGsMEPO0CYdYeBvNfOofyK/FFh+U9rNHHV4S9a67c -2Pm2G2JwCz02yULyMtd6YebS2z3PyKnJm9zbWETXbzivf3jTo60adbocwTZ8jx5t -HMN1Rq41Bab2XD0h7lbwyYIiLXpUq3DDfSJlgnCW ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEFTCCAv2gAwIBAgIGSUEs5AAQMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQG -EwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3 -MDUGA1UECwwuVGFuw7pzw610dsOhbnlraWFkw7NrIChDZXJ0aWZpY2F0aW9uIFNl -cnZpY2VzKTE1MDMGA1UEAwwsTmV0TG9jayBBcmFueSAoQ2xhc3MgR29sZCkgRsWR -dGFuw7pzw610dsOhbnkwHhcNMDgxMjExMTUwODIxWhcNMjgxMjA2MTUwODIxWjCB -pzELMAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRUwEwYDVQQKDAxOZXRM -b2NrIEtmdC4xNzA1BgNVBAsMLlRhbsO6c8OtdHbDoW55a2lhZMOzayAoQ2VydGlm -aWNhdGlvbiBTZXJ2aWNlcykxNTAzBgNVBAMMLE5ldExvY2sgQXJhbnkgKENsYXNz -IEdvbGQpIEbFkXRhbsO6c8OtdHbDoW55MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A -MIIBCgKCAQEAxCRec75LbRTDofTjl5Bu0jBFHjzuZ9lk4BqKf8owyoPjIMHj9DrT -lF8afFttvzBPhCf2nx9JvMaZCpDyD/V/Q4Q3Y1GLeqVw/HpYzY6b7cNGbIRwXdrz -AZAj/E4wqX7hJ2Pn7WQ8oLjJM2P+FpD/sLj916jAwJRDC7bVWaaeVtAkH3B5r9s5 -VA1lddkVQZQBr17s9o3x/61k/iCa11zr/qYfCGSji3ZVrR47KGAuhyXoqq8fxmRG -ILdwfzzeSNuWU7c5d+Qa4scWhHaXWy+7GRWF+GmF9ZmnqfI0p6m2pgP8b4Y9VHx2 -BJtr+UBdADTHLpl1neWIA6pN+APSQnbAGwIDAKiLo0UwQzASBgNVHRMBAf8ECDAG -AQH/AgEEMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUzPpnk/C2uNClwB7zU/2M -U9+D15YwDQYJKoZIhvcNAQELBQADggEBAKt/7hwWqZw8UQCgwBEIBaeZ5m8BiFRh -bvG5GK1Krf6BQCOUL/t1fC8oS2IkgYIL9WHxHG64YTjrgfpioTtaYtOUZcTh5m2C -+C8lcLIhJsFyUR+MLMOEkMNaj7rP9KdlpeuY0fsFskZ1FSNqb4VjMIDw1Z4fKRzC -bLBQWV2QWzuoDTDPv31/zvGdg73JRm4gpvlhUbohL3u+pRVjodSVh/GeufOJ8z2F -uLjbvrW5KfnaNwUASZQDhETnv0Mxz3WLJdH0pmT1kvarBes96aULNmLazAZfNou2 -XjG4Kvte9nHfRCaexOYNkbQudZWAUWpLMKawYqGT8ZvYzsRjdT9ZR7E= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID5jCCAs6gAwIBAgIQV8szb8JcFuZHFhfjkDFo4DANBgkqhkiG9w0BAQUFADBi -MQswCQYDVQQGEwJVUzEhMB8GA1UEChMYTmV0d29yayBTb2x1dGlvbnMgTC5MLkMu -MTAwLgYDVQQDEydOZXR3b3JrIFNvbHV0aW9ucyBDZXJ0aWZpY2F0ZSBBdXRob3Jp -dHkwHhcNMDYxMjAxMDAwMDAwWhcNMjkxMjMxMjM1OTU5WjBiMQswCQYDVQQGEwJV -UzEhMB8GA1UEChMYTmV0d29yayBTb2x1dGlvbnMgTC5MLkMuMTAwLgYDVQQDEydO -ZXR3b3JrIFNvbHV0aW9ucyBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkvH6SMG3G2I4rC7xGzuAnlt7e+foS0zwz -c7MEL7xxjOWftiJgPl9dzgn/ggwbmlFQGiaJ3dVhXRncEg8tCqJDXRfQNJIg6nPP -OCwGJgl6cvf6UDL4wpPTaaIjzkGxzOTVHzbRijr4jGPiFFlp7Q3Tf2vouAPlT2rl -mGNpSAW+Lv8ztumXWWn4Zxmuk2GWRBXTcrA/vGp97Eh/jcOrqnErU2lBUzS1sLnF -BgrEsEX1QV1uiUV7PTsmjHTC5dLRfbIR1PtYMiKagMnc/Qzpf14Dl847ABSHJ3A4 -qY5usyd2mFHgBeMhqxrVhSI8KbWaFsWAqPS7azCPL0YCorEMIuDTAgMBAAGjgZcw -gZQwHQYDVR0OBBYEFCEwyfsA106Y2oeqKtCnLrFAMadMMA4GA1UdDwEB/wQEAwIB -BjAPBgNVHRMBAf8EBTADAQH/MFIGA1UdHwRLMEkwR6BFoEOGQWh0dHA6Ly9jcmwu -bmV0c29sc3NsLmNvbS9OZXR3b3JrU29sdXRpb25zQ2VydGlmaWNhdGVBdXRob3Jp -dHkuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQC7rkvnt1frf6ott3NHhWrB5KUd5Oc8 -6fRZZXe1eltajSU24HqXLjjAV2CDmAaDn7l2em5Q4LqILPxFzBiwmZVRDuwduIj/ -h1AcgsLj4DKAv6ALR8jDMe+ZZzKATxcheQxpXN5eNK4CtSbqUN9/GGUsyfJj4akH -/nxxH2szJGoeBfcFaMBqEssuXmHLrijTfsK0ZpEmXzwuJF/LWA/rKOyvEZbz3Htv -wKeI8lN3s2Berq4o2jUsbzRF0ybh3uxbTydrFny9RAQYgrOJeRcQcT16ohZO9QHN -pGxlaKFJdlxDydi8NmdspZS11My5vWo1ViHe2MPr+8ukYEywVaCge1ey ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID8TCCAtmgAwIBAgIQQT1yx/RrH4FDffHSKFTfmjANBgkqhkiG9w0BAQUFADCB -ijELMAkGA1UEBhMCQ0gxEDAOBgNVBAoTB1dJU2VLZXkxGzAZBgNVBAsTEkNvcHly -aWdodCAoYykgMjAwNTEiMCAGA1UECxMZT0lTVEUgRm91bmRhdGlvbiBFbmRvcnNl -ZDEoMCYGA1UEAxMfT0lTVEUgV0lTZUtleSBHbG9iYWwgUm9vdCBHQSBDQTAeFw0w -NTEyMTExNjAzNDRaFw0zNzEyMTExNjA5NTFaMIGKMQswCQYDVQQGEwJDSDEQMA4G -A1UEChMHV0lTZUtleTEbMBkGA1UECxMSQ29weXJpZ2h0IChjKSAyMDA1MSIwIAYD -VQQLExlPSVNURSBGb3VuZGF0aW9uIEVuZG9yc2VkMSgwJgYDVQQDEx9PSVNURSBX -SVNlS2V5IEdsb2JhbCBSb290IEdBIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A -MIIBCgKCAQEAy0+zAJs9Nt350UlqaxBJH+zYK7LG+DKBKUOVTJoZIyEVRd7jyBxR -VVuuk+g3/ytr6dTqvirdqFEr12bDYVxgAsj1znJ7O7jyTmUIms2kahnBAbtzptf2 -w93NvKSLtZlhuAGio9RN1AU9ka34tAhxZK9w8RxrfvbDd50kc3vkDIzh2TbhmYsF -mQvtRTEJysIA2/dyoJaqlYfQjse2YXMNdmaM3Bu0Y6Kff5MTMPGhJ9vZ/yxViJGg -4E8HsChWjBgbl0SOid3gF27nKu+POQoxhILYQBRJLnpB5Kf+42TMwVlxSywhp1t9 -4B3RLoGbw9ho972WG6xwsRYUC9tguSYBBQIDAQABo1EwTzALBgNVHQ8EBAMCAYYw -DwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUswN+rja8sHnR3JQmthG+IbJphpQw -EAYJKwYBBAGCNxUBBAMCAQAwDQYJKoZIhvcNAQEFBQADggEBAEuh/wuHbrP5wUOx -SPMowB0uyQlB+pQAHKSkq0lPjz0e701vvbyk9vImMMkQyh2I+3QZH4VFvbBsUfk2 -ftv1TDI6QU9bR8/oCy22xBmddMVHxjtqD6wU2zz0c5ypBd8A3HR4+vg1YFkCExh8 -vPtNsCBtQ7tgMHpnM1zFmdH4LTlSc/uMqpclXHLZCB6rTjzjgTGfA6b7wP4piFXa -hNVQA7bihKOmNqoROgHhGEvWRGizPflTdISzRpFGlgC3gCy24eMQ4tui5yiPAZZi -Fj4A4xylNoEYokxSdsARo27mHbrjWr42U8U+dY+GaSlYU7Wcu2+fXMUY7N0v4ZjJ -/L7fCg0= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDtTCCAp2gAwIBAgIQdrEgUnTwhYdGs/gjGvbCwDANBgkqhkiG9w0BAQsFADBt -MQswCQYDVQQGEwJDSDEQMA4GA1UEChMHV0lTZUtleTEiMCAGA1UECxMZT0lTVEUg -Rm91bmRhdGlvbiBFbmRvcnNlZDEoMCYGA1UEAxMfT0lTVEUgV0lTZUtleSBHbG9i -YWwgUm9vdCBHQiBDQTAeFw0xNDEyMDExNTAwMzJaFw0zOTEyMDExNTEwMzFaMG0x -CzAJBgNVBAYTAkNIMRAwDgYDVQQKEwdXSVNlS2V5MSIwIAYDVQQLExlPSVNURSBG -b3VuZGF0aW9uIEVuZG9yc2VkMSgwJgYDVQQDEx9PSVNURSBXSVNlS2V5IEdsb2Jh -bCBSb290IEdCIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Be3 -HEokKtaXscriHvt9OO+Y9bI5mE4nuBFde9IllIiCFSZqGzG7qFshISvYD06fWvGx -WuR51jIjK+FTzJlFXHtPrby/h0oLS5daqPZI7H17Dc0hBt+eFf1Biki3IPShehtX -1F1Q/7pn2COZH8g/497/b1t3sWtuuMlk9+HKQUYOKXHQuSP8yYFfTvdv37+ErXNk -u7dCjmn21HYdfp2nuFeKUWdy19SouJVUQHMD9ur06/4oQnc/nSMbsrY9gBQHTC5P -99UKFg29ZkM3fiNDecNAhvVMKdqOmq0NpQSHiB6F4+lT1ZvIiwNjeOvgGUpuuy9r -M2RYk61pv48b74JIxwIDAQABo1EwTzALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUw -AwEB/zAdBgNVHQ4EFgQUNQ/INmNe4qPs+TtmFc5RUuORmj0wEAYJKwYBBAGCNxUB -BAMCAQAwDQYJKoZIhvcNAQELBQADggEBAEBM+4eymYGQfp3FsLAmzYh7KzKNbrgh -cViXfa43FK8+5/ea4n32cZiZBKpDdHij40lhPnOMTZTg+XHEthYOU3gf1qKHLwI5 -gSk8rxWYITD+KJAAjNHhy/peyP34EEY7onhCkRd0VQreUGdNZtGn//3ZwLWoo4rO -ZvUPQ82nK1d7Y0Zqqi5S2PTt4W2tKZB4SLrhI6qjiey1q5bAtEuiHZeeevJuQHHf -aPFlTc58Bd9TZaml8LGXBHAVRgOY1NK/VLSgWH1Sb9pWJmLU2NuJMW8c8CLC02Ic -Nc1MaRVUGpCY3useX8p3x8uOPUNpnJpY0CQ73xtAln41rYHHTnG6iBM= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFbzCCA1egAwIBAgISESCzkFU5fX82bWTCp59rY45nMA0GCSqGSIb3DQEBCwUA -MEAxCzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9w -ZW5UcnVzdCBSb290IENBIEcxMB4XDTE0MDUyNjA4NDU1MFoXDTM4MDExNTAwMDAw -MFowQDELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCU9wZW5UcnVzdDEdMBsGA1UEAwwU -T3BlblRydXN0IFJvb3QgQ0EgRzEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK -AoICAQD4eUbalsUwXopxAy1wpLuwxQjczeY1wICkES3d5oeuXT2R0odsN7faYp6b -wiTXj/HbpqbfRm9RpnHLPhsxZ2L3EVs0J9V5ToybWL0iEA1cJwzdMOWo010hOHQX -/uMftk87ay3bfWAfjH1MBcLrARYVmBSO0ZB3Ij/swjm4eTrwSSTilZHcYTSSjFR0 -77F9jAHiOH3BX2pfJLKOYheteSCtqx234LSWSE9mQxAGFiQD4eCcjsZGT44ameGP -uY4zbGneWK2gDqdkVBFpRGZPTBKnjix9xNRbxQA0MMHZmf4yzgeEtE7NCv82TWLx -p2NX5Ntqp66/K7nJ5rInieV+mhxNaMbBGN4zK1FGSxyO9z0M+Yo0FMT7MzUj8czx -Kselu7Cizv5Ta01BG2Yospb6p64KTrk5M0ScdMGTHPjgniQlQ/GbI4Kq3ywgsNw2 -TgOzfALU5nsaqocTvz6hdLubDuHAk5/XpGbKuxs74zD0M1mKB3IDVedzagMxbm+W -G+Oin6+Sx+31QrclTDsTBM8clq8cIqPQqwWyTBIjUtz9GVsnnB47ev1CI9sjgBPw -vFEVVJSmdz7QdFG9URQIOTfLHzSpMJ1ShC5VkLG631UAC9hWLbFJSXKAqWLXwPYY -EQRVzXR7z2FwefR7LFxckvzluFqrTJOVoSfupb7PcSNCupt2LQIDAQABo2MwYTAO -BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUl0YhVyE1 -2jZVx/PxN3DlCPaTKbYwHwYDVR0jBBgwFoAUl0YhVyE12jZVx/PxN3DlCPaTKbYw -DQYJKoZIhvcNAQELBQADggIBAB3dAmB84DWn5ph76kTOZ0BP8pNuZtQ5iSas000E -PLuHIT839HEl2ku6q5aCgZG27dmxpGWX4m9kWaSW7mDKHyP7Rbr/jyTwyqkxf3kf -gLMtMrpkZ2CvuVnN35pJ06iCsfmYlIrM4LvgBBuZYLFGZdwIorJGnkSI6pN+VxbS -FXJfLkur1J1juONI5f6ELlgKn0Md/rcYkoZDSw6cMoYsYPXpSOqV7XAp8dUv/TW0 -V8/bhUiZucJvbI/NeJWsZCj9VrDDb8O+WVLhX4SPgPL0DTatdrOjteFkdjpY3H1P -XlZs5VVZV6Xf8YpmMIzUUmI4d7S+KNfKNsSbBfD4Fdvb8e80nR14SohWZ25g/4/I -i+GOvUKpMwpZQhISKvqxnUOOBZuZ2mKtVzazHbYNeS2WuOvyDEsMpZTGMKcmGS3t -TAZQMPH9WD25SxdfGbRqhFS0OE85og2WaMMolP3tLR9Ka0OWLpABEPs4poEL0L91 -09S5zvE/bw4cHjdx5RiHdRk/ULlepEU0rbDK5uUTdg8xFKmOLZTW1YVNcxVPS/Ky -Pu1svf0OnWZzsD2097+o4BGkxK51CUpjAEggpsadCwmKtODmzj7HPiY46SvepghJ -AwSQiumPv+i2tCqjI40cHLI5kqiPAlxAOXXUc0ECd97N4EOH1uS6SsNsEn/+KuYj -1oxx ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFbzCCA1egAwIBAgISESChaRu/vbm9UpaPI+hIvyYRMA0GCSqGSIb3DQEBDQUA -MEAxCzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9w -ZW5UcnVzdCBSb290IENBIEcyMB4XDTE0MDUyNjAwMDAwMFoXDTM4MDExNTAwMDAw -MFowQDELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCU9wZW5UcnVzdDEdMBsGA1UEAwwU -T3BlblRydXN0IFJvb3QgQ0EgRzIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK -AoICAQDMtlelM5QQgTJT32F+D3Y5z1zCU3UdSXqWON2ic2rxb95eolq5cSG+Ntmh -/LzubKh8NBpxGuga2F8ORAbtp+Dz0mEL4DKiltE48MLaARf85KxP6O6JHnSrT78e -CbY2albz4e6WiWYkBuTNQjpK3eCasMSCRbP+yatcfD7J6xcvDH1urqWPyKwlCm/6 -1UWY0jUJ9gNDlP7ZvyCVeYCYitmJNbtRG6Q3ffyZO6v/v6wNj0OxmXsWEH4db0fE -FY8ElggGQgT4hNYdvJGmQr5J1WqIP7wtUdGejeBSzFfdNTVY27SPJIjki9/ca1TS -gSuyzpJLHB9G+h3Ykst2Z7UJmQnlrBcUVXDGPKBWCgOz3GIZ38i1MH/1PCZ1Eb3X -G7OHngevZXHloM8apwkQHZOJZlvoPGIytbU6bumFAYueQ4xncyhZW+vj3CzMpSZy -YhK05pyDRPZRpOLAeiRXyg6lPzq1O4vldu5w5pLeFlwoW5cZJ5L+epJUzpM5ChaH -vGOz9bGTXOBut9Dq+WIyiET7vycotjCVXRIouZW+j1MY5aIYFuJWpLIsEPUdN6b4 -t/bQWVyJ98LVtZR00dX+G7bw5tYee9I8y6jj9RjzIR9u701oBnstXW5DiabA+aC/ -gh7PU3+06yzbXfZqfUAkBXKJOAGTy3HCOV0GEfZvePg3DTmEJwIDAQABo2MwYTAO -BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUajn6QiL3 -5okATV59M4PLuG53hq8wHwYDVR0jBBgwFoAUajn6QiL35okATV59M4PLuG53hq8w -DQYJKoZIhvcNAQENBQADggIBAJjLq0A85TMCl38th6aP1F5Kr7ge57tx+4BkJamz -Gj5oXScmp7oq4fBXgwpkTx4idBvpkF/wrM//T2h6OKQQbA2xx6R3gBi2oihEdqc0 -nXGEL8pZ0keImUEiyTCYYW49qKgFbdEfwFFEVn8nNQLdXpgKQuswv42hm1GqO+qT -RmTFAHneIWv2V6CG1wZy7HBGS4tz3aAhdT7cHcCP009zHIXZ/n9iyJVvttN7jLpT -wm+bREx50B1ws9efAvSyB7DH5fitIw6mVskpEndI2S9G/Tvw/HRwkqWOOAgfZDC2 -t0v7NqwQjqBSM2OdAzVWxWm9xiNaJ5T2pBL4LTM8oValX9YZ6e18CL13zSdkzJTa -TkZQh+D5wVOAHrut+0dSixv9ovneDiK3PTNZbNTe9ZUGMg1RGUFcPk8G97krgCf2 -o6p6fAbhQ8MTOWIaNr3gKC6UAuQpLmBVrkA9sHSSXvAgZJY/X0VdiLWK2gKgW0VU -3jg9CcCoSmVGFvyqv1ROTVu+OEO3KMqLM6oaJbolXCkvW0pujOotnCr2BXbgd5eA -iN1nE28daCSLT7d0geX0YJ96Vdc+N9oWaz53rK4YcJUIeSkDiv7BO7M/Gg+kO14f -WKGVyasvc0rQLW6aWQ9VGHgtPFGml4vmu7JwqkwR3v98KzfUetF3NI/n+UL3PIEM -S1IK ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICITCCAaagAwIBAgISESDm+Ez8JLC+BUCs2oMbNGA/MAoGCCqGSM49BAMDMEAx -CzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9wZW5U -cnVzdCBSb290IENBIEczMB4XDTE0MDUyNjAwMDAwMFoXDTM4MDExNTAwMDAwMFow -QDELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCU9wZW5UcnVzdDEdMBsGA1UEAwwUT3Bl -blRydXN0IFJvb3QgQ0EgRzMwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAARK7liuTcpm -3gY6oxH84Bjwbhy6LTAMidnW7ptzg6kjFYwvWYpa3RTqnVkrQ7cG7DK2uu5Bta1d -oYXM6h0UZqNnfkbilPPntlahFVmhTzeXuSIevRHr9LIfXsMUmuXZl5mjYzBhMA4G -A1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRHd8MUi2I5 -DMlv4VBN0BBY3JWIbTAfBgNVHSMEGDAWgBRHd8MUi2I5DMlv4VBN0BBY3JWIbTAK -BggqhkjOPQQDAwNpADBmAjEAj6jcnboMBBf6Fek9LykBl7+BFjNAk2z8+e2AcG+q -j9uEwov1NcoG3GRvaBbhj5G5AjEA2Euly8LQCGzpGPta3U1fJAuwACEl74+nBCZx -4nxp5V2a+EEfOzmTk51V6s2N8fvB ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF0DCCBLigAwIBAgIEOrZQizANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJC -TTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDElMCMGA1UECxMcUm9vdCBDZXJ0 -aWZpY2F0aW9uIEF1dGhvcml0eTEuMCwGA1UEAxMlUXVvVmFkaXMgUm9vdCBDZXJ0 -aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wMTAzMTkxODMzMzNaFw0yMTAzMTcxODMz -MzNaMH8xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMSUw -IwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MS4wLAYDVQQDEyVR -dW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG -9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2G1lVO6V/z68mcLOhrfEYBklbTRvM16z/Yp -li4kVEAkOPcahdxYTMukJ0KX0J+DisPkBgNbAKVRHnAEdOLB1Dqr1607BxgFjv2D -rOpm2RgbaIr1VxqYuvXtdj182d6UajtLF8HVj71lODqV0D1VNk7feVcxKh7YWWVJ -WCCYfqtffp/p1k3sg3Spx2zY7ilKhSoGFPlU5tPaZQeLYzcS19Dsw3sgQUSj7cug -F+FxZc4dZjH3dgEZyH0DWLaVSR2mEiboxgx24ONmy+pdpibu5cxfvWenAScOospU -xbF6lR1xHkopigPcakXBpBlebzbNw6Kwt/5cOOJSvPhEQ+aQuwIDAQABo4ICUjCC -Ak4wPQYIKwYBBQUHAQEEMTAvMC0GCCsGAQUFBzABhiFodHRwczovL29jc3AucXVv -dmFkaXNvZmZzaG9yZS5jb20wDwYDVR0TAQH/BAUwAwEB/zCCARoGA1UdIASCAREw -ggENMIIBCQYJKwYBBAG+WAABMIH7MIHUBggrBgEFBQcCAjCBxxqBxFJlbGlhbmNl -IG9uIHRoZSBRdW9WYWRpcyBSb290IENlcnRpZmljYXRlIGJ5IGFueSBwYXJ0eSBh -c3N1bWVzIGFjY2VwdGFuY2Ugb2YgdGhlIHRoZW4gYXBwbGljYWJsZSBzdGFuZGFy -ZCB0ZXJtcyBhbmQgY29uZGl0aW9ucyBvZiB1c2UsIGNlcnRpZmljYXRpb24gcHJh -Y3RpY2VzLCBhbmQgdGhlIFF1b1ZhZGlzIENlcnRpZmljYXRlIFBvbGljeS4wIgYI -KwYBBQUHAgEWFmh0dHA6Ly93d3cucXVvdmFkaXMuYm0wHQYDVR0OBBYEFItLbe3T -KbkGGew5Oanwl4Rqy+/fMIGuBgNVHSMEgaYwgaOAFItLbe3TKbkGGew5Oanwl4Rq -y+/foYGEpIGBMH8xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1p -dGVkMSUwIwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MS4wLAYD -VQQDEyVRdW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggQ6tlCL -MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAitQUtf70mpKnGdSk -fnIYj9lofFIk3WdvOXrEql494liwTXCYhGHoG+NpGA7O+0dQoE7/8CQfvbLO9Sf8 -7C9TqnN7Az10buYWnuulLsS/VidQK2K6vkscPFVcQR0kvoIgR13VRH56FmjffU1R -cHhXHTMe/QKZnAzNCgVPx7uOpHX6Sm2xgI4JVrmcGmD+XcHXetwReNDWXcG31a0y -mQM6isxUJTkxgXsTIlG6Rmyhu576BGxJJnSP0nPrzDCi5upZIof4l/UO/erMkqQW -xFIY6iHOsfHmhIHluqmGKPJDWl0Snawe2ajlCmqnf6CHKc/yiU3U7MXi5nrQNiOK -SnQ2+Q== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFYDCCA0igAwIBAgIUeFhfLq0sGUvjNwc1NBMotZbUZZMwDQYJKoZIhvcNAQEL -BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc -BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMSBHMzAeFw0xMjAxMTIxNzI3NDRaFw00 -MjAxMTIxNzI3NDRaMEgxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM -aW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDEgRzMwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQCgvlAQjunybEC0BJyFuTHK3C3kEakEPBtV -wedYMB0ktMPvhd6MLOHBPd+C5k+tR4ds7FtJwUrVu4/sh6x/gpqG7D0DmVIB0jWe -rNrwU8lmPNSsAgHaJNM7qAJGr6Qc4/hzWHa39g6QDbXwz8z6+cZM5cOGMAqNF341 -68Xfuw6cwI2H44g4hWf6Pser4BOcBRiYz5P1sZK0/CPTz9XEJ0ngnjybCKOLXSoh -4Pw5qlPafX7PGglTvF0FBM+hSo+LdoINofjSxxR3W5A2B4GbPgb6Ul5jxaYA/qXp -UhtStZI5cgMJYr2wYBZupt0lwgNm3fME0UDiTouG9G/lg6AnhF4EwfWQvTA9xO+o -abw4m6SkltFi2mnAAZauy8RRNOoMqv8hjlmPSlzkYZqn0ukqeI1RPToV7qJZjqlc -3sX5kCLliEVx3ZGZbHqfPT2YfF72vhZooF6uCyP8Wg+qInYtyaEQHeTTRCOQiJ/G -KubX9ZqzWB4vMIkIG1SitZgj7Ah3HJVdYdHLiZxfokqRmu8hqkkWCKi9YSgxyXSt -hfbZxbGL0eUQMk1fiyA6PEkfM4VZDdvLCXVDaXP7a3F98N/ETH3Goy7IlXnLc6KO -Tk0k+17kBL5yG6YnLUlamXrXXAkgt3+UuU/xDRxeiEIbEbfnkduebPRq34wGmAOt -zCjvpUfzUwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB -BjAdBgNVHQ4EFgQUo5fW816iEOGrRZ88F2Q87gFwnMwwDQYJKoZIhvcNAQELBQAD -ggIBABj6W3X8PnrHX3fHyt/PX8MSxEBd1DKquGrX1RUVRpgjpeaQWxiZTOOtQqOC -MTaIzen7xASWSIsBx40Bz1szBpZGZnQdT+3Btrm0DWHMY37XLneMlhwqI2hrhVd2 -cDMT/uFPpiN3GPoajOi9ZcnPP/TJF9zrx7zABC4tRi9pZsMbj/7sPtPKlL92CiUN -qXsCHKnQO18LwIE6PWThv6ctTr1NxNgpxiIY0MWscgKCP6o6ojoilzHdCGPDdRS5 -YCgtW2jgFqlmgiNR9etT2DGbe+m3nUvriBbP+V04ikkwj+3x6xn0dxoxGE1nVGwv -b2X52z3sIexe9PSLymBlVNFxZPT5pqOBMzYzcfCkeF9OrYMh3jRJjehZrJ3ydlo2 -8hP0r+AJx2EqbPfgna67hkooby7utHnNkDPDs3b69fBsnQGQ+p6Q9pxyz0fawx/k -NSBT8lTR32GDpgLiJTjehTItXnOQUl1CxM49S+H5GYQd1aJQzEH7QRTDvdbJWqNj -ZgKAvQU6O0ec7AAmTPWIUb+oI38YB7AL7YsmoWTTYUrrXJ/es69nA7Mf3W1daWhp -q1467HxpvMc7hU6eFbm0FU/DlXpY18ls6Wy58yljXrQs8C097Vpl4KlbQMJImYFt -nh8GKjwStIsPm6Ik8KaN1nrgS7ZklmOVhMJKzRwuJIczYOXD ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFtzCCA5+gAwIBAgICBQkwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0x -GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJv -b3QgQ0EgMjAeFw0wNjExMjQxODI3MDBaFw0zMTExMjQxODIzMzNaMEUxCzAJBgNV -BAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMRswGQYDVQQDExJRdW9W -YWRpcyBSb290IENBIDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCa -GMpLlA0ALa8DKYrwD4HIrkwZhR0In6spRIXzL4GtMh6QRr+jhiYaHv5+HBg6XJxg -Fyo6dIMzMH1hVBHL7avg5tKifvVrbxi3Cgst/ek+7wrGsxDp3MJGF/hd/aTa/55J -WpzmM+Yklvc/ulsrHHo1wtZn/qtmUIttKGAr79dgw8eTvI02kfN/+NsRE8Scd3bB -rrcCaoF6qUWD4gXmuVbBlDePSHFjIuwXZQeVikvfj8ZaCuWw419eaxGrDPmF60Tp -+ARz8un+XJiM9XOva7R+zdRcAitMOeGylZUtQofX1bOQQ7dsE/He3fbE+Ik/0XX1 -ksOR1YqI0JDs3G3eicJlcZaLDQP9nL9bFqyS2+r+eXyt66/3FsvbzSUr5R/7mp/i -Ucw6UwxI5g69ybR2BlLmEROFcmMDBOAENisgGQLodKcftslWZvB1JdxnwQ5hYIiz -PtGo/KPaHbDRsSNU30R2be1B2MGyIrZTHN81Hdyhdyox5C315eXbyOD/5YDXC2Og -/zOhD7osFRXql7PSorW+8oyWHhqPHWykYTe5hnMz15eWniN9gqRMgeKh0bpnX5UH -oycR7hYQe7xFSkyyBNKr79X9DFHOUGoIMfmR2gyPZFwDwzqLID9ujWc9Otb+fVuI -yV77zGHcizN300QyNQliBJIWENieJ0f7OyHj+OsdWwIDAQABo4GwMIGtMA8GA1Ud -EwEB/wQFMAMBAf8wCwYDVR0PBAQDAgEGMB0GA1UdDgQWBBQahGK8SEwzJQTU7tD2 -A8QZRtGUazBuBgNVHSMEZzBlgBQahGK8SEwzJQTU7tD2A8QZRtGUa6FJpEcwRTEL -MAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMT -ElF1b1ZhZGlzIFJvb3QgQ0EgMoICBQkwDQYJKoZIhvcNAQEFBQADggIBAD4KFk2f -BluornFdLwUvZ+YTRYPENvbzwCYMDbVHZF34tHLJRqUDGCdViXh9duqWNIAXINzn -g/iN/Ae42l9NLmeyhP3ZRPx3UIHmfLTJDQtyU/h2BwdBR5YM++CCJpNVjP4iH2Bl -fF/nJrP3MpCYUNQ3cVX2kiF495V5+vgtJodmVjB3pjd4M1IQWK4/YY7yarHvGH5K -WWPKjaJW1acvvFYfzznB4vsKqBUsfU16Y8Zsl0Q80m/DShcK+JDSV6IZUaUtl0Ha -B0+pUNqQjZRG4T7wlP0QADj1O+hA4bRuVhogzG9Yje0uRY/W6ZM/57Es3zrWIozc -hLsib9D45MY56QSIPMO661V6bYCZJPVsAfv4l7CUW+v90m/xd2gNNWQjrLhVoQPR -TUIZ3Ph1WVaj+ahJefivDrkRoHy3au000LYmYjgahwz46P0u05B/B5EqHdZ+XIWD -mbA4CD/pXvk1B+TJYm5Xf6dQlfe6yJvmjqIBxdZmv3lh8zwc4bmCXF2gw+nYSL0Z -ohEUGW6yhhtoPkg3Goi3XZZenMfvJ2II4pEZXNLxId26F0KCl3GBUzGpn/Z9Yr9y -4aOTHcyKJloJONDO1w2AFrR4pTqHTI2KpdVGl/IsELm8VCLAAVBpQ570su9t+Oza -8eOx79+Rj1QqCyXBJhnEUhAFZdWCEOrCMc0u ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFYDCCA0igAwIBAgIURFc0JFuBiZs18s64KztbpybwdSgwDQYJKoZIhvcNAQEL -BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc -BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMiBHMzAeFw0xMjAxMTIxODU5MzJaFw00 -MjAxMTIxODU5MzJaMEgxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM -aW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDIgRzMwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQChriWyARjcV4g/Ruv5r+LrI3HimtFhZiFf -qq8nUeVuGxbULX1QsFN3vXg6YOJkApt8hpvWGo6t/x8Vf9WVHhLL5hSEBMHfNrMW -n4rjyduYNM7YMxcoRvynyfDStNVNCXJJ+fKH46nafaF9a7I6JaltUkSs+L5u+9ym -c5GQYaYDFCDy54ejiK2toIz/pgslUiXnFgHVy7g1gQyjO/Dh4fxaXc6AcW34Sas+ -O7q414AB+6XrW7PFXmAqMaCvN+ggOp+oMiwMzAkd056OXbxMmO7FGmh77FOm6RQ1 -o9/NgJ8MSPsc9PG/Srj61YxxSscfrf5BmrODXfKEVu+lV0POKa2Mq1W/xPtbAd0j -IaFYAI7D0GoT7RPjEiuA3GfmlbLNHiJuKvhB1PLKFAeNilUSxmn1uIZoL1NesNKq -IcGY5jDjZ1XHm26sGahVpkUG0CM62+tlXSoREfA7T8pt9DTEceT/AFr2XK4jYIVz -8eQQsSWu1ZK7E8EM4DnatDlXtas1qnIhO4M15zHfeiFuuDIIfR0ykRVKYnLP43eh -vNURG3YBZwjgQQvD6xVu+KQZ2aKrr+InUlYrAoosFCT5v0ICvybIxo/gbjh9Uy3l -7ZizlWNof/k19N+IxWA1ksB8aRxhlRbQ694Lrz4EEEVlWFA4r0jyWbYW8jwNkALG -cC4BrTwV1wIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB -BjAdBgNVHQ4EFgQU7edvdlq/YOxJW8ald7tyFnGbxD0wDQYJKoZIhvcNAQELBQAD -ggIBAJHfgD9DCX5xwvfrs4iP4VGyvD11+ShdyLyZm3tdquXK4Qr36LLTn91nMX66 -AarHakE7kNQIXLJgapDwyM4DYvmL7ftuKtwGTTwpD4kWilhMSA/ohGHqPHKmd+RC -roijQ1h5fq7KpVMNqT1wvSAZYaRsOPxDMuHBR//47PERIjKWnML2W2mWeyAMQ0Ga -W/ZZGYjeVYg3UQt4XAoeo0L9x52ID8DyeAIkVJOviYeIyUqAHerQbj5hLja7NQ4n -lv1mNDthcnPxFlxHBlRJAHpYErAK74X9sbgzdWqTHBLmYF5vHX/JHyPLhGGfHoJE -+V+tYlUkmlKY7VHnoX6XOuYvHxHaU4AshZ6rNRDbIl9qxV6XU/IyAgkwo1jwDQHV -csaxfGl7w/U2Rcxhbl5MlMVerugOXou/983g7aEOGzPuVBj+D77vfoRrQ+NwmNtd -dbINWQeFFSM51vHfqSYP1kjHs6Yi9TM3WpVHn3u6GBVv/9YUZINJ0gpnIdsPNWNg -KCLjsZWDzYWm3S8P52dSbrsvhXz1SnPnxT7AvSESBT/8twNJAlvIJebiVDj1eYeM -HVOyToV7BjjHLPj4sHKNJeV3UvQDHEimUF+IIDBu8oJDqz2XhOdT+yHBTw8imoa4 -WSr2Rz0ZiC3oheGe7IUIarFsNMkd7EgrO3jtZsSOeWmD3n+M ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIGnTCCBIWgAwIBAgICBcYwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0x -GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJv -b3QgQ0EgMzAeFw0wNjExMjQxOTExMjNaFw0zMTExMjQxOTA2NDRaMEUxCzAJBgNV -BAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMRswGQYDVQQDExJRdW9W -YWRpcyBSb290IENBIDMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDM -V0IWVJzmmNPTTe7+7cefQzlKZbPoFog02w1ZkXTPkrgEQK0CSzGrvI2RaNggDhoB -4hp7Thdd4oq3P5kazethq8Jlph+3t723j/z9cI8LoGe+AaJZz3HmDyl2/7FWeUUr -H556VOijKTVopAFPD6QuN+8bv+OPEKhyq1hX51SGyMnzW9os2l2ObjyjPtr7guXd -8lyyBTNvijbO0BNO/79KDDRMpsMhvVAEVeuxu537RR5kFd5VAYwCdrXLoT9Cabwv -vWhDFlaJKjdhkf2mrk7AyxRllDdLkgbvBNDInIjbC3uBr7E9KsRlOni27tyAsdLT -mZw67mtaa7ONt9XOnMK+pUsvFrGeaDsGb659n/je7Mwpp5ijJUMv7/FfJuGITfhe -btfZFG4ZM2mnO4SJk8RTVROhUXhA+LjJou57ulJCg54U7QVSWllWp5f8nT8KKdjc -T5EOE7zelaTfi5m+rJsziO+1ga8bxiJTyPbH7pcUsMV8eFLI8M5ud2CEpukqdiDt -WAEXMJPpGovgc2PZapKUSU60rUqFxKMiMPwJ7Wgic6aIDFUhWMXhOp8q3crhkODZ -c6tsgLjoC2SToJyMGf+z0gzskSaHirOi4XCPLArlzW1oUevaPwV/izLmE1xr/l9A -4iLItLRkT9a6fUg+qGkM17uGcclzuD87nSVL2v9A6wIDAQABo4IBlTCCAZEwDwYD -VR0TAQH/BAUwAwEB/zCB4QYDVR0gBIHZMIHWMIHTBgkrBgEEAb5YAAMwgcUwgZMG -CCsGAQUFBwICMIGGGoGDQW55IHVzZSBvZiB0aGlzIENlcnRpZmljYXRlIGNvbnN0 -aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFF1b1ZhZGlzIFJvb3QgQ0EgMyBDZXJ0 -aWZpY2F0ZSBQb2xpY3kgLyBDZXJ0aWZpY2F0aW9uIFByYWN0aWNlIFN0YXRlbWVu -dC4wLQYIKwYBBQUHAgEWIWh0dHA6Ly93d3cucXVvdmFkaXNnbG9iYWwuY29tL2Nw -czALBgNVHQ8EBAMCAQYwHQYDVR0OBBYEFPLAE+CCQz777i9nMpY1XNu4ywLQMG4G -A1UdIwRnMGWAFPLAE+CCQz777i9nMpY1XNu4ywLQoUmkRzBFMQswCQYDVQQGEwJC -TTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDEbMBkGA1UEAxMSUXVvVmFkaXMg -Um9vdCBDQSAzggIFxjANBgkqhkiG9w0BAQUFAAOCAgEAT62gLEz6wPJv92ZVqyM0 -7ucp2sNbtrCD2dDQ4iH782CnO11gUyeim/YIIirnv6By5ZwkajGxkHon24QRiSem -d1o417+shvzuXYO8BsbRd2sPbSQvS3pspweWyuOEn62Iix2rFo1bZhfZFvSLgNLd -+LJ2w/w4E6oM3kJpK27zPOuAJ9v1pkQNn1pVWQvVDVJIxa6f8i+AxeoyUDUSly7B -4f/xI4hROJ/yZlZ25w9Rl6VSDE1JUZU2Pb+iSwwQHYaZTKrzchGT5Or2m9qoXadN -t54CrnMAyNojA+j56hl0YgCUyyIgvpSnWbWCar6ZeXqp8kokUvd0/bpO5qgdAm6x -DYBEwa7TIzdfu4V8K5Iu6H6li92Z4b8nby1dqnuH/grdS/yO9SbkbnBCbjPsMZ57 -k8HkyWkaPcBrTiJt7qtYTcbQQcEr6k8Sh17rRdhs9ZgC06DYVYoGmRmioHfRMJ6s -zHXug/WwYjnPbFfiTNKRCw51KBuav/0aQ/HKd/s7j2G4aSgWQgRecCocIdiP4b0j -Wy10QJLZYxkNc91pvGJHvOB0K7Lrfb5BG7XARsWhIstfTsEokt4YutUqKLsRixeT -mJlglFwjz1onl14LBQaTNx47aTbrqZ5hHY8y2o4M1nQ+ewkk2gF3R8Q7zTSMmfXK -4SVhM7JZG+Ju1zdXtg2pEto= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFYDCCA0igAwIBAgIULvWbAiin23r/1aOp7r0DoM8Sah0wDQYJKoZIhvcNAQEL -BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc -BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMyBHMzAeFw0xMjAxMTIyMDI2MzJaFw00 -MjAxMTIyMDI2MzJaMEgxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM -aW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDMgRzMwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQCzyw4QZ47qFJenMioKVjZ/aEzHs286IxSR -/xl/pcqs7rN2nXrpixurazHb+gtTTK/FpRp5PIpM/6zfJd5O2YIyC0TeytuMrKNu -FoM7pmRLMon7FhY4futD4tN0SsJiCnMK3UmzV9KwCoWdcTzeo8vAMvMBOSBDGzXR -U7Ox7sWTaYI+FrUoRqHe6okJ7UO4BUaKhvVZR74bbwEhELn9qdIoyhA5CcoTNs+c -ra1AdHkrAj80//ogaX3T7mH1urPnMNA3I4ZyYUUpSFlob3emLoG+B01vr87ERROR -FHAGjx+f+IdpsQ7vw4kZ6+ocYfx6bIrc1gMLnia6Et3UVDmrJqMz6nWB2i3ND0/k -A9HvFZcba5DFApCTZgIhsUfei5pKgLlVj7WiL8DWM2fafsSntARE60f75li59wzw -eyuxwHApw0BiLTtIadwjPEjrewl5qW3aqDCYz4ByA4imW0aucnl8CAMhZa634Ryl -sSqiMd5mBPfAdOhx3v89WcyWJhKLhZVXGqtrdQtEPREoPHtht+KPZ0/l7DxMYIBp -VzgeAVuNVejH38DMdyM0SXV89pgR6y3e7UEuFAUCf+D+IOs15xGsIs5XPd7JMG0Q -A4XN8f+MFrXBsj6IbGB/kE+V9/YtrQE5BwT6dYB9v0lQ7e/JxHwc64B+27bQ3RP+ -ydOc17KXqQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB -BjAdBgNVHQ4EFgQUxhfQvKjqAkPyGwaZXSuQILnXnOQwDQYJKoZIhvcNAQELBQAD -ggIBADRh2Va1EodVTd2jNTFGu6QHcrxfYWLopfsLN7E8trP6KZ1/AvWkyaiTt3px -KGmPc+FSkNrVvjrlt3ZqVoAh313m6Tqe5T72omnHKgqwGEfcIHB9UqM+WXzBusnI -FUBhynLWcKzSt/Ac5IYp8M7vaGPQtSCKFWGafoaYtMnCdvvMujAWzKNhxnQT5Wvv -oxXqA/4Ti2Tk08HS6IT7SdEQTXlm66r99I0xHnAUrdzeZxNMgRVhvLfZkXdxGYFg -u/BYpbWcC/ePIlUnwEsBbTuZDdQdm2NnL9DuDcpmvJRPpq3t/O5jrFc/ZSXPsoaP -0Aj/uHYUbt7lJ+yreLVTubY/6CD50qi+YUbKh4yE8/nxoGibIh6BJpsQBJFxwAYf -3KDTuVan45gtf4Od34wrnDKOMpTwATwiKp9Dwi7DmDkHOHv8XgBCH/MyJnmDhPbl -8MFREsALHgQjDFSlTC9JxUrRtm5gDWv8a4uFJGS3iQ6rJUdbPM9+Sb3H6QrG2vd+ -DhcI00iX0HGS8A85PjRqHH3Y8iKuu2n0M7SmSFXRDw4m6Oy2Cy2nhTXN/VnIn9HN -PlopNLk9hM6xZdRZkZFWdSHBd575euFgndOtBBj0fOtek49TSiIp+EgrPk2GrFt/ -ywaZWWDYWGWVjUTR939+J399roD1B0y2PpxxVJkES/1Y+Zj0 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID2DCCAsCgAwIBAgIQYFbFSyNAW2TU7SXa2dYeHjANBgkqhkiG9w0BAQsFADCB -hTELMAkGA1UEBhMCREUxKTAnBgNVBAoTIERldXRzY2hlciBTcGFya2Fzc2VuIFZl -cmxhZyBHbWJIMScwJQYDVQQLEx5TLVRSVVNUIENlcnRpZmljYXRpb24gU2Vydmlj -ZXMxIjAgBgNVBAMTGVMtVFJVU1QgVW5pdmVyc2FsIFJvb3QgQ0EwHhcNMTMxMDIy -MDAwMDAwWhcNMzgxMDIxMjM1OTU5WjCBhTELMAkGA1UEBhMCREUxKTAnBgNVBAoT -IERldXRzY2hlciBTcGFya2Fzc2VuIFZlcmxhZyBHbWJIMScwJQYDVQQLEx5TLVRS -VVNUIENlcnRpZmljYXRpb24gU2VydmljZXMxIjAgBgNVBAMTGVMtVFJVU1QgVW5p -dmVyc2FsIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCo -4wvfETeFgpq1bGZ8YT/ARxodRuOwVWTluII5KAd+F//0m4rwkYHqOD8heGxI7Gsv -otOKcrKn19nqf7TASWswJYmM67fVQGGY4tw8IJLNZUpynxqOjPolFb/zIYMoDYuv -WRGCQ1ybTSVRf1gYY2A7s7WKi1hjN0hIkETCQN1d90NpKZhcEmVeq5CSS2bf1XUS -U1QYpt6K1rtXAzlZmRgFDPn9FcaQZEYXgtfCSkE9/QC+V3IYlHcbU1qJAfYzcg6T -OtzoHv0FBda8c+CI3KtP7LUYhk95hA5IKmYq3TLIeGXIC51YAQVx7YH1aBduyw20 -S9ih7K446xxYL6FlAzQvAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P -AQH/BAQDAgEGMB0GA1UdDgQWBBSafdfr639UmEUptCCrbQuWIxmkwjANBgkqhkiG -9w0BAQsFAAOCAQEATpYS2353XpInniEXGIJ22D+8pQkEZoiJrdtVszNqxmXEj03z -MjbceQSWqXcy0Zf1GGuMuu3OEdBEx5LxtESO7YhSSJ7V/Vn4ox5R+wFS5V/let2q -JE8ii912RvaloA812MoPmLkwXSBvwoEevb3A/hXTOCoJk5gnG5N70Cs0XmilFU/R -UsOgyqCDRR319bdZc11ZAY+qwkcvFHHVKeMQtUeTJcwjKdq3ctiR1OwbSIoi5MEq -9zpok59FGW5Dt8z+uJGaYRo2aWNkkijzb2GShROfyQcsi1fc65551cLeCNVUsldO -KjKNoeI60RAgIjl9NEVvcTvDHfz/sk+o4vYwHg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIClDCCAhqgAwIBAgIILCmcWxbtBZUwCgYIKoZIzj0EAwIwfzELMAkGA1UEBhMC -VVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQKDA9T -U0wgQ29ycG9yYXRpb24xNDAyBgNVBAMMK1NTTC5jb20gRVYgUm9vdCBDZXJ0aWZp -Y2F0aW9uIEF1dGhvcml0eSBFQ0MwHhcNMTYwMjEyMTgxNTIzWhcNNDEwMjEyMTgx -NTIzWjB/MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hv -dXN0b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjE0MDIGA1UEAwwrU1NMLmNv -bSBFViBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzB2MBAGByqGSM49 -AgEGBSuBBAAiA2IABKoSR5CYG/vvw0AHgyBO8TCCogbR8pKGYfL2IWjKAMTH6kMA -VIbc/R/fALhBYlzccBYy3h+Z1MzFB8gIH2EWB1E9fVwHU+M1OIzfzZ/ZLg1Kthku -WnBaBu2+8KGwytAJKaNjMGEwHQYDVR0OBBYEFFvKXuXe0oGqzagtZFG22XKbl+ZP -MA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUW8pe5d7SgarNqC1kUbbZcpuX -5k8wDgYDVR0PAQH/BAQDAgGGMAoGCCqGSM49BAMCA2gAMGUCMQCK5kCJN+vp1RPZ -ytRrJPOwPYdGWBrssd9v+1a6cGvHOMzosYxPD/fxZ3YOg9AeUY8CMD32IygmTMZg -h5Mmm7I1HrrW9zzRHM76JTymGoEVW/MSD2zuZYrJh6j5B+BimoxcSg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF6zCCA9OgAwIBAgIIVrYpzTS8ePYwDQYJKoZIhvcNAQELBQAwgYIxCzAJBgNV -BAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4GA1UEBwwHSG91c3RvbjEYMBYGA1UE -CgwPU1NMIENvcnBvcmF0aW9uMTcwNQYDVQQDDC5TU0wuY29tIEVWIFJvb3QgQ2Vy -dGlmaWNhdGlvbiBBdXRob3JpdHkgUlNBIFIyMB4XDTE3MDUzMTE4MTQzN1oXDTQy -MDUzMDE4MTQzN1owgYIxCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4G -A1UEBwwHSG91c3RvbjEYMBYGA1UECgwPU1NMIENvcnBvcmF0aW9uMTcwNQYDVQQD -DC5TU0wuY29tIEVWIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgUlNBIFIy -MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAjzZlQOHWTcDXtOlG2mvq -M0fNTPl9fb69LT3w23jhhqXZuglXaO1XPqDQCEGD5yhBJB/jchXQARr7XnAjssuf -OePPxU7Gkm0mxnu7s9onnQqG6YE3Bf7wcXHswxzpY6IXFJ3vG2fThVUCAtZJycxa -4bH3bzKfydQ7iEGonL3Lq9ttewkfokxykNorCPzPPFTOZw+oz12WGQvE43LrrdF9 -HSfvkusQv1vrO6/PgN3B0pYEW3p+pKk8OHakYo6gOV7qd89dAFmPZiw+B6KjBSYR -aZfqhbcPlgtLyEDhULouisv3D5oi53+aNxPN8k0TayHRwMwi8qFG9kRpnMphNQcA -b9ZhCBHqurj26bNg5U257J8UZslXWNvNh2n4ioYSA0e/ZhN2rHd9NCSFg83XqpyQ -Gp8hLH94t2S42Oim9HizVcuE0jLEeK6jj2HdzghTreyI/BXkmg3mnxp3zkyPuBQV -PWKchjgGAGYS5Fl2WlPAApiiECtoRHuOec4zSnaqW4EWG7WK2NAAe15itAnWhmMO -pgWVSbooi4iTsjQc2KRVbrcc0N6ZVTsj9CLg+SlmJuwgUHfbSguPvuUCYHBBXtSu -UDkiFCbLsjtzdFVHB3mBOagwE0TlBIqulhMlQg+5U8Sb/M3kHN48+qvWBkofZ6aY -MBzdLNvcGJVXZsb/XItW9XcCAwEAAaNjMGEwDwYDVR0TAQH/BAUwAwEB/zAfBgNV -HSMEGDAWgBT5YLvU49U09rj1BoAlp3PbRmmonjAdBgNVHQ4EFgQU+WC71OPVNPa4 -9QaAJadz20ZpqJ4wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQBW -s47LCp1Jjr+kxJG7ZhcFUZh1++VQLHqe8RT6q9OKPv+RKY9ji9i0qVQBDb6Thi/5 -Sm3HXvVX+cpVHBK+Rw82xd9qt9t1wkclf7nxY/hoLVUE0fKNsKTPvDxeH3jnpaAg -cLAExbf3cqfeIg29MyVGjGSSJuM+LmOW2puMPfgYCdcDzH2GguDKBAdRUNf/ktUM -79qGn5nX67evaOI5JpS6aLe/g9Pqemc9YmeuJeVy6OLk7K4S9ksrPJ/psEDzOFSz -/bdoyNrGj1E8svuR3Bznm53htw1yj+KkxKl4+esUrMZDBcJlOSgYAsOCsp0FvmXt -ll9ldDz7CTUue5wT/RsPXcdtgTpWD8w74a8CLyKsRspGPKAcTNZEtF4uXBVmCeEm -Kf7GUmG6sXP/wwyc5WxqlD8UykAWlYTzWamsX0xhk23RO8yilQwipmdnRC652dKK -QbNmC1r7fSOl8hqw/96bg5Qu0T/fkreRrwU7ZcegbLHNYhLDkBvjJc40vG93drEQ -w/cFGsDWr3RiSBd3kmmQYRzelYB0VI8YHMPzA9C/pEN1hlMYegouCRw2n5H9gooi -S9EOUCXdywMMF8mDAAhONU2Ki+3wApRmLER/y5UnlhetCTCstnEXbosX9hwJ1C07 -mKVx01QT2WDz9UtmT/rx7iASjbSsV7FFY6GsdqnC+w== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICjTCCAhSgAwIBAgIIdebfy8FoW6gwCgYIKoZIzj0EAwIwfDELMAkGA1UEBhMC -VVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQKDA9T -U0wgQ29ycG9yYXRpb24xMTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZpY2F0 -aW9uIEF1dGhvcml0eSBFQ0MwHhcNMTYwMjEyMTgxNDAzWhcNNDEwMjEyMTgxNDAz -WjB8MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0 -b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNvbSBS -b290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzB2MBAGByqGSM49AgEGBSuB -BAAiA2IABEVuqVDEpiM2nl8ojRfLliJkP9x6jh3MCLOicSS6jkm5BBtHllirLZXI -7Z4INcgn64mMU1jrYor+8FsPazFSY0E7ic3s7LaNGdM0B9y7xgZ/wkWV7Mt/qCPg -CemB+vNH06NjMGEwHQYDVR0OBBYEFILRhXMw5zUE044CkvvlpNHEIejNMA8GA1Ud -EwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUgtGFczDnNQTTjgKS++Wk0cQh6M0wDgYD -VR0PAQH/BAQDAgGGMAoGCCqGSM49BAMCA2cAMGQCMG/n61kRpGDPYbCWe+0F+S8T -kdzt5fxQaxFGRrMcIQBiu77D5+jNB5n5DQtdcj7EqgIwH7y6C+IwJPt8bYBVCpk+ -gA0z5Wajs6O7pdWLjwkspl1+4vAHCGht0nxpbl/f5Wpl ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF3TCCA8WgAwIBAgIIeyyb0xaAMpkwDQYJKoZIhvcNAQELBQAwfDELMAkGA1UE -BhMCVVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQK -DA9TU0wgQ29ycG9yYXRpb24xMTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZp -Y2F0aW9uIEF1dGhvcml0eSBSU0EwHhcNMTYwMjEyMTczOTM5WhcNNDEwMjEyMTcz -OTM5WjB8MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hv -dXN0b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNv -bSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFJTQTCCAiIwDQYJKoZIhvcN -AQEBBQADggIPADCCAgoCggIBAPkP3aMrfcvQKv7sZ4Wm5y4bunfh4/WvpOz6Sl2R -xFdHaxh3a3by/ZPkPQ/CFp4LZsNWlJ4Xg4XOVu/yFv0AYvUiCVToZRdOQbngT0aX -qhvIuG5iXmmxX9sqAn78bMrzQdjt0Oj8P2FI7bADFB0QDksZ4LtO7IZl/zbzXmcC -C52GVWH9ejjt/uIZALdvoVBidXQ8oPrIJZK0bnoix/geoeOy3ZExqysdBP+lSgQ3 -6YWkMyv94tZVNHwZpEpox7Ko07fKoZOI68GXvIz5HdkihCR0xwQ9aqkpk8zruFvh -/l8lqjRYyMEjVJ0bmBHDOJx+PYZspQ9AhnwC9FwCTyjLrnGfDzrIM/4RJTXq/LrF -YD3ZfBjVsqnTdXgDciLKOsMf7yzlLqn6niy2UUb9rwPW6mBo6oUWNmuF6R7As93E -JNyAKoFBbZQ+yODJgUEAnl6/f8UImKIYLEJAs/lvOCdLToD0PYFH4Ih86hzOtXVc -US4cK38acijnALXRdMbX5J+tB5O2UzU1/Dfkw/ZdFr4hc96SCvigY2q8lpJqPvi8 -ZVWb3vUNiSYE/CUapiVpy8JtynziWV+XrOvvLsi81xtZPCvM8hnIk2snYxnP/Okm -+Mpxm3+T/jRnhE6Z6/yzeAkzcLpmpnbtG3PrGqUNxCITIJRWCk4sbE6x/c+cCbqi -M+2HAgMBAAGjYzBhMB0GA1UdDgQWBBTdBAkHovV6fVJTEpKV7jiAJQ2mWTAPBgNV -HRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFN0ECQei9Xp9UlMSkpXuOIAlDaZZMA4G -A1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAIBgRlCn7Jp0cHh5wYfGV -cpNxJK1ok1iOMq8bs3AD/CUrdIWQPXhq9LmLpZc7tRiRux6n+UBbkflVma8eEdBc -Hadm47GUBwwyOabqG7B52B2ccETjit3E+ZUfijhDPwGFpUenPUayvOUiaPd7nNgs -PgohyC0zrL/FgZkxdMF1ccW+sfAjRfSda/wZY52jvATGGAslu1OJD7OAUN5F7kR/ -q5R4ZJjT9ijdh9hwZXT7DrkT66cPYakylszeu+1jTBi7qUD3oFRuIIhxdRjqerQ0 -cuAjJ3dctpDqhiVAq+8zD8ufgr6iIPv2tS0a5sKFsXQP+8hlAqRSAUfdSSLBv9jr -a6x+3uxjMxW3IwiPxg+NQVrdjsW5j+VFP3jbutIbQLH+cU0/4IGiul607BXgk90I -H37hVZkLId6Tngr75qNJvTYw/ud3sqB1l7UtgYgXZSD32pAAn8lSzDLKNXz1PQ/Y -K9f1JmzJBjSWFupwWRoyeXkLtoh/D1JIPb9s2KJELtFOt3JY04kTlf5Eq/jXixtu -nLwsoFvVagCvXzfh1foQC5ichucmj87w7G6KVwuA406ywKBjYZC6VWg3dGq2ktuf -oYYitmUnDuy2n0Jg5GfCtdpBC8TTi2EbvPofkSvXRAdeuims2cXp71NIWuuA8ShY -Ic2wBlX7Jz9TkHCpBB5XJ7k= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDcjCCAlqgAwIBAgIUPopdB+xV0jLVt+O2XwHrLdzk1uQwDQYJKoZIhvcNAQEL -BQAwUTELMAkGA1UEBhMCUEwxKDAmBgNVBAoMH0tyYWpvd2EgSXpiYSBSb3psaWN6 -ZW5pb3dhIFMuQS4xGDAWBgNVBAMMD1NaQUZJUiBST09UIENBMjAeFw0xNTEwMTkw -NzQzMzBaFw0zNTEwMTkwNzQzMzBaMFExCzAJBgNVBAYTAlBMMSgwJgYDVQQKDB9L -cmFqb3dhIEl6YmEgUm96bGljemVuaW93YSBTLkEuMRgwFgYDVQQDDA9TWkFGSVIg -Uk9PVCBDQTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3vD5QqEvN -QLXOYeeWyrSh2gwisPq1e3YAd4wLz32ohswmUeQgPYUM1ljj5/QqGJ3a0a4m7utT -3PSQ1hNKDJA8w/Ta0o4NkjrcsbH/ON7Dui1fgLkCvUqdGw+0w8LBZwPd3BucPbOw -3gAeqDRHu5rr/gsUvTaE2g0gv/pby6kWIK05YO4vdbbnl5z5Pv1+TW9NL++IDWr6 -3fE9biCloBK0TXC5ztdyO4mTp4CEHCdJckm1/zuVnsHMyAHs6A6KCpbns6aH5db5 -BSsNl0BwPLqsdVqc1U2dAgrSS5tmS0YHF2Wtn2yIANwiieDhZNRnvDF5YTy7ykHN -XGoAyDw4jlivAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD -AgEGMB0GA1UdDgQWBBQuFqlKGLXLzPVvUPMjX/hd56zwyDANBgkqhkiG9w0BAQsF -AAOCAQEAtXP4A9xZWx126aMqe5Aosk3AM0+qmrHUuOQn/6mWmc5G4G18TKI4pAZw -8PRBEew/R40/cof5O/2kbytTAOD/OblqBw7rHRz2onKQy4I9EYKL0rufKq8h5mOG -nXkZ7/e7DDWQw4rtTw/1zBLZpD67oPwglV9PJi8RI4NOdQcPv5vRtB3pEAT+ymCP -oky4rc/hkA/NrgrHXXu3UNLUYfrVFdvXn4dRVOul4+vJhaAlIDf7js4MNIThPIGy -d05DpYhfhmehPea0XGG2Ptv+tyjFogeutcrKjSoS75ftwjCkySp6+/NNIxuZMzSg -LvWpCz/UXeHPhJ/iGcJfitYgHuNztw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDbTCCAlWgAwIBAgIBATANBgkqhkiG9w0BAQUFADBYMQswCQYDVQQGEwJKUDEr -MCkGA1UEChMiSmFwYW4gQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcywgSW5jLjEcMBoG -A1UEAxMTU2VjdXJlU2lnbiBSb290Q0ExMTAeFw0wOTA0MDgwNDU2NDdaFw0yOTA0 -MDgwNDU2NDdaMFgxCzAJBgNVBAYTAkpQMSswKQYDVQQKEyJKYXBhbiBDZXJ0aWZp -Y2F0aW9uIFNlcnZpY2VzLCBJbmMuMRwwGgYDVQQDExNTZWN1cmVTaWduIFJvb3RD -QTExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/XeqpRyQBTvLTJsz -i1oURaTnkBbR31fSIRCkF/3frNYfp+TbfPfs37gD2pRY/V1yfIw/XwFndBWW4wI8 -h9uuywGOwvNmxoVF9ALGOrVisq/6nL+k5tSAMJjzDbaTj6nU2DbysPyKyiyhFTOV -MdrAG/LuYpmGYz+/3ZMqg6h2uRMft85OQoWPIucuGvKVCbIFtUROd6EgvanyTgp9 -UK31BQ1FT0Zx/Sg+U/sE2C3XZR1KG/rPO7AxmjVuyIsG0wCR8pQIZUyxNAYAeoni -8McDWc/V1uinMrPmmECGxc0nEovMe863ETxiYAcjPitAbpSACW22s293bzUIUPsC -h8U+iQIDAQABo0IwQDAdBgNVHQ4EFgQUW/hNT7KlhtQ60vFjmqC+CfZXt94wDgYD -VR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEB -AKChOBZmLqdWHyGcBvod7bkixTgm2E5P7KN/ed5GIaGHd48HCJqypMWvDzKYC3xm -KbabfSVSSUOrTC4rbnpwrxYO4wJs+0LmGJ1F2FXI6Dvd5+H0LgscNFxsWEr7jIhQ -X5Ucv+2rIrVls4W6ng+4reV6G4pQOh29Dbx7VFALuUKvVaAYga1lme++5Jy/xIWr -QbJUb9wlze144o4MjQlJ3WN7WmmWAiGovVJZ6X01y8hSyn+B/tlr0/cR7SXf+Of5 -pPpyl4RTDaXQMhhRdlkUbA/r7F+AjHVDg8OFmP9Mni0N5HeDk061lgeLKBObjBmN -QSdJQO7e5iNEOdyhIta6A/I= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDuDCCAqCgAwIBAgIQDPCOXAgWpa1Cf/DrJxhZ0DANBgkqhkiG9w0BAQUFADBI -MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24x -FzAVBgNVBAMTDlNlY3VyZVRydXN0IENBMB4XDTA2MTEwNzE5MzExOFoXDTI5MTIz -MTE5NDA1NVowSDELMAkGA1UEBhMCVVMxIDAeBgNVBAoTF1NlY3VyZVRydXN0IENv -cnBvcmF0aW9uMRcwFQYDVQQDEw5TZWN1cmVUcnVzdCBDQTCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBAKukgeWVzfX2FI7CT8rU4niVWJxB4Q2ZQCQXOZEz -Zum+4YOvYlyJ0fwkW2Gz4BERQRwdbvC4u/jep4G6pkjGnx29vo6pQT64lO0pGtSO -0gMdA+9tDWccV9cGrcrI9f4Or2YlSASWC12juhbDCE/RRvgUXPLIXgGZbf2IzIao -wW8xQmxSPmjL8xk037uHGFaAJsTQ3MBv396gwpEWoGQRS0S8Hvbn+mPeZqx2pHGj -7DaUaHp3pLHnDi+BeuK1cobvomuL8A/b01k/unK8RCSc43Oz969XL0Imnal0ugBS -8kvNU3xHCzaFDmapCJcWNFfBZveA4+1wVMeT4C4oFVmHursCAwEAAaOBnTCBmjAT -BgkrBgEEAYI3FAIEBh4EAEMAQTALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB -/zAdBgNVHQ4EFgQUQjK2FvoE/f5dS3rD/fdMQB1aQ68wNAYDVR0fBC0wKzApoCeg -JYYjaHR0cDovL2NybC5zZWN1cmV0cnVzdC5jb20vU1RDQS5jcmwwEAYJKwYBBAGC -NxUBBAMCAQAwDQYJKoZIhvcNAQEFBQADggEBADDtT0rhWDpSclu1pqNlGKa7UTt3 -6Z3q059c4EVlew3KW+JwULKUBRSuSceNQQcSc5R+DCMh/bwQf2AQWnL1mA6s7Ll/ -3XpvXdMc9P+IBWlCqQVxyLesJugutIxq/3HcuLHfmbx8IVQr5Fiiu1cprp6poxkm -D5kuCLDv/WnPmRoJjeOnnyvJNjR7JLN4TJUXpAYmHrZkUjZfYGfZnMUFdAvnZyPS -CPyI6a6Lf+Ew9Dd+/cYy2i2eRDAwbO4H3tI0/NL/QPZL9GZGBlSm8jIKYyYwa5vR -3ItHuuG51WLQoqD0ZwV4KWMabwTW+MZMo5qxN7SN5ShLHZ4swrhovO0C7jE= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDvDCCAqSgAwIBAgIQB1YipOjUiolN9BPI8PjqpTANBgkqhkiG9w0BAQUFADBK -MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24x -GTAXBgNVBAMTEFNlY3VyZSBHbG9iYWwgQ0EwHhcNMDYxMTA3MTk0MjI4WhcNMjkx -MjMxMTk1MjA2WjBKMQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3Qg -Q29ycG9yYXRpb24xGTAXBgNVBAMTEFNlY3VyZSBHbG9iYWwgQ0EwggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvNS7YrGxVaQZx5RNoJLNP2MwhR/jxYDiJ -iQPpvepeRlMJ3Fz1Wuj3RSoC6zFh1ykzTM7HfAo3fg+6MpjhHZevj8fcyTiW89sa -/FHtaMbQbqR8JNGuQsiWUGMu4P51/pinX0kuleM5M2SOHqRfkNJnPLLZ/kG5VacJ -jnIFHovdRIWCQtBJwB1g8NEXLJXr9qXBkqPFwqcIYA1gBBCWeZ4WNOaptvolRTnI -HmX5k/Wq8VLcmZg9pYYaDDUz+kulBAYVHDGA76oYa8J719rO+TMg1fW9ajMtgQT7 -sFzUnKPiXB3jqUJ1XnvUd+85VLrJChgbEplJL4hL/VBi0XPnj3pDAgMBAAGjgZ0w -gZowEwYJKwYBBAGCNxQCBAYeBABDAEEwCwYDVR0PBAQDAgGGMA8GA1UdEwEB/wQF -MAMBAf8wHQYDVR0OBBYEFK9EBMJBfkiD2045AuzshHrmzsmkMDQGA1UdHwQtMCsw -KaAnoCWGI2h0dHA6Ly9jcmwuc2VjdXJldHJ1c3QuY29tL1NHQ0EuY3JsMBAGCSsG -AQQBgjcVAQQDAgEAMA0GCSqGSIb3DQEBBQUAA4IBAQBjGghAfaReUw132HquHw0L -URYD7xh8yOOvaliTFGCRsoTciE6+OYo68+aCiV0BN7OrJKQVDpI1WkpEXk5X+nXO -H0jOZvQ8QCaSmGwb7iRGDBezUqXbpZGRzzfTb+cnCDpOGR86p1hcF895P4vkp9Mm -I50mD1hp/Ed+stCNi5O/KU9DaXR2Z0vPB4zmAve14bRDtUstFJ/53CYNv6ZHdAbY -iNE6KTCEztI5gGIbqMdXSbxqVVFnFUq+NQfk1XWYN3kwFNspnWzFacxHVaIw98xc -f8LDmBxrThaA63p4ZUWiABqvDA1VZDRIuJK58bRQKfJPIx/abKwfROHdI3hRW8cW ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDdzCCAl+gAwIBAgIBADANBgkqhkiG9w0BAQsFADBdMQswCQYDVQQGEwJKUDEl -MCMGA1UEChMcU0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4sTFRELjEnMCUGA1UECxMe -U2VjdXJpdHkgQ29tbXVuaWNhdGlvbiBSb290Q0EyMB4XDTA5MDUyOTA1MDAzOVoX -DTI5MDUyOTA1MDAzOVowXTELMAkGA1UEBhMCSlAxJTAjBgNVBAoTHFNFQ09NIFRy -dXN0IFN5c3RlbXMgQ08uLExURC4xJzAlBgNVBAsTHlNlY3VyaXR5IENvbW11bmlj -YXRpb24gUm9vdENBMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANAV -OVKxUrO6xVmCxF1SrjpDZYBLx/KWvNs2l9amZIyoXvDjChz335c9S672XewhtUGr -zbl+dp+++T42NKA7wfYxEUV0kz1XgMX5iZnK5atq1LXaQZAQwdbWQonCv/Q4EpVM -VAX3NuRFg3sUZdbcDE3R3n4MqzvEFb46VqZab3ZpUql6ucjrappdUtAtCms1FgkQ -hNBqyjoGADdH5H5XTz+L62e4iKrFvlNVspHEfbmwhRkGeC7bYRr6hfVKkaHnFtWO -ojnflLhwHyg/i/xAXmODPIMqGplrz95Zajv8bxbXH/1KEOtOghY6rCcMU/Gt1SSw -awNQwS08Ft1ENCcadfsCAwEAAaNCMEAwHQYDVR0OBBYEFAqFqXdlBZh8QIH4D5cs -OPEK7DzPMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3 -DQEBCwUAA4IBAQBMOqNErLlFsceTfsgLCkLfZOoc7llsCLqJX2rKSpWeeo8HxdpF -coJxDjrSzG+ntKEju/Ykn8sX/oymzsLS28yN/HH8AynBbF0zX2S2ZTuJbxh2ePXc -okgfGT+Ok+vx+hfuzU7jBBJV1uXk3fs+BXziHV7Gp7yXT2g69ekuCkO2r1dcYmh8 -t/2jioSgrGK+KwmHNPBqAbubKVY8/gA3zyNs8U6qtnRGEmyR7jTV7JqR50S+kDFy -1UkC9gLl9B/rfNmWVan/7Ir5mUf/NVoCqgTLiluHcSmRvaS0eg29mvVXIwAHIRc/ -SjnRBUkLp7Y3gaVdjKozXoEofKd9J+sAro03 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDWjCCAkKgAwIBAgIBADANBgkqhkiG9w0BAQUFADBQMQswCQYDVQQGEwJKUDEY -MBYGA1UEChMPU0VDT00gVHJ1c3QubmV0MScwJQYDVQQLEx5TZWN1cml0eSBDb21t -dW5pY2F0aW9uIFJvb3RDQTEwHhcNMDMwOTMwMDQyMDQ5WhcNMjMwOTMwMDQyMDQ5 -WjBQMQswCQYDVQQGEwJKUDEYMBYGA1UEChMPU0VDT00gVHJ1c3QubmV0MScwJQYD -VQQLEx5TZWN1cml0eSBDb21tdW5pY2F0aW9uIFJvb3RDQTEwggEiMA0GCSqGSIb3 -DQEBAQUAA4IBDwAwggEKAoIBAQCzs/5/022x7xZ8V6UMbXaKL0u/ZPtM7orw8yl8 -9f/uKuDp6bpbZCKamm8sOiZpUQWZJtzVHGpxxpp9Hp3dfGzGjGdnSj74cbAZJ6kJ -DKaVv0uMDPpVmDvY6CKhS3E4eayXkmmziX7qIWgGmBSWh9JhNrxtJ1aeV+7AwFb9 -Ms+k2Y7CI9eNqPPYJayX5HA49LY6tJ07lyZDo6G8SVlyTCMwhwFY9k6+HGhWZq/N -QV3Is00qVUarH9oe4kA92819uZKAnDfdDJZkndwi92SL32HeFZRSFaB9UslLqCHJ -xrHty8OVYNEP8Ktw+N/LTX7s1vqr2b1/VPKl6Xn62dZ2JChzAgMBAAGjPzA9MB0G -A1UdDgQWBBSgc0mZaNyFW2XjmygvV5+9M7wHSDALBgNVHQ8EBAMCAQYwDwYDVR0T -AQH/BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAaECpqLvkT115swW1F7NgE+vG -kl3g0dNq/vu+m22/xwVtWSDEHPC32oRYAmP6SBbvT6UL90qY8j+eG61Ha2POCEfr -Uj94nK9NrvjVT8+amCoQQTlSxN3Zmw7vkwGusi7KaEIkQmywszo+zenaSMQVy+n5 -Bw+SUEmK3TGXX8npN6o7WWWXlDLJs58+OmJYxUmtYg5xpTKqL8aJdkNAExNnPaJU -JRDL8Try2frbSVa7pv6nQTXD4IhhyYjH3zYQIphZ6rBK+1YWc26sTfcioU+tHXot -RSflMMFe8toTyyVCUZVHA4xsIcx0Qu1T/zOLjw9XARYvz6buyXAiFL39vmwLAw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDIDCCAgigAwIBAgIBHTANBgkqhkiG9w0BAQUFADA5MQswCQYDVQQGEwJGSTEP -MA0GA1UEChMGU29uZXJhMRkwFwYDVQQDExBTb25lcmEgQ2xhc3MyIENBMB4XDTAx -MDQwNjA3Mjk0MFoXDTIxMDQwNjA3Mjk0MFowOTELMAkGA1UEBhMCRkkxDzANBgNV -BAoTBlNvbmVyYTEZMBcGA1UEAxMQU29uZXJhIENsYXNzMiBDQTCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAJAXSjWdyvANlsdE+hY3/Ei9vX+ALTU74W+o -Z6m/AxxNjG8yR9VBaKQTBME1DJqEQ/xcHf+Js+gXGM2RX/uJ4+q/Tl18GybTdXnt -5oTjV+WtKcT0OijnpXuENmmz/V52vaMtmdOQTiMofRhj8VQ7Jp12W5dCsv+u8E7s -3TmVToMGf+dJQMjFAbJUWmYdPfz56TwKnoG4cPABi+QjVHzIrviQHgCWctRUz2Ej -vOr7nQKV0ba5cTppCD8PtOFCx4j1P5iop7oc4HFx71hXgVB6XGt0Rg6DA5jDjqhu -8nYybieDwnPz3BjotJPqdURrBGAgcVeHnfO+oJAjPYok4doh28MCAwEAAaMzMDEw -DwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4ECgQISqCqWITTXjwwCwYDVR0PBAQDAgEG -MA0GCSqGSIb3DQEBBQUAA4IBAQBazof5FnIVV0sd2ZvnoiYw7JNn39Yt0jSv9zil -zqsWuasvfDXLrNAPtEwr/IDva4yRXzZ299uzGxnq9LIR/WFxRL8oszodv7ND6J+/ -3DEIcbCdjdY0RzKQxmUk96BKfARzjzlvF4xytb1LyHr4e4PDKE6cCepnP7JnBBvD -FNr450kkkdAdavphOe9r5yF1BgfYErQhIHBCcYHaPJo2vqZbDWpsmh+Re/n570K6 -Tk6ezAyNlNzZRZxe7EJQY670XcSxEtzKO6gunRRaBXW37Ndj4ro1tgQIkejanZz2 -ZrUYrAqmVCY0M9IbwdR/GjqOC6oybtv8TyWf2TLHllpwrN9M ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFcDCCA1igAwIBAgIEAJiWjTANBgkqhkiG9w0BAQsFADBYMQswCQYDVQQGEwJO -TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSkwJwYDVQQDDCBTdGFh -dCBkZXIgTmVkZXJsYW5kZW4gRVYgUm9vdCBDQTAeFw0xMDEyMDgxMTE5MjlaFw0y -MjEyMDgxMTEwMjhaMFgxCzAJBgNVBAYTAk5MMR4wHAYDVQQKDBVTdGFhdCBkZXIg -TmVkZXJsYW5kZW4xKTAnBgNVBAMMIFN0YWF0IGRlciBOZWRlcmxhbmRlbiBFViBS -b290IENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA48d+ifkkSzrS -M4M1LGns3Amk41GoJSt5uAg94JG6hIXGhaTK5skuU6TJJB79VWZxXSzFYGgEt9nC -UiY4iKTWO0Cmws0/zZiTs1QUWJZV1VD+hq2kY39ch/aO5ieSZxeSAgMs3NZmdO3d -Z//BYY1jTw+bbRcwJu+r0h8QoPnFfxZpgQNH7R5ojXKhTbImxrpsX23Wr9GxE46p -rfNeaXUmGD5BKyF/7otdBwadQ8QpCiv8Kj6GyzyDOvnJDdrFmeK8eEEzduG/L13l -pJhQDBXd4Pqcfzho0LKmeqfRMb1+ilgnQ7O6M5HTp5gVXJrm0w912fxBmJc+qiXb -j5IusHsMX/FjqTf5m3VpTCgmJdrV8hJwRVXj33NeN/UhbJCONVrJ0yPr08C+eKxC -KFhmpUZtcALXEPlLVPxdhkqHz3/KRawRWrUgUY0viEeXOcDPusBCAUCZSCELa6fS -/ZbV0b5GnUngC6agIk440ME8MLxwjyx1zNDFjFE7PZQIZCZhfbnDZY8UnCHQqv0X -cgOPvZuM5l5Tnrmd74K74bzickFbIZTTRTeU0d8JOV3nI6qaHcptqAqGhYqCvkIH -1vI4gnPah1vlPNOePqc7nvQDs/nxfRN0Av+7oeX6AHkcpmZBiFxgV6YuCcS6/ZrP -px9Aw7vMWgpVSzs4dlG4Y4uElBbmVvMCAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB -/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFP6rAJCYniT8qcwaivsnuL8wbqg7 -MA0GCSqGSIb3DQEBCwUAA4ICAQDPdyxuVr5Os7aEAJSrR8kN0nbHhp8dB9O2tLsI -eK9p0gtJ3jPFrK3CiAJ9Brc1AsFgyb/E6JTe1NOpEyVa/m6irn0F3H3zbPB+po3u -2dfOWBfoqSmuc0iH55vKbimhZF8ZE/euBhD/UcabTVUlT5OZEAFTdfETzsemQUHS -v4ilf0X8rLiltTMMgsT7B/Zq5SWEXwbKwYY5EdtYzXc7LMJMD16a4/CrPmEbUCTC -wPTxGfARKbalGAKb12NMcIxHowNDXLldRqANb/9Zjr7dn3LDWyvfjFvO5QxGbJKy -CqNMVEIYFRIYvdr8unRu/8G2oGTYqV9Vrp9canaW2HNnh/tNf1zuacpzEPuKqf2e -vTY4SUmH9A4U8OmHuD+nT3pajnnUk+S7aFKErGzp85hwVXIy+TSrK0m1zSBi5Dp6 -Z2Orltxtrpfs/J92VoguZs9btsmksNcFuuEnL5O7Jiqik7Ab846+HUCjuTaPPoIa -Gl6I6lD4WeKDRikL40Rc4ZW2aZCaFG+XroHPaO+Zmr615+F/+PoTRxZMzG0IQOeL -eG9QgkRQP2YGiqtDhFZKDyAthg710tvSeopLzaXoTvFeJiUBWSOgftL2fiFX1ye8 -FVdMpEbB4IMeDExNH08GGeL5qPQ6gqGyeUN51q1veieQA6TqJIc/2b3Z6fJfUEkc -7uzXLg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFyjCCA7KgAwIBAgIEAJiWjDANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJO -TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSswKQYDVQQDDCJTdGFh -dCBkZXIgTmVkZXJsYW5kZW4gUm9vdCBDQSAtIEcyMB4XDTA4MDMyNjExMTgxN1oX -DTIwMDMyNTExMDMxMFowWjELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRl -ciBOZWRlcmxhbmRlbjErMCkGA1UEAwwiU3RhYXQgZGVyIE5lZGVybGFuZGVuIFJv -b3QgQ0EgLSBHMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMVZ5291 -qj5LnLW4rJ4L5PnZyqtdj7U5EILXr1HgO+EASGrP2uEGQxGZqhQlEq0i6ABtQ8Sp -uOUfiUtnvWFI7/3S4GCI5bkYYCjDdyutsDeqN95kWSpGV+RLufg3fNU254DBtvPU -Z5uW6M7XxgpT0GtJlvOjCwV3SPcl5XCsMBQgJeN/dVrlSPhOewMHBPqCYYdu8DvE -pMfQ9XQ+pV0aCPKbJdL2rAQmPlU6Yiile7Iwr/g3wtG61jj99O9JMDeZJiFIhQGp -5Rbn3JBV3w/oOM2ZNyFPXfUib2rFEhZgF1XyZWampzCROME4HYYEhLoaJXhena/M -UGDWE4dS7WMfbWV9whUYdMrhfmQpjHLYFhN9C0lK8SgbIHRrxT3dsKpICT0ugpTN -GmXZK4iambwYfp/ufWZ8Pr2UuIHOzZgweMFvZ9C+X+Bo7d7iscksWXiSqt8rYGPy -5V6548r6f1CGPqI0GAwJaCgRHOThuVw+R7oyPxjMW4T182t0xHJ04eOLoEq9jWYv -6q012iDTiIJh8BIitrzQ1aTsr1SIJSQ8p22xcik/Plemf1WvbibG/ufMQFxRRIEK -eN5KzlW/HdXZt1bv8Hb/C3m1r737qWmRRpdogBQ2HbN/uymYNqUg+oJgYjOk7Na6 -B6duxc8UpufWkjTYgfX8HV2qXB72o007uPc5AgMBAAGjgZcwgZQwDwYDVR0TAQH/ -BAUwAwEB/zBSBgNVHSAESzBJMEcGBFUdIAAwPzA9BggrBgEFBQcCARYxaHR0cDov -L3d3dy5wa2lvdmVyaGVpZC5ubC9wb2xpY2llcy9yb290LXBvbGljeS1HMjAOBgNV -HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFJFoMocVHYnitfGsNig0jQt8YojrMA0GCSqG -SIb3DQEBCwUAA4ICAQCoQUpnKpKBglBu4dfYszk78wIVCVBR7y29JHuIhjv5tLyS -CZa59sCrI2AGeYwRTlHSeYAz+51IvuxBQ4EffkdAHOV6CMqqi3WtFMTC6GY8ggen -5ieCWxjmD27ZUD6KQhgpxrRW/FYQoAUXvQwjf/ST7ZwaUb7dRUG/kSS0H4zpX897 -IZmflZ85OkYcbPnNe5yQzSipx6lVu6xiNGI1E0sUOlWDuYaNkqbG9AclVMwWVxJK -gnjIFNkXgiYtXSAfea7+1HAWFpWD2DU5/1JddRwWxRNVz0fMdWVSSt7wsKfkCpYL -+63C4iWEst3kvX5ZbJvw8NjnyvLplzh+ib7M+zkXYT9y2zqR2GUBGR2tUKRXCnxL -vJxxcypFURmFzI79R6d0lR2o0a9OF7FpJsKqeFdbxU2n5Z4FF5TKsl+gSRiNNOkm -bEgeqmiSBeGCc1qb3AdbCG19ndeNIdn8FCCqwkXfP+cAslHkwvgFuXkajDTznlvk -N1trSt8sV4pAWja63XVECDdCcAz+3F4hoKOKwJCcaNpQ5kUQR3i2TtJlycM33+FC -Y7BXN0Ute4qcvwXqZVUz9zkQxSgqIXobisQk+T8VyJoVIPVVYpbtbZNQvOSqeK3Z -ywplh6ZmwcSBo3c6WB4L7oOLnR7SUqTMHW+wmG2UMbX4cQrcufx9MmDm66+KAQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFdDCCA1ygAwIBAgIEAJiiOTANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJO -TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSswKQYDVQQDDCJTdGFh -dCBkZXIgTmVkZXJsYW5kZW4gUm9vdCBDQSAtIEczMB4XDTEzMTExNDExMjg0MloX -DTI4MTExMzIzMDAwMFowWjELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRl -ciBOZWRlcmxhbmRlbjErMCkGA1UEAwwiU3RhYXQgZGVyIE5lZGVybGFuZGVuIFJv -b3QgQ0EgLSBHMzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAL4yolQP -cPssXFnrbMSkUeiFKrPMSjTysF/zDsccPVMeiAho2G89rcKezIJnByeHaHE6n3WW -IkYFsO2tx1ueKt6c/DrGlaf1F2cY5y9JCAxcz+bMNO14+1Cx3Gsy8KL+tjzk7FqX -xz8ecAgwoNzFs21v0IJyEavSgWhZghe3eJJg+szeP4TrjTgzkApyI/o1zCZxMdFy -KJLZWyNtZrVtB0LrpjPOktvA9mxjeM3KTj215VKb8b475lRgsGYeCasH/lSJEULR -9yS6YHgamPfJEf0WwTUaVHXvQ9Plrk7O53vDxk5hUUurmkVLoR9BvUhTFXFkC4az -5S6+zqQbwSmEorXLCCN2QyIkHxcE1G6cxvx/K2Ya7Irl1s9N9WMJtxU51nus6+N8 -6U78dULI7ViVDAZCopz35HCz33JvWjdAidiFpNfxC95DGdRKWCyMijmev4SH8RY7 -Ngzp07TKbBlBUgmhHbBqv4LvcFEhMtwFdozL92TkA1CvjJFnq8Xy7ljY3r735zHP -bMk7ccHViLVlvMDoFxcHErVc0qsgk7TmgoNwNsXNo42ti+yjwUOH5kPiNL6VizXt -BznaqB16nzaeErAMZRKQFWDZJkBE41ZgpRDUajz9QdwOWke275dhdU/Z/seyHdTt -XUmzqWrLZoQT1Vyg3N9udwbRcXXIV2+vD3dbAgMBAAGjQjBAMA8GA1UdEwEB/wQF -MAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRUrfrHkleuyjWcLhL75Lpd -INyUVzANBgkqhkiG9w0BAQsFAAOCAgEAMJmdBTLIXg47mAE6iqTnB/d6+Oea31BD -U5cqPco8R5gu4RV78ZLzYdqQJRZlwJ9UXQ4DO1t3ApyEtg2YXzTdO2PCwyiBwpwp -LiniyMMB8jPqKqrMCQj3ZWfGzd/TtiunvczRDnBfuCPRy5FOCvTIeuXZYzbB1N/8 -Ipf3YF3qKS9Ysr1YvY2WTxB1v0h7PVGHoTx0IsL8B3+A3MSs/mrBcDCw6Y5p4ixp -gZQJut3+TcCDjJRYwEYgr5wfAvg1VUkvRtTA8KCWAg8zxXHzniN9lLf9OtMJgwYh -/WA9rjLA0u6NpvDntIJ8CsxwyXmA+P5M9zWEGYox+wrZ13+b8KKaa8MFSu1BYBQw -0aoRQm7TIwIEC8Zl3d1Sd9qBa7Ko+gE4uZbqKmxnl4mUnrzhVNXkanjvSr0rmj1A -fsbAddJu+2gw7OyLnflJNZoaLNmzlTnVHpL3prllL+U9bTpITAjc5CgSKL59NVzq -4BZ+Extq1z7XnvwtdbLBFNUjA9tbbws+eC8N3jONFrdI54OagQ97wUNNVQQXOEpR -1VmiiXTTn74eS9fGbbeIJG9gkaSChVtWQbzQRKtqE77RLFi3EjNYsjdj3BP1lB0/ -QFH1T/U67cjF68IeHRaVesd+QnGTbksVtzDfqu1XhUisHWrdOWnk4Xl4vs4Fv6EM -94B7IWcnMFk= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEDzCCAvegAwIBAgIBADANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJVUzEl -MCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMp -U3RhcmZpZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQw -NjI5MTczOTE2WhcNMzQwNjI5MTczOTE2WjBoMQswCQYDVQQGEwJVUzElMCMGA1UE -ChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMpU3RhcmZp -ZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggEgMA0GCSqGSIb3 -DQEBAQUAA4IBDQAwggEIAoIBAQC3Msj+6XGmBIWtDBFk385N78gDGIc/oav7PKaf -8MOh2tTYbitTkPskpD6E8J7oX+zlJ0T1KKY/e97gKvDIr1MvnsoFAZMej2YcOadN -+lq2cwQlZut3f+dZxkqZJRRU6ybH838Z1TBwj6+wRir/resp7defqgSHo9T5iaU0 -X9tDkYI22WY8sbi5gv2cOj4QyDvvBmVmepsZGD3/cVE8MC5fvj13c7JdBmzDI1aa -K4UmkhynArPkPw2vCHmCuDY96pzTNbO8acr1zJ3o/WSNF4Azbl5KXZnJHoe0nRrA -1W4TNSNe35tfPe/W93bC6j67eA0cQmdrBNj41tpvi/JEoAGrAgEDo4HFMIHCMB0G -A1UdDgQWBBS/X7fRzt0fhvRbVazc1xDCDqmI5zCBkgYDVR0jBIGKMIGHgBS/X7fR -zt0fhvRbVazc1xDCDqmI56FspGowaDELMAkGA1UEBhMCVVMxJTAjBgNVBAoTHFN0 -YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xMjAwBgNVBAsTKVN0YXJmaWVsZCBD -bGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMAwGA1UdEwQFMAMBAf8w -DQYJKoZIhvcNAQEFBQADggEBAAWdP4id0ckaVaGsafPzWdqbAYcaT1epoXkJKtv3 -L7IezMdeatiDh6GX70k1PncGQVhiv45YuApnP+yz3SFmH8lU+nLMPUxA2IGvd56D -eruix/U0F47ZEUD0/CwqTRV/p2JdLiXTAAsgGh1o+Re49L2L7ShZ3U0WixeDyLJl -xy16paq8U4Zt3VekyvggQQto8PT7dL5WXXp59fkdheMtlb71cZBDzI0fmgAKhynp -VSJYACPq4xJDKVtHCN2MQWplBqjlIapBtJUhlbl90TSrE9atvNziPTnNvT51cKEY -WQPJIrSPnNVeKtelttQKbfi3QBFGmh95DmK/D5fs4C8fF5Q= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID3TCCAsWgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBjzELMAkGA1UEBhMCVVMx -EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoT -HFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xMjAwBgNVBAMTKVN0YXJmaWVs -ZCBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5MDkwMTAwMDAw -MFoXDTM3MTIzMTIzNTk1OVowgY8xCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6 -b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFyZmllbGQgVGVj -aG5vbG9naWVzLCBJbmMuMTIwMAYDVQQDEylTdGFyZmllbGQgUm9vdCBDZXJ0aWZp -Y2F0ZSBBdXRob3JpdHkgLSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC -ggEBAL3twQP89o/8ArFvW59I2Z154qK3A2FWGMNHttfKPTUuiUP3oWmb3ooa/RMg -nLRJdzIpVv257IzdIvpy3Cdhl+72WoTsbhm5iSzchFvVdPtrX8WJpRBSiUZV9Lh1 -HOZ/5FSuS/hVclcCGfgXcVnrHigHdMWdSL5stPSksPNkN3mSwOxGXn/hbVNMYq/N -Hwtjuzqd+/x5AJhhdM8mgkBj87JyahkNmcrUDnXMN/uLicFZ8WJ/X7NfZTD4p7dN -dloedl40wOiWVpmKs/B/pM293DIxfJHP4F8R+GuqSVzRmZTRouNjWwl2tVZi4Ut0 -HZbUJtQIBFnQmA4O5t78w+wfkPECAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAO -BgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFHwMMh+n2TB/xH1oo2Kooc6rB1snMA0G -CSqGSIb3DQEBCwUAA4IBAQARWfolTwNvlJk7mh+ChTnUdgWUXuEok21iXQnCoKjU -sHU48TRqneSfioYmUeYs0cYtbpUgSpIB7LiKZ3sx4mcujJUDJi5DnUox9g61DLu3 -4jd/IroAow57UvtruzvE03lRTs2Q9GcHGcg8RnoNAX3FWOdt5oUwF5okxBDgBPfg -8n/Uqgr/Qh037ZTlZFkSIHc40zI+OIF1lnP6aI+xy84fxez6nH7PfrHxBy22/L/K -pL/QlwVKvOoYKAKQvVR4CSFx09F9HdkWsKlhPdAKACL8x3vLCWRFCztAgfd9fDL1 -mMpYjn0q7pBZc2T5NnReJaH1ZgUufzkVqSr7UIuOhWn0 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID7zCCAtegAwIBAgIBADANBgkqhkiG9w0BAQsFADCBmDELMAkGA1UEBhMCVVMx -EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoT -HFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xOzA5BgNVBAMTMlN0YXJmaWVs -ZCBTZXJ2aWNlcyBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5 -MDkwMTAwMDAwMFoXDTM3MTIzMTIzNTk1OVowgZgxCzAJBgNVBAYTAlVTMRAwDgYD -VQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFy -ZmllbGQgVGVjaG5vbG9naWVzLCBJbmMuMTswOQYDVQQDEzJTdGFyZmllbGQgU2Vy -dmljZXMgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBANUMOsQq+U7i9b4Zl1+OiFOxHz/Lz58gE20p -OsgPfTz3a3Y4Y9k2YKibXlwAgLIvWX/2h/klQ4bnaRtSmpDhcePYLQ1Ob/bISdm2 -8xpWriu2dBTrz/sm4xq6HZYuajtYlIlHVv8loJNwU4PahHQUw2eeBGg6345AWh1K -Ts9DkTvnVtYAcMtS7nt9rjrnvDH5RfbCYM8TWQIrgMw0R9+53pBlbQLPLJGmpufe -hRhJfGZOozptqbXuNC66DQO4M99H67FrjSXZm86B0UVGMpZwh94CDklDhbZsc7tk -6mFBrMnUVN+HL8cisibMn1lUaJ/8viovxFUcdUBgF4UCVTmLfwUCAwEAAaNCMEAw -DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFJxfAN+q -AdcwKziIorhtSpzyEZGDMA0GCSqGSIb3DQEBCwUAA4IBAQBLNqaEd2ndOxmfZyMI -bw5hyf2E3F/YNoHN2BtBLZ9g3ccaaNnRbobhiCPPE95Dz+I0swSdHynVv/heyNXB -ve6SbzJ08pGCL72CQnqtKrcgfU28elUSwhXqvfdqlS5sdJ/PHLTyxQGjhdByPq1z -qwubdQxtRbeOlKyWN7Wg0I8VRw7j6IPdj/3vQQF3zCepYoUz8jcI73HPdwbeyBkd -iEDPfUYd/x7H4c7/I9vG+o1VTqkC50cRRj70/b17KSa7qWFiNyi2LSr2EIZkyXCn -0q23KXB56jzaYyWf/Wi3MOxw+3WKt21gZ7IeyLnp2KhvAotnDU0mV3HaIPzBSlCN -sSi6 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFujCCA6KgAwIBAgIJALtAHEP1Xk+wMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV -BAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcxHzAdBgNVBAMTFlN3aXNzU2ln -biBHb2xkIENBIC0gRzIwHhcNMDYxMDI1MDgzMDM1WhcNMzYxMDI1MDgzMDM1WjBF -MQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dpc3NTaWduIEFHMR8wHQYDVQQDExZT -d2lzc1NpZ24gR29sZCBDQSAtIEcyMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC -CgKCAgEAr+TufoskDhJuqVAtFkQ7kpJcyrhdhJJCEyq8ZVeCQD5XJM1QiyUqt2/8 -76LQwB8CJEoTlo8jE+YoWACjR8cGp4QjK7u9lit/VcyLwVcfDmJlD909Vopz2q5+ -bbqBHH5CjCA12UNNhPqE21Is8w4ndwtrvxEvcnifLtg+5hg3Wipy+dpikJKVyh+c -6bM8K8vzARO/Ws/BtQpgvd21mWRTuKCWs2/iJneRjOBiEAKfNA+k1ZIzUd6+jbqE -emA8atufK+ze3gE/bk3lUIbLtK/tREDFylqM2tIrfKjuvqblCqoOpd8FUrdVxyJd -MmqXl2MT28nbeTZ7hTpKxVKJ+STnnXepgv9VHKVxaSvRAiTysybUa9oEVeXBCsdt -MDeQKuSeFDNeFhdVxVu1yzSJkvGdJo+hB9TGsnhQ2wwMC3wLjEHXuendjIj3o02y -MszYF9rNt85mndT9Xv+9lz4pded+p2JYryU0pUHHPbwNUMoDAw8IWh+Vc3hiv69y -FGkOpeUDDniOJihC8AcLYiAQZzlG+qkDzAQ4embvIIO1jEpWjpEA/I5cgt6IoMPi -aG59je883WX0XaxR7ySArqpWl2/5rX3aYT+YdzylkbYcjCbaZaIJbcHiVOO5ykxM -gI93e2CaHt+28kgeDrpOVG2Y4OGiGqJ3UM/EY5LsRxmd6+ZrzsECAwEAAaOBrDCB -qTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUWyV7 -lqRlUX64OfPAeGZe6Drn8O4wHwYDVR0jBBgwFoAUWyV7lqRlUX64OfPAeGZe6Drn -8O4wRgYDVR0gBD8wPTA7BglghXQBWQECAQEwLjAsBggrBgEFBQcCARYgaHR0cDov -L3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS8wDQYJKoZIhvcNAQEFBQADggIBACe6 -45R88a7A3hfm5djV9VSwg/S7zV4Fe0+fdWavPOhWfvxyeDgD2StiGwC5+OlgzczO -UYrHUDFu4Up+GC9pWbY9ZIEr44OE5iKHjn3g7gKZYbge9LgriBIWhMIxkziWMaa5 -O1M/wySTVltpkuzFwbs4AOPsF6m43Md8AYOfMke6UiI0HTJ6CVanfCU2qT1L2sCC -bwq7EsiHSycR+R4tx5M/nttfJmtS2S6K8RTGRI0Vqbe/vd6mGu6uLftIdxf+u+yv -GPUqUfA5hJeVbG4bwyvEdGB5JbAKJ9/fXtI5z0V9QkvfsywexcZdylU6oJxpmo/a -77KwPJ+HbBIrZXAVUjEaJM9vMSNQH4xPjyPDdEFjHFWoFN0+4FFQz/EbMFYOkrCC -hdiDyyJkvC24JdVUorgG6q2SpCSgwYa1ShNqR88uC1aVVMvOmttqtKay20EIhid3 -92qgQmwLOM7XdVAyksLfKzAiSNDVQTglXaTpXZ/GlHXQRf0wl0OPkKsKx4ZzYEpp -Ld6leNcG2mqeSz53OiATIgHQv2ieY2BrNU0LbbqhPcCT4H8js1WtciVORvnSFu+w -ZMEBnunKoGqYDs/YYPIvSbjkQuE4NRb0yG5P94FW6LqjviOvrv1vA+ACOzB2+htt -Qc8Bsem4yWb02ybzOqR08kkkW8mw0FfB+j564ZfJ ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFwTCCA6mgAwIBAgIITrIAZwwDXU8wDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE -BhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEjMCEGA1UEAxMaU3dpc3NTaWdu -IFBsYXRpbnVtIENBIC0gRzIwHhcNMDYxMDI1MDgzNjAwWhcNMzYxMDI1MDgzNjAw -WjBJMQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dpc3NTaWduIEFHMSMwIQYDVQQD -ExpTd2lzc1NpZ24gUGxhdGludW0gQ0EgLSBHMjCCAiIwDQYJKoZIhvcNAQEBBQAD -ggIPADCCAgoCggIBAMrfogLi2vj8Bxax3mCq3pZcZB/HL37PZ/pEQtZ2Y5Wu669y -IIpFR4ZieIbWIDkm9K6j/SPnpZy1IiEZtzeTIsBQnIJ71NUERFzLtMKfkr4k2Htn -IuJpX+UFeNSH2XFwMyVTtIc7KZAoNppVRDBopIOXfw0enHb/FZ1glwCNioUD7IC+ -6ixuEFGSzH7VozPY1kneWCqv9hbrS3uQMpe5up1Y8fhXSQQeol0GcN1x2/ndi5ob -jM89o03Oy3z2u5yg+gnOI2Ky6Q0f4nIoj5+saCB9bzuohTEJfwvH6GXp43gOCWcw -izSC+13gzJ2BbWLuCB4ELE6b7P6pT1/9aXjvCR+htL/68++QHkwFix7qepF6w9fl -+zC8bBsQWJj3Gl/QKTIDE0ZNYWqFTFJ0LwYfexHihJfGmfNtf9dng34TaNhxKFrY -zt3oEBSa/m0jh26OWnA81Y0JAKeqvLAxN23IhBQeW71FYyBrS3SMvds6DsHPWhaP -pZjydomyExI7C3d3rLvlPClKknLKYRorXkzig3R3+jVIeoVNjZpTxN94ypeRSCtF -KwH3HBqi7Ri6Cr2D+m+8jVeTO9TUps4e8aCxzqv9KyiaTxvXw3LbpMS/XUz13XuW -ae5ogObnmLo2t/5u7Su9IPhlGdpVCX4l3P5hYnL5fhgC72O00Puv5TtjjGePAgMB -AAGjgawwgakwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O -BBYEFFCvzAeHFUdvOMW0ZdHelarp35zMMB8GA1UdIwQYMBaAFFCvzAeHFUdvOMW0 -ZdHelarp35zMMEYGA1UdIAQ/MD0wOwYJYIV0AVkBAQEBMC4wLAYIKwYBBQUHAgEW -IGh0dHA6Ly9yZXBvc2l0b3J5LnN3aXNzc2lnbi5jb20vMA0GCSqGSIb3DQEBBQUA -A4ICAQAIhab1Fgz8RBrBY+D5VUYI/HAcQiiWjrfFwUF1TglxeeVtlspLpYhg0DB0 -uMoI3LQwnkAHFmtllXcBrqS3NQuB2nEVqXQXOHtYyvkv+8Bldo1bAbl93oI9ZLi+ -FHSjClTTLJUYFzX1UWs/j6KWYTl4a0vlpqD4U99REJNi54Av4tHgvI42Rncz7Lj7 -jposiU0xEQ8mngS7twSNC/K5/FqdOxa3L8iYq/6KUFkuozv8KV2LwUvJ4ooTHbG/ -u0IdUt1O2BReEMYxB+9xJ/cbOQncguqLs5WGXv312l0xpuAxtpTmREl0xRbl9x8D -YSjFyMsSoEJL+WuICI20MhjzdZ/EfwBPBZWcoxcCw7NTm6ogOSkrZvqdr16zktK1 -puEa+S1BaYEUtLS17Yk9zvupnTVCRLEcFHOBzyoBNZox1S2PbYTfgE1X4z/FhHXa -icYwu+uPyyIIoK6q8QNsOktNCaUOcsZWayFCTiMlFGiudgp8DAdwZPmaL/YFOSbG -DI8Zf0NebvRbFS/bYV3mZy8/CJT5YLSYMdp08YSTcU1f+2BY0fvEwW2JorsgH51x -kcsymxM9Pn2SUjWskpSi0xjCfMfqr3YFFt1nJ8J+HAciIfNAChs0B0QTwoRqjt8Z -Wr9/6x3iGjjRXK9HkmuAtTClyY3YqzGBH9/CZjfTk6mFhnll0g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFvTCCA6WgAwIBAgIITxvUL1S7L0swDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UE -BhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEhMB8GA1UEAxMYU3dpc3NTaWdu -IFNpbHZlciBDQSAtIEcyMB4XDTA2MTAyNTA4MzI0NloXDTM2MTAyNTA4MzI0Nlow -RzELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEhMB8GA1UEAxMY -U3dpc3NTaWduIFNpbHZlciBDQSAtIEcyMIICIjANBgkqhkiG9w0BAQEFAAOCAg8A -MIICCgKCAgEAxPGHf9N4Mfc4yfjDmUO8x/e8N+dOcbpLj6VzHVxumK4DV644N0Mv -Fz0fyM5oEMF4rhkDKxD6LHmD9ui5aLlV8gREpzn5/ASLHvGiTSf5YXu6t+WiE7br -YT7QbNHm+/pe7R20nqA1W6GSy/BJkv6FCgU+5tkL4k+73JU3/JHpMjUi0R86TieF -nbAVlDLaYQ1HTWBCrpJH6INaUFjpiou5XaHc3ZlKHzZnu0jkg7Y360g6rw9njxcH -6ATK72oxh9TAtvmUcXtnZLi2kUpCe2UuMGoM9ZDulebyzYLs2aFK7PayS+VFheZt -eJMELpyCbTapxDFkH4aDCyr0NQp4yVXPQbBH6TCfmb5hqAaEuSh6XzjZG6k4sIN/ -c8HDO0gqgg8hm7jMqDXDhBuDsz6+pJVpATqJAHgE2cn0mRmrVn5bi4Y5FZGkECwJ -MoBgs5PAKrYYC51+jUnyEEp/+dVGLxmSo5mnJqy7jDzmDrxHB9xzUfFwZC8I+bRH -HTBsROopN4WSaGa8gzj+ezku01DwH/teYLappvonQfGbGHLy9YR0SslnxFSuSGTf -jNFusB3hB48IHpmccelM2KX3RxIfdNFRnobzwqIjQAtz20um53MGjMGg6cFZrEb6 -5i/4z3GcRm25xBWNOHkDRUjvxF3XCO6HOSKGsg0PWEP3calILv3q1h8CAwEAAaOB -rDCBqTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU -F6DNweRBtjpbO8tFnb0cwpj6hlgwHwYDVR0jBBgwFoAUF6DNweRBtjpbO8tFnb0c -wpj6hlgwRgYDVR0gBD8wPTA7BglghXQBWQEDAQEwLjAsBggrBgEFBQcCARYgaHR0 -cDovL3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS8wDQYJKoZIhvcNAQEFBQADggIB -AHPGgeAn0i0P4JUw4ppBf1AsX19iYamGamkYDHRJ1l2E6kFSGG9YrVBWIGrGvShp -WJHckRE1qTodvBqlYJ7YH39FkWnZfrt4csEGDyrOj4VwYaygzQu4OSlWhDJOhrs9 -xCrZ1x9y7v5RoSJBsXECYxqCsGKrXlcSH9/L3XWgwF15kIwb4FDm3jH+mHtwX6WQ -2K34ArZv02DdQEsixT2tOnqfGhpHkXkzuoLcMmkDlm4fS/Bx/uNncqCxv1yL5PqZ -IseEuRuNI5c/7SXgz2W79WEE790eslpBIlqhn10s6FvJbakMDHiqYMZWjwFaDGi8 -aRl5xB9+lwW/xekkUV7U1UtT7dkjWjYDZaPBA61BMPNGG4WQr2W11bHkFlt4dR2X -em1ZqSqPe97Dh4kQmUlzeMg9vVE1dCrV8X5pGyq7O70luJpaPXJhkGaH7gzWTdQR -dAtq/gsD/KNVV4n+SsuuWxcFyPKNIzFTONItaj+CuY0IavdeQXRuwxF+B6wpYJE/ -OMpXEA29MC/HpeZBoNquBYeaoKRlbEwJDIm6uNO5wJOKMPqN5ZprFQFOZ6raYlY+ -hAhm0sQ2fac+EPyI4NSA5QC9qvNOBqN6avlicuMJT+ubDgEj8Z+7fNzcbBGXJbLy -tGMU0gYqZ4yD9c7qB9iaah7s5Aq7KkzrCWA5zspi2C5u ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF2TCCA8GgAwIBAgIQHp4o6Ejy5e/DfEoeWhhntjANBgkqhkiG9w0BAQsFADBk -MQswCQYDVQQGEwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0 -YWwgQ2VydGlmaWNhdGUgU2VydmljZXMxGzAZBgNVBAMTElN3aXNzY29tIFJvb3Qg -Q0EgMjAeFw0xMTA2MjQwODM4MTRaFw0zMTA2MjUwNzM4MTRaMGQxCzAJBgNVBAYT -AmNoMREwDwYDVQQKEwhTd2lzc2NvbTElMCMGA1UECxMcRGlnaXRhbCBDZXJ0aWZp -Y2F0ZSBTZXJ2aWNlczEbMBkGA1UEAxMSU3dpc3Njb20gUm9vdCBDQSAyMIICIjAN -BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAlUJOhJ1R5tMJ6HJaI2nbeHCOFvEr -jw0DzpPMLgAIe6szjPTpQOYXTKueuEcUMncy3SgM3hhLX3af+Dk7/E6J2HzFZ++r -0rk0X2s682Q2zsKwzxNoysjL67XiPS4h3+os1OD5cJZM/2pYmLcX5BtS5X4HAB1f -2uY+lQS3aYg5oUFgJWFLlTloYhyxCwWJwDaCFCE/rtuh/bxvHGCGtlOUSbkrRsVP -ACu/obvLP+DHVxxX6NZp+MEkUp2IVd3Chy50I9AU/SpHWrumnf2U5NGKpV+GY3aF -y6//SSj8gO1MedK75MDvAe5QQQg1I3ArqRa0jG6F6bYRzzHdUyYb3y1aSgJA/MTA -tukxGggo5WDDH8SQjhBiYEQN7Aq+VRhxLKX0srwVYv8c474d2h5Xszx+zYIdkeNL -6yxSNLCK/RJOlrDrcH+eOfdmQrGrrFLadkBXeyq96G4DsguAhYidDMfCd7Camlf0 -uPoTXGiTOmekl9AbmbeGMktg2M7v0Ax/lZ9vh0+Hio5fCHyqW/xavqGRn1V9TrAL -acywlKinh/LTSlDcX3KwFnUey7QYYpqwpzmqm59m2I2mbJYV4+by+PGDYmy7Velh -k6M99bFXi08jsJvllGov34zflVEpYKELKeRcVVi3qPyZ7iVNTA6z00yPhOgpD/0Q -VAKFyPnlw4vP5w8CAwEAAaOBhjCBgzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0hBBYw -FDASBgdghXQBUwIBBgdghXQBUwIBMBIGA1UdEwEB/wQIMAYBAf8CAQcwHQYDVR0O -BBYEFE0mICKJS9PVpAqhb97iEoHF8TwuMB8GA1UdIwQYMBaAFE0mICKJS9PVpAqh -b97iEoHF8TwuMA0GCSqGSIb3DQEBCwUAA4ICAQAyCrKkG8t9voJXiblqf/P0wS4R -fbgZPnm3qKhyN2abGu2sEzsOv2LwnN+ee6FTSA5BesogpxcbtnjsQJHzQq0Qw1zv -/2BZf82Fo4s9SBwlAjxnffUy6S8w5X2lejjQ82YqZh6NM4OKb3xuqFp1mrjX2lhI -REeoTPpMSQpKwhI3qEAMw8jh0FcNlzKVxzqfl9NX+Ave5XLzo9v/tdhZsnPdTSpx -srpJ9csc1fV5yJmz/MFMdOO0vSk3FQQoHt5FRnDsr7p4DooqzgB53MBfGWcsa0vv -aGgLQ+OswWIJ76bdZWGgr4RVSJFSHMYlkSrQwSIjYVmvRRGFHQEkNI/Ps/8XciAT -woCqISxxOQ7Qj1zB09GOInJGTB2Wrk9xseEFKZZZ9LuedT3PDTcNYtsmjGOpI99n -Bjx8Oto0QuFmtEYE3saWmA9LSHokMnWRn6z3aOkquVVlzl1h0ydw2Df+n7mvoC5W -t6NlUe07qxS/TFED6F+KBZvuim6c779o+sjaC+NCydAXFJy3SuCvkychVSa1ZC+N -8f+mQAWFBVzKBxlcCxMoTFh/wqXvRdpg065lYZ1Tg3TCrvJcwhbtkj6EPnNgiLx2 -9CzP0H1907he0ZESEOnN3col49XtmS++dYFLJPlFRpTJKSFTnCZFqhMX5OfNeOI5 -wSsSnqaeG8XmDtkx2Q== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICqDCCAi2gAwIBAgIQIW4zpcvTiKRvKQe0JzzE2DAKBggqhkjOPQQDAzCBlDEL -MAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYD -VQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRlYyBD -bGFzcyAxIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0g -RzQwHhcNMTExMDA1MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBlDELMAkGA1UEBhMC -VVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYDVQQLExZTeW1h -bnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRlYyBDbGFzcyAxIFB1 -YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzQwdjAQBgcq -hkjOPQIBBgUrgQQAIgNiAATXZrUb266zYO5G6ohjdTsqlG3zXxL24w+etgoUU0hS -yNw6s8tIICYSTvqJhNTfkeQpfSgB2dsYQ2mhH7XThhbcx39nI9/fMTGDAzVwsUu3 -yBe7UcvclBfb6gk7dhLeqrWjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E -BTADAQH/MB0GA1UdDgQWBBRlwI0l9Qy6l3eQP54u4Fr1ztXh5DAKBggqhkjOPQQD -AwNpADBmAjEApa7jRlP4mDbjIvouKEkN7jB+M/PsP3FezFWJeJmssv3cHFwzjim5 -axfIEWi13IMHAjEAnMhE2mnCNsNUGRCFAtqdR+9B52wmnQk9922Q0QVEL7C8g5No -8gxFSTm/mQQc0xCg ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID9jCCAt6gAwIBAgIQJDJ18h0v0gkz97RqytDzmDANBgkqhkiG9w0BAQsFADCB -lDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8w -HQYDVQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRl -YyBDbGFzcyAxIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5 -IC0gRzYwHhcNMTExMDE4MDAwMDAwWhcNMzcxMjAxMjM1OTU5WjCBlDELMAkGA1UE -BhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYDVQQLExZT -eW1hbnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRlYyBDbGFzcyAx -IFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzYwggEi -MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHOddJZKmZgiJM6kXZBxbje/SD -6Jlz+muxNuCad6BAwoGNAcfMjL2Pffd543pMA03Z+/2HOCgs3ZqLVAjbZ/sbjP4o -ki++t7JIp4Gh2F6Iw8w5QEFa0dzl2hCfL9oBTf0uRnz5LicKaTfukaMbasxEvxvH -w9QRslBglwm9LiL1QYRmn81ApqkAgMEflZKf3vNI79sdd2H8f9/ulqRy0LY+/3gn -r8uSFWkI22MQ4uaXrG7crPaizh5HmbmJtxLmodTNWRFnw2+F2EJOKL5ZVVkElauP -N4C/DfD8HzpkMViBeNfiNfYgPym4jxZuPkjctUwH4fIa6n4KedaovetdhitNAgMB -AAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQW -BBQzQejIORIVk0jyljIuWvXalF9TYDANBgkqhkiG9w0BAQsFAAOCAQEAFeNzV7EX -tl9JaUSm9l56Z6zS3nVJq/4lVcc6yUQVEG6/MWvL2QeTfxyFYwDjMhLgzMv7OWyP -4lPiPEAz2aSMR+atWPuJr+PehilWNCxFuBL6RIluLRQlKCQBZdbqUqwFblYSCT3Q -dPTXvQbKqDqNVkL6jXI+dPEDct+HG14OelWWLDi3mIXNTTNEyZSPWjEwN0ujOhKz -5zbRIWhLLTjmU64cJVYIVgNnhJ3Gw84kYsdMNs+wBkS39V8C3dlU6S+QTnrIToNA -DJqXPDe/v+z28LSFdyjBC8hnghAXOKK3Buqbvzr46SMHv3TgmDgVVXjucgBcGaP0 -0jPg/73RVDkpDw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICqDCCAi2gAwIBAgIQNBdlEkA7t1aALYDLeVWmHjAKBggqhkjOPQQDAzCBlDEL -MAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYD -VQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRlYyBD -bGFzcyAyIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0g -RzQwHhcNMTExMDA1MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBlDELMAkGA1UEBhMC -VVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYDVQQLExZTeW1h -bnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRlYyBDbGFzcyAyIFB1 -YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzQwdjAQBgcq -hkjOPQIBBgUrgQQAIgNiAATR2UqOTA2ESlG6fO/TzPo6mrWnYxM9AeBJPvrBR8mS -szrX/m+c95o6D/UOCgrDP8jnEhSO1dVtmCyzcTIK6yq99tdqIAtnRZzSsr9TImYJ -XdsR8/EFM1ij4rjPfM2Cm72jQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E -BTADAQH/MB0GA1UdDgQWBBQ9MvM6qQyQhPmijGkGYVQvh3L+BTAKBggqhkjOPQQD -AwNpADBmAjEAyKapr0F/tckRQhZoaUxcuCcYtpjxwH+QbYfTjEYX8D5P/OqwCMR6 -S7wIL8fip29lAjEA1lnehs5fDspU1cbQFQ78i5Ry1I4AWFPPfrFLDeVQhuuea9// -KabYR9mglhjb8kWz ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID9jCCAt6gAwIBAgIQZIKe/DcedF38l/+XyLH/QTANBgkqhkiG9w0BAQsFADCB -lDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8w -HQYDVQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRl -YyBDbGFzcyAyIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5 -IC0gRzYwHhcNMTExMDE4MDAwMDAwWhcNMzcxMjAxMjM1OTU5WjCBlDELMAkGA1UE -BhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYDVQQLExZT -eW1hbnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRlYyBDbGFzcyAy -IFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzYwggEi -MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNzOkFyGOFyz9AYxe9GPo15gRn -V2WYKaRPyVyPDzTS+NqoE2KquB5QZ3iwFkygOakVeq7t0qLA8JA3KRgmXOgNPLZs -ST/B4NzZS7YUGQum05bh1gnjGSYc+R9lS/kaQxwAg9bQqkmi1NvmYji6UBRDbfkx -+FYW2TgCkc/rbN27OU6Z4TBnRfHU8I3D3/7yOAchfQBeVkSz5GC9kSucq1sEcg+y -KNlyqwUgQiWpWwNqIBDMMfAr2jUs0Pual07wgksr2F82owstr2MNHSV/oW5cYqGN -KD6h/Bwg+AEvulWaEbAZ0shQeWsOagXXqgQ2sqPy4V93p3ec5R7c6d9qwWVdAgMB -AAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQW -BBSHjCCVyJhK0daABkqQNETfHE2/sDANBgkqhkiG9w0BAQsFAAOCAQEAgY6ypWaW -tyGltu9vI1pf24HFQqV4wWn99DzX+VxrcHIa/FqXTQCAiIiCisNxDY7FiZss7Y0L -0nJU9X3UXENX6fOupQIR9nYrgVfdfdp0MP1UR/bgFm6mtApI5ud1Bw8pGTnOefS2 -bMVfmdUfS/rfbSw8DVSAcPCIC4DPxmiiuB1w2XaM/O6lyc+tHc+ZJVdaYkXLFmu9 -Sc2lo4xpeSWuuExsi0BmSxY/zwIa3eFsawdhanYVKZl/G92IgMG/tY9zxaaWI4Sm -KIYkM2oBLldzJbZev4/mHWGoQClnHYebHX+bn5nNMdZUvmK7OaxoEkiRIKXLsd3+ -b/xa5IJVWa8xqQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUx -KzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAd -BgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNl -YyBHbG9iYWxSb290IENsYXNzIDIwHhcNMDgxMDAxMTA0MDE0WhcNMzMxMDAxMjM1 -OTU5WjCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnBy -aXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50 -ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDIwggEiMA0G -CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqX9obX+hzkeXaXPSi5kfl82hVYAUd -AqSzm1nzHoqvNK38DcLZSBnuaY/JIPwhqgcZ7bBcrGXHX+0CfHt8LRvWurmAwhiC -FoT6ZrAIxlQjgeTNuUk/9k9uN0goOA/FvudocP05l03Sx5iRUKrERLMjfTlH6VJi -1hKTXrcxlkIF+3anHqP1wvzpesVsqXFP6st4vGCvx9702cu+fjOlbpSD8DT6Iavq -jnKgP6TeMFvvhk1qlVtDRKgQFRzlAVfFmPHmBiiRqiDFt1MmUUOyCxGVWOHAD3bZ -wI18gfNycJ5v/hqO2V81xrJvNHy+SE/iWjnX2J14np+GPgNeGYtEotXHAgMBAAGj -QjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBS/ -WSA2AHmgoCJrjNXyYdK4LMuCSjANBgkqhkiG9w0BAQsFAAOCAQEAMQOiYQsfdOhy -NsZt+U2e+iKo4YFWz827n+qrkRk4r6p8FU3ztqONpfSO9kSpp+ghla0+AGIWiPAC -uvxhI+YzmzB6azZie60EI4RYZeLbK4rnJVM3YlNfvNoBYimipidx5joifsFvHZVw -IEoHNN/q/xWA5brXethbdXwFeilHfkCoMRN3zUA7tFFHei4R40cR3p1m0IvVVGb6 -g1XqfMIpiRvpb7PO4gWEyS8+eIVibslfwXhjdFjASBgMmTnrpMwatXlajRWc2BQN -9noHV8cigwUtPJslJj0Ys6lDfMjIq2SPDqO/nBudMNva0Bkuqjzx+zOAduTNrRlP -BSeOE6Fuwg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUx -KzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAd -BgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNl -YyBHbG9iYWxSb290IENsYXNzIDMwHhcNMDgxMDAxMTAyOTU2WhcNMzMxMDAxMjM1 -OTU5WjCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnBy -aXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50 -ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDMwggEiMA0G -CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9dZPwYiJvJK7genasfb3ZJNW4t/zN -8ELg63iIVl6bmlQdTQyK9tPPcPRStdiTBONGhnFBSivwKixVA9ZIw+A5OO3yXDw/ -RLyTPWGrTs0NvvAgJ1gORH8EGoel15YUNpDQSXuhdfsaa3Ox+M6pCSzyU9XDFES4 -hqX2iys52qMzVNn6chr3IhUciJFrf2blw2qAsCTz34ZFiP0Zf3WHHx+xGwpzJFu5 -ZeAsVMhg02YXP+HMVDNzkQI6pn97djmiH5a2OK61yJN0HZ65tOVgnS9W0eDrXltM -EnAMbEQgqxHY9Bn20pxSN+f6tsIxO0rUFJmtxxr1XV/6B7h8DR/Wgx6zAgMBAAGj -QjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBS1 -A/d2O2GCahKqGFPrAyGUv/7OyjANBgkqhkiG9w0BAQsFAAOCAQEAVj3vlNW92nOy -WL6ukK2YJ5f+AbGwUgC4TeQbIXQbfsDuXmkqJa9c1h3a0nnJ85cp4IaH3gRZD/FZ -1GSFS5mvJQQeyUapl96Cshtwn5z2r3Ex3XsFpSzTucpH9sry9uetuUg/vBa3wW30 -6gmv7PO15wWeph6KU1HWk4HMdJP2udqmJQV0eVp+QD6CSyYRMG7hP0HHRwA11fXT -91Q+gT3aSWqas+8QPebrb9HIIkfLzM8BMZLZGOMivgkeGj5asuRrDFR6fUNOuIml -e9eiPZaGzPImNC1qkp2aGtAw4l1OBLBfiyB+d8E9lYLRRpo7PHi4b6HQDWSieB4p -TpPDpFQUWw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEqjCCA5KgAwIBAgIOSkcAAQAC5aBd1j8AUb8wDQYJKoZIhvcNAQEFBQAwdjEL -MAkGA1UEBhMCREUxHDAaBgNVBAoTE1RDIFRydXN0Q2VudGVyIEdtYkgxIjAgBgNV -BAsTGVRDIFRydXN0Q2VudGVyIENsYXNzIDMgQ0ExJTAjBgNVBAMTHFRDIFRydXN0 -Q2VudGVyIENsYXNzIDMgQ0EgSUkwHhcNMDYwMTEyMTQ0MTU3WhcNMjUxMjMxMjI1 -OTU5WjB2MQswCQYDVQQGEwJERTEcMBoGA1UEChMTVEMgVHJ1c3RDZW50ZXIgR21i -SDEiMCAGA1UECxMZVEMgVHJ1c3RDZW50ZXIgQ2xhc3MgMyBDQTElMCMGA1UEAxMc -VEMgVHJ1c3RDZW50ZXIgQ2xhc3MgMyBDQSBJSTCCASIwDQYJKoZIhvcNAQEBBQAD -ggEPADCCAQoCggEBALTgu1G7OVyLBMVMeRwjhjEQY0NVJz/GRcekPewJDRoeIMJW -Ht4bNwcwIi9v8Qbxq63WyKthoy9DxLCyLfzDlml7forkzMA5EpBCYMnMNWju2l+Q -Vl/NHE1bWEnrDgFPZPosPIlY2C8u4rBo6SI7dYnWRBpl8huXJh0obazovVkdKyT2 -1oQDZogkAHhg8fir/gKya/si+zXmFtGt9i4S5Po1auUZuV3bOx4a+9P/FRQI2Alq -ukWdFHlgfa9Aigdzs5OW03Q0jTo3Kd5c7PXuLjHCINy+8U9/I1LZW+Jk2ZyqBwi1 -Rb3R0DHBq1SfqdLDYmAD8bs5SpJKPQq5ncWg/jcCAwEAAaOCATQwggEwMA8GA1Ud -EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBTUovyfs8PYA9NX -XAek0CSnwPIA1DCB7QYDVR0fBIHlMIHiMIHfoIHcoIHZhjVodHRwOi8vd3d3LnRy -dXN0Y2VudGVyLmRlL2NybC92Mi90Y19jbGFzc18zX2NhX0lJLmNybIaBn2xkYXA6 -Ly93d3cudHJ1c3RjZW50ZXIuZGUvQ049VEMlMjBUcnVzdENlbnRlciUyMENsYXNz -JTIwMyUyMENBJTIwSUksTz1UQyUyMFRydXN0Q2VudGVyJTIwR21iSCxPVT1yb290 -Y2VydHMsREM9dHJ1c3RjZW50ZXIsREM9ZGU/Y2VydGlmaWNhdGVSZXZvY2F0aW9u -TGlzdD9iYXNlPzANBgkqhkiG9w0BAQUFAAOCAQEANmDkcPcGIEPZIxpC8vijsrlN -irTzwppVMXzEO2eatN9NDoqTSheLG43KieHPOh6sHfGcMrSOWXaiQYUlN6AT0PV8 -TtXqluJucsG7Kv5sbviRmEb8yRtXW+rIGjs/sFGYPAfaLFkB2otE6OF0/ado3VS6 -g0bsyEa1+K+XwDsJHI/OcpY9M1ZwvJbL2NV9IJqDnxrcOfHFcqMRA/07QlIp2+gB -95tejNaNhk4Z+rwcvsUhpYeeeC422wlxo3I0+GzjBgnyXlal092Y+tTmBvTwtiBj -S+opvaqCZh77gaqnN60TGOaSw4HBM7uIHqHn4rS9MWwOUT1v+5ZWgOI2F9Hc5A== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEYzCCA0ugAwIBAgIBATANBgkqhkiG9w0BAQsFADCB0jELMAkGA1UEBhMCVFIx -GDAWBgNVBAcTD0dlYnplIC0gS29jYWVsaTFCMEAGA1UEChM5VHVya2l5ZSBCaWxp -bXNlbCB2ZSBUZWtub2xvamlrIEFyYXN0aXJtYSBLdXJ1bXUgLSBUVUJJVEFLMS0w -KwYDVQQLEyRLYW11IFNlcnRpZmlrYXN5b24gTWVya2V6aSAtIEthbXUgU00xNjA0 -BgNVBAMTLVRVQklUQUsgS2FtdSBTTSBTU0wgS29rIFNlcnRpZmlrYXNpIC0gU3Vy -dW0gMTAeFw0xMzExMjUwODI1NTVaFw00MzEwMjUwODI1NTVaMIHSMQswCQYDVQQG -EwJUUjEYMBYGA1UEBxMPR2ViemUgLSBLb2NhZWxpMUIwQAYDVQQKEzlUdXJraXll -IEJpbGltc2VsIHZlIFRla25vbG9qaWsgQXJhc3Rpcm1hIEt1cnVtdSAtIFRVQklU -QUsxLTArBgNVBAsTJEthbXUgU2VydGlmaWthc3lvbiBNZXJrZXppIC0gS2FtdSBT -TTE2MDQGA1UEAxMtVFVCSVRBSyBLYW11IFNNIFNTTCBLb2sgU2VydGlmaWthc2kg -LSBTdXJ1bSAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3UwM6q7 -a9OZLBI3hNmNe5eA027n/5tQlT6QlVZC1xl8JoSNkvoBHToP4mQ4t4y86Ij5iySr -LqP1N+RAjhgleYN1Hzv/bKjFxlb4tO2KRKOrbEz8HdDc72i9z+SqzvBV96I01INr -N3wcwv61A+xXzry0tcXtAA9TNypN9E8Mg/uGz8v+jE69h/mniyFXnHrfA2eJLJ2X -YacQuFWQfw4tJzh03+f92k4S400VIgLI4OD8D62K18lUUMw7D8oWgITQUVbDjlZ/ -iSIzL+aFCr2lqBs23tPcLG07xxO9WSMs5uWk99gL7eqQQESolbuT1dCANLZGeA4f -AJNG4e7p+exPFwIDAQABo0IwQDAdBgNVHQ4EFgQUZT/HiobGPN08VFw1+DrtUgxH -V8gwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEL -BQADggEBACo/4fEyjq7hmFxLXs9rHmoJ0iKpEsdeV31zVmSAhHqT5Am5EM2fKifh -AHe+SMg1qIGf5LgsyX8OsNJLN13qudULXjS99HMpw+0mFZx+CFOKWI3QSyjfwbPf -IPP54+M638yclNhOT8NrF7f3cuitZjO1JVOr4PhMqZ398g26rrnZqsZr+ZO7rqu4 -lzwDGrpDxpa5RXI4s6ehlj2Re37AIVNMh+3yC1SVUZPVIqUNivGTDj5UDrDYyU7c -8jEyVupk+eq1nRZmQnLzf9OxMUP8pI4X8W0jq5Rm+K37DwhuJi1/FwcJsoz7UMCf -lo3Ptv0AnVoUmr8CRPXBwp8iXqIPoeM= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFQTCCAymgAwIBAgICDL4wDQYJKoZIhvcNAQELBQAwUTELMAkGA1UEBhMCVFcx -EjAQBgNVBAoTCVRBSVdBTi1DQTEQMA4GA1UECxMHUm9vdCBDQTEcMBoGA1UEAxMT -VFdDQSBHbG9iYWwgUm9vdCBDQTAeFw0xMjA2MjcwNjI4MzNaFw0zMDEyMzExNTU5 -NTlaMFExCzAJBgNVBAYTAlRXMRIwEAYDVQQKEwlUQUlXQU4tQ0ExEDAOBgNVBAsT -B1Jvb3QgQ0ExHDAaBgNVBAMTE1RXQ0EgR2xvYmFsIFJvb3QgQ0EwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQCwBdvI64zEbooh745NnHEKH1Jw7W2CnJfF -10xORUnLQEK1EjRsGcJ0pDFfhQKX7EMzClPSnIyOt7h52yvVavKOZsTuKwEHktSz -0ALfUPZVr2YOy+BHYC8rMjk1Ujoog/h7FsYYuGLWRyWRzvAZEk2tY/XTP3VfKfCh -MBwqoJimFb3u/Rk28OKRQ4/6ytYQJ0lM793B8YVwm8rqqFpD/G2Gb3PpN0Wp8DbH -zIh1HrtsBv+baz4X7GGqcXzGHaL3SekVtTzWoWH1EfcFbx39Eb7QMAfCKbAJTibc -46KokWofwpFFiFzlmLhxpRUZyXx1EcxwdE8tmx2RRP1WKKD+u4ZqyPpcC1jcxkt2 -yKsi2XMPpfRaAok/T54igu6idFMqPVMnaR1sjjIsZAAmY2E2TqNGtz99sy2sbZCi -laLOz9qC5wc0GZbpuCGqKX6mOL6OKUohZnkfs8O1CWfe1tQHRvMq2uYiN2DLgbYP -oA/pyJV/v1WRBXrPPRXAb94JlAGD1zQbzECl8LibZ9WYkTunhHiVJqRaCPgrdLQA -BDzfuBSO6N+pjWxnkjMdwLfS7JLIvgm/LCkFbwJrnu+8vyq8W8BQj0FwcYeyTbcE -qYSjMq+u7msXi7Kx/mzhkIyIqJdIzshNy/MGz19qCkKxHh53L46g5pIOBvwFItIm -4TFRfTLcDwIDAQABoyMwITAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB -/zANBgkqhkiG9w0BAQsFAAOCAgEAXzSBdu+WHdXltdkCY4QWwa6gcFGn90xHNcgL -1yg9iXHZqjNB6hQbbCEAwGxCGX6faVsgQt+i0trEfJdLjbDorMjupWkEmQqSpqsn -LhpNgb+E1HAerUf+/UqdM+DyucRFCCEK2mlpc3INvjT+lIutwx4116KD7+U4x6WF -H6vPNOw/KP4M8VeGTslV9xzU2KV9Bnpv1d8Q34FOIWWxtuEXeZVFBs5fzNxGiWNo -RI2T9GRwoD2dKAXDOXC4Ynsg/eTb6QihuJ49CcdP+yz4k3ZB3lLg4VfSnQO8d57+ -nile98FRYB/e2guyLXW3Q0iT5/Z5xoRdgFlglPx4mI88k1HtQJAH32RjJMtOcQWh -15QaiDLxInQirqWm2BJpTGCjAu4r7NRjkgtevi92a6O2JryPA9gK8kxkRr05YuWW -6zRjESjMlfGt7+/cgFhI6Uu46mWs6fyAtbXIRfmswZ/ZuepiiI7E8UuDEq3mi4TW -nsLrgxifarsbJGAzcMzs9zLzXNl5fe+epP7JI8Mk7hWSsT2RTyaGvWZzJBPqpK5j -wa19hAM8EHiGG3njxPPyBJUgriOCxLM6AGK/5jYk4Ve6xx6QddVfP5VhK8E7zeWz -aGHQRiapIVJpLesux+t3zqY6tQMzT3bR51xUAV3LePTJDL/PEo4XLSNolOer/qmy -KwbQBM0= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDezCCAmOgAwIBAgIBATANBgkqhkiG9w0BAQUFADBfMQswCQYDVQQGEwJUVzES -MBAGA1UECgwJVEFJV0FOLUNBMRAwDgYDVQQLDAdSb290IENBMSowKAYDVQQDDCFU -V0NBIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDgwODI4MDcyNDMz -WhcNMzAxMjMxMTU1OTU5WjBfMQswCQYDVQQGEwJUVzESMBAGA1UECgwJVEFJV0FO -LUNBMRAwDgYDVQQLDAdSb290IENBMSowKAYDVQQDDCFUV0NBIFJvb3QgQ2VydGlm -aWNhdGlvbiBBdXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB -AQCwfnK4pAOU5qfeCTiRShFAh6d8WWQUe7UREN3+v9XAu1bihSX0NXIP+FPQQeFE -AcK0HMMxQhZHhTMidrIKbw/lJVBPhYa+v5guEGcevhEFhgWQxFnQfHgQsIBct+HH -K3XLfJ+utdGdIzdjp9xCoi2SBBtQwXu4PhvJVgSLL1KbralW6cH/ralYhzC2gfeX -RfwZVzsrb+RH9JlF/h3x+JejiB03HFyP4HYlmlD4oFT/RJB2I9IyxsOrBr/8+7/z -rX2SYgJbKdM1o5OaQ2RgXbL6Mv87BK9NQGr5x+PvI/1ry+UPizgN7gr8/g+YnzAx -3WxSZfmLgb4i4RxYA7qRG4kHAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV -HRMBAf8EBTADAQH/MB0GA1UdDgQWBBRqOFsmjd6LWvJPelSDGRjjCDWmujANBgkq -hkiG9w0BAQUFAAOCAQEAPNV3PdrfibqHDAhUaiBQkr6wQT25JmSDCi/oQMCXKCeC -MErJk/9q56YAf4lCmtYR5VPOL8zy2gXE/uJQxDqGfczafhAJO5I1KlOy/usrBdls -XebQ79NqZp4VKIV66IIArB6nCWlWQtNoURi+VJq/REG6Sb4gumlc7rh3zc5sH62D -lhh9DrUUOYTxKOkto557HnpyWoOzeW/vtPzQCqVYT0bf+215WfKEIlKuD8z7fDvn -aspHYcN6+NOSBB+4IIThNlQWx0DeO4pz3N/GCUzf7Nr/1FNCocnyYh0igzyXxfkZ -YiesZSLX0zzG5Y6yU8xJzrww/nsOM5D77dIUkR8Hrw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFcjCCA1qgAwIBAgIQH51ZWtcvwgZEpYAIaeNe9jANBgkqhkiG9w0BAQUFADA/ -MQswCQYDVQQGEwJUVzEwMC4GA1UECgwnR292ZXJubWVudCBSb290IENlcnRpZmlj -YXRpb24gQXV0aG9yaXR5MB4XDTAyMTIwNTEzMjMzM1oXDTMyMTIwNTEzMjMzM1ow -PzELMAkGA1UEBhMCVFcxMDAuBgNVBAoMJ0dvdmVybm1lbnQgUm9vdCBDZXJ0aWZp -Y2F0aW9uIEF1dGhvcml0eTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB -AJoluOzMonWoe/fOW1mKydGGEghU7Jzy50b2iPN86aXfTEc2pBsBHH8eV4qNw8XR -IePaJD9IK/ufLqGU5ywck9G/GwGHU5nOp/UKIXZ3/6m3xnOUT0b3EEk3+qhZSV1q -gQdW8or5BtD3cCJNtLdBuTK4sfCxw5w/cP1T3YGq2GN49thTbqGsaoQkclSGxtKy -yhwOeYHWtXBiCAEuTk8O1RGvqa/lmr/czIdtJuTJV6L7lvnM4T9TjGxMfptTCAts -F/tnyMKtsc2AtJfcdgEWFelq16TheEfOhtX7MfP6Mb40qij7cEwdScevLJ1tZqa2 -jWR+tSBqnTuBto9AAGdLiYa4zGX+FVPpBMHWXx1E1wovJ5pGfaENda1UhhXcSTvx -ls4Pm6Dso3pdvtUqdULle96ltqqvKKyskKw4t9VoNSZ63Pc78/1Fm9G7Q3hub/FC -VGqY8A2tl+lSXunVanLeavcbYBT0peS2cWeqH+riTcFCQP5nRhc4L0c/cZyu5SHK -YS1tB6iEfC3uUSXxY5Ce/eFXiGvviiNtsea9P63RPZYLhY3Naye7twWb7LuRqQoH -EgKXTiCQ8P8NHuJBO9NAOueNXdpm5AKwB1KYXA6OM5zCppX7VRluTI6uSw+9wThN -Xo+EHWbNxWCWtFJaBYmOlXqYwZE8lSOyDvR5tMl8wUohAgMBAAGjajBoMB0GA1Ud -DgQWBBTMzO/MKWCkO7GStjz6MmKPrCUVOzAMBgNVHRMEBTADAQH/MDkGBGcqBwAE -MTAvMC0CAQAwCQYFKw4DAhoFADAHBgVnKgMAAAQUA5vwIhP/lSg209yewDL7MTqK -UWUwDQYJKoZIhvcNAQEFBQADggIBAECASvomyc5eMN1PhnR2WPWus4MzeKR6dBcZ -TulStbngCnRiqmjKeKBMmo4sIy7VahIkv9Ro04rQ2JyftB8M3jh+Vzj8jeJPXgyf -qzvS/3WXy6TjZwj/5cAWtUgBfen5Cv8b5Wppv3ghqMKnI6mGq3ZW6A4M9hPdKmaK -ZEk9GhiHkASfQlK3T8v+R0F2Ne//AHY2RTKbxkaFXeIksB7jSJaYV0eUVXoPQbFE -JPPB/hprv4j9wabak2BegUqZIJxIZhm1AHlUD7gsL0u8qV1bYH+Mh6XgUmMqvtg7 -hUAV/h62ZT/FS9p+tXo1KaMuephgIqP0fSdOLeq0dDzpD6QzDxARvBMB1uUO07+1 -EqLhRSPAzAhuYbeJq4PjJB7mXQfnHyA+z2fI56wwbSdLaG5LKlwCCDTb+HbkZ6Mm -nD+iMsJKxYEYMRBWqoTvLQr/uB930r+lWKBi5NdLkXWNiYCYfm3LU05er/ayl4WX -udpVBrkk7tfGOB5jGxI7leFYrPLfhNVfmS8NVVvmONsuP3LpSIXLuykTjx44Vbnz -ssQwmSNOXfJIoRIM3BKQCZBUkQM8R+XVyWXgt0t97EfTsws+rZ7QdAAO671RrcDe -LMDDav7v3Aun+kbfYNucpllQdSNpc5Oy+fwC00fmcc4QAu4njIT/rEUNE1yDMuAl -pYYsfPQS ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFODCCAyCgAwIBAgIRAJW+FqD3LkbxezmCcvqLzZYwDQYJKoZIhvcNAQEFBQAw -NzEUMBIGA1UECgwLVGVsaWFTb25lcmExHzAdBgNVBAMMFlRlbGlhU29uZXJhIFJv -b3QgQ0EgdjEwHhcNMDcxMDE4MTIwMDUwWhcNMzIxMDE4MTIwMDUwWjA3MRQwEgYD -VQQKDAtUZWxpYVNvbmVyYTEfMB0GA1UEAwwWVGVsaWFTb25lcmEgUm9vdCBDQSB2 -MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMK+6yfwIaPzaSZVfp3F -VRaRXP3vIb9TgHot0pGMYzHw7CTww6XScnwQbfQ3t+XmfHnqjLWCi65ItqwA3GV1 -7CpNX8GH9SBlK4GoRz6JI5UwFpB/6FcHSOcZrr9FZ7E3GwYq/t75rH2D+1665I+X -Z75Ljo1kB1c4VWk0Nj0TSO9P4tNmHqTPGrdeNjPUtAa9GAH9d4RQAEX1jF3oI7x+ -/jXh7VB7qTCNGdMJjmhnXb88lxhTuylixcpecsHHltTbLaC0H2kD7OriUPEMPPCs -81Mt8Bz17Ww5OXOAFshSsCPN4D7c3TxHoLs1iuKYaIu+5b9y7tL6pe0S7fyYGKkm -dtwoSxAgHNN/Fnct7W+A90m7UwW7XWjH1Mh1Fj+JWov3F0fUTPHSiXk+TT2YqGHe -Oh7S+F4D4MHJHIzTjU3TlTazN19jY5szFPAtJmtTfImMMsJu7D0hADnJoWjiUIMu -sDor8zagrC/kb2HCUQk5PotTubtn2txTuXZZNp1D5SDgPTJghSJRt8czu90VL6R4 -pgd7gUY2BIbdeTXHlSw7sKMXNeVzH7RcWe/a6hBle3rQf5+ztCo3O3CLm1u5K7fs -slESl1MpWtTwEhDcTwK7EpIvYtQ/aUN8Ddb8WHUBiJ1YFkveupD/RwGJBmr2X7KQ -arMCpgKIv7NHfirZ1fpoeDVNAgMBAAGjPzA9MA8GA1UdEwEB/wQFMAMBAf8wCwYD -VR0PBAQDAgEGMB0GA1UdDgQWBBTwj1k4ALP1j5qWDNXr+nuqF+gTEjANBgkqhkiG -9w0BAQUFAAOCAgEAvuRcYk4k9AwI//DTDGjkk0kiP0Qnb7tt3oNmzqjMDfz1mgbl -dxSR651Be5kqhOX//CHBXfDkH1e3damhXwIm/9fH907eT/j3HEbAek9ALCI18Bmx -0GtnLLCo4MBANzX2hFxc469CeP6nyQ1Q6g2EdvZR74NTxnr/DlZJLo961gzmJ1Tj -TQpgcmLNkQfWpb/ImWvtxBnmq0wROMVvMeJuScg/doAmAyYp4Db29iBT4xdwNBed -Y2gea+zDTYa4EzAvXUYNR0PVG6pZDrlcjQZIrXSHX8f8MVRBE+LHIQ6e4B4N4cB7 -Q4WQxYpYxmUKeFfyxiMPAdkgS94P+5KFdSpcc41teyWRyu5FrgZLAMzTsVlQ2jqI -OylDRl6XK1TOU2+NSueW+r9xDkKLfP0ooNBIytrEgUy7onOTJsjrDNYmiLbAJM+7 -vVvrdX3pCI6GMyx5dwlppYn8s3CQh3aP0yK7Qs69cwsgJirQmz1wHiRszYd2qReW -t88NkvuOGKmYSdGe/mBEciG5Ge3C9THxOUiIkCR1VBatzvT4aRRkOfujuLpwQMcn -HL/EVlP6Y2XQ8xwOFvVrhlhNGNTkDY6lnVuR3HYkUD/GKvvZt5y11ubQ2egZixVx -SK236thZiNSQvxaz2emsWWFUyBy6ysHK4bkgTI86k4mloMy/0/Z1pHWWbVY= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEIDCCAwigAwIBAgIJAISCLF8cYtBAMA0GCSqGSIb3DQEBCwUAMIGcMQswCQYD -VQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEgQ2l0eTEk -MCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYDVQQLDB5U -cnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxFzAVBgNVBAMMDlRydXN0Q29y -IEVDQS0xMB4XDTE2MDIwNDEyMzIzM1oXDTI5MTIzMTE3MjgwN1owgZwxCzAJBgNV -BAYTAlBBMQ8wDQYDVQQIDAZQYW5hbWExFDASBgNVBAcMC1BhbmFtYSBDaXR5MSQw -IgYDVQQKDBtUcnVzdENvciBTeXN0ZW1zIFMuIGRlIFIuTC4xJzAlBgNVBAsMHlRy -dXN0Q29yIENlcnRpZmljYXRlIEF1dGhvcml0eTEXMBUGA1UEAwwOVHJ1c3RDb3Ig -RUNBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPj+ARtZ+odnbb -3w9U73NjKYKtR8aja+3+XzP4Q1HpGjORMRegdMTUpwHmspI+ap3tDvl0mEDTPwOA -BoJA6LHip1GnHYMma6ve+heRK9jGrB6xnhkB1Zem6g23xFUfJ3zSCNV2HykVh0A5 -3ThFEXXQmqc04L/NyFIduUd+Dbi7xgz2c1cWWn5DkR9VOsZtRASqnKmcp0yJF4Ou -owReUoCLHhIlERnXDH19MURB6tuvsBzvgdAsxZohmz3tQjtQJvLsznFhBmIhVE5/ -wZ0+fyCMgMsq2JdiyIMzkX2woloPV+g7zPIlstR8L+xNxqE6FXrntl019fZISjZF -ZtS6mFjBAgMBAAGjYzBhMB0GA1UdDgQWBBREnkj1zG1I1KBLf/5ZJC+Dl5mahjAf -BgNVHSMEGDAWgBREnkj1zG1I1KBLf/5ZJC+Dl5mahjAPBgNVHRMBAf8EBTADAQH/ -MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEABT41XBVwm8nHc2Fv -civUwo/yQ10CzsSUuZQRg2dd4mdsdXa/uwyqNsatR5Nj3B5+1t4u/ukZMjgDfxT2 -AHMsWbEhBuH7rBiVDKP/mZb3Kyeb1STMHd3BOuCYRLDE5D53sXOpZCz2HAF8P11F -hcCF5yWPldwX8zyfGm6wyuMdKulMY/okYWLW2n62HGz1Ah3UKt1VkOsqEUc8Ll50 -soIipX1TH0XsJ5F95yIW6MBoNtjG8U+ARDL54dHRHareqKucBK+tIA5kmE2la8BI -WJZpTdwHjFGTot+fDz2LYLSCjaoITmJF4PkL0uDgPFveXHEnJcLmA4GLEFPjx1Wi -tJ/X5g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEMDCCAxigAwIBAgIJANqb7HHzA7AZMA0GCSqGSIb3DQEBCwUAMIGkMQswCQYD -VQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEgQ2l0eTEk -MCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYDVQQLDB5U -cnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxHzAdBgNVBAMMFlRydXN0Q29y -IFJvb3RDZXJ0IENBLTEwHhcNMTYwMjA0MTIzMjE2WhcNMjkxMjMxMTcyMzE2WjCB -pDELMAkGA1UEBhMCUEExDzANBgNVBAgMBlBhbmFtYTEUMBIGA1UEBwwLUGFuYW1h -IENpdHkxJDAiBgNVBAoMG1RydXN0Q29yIFN5c3RlbXMgUy4gZGUgUi5MLjEnMCUG -A1UECwweVHJ1c3RDb3IgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MR8wHQYDVQQDDBZU -cnVzdENvciBSb290Q2VydCBDQS0xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB -CgKCAQEAv463leLCJhJrMxnHQFgKq1mqjQCj/IDHUHuO1CAmujIS2CNUSSUQIpid -RtLByZ5OGy4sDjjzGiVoHKZaBeYei0i/mJZ0PmnK6bV4pQa81QBeCQryJ3pS/C3V -seq0iWEk8xoT26nPUu0MJLq5nux+AHT6k61sKZKuUbS701e/s/OojZz0JEsq1pme -9J7+wH5COucLlVPat2gOkEz7cD+PSiyU8ybdY2mplNgQTsVHCJCZGxdNuWxu72CV -EY4hgLW9oHPY0LJ3xEXqWib7ZnZ2+AYfYW0PVcWDtxBWcgYHpfOxGgMFZA6dWorW -hnAbJN7+KIor0Gqw/Hqi3LJ5DotlDwIDAQABo2MwYTAdBgNVHQ4EFgQU7mtJPHo/ -DeOxCbeKyKsZn3MzUOcwHwYDVR0jBBgwFoAU7mtJPHo/DeOxCbeKyKsZn3MzUOcw -DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQAD -ggEBACUY1JGPE+6PHh0RU9otRCkZoB5rMZ5NDp6tPVxBb5UrJKF5mDo4Nvu7Zp5I -/5CQ7z3UuJu0h3U/IJvOcs+hVcFNZKIZBqEHMwwLKeXx6quj7LUKdJDHfXLy11yf -ke+Ri7fc7Waiz45mO7yfOgLgJ90WmMCV1Aqk5IGadZQ1nJBfiDcGrVmVCrDRZ9MZ -yonnMlo2HD6CqFqTvsbQZJG2z9m2GM/bftJlo6bEjhcxwft+dtvTheNYsnd6djts -L1Ac59v2Z3kf9YKVmgenFK+P3CghZwnS1k1aHBkcjndcw5QkPTJrS37UeJSDvjdN -zl/HHk484IkzlQsPpTLWPFp5LBk= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIGLzCCBBegAwIBAgIIJaHfyjPLWQIwDQYJKoZIhvcNAQELBQAwgaQxCzAJBgNV -BAYTAlBBMQ8wDQYDVQQIDAZQYW5hbWExFDASBgNVBAcMC1BhbmFtYSBDaXR5MSQw -IgYDVQQKDBtUcnVzdENvciBTeXN0ZW1zIFMuIGRlIFIuTC4xJzAlBgNVBAsMHlRy -dXN0Q29yIENlcnRpZmljYXRlIEF1dGhvcml0eTEfMB0GA1UEAwwWVHJ1c3RDb3Ig -Um9vdENlcnQgQ0EtMjAeFw0xNjAyMDQxMjMyMjNaFw0zNDEyMzExNzI2MzlaMIGk -MQswCQYDVQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEg -Q2l0eTEkMCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYD -VQQLDB5UcnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxHzAdBgNVBAMMFlRy -dXN0Q29yIFJvb3RDZXJ0IENBLTIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK -AoICAQCnIG7CKqJiJJWQdsg4foDSq8GbZQWU9MEKENUCrO2fk8eHyLAnK0IMPQo+ -QVqedd2NyuCb7GgypGmSaIwLgQ5WoD4a3SwlFIIvl9NkRvRUqdw6VC0xK5mC8tkq -1+9xALgxpL56JAfDQiDyitSSBBtlVkxs1Pu2YVpHI7TYabS3OtB0PAx1oYxOdqHp -2yqlO/rOsP9+aij9JxzIsekp8VduZLTQwRVtDr4uDkbIXvRR/u8OYzo7cbrPb1nK -DOObXUm4TOJXsZiKQlecdu/vvdFoqNL0Cbt3Nb4lggjEFixEIFapRBF37120Hape -az6LMvYHL1cEksr1/p3C6eizjkxLAjHZ5DxIgif3GIJ2SDpxsROhOdUuxTTCHWKF -3wP+TfSvPd9cW436cOGlfifHhi5qjxLGhF5DUVCcGZt45vz27Ud+ez1m7xMTiF88 -oWP7+ayHNZ/zgp6kPwqcMWmLmaSISo5uZk3vFsQPeSghYA2FFn3XVDjxklb9tTNM -g9zXEJ9L/cb4Qr26fHMC4P99zVvh1Kxhe1fVSntb1IVYJ12/+CtgrKAmrhQhJ8Z3 -mjOAPF5GP/fDsaOGM8boXg25NSyqRsGFAnWAoOsk+xWq5Gd/bnc/9ASKL3x74xdh -8N0JqSDIvgmk0H5Ew7IwSjiqqewYmgeCK9u4nBit2uBGF6zPXQIDAQABo2MwYTAd -BgNVHQ4EFgQU2f4hQG6UnrybPZx9mCAZ5YwwYrIwHwYDVR0jBBgwFoAU2f4hQG6U -nrybPZx9mCAZ5YwwYrIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYw -DQYJKoZIhvcNAQELBQADggIBAJ5Fngw7tu/hOsh80QA9z+LqBrWyOrsGS2h60COX -dKcs8AjYeVrXWoSK2BKaG9l9XE1wxaX5q+WjiYndAfrs3fnpkpfbsEZC89NiqpX+ -MWcUaViQCqoL7jcjx1BRtPV+nuN79+TMQjItSQzL/0kMmx40/W5ulop5A7Zv2wnL -/V9lFDfhOPXzYRZY5LVtDQsEGz9QLX+zx3oaFoBg+Iof6Rsqxvm6ARppv9JYx1RX -CI/hOWB3S6xZhBqI8d3LT3jX5+EzLfzuQfogsL7L9ziUwOHQhQ+77Sxzq+3+knYa -ZH9bDTMJBzN7Bj8RpFxwPIXAz+OQqIN3+tvmxYxoZxBnpVIt8MSZj3+/0WvitUfW -2dCFmU2Umw9Lje4AWkcdEQOsQRivh7dvDDqPys/cA8GiCcjl/YBeyGBCARsaU1q7 -N6a3vLqE6R5sGtRk2tRD/pOLS/IseRYQ1JMLiI+h2IYURpFHmygk71dSTlxCnKr3 -Sewn6EAes6aJInKc9Q0ztFijMDvd1GpUk74aTfOTlPf8hAs/hCBcNANExdqtvArB -As8e5ZTZ845b2EzwnexhF7sUMlQMAimTHpKG9n/v55IFDlndmQguLvqcAFLTxWYp -5KeXRKQOKIETNcX2b2TmQcTVL8w0RSXPQQCWPUouwpaYT05KnJe32x+SMsj/D1Fu -1uwJ ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDZzCCAk+gAwIBAgIQGx+ttiD5JNM2a/fH8YygWTANBgkqhkiG9w0BAQUFADBF -MQswCQYDVQQGEwJHQjEYMBYGA1UEChMPVHJ1c3RpcyBMaW1pdGVkMRwwGgYDVQQL -ExNUcnVzdGlzIEZQUyBSb290IENBMB4XDTAzMTIyMzEyMTQwNloXDTI0MDEyMTEx -MzY1NFowRTELMAkGA1UEBhMCR0IxGDAWBgNVBAoTD1RydXN0aXMgTGltaXRlZDEc -MBoGA1UECxMTVHJ1c3RpcyBGUFMgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQAD -ggEPADCCAQoCggEBAMVQe547NdDfxIzNjpvto8A2mfRC6qc+gIMPpqdZh8mQRUN+ -AOqGeSoDvT03mYlmt+WKVoaTnGhLaASMk5MCPjDSNzoiYYkchU59j9WvezX2fihH -iTHcDnlkH5nSW7r+f2C/revnPDgpai/lkQtV/+xvWNUtyd5MZnGPDNcE2gfmHhjj -vSkCqPoc4Vu5g6hBSLwacY3nYuUtsuvffM/bq1rKMfFMIvMFE/eC+XN5DL7XSxzA -0RU8k0Fk0ea+IxciAIleH2ulrG6nS4zto3Lmr2NNL4XSFDWaLk6M6jKYKIahkQlB -OrTh4/L68MkKokHdqeMDx4gVOxzUGpTXn2RZEm0CAwEAAaNTMFEwDwYDVR0TAQH/ -BAUwAwEB/zAfBgNVHSMEGDAWgBS6+nEleYtXQSUhhgtx67JkDoshZzAdBgNVHQ4E -FgQUuvpxJXmLV0ElIYYLceuyZA6LIWcwDQYJKoZIhvcNAQEFBQADggEBAH5Y//01 -GX2cGE+esCu8jowU/yyg2kdbw++BLa8F6nRIW/M+TgfHbcWzk88iNVy2P3UnXwmW -zaD+vkAMXBJV+JOCyinpXj9WV4s4NvdFGkwozZ5BuO1WTISkQMi4sKUraXAEasP4 -1BIy+Q7DsdwyhEQsb8tGD+pmQQ9P8Vilpg0ND2HepZ5dfWWhPBfnqFVO76DH7cZE -f1T1o+CP8HxVIo8ptoGj4W1OLBuAZ+ytIJ8MYmHVl/9D7S3B2l0pKoU/rGXuhg8F -jZBf3+6f9L/uHfuY5H+QK4R4EA5sSVPvFVtlRkpdr7r7OnIdzfYliB6XzCGcKQEN -ZetX2fNXlrtIzYE= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEJzCCAw+gAwIBAgIHAI4X/iQggTANBgkqhkiG9w0BAQsFADCBsTELMAkGA1UE -BhMCVFIxDzANBgNVBAcMBkFua2FyYTFNMEsGA1UECgxEVMOcUktUUlVTVCBCaWxn -aSDEsGxldGnFn2ltIHZlIEJpbGnFn2ltIEfDvHZlbmxpxJ9pIEhpem1ldGxlcmkg -QS7Fni4xQjBABgNVBAMMOVTDnFJLVFJVU1QgRWxla3Ryb25payBTZXJ0aWZpa2Eg -SGl6bWV0IFNhxJ9sYXnEsWPEsXPEsSBINTAeFw0xMzA0MzAwODA3MDFaFw0yMzA0 -MjgwODA3MDFaMIGxMQswCQYDVQQGEwJUUjEPMA0GA1UEBwwGQW5rYXJhMU0wSwYD -VQQKDERUw5xSS1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUgQmlsacWfaW0gR8O8 -dmVubGnEn2kgSGl6bWV0bGVyaSBBLsWeLjFCMEAGA1UEAww5VMOcUktUUlVTVCBF -bGVrdHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxIEg1MIIB -IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCUZ4WWe60ghUEoI5RHwWrom -/4NZzkQqL/7hzmAD/I0Dpe3/a6i6zDQGn1k19uwsu537jVJp45wnEFPzpALFp/kR -Gml1bsMdi9GYjZOHp3GXDSHHmflS0yxjXVW86B8BSLlg/kJK9siArs1mep5Fimh3 -4khon6La8eHBEJ/rPCmBp+EyCNSgBbGM+42WAA4+Jd9ThiI7/PS98wl+d+yG6w8z -5UNP9FR1bSmZLmZaQ9/LXMrI5Tjxfjs1nQ/0xVqhzPMggCTTV+wVunUlm+hkS7M0 -hO8EuPbJbKoCPrZV4jI3X/xml1/N1p7HIL9Nxqw/dV8c7TKcfGkAaZHjIxhT6QID -AQABo0IwQDAdBgNVHQ4EFgQUVpkHHtOsDGlktAxQR95DLL4gwPswDgYDVR0PAQH/ -BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAJ5FdnsX -SDLyOIspve6WSk6BGLFRRyDN0GSxDsnZAdkJzsiZ3GglE9Rc8qPoBP5yCccLqh0l -VX6Wmle3usURehnmp349hQ71+S4pL+f5bFgWV1Al9j4uPqrtd3GqqpmWRgqujuwq -URawXs3qZwQcWDD1YIq9pr1N5Za0/EKJAWv2cMhQOQwt1WbZyNKzMrcbGW3LM/nf -peYVhDfwwvJllpKQd/Ct9JDpEXjXk4nAPQu6KfTomZ1yju2dL+6SfaHx/126M2CF -Yv4HAqGEVka+lgqaE9chTLd8B59OTj+RdPsnnRHM3eaxynFNExc5JsUpISuTKWqW -+qtB4Uu2NQvAmxU= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICjzCCAhWgAwIBAgIQXIuZxVqUxdJxVt7NiYDMJjAKBggqhkjOPQQDAzCBiDEL -MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl -eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT -JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAwMjAx -MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgT -Ck5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVUaGUg -VVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBFQ0MgQ2VydGlm -aWNhdGlvbiBBdXRob3JpdHkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQarFRaqflo -I+d61SRvU8Za2EurxtW20eZzca7dnNYMYf3boIkDuAUU7FfO7l0/4iGzzvfUinng -o4N+LZfQYcTxmdwlkWOrfzCjtHDix6EznPO/LlxTsV+zfTJ/ijTjeXmjQjBAMB0G -A1UdDgQWBBQ64QmG1M8ZwpZ2dEl23OA1xmNjmjAOBgNVHQ8BAf8EBAMCAQYwDwYD -VR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjA2Z6EWCNzklwBBHU6+4WMB -zzuqQhFkoJ2UOQIReVx7Hfpkue4WQrO/isIJxOzksU0CMQDpKmFHjFJKS04YcPbW -RNZu9YO6bVi9JNlWSOrvxKJGgYhqOkbRqZtNyWHa0V1Xahg= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIF3jCCA8agAwIBAgIQAf1tMPyjylGoG7xkDjUDLTANBgkqhkiG9w0BAQwFADCB -iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl -cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV -BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAw -MjAxMDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBiDELMAkGA1UEBhMCVVMxEzARBgNV -BAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVU -aGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBSU0EgQ2Vy -dGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK -AoICAQCAEmUXNg7D2wiz0KxXDXbtzSfTTK1Qg2HiqiBNCS1kCdzOiZ/MPans9s/B -3PHTsdZ7NygRK0faOca8Ohm0X6a9fZ2jY0K2dvKpOyuR+OJv0OwWIJAJPuLodMkY -tJHUYmTbf6MG8YgYapAiPLz+E/CHFHv25B+O1ORRxhFnRghRy4YUVD+8M/5+bJz/ -Fp0YvVGONaanZshyZ9shZrHUm3gDwFA66Mzw3LyeTP6vBZY1H1dat//O+T23LLb2 -VN3I5xI6Ta5MirdcmrS3ID3KfyI0rn47aGYBROcBTkZTmzNg95S+UzeQc0PzMsNT -79uq/nROacdrjGCT3sTHDN/hMq7MkztReJVni+49Vv4M0GkPGw/zJSZrM233bkf6 -c0Plfg6lZrEpfDKEY1WJxA3Bk1QwGROs0303p+tdOmw1XNtB1xLaqUkL39iAigmT -Yo61Zs8liM2EuLE/pDkP2QKe6xJMlXzzawWpXhaDzLhn4ugTncxbgtNMs+1b/97l -c6wjOy0AvzVVdAlJ2ElYGn+SNuZRkg7zJn0cTRe8yexDJtC/QV9AqURE9JnnV4ee -UB9XVKg+/XRjL7FQZQnmWEIuQxpMtPAlR1n6BB6T1CZGSlCBst6+eLf8ZxXhyVeE -Hg9j1uliutZfVS7qXMYoCAQlObgOK6nyTJccBz8NUvXt7y+CDwIDAQABo0IwQDAd -BgNVHQ4EFgQUU3m/WqorSs9UgOHYm8Cd8rIDZsswDgYDVR0PAQH/BAQDAgEGMA8G -A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEMBQADggIBAFzUfA3P9wF9QZllDHPF -Up/L+M+ZBn8b2kMVn54CVVeWFPFSPCeHlCjtHzoBN6J2/FNQwISbxmtOuowhT6KO -VWKR82kV2LyI48SqC/3vqOlLVSoGIG1VeCkZ7l8wXEskEVX/JJpuXior7gtNn3/3 -ATiUFJVDBwn7YKnuHKsSjKCaXqeYalltiz8I+8jRRa8YFWSQEg9zKC7F4iRO/Fjs -8PRF/iKz6y+O0tlFYQXBl2+odnKPi4w2r78NBc5xjeambx9spnFixdjQg3IM8WcR -iQycE0xyNN+81XHfqnHd4blsjDwSXWXavVcStkNr/+XeTWYRUc+ZruwXtuhxkYze -Sf7dNXGiFSeUHM9h4ya7b6NnJSFd5t0dCy5oGzuCr+yDZ4XUmFF0sbmZgIn/f3gZ -XHlKYC6SQK5MNyosycdiyA5d9zZbyuAlJQG03RoHnHcAP9Dc1ew91Pq7P8yF1m9/ -qS3fuQL39ZeatTXaw2ewh0qpKJ4jjv9cJ2vhsE/zB+4ALtRZh8tSQZXq9EfX7mRB -VXyNWQKV3WKdwrnuWih0hKWbt5DHDAff9Yk2dDLWKMGwsAvgnEzDHNb842m1R0aB -L6KCq9NjRHDEjf8tM7qtj3u1cIiuPhnPQCjY/MiQu12ZIvVS5ljFH4gxQ+6IHdfG -jjxDah2nGN59PRbxYvnKkKj9 ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEojCCA4qgAwIBAgIQRL4Mi1AAJLQR0zYlJWfJiTANBgkqhkiG9w0BAQUFADCB -rjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug -Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho -dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xNjA0BgNVBAMTLVVUTi1VU0VSRmlyc3Qt -Q2xpZW50IEF1dGhlbnRpY2F0aW9uIGFuZCBFbWFpbDAeFw05OTA3MDkxNzI4NTBa -Fw0xOTA3MDkxNzM2NThaMIGuMQswCQYDVQQGEwJVUzELMAkGA1UECBMCVVQxFzAV -BgNVBAcTDlNhbHQgTGFrZSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5l -dHdvcmsxITAfBgNVBAsTGGh0dHA6Ly93d3cudXNlcnRydXN0LmNvbTE2MDQGA1UE -AxMtVVROLVVTRVJGaXJzdC1DbGllbnQgQXV0aGVudGljYXRpb24gYW5kIEVtYWls -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjmFpPJ9q0E7YkY3rs3B -YHW8OWX5ShpHornMSMxqmNVNNRm5pELlzkniii8efNIxB8dOtINknS4p1aJkxIW9 -hVE1eaROaJB7HHqkkqgX8pgV8pPMyaQylbsMTzC9mKALi+VuG6JG+ni8om+rWV6l -L8/K2m2qL+usobNqqrcuZzWLeeEeaYji5kbNoKXqvgvOdjp6Dpvq/NonWz1zHyLm -SGHGTPNpsaguG7bUMSAsvIKKjqQOpdeJQ/wWWq8dcdcRWdq6hw2v+vPhwvCkxWeM -1tZUOt4KpLoDd7NlyP0e03RiqhjKaJMeoYV+9Udly/hNVyh00jT/MLbu9mIwFIws -6wIDAQABo4G5MIG2MAsGA1UdDwQEAwIBxjAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud -DgQWBBSJgmd9xJ0mcABLtFBIfN49rgRufTBYBgNVHR8EUTBPME2gS6BJhkdodHRw -Oi8vY3JsLnVzZXJ0cnVzdC5jb20vVVROLVVTRVJGaXJzdC1DbGllbnRBdXRoZW50 -aWNhdGlvbmFuZEVtYWlsLmNybDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUH -AwQwDQYJKoZIhvcNAQEFBQADggEBALFtYV2mGn98q0rkMPxTbyUkxsrt4jFcKw7u -7mFVbwQ+zznexRtJlOTrIEy05p5QLnLZjfWqo7NK2lYcYJeA3IKirUq9iiv/Cwm0 -xtcgBEXkzYABurorbs6q15L+5K/r9CYdFip/bDCVNy8zEqx/3cfREYxRmLLQo5HQ -rfafnoOTHh1CuEava2bwm3/q4wMC5QJRwarVNZ1yQAOJujEdxRBoUp7fooXFXAim -eOZTT7Hot9MUnpOmw2TjrH5xzbyf6QMbzPvprDHBr3wVdAKZw7JHpsIyYdfHb0gk -USeh1YdV8nuPmD0Wnu51tvjQjvLzxq4oW6fw8zYX/MMF08oDSlQ= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDhDCCAwqgAwIBAgIQL4D+I4wOIg9IZxIokYesszAKBggqhkjOPQQDAzCByjEL -MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW -ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNyBWZXJpU2ln -biwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJp -U2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9y -aXR5IC0gRzQwHhcNMDcxMTA1MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCByjELMAkG -A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJp -U2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNyBWZXJpU2lnbiwg -SW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2ln -biBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5 -IC0gRzQwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASnVnp8Utpkmw4tXNherJI9/gHm -GUo9FANL+mAnINmDiWn6VMaaGF5VKmTeBvaNSjutEDxlPZCIBIngMGGzrl0Bp3ve -fLK+ymVhAIau2o970ImtTR1ZmkGxvEeA3J5iw/mjgbIwga8wDwYDVR0TAQH/BAUw -AwEB/zAOBgNVHQ8BAf8EBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJ -aW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYj -aHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFLMW -kf3upm7ktS5Jj4d4gYDs5bG1MAoGCCqGSM49BAMDA2gAMGUCMGYhDBgmYFo4e1ZC -4Kf8NoRRkSAsdk1DPcQdhCPQrNZ8NQbOzWm9kA3bbEhCHQ6qQgIxAJw9SDkjOVga -FRJZap7v1VmyHVIsmXHNxynfGyphe3HR3vPA5Q06Sqotp9iGKt0uEA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIE0zCCA7ugAwIBAgIQGNrRniZ96LtKIVjNzGs7SjANBgkqhkiG9w0BAQUFADCB -yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL -ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp -U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW -ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0 -aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCByjEL -MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW -ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2ln -biwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJp -U2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9y -aXR5IC0gRzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1 -nmAMqudLO07cfLw8RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbex -t0uz/o9+B1fs70PbZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIz -SdhDY2pSS9KP6HBRTdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQG -BO+QueQA5N06tRn/Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+ -rCpSx4/VBEnkjWNHiDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/ -NIeWiu5T6CUVAgMBAAGjgbIwga8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8E -BAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2UvZ2lmMCEwHzAH -BgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVy -aXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFH/TZafC3ey78DAJ80M5+gKv -MzEzMA0GCSqGSIb3DQEBBQUAA4IBAQCTJEowX2LP2BqYLz3q3JktvXf2pXkiOOzE -p6B4Eq1iDkVwZMXnl2YtmAl+X6/WzChl8gGqCBpH3vn5fJJaCGkgDdk+bW48DW7Y -5gaRQBi5+MHt39tBquCWIMnNZBU4gcmU7qKEKQsTb47bDN0lAtukixlE0kF6BWlK -WE9gyn6CagsCqiUXObXbf+eEZSqVir2G3l6BFoMtEMze/aiCKm0oHw0LxOXnGiYZ -4fQRbxC1lfznQgUy286dUV4otp6F01vvpX1FQHKOtw5rDgb7MzVIcbidJ4vEZV8N -hnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNq ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEuTCCA6GgAwIBAgIQQBrEZCGzEyEDDrvkEhrFHTANBgkqhkiG9w0BAQsFADCB -vTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL -ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwOCBWZXJp -U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MTgwNgYDVQQDEy9W -ZXJpU2lnbiBVbml2ZXJzYWwgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAe -Fw0wODA0MDIwMDAwMDBaFw0zNzEyMDEyMzU5NTlaMIG9MQswCQYDVQQGEwJVUzEX -MBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0 -IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAyMDA4IFZlcmlTaWduLCBJbmMuIC0gRm9y -IGF1dGhvcml6ZWQgdXNlIG9ubHkxODA2BgNVBAMTL1ZlcmlTaWduIFVuaXZlcnNh -bCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEF -AAOCAQ8AMIIBCgKCAQEAx2E3XrEBNNti1xWb/1hajCMj1mCOkdeQmIN65lgZOIzF -9uVkhbSicfvtvbnazU0AtMgtc6XHaXGVHzk8skQHnOgO+k1KxCHfKWGPMiJhgsWH -H26MfF8WIFFE0XBPV+rjHOPMee5Y2A7Cs0WTwCznmhcrewA3ekEzeOEz4vMQGn+H -LL729fdC4uW/h2KJXwBL38Xd5HVEMkE6HnFuacsLdUYI0crSK5XQz/u5QGtkjFdN -/BMReYTtXlT2NJ8IAfMQJQYXStrxHXpma5hgZqTZ79IugvHw7wnqRMkVauIDbjPT -rJ9VAMf2CGqUuV/c4DPxhGD5WycRtPwW8rtWaoAljQIDAQABo4GyMIGvMA8GA1Ud -EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMG0GCCsGAQUFBwEMBGEwX6FdoFsw -WTBXMFUWCWltYWdlL2dpZjAhMB8wBwYFKw4DAhoEFI/l0xqGrI2Oa8PPgGrUSBgs -exkuMCUWI2h0dHA6Ly9sb2dvLnZlcmlzaWduLmNvbS92c2xvZ28uZ2lmMB0GA1Ud -DgQWBBS2d/ppSEefUxLVwuoHMnYH0ZcHGTANBgkqhkiG9w0BAQsFAAOCAQEASvj4 -sAPmLGd75JR3Y8xuTPl9Dg3cyLk1uXBPY/ok+myDjEedO2Pzmvl2MpWRsXe8rJq+ -seQxIcaBlVZaDrHC1LGmWazxY8u4TB1ZkErvkBYoH1quEPuBUDgMbMzxPcP1Y+Oz -4yHJJDnp/RVmRvQbEdBNc6N9Rvk97ahfYtTxP/jgdFcrGJ2BtMQo2pSXpXDrrB2+ -BxHw1dvd5Yzw1TKwg+ZX4o+/vqGqvz0dtdQ46tewXDpPaj+PwGZsY6rp2aQW9IHR -lRQOfc2VNNnSj3BzgXucfr2YYdhFh5iQxeuGMMY1v/D/w1WIg0vvBZIGcfK4mJO3 -7M2CYfE45k+XmCpajQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEGjCCAwICEQCLW3VWhFSFCwDPrzhIzrGkMA0GCSqGSIb3DQEBBQUAMIHKMQsw -CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl -cmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWdu -LCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlT -aWduIENsYXNzIDEgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3Jp -dHkgLSBHMzAeFw05OTEwMDEwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMIHKMQswCQYD -VQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlT -aWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJ -bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWdu -IENsYXNzIDEgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg -LSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN2E1Lm0+afY8wR4 -nN493GwTFtl63SRRZsDHJlkNrAYIwpTRMx/wgzUfbhvI3qpuFU5UJ+/EbRrsC+MO -8ESlV8dAWB6jRx9x7GD2bZTIGDnt/kIYVt/kTEkQeE4BdjVjEjbdZrwBBDajVWjV -ojYJrKshJlQGrT/KFOCsyq0GHZXi+J3x4GD/wn91K0zM2v6HmSHquv4+VNfSWXjb -PG7PoBMAGrgnoeS+Z5bKoMWznN3JdZ7rMJpfo83ZrngZPyPpXNspva1VyBtUjGP2 -6KbqxzcSXKMpHgLZ2x87tNcPVkeBFQRKr4Mn0cVYiMHd9qqnoxjaaKptEVHhv2Vr -n5Z20T0CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAq2aN17O6x5q25lXQBfGfMY1a -qtmqRiYPce2lrVNWYgFHKkTp/j90CxObufRNG7LRX7K20ohcs5/Ny9Sn2WCVhDr4 -wTcdYcrnsMXlkdpUpqwxga6X3s0IrLjAl4B/bnKk52kTlWUfxJM8/XmPBNQ+T+r3 -ns7NZ3xPZQL/kYVUc8f/NveGLezQXk//EZ9yBta4GvFMDSZl4kSAHsef493oCtrs -pSCAaWihT37ha88HQfqDjrw43bAuEbFrskLMmrz5SCJ5ShkPshw+IHTZasO+8ih4 -E1Z5T21Q6huwtVexN2ZYI/PcD98Kh8TvhgXVOBRgmaNL3gaWcSzy27YfpO8/7g== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEGTCCAwECEGFwy0mMX5hFKeewptlQW3owDQYJKoZIhvcNAQEFBQAwgcoxCzAJ -BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVy -aVNpZ24gVHJ1c3QgTmV0d29yazE6MDgGA1UECxMxKGMpIDE5OTkgVmVyaVNpZ24s -IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTFFMEMGA1UEAxM8VmVyaVNp -Z24gQ2xhc3MgMiBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0 -eSAtIEczMB4XDTk5MTAwMTAwMDAwMFoXDTM2MDcxNjIzNTk1OVowgcoxCzAJBgNV -BAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVyaVNp -Z24gVHJ1c3QgTmV0d29yazE6MDgGA1UECxMxKGMpIDE5OTkgVmVyaVNpZ24sIElu -Yy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTFFMEMGA1UEAxM8VmVyaVNpZ24g -Q2xhc3MgMiBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAt -IEczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwoNwtUs22e5LeWU -J92lvuCwTY+zYVY81nzD9M0+hsuiiOLh2KRpxbXiv8GmR1BeRjmL1Za6tW8UvxDO -JxOeBUebMXoT2B/Z0wI3i60sR/COgQanDTAM6/c8DyAd3HJG7qUCyFvDyVZpTMUY -wZF7C9UTAJu878NIPkZgIIUq1ZC2zYugzDLdt/1AVbJQHFauzI13TccgTacxdu9o -koqQHgiBVrKtaaNS0MscxCM9H5n+TOgWY47GCI72MfbS+uV23bUckqNJzc0BzWjN -qWm6o+sdDZykIKbBoMXRRkwXbdKsZj+WjOCE1Db/IlnF+RFgqF8EffIa9iVCYQ/E -Srg+iQIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQA0JhU8wI1NQ0kdvekhktdmnLfe -xbjQ5F1fdiLAJvmEOjr5jLX77GDx6M4EsMjdpwOPMPOY36TmpDHf0xwLRtxyID+u -7gU8pDM/CzmscHhzS5kr3zDCVLCoO1Wh/hYozUK9dG6A2ydEp85EXdQbkJgNHkKU -sQAsBNB0owIFImNjzYO1+8FtYmtpdf1dcEG59b98377BMnMiIYtYgXsVkXq642RI -sH/7NiXaldDxJBQX3RiAa0YjOVT1jmIJBB2UkKab5iXiQkWquJCtvgiPqQtCGJTP -cjnhsUPgKM+351psE2tJs//jGHyJizNdrDPXp/naOlXJWBD5qu9ats9LS98q ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEGjCCAwICEQCbfgZJoz5iudXukEhxKe9XMA0GCSqGSIb3DQEBBQUAMIHKMQsw -CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZl -cmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWdu -LCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlT -aWduIENsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3Jp -dHkgLSBHMzAeFw05OTEwMDEwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMIHKMQswCQYD -VQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlT -aWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJ -bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWdu -IENsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg -LSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMu6nFL8eB8aHm8b -N3O9+MlrlBIwT/A2R/XQkQr1F8ilYcEWQE37imGQ5XYgwREGfassbqb1EUGO+i2t -KmFZpGcmTNDovFJbcCAEWNF6yaRpvIMXZK0Fi7zQWM6NjPXr8EJJC52XJ2cybuGu -kxUccLwgTS8Y3pKI6GyFVxEa6X7jJhFUokWWVYPKMIno3Nij7SqAP395ZVc+FSBm -CC+Vk7+qRy+oRpfwEuL+wgorUeZ25rdGt+INpsyow0xZVYnm6FNcHOqd8GIWC6fJ -Xwzw3sJ2zq/3avL6QaaiMxTJ5Xpj055iN9WFZZ4O5lMkdBteHRJTW8cs54NJOxWu -imi5V5cCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAERSWwauSCPc/L8my/uRan2Te -2yFPhpk0djZX3dAVL8WtfxUfN2JzPtTnX84XA9s1+ivbrmAJXx5fj267Cz3qWhMe -DGBvtcC1IyIuBwvLqXTLR7sdwdela8wv0kL9Sd2nic9TutoAWii/gt/4uhMdUIaC -/Y4wjylGsB49Ndo4YhYYSq3mtlFs3q9i6wHQHiT+eo8SGhJouPtmmRQURVyu565p -F4ErWjfJXir0xuKhXFSbplQAz/DxwceYMBo7Nhbbo27q/a2ywtrvAkcTisDxszGt -TxzhT5yvDwyd93gN2PQ1VoDat20Xj50egWTh/sVFuq1ruQp6Tk9LhO5L8X3dEQ== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDojCCAoqgAwIBAgIQE4Y1TR0/BvLB+WUF1ZAcYjANBgkqhkiG9w0BAQUFADBr -MQswCQYDVQQGEwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UECxMmVmlzYSBJbnRl -cm5hdGlvbmFsIFNlcnZpY2UgQXNzb2NpYXRpb24xHDAaBgNVBAMTE1Zpc2EgZUNv -bW1lcmNlIFJvb3QwHhcNMDIwNjI2MDIxODM2WhcNMjIwNjI0MDAxNjEyWjBrMQsw -CQYDVQQGEwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UECxMmVmlzYSBJbnRlcm5h -dGlvbmFsIFNlcnZpY2UgQXNzb2NpYXRpb24xHDAaBgNVBAMTE1Zpc2EgZUNvbW1l -cmNlIFJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvV95WHm6h -2mCxlCfLF9sHP4CFT8icttD0b0/Pmdjh28JIXDqsOTPHH2qLJj0rNfVIsZHBAk4E -lpF7sDPwsRROEW+1QK8bRaVK7362rPKgH1g/EkZgPI2h4H3PVz4zHvtH8aoVlwdV -ZqW1LS7YgFmypw23RuwhY/81q6UCzyr0TP579ZRdhE2o8mCP2w4lPJ9zcc+U30rq -299yOIzzlr3xF7zSujtFWsan9sYXiwGd/BmoKoMWuDpI/k4+oKsGGelT84ATB+0t -vz8KPFUgOSwsAGl0lUq8ILKpeeUYiZGo3BxN77t+Nwtd/jmliFKMAGzsGHxBvfaL -dXe6YJ2E5/4tAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD -AgEGMB0GA1UdDgQWBBQVOIMPPyw/cDMezUb+B4wg4NfDtzANBgkqhkiG9w0BAQUF -AAOCAQEAX/FBfXxcCLkr4NWSR/pnXKUTwwMhmytMiUbPWU3J/qVAtmPN3XEolWcR -zCSs00Rsca4BIGsDoo8Ytyk6feUWYFN4PMCvFYP3j1IzJL1kk5fui/fbGKhtcbP3 -LBfQdCVp9/5rPJS+TUtBjE7ic9DjkCJzQ83z7+pzzkWKsKZJ/0x9nXGIxHYdkFsd -7v3M9+79YKWxehZx0RbQfBI8bGmX265fOZpwLwU8GUYEmSA20GBuYQa7FkKMcPcw -++DbZqMAAb3mLNqRX6BGi01qnD093QVG/na/oAo85ADmJ7f/hC3euiInlhBx6yLt -398znM/jra6O1I7mT1GvFpLgXPYHDw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEMDCCAxigAwIBAgIQUJRs7Bjq1ZxN1ZfvdY+grTANBgkqhkiG9w0BAQUFADCB -gjELMAkGA1UEBhMCVVMxHjAcBgNVBAsTFXd3dy54cmFtcHNlY3VyaXR5LmNvbTEk -MCIGA1UEChMbWFJhbXAgU2VjdXJpdHkgU2VydmljZXMgSW5jMS0wKwYDVQQDEyRY -UmFtcCBHbG9iYWwgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQxMTAxMTcx -NDA0WhcNMzUwMTAxMDUzNzE5WjCBgjELMAkGA1UEBhMCVVMxHjAcBgNVBAsTFXd3 -dy54cmFtcHNlY3VyaXR5LmNvbTEkMCIGA1UEChMbWFJhbXAgU2VjdXJpdHkgU2Vy -dmljZXMgSW5jMS0wKwYDVQQDEyRYUmFtcCBHbG9iYWwgQ2VydGlmaWNhdGlvbiBB -dXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYJB69FbS6 -38eMpSe2OAtp87ZOqCwuIR1cRN8hXX4jdP5efrRKt6atH67gBhbim1vZZ3RrXYCP -KZ2GG9mcDZhtdhAoWORlsH9KmHmf4MMxfoArtYzAQDsRhtDLooY2YKTVMIJt2W7Q -DxIEM5dfT2Fa8OT5kavnHTu86M/0ay00fOJIYRyO82FEzG+gSqmUsE3a56k0enI4 -qEHMPJQRfevIpoy3hsvKMzvZPTeL+3o+hiznc9cKV6xkmxnr9A8ECIqsAxcZZPRa -JSKNNCyy9mgdEm3Tih4U2sSPpuIjhdV6Db1q4Ons7Be7QhtnqiXtRYMh/MHJfNVi -PvryxS3T/dRlAgMBAAGjgZ8wgZwwEwYJKwYBBAGCNxQCBAYeBABDAEEwCwYDVR0P -BAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFMZPoj0GY4QJnM5i5ASs -jVy16bYbMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwueHJhbXBzZWN1cml0 -eS5jb20vWEdDQS5jcmwwEAYJKwYBBAGCNxUBBAMCAQEwDQYJKoZIhvcNAQEFBQAD -ggEBAJEVOQMBG2f7Shz5CmBbodpNl2L5JFMn14JkTpAuw0kbK5rc/Kh4ZzXxHfAR -vbdI4xD2Dd8/0sm2qlWkSLoC295ZLhVbO50WfUfXN+pfTXYSNrsf16GBBEYgoyxt -qZ4Bfj8pzgCT3/3JknOJiWSe5yvkHJEs0rnOfc5vMZnT5r7SHpDwCRR5XCOrTdLa -IR9NmXmd4c8nnxCbHIgNsIpkQTG4DmyQJKSbXHGPurt+HBvbaoAPIbzp26a3QPSy -i6mx5O+aGtA9aZnuqCij4Tyz8LIRnM98QObd50N9otg6tamN8jSZxNQQ4Qb9CYQQ -O+7ETPTsJ3xCwnR8gooJybQDJbw= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDODCCAiCgAwIBAgIGIAYFFnACMA0GCSqGSIb3DQEBBQUAMDsxCzAJBgNVBAYT -AlJPMREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJR04gUk9PVCBD -QTAeFw0wNjA3MDQxNzIwMDRaFw0zMTA3MDQxNzIwMDRaMDsxCzAJBgNVBAYTAlJP -MREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJR04gUk9PVCBDQTCC -ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALczuX7IJUqOtdu0KBuqV5Do -0SLTZLrTk+jUrIZhQGpgV2hUhE28alQCBf/fm5oqrl0Hj0rDKH/v+yv6efHHrfAQ -UySQi2bJqIirr1qjAOm+ukbuW3N7LBeCgV5iLKECZbO9xSsAfsT8AzNXDe3i+s5d -RdY4zTW2ssHQnIFKquSyAVwdj1+ZxLGt24gh65AIgoDzMKND5pCCrlUoSe1b16kQ -OA7+j0xbm0bqQfWwCHTD0IgztnzXdN/chNFDDnU5oSVAKOp4yw4sLjmdjItuFhwv -JoIQ4uNllAoEwF73XVv4EOLQunpL+943AAAaWyjj0pxzPjKHmKHJUS/X3qwzs08C -AwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAcYwHQYDVR0O -BBYEFOCMm9slSbPxfIbWskKHC9BroNnkMA0GCSqGSIb3DQEBBQUAA4IBAQA+0hyJ -LjX8+HXd5n9liPRyTMks1zJO890ZeUe9jjtbkw9QSSQTaxQGcu8J06Gh40CEyecY -MnQ8SG4Pn0vU9x7Tk4ZkVJdjclDVVc/6IJMCopvDI5NOFlV2oHB5bc0hH88vLbwZ -44gx+FkagQnIl6Z0x2DEW8xXjrJ1/RsCCdtZb3KTafcxQdaIOL+Hsr0Wefmq5L6I -Jd1hJyMctTEHBDa0GpC9oHRxUIltvBTjD4au8as+x6AJzKNI0eDbZOeStc+vckNw -i/nDhDwTqn6Sm1dTk/pwwpEOMfmbZ13pljheX7NzTogVZ96edhBiIL5VaZVDADlN -9u6wWk5JRFRYX0KD ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIFsDCCA5igAwIBAgIQFci9ZUdcr7iXAF7kBtK8nTANBgkqhkiG9w0BAQUFADBe -MQswCQYDVQQGEwJUVzEjMCEGA1UECgwaQ2h1bmdod2EgVGVsZWNvbSBDby4sIEx0 -ZC4xKjAoBgNVBAsMIWVQS0kgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAe -Fw0wNDEyMjAwMjMxMjdaFw0zNDEyMjAwMjMxMjdaMF4xCzAJBgNVBAYTAlRXMSMw -IQYDVQQKDBpDaHVuZ2h3YSBUZWxlY29tIENvLiwgTHRkLjEqMCgGA1UECwwhZVBL -SSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIICIjANBgkqhkiG9w0BAQEF -AAOCAg8AMIICCgKCAgEA4SUP7o3biDN1Z82tH306Tm2d0y8U82N0ywEhajfqhFAH -SyZbCUNsIZ5qyNUD9WBpj8zwIuQf5/dqIjG3LBXy4P4AakP/h2XGtRrBp0xtInAh -ijHyl3SJCRImHJ7K2RKilTza6We/CKBk49ZCt0Xvl/T29de1ShUCWH2YWEtgvM3X -DZoTM1PRYfl61dd4s5oz9wCGzh1NlDivqOx4UXCKXBCDUSH3ET00hl7lSM2XgYI1 -TBnsZfZrxQWh7kcT1rMhJ5QQCtkkO7q+RBNGMD+XPNjX12ruOzjjK9SXDrkb5wdJ -fzcq+Xd4z1TtW0ado4AOkUPB1ltfFLqfpo0kR0BZv3I4sjZsN/+Z0V0OWQqraffA -sgRFelQArr5T9rXn4fg8ozHSqf4hUmTFpmfwdQcGlBSBVcYn5AGPF8Fqcde+S/uU -WH1+ETOxQvdibBjWzwloPn9s9h6PYq2lY9sJpx8iQkEeb5mKPtf5P0B6ebClAZLS -nT0IFaUQAS2zMnaolQ2zepr7BxB4EW/hj8e6DyUadCrlHJhBmd8hh+iVBmoKs2pH -dmX2Os+PYhcZewoozRrSgx4hxyy/vv9haLdnG7t4TY3OZ+XkwY63I2binZB1NJip -NiuKmpS5nezMirH4JYlcWrYvjB9teSSnUmjDhDXiZo1jDiVN1Rmy5nk3pyKdVDEC -AwEAAaNqMGgwHQYDVR0OBBYEFB4M97Zn8uGSJglFwFU5Lnc/QkqiMAwGA1UdEwQF -MAMBAf8wOQYEZyoHAAQxMC8wLQIBADAJBgUrDgMCGgUAMAcGBWcqAwAABBRFsMLH -ClZ87lt4DJX5GFPBphzYEDANBgkqhkiG9w0BAQUFAAOCAgEACbODU1kBPpVJufGB -uvl2ICO1J2B01GqZNF5sAFPZn/KmsSQHRGoqxqWOeBLoR9lYGxMqXnmbnwoqZ6Yl -PwZpVnPDimZI+ymBV3QGypzqKOg4ZyYr8dW1P2WT+DZdjo2NQCCHGervJ8A9tDkP -JXtoUHRVnAxZfVo9QZQlUgjgRywVMRnVvwdVxrsStZf0X4OFunHB2WyBEXYKCrC/ -gpf36j36+uwtqSiUO1bd0lEursC9CBWMd1I0ltabrNMdjmEPNXubrjlpC2JgQCA2 -j6/7Nu4tCEoduL+bXPjqpRugc6bY+G7gMwRfaKonh+3ZwZCc7b3jajWvY9+rGNm6 -5ulK6lCKD2GTHuItGeIwlDWSXQ62B68ZgI9HkFFLLk3dheLSClIKF5r8GrBQAuUB -o2M3IUxExJtRmREOc5wGj1QupyheRDmHVi03vYVElOEMSyycw5KFNGHLD7ibSkNS -/jQ6fbjpKdx2qcgw+BRxgMYeNkh0IkFch4LoGHGLQYlE535YW6i4jRPpp2zDR+2z -Gp1iro2C6pSe3VkQw63d4k3jMdXH7OjysP6SHhYKGvzZ8/gntsm+HbRsZJB/9OTE -W9c3rkIO3aQab3yIVMUWbuF6aC74Or8NpDyJO3inTmODBCEIZ43ygknQW/2xzQ+D -hNQ+IIX3Sj0rnP0qCglN6oH4EZw= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEIDCCAwigAwIBAgIQNE7VVyDV7exJ9C/ON9srbTANBgkqhkiG9w0BAQUFADCB -qTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf -Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIw -MDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNV -BAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMDYxMTE3MDAwMDAwWhcNMzYw -NzE2MjM1OTU5WjCBqTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5j -LjEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYG -A1UECxMvKGMpIDIwMDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNl -IG9ubHkxHzAdBgNVBAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsoPD7gFnUnMekz52hWXMJEEUMDSxuaPFs -W0hoSVk3/AszGcJ3f8wQLZU0HObrTQmnHNK4yZc2AreJ1CRfBsDMRJSUjQJib+ta -3RGNKJpchJAQeg29dGYvajig4tVUROsdB58Hum/u6f1OCyn1PoSgAfGcq/gcfomk -6KHYcWUNo1F77rzSImANuVud37r8UVsLr5iy6S7pBOhih94ryNdOwUxkHt3Ph1i6 -Sk/KaAcdHJ1KxtUvkcx8cXIcxcBn6zL9yZJclNqFwJu/U30rCfSMnZEfl2pSy94J -NqR32HuHUETVPm4pafs5SSYeCaWAe0At6+gnhcn+Yf1+5nyXHdWdAgMBAAGjQjBA -MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBR7W0XP -r87Lev0xkhpqtvNG61dIUDANBgkqhkiG9w0BAQUFAAOCAQEAeRHAS7ORtvzw6WfU -DW5FvlXok9LOAz/t2iWwHVfLHjp2oEzsUHboZHIMpKnxuIvW1oeEuzLlQRHAd9mz -YJ3rG9XRbkREqaYB7FViHXe4XI5ISXycO1cRrK1zN44veFyQaEfZYGDm/Ac9IiAX -xPcW6cTYcvnIc3zfFi8VqT79aie2oetaupgf1eNNZAqdE8hhuvU5HIe6uL17In/2 -/qxAeeWsEG89jxt5dovEN7MhGITlNgDrYyCZuen+MwS7QcjBAvlEYyCegc5C09Y/ -LHbTY5xZ3Y+m4Q6gLkH3LpVHz7z9M/P2C2F+fpErgUfCJzDupxBdN49cOSvkBPB7 -jVaMaA== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIICiDCCAg2gAwIBAgIQNfwmXNmET8k9Jj1Xm67XVjAKBggqhkjOPQQDAzCBhDEL -MAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjE4MDYGA1UECxMvKGMp -IDIwMDcgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxJDAi -BgNVBAMTG3RoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EgLSBHMjAeFw0wNzExMDUwMDAw -MDBaFw0zODAxMTgyMzU5NTlaMIGEMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhh -d3RlLCBJbmMuMTgwNgYDVQQLEy8oYykgMjAwNyB0aGF3dGUsIEluYy4gLSBGb3Ig -YXV0aG9yaXplZCB1c2Ugb25seTEkMCIGA1UEAxMbdGhhd3RlIFByaW1hcnkgUm9v -dCBDQSAtIEcyMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEotWcgnuVnfFSeIf+iha/ -BebfowJPDQfGAFG6DAJSLSKkQjnE/o/qycG+1E3/n3qe4rF8mq2nhglzh9HnmuN6 -papu+7qzcMBniKI11KOasf2twu8x+qi58/sIxpHR+ymVo0IwQDAPBgNVHRMBAf8E -BTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUmtgAMADna3+FGO6Lts6K -DPgR4bswCgYIKoZIzj0EAwMDaQAwZgIxAN344FdHW6fmCsO99YCKlzUNG4k8VIZ3 -KMqh9HneteY4sPBlcIx/AlTCv//YoT7ZzwIxAMSNlPzcU9LcnXgWHxUzI1NS41ox -XZ3Krr0TKUQNJ1uo52icEvdYPy5yAlejj6EULg== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIEKjCCAxKgAwIBAgIQYAGXt0an6rS0mtZLL/eQ+zANBgkqhkiG9w0BAQsFADCB -rjELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf -Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIw -MDggdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxJDAiBgNV -BAMTG3RoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EgLSBHMzAeFw0wODA0MDIwMDAwMDBa -Fw0zNzEyMDEyMzU5NTlaMIGuMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3Rl -LCBJbmMuMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9u -MTgwNgYDVQQLEy8oYykgMjAwOCB0aGF3dGUsIEluYy4gLSBGb3IgYXV0aG9yaXpl -ZCB1c2Ugb25seTEkMCIGA1UEAxMbdGhhd3RlIFByaW1hcnkgUm9vdCBDQSAtIEcz -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsr8nLPvb2FvdeHsbnndm -gcs+vHyu86YnmjSjaDFxODNi5PNxZnmxqWWjpYvVj2AtP0LMqmsywCPLLEHd5N/8 -YZzic7IilRFDGF/Eth9XbAoFWCLINkw6fKXRz4aviKdEAhN0cXMKQlkC+BsUa0Lf -b1+6a4KinVvnSr0eAXLbS3ToO39/fR8EtCab4LRarEc9VbjXsCZSKAExQGbY2SS9 -9irY7CFJXJv2eul/VTV+lmuNk5Mny5K76qxAwJ/C+IDPXfRa3M50hqY+bAtTyr2S -zhkGcuYMXDhpxwTWvGzOW/b3aJzcJRVIiKHpqfiYnODz1TEoYRFsZ5aNOZnLwkUk -OQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNV -HQ4EFgQUrWyqlGCc7eT/+j4KdCtjA/e2Wb8wDQYJKoZIhvcNAQELBQADggEBABpA -2JVlrAmSicY59BDlqQ5mU1143vokkbvnRFHfxhY0Cu9qRFHqKweKA3rD6z8KLFIW -oCtDuSWQP3CpMyVtRRooOyfPqsMpQhvfO0zAMzRbQYi/aytlryjvsvXDqmbOe1bu -t8jLZ8HJnBoYuMTDSQPxYA5QzUbF83d597YV4Djbxy8ooAw/dyZ02SUS2jHaGh7c -KUGRIjxpp7sC8rZcJwOJ9Abqm+RyguOhCcHpABnTPtRwa7pxpqpYrvS76Wy274fM -m7v/OeZWYdMKp8RcTGB7BXcmer/YB1IsYvdwY9k5vG8cwnncdimvzsUsZAReiDZu -MdRAGmI0Nj81Aa6sY6A= ------END CERTIFICATE----- diff --git a/bitnami/kubeapps-asset-syncer/2/debian-11/tags-info.yaml b/bitnami/kubeapps-asset-syncer/2/debian-11/tags-info.yaml deleted file mode 100644 index 6a4080a5f75e..000000000000 --- a/bitnami/kubeapps-asset-syncer/2/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "2" -- 2-debian-11 -- 2.9.0 -- latest diff --git a/bitnami/kubeapps-dashboard/2/debian-11/Dockerfile b/bitnami/kubeapps-dashboard/2/debian-11/Dockerfile deleted file mode 100644 index 20ef8bc472b3..000000000000 --- a/bitnami/kubeapps-dashboard/2/debian-11/Dockerfile +++ /dev/null @@ -1,64 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T13:27:20Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="2.9.0-debian-11-r39" \ - org.opencontainers.image.title="kubeapps-dashboard" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="2.9.0" - -ENV OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libcrypt1 libgeoip1 libpcre3 libssl1.1 openssl procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "render-template-1.0.6-8-linux-${OS_ARCH}-debian-11" \ - "nginx-1.25.4-0-linux-${OS_ARCH}-debian-11" \ - "kubeapps-2.9.0-2-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN ln -sf /dev/stdout /opt/bitnami/nginx/logs/access.log -RUN ln -sf /dev/stderr /opt/bitnami/nginx/logs/error.log - -COPY rootfs / -RUN rm -rf /app && \ - ln -sf /opt/bitnami/kubeapps /opt/bitnami/kubeapps-dashboard && \ - mv /opt/bitnami/kubeapps/build /app -RUN chmod -R g+rwX /opt/bitnami/nginx/conf -RUN /opt/bitnami/scripts/nginx/postunpack.sh -ENV APP_VERSION="2.9.0" \ - BITNAMI_APP_NAME="kubeapps-dashboard" \ - NGINX_HTTPS_PORT_NUMBER="" \ - NGINX_HTTP_PORT_NUMBER="" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/nginx/sbin:$PATH" - -EXPOSE 8080 8443 - -WORKDIR /app -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/nginx/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/nginx/run.sh" ] diff --git a/bitnami/kubeapps-dashboard/2/debian-11/docker-compose.yml b/bitnami/kubeapps-dashboard/2/debian-11/docker-compose.yml deleted file mode 100644 index 1b75e0ec5936..000000000000 --- a/bitnami/kubeapps-dashboard/2/debian-11/docker-compose.yml +++ /dev/null @@ -1,11 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' - -services: - kubeapps: - image: docker.io/bitnami/kubeapps-dashboard:2 - ports: - - '80:80' - - '443:443' diff --git a/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 059917308474..000000000000 --- a/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "kubeapps": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.9.0-2" - }, - "nginx": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.25.4-0" - }, - "render-template": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.6-8" - } -} \ No newline at end of file diff --git a/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/kubeapps-dashboard/2/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/nginx/conf/bitnami/protect-hidden-files.conf b/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/nginx/conf/bitnami/protect-hidden-files.conf deleted file mode 100644 index 2ddab8c9a1e0..000000000000 --- a/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/nginx/conf/bitnami/protect-hidden-files.conf +++ /dev/null @@ -1,4 +0,0 @@ -# Deny all attempts to access hidden files such as .htaccess or .htpasswd -location ~ /\. { - deny all; -} diff --git a/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/nginx/conf/nginx.conf b/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/nginx/conf/nginx.conf deleted file mode 100644 index 9833b1cfd043..000000000000 --- a/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/nginx/conf/nginx.conf +++ /dev/null @@ -1,60 +0,0 @@ -# Based on https://www.nginx.com/resources/wiki/start/topics/examples/full/#nginx-conf -user www www; ## Default: nobody - -worker_processes auto; -error_log "/opt/bitnami/nginx/logs/error.log"; -pid "/opt/bitnami/nginx/tmp/nginx.pid"; - -events { - worker_connections 1024; -} - -http { - include mime.types; - default_type application/octet-stream; - log_format main '$remote_addr - $remote_user [$time_local] ' - '"$request" $status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; - access_log "/opt/bitnami/nginx/logs/access.log" main; - add_header X-Frame-Options SAMEORIGIN; - - client_body_temp_path "/opt/bitnami/nginx/tmp/client_body" 1 2; - proxy_temp_path "/opt/bitnami/nginx/tmp/proxy" 1 2; - fastcgi_temp_path "/opt/bitnami/nginx/tmp/fastcgi" 1 2; - scgi_temp_path "/opt/bitnami/nginx/tmp/scgi" 1 2; - uwsgi_temp_path "/opt/bitnami/nginx/tmp/uwsgi" 1 2; - - sendfile on; - tcp_nopush on; - tcp_nodelay off; - gzip on; - gzip_http_version 1.0; - gzip_comp_level 2; - gzip_proxied any; - gzip_types text/plain text/css application/javascript text/xml application/xml+rss; - keepalive_timeout 65; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305; - client_max_body_size 80M; - server_tokens off; - - absolute_redirect off; - port_in_redirect off; - - include "/opt/bitnami/nginx/conf/server_blocks/*.conf"; - - # HTTP Server - server { - # Port to listen on, can also be set in IP:PORT format - listen 80; - - include "/opt/bitnami/nginx/conf/bitnami/*.conf"; - - location /status { - stub_status on; - access_log off; - allow 127.0.0.1; - deny all; - } - } -} diff --git a/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/libnginx.sh b/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/libnginx.sh deleted file mode 100644 index 40f204ea4f7c..000000000000 --- a/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/libnginx.sh +++ /dev/null @@ -1,669 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami NGINX library - -# shellcheck disable=SC1090,SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if NGINX is running -# Globals: -# NGINX_TMP_DIR -# Arguments: -# None -# Returns: -# Boolean -######################### -is_nginx_running() { - local pid - pid="$(get_pid_from_file "$NGINX_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if NGINX is not running -# Globals: -# NGINX_TMP_DIR -# Arguments: -# None -# Returns: -# Boolean -######################### -is_nginx_not_running() { - ! is_nginx_running -} - -######################## -# Stop NGINX -# Globals: -# NGINX_TMP_DIR -# Arguments: -# None -# Returns: -# None -######################### -nginx_stop() { - ! is_nginx_running && return - debug "Stopping NGINX" - stop_service_using_pid "$NGINX_PID_FILE" -} - -######################## -# Configure NGINX server block port -# Globals: -# NGINX_CONF_DIR -# Arguments: -# $1 - Port number -# $2 - (optional) Path to server block file -# Returns: -# None -######################### -nginx_configure_port() { - local port=${1:?missing port} - local file=${2:-"$NGINX_CONF_FILE"} - if is_file_writable "$file"; then - local nginx_configuration - debug "Setting port number to ${port} in '${file}'" - # TODO: find an appropriate NGINX parser to avoid 'sed calls' - nginx_configuration="$(sed -E "s/(listen\s+)[0-9]{1,5}(.*);/\1${port}\2;/g" "$file")" - echo "$nginx_configuration" >"$file" - fi -} - -######################## -# Configure NGINX directives -# Globals: -# NGINX_CONF_DIR -# Arguments: -# $1 - Directive to modify -# $2 - Value -# $3 - (optional) Path to server block file -# Returns: -# None -######################### -nginx_configure() { - local directive=${1:?missing directive} - local value=${2:?missing value} - local file=${3:-"$NGINX_CONF_FILE"} - if is_file_writable "$file"; then - local nginx_configuration - debug "Setting directive '${directive}' to '${value}' in '${file}'" - nginx_configuration="$(sed -E "s/(\s*${directive}\s+)(.+);/\1${value};/g" "$file")" - echo "$nginx_configuration" >"$file" - fi -} - -######################## -# Validate settings in NGINX_* env vars -# Globals: -# NGINX_* -# Arguments: -# None -# Returns: -# None -######################### -nginx_validate() { - info "Validating settings in NGINX_* env vars" - local error_code=0 - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - check_yes_no_value() { - if ! is_yes_no_value "${!1}" && ! is_true_false_value "${!1}"; then - print_validation_error "The allowed values for ${1} are: yes no" - fi - } - check_valid_port() { - local port_var="${1:?missing port variable}" - local validate_port_args=() - local err - ! am_i_root && validate_port_args+=("-unprivileged") - if ! err="$(validate_port "${validate_port_args[@]}" "${!port_var}")"; then - print_validation_error "An invalid port was specified in the environment variable ${port_var}: ${err}." - fi - } - - ! is_empty_value "$NGINX_ENABLE_ABSOLUTE_REDIRECT" && check_yes_no_value "NGINX_ENABLE_ABSOLUTE_REDIRECT" - ! is_empty_value "$NGINX_ENABLE_PORT_IN_REDIRECT" && check_yes_no_value "NGINX_ENABLE_PORT_IN_REDIRECT" - - ! is_empty_value "$NGINX_HTTP_PORT_NUMBER" && check_valid_port "NGINX_HTTP_PORT_NUMBER" - ! is_empty_value "$NGINX_HTTPS_PORT_NUMBER" && check_valid_port "NGINX_HTTPS_PORT_NUMBER" - - if ! is_file_writable "$NGINX_CONF_FILE"; then - warn "The NGINX configuration file '${NGINX_CONF_FILE}' is not writable by current user. Configurations based on environment variables will not be applied." - fi - return "$error_code" -} - -######################## -# Initialize NGINX -# Globals: -# NGINX_* -# Arguments: -# None -# Returns: -# None -######################### -nginx_initialize() { - info "Initializing NGINX" - - # This fixes an issue where the trap would kill the entrypoint.sh, if a PID was left over from a previous run - # Exec replaces the process without creating a new one, and when the container is restarted it may have the same PID - rm -f "${NGINX_TMP_DIR}/nginx.pid" - - # Persisted configuration files from old versions - if [[ -f "$NGINX_VOLUME_DIR/conf/nginx.conf" ]]; then - error "A 'nginx.conf' file was found inside '${NGINX_VOLUME_DIR}/conf'. This configuration is not supported anymore. Please mount the configuration file at '${NGINX_CONF_FILE}' instead." - exit 1 - fi - if ! is_dir_empty "$NGINX_VOLUME_DIR/conf/vhosts"; then - error "Custom server blocks files were found inside '$NGINX_VOLUME_DIR/conf/vhosts'. This configuration is not supported anymore. Please mount your custom server blocks config files at '${NGINX_SERVER_BLOCKS_DIR}' instead." - exit 1 - fi - - debug "Updating NGINX configuration based on environment variables" - local nginx_user_configuration - if am_i_root; then - debug "Ensuring NGINX daemon user/group exists" - ensure_user_exists "$NGINX_DAEMON_USER" --group "$NGINX_DAEMON_GROUP" - if [[ -n "${NGINX_DAEMON_USER:-}" ]]; then - chown -R "${NGINX_DAEMON_USER:-}" "$NGINX_TMP_DIR" - fi - nginx_configure "user" "${NGINX_DAEMON_USER:-} ${NGINX_DAEMON_GROUP:-}" - else - # The "user" directive makes sense only if the master process runs with super-user privileges - # TODO: find an appropriate NGINX parser to avoid 'sed calls' - nginx_user_configuration="$(sed -E "s/(^user)/# \1/g" "$NGINX_CONF_FILE")" - is_file_writable "$NGINX_CONF_FILE" && echo "$nginx_user_configuration" >"$NGINX_CONF_FILE" - fi - # Configure HTTP port number - if [[ -n "${NGINX_HTTP_PORT_NUMBER:-}" ]]; then - nginx_configure_port "$NGINX_HTTP_PORT_NUMBER" - fi - # Configure HTTPS port number - if [[ -n "${NGINX_HTTPS_PORT_NUMBER:-}" ]] && [[ -f "${NGINX_SERVER_BLOCKS_DIR}/default-https-server-block.conf" ]]; then - nginx_configure_port "$NGINX_HTTPS_PORT_NUMBER" "${NGINX_SERVER_BLOCKS_DIR}/default-https-server-block.conf" - fi - nginx_configure "absolute_redirect" "$(is_boolean_yes "$NGINX_ENABLE_ABSOLUTE_REDIRECT" && echo "on" || echo "off" )" - nginx_configure "port_in_redirect" "$(is_boolean_yes "$NGINX_ENABLE_PORT_IN_REDIRECT" && echo "on" || echo "off" )" -} - -######################## -# Ensure an NGINX application configuration exists (in server block format) -# Globals: -# NGINX_* -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on what configuration template will be used, allowed values: php, (empty) -# --hosts - Host listen addresses -# --server-name - Server name (if not specified, a catch-all server block will be created) -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render the app's server blocks with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server block with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server block with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --additional-configuration - Additional server block configuration (no default) -# --external-configuration - Configuration external to server block (no default) -# --document-root - Path to document root directory -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_nginx_app_configuration_exists() { - export app="${1:?missing app}" - # Default options - local type="" - local -a hosts=() - local server_name - local -a server_aliases=() - local allow_remote_connections="yes" - local disable="no" - local disable_http="no" - local disable_https="no" - # Template variables defaults - export additional_configuration="" - export external_configuration="" - export document_root="${BITNAMI_ROOT_DIR}/${app}" - export http_port="${NGINX_HTTP_PORT_NUMBER:-"$NGINX_DEFAULT_HTTP_PORT_NUMBER"}" - export https_port="${NGINX_HTTPS_PORT_NUMBER:-"$NGINX_DEFAULT_HTTPS_PORT_NUMBER"}" - # Validate arguments - local var_name - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --hosts | \ - --server-aliases) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - read -r -a "${var_name?}" <<<"$1" - ;; - --disable | \ - --disable-http | \ - --disable-https) - - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - export "${var_name?}=yes" - ;; - --type | \ - --server-name | \ - --allow-remote-connections | \ - --http-port | \ - --https-port | \ - --additional-configuration | \ - --external-configuration | \ - --document-root | \ - --extra-directory-configuration) - - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - export "${var_name?}"="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Construct host string in the format of "listen host1:port1", "listen host2:port2", ... - export http_listen_configuration="" - export https_listen_configuration="" - if [[ "${#hosts[@]}" -gt 0 ]]; then - for host in "${hosts[@]}"; do - http_listen=$'\n'"listen ${host}:${http_port};" - https_listen=$'\n'"listen ${host}:${https_port} ssl;" - [[ -z "${http_listen_configuration:-}" ]] && http_listen_configuration="$http_listen" || http_listen_configuration="${http_listen_configuration}${http_listen}" - [[ -z "${https_listen_configuration:-}" ]] && https_listen_configuration="$https_listen" || https_listen_configuration="${https_listen_configuration}${https_listen}" - done - else - http_listen_configuration=$'\n'"listen ${http_port} default_server;" - https_listen_configuration=$'\n'"listen ${https_port} ssl default_server;" - fi - # Construct server_name block - export server_name_configuration="" - if ! is_empty_value "${server_name:-}"; then - server_name_configuration="server_name ${server_name}" - if [[ "${#server_aliases[@]}" -gt 0 ]]; then - server_name_configuration+=" ${server_aliases[*]}" - fi - server_name_configuration+=";" - else - server_name_configuration=" -# Catch-all server block -# See: https://nginx.org/en/docs/http/server_names.html#miscellaneous_names -server_name _;" - fi - # ACL configuration - export acl_configuration="" - if ! is_boolean_yes "$allow_remote_connections"; then - acl_configuration=" -default_type text/html; -if (\$remote_addr != 127.0.0.1) { - return 403 'For security reasons, this URL is only accessible using localhost (127.0.0.1) as the hostname.'; -} -# Avoid absolute redirects when connecting through a SSH tunnel -absolute_redirect off;" - fi - # Indent configurations - server_name_configuration="$(indent $'\n'"$server_name_configuration" 4)" - acl_configuration="$(indent "$acl_configuration" 4)" - additional_configuration=$'\n'"$(indent "$additional_configuration" 4)" - external_configuration=$'\n'"$external_configuration" - http_listen_configuration="$(indent "$http_listen_configuration" 4)" - https_listen_configuration="$(indent "$https_listen_configuration" 4)" - # Render templates - # We remove lines that are empty or contain only newspaces with 'sed', so the resulting file looks better - local template_name="app" - [[ -n "$type" && "$type" != "php" ]] && template_name="app-${type}" - local template_dir="${BITNAMI_ROOT_DIR}/scripts/nginx/bitnami-templates" - local http_server_block="${NGINX_SERVER_BLOCKS_DIR}/${app}-server-block.conf" - local https_server_block="${NGINX_SERVER_BLOCKS_DIR}/${app}-https-server-block.conf" - local -r disable_suffix=".disabled" - (is_boolean_yes "$disable" || is_boolean_yes "$disable_http") && http_server_block+="$disable_suffix" - (is_boolean_yes "$disable" || is_boolean_yes "$disable_https") && https_server_block+="$disable_suffix" - if is_file_writable "$http_server_block"; then - # Create file with root group write privileges, so it can be modified in non-root containers - [[ ! -f "$http_server_block" ]] && touch "$http_server_block" && chmod g+rw "$http_server_block" - render-template "${template_dir}/${template_name}-http-server-block.conf.tpl" | sed '/^\s*$/d' >"$http_server_block" - elif [[ ! -f "$http_server_block" ]]; then - error "Could not create server block for ${app} at '${http_server_block}'. Check permissions and ownership for parent directories." - return 1 - else - warn "The ${app} server block file '${http_server_block}' is not writable. Configurations based on environment variables will not be applied for this file." - fi - if is_file_writable "$https_server_block"; then - # Create file with root group write privileges, so it can be modified in non-root containers - [[ ! -f "$https_server_block" ]] && touch "$https_server_block" && chmod g+rw "$https_server_block" - render-template "${template_dir}/${template_name}-https-server-block.conf.tpl" | sed '/^\s*$/d' >"$https_server_block" - elif [[ ! -f "$https_server_block" ]]; then - error "Could not create server block for ${app} at '${https_server_block}'. Check permissions and ownership for parent directories." - return 1 - else - warn "The ${app} server block file '${https_server_block}' is not writable. Configurations based on environment variables will not be applied for this file." - fi -} - -######################## -# Ensure an NGINX application configuration does not exist anymore (in server block format) -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_nginx_app_configuration_not_exists() { - local app="${1:?missing app}" - local http_server_block="${NGINX_SERVER_BLOCKS_DIR}/${app}-server-block.conf" - local https_server_block="${NGINX_SERVER_BLOCKS_DIR}/${app}-https-server-block.conf" - local -r disable_suffix=".disabled" - # Note that 'rm -f' will not fail if the files don't exist - # However if we lack permissions to remove the file, it will result in a non-zero exit code, as expected by this function - rm -f "$http_server_block" "$https_server_block" "${http_server_block}${disable_suffix}" "${https_server_block}${disable_suffix}" -} - -######################## -# Ensure NGINX loads the configuration for an application in a URL prefix -# Globals: -# NGINX_* -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on what configuration template will be used, allowed values: php, (empty) -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --additional-configuration - Additional server block configuration (no default) -# --document-root - Path to document root directory -# --extra-directory-configuration - Extra configuration for the document root directory -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_nginx_prefix_configuration_exists() { - local app="${1:?missing app}" - # Default options - local type="" - local allow_remote_connections="yes" - local prefix="/${app}" - # Template variables defaults - export additional_configuration="" - export document_root="${BITNAMI_ROOT_DIR}/${app}" - export extra_directory_configuration="" - # Validate arguments - local var_name - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --type | \ - --allow-remote-connections | \ - --additional-configuration | \ - --document-root | \ - --extra-directory-configuration | \ - --prefix) - - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "${var_name?}"="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # ACL configuration - export acl_configuration="" - if ! is_boolean_yes "$allow_remote_connections"; then - acl_configuration=" -default_type text/html; -if (\$remote_addr != 127.0.0.1) { - return 403 'For security reasons, this URL is only accessible using localhost (127.0.0.1) as the hostname.'; -} -# Avoid absolute redirects when connecting through a SSH tunnel -absolute_redirect off;" - fi - # Prefix configuration - export location="$prefix" - # Indent configurations - acl_configuration="$(indent "$acl_configuration" 4)" - additional_configuration=$'\n'"$(indent "$additional_configuration" 4)" - # Render templates - # We remove lines that are empty or contain only newspaces with 'sed', so the resulting file looks better - local template_name="app" - [[ -n "$type" ]] && template_name="app-${type}" - local template_dir="${BITNAMI_ROOT_DIR}/scripts/nginx/bitnami-templates" - local prefix_file="${NGINX_CONF_DIR}/bitnami/${app}.conf" - if is_file_writable "$prefix_file"; then - # Create file with root group write privileges, so it can be modified in non-root containers - [[ ! -f "$prefix_file" ]] && touch "$prefix_file" && chmod g+rw "$prefix_file" - render-template "${template_dir}/${template_name}-prefix.conf.tpl" | sed '/^\s*$/d' >"$prefix_file" - elif [[ ! -f "$prefix_file" ]]; then - error "Could not create web server configuration file for ${app} at '${prefix_file}'. Check permissions and ownership for parent directories." - return 1 - else - warn "The ${app} web server configuration file '${prefix_file}' is not writable. Configurations based on environment variables will not be applied for this file." - fi -} - -######################## -# Ensure NGINX application configuration is updated with the runtime configuration (i.e. ports) -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Hosts to enable -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -nginx_update_app_configuration() { - local -r app="${1:?missing app}" - # Default options - local -a hosts=() - local enable_http="no" - local enable_https="no" - local disable_http="no" - local disable_https="no" - local http_port="${NGINX_HTTP_PORT_NUMBER:-"$NGINX_DEFAULT_HTTP_PORT_NUMBER"}" - local https_port="${NGINX_HTTPS_PORT_NUMBER:-"$NGINX_DEFAULT_HTTPS_PORT_NUMBER"}" - # Validate arguments - local var_name - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --hosts \ - | --server-aliases \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - read -r -a "${var_name?}" <<<"$1" - ;; - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - declare "${var_name?}=yes" - ;; - --server-name \ - | --http-port \ - | --https-port \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "${var_name?}=${1}" - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Construct host string in the format of "listen host1:port1", "listen host2:port2", ... - export http_listen_configuration="" - export https_listen_configuration="" - if [[ "${#hosts[@]}" -gt 0 ]]; then - for host in "${hosts[@]}"; do - http_listen="listen ${host}:${http_port};" - https_listen="listen ${host}:${https_port} ssl;" - [[ -z "${http_listen_configuration:-}" ]] && http_listen_configuration="$http_listen" || http_listen_configuration="${http_listen_configuration}"$'\\\n'"${http_listen}" - [[ -z "${https_listen_configuration:-}" ]] && https_listen_configuration="$https_listen" || https_listen_configuration="${https_listen_configuration}"$'\\\n'"${https_listen}" - done - else - http_listen_configuration="listen ${http_port} default_server;" - https_listen_configuration="listen ${https_port} ssl default_server;" - fi - # Indent configurations - http_listen_configuration="$(indent "$http_listen_configuration" 4)" - https_listen_configuration="$(indent "$https_listen_configuration" 4)" - # Update configuration - local -r http_server_block="${NGINX_SERVER_BLOCKS_DIR}/${app}-server-block.conf" - local -r https_server_block="${NGINX_SERVER_BLOCKS_DIR}/${app}-https-server-block.conf" - # Helper function to avoid duplicating code - update_common_server_block_config() { - local -r server_block_file="${1:?missing server block}" - # Update server_name - if ! is_empty_value "${server_name:-}"; then - local server_name_list="$server_name" - if [[ "${#server_aliases[@]}" -gt 0 ]]; then - server_name_list+=" ${server_aliases[*]}" - fi - replace_in_file "$server_block_file" "^(\s*server_name\s+)[^;]*" "\1${server_name_list}" - fi - } - # Disable and enable configuration files - rename_conf_file() { - local -r origin="$1" - local -r destination="$2" - if is_file_writable "$origin" && is_file_writable "$destination"; then - warn "Could not rename server block file '${origin}' to '${destination}' due to lack of permissions." - else - mv "$origin" "$destination" - fi - } - is_boolean_yes "$disable_http" && [[ -e "$http_server_block" ]] && rename_conf_file "${http_server_block}${disable_suffix}" "$http_server_block" - is_boolean_yes "$disable_https" && [[ -e "$https_server_block" ]] && rename_conf_file "${https_server_block}${disable_suffix}" "$https_server_block" - is_boolean_yes "$enable_http" && [[ -e "${http_server_block}${disable_suffix}" ]] && rename_conf_file "${http_server_block}${disable_suffix}" "$http_server_block" - is_boolean_yes "$enable_https" && [[ -e "${https_server_block}${disable_suffix}" ]] && rename_conf_file "${https_server_block}${disable_suffix}" "$https_server_block" - # Update only configuration files without the '.disabled' suffix - if [[ -e "$http_server_block" ]]; then - if is_file_writable "$http_server_block"; then - update_common_server_block_config "$http_server_block" - # Update specific server block config (listen addresses) - replace_in_file "$http_server_block" "^\s*listen\s.*;" "$http_listen_configuration" - else - warn "The ${app} server block file '${http_server_block}' is not writable. Configurations based on environment variables will not be applied for this file." - fi - fi - if [[ -e "$https_server_block" ]]; then - if is_file_writable "$https_server_block"; then - update_common_server_block_config "$https_server_block" - # Update specific server block config (listen addresses) - replace_in_file "$https_server_block" "^\s*listen\s.*\sssl;" "$https_listen_configuration" - else - warn "The ${app} server block file '${https_server_block}' is not writable. Configurations based on environment variables will not be applied for this file." - fi - fi -} - -######################## -# Run custom initialization scripts -# Globals: -# NGINX_* -# Arguments: -# None -# Returns: -# None -######################### -nginx_custom_init_scripts() { - if [[ -n $(find "${NGINX_INITSCRIPTS_DIR}/" -type f -regex ".*\.sh") ]]; then - info "Loading user's custom files from $NGINX_INITSCRIPTS_DIR ..." - local -r tmp_file="/tmp/filelist" - find "${NGINX_INITSCRIPTS_DIR}/" -type f -regex ".*\.sh" | sort >"$tmp_file" - while read -r f; do - case "$f" in - *.sh) - if [[ -x "$f" ]]; then - debug "Executing $f" - "$f" - else - debug "Sourcing $f" - . "$f" - fi - ;; - *) - debug "Ignoring $f" - ;; - esac - done <$tmp_file - nginx_stop - rm -f "$tmp_file" - else - info "No custom scripts in $NGINX_INITSCRIPTS_DIR" - fi -} - -######################## -# Generate sample TLS certificates without passphrase for sample HTTPS server_block -# Globals: -# NGINX_* -# Arguments: -# None -# Returns: -# None -######################### -nginx_generate_sample_certs() { - local certs_dir="${NGINX_CONF_DIR}/bitnami/certs" - - if ! is_boolean_yes "$NGINX_SKIP_SAMPLE_CERTS" && [[ ! -f "${certs_dir}/server.crt" ]]; then - # Check certificates directory exists and is writable - if [[ -d "$certs_dir" && -w "$certs_dir" ]]; then - SSL_KEY_FILE="${certs_dir}/server.key" - SSL_CERT_FILE="${certs_dir}/server.crt" - SSL_CSR_FILE="${certs_dir}/server.csr" - SSL_SUBJ="/CN=example.com" - SSL_EXT="subjectAltName=DNS:example.com,DNS:www.example.com,IP:127.0.0.1" - rm -f "$SSL_KEY_FILE" "$SSL_CERT_FILE" - openssl genrsa -out "$SSL_KEY_FILE" 4096 - # OpenSSL version 1.0.x does not use the same parameters as OpenSSL >= 1.1.x - if [[ "$(openssl version | grep -oE "[0-9]+\.[0-9]+")" == "1.0" ]]; then - openssl req -new -sha256 -out "$SSL_CSR_FILE" -key "$SSL_KEY_FILE" -nodes -subj "$SSL_SUBJ" - else - openssl req -new -sha256 -out "$SSL_CSR_FILE" -key "$SSL_KEY_FILE" -nodes -subj "$SSL_SUBJ" -addext "$SSL_EXT" - fi - openssl x509 -req -sha256 -in "$SSL_CSR_FILE" -signkey "$SSL_KEY_FILE" -out "$SSL_CERT_FILE" -days 1825 -extfile <(echo -n "$SSL_EXT") - rm -f "$SSL_CSR_FILE" - else - warn "The certificates directories '${certs_dir}' does not exist or is not writable, skipping sample HTTPS certificates generation" - fi - fi -} diff --git a/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx-env.sh b/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx-env.sh deleted file mode 100644 index 1d584e7b82c1..000000000000 --- a/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx-env.sh +++ /dev/null @@ -1,80 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for nginx - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-nginx}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -nginx_env_vars=( - NGINX_HTTP_PORT_NUMBER - NGINX_HTTPS_PORT_NUMBER - NGINX_SKIP_SAMPLE_CERTS - NGINX_ENABLE_ABSOLUTE_REDIRECT - NGINX_ENABLE_PORT_IN_REDIRECT -) -for env_var in "${nginx_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset nginx_env_vars -export WEB_SERVER_TYPE="nginx" - -# Paths -export NGINX_BASE_DIR="${BITNAMI_ROOT_DIR}/nginx" -export NGINX_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/nginx" -export NGINX_SBIN_DIR="${NGINX_BASE_DIR}/sbin" -export NGINX_CONF_DIR="${NGINX_BASE_DIR}/conf" -export NGINX_HTDOCS_DIR="${NGINX_BASE_DIR}/html" -export NGINX_TMP_DIR="${NGINX_BASE_DIR}/tmp" -export NGINX_LOGS_DIR="${NGINX_BASE_DIR}/logs" -export NGINX_SERVER_BLOCKS_DIR="${NGINX_CONF_DIR}/server_blocks" -export NGINX_INITSCRIPTS_DIR="/docker-entrypoint-initdb.d" -export NGINX_CONF_FILE="${NGINX_CONF_DIR}/nginx.conf" -export NGINX_PID_FILE="${NGINX_TMP_DIR}/nginx.pid" -export PATH="${NGINX_SBIN_DIR}:${BITNAMI_ROOT_DIR}/common/bin:${PATH}" - -# System users (when running with a privileged user) -export NGINX_DAEMON_USER="daemon" -export WEB_SERVER_DAEMON_USER="$NGINX_DAEMON_USER" -export NGINX_DAEMON_GROUP="daemon" -export WEB_SERVER_DAEMON_GROUP="$NGINX_DAEMON_GROUP" -export NGINX_DEFAULT_HTTP_PORT_NUMBER="8080" -export WEB_SERVER_DEFAULT_HTTP_PORT_NUMBER="$NGINX_DEFAULT_HTTP_PORT_NUMBER" # only used at build time -export NGINX_DEFAULT_HTTPS_PORT_NUMBER="8443" -export WEB_SERVER_DEFAULT_HTTPS_PORT_NUMBER="$NGINX_DEFAULT_HTTPS_PORT_NUMBER" # only used at build time - -# NGINX configuration -export NGINX_HTTP_PORT_NUMBER="${NGINX_HTTP_PORT_NUMBER:-}" -export WEB_SERVER_HTTP_PORT_NUMBER="$NGINX_HTTP_PORT_NUMBER" -export NGINX_HTTPS_PORT_NUMBER="${NGINX_HTTPS_PORT_NUMBER:-}" -export WEB_SERVER_HTTPS_PORT_NUMBER="$NGINX_HTTPS_PORT_NUMBER" -export NGINX_SKIP_SAMPLE_CERTS="${NGINX_SKIP_SAMPLE_CERTS:-false}" -export NGINX_ENABLE_ABSOLUTE_REDIRECT="${NGINX_ENABLE_ABSOLUTE_REDIRECT:-no}" -export NGINX_ENABLE_PORT_IN_REDIRECT="${NGINX_ENABLE_PORT_IN_REDIRECT:-no}" - -# Custom environment variables may be defined below diff --git a/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-http-server-block.conf.tpl b/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-http-server-block.conf.tpl deleted file mode 100644 index 4ebeed573889..000000000000 --- a/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-http-server-block.conf.tpl +++ /dev/null @@ -1,16 +0,0 @@ -{{external_configuration}} - -server { - # Port to listen on, can also be set in IP:PORT format - {{http_listen_configuration}} - - root {{document_root}}; - - {{server_name_configuration}} - - {{acl_configuration}} - - {{additional_configuration}} - - include "/opt/bitnami/nginx/conf/bitnami/*.conf"; -} diff --git a/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-https-server-block.conf.tpl b/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-https-server-block.conf.tpl deleted file mode 100644 index 02acfbb055c6..000000000000 --- a/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-https-server-block.conf.tpl +++ /dev/null @@ -1,19 +0,0 @@ -{{external_configuration}} - -server { - # Port to listen on, can also be set in IP:PORT format - {{https_listen_configuration}} - - root {{document_root}}; - - {{server_name_configuration}} - - ssl_certificate bitnami/certs/server.crt; - ssl_certificate_key bitnami/certs/server.key; - - {{acl_configuration}} - - {{additional_configuration}} - - include "/opt/bitnami/nginx/conf/bitnami/*.conf"; -} diff --git a/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-php-prefix.conf.tpl b/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-php-prefix.conf.tpl deleted file mode 100644 index 28bb0393aaa3..000000000000 --- a/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-php-prefix.conf.tpl +++ /dev/null @@ -1,10 +0,0 @@ -location ^~ {{location}} { - alias "{{document_root}}"; - - {{acl_configuration}} - - include "/opt/bitnami/nginx/conf/bitnami/protect-hidden-files.conf"; - include "/opt/bitnami/nginx/conf/bitnami/php-fpm.conf"; -} - -{{additional_configuration}} diff --git a/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-prefix.conf.tpl b/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-prefix.conf.tpl deleted file mode 100644 index b7d04e1e80f7..000000000000 --- a/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/app-prefix.conf.tpl +++ /dev/null @@ -1,9 +0,0 @@ -location ^~ {{location}} { - alias "{{document_root}}"; - - {{acl_configuration}} - - include "/opt/bitnami/nginx/conf/bitnami/protect-hidden-files.conf"; -} - -{{additional_configuration}} diff --git a/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/default-https-server-block.conf b/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/default-https-server-block.conf deleted file mode 100644 index 27284a637c31..000000000000 --- a/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx/bitnami-templates/default-https-server-block.conf +++ /dev/null @@ -1,17 +0,0 @@ -# HTTPS Server -server { - # Port to listen on, can also be set in IP:PORT format - listen 443 ssl; - - ssl_certificate bitnami/certs/server.crt; - ssl_certificate_key bitnami/certs/server.key; - - include "/opt/bitnami/nginx/conf/bitnami/*.conf"; - - location /status { - stub_status on; - access_log off; - allow 127.0.0.1; - deny all; - } -} diff --git a/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx/entrypoint.sh b/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx/entrypoint.sh deleted file mode 100755 index cce4b3e874a3..000000000000 --- a/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx/entrypoint.sh +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/libnginx.sh - -# Load NGINX environment variables -. /opt/bitnami/scripts/nginx-env.sh - -print_welcome_page - -if [[ "$1" = "/opt/bitnami/scripts/nginx/run.sh" ]]; then - info "** Starting NGINX setup **" - /opt/bitnami/scripts/nginx/setup.sh - info "** NGINX setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx/postunpack.sh b/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx/postunpack.sh deleted file mode 100755 index 2ebe0fb36870..000000000000 --- a/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx/postunpack.sh +++ /dev/null @@ -1,74 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libnginx.sh -. /opt/bitnami/scripts/libfs.sh - -# Auxiliar Functions - -######################## -# Unset HTTP_PROXY header to protect vs HTTPPOXY vulnerability -# Ref: https://www.digitalocean.com/community/tutorials/how-to-protect-your-server-against-the-httpoxy-vulnerability -# Globals: -# NGINX_* -# Arguments: -# None -# Returns: -# None -######################### -nginx_patch_httpoxy_vulnerability() { - debug "Unsetting HTTP_PROXY header..." - echo '# Unset the HTTP_PROXY header' >>"${NGINX_CONF_DIR}/fastcgi_params" - echo 'fastcgi_param HTTP_PROXY "";' >>"${NGINX_CONF_DIR}/fastcgi_params" -} - -# Load NGINX environment variables -. /opt/bitnami/scripts/nginx-env.sh - -# Remove unnecessary directories that come with the tarball -rm -rf "${BITNAMI_ROOT_DIR}/certs" "${BITNAMI_ROOT_DIR}/server_blocks" - -# Ensure non-root user has write permissions on a set of directories -for dir in "$NGINX_VOLUME_DIR" "$NGINX_CONF_DIR" "$NGINX_INITSCRIPTS_DIR" "$NGINX_SERVER_BLOCKS_DIR" "${NGINX_CONF_DIR}/bitnami" "${NGINX_CONF_DIR}/bitnami/certs" "$NGINX_LOGS_DIR" "$NGINX_TMP_DIR"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" -done - -# Unset HTTP_PROXY header to protect vs HTTPPOXY vulnerability -nginx_patch_httpoxy_vulnerability - -# Configure default HTTP port -nginx_configure_port "$NGINX_DEFAULT_HTTP_PORT_NUMBER" -# Configure default HTTPS port -nginx_configure_port "$NGINX_DEFAULT_HTTPS_PORT_NUMBER" "${BITNAMI_ROOT_DIR}/scripts/nginx/bitnami-templates/default-https-server-block.conf" - -# shellcheck disable=SC1091 - -# Load additional libraries -. /opt/bitnami/scripts/libfs.sh - -# Users can mount their html sites at /app -mv "${NGINX_BASE_DIR}/html" /app -ln -sf /app "${NGINX_BASE_DIR}/html" - -# Users can mount their certificates at /certs -mv "${NGINX_CONF_DIR}/bitnami/certs" /certs -ln -sf /certs "${NGINX_CONF_DIR}/bitnami/certs" - -ln -sf "/dev/stdout" "${NGINX_LOGS_DIR}/access.log" -ln -sf "/dev/stderr" "${NGINX_LOGS_DIR}/error.log" - -# This file is necessary for avoiding the error -# "unable to write random state" -# Source: https://stackoverflow.com/questions/94445/using-openssl-what-does-unable-to-write-random-state-mean - -touch /.rnd && chmod g+rw /.rnd diff --git a/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx/reload.sh b/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx/reload.sh deleted file mode 100755 index 1b18ed6d9637..000000000000 --- a/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx/reload.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libnginx.sh -. /opt/bitnami/scripts/liblog.sh - -# Load NGINX environment -. /opt/bitnami/scripts/nginx-env.sh - -info "** Reloading NGINX configuration **" -exec "${NGINX_SBIN_DIR}/nginx" -s reload diff --git a/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx/restart.sh b/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx/restart.sh deleted file mode 100755 index deaa515bac32..000000000000 --- a/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx/restart.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libnginx.sh - -# Load NGINX environment variables -. /opt/bitnami/scripts/nginx-env.sh - -/opt/bitnami/scripts/nginx/stop.sh -/opt/bitnami/scripts/nginx/start.sh diff --git a/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx/run.sh b/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx/run.sh deleted file mode 100755 index a2f3b57114d0..000000000000 --- a/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx/run.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libnginx.sh - -# Load NGINX environment variables -. /opt/bitnami/scripts/nginx-env.sh - -info "** Starting NGINX **" -exec "${NGINX_SBIN_DIR}/nginx" -c "$NGINX_CONF_FILE" -g "daemon off;" diff --git a/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx/setup.sh b/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx/setup.sh deleted file mode 100755 index 084490b6ac83..000000000000 --- a/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx/setup.sh +++ /dev/null @@ -1,45 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libnginx.sh - -# Load NGINX environment variables -. /opt/bitnami/scripts/nginx-env.sh - -# Ensure NGINX environment variables settings are valid -nginx_validate - -# Ensure NGINX is stopped when this script ends -trap "nginx_stop" EXIT - -# Ensure NGINX daemon user exists when running as 'root' -am_i_root && ensure_user_exists "$NGINX_DAEMON_USER" --group "$NGINX_DAEMON_GROUP" - -# Configure HTTPS sample block using generated SSL certs -nginx_generate_sample_certs - -# Run init scripts -nginx_custom_init_scripts - -# Fix logging issue when running as root -! am_i_root || chmod o+w "$(readlink /dev/stdout)" "$(readlink /dev/stderr)" - -# Configure HTTPS port number -if [[ -f "${NGINX_CONF_DIR}/bitnami/certs/server.crt" ]] && [[ -n "${NGINX_HTTPS_PORT_NUMBER:-}" ]] && [[ ! -f "${NGINX_SERVER_BLOCKS_DIR}/default-https-server-block.conf" ]] && is_file_writable "${NGINX_SERVER_BLOCKS_DIR}/default-https-server-block.conf"; then - cp "${BITNAMI_ROOT_DIR}/scripts/nginx/bitnami-templates/default-https-server-block.conf" "${NGINX_SERVER_BLOCKS_DIR}/default-https-server-block.conf" -fi - -# Initialize NGINX -nginx_initialize - diff --git a/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx/start.sh b/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx/start.sh deleted file mode 100755 index 1dc8e8e746dd..000000000000 --- a/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx/start.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libnginx.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh - -# Load NGINX environment variables -. /opt/bitnami/scripts/nginx-env.sh - -error_code=0 - -if is_nginx_not_running; then - "${NGINX_SBIN_DIR}/nginx" -c "$NGINX_CONF_FILE" - if ! retry_while "is_nginx_running"; then - error "nginx did not start" - error_code=1 - else - info "nginx started" - fi -else - info "nginx is already running" -fi - -exit "$error_code" diff --git a/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx/status.sh b/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx/status.sh deleted file mode 100755 index 16b35ef1b0e8..000000000000 --- a/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx/status.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libnginx.sh -. /opt/bitnami/scripts/liblog.sh - -# Load NGINX environment variables -. /opt/bitnami/scripts/nginx-env.sh - -if is_nginx_running; then - info "nginx is already running" -else - info "nginx is not running" -fi diff --git a/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx/stop.sh b/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx/stop.sh deleted file mode 100755 index bc6f4f3fd8aa..000000000000 --- a/bitnami/kubeapps-dashboard/2/debian-11/rootfs/opt/bitnami/scripts/nginx/stop.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libnginx.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh - -# Load NGINX environment variables -. /opt/bitnami/scripts/nginx-env.sh - -error_code=0 - -if is_nginx_running; then - BITNAMI_QUIET=1 nginx_stop - if ! retry_while "is_nginx_not_running"; then - error "nginx could not be stopped" - error_code=1 - else - info "nginx stopped" - fi -else - info "nginx is not running" -fi - -exit "$error_code" diff --git a/bitnami/kubeapps-dashboard/2/debian-11/tags-info.yaml b/bitnami/kubeapps-dashboard/2/debian-11/tags-info.yaml deleted file mode 100644 index 6a4080a5f75e..000000000000 --- a/bitnami/kubeapps-dashboard/2/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "2" -- 2-debian-11 -- 2.9.0 -- latest diff --git a/bitnami/kubeapps-oci-catalog/2/debian-11/Dockerfile b/bitnami/kubeapps-oci-catalog/2/debian-11/Dockerfile deleted file mode 100644 index ae868484f49f..000000000000 --- a/bitnami/kubeapps-oci-catalog/2/debian-11/Dockerfile +++ /dev/null @@ -1,52 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-20T08:51:36Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="2.9.0-debian-11-r32" \ - org.opencontainers.image.title="kubeapps-oci-catalog" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="2.9.0" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libgcc-s1 procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "kubeapps-oci-catalog-2.9.0-4-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="2.9.0" \ - BITNAMI_APP_NAME="kubeapps-oci-catalog" \ - PATH="/opt/bitnami/kubeapps-oci-catalog/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "kubeapps-oci-catalog" ] -CMD [ "--help" ] diff --git a/bitnami/kubeapps-oci-catalog/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/kubeapps-oci-catalog/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index adbbb8f2da36..000000000000 --- a/bitnami/kubeapps-oci-catalog/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "kubeapps-oci-catalog": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.9.0-4" - } -} \ No newline at end of file diff --git a/bitnami/kubeapps-oci-catalog/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/kubeapps-oci-catalog/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/kubeapps-oci-catalog/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/kubeapps-oci-catalog/2/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/kubeapps-oci-catalog/2/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/kubeapps-oci-catalog/2/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/kubeapps-oci-catalog/2/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/kubeapps-oci-catalog/2/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/kubeapps-oci-catalog/2/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/kubeapps-oci-catalog/2/debian-11/tags-info.yaml b/bitnami/kubeapps-oci-catalog/2/debian-11/tags-info.yaml deleted file mode 100644 index 6a4080a5f75e..000000000000 --- a/bitnami/kubeapps-oci-catalog/2/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "2" -- 2-debian-11 -- 2.9.0 -- latest diff --git a/bitnami/kubeapps-pinniped-proxy/2/debian-11/Dockerfile b/bitnami/kubeapps-pinniped-proxy/2/debian-11/Dockerfile deleted file mode 100644 index 5292dc660673..000000000000 --- a/bitnami/kubeapps-pinniped-proxy/2/debian-11/Dockerfile +++ /dev/null @@ -1,52 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T13:25:46Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="2.9.0-debian-11-r34" \ - org.opencontainers.image.title="kubeapps-pinniped-proxy" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="2.9.0" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libgcc-s1 libssl1.1 procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "kubeapps-pinniped-proxy-2.9.0-3-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="2.9.0" \ - BITNAMI_APP_NAME="kubeapps-pinniped-proxy" \ - PATH="/opt/bitnami/kubeapps-pinniped-proxy/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "pinniped-proxy" ] -CMD [ "--help" ] diff --git a/bitnami/kubeapps-pinniped-proxy/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/kubeapps-pinniped-proxy/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index e575e265c4a4..000000000000 --- a/bitnami/kubeapps-pinniped-proxy/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "kubeapps-pinniped-proxy": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.9.0-3" - } -} \ No newline at end of file diff --git a/bitnami/kubeapps-pinniped-proxy/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/kubeapps-pinniped-proxy/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/kubeapps-pinniped-proxy/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/kubeapps-pinniped-proxy/2/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/kubeapps-pinniped-proxy/2/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/kubeapps-pinniped-proxy/2/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/kubeapps-pinniped-proxy/2/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/kubeapps-pinniped-proxy/2/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/kubeapps-pinniped-proxy/2/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/kubeapps-pinniped-proxy/2/debian-11/tags-info.yaml b/bitnami/kubeapps-pinniped-proxy/2/debian-11/tags-info.yaml deleted file mode 100644 index 6a4080a5f75e..000000000000 --- a/bitnami/kubeapps-pinniped-proxy/2/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "2" -- 2-debian-11 -- 2.9.0 -- latest diff --git a/bitnami/kubectl/1.26/debian-11/Dockerfile b/bitnami/kubectl/1.26/debian-11/Dockerfile deleted file mode 100644 index 7ed761cc8a88..000000000000 --- a/bitnami/kubectl/1.26/debian-11/Dockerfile +++ /dev/null @@ -1,53 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T16:57:43Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.26.14-debian-11-r6" \ - org.opencontainers.image.title="kubectl" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="1.26.14" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl git jq procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "kubectl-1.26.14-0-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN mkdir /.kube && chmod g+rwX /.kube -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="1.26.14" \ - BITNAMI_APP_NAME="kubectl" \ - PATH="/opt/bitnami/kubectl/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "kubectl" ] -CMD [ "--help" ] diff --git a/bitnami/kubectl/1.26/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/kubectl/1.26/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 43d92396456c..000000000000 --- a/bitnami/kubectl/1.26/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "kubectl": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.26.14-0" - } -} \ No newline at end of file diff --git a/bitnami/kubectl/1.26/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/kubectl/1.26/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/kubectl/1.26/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/kubectl/1.26/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/kubectl/1.26/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/kubectl/1.26/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/kubectl/1.26/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/kubectl/1.26/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/kubectl/1.26/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/kubectl/1.26/debian-11/tags-info.yaml b/bitnami/kubectl/1.26/debian-11/tags-info.yaml deleted file mode 100644 index 581ccc8481a7..000000000000 --- a/bitnami/kubectl/1.26/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "1.26" -- 1.26-debian-11 -- 1.26.14 diff --git a/bitnami/kubectl/1.27/debian-11/Dockerfile b/bitnami/kubectl/1.27/debian-11/Dockerfile deleted file mode 100644 index 80a34deea8a6..000000000000 --- a/bitnami/kubectl/1.27/debian-11/Dockerfile +++ /dev/null @@ -1,53 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T12:38:37Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.27.11-debian-11-r5" \ - org.opencontainers.image.title="kubectl" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="1.27.11" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl git jq procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "kubectl-1.27.11-0-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN mkdir /.kube && chmod g+rwX /.kube -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="1.27.11" \ - BITNAMI_APP_NAME="kubectl" \ - PATH="/opt/bitnami/kubectl/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "kubectl" ] -CMD [ "--help" ] diff --git a/bitnami/kubectl/1.27/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/kubectl/1.27/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 71be663ad856..000000000000 --- a/bitnami/kubectl/1.27/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "kubectl": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.27.11-0" - } -} \ No newline at end of file diff --git a/bitnami/kubectl/1.27/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/kubectl/1.27/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/kubectl/1.27/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/kubectl/1.27/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/kubectl/1.27/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/kubectl/1.27/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/kubectl/1.27/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/kubectl/1.27/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/kubectl/1.27/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/kubectl/1.27/debian-11/tags-info.yaml b/bitnami/kubectl/1.27/debian-11/tags-info.yaml deleted file mode 100644 index 245a6e1b30fc..000000000000 --- a/bitnami/kubectl/1.27/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "1.27" -- 1.27-debian-11 -- 1.27.11 diff --git a/bitnami/kubectl/1.28/debian-11/Dockerfile b/bitnami/kubectl/1.28/debian-11/Dockerfile deleted file mode 100644 index 7aeff67a4847..000000000000 --- a/bitnami/kubectl/1.28/debian-11/Dockerfile +++ /dev/null @@ -1,53 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T16:59:45Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.28.7-debian-11-r6" \ - org.opencontainers.image.title="kubectl" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="1.28.7" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl git jq procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "kubectl-1.28.7-0-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN mkdir /.kube && chmod g+rwX /.kube -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="1.28.7" \ - BITNAMI_APP_NAME="kubectl" \ - PATH="/opt/bitnami/kubectl/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "kubectl" ] -CMD [ "--help" ] diff --git a/bitnami/kubectl/1.28/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/kubectl/1.28/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 48ac8fba8436..000000000000 --- a/bitnami/kubectl/1.28/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "kubectl": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.28.7-0" - } -} \ No newline at end of file diff --git a/bitnami/kubectl/1.28/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/kubectl/1.28/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/kubectl/1.28/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/kubectl/1.28/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/kubectl/1.28/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/kubectl/1.28/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/kubectl/1.28/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/kubectl/1.28/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/kubectl/1.28/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/kubectl/1.28/debian-11/tags-info.yaml b/bitnami/kubectl/1.28/debian-11/tags-info.yaml deleted file mode 100644 index 3e0a6ff1f488..000000000000 --- a/bitnami/kubectl/1.28/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "1.28" -- 1.28-debian-11 -- 1.28.7 diff --git a/bitnami/kubectl/1.29/debian-11/Dockerfile b/bitnami/kubectl/1.29/debian-11/Dockerfile deleted file mode 100644 index 801ad13dbf4c..000000000000 --- a/bitnami/kubectl/1.29/debian-11/Dockerfile +++ /dev/null @@ -1,53 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T13:29:47Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.29.2-debian-11-r5" \ - org.opencontainers.image.title="kubectl" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="1.29.2" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl git jq procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "kubectl-1.29.2-0-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN mkdir /.kube && chmod g+rwX /.kube -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="1.29.2" \ - BITNAMI_APP_NAME="kubectl" \ - PATH="/opt/bitnami/kubectl/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "kubectl" ] -CMD [ "--help" ] diff --git a/bitnami/kubectl/1.29/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/kubectl/1.29/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index b871bd241cca..000000000000 --- a/bitnami/kubectl/1.29/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "kubectl": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.29.2-0" - } -} \ No newline at end of file diff --git a/bitnami/kubectl/1.29/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/kubectl/1.29/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/kubectl/1.29/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/kubectl/1.29/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/kubectl/1.29/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/kubectl/1.29/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/kubectl/1.29/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/kubectl/1.29/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/kubectl/1.29/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/kubectl/1.29/debian-11/tags-info.yaml b/bitnami/kubectl/1.29/debian-11/tags-info.yaml deleted file mode 100644 index 3d03996b1450..000000000000 --- a/bitnami/kubectl/1.29/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "1.29" -- 1.29-debian-11 -- 1.29.2 -- latest diff --git a/bitnami/kuberay-apiserver/1/debian-11/Dockerfile b/bitnami/kuberay-apiserver/1/debian-11/Dockerfile deleted file mode 100644 index 3864ac3a23d6..000000000000 --- a/bitnami/kuberay-apiserver/1/debian-11/Dockerfile +++ /dev/null @@ -1,51 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T16:57:29Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.0.0-debian-11-r25" \ - org.opencontainers.image.title="kuberay-apiserver" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="1.0.0" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "kuberay-apiserver-1.0.0-4-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN useradd -r -u 1001 -g root kuberay-apiserver -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="1.0.0" \ - BITNAMI_APP_NAME="kuberay-apiserver" \ - PATH="/opt/bitnami/kuberay-apiserver/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/kuberay-apiserver/bin/kuberay-apiserver" ] diff --git a/bitnami/kuberay-apiserver/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/kuberay-apiserver/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index ae1491a9af45..000000000000 --- a/bitnami/kuberay-apiserver/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "kuberay-apiserver": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.0-4" - } -} \ No newline at end of file diff --git a/bitnami/kuberay-apiserver/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/kuberay-apiserver/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/kuberay-apiserver/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/kuberay-apiserver/1/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/kuberay-apiserver/1/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/kuberay-apiserver/1/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/kuberay-apiserver/1/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/kuberay-apiserver/1/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/kuberay-apiserver/1/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/kuberay-apiserver/1/debian-11/tags-info.yaml b/bitnami/kuberay-apiserver/1/debian-11/tags-info.yaml deleted file mode 100644 index bb856c8a7b9b..000000000000 --- a/bitnami/kuberay-apiserver/1/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "1" -- 1-debian-11 -- 1.0.0 -- latest diff --git a/bitnami/kuberay-operator/1/debian-11/Dockerfile b/bitnami/kuberay-operator/1/debian-11/Dockerfile deleted file mode 100644 index d9b66b3a1faa..000000000000 --- a/bitnami/kuberay-operator/1/debian-11/Dockerfile +++ /dev/null @@ -1,51 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T13:33:30Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.0.0-debian-11-r27" \ - org.opencontainers.image.title="kuberay" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="1.0.0" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "kuberay-1.0.0-5-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN useradd -r -u 1001 -g root kuberay -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="1.0.0" \ - BITNAMI_APP_NAME="kuberay" \ - PATH="/opt/bitnami/kuberay/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/kuberay/bin/manager" ] diff --git a/bitnami/kuberay-operator/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/kuberay-operator/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 0cfc8f4165a8..000000000000 --- a/bitnami/kuberay-operator/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "kuberay": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.0-5" - } -} \ No newline at end of file diff --git a/bitnami/kuberay-operator/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/kuberay-operator/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/kuberay-operator/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/kuberay-operator/1/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/kuberay-operator/1/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/kuberay-operator/1/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/kuberay-operator/1/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/kuberay-operator/1/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/kuberay-operator/1/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/kuberay-operator/1/debian-11/tags-info.yaml b/bitnami/kuberay-operator/1/debian-11/tags-info.yaml deleted file mode 100644 index bb856c8a7b9b..000000000000 --- a/bitnami/kuberay-operator/1/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "1" -- 1-debian-11 -- 1.0.0 -- latest diff --git a/bitnami/kubernetes-event-exporter/1/debian-11/Dockerfile b/bitnami/kubernetes-event-exporter/1/debian-11/Dockerfile deleted file mode 100644 index e61e888cca81..000000000000 --- a/bitnami/kubernetes-event-exporter/1/debian-11/Dockerfile +++ /dev/null @@ -1,52 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T16:59:11Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.6.1-debian-11-r27" \ - org.opencontainers.image.title="kubernetes-event-exporter" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="1.6.1" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "kubernetes-event-exporter-1.6.1-5-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="1.6.1" \ - BITNAMI_APP_NAME="kubernetes-event-exporter" \ - PATH="/opt/bitnami/kubernetes-event-exporter/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "kubernetes-event-exporter" ] -CMD [ "--help" ] diff --git a/bitnami/kubernetes-event-exporter/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/kubernetes-event-exporter/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 554038d41662..000000000000 --- a/bitnami/kubernetes-event-exporter/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "kubernetes-event-exporter": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.6.1-5" - } -} \ No newline at end of file diff --git a/bitnami/kubernetes-event-exporter/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/kubernetes-event-exporter/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/kubernetes-event-exporter/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/kubernetes-event-exporter/1/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/kubernetes-event-exporter/1/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/kubernetes-event-exporter/1/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/kubernetes-event-exporter/1/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/kubernetes-event-exporter/1/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/kubernetes-event-exporter/1/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/kubernetes-event-exporter/1/debian-11/tags-info.yaml b/bitnami/kubernetes-event-exporter/1/debian-11/tags-info.yaml deleted file mode 100644 index 817e36b64569..000000000000 --- a/bitnami/kubernetes-event-exporter/1/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "1" -- 1-debian-11 -- 1.6.1 -- latest diff --git a/bitnami/kubescape/3/debian-11/Dockerfile b/bitnami/kubescape/3/debian-11/Dockerfile deleted file mode 100644 index 7c28613446dd..000000000000 --- a/bitnami/kubescape/3/debian-11/Dockerfile +++ /dev/null @@ -1,53 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T16:59:01Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="3.0.3-debian-11-r3" \ - org.opencontainers.image.title="kubescape" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="3.0.3" - -ENV HOME="/opt/bitnami/kubescape" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" \ - PATH="/opt/bitnami/kubescape/bin:$PATH" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl jq procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "kubescape-3.0.3-0-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/kubescape/postunpack.sh -ENV APP_VERSION="3.0.3" \ - BITNAMI_APP_NAME="kubescape" - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/kubescape/entrypoint.sh" ] -CMD [ "--help" ] diff --git a/bitnami/kubescape/3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/kubescape/3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 887170381e5a..000000000000 --- a/bitnami/kubescape/3/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "kubescape": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.0.3-0" - } -} \ No newline at end of file diff --git a/bitnami/kubescape/3/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/kubescape/3/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/kubescape/3/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/kubescape/3/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/kubescape/3/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/kubescape/3/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/kubescape/3/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/kubescape/3/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/kubescape/3/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/kubescape/3/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/kubescape/3/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/kubescape/3/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/kubescape/3/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/kubescape/3/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/kubescape/3/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/kubescape/3/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/kubescape/3/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/kubescape/3/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/kubescape/3/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/kubescape/3/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/kubescape/3/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/kubescape/3/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/kubescape/3/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/kubescape/3/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/kubescape/3/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/kubescape/3/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/kubescape/3/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/kubescape/3/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/kubescape/3/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/kubescape/3/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/kubescape/3/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/kubescape/3/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/kubescape/3/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/kubescape/3/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/kubescape/3/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/kubescape/3/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/kubescape/3/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/kubescape/3/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/kubescape/3/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/kubescape/3/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/kubescape/3/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/kubescape/3/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/kubescape/3/debian-11/rootfs/opt/bitnami/scripts/kubescape-env.sh b/bitnami/kubescape/3/debian-11/rootfs/opt/bitnami/scripts/kubescape-env.sh deleted file mode 100644 index 18067cbfefa4..000000000000 --- a/bitnami/kubescape/3/debian-11/rootfs/opt/bitnami/scripts/kubescape-env.sh +++ /dev/null @@ -1,30 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for kubescape - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-kubescape}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# Paths -export KUBESCAPE_BASE_DIR="${BITNAMI_ROOT_DIR}/kubescape" -export KUBESCAPE_CACHE_DIR="${KUBESCAPE_BASE_DIR}/.cache" -export KUBESCAPE_ARTIFACTS_DIR="${KUBESCAPE_BASE_DIR}/.kubescape" -export TANZU_APPLICATION_CATALOG_FILE="${KUBESCAPE_BASE_DIR}/bitnami-catalog.json" - -# Custom environment variables may be defined below diff --git a/bitnami/kubescape/3/debian-11/rootfs/opt/bitnami/scripts/kubescape/entrypoint.sh b/bitnami/kubescape/3/debian-11/rootfs/opt/bitnami/scripts/kubescape/entrypoint.sh deleted file mode 100755 index f26a05470b25..000000000000 --- a/bitnami/kubescape/3/debian-11/rootfs/opt/bitnami/scripts/kubescape/entrypoint.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libkubescape.sh - -# Load Kubescape environment variables -. /opt/bitnami/scripts/kubescape-env.sh - -# Custom action that performs Bitnami OSS assessment -if [[ "$1" = "oss-assessment" ]]; then - kubescape_oss_assessment "$@" -else - exec "kubescape" "$@" -fi - diff --git a/bitnami/kubescape/3/debian-11/rootfs/opt/bitnami/scripts/kubescape/postunpack.sh b/bitnami/kubescape/3/debian-11/rootfs/opt/bitnami/scripts/kubescape/postunpack.sh deleted file mode 100755 index 4b311f34af65..000000000000 --- a/bitnami/kubescape/3/debian-11/rootfs/opt/bitnami/scripts/kubescape/postunpack.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -. /opt/bitnami/scripts/libos.sh - -# Load Kubescape environment variables -. /opt/bitnami/scripts/kubescape-env.sh - -# Download Tanzu Application Catalog list, required for 'oss-assessment' custom action -curl --fail -sLo "${TANZU_APPLICATION_CATALOG_FILE}" "https://api.app-catalog.vmware.com/v1/applications?scope=COMMON&scope=ONLY_CUSTOMERS" - -# Configuring permissions for tmp and logs folders -for dir in "$KUBESCAPE_CACHE_DIR" "$KUBESCAPE_ARTIFACTS_DIR"; do - ensure_dir_exists "$dir" - configure_permissions_ownership "$dir" -g "root" -d "775" -f "664" -done - -# Download kubescape artifacts -# Also ensure permissions are properly configured -kubescape download artifacts -configure_permissions_ownership "$KUBESCAPE_ARTIFACTS_DIR" -g "root" -d "775" -f "664" diff --git a/bitnami/kubescape/3/debian-11/rootfs/opt/bitnami/scripts/libkubescape.sh b/bitnami/kubescape/3/debian-11/rootfs/opt/bitnami/scripts/libkubescape.sh deleted file mode 100644 index 2b90522e6f60..000000000000 --- a/bitnami/kubescape/3/debian-11/rootfs/opt/bitnami/scripts/libkubescape.sh +++ /dev/null @@ -1,66 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Laravel library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Load Kubescape environment variables -. /opt/bitnami/scripts/kubescape-env.sh - - - -kubescape_oss_assessment() { - local project="${2:?missing project argument}" - - if [[ -f "${TANZU_APPLICATION_CATALOG_FILE}" ]]; then - TAC_PRODUCTS=$(jq -r '.[].product.key' "$TANZU_APPLICATION_CATALOG_FILE") - else - error "The Bitnami Catalog JSON file is missing: ${TANZU_APPLICATION_CATALOG_FILE}" - fi - - # By default, all logging outputs are omitted so the command only prints the command result. - # TODO: Add options -o/--output and -l/--logger, so users can either configure a output file and/or custom log level - - debug "Running kubescape scan" - # Run Kubescape scan for the provided project and add custom field 'security' - KUBESCAPE_OUTPUT="$(kubescape scan "$project" --format=json 2> /dev/null | jq '.security = []')" - - debug "Searching images available in Tanzu Application Catalog" - - local -a matching_images - readarray -t project_images < <(echo "$KUBESCAPE_OUTPUT" | jq -r '.resources[]?.object?.spec?.template?.spec?.containers[]?.image') - - for image in "${project_images[@]}"; do - debug "Found image: $image" - # Search for applications available in the Tanzu Application Catalog - for tac_image in $TAC_PRODUCTS; do - # If application is available in TAC, run vulnerability scan for the image and append its result to the Kubescape output - if [[ $image =~ $tac_image ]]; then - debug "Found Tanzu Application Catalog image matching! Adding image '${image}' to the scanning list" - matching_images+=("$image") - break - fi - done - done - - # Filter out duplicated images - read -r -a unique_matching_images <<< "$(echo "${matching_images[@]}" | tr ' ' '\n' | sort -u | tr '\n' ' ')" - - # For each image available in TAC, add a vulnerability report to the original project scan - for image in "${unique_matching_images[@]}"; do - KUBESCAPE_IMAGE_VULNS="$(kubescape scan image "$image" --format=json --logger error | jq --arg image "$image" '{imageID: $image, vulnerabilities: [.matches[].vulnerability | {id, severity}]}')" - KUBESCAPE_OUTPUT="$(jq '.security += [input]' <(echo "$KUBESCAPE_OUTPUT") <(echo "$KUBESCAPE_IMAGE_VULNS"))" - done - - debug "OSS Assessment report successfully generated" - echo "$KUBESCAPE_OUTPUT" -} diff --git a/bitnami/kubescape/3/debian-11/tags-info.yaml b/bitnami/kubescape/3/debian-11/tags-info.yaml deleted file mode 100644 index 3344b55a1d8c..000000000000 --- a/bitnami/kubescape/3/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "3" -- 3-debian-11 -- 3.0.3 -- latest diff --git a/bitnami/laravel/10/debian-11/Dockerfile b/bitnami/laravel/10/debian-11/Dockerfile deleted file mode 100644 index a3ae611f3f2e..000000000000 --- a/bitnami/laravel/10/debian-11/Dockerfile +++ /dev/null @@ -1,61 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T17:02:08Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="10.3.3-debian-11-r9" \ - org.opencontainers.image.title="laravel" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="10.3.3" - -ENV OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libbrotli1 libbsd0 libbz2-1.0 libcom-err2 libcrypt1 libcurl4 libexpat1 libffi7 libfftw3-double3 libfontconfig1 libfreetype6 libgcc-s1 libgcrypt20 libglib2.0-0 libgmp10 libgnutls30 libgomp1 libgpg-error0 libgssapi-krb5-2 libhogweed6 libicu67 libidn2-0 libjpeg62-turbo libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 liblcms2-2 libldap-2.4-2 liblqr-1-0 libltdl7 liblzma5 libmagickcore-6.q16-6 libmagickwand-6.q16-6 libmd0 libmemcached11 libncursesw6 libnettle8 libnghttp2-14 libnsl2 libonig5 libp11-kit0 libpcre3 libpng16-16 libpq5 libpsl5 libreadline8 librtmp1 libsasl2-2 libsodium23 libsqlite3-0 libssh2-1 libssl1.1 libstdc++6 libsybdb5 libtasn1-6 libtidy5deb1 libtinfo6 libtirpc3 libunistring2 libuuid1 libwebp6 libx11-6 libxau6 libxcb1 libxdmcp6 libxext6 libxml2 libxslt1.1 libzip4 procps sqlite3 sudo zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "python-3.11.8-0-linux-${OS_ARCH}-debian-11" \ - "wait-for-port-1.0.7-8-linux-${OS_ARCH}-debian-11" \ - "php-8.2.16-0-linux-${OS_ARCH}-debian-11" \ - "node-18.19.1-0-linux-${OS_ARCH}-debian-11" \ - "laravel-10.3.3-0-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN /build/bitnami-user.sh -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/laravel/postunpack.sh -RUN /opt/bitnami/scripts/php/postunpack.sh -ENV APP_VERSION="10.3.3" \ - BITNAMI_APP_NAME="laravel" \ - NODE_PATH="/opt/bitnami/node/lib/node_modules" \ - PATH="/opt/bitnami/python/bin:/opt/bitnami/common/bin:/opt/bitnami/php/bin:/opt/bitnami/php/sbin:/opt/bitnami/node/bin:$PATH" \ - PHP_ENABLE_OPCACHE="0" - -EXPOSE 3000 8000 - -WORKDIR /app -ENTRYPOINT [ "/opt/bitnami/scripts/laravel/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/laravel/run.sh" ] diff --git a/bitnami/laravel/10/debian-11/prebuildfs/build/bitnami-user.sh b/bitnami/laravel/10/debian-11/prebuildfs/build/bitnami-user.sh deleted file mode 100755 index 45dcdc0bab29..000000000000 --- a/bitnami/laravel/10/debian-11/prebuildfs/build/bitnami-user.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -useradd -ms /bin/bash bitnami -mkdir -p /opt/bitnami -sed -i -e 's/\s*Defaults\s*secure_path\s*=/# Defaults secure_path=/' /etc/sudoers -echo 'bitnami ALL=NOPASSWD: ALL' >> /etc/sudoers diff --git a/bitnami/laravel/10/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/laravel/10/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 4a2433f20493..000000000000 --- a/bitnami/laravel/10/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,32 +0,0 @@ -{ - "laravel": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "10.3.3-0" - }, - "node": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "18.19.1-0" - }, - "php": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "8.2.16-0" - }, - "python": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.11.8-0" - }, - "wait-for-port": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.7-8" - } -} \ No newline at end of file diff --git a/bitnami/laravel/10/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/laravel/10/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/laravel/10/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/laravel/10/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/laravel/10/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/laravel/10/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/laravel/10/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/laravel/10/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/laravel/10/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/laravel/10/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/laravel/10/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/laravel/10/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/laravel/10/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/laravel/10/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/laravel/10/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/laravel/10/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/laravel/10/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/laravel/10/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/laravel/10/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/laravel/10/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/laravel/10/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/laravel/10/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/laravel/10/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/laravel/10/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/laravel/10/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/laravel/10/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/laravel/10/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/laravel/10/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/laravel/10/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/laravel/10/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/laravel/10/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/laravel/10/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/laravel/10/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/laravel/10/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/laravel/10/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/laravel/10/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/laravel/10/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/laravel/10/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/laravel/10/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/laravel/10/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/laravel/10/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/laravel/10/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/laravel/10/debian-11/rootfs/opt/bitnami/scripts/laravel-env.sh b/bitnami/laravel/10/debian-11/rootfs/opt/bitnami/scripts/laravel-env.sh deleted file mode 100644 index a6d8eb5d23dc..000000000000 --- a/bitnami/laravel/10/debian-11/rootfs/opt/bitnami/scripts/laravel-env.sh +++ /dev/null @@ -1,86 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for laravel - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-laravel}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -laravel_env_vars=( - LARAVEL_PORT_NUMBER - LARAVEL_SKIP_COMPOSER_UPDATE - LARAVEL_SKIP_DATABASE - LARAVEL_DATABASE_TYPE - LARAVEL_DATABASE_HOST - LARAVEL_DATABASE_PORT_NUMBER - LARAVEL_DATABASE_NAME - LARAVEL_DATABASE_USER - LARAVEL_DATABASE_PASSWORD - SKIP_COMPOSER_UPDATE - DB_CONNECTION - DB_HOST - DB_PORT - DB_DATABASE - DB_USERNAME - DB_PASSWORD -) -for env_var in "${laravel_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset laravel_env_vars - -# Paths -export LARAVEL_BASE_DIR="${BITNAMI_ROOT_DIR}/laravel" - -# Laravel configuration -export LARAVEL_PORT_NUMBER="${LARAVEL_PORT_NUMBER:-8000}" -LARAVEL_SKIP_COMPOSER_UPDATE="${LARAVEL_SKIP_COMPOSER_UPDATE:-"${SKIP_COMPOSER_UPDATE:-}"}" -export LARAVEL_SKIP_COMPOSER_UPDATE="${LARAVEL_SKIP_COMPOSER_UPDATE:-no}" -export LARAVEL_SKIP_DATABASE="${LARAVEL_SKIP_DATABASE:-no}" # only used during the first initialization - -# Database configuration -LARAVEL_DATABASE_TYPE="${LARAVEL_DATABASE_TYPE:-"${DB_CONNECTION:-}"}" -export LARAVEL_DATABASE_TYPE="${LARAVEL_DATABASE_TYPE:-mysql}" -export DB_CONNECTION="$LARAVEL_DATABASE_TYPE" # only used during the first initialization -LARAVEL_DATABASE_HOST="${LARAVEL_DATABASE_HOST:-"${DB_HOST:-}"}" -export LARAVEL_DATABASE_HOST="${LARAVEL_DATABASE_HOST:-mariadb}" -export DB_HOST="$LARAVEL_DATABASE_HOST" # only used during the first initialization -LARAVEL_DATABASE_PORT_NUMBER="${LARAVEL_DATABASE_PORT_NUMBER:-"${DB_PORT:-}"}" -export LARAVEL_DATABASE_PORT_NUMBER="${LARAVEL_DATABASE_PORT_NUMBER:-3306}" -export DB_PORT="$LARAVEL_DATABASE_PORT_NUMBER" # only used during the first initialization -LARAVEL_DATABASE_NAME="${LARAVEL_DATABASE_NAME:-"${DB_DATABASE:-}"}" -export LARAVEL_DATABASE_NAME="${LARAVEL_DATABASE_NAME:-bitnami_myapp}" -export DB_DATABASE="$LARAVEL_DATABASE_NAME" # only used during the first initialization -LARAVEL_DATABASE_USER="${LARAVEL_DATABASE_USER:-"${DB_USERNAME:-}"}" -export LARAVEL_DATABASE_USER="${LARAVEL_DATABASE_USER:-bn_myapp}" -export DB_USERNAME="$LARAVEL_DATABASE_USER" # only used during the first initialization -LARAVEL_DATABASE_PASSWORD="${LARAVEL_DATABASE_PASSWORD:-"${DB_PASSWORD:-}"}" -export LARAVEL_DATABASE_PASSWORD="${LARAVEL_DATABASE_PASSWORD:-}" -export DB_PASSWORD="$LARAVEL_DATABASE_PASSWORD" # only used during the first initialization - -# Custom environment variables may be defined below diff --git a/bitnami/laravel/10/debian-11/rootfs/opt/bitnami/scripts/laravel/entrypoint.sh b/bitnami/laravel/10/debian-11/rootfs/opt/bitnami/scripts/laravel/entrypoint.sh deleted file mode 100755 index b9b355cf63cc..000000000000 --- a/bitnami/laravel/10/debian-11/rootfs/opt/bitnami/scripts/laravel/entrypoint.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Load Laravel environment -. /opt/bitnami/scripts/laravel-env.sh - -print_welcome_page - -if [[ "$*" = *"/opt/bitnami/scripts/laravel/run.sh"* ]]; then - info "** Running Laravel setup **" - /opt/bitnami/scripts/php/setup.sh - /opt/bitnami/scripts/laravel/setup.sh - /post-init.sh - info "** Laravel setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/laravel/10/debian-11/rootfs/opt/bitnami/scripts/laravel/postunpack.sh b/bitnami/laravel/10/debian-11/rootfs/opt/bitnami/scripts/laravel/postunpack.sh deleted file mode 100755 index 051d05702315..000000000000 --- a/bitnami/laravel/10/debian-11/rootfs/opt/bitnami/scripts/laravel/postunpack.sh +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblaravel.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh - -# Load Laravel environment -. /opt/bitnami/scripts/laravel-env.sh - -# Ensure required directories exist -ensure_dir_exists "/app" -configure_permissions_ownership "/app" -d "775" -f "664" diff --git a/bitnami/laravel/10/debian-11/rootfs/opt/bitnami/scripts/laravel/run.sh b/bitnami/laravel/10/debian-11/rootfs/opt/bitnami/scripts/laravel/run.sh deleted file mode 100755 index cf22f6dfbd49..000000000000 --- a/bitnami/laravel/10/debian-11/rootfs/opt/bitnami/scripts/laravel/run.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblaravel.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libservice.sh - -# Load Laravel environment -. /opt/bitnami/scripts/laravel-env.sh - -cd /app - -declare -a start_flags=("artisan" "serve" "--host=0.0.0.0" "--port=${LARAVEL_PORT_NUMBER}") -start_flags+=("$@") - -info "** Starting Laravel project **" -php "${start_flags[@]}" diff --git a/bitnami/laravel/10/debian-11/rootfs/opt/bitnami/scripts/laravel/setup.sh b/bitnami/laravel/10/debian-11/rootfs/opt/bitnami/scripts/laravel/setup.sh deleted file mode 100755 index 2342ed5070d1..000000000000 --- a/bitnami/laravel/10/debian-11/rootfs/opt/bitnami/scripts/laravel/setup.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblaravel.sh - -# Load Laravel environment -. /opt/bitnami/scripts/laravel-env.sh - -# Ensure Laravel environment variables are valid -laravel_validate - -# Ensure Laravel app is initialized -laravel_initialize - -# Ensure all folders in /app are writable by the non-root "bitnami" user -chown -R bitnami:bitnami /app diff --git a/bitnami/laravel/10/debian-11/rootfs/opt/bitnami/scripts/liblaravel.sh b/bitnami/laravel/10/debian-11/rootfs/opt/bitnami/scripts/liblaravel.sh deleted file mode 100644 index dc2995dfc031..000000000000 --- a/bitnami/laravel/10/debian-11/rootfs/opt/bitnami/scripts/liblaravel.sh +++ /dev/null @@ -1,104 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Laravel library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/libvalidations.sh - -######################## -# Validate settings in LARAVEL_* env vars -# Globals: -# LARAVEL_* -# Arguments: -# None -# Returns: -# None -######################### -laravel_validate() { - info "Validating settings in LARAVEL_* environment variables..." - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - check_empty_value() { - if is_empty_value "${!1}"; then - print_validation_error "${1} must be set" - fi - } - check_yes_no_value() { - if ! is_yes_no_value "${!1}" && ! is_true_false_value "${!1}"; then - print_validation_error "The allowed values for ${1} are: yes no" - fi - } - check_resolved_hostname() { - if ! is_hostname_resolved "$1"; then - warn "Hostname ${1} could not be resolved, this could lead to connection issues" - fi - } - check_valid_port() { - local port_var="${1:?missing port variable}" - local err - if ! err="$(validate_port "${!port_var}")"; then - print_validation_error "An invalid port was specified in the environment variable ${port_var}: ${err}." - fi - } - - # Validate user inputs - check_yes_no_value "LARAVEL_SKIP_COMPOSER_UPDATE" - check_yes_no_value "LARAVEL_SKIP_DATABASE" - - # Database configuration validations - check_resolved_hostname "$LARAVEL_DATABASE_HOST" - check_valid_port "LARAVEL_DATABASE_PORT_NUMBER" - - return "$error_code" -} - -######################## -# Ensure the Laravel app is initialized -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -laravel_initialize() { - if is_dir_empty "/app"; then - info "Creating Laravel application in /app" - cp -r "${LARAVEL_BASE_DIR}/." . - - info "Regenerating APP_KEY" - debug_execute php artisan key:generate --ansi - - if ! is_boolean_yes "$LARAVEL_SKIP_COMPOSER_UPDATE"; then - log "Updating dependencies" - debug_execute composer update - fi - - info "Trying to connect to the database server" - if ! retry_while "debug_execute wait-for-port --timeout 5 --host ${LARAVEL_DATABASE_HOST} ${LARAVEL_DATABASE_PORT_NUMBER}"; then - error "Could not connect to the database" - return 1 - fi - - info "Executing database migrations" - debug_execute php artisan migrate - else - info "An existing project was detected, skipping project creation" - fi - - # Avoid exit code of previous commands to affect the result of this function - true -} diff --git a/bitnami/laravel/10/debian-11/rootfs/opt/bitnami/scripts/libphp.sh b/bitnami/laravel/10/debian-11/rootfs/opt/bitnami/scripts/libphp.sh deleted file mode 100644 index a107519847f5..000000000000 --- a/bitnami/laravel/10/debian-11/rootfs/opt/bitnami/scripts/libphp.sh +++ /dev/null @@ -1,260 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami PHP library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libwebserver.sh - -######################## -# Add or modify an entry in the main PHP configuration file (php.ini) -# Globals: -# PHP_CONF_FILE -# Arguments: -# $1 - Key -# $2 - Value -# $3 - File to modify (default: $PHP_CONF_FILE) -# Returns: -# None -######################### -php_conf_set() { - local -r key="${1:?key missing}" - local -r value="${2:?value missing}" - local -r file="${3:-"$PHP_CONF_FILE"}" - local pattern="^[; ]*${key}\s*=.*$" - if [[ "$key" = "extension" || "$key" = "zend_extension" ]]; then - # The "extension" property works a bit different for PHP, as there is one per module to be included, meaning it is additive unlike other configurations - # Because of that, we first check if the extension was defined in the file to replace the proper entry - pattern="^[; ]*${key}\s*=\s*[\"]?${value}(\.so)?[\"]?\s*$" - fi - local -r entry="${key} = ${value}" - if is_file_writable "$file"; then - # Not using the ini-file tool since it does not play well with php.ini - if grep -q -E "$pattern" "$file"; then - replace_in_file "$file" "$pattern" "$entry" - else - cat >> "$file" <<< "$entry" - fi - else - warn "The PHP configuration file '${file}' is not writable. The '${key}' option will not be configured." - fi -} - -######################## -# Ensure PHP is initialized -# Globals: -# PHP_* -# Arguments: -# None -# Returns: -# None -######################### -php_initialize() { - # Configure PHP options based on the runtime environment - info "Configuring PHP options" - php_set_runtime_config "$PHP_CONF_FILE" - - # PHP-FPM configuration - ! is_empty_value "$PHP_FPM_LISTEN_ADDRESS" && info "Setting PHP-FPM listen option" && php_conf_set "listen" "$PHP_FPM_LISTEN_ADDRESS" "${PHP_CONF_DIR}/php-fpm.d/www.conf" - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Set PHP runtime options, based on user-provided environment variables -# Globals: -# PHP_* -# Arguments: -# None -# Returns: -# None -######################### -php_set_runtime_config() { - local -r conf_file="${1:?missing conf file}" - - ! is_empty_value "$PHP_DATE_TIMEZONE" && info "Setting PHP date.timezone option" && php_conf_set date.timezone "$PHP_DATE_TIMEZONE" "$conf_file" - ! is_empty_value "$PHP_ENABLE_OPCACHE" && info "Setting PHP opcache.enable option" && php_conf_set opcache.enable "$PHP_ENABLE_OPCACHE" "$conf_file" - ! is_empty_value "$PHP_EXPOSE_PHP" && info "Setting PHP expose_php option" && php_conf_set expose_php "$PHP_EXPOSE_PHP" "$conf_file" - ! is_empty_value "$PHP_MAX_EXECUTION_TIME" && info "Setting PHP max_execution_time option" && php_conf_set max_execution_time "$PHP_MAX_EXECUTION_TIME" "$conf_file" - ! is_empty_value "$PHP_MAX_INPUT_TIME" && info "Setting PHP max_input_time option" && php_conf_set max_input_time "$PHP_MAX_INPUT_TIME" "$conf_file" - ! is_empty_value "$PHP_MAX_INPUT_VARS" && info "Setting PHP max_input_vars option" && php_conf_set max_input_vars "$PHP_MAX_INPUT_VARS" "$conf_file" - ! is_empty_value "$PHP_MEMORY_LIMIT" && info "Setting PHP memory_limit option" && php_conf_set memory_limit "$PHP_MEMORY_LIMIT" "$conf_file" - ! is_empty_value "$PHP_POST_MAX_SIZE" && info "Setting PHP post_max_size option" && php_conf_set post_max_size "$PHP_POST_MAX_SIZE" "$conf_file" - ! is_empty_value "$PHP_UPLOAD_MAX_FILESIZE" && info "Setting PHP upload_max_filesize option" && php_conf_set upload_max_filesize "$PHP_UPLOAD_MAX_FILESIZE" "$conf_file" - ! is_empty_value "$PHP_OUTPUT_BUFFERING" && info "Setting PHP output_buffering option" && php_conf_set output_buffering "$PHP_OUTPUT_BUFFERING" "$conf_file" - - true -} - -######################## -# Convert a yes/no value to a PHP boolean -# Globals: -# None -# Arguments: -# $1 - yes/no value -# Returns: -# None -######################### -php_convert_to_boolean() { - local -r value="${1:?missing value}" - is_boolean_yes "$value" && echo "true" || echo "false" -} - -######################## -# Execute/run PHP code and print to stdout -# Globals: -# None -# Stdin: -# Code to execute -# Arguments: -# $1..$n - Input arguments to script -# Returns: -# None -######################### -php_execute_print_output() { - local php_cmd - # Obtain the command specified via stdin - php_cmd="$(/dev/null 2>&1 & - if ! retry_while "is_php_fpm_running"; then - error "php-fpm did not start" - error_code=1 - else - info "php-fpm started" - fi -else - info "php-fpm is already running" -fi - -exit "$error_code" diff --git a/bitnami/laravel/10/debian-11/rootfs/opt/bitnami/scripts/php/status.sh b/bitnami/laravel/10/debian-11/rootfs/opt/bitnami/scripts/php/status.sh deleted file mode 100755 index fcb71cf40410..000000000000 --- a/bitnami/laravel/10/debian-11/rootfs/opt/bitnami/scripts/php/status.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libphp.sh -. /opt/bitnami/scripts/liblog.sh - -# Load PHP-FPM environment variables -. /opt/bitnami/scripts/php-env.sh - -if is_php_fpm_running; then - info "php-fpm is already running" -else - info "php-fpm is not running" -fi diff --git a/bitnami/laravel/10/debian-11/rootfs/opt/bitnami/scripts/php/stop.sh b/bitnami/laravel/10/debian-11/rootfs/opt/bitnami/scripts/php/stop.sh deleted file mode 100755 index 153f256030eb..000000000000 --- a/bitnami/laravel/10/debian-11/rootfs/opt/bitnami/scripts/php/stop.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libphp.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh - -# Load PHP-FPM environment variables -. /opt/bitnami/scripts/php-env.sh - -error_code=0 - -if is_php_fpm_running; then - BITNAMI_QUIET=1 php_fpm_stop - if ! retry_while "is_php_fpm_not_running"; then - error "php-fpm could not be stopped" - error_code=1 - else - info "php-fpm stopped" - fi -else - info "php-fpm is not running" -fi - -exit "$error_code" diff --git a/bitnami/laravel/10/debian-11/rootfs/post-init.d/php.sh b/bitnami/laravel/10/debian-11/rootfs/post-init.d/php.sh deleted file mode 100755 index 75fbeb8b58bc..000000000000 --- a/bitnami/laravel/10/debian-11/rootfs/post-init.d/php.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Executes custom PHP init scripts - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries with logging functions -if [[ -f /opt/bitnami/base/functions ]]; then - . /opt/bitnami/base/functions -else - . /opt/bitnami/scripts/liblog.sh -fi - -# Loop through all input files passed via stdin -read -r -a custom_init_scripts <<< "$@" -failure=0 -if [[ "${#custom_init_scripts[@]}" -gt 0 ]]; then - for custom_init_script in "${custom_init_scripts[@]}"; do - [[ "$custom_init_script" != *".php" ]] && continue - info "Executing ${custom_init_script} with PHP interpreter" - php "$custom_init_script" || failure=1 - [[ "$failure" -ne 0 ]] && error "Failed to execute ${custom_init_script}" - done -fi - -exit "$failure" diff --git a/bitnami/laravel/10/debian-11/rootfs/post-init.d/shell.sh b/bitnami/laravel/10/debian-11/rootfs/post-init.d/shell.sh deleted file mode 100755 index 15ec2defbee7..000000000000 --- a/bitnami/laravel/10/debian-11/rootfs/post-init.d/shell.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Executes custom Bash init scripts - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries with logging functions -if [[ -f /opt/bitnami/base/functions ]]; then - . /opt/bitnami/base/functions -else - . /opt/bitnami/scripts/liblog.sh -fi - -# Loop through all input files passed via stdin -read -r -a custom_init_scripts <<< "$@" -failure=0 -if [[ "${#custom_init_scripts[@]}" -gt 0 ]]; then - for custom_init_script in "${custom_init_scripts[@]}"; do - [[ "$custom_init_script" != *".sh" ]] && continue - if [[ -x "$custom_init_script" ]]; then - info "Executing ${custom_init_script}" - "$custom_init_script" || failure="1" - else - info "Sourcing ${custom_init_script} as it is not executable by the current user, any error may cause initialization to fail" - . "$custom_init_script" - fi - [[ "$failure" -ne 0 ]] && error "Failed to execute ${custom_init_script}" - done -fi - -exit "$failure" diff --git a/bitnami/laravel/10/debian-11/rootfs/post-init.sh b/bitnami/laravel/10/debian-11/rootfs/post-init.sh deleted file mode 100755 index 514c691870b4..000000000000 --- a/bitnami/laravel/10/debian-11/rootfs/post-init.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Only execute init scripts once -if [[ ! -f "/bitnami/laravel/.user_scripts_initialized" && -d "/docker-entrypoint-init.d" ]]; then - read -r -a init_scripts <<< "$(find "/docker-entrypoint-init.d" -type f -print0 | sort -z | xargs -0)" - if [[ "${#init_scripts[@]}" -gt 0 ]] && [[ ! -f "/bitnami/laravel/.user_scripts_initialized" ]]; then - mkdir -p "/bitnami/laravel" - for init_script in "${init_scripts[@]}"; do - for init_script_type_handler in /post-init.d/*.sh; do - "$init_script_type_handler" "$init_script" - done - done - fi - - touch "/bitnami/laravel/.user_scripts_initialized" -fi diff --git a/bitnami/laravel/10/debian-11/tags-info.yaml b/bitnami/laravel/10/debian-11/tags-info.yaml deleted file mode 100644 index 03a3035f550c..000000000000 --- a/bitnami/laravel/10/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "10" -- 10-debian-11 -- 10.3.3 -- latest diff --git a/bitnami/laravel/9/debian-11/Dockerfile b/bitnami/laravel/9/debian-11/Dockerfile deleted file mode 100644 index 373713eb8050..000000000000 --- a/bitnami/laravel/9/debian-11/Dockerfile +++ /dev/null @@ -1,61 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T17:01:58Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="9.5.2-debian-11-r151" \ - org.opencontainers.image.title="laravel" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="9.5.2" - -ENV OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libbrotli1 libbsd0 libbz2-1.0 libcom-err2 libcrypt1 libcurl4 libexpat1 libffi7 libfftw3-double3 libfontconfig1 libfreetype6 libgcc-s1 libgcrypt20 libglib2.0-0 libgmp10 libgnutls30 libgomp1 libgpg-error0 libgssapi-krb5-2 libhogweed6 libicu67 libidn2-0 libjpeg62-turbo libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 liblcms2-2 libldap-2.4-2 liblqr-1-0 libltdl7 liblzma5 libmagickcore-6.q16-6 libmagickwand-6.q16-6 libmd0 libmemcached11 libncursesw6 libnettle8 libnghttp2-14 libnsl2 libonig5 libp11-kit0 libpcre3 libpng16-16 libpq5 libpsl5 libreadline8 librtmp1 libsasl2-2 libsodium23 libsqlite3-0 libssh2-1 libssl1.1 libstdc++6 libsybdb5 libtasn1-6 libtidy5deb1 libtinfo6 libtirpc3 libunistring2 libuuid1 libwebp6 libx11-6 libxau6 libxcb1 libxdmcp6 libxext6 libxml2 libxslt1.1 libzip4 procps sqlite3 sudo zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "python-3.11.8-0-linux-${OS_ARCH}-debian-11" \ - "wait-for-port-1.0.7-8-linux-${OS_ARCH}-debian-11" \ - "php-8.2.16-0-linux-${OS_ARCH}-debian-11" \ - "node-18.19.1-0-linux-${OS_ARCH}-debian-11" \ - "laravel-9.5.2-13-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN /build/bitnami-user.sh -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/laravel/postunpack.sh -RUN /opt/bitnami/scripts/php/postunpack.sh -ENV APP_VERSION="9.5.2" \ - BITNAMI_APP_NAME="laravel" \ - NODE_PATH="/opt/bitnami/node/lib/node_modules" \ - PATH="/opt/bitnami/python/bin:/opt/bitnami/common/bin:/opt/bitnami/php/bin:/opt/bitnami/php/sbin:/opt/bitnami/node/bin:$PATH" \ - PHP_ENABLE_OPCACHE="0" - -EXPOSE 3000 8000 - -WORKDIR /app -ENTRYPOINT [ "/opt/bitnami/scripts/laravel/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/laravel/run.sh" ] diff --git a/bitnami/laravel/9/debian-11/prebuildfs/build/bitnami-user.sh b/bitnami/laravel/9/debian-11/prebuildfs/build/bitnami-user.sh deleted file mode 100755 index 45dcdc0bab29..000000000000 --- a/bitnami/laravel/9/debian-11/prebuildfs/build/bitnami-user.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -useradd -ms /bin/bash bitnami -mkdir -p /opt/bitnami -sed -i -e 's/\s*Defaults\s*secure_path\s*=/# Defaults secure_path=/' /etc/sudoers -echo 'bitnami ALL=NOPASSWD: ALL' >> /etc/sudoers diff --git a/bitnami/laravel/9/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/laravel/9/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 4a6ffedf96b7..000000000000 --- a/bitnami/laravel/9/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,32 +0,0 @@ -{ - "laravel": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "9.5.2-13" - }, - "node": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "18.19.1-0" - }, - "php": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "8.2.16-0" - }, - "python": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.11.8-0" - }, - "wait-for-port": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.7-8" - } -} \ No newline at end of file diff --git a/bitnami/laravel/9/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/laravel/9/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/laravel/9/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/laravel/9/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/laravel/9/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/laravel/9/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/laravel/9/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/laravel/9/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/laravel/9/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/laravel/9/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/laravel/9/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/laravel/9/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/laravel/9/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/laravel/9/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/laravel/9/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/laravel/9/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/laravel/9/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/laravel/9/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/laravel/9/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/laravel/9/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/laravel/9/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/laravel/9/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/laravel/9/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/laravel/9/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/laravel/9/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/laravel/9/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/laravel/9/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/laravel/9/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/laravel/9/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/laravel/9/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/laravel/9/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/laravel/9/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/laravel/9/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/laravel/9/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/laravel/9/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/laravel/9/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/laravel/9/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/laravel/9/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/laravel/9/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/laravel/9/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/laravel/9/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/laravel/9/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/laravel/9/debian-11/rootfs/opt/bitnami/scripts/laravel-env.sh b/bitnami/laravel/9/debian-11/rootfs/opt/bitnami/scripts/laravel-env.sh deleted file mode 100644 index a6d8eb5d23dc..000000000000 --- a/bitnami/laravel/9/debian-11/rootfs/opt/bitnami/scripts/laravel-env.sh +++ /dev/null @@ -1,86 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for laravel - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-laravel}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -laravel_env_vars=( - LARAVEL_PORT_NUMBER - LARAVEL_SKIP_COMPOSER_UPDATE - LARAVEL_SKIP_DATABASE - LARAVEL_DATABASE_TYPE - LARAVEL_DATABASE_HOST - LARAVEL_DATABASE_PORT_NUMBER - LARAVEL_DATABASE_NAME - LARAVEL_DATABASE_USER - LARAVEL_DATABASE_PASSWORD - SKIP_COMPOSER_UPDATE - DB_CONNECTION - DB_HOST - DB_PORT - DB_DATABASE - DB_USERNAME - DB_PASSWORD -) -for env_var in "${laravel_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset laravel_env_vars - -# Paths -export LARAVEL_BASE_DIR="${BITNAMI_ROOT_DIR}/laravel" - -# Laravel configuration -export LARAVEL_PORT_NUMBER="${LARAVEL_PORT_NUMBER:-8000}" -LARAVEL_SKIP_COMPOSER_UPDATE="${LARAVEL_SKIP_COMPOSER_UPDATE:-"${SKIP_COMPOSER_UPDATE:-}"}" -export LARAVEL_SKIP_COMPOSER_UPDATE="${LARAVEL_SKIP_COMPOSER_UPDATE:-no}" -export LARAVEL_SKIP_DATABASE="${LARAVEL_SKIP_DATABASE:-no}" # only used during the first initialization - -# Database configuration -LARAVEL_DATABASE_TYPE="${LARAVEL_DATABASE_TYPE:-"${DB_CONNECTION:-}"}" -export LARAVEL_DATABASE_TYPE="${LARAVEL_DATABASE_TYPE:-mysql}" -export DB_CONNECTION="$LARAVEL_DATABASE_TYPE" # only used during the first initialization -LARAVEL_DATABASE_HOST="${LARAVEL_DATABASE_HOST:-"${DB_HOST:-}"}" -export LARAVEL_DATABASE_HOST="${LARAVEL_DATABASE_HOST:-mariadb}" -export DB_HOST="$LARAVEL_DATABASE_HOST" # only used during the first initialization -LARAVEL_DATABASE_PORT_NUMBER="${LARAVEL_DATABASE_PORT_NUMBER:-"${DB_PORT:-}"}" -export LARAVEL_DATABASE_PORT_NUMBER="${LARAVEL_DATABASE_PORT_NUMBER:-3306}" -export DB_PORT="$LARAVEL_DATABASE_PORT_NUMBER" # only used during the first initialization -LARAVEL_DATABASE_NAME="${LARAVEL_DATABASE_NAME:-"${DB_DATABASE:-}"}" -export LARAVEL_DATABASE_NAME="${LARAVEL_DATABASE_NAME:-bitnami_myapp}" -export DB_DATABASE="$LARAVEL_DATABASE_NAME" # only used during the first initialization -LARAVEL_DATABASE_USER="${LARAVEL_DATABASE_USER:-"${DB_USERNAME:-}"}" -export LARAVEL_DATABASE_USER="${LARAVEL_DATABASE_USER:-bn_myapp}" -export DB_USERNAME="$LARAVEL_DATABASE_USER" # only used during the first initialization -LARAVEL_DATABASE_PASSWORD="${LARAVEL_DATABASE_PASSWORD:-"${DB_PASSWORD:-}"}" -export LARAVEL_DATABASE_PASSWORD="${LARAVEL_DATABASE_PASSWORD:-}" -export DB_PASSWORD="$LARAVEL_DATABASE_PASSWORD" # only used during the first initialization - -# Custom environment variables may be defined below diff --git a/bitnami/laravel/9/debian-11/rootfs/opt/bitnami/scripts/laravel/entrypoint.sh b/bitnami/laravel/9/debian-11/rootfs/opt/bitnami/scripts/laravel/entrypoint.sh deleted file mode 100755 index b9b355cf63cc..000000000000 --- a/bitnami/laravel/9/debian-11/rootfs/opt/bitnami/scripts/laravel/entrypoint.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Load Laravel environment -. /opt/bitnami/scripts/laravel-env.sh - -print_welcome_page - -if [[ "$*" = *"/opt/bitnami/scripts/laravel/run.sh"* ]]; then - info "** Running Laravel setup **" - /opt/bitnami/scripts/php/setup.sh - /opt/bitnami/scripts/laravel/setup.sh - /post-init.sh - info "** Laravel setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/laravel/9/debian-11/rootfs/opt/bitnami/scripts/laravel/postunpack.sh b/bitnami/laravel/9/debian-11/rootfs/opt/bitnami/scripts/laravel/postunpack.sh deleted file mode 100755 index 051d05702315..000000000000 --- a/bitnami/laravel/9/debian-11/rootfs/opt/bitnami/scripts/laravel/postunpack.sh +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblaravel.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh - -# Load Laravel environment -. /opt/bitnami/scripts/laravel-env.sh - -# Ensure required directories exist -ensure_dir_exists "/app" -configure_permissions_ownership "/app" -d "775" -f "664" diff --git a/bitnami/laravel/9/debian-11/rootfs/opt/bitnami/scripts/laravel/run.sh b/bitnami/laravel/9/debian-11/rootfs/opt/bitnami/scripts/laravel/run.sh deleted file mode 100755 index cf22f6dfbd49..000000000000 --- a/bitnami/laravel/9/debian-11/rootfs/opt/bitnami/scripts/laravel/run.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblaravel.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libservice.sh - -# Load Laravel environment -. /opt/bitnami/scripts/laravel-env.sh - -cd /app - -declare -a start_flags=("artisan" "serve" "--host=0.0.0.0" "--port=${LARAVEL_PORT_NUMBER}") -start_flags+=("$@") - -info "** Starting Laravel project **" -php "${start_flags[@]}" diff --git a/bitnami/laravel/9/debian-11/rootfs/opt/bitnami/scripts/laravel/setup.sh b/bitnami/laravel/9/debian-11/rootfs/opt/bitnami/scripts/laravel/setup.sh deleted file mode 100755 index 2342ed5070d1..000000000000 --- a/bitnami/laravel/9/debian-11/rootfs/opt/bitnami/scripts/laravel/setup.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblaravel.sh - -# Load Laravel environment -. /opt/bitnami/scripts/laravel-env.sh - -# Ensure Laravel environment variables are valid -laravel_validate - -# Ensure Laravel app is initialized -laravel_initialize - -# Ensure all folders in /app are writable by the non-root "bitnami" user -chown -R bitnami:bitnami /app diff --git a/bitnami/laravel/9/debian-11/rootfs/opt/bitnami/scripts/liblaravel.sh b/bitnami/laravel/9/debian-11/rootfs/opt/bitnami/scripts/liblaravel.sh deleted file mode 100644 index dc2995dfc031..000000000000 --- a/bitnami/laravel/9/debian-11/rootfs/opt/bitnami/scripts/liblaravel.sh +++ /dev/null @@ -1,104 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Laravel library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/libvalidations.sh - -######################## -# Validate settings in LARAVEL_* env vars -# Globals: -# LARAVEL_* -# Arguments: -# None -# Returns: -# None -######################### -laravel_validate() { - info "Validating settings in LARAVEL_* environment variables..." - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - check_empty_value() { - if is_empty_value "${!1}"; then - print_validation_error "${1} must be set" - fi - } - check_yes_no_value() { - if ! is_yes_no_value "${!1}" && ! is_true_false_value "${!1}"; then - print_validation_error "The allowed values for ${1} are: yes no" - fi - } - check_resolved_hostname() { - if ! is_hostname_resolved "$1"; then - warn "Hostname ${1} could not be resolved, this could lead to connection issues" - fi - } - check_valid_port() { - local port_var="${1:?missing port variable}" - local err - if ! err="$(validate_port "${!port_var}")"; then - print_validation_error "An invalid port was specified in the environment variable ${port_var}: ${err}." - fi - } - - # Validate user inputs - check_yes_no_value "LARAVEL_SKIP_COMPOSER_UPDATE" - check_yes_no_value "LARAVEL_SKIP_DATABASE" - - # Database configuration validations - check_resolved_hostname "$LARAVEL_DATABASE_HOST" - check_valid_port "LARAVEL_DATABASE_PORT_NUMBER" - - return "$error_code" -} - -######################## -# Ensure the Laravel app is initialized -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -laravel_initialize() { - if is_dir_empty "/app"; then - info "Creating Laravel application in /app" - cp -r "${LARAVEL_BASE_DIR}/." . - - info "Regenerating APP_KEY" - debug_execute php artisan key:generate --ansi - - if ! is_boolean_yes "$LARAVEL_SKIP_COMPOSER_UPDATE"; then - log "Updating dependencies" - debug_execute composer update - fi - - info "Trying to connect to the database server" - if ! retry_while "debug_execute wait-for-port --timeout 5 --host ${LARAVEL_DATABASE_HOST} ${LARAVEL_DATABASE_PORT_NUMBER}"; then - error "Could not connect to the database" - return 1 - fi - - info "Executing database migrations" - debug_execute php artisan migrate - else - info "An existing project was detected, skipping project creation" - fi - - # Avoid exit code of previous commands to affect the result of this function - true -} diff --git a/bitnami/laravel/9/debian-11/rootfs/opt/bitnami/scripts/libphp.sh b/bitnami/laravel/9/debian-11/rootfs/opt/bitnami/scripts/libphp.sh deleted file mode 100644 index a107519847f5..000000000000 --- a/bitnami/laravel/9/debian-11/rootfs/opt/bitnami/scripts/libphp.sh +++ /dev/null @@ -1,260 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami PHP library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libwebserver.sh - -######################## -# Add or modify an entry in the main PHP configuration file (php.ini) -# Globals: -# PHP_CONF_FILE -# Arguments: -# $1 - Key -# $2 - Value -# $3 - File to modify (default: $PHP_CONF_FILE) -# Returns: -# None -######################### -php_conf_set() { - local -r key="${1:?key missing}" - local -r value="${2:?value missing}" - local -r file="${3:-"$PHP_CONF_FILE"}" - local pattern="^[; ]*${key}\s*=.*$" - if [[ "$key" = "extension" || "$key" = "zend_extension" ]]; then - # The "extension" property works a bit different for PHP, as there is one per module to be included, meaning it is additive unlike other configurations - # Because of that, we first check if the extension was defined in the file to replace the proper entry - pattern="^[; ]*${key}\s*=\s*[\"]?${value}(\.so)?[\"]?\s*$" - fi - local -r entry="${key} = ${value}" - if is_file_writable "$file"; then - # Not using the ini-file tool since it does not play well with php.ini - if grep -q -E "$pattern" "$file"; then - replace_in_file "$file" "$pattern" "$entry" - else - cat >> "$file" <<< "$entry" - fi - else - warn "The PHP configuration file '${file}' is not writable. The '${key}' option will not be configured." - fi -} - -######################## -# Ensure PHP is initialized -# Globals: -# PHP_* -# Arguments: -# None -# Returns: -# None -######################### -php_initialize() { - # Configure PHP options based on the runtime environment - info "Configuring PHP options" - php_set_runtime_config "$PHP_CONF_FILE" - - # PHP-FPM configuration - ! is_empty_value "$PHP_FPM_LISTEN_ADDRESS" && info "Setting PHP-FPM listen option" && php_conf_set "listen" "$PHP_FPM_LISTEN_ADDRESS" "${PHP_CONF_DIR}/php-fpm.d/www.conf" - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Set PHP runtime options, based on user-provided environment variables -# Globals: -# PHP_* -# Arguments: -# None -# Returns: -# None -######################### -php_set_runtime_config() { - local -r conf_file="${1:?missing conf file}" - - ! is_empty_value "$PHP_DATE_TIMEZONE" && info "Setting PHP date.timezone option" && php_conf_set date.timezone "$PHP_DATE_TIMEZONE" "$conf_file" - ! is_empty_value "$PHP_ENABLE_OPCACHE" && info "Setting PHP opcache.enable option" && php_conf_set opcache.enable "$PHP_ENABLE_OPCACHE" "$conf_file" - ! is_empty_value "$PHP_EXPOSE_PHP" && info "Setting PHP expose_php option" && php_conf_set expose_php "$PHP_EXPOSE_PHP" "$conf_file" - ! is_empty_value "$PHP_MAX_EXECUTION_TIME" && info "Setting PHP max_execution_time option" && php_conf_set max_execution_time "$PHP_MAX_EXECUTION_TIME" "$conf_file" - ! is_empty_value "$PHP_MAX_INPUT_TIME" && info "Setting PHP max_input_time option" && php_conf_set max_input_time "$PHP_MAX_INPUT_TIME" "$conf_file" - ! is_empty_value "$PHP_MAX_INPUT_VARS" && info "Setting PHP max_input_vars option" && php_conf_set max_input_vars "$PHP_MAX_INPUT_VARS" "$conf_file" - ! is_empty_value "$PHP_MEMORY_LIMIT" && info "Setting PHP memory_limit option" && php_conf_set memory_limit "$PHP_MEMORY_LIMIT" "$conf_file" - ! is_empty_value "$PHP_POST_MAX_SIZE" && info "Setting PHP post_max_size option" && php_conf_set post_max_size "$PHP_POST_MAX_SIZE" "$conf_file" - ! is_empty_value "$PHP_UPLOAD_MAX_FILESIZE" && info "Setting PHP upload_max_filesize option" && php_conf_set upload_max_filesize "$PHP_UPLOAD_MAX_FILESIZE" "$conf_file" - ! is_empty_value "$PHP_OUTPUT_BUFFERING" && info "Setting PHP output_buffering option" && php_conf_set output_buffering "$PHP_OUTPUT_BUFFERING" "$conf_file" - - true -} - -######################## -# Convert a yes/no value to a PHP boolean -# Globals: -# None -# Arguments: -# $1 - yes/no value -# Returns: -# None -######################### -php_convert_to_boolean() { - local -r value="${1:?missing value}" - is_boolean_yes "$value" && echo "true" || echo "false" -} - -######################## -# Execute/run PHP code and print to stdout -# Globals: -# None -# Stdin: -# Code to execute -# Arguments: -# $1..$n - Input arguments to script -# Returns: -# None -######################### -php_execute_print_output() { - local php_cmd - # Obtain the command specified via stdin - php_cmd="$(/dev/null 2>&1 & - if ! retry_while "is_php_fpm_running"; then - error "php-fpm did not start" - error_code=1 - else - info "php-fpm started" - fi -else - info "php-fpm is already running" -fi - -exit "$error_code" diff --git a/bitnami/laravel/9/debian-11/rootfs/opt/bitnami/scripts/php/status.sh b/bitnami/laravel/9/debian-11/rootfs/opt/bitnami/scripts/php/status.sh deleted file mode 100755 index fcb71cf40410..000000000000 --- a/bitnami/laravel/9/debian-11/rootfs/opt/bitnami/scripts/php/status.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libphp.sh -. /opt/bitnami/scripts/liblog.sh - -# Load PHP-FPM environment variables -. /opt/bitnami/scripts/php-env.sh - -if is_php_fpm_running; then - info "php-fpm is already running" -else - info "php-fpm is not running" -fi diff --git a/bitnami/laravel/9/debian-11/rootfs/opt/bitnami/scripts/php/stop.sh b/bitnami/laravel/9/debian-11/rootfs/opt/bitnami/scripts/php/stop.sh deleted file mode 100755 index 153f256030eb..000000000000 --- a/bitnami/laravel/9/debian-11/rootfs/opt/bitnami/scripts/php/stop.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libphp.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh - -# Load PHP-FPM environment variables -. /opt/bitnami/scripts/php-env.sh - -error_code=0 - -if is_php_fpm_running; then - BITNAMI_QUIET=1 php_fpm_stop - if ! retry_while "is_php_fpm_not_running"; then - error "php-fpm could not be stopped" - error_code=1 - else - info "php-fpm stopped" - fi -else - info "php-fpm is not running" -fi - -exit "$error_code" diff --git a/bitnami/laravel/9/debian-11/rootfs/post-init.d/php.sh b/bitnami/laravel/9/debian-11/rootfs/post-init.d/php.sh deleted file mode 100755 index 75fbeb8b58bc..000000000000 --- a/bitnami/laravel/9/debian-11/rootfs/post-init.d/php.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Executes custom PHP init scripts - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries with logging functions -if [[ -f /opt/bitnami/base/functions ]]; then - . /opt/bitnami/base/functions -else - . /opt/bitnami/scripts/liblog.sh -fi - -# Loop through all input files passed via stdin -read -r -a custom_init_scripts <<< "$@" -failure=0 -if [[ "${#custom_init_scripts[@]}" -gt 0 ]]; then - for custom_init_script in "${custom_init_scripts[@]}"; do - [[ "$custom_init_script" != *".php" ]] && continue - info "Executing ${custom_init_script} with PHP interpreter" - php "$custom_init_script" || failure=1 - [[ "$failure" -ne 0 ]] && error "Failed to execute ${custom_init_script}" - done -fi - -exit "$failure" diff --git a/bitnami/laravel/9/debian-11/rootfs/post-init.d/shell.sh b/bitnami/laravel/9/debian-11/rootfs/post-init.d/shell.sh deleted file mode 100755 index 15ec2defbee7..000000000000 --- a/bitnami/laravel/9/debian-11/rootfs/post-init.d/shell.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Executes custom Bash init scripts - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries with logging functions -if [[ -f /opt/bitnami/base/functions ]]; then - . /opt/bitnami/base/functions -else - . /opt/bitnami/scripts/liblog.sh -fi - -# Loop through all input files passed via stdin -read -r -a custom_init_scripts <<< "$@" -failure=0 -if [[ "${#custom_init_scripts[@]}" -gt 0 ]]; then - for custom_init_script in "${custom_init_scripts[@]}"; do - [[ "$custom_init_script" != *".sh" ]] && continue - if [[ -x "$custom_init_script" ]]; then - info "Executing ${custom_init_script}" - "$custom_init_script" || failure="1" - else - info "Sourcing ${custom_init_script} as it is not executable by the current user, any error may cause initialization to fail" - . "$custom_init_script" - fi - [[ "$failure" -ne 0 ]] && error "Failed to execute ${custom_init_script}" - done -fi - -exit "$failure" diff --git a/bitnami/laravel/9/debian-11/rootfs/post-init.sh b/bitnami/laravel/9/debian-11/rootfs/post-init.sh deleted file mode 100755 index 514c691870b4..000000000000 --- a/bitnami/laravel/9/debian-11/rootfs/post-init.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Only execute init scripts once -if [[ ! -f "/bitnami/laravel/.user_scripts_initialized" && -d "/docker-entrypoint-init.d" ]]; then - read -r -a init_scripts <<< "$(find "/docker-entrypoint-init.d" -type f -print0 | sort -z | xargs -0)" - if [[ "${#init_scripts[@]}" -gt 0 ]] && [[ ! -f "/bitnami/laravel/.user_scripts_initialized" ]]; then - mkdir -p "/bitnami/laravel" - for init_script in "${init_scripts[@]}"; do - for init_script_type_handler in /post-init.d/*.sh; do - "$init_script_type_handler" "$init_script" - done - done - fi - - touch "/bitnami/laravel/.user_scripts_initialized" -fi diff --git a/bitnami/laravel/9/debian-11/tags-info.yaml b/bitnami/laravel/9/debian-11/tags-info.yaml deleted file mode 100644 index 653594618ed9..000000000000 --- a/bitnami/laravel/9/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "9" -- 9-debian-11 -- 9.5.2 diff --git a/bitnami/logstash/7/debian-11/Dockerfile b/bitnami/logstash/7/debian-11/Dockerfile deleted file mode 100644 index 74699db82e6e..000000000000 --- a/bitnami/logstash/7/debian-11/Dockerfile +++ /dev/null @@ -1,63 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG JAVA_EXTRA_SECURITY_DIR="/bitnami/java/extra-security" -ARG LOGSTASH_PLUGINS -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T12:43:14Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="7.17.18-debian-11-r18" \ - org.opencontainers.image.title="logstash" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="7.17.18" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "yq-4.41.1-0-linux-${OS_ARCH}-debian-11" \ - "java-17.0.10-13-1-linux-${OS_ARCH}-debian-11" \ - "logstash-7.17.18-0-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/java/postunpack.sh -RUN /opt/bitnami/scripts/logstash/postunpack.sh -ENV APP_VERSION="7.17.18" \ - BITNAMI_APP_NAME="logstash" \ - JAVA_HOME="/opt/bitnami/java" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/java/bin:/opt/bitnami/logstash/bin:$PATH" - -EXPOSE 8080 - -WORKDIR /opt/bitnami/logstash -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/logstash/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/logstash/run.sh" ] diff --git a/bitnami/logstash/7/debian-11/docker-compose.yml b/bitnami/logstash/7/debian-11/docker-compose.yml deleted file mode 100644 index 68f66ad5dc0a..000000000000 --- a/bitnami/logstash/7/debian-11/docker-compose.yml +++ /dev/null @@ -1,14 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' -services: - logstash: - image: docker.io/bitnami/logstash:7 - ports: - - 8080:8080 - volumes: - - logstash_data:/bitnami -volumes: - logstash_data: - driver: local diff --git a/bitnami/logstash/7/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/logstash/7/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index d4f1f15472b0..000000000000 --- a/bitnami/logstash/7/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "java": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "17.0.10-13-1" - }, - "logstash": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "7.17.18-0" - }, - "yq": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "4.41.1-0" - } -} \ No newline at end of file diff --git a/bitnami/logstash/7/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/logstash/7/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/logstash/7/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/logstash/7/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/logstash/7/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/logstash/7/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/logstash/7/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/logstash/7/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/logstash/7/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/logstash/7/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/logstash/7/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/logstash/7/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/logstash/7/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/logstash/7/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/logstash/7/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/logstash/7/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/logstash/7/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/logstash/7/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/logstash/7/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/logstash/7/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/logstash/7/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/logstash/7/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/logstash/7/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/logstash/7/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/logstash/7/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/logstash/7/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/logstash/7/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/logstash/7/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/logstash/7/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/logstash/7/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/logstash/7/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/logstash/7/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/logstash/7/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/logstash/7/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/logstash/7/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/logstash/7/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/logstash/7/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/logstash/7/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/logstash/7/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/logstash/7/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/logstash/7/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/logstash/7/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/logstash/7/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh b/bitnami/logstash/7/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh deleted file mode 100755 index c3a1e2383fa1..000000000000 --- a/bitnami/logstash/7/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -print_welcome_page - -echo "" -exec "$@" diff --git a/bitnami/logstash/7/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh b/bitnami/logstash/7/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh deleted file mode 100755 index 52dbf4f13673..000000000000 --- a/bitnami/logstash/7/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh - -# -# Java post-unpack operations -# - -# Override default files in the Java security directory. This is used for -# custom base images (with custom CA certificates or block lists is used) - -if [[ -n "${JAVA_EXTRA_SECURITY_DIR:-}" ]] && ! is_dir_empty "$JAVA_EXTRA_SECURITY_DIR"; then - info "Adding custom CAs to the Java security folder" - cp -Lr "${JAVA_EXTRA_SECURITY_DIR}/." /opt/bitnami/java/lib/security -fi diff --git a/bitnami/logstash/7/debian-11/rootfs/opt/bitnami/scripts/liblogstash.sh b/bitnami/logstash/7/debian-11/rootfs/opt/bitnami/scripts/liblogstash.sh deleted file mode 100644 index 93ea56e005c7..000000000000 --- a/bitnami/logstash/7/debian-11/rootfs/opt/bitnami/scripts/liblogstash.sh +++ /dev/null @@ -1,379 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Logstash library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/libservice.sh - -######################## -# Validate settings in Logstash environment variables -# Globals: -# LOGSTASH_* -# Arguments: -# None -# Returns: -# None -######################### -logstash_validate() { - debug "Validating settings in LOGSTASH_* environment variables" - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - check_yes_no_value() { - if ! is_yes_no_value "${!1}" && ! is_true_false_value "${!1}"; then - print_validation_error "The allowed values for ${1} are: yes no" - fi - } - check_resolved_hostname() { - if ! is_hostname_resolved "$1"; then - warn "Hostname ${1} could not be resolved, this could lead to connection issues" - fi - } - check_valid_port() { - local port_var="${1:?missing port variable}" - local err - if ! err="$(validate_port "${!port_var}")"; then - print_validation_error "An invalid port was specified in the environment variable ${port_var}: ${err}." - fi - } - - check_resolved_hostname "$LOGSTASH_BIND_ADDRESS" - check_yes_no_value "LOGSTASH_EXPOSE_API" - check_valid_port "LOGSTASH_API_PORT_NUMBER" - check_yes_no_value "LOGSTASH_ENABLE_MULTIPLE_PIPELINES" - - # Pipeline configuration parameters - # Inputs - check_yes_no_value "LOGSTASH_ENABLE_BEATS_INPUT" - is_boolean_yes "$LOGSTASH_ENABLE_BEATS_INPUT" && check_valid_port "LOGSTASH_BEATS_PORT_NUMBER" - check_yes_no_value "LOGSTASH_ENABLE_GELF_INPUT" - is_boolean_yes "$LOGSTASH_ENABLE_GELF_INPUT" && check_valid_port "LOGSTASH_GELF_PORT_NUMBER" - check_yes_no_value "LOGSTASH_ENABLE_HTTP_INPUT" - is_boolean_yes "$LOGSTASH_ENABLE_HTTP_INPUT" && check_valid_port "LOGSTASH_HTTP_PORT_NUMBER" - check_yes_no_value "LOGSTASH_ENABLE_TCP_INPUT" - is_boolean_yes "$LOGSTASH_ENABLE_TCP_INPUT" && check_valid_port "LOGSTASH_TCP_PORT_NUMBER" - check_yes_no_value "LOGSTASH_ENABLE_UDP_INPUT" - is_boolean_yes "$LOGSTASH_ENABLE_UDP_INPUT" && check_valid_port "LOGSTASH_UDP_PORT_NUMBER" - # Outputs - check_yes_no_value "LOGSTASH_ENABLE_STDOUT_OUTPUT" - check_yes_no_value "LOGSTASH_ENABLE_ELASTICSEARCH_OUTPUT" - if is_boolean_yes "$LOGSTASH_ENABLE_ELASTICSEARCH_OUTPUT"; then - check_resolved_hostname "$LOGSTASH_ELASTICSEARCH_HOST" - check_valid_port "LOGSTASH_ELASTICSEARCH_PORT_NUMBER" - fi - - [[ "$error_code" -eq 0 ]] || exit "$error_code" -} - -######################## -# Create sample config file -# Globals: -# LOGSTASH_* -# Arguments: -# None -# Returns: -# None -######################### -logstash_create_sample_pipeline_config_file() { - # Default supported inputs/outputs come from historic Bitnami defaults - # Configuration reference: https://www.elastic.co/guide/en/logstash/current/config-examples.html - info "Creating sample config file" - local inputs="" - local outputs="" - # Parse inputs - if is_boolean_yes "$LOGSTASH_ENABLE_BEATS_INPUT"; then - inputs+=$'\n'"beats { - ssl => false - host => \"${LOGSTASH_BIND_ADDRESS}\" - port => ${LOGSTASH_BEATS_PORT_NUMBER} -}" - fi - if is_boolean_yes "$LOGSTASH_ENABLE_GELF_INPUT"; then - inputs+=$'\n'"gelf { - host => \"${LOGSTASH_BIND_ADDRESS}\" - port => ${LOGSTASH_GELF_PORT_NUMBER} -}" - fi - if is_boolean_yes "$LOGSTASH_ENABLE_HTTP_INPUT"; then - inputs+=$'\n'"http { - ssl => false - host => \"${LOGSTASH_BIND_ADDRESS}\" - port => ${LOGSTASH_HTTP_PORT_NUMBER} -}" - fi - if is_boolean_yes "$LOGSTASH_ENABLE_TCP_INPUT"; then - inputs+=$'\n'"tcp { - mode => \"server\" - host => \"${LOGSTASH_BIND_ADDRESS}\" - port => ${LOGSTASH_TCP_PORT_NUMBER} -}" - fi - if is_boolean_yes "$LOGSTASH_ENABLE_UDP_INPUT"; then - inputs+=$'\n'"udp { - host => \"${LOGSTASH_BIND_ADDRESS}\" - port => ${LOGSTASH_UDP_PORT_NUMBER} -}" - fi - # Parse outputs - is_boolean_yes "$LOGSTASH_ENABLE_STDOUT_OUTPUT" && outputs+=$'\n'"stdout { }" - if is_boolean_yes "$LOGSTASH_ENABLE_ELASTICSEARCH_OUTPUT"; then - outputs+=$'\n'"elasticsearch { - hosts => [\"${LOGSTASH_ELASTICSEARCH_HOST}:${LOGSTASH_ELASTICSEARCH_PORT_NUMBER}\"] - document_id => \"%{logstash_checksum}\" - index => \"logstash-%{+YYYY.MM.dd}\" -}" - fi - # Indent and add newline so it looks good - [[ -n "$inputs" ]] && inputs="$(indent "$inputs" 2)"$'\n' - [[ -n "$outputs" ]] && outputs="$(indent "$outputs" 2)"$'\n' - # Create the configuration file - cat >"$LOGSTASH_PIPELINE_CONF_FILE" <"$tempfile" - ;; - int) - yq eval "(.${key}) |= ${value}" "$conf_file" >"$tempfile" - ;; - bool) - yq eval "(.${key}) |= (\"${value}\" | test(\"true\"))" "$conf_file" >"$tempfile" - ;; - *) - error "Type unknown: ${type}" - return 1 - ;; - esac - cp "$tempfile" "$conf_file" -} - -######################## -# Ensure Logstash is initialized -# Globals: -# LOGSTASH_* -# Arguments: -# None -# Returns: -# None -######################### -logstash_initialize() { - info "Initializing Logstash" - - logstash_set_heap_size - - # Based on naming from https://www.elastic.co/guide/en/logstash/current/config-setting-files.html - if ! is_mounted_dir_empty "$LOGSTASH_MOUNTED_CONF_DIR"; then - info "Mounted setting files detected" - cp -Lr "$LOGSTASH_MOUNTED_CONF_DIR"/. "$LOGSTASH_CONF_DIR" - fi - - if is_boolean_yes "$LOGSTASH_EXPOSE_API"; then - if is_file_writable "$LOGSTASH_CONF_FILE"; then - info "Enabling Logstash API endpoint" - logstash_yml_set "$LOGSTASH_CONF_FILE" '"api.http.host"' "$LOGSTASH_BIND_ADDRESS" - logstash_yml_set "$LOGSTASH_CONF_FILE" '"api.http.port"' "$LOGSTASH_API_PORT_NUMBER" - else - warn "The Logstash configuration file '${LOGSTASH_CONF_FILE}' is not writable. Configurations based on environment variables will be passed as command-line arguments instead." - fi - fi - - if is_boolean_yes "$LOGSTASH_ENABLE_MULTIPLE_PIPELINES"; then - if [[ -e "${LOGSTASH_MOUNTED_CONF_DIR}/pipelines.yml" ]]; then - info "Detected mounted 'pipelines.yml' configuration file for multiple pipelines" - else - logstash_create_sample_pipelines_yml_file - fi - fi - - # Skip further configuration if Logstash pipeline configuration was passed as a string - [[ -n "$LOGSTASH_PIPELINE_CONF_STRING" ]] && return - - if ! is_mounted_dir_empty "$LOGSTASH_MOUNTED_PIPELINE_CONF_DIR"; then - info "Detected mounted pipeline configuration files" - cp -Lr "$LOGSTASH_MOUNTED_PIPELINE_CONF_DIR"/* "$LOGSTASH_PIPELINE_CONF_DIR" - elif [[ -e "${LOGSTASH_MOUNTED_CONF_DIR}/${LOGSTASH_PIPELINE_CONF_FILENAME}" ]]; then - # Support for legacy configuration before configurations were separated into 'config' and 'pipeline' - warn "Detected mounted '${LOGSTASH_MOUNTED_CONF_DIR}/${LOGSTASH_PIPELINE_CONF_FILENAME}' pipeline configuration file in legacy directory." - warn "Support for this configuration may be deprecated in a future version of this image. Please mount the pipeline files to '${LOGSTASH_MOUNTED_PIPELINE_CONF_DIR}' instead." - cp -Lr "${LOGSTASH_MOUNTED_CONF_DIR}/${LOGSTASH_PIPELINE_CONF_FILENAME}" "$LOGSTASH_PIPELINE_CONF_DIR" - elif is_dir_empty "$LOGSTASH_PIPELINE_CONF_DIR"; then - logstash_create_sample_pipeline_config_file - else - info "Detected existing files in '${LOGSTASH_PIPELINE_CONF_DIR}', skipping sample pipeline generation" - fi -} - -######################## -# Check if Logstash is running -# Globals: -# LOGSTASH_PID_FILE -# Arguments: -# None -# Returns: -# Boolean -######################### -is_logstash_running() { - # Logstash does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "org.logstash.Logstash" >"$LOGSTASH_PID_FILE" - - local pid - pid="$(get_pid_from_file "$LOGSTASH_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if Logstash is not running -# Globals: -# LOGSTASH_PID_FILE -# Arguments: -# None -# Returns: -# Boolean -######################### -is_logstash_not_running() { - ! is_logstash_running - return "$?" -} - -######################## -# Stop Logstash -# Globals: -# LOGSTASH_PID_FILE -# Arguments: -# None -# Returns: -# None -######################### -logstash_stop() { - ! is_logstash_running && return - debug "Stopping Logstash" - stop_service_using_pid "$LOGSTASH_PID_FILE" -} - -######################## -# Install Logstash plugins -# Globals: -# LOGSTASH_* -# Arguments: -# None -# Returns: -# None -######################### -logstash_install_plugins() { - read -r -a plugins_list <<<"$(tr ',;' ' ' <<<"$LOGSTASH_PLUGINS")" - - # Skip if there isn't any plugin to install - [[ -z "${plugins_list[*]:-}" ]] && return - - # Install plugins - info "Installing plugins: ${plugins_list[*]}" - for plugin in "${plugins_list[@]}"; do - debug "Installing plugin: ${plugin}" - if [[ "${BITNAMI_DEBUG:-false}" = true ]]; then - logstash-plugin install "$plugin" - else - logstash-plugin install "$plugin" >/dev/null 2>&1 - fi - done -} diff --git a/bitnami/logstash/7/debian-11/rootfs/opt/bitnami/scripts/logstash-env.sh b/bitnami/logstash/7/debian-11/rootfs/opt/bitnami/scripts/logstash-env.sh deleted file mode 100644 index 41075b40cc98..000000000000 --- a/bitnami/logstash/7/debian-11/rootfs/opt/bitnami/scripts/logstash-env.sh +++ /dev/null @@ -1,123 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for logstash - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-logstash}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -logstash_env_vars=( - LOGSTASH_PIPELINE_CONF_FILENAME - LOGSTASH_BIND_ADDRESS - LOGSTASH_EXPOSE_API - LOGSTASH_API_PORT_NUMBER - LOGSTASH_PIPELINE_CONF_STRING - LOGSTASH_PLUGINS - LOGSTASH_EXTRA_FLAGS - LOGSTASH_HEAP_SIZE - LOGSTASH_MAX_ALLOWED_MEMORY_PERCENTAGE - LOGSTASH_MAX_ALLOWED_MEMORY - LOGSTASH_ENABLE_MULTIPLE_PIPELINES - LOGSTASH_ENABLE_BEATS_INPUT - LOGSTASH_BEATS_PORT_NUMBER - LOGSTASH_ENABLE_GELF_INPUT - LOGSTASH_GELF_PORT_NUMBER - LOGSTASH_ENABLE_HTTP_INPUT - LOGSTASH_HTTP_PORT_NUMBER - LOGSTASH_ENABLE_TCP_INPUT - LOGSTASH_TCP_PORT_NUMBER - LOGSTASH_ENABLE_UDP_INPUT - LOGSTASH_UDP_PORT_NUMBER - LOGSTASH_ENABLE_STDOUT_OUTPUT - LOGSTASH_ENABLE_ELASTICSEARCH_OUTPUT - LOGSTASH_ELASTICSEARCH_HOST - LOGSTASH_ELASTICSEARCH_PORT_NUMBER - LOGSTASH_CONF_FILENAME - LOGSTASH_CONF_STRING - LOGSTASH_EXTRA_ARGS -) -for env_var in "${logstash_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset logstash_env_vars - -# Paths -export LOGSTASH_BASE_DIR="/opt/bitnami/logstash" -export LOGSTASH_CONF_DIR="${LOGSTASH_BASE_DIR}/config" -export LOGSTASH_PIPELINE_CONF_DIR="${LOGSTASH_BASE_DIR}/pipeline" -export LOGSTASH_BIN_DIR="${LOGSTASH_BASE_DIR}/bin" -export LOGSTASH_CONF_FILE="${LOGSTASH_CONF_DIR}/logstash.yml" -LOGSTASH_PIPELINE_CONF_FILENAME="${LOGSTASH_PIPELINE_CONF_FILENAME:-"${LOGSTASH_CONF_FILENAME:-}"}" -export LOGSTASH_PIPELINE_CONF_FILENAME="${LOGSTASH_PIPELINE_CONF_FILENAME:-logstash.conf}" -export LOGSTASH_PIPELINE_CONF_FILE="${LOGSTASH_PIPELINE_CONF_DIR}/${LOGSTASH_PIPELINE_CONF_FILENAME}" -export LOGSTASH_VOLUME_DIR="/bitnami/logstash" -export LOGSTASH_DATA_DIR="${LOGSTASH_VOLUME_DIR}/data" -export LOGSTASH_MOUNTED_CONF_DIR="${LOGSTASH_VOLUME_DIR}/config" -export LOGSTASH_MOUNTED_PIPELINE_CONF_DIR="${LOGSTASH_VOLUME_DIR}/pipeline" - -# System users (when running with a privileged user) -export LOGSTASH_DAEMON_USER="logstash" -export LOGSTASH_DAEMON_GROUP="logstash" - -# Logstash configuration -export LOGSTASH_BIND_ADDRESS="${LOGSTASH_BIND_ADDRESS:-0.0.0.0}" -export LOGSTASH_EXPOSE_API="${LOGSTASH_EXPOSE_API:-no}" -export LOGSTASH_API_PORT_NUMBER="${LOGSTASH_API_PORT_NUMBER:-9600}" -LOGSTASH_PIPELINE_CONF_STRING="${LOGSTASH_PIPELINE_CONF_STRING:-"${LOGSTASH_CONF_STRING:-}"}" -export LOGSTASH_PIPELINE_CONF_STRING="${LOGSTASH_PIPELINE_CONF_STRING:-}" -export LOGSTASH_PLUGINS="${LOGSTASH_PLUGINS:-}" -LOGSTASH_EXTRA_FLAGS="${LOGSTASH_EXTRA_FLAGS:-"${LOGSTASH_EXTRA_ARGS:-}"}" -export LOGSTASH_EXTRA_FLAGS="${LOGSTASH_EXTRA_FLAGS:-}" -export LOGSTASH_HEAP_SIZE="${LOGSTASH_HEAP_SIZE:-1024m}" -export LOGSTASH_MAX_ALLOWED_MEMORY_PERCENTAGE="${LOGSTASH_MAX_ALLOWED_MEMORY_PERCENTAGE:-100}" -export LOGSTASH_MAX_ALLOWED_MEMORY="${LOGSTASH_MAX_ALLOWED_MEMORY:-}" - -# Logstash pipeline configuration -export LOGSTASH_ENABLE_MULTIPLE_PIPELINES="${LOGSTASH_ENABLE_MULTIPLE_PIPELINES:-no}" -export LOGSTASH_ENABLE_BEATS_INPUT="${LOGSTASH_ENABLE_BEATS_INPUT:-no}" -export LOGSTASH_BEATS_PORT_NUMBER="${LOGSTASH_BEATS_PORT_NUMBER:-5044}" -export LOGSTASH_ENABLE_GELF_INPUT="${LOGSTASH_ENABLE_GELF_INPUT:-no}" -export LOGSTASH_GELF_PORT_NUMBER="${LOGSTASH_GELF_PORT_NUMBER:-12201}" -export LOGSTASH_ENABLE_HTTP_INPUT="${LOGSTASH_ENABLE_HTTP_INPUT:-yes}" -export LOGSTASH_HTTP_PORT_NUMBER="${LOGSTASH_HTTP_PORT_NUMBER:-8080}" -export LOGSTASH_ENABLE_TCP_INPUT="${LOGSTASH_ENABLE_TCP_INPUT:-no}" -export LOGSTASH_TCP_PORT_NUMBER="${LOGSTASH_TCP_PORT_NUMBER:-5010}" -export LOGSTASH_ENABLE_UDP_INPUT="${LOGSTASH_ENABLE_UDP_INPUT:-no}" -export LOGSTASH_UDP_PORT_NUMBER="${LOGSTASH_UDP_PORT_NUMBER:-5000}" -export LOGSTASH_ENABLE_STDOUT_OUTPUT="${LOGSTASH_ENABLE_STDOUT_OUTPUT:-yes}" -export LOGSTASH_ENABLE_ELASTICSEARCH_OUTPUT="${LOGSTASH_ENABLE_ELASTICSEARCH_OUTPUT:-no}" -export LOGSTASH_ELASTICSEARCH_HOST="${LOGSTASH_ELASTICSEARCH_HOST:-elasticsearch}" -export LOGSTASH_ELASTICSEARCH_PORT_NUMBER="${LOGSTASH_ELASTICSEARCH_PORT_NUMBER:-9200}" - -# Default JVM configuration -export JAVA_HOME="${BITNAMI_ROOT_DIR}/java" - -# Other parameters -export PATH="${LOGSTASH_BIN_DIR}:${JAVA_HOME}/bin:${BITNAMI_ROOT_DIR}/common/bin:${PATH}" - -# Custom environment variables may be defined below diff --git a/bitnami/logstash/7/debian-11/rootfs/opt/bitnami/scripts/logstash/entrypoint.sh b/bitnami/logstash/7/debian-11/rootfs/opt/bitnami/scripts/logstash/entrypoint.sh deleted file mode 100755 index a9668bb52192..000000000000 --- a/bitnami/logstash/7/debian-11/rootfs/opt/bitnami/scripts/logstash/entrypoint.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -#set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/liblogstash.sh - -# Load Logstash environment variables -. /opt/bitnami/scripts/logstash-env.sh - -print_welcome_page - -if [[ "$*" = *"/opt/bitnami/scripts/logstash/run.sh"* ]]; then - info "** Starting Logstash setup **" - /opt/bitnami/scripts/logstash/setup.sh - info "** Logstash setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/logstash/7/debian-11/rootfs/opt/bitnami/scripts/logstash/postunpack.sh b/bitnami/logstash/7/debian-11/rootfs/opt/bitnami/scripts/logstash/postunpack.sh deleted file mode 100755 index e2e2f9555812..000000000000 --- a/bitnami/logstash/7/debian-11/rootfs/opt/bitnami/scripts/logstash/postunpack.sh +++ /dev/null @@ -1,56 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblogstash.sh - -# Load Logstash environment variables -. /opt/bitnami/scripts/logstash-env.sh - -info "Creating Logstash daemon user" -ensure_user_exists "$LOGSTASH_DAEMON_USER" --group "$LOGSTASH_DAEMON_GROUP" - -for dir in "$LOGSTASH_BASE_DIR/vendor/bundle/jruby" "$LOGSTASH_CONF_DIR" "$LOGSTASH_PIPELINE_CONF_DIR" "$LOGSTASH_MOUNTED_CONF_DIR" "$LOGSTASH_MOUNTED_PIPELINE_CONF_DIR" "$LOGSTASH_VOLUME_DIR" "$LOGSTASH_DATA_DIR"; do - ensure_dir_exists "$dir" - configure_permissions_ownership "$dir" -d "775" -f "664" -u "$LOGSTASH_DAEMON_USER" -g "root" -done - -for file in "$LOGSTASH_BASE_DIR/Gemfile" "$LOGSTASH_BASE_DIR/Gemfile.lock"; do - configure_permissions_ownership "$file" -f "664" -u "$LOGSTASH_DAEMON_USER" -g "root" -done - -info "Configuring paths" -logstash_yml_set "$LOGSTASH_CONF_FILE" '"path.data"' "$LOGSTASH_DATA_DIR" - -info "Configuring logging to standard output" -# Back up the original file for users who'd like to use logfile logging -cp -L "${LOGSTASH_CONF_DIR}/log4j2.properties" "${LOGSTASH_CONF_DIR}/log4j2.orig.properties" -cat > "${LOGSTASH_CONF_DIR}/log4j2.properties" << EOF -status = error -name = LogstashPropertiesConfig - -appender.console.type = Console -appender.console.name = plain_console -appender.console.layout.type = PatternLayout -appender.console.layout.pattern = [%d{ISO8601}][%-5p][%-25c]%notEmpty{[%X{pipeline.id}]}%notEmpty{[%X{plugin.id}]} %m%n - -appender.json_console.type = Console -appender.json_console.name = json_console -appender.json_console.layout.type = JSONLayout -appender.json_console.layout.compact = true -appender.json_console.layout.eventEol = true - -rootLogger.level = \${sys:ls.log.level} -rootLogger.appenderRef.console.ref = \${sys:ls.log.format}_console -EOF - -logstash_install_plugins diff --git a/bitnami/logstash/7/debian-11/rootfs/opt/bitnami/scripts/logstash/run.sh b/bitnami/logstash/7/debian-11/rootfs/opt/bitnami/scripts/logstash/run.sh deleted file mode 100755 index 376d2fc1285b..000000000000 --- a/bitnami/logstash/7/debian-11/rootfs/opt/bitnami/scripts/logstash/run.sh +++ /dev/null @@ -1,44 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/liblogstash.sh - -# Load Logstash environment variables -. /opt/bitnami/scripts/logstash-env.sh - -declare -a cmd=("logstash") - -if is_boolean_yes "$LOGSTASH_EXPOSE_API"; then - cmd+=("--api.http.host" "$LOGSTASH_BIND_ADDRESS" "--api.http.port" "$LOGSTASH_API_PORT_NUMBER") -fi - -if [[ -n "$LOGSTASH_PIPELINE_CONF_STRING" ]]; then - cmd+=("-e" "$LOGSTASH_PIPELINE_CONF_STRING") -elif ! is_boolean_yes "$LOGSTASH_ENABLE_MULTIPLE_PIPELINES"; then - cmd+=("-f" "$LOGSTASH_PIPELINE_CONF_DIR") -fi - -declare -a extra_args=() -read -r -a extra_args <<< "$LOGSTASH_EXTRA_FLAGS" -[[ "${#extra_args[@]}" -gt 0 ]] && cmd+=("${extra_args[@]}") - -# JAVA_HOME to be deprecated, see warning: -# warning: usage of JAVA_HOME is deprecated, use LS_JAVA_HOME -export LS_JAVA_HOME=/opt/bitnami/java - -info "** Starting Logstash **" -if am_i_root; then - exec_as_user "$LOGSTASH_DAEMON_USER" "${cmd[@]}" -else - exec "${cmd[@]}" -fi diff --git a/bitnami/logstash/7/debian-11/rootfs/opt/bitnami/scripts/logstash/setup.sh b/bitnami/logstash/7/debian-11/rootfs/opt/bitnami/scripts/logstash/setup.sh deleted file mode 100755 index c72058f76b2d..000000000000 --- a/bitnami/logstash/7/debian-11/rootfs/opt/bitnami/scripts/logstash/setup.sh +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblogstash.sh - -# Load Logstash environment variables -. /opt/bitnami/scripts/logstash-env.sh - -# Ensure Logstash environment variables are valid -logstash_validate - -# Ensure 'daemon' user exists when running as 'root' -am_i_root && ensure_user_exists "$LOGSTASH_DAEMON_USER" --group "$LOGSTASH_DAEMON_GROUP" - -# Ensure Logstash is initialized -logstash_initialize -# Install Logstash plugins -logstash_install_plugins diff --git a/bitnami/logstash/7/debian-11/tags-info.yaml b/bitnami/logstash/7/debian-11/tags-info.yaml deleted file mode 100644 index 8f5f9baf2f60..000000000000 --- a/bitnami/logstash/7/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "7" -- 7-debian-11 -- 7.17.18 diff --git a/bitnami/logstash/8/debian-11/Dockerfile b/bitnami/logstash/8/debian-11/Dockerfile deleted file mode 100644 index e04edc2f00ff..000000000000 --- a/bitnami/logstash/8/debian-11/Dockerfile +++ /dev/null @@ -1,63 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG JAVA_EXTRA_SECURITY_DIR="/bitnami/java/extra-security" -ARG LOGSTASH_PLUGINS -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T17:04:20Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="8.12.1-debian-11-r19" \ - org.opencontainers.image.title="logstash" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="8.12.1" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "yq-4.41.1-0-linux-${OS_ARCH}-debian-11" \ - "java-17.0.10-13-1-linux-${OS_ARCH}-debian-11" \ - "logstash-8.12.1-0-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/java/postunpack.sh -RUN /opt/bitnami/scripts/logstash/postunpack.sh -ENV APP_VERSION="8.12.1" \ - BITNAMI_APP_NAME="logstash" \ - JAVA_HOME="/opt/bitnami/java" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/java/bin:/opt/bitnami/logstash/bin:$PATH" - -EXPOSE 8080 - -WORKDIR /opt/bitnami/logstash -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/logstash/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/logstash/run.sh" ] diff --git a/bitnami/logstash/8/debian-11/docker-compose.yml b/bitnami/logstash/8/debian-11/docker-compose.yml deleted file mode 100644 index 1f960023073c..000000000000 --- a/bitnami/logstash/8/debian-11/docker-compose.yml +++ /dev/null @@ -1,14 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' -services: - logstash: - image: docker.io/bitnami/logstash:8 - ports: - - 8080:8080 - volumes: - - logstash_data:/bitnami -volumes: - logstash_data: - driver: local diff --git a/bitnami/logstash/8/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/logstash/8/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 482d409e7764..000000000000 --- a/bitnami/logstash/8/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "java": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "17.0.10-13-1" - }, - "logstash": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "8.12.1-0" - }, - "yq": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "4.41.1-0" - } -} \ No newline at end of file diff --git a/bitnami/logstash/8/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/logstash/8/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/logstash/8/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/logstash/8/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/logstash/8/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/logstash/8/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/logstash/8/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/logstash/8/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/logstash/8/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/logstash/8/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/logstash/8/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/logstash/8/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/logstash/8/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/logstash/8/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/logstash/8/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/logstash/8/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/logstash/8/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/logstash/8/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/logstash/8/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/logstash/8/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/logstash/8/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/logstash/8/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/logstash/8/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/logstash/8/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/logstash/8/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/logstash/8/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/logstash/8/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/logstash/8/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/logstash/8/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/logstash/8/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/logstash/8/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/logstash/8/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/logstash/8/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/logstash/8/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/logstash/8/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/logstash/8/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/logstash/8/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/logstash/8/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/logstash/8/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/logstash/8/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/logstash/8/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/logstash/8/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/logstash/8/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh b/bitnami/logstash/8/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh deleted file mode 100755 index c3a1e2383fa1..000000000000 --- a/bitnami/logstash/8/debian-11/rootfs/opt/bitnami/scripts/java/entrypoint.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -print_welcome_page - -echo "" -exec "$@" diff --git a/bitnami/logstash/8/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh b/bitnami/logstash/8/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh deleted file mode 100755 index 52dbf4f13673..000000000000 --- a/bitnami/logstash/8/debian-11/rootfs/opt/bitnami/scripts/java/postunpack.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh - -# -# Java post-unpack operations -# - -# Override default files in the Java security directory. This is used for -# custom base images (with custom CA certificates or block lists is used) - -if [[ -n "${JAVA_EXTRA_SECURITY_DIR:-}" ]] && ! is_dir_empty "$JAVA_EXTRA_SECURITY_DIR"; then - info "Adding custom CAs to the Java security folder" - cp -Lr "${JAVA_EXTRA_SECURITY_DIR}/." /opt/bitnami/java/lib/security -fi diff --git a/bitnami/logstash/8/debian-11/rootfs/opt/bitnami/scripts/liblogstash.sh b/bitnami/logstash/8/debian-11/rootfs/opt/bitnami/scripts/liblogstash.sh deleted file mode 100644 index 93ea56e005c7..000000000000 --- a/bitnami/logstash/8/debian-11/rootfs/opt/bitnami/scripts/liblogstash.sh +++ /dev/null @@ -1,379 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Logstash library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/libservice.sh - -######################## -# Validate settings in Logstash environment variables -# Globals: -# LOGSTASH_* -# Arguments: -# None -# Returns: -# None -######################### -logstash_validate() { - debug "Validating settings in LOGSTASH_* environment variables" - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - check_yes_no_value() { - if ! is_yes_no_value "${!1}" && ! is_true_false_value "${!1}"; then - print_validation_error "The allowed values for ${1} are: yes no" - fi - } - check_resolved_hostname() { - if ! is_hostname_resolved "$1"; then - warn "Hostname ${1} could not be resolved, this could lead to connection issues" - fi - } - check_valid_port() { - local port_var="${1:?missing port variable}" - local err - if ! err="$(validate_port "${!port_var}")"; then - print_validation_error "An invalid port was specified in the environment variable ${port_var}: ${err}." - fi - } - - check_resolved_hostname "$LOGSTASH_BIND_ADDRESS" - check_yes_no_value "LOGSTASH_EXPOSE_API" - check_valid_port "LOGSTASH_API_PORT_NUMBER" - check_yes_no_value "LOGSTASH_ENABLE_MULTIPLE_PIPELINES" - - # Pipeline configuration parameters - # Inputs - check_yes_no_value "LOGSTASH_ENABLE_BEATS_INPUT" - is_boolean_yes "$LOGSTASH_ENABLE_BEATS_INPUT" && check_valid_port "LOGSTASH_BEATS_PORT_NUMBER" - check_yes_no_value "LOGSTASH_ENABLE_GELF_INPUT" - is_boolean_yes "$LOGSTASH_ENABLE_GELF_INPUT" && check_valid_port "LOGSTASH_GELF_PORT_NUMBER" - check_yes_no_value "LOGSTASH_ENABLE_HTTP_INPUT" - is_boolean_yes "$LOGSTASH_ENABLE_HTTP_INPUT" && check_valid_port "LOGSTASH_HTTP_PORT_NUMBER" - check_yes_no_value "LOGSTASH_ENABLE_TCP_INPUT" - is_boolean_yes "$LOGSTASH_ENABLE_TCP_INPUT" && check_valid_port "LOGSTASH_TCP_PORT_NUMBER" - check_yes_no_value "LOGSTASH_ENABLE_UDP_INPUT" - is_boolean_yes "$LOGSTASH_ENABLE_UDP_INPUT" && check_valid_port "LOGSTASH_UDP_PORT_NUMBER" - # Outputs - check_yes_no_value "LOGSTASH_ENABLE_STDOUT_OUTPUT" - check_yes_no_value "LOGSTASH_ENABLE_ELASTICSEARCH_OUTPUT" - if is_boolean_yes "$LOGSTASH_ENABLE_ELASTICSEARCH_OUTPUT"; then - check_resolved_hostname "$LOGSTASH_ELASTICSEARCH_HOST" - check_valid_port "LOGSTASH_ELASTICSEARCH_PORT_NUMBER" - fi - - [[ "$error_code" -eq 0 ]] || exit "$error_code" -} - -######################## -# Create sample config file -# Globals: -# LOGSTASH_* -# Arguments: -# None -# Returns: -# None -######################### -logstash_create_sample_pipeline_config_file() { - # Default supported inputs/outputs come from historic Bitnami defaults - # Configuration reference: https://www.elastic.co/guide/en/logstash/current/config-examples.html - info "Creating sample config file" - local inputs="" - local outputs="" - # Parse inputs - if is_boolean_yes "$LOGSTASH_ENABLE_BEATS_INPUT"; then - inputs+=$'\n'"beats { - ssl => false - host => \"${LOGSTASH_BIND_ADDRESS}\" - port => ${LOGSTASH_BEATS_PORT_NUMBER} -}" - fi - if is_boolean_yes "$LOGSTASH_ENABLE_GELF_INPUT"; then - inputs+=$'\n'"gelf { - host => \"${LOGSTASH_BIND_ADDRESS}\" - port => ${LOGSTASH_GELF_PORT_NUMBER} -}" - fi - if is_boolean_yes "$LOGSTASH_ENABLE_HTTP_INPUT"; then - inputs+=$'\n'"http { - ssl => false - host => \"${LOGSTASH_BIND_ADDRESS}\" - port => ${LOGSTASH_HTTP_PORT_NUMBER} -}" - fi - if is_boolean_yes "$LOGSTASH_ENABLE_TCP_INPUT"; then - inputs+=$'\n'"tcp { - mode => \"server\" - host => \"${LOGSTASH_BIND_ADDRESS}\" - port => ${LOGSTASH_TCP_PORT_NUMBER} -}" - fi - if is_boolean_yes "$LOGSTASH_ENABLE_UDP_INPUT"; then - inputs+=$'\n'"udp { - host => \"${LOGSTASH_BIND_ADDRESS}\" - port => ${LOGSTASH_UDP_PORT_NUMBER} -}" - fi - # Parse outputs - is_boolean_yes "$LOGSTASH_ENABLE_STDOUT_OUTPUT" && outputs+=$'\n'"stdout { }" - if is_boolean_yes "$LOGSTASH_ENABLE_ELASTICSEARCH_OUTPUT"; then - outputs+=$'\n'"elasticsearch { - hosts => [\"${LOGSTASH_ELASTICSEARCH_HOST}:${LOGSTASH_ELASTICSEARCH_PORT_NUMBER}\"] - document_id => \"%{logstash_checksum}\" - index => \"logstash-%{+YYYY.MM.dd}\" -}" - fi - # Indent and add newline so it looks good - [[ -n "$inputs" ]] && inputs="$(indent "$inputs" 2)"$'\n' - [[ -n "$outputs" ]] && outputs="$(indent "$outputs" 2)"$'\n' - # Create the configuration file - cat >"$LOGSTASH_PIPELINE_CONF_FILE" <"$tempfile" - ;; - int) - yq eval "(.${key}) |= ${value}" "$conf_file" >"$tempfile" - ;; - bool) - yq eval "(.${key}) |= (\"${value}\" | test(\"true\"))" "$conf_file" >"$tempfile" - ;; - *) - error "Type unknown: ${type}" - return 1 - ;; - esac - cp "$tempfile" "$conf_file" -} - -######################## -# Ensure Logstash is initialized -# Globals: -# LOGSTASH_* -# Arguments: -# None -# Returns: -# None -######################### -logstash_initialize() { - info "Initializing Logstash" - - logstash_set_heap_size - - # Based on naming from https://www.elastic.co/guide/en/logstash/current/config-setting-files.html - if ! is_mounted_dir_empty "$LOGSTASH_MOUNTED_CONF_DIR"; then - info "Mounted setting files detected" - cp -Lr "$LOGSTASH_MOUNTED_CONF_DIR"/. "$LOGSTASH_CONF_DIR" - fi - - if is_boolean_yes "$LOGSTASH_EXPOSE_API"; then - if is_file_writable "$LOGSTASH_CONF_FILE"; then - info "Enabling Logstash API endpoint" - logstash_yml_set "$LOGSTASH_CONF_FILE" '"api.http.host"' "$LOGSTASH_BIND_ADDRESS" - logstash_yml_set "$LOGSTASH_CONF_FILE" '"api.http.port"' "$LOGSTASH_API_PORT_NUMBER" - else - warn "The Logstash configuration file '${LOGSTASH_CONF_FILE}' is not writable. Configurations based on environment variables will be passed as command-line arguments instead." - fi - fi - - if is_boolean_yes "$LOGSTASH_ENABLE_MULTIPLE_PIPELINES"; then - if [[ -e "${LOGSTASH_MOUNTED_CONF_DIR}/pipelines.yml" ]]; then - info "Detected mounted 'pipelines.yml' configuration file for multiple pipelines" - else - logstash_create_sample_pipelines_yml_file - fi - fi - - # Skip further configuration if Logstash pipeline configuration was passed as a string - [[ -n "$LOGSTASH_PIPELINE_CONF_STRING" ]] && return - - if ! is_mounted_dir_empty "$LOGSTASH_MOUNTED_PIPELINE_CONF_DIR"; then - info "Detected mounted pipeline configuration files" - cp -Lr "$LOGSTASH_MOUNTED_PIPELINE_CONF_DIR"/* "$LOGSTASH_PIPELINE_CONF_DIR" - elif [[ -e "${LOGSTASH_MOUNTED_CONF_DIR}/${LOGSTASH_PIPELINE_CONF_FILENAME}" ]]; then - # Support for legacy configuration before configurations were separated into 'config' and 'pipeline' - warn "Detected mounted '${LOGSTASH_MOUNTED_CONF_DIR}/${LOGSTASH_PIPELINE_CONF_FILENAME}' pipeline configuration file in legacy directory." - warn "Support for this configuration may be deprecated in a future version of this image. Please mount the pipeline files to '${LOGSTASH_MOUNTED_PIPELINE_CONF_DIR}' instead." - cp -Lr "${LOGSTASH_MOUNTED_CONF_DIR}/${LOGSTASH_PIPELINE_CONF_FILENAME}" "$LOGSTASH_PIPELINE_CONF_DIR" - elif is_dir_empty "$LOGSTASH_PIPELINE_CONF_DIR"; then - logstash_create_sample_pipeline_config_file - else - info "Detected existing files in '${LOGSTASH_PIPELINE_CONF_DIR}', skipping sample pipeline generation" - fi -} - -######################## -# Check if Logstash is running -# Globals: -# LOGSTASH_PID_FILE -# Arguments: -# None -# Returns: -# Boolean -######################### -is_logstash_running() { - # Logstash does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "org.logstash.Logstash" >"$LOGSTASH_PID_FILE" - - local pid - pid="$(get_pid_from_file "$LOGSTASH_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if Logstash is not running -# Globals: -# LOGSTASH_PID_FILE -# Arguments: -# None -# Returns: -# Boolean -######################### -is_logstash_not_running() { - ! is_logstash_running - return "$?" -} - -######################## -# Stop Logstash -# Globals: -# LOGSTASH_PID_FILE -# Arguments: -# None -# Returns: -# None -######################### -logstash_stop() { - ! is_logstash_running && return - debug "Stopping Logstash" - stop_service_using_pid "$LOGSTASH_PID_FILE" -} - -######################## -# Install Logstash plugins -# Globals: -# LOGSTASH_* -# Arguments: -# None -# Returns: -# None -######################### -logstash_install_plugins() { - read -r -a plugins_list <<<"$(tr ',;' ' ' <<<"$LOGSTASH_PLUGINS")" - - # Skip if there isn't any plugin to install - [[ -z "${plugins_list[*]:-}" ]] && return - - # Install plugins - info "Installing plugins: ${plugins_list[*]}" - for plugin in "${plugins_list[@]}"; do - debug "Installing plugin: ${plugin}" - if [[ "${BITNAMI_DEBUG:-false}" = true ]]; then - logstash-plugin install "$plugin" - else - logstash-plugin install "$plugin" >/dev/null 2>&1 - fi - done -} diff --git a/bitnami/logstash/8/debian-11/rootfs/opt/bitnami/scripts/logstash-env.sh b/bitnami/logstash/8/debian-11/rootfs/opt/bitnami/scripts/logstash-env.sh deleted file mode 100644 index 41075b40cc98..000000000000 --- a/bitnami/logstash/8/debian-11/rootfs/opt/bitnami/scripts/logstash-env.sh +++ /dev/null @@ -1,123 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for logstash - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-logstash}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -logstash_env_vars=( - LOGSTASH_PIPELINE_CONF_FILENAME - LOGSTASH_BIND_ADDRESS - LOGSTASH_EXPOSE_API - LOGSTASH_API_PORT_NUMBER - LOGSTASH_PIPELINE_CONF_STRING - LOGSTASH_PLUGINS - LOGSTASH_EXTRA_FLAGS - LOGSTASH_HEAP_SIZE - LOGSTASH_MAX_ALLOWED_MEMORY_PERCENTAGE - LOGSTASH_MAX_ALLOWED_MEMORY - LOGSTASH_ENABLE_MULTIPLE_PIPELINES - LOGSTASH_ENABLE_BEATS_INPUT - LOGSTASH_BEATS_PORT_NUMBER - LOGSTASH_ENABLE_GELF_INPUT - LOGSTASH_GELF_PORT_NUMBER - LOGSTASH_ENABLE_HTTP_INPUT - LOGSTASH_HTTP_PORT_NUMBER - LOGSTASH_ENABLE_TCP_INPUT - LOGSTASH_TCP_PORT_NUMBER - LOGSTASH_ENABLE_UDP_INPUT - LOGSTASH_UDP_PORT_NUMBER - LOGSTASH_ENABLE_STDOUT_OUTPUT - LOGSTASH_ENABLE_ELASTICSEARCH_OUTPUT - LOGSTASH_ELASTICSEARCH_HOST - LOGSTASH_ELASTICSEARCH_PORT_NUMBER - LOGSTASH_CONF_FILENAME - LOGSTASH_CONF_STRING - LOGSTASH_EXTRA_ARGS -) -for env_var in "${logstash_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset logstash_env_vars - -# Paths -export LOGSTASH_BASE_DIR="/opt/bitnami/logstash" -export LOGSTASH_CONF_DIR="${LOGSTASH_BASE_DIR}/config" -export LOGSTASH_PIPELINE_CONF_DIR="${LOGSTASH_BASE_DIR}/pipeline" -export LOGSTASH_BIN_DIR="${LOGSTASH_BASE_DIR}/bin" -export LOGSTASH_CONF_FILE="${LOGSTASH_CONF_DIR}/logstash.yml" -LOGSTASH_PIPELINE_CONF_FILENAME="${LOGSTASH_PIPELINE_CONF_FILENAME:-"${LOGSTASH_CONF_FILENAME:-}"}" -export LOGSTASH_PIPELINE_CONF_FILENAME="${LOGSTASH_PIPELINE_CONF_FILENAME:-logstash.conf}" -export LOGSTASH_PIPELINE_CONF_FILE="${LOGSTASH_PIPELINE_CONF_DIR}/${LOGSTASH_PIPELINE_CONF_FILENAME}" -export LOGSTASH_VOLUME_DIR="/bitnami/logstash" -export LOGSTASH_DATA_DIR="${LOGSTASH_VOLUME_DIR}/data" -export LOGSTASH_MOUNTED_CONF_DIR="${LOGSTASH_VOLUME_DIR}/config" -export LOGSTASH_MOUNTED_PIPELINE_CONF_DIR="${LOGSTASH_VOLUME_DIR}/pipeline" - -# System users (when running with a privileged user) -export LOGSTASH_DAEMON_USER="logstash" -export LOGSTASH_DAEMON_GROUP="logstash" - -# Logstash configuration -export LOGSTASH_BIND_ADDRESS="${LOGSTASH_BIND_ADDRESS:-0.0.0.0}" -export LOGSTASH_EXPOSE_API="${LOGSTASH_EXPOSE_API:-no}" -export LOGSTASH_API_PORT_NUMBER="${LOGSTASH_API_PORT_NUMBER:-9600}" -LOGSTASH_PIPELINE_CONF_STRING="${LOGSTASH_PIPELINE_CONF_STRING:-"${LOGSTASH_CONF_STRING:-}"}" -export LOGSTASH_PIPELINE_CONF_STRING="${LOGSTASH_PIPELINE_CONF_STRING:-}" -export LOGSTASH_PLUGINS="${LOGSTASH_PLUGINS:-}" -LOGSTASH_EXTRA_FLAGS="${LOGSTASH_EXTRA_FLAGS:-"${LOGSTASH_EXTRA_ARGS:-}"}" -export LOGSTASH_EXTRA_FLAGS="${LOGSTASH_EXTRA_FLAGS:-}" -export LOGSTASH_HEAP_SIZE="${LOGSTASH_HEAP_SIZE:-1024m}" -export LOGSTASH_MAX_ALLOWED_MEMORY_PERCENTAGE="${LOGSTASH_MAX_ALLOWED_MEMORY_PERCENTAGE:-100}" -export LOGSTASH_MAX_ALLOWED_MEMORY="${LOGSTASH_MAX_ALLOWED_MEMORY:-}" - -# Logstash pipeline configuration -export LOGSTASH_ENABLE_MULTIPLE_PIPELINES="${LOGSTASH_ENABLE_MULTIPLE_PIPELINES:-no}" -export LOGSTASH_ENABLE_BEATS_INPUT="${LOGSTASH_ENABLE_BEATS_INPUT:-no}" -export LOGSTASH_BEATS_PORT_NUMBER="${LOGSTASH_BEATS_PORT_NUMBER:-5044}" -export LOGSTASH_ENABLE_GELF_INPUT="${LOGSTASH_ENABLE_GELF_INPUT:-no}" -export LOGSTASH_GELF_PORT_NUMBER="${LOGSTASH_GELF_PORT_NUMBER:-12201}" -export LOGSTASH_ENABLE_HTTP_INPUT="${LOGSTASH_ENABLE_HTTP_INPUT:-yes}" -export LOGSTASH_HTTP_PORT_NUMBER="${LOGSTASH_HTTP_PORT_NUMBER:-8080}" -export LOGSTASH_ENABLE_TCP_INPUT="${LOGSTASH_ENABLE_TCP_INPUT:-no}" -export LOGSTASH_TCP_PORT_NUMBER="${LOGSTASH_TCP_PORT_NUMBER:-5010}" -export LOGSTASH_ENABLE_UDP_INPUT="${LOGSTASH_ENABLE_UDP_INPUT:-no}" -export LOGSTASH_UDP_PORT_NUMBER="${LOGSTASH_UDP_PORT_NUMBER:-5000}" -export LOGSTASH_ENABLE_STDOUT_OUTPUT="${LOGSTASH_ENABLE_STDOUT_OUTPUT:-yes}" -export LOGSTASH_ENABLE_ELASTICSEARCH_OUTPUT="${LOGSTASH_ENABLE_ELASTICSEARCH_OUTPUT:-no}" -export LOGSTASH_ELASTICSEARCH_HOST="${LOGSTASH_ELASTICSEARCH_HOST:-elasticsearch}" -export LOGSTASH_ELASTICSEARCH_PORT_NUMBER="${LOGSTASH_ELASTICSEARCH_PORT_NUMBER:-9200}" - -# Default JVM configuration -export JAVA_HOME="${BITNAMI_ROOT_DIR}/java" - -# Other parameters -export PATH="${LOGSTASH_BIN_DIR}:${JAVA_HOME}/bin:${BITNAMI_ROOT_DIR}/common/bin:${PATH}" - -# Custom environment variables may be defined below diff --git a/bitnami/logstash/8/debian-11/rootfs/opt/bitnami/scripts/logstash/entrypoint.sh b/bitnami/logstash/8/debian-11/rootfs/opt/bitnami/scripts/logstash/entrypoint.sh deleted file mode 100755 index a9668bb52192..000000000000 --- a/bitnami/logstash/8/debian-11/rootfs/opt/bitnami/scripts/logstash/entrypoint.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -#set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/liblogstash.sh - -# Load Logstash environment variables -. /opt/bitnami/scripts/logstash-env.sh - -print_welcome_page - -if [[ "$*" = *"/opt/bitnami/scripts/logstash/run.sh"* ]]; then - info "** Starting Logstash setup **" - /opt/bitnami/scripts/logstash/setup.sh - info "** Logstash setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/logstash/8/debian-11/rootfs/opt/bitnami/scripts/logstash/postunpack.sh b/bitnami/logstash/8/debian-11/rootfs/opt/bitnami/scripts/logstash/postunpack.sh deleted file mode 100755 index e2e2f9555812..000000000000 --- a/bitnami/logstash/8/debian-11/rootfs/opt/bitnami/scripts/logstash/postunpack.sh +++ /dev/null @@ -1,56 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblogstash.sh - -# Load Logstash environment variables -. /opt/bitnami/scripts/logstash-env.sh - -info "Creating Logstash daemon user" -ensure_user_exists "$LOGSTASH_DAEMON_USER" --group "$LOGSTASH_DAEMON_GROUP" - -for dir in "$LOGSTASH_BASE_DIR/vendor/bundle/jruby" "$LOGSTASH_CONF_DIR" "$LOGSTASH_PIPELINE_CONF_DIR" "$LOGSTASH_MOUNTED_CONF_DIR" "$LOGSTASH_MOUNTED_PIPELINE_CONF_DIR" "$LOGSTASH_VOLUME_DIR" "$LOGSTASH_DATA_DIR"; do - ensure_dir_exists "$dir" - configure_permissions_ownership "$dir" -d "775" -f "664" -u "$LOGSTASH_DAEMON_USER" -g "root" -done - -for file in "$LOGSTASH_BASE_DIR/Gemfile" "$LOGSTASH_BASE_DIR/Gemfile.lock"; do - configure_permissions_ownership "$file" -f "664" -u "$LOGSTASH_DAEMON_USER" -g "root" -done - -info "Configuring paths" -logstash_yml_set "$LOGSTASH_CONF_FILE" '"path.data"' "$LOGSTASH_DATA_DIR" - -info "Configuring logging to standard output" -# Back up the original file for users who'd like to use logfile logging -cp -L "${LOGSTASH_CONF_DIR}/log4j2.properties" "${LOGSTASH_CONF_DIR}/log4j2.orig.properties" -cat > "${LOGSTASH_CONF_DIR}/log4j2.properties" << EOF -status = error -name = LogstashPropertiesConfig - -appender.console.type = Console -appender.console.name = plain_console -appender.console.layout.type = PatternLayout -appender.console.layout.pattern = [%d{ISO8601}][%-5p][%-25c]%notEmpty{[%X{pipeline.id}]}%notEmpty{[%X{plugin.id}]} %m%n - -appender.json_console.type = Console -appender.json_console.name = json_console -appender.json_console.layout.type = JSONLayout -appender.json_console.layout.compact = true -appender.json_console.layout.eventEol = true - -rootLogger.level = \${sys:ls.log.level} -rootLogger.appenderRef.console.ref = \${sys:ls.log.format}_console -EOF - -logstash_install_plugins diff --git a/bitnami/logstash/8/debian-11/rootfs/opt/bitnami/scripts/logstash/run.sh b/bitnami/logstash/8/debian-11/rootfs/opt/bitnami/scripts/logstash/run.sh deleted file mode 100755 index 376d2fc1285b..000000000000 --- a/bitnami/logstash/8/debian-11/rootfs/opt/bitnami/scripts/logstash/run.sh +++ /dev/null @@ -1,44 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/liblogstash.sh - -# Load Logstash environment variables -. /opt/bitnami/scripts/logstash-env.sh - -declare -a cmd=("logstash") - -if is_boolean_yes "$LOGSTASH_EXPOSE_API"; then - cmd+=("--api.http.host" "$LOGSTASH_BIND_ADDRESS" "--api.http.port" "$LOGSTASH_API_PORT_NUMBER") -fi - -if [[ -n "$LOGSTASH_PIPELINE_CONF_STRING" ]]; then - cmd+=("-e" "$LOGSTASH_PIPELINE_CONF_STRING") -elif ! is_boolean_yes "$LOGSTASH_ENABLE_MULTIPLE_PIPELINES"; then - cmd+=("-f" "$LOGSTASH_PIPELINE_CONF_DIR") -fi - -declare -a extra_args=() -read -r -a extra_args <<< "$LOGSTASH_EXTRA_FLAGS" -[[ "${#extra_args[@]}" -gt 0 ]] && cmd+=("${extra_args[@]}") - -# JAVA_HOME to be deprecated, see warning: -# warning: usage of JAVA_HOME is deprecated, use LS_JAVA_HOME -export LS_JAVA_HOME=/opt/bitnami/java - -info "** Starting Logstash **" -if am_i_root; then - exec_as_user "$LOGSTASH_DAEMON_USER" "${cmd[@]}" -else - exec "${cmd[@]}" -fi diff --git a/bitnami/logstash/8/debian-11/rootfs/opt/bitnami/scripts/logstash/setup.sh b/bitnami/logstash/8/debian-11/rootfs/opt/bitnami/scripts/logstash/setup.sh deleted file mode 100755 index c72058f76b2d..000000000000 --- a/bitnami/logstash/8/debian-11/rootfs/opt/bitnami/scripts/logstash/setup.sh +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblogstash.sh - -# Load Logstash environment variables -. /opt/bitnami/scripts/logstash-env.sh - -# Ensure Logstash environment variables are valid -logstash_validate - -# Ensure 'daemon' user exists when running as 'root' -am_i_root && ensure_user_exists "$LOGSTASH_DAEMON_USER" --group "$LOGSTASH_DAEMON_GROUP" - -# Ensure Logstash is initialized -logstash_initialize -# Install Logstash plugins -logstash_install_plugins diff --git a/bitnami/logstash/8/debian-11/tags-info.yaml b/bitnami/logstash/8/debian-11/tags-info.yaml deleted file mode 100644 index 9be5f685ddf2..000000000000 --- a/bitnami/logstash/8/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "8" -- 8-debian-11 -- 8.12.1 -- latest diff --git a/bitnami/magento/2/debian-11/Dockerfile b/bitnami/magento/2/debian-11/Dockerfile deleted file mode 100644 index 94fcf0749b22..000000000000 --- a/bitnami/magento/2/debian-11/Dockerfile +++ /dev/null @@ -1,66 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T14:58:23Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="2.4.6-debian-11-r137" \ - org.opencontainers.image.title="magento" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="2.4.6" - -ENV OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages acl ca-certificates cron curl libaudit1 libbrotli1 libbsd0 libbz2-1.0 libcap-ng0 libcom-err2 libcrypt1 libcurl4 libexpat1 libffi7 libfftw3-double3 libfontconfig1 libfreetype6 libgcc-s1 libgcrypt20 libglib2.0-0 libgmp10 libgnutls30 libgomp1 libgpg-error0 libgssapi-krb5-2 libhogweed6 libicu67 libidn2-0 libjpeg62-turbo libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 liblcms2-2 libldap-2.4-2 liblqr-1-0 libltdl7 liblzma5 libmagickcore-6.q16-6 libmagickwand-6.q16-6 libmd0 libmemcached11 libncurses6 libnettle8 libnghttp2-14 libonig5 libp11-kit0 libpam0g libpcre2-8-0 libpcre3 libpng16-16 libpq5 libpsl5 libreadline8 librtmp1 libsasl2-2 libsodium23 libsqlite3-0 libssh2-1 libssl1.1 libstdc++6 libsybdb5 libtasn1-6 libtidy5deb1 libtinfo6 libunistring2 libuuid1 libwebp6 libx11-6 libxau6 libxcb1 libxdmcp6 libxext6 libxml2 libxslt1.1 libzip4 openssl procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "render-template-1.0.6-8-linux-${OS_ARCH}-debian-11" \ - "php-8.2.16-0-linux-${OS_ARCH}-debian-11" \ - "apache-2.4.58-6-linux-${OS_ARCH}-debian-11" \ - "wait-for-port-1.0.7-8-linux-${OS_ARCH}-debian-11" \ - "mysql-client-10.6.17-0-linux-${OS_ARCH}-debian-11" \ - "libphp-8.2.16-0-linux-${OS_ARCH}-debian-11" \ - "magento-2.4.6-10-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN sed -i -e '/pam_loginuid.so/ s/^#*/#/' /etc/pam.d/cron - -COPY rootfs / -RUN /opt/bitnami/scripts/apache/postunpack.sh -RUN /opt/bitnami/scripts/php/postunpack.sh -RUN /opt/bitnami/scripts/apache-modphp/postunpack.sh -RUN /opt/bitnami/scripts/magento/postunpack.sh -RUN /opt/bitnami/scripts/mysql-client/postunpack.sh -ENV APACHE_HTTPS_PORT_NUMBER="" \ - APACHE_HTTP_PORT_NUMBER="" \ - APP_VERSION="2.4.6" \ - BITNAMI_APP_NAME="magento" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/php/bin:/opt/bitnami/php/sbin:/opt/bitnami/apache/bin:/opt/bitnami/mysql/bin:/opt/bitnami/magento/bin:$PATH" - -EXPOSE 8080 8443 - -ENTRYPOINT [ "/opt/bitnami/scripts/magento/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/magento/run.sh" ] diff --git a/bitnami/magento/2/debian-11/docker-compose.yml b/bitnami/magento/2/debian-11/docker-compose.yml deleted file mode 100644 index ba3c25607399..000000000000 --- a/bitnami/magento/2/debian-11/docker-compose.yml +++ /dev/null @@ -1,45 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' -services: - mariadb: - image: docker.io/bitnami/mariadb:10.6 - environment: - # ALLOW_EMPTY_PASSWORD is recommended only for development. - - ALLOW_EMPTY_PASSWORD=yes - - MARIADB_USER=bn_magento - - MARIADB_DATABASE=bitnami_magento - volumes: - - 'mariadb_data:/bitnami/mariadb' - magento: - image: docker.io/bitnami/magento:2 - ports: - - '80:8080' - - '443:8443' - environment: - - MAGENTO_HOST=localhost - - MAGENTO_DATABASE_HOST=mariadb - - MAGENTO_DATABASE_PORT_NUMBER=3306 - - MAGENTO_DATABASE_USER=bn_magento - - MAGENTO_DATABASE_NAME=bitnami_magento - - ELASTICSEARCH_HOST=elasticsearch - - ELASTICSEARCH_PORT_NUMBER=9200 - # ALLOW_EMPTY_PASSWORD is recommended only for development. - - ALLOW_EMPTY_PASSWORD=yes - volumes: - - 'magento_data:/bitnami/magento' - depends_on: - - mariadb - - elasticsearch - elasticsearch: - image: docker.io/bitnami/elasticsearch:7 - volumes: - - 'elasticsearch_data:/bitnami/elasticsearch/data' -volumes: - mariadb_data: - driver: local - magento_data: - driver: local - elasticsearch_data: - driver: local diff --git a/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index e02f86c2fe3d..000000000000 --- a/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,44 +0,0 @@ -{ - "apache": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.4.58-6" - }, - "libphp": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "8.2.16-0" - }, - "magento": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.4.6-10" - }, - "mysql-client": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "10.6.17-0" - }, - "php": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "8.2.16-0" - }, - "render-template": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.6-8" - }, - "wait-for-port": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.7-8" - } -} \ No newline at end of file diff --git a/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/magento/2/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/magento/2/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/magento/2/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/magento/2/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/magento/2/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/magento/2/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/apache/conf/deflate.conf b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/apache/conf/deflate.conf deleted file mode 100644 index ca9bc1d6e4b6..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/apache/conf/deflate.conf +++ /dev/null @@ -1,5 +0,0 @@ - - AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css - AddOutputFilterByType DEFLATE application/x-javascript application/javascript application/ecmascript - AddOutputFilterByType DEFLATE application/rss+xml - diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/apache/conf/vhosts/00_status-vhost.conf b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/apache/conf/vhosts/00_status-vhost.conf deleted file mode 100644 index c0838da2a4e5..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/apache/conf/vhosts/00_status-vhost.conf +++ /dev/null @@ -1,7 +0,0 @@ - - ServerName status.localhost - - Require local - SetHandler server-status - - diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache-env.sh b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache-env.sh deleted file mode 100644 index 449481062e54..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache-env.sh +++ /dev/null @@ -1,80 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for apache - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-apache}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -apache_env_vars=( - APACHE_HTTP_PORT_NUMBER - APACHE_HTTPS_PORT_NUMBER - APACHE_SERVER_TOKENS - APACHE_HTTP_PORT - APACHE_HTTPS_PORT -) -for env_var in "${apache_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset apache_env_vars -export WEB_SERVER_TYPE="apache" - -# Paths -export APACHE_BASE_DIR="${BITNAMI_ROOT_DIR}/apache" -export APACHE_BIN_DIR="${APACHE_BASE_DIR}/bin" -export APACHE_CONF_DIR="${APACHE_BASE_DIR}/conf" -export APACHE_HTDOCS_DIR="${APACHE_BASE_DIR}/htdocs" -export APACHE_TMP_DIR="${APACHE_BASE_DIR}/var/run" -export APACHE_LOGS_DIR="${APACHE_BASE_DIR}/logs" -export APACHE_VHOSTS_DIR="${APACHE_CONF_DIR}/vhosts" -export APACHE_HTACCESS_DIR="${APACHE_VHOSTS_DIR}/htaccess" -export APACHE_CONF_FILE="${APACHE_CONF_DIR}/httpd.conf" -export APACHE_PID_FILE="${APACHE_TMP_DIR}/httpd.pid" -export PATH="${APACHE_BIN_DIR}:${BITNAMI_ROOT_DIR}/common/bin:${PATH}" - -# System users (when running with a privileged user) -export APACHE_DAEMON_USER="daemon" -export WEB_SERVER_DAEMON_USER="$APACHE_DAEMON_USER" -export APACHE_DAEMON_GROUP="daemon" -export WEB_SERVER_DAEMON_GROUP="$APACHE_DAEMON_GROUP" -export WEB_SERVER_GROUP="$APACHE_DAEMON_GROUP" - -# Apache configuration -export APACHE_DEFAULT_HTTP_PORT_NUMBER="8080" -export WEB_SERVER_DEFAULT_HTTP_PORT_NUMBER="$APACHE_DEFAULT_HTTP_PORT_NUMBER" # only used at build time -export APACHE_DEFAULT_HTTPS_PORT_NUMBER="8443" -export WEB_SERVER_DEFAULT_HTTPS_PORT_NUMBER="$APACHE_DEFAULT_HTTPS_PORT_NUMBER" # only used at build time -APACHE_HTTP_PORT_NUMBER="${APACHE_HTTP_PORT_NUMBER:-"${APACHE_HTTP_PORT:-}"}" -export APACHE_HTTP_PORT_NUMBER="${APACHE_HTTP_PORT_NUMBER:-}" -export WEB_SERVER_HTTP_PORT_NUMBER="$APACHE_HTTP_PORT_NUMBER" -APACHE_HTTPS_PORT_NUMBER="${APACHE_HTTPS_PORT_NUMBER:-"${APACHE_HTTPS_PORT:-}"}" -export APACHE_HTTPS_PORT_NUMBER="${APACHE_HTTPS_PORT_NUMBER:-}" -export WEB_SERVER_HTTPS_PORT_NUMBER="$APACHE_HTTPS_PORT_NUMBER" -export APACHE_SERVER_TOKENS="${APACHE_SERVER_TOKENS:-Prod}" - -# Custom environment variables may be defined below diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache-modphp/postunpack.sh b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache-modphp/postunpack.sh deleted file mode 100755 index a415969338cc..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache-modphp/postunpack.sh +++ /dev/null @@ -1,39 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libversion.sh -. /opt/bitnami/scripts/libapache.sh - -# Load Apache environment -. /opt/bitnami/scripts/apache-env.sh -. /opt/bitnami/scripts/php-env.sh - -# Enable required Apache modules -apache_enable_module "mpm_prefork_module" -php_version="$("${PHP_BIN_DIR}/php" -v | grep ^PHP | cut -d' ' -f2))" -php_major_version="$(get_sematic_version "$php_version" 1)" -if [[ "$php_major_version" -eq "8" ]]; then - apache_enable_module "php_module" "modules/libphp.so" -else - apache_enable_module "php${php_major_version}_module" "modules/libphp${php_major_version}.so" -fi - -# Disable incompatible Apache modules -apache_disable_module "mpm_event_module" - -# Write Apache configuration -apache_php_conf_file="${APACHE_CONF_DIR}/bitnami/php.conf" -cat > "$apache_php_conf_file" < - {{server_name_configuration}} - {{additional_http_configuration}} - {{additional_configuration}} - diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-https-vhost.conf.tpl b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-https-vhost.conf.tpl deleted file mode 100644 index 589538513c9c..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-https-vhost.conf.tpl +++ /dev/null @@ -1,10 +0,0 @@ -{{https_listen_configuration}} -{{before_vhost_configuration}} - - {{server_name_configuration}} - SSLEngine on - SSLCertificateFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.crt" - SSLCertificateKeyFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.key" - {{additional_https_configuration}} - {{additional_configuration}} - diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-prefix.conf.tpl b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-prefix.conf.tpl deleted file mode 100644 index c895e537502a..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-prefix.conf.tpl +++ /dev/null @@ -1 +0,0 @@ -{{additional_configuration}} diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-http-vhost.conf.tpl b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-http-vhost.conf.tpl deleted file mode 100644 index 96be8f822771..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-http-vhost.conf.tpl +++ /dev/null @@ -1,15 +0,0 @@ -{{http_listen_configuration}} -{{before_vhost_configuration}} - - {{server_name_configuration}} - DocumentRoot {{document_root}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - {{extra_directory_configuration}} - - {{additional_http_configuration}} - {{additional_configuration}} - {{htaccess_include}} - diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-https-vhost.conf.tpl b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-https-vhost.conf.tpl deleted file mode 100644 index 1ad938929726..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-https-vhost.conf.tpl +++ /dev/null @@ -1,18 +0,0 @@ -{{https_listen_configuration}} -{{before_vhost_configuration}} - - {{server_name_configuration}} - SSLEngine on - SSLCertificateFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.crt" - SSLCertificateKeyFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.key" - DocumentRoot {{document_root}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - {{extra_directory_configuration}} - - {{additional_https_configuration}} - {{additional_configuration}} - {{htaccess_include}} - diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-prefix.conf.tpl b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-prefix.conf.tpl deleted file mode 100644 index fc0f6c218196..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-prefix.conf.tpl +++ /dev/null @@ -1,9 +0,0 @@ -{{prefix_conf}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - {{extra_directory_configuration}} - -{{additional_configuration}} -{{htaccess_include}} diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-http-vhost.conf.tpl b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-http-vhost.conf.tpl deleted file mode 100644 index 9440b89d28bf..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-http-vhost.conf.tpl +++ /dev/null @@ -1,11 +0,0 @@ -{{http_listen_configuration}} -{{before_vhost_configuration}} - - {{server_name_configuration}} - {{proxy_configuration}} - {{proxy_http_configuration}} - ProxyPass / {{proxy_address}} - ProxyPassReverse / {{proxy_address}} - {{additional_http_configuration}} - {{additional_configuration}} - diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-https-vhost.conf.tpl b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-https-vhost.conf.tpl deleted file mode 100644 index 577cd461eb9d..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-https-vhost.conf.tpl +++ /dev/null @@ -1,14 +0,0 @@ -{{https_listen_configuration}} -{{before_vhost_configuration}} - - {{server_name_configuration}} - SSLEngine on - SSLCertificateFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.crt" - SSLCertificateKeyFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.key" - {{proxy_configuration}} - {{proxy_https_configuration}} - ProxyPass / {{proxy_address}} - ProxyPassReverse / {{proxy_address}} - {{additional_https_configuration}} - {{additional_configuration}} - diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-prefix.conf.tpl b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-prefix.conf.tpl deleted file mode 100644 index 7ac08b131680..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-prefix.conf.tpl +++ /dev/null @@ -1,11 +0,0 @@ -{{prefix_conf}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - {{proxy_configuration}} - ProxyPass / {{proxy_address}} - ProxyPassReverse / {{proxy_address}} - {{extra_directory_configuration}} - -{{additional_configuration}} diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-http-vhost.conf.tpl b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-http-vhost.conf.tpl deleted file mode 100644 index f518c7d42aab..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-http-vhost.conf.tpl +++ /dev/null @@ -1,16 +0,0 @@ -{{http_listen_configuration}} -{{before_vhost_configuration}} -PassengerPreStart http://localhost:{{http_port}}/ - - {{server_name_configuration}} - DocumentRoot {{document_root}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - PassengerEnabled on - {{extra_directory_configuration}} - - {{additional_http_configuration}} - {{additional_configuration}} - diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-https-vhost.conf.tpl b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-https-vhost.conf.tpl deleted file mode 100644 index 5aae54c37d3b..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-https-vhost.conf.tpl +++ /dev/null @@ -1,19 +0,0 @@ -{{https_listen_configuration}} -{{before_vhost_configuration}} -PassengerPreStart https://localhost:{{https_port}}/ - - {{server_name_configuration}} - SSLEngine on - SSLCertificateFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.crt" - SSLCertificateKeyFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.key" - DocumentRoot {{document_root}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - PassengerEnabled on - {{extra_directory_configuration}} - - {{additional_https_configuration}} - {{additional_configuration}} - diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-prefix.conf.tpl b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-prefix.conf.tpl deleted file mode 100644 index 2242d656b5a8..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-prefix.conf.tpl +++ /dev/null @@ -1,9 +0,0 @@ -{{prefix_conf}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - PassengerEnabled on - {{extra_directory_configuration}} - -{{additional_configuration}} diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami-ssl.conf.tpl b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami-ssl.conf.tpl deleted file mode 100644 index f1d31ed3ecc3..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami-ssl.conf.tpl +++ /dev/null @@ -1,29 +0,0 @@ -# Default SSL Virtual Host configuration. - - - LoadModule ssl_module modules/mod_ssl.so - - -Listen 443 -SSLProtocol all -SSLv2 -SSLv3 -SSLHonorCipherOrder on -SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !EDH !RC4" -SSLPassPhraseDialog builtin -SSLSessionCache "shmcb:{{APACHE_LOGS_DIR}}/ssl_scache(512000)" -SSLSessionCacheTimeout 300 - - - DocumentRoot "{{APACHE_BASE_DIR}}/htdocs" - SSLEngine on - SSLCertificateFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.crt" - SSLCertificateKeyFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.key" - - - Options Indexes FollowSymLinks - AllowOverride All - Require all granted - - - # Error Documents - ErrorDocument 503 /503.html - diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami.conf.tpl b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami.conf.tpl deleted file mode 100644 index 75a255c3efee..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami.conf.tpl +++ /dev/null @@ -1,17 +0,0 @@ -# Default Virtual Host configuration. - -# Let Apache know we're behind a SSL reverse proxy -SetEnvIf X-Forwarded-Proto https HTTPS=on - - - DocumentRoot "{{APACHE_BASE_DIR}}/htdocs" - - Options Indexes FollowSymLinks - AllowOverride All - Require all granted - - - # Error Documents - ErrorDocument 503 /503.html - - diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/entrypoint.sh b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/entrypoint.sh deleted file mode 100755 index dad82feba389..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/entrypoint.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -#set -o xtrace - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Apache environment -. /opt/bitnami/scripts/apache-env.sh - -print_welcome_page - -if [[ "$*" == *"/opt/bitnami/scripts/apache/run.sh"* ]]; then - info "** Starting Apache setup **" - /opt/bitnami/scripts/apache/setup.sh - info "** Apache setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/postunpack.sh b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/postunpack.sh deleted file mode 100755 index 6a480ad4ddde..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/postunpack.sh +++ /dev/null @@ -1,127 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh - -######################## -# Sets up the default Bitnami configuration -# Globals: -# APACHE_* -# Arguments: -# None -# Returns: -# None -######################### -apache_setup_bitnami_config() { - local template_dir="${BITNAMI_ROOT_DIR}/scripts/apache/bitnami-templates" - - # Enable Apache modules - local -a modules_to_enable=( - "deflate_module" - "negotiation_module" - "proxy[^\s]*_module" - "rewrite_module" - "slotmem_shm_module" - "socache_shmcb_module" - "ssl_module" - "status_module" - "version_module" - ) - for module in "${modules_to_enable[@]}"; do - apache_enable_module "$module" - done - - # Disable Apache modules - local -a modules_to_disable=( - "http2_module" - "proxy_hcheck_module" - "proxy_html_module" - "proxy_http2_module" - ) - for module in "${modules_to_disable[@]}"; do - apache_disable_module "$module" - done - - # Bitnami customizations - ensure_dir_exists "${APACHE_CONF_DIR}/bitnami" - render-template "${template_dir}/bitnami.conf.tpl" > "${APACHE_CONF_DIR}/bitnami/bitnami.conf" - render-template "${template_dir}/bitnami-ssl.conf.tpl" > "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf" - - # Add new configuration only once, to avoid a second postunpack run breaking Apache - local apache_conf_add - apache_conf_add="$(cat <>"$APACHE_CONF_FILE" < - RequestHeader unset Proxy - -EOF - fi -} - -# Load Apache environment -. /opt/bitnami/scripts/apache-env.sh - -apache_setup_bitnami_config - -# Ensure non-root user has write permissions on a set of directories -for dir in "$APACHE_TMP_DIR" "$APACHE_CONF_DIR" "$APACHE_LOGS_DIR" "$APACHE_VHOSTS_DIR" "$APACHE_HTACCESS_DIR" "$APACHE_HTDOCS_DIR"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" -done - -# Create 'apache2' symlink pointing to the 'apache' directory, for compatibility with Bitnami Docs guides -ln -sf apache "${BITNAMI_ROOT_DIR}/apache2" - -ln -sf "/dev/stdout" "${APACHE_LOGS_DIR}/access_log" -ln -sf "/dev/stderr" "${APACHE_LOGS_DIR}/error_log" - -# This file is necessary for avoiding the error -# "unable to write random state" -# Source: https://stackoverflow.com/questions/94445/using-openssl-what-does-unable-to-write-random-state-mean - -touch /.rnd && chmod g+rw /.rnd diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/reload.sh b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/reload.sh deleted file mode 100755 index 759c76157cc5..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/reload.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Apache environment -. /opt/bitnami/scripts/apache-env.sh - -info "** Reloading Apache configuration **" -exec "${APACHE_BIN_DIR}/apachectl" -k graceful diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/restart.sh b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/restart.sh deleted file mode 100755 index a58851df0bab..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/restart.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh - -# Load Apache environment variables -. /opt/bitnami/scripts/apache-env.sh - -/opt/bitnami/scripts/apache/stop.sh -/opt/bitnami/scripts/apache/start.sh diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/run.sh b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/run.sh deleted file mode 100755 index 01872e16a58a..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/run.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Apache environment -. /opt/bitnami/scripts/apache-env.sh - -info "** Starting Apache **" -exec "${APACHE_BIN_DIR}/httpd" -f "$APACHE_CONF_FILE" -D "FOREGROUND" diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/setup.sh b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/setup.sh deleted file mode 100755 index ab451b6c1442..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/setup.sh +++ /dev/null @@ -1,91 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libapache.sh - -# Load Apache environment -. /opt/bitnami/scripts/apache-env.sh - -# Ensure Apache environment variables are valid -apache_validate - -# Ensure Apache daemon user exists when running as 'root' -am_i_root && ensure_user_exists "$APACHE_DAEMON_USER" --group "$APACHE_DAEMON_GROUP" - -# Generate SSL certs (without a passphrase) -ensure_dir_exists "${APACHE_CONF_DIR}/bitnami/certs" -if [[ ! -f "${APACHE_CONF_DIR}/bitnami/certs/server.crt" ]]; then - info "Generating sample certificates" - SSL_KEY_FILE="${APACHE_CONF_DIR}/bitnami/certs/server.key" - SSL_CERT_FILE="${APACHE_CONF_DIR}/bitnami/certs/server.crt" - SSL_CSR_FILE="${APACHE_CONF_DIR}/bitnami/certs/server.csr" - SSL_SUBJ="/CN=example.com" - SSL_EXT="subjectAltName=DNS:example.com,DNS:www.example.com,IP:127.0.0.1" - rm -f "$SSL_KEY_FILE" "$SSL_CERT_FILE" - openssl genrsa -out "$SSL_KEY_FILE" 4096 - # OpenSSL version 1.0.x does not use the same parameters as OpenSSL >= 1.1.x - if [[ "$(openssl version | grep -oE "[0-9]+\.[0-9]+")" == "1.0" ]]; then - openssl req -new -sha256 -out "$SSL_CSR_FILE" -key "$SSL_KEY_FILE" -nodes -subj "$SSL_SUBJ" - else - openssl req -new -sha256 -out "$SSL_CSR_FILE" -key "$SSL_KEY_FILE" -nodes -subj "$SSL_SUBJ" -addext "$SSL_EXT" - fi - openssl x509 -req -sha256 -in "$SSL_CSR_FILE" -signkey "$SSL_KEY_FILE" -out "$SSL_CERT_FILE" -days 1825 -extfile <(echo -n "$SSL_EXT") - rm -f "$SSL_CSR_FILE" -fi -# Load SSL configuration -if [[ -f "${APACHE_CONF_DIR}/bitnami/bitnami.conf" ]] && [[ -f "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf" ]]; then - ensure_apache_configuration_exists "Include \"${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf\"" "bitnami-ssl\.conf" "${APACHE_CONF_DIR}/bitnami/bitnami.conf" -fi - -# Copy vhosts files -if ! is_dir_empty "/vhosts"; then - info "Found mounted virtual hosts in '/vhosts'. Copying them to '${APACHE_BASE_DIR}/conf/vhosts'" - cp -Lr "/vhosts/." "${APACHE_VHOSTS_DIR}" -fi - -# Mount certificate files -if ! is_dir_empty "${APACHE_BASE_DIR}/certs"; then - warn "The directory '${APACHE_BASE_DIR}/certs' was externally mounted. This is a legacy configuration and will be deprecated soon. Please mount certificate files at '/certs' instead. Find an example at: https://github.com/bitnami/containers/tree/main/bitnami/apache#using-custom-ssl-certificates" - warn "Restoring certificates at '${APACHE_BASE_DIR}/certs' to '${APACHE_CONF_DIR}/bitnami/certs'" - rm -rf "${APACHE_CONF_DIR}/bitnami/certs" - ln -sf "${APACHE_BASE_DIR}/certs" "${APACHE_CONF_DIR}/bitnami/certs" -elif ! is_dir_empty "/certs"; then - info "Mounting certificates files from '/certs'" - rm -rf "${APACHE_CONF_DIR}/bitnami/certs" - ln -sf "/certs" "${APACHE_CONF_DIR}/bitnami/certs" -fi - -# Mount application files -if ! is_dir_empty "/app"; then - info "Mounting application files from '/app'" - rm -rf "$APACHE_HTDOCS_DIR" - ln -sf "/app" "$APACHE_HTDOCS_DIR" -fi - -# Restore persisted configuration files (deprecated) -if ! is_dir_empty "/bitnami/apache/conf"; then - warn "The directory '/bitnami/apache/conf' was externally mounted. This is a legacy configuration and will be deprecated soon. Please mount certificate files at '${APACHE_CONF_DIR}' instead. Find an example at: https://github.com/bitnami/containers/tree/main/bitnami/apache#full-configuration" - warn "Restoring configuration at '/bitnami/apache/conf' to '${APACHE_CONF_DIR}'" - rm -rf "$APACHE_CONF_DIR" - ln -sf "/bitnami/apache/conf" "$APACHE_CONF_DIR" -fi - -# Update ports in configuration -[[ -n "$APACHE_HTTP_PORT_NUMBER" ]] && info "Configuring the HTTP port" && apache_configure_http_port "$APACHE_HTTP_PORT_NUMBER" -[[ -n "$APACHE_HTTPS_PORT_NUMBER" ]] && info "Configuring the HTTPS port" && apache_configure_https_port "$APACHE_HTTPS_PORT_NUMBER" - -# Configure ServerTokens with user values -[[ -n "$APACHE_SERVER_TOKENS" ]] && info "Configuring Apache ServerTokens directive" && apache_configure_server_tokens "$APACHE_SERVER_TOKENS" - -# Fix logging issue when running as root -! am_i_root || chmod o+w "$(readlink /dev/stdout)" "$(readlink /dev/stderr)" diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/start.sh b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/start.sh deleted file mode 100755 index 28425368c332..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/start.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Apache environment variables -. /opt/bitnami/scripts/apache-env.sh - -error_code=0 - -if is_apache_not_running; then - "${APACHE_BIN_DIR}/httpd" -f "$APACHE_CONF_FILE" - if ! retry_while "is_apache_running"; then - error "apache did not start" - error_code=1 - else - info "apache started" - fi -else - info "apache is already running" -fi - -exit "$error_code" diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/status.sh b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/status.sh deleted file mode 100755 index 825fe8d37620..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/status.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Apache environment variables -. /opt/bitnami/scripts/apache-env.sh - -if is_apache_running; then - info "apache is already running" -else - info "apache is not running" -fi diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/stop.sh b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/stop.sh deleted file mode 100755 index 8cca0a07ac64..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/stop.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Apache environment variables -. /opt/bitnami/scripts/apache-env.sh - -error_code=0 - -if is_apache_running; then - BITNAMI_QUIET=1 apache_stop - if ! retry_while "is_apache_not_running"; then - error "apache could not be stopped" - error_code=1 - else - info "apache stopped" - fi -else - info "apache is not running" -fi - -exit "$error_code" diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/libapache.sh b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/libapache.sh deleted file mode 100644 index c83892a10c5f..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/libapache.sh +++ /dev/null @@ -1,808 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Apache library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libservice.sh - -######################## -# Validate settings in APACHE_* env vars -# Globals: -# APACHE_* -# Arguments: -# None -# Returns: -# None -######################### -apache_validate() { - debug "Validating settings in APACHE_* environment variables" - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - check_allowed_port() { - local port_var="${1:?missing port variable}" - local -a validate_port_args=() - ! am_i_root && validate_port_args+=("-unprivileged") - validate_port_args+=("${!port_var}") - if ! err=$(validate_port "${validate_port_args[@]}"); then - print_validation_error "An invalid port was specified in the environment variable ${port_var}: ${err}." - fi - } - - [[ -w "$APACHE_CONF_FILE" ]] || warn "The Apache configuration file '${APACHE_CONF_FILE}' is not writable. Configurations based on environment variables will not be applied." - - if [[ -n "$APACHE_HTTP_PORT_NUMBER" ]] && [[ -n "$APACHE_HTTPS_PORT_NUMBER" ]]; then - if [[ "$APACHE_HTTP_PORT_NUMBER" -eq "$APACHE_HTTPS_PORT_NUMBER" ]]; then - print_validation_error "APACHE_HTTP_PORT_NUMBER and APACHE_HTTPS_PORT_NUMBER are bound to the same port!" - fi - fi - - [[ -n "$APACHE_HTTP_PORT_NUMBER" ]] && check_allowed_port APACHE_HTTP_PORT_NUMBER - [[ -n "$APACHE_HTTPS_PORT_NUMBER" ]] && check_allowed_port APACHE_HTTPS_PORT_NUMBER - - [[ "$error_code" -eq 0 ]] || exit "$error_code" -} - -######################## -# Configure Apache's HTTP port -# Globals: -# APACHE_CONF_FILE, APACHE_CONF_DIR -# Arguments: -# None -# Returns: -# None -######################### -apache_configure_http_port() { - local -r port=${1:?missing port} - local -r listen_exp="s|^\s*Listen\s+([^:]*:)?[0-9]+\s*$|Listen ${port}|" - local -r server_name_exp="s|^\s*#?\s*ServerName\s+([^:\s]+)(:[0-9]+)?$|ServerName \1:${port}|" - local -r vhost_exp="s|VirtualHost\s+([^:>]+)(:[0-9]+)|VirtualHost \1:${port}|" - local apache_configuration - - if [[ -w "$APACHE_CONF_FILE" ]]; then - debug "Configuring port ${port} on file ${APACHE_CONF_FILE}" - apache_configuration="$(sed -E -e "$listen_exp" -e "$server_name_exp" "$APACHE_CONF_FILE")" - echo "$apache_configuration" > "$APACHE_CONF_FILE" - fi - - if [[ -w "${APACHE_CONF_DIR}/bitnami/bitnami.conf" ]]; then - debug "Configuring port ${port} on file ${APACHE_CONF_DIR}/bitnami/bitnami.conf" - apache_configuration="$(sed -E "$vhost_exp" "${APACHE_CONF_DIR}/bitnami/bitnami.conf")" - echo "$apache_configuration" > "${APACHE_CONF_DIR}/bitnami/bitnami.conf" - fi - - if [[ -w "${APACHE_VHOSTS_DIR}/00_status-vhost.conf" ]]; then - debug "Configuring port ${port} on file ${APACHE_VHOSTS_DIR}/00_status-vhost.conf" - apache_configuration="$(sed -E "$vhost_exp" "${APACHE_VHOSTS_DIR}/00_status-vhost.conf")" - echo "$apache_configuration" > "${APACHE_VHOSTS_DIR}/00_status-vhost.conf" - fi -} - -######################## -# Configure Apache's HTTPS port -# Globals: -# APACHE_CONF_DIR -# Arguments: -# None -# Returns: -# None -######################### -apache_configure_https_port() { - local -r port=${1:?missing port} - local -r listen_exp="s|^\s*Listen\s+([^:]*:)?[0-9]+\s*$|Listen ${port}|" - local -r vhost_exp="s|VirtualHost\s+([^:>]+)(:[0-9]+)|VirtualHost \1:${port}|" - local apache_configuration - - if [[ -w "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf" ]]; then - debug "Configuring port ${port} on file ${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf" - apache_configuration="$(sed -E -e "$listen_exp" -e "$vhost_exp" "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf")" - echo "$apache_configuration" > "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf" - fi -} - -######################## -# Configure Apache's ServerTokens directive -# Globals: -# APACHE_CONF_DIR -# Arguments: -# $1 - Value for ServerTokens directive -# Returns: -# None -######################### -apache_configure_server_tokens() { - local -r value=${1:?missing value} - local -r server_tokens_exp="s|^\s*ServerTokens\s+\w+\s*$|ServerTokens ${value}|" - local apache_configuration - - if [[ -w "$APACHE_CONF_FILE" ]]; then - debug "Configuring ServerTokens ${value} on file ${APACHE_CONF_FILE}" - apache_configuration="$(sed -E -e "$server_tokens_exp" "$APACHE_CONF_FILE")" - echo "$apache_configuration" > "$APACHE_CONF_FILE" - fi -} - -######################## -# Enable a module in the Apache configuration file -# Globals: -# APACHE_CONF_FILE -# Arguments: -# $1 - Module to enable -# $2 - Path to module .so file (optional if already defined in httpd.conf) -# Returns: -# None -######################### -apache_enable_module() { - local -r name="${1:?missing name}" - local -r file="${2:-}" - local -r regex="[#\s]*(LoadModule\s+${name}\s+.*)$" - local apache_configuration - - if [[ -w "$APACHE_CONF_FILE" ]]; then - debug "Enabling module '${name}'" - if grep -q -E "$regex" "$APACHE_CONF_FILE"; then - # Uncomment line if the module was already defined - replace_in_file "$APACHE_CONF_FILE" "$regex" "\1" - elif [[ -n "$file" ]]; then - # Add right after the last LoadModule, so all Apache modules are organized in the same section of the file - append_file_after_last_match "$APACHE_CONF_FILE" "^[#\s]*LoadModule" "LoadModule ${name} ${file}" - else - error "Module ${name} was not defined in ${APACHE_CONF_FILE}. Please specify the 'file' parameter for 'apache_enable_module'." - fi - fi -} - -######################## -# Disable a module in the Apache configuration file -# Globals: -# APACHE_CONF_FILE -# Arguments: -# $1 - Module to disable -# Returns: -# None -######################### -apache_disable_module() { - local -r name="${1:?missing name}" - local -r file="${2:-}" - local -r regex="[#\s]*(LoadModule\s+${name}\s+.*)$" - local apache_configuration - - if [[ -w "$APACHE_CONF_FILE" ]]; then - debug "Disabling module '${name}'" - replace_in_file "$APACHE_CONF_FILE" "$regex" "#\1" - fi -} - -######################## -# Stop Apache -# Globals: -# APACHE_* -# Arguments: -# None -# Returns: -# None -######################### -apache_stop() { - is_apache_not_running && return - stop_service_using_pid "$APACHE_PID_FILE" -} - -######################## -# Check if Apache is running -# Globals: -# APACHE_PID_FILE -# Arguments: -# None -# Returns: -# Whether Apache is running -######################## -is_apache_running() { - local pid - pid="$(get_pid_from_file "$APACHE_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if Apache is running -# Globals: -# APACHE_PID_FILE -# Arguments: -# None -# Returns: -# Whether Apache is not running -######################## -is_apache_not_running() { - ! is_apache_running -} - -######################## -# Ensure configuration gets added to the main Apache configuration file -# Globals: -# APACHE_* -# Arguments: -# $1 - configuration string -# $2 - pattern to use for checking if the configuration already exists (default: $1) -# $3 - Apache configuration file (default: $APACHE_CONF_FILE) -# Returns: -# None -######################## -ensure_apache_configuration_exists() { - local -r conf="${1:?conf missing}" - local -r pattern="${2:-"$conf"}" - local -r conf_file="${3:-"$APACHE_CONF_FILE"}" - # Enable configuration by appending to httpd.conf - if ! grep -E -q "$pattern" "$conf_file"; then - if is_file_writable "$conf_file"; then - cat >> "$conf_file" <<< "$conf" - else - error "Could not add the following configuration to '${conf_file}:" - error "" - error "$(indent "$conf" 4)" - error "" - error "Include the configuration manually and try again." - return 1 - fi - fi -} - -######################## -# Collect all the .htaccess files from /opt/bitnami/$name and write the result in the 'htaccess' directory -# Globals: -# APACHE_* -# Arguments: -# $1 - App name -# $2 - Overwrite the original .htaccess with the explanation text (defaults to 'yes') -# Flags: -# --document-root - Path to document root directory -# Returns: -# None -######################## -apache_replace_htaccess_files() { - local -r app="${1:?missing app}" - local -r result_file="${APACHE_HTACCESS_DIR}/${app}-htaccess.conf" - # Default options - local document_root="${BITNAMI_ROOT_DIR}/${app}" - local overwrite="yes" - local -a htaccess_files - local htaccess_dir - local htaccess_contents - # Validate arguments - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --document-root) - shift - document_root="$1" - ;; - --overwrite) - shift - overwrite="$1" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - if is_file_writable "$result_file"; then - # Locate all .htaccess files inside the document root - read -r -a htaccess_files <<< "$(find "$document_root" -name .htaccess -print0 | xargs -0)" - [[ "${#htaccess_files[@]}" = 0 ]] && return - # Create file with root group write privileges, so it can be modified in non-root containers - [[ ! -f "$result_file" ]] && touch "$result_file" && chmod g+rw "$result_file" - for htaccess_file in "${htaccess_files[@]}"; do - htaccess_dir="$(dirname "$htaccess_file")" - htaccess_contents="$(indent "$(< "$htaccess_file")" 2)" - # Skip if it was already included to the resulting htaccess file - if grep -q "^" <<< "$htaccess_contents"; then - continue - fi - # Add to the htaccess file - cat >> "$result_file" < -${htaccess_contents} - -EOF - # Overwrite the original .htaccess with the explanation text - if is_boolean_yes "$overwrite"; then - echo "# This configuration has been moved to the ${result_file} config file for performance and security reasons" > "$htaccess_file" - fi - done - elif [[ ! -f "$result_file" ]]; then - error "Could not create htaccess for ${app} at '${result_file}'. Check permissions and ownership for parent directories." - return 1 - else - warn "The ${app} htaccess file '${result_file}' is not writable. Configurations based on environment variables will not be applied for this file." - return - fi -} - -######################## -# Ensure an Apache application configuration exists (in virtual host format) -# Globals: -# APACHE_* -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on what configuration template will be used, allowed values: php, (empty) -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases (defaults to '*') -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render the app's virtual hosts with a .disabled prefix -# --disable-http - Whether to render the app's HTTP virtual host with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS virtual host with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# --additional-configuration - Additional vhost configuration (no default) -# --additional-http-configuration - Additional HTTP vhost configuration (no default) -# --additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --before-vhost-configuration - Configuration to add before the directive (no default) -# --allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --document-root - Path to document root directory -# --extra-directory-configuration - Extra configuration for the document root directory -# --proxy-address - Address where to proxy requests -# --proxy-configuration - Extra configuration for the proxy -# --proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_apache_app_configuration_exists() { - local -r app="${1:?missing app}" - # Default options - local type="" - local -a hosts=("127.0.0.1" "_default_") - local server_name="www.example.com" # Default ServerName in httpd.conf - local -a server_aliases=("*") - local allow_remote_connections="yes" - local disable="no" - local disable_http="no" - local disable_https="no" - local move_htaccess="yes" - # Template variables defaults - export additional_configuration="" - export additional_http_configuration="" - export additional_https_configuration="" - export before_vhost_configuration="" - export allow_override="All" - export document_root="${BITNAMI_ROOT_DIR}/${app}" - export extra_directory_configuration="" - export default_http_port="${APACHE_HTTP_PORT_NUMBER:-"$APACHE_DEFAULT_HTTP_PORT_NUMBER"}" - export default_https_port="${APACHE_HTTPS_PORT_NUMBER:-"$APACHE_DEFAULT_HTTPS_PORT_NUMBER"}" - export http_port="$default_http_port" - export https_port="$default_https_port" - export proxy_address="" - export proxy_configuration="" - export proxy_http_configuration="" - export proxy_https_configuration="" - # Validate arguments - local var_name - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --hosts \ - | --server-aliases) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - read -r -a "${var_name?}" <<< "$1" - ;; - --disable \ - | --disable-http \ - | --disable-https \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - export "${var_name}=yes" - ;; - --type \ - | --server-name \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --move-htaccess \ - | --additional-configuration \ - | --additional-http-configuration \ - | --additional-https-configuration \ - | --before-vhost-configuration \ - | --allow-override \ - | --document-root \ - | --extra-directory-configuration \ - | --proxy-address \ - | --proxy-configuration \ - | --proxy-http-configuration \ - | --proxy-https-configuration \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - export "${var_name}=${1}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Construct listen ports configuration (only to add when using non-standard ports) - export http_listen_configuration="" - export https_listen_configuration="" - [[ "$http_port" != "$default_http_port" ]] && http_listen_configuration="Listen ${http_port}" - [[ "$https_port" != "$default_https_port" ]] && https_listen_configuration="Listen ${https_port}" - # Construct host string in the format of "host1:port1[ host2:port2[ ...]]" - export http_listen_addresses="" - export https_listen_addresses="" - for host in "${hosts[@]}"; do - http_listen="${host}:${http_port}" - https_listen="${host}:${https_port}" - [[ -z "${http_listen_addresses:-}" ]] && http_listen_addresses="$http_listen" || http_listen_addresses="${http_listen_addresses} ${http_listen}" - [[ -z "${https_listen_addresses:-}" ]] && https_listen_addresses="$https_listen" || https_listen_addresses="${https_listen_addresses} ${https_listen}" - done - # Construct ServerName/ServerAlias block - export server_name_configuration="" - if ! is_empty_value "${server_name:-}"; then - server_name_configuration="ServerName ${server_name}" - fi - if [[ "${#server_aliases[@]}" -gt 0 ]]; then - server_name_configuration+=$'\n'"ServerAlias ${server_aliases[*]}" - fi - # App .htaccess support (only when type is not defined) - export htaccess_include - [[ -z "$type" || "$type" = "php" ]] && is_boolean_yes "$move_htaccess" && apache_replace_htaccess_files "$app" --document-root "$document_root" - if [[ -z "$type" || "$type" = "php" ]] && [[ -f "${APACHE_HTACCESS_DIR}/${app}-htaccess.conf" ]]; then - allow_override="None" - htaccess_include="Include \"${APACHE_HTACCESS_DIR}/${app}-htaccess.conf\"" - else - # allow_override is already set to the expected value - htaccess_include="" - fi - # ACL configuration - export acl_configuration - if is_boolean_yes "$allow_remote_connections"; then - acl_configuration="Require all granted" - else - acl_configuration="$(cat < "$http_vhost" - elif [[ ! -f "$http_vhost" ]]; then - error "Could not create virtual host for ${app} at '${http_vhost}'. Check permissions and ownership for parent directories." - return 1 - else - warn "The ${app} virtual host file '${http_vhost}' is not writable. Configurations based on environment variables will not be applied for this file." - fi - if is_file_writable "$https_vhost"; then - # Create file with root group write privileges, so it can be modified in non-root containers - [[ ! -f "$https_vhost" ]] && touch "$https_vhost" && chmod g+rw "$https_vhost" - render-template "${template_dir}/${template_name}-https-vhost.conf.tpl" | sed '/^\s*$/d' > "$https_vhost" - elif [[ ! -f "$https_vhost" ]]; then - error "Could not create virtual host for ${app} at '${https_vhost}'. Check permissions and ownership for parent directories." - return 1 - else - warn "The ${app} virtual host file '${https_vhost}' is not writable. Configurations based on environment variables will not be applied for this file." - fi -} - -######################## -# Ensure an Apache application configuration does not exist anymore (in virtual hosts format) -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_apache_app_configuration_not_exists() { - local -r app="${1:?missing app}" - local -r http_vhost="${APACHE_VHOSTS_DIR}/${app}-vhost.conf" - local -r https_vhost="${APACHE_VHOSTS_DIR}/${app}-https-vhost.conf" - local -r disable_suffix=".disabled" - # Note that 'rm -f' will not fail if the files don't exist - # However if we lack permissions to remove the file, it will result in a non-zero exit code, as expected by this function - rm -f "$http_vhost" "$https_vhost" "${http_vhost}${disable_suffix}" "${https_vhost}${disable_suffix}" -} - -######################## -# Ensure Apache loads the configuration for an application in a URL prefix -# Globals: -# APACHE_* -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on what configuration template will be used, allowed values: php, (empty) -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --additional-configuration - Additional vhost configuration (no default) -# --allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --document-root - Path to document root directory -# --extra-directory-configuration - Extra configuration for the document root directory -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_apache_prefix_configuration_exists() { - local -r app="${1:?missing app}" - # Default options - local type="" - local allow_remote_connections="yes" - local move_htaccess="yes" - local prefix="/${app}" - # Template variables defaults - export additional_configuration="" - export allow_override="All" - export document_root="${BITNAMI_ROOT_DIR}/${app}" - export extra_directory_configuration="" - # Validate arguments - local var_name - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --type \ - | --allow-remote-connections \ - | --move-htaccess \ - | --prefix \ - | --additional-configuration \ - | --allow-override \ - | --document-root \ - | --extra-directory-configuration \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "${var_name}=${1}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # App .htaccess support (only when type is not defined) - export htaccess_include - [[ -z "$type" || "$type" = "php" ]] && is_boolean_yes "$move_htaccess" && apache_replace_htaccess_files "$app" --document-root "$document_root" - if [[ -z "$type" || "$type" = "php" ]] && [[ -f "${APACHE_HTACCESS_DIR}/${app}-htaccess.conf" ]]; then - allow_override="None" - htaccess_include="Include \"${APACHE_HTACCESS_DIR}/${app}-htaccess.conf\"" - else - # allow_override is already set to the expected value - htaccess_include="" - fi - # ACL configuration - export acl_configuration - if is_boolean_yes "$allow_remote_connections"; then - acl_configuration="Require all granted" - else - acl_configuration="$(cat < "$prefix_file" - ensure_apache_configuration_exists "Include \"$prefix_file\"" - elif [[ ! -f "$prefix_file" ]]; then - error "Could not create web server configuration file for ${app} at '${prefix_file}'. Check permissions and ownership for parent directories." - return 1 - else - warn "The ${app} web server configuration file '${prefix_file}' is not writable. Configurations based on environment variables will not be applied for this file." - fi -} - -######################## -# Ensure Apache application configuration is updated with the runtime configuration (i.e. ports) -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -apache_update_app_configuration() { - local -r app="${1:?missing app}" - # Default options - local -a hosts=("127.0.0.1" "_default_") - local server_name="www.example.com" # Default ServerName in httpd.conf - local -a server_aliases=() - local enable_http="no" - local enable_https="no" - local disable_http="no" - local disable_https="no" - export default_http_port="${APACHE_HTTP_PORT_NUMBER:-"$APACHE_DEFAULT_HTTP_PORT_NUMBER"}" - export default_https_port="${APACHE_HTTPS_PORT_NUMBER:-"$APACHE_DEFAULT_HTTPS_PORT_NUMBER"}" - export http_port="$default_http_port" - export https_port="$default_https_port" - local var_name - # Validate arguments - local var_name - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --hosts \ - | --server-aliases) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - read -r -a "${var_name?}" <<< "$1" - ;; - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - declare "${var_name}=yes" - ;; - --server-name \ - | --http-port \ - | --https-port \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "${var_name}=${1}" - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Construct host string in the format of "host1:port1[ host2:port2[ ...]]" - export http_listen_addresses="" - export https_listen_addresses="" - for host in "${hosts[@]}"; do - http_listen="${host}:${http_port}" - https_listen="${host}:${https_port}" - [[ -z "${http_listen_addresses:-}" ]] && http_listen_addresses="$http_listen" || http_listen_addresses="${http_listen_addresses} ${http_listen}" - [[ -z "${https_listen_addresses:-}" ]] && https_listen_addresses="$https_listen" || https_listen_addresses="${https_listen_addresses} ${https_listen}" - done - # Update configuration - local -r http_vhost="${APACHE_VHOSTS_DIR}/${app}-vhost.conf" - local -r https_vhost="${APACHE_VHOSTS_DIR}/${app}-https-vhost.conf" - local -r disable_suffix=".disabled" - # Helper function to avoid duplicating code - update_common_vhost_config() { - local -r vhost_file="${1:?missing virtual host}" - # Update ServerName - if ! is_empty_value "${server_name:-}"; then - replace_in_file "$vhost_file" "^(\s*ServerName\s+).*" "\1${server_name}" - fi - # Update ServerAlias - if [[ "${#server_aliases[@]}" -gt 0 ]]; then - replace_in_file "$vhost_file" "^(\s*ServerAlias\s+).*" "\1${server_aliases[*]}" - fi - } - # Disable and enable configuration files - rename_conf_file() { - local -r origin="$1" - local -r destination="$2" - if is_file_writable "$origin" && is_file_writable "$destination"; then - warn "Could not rename virtual host file '${origin}' to '${destination}' due to lack of permissions." - else - mv "$origin" "$destination" - fi - } - is_boolean_yes "$disable_http" && [[ -e "$http_vhost" ]] && rename_conf_file "${http_vhost}${disable_suffix}" "$http_vhost" - is_boolean_yes "$disable_https" && [[ -e "$https_vhost" ]] && rename_conf_file "${https_vhost}${disable_suffix}" "$https_vhost" - is_boolean_yes "$enable_http" && [[ -e "${http_vhost}${disable_suffix}" ]] && rename_conf_file "${http_vhost}${disable_suffix}" "$http_vhost" - is_boolean_yes "$enable_https" && [[ -e "${https_vhost}${disable_suffix}" ]] && rename_conf_file "${https_vhost}${disable_suffix}" "$https_vhost" - # Update only configuration files without the '.disabled' suffix - if [[ -e "$http_vhost" ]]; then - if is_file_writable "$http_vhost"; then - update_common_vhost_config "$http_vhost" - # Update vhost-specific config (listen port and addresses) - replace_in_file "$http_vhost" "^Listen .*" "Listen ${http_port}" - replace_in_file "$http_vhost" "^$" "" - else - warn "The ${app} virtual host file '${http_vhost}' is not writable. Configurations based on environment variables will not be applied for this file." - fi - fi - if [[ -e "$https_vhost" ]]; then - if is_file_writable "$https_vhost"; then - update_common_vhost_config "$https_vhost" - # Update vhost-specific config (listen port and addresses) - replace_in_file "$https_vhost" "^Listen .*" "Listen ${https_port}" - replace_in_file "$https_vhost" "^$" "" - else - warn "The ${app} virtual host file '${https_vhost}' is not writable. Configurations based on environment variables will not be applied for this file." - fi - fi -} - -######################## -# Create a password file for basic authentication and restrict its permissions -# Globals: -# * -# Arguments: -# $1 - file -# $2 - username -# $3 - password -# Returns: -# true if the configuration was updated, false otherwise -######################## -apache_create_password_file() { - local -r file="${1:?missing file}" - local -r username="${2:?missing username}" - local -r password="${3:?missing password}" - - "${APACHE_BIN_DIR}/htpasswd" -bc "$file" "$username" "$password" - am_i_root && configure_permissions_ownership "$file" --file-mode "600" --user "$APACHE_DAEMON_USER" --group "$APACHE_DAEMON_GROUP" -} diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/libmagento.sh b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/libmagento.sh deleted file mode 100644 index 5d7322e96259..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/libmagento.sh +++ /dev/null @@ -1,516 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Magento library - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/libphp.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libpersistence.sh -. /opt/bitnami/scripts/libwebserver.sh - -# Load database library -if [[ -f /opt/bitnami/scripts/libmysqlclient.sh ]]; then - . /opt/bitnami/scripts/libmysqlclient.sh -elif [[ -f /opt/bitnami/scripts/libmysql.sh ]]; then - . /opt/bitnami/scripts/libmysql.sh -elif [[ -f /opt/bitnami/scripts/libmariadb.sh ]]; then - . /opt/bitnami/scripts/libmariadb.sh -fi - -######################## -# Validate settings in MAGENTO_* env vars -# Globals: -# MAGENTO_* -# Arguments: -# None -# Returns: -# 0 if the validation succeeded, 1 otherwise -######################### -magento_validate() { - debug "Validating settings in MAGENTO_* environment variables..." - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - check_empty_value() { - if is_empty_value "${!1}"; then - print_validation_error "${1} must be set" - fi - } - check_yes_no_value() { - if ! is_yes_no_value "${!1}" && ! is_true_false_value "${!1}"; then - print_validation_error "The allowed values for ${1} are: yes no" - fi - } - check_multi_value() { - if [[ " ${2} " != *" ${!1} "* ]]; then - print_validation_error "The allowed values for ${1} are: ${2}" - fi - } - check_resolved_hostname() { - if ! is_hostname_resolved "$1"; then - warn "Hostname ${1} could not be resolved, this could lead to connection issues" - fi - } - check_mounted_file() { - if [[ -n "${!1:-}" ]] && ! [[ -f "${!1:-}" ]]; then - print_validation_error "${1} is defined but the file ${!1} is not accessible or does not exist" - fi - } - - # Validate user inputs - check_empty_value "MAGENTO_HOST" - check_empty_value "MAGENTO_PASSWORD" - # See: https://devdocs.magento.com/guides/v2.4/config-guide/bootstrap/magento-modes.html - check_multi_value "MAGENTO_MODE" "default developer production" - check_yes_no_value "MAGENTO_ENABLE_HTTPS" - check_yes_no_value "MAGENTO_ENABLE_ADMIN_HTTPS" - check_yes_no_value "MAGENTO_SKIP_REINDEX" - check_yes_no_value "MAGENTO_SKIP_BOOTSTRAP" - - # HTTP cache server configuration validations - check_yes_no_value "MAGENTO_ENABLE_HTTP_CACHE" - if is_boolean_yes "$MAGENTO_ENABLE_HTTP_CACHE"; then - check_empty_value "MAGENTO_HTTP_CACHE_BACKEND_HOST" - check_empty_value "MAGENTO_HTTP_CACHE_BACKEND_PORT_NUMBER" - check_empty_value "MAGENTO_HTTP_CACHE_SERVER_HOST" - check_empty_value "MAGENTO_HTTP_CACHE_SERVER_PORT_NUMBER" - fi - - # Database configuration validations - check_resolved_hostname "$MAGENTO_DATABASE_HOST" - validate_port "$MAGENTO_DATABASE_PORT_NUMBER" - check_yes_no_value "MAGENTO_ENABLE_DATABASE_SSL" - if is_boolean_yes "$MAGENTO_ENABLE_DATABASE_SSL"; then - check_yes_no_value "MAGENTO_VERIFY_DATABASE_SSL" - check_mounted_file "MAGENTO_DATABASE_SSL_CERT_FILE" - check_mounted_file "MAGENTO_DATABASE_SSL_KEY_FILE" - check_mounted_file "MAGENTO_DATABASE_SSL_CA_FILE" - fi - - # Search engine configuration validations - check_multi_value "MAGENTO_SEARCH_ENGINE" "elasticsearch5 elasticsearch6 elasticsearch7" - if [[ "$MAGENTO_SEARCH_ENGINE" =~ ^elasticsearch ]]; then - check_resolved_hostname "$MAGENTO_ELASTICSEARCH_HOST" - validate_port "$MAGENTO_ELASTICSEARCH_PORT_NUMBER" - check_yes_no_value "MAGENTO_ELASTICSEARCH_ENABLE_AUTH" - if is_boolean_yes "$MAGENTO_ELASTICSEARCH_ENABLE_AUTH"; then - check_empty_value "MAGENTO_ELASTICSEARCH_USER" - check_empty_value "MAGENTO_ELASTICSEARCH_PASSWORD" - fi - fi - - # Validate credentials - if is_boolean_yes "$ALLOW_EMPTY_PASSWORD"; then - warn "You set the environment variable ALLOW_EMPTY_PASSWORD=${ALLOW_EMPTY_PASSWORD}. For safety reasons, do not use this flag in a production environment." - else - for empty_env_var in "MAGENTO_DATABASE_PASSWORD" "MAGENTO_PASSWORD"; do - is_empty_value "${!empty_env_var}" && print_validation_error "The ${empty_env_var} environment variable is empty or not set. Set the environment variable ALLOW_EMPTY_PASSWORD=yes to allow a blank password. This is only recommended for development environments." - done - fi - - # Check that the web server is properly set up - web_server_validate || print_validation_error "Web server validation failed" - - return "$error_code" -} - -######################## -# Ensure Magento is initialized -# Globals: -# MAGENTO_* -# Arguments: -# None -# Returns: -# None -######################### -magento_initialize() { - # Check if Magento has already been initialized and persisted in a previous run - local db_host db_port db_name db_user db_pass - local es_host es_port es_user es_pass - local -r app_name="magento" - if ! is_app_initialized "$app_name"; then - # Parse user inputs for the Magento CLI calls below - db_host="$MAGENTO_DATABASE_HOST" - db_port="$MAGENTO_DATABASE_PORT_NUMBER" - db_name="$MAGENTO_DATABASE_NAME" - db_user="$MAGENTO_DATABASE_USER" - db_pass="$MAGENTO_DATABASE_PASSWORD" - # CLI flags to use for 'setup:config:create' (to create config files but not modify the database) - local -a magento_setup_cli_flags=( - "--no-interaction" - "--backend-frontname" "$MAGENTO_ADMIN_URL_PREFIX" - "--db-host" "${db_host}:${db_port}" - "--db-name" "$db_name" - "--db-user" "$db_user" - "--db-password" "$db_pass" - ) - # Extra flags for when enabling SSL database connections - if is_boolean_yes "$MAGENTO_ENABLE_DATABASE_SSL"; then - info "Enabling SSL for database connections" - is_boolean_yes "$MAGENTO_VERIFY_DATABASE_SSL" && magento_setup_cli_flags+=("--db-ssl-verify") - ! is_empty_value "$MAGENTO_DATABASE_SSL_CERT_FILE" && magento_setup_cli_flags+=("--db-ssl-cert" "$MAGENTO_DATABASE_SSL_CERT_FILE") - ! is_empty_value "$MAGENTO_DATABASE_SSL_KEY_FILE" && magento_setup_cli_flags+=("--db-ssl-key" "$MAGENTO_DATABASE_SSL_KEY_FILE") - ! is_empty_value "$MAGENTO_DATABASE_SSL_CA_FILE" && magento_setup_cli_flags+=("--db-ssl-ca" "$MAGENTO_DATABASE_SSL_CA_FILE") - fi - # Set cache server (i.e. Varnish) configuration to Magento's 'env.php' configuration file - if is_boolean_yes "$MAGENTO_ENABLE_HTTP_CACHE"; then - info "Enabling HTTP cache server" - magento_setup_cli_flags+=("--http-cache-hosts" "${MAGENTO_HTTP_CACHE_SERVER_HOST}:${MAGENTO_HTTP_CACHE_SERVER_PORT_NUMBER}") - fi - # CLI flags to use for 'setup:install' (based on the flags to use for 'setup:config:create') - local -a magento_install_cli_flags=( - "${magento_setup_cli_flags[@]}" - "--search-engine" "$MAGENTO_SEARCH_ENGINE" - "--admin-firstname" "$MAGENTO_FIRST_NAME" - "--admin-lastname" "$MAGENTO_LAST_NAME" - "--admin-email" "$MAGENTO_EMAIL" - "--admin-user" "$MAGENTO_USERNAME" - "--admin-password" "$MAGENTO_PASSWORD" - ) - # Search engine configuration - if [[ "$MAGENTO_SEARCH_ENGINE" =~ ^elasticsearch ]]; then - es_host="$MAGENTO_ELASTICSEARCH_HOST" - es_port="$MAGENTO_ELASTICSEARCH_PORT_NUMBER" - es_user="$MAGENTO_ELASTICSEARCH_USER" - es_pass="$MAGENTO_ELASTICSEARCH_PASSWORD" - # Define whether Elasticsearch auth is enabled - local es_auth="0" - is_boolean_yes "$MAGENTO_ELASTICSEARCH_ENABLE_AUTH" && es_auth="1" - # Elasticsearch configuration is stored in the database, so we only need to specify for 'setup:install' - if is_boolean_yes "$MAGENTO_ELASTICSEARCH_USE_HTTPS"; then - magento_install_cli_flags+=( - "--elasticsearch-host" "https://$es_host" - ) - else - magento_install_cli_flags+=( - "--elasticsearch-host" "$es_host" - ) - fi - magento_install_cli_flags+=( - "--elasticsearch-port" "$es_port" - "--elasticsearch-enable-auth" "$es_auth" - "--elasticsearch-username" "$es_user" - "--elasticsearch-password" "$es_pass" - ) - fi - # Allow to specify extra CLI flags, but ensure they are added last - local -a magento_extra_cli_flags - read -r -a magento_extra_cli_flags <<< "$MAGENTO_EXTRA_INSTALL_ARGS" - if [[ "${#magento_extra_cli_flags[@]}" -gt 0 ]]; then - magento_setup_cli_flags+=("${magento_extra_cli_flags[@]}") - magento_install_cli_flags+=("${magento_extra_cli_flags[@]}") - fi - - # Ensure Magento persisted directories exist (i.e. when a volume has been mounted to /bitnami) - info "Ensuring Magento directories exist" - ensure_dir_exists "$MAGENTO_VOLUME_DIR" - # Use daemon:root ownership for compatibility when running as a non-root user - if am_i_root; then - info "Configuring permissions" - configure_permissions_ownership "$MAGENTO_VOLUME_DIR" -d "775" -f "664" -u "$WEB_SERVER_DAEMON_USER" -g "root" - fi - - # Wait until external services are available - info "Trying to connect to the database server" - magento_wait_for_db_connection "$db_host" "$db_port" "$db_name" "$db_user" "$db_pass" - if [[ "$MAGENTO_SEARCH_ENGINE" =~ ^elasticsearch ]]; then - info "Trying to connect to Elasticsearch" - magento_wait_for_es_connection "$es_host" "$es_port" - fi - - if ! is_boolean_yes "$MAGENTO_SKIP_BOOTSTRAP"; then - info "Running Magento install script" - magento_execute setup:install "${magento_install_cli_flags[@]}" - - # Define whether the site must be accessed via HTTP or HTTPS - # If the site must be accessed via HTTPS, we will force the admin panel to be accessed via HTTPS too - local use_secure="0" - is_boolean_yes "$MAGENTO_ENABLE_HTTPS" && use_secure="1" - local use_secure_admin="0" - ( is_boolean_yes "$MAGENTO_ENABLE_HTTPS" || is_boolean_yes "$MAGENTO_ENABLE_ADMIN_HTTPS" ) && use_secure_admin="1" - - # Set additional store configuration in the database - # These options were previously added via 'magento setup:install', but that is now deprecated - # See: https://devdocs.magento.com/guides/v2.4/config-guide/prod/config-reference-most.html#web-paths - # Enable/disable HTTPS in frontend and admin panel, respectively - magento_conf_set "web/secure/use_in_frontend" "$use_secure" - magento_conf_set "web/secure/use_in_adminhtml" "$use_secure_admin" - # Set domain name - magento_update_hostname "$MAGENTO_HOST" - # Enable friendly URLs - magento_conf_set "web/seo/use_rewrites" 1 - # Enable HTTP cache: https://devdocs.magento.com/guides/v2.4/config-guide/varnish/config-varnish-magento.html - if is_boolean_yes "$MAGENTO_ENABLE_HTTP_CACHE"; then - # Set Varnish as cache server (1: built-in, 2: Varnish) - # See: vendor/magento/module-page-cache/model/Config.php -> "Cache types" comment - magento_conf_set "system/full_page_cache/caching_application" 2 - # Specify backend host/port for Varnish config file generation via Admin panel - magento_conf_set "system/full_page_cache/varnish/backend_host" "$MAGENTO_HTTP_CACHE_BACKEND_HOST" - magento_conf_set "system/full_page_cache/varnish/backend_port" "$MAGENTO_HTTP_CACHE_BACKEND_PORT_NUMBER" - fi - else - info "An already initialized Magento database was provided, configuration will be skipped" - - info "Generating configuration files" - # First generate the 'env.php' configuration file - # It is essential to add the 'installed' setting, or none of the below calls would work - # Note: The file will be prettified/regenerated after running the commands - magento_execute setup:config:set "${magento_setup_cli_flags[@]}" - replace_in_file "$MAGENTO_CONF_FILE" '\];' ",'install' => ['date' => '$(date -u)']];" - # The below steps are usually handled by the installation script, which is not executed in this case - # Enable all modules to generate the 'config.php' file - magento_execute module:enable --all - # Enable all cache types in 'env.php' (none are enabled via 'setup:config:set') - magento_execute cache:enable - - # Finally, after the Magento is properly installed on disk, perform database schema upgrade - info "Upgrading database schema" - magento_execute setup:upgrade - fi - - # The below steps are common for both normal installations and installations with 'MAGENTO_SKIP_BOOTSTRAP', - # since they rely on modifying files generated during initialization - - # Disable 2FA module by default as it prevents access to admin panel after the first login - # Setup would be hard as it would require to configure Sendmail (SMTP not supported) and authorization keys - # 'You need to configure Two-Factor Authorization in order to proceed to your store's admin area' - # 'An E-mail was sent to you with further instructions' - magento_execute module:disable "Magento_AdminAdobeImsTwoFactorAuth" - magento_execute module:disable "Magento_TwoFactorAuth" - - # Set the Magento mode in 'env.php' - # See: https://devdocs.magento.com/guides/v2.4/config-guide/bootstrap/magento-modes.html - magento_execute deploy:mode:set "$MAGENTO_MODE" - - # Create initial indexes (this is not performed by the setup script) - if is_boolean_yes "$MAGENTO_SKIP_REINDEX"; then - info "Skipping reindex" - else - info "Reindexing" - magento_execute indexer:reindex - fi - - # Flush cache after changing configuration and reindexing, to avoid warnings in admin panel - info "Flushing cache" - magento_execute cache:flush - - # Magento 'default' and 'developer' modes build required assets on demand - # However, due to the huge amount of those, the first-time page load is huge, so we build them beforehand - if is_boolean_yes "$MAGENTO_DEPLOY_STATIC_CONTENT" && [[ "$MAGENTO_MODE" != "production" ]]; then - info "Deploying static files" - magento_execute setup:static-content:deploy -f - fi - - # Configure PHP options provided via envvars in .user.ini (which overrides configuration in php.ini) - for user_ini_file in "${MAGENTO_BASE_DIR}/.user.ini" "${MAGENTO_BASE_DIR}/pub/.user.ini"; do - am_i_root && configure_permissions_ownership "$user_ini_file" -f "660" - php_set_runtime_config "$user_ini_file" - # Ensure that the .user.ini files cannot be written to by the web server user - # This file allows for PHP-FPM to set application-specific PHP settings, and could be a security risk if left writable - am_i_root && configure_permissions_ownership "$user_ini_file" -f "440" - done - - info "Persisting Magento installation" - persist_app "$app_name" "$MAGENTO_DATA_TO_PERSIST" - else - info "Restoring persisted Magento installation" - restore_persisted_app "$app_name" "$MAGENTO_DATA_TO_PERSIST" - - # Compatibility with previous container images - if [[ "$(ls "$MAGENTO_VOLUME_DIR")" = "htdocs" ]]; then - warn "The persisted data for this Magento installation is located at '${MAGENTO_VOLUME_DIR}/htdocs' instead of '${MAGENTO_VOLUME_DIR}'" - warn "This is deprecated and support for this may be removed in a future release" - rm "$MAGENTO_BASE_DIR" - ln -s "${MAGENTO_VOLUME_DIR}/htdocs" "$MAGENTO_BASE_DIR" - fi - - info "Trying to connect to the database server" - db_name="$(magento_conf_get "db" "connection" "default" "dbname")" - db_user="$(magento_conf_get "db" "connection" "default" "username")" - db_pass="$(magento_conf_get "db" "connection" "default" "password")" - # Separate 'host:port' with native Bash split functions (fallback to default port number if not specified) - db_host_port="$(magento_conf_get "db" "connection" "default" "host")" - db_host="${db_host_port%:*}" - if [[ "$db_host_port" =~ :[0-9]+$ ]]; then - # Use '##' to extract only the part after the last colon, to avoid any possible issues with IPv6 addresses - db_port="${db_host_port##*:}" - else - db_port="$MAGENTO_DATABASE_PORT_NUMBER" - fi - magento_wait_for_db_connection "$db_host" "$db_port" "$db_name" "$db_user" "$db_pass" - - if [[ "$MAGENTO_SEARCH_ENGINE" =~ ^elasticsearch ]]; then - es_host="$MAGENTO_ELASTICSEARCH_HOST" - es_port="$MAGENTO_ELASTICSEARCH_PORT_NUMBER" - info "Trying to connect to Elasticsearch" - magento_wait_for_es_connection "$es_host" "$es_port" - fi - - # Perform database schema upgrade - if ! is_boolean_yes "$MAGENTO_KEEP_STATIC" && [[ "$MAGENTO_MODE" != "production" ]]; then - info "Upgrading database schema" - magento_execute setup:upgrade - else - magento_execute setup:upgrade --keep-generated - fi - fi - - # Magento includes a command for setting up the cron jobs via the 'cron:install' command - # However, cron entries for the 'daemon' user are disabled in some Bitnami images for security purposes (via /etc/cron.deny) - # Therefore we have to generate the entry manually (NOTE: the resulting command is equivalent) - local -a cron_cmd=( - # Use an array for easy concatenation of strings - "${PHP_BIN_DIR}/php ${MAGENTO_BIN_DIR}/magento cron:run 2>&1" - "| grep -v \"Ran jobs by schedule\" >> ${MAGENTO_BASE_DIR}/var/log/magento.cron.log" - ) - # Ensure Magento cron jobs are created when running setup with a root user - if am_i_root; then - generate_cron_conf "magento" "${cron_cmd[*]}" --run-as "$WEB_SERVER_DAEMON_USER" --schedule "*/1 * * * *" - else - warn "Skipping cron configuration for Magento because of running as a non-root user" - fi - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Executes the Magento CLI with the specified arguments -# Globals: -# MAGENTO_* -# Arguments: -# $1..$n - Arguments to pass to the CLI call -# Returns: -# None -######################### -magento_execute() { - local -a cmd=("php" "${MAGENTO_BIN_DIR}/magento" "$@") - # Run as web server user to avoid having to change permissions/ownership afterwards - if am_i_root; then - debug_execute run_as_user "$WEB_SERVER_DAEMON_USER" "${cmd[@]}" - else - debug_execute "${cmd[@]}" - fi -} - -######################## -# Add or modify an entry in the Magento configuration file (config.inc.php) -# Globals: -# MAGENTO_* -# Arguments: -# $1 - PHP variable name -# $2 - Value to assign to the PHP variable -# $3 - Whether the value is a literal, or if instead it should be quoted (default: no) -# Returns: -# None -######################### -magento_conf_set() { - local -r key="${1:?key missing}" - local -r value="${2:?value missing}" - debug "Setting Magento configuration value '${key}' to '${value}'" - magento_execute config:set "$key" "$value" -} - -######################## -# Get an entry from the Magento configuration file (config.inc.php) -# Globals: -# MAGENTO_* -# Arguments: -# $1 - PHP variable name -# Returns: -# None -######################### -magento_conf_get() { - local key="${1:?key missing}" - # Print the key path in a readable format (keeping in mind that the config file simply returns a PHP array) - local key_readable_format - key_readable_format="/$(echo "$*" | sed -E 's/\s+/\//g')" - debug "Getting configuration path '${key_readable_format}' from Magento configuration" - # Construct a PHP array path for the configuration, so each key can be passed as a separate argument - local path="" - for key in "$@"; do - path+="['${key}']" - done - php -r "\$config = require ('${MAGENTO_CONF_FILE}'); print_r(\$config$path);" -} - -######################## -# Wait until the database is accessible with the currently-known credentials -# Globals: -# * -# Arguments: -# $1 - database host -# $2 - database port -# $3 - database name -# $4 - database username -# $5 - database user password (optional) -# Returns: -# true if the database connection succeeded, false otherwise -######################### -magento_wait_for_db_connection() { - local -r db_host="${1:?missing database host}" - local -r db_port="${2:?missing database port}" - local -r db_name="${3:?missing database name}" - local -r db_user="${4:?missing database user}" - local -r db_pass="${5:-}" - check_mysql_connection() { - echo "SELECT 1" | mysql_remote_execute "$db_host" "$db_port" "$db_name" "$db_user" "$db_pass" - } - if ! retry_while "check_mysql_connection"; then - error "Could not connect to the database" - return 1 - fi -} - -######################## -# Wait until Elasticsearch is accessible -# Globals: -# * -# Arguments: -# $1 - Elasticsearch host -# $2 - Elasticsearch port -# Returns: -# true if the Elasticsearch connection succeeded, false otherwise -######################### -magento_wait_for_es_connection() { - local -r es_host="${1:?missing database host}" - local -r es_port="${2:?missing database port}" - if ! retry_while "debug_execute wait-for-port --timeout 5 --host ${es_host} ${es_port}"; then - error "Could not connect to Elasticsearch" - return 1 - fi -} - -######################## -# Update Magento hostname -# Globals: -# MAGENTO_* -# Arguments: -# $1 - hostname -# Returns: -# None -######################### -magento_update_hostname() { - local -r hostname="${1:?missing hostname}" - - # Define Magento base URLs (without port if not needed) - local magento_http_base_url="http://${hostname}" - [[ "$MAGENTO_EXTERNAL_HTTP_PORT_NUMBER" != "80" ]] && magento_http_base_url+=":${MAGENTO_EXTERNAL_HTTP_PORT_NUMBER}" - magento_https_base_url="https://${hostname}" - [[ "$MAGENTO_EXTERNAL_HTTPS_PORT_NUMBER" != "443" ]] && magento_https_base_url+=":${MAGENTO_EXTERNAL_HTTPS_PORT_NUMBER}" - - # Magento requires the trailing slash ('/') to be added, or it will fail with 'Invalid Base URL. Value must be a URL or (...)' - magento_conf_set "web/secure/base_url" "${magento_https_base_url}/" - magento_conf_set "web/unsecure/base_url" "${magento_http_base_url}/" -} diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/libmysqlclient.sh b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/libmysqlclient.sh deleted file mode 100644 index fc8e6ee12d28..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/libmysqlclient.sh +++ /dev/null @@ -1,1094 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami MySQL Client library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh - -######################## -# Validate settings in MYSQL_CLIENT_* environment variables -# Globals: -# MYSQL_CLIENT_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_client_validate() { - info "Validating settings in MYSQL_CLIENT_* env vars" - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - empty_password_enabled_warn() { - warn "You set the environment variable ALLOW_EMPTY_PASSWORD=${ALLOW_EMPTY_PASSWORD}. For safety reasons, do not use this flag in a production environment." - } - empty_password_error() { - print_validation_error "The $1 environment variable is empty or not set. Set the environment variable ALLOW_EMPTY_PASSWORD=yes to allow the container to be started with blank passwords. This is recommended only for development." - } - backslash_password_error() { - print_validation_error "The password cannot contain backslashes ('\'). Set the environment variable $1 with no backslashes (more info at https://dev.mysql.com/doc/refman/8.0/en/string-comparison-functions.html)" - } - - check_yes_no_value() { - if ! is_yes_no_value "${!1}" && ! is_true_false_value "${!1}"; then - print_validation_error "The allowed values for ${1} are: yes no" - fi - } - - check_multi_value() { - if [[ " ${2} " != *" ${!1} "* ]]; then - print_validation_error "The allowed values for ${1} are: ${2}" - fi - } - - # Only validate environment variables if any action needs to be performed - check_yes_no_value "MYSQL_CLIENT_ENABLE_SSL_WRAPPER" - check_multi_value "MYSQL_CLIENT_FLAVOR" "mariadb mysql" - - if [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_USER" || -n "$MYSQL_CLIENT_CREATE_DATABASE_NAME" ]]; then - if is_boolean_yes "$ALLOW_EMPTY_PASSWORD"; then - empty_password_enabled_warn - else - if [[ -z "$MYSQL_CLIENT_DATABASE_ROOT_PASSWORD" ]]; then - empty_password_error "MYSQL_CLIENT_DATABASE_ROOT_PASSWORD" - fi - if [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_USER" ]] && [[ -z "$MYSQL_CLIENT_CREATE_DATABASE_PASSWORD" ]]; then - empty_password_error "MYSQL_CLIENT_CREATE_DATABASE_PASSWORD" - fi - fi - if [[ "${MYSQL_CLIENT_DATABASE_ROOT_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "MYSQL_CLIENT_DATABASE_ROOT_PASSWORD" - fi - if [[ "${MYSQL_CLIENT_CREATE_DATABASE_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "MYSQL_CLIENT_CREATE_DATABASE_PASSWORD" - fi - fi - return "$error_code" -} - -######################## -# Perform actions to a database -# Globals: -# DB_* -# MYSQL_CLIENT_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_client_initialize() { - # Wrap binary to force the usage of SSL - if is_boolean_yes "$MYSQL_CLIENT_ENABLE_SSL_WRAPPER"; then - mysql_client_wrap_binary_for_ssl - fi - # Wait for the database to be accessible if any action needs to be performed - if [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_USER" || -n "$MYSQL_CLIENT_CREATE_DATABASE_NAME" ]]; then - info "Trying to connect to the database server" - check_mysql_connection() { - echo "SELECT 1" | mysql_execute "mysql" "$MYSQL_CLIENT_DATABASE_ROOT_USER" "$MYSQL_CLIENT_DATABASE_ROOT_PASSWORD" "-h" "$MYSQL_CLIENT_DATABASE_HOST" "-P" "$MYSQL_CLIENT_DATABASE_PORT_NUMBER" - } - if ! retry_while "check_mysql_connection"; then - error "Could not connect to the database server" - return 1 - fi - fi - # Ensure a database user exists in the server - if [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_USER" ]]; then - info "Creating database user ${MYSQL_CLIENT_CREATE_DATABASE_USER}" - local -a args=("$MYSQL_CLIENT_CREATE_DATABASE_USER" "--host" "$MYSQL_CLIENT_DATABASE_HOST" "--port" "$MYSQL_CLIENT_DATABASE_PORT_NUMBER") - [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_PASSWORD" ]] && args+=("-p" "$MYSQL_CLIENT_CREATE_DATABASE_PASSWORD") - [[ -n "$MYSQL_CLIENT_DATABASE_AUTHENTICATION_PLUGIN" ]] && args+=("--auth-plugin" "$MYSQL_CLIENT_DATABASE_AUTHENTICATION_PLUGIN") - mysql_ensure_optional_user_exists "${args[@]}" - fi - # Ensure a database exists in the server (and that the user has write privileges, if specified) - if [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_NAME" ]]; then - info "Creating database ${MYSQL_CLIENT_CREATE_DATABASE_NAME}" - local -a createdb_args=("$MYSQL_CLIENT_CREATE_DATABASE_NAME" "--host" "$MYSQL_CLIENT_DATABASE_HOST" "--port" "$MYSQL_CLIENT_DATABASE_PORT_NUMBER") - [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_USER" ]] && createdb_args+=("-u" "$MYSQL_CLIENT_CREATE_DATABASE_USER") - [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_CHARACTER_SET" ]] && createdb_args+=("--character-set" "$MYSQL_CLIENT_CREATE_DATABASE_CHARACTER_SET") - [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_COLLATE" ]] && createdb_args+=("--collate" "$MYSQL_CLIENT_CREATE_DATABASE_COLLATE") - [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_PRIVILEGES" ]] && createdb_args+=("--privileges" "$MYSQL_CLIENT_CREATE_DATABASE_PRIVILEGES") - mysql_ensure_optional_database_exists "${createdb_args[@]}" - fi -} - -######################## -# Wrap binary to force the usage of SSL -# Globals: -# DB_* -# MYSQL_CLIENT_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_client_wrap_binary_for_ssl() { - local wrapper_file="${DB_BIN_DIR}/mysql" - # In MySQL Client 10.6, mysql is a link to the mariadb binary - if [[ -f "${DB_BIN_DIR}/mariadb" ]]; then - wrapper_file="${DB_BIN_DIR}/mariadb" - fi - local -r wrapped_binary_file="${DB_BASE_DIR}/.bin/mysql" - local -a ssl_opts=() - read -r -a ssl_opts <<<"$(mysql_client_extra_opts)" - - mv "$wrapper_file" "$wrapped_binary_file" - cat >"$wrapper_file" <> "$custom_conf_file" - cat "$old_custom_conf_file" >> "$custom_conf_file" - fi - if am_i_root; then - [[ -e "$DB_VOLUME_DIR/.initialized" ]] && rm "$DB_VOLUME_DIR/.initialized" - rm -rf "$DB_VOLUME_DIR/conf" - else - warn "Old custom configuration migrated, please manually remove the 'conf' directory from the volume use to persist data" - fi -} - -######################## -# Ensure a db user exists with the given password for the '%' host -# Globals: -# DB_* -# Flags: -# -p|--password - database password -# -u|--user - database user -# --auth-plugin - authentication plugin -# --use-ldap - authenticate user via LDAP -# --host - database host -# --port - database host -# Arguments: -# $1 - database user -# Returns: -# None -######################### -mysql_ensure_user_exists() { - local -r user="${1:?user is required}" - local password="" - local auth_plugin="" - local use_ldap="no" - local hosts - local auth_string="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -p|--password) - shift - password="${1:?missing database password}" - ;; - --auth-plugin) - shift - auth_plugin="${1:?missing authentication plugin}" - ;; - --use-ldap) - use_ldap="yes" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if is_boolean_yes "$use_ldap"; then - auth_string="identified via pam using '$DB_FLAVOR'" - elif [[ -n "$password" ]]; then - if [[ -n "$auth_plugin" ]]; then - auth_string="identified with $auth_plugin by '$password'" - else - auth_string="identified by '$password'" - fi - fi - debug "creating database user \'$user\'" - - local -a mysql_execute_cmd=("mysql_execute") - local -a mysql_execute_print_output_cmd=("mysql_execute_print_output") - if [[ -n "$db_host" && -n "$db_port" ]]; then - mysql_execute_cmd=("mysql_remote_execute" "$db_host" "$db_port") - mysql_execute_print_output_cmd=("mysql_remote_execute_print_output" "$db_host" "$db_port") - fi - - local mysql_create_user_cmd - [[ "$DB_FLAVOR" = "mariadb" ]] && mysql_create_user_cmd="create or replace user" || mysql_create_user_cmd="create user if not exists" - "${mysql_execute_cmd[@]}" "mysql" "$DB_ROOT_USER" "$DB_ROOT_PASSWORD" <=10.4, the mysql.user table was replaced with a view: https://mariadb.com/kb/en/mysqluser-table/ - # Views have a definer user, in this case set to 'root', which needs to exist for the view to work - # In MySQL, to avoid issues when renaming the root user, they use the 'mysql.sys' user as a definer: https://dev.mysql.com/doc/refman/5.7/en/sys-schema.html - # However, for MariaDB that is not the case, so when the 'root' user is renamed the 'mysql.user' table stops working and the view needs to be fixed - if [[ "$user" != "root" && ! "$(mysql_get_version)" =~ ^10.[0123]. ]]; then - alter_view_str="$(mysql_execute_print_output "mysql" "$user" "$password" "-s" <&2 - return 1 - ;; - esac - shift - done - - local -a mysql_execute_cmd=("mysql_execute") - [[ -n "$db_host" && -n "$db_port" ]] && mysql_execute_cmd=("mysql_remote_execute" "$db_host" "$db_port") - - local -a create_database_args=() - [[ -n "$character_set" ]] && create_database_args+=("character set = '${character_set}'") - [[ -n "$collate" ]] && create_database_args+=("collate = '${collate}'") - - debug "Creating database $database" - "${mysql_execute_cmd[@]}" "mysql" "$DB_ROOT_USER" "$DB_ROOT_PASSWORD" <&2 - return 1 - ;; - esac - shift - done - - local -a flags=("$user") - [[ -n "$db_host" ]] && flags+=("--host" "${db_host}") - [[ -n "$db_port" ]] && flags+=("--port" "${db_port}") - if is_boolean_yes "$use_ldap"; then - flags+=("--use-ldap") - elif [[ -n "$password" ]]; then - flags+=("-p" "$password") - [[ -n "$auth_plugin" ]] && flags=("${flags[@]}" "--auth-plugin" "$auth_plugin") - fi - mysql_ensure_user_exists "${flags[@]}" -} - -######################## -# Optionally create the given database, and then optionally give a user -# full privileges on the database. -# Flags: -# -u|--user - database user -# --character-set - character set -# --collation - collation -# --host - database host -# --port - database port -# Arguments: -# $1 - database name -# Returns: -# None -######################### -mysql_ensure_optional_database_exists() { - local -r database="${1:?database is missing}" - local character_set="" - local collate="" - local user="" - local privileges="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - --character-set) - shift - character_set="${1:?missing character set}" - ;; - --collate) - shift - collate="${1:?missing collate}" - ;; - -u|--user) - shift - user="${1:?missing database user}" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - --privileges) - shift - privileges="${1:?missing privileges}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - local -a flags=("$database") - [[ -n "$character_set" ]] && flags+=("--character-set" "$character_set") - [[ -n "$collate" ]] && flags+=("--collate" "$collate") - [[ -n "$db_host" ]] && flags+=("--host" "$db_host") - [[ -n "$db_port" ]] && flags+=("--port" "$db_port") - mysql_ensure_database_exists "${flags[@]}" - - if [[ -n "$user" ]]; then - mysql_ensure_user_has_database_privileges "$user" "$database" "$privileges" "$db_host" "$db_port" - fi -} - -######################## -# Add or modify an entry in the MySQL configuration file ("$DB_CONF_FILE") -# Globals: -# DB_* -# Arguments: -# $1 - MySQL variable name -# $2 - Value to assign to the MySQL variable -# $3 - Section in the MySQL configuration file the key is located (default: mysqld) -# $4 - Configuration file (default: "$BD_CONF_FILE") -# Returns: -# None -######################### -mysql_conf_set() { - local -r key="${1:?key missing}" - local -r value="${2:?value missing}" - read -r -a sections <<<"${3:-mysqld}" - local -r ignore_inline_comments="${4:-no}" - local -r file="${5:-"$DB_CONF_FILE"}" - info "Setting ${key} option" - debug "Setting ${key} to '${value}' in ${DB_FLAVOR} configuration file ${file}" - # Check if the configuration exists in the file - for section in "${sections[@]}"; do - if is_boolean_yes "$ignore_inline_comments"; then - ini-file set --ignore-inline-comments --section "$section" --key "$key" --value "$value" "$file" - else - ini-file set --section "$section" --key "$key" --value "$value" "$file" - fi - done -} - -######################## -# Update MySQL/MariaDB configuration file with user custom inputs -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_update_custom_config() { - # Persisted configuration files from old versions - ! is_dir_empty "$DB_VOLUME_DIR" && [[ -d "$DB_VOLUME_DIR/conf" ]] && mysql_migrate_old_configuration - - # User injected custom configuration - if [[ -f "$DB_CONF_DIR/my_custom.cnf" ]]; then - debug "Injecting custom configuration from my_custom.conf" - cat "$DB_CONF_DIR/my_custom.cnf" > "$DB_CONF_DIR/bitnami/my_custom.cnf" - fi - - ! is_empty_value "$DB_USER" && mysql_conf_set "user" "$DB_USER" "mysqladmin" - ! is_empty_value "$DB_PORT_NUMBER" && mysql_conf_set "port" "$DB_PORT_NUMBER" "mysqld client manager" - ! is_empty_value "$DB_CHARACTER_SET" && mysql_conf_set "character_set_server" "$DB_CHARACTER_SET" - ! is_empty_value "$DB_COLLATE" && mysql_conf_set "collation_server" "$DB_COLLATE" - ! is_empty_value "$DB_BIND_ADDRESS" && mysql_conf_set "bind_address" "$DB_BIND_ADDRESS" - ! is_empty_value "$DB_AUTHENTICATION_PLUGIN" && mysql_conf_set "default_authentication_plugin" "$DB_AUTHENTICATION_PLUGIN" - ! is_empty_value "$DB_SQL_MODE" && mysql_conf_set "sql_mode" "$DB_SQL_MODE" - ! is_empty_value "$DB_ENABLE_SLOW_QUERY" && mysql_conf_set "slow_query_log" "$DB_ENABLE_SLOW_QUERY" - ! is_empty_value "$DB_LONG_QUERY_TIME" && mysql_conf_set "long_query_time" "$DB_LONG_QUERY_TIME" - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Find the path to the libjemalloc library file -# Globals: -# None -# Arguments: -# None -# Returns: -# Path to a libjemalloc shared object file -######################### -find_jemalloc_lib() { - local -a locations=( "/usr/lib" "/usr/lib64" ) - local -r pattern='libjemalloc.so.[0-9]' - local path - for dir in "${locations[@]}"; do - # Find the first element matching the pattern and quit - [[ ! -d "$dir" ]] && continue - path="$(find "$dir" -name "$pattern" -print -quit)" - [[ -n "$path" ]] && break - done - echo "${path:-}" -} - -######################## -# Execute a reliable health check against the current mysql instance -# Globals: -# DB_ROOT_PASSWORD, DB_MASTER_ROOT_PASSWORD -# Arguments: -# None -# Returns: -# mysqladmin output -######################### -mysql_healthcheck() { - local args=("-uroot" "-h0.0.0.0") - local root_password - - root_password="$(get_master_env_var_value ROOT_PASSWORD)" - if [[ -n "$root_password" ]]; then - args+=("-p${root_password}") - fi - - mysqladmin "${args[@]}" ping && mysqladmin "${args[@]}" status -} - -######################## -# Prints flavor of 'mysql' client (useful to determine proper CLI flags that can be used) -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# mysql client flavor -######################### -mysql_client_flavor() { - if "${DB_BIN_DIR}/mysql" "--version" 2>&1 | grep -q MariaDB; then - echo "mariadb" - else - echo "mysql" - fi -} - -######################## -# Prints extra options for MySQL client calls (i.e. SSL options) -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# List of options to pass to "mysql" CLI -######################### -mysql_client_extra_opts() { - # Helper to get the proper value for the MySQL client environment variable - mysql_client_env_value() { - local env_name="MYSQL_CLIENT_${1:?missing name}" - if [[ -n "${!env_name:-}" ]]; then - echo "${!env_name:-}" - else - env_name="DB_CLIENT_${1}" - echo "${!env_name:-}" - fi - } - local -a opts=() - local key value - if is_boolean_yes "${DB_ENABLE_SSL:-no}"; then - if [[ "$(mysql_client_flavor)" = "mysql" ]]; then - opts+=("--ssl-mode=REQUIRED") - else - opts+=("--ssl=TRUE") - fi - # Add "--ssl-ca", "--ssl-key" and "--ssl-cert" options if the env vars are defined - for key in ca key cert; do - value="$(mysql_client_env_value "SSL_${key^^}_FILE")" - [[ -n "${value}" ]] && opts+=("--ssl-${key}=${value}") - done - fi - echo "${opts[@]:-}" -} diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/libphp.sh b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/libphp.sh deleted file mode 100644 index a107519847f5..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/libphp.sh +++ /dev/null @@ -1,260 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami PHP library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libwebserver.sh - -######################## -# Add or modify an entry in the main PHP configuration file (php.ini) -# Globals: -# PHP_CONF_FILE -# Arguments: -# $1 - Key -# $2 - Value -# $3 - File to modify (default: $PHP_CONF_FILE) -# Returns: -# None -######################### -php_conf_set() { - local -r key="${1:?key missing}" - local -r value="${2:?value missing}" - local -r file="${3:-"$PHP_CONF_FILE"}" - local pattern="^[; ]*${key}\s*=.*$" - if [[ "$key" = "extension" || "$key" = "zend_extension" ]]; then - # The "extension" property works a bit different for PHP, as there is one per module to be included, meaning it is additive unlike other configurations - # Because of that, we first check if the extension was defined in the file to replace the proper entry - pattern="^[; ]*${key}\s*=\s*[\"]?${value}(\.so)?[\"]?\s*$" - fi - local -r entry="${key} = ${value}" - if is_file_writable "$file"; then - # Not using the ini-file tool since it does not play well with php.ini - if grep -q -E "$pattern" "$file"; then - replace_in_file "$file" "$pattern" "$entry" - else - cat >> "$file" <<< "$entry" - fi - else - warn "The PHP configuration file '${file}' is not writable. The '${key}' option will not be configured." - fi -} - -######################## -# Ensure PHP is initialized -# Globals: -# PHP_* -# Arguments: -# None -# Returns: -# None -######################### -php_initialize() { - # Configure PHP options based on the runtime environment - info "Configuring PHP options" - php_set_runtime_config "$PHP_CONF_FILE" - - # PHP-FPM configuration - ! is_empty_value "$PHP_FPM_LISTEN_ADDRESS" && info "Setting PHP-FPM listen option" && php_conf_set "listen" "$PHP_FPM_LISTEN_ADDRESS" "${PHP_CONF_DIR}/php-fpm.d/www.conf" - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Set PHP runtime options, based on user-provided environment variables -# Globals: -# PHP_* -# Arguments: -# None -# Returns: -# None -######################### -php_set_runtime_config() { - local -r conf_file="${1:?missing conf file}" - - ! is_empty_value "$PHP_DATE_TIMEZONE" && info "Setting PHP date.timezone option" && php_conf_set date.timezone "$PHP_DATE_TIMEZONE" "$conf_file" - ! is_empty_value "$PHP_ENABLE_OPCACHE" && info "Setting PHP opcache.enable option" && php_conf_set opcache.enable "$PHP_ENABLE_OPCACHE" "$conf_file" - ! is_empty_value "$PHP_EXPOSE_PHP" && info "Setting PHP expose_php option" && php_conf_set expose_php "$PHP_EXPOSE_PHP" "$conf_file" - ! is_empty_value "$PHP_MAX_EXECUTION_TIME" && info "Setting PHP max_execution_time option" && php_conf_set max_execution_time "$PHP_MAX_EXECUTION_TIME" "$conf_file" - ! is_empty_value "$PHP_MAX_INPUT_TIME" && info "Setting PHP max_input_time option" && php_conf_set max_input_time "$PHP_MAX_INPUT_TIME" "$conf_file" - ! is_empty_value "$PHP_MAX_INPUT_VARS" && info "Setting PHP max_input_vars option" && php_conf_set max_input_vars "$PHP_MAX_INPUT_VARS" "$conf_file" - ! is_empty_value "$PHP_MEMORY_LIMIT" && info "Setting PHP memory_limit option" && php_conf_set memory_limit "$PHP_MEMORY_LIMIT" "$conf_file" - ! is_empty_value "$PHP_POST_MAX_SIZE" && info "Setting PHP post_max_size option" && php_conf_set post_max_size "$PHP_POST_MAX_SIZE" "$conf_file" - ! is_empty_value "$PHP_UPLOAD_MAX_FILESIZE" && info "Setting PHP upload_max_filesize option" && php_conf_set upload_max_filesize "$PHP_UPLOAD_MAX_FILESIZE" "$conf_file" - ! is_empty_value "$PHP_OUTPUT_BUFFERING" && info "Setting PHP output_buffering option" && php_conf_set output_buffering "$PHP_OUTPUT_BUFFERING" "$conf_file" - - true -} - -######################## -# Convert a yes/no value to a PHP boolean -# Globals: -# None -# Arguments: -# $1 - yes/no value -# Returns: -# None -######################### -php_convert_to_boolean() { - local -r value="${1:?missing value}" - is_boolean_yes "$value" && echo "true" || echo "false" -} - -######################## -# Execute/run PHP code and print to stdout -# Globals: -# None -# Stdin: -# Code to execute -# Arguments: -# $1..$n - Input arguments to script -# Returns: -# None -######################### -php_execute_print_output() { - local php_cmd - # Obtain the command specified via stdin - php_cmd="$(/dev/null - wait - exit $? -} -trap _forwardTerm TERM - -# Start cron -if am_i_root; then - info "** Starting cron **" - if ! cron_start; then - error "Failed to start cron. Check that it is installed and its configuration is correct." - exit 1 - fi -else - warn "Cron will not be started because of running as a non-root user" -fi - -# Start Apache -if [[ -f "/opt/bitnami/scripts/nginx-php-fpm/run.sh" ]]; then - exec "/opt/bitnami/scripts/nginx-php-fpm/run.sh" -else - exec "/opt/bitnami/scripts/$(web_server_type)/run.sh" -fi diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/magento/setup.sh b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/magento/setup.sh deleted file mode 100755 index 1eac89e92a21..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/magento/setup.sh +++ /dev/null @@ -1,41 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load Magento environment -. /opt/bitnami/scripts/magento-env.sh - -# Load MySQL Client environment for 'mysql_remote_execute' (after 'magento-env.sh' so that MODULE is not set to a wrong value) -if [[ -f /opt/bitnami/scripts/mysql-client-env.sh ]]; then - . /opt/bitnami/scripts/mysql-client-env.sh -elif [[ -f /opt/bitnami/scripts/mysql-env.sh ]]; then - . /opt/bitnami/scripts/mysql-env.sh -elif [[ -f /opt/bitnami/scripts/mariadb-env.sh ]]; then - . /opt/bitnami/scripts/mariadb-env.sh -fi - -# Load PHP environment for cron configuration (after 'magento-env.sh' so that MODULE is not set to a wrong value) -. /opt/bitnami/scripts/php-env.sh - -# Load libraries -. /opt/bitnami/scripts/libmagento.sh -. /opt/bitnami/scripts/libwebserver.sh - -# Load web server environment and functions (after Magento environment file so MODULE is not set to a wrong value) -. "/opt/bitnami/scripts/$(web_server_type)-env.sh" - -# Ensure Magento environment variables are valid -magento_validate - -# Update web server configuration with runtime environment (needs to happen before the initialization) -web_server_update_app_configuration "magento" - -# Ensure Magento is initialized -magento_initialize diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/magento/updatehost.sh b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/magento/updatehost.sh deleted file mode 100755 index 882dc982ca3b..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/magento/updatehost.sh +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load Magento environment -. /opt/bitnami/scripts/magento-env.sh - -# Load libraries -. /opt/bitnami/scripts/libmagento.sh -. /opt/bitnami/scripts/libwebserver.sh - -# Load web server environment and functions (after Magento environment file so MODULE is not set to a wrong value) -. "/opt/bitnami/scripts/$(web_server_type)-env.sh" - -magento_update_hostname "$@" diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/mysql-client-env.sh b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/mysql-client-env.sh deleted file mode 100644 index 5220ed4ea36d..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/mysql-client-env.sh +++ /dev/null @@ -1,128 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for mysql - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-mysql}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -mysql_env_vars=( - MYSQL_CLIENT_FLAVOR - ALLOW_EMPTY_PASSWORD - MYSQL_CLIENT_DATABASE_AUTHENTICATION_PLUGIN - MYSQL_CLIENT_DATABASE_HOST - MYSQL_CLIENT_DATABASE_PORT_NUMBER - MYSQL_CLIENT_DATABASE_ROOT_USER - MYSQL_CLIENT_DATABASE_ROOT_PASSWORD - MYSQL_CLIENT_CREATE_DATABASE_NAME - MYSQL_CLIENT_CREATE_DATABASE_USER - MYSQL_CLIENT_CREATE_DATABASE_PASSWORD - MYSQL_CLIENT_CREATE_DATABASE_CHARACTER_SET - MYSQL_CLIENT_CREATE_DATABASE_COLLATE - MYSQL_CLIENT_CREATE_DATABASE_PRIVILEGES - MYSQL_CLIENT_ENABLE_SSL_WRAPPER - MYSQL_CLIENT_ENABLE_SSL - MYSQL_CLIENT_SSL_CA_FILE - MYSQL_CLIENT_SSL_CERT_FILE - MYSQL_CLIENT_SSL_KEY_FILE - MYSQL_CLIENT_EXTRA_FLAGS - MARIADB_AUTHENTICATION_PLUGIN - MARIADB_HOST - MARIADB_PORT_NUMBER - MARIADB_ROOT_USER - MARIADB_ROOT_PASSWORD -) -for env_var in "${mysql_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset mysql_env_vars -export MYSQL_CLIENT_FLAVOR="${MYSQL_CLIENT_FLAVOR:-mariadb}" -export DB_FLAVOR="$MYSQL_CLIENT_FLAVOR" - -# Paths -export DB_BASE_DIR="${BITNAMI_ROOT_DIR}/mysql" -export DB_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/mysql" -export DB_DATA_DIR="${DB_VOLUME_DIR}/data" -export DB_BIN_DIR="${DB_BASE_DIR}/bin" -export DB_SBIN_DIR="${DB_BASE_DIR}/bin" -export DB_CONF_DIR="${DB_BASE_DIR}/conf" -export DB_DEFAULT_CONF_DIR="${DB_BASE_DIR}/conf.default" -export DB_LOGS_DIR="${DB_BASE_DIR}/logs" -export DB_TMP_DIR="${DB_BASE_DIR}/tmp" -export DB_CONF_FILE="${DB_CONF_DIR}/my.cnf" -export DB_PID_FILE="${DB_TMP_DIR}/mysqld.pid" -export DB_SOCKET_FILE="${DB_TMP_DIR}/mysql.sock" -export PATH="${DB_SBIN_DIR}:${DB_BIN_DIR}:/opt/bitnami/common/bin:${PATH}" - -# System users (when running with a privileged user) -export DB_DAEMON_USER="mysql" -export DB_DAEMON_GROUP="mysql" - -# MySQL client configuration -export ALLOW_EMPTY_PASSWORD="${ALLOW_EMPTY_PASSWORD:-no}" -MYSQL_CLIENT_DATABASE_AUTHENTICATION_PLUGIN="${MYSQL_CLIENT_DATABASE_AUTHENTICATION_PLUGIN:-"${MARIADB_AUTHENTICATION_PLUGIN:-}"}" -export MYSQL_CLIENT_DATABASE_AUTHENTICATION_PLUGIN="${MYSQL_CLIENT_DATABASE_AUTHENTICATION_PLUGIN:-}" -export DB_AUTHENTICATION_PLUGIN="$MYSQL_CLIENT_DATABASE_AUTHENTICATION_PLUGIN" -MYSQL_CLIENT_DATABASE_HOST="${MYSQL_CLIENT_DATABASE_HOST:-"${MARIADB_HOST:-}"}" -export MYSQL_CLIENT_DATABASE_HOST="${MYSQL_CLIENT_DATABASE_HOST:-mariadb}" -export DB_HOST="$MYSQL_CLIENT_DATABASE_HOST" -MYSQL_CLIENT_DATABASE_PORT_NUMBER="${MYSQL_CLIENT_DATABASE_PORT_NUMBER:-"${MARIADB_PORT_NUMBER:-}"}" -export MYSQL_CLIENT_DATABASE_PORT_NUMBER="${MYSQL_CLIENT_DATABASE_PORT_NUMBER:-3306}" -export DB_PORT_NUMBER="$MYSQL_CLIENT_DATABASE_PORT_NUMBER" -MYSQL_CLIENT_DATABASE_ROOT_USER="${MYSQL_CLIENT_DATABASE_ROOT_USER:-"${MARIADB_ROOT_USER:-}"}" -export MYSQL_CLIENT_DATABASE_ROOT_USER="${MYSQL_CLIENT_DATABASE_ROOT_USER:-root}" -export DB_ROOT_USER="$MYSQL_CLIENT_DATABASE_ROOT_USER" # only used during the first initialization -MYSQL_CLIENT_DATABASE_ROOT_PASSWORD="${MYSQL_CLIENT_DATABASE_ROOT_PASSWORD:-"${MARIADB_ROOT_PASSWORD:-}"}" -export MYSQL_CLIENT_DATABASE_ROOT_PASSWORD="${MYSQL_CLIENT_DATABASE_ROOT_PASSWORD:-}" -export DB_ROOT_PASSWORD="$MYSQL_CLIENT_DATABASE_ROOT_PASSWORD" # only used during the first initialization -export MYSQL_CLIENT_CREATE_DATABASE_NAME="${MYSQL_CLIENT_CREATE_DATABASE_NAME:-}" -export DB_CREATE_DATABASE_NAME="$MYSQL_CLIENT_CREATE_DATABASE_NAME" # only used during the first initialization -export MYSQL_CLIENT_CREATE_DATABASE_USER="${MYSQL_CLIENT_CREATE_DATABASE_USER:-}" -export DB_CREATE_DATABASE_USER="$MYSQL_CLIENT_CREATE_DATABASE_USER" -export MYSQL_CLIENT_CREATE_DATABASE_PASSWORD="${MYSQL_CLIENT_CREATE_DATABASE_PASSWORD:-}" -export DB_CREATE_DATABASE_PASSWORD="$MYSQL_CLIENT_CREATE_DATABASE_PASSWORD" -export MYSQL_CLIENT_CREATE_DATABASE_CHARACTER_SET="${MYSQL_CLIENT_CREATE_DATABASE_CHARACTER_SET:-}" -export DB_CREATE_DATABASE_CHARACTER_SET="$MYSQL_CLIENT_CREATE_DATABASE_CHARACTER_SET" -export MYSQL_CLIENT_CREATE_DATABASE_COLLATE="${MYSQL_CLIENT_CREATE_DATABASE_COLLATE:-}" -export DB_CREATE_DATABASE_COLLATE="$MYSQL_CLIENT_CREATE_DATABASE_COLLATE" -export MYSQL_CLIENT_CREATE_DATABASE_PRIVILEGES="${MYSQL_CLIENT_CREATE_DATABASE_PRIVILEGES:-}" -export DB_CREATE_DATABASE_PRIVILEGES="$MYSQL_CLIENT_CREATE_DATABASE_PRIVILEGES" -export MYSQL_CLIENT_ENABLE_SSL_WRAPPER="${MYSQL_CLIENT_ENABLE_SSL_WRAPPER:-no}" -export DB_ENABLE_SSL_WRAPPER="$MYSQL_CLIENT_ENABLE_SSL_WRAPPER" -export MYSQL_CLIENT_ENABLE_SSL="${MYSQL_CLIENT_ENABLE_SSL:-no}" -export DB_ENABLE_SSL="$MYSQL_CLIENT_ENABLE_SSL" -export MYSQL_CLIENT_SSL_CA_FILE="${MYSQL_CLIENT_SSL_CA_FILE:-}" -export DB_SSL_CA_FILE="$MYSQL_CLIENT_SSL_CA_FILE" -export MYSQL_CLIENT_SSL_CERT_FILE="${MYSQL_CLIENT_SSL_CERT_FILE:-}" -export DB_SSL_CERT_FILE="$MYSQL_CLIENT_SSL_CERT_FILE" -export MYSQL_CLIENT_SSL_KEY_FILE="${MYSQL_CLIENT_SSL_KEY_FILE:-}" -export DB_SSL_KEY_FILE="$MYSQL_CLIENT_SSL_KEY_FILE" -export MYSQL_CLIENT_EXTRA_FLAGS="${MYSQL_CLIENT_EXTRA_FLAGS:-no}" -export DB_EXTRA_FLAGS="$MYSQL_CLIENT_EXTRA_FLAGS" - -# Custom environment variables may be defined below diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/mysql-client/postunpack.sh b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/mysql-client/postunpack.sh deleted file mode 100755 index 79ec6ad52f2d..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/mysql-client/postunpack.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh - -# Load MySQL Client environment variables -. /opt/bitnami/scripts/mysql-client-env.sh - -for dir in "$DB_BIN_DIR" "${DB_BASE_DIR}/.bin"; do - ensure_dir_exists "$dir" - chmod g+rwX "$dir" -done diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/mysql-client/setup.sh b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/mysql-client/setup.sh deleted file mode 100755 index 13a2e13861ab..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/mysql-client/setup.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libmysqlclient.sh - -# Load MySQL Client environment variables -. /opt/bitnami/scripts/mysql-client-env.sh - -# Ensure MySQL Client environment variables settings are valid -mysql_client_validate -# Ensure MySQL Client is initialized -mysql_client_initialize diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/php-env.sh b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/php-env.sh deleted file mode 100644 index 97043106ecb5..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/php-env.sh +++ /dev/null @@ -1,90 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for php - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-php}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -php_env_vars=( - PHP_FPM_LISTEN_ADDRESS - PHP_DATE_TIMEZONE - PHP_ENABLE_OPCACHE - PHP_MAX_EXECUTION_TIME - PHP_MAX_INPUT_TIME - PHP_MAX_INPUT_VARS - PHP_MEMORY_LIMIT - PHP_POST_MAX_SIZE - PHP_UPLOAD_MAX_FILESIZE - PHP_OPCACHE_ENABLED -) -for env_var in "${php_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset php_env_vars - -# Paths -export PHP_BASE_DIR="${BITNAMI_ROOT_DIR}/php" -export PHP_BIN_DIR="${PHP_BASE_DIR}/bin" -export PHP_CONF_DIR="${PHP_BASE_DIR}/etc" -export PHP_TMP_DIR="${PHP_BASE_DIR}/var/run" -export PHP_CONF_FILE="${PHP_CONF_DIR}/php.ini" - -# PHP default build-time configuration -export PHP_DEFAULT_OPCACHE_INTERNED_STRINGS_BUFFER="16" # only used at build time -export PHP_DEFAULT_OPCACHE_MEMORY_CONSUMPTION="192" # only used at build time -export PHP_DEFAULT_OPCACHE_FILE_CACHE="${PHP_TMP_DIR}/opcache_file" # only used at build time - -# PHP-FPM configuration -export PHP_FPM_SBIN_DIR="${PHP_BASE_DIR}/sbin" -export PHP_FPM_LOGS_DIR="${PHP_BASE_DIR}/logs" -export PHP_FPM_LOG_FILE="${PHP_FPM_LOGS_DIR}/php-fpm.log" -export PHP_FPM_CONF_FILE="${PHP_CONF_DIR}/php-fpm.conf" -export PHP_FPM_PID_FILE="${PHP_TMP_DIR}/php-fpm.pid" -export PHP_FPM_DEFAULT_LISTEN_ADDRESS="${PHP_TMP_DIR}/www.sock" # only used at build time -export PHP_FPM_LISTEN_ADDRESS="${PHP_FPM_LISTEN_ADDRESS:-}" -export PATH="${PHP_FPM_SBIN_DIR}:${PHP_BIN_DIR}:${BITNAMI_ROOT_DIR}/common/bin:${PATH}" - -# System users (when running with a privileged user) -export PHP_FPM_DAEMON_USER="daemon" -export PHP_FPM_DAEMON_GROUP="daemon" - -# PHP configuration -export PHP_DATE_TIMEZONE="${PHP_DATE_TIMEZONE:-}" -PHP_ENABLE_OPCACHE="${PHP_ENABLE_OPCACHE:-"${PHP_OPCACHE_ENABLED:-}"}" -export PHP_ENABLE_OPCACHE="${PHP_ENABLE_OPCACHE:-}" -export PHP_EXPOSE_PHP="0" -export PHP_MAX_EXECUTION_TIME="${PHP_MAX_EXECUTION_TIME:-}" -export PHP_MAX_INPUT_TIME="${PHP_MAX_INPUT_TIME:-}" -export PHP_MAX_INPUT_VARS="${PHP_MAX_INPUT_VARS:-}" -export PHP_MEMORY_LIMIT="${PHP_MEMORY_LIMIT:-}" -export PHP_POST_MAX_SIZE="${PHP_POST_MAX_SIZE:-}" -export PHP_UPLOAD_MAX_FILESIZE="${PHP_UPLOAD_MAX_FILESIZE:-}" -export PHP_OUTPUT_BUFFERING="8196" - -# Custom environment variables may be defined below diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/php/postunpack.sh b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/php/postunpack.sh deleted file mode 100755 index 9a8b9fe2bcd9..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/php/postunpack.sh +++ /dev/null @@ -1,43 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libphp.sh -. /opt/bitnami/scripts/libfs.sh - -# Load PHP-FPM environment variables -. /opt/bitnami/scripts/php-env.sh - -# PHP OPcache optimizations -php_conf_set "opcache.interned_strings_buffer" "$PHP_DEFAULT_OPCACHE_INTERNED_STRINGS_BUFFER" -php_conf_set "opcache.memory_consumption" "$PHP_DEFAULT_OPCACHE_MEMORY_CONSUMPTION" -php_conf_set "opcache.file_cache" "$PHP_DEFAULT_OPCACHE_FILE_CACHE" - -# PHP-FPM configuration -php_conf_set "listen" "$PHP_FPM_DEFAULT_LISTEN_ADDRESS" "${PHP_CONF_DIR}/php-fpm.d/www.conf" - -# TMP dir configuration -php_conf_set "upload_tmp_dir" "${PHP_BASE_DIR}/tmp" -php_conf_set "session.save_path" "${PHP_TMP_DIR}/session" - -# Ensure directories used by PHP-FPM exist and have proper ownership and permissions -for dir in "$PHP_CONF_DIR" "${PHP_BASE_DIR}/tmp" "$PHP_TMP_DIR" "$PHP_FPM_LOGS_DIR" "${PHP_TMP_DIR}/session"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" -done - -info "Disabling PHP-FPM daemon user/group configuration" -mv "${PHP_CONF_DIR}/common.conf" "${PHP_CONF_DIR}/common.conf.disabled" -touch "${PHP_CONF_DIR}/common.conf" - -# Log to stdout/stderr for easy debugging -ln -sf "/dev/stdout" "$PHP_FPM_LOG_FILE" -php_conf_set "error_log" "/dev/stderr" diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/php/reload.sh b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/php/reload.sh deleted file mode 100755 index 4721f1b41abd..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/php/reload.sh +++ /dev/null @@ -1,37 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libphp.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libwebserver.sh - -# Load PHP-FPM environment -. /opt/bitnami/scripts/php-env.sh - -# Load web server environment and functions -. "/opt/bitnami/scripts/$(web_server_type)-env.sh" - -error_code=0 - -if is_php_fpm_enabled; then - if is_php_fpm_not_running; then - error "php-fpm is not running" - error_code=1 - else - info "** Reloading PHP-FPM configuration **" - php_fpm_reload - fi -else - web_server_reload -fi - -exit "$error_code" diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/php/restart.sh b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/php/restart.sh deleted file mode 100755 index 14587e2006d7..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/php/restart.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libphp.sh - -# Load PHP-FPM environment variables -. /opt/bitnami/scripts/php-env.sh - -/opt/bitnami/scripts/php/stop.sh -/opt/bitnami/scripts/php/start.sh diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/php/run.sh b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/php/run.sh deleted file mode 100755 index f8fe567bef51..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/php/run.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libphp.sh -. /opt/bitnami/scripts/liblog.sh - -# Load PHP-FPM environment variables -. /opt/bitnami/scripts/php-env.sh - -info "** Starting PHP-FPM **" -declare -a args=("--pid" "$PHP_FPM_PID_FILE" "--fpm-config" "$PHP_FPM_CONF_FILE" "-c" "$PHP_CONF_DIR" "-F") -exec "${PHP_FPM_SBIN_DIR}/php-fpm" "${args[@]}" diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/php/setup.sh b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/php/setup.sh deleted file mode 100755 index 7cb7d21fc5a3..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/php/setup.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libphp.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh - -# Load PHP-FPM environment variables -. /opt/bitnami/scripts/php-env.sh - -# Ensure PHP-FPM daemon user exists and required folder belongs to this user when running as 'root' -if am_i_root; then - ensure_user_exists "$PHP_FPM_DAEMON_USER" --group "$PHP_FPM_DAEMON_GROUP" - ensure_dir_exists "$PHP_TMP_DIR" - chown -R "${PHP_FPM_DAEMON_USER}:${PHP_FPM_DAEMON_GROUP}" "$PHP_TMP_DIR" - # Enable daemon configuration - if [[ ! -f "${PHP_CONF_DIR}/common.conf" ]]; then - cp "${PHP_CONF_DIR}/common.conf.disabled" "${PHP_CONF_DIR}/common.conf" - fi -fi - -php_initialize - -# Fix logging issue when running as root -! am_i_root || chmod o+w "$(readlink /dev/stdout)" "$(readlink /dev/stderr)" diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/php/start.sh b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/php/start.sh deleted file mode 100755 index bb9dfd15fc86..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/php/start.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libphp.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh - -# Load PHP-FPM environment variables -. /opt/bitnami/scripts/php-env.sh - -error_code=0 - -if is_php_fpm_not_running; then - nohup /opt/bitnami/scripts/php/run.sh >/dev/null 2>&1 & - if ! retry_while "is_php_fpm_running"; then - error "php-fpm did not start" - error_code=1 - else - info "php-fpm started" - fi -else - info "php-fpm is already running" -fi - -exit "$error_code" diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/php/status.sh b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/php/status.sh deleted file mode 100755 index fcb71cf40410..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/php/status.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libphp.sh -. /opt/bitnami/scripts/liblog.sh - -# Load PHP-FPM environment variables -. /opt/bitnami/scripts/php-env.sh - -if is_php_fpm_running; then - info "php-fpm is already running" -else - info "php-fpm is not running" -fi diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/php/stop.sh b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/php/stop.sh deleted file mode 100755 index 153f256030eb..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/php/stop.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libphp.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh - -# Load PHP-FPM environment variables -. /opt/bitnami/scripts/php-env.sh - -error_code=0 - -if is_php_fpm_running; then - BITNAMI_QUIET=1 php_fpm_stop - if ! retry_while "is_php_fpm_not_running"; then - error "php-fpm could not be stopped" - error_code=1 - else - info "php-fpm stopped" - fi -else - info "php-fpm is not running" -fi - -exit "$error_code" diff --git a/bitnami/magento/2/debian-11/rootfs/post-init.d/php.sh b/bitnami/magento/2/debian-11/rootfs/post-init.d/php.sh deleted file mode 100755 index 75fbeb8b58bc..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/post-init.d/php.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Executes custom PHP init scripts - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries with logging functions -if [[ -f /opt/bitnami/base/functions ]]; then - . /opt/bitnami/base/functions -else - . /opt/bitnami/scripts/liblog.sh -fi - -# Loop through all input files passed via stdin -read -r -a custom_init_scripts <<< "$@" -failure=0 -if [[ "${#custom_init_scripts[@]}" -gt 0 ]]; then - for custom_init_script in "${custom_init_scripts[@]}"; do - [[ "$custom_init_script" != *".php" ]] && continue - info "Executing ${custom_init_script} with PHP interpreter" - php "$custom_init_script" || failure=1 - [[ "$failure" -ne 0 ]] && error "Failed to execute ${custom_init_script}" - done -fi - -exit "$failure" diff --git a/bitnami/magento/2/debian-11/rootfs/post-init.d/shell.sh b/bitnami/magento/2/debian-11/rootfs/post-init.d/shell.sh deleted file mode 100755 index 15ec2defbee7..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/post-init.d/shell.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Executes custom Bash init scripts - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries with logging functions -if [[ -f /opt/bitnami/base/functions ]]; then - . /opt/bitnami/base/functions -else - . /opt/bitnami/scripts/liblog.sh -fi - -# Loop through all input files passed via stdin -read -r -a custom_init_scripts <<< "$@" -failure=0 -if [[ "${#custom_init_scripts[@]}" -gt 0 ]]; then - for custom_init_script in "${custom_init_scripts[@]}"; do - [[ "$custom_init_script" != *".sh" ]] && continue - if [[ -x "$custom_init_script" ]]; then - info "Executing ${custom_init_script}" - "$custom_init_script" || failure="1" - else - info "Sourcing ${custom_init_script} as it is not executable by the current user, any error may cause initialization to fail" - . "$custom_init_script" - fi - [[ "$failure" -ne 0 ]] && error "Failed to execute ${custom_init_script}" - done -fi - -exit "$failure" diff --git a/bitnami/magento/2/debian-11/rootfs/post-init.d/sql-mysql.sh b/bitnami/magento/2/debian-11/rootfs/post-init.d/sql-mysql.sh deleted file mode 100755 index 3618812a8335..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/post-init.d/sql-mysql.sh +++ /dev/null @@ -1,48 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Executes custom MySQL (.sql or .sql.gz) init scripts - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries with logging functions -if [[ -f /opt/bitnami/base/functions ]]; then - . /opt/bitnami/base/functions -else - . /opt/bitnami/scripts/liblog.sh -fi - -mysql_execute() { - local -r sql_file="${1:?missing file}" - local failure=0 - mysql_cmd=("mysql" "-h" "$MARIADB_HOST" "-P" "$MARIADB_PORT_NUMBER" "-u" "$MARIADB_ROOT_USER") - if [[ "${ALLOW_EMPTY_PASSWORD:-no}" != "yes" ]]; then - mysql_cmd+=("-p${MARIADB_ROOT_PASSWORD}") - fi - if [[ "$sql_file" == *".sql" ]]; then - "${mysql_cmd[@]}" < "$sql_file" || failure=$? - elif [[ "$sql_file" == *".sql.gz" ]]; then - gunzip -c "$sql_file" | "${mysql_cmd[@]}" || failure=$? - fi - return "$failure" -} - -# Loop through all input files passed via stdin -read -r -a custom_init_scripts <<< "$@" -failure=0 -if [[ "${#custom_init_scripts[@]}" -gt 0 ]]; then - for custom_init_script in "${custom_init_scripts[@]}"; do - [[ ! "$custom_init_script" =~ ^.*(\.sql|\.sql\.gz)$ ]] && continue - info "Executing ${custom_init_script}" - mysql_execute "$custom_init_script" || failure=1 - [[ "$failure" -ne 0 ]] && error "Failed to execute ${custom_init_script}" - done -fi - -exit "$failure" diff --git a/bitnami/magento/2/debian-11/rootfs/post-init.sh b/bitnami/magento/2/debian-11/rootfs/post-init.sh deleted file mode 100755 index e8dc4689d0ac..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/post-init.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Only execute init scripts once -if [[ ! -f "/bitnami/magento/.user_scripts_initialized" && -d "/docker-entrypoint-init.d" ]]; then - read -r -a init_scripts <<< "$(find "/docker-entrypoint-init.d" -type f -print0 | sort -z | xargs -0)" - if [[ "${#init_scripts[@]}" -gt 0 ]] && [[ ! -f "/bitnami/magento/.user_scripts_initialized" ]]; then - mkdir -p "/bitnami/magento" - for init_script in "${init_scripts[@]}"; do - for init_script_type_handler in /post-init.d/*.sh; do - "$init_script_type_handler" "$init_script" - done - done - fi - - touch "/bitnami/magento/.user_scripts_initialized" -fi diff --git a/bitnami/magento/2/debian-11/tags-info.yaml b/bitnami/magento/2/debian-11/tags-info.yaml deleted file mode 100644 index ef79ef91b5e7..000000000000 --- a/bitnami/magento/2/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "2" -- 2-debian-11 -- 2.4.6 -- latest diff --git a/bitnami/mariadb-galera/10.11/debian-11/Dockerfile b/bitnami/mariadb-galera/10.11/debian-11/Dockerfile deleted file mode 100644 index a4f1da2d3c99..000000000000 --- a/bitnami/mariadb-galera/10.11/debian-11/Dockerfile +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T10:17:15Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="10.11.7-debian-11-r15" \ - org.opencontainers.image.title="mariadb-galera" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="10.11.7" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl iproute2 ldap-utils libaio1 libaudit1 libcap-ng0 libcrypt1 libgcc-s1 libicu67 libldap-common liblzma5 libncurses6 libpam-ldapd libpam0g libssl1.1 libstdc++6 libtinfo6 libxml2 nslcd procps psmisc rsync socat zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "ini-file-1.4.6-8-linux-${OS_ARCH}-debian-11" \ - "mariadb-galera-10.11.7-0-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN mkdir /docker-entrypoint-initdb.d - -COPY rootfs / -RUN /opt/bitnami/scripts/mariadb-galera/postunpack.sh -ENV APP_VERSION="10.11.7" \ - BITNAMI_APP_NAME="mariadb-galera" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/common/sbin:/opt/bitnami/mariadb/bin:/opt/bitnami/mariadb/sbin:$PATH" - -EXPOSE 3306 4444 4567 4568 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/mariadb-galera/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/mariadb-galera/run.sh" ] diff --git a/bitnami/mariadb-galera/10.11/debian-11/docker-compose.yml b/bitnami/mariadb-galera/10.11/debian-11/docker-compose.yml deleted file mode 100644 index 1b8830fd229f..000000000000 --- a/bitnami/mariadb-galera/10.11/debian-11/docker-compose.yml +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2.1' - -services: - mariadb-galera: - image: docker.io/bitnami/mariadb-galera:10.11 - ports: - - '3306:3306' - - '4444:4444' - - '4567:4567' - - '4568:4568' - volumes: - - 'mariadb_galera_data:/bitnami/mariadb' - environment: - # ALLOW_EMPTY_PASSWORD is recommended only for development. - - ALLOW_EMPTY_PASSWORD=yes - - MARIADB_GALERA_CLUSTER_ADDRESS=gcomm:// - healthcheck: - test: ['CMD', '/opt/bitnami/scripts/mariadb-galera/healthcheck.sh'] - interval: 15s - timeout: 5s - retries: 6 - -volumes: - mariadb_galera_data: - driver: local diff --git a/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index b67b062c0a43..000000000000 --- a/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "ini-file": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.4.6-8" - }, - "mariadb-galera": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "10.11.7-0" - } -} \ No newline at end of file diff --git a/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/mariadb-galera/10.11/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/mariadb-galera/10.11/debian-11/rootfs/opt/bitnami/scripts/libldapclient.sh b/bitnami/mariadb-galera/10.11/debian-11/rootfs/opt/bitnami/scripts/libldapclient.sh deleted file mode 100644 index 3ab5431883a1..000000000000 --- a/bitnami/mariadb-galera/10.11/debian-11/rootfs/opt/bitnami/scripts/libldapclient.sh +++ /dev/null @@ -1,222 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami LDAP library - -# shellcheck disable=SC1090,SC1091 - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -######################## -# Loads global variables used on LDAP configuration. -# Globals: -# LDAP_* -# Arguments: -# None -# Returns: -# Series of exports to be used as 'eval' arguments -######################### -ldap_env() { - cat <<"EOF" -export LDAP_NSLCD_USER="nslcd" -export LDAP_URI="${LDAP_URI:-}" -export LDAP_BASE="${LDAP_BASE:-}" -export LDAP_BIND_DN="${LDAP_BIND_DN:-}" -export LDAP_BIND_PASSWORD="${LDAP_BIND_PASSWORD:-}" -export LDAP_BASE_LOOKUP="${LDAP_BASE_LOOKUP:-}" -export LDAP_NSS_INITGROUPS_IGNOREUSERS="${LDAP_NSS_INITGROUPS_IGNOREUSERS:-root,nslcd}" -export LDAP_SCOPE="${LDAP_SCOPE:-}" -export LDAP_TLS_REQCERT="${LDAP_TLS_REQCERT:-}" -export LDAP_SEARCH_FILTER="${LDAP_SEARCH_FILTER:-}" -export LDAP_SEARCH_MAP="${LDAP_SEARCH_MAP:-}" - -EOF - if [[ "$OS_FLAVOUR" =~ ^debian-.*$ ]]; then - cat <<"EOF" -export LDAP_NSLCD_GROUP="nslcd" -EOF - elif [[ "$OS_FLAVOUR" =~ ^(photon)-.*$ ]]; then - cat <<"EOF" -export LDAP_NSLCD_GROUP="ldap" -EOF - fi -} - -######################## -# Return LDAP config file path depending on distro -# Globals: -# OS_FLAVOUR -# Arguments: -# None -# Returns: -# (String) LDAP config file path -######################### -ldap_openldap_config_path() { - local openldap_config - case "$OS_FLAVOUR" in - debian-* | ubuntu-*) openldap_config=/etc/ldap/ldap.conf ;; - photon-* | redhatubi-*) openldap_config=/etc/openldap/ldap.conf ;; - *) error "Unsupported OS flavor ${OS_FLAVOUR}" && exit 1 ;; - esac - echo "$openldap_config" -} - -######################## -# Configure LDAP permissions (to be used at postunpack leve). -# Globals: -# LDAP_* -# Arguments: -# None -# Returns: -# None -######################### -ldap_configure_permissions() { - ensure_dir_exists "/var/run/nslcd" && configure_permissions_ownership "/var/run/nslcd" -u "root" -g "root" -d "775" - # The nslcd.conf file may not exist in distros like UBI, so we need to create it first - touch "/etc/nslcd.conf" - configure_permissions_ownership "/etc/nslcd.conf" -u "root" -g "root" -f "660" - configure_permissions_ownership "$(ldap_openldap_config_path)" -u "root" -g "root" -f "660" -} - -######################## -# Create nslcd.conf file -# Globals: -# LDAP_* -# Arguments: -# None -# Returns: -# None -######################### -ldap_create_nslcd_config() { - if am_i_root; then - chown "root:${LDAP_NSLCD_GROUP}" "/etc/nslcd.conf" - chown -R "${LDAP_NSLCD_USER}:${LDAP_NSLCD_GROUP}" "/var/run/nslcd" - cat >"/etc/nslcd.conf" <"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"$(ldap_openldap_config_path)" <"/etc/pam.d/${filename}" < 32 )); then - print_validation_error "The password can not be longer than 32 characters. Set the environment variable $(get_env_var ROOT_PASSWORD) with a shorter value (currently ${#DB_ROOT_PASSWORD} characters)" - fi - if [[ -n "$DB_USER" ]]; then - if is_boolean_yes "$DB_ENABLE_LDAP" && [[ -n "$DB_PASSWORD" ]]; then - warn "You enabled LDAP authentication. '$DB_USER' user will be authentication using LDAP, the password set at the environment variable $(get_env_var PASSWORD) will be ignored" - elif ! is_boolean_yes "$DB_ENABLE_LDAP" && [[ -z "$DB_PASSWORD" ]]; then - empty_password_error "$(get_env_var PASSWORD)" - fi - fi - fi - fi - - if [[ -n "$DB_GALERA_FORCE_SAFETOBOOTSTRAP" ]] && ! is_yes_no_value "$DB_GALERA_FORCE_SAFETOBOOTSTRAP"; then - print_validation_error "The allowed values for $(get_env_var GALERA_FORCE_SAFETOBOOTSTRAP) are yes or no." - fi - - if [[ -z "$DB_GALERA_CLUSTER_NAME" ]]; then - print_validation_error "Galera cluster cannot be created without setting the environment variable $(get_env_var GALERA_CLUSTER_NAME)." - fi - - if [[ -z "$(get_galera_cluster_address_value)" ]]; then - print_validation_error "Galera cluster cannot be created without setting the environment variable $(get_env_var GALERA_CLUSTER_ADDRESS). If you are bootstrapping a new Galera cluster, set the environment variable $(get_env_var GALERA_CLUSTER_ADDRESS)=yes." - fi - - if [[ "${DB_ROOT_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "$(get_env_var ROOT_PASSWORD)" - fi - if [[ "${DB_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "$(get_env_var PASSWORD)" - fi - - if is_boolean_yes "$DB_ENABLE_LDAP" && { [[ -z "${LDAP_URI}" ]] || [[ -z "${LDAP_BASE}" ]] || [[ -z "${LDAP_BIND_DN}" ]] || [[ -z "${LDAP_BIND_PASSWORD}" ]]; }; then - print_validation_error "The LDAP configuration is required when LDAP authentication is enabled. Set the environment variables LDAP_URI, LDAP_BASE, LDAP_BIND_DN and LDAP_BIND_PASSWORD with the LDAP configuration." - fi - - if is_boolean_yes "$DB_ENABLE_TLS"; then - if [[ -z "${DB_TLS_CERT_FILE}" ]] || [[ -z "${DB_TLS_KEY_FILE}" ]] || [[ -z "${DB_TLS_CA_FILE}" ]]; then - print_validation_error "The TLS cert file, key and CA are required when TLS is enabled. Set the environment variables TLS_CERT_FILE, TLS_KEY_FILE and TLS_CA_FILE with the path to each file." - fi - if [[ ! -f "${DB_TLS_CERT_FILE}" ]]; then - print_validation_error "The TLS_CERT file ${DB_TLS_CERT_FILE} must exist." - fi - if [[ ! -f "${DB_TLS_KEY_FILE}" ]]; then - print_validation_error "The TLS_KEY file ${DB_TLS_KEY_FILE} must exist." - fi - if [[ ! -f "${DB_TLS_CA_FILE}" ]]; then - print_validation_error "The TLS_CA file ${DB_TLS_CA_FILE} must exist." - fi - fi - - collation_env_var="$(get_env_var COLLATION)" - is_empty_value "${!collation_env_var:-}" || warn "The usage of '$(get_env_var COLLATION)' is deprecated and will soon be removed. Use '$(get_env_var COLLATE)' instead." - - [[ "$error_code" -eq 0 ]] || exit "$error_code" -} - -######################## -# Creates MySQL/MariaDB configuration file -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_create_default_config() { - debug "Creating main configuration file" - cat > "$DB_CONF_FILE" < "${DB_CONF_DIR}/bitnami/my_custom.cnf" - else - warn "Could not inject custom configuration for the ${DB_FLAVOR} configuration file '$DB_CONF_DIR/bitnami/my_custom.cnf' because it is not writable." - fi - fi - - if [[ -e "$DB_DATA_DIR/mysql" ]]; then - info "Persisted data detected. Restoring" - - if is_boolean_yes "$(get_galera_cluster_bootstrap_value)"; then - if is_boolean_yes "$DB_GALERA_FORCE_SAFETOBOOTSTRAP"; then - set_safe_to_bootstrap - fi - if ! is_safe_to_bootstrap; then - error "It is not safe to bootstrap form this node ('safe_to_bootstrap=0' is set in 'grastate.dat'). If you want to force bootstrap, set the environment variable MARIADB_GALERA_FORCE_SAFETOBOOTSTRAP=yes" - exit 1 - fi - fi - - return - else - # initialization should not be performed on non-primary nodes of a galera cluster - if is_boolean_yes "$(get_galera_cluster_bootstrap_value)"; then - debug "Cleaning data directory to ensure successfully initialization" - rm -rf "${DB_DATA_DIR:?}"/* - mysql_install_db - mysql_start_bg - debug "Deleting all users to avoid issues with galera configuration" - mysql_execute "mysql" </dev/null - hostname - fi -} - -######################## -# Check for user override of wsrep_node_address -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# String with node address -######################### -get_node_address() { - if [[ -n "$DB_GALERA_NODE_ADDRESS" ]]; then - echo "$DB_GALERA_NODE_ADDRESS" - else - # In some environments, the network may not be fully set up when starting the initialization - # So, to avoid issues, we retry the 'hostname' command until it succeeds (for a few minutes) - local -r retries="60" - local -r seconds="5" - retry_while "hostname -i" "$retries" "$seconds" >/dev/null - # prefer IPv6 over IPv4 if available - # This works by pulling any IPv4 addresses encountered into hold space and emitting it only when the EOF line is encountered - printf '%s\nEOF' "$(hostname -i | tr ' ' '\n')" | sed '/:/{;q;};/^EOF$/{;g;q;};h;d' - fi -} - -######################## -# Starts MySQL/MariaDB in the background and waits until it's ready -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_start_bg() { - local -a flags=("--defaults-file=${DB_CONF_FILE}" "--basedir=${DB_BASE_DIR}" "--datadir=${DB_DATA_DIR}" "--socket=${DB_SOCKET_FILE}") - - # Only allow local connections until MySQL is fully initialized, to avoid apps trying to connect to MySQL before it is fully initialized - flags+=("--bind-address=127.0.0.1") - - # Add flags specified via the 'DB_EXTRA_FLAGS' environment variable - read -r -a db_extra_flags <<< "$(mysql_extra_flags)" - [[ "${#db_extra_flags[@]}" -gt 0 ]] && flags+=("${db_extra_flags[@]}") - - # Do not start as root, to avoid permission issues - am_i_root && flags+=("--user=${DB_DAEMON_USER}") - - # The slave should only start in 'run.sh', elseways user credentials would be needed for any connection - flags+=("--skip-slave-start") - flags+=("$@") - - is_mysql_running && return - - info "Starting $DB_FLAVOR in background" - debug_execute "${DB_SBIN_DIR}/mysqld" "${flags[@]}" & - - # we cannot use wait_for_mysql_access here as mysql_upgrade for MySQL >=8 depends on this command - # users are not configured on slave nodes during initialization due to --skip-slave-start - wait_for_mysql - - # Wait for WSREP to be ready. If WSREP is not ready, we cannot do any transactions, thus cannot - # create any users, and WSREP instantly kills MariaDB if doing so - wait_for_wsrep - - # Special configuration flag for system with slow disks that could take more time - # in initializing - if [[ -n "${DB_INIT_SLEEP_TIME}" ]]; then - debug "Sleeping ${DB_INIT_SLEEP_TIME} seconds before continuing with initialization" - sleep "${DB_INIT_SLEEP_TIME}" - fi -} - -######################## -# Wait for WSREP to be ready to do transactions -# Arguments: -# None -# Returns: -# None -######################## -wait_for_wsrep() { - local -r retries=300 - local -r sleep_time=2 - if ! retry_while is_wsrep_ready "$retries" "$sleep_time"; then - error "WSREP did not become ready" - return 1 - fi -} - -######################## -# Checks for WSREP to be ready to do transactions -# Arguments: -# None -# Returns: -# Boolean -######################## -is_wsrep_ready() { - debug "Checking if WSREP is ready" - is_ready="$(mysql_execute_print_output "mysql" "root" <> "$custom_conf_file" - cat "$old_custom_conf_file" >> "$custom_conf_file" - fi - if am_i_root; then - [[ -e "$DB_VOLUME_DIR/.initialized" ]] && rm "$DB_VOLUME_DIR/.initialized" - rm -rf "$DB_VOLUME_DIR/conf" - else - warn "Old custom configuration migrated, please manually remove the 'conf' directory from the volume use to persist data" - fi -} - -######################## -# Ensure a db user exists with the given password for the '%' host -# Globals: -# DB_* -# Flags: -# -p|--password - database password -# -u|--user - database user -# --auth-plugin - authentication plugin -# --use-ldap - authenticate user via LDAP -# --host - database host -# --port - database host -# Arguments: -# $1 - database user -# Returns: -# None -######################### -mysql_ensure_user_exists() { - local -r user="${1:?user is required}" - local password="" - local auth_plugin="" - local use_ldap="no" - local hosts - local auth_string="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -p|--password) - shift - password="${1:?missing database password}" - ;; - --auth-plugin) - shift - auth_plugin="${1:?missing authentication plugin}" - ;; - --use-ldap) - use_ldap="yes" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if is_boolean_yes "$use_ldap"; then - auth_string="identified via pam using '$DB_FLAVOR'" - elif [[ -n "$password" ]]; then - if [[ -n "$auth_plugin" ]]; then - auth_string="identified with $auth_plugin by '$password'" - else - auth_string="identified by '$password'" - fi - fi - debug "creating database user \'$user\'" - - local -a mysql_execute_cmd=("mysql_execute") - local -a mysql_execute_print_output_cmd=("mysql_execute_print_output") - if [[ -n "$db_host" && -n "$db_port" ]]; then - mysql_execute_cmd=("mysql_remote_execute" "$db_host" "$db_port") - mysql_execute_print_output_cmd=("mysql_remote_execute_print_output" "$db_host" "$db_port") - fi - - local mysql_create_user_cmd - [[ "$DB_FLAVOR" = "mariadb" ]] && mysql_create_user_cmd="create or replace user" || mysql_create_user_cmd="create user if not exists" - "${mysql_execute_cmd[@]}" "mysql" "$DB_ROOT_USER" "$DB_ROOT_PASSWORD" <=10.4, the mysql.user table was replaced with a view: https://mariadb.com/kb/en/mysqluser-table/ - # Views have a definer user, in this case set to 'root', which needs to exist for the view to work - # In MySQL, to avoid issues when renaming the root user, they use the 'mysql.sys' user as a definer: https://dev.mysql.com/doc/refman/5.7/en/sys-schema.html - # However, for MariaDB that is not the case, so when the 'root' user is renamed the 'mysql.user' table stops working and the view needs to be fixed - if [[ "$user" != "root" && ! "$(mysql_get_version)" =~ ^10.[0123]. ]]; then - alter_view_str="$(mysql_execute_print_output "mysql" "$user" "$password" "-s" <&2 - return 1 - ;; - esac - shift - done - - local -a mysql_execute_cmd=("mysql_execute") - [[ -n "$db_host" && -n "$db_port" ]] && mysql_execute_cmd=("mysql_remote_execute" "$db_host" "$db_port") - - local -a create_database_args=() - [[ -n "$character_set" ]] && create_database_args+=("character set = '${character_set}'") - [[ -n "$collate" ]] && create_database_args+=("collate = '${collate}'") - - debug "Creating database $database" - "${mysql_execute_cmd[@]}" "mysql" "$DB_ROOT_USER" "$DB_ROOT_PASSWORD" <&2 - return 1 - ;; - esac - shift - done - - local -a flags=("$user") - [[ -n "$db_host" ]] && flags+=("--host" "${db_host}") - [[ -n "$db_port" ]] && flags+=("--port" "${db_port}") - if is_boolean_yes "$use_ldap"; then - flags+=("--use-ldap") - elif [[ -n "$password" ]]; then - flags+=("-p" "$password") - [[ -n "$auth_plugin" ]] && flags=("${flags[@]}" "--auth-plugin" "$auth_plugin") - fi - mysql_ensure_user_exists "${flags[@]}" -} - -######################## -# Optionally create the given database, and then optionally give a user -# full privileges on the database. -# Flags: -# -u|--user - database user -# --character-set - character set -# --collation - collation -# --host - database host -# --port - database port -# Arguments: -# $1 - database name -# Returns: -# None -######################### -mysql_ensure_optional_database_exists() { - local -r database="${1:?database is missing}" - local character_set="" - local collate="" - local user="" - local privileges="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - --character-set) - shift - character_set="${1:?missing character set}" - ;; - --collate) - shift - collate="${1:?missing collate}" - ;; - -u|--user) - shift - user="${1:?missing database user}" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - --privileges) - shift - privileges="${1:?missing privileges}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - local -a flags=("$database") - [[ -n "$character_set" ]] && flags+=("--character-set" "$character_set") - [[ -n "$collate" ]] && flags+=("--collate" "$collate") - [[ -n "$db_host" ]] && flags+=("--host" "$db_host") - [[ -n "$db_port" ]] && flags+=("--port" "$db_port") - mysql_ensure_database_exists "${flags[@]}" - - if [[ -n "$user" ]]; then - mysql_ensure_user_has_database_privileges "$user" "$database" "$privileges" "$db_host" "$db_port" - fi -} - -######################## -# Add or modify an entry in the MySQL configuration file ("$DB_CONF_FILE") -# Globals: -# DB_* -# Arguments: -# $1 - MySQL variable name -# $2 - Value to assign to the MySQL variable -# $3 - Section in the MySQL configuration file the key is located (default: mysqld) -# $4 - Configuration file (default: "$BD_CONF_FILE") -# Returns: -# None -######################### -mysql_conf_set() { - local -r key="${1:?key missing}" - local -r value="${2:?value missing}" - read -r -a sections <<<"${3:-mysqld}" - local -r ignore_inline_comments="${4:-no}" - local -r file="${5:-"$DB_CONF_FILE"}" - info "Setting ${key} option" - debug "Setting ${key} to '${value}' in ${DB_FLAVOR} configuration file ${file}" - # Check if the configuration exists in the file - for section in "${sections[@]}"; do - if is_boolean_yes "$ignore_inline_comments"; then - ini-file set --ignore-inline-comments --section "$section" --key "$key" --value "$value" "$file" - else - ini-file set --section "$section" --key "$key" --value "$value" "$file" - fi - done -} - -######################## -# Update MySQL/MariaDB configuration file with user custom inputs -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_update_custom_config() { - # Persisted configuration files from old versions - ! is_dir_empty "$DB_VOLUME_DIR" && [[ -d "$DB_VOLUME_DIR/conf" ]] && mysql_migrate_old_configuration - - # User injected custom configuration - if [[ -f "$DB_CONF_DIR/my_custom.cnf" ]]; then - debug "Injecting custom configuration from my_custom.conf" - cat "$DB_CONF_DIR/my_custom.cnf" > "$DB_CONF_DIR/bitnami/my_custom.cnf" - fi - - ! is_empty_value "$DB_USER" && mysql_conf_set "user" "$DB_USER" "mysqladmin" - ! is_empty_value "$DB_PORT_NUMBER" && mysql_conf_set "port" "$DB_PORT_NUMBER" "mysqld client manager" - ! is_empty_value "$DB_CHARACTER_SET" && mysql_conf_set "character_set_server" "$DB_CHARACTER_SET" - ! is_empty_value "$DB_COLLATE" && mysql_conf_set "collation_server" "$DB_COLLATE" - ! is_empty_value "$DB_BIND_ADDRESS" && mysql_conf_set "bind_address" "$DB_BIND_ADDRESS" - ! is_empty_value "$DB_AUTHENTICATION_PLUGIN" && mysql_conf_set "default_authentication_plugin" "$DB_AUTHENTICATION_PLUGIN" - ! is_empty_value "$DB_SQL_MODE" && mysql_conf_set "sql_mode" "$DB_SQL_MODE" - ! is_empty_value "$DB_ENABLE_SLOW_QUERY" && mysql_conf_set "slow_query_log" "$DB_ENABLE_SLOW_QUERY" - ! is_empty_value "$DB_LONG_QUERY_TIME" && mysql_conf_set "long_query_time" "$DB_LONG_QUERY_TIME" - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Find the path to the libjemalloc library file -# Globals: -# None -# Arguments: -# None -# Returns: -# Path to a libjemalloc shared object file -######################### -find_jemalloc_lib() { - local -a locations=( "/usr/lib" "/usr/lib64" ) - local -r pattern='libjemalloc.so.[0-9]' - local path - for dir in "${locations[@]}"; do - # Find the first element matching the pattern and quit - [[ ! -d "$dir" ]] && continue - path="$(find "$dir" -name "$pattern" -print -quit)" - [[ -n "$path" ]] && break - done - echo "${path:-}" -} - -######################## -# Execute a reliable health check against the current mysql instance -# Globals: -# DB_ROOT_PASSWORD, DB_MASTER_ROOT_PASSWORD -# Arguments: -# None -# Returns: -# mysqladmin output -######################### -mysql_healthcheck() { - local args=("-uroot" "-h0.0.0.0") - local root_password - - root_password="$(get_master_env_var_value ROOT_PASSWORD)" - if [[ -n "$root_password" ]]; then - args+=("-p${root_password}") - fi - - mysqladmin "${args[@]}" ping && mysqladmin "${args[@]}" status -} - -######################## -# Prints flavor of 'mysql' client (useful to determine proper CLI flags that can be used) -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# mysql client flavor -######################### -mysql_client_flavor() { - if "${DB_BIN_DIR}/mysql" "--version" 2>&1 | grep -q MariaDB; then - echo "mariadb" - else - echo "mysql" - fi -} - -######################## -# Prints extra options for MySQL client calls (i.e. SSL options) -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# List of options to pass to "mysql" CLI -######################### -mysql_client_extra_opts() { - # Helper to get the proper value for the MySQL client environment variable - mysql_client_env_value() { - local env_name="MYSQL_CLIENT_${1:?missing name}" - if [[ -n "${!env_name:-}" ]]; then - echo "${!env_name:-}" - else - env_name="DB_CLIENT_${1}" - echo "${!env_name:-}" - fi - } - local -a opts=() - local key value - if is_boolean_yes "${DB_ENABLE_SSL:-no}"; then - if [[ "$(mysql_client_flavor)" = "mysql" ]]; then - opts+=("--ssl-mode=REQUIRED") - else - opts+=("--ssl=TRUE") - fi - # Add "--ssl-ca", "--ssl-key" and "--ssl-cert" options if the env vars are defined - for key in ca key cert; do - value="$(mysql_client_env_value "SSL_${key^^}_FILE")" - [[ -n "${value}" ]] && opts+=("--ssl-${key}=${value}") - done - fi - echo "${opts[@]:-}" -} diff --git a/bitnami/mariadb-galera/10.11/debian-11/rootfs/opt/bitnami/scripts/mariadb-env.sh b/bitnami/mariadb-galera/10.11/debian-11/rootfs/opt/bitnami/scripts/mariadb-env.sh deleted file mode 100644 index 8f8b893a268c..000000000000 --- a/bitnami/mariadb-galera/10.11/debian-11/rootfs/opt/bitnami/scripts/mariadb-env.sh +++ /dev/null @@ -1,261 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for mariadb - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-mariadb}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -mariadb_env_vars=( - ALLOW_EMPTY_PASSWORD - MARIADB_AUTHENTICATION_PLUGIN - MARIADB_ROOT_USER - MARIADB_ROOT_PASSWORD - MARIADB_USER - MARIADB_PASSWORD - MARIADB_DATABASE - MARIADB_MASTER_HOST - MARIADB_MASTER_PORT_NUMBER - MARIADB_MASTER_ROOT_USER - MARIADB_MASTER_ROOT_PASSWORD - MARIADB_MASTER_DELAY - MARIADB_REPLICATION_USER - MARIADB_REPLICATION_PASSWORD - MARIADB_PORT_NUMBER - MARIADB_REPLICATION_MODE - MARIADB_REPLICATION_SLAVE_DUMP - MARIADB_EXTRA_FLAGS - MARIADB_INIT_SLEEP_TIME - MARIADB_CHARACTER_SET - MARIADB_COLLATE - MARIADB_BIND_ADDRESS - MARIADB_SQL_MODE - MARIADB_SKIP_TEST_DB - MARIADB_CLIENT_ENABLE_SSL - MARIADB_CLIENT_SSL_CA_FILE - MARIADB_CLIENT_SSL_CERT_FILE - MARIADB_CLIENT_SSL_KEY_FILE - MARIADB_CLIENT_EXTRA_FLAGS - MARIADB_STARTUP_WAIT_RETRIES - MARIADB_STARTUP_WAIT_SLEEP_TIME - MARIADB_ENABLE_SLOW_QUERY - MARIADB_LONG_QUERY_TIME - MARIADB_GALERA_CONF_DIR - MARIADB_GALERA_MOUNTED_CONF_DIR - MARIADB_GALERA_FORCE_SAFETOBOOTSTRAP - MARIADB_GALERA_CLUSTER_BOOTSTRAP - MARIADB_GALERA_CLUSTER_ADDRESS - MARIADB_GALERA_CLUSTER_NAME - MARIADB_GALERA_NODE_NAME - MARIADB_GALERA_NODE_ADDRESS - MARIADB_GALERA_SST_METHOD - MARIADB_GALERA_MARIABACKUP_USER - MARIADB_GALERA_MARIABACKUP_PASSWORD - MARIADB_ENABLE_LDAP - MARIADB_ENABLE_TLS - MARIADB_TLS_CERT_FILE - MARIADB_TLS_KEY_FILE - MARIADB_TLS_CA_FILE - MARIADB_REPLICATION_USER - MARIADB_REPLICATION_PASSWORD - DB_ENABLE_SLOW_QUERY - DB_LONG_QUERY_TIME -) -for env_var in "${mariadb_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset mariadb_env_vars -export DB_FLAVOR="mariadb" - -# Paths -export DB_BASE_DIR="${BITNAMI_ROOT_DIR}/mariadb" -export DB_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/mariadb" -export DB_DATA_DIR="${DB_VOLUME_DIR}/data" -export DB_BIN_DIR="${DB_BASE_DIR}/bin" -export DB_SBIN_DIR="${DB_BASE_DIR}/sbin" -export DB_CONF_DIR="${DB_BASE_DIR}/conf" -export DB_DEFAULT_CONF_DIR="${DB_BASE_DIR}/conf.default" -export DB_LOGS_DIR="${DB_BASE_DIR}/logs" -export DB_TMP_DIR="${DB_BASE_DIR}/tmp" -export DB_CONF_FILE="${DB_CONF_DIR}/my.cnf" -export DB_PID_FILE="${DB_TMP_DIR}/mysqld.pid" -export DB_SOCKET_FILE="${DB_TMP_DIR}/mysql.sock" -export PATH="${DB_SBIN_DIR}:${DB_BIN_DIR}:/opt/bitnami/common/bin:${PATH}" - -# System users (when running with a privileged user) -export DB_DAEMON_USER="mysql" -export DB_DAEMON_GROUP="mysql" - -# Default configuration (build-time) -export MARIADB_DEFAULT_PORT_NUMBER="3306" -export DB_DEFAULT_PORT_NUMBER="$MARIADB_DEFAULT_PORT_NUMBER" # only used at build time -export MARIADB_DEFAULT_CHARACTER_SET="utf8mb4" -export DB_DEFAULT_CHARACTER_SET="$MARIADB_DEFAULT_CHARACTER_SET" # only used at build time -export MARIADB_DEFAULT_BIND_ADDRESS="0.0.0.0" -export DB_DEFAULT_BIND_ADDRESS="$MARIADB_DEFAULT_BIND_ADDRESS" # only used at build time - -# MariaDB Galera authentication. -export ALLOW_EMPTY_PASSWORD="${ALLOW_EMPTY_PASSWORD:-no}" -export MARIADB_AUTHENTICATION_PLUGIN="${MARIADB_AUTHENTICATION_PLUGIN:-}" -export DB_AUTHENTICATION_PLUGIN="$MARIADB_AUTHENTICATION_PLUGIN" -export MARIADB_ROOT_USER="${MARIADB_ROOT_USER:-root}" -export DB_ROOT_USER="$MARIADB_ROOT_USER" # only used during the first initialization -export MARIADB_ROOT_PASSWORD="${MARIADB_ROOT_PASSWORD:-}" -export DB_ROOT_PASSWORD="$MARIADB_ROOT_PASSWORD" # only used during the first initialization -export MARIADB_USER="${MARIADB_USER:-}" -export DB_USER="$MARIADB_USER" # only used during the first initialization -export MARIADB_PASSWORD="${MARIADB_PASSWORD:-}" -export DB_PASSWORD="$MARIADB_PASSWORD" # only used during the first initialization -export MARIADB_DATABASE="${MARIADB_DATABASE:-}" -export DB_DATABASE="$MARIADB_DATABASE" # only used during the first initialization -export MARIADB_MASTER_HOST="${MARIADB_MASTER_HOST:-}" -export DB_MASTER_HOST="$MARIADB_MASTER_HOST" # only used during the first initialization -export MARIADB_MASTER_PORT_NUMBER="${MARIADB_MASTER_PORT_NUMBER:-3306}" -export DB_MASTER_PORT_NUMBER="$MARIADB_MASTER_PORT_NUMBER" # only used during the first initialization -export MARIADB_MASTER_ROOT_USER="${MARIADB_MASTER_ROOT_USER:-root}" -export DB_MASTER_ROOT_USER="$MARIADB_MASTER_ROOT_USER" # only used during the first initialization -export MARIADB_MASTER_ROOT_PASSWORD="${MARIADB_MASTER_ROOT_PASSWORD:-}" -export DB_MASTER_ROOT_PASSWORD="$MARIADB_MASTER_ROOT_PASSWORD" # only used during the first initialization -export MARIADB_MASTER_DELAY="${MARIADB_MASTER_DELAY:-0}" -export DB_MASTER_DELAY="$MARIADB_MASTER_DELAY" # only used during the first initialization -export MARIADB_REPLICATION_USER="${MARIADB_REPLICATION_USER:-}" -export DB_REPLICATION_USER="$MARIADB_REPLICATION_USER" # only used during the first initialization -export MARIADB_REPLICATION_PASSWORD="${MARIADB_REPLICATION_PASSWORD:-}" -export DB_REPLICATION_PASSWORD="$MARIADB_REPLICATION_PASSWORD" # only used during the first initialization - -# Settings -export MARIADB_PORT_NUMBER="${MARIADB_PORT_NUMBER:-}" -export DB_PORT_NUMBER="$MARIADB_PORT_NUMBER" -export MARIADB_REPLICATION_MODE="${MARIADB_REPLICATION_MODE:-}" -export DB_REPLICATION_MODE="$MARIADB_REPLICATION_MODE" -export MARIADB_REPLICATION_SLAVE_DUMP="${MARIADB_REPLICATION_SLAVE_DUMP:-false}" -export DB_REPLICATION_SLAVE_DUMP="$MARIADB_REPLICATION_SLAVE_DUMP" -export MARIADB_EXTRA_FLAGS="${MARIADB_EXTRA_FLAGS:-}" -export DB_EXTRA_FLAGS="$MARIADB_EXTRA_FLAGS" -export MARIADB_INIT_SLEEP_TIME="${MARIADB_INIT_SLEEP_TIME:-}" -export DB_INIT_SLEEP_TIME="$MARIADB_INIT_SLEEP_TIME" -export MARIADB_CHARACTER_SET="${MARIADB_CHARACTER_SET:-}" -export DB_CHARACTER_SET="$MARIADB_CHARACTER_SET" -# MARIADB_COLLATION is deprecated in favor of MARIADB_COLLATE -MARIADB_COLLATE="${MARIADB_COLLATE:-"${MARIADB_COLLATION:-}"}" -export MARIADB_COLLATE="${MARIADB_COLLATE:-}" -export DB_COLLATE="$MARIADB_COLLATE" -export MARIADB_BIND_ADDRESS="${MARIADB_BIND_ADDRESS:-}" -export DB_BIND_ADDRESS="$MARIADB_BIND_ADDRESS" -export MARIADB_SQL_MODE="${MARIADB_SQL_MODE:-}" -export DB_SQL_MODE="$MARIADB_SQL_MODE" -export MARIADB_SKIP_TEST_DB="${MARIADB_SKIP_TEST_DB:-no}" -export DB_SKIP_TEST_DB="$MARIADB_SKIP_TEST_DB" -export MARIADB_CLIENT_ENABLE_SSL="${MARIADB_CLIENT_ENABLE_SSL:-no}" -export DB_CLIENT_ENABLE_SSL="$MARIADB_CLIENT_ENABLE_SSL" -export MARIADB_CLIENT_SSL_CA_FILE="${MARIADB_CLIENT_SSL_CA_FILE:-}" -export DB_CLIENT_SSL_CA_FILE="$MARIADB_CLIENT_SSL_CA_FILE" -export MARIADB_CLIENT_SSL_CERT_FILE="${MARIADB_CLIENT_SSL_CERT_FILE:-}" -export DB_CLIENT_SSL_CERT_FILE="$MARIADB_CLIENT_SSL_CERT_FILE" -export MARIADB_CLIENT_SSL_KEY_FILE="${MARIADB_CLIENT_SSL_KEY_FILE:-}" -export DB_CLIENT_SSL_KEY_FILE="$MARIADB_CLIENT_SSL_KEY_FILE" -export MARIADB_CLIENT_EXTRA_FLAGS="${MARIADB_CLIENT_EXTRA_FLAGS:-no}" -export DB_CLIENT_EXTRA_FLAGS="$MARIADB_CLIENT_EXTRA_FLAGS" -export MARIADB_STARTUP_WAIT_RETRIES="${MARIADB_STARTUP_WAIT_RETRIES:-300}" -export DB_STARTUP_WAIT_RETRIES="$MARIADB_STARTUP_WAIT_RETRIES" -export MARIADB_STARTUP_WAIT_SLEEP_TIME="${MARIADB_STARTUP_WAIT_SLEEP_TIME:-2}" -export DB_STARTUP_WAIT_SLEEP_TIME="$MARIADB_STARTUP_WAIT_SLEEP_TIME" -MARIADB_ENABLE_SLOW_QUERY="${MARIADB_ENABLE_SLOW_QUERY:-"${DB_ENABLE_SLOW_QUERY:-}"}" -export MARIADB_ENABLE_SLOW_QUERY="${MARIADB_ENABLE_SLOW_QUERY:-0}" -export DB_ENABLE_SLOW_QUERY="$MARIADB_ENABLE_SLOW_QUERY" -MARIADB_LONG_QUERY_TIME="${MARIADB_LONG_QUERY_TIME:-"${DB_LONG_QUERY_TIME:-}"}" -export MARIADB_LONG_QUERY_TIME="${MARIADB_LONG_QUERY_TIME:-10.0}" -export DB_LONG_QUERY_TIME="$MARIADB_LONG_QUERY_TIME" - -# Galera paths -export MARIADB_GALERA_GRASTATE_FILE="${DB_DATA_DIR}/grastate.dat" -export DB_GALERA_GRASTATE_FILE="$MARIADB_GALERA_GRASTATE_FILE" -export MARIADB_GALERA_BOOTSTRAP_DIR="${DB_VOLUME_DIR}/.bootstrap" -export DB_GALERA_BOOTSTRAP_DIR="$MARIADB_GALERA_BOOTSTRAP_DIR" -export MARIADB_GALERA_BOOTSTRAP_FILE="${DB_GALERA_BOOTSTRAP_DIR}/done" -export DB_GALERA_BOOTSTRAP_FILE="$MARIADB_GALERA_BOOTSTRAP_FILE" - -# Galera build-time defaults for cluster configuration -export MARIADB_GALERA_DEFAULT_CLUSTER_ADDRESS="gcomm://" -export DB_GALERA_DEFAULT_CLUSTER_ADDRESS="$MARIADB_GALERA_DEFAULT_CLUSTER_ADDRESS" -export MARIADB_GALERA_DEFAULT_CLUSTER_NAME="galera" -export DB_GALERA_DEFAULT_CLUSTER_NAME="$MARIADB_GALERA_DEFAULT_CLUSTER_NAME" -export MARIADB_GALERA_DEFAULT_NODE_NAME="" -export DB_GALERA_DEFAULT_NODE_NAME="$MARIADB_GALERA_DEFAULT_NODE_NAME" -export MARIADB_GALERA_DEFAULT_NODE_ADDRESS="" -export DB_GALERA_DEFAULT_NODE_ADDRESS="$MARIADB_GALERA_DEFAULT_NODE_ADDRESS" -export MARIADB_GALERA_DEFAULT_SST_METHOD="mariabackup" -export DB_GALERA_DEFAULT_SST_METHOD="$MARIADB_GALERA_DEFAULT_SST_METHOD" -export MARIADB_GALERA_DEFAULT_MARIABACKUP_USER="mariabackup" -export DB_GALERA_DEFAULT_MARIABACKUP_USER="$MARIADB_GALERA_DEFAULT_MARIABACKUP_USER" -export MARIADB_GALERA_DEFAULT_MARIABACKUP_PASSWORD="" -export DB_GALERA_DEFAULT_MARIABACKUP_PASSWORD="$MARIADB_GALERA_DEFAULT_MARIABACKUP_PASSWORD" - -# Galera cluster configuration. -export MARIADB_GALERA_CONF_DIR="${MARIADB_GALERA_CONF_DIR:-/opt/bitnami/mariadb/conf}" -export DB_GALERA_CONF_DIR="$MARIADB_GALERA_CONF_DIR" -export MARIADB_GALERA_MOUNTED_CONF_DIR="${MARIADB_GALERA_MOUNTED_CONF_DIR:-/bitnami/conf}" -export DB_GALERA_MOUNTED_CONF_DIR="$MARIADB_GALERA_MOUNTED_CONF_DIR" -export MARIADB_GALERA_FORCE_SAFETOBOOTSTRAP="${MARIADB_GALERA_FORCE_SAFETOBOOTSTRAP:-}" -export DB_GALERA_FORCE_SAFETOBOOTSTRAP="$MARIADB_GALERA_FORCE_SAFETOBOOTSTRAP" -export MARIADB_GALERA_CLUSTER_BOOTSTRAP="${MARIADB_GALERA_CLUSTER_BOOTSTRAP:-}" -export DB_GALERA_CLUSTER_BOOTSTRAP="$MARIADB_GALERA_CLUSTER_BOOTSTRAP" -export MARIADB_GALERA_CLUSTER_ADDRESS="${MARIADB_GALERA_CLUSTER_ADDRESS:-}" -export DB_GALERA_CLUSTER_ADDRESS="$MARIADB_GALERA_CLUSTER_ADDRESS" -export MARIADB_GALERA_CLUSTER_NAME="${MARIADB_GALERA_CLUSTER_NAME:-$DB_GALERA_DEFAULT_CLUSTER_NAME}" -export DB_GALERA_CLUSTER_NAME="$MARIADB_GALERA_CLUSTER_NAME" -export MARIADB_GALERA_NODE_NAME="${MARIADB_GALERA_NODE_NAME:-}" -export DB_GALERA_NODE_NAME="$MARIADB_GALERA_NODE_NAME" -export MARIADB_GALERA_NODE_ADDRESS="${MARIADB_GALERA_NODE_ADDRESS:-}" -export DB_GALERA_NODE_ADDRESS="$MARIADB_GALERA_NODE_ADDRESS" -export MARIADB_GALERA_SST_METHOD="${MARIADB_GALERA_SST_METHOD:-$DB_GALERA_DEFAULT_SST_METHOD}" -export DB_GALERA_SST_METHOD="$MARIADB_GALERA_SST_METHOD" -export MARIADB_GALERA_MARIABACKUP_USER="${MARIADB_GALERA_MARIABACKUP_USER:-$DB_GALERA_DEFAULT_MARIABACKUP_USER}" -export DB_GALERA_MARIABACKUP_USER="$MARIADB_GALERA_MARIABACKUP_USER" -export MARIADB_GALERA_MARIABACKUP_PASSWORD="${MARIADB_GALERA_MARIABACKUP_PASSWORD:-$DB_GALERA_DEFAULT_MARIABACKUP_PASSWORD}" -export DB_GALERA_MARIABACKUP_PASSWORD="$MARIADB_GALERA_MARIABACKUP_PASSWORD" - -# LDAP -export MARIADB_ENABLE_LDAP="${MARIADB_ENABLE_LDAP:-no}" -export DB_ENABLE_LDAP="$MARIADB_ENABLE_LDAP" - -# SSL/TLS configuration -export MARIADB_ENABLE_TLS="${MARIADB_ENABLE_TLS:-no}" -export DB_ENABLE_TLS="$MARIADB_ENABLE_TLS" -export MARIADB_TLS_CERT_FILE="${MARIADB_TLS_CERT_FILE:-}" -export DB_TLS_CERT_FILE="$MARIADB_TLS_CERT_FILE" -export MARIADB_TLS_KEY_FILE="${MARIADB_TLS_KEY_FILE:-}" -export DB_TLS_KEY_FILE="$MARIADB_TLS_KEY_FILE" -export MARIADB_TLS_CA_FILE="${MARIADB_TLS_CA_FILE:-}" -export DB_TLS_CA_FILE="$MARIADB_TLS_CA_FILE" -export MARIADB_REPLICATION_USER="${MARIADB_REPLICATION_USER:-monitor}" -export DB_REPLICATION_USER="$MARIADB_REPLICATION_USER" # only used during the first initialization -export MARIADB_REPLICATION_PASSWORD="${MARIADB_REPLICATION_PASSWORD:-monitor}" -export DB_REPLICATION_PASSWORD="$MARIADB_REPLICATION_PASSWORD" # only used during the first initialization - -# Custom environment variables may be defined below diff --git a/bitnami/mariadb-galera/10.11/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/entrypoint.sh b/bitnami/mariadb-galera/10.11/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/entrypoint.sh deleted file mode 100755 index ce45c70c5cdd..000000000000 --- a/bitnami/mariadb-galera/10.11/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/entrypoint.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/libmariadbgalera.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# We add the copy from default config in the entrypoint to not break users -# bypassing the setup.sh logic. If the file already exists do not overwrite (in -# case someone mounts a configuration file in /opt/bitnami/mariadb/conf) -debug "Copying files from $DB_DEFAULT_CONF_DIR to $DB_CONF_DIR" -cp -nfr "$DB_DEFAULT_CONF_DIR"/. "$DB_CONF_DIR" - -print_welcome_page - -if [[ "$1" = "/opt/bitnami/scripts/mariadb-galera/run.sh" ]]; then - info "** Starting MariaDB setup **" - /opt/bitnami/scripts/mariadb-galera/setup.sh - info "** MariaDB setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/mariadb-galera/10.11/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/healthcheck.sh b/bitnami/mariadb-galera/10.11/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/healthcheck.sh deleted file mode 100755 index b7e19b0b6dbf..000000000000 --- a/bitnami/mariadb-galera/10.11/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/healthcheck.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libmariadbgalera.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -mysql_healthcheck diff --git a/bitnami/mariadb-galera/10.11/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/postunpack.sh b/bitnami/mariadb-galera/10.11/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/postunpack.sh deleted file mode 100755 index 37f744bc9c0a..000000000000 --- a/bitnami/mariadb-galera/10.11/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/postunpack.sh +++ /dev/null @@ -1,45 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libldapclient.sh -. /opt/bitnami/scripts/libmariadbgalera.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# Load LDAP environment variables -eval "$(ldap_env)" - -# Configure MariaDB options based on build-time defaults -info "Configuring default MariaDB options" -ensure_dir_exists "$DB_CONF_DIR" -mysql_create_default_config - -for dir in "$DB_TMP_DIR" "$DB_LOGS_DIR" "$DB_CONF_DIR" "$DB_DEFAULT_CONF_DIR" "${DB_CONF_DIR}/bitnami" "$DB_VOLUME_DIR" "$DB_DATA_DIR" "$DB_GALERA_BOOTSTRAP_DIR"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" -done - -# LDAP permissions -ldap_configure_permissions -ldap_create_pam_config "mariadb" - -# Fix to avoid issues detecting plugins in mysql_install_db -ln -sf "$DB_BASE_DIR/plugin" "$DB_BASE_DIR/lib/plugin" - -# Redirect all logging to stdout -ln -sf /dev/stdout "$DB_LOGS_DIR/mysqld.log" - -# Copy all initially generated configuration files to the default directory -# (this is to avoid breaking when entrypoint is being overridden) -cp -r "${DB_CONF_DIR}/"* "$DB_DEFAULT_CONF_DIR" diff --git a/bitnami/mariadb-galera/10.11/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/run.sh b/bitnami/mariadb-galera/10.11/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/run.sh deleted file mode 100755 index 59aecfdba0c4..000000000000 --- a/bitnami/mariadb-galera/10.11/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/run.sh +++ /dev/null @@ -1,50 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libldapclient.sh -. /opt/bitnami/scripts/libmariadbgalera.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# Load LDAP environment variables -eval "$(ldap_env)" - -# mysqld_safe does not allow logging to stdout/stderr, so we stick with mysqld -EXEC="${DB_SBIN_DIR}/mysqld" - -flags=("--defaults-file=${DB_CONF_DIR}/my.cnf" "--basedir=${DB_BASE_DIR}" "--datadir=${DB_DATA_DIR}" "--socket=${DB_SOCKET_FILE}") -[[ -z "${DB_PID_FILE:-}" ]] || flags+=("--pid-file=${DB_PID_FILE}") - -# Add flags specified via the 'DB_EXTRA_FLAGS' environment variable -read -r -a db_extra_flags <<< "$(mysql_extra_flags)" -[[ "${#db_extra_flags[@]}" -gt 0 ]] && flags+=("${db_extra_flags[@]}") - -# Add flags passed to this script -flags+=("$@") - -# Fix for MDEV-16183 - mysqld_safe already does this, but we are using mysqld -LD_PRELOAD="$(find_jemalloc_lib)${LD_PRELOAD:+ "$LD_PRELOAD"}" -export LD_PRELOAD - -is_boolean_yes "$DB_ENABLE_LDAP" && ldap_start_nslcd_bg - -info "** Starting MariaDB **" - -set_previous_boot - -if am_i_root; then - exec_as_user "$DB_DAEMON_USER" "$EXEC" "${flags[@]}" -else - exec "$EXEC" "${flags[@]}" -fi diff --git a/bitnami/mariadb-galera/10.11/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/setup.sh b/bitnami/mariadb-galera/10.11/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/setup.sh deleted file mode 100755 index 9c9d3cc2cc41..000000000000 --- a/bitnami/mariadb-galera/10.11/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/setup.sh +++ /dev/null @@ -1,48 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libmariadbgalera.sh -. /opt/bitnami/scripts/libldapclient.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# Load LDAP environment variables -eval "$(ldap_env)" - -# Ensure mysql unix socket file does not exist -rm -rf "${DB_SOCKET_FILE}.lock" -# Ensure MariaDB environment variables settings are valid -mysql_validate -# Ensure MariaDB is stopped when this script ends. -trap "mysql_stop" EXIT -if am_i_root; then - # Ensure 'daemon' user exists when running as 'root' - ensure_user_exists "$DB_DAEMON_USER" --group "$DB_DAEMON_GROUP" - # Ensure 'nslcd' user exists when running as 'root' - ensure_user_exists "$LDAP_NSLCD_USER" --group "$LDAP_NSLCD_GROUP" - # Fix logging issue when running as root - chmod o+w "$(readlink /dev/stdout)" -fi -# Ensure MariaDB is initialized -mysql_initialize -# Ensure LDAP is initialized -is_boolean_yes "$DB_ENABLE_LDAP" && ldap_initialize -# Allow running custom initialization scripts -mysql_custom_scripts 'init' -# Allow running custom start scripts -mysql_custom_scripts 'start' -# Stop MariaDB before flagging it as fully initialized. -# Relying only on the trap defined above could produce a race condition. -mysql_stop diff --git a/bitnami/mariadb-galera/10.11/debian-11/tags-info.yaml b/bitnami/mariadb-galera/10.11/debian-11/tags-info.yaml deleted file mode 100644 index 93f63728d1a3..000000000000 --- a/bitnami/mariadb-galera/10.11/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "10.11" -- 10.11-debian-11 -- 10.11.7 diff --git a/bitnami/mariadb-galera/10.4/debian-11/Dockerfile b/bitnami/mariadb-galera/10.4/debian-11/Dockerfile deleted file mode 100644 index 598371d9d95d..000000000000 --- a/bitnami/mariadb-galera/10.4/debian-11/Dockerfile +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T17:04:21Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="10.4.33-debian-11-r16" \ - org.opencontainers.image.title="mariadb-galera" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="10.4.33" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl iproute2 ldap-utils libaio1 libaudit1 libcap-ng0 libcrypt1 libgcc-s1 libicu67 libjemalloc2 libldap-common liblzma5 libncurses6 libpam-ldapd libpam0g libssl1.1 libstdc++6 libtinfo6 libxml2 nslcd procps psmisc rsync socat zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "ini-file-1.4.6-8-linux-${OS_ARCH}-debian-11" \ - "mariadb-galera-10.4.33-0-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN mkdir /docker-entrypoint-initdb.d - -COPY rootfs / -RUN /opt/bitnami/scripts/mariadb-galera/postunpack.sh -ENV APP_VERSION="10.4.33" \ - BITNAMI_APP_NAME="mariadb-galera" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/common/sbin:/opt/bitnami/mariadb/bin:/opt/bitnami/mariadb/sbin:$PATH" - -EXPOSE 3306 4444 4567 4568 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/mariadb-galera/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/mariadb-galera/run.sh" ] diff --git a/bitnami/mariadb-galera/10.4/debian-11/docker-compose.yml b/bitnami/mariadb-galera/10.4/debian-11/docker-compose.yml deleted file mode 100644 index 6e862f3a1741..000000000000 --- a/bitnami/mariadb-galera/10.4/debian-11/docker-compose.yml +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2.1' - -services: - mariadb-galera: - image: docker.io/bitnami/mariadb-galera:10.4 - ports: - - '3306:3306' - - '4444:4444' - - '4567:4567' - - '4568:4568' - volumes: - - 'mariadb_galera_data:/bitnami/mariadb' - environment: - # ALLOW_EMPTY_PASSWORD is recommended only for development. - - ALLOW_EMPTY_PASSWORD=yes - - MARIADB_GALERA_CLUSTER_ADDRESS=gcomm:// - healthcheck: - test: ['CMD', '/opt/bitnami/scripts/mariadb-galera/healthcheck.sh'] - interval: 15s - timeout: 5s - retries: 6 - -volumes: - mariadb_galera_data: - driver: local diff --git a/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index cc2e1e268072..000000000000 --- a/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "ini-file": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.4.6-8" - }, - "mariadb-galera": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "10.4.33-0" - } -} \ No newline at end of file diff --git a/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/mariadb-galera/10.4/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/mariadb-galera/10.4/debian-11/rootfs/opt/bitnami/scripts/libldapclient.sh b/bitnami/mariadb-galera/10.4/debian-11/rootfs/opt/bitnami/scripts/libldapclient.sh deleted file mode 100644 index 3ab5431883a1..000000000000 --- a/bitnami/mariadb-galera/10.4/debian-11/rootfs/opt/bitnami/scripts/libldapclient.sh +++ /dev/null @@ -1,222 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami LDAP library - -# shellcheck disable=SC1090,SC1091 - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -######################## -# Loads global variables used on LDAP configuration. -# Globals: -# LDAP_* -# Arguments: -# None -# Returns: -# Series of exports to be used as 'eval' arguments -######################### -ldap_env() { - cat <<"EOF" -export LDAP_NSLCD_USER="nslcd" -export LDAP_URI="${LDAP_URI:-}" -export LDAP_BASE="${LDAP_BASE:-}" -export LDAP_BIND_DN="${LDAP_BIND_DN:-}" -export LDAP_BIND_PASSWORD="${LDAP_BIND_PASSWORD:-}" -export LDAP_BASE_LOOKUP="${LDAP_BASE_LOOKUP:-}" -export LDAP_NSS_INITGROUPS_IGNOREUSERS="${LDAP_NSS_INITGROUPS_IGNOREUSERS:-root,nslcd}" -export LDAP_SCOPE="${LDAP_SCOPE:-}" -export LDAP_TLS_REQCERT="${LDAP_TLS_REQCERT:-}" -export LDAP_SEARCH_FILTER="${LDAP_SEARCH_FILTER:-}" -export LDAP_SEARCH_MAP="${LDAP_SEARCH_MAP:-}" - -EOF - if [[ "$OS_FLAVOUR" =~ ^debian-.*$ ]]; then - cat <<"EOF" -export LDAP_NSLCD_GROUP="nslcd" -EOF - elif [[ "$OS_FLAVOUR" =~ ^(photon)-.*$ ]]; then - cat <<"EOF" -export LDAP_NSLCD_GROUP="ldap" -EOF - fi -} - -######################## -# Return LDAP config file path depending on distro -# Globals: -# OS_FLAVOUR -# Arguments: -# None -# Returns: -# (String) LDAP config file path -######################### -ldap_openldap_config_path() { - local openldap_config - case "$OS_FLAVOUR" in - debian-* | ubuntu-*) openldap_config=/etc/ldap/ldap.conf ;; - photon-* | redhatubi-*) openldap_config=/etc/openldap/ldap.conf ;; - *) error "Unsupported OS flavor ${OS_FLAVOUR}" && exit 1 ;; - esac - echo "$openldap_config" -} - -######################## -# Configure LDAP permissions (to be used at postunpack leve). -# Globals: -# LDAP_* -# Arguments: -# None -# Returns: -# None -######################### -ldap_configure_permissions() { - ensure_dir_exists "/var/run/nslcd" && configure_permissions_ownership "/var/run/nslcd" -u "root" -g "root" -d "775" - # The nslcd.conf file may not exist in distros like UBI, so we need to create it first - touch "/etc/nslcd.conf" - configure_permissions_ownership "/etc/nslcd.conf" -u "root" -g "root" -f "660" - configure_permissions_ownership "$(ldap_openldap_config_path)" -u "root" -g "root" -f "660" -} - -######################## -# Create nslcd.conf file -# Globals: -# LDAP_* -# Arguments: -# None -# Returns: -# None -######################### -ldap_create_nslcd_config() { - if am_i_root; then - chown "root:${LDAP_NSLCD_GROUP}" "/etc/nslcd.conf" - chown -R "${LDAP_NSLCD_USER}:${LDAP_NSLCD_GROUP}" "/var/run/nslcd" - cat >"/etc/nslcd.conf" <"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"$(ldap_openldap_config_path)" <"/etc/pam.d/${filename}" < 32 )); then - print_validation_error "The password can not be longer than 32 characters. Set the environment variable $(get_env_var ROOT_PASSWORD) with a shorter value (currently ${#DB_ROOT_PASSWORD} characters)" - fi - if [[ -n "$DB_USER" ]]; then - if is_boolean_yes "$DB_ENABLE_LDAP" && [[ -n "$DB_PASSWORD" ]]; then - warn "You enabled LDAP authentication. '$DB_USER' user will be authentication using LDAP, the password set at the environment variable $(get_env_var PASSWORD) will be ignored" - elif ! is_boolean_yes "$DB_ENABLE_LDAP" && [[ -z "$DB_PASSWORD" ]]; then - empty_password_error "$(get_env_var PASSWORD)" - fi - fi - fi - fi - - if [[ -n "$DB_GALERA_FORCE_SAFETOBOOTSTRAP" ]] && ! is_yes_no_value "$DB_GALERA_FORCE_SAFETOBOOTSTRAP"; then - print_validation_error "The allowed values for $(get_env_var GALERA_FORCE_SAFETOBOOTSTRAP) are yes or no." - fi - - if [[ -z "$DB_GALERA_CLUSTER_NAME" ]]; then - print_validation_error "Galera cluster cannot be created without setting the environment variable $(get_env_var GALERA_CLUSTER_NAME)." - fi - - if [[ -z "$(get_galera_cluster_address_value)" ]]; then - print_validation_error "Galera cluster cannot be created without setting the environment variable $(get_env_var GALERA_CLUSTER_ADDRESS). If you are bootstrapping a new Galera cluster, set the environment variable $(get_env_var GALERA_CLUSTER_ADDRESS)=yes." - fi - - if [[ "${DB_ROOT_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "$(get_env_var ROOT_PASSWORD)" - fi - if [[ "${DB_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "$(get_env_var PASSWORD)" - fi - - if is_boolean_yes "$DB_ENABLE_LDAP" && { [[ -z "${LDAP_URI}" ]] || [[ -z "${LDAP_BASE}" ]] || [[ -z "${LDAP_BIND_DN}" ]] || [[ -z "${LDAP_BIND_PASSWORD}" ]]; }; then - print_validation_error "The LDAP configuration is required when LDAP authentication is enabled. Set the environment variables LDAP_URI, LDAP_BASE, LDAP_BIND_DN and LDAP_BIND_PASSWORD with the LDAP configuration." - fi - - if is_boolean_yes "$DB_ENABLE_TLS"; then - if [[ -z "${DB_TLS_CERT_FILE}" ]] || [[ -z "${DB_TLS_KEY_FILE}" ]] || [[ -z "${DB_TLS_CA_FILE}" ]]; then - print_validation_error "The TLS cert file, key and CA are required when TLS is enabled. Set the environment variables TLS_CERT_FILE, TLS_KEY_FILE and TLS_CA_FILE with the path to each file." - fi - if [[ ! -f "${DB_TLS_CERT_FILE}" ]]; then - print_validation_error "The TLS_CERT file ${DB_TLS_CERT_FILE} must exist." - fi - if [[ ! -f "${DB_TLS_KEY_FILE}" ]]; then - print_validation_error "The TLS_KEY file ${DB_TLS_KEY_FILE} must exist." - fi - if [[ ! -f "${DB_TLS_CA_FILE}" ]]; then - print_validation_error "The TLS_CA file ${DB_TLS_CA_FILE} must exist." - fi - fi - - collation_env_var="$(get_env_var COLLATION)" - is_empty_value "${!collation_env_var:-}" || warn "The usage of '$(get_env_var COLLATION)' is deprecated and will soon be removed. Use '$(get_env_var COLLATE)' instead." - - [[ "$error_code" -eq 0 ]] || exit "$error_code" -} - -######################## -# Creates MySQL/MariaDB configuration file -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_create_default_config() { - debug "Creating main configuration file" - cat > "$DB_CONF_FILE" < "${DB_CONF_DIR}/bitnami/my_custom.cnf" - else - warn "Could not inject custom configuration for the ${DB_FLAVOR} configuration file '$DB_CONF_DIR/bitnami/my_custom.cnf' because it is not writable." - fi - fi - - if [[ -e "$DB_DATA_DIR/mysql" ]]; then - info "Persisted data detected. Restoring" - - if is_boolean_yes "$(get_galera_cluster_bootstrap_value)"; then - if is_boolean_yes "$DB_GALERA_FORCE_SAFETOBOOTSTRAP"; then - set_safe_to_bootstrap - fi - if ! is_safe_to_bootstrap; then - error "It is not safe to bootstrap form this node ('safe_to_bootstrap=0' is set in 'grastate.dat'). If you want to force bootstrap, set the environment variable MARIADB_GALERA_FORCE_SAFETOBOOTSTRAP=yes" - exit 1 - fi - fi - - return - else - # initialization should not be performed on non-primary nodes of a galera cluster - if is_boolean_yes "$(get_galera_cluster_bootstrap_value)"; then - debug "Cleaning data directory to ensure successfully initialization" - rm -rf "${DB_DATA_DIR:?}"/* - mysql_install_db - mysql_start_bg - debug "Deleting all users to avoid issues with galera configuration" - mysql_execute "mysql" </dev/null - hostname - fi -} - -######################## -# Check for user override of wsrep_node_address -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# String with node address -######################### -get_node_address() { - if [[ -n "$DB_GALERA_NODE_ADDRESS" ]]; then - echo "$DB_GALERA_NODE_ADDRESS" - else - # In some environments, the network may not be fully set up when starting the initialization - # So, to avoid issues, we retry the 'hostname' command until it succeeds (for a few minutes) - local -r retries="60" - local -r seconds="5" - retry_while "hostname -i" "$retries" "$seconds" >/dev/null - # prefer IPv6 over IPv4 if available - # This works by pulling any IPv4 addresses encountered into hold space and emitting it only when the EOF line is encountered - printf '%s\nEOF' "$(hostname -i | tr ' ' '\n')" | sed '/:/{;q;};/^EOF$/{;g;q;};h;d' - fi -} - -######################## -# Starts MySQL/MariaDB in the background and waits until it's ready -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_start_bg() { - local -a flags=("--defaults-file=${DB_CONF_FILE}" "--basedir=${DB_BASE_DIR}" "--datadir=${DB_DATA_DIR}" "--socket=${DB_SOCKET_FILE}") - - # Only allow local connections until MySQL is fully initialized, to avoid apps trying to connect to MySQL before it is fully initialized - flags+=("--bind-address=127.0.0.1") - - # Add flags specified via the 'DB_EXTRA_FLAGS' environment variable - read -r -a db_extra_flags <<< "$(mysql_extra_flags)" - [[ "${#db_extra_flags[@]}" -gt 0 ]] && flags+=("${db_extra_flags[@]}") - - # Do not start as root, to avoid permission issues - am_i_root && flags+=("--user=${DB_DAEMON_USER}") - - # The slave should only start in 'run.sh', elseways user credentials would be needed for any connection - flags+=("--skip-slave-start") - flags+=("$@") - - is_mysql_running && return - - info "Starting $DB_FLAVOR in background" - debug_execute "${DB_SBIN_DIR}/mysqld" "${flags[@]}" & - - # we cannot use wait_for_mysql_access here as mysql_upgrade for MySQL >=8 depends on this command - # users are not configured on slave nodes during initialization due to --skip-slave-start - wait_for_mysql - - # Wait for WSREP to be ready. If WSREP is not ready, we cannot do any transactions, thus cannot - # create any users, and WSREP instantly kills MariaDB if doing so - wait_for_wsrep - - # Special configuration flag for system with slow disks that could take more time - # in initializing - if [[ -n "${DB_INIT_SLEEP_TIME}" ]]; then - debug "Sleeping ${DB_INIT_SLEEP_TIME} seconds before continuing with initialization" - sleep "${DB_INIT_SLEEP_TIME}" - fi -} - -######################## -# Wait for WSREP to be ready to do transactions -# Arguments: -# None -# Returns: -# None -######################## -wait_for_wsrep() { - local -r retries=300 - local -r sleep_time=2 - if ! retry_while is_wsrep_ready "$retries" "$sleep_time"; then - error "WSREP did not become ready" - return 1 - fi -} - -######################## -# Checks for WSREP to be ready to do transactions -# Arguments: -# None -# Returns: -# Boolean -######################## -is_wsrep_ready() { - debug "Checking if WSREP is ready" - is_ready="$(mysql_execute_print_output "mysql" "root" <> "$custom_conf_file" - cat "$old_custom_conf_file" >> "$custom_conf_file" - fi - if am_i_root; then - [[ -e "$DB_VOLUME_DIR/.initialized" ]] && rm "$DB_VOLUME_DIR/.initialized" - rm -rf "$DB_VOLUME_DIR/conf" - else - warn "Old custom configuration migrated, please manually remove the 'conf' directory from the volume use to persist data" - fi -} - -######################## -# Ensure a db user exists with the given password for the '%' host -# Globals: -# DB_* -# Flags: -# -p|--password - database password -# -u|--user - database user -# --auth-plugin - authentication plugin -# --use-ldap - authenticate user via LDAP -# --host - database host -# --port - database host -# Arguments: -# $1 - database user -# Returns: -# None -######################### -mysql_ensure_user_exists() { - local -r user="${1:?user is required}" - local password="" - local auth_plugin="" - local use_ldap="no" - local hosts - local auth_string="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -p|--password) - shift - password="${1:?missing database password}" - ;; - --auth-plugin) - shift - auth_plugin="${1:?missing authentication plugin}" - ;; - --use-ldap) - use_ldap="yes" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if is_boolean_yes "$use_ldap"; then - auth_string="identified via pam using '$DB_FLAVOR'" - elif [[ -n "$password" ]]; then - if [[ -n "$auth_plugin" ]]; then - auth_string="identified with $auth_plugin by '$password'" - else - auth_string="identified by '$password'" - fi - fi - debug "creating database user \'$user\'" - - local -a mysql_execute_cmd=("mysql_execute") - local -a mysql_execute_print_output_cmd=("mysql_execute_print_output") - if [[ -n "$db_host" && -n "$db_port" ]]; then - mysql_execute_cmd=("mysql_remote_execute" "$db_host" "$db_port") - mysql_execute_print_output_cmd=("mysql_remote_execute_print_output" "$db_host" "$db_port") - fi - - local mysql_create_user_cmd - [[ "$DB_FLAVOR" = "mariadb" ]] && mysql_create_user_cmd="create or replace user" || mysql_create_user_cmd="create user if not exists" - "${mysql_execute_cmd[@]}" "mysql" "$DB_ROOT_USER" "$DB_ROOT_PASSWORD" <=10.4, the mysql.user table was replaced with a view: https://mariadb.com/kb/en/mysqluser-table/ - # Views have a definer user, in this case set to 'root', which needs to exist for the view to work - # In MySQL, to avoid issues when renaming the root user, they use the 'mysql.sys' user as a definer: https://dev.mysql.com/doc/refman/5.7/en/sys-schema.html - # However, for MariaDB that is not the case, so when the 'root' user is renamed the 'mysql.user' table stops working and the view needs to be fixed - if [[ "$user" != "root" && ! "$(mysql_get_version)" =~ ^10.[0123]. ]]; then - alter_view_str="$(mysql_execute_print_output "mysql" "$user" "$password" "-s" <&2 - return 1 - ;; - esac - shift - done - - local -a mysql_execute_cmd=("mysql_execute") - [[ -n "$db_host" && -n "$db_port" ]] && mysql_execute_cmd=("mysql_remote_execute" "$db_host" "$db_port") - - local -a create_database_args=() - [[ -n "$character_set" ]] && create_database_args+=("character set = '${character_set}'") - [[ -n "$collate" ]] && create_database_args+=("collate = '${collate}'") - - debug "Creating database $database" - "${mysql_execute_cmd[@]}" "mysql" "$DB_ROOT_USER" "$DB_ROOT_PASSWORD" <&2 - return 1 - ;; - esac - shift - done - - local -a flags=("$user") - [[ -n "$db_host" ]] && flags+=("--host" "${db_host}") - [[ -n "$db_port" ]] && flags+=("--port" "${db_port}") - if is_boolean_yes "$use_ldap"; then - flags+=("--use-ldap") - elif [[ -n "$password" ]]; then - flags+=("-p" "$password") - [[ -n "$auth_plugin" ]] && flags=("${flags[@]}" "--auth-plugin" "$auth_plugin") - fi - mysql_ensure_user_exists "${flags[@]}" -} - -######################## -# Optionally create the given database, and then optionally give a user -# full privileges on the database. -# Flags: -# -u|--user - database user -# --character-set - character set -# --collation - collation -# --host - database host -# --port - database port -# Arguments: -# $1 - database name -# Returns: -# None -######################### -mysql_ensure_optional_database_exists() { - local -r database="${1:?database is missing}" - local character_set="" - local collate="" - local user="" - local privileges="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - --character-set) - shift - character_set="${1:?missing character set}" - ;; - --collate) - shift - collate="${1:?missing collate}" - ;; - -u|--user) - shift - user="${1:?missing database user}" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - --privileges) - shift - privileges="${1:?missing privileges}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - local -a flags=("$database") - [[ -n "$character_set" ]] && flags+=("--character-set" "$character_set") - [[ -n "$collate" ]] && flags+=("--collate" "$collate") - [[ -n "$db_host" ]] && flags+=("--host" "$db_host") - [[ -n "$db_port" ]] && flags+=("--port" "$db_port") - mysql_ensure_database_exists "${flags[@]}" - - if [[ -n "$user" ]]; then - mysql_ensure_user_has_database_privileges "$user" "$database" "$privileges" "$db_host" "$db_port" - fi -} - -######################## -# Add or modify an entry in the MySQL configuration file ("$DB_CONF_FILE") -# Globals: -# DB_* -# Arguments: -# $1 - MySQL variable name -# $2 - Value to assign to the MySQL variable -# $3 - Section in the MySQL configuration file the key is located (default: mysqld) -# $4 - Configuration file (default: "$BD_CONF_FILE") -# Returns: -# None -######################### -mysql_conf_set() { - local -r key="${1:?key missing}" - local -r value="${2:?value missing}" - read -r -a sections <<<"${3:-mysqld}" - local -r ignore_inline_comments="${4:-no}" - local -r file="${5:-"$DB_CONF_FILE"}" - info "Setting ${key} option" - debug "Setting ${key} to '${value}' in ${DB_FLAVOR} configuration file ${file}" - # Check if the configuration exists in the file - for section in "${sections[@]}"; do - if is_boolean_yes "$ignore_inline_comments"; then - ini-file set --ignore-inline-comments --section "$section" --key "$key" --value "$value" "$file" - else - ini-file set --section "$section" --key "$key" --value "$value" "$file" - fi - done -} - -######################## -# Update MySQL/MariaDB configuration file with user custom inputs -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_update_custom_config() { - # Persisted configuration files from old versions - ! is_dir_empty "$DB_VOLUME_DIR" && [[ -d "$DB_VOLUME_DIR/conf" ]] && mysql_migrate_old_configuration - - # User injected custom configuration - if [[ -f "$DB_CONF_DIR/my_custom.cnf" ]]; then - debug "Injecting custom configuration from my_custom.conf" - cat "$DB_CONF_DIR/my_custom.cnf" > "$DB_CONF_DIR/bitnami/my_custom.cnf" - fi - - ! is_empty_value "$DB_USER" && mysql_conf_set "user" "$DB_USER" "mysqladmin" - ! is_empty_value "$DB_PORT_NUMBER" && mysql_conf_set "port" "$DB_PORT_NUMBER" "mysqld client manager" - ! is_empty_value "$DB_CHARACTER_SET" && mysql_conf_set "character_set_server" "$DB_CHARACTER_SET" - ! is_empty_value "$DB_COLLATE" && mysql_conf_set "collation_server" "$DB_COLLATE" - ! is_empty_value "$DB_BIND_ADDRESS" && mysql_conf_set "bind_address" "$DB_BIND_ADDRESS" - ! is_empty_value "$DB_AUTHENTICATION_PLUGIN" && mysql_conf_set "default_authentication_plugin" "$DB_AUTHENTICATION_PLUGIN" - ! is_empty_value "$DB_SQL_MODE" && mysql_conf_set "sql_mode" "$DB_SQL_MODE" - ! is_empty_value "$DB_ENABLE_SLOW_QUERY" && mysql_conf_set "slow_query_log" "$DB_ENABLE_SLOW_QUERY" - ! is_empty_value "$DB_LONG_QUERY_TIME" && mysql_conf_set "long_query_time" "$DB_LONG_QUERY_TIME" - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Find the path to the libjemalloc library file -# Globals: -# None -# Arguments: -# None -# Returns: -# Path to a libjemalloc shared object file -######################### -find_jemalloc_lib() { - local -a locations=( "/usr/lib" "/usr/lib64" ) - local -r pattern='libjemalloc.so.[0-9]' - local path - for dir in "${locations[@]}"; do - # Find the first element matching the pattern and quit - [[ ! -d "$dir" ]] && continue - path="$(find "$dir" -name "$pattern" -print -quit)" - [[ -n "$path" ]] && break - done - echo "${path:-}" -} - -######################## -# Execute a reliable health check against the current mysql instance -# Globals: -# DB_ROOT_PASSWORD, DB_MASTER_ROOT_PASSWORD -# Arguments: -# None -# Returns: -# mysqladmin output -######################### -mysql_healthcheck() { - local args=("-uroot" "-h0.0.0.0") - local root_password - - root_password="$(get_master_env_var_value ROOT_PASSWORD)" - if [[ -n "$root_password" ]]; then - args+=("-p${root_password}") - fi - - mysqladmin "${args[@]}" ping && mysqladmin "${args[@]}" status -} - -######################## -# Prints flavor of 'mysql' client (useful to determine proper CLI flags that can be used) -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# mysql client flavor -######################### -mysql_client_flavor() { - if "${DB_BIN_DIR}/mysql" "--version" 2>&1 | grep -q MariaDB; then - echo "mariadb" - else - echo "mysql" - fi -} - -######################## -# Prints extra options for MySQL client calls (i.e. SSL options) -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# List of options to pass to "mysql" CLI -######################### -mysql_client_extra_opts() { - # Helper to get the proper value for the MySQL client environment variable - mysql_client_env_value() { - local env_name="MYSQL_CLIENT_${1:?missing name}" - if [[ -n "${!env_name:-}" ]]; then - echo "${!env_name:-}" - else - env_name="DB_CLIENT_${1}" - echo "${!env_name:-}" - fi - } - local -a opts=() - local key value - if is_boolean_yes "${DB_ENABLE_SSL:-no}"; then - if [[ "$(mysql_client_flavor)" = "mysql" ]]; then - opts+=("--ssl-mode=REQUIRED") - else - opts+=("--ssl=TRUE") - fi - # Add "--ssl-ca", "--ssl-key" and "--ssl-cert" options if the env vars are defined - for key in ca key cert; do - value="$(mysql_client_env_value "SSL_${key^^}_FILE")" - [[ -n "${value}" ]] && opts+=("--ssl-${key}=${value}") - done - fi - echo "${opts[@]:-}" -} diff --git a/bitnami/mariadb-galera/10.4/debian-11/rootfs/opt/bitnami/scripts/mariadb-env.sh b/bitnami/mariadb-galera/10.4/debian-11/rootfs/opt/bitnami/scripts/mariadb-env.sh deleted file mode 100644 index 8f8b893a268c..000000000000 --- a/bitnami/mariadb-galera/10.4/debian-11/rootfs/opt/bitnami/scripts/mariadb-env.sh +++ /dev/null @@ -1,261 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for mariadb - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-mariadb}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -mariadb_env_vars=( - ALLOW_EMPTY_PASSWORD - MARIADB_AUTHENTICATION_PLUGIN - MARIADB_ROOT_USER - MARIADB_ROOT_PASSWORD - MARIADB_USER - MARIADB_PASSWORD - MARIADB_DATABASE - MARIADB_MASTER_HOST - MARIADB_MASTER_PORT_NUMBER - MARIADB_MASTER_ROOT_USER - MARIADB_MASTER_ROOT_PASSWORD - MARIADB_MASTER_DELAY - MARIADB_REPLICATION_USER - MARIADB_REPLICATION_PASSWORD - MARIADB_PORT_NUMBER - MARIADB_REPLICATION_MODE - MARIADB_REPLICATION_SLAVE_DUMP - MARIADB_EXTRA_FLAGS - MARIADB_INIT_SLEEP_TIME - MARIADB_CHARACTER_SET - MARIADB_COLLATE - MARIADB_BIND_ADDRESS - MARIADB_SQL_MODE - MARIADB_SKIP_TEST_DB - MARIADB_CLIENT_ENABLE_SSL - MARIADB_CLIENT_SSL_CA_FILE - MARIADB_CLIENT_SSL_CERT_FILE - MARIADB_CLIENT_SSL_KEY_FILE - MARIADB_CLIENT_EXTRA_FLAGS - MARIADB_STARTUP_WAIT_RETRIES - MARIADB_STARTUP_WAIT_SLEEP_TIME - MARIADB_ENABLE_SLOW_QUERY - MARIADB_LONG_QUERY_TIME - MARIADB_GALERA_CONF_DIR - MARIADB_GALERA_MOUNTED_CONF_DIR - MARIADB_GALERA_FORCE_SAFETOBOOTSTRAP - MARIADB_GALERA_CLUSTER_BOOTSTRAP - MARIADB_GALERA_CLUSTER_ADDRESS - MARIADB_GALERA_CLUSTER_NAME - MARIADB_GALERA_NODE_NAME - MARIADB_GALERA_NODE_ADDRESS - MARIADB_GALERA_SST_METHOD - MARIADB_GALERA_MARIABACKUP_USER - MARIADB_GALERA_MARIABACKUP_PASSWORD - MARIADB_ENABLE_LDAP - MARIADB_ENABLE_TLS - MARIADB_TLS_CERT_FILE - MARIADB_TLS_KEY_FILE - MARIADB_TLS_CA_FILE - MARIADB_REPLICATION_USER - MARIADB_REPLICATION_PASSWORD - DB_ENABLE_SLOW_QUERY - DB_LONG_QUERY_TIME -) -for env_var in "${mariadb_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset mariadb_env_vars -export DB_FLAVOR="mariadb" - -# Paths -export DB_BASE_DIR="${BITNAMI_ROOT_DIR}/mariadb" -export DB_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/mariadb" -export DB_DATA_DIR="${DB_VOLUME_DIR}/data" -export DB_BIN_DIR="${DB_BASE_DIR}/bin" -export DB_SBIN_DIR="${DB_BASE_DIR}/sbin" -export DB_CONF_DIR="${DB_BASE_DIR}/conf" -export DB_DEFAULT_CONF_DIR="${DB_BASE_DIR}/conf.default" -export DB_LOGS_DIR="${DB_BASE_DIR}/logs" -export DB_TMP_DIR="${DB_BASE_DIR}/tmp" -export DB_CONF_FILE="${DB_CONF_DIR}/my.cnf" -export DB_PID_FILE="${DB_TMP_DIR}/mysqld.pid" -export DB_SOCKET_FILE="${DB_TMP_DIR}/mysql.sock" -export PATH="${DB_SBIN_DIR}:${DB_BIN_DIR}:/opt/bitnami/common/bin:${PATH}" - -# System users (when running with a privileged user) -export DB_DAEMON_USER="mysql" -export DB_DAEMON_GROUP="mysql" - -# Default configuration (build-time) -export MARIADB_DEFAULT_PORT_NUMBER="3306" -export DB_DEFAULT_PORT_NUMBER="$MARIADB_DEFAULT_PORT_NUMBER" # only used at build time -export MARIADB_DEFAULT_CHARACTER_SET="utf8mb4" -export DB_DEFAULT_CHARACTER_SET="$MARIADB_DEFAULT_CHARACTER_SET" # only used at build time -export MARIADB_DEFAULT_BIND_ADDRESS="0.0.0.0" -export DB_DEFAULT_BIND_ADDRESS="$MARIADB_DEFAULT_BIND_ADDRESS" # only used at build time - -# MariaDB Galera authentication. -export ALLOW_EMPTY_PASSWORD="${ALLOW_EMPTY_PASSWORD:-no}" -export MARIADB_AUTHENTICATION_PLUGIN="${MARIADB_AUTHENTICATION_PLUGIN:-}" -export DB_AUTHENTICATION_PLUGIN="$MARIADB_AUTHENTICATION_PLUGIN" -export MARIADB_ROOT_USER="${MARIADB_ROOT_USER:-root}" -export DB_ROOT_USER="$MARIADB_ROOT_USER" # only used during the first initialization -export MARIADB_ROOT_PASSWORD="${MARIADB_ROOT_PASSWORD:-}" -export DB_ROOT_PASSWORD="$MARIADB_ROOT_PASSWORD" # only used during the first initialization -export MARIADB_USER="${MARIADB_USER:-}" -export DB_USER="$MARIADB_USER" # only used during the first initialization -export MARIADB_PASSWORD="${MARIADB_PASSWORD:-}" -export DB_PASSWORD="$MARIADB_PASSWORD" # only used during the first initialization -export MARIADB_DATABASE="${MARIADB_DATABASE:-}" -export DB_DATABASE="$MARIADB_DATABASE" # only used during the first initialization -export MARIADB_MASTER_HOST="${MARIADB_MASTER_HOST:-}" -export DB_MASTER_HOST="$MARIADB_MASTER_HOST" # only used during the first initialization -export MARIADB_MASTER_PORT_NUMBER="${MARIADB_MASTER_PORT_NUMBER:-3306}" -export DB_MASTER_PORT_NUMBER="$MARIADB_MASTER_PORT_NUMBER" # only used during the first initialization -export MARIADB_MASTER_ROOT_USER="${MARIADB_MASTER_ROOT_USER:-root}" -export DB_MASTER_ROOT_USER="$MARIADB_MASTER_ROOT_USER" # only used during the first initialization -export MARIADB_MASTER_ROOT_PASSWORD="${MARIADB_MASTER_ROOT_PASSWORD:-}" -export DB_MASTER_ROOT_PASSWORD="$MARIADB_MASTER_ROOT_PASSWORD" # only used during the first initialization -export MARIADB_MASTER_DELAY="${MARIADB_MASTER_DELAY:-0}" -export DB_MASTER_DELAY="$MARIADB_MASTER_DELAY" # only used during the first initialization -export MARIADB_REPLICATION_USER="${MARIADB_REPLICATION_USER:-}" -export DB_REPLICATION_USER="$MARIADB_REPLICATION_USER" # only used during the first initialization -export MARIADB_REPLICATION_PASSWORD="${MARIADB_REPLICATION_PASSWORD:-}" -export DB_REPLICATION_PASSWORD="$MARIADB_REPLICATION_PASSWORD" # only used during the first initialization - -# Settings -export MARIADB_PORT_NUMBER="${MARIADB_PORT_NUMBER:-}" -export DB_PORT_NUMBER="$MARIADB_PORT_NUMBER" -export MARIADB_REPLICATION_MODE="${MARIADB_REPLICATION_MODE:-}" -export DB_REPLICATION_MODE="$MARIADB_REPLICATION_MODE" -export MARIADB_REPLICATION_SLAVE_DUMP="${MARIADB_REPLICATION_SLAVE_DUMP:-false}" -export DB_REPLICATION_SLAVE_DUMP="$MARIADB_REPLICATION_SLAVE_DUMP" -export MARIADB_EXTRA_FLAGS="${MARIADB_EXTRA_FLAGS:-}" -export DB_EXTRA_FLAGS="$MARIADB_EXTRA_FLAGS" -export MARIADB_INIT_SLEEP_TIME="${MARIADB_INIT_SLEEP_TIME:-}" -export DB_INIT_SLEEP_TIME="$MARIADB_INIT_SLEEP_TIME" -export MARIADB_CHARACTER_SET="${MARIADB_CHARACTER_SET:-}" -export DB_CHARACTER_SET="$MARIADB_CHARACTER_SET" -# MARIADB_COLLATION is deprecated in favor of MARIADB_COLLATE -MARIADB_COLLATE="${MARIADB_COLLATE:-"${MARIADB_COLLATION:-}"}" -export MARIADB_COLLATE="${MARIADB_COLLATE:-}" -export DB_COLLATE="$MARIADB_COLLATE" -export MARIADB_BIND_ADDRESS="${MARIADB_BIND_ADDRESS:-}" -export DB_BIND_ADDRESS="$MARIADB_BIND_ADDRESS" -export MARIADB_SQL_MODE="${MARIADB_SQL_MODE:-}" -export DB_SQL_MODE="$MARIADB_SQL_MODE" -export MARIADB_SKIP_TEST_DB="${MARIADB_SKIP_TEST_DB:-no}" -export DB_SKIP_TEST_DB="$MARIADB_SKIP_TEST_DB" -export MARIADB_CLIENT_ENABLE_SSL="${MARIADB_CLIENT_ENABLE_SSL:-no}" -export DB_CLIENT_ENABLE_SSL="$MARIADB_CLIENT_ENABLE_SSL" -export MARIADB_CLIENT_SSL_CA_FILE="${MARIADB_CLIENT_SSL_CA_FILE:-}" -export DB_CLIENT_SSL_CA_FILE="$MARIADB_CLIENT_SSL_CA_FILE" -export MARIADB_CLIENT_SSL_CERT_FILE="${MARIADB_CLIENT_SSL_CERT_FILE:-}" -export DB_CLIENT_SSL_CERT_FILE="$MARIADB_CLIENT_SSL_CERT_FILE" -export MARIADB_CLIENT_SSL_KEY_FILE="${MARIADB_CLIENT_SSL_KEY_FILE:-}" -export DB_CLIENT_SSL_KEY_FILE="$MARIADB_CLIENT_SSL_KEY_FILE" -export MARIADB_CLIENT_EXTRA_FLAGS="${MARIADB_CLIENT_EXTRA_FLAGS:-no}" -export DB_CLIENT_EXTRA_FLAGS="$MARIADB_CLIENT_EXTRA_FLAGS" -export MARIADB_STARTUP_WAIT_RETRIES="${MARIADB_STARTUP_WAIT_RETRIES:-300}" -export DB_STARTUP_WAIT_RETRIES="$MARIADB_STARTUP_WAIT_RETRIES" -export MARIADB_STARTUP_WAIT_SLEEP_TIME="${MARIADB_STARTUP_WAIT_SLEEP_TIME:-2}" -export DB_STARTUP_WAIT_SLEEP_TIME="$MARIADB_STARTUP_WAIT_SLEEP_TIME" -MARIADB_ENABLE_SLOW_QUERY="${MARIADB_ENABLE_SLOW_QUERY:-"${DB_ENABLE_SLOW_QUERY:-}"}" -export MARIADB_ENABLE_SLOW_QUERY="${MARIADB_ENABLE_SLOW_QUERY:-0}" -export DB_ENABLE_SLOW_QUERY="$MARIADB_ENABLE_SLOW_QUERY" -MARIADB_LONG_QUERY_TIME="${MARIADB_LONG_QUERY_TIME:-"${DB_LONG_QUERY_TIME:-}"}" -export MARIADB_LONG_QUERY_TIME="${MARIADB_LONG_QUERY_TIME:-10.0}" -export DB_LONG_QUERY_TIME="$MARIADB_LONG_QUERY_TIME" - -# Galera paths -export MARIADB_GALERA_GRASTATE_FILE="${DB_DATA_DIR}/grastate.dat" -export DB_GALERA_GRASTATE_FILE="$MARIADB_GALERA_GRASTATE_FILE" -export MARIADB_GALERA_BOOTSTRAP_DIR="${DB_VOLUME_DIR}/.bootstrap" -export DB_GALERA_BOOTSTRAP_DIR="$MARIADB_GALERA_BOOTSTRAP_DIR" -export MARIADB_GALERA_BOOTSTRAP_FILE="${DB_GALERA_BOOTSTRAP_DIR}/done" -export DB_GALERA_BOOTSTRAP_FILE="$MARIADB_GALERA_BOOTSTRAP_FILE" - -# Galera build-time defaults for cluster configuration -export MARIADB_GALERA_DEFAULT_CLUSTER_ADDRESS="gcomm://" -export DB_GALERA_DEFAULT_CLUSTER_ADDRESS="$MARIADB_GALERA_DEFAULT_CLUSTER_ADDRESS" -export MARIADB_GALERA_DEFAULT_CLUSTER_NAME="galera" -export DB_GALERA_DEFAULT_CLUSTER_NAME="$MARIADB_GALERA_DEFAULT_CLUSTER_NAME" -export MARIADB_GALERA_DEFAULT_NODE_NAME="" -export DB_GALERA_DEFAULT_NODE_NAME="$MARIADB_GALERA_DEFAULT_NODE_NAME" -export MARIADB_GALERA_DEFAULT_NODE_ADDRESS="" -export DB_GALERA_DEFAULT_NODE_ADDRESS="$MARIADB_GALERA_DEFAULT_NODE_ADDRESS" -export MARIADB_GALERA_DEFAULT_SST_METHOD="mariabackup" -export DB_GALERA_DEFAULT_SST_METHOD="$MARIADB_GALERA_DEFAULT_SST_METHOD" -export MARIADB_GALERA_DEFAULT_MARIABACKUP_USER="mariabackup" -export DB_GALERA_DEFAULT_MARIABACKUP_USER="$MARIADB_GALERA_DEFAULT_MARIABACKUP_USER" -export MARIADB_GALERA_DEFAULT_MARIABACKUP_PASSWORD="" -export DB_GALERA_DEFAULT_MARIABACKUP_PASSWORD="$MARIADB_GALERA_DEFAULT_MARIABACKUP_PASSWORD" - -# Galera cluster configuration. -export MARIADB_GALERA_CONF_DIR="${MARIADB_GALERA_CONF_DIR:-/opt/bitnami/mariadb/conf}" -export DB_GALERA_CONF_DIR="$MARIADB_GALERA_CONF_DIR" -export MARIADB_GALERA_MOUNTED_CONF_DIR="${MARIADB_GALERA_MOUNTED_CONF_DIR:-/bitnami/conf}" -export DB_GALERA_MOUNTED_CONF_DIR="$MARIADB_GALERA_MOUNTED_CONF_DIR" -export MARIADB_GALERA_FORCE_SAFETOBOOTSTRAP="${MARIADB_GALERA_FORCE_SAFETOBOOTSTRAP:-}" -export DB_GALERA_FORCE_SAFETOBOOTSTRAP="$MARIADB_GALERA_FORCE_SAFETOBOOTSTRAP" -export MARIADB_GALERA_CLUSTER_BOOTSTRAP="${MARIADB_GALERA_CLUSTER_BOOTSTRAP:-}" -export DB_GALERA_CLUSTER_BOOTSTRAP="$MARIADB_GALERA_CLUSTER_BOOTSTRAP" -export MARIADB_GALERA_CLUSTER_ADDRESS="${MARIADB_GALERA_CLUSTER_ADDRESS:-}" -export DB_GALERA_CLUSTER_ADDRESS="$MARIADB_GALERA_CLUSTER_ADDRESS" -export MARIADB_GALERA_CLUSTER_NAME="${MARIADB_GALERA_CLUSTER_NAME:-$DB_GALERA_DEFAULT_CLUSTER_NAME}" -export DB_GALERA_CLUSTER_NAME="$MARIADB_GALERA_CLUSTER_NAME" -export MARIADB_GALERA_NODE_NAME="${MARIADB_GALERA_NODE_NAME:-}" -export DB_GALERA_NODE_NAME="$MARIADB_GALERA_NODE_NAME" -export MARIADB_GALERA_NODE_ADDRESS="${MARIADB_GALERA_NODE_ADDRESS:-}" -export DB_GALERA_NODE_ADDRESS="$MARIADB_GALERA_NODE_ADDRESS" -export MARIADB_GALERA_SST_METHOD="${MARIADB_GALERA_SST_METHOD:-$DB_GALERA_DEFAULT_SST_METHOD}" -export DB_GALERA_SST_METHOD="$MARIADB_GALERA_SST_METHOD" -export MARIADB_GALERA_MARIABACKUP_USER="${MARIADB_GALERA_MARIABACKUP_USER:-$DB_GALERA_DEFAULT_MARIABACKUP_USER}" -export DB_GALERA_MARIABACKUP_USER="$MARIADB_GALERA_MARIABACKUP_USER" -export MARIADB_GALERA_MARIABACKUP_PASSWORD="${MARIADB_GALERA_MARIABACKUP_PASSWORD:-$DB_GALERA_DEFAULT_MARIABACKUP_PASSWORD}" -export DB_GALERA_MARIABACKUP_PASSWORD="$MARIADB_GALERA_MARIABACKUP_PASSWORD" - -# LDAP -export MARIADB_ENABLE_LDAP="${MARIADB_ENABLE_LDAP:-no}" -export DB_ENABLE_LDAP="$MARIADB_ENABLE_LDAP" - -# SSL/TLS configuration -export MARIADB_ENABLE_TLS="${MARIADB_ENABLE_TLS:-no}" -export DB_ENABLE_TLS="$MARIADB_ENABLE_TLS" -export MARIADB_TLS_CERT_FILE="${MARIADB_TLS_CERT_FILE:-}" -export DB_TLS_CERT_FILE="$MARIADB_TLS_CERT_FILE" -export MARIADB_TLS_KEY_FILE="${MARIADB_TLS_KEY_FILE:-}" -export DB_TLS_KEY_FILE="$MARIADB_TLS_KEY_FILE" -export MARIADB_TLS_CA_FILE="${MARIADB_TLS_CA_FILE:-}" -export DB_TLS_CA_FILE="$MARIADB_TLS_CA_FILE" -export MARIADB_REPLICATION_USER="${MARIADB_REPLICATION_USER:-monitor}" -export DB_REPLICATION_USER="$MARIADB_REPLICATION_USER" # only used during the first initialization -export MARIADB_REPLICATION_PASSWORD="${MARIADB_REPLICATION_PASSWORD:-monitor}" -export DB_REPLICATION_PASSWORD="$MARIADB_REPLICATION_PASSWORD" # only used during the first initialization - -# Custom environment variables may be defined below diff --git a/bitnami/mariadb-galera/10.4/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/entrypoint.sh b/bitnami/mariadb-galera/10.4/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/entrypoint.sh deleted file mode 100755 index fc345ddf26ef..000000000000 --- a/bitnami/mariadb-galera/10.4/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/entrypoint.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/libmariadbgalera.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# We add the copy from default config in the entrypoint to not break users -# bypassing the setup.sh logic. If the file already exists do not overwrite (in -# case someone mounts a configuration file in /opt/bitnami/mariadb/conf) -debug "Copying files from $DB_DEFAULT_CONF_DIR to $DB_CONF_DIR" -cp -nr "$DB_DEFAULT_CONF_DIR"/. "$DB_CONF_DIR" - -print_welcome_page - -if [[ "$1" = "/opt/bitnami/scripts/mariadb-galera/run.sh" ]]; then - info "** Starting MariaDB setup **" - /opt/bitnami/scripts/mariadb-galera/setup.sh - info "** MariaDB setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/mariadb-galera/10.4/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/healthcheck.sh b/bitnami/mariadb-galera/10.4/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/healthcheck.sh deleted file mode 100755 index b7e19b0b6dbf..000000000000 --- a/bitnami/mariadb-galera/10.4/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/healthcheck.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libmariadbgalera.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -mysql_healthcheck diff --git a/bitnami/mariadb-galera/10.4/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/postunpack.sh b/bitnami/mariadb-galera/10.4/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/postunpack.sh deleted file mode 100755 index 37f744bc9c0a..000000000000 --- a/bitnami/mariadb-galera/10.4/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/postunpack.sh +++ /dev/null @@ -1,45 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libldapclient.sh -. /opt/bitnami/scripts/libmariadbgalera.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# Load LDAP environment variables -eval "$(ldap_env)" - -# Configure MariaDB options based on build-time defaults -info "Configuring default MariaDB options" -ensure_dir_exists "$DB_CONF_DIR" -mysql_create_default_config - -for dir in "$DB_TMP_DIR" "$DB_LOGS_DIR" "$DB_CONF_DIR" "$DB_DEFAULT_CONF_DIR" "${DB_CONF_DIR}/bitnami" "$DB_VOLUME_DIR" "$DB_DATA_DIR" "$DB_GALERA_BOOTSTRAP_DIR"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" -done - -# LDAP permissions -ldap_configure_permissions -ldap_create_pam_config "mariadb" - -# Fix to avoid issues detecting plugins in mysql_install_db -ln -sf "$DB_BASE_DIR/plugin" "$DB_BASE_DIR/lib/plugin" - -# Redirect all logging to stdout -ln -sf /dev/stdout "$DB_LOGS_DIR/mysqld.log" - -# Copy all initially generated configuration files to the default directory -# (this is to avoid breaking when entrypoint is being overridden) -cp -r "${DB_CONF_DIR}/"* "$DB_DEFAULT_CONF_DIR" diff --git a/bitnami/mariadb-galera/10.4/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/run.sh b/bitnami/mariadb-galera/10.4/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/run.sh deleted file mode 100755 index 59aecfdba0c4..000000000000 --- a/bitnami/mariadb-galera/10.4/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/run.sh +++ /dev/null @@ -1,50 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libldapclient.sh -. /opt/bitnami/scripts/libmariadbgalera.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# Load LDAP environment variables -eval "$(ldap_env)" - -# mysqld_safe does not allow logging to stdout/stderr, so we stick with mysqld -EXEC="${DB_SBIN_DIR}/mysqld" - -flags=("--defaults-file=${DB_CONF_DIR}/my.cnf" "--basedir=${DB_BASE_DIR}" "--datadir=${DB_DATA_DIR}" "--socket=${DB_SOCKET_FILE}") -[[ -z "${DB_PID_FILE:-}" ]] || flags+=("--pid-file=${DB_PID_FILE}") - -# Add flags specified via the 'DB_EXTRA_FLAGS' environment variable -read -r -a db_extra_flags <<< "$(mysql_extra_flags)" -[[ "${#db_extra_flags[@]}" -gt 0 ]] && flags+=("${db_extra_flags[@]}") - -# Add flags passed to this script -flags+=("$@") - -# Fix for MDEV-16183 - mysqld_safe already does this, but we are using mysqld -LD_PRELOAD="$(find_jemalloc_lib)${LD_PRELOAD:+ "$LD_PRELOAD"}" -export LD_PRELOAD - -is_boolean_yes "$DB_ENABLE_LDAP" && ldap_start_nslcd_bg - -info "** Starting MariaDB **" - -set_previous_boot - -if am_i_root; then - exec_as_user "$DB_DAEMON_USER" "$EXEC" "${flags[@]}" -else - exec "$EXEC" "${flags[@]}" -fi diff --git a/bitnami/mariadb-galera/10.4/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/setup.sh b/bitnami/mariadb-galera/10.4/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/setup.sh deleted file mode 100755 index 9c9d3cc2cc41..000000000000 --- a/bitnami/mariadb-galera/10.4/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/setup.sh +++ /dev/null @@ -1,48 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libmariadbgalera.sh -. /opt/bitnami/scripts/libldapclient.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# Load LDAP environment variables -eval "$(ldap_env)" - -# Ensure mysql unix socket file does not exist -rm -rf "${DB_SOCKET_FILE}.lock" -# Ensure MariaDB environment variables settings are valid -mysql_validate -# Ensure MariaDB is stopped when this script ends. -trap "mysql_stop" EXIT -if am_i_root; then - # Ensure 'daemon' user exists when running as 'root' - ensure_user_exists "$DB_DAEMON_USER" --group "$DB_DAEMON_GROUP" - # Ensure 'nslcd' user exists when running as 'root' - ensure_user_exists "$LDAP_NSLCD_USER" --group "$LDAP_NSLCD_GROUP" - # Fix logging issue when running as root - chmod o+w "$(readlink /dev/stdout)" -fi -# Ensure MariaDB is initialized -mysql_initialize -# Ensure LDAP is initialized -is_boolean_yes "$DB_ENABLE_LDAP" && ldap_initialize -# Allow running custom initialization scripts -mysql_custom_scripts 'init' -# Allow running custom start scripts -mysql_custom_scripts 'start' -# Stop MariaDB before flagging it as fully initialized. -# Relying only on the trap defined above could produce a race condition. -mysql_stop diff --git a/bitnami/mariadb-galera/10.4/debian-11/tags-info.yaml b/bitnami/mariadb-galera/10.4/debian-11/tags-info.yaml deleted file mode 100644 index b3f7e7ef04f9..000000000000 --- a/bitnami/mariadb-galera/10.4/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "10.4" -- 10.4-debian-11 -- 10.4.33 diff --git a/bitnami/mariadb-galera/10.5/debian-11/Dockerfile b/bitnami/mariadb-galera/10.5/debian-11/Dockerfile deleted file mode 100644 index 7f646af9ff02..000000000000 --- a/bitnami/mariadb-galera/10.5/debian-11/Dockerfile +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T17:03:38Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="10.5.24-debian-11-r16" \ - org.opencontainers.image.title="mariadb-galera" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="10.5.24" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl iproute2 ldap-utils libaio1 libaudit1 libcap-ng0 libcrypt1 libgcc-s1 libicu67 libldap-common liblzma5 libncurses6 libpam-ldapd libpam0g libssl1.1 libstdc++6 libtinfo6 libxml2 nslcd procps psmisc rsync socat zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "ini-file-1.4.6-8-linux-${OS_ARCH}-debian-11" \ - "mariadb-galera-10.5.24-0-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN mkdir /docker-entrypoint-initdb.d - -COPY rootfs / -RUN /opt/bitnami/scripts/mariadb-galera/postunpack.sh -ENV APP_VERSION="10.5.24" \ - BITNAMI_APP_NAME="mariadb-galera" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/common/sbin:/opt/bitnami/mariadb/bin:/opt/bitnami/mariadb/sbin:$PATH" - -EXPOSE 3306 4444 4567 4568 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/mariadb-galera/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/mariadb-galera/run.sh" ] diff --git a/bitnami/mariadb-galera/10.5/debian-11/docker-compose.yml b/bitnami/mariadb-galera/10.5/debian-11/docker-compose.yml deleted file mode 100644 index 75a6703388e6..000000000000 --- a/bitnami/mariadb-galera/10.5/debian-11/docker-compose.yml +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2.1' - -services: - mariadb-galera: - image: docker.io/bitnami/mariadb-galera:10.5 - ports: - - '3306:3306' - - '4444:4444' - - '4567:4567' - - '4568:4568' - volumes: - - 'mariadb_galera_data:/bitnami/mariadb' - environment: - # ALLOW_EMPTY_PASSWORD is recommended only for development. - - ALLOW_EMPTY_PASSWORD=yes - - MARIADB_GALERA_CLUSTER_ADDRESS=gcomm:// - healthcheck: - test: ['CMD', '/opt/bitnami/scripts/mariadb-galera/healthcheck.sh'] - interval: 15s - timeout: 5s - retries: 6 - -volumes: - mariadb_galera_data: - driver: local diff --git a/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 0857013fbbfe..000000000000 --- a/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "ini-file": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.4.6-8" - }, - "mariadb-galera": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "10.5.24-0" - } -} \ No newline at end of file diff --git a/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/mariadb-galera/10.5/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/mariadb-galera/10.5/debian-11/rootfs/opt/bitnami/scripts/libldapclient.sh b/bitnami/mariadb-galera/10.5/debian-11/rootfs/opt/bitnami/scripts/libldapclient.sh deleted file mode 100644 index 3ab5431883a1..000000000000 --- a/bitnami/mariadb-galera/10.5/debian-11/rootfs/opt/bitnami/scripts/libldapclient.sh +++ /dev/null @@ -1,222 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami LDAP library - -# shellcheck disable=SC1090,SC1091 - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -######################## -# Loads global variables used on LDAP configuration. -# Globals: -# LDAP_* -# Arguments: -# None -# Returns: -# Series of exports to be used as 'eval' arguments -######################### -ldap_env() { - cat <<"EOF" -export LDAP_NSLCD_USER="nslcd" -export LDAP_URI="${LDAP_URI:-}" -export LDAP_BASE="${LDAP_BASE:-}" -export LDAP_BIND_DN="${LDAP_BIND_DN:-}" -export LDAP_BIND_PASSWORD="${LDAP_BIND_PASSWORD:-}" -export LDAP_BASE_LOOKUP="${LDAP_BASE_LOOKUP:-}" -export LDAP_NSS_INITGROUPS_IGNOREUSERS="${LDAP_NSS_INITGROUPS_IGNOREUSERS:-root,nslcd}" -export LDAP_SCOPE="${LDAP_SCOPE:-}" -export LDAP_TLS_REQCERT="${LDAP_TLS_REQCERT:-}" -export LDAP_SEARCH_FILTER="${LDAP_SEARCH_FILTER:-}" -export LDAP_SEARCH_MAP="${LDAP_SEARCH_MAP:-}" - -EOF - if [[ "$OS_FLAVOUR" =~ ^debian-.*$ ]]; then - cat <<"EOF" -export LDAP_NSLCD_GROUP="nslcd" -EOF - elif [[ "$OS_FLAVOUR" =~ ^(photon)-.*$ ]]; then - cat <<"EOF" -export LDAP_NSLCD_GROUP="ldap" -EOF - fi -} - -######################## -# Return LDAP config file path depending on distro -# Globals: -# OS_FLAVOUR -# Arguments: -# None -# Returns: -# (String) LDAP config file path -######################### -ldap_openldap_config_path() { - local openldap_config - case "$OS_FLAVOUR" in - debian-* | ubuntu-*) openldap_config=/etc/ldap/ldap.conf ;; - photon-* | redhatubi-*) openldap_config=/etc/openldap/ldap.conf ;; - *) error "Unsupported OS flavor ${OS_FLAVOUR}" && exit 1 ;; - esac - echo "$openldap_config" -} - -######################## -# Configure LDAP permissions (to be used at postunpack leve). -# Globals: -# LDAP_* -# Arguments: -# None -# Returns: -# None -######################### -ldap_configure_permissions() { - ensure_dir_exists "/var/run/nslcd" && configure_permissions_ownership "/var/run/nslcd" -u "root" -g "root" -d "775" - # The nslcd.conf file may not exist in distros like UBI, so we need to create it first - touch "/etc/nslcd.conf" - configure_permissions_ownership "/etc/nslcd.conf" -u "root" -g "root" -f "660" - configure_permissions_ownership "$(ldap_openldap_config_path)" -u "root" -g "root" -f "660" -} - -######################## -# Create nslcd.conf file -# Globals: -# LDAP_* -# Arguments: -# None -# Returns: -# None -######################### -ldap_create_nslcd_config() { - if am_i_root; then - chown "root:${LDAP_NSLCD_GROUP}" "/etc/nslcd.conf" - chown -R "${LDAP_NSLCD_USER}:${LDAP_NSLCD_GROUP}" "/var/run/nslcd" - cat >"/etc/nslcd.conf" <"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"$(ldap_openldap_config_path)" <"/etc/pam.d/${filename}" < 32 )); then - print_validation_error "The password can not be longer than 32 characters. Set the environment variable $(get_env_var ROOT_PASSWORD) with a shorter value (currently ${#DB_ROOT_PASSWORD} characters)" - fi - if [[ -n "$DB_USER" ]]; then - if is_boolean_yes "$DB_ENABLE_LDAP" && [[ -n "$DB_PASSWORD" ]]; then - warn "You enabled LDAP authentication. '$DB_USER' user will be authentication using LDAP, the password set at the environment variable $(get_env_var PASSWORD) will be ignored" - elif ! is_boolean_yes "$DB_ENABLE_LDAP" && [[ -z "$DB_PASSWORD" ]]; then - empty_password_error "$(get_env_var PASSWORD)" - fi - fi - fi - fi - - if [[ -n "$DB_GALERA_FORCE_SAFETOBOOTSTRAP" ]] && ! is_yes_no_value "$DB_GALERA_FORCE_SAFETOBOOTSTRAP"; then - print_validation_error "The allowed values for $(get_env_var GALERA_FORCE_SAFETOBOOTSTRAP) are yes or no." - fi - - if [[ -z "$DB_GALERA_CLUSTER_NAME" ]]; then - print_validation_error "Galera cluster cannot be created without setting the environment variable $(get_env_var GALERA_CLUSTER_NAME)." - fi - - if [[ -z "$(get_galera_cluster_address_value)" ]]; then - print_validation_error "Galera cluster cannot be created without setting the environment variable $(get_env_var GALERA_CLUSTER_ADDRESS). If you are bootstrapping a new Galera cluster, set the environment variable $(get_env_var GALERA_CLUSTER_ADDRESS)=yes." - fi - - if [[ "${DB_ROOT_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "$(get_env_var ROOT_PASSWORD)" - fi - if [[ "${DB_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "$(get_env_var PASSWORD)" - fi - - if is_boolean_yes "$DB_ENABLE_LDAP" && { [[ -z "${LDAP_URI}" ]] || [[ -z "${LDAP_BASE}" ]] || [[ -z "${LDAP_BIND_DN}" ]] || [[ -z "${LDAP_BIND_PASSWORD}" ]]; }; then - print_validation_error "The LDAP configuration is required when LDAP authentication is enabled. Set the environment variables LDAP_URI, LDAP_BASE, LDAP_BIND_DN and LDAP_BIND_PASSWORD with the LDAP configuration." - fi - - if is_boolean_yes "$DB_ENABLE_TLS"; then - if [[ -z "${DB_TLS_CERT_FILE}" ]] || [[ -z "${DB_TLS_KEY_FILE}" ]] || [[ -z "${DB_TLS_CA_FILE}" ]]; then - print_validation_error "The TLS cert file, key and CA are required when TLS is enabled. Set the environment variables TLS_CERT_FILE, TLS_KEY_FILE and TLS_CA_FILE with the path to each file." - fi - if [[ ! -f "${DB_TLS_CERT_FILE}" ]]; then - print_validation_error "The TLS_CERT file ${DB_TLS_CERT_FILE} must exist." - fi - if [[ ! -f "${DB_TLS_KEY_FILE}" ]]; then - print_validation_error "The TLS_KEY file ${DB_TLS_KEY_FILE} must exist." - fi - if [[ ! -f "${DB_TLS_CA_FILE}" ]]; then - print_validation_error "The TLS_CA file ${DB_TLS_CA_FILE} must exist." - fi - fi - - collation_env_var="$(get_env_var COLLATION)" - is_empty_value "${!collation_env_var:-}" || warn "The usage of '$(get_env_var COLLATION)' is deprecated and will soon be removed. Use '$(get_env_var COLLATE)' instead." - - [[ "$error_code" -eq 0 ]] || exit "$error_code" -} - -######################## -# Creates MySQL/MariaDB configuration file -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_create_default_config() { - debug "Creating main configuration file" - cat > "$DB_CONF_FILE" < "${DB_CONF_DIR}/bitnami/my_custom.cnf" - else - warn "Could not inject custom configuration for the ${DB_FLAVOR} configuration file '$DB_CONF_DIR/bitnami/my_custom.cnf' because it is not writable." - fi - fi - - if [[ -e "$DB_DATA_DIR/mysql" ]]; then - info "Persisted data detected. Restoring" - - if is_boolean_yes "$(get_galera_cluster_bootstrap_value)"; then - if is_boolean_yes "$DB_GALERA_FORCE_SAFETOBOOTSTRAP"; then - set_safe_to_bootstrap - fi - if ! is_safe_to_bootstrap; then - error "It is not safe to bootstrap form this node ('safe_to_bootstrap=0' is set in 'grastate.dat'). If you want to force bootstrap, set the environment variable MARIADB_GALERA_FORCE_SAFETOBOOTSTRAP=yes" - exit 1 - fi - fi - - return - else - # initialization should not be performed on non-primary nodes of a galera cluster - if is_boolean_yes "$(get_galera_cluster_bootstrap_value)"; then - debug "Cleaning data directory to ensure successfully initialization" - rm -rf "${DB_DATA_DIR:?}"/* - mysql_install_db - mysql_start_bg - debug "Deleting all users to avoid issues with galera configuration" - mysql_execute "mysql" </dev/null - hostname - fi -} - -######################## -# Check for user override of wsrep_node_address -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# String with node address -######################### -get_node_address() { - if [[ -n "$DB_GALERA_NODE_ADDRESS" ]]; then - echo "$DB_GALERA_NODE_ADDRESS" - else - # In some environments, the network may not be fully set up when starting the initialization - # So, to avoid issues, we retry the 'hostname' command until it succeeds (for a few minutes) - local -r retries="60" - local -r seconds="5" - retry_while "hostname -i" "$retries" "$seconds" >/dev/null - # prefer IPv6 over IPv4 if available - # This works by pulling any IPv4 addresses encountered into hold space and emitting it only when the EOF line is encountered - printf '%s\nEOF' "$(hostname -i | tr ' ' '\n')" | sed '/:/{;q;};/^EOF$/{;g;q;};h;d' - fi -} - -######################## -# Starts MySQL/MariaDB in the background and waits until it's ready -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_start_bg() { - local -a flags=("--defaults-file=${DB_CONF_FILE}" "--basedir=${DB_BASE_DIR}" "--datadir=${DB_DATA_DIR}" "--socket=${DB_SOCKET_FILE}") - - # Only allow local connections until MySQL is fully initialized, to avoid apps trying to connect to MySQL before it is fully initialized - flags+=("--bind-address=127.0.0.1") - - # Add flags specified via the 'DB_EXTRA_FLAGS' environment variable - read -r -a db_extra_flags <<< "$(mysql_extra_flags)" - [[ "${#db_extra_flags[@]}" -gt 0 ]] && flags+=("${db_extra_flags[@]}") - - # Do not start as root, to avoid permission issues - am_i_root && flags+=("--user=${DB_DAEMON_USER}") - - # The slave should only start in 'run.sh', elseways user credentials would be needed for any connection - flags+=("--skip-slave-start") - flags+=("$@") - - is_mysql_running && return - - info "Starting $DB_FLAVOR in background" - debug_execute "${DB_SBIN_DIR}/mysqld" "${flags[@]}" & - - # we cannot use wait_for_mysql_access here as mysql_upgrade for MySQL >=8 depends on this command - # users are not configured on slave nodes during initialization due to --skip-slave-start - wait_for_mysql - - # Wait for WSREP to be ready. If WSREP is not ready, we cannot do any transactions, thus cannot - # create any users, and WSREP instantly kills MariaDB if doing so - wait_for_wsrep - - # Special configuration flag for system with slow disks that could take more time - # in initializing - if [[ -n "${DB_INIT_SLEEP_TIME}" ]]; then - debug "Sleeping ${DB_INIT_SLEEP_TIME} seconds before continuing with initialization" - sleep "${DB_INIT_SLEEP_TIME}" - fi -} - -######################## -# Wait for WSREP to be ready to do transactions -# Arguments: -# None -# Returns: -# None -######################## -wait_for_wsrep() { - local -r retries=300 - local -r sleep_time=2 - if ! retry_while is_wsrep_ready "$retries" "$sleep_time"; then - error "WSREP did not become ready" - return 1 - fi -} - -######################## -# Checks for WSREP to be ready to do transactions -# Arguments: -# None -# Returns: -# Boolean -######################## -is_wsrep_ready() { - debug "Checking if WSREP is ready" - is_ready="$(mysql_execute_print_output "mysql" "root" <> "$custom_conf_file" - cat "$old_custom_conf_file" >> "$custom_conf_file" - fi - if am_i_root; then - [[ -e "$DB_VOLUME_DIR/.initialized" ]] && rm "$DB_VOLUME_DIR/.initialized" - rm -rf "$DB_VOLUME_DIR/conf" - else - warn "Old custom configuration migrated, please manually remove the 'conf' directory from the volume use to persist data" - fi -} - -######################## -# Ensure a db user exists with the given password for the '%' host -# Globals: -# DB_* -# Flags: -# -p|--password - database password -# -u|--user - database user -# --auth-plugin - authentication plugin -# --use-ldap - authenticate user via LDAP -# --host - database host -# --port - database host -# Arguments: -# $1 - database user -# Returns: -# None -######################### -mysql_ensure_user_exists() { - local -r user="${1:?user is required}" - local password="" - local auth_plugin="" - local use_ldap="no" - local hosts - local auth_string="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -p|--password) - shift - password="${1:?missing database password}" - ;; - --auth-plugin) - shift - auth_plugin="${1:?missing authentication plugin}" - ;; - --use-ldap) - use_ldap="yes" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if is_boolean_yes "$use_ldap"; then - auth_string="identified via pam using '$DB_FLAVOR'" - elif [[ -n "$password" ]]; then - if [[ -n "$auth_plugin" ]]; then - auth_string="identified with $auth_plugin by '$password'" - else - auth_string="identified by '$password'" - fi - fi - debug "creating database user \'$user\'" - - local -a mysql_execute_cmd=("mysql_execute") - local -a mysql_execute_print_output_cmd=("mysql_execute_print_output") - if [[ -n "$db_host" && -n "$db_port" ]]; then - mysql_execute_cmd=("mysql_remote_execute" "$db_host" "$db_port") - mysql_execute_print_output_cmd=("mysql_remote_execute_print_output" "$db_host" "$db_port") - fi - - local mysql_create_user_cmd - [[ "$DB_FLAVOR" = "mariadb" ]] && mysql_create_user_cmd="create or replace user" || mysql_create_user_cmd="create user if not exists" - "${mysql_execute_cmd[@]}" "mysql" "$DB_ROOT_USER" "$DB_ROOT_PASSWORD" <=10.4, the mysql.user table was replaced with a view: https://mariadb.com/kb/en/mysqluser-table/ - # Views have a definer user, in this case set to 'root', which needs to exist for the view to work - # In MySQL, to avoid issues when renaming the root user, they use the 'mysql.sys' user as a definer: https://dev.mysql.com/doc/refman/5.7/en/sys-schema.html - # However, for MariaDB that is not the case, so when the 'root' user is renamed the 'mysql.user' table stops working and the view needs to be fixed - if [[ "$user" != "root" && ! "$(mysql_get_version)" =~ ^10.[0123]. ]]; then - alter_view_str="$(mysql_execute_print_output "mysql" "$user" "$password" "-s" <&2 - return 1 - ;; - esac - shift - done - - local -a mysql_execute_cmd=("mysql_execute") - [[ -n "$db_host" && -n "$db_port" ]] && mysql_execute_cmd=("mysql_remote_execute" "$db_host" "$db_port") - - local -a create_database_args=() - [[ -n "$character_set" ]] && create_database_args+=("character set = '${character_set}'") - [[ -n "$collate" ]] && create_database_args+=("collate = '${collate}'") - - debug "Creating database $database" - "${mysql_execute_cmd[@]}" "mysql" "$DB_ROOT_USER" "$DB_ROOT_PASSWORD" <&2 - return 1 - ;; - esac - shift - done - - local -a flags=("$user") - [[ -n "$db_host" ]] && flags+=("--host" "${db_host}") - [[ -n "$db_port" ]] && flags+=("--port" "${db_port}") - if is_boolean_yes "$use_ldap"; then - flags+=("--use-ldap") - elif [[ -n "$password" ]]; then - flags+=("-p" "$password") - [[ -n "$auth_plugin" ]] && flags=("${flags[@]}" "--auth-plugin" "$auth_plugin") - fi - mysql_ensure_user_exists "${flags[@]}" -} - -######################## -# Optionally create the given database, and then optionally give a user -# full privileges on the database. -# Flags: -# -u|--user - database user -# --character-set - character set -# --collation - collation -# --host - database host -# --port - database port -# Arguments: -# $1 - database name -# Returns: -# None -######################### -mysql_ensure_optional_database_exists() { - local -r database="${1:?database is missing}" - local character_set="" - local collate="" - local user="" - local privileges="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - --character-set) - shift - character_set="${1:?missing character set}" - ;; - --collate) - shift - collate="${1:?missing collate}" - ;; - -u|--user) - shift - user="${1:?missing database user}" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - --privileges) - shift - privileges="${1:?missing privileges}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - local -a flags=("$database") - [[ -n "$character_set" ]] && flags+=("--character-set" "$character_set") - [[ -n "$collate" ]] && flags+=("--collate" "$collate") - [[ -n "$db_host" ]] && flags+=("--host" "$db_host") - [[ -n "$db_port" ]] && flags+=("--port" "$db_port") - mysql_ensure_database_exists "${flags[@]}" - - if [[ -n "$user" ]]; then - mysql_ensure_user_has_database_privileges "$user" "$database" "$privileges" "$db_host" "$db_port" - fi -} - -######################## -# Add or modify an entry in the MySQL configuration file ("$DB_CONF_FILE") -# Globals: -# DB_* -# Arguments: -# $1 - MySQL variable name -# $2 - Value to assign to the MySQL variable -# $3 - Section in the MySQL configuration file the key is located (default: mysqld) -# $4 - Configuration file (default: "$BD_CONF_FILE") -# Returns: -# None -######################### -mysql_conf_set() { - local -r key="${1:?key missing}" - local -r value="${2:?value missing}" - read -r -a sections <<<"${3:-mysqld}" - local -r ignore_inline_comments="${4:-no}" - local -r file="${5:-"$DB_CONF_FILE"}" - info "Setting ${key} option" - debug "Setting ${key} to '${value}' in ${DB_FLAVOR} configuration file ${file}" - # Check if the configuration exists in the file - for section in "${sections[@]}"; do - if is_boolean_yes "$ignore_inline_comments"; then - ini-file set --ignore-inline-comments --section "$section" --key "$key" --value "$value" "$file" - else - ini-file set --section "$section" --key "$key" --value "$value" "$file" - fi - done -} - -######################## -# Update MySQL/MariaDB configuration file with user custom inputs -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_update_custom_config() { - # Persisted configuration files from old versions - ! is_dir_empty "$DB_VOLUME_DIR" && [[ -d "$DB_VOLUME_DIR/conf" ]] && mysql_migrate_old_configuration - - # User injected custom configuration - if [[ -f "$DB_CONF_DIR/my_custom.cnf" ]]; then - debug "Injecting custom configuration from my_custom.conf" - cat "$DB_CONF_DIR/my_custom.cnf" > "$DB_CONF_DIR/bitnami/my_custom.cnf" - fi - - ! is_empty_value "$DB_USER" && mysql_conf_set "user" "$DB_USER" "mysqladmin" - ! is_empty_value "$DB_PORT_NUMBER" && mysql_conf_set "port" "$DB_PORT_NUMBER" "mysqld client manager" - ! is_empty_value "$DB_CHARACTER_SET" && mysql_conf_set "character_set_server" "$DB_CHARACTER_SET" - ! is_empty_value "$DB_COLLATE" && mysql_conf_set "collation_server" "$DB_COLLATE" - ! is_empty_value "$DB_BIND_ADDRESS" && mysql_conf_set "bind_address" "$DB_BIND_ADDRESS" - ! is_empty_value "$DB_AUTHENTICATION_PLUGIN" && mysql_conf_set "default_authentication_plugin" "$DB_AUTHENTICATION_PLUGIN" - ! is_empty_value "$DB_SQL_MODE" && mysql_conf_set "sql_mode" "$DB_SQL_MODE" - ! is_empty_value "$DB_ENABLE_SLOW_QUERY" && mysql_conf_set "slow_query_log" "$DB_ENABLE_SLOW_QUERY" - ! is_empty_value "$DB_LONG_QUERY_TIME" && mysql_conf_set "long_query_time" "$DB_LONG_QUERY_TIME" - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Find the path to the libjemalloc library file -# Globals: -# None -# Arguments: -# None -# Returns: -# Path to a libjemalloc shared object file -######################### -find_jemalloc_lib() { - local -a locations=( "/usr/lib" "/usr/lib64" ) - local -r pattern='libjemalloc.so.[0-9]' - local path - for dir in "${locations[@]}"; do - # Find the first element matching the pattern and quit - [[ ! -d "$dir" ]] && continue - path="$(find "$dir" -name "$pattern" -print -quit)" - [[ -n "$path" ]] && break - done - echo "${path:-}" -} - -######################## -# Execute a reliable health check against the current mysql instance -# Globals: -# DB_ROOT_PASSWORD, DB_MASTER_ROOT_PASSWORD -# Arguments: -# None -# Returns: -# mysqladmin output -######################### -mysql_healthcheck() { - local args=("-uroot" "-h0.0.0.0") - local root_password - - root_password="$(get_master_env_var_value ROOT_PASSWORD)" - if [[ -n "$root_password" ]]; then - args+=("-p${root_password}") - fi - - mysqladmin "${args[@]}" ping && mysqladmin "${args[@]}" status -} - -######################## -# Prints flavor of 'mysql' client (useful to determine proper CLI flags that can be used) -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# mysql client flavor -######################### -mysql_client_flavor() { - if "${DB_BIN_DIR}/mysql" "--version" 2>&1 | grep -q MariaDB; then - echo "mariadb" - else - echo "mysql" - fi -} - -######################## -# Prints extra options for MySQL client calls (i.e. SSL options) -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# List of options to pass to "mysql" CLI -######################### -mysql_client_extra_opts() { - # Helper to get the proper value for the MySQL client environment variable - mysql_client_env_value() { - local env_name="MYSQL_CLIENT_${1:?missing name}" - if [[ -n "${!env_name:-}" ]]; then - echo "${!env_name:-}" - else - env_name="DB_CLIENT_${1}" - echo "${!env_name:-}" - fi - } - local -a opts=() - local key value - if is_boolean_yes "${DB_ENABLE_SSL:-no}"; then - if [[ "$(mysql_client_flavor)" = "mysql" ]]; then - opts+=("--ssl-mode=REQUIRED") - else - opts+=("--ssl=TRUE") - fi - # Add "--ssl-ca", "--ssl-key" and "--ssl-cert" options if the env vars are defined - for key in ca key cert; do - value="$(mysql_client_env_value "SSL_${key^^}_FILE")" - [[ -n "${value}" ]] && opts+=("--ssl-${key}=${value}") - done - fi - echo "${opts[@]:-}" -} diff --git a/bitnami/mariadb-galera/10.5/debian-11/rootfs/opt/bitnami/scripts/mariadb-env.sh b/bitnami/mariadb-galera/10.5/debian-11/rootfs/opt/bitnami/scripts/mariadb-env.sh deleted file mode 100644 index 8f8b893a268c..000000000000 --- a/bitnami/mariadb-galera/10.5/debian-11/rootfs/opt/bitnami/scripts/mariadb-env.sh +++ /dev/null @@ -1,261 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for mariadb - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-mariadb}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -mariadb_env_vars=( - ALLOW_EMPTY_PASSWORD - MARIADB_AUTHENTICATION_PLUGIN - MARIADB_ROOT_USER - MARIADB_ROOT_PASSWORD - MARIADB_USER - MARIADB_PASSWORD - MARIADB_DATABASE - MARIADB_MASTER_HOST - MARIADB_MASTER_PORT_NUMBER - MARIADB_MASTER_ROOT_USER - MARIADB_MASTER_ROOT_PASSWORD - MARIADB_MASTER_DELAY - MARIADB_REPLICATION_USER - MARIADB_REPLICATION_PASSWORD - MARIADB_PORT_NUMBER - MARIADB_REPLICATION_MODE - MARIADB_REPLICATION_SLAVE_DUMP - MARIADB_EXTRA_FLAGS - MARIADB_INIT_SLEEP_TIME - MARIADB_CHARACTER_SET - MARIADB_COLLATE - MARIADB_BIND_ADDRESS - MARIADB_SQL_MODE - MARIADB_SKIP_TEST_DB - MARIADB_CLIENT_ENABLE_SSL - MARIADB_CLIENT_SSL_CA_FILE - MARIADB_CLIENT_SSL_CERT_FILE - MARIADB_CLIENT_SSL_KEY_FILE - MARIADB_CLIENT_EXTRA_FLAGS - MARIADB_STARTUP_WAIT_RETRIES - MARIADB_STARTUP_WAIT_SLEEP_TIME - MARIADB_ENABLE_SLOW_QUERY - MARIADB_LONG_QUERY_TIME - MARIADB_GALERA_CONF_DIR - MARIADB_GALERA_MOUNTED_CONF_DIR - MARIADB_GALERA_FORCE_SAFETOBOOTSTRAP - MARIADB_GALERA_CLUSTER_BOOTSTRAP - MARIADB_GALERA_CLUSTER_ADDRESS - MARIADB_GALERA_CLUSTER_NAME - MARIADB_GALERA_NODE_NAME - MARIADB_GALERA_NODE_ADDRESS - MARIADB_GALERA_SST_METHOD - MARIADB_GALERA_MARIABACKUP_USER - MARIADB_GALERA_MARIABACKUP_PASSWORD - MARIADB_ENABLE_LDAP - MARIADB_ENABLE_TLS - MARIADB_TLS_CERT_FILE - MARIADB_TLS_KEY_FILE - MARIADB_TLS_CA_FILE - MARIADB_REPLICATION_USER - MARIADB_REPLICATION_PASSWORD - DB_ENABLE_SLOW_QUERY - DB_LONG_QUERY_TIME -) -for env_var in "${mariadb_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset mariadb_env_vars -export DB_FLAVOR="mariadb" - -# Paths -export DB_BASE_DIR="${BITNAMI_ROOT_DIR}/mariadb" -export DB_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/mariadb" -export DB_DATA_DIR="${DB_VOLUME_DIR}/data" -export DB_BIN_DIR="${DB_BASE_DIR}/bin" -export DB_SBIN_DIR="${DB_BASE_DIR}/sbin" -export DB_CONF_DIR="${DB_BASE_DIR}/conf" -export DB_DEFAULT_CONF_DIR="${DB_BASE_DIR}/conf.default" -export DB_LOGS_DIR="${DB_BASE_DIR}/logs" -export DB_TMP_DIR="${DB_BASE_DIR}/tmp" -export DB_CONF_FILE="${DB_CONF_DIR}/my.cnf" -export DB_PID_FILE="${DB_TMP_DIR}/mysqld.pid" -export DB_SOCKET_FILE="${DB_TMP_DIR}/mysql.sock" -export PATH="${DB_SBIN_DIR}:${DB_BIN_DIR}:/opt/bitnami/common/bin:${PATH}" - -# System users (when running with a privileged user) -export DB_DAEMON_USER="mysql" -export DB_DAEMON_GROUP="mysql" - -# Default configuration (build-time) -export MARIADB_DEFAULT_PORT_NUMBER="3306" -export DB_DEFAULT_PORT_NUMBER="$MARIADB_DEFAULT_PORT_NUMBER" # only used at build time -export MARIADB_DEFAULT_CHARACTER_SET="utf8mb4" -export DB_DEFAULT_CHARACTER_SET="$MARIADB_DEFAULT_CHARACTER_SET" # only used at build time -export MARIADB_DEFAULT_BIND_ADDRESS="0.0.0.0" -export DB_DEFAULT_BIND_ADDRESS="$MARIADB_DEFAULT_BIND_ADDRESS" # only used at build time - -# MariaDB Galera authentication. -export ALLOW_EMPTY_PASSWORD="${ALLOW_EMPTY_PASSWORD:-no}" -export MARIADB_AUTHENTICATION_PLUGIN="${MARIADB_AUTHENTICATION_PLUGIN:-}" -export DB_AUTHENTICATION_PLUGIN="$MARIADB_AUTHENTICATION_PLUGIN" -export MARIADB_ROOT_USER="${MARIADB_ROOT_USER:-root}" -export DB_ROOT_USER="$MARIADB_ROOT_USER" # only used during the first initialization -export MARIADB_ROOT_PASSWORD="${MARIADB_ROOT_PASSWORD:-}" -export DB_ROOT_PASSWORD="$MARIADB_ROOT_PASSWORD" # only used during the first initialization -export MARIADB_USER="${MARIADB_USER:-}" -export DB_USER="$MARIADB_USER" # only used during the first initialization -export MARIADB_PASSWORD="${MARIADB_PASSWORD:-}" -export DB_PASSWORD="$MARIADB_PASSWORD" # only used during the first initialization -export MARIADB_DATABASE="${MARIADB_DATABASE:-}" -export DB_DATABASE="$MARIADB_DATABASE" # only used during the first initialization -export MARIADB_MASTER_HOST="${MARIADB_MASTER_HOST:-}" -export DB_MASTER_HOST="$MARIADB_MASTER_HOST" # only used during the first initialization -export MARIADB_MASTER_PORT_NUMBER="${MARIADB_MASTER_PORT_NUMBER:-3306}" -export DB_MASTER_PORT_NUMBER="$MARIADB_MASTER_PORT_NUMBER" # only used during the first initialization -export MARIADB_MASTER_ROOT_USER="${MARIADB_MASTER_ROOT_USER:-root}" -export DB_MASTER_ROOT_USER="$MARIADB_MASTER_ROOT_USER" # only used during the first initialization -export MARIADB_MASTER_ROOT_PASSWORD="${MARIADB_MASTER_ROOT_PASSWORD:-}" -export DB_MASTER_ROOT_PASSWORD="$MARIADB_MASTER_ROOT_PASSWORD" # only used during the first initialization -export MARIADB_MASTER_DELAY="${MARIADB_MASTER_DELAY:-0}" -export DB_MASTER_DELAY="$MARIADB_MASTER_DELAY" # only used during the first initialization -export MARIADB_REPLICATION_USER="${MARIADB_REPLICATION_USER:-}" -export DB_REPLICATION_USER="$MARIADB_REPLICATION_USER" # only used during the first initialization -export MARIADB_REPLICATION_PASSWORD="${MARIADB_REPLICATION_PASSWORD:-}" -export DB_REPLICATION_PASSWORD="$MARIADB_REPLICATION_PASSWORD" # only used during the first initialization - -# Settings -export MARIADB_PORT_NUMBER="${MARIADB_PORT_NUMBER:-}" -export DB_PORT_NUMBER="$MARIADB_PORT_NUMBER" -export MARIADB_REPLICATION_MODE="${MARIADB_REPLICATION_MODE:-}" -export DB_REPLICATION_MODE="$MARIADB_REPLICATION_MODE" -export MARIADB_REPLICATION_SLAVE_DUMP="${MARIADB_REPLICATION_SLAVE_DUMP:-false}" -export DB_REPLICATION_SLAVE_DUMP="$MARIADB_REPLICATION_SLAVE_DUMP" -export MARIADB_EXTRA_FLAGS="${MARIADB_EXTRA_FLAGS:-}" -export DB_EXTRA_FLAGS="$MARIADB_EXTRA_FLAGS" -export MARIADB_INIT_SLEEP_TIME="${MARIADB_INIT_SLEEP_TIME:-}" -export DB_INIT_SLEEP_TIME="$MARIADB_INIT_SLEEP_TIME" -export MARIADB_CHARACTER_SET="${MARIADB_CHARACTER_SET:-}" -export DB_CHARACTER_SET="$MARIADB_CHARACTER_SET" -# MARIADB_COLLATION is deprecated in favor of MARIADB_COLLATE -MARIADB_COLLATE="${MARIADB_COLLATE:-"${MARIADB_COLLATION:-}"}" -export MARIADB_COLLATE="${MARIADB_COLLATE:-}" -export DB_COLLATE="$MARIADB_COLLATE" -export MARIADB_BIND_ADDRESS="${MARIADB_BIND_ADDRESS:-}" -export DB_BIND_ADDRESS="$MARIADB_BIND_ADDRESS" -export MARIADB_SQL_MODE="${MARIADB_SQL_MODE:-}" -export DB_SQL_MODE="$MARIADB_SQL_MODE" -export MARIADB_SKIP_TEST_DB="${MARIADB_SKIP_TEST_DB:-no}" -export DB_SKIP_TEST_DB="$MARIADB_SKIP_TEST_DB" -export MARIADB_CLIENT_ENABLE_SSL="${MARIADB_CLIENT_ENABLE_SSL:-no}" -export DB_CLIENT_ENABLE_SSL="$MARIADB_CLIENT_ENABLE_SSL" -export MARIADB_CLIENT_SSL_CA_FILE="${MARIADB_CLIENT_SSL_CA_FILE:-}" -export DB_CLIENT_SSL_CA_FILE="$MARIADB_CLIENT_SSL_CA_FILE" -export MARIADB_CLIENT_SSL_CERT_FILE="${MARIADB_CLIENT_SSL_CERT_FILE:-}" -export DB_CLIENT_SSL_CERT_FILE="$MARIADB_CLIENT_SSL_CERT_FILE" -export MARIADB_CLIENT_SSL_KEY_FILE="${MARIADB_CLIENT_SSL_KEY_FILE:-}" -export DB_CLIENT_SSL_KEY_FILE="$MARIADB_CLIENT_SSL_KEY_FILE" -export MARIADB_CLIENT_EXTRA_FLAGS="${MARIADB_CLIENT_EXTRA_FLAGS:-no}" -export DB_CLIENT_EXTRA_FLAGS="$MARIADB_CLIENT_EXTRA_FLAGS" -export MARIADB_STARTUP_WAIT_RETRIES="${MARIADB_STARTUP_WAIT_RETRIES:-300}" -export DB_STARTUP_WAIT_RETRIES="$MARIADB_STARTUP_WAIT_RETRIES" -export MARIADB_STARTUP_WAIT_SLEEP_TIME="${MARIADB_STARTUP_WAIT_SLEEP_TIME:-2}" -export DB_STARTUP_WAIT_SLEEP_TIME="$MARIADB_STARTUP_WAIT_SLEEP_TIME" -MARIADB_ENABLE_SLOW_QUERY="${MARIADB_ENABLE_SLOW_QUERY:-"${DB_ENABLE_SLOW_QUERY:-}"}" -export MARIADB_ENABLE_SLOW_QUERY="${MARIADB_ENABLE_SLOW_QUERY:-0}" -export DB_ENABLE_SLOW_QUERY="$MARIADB_ENABLE_SLOW_QUERY" -MARIADB_LONG_QUERY_TIME="${MARIADB_LONG_QUERY_TIME:-"${DB_LONG_QUERY_TIME:-}"}" -export MARIADB_LONG_QUERY_TIME="${MARIADB_LONG_QUERY_TIME:-10.0}" -export DB_LONG_QUERY_TIME="$MARIADB_LONG_QUERY_TIME" - -# Galera paths -export MARIADB_GALERA_GRASTATE_FILE="${DB_DATA_DIR}/grastate.dat" -export DB_GALERA_GRASTATE_FILE="$MARIADB_GALERA_GRASTATE_FILE" -export MARIADB_GALERA_BOOTSTRAP_DIR="${DB_VOLUME_DIR}/.bootstrap" -export DB_GALERA_BOOTSTRAP_DIR="$MARIADB_GALERA_BOOTSTRAP_DIR" -export MARIADB_GALERA_BOOTSTRAP_FILE="${DB_GALERA_BOOTSTRAP_DIR}/done" -export DB_GALERA_BOOTSTRAP_FILE="$MARIADB_GALERA_BOOTSTRAP_FILE" - -# Galera build-time defaults for cluster configuration -export MARIADB_GALERA_DEFAULT_CLUSTER_ADDRESS="gcomm://" -export DB_GALERA_DEFAULT_CLUSTER_ADDRESS="$MARIADB_GALERA_DEFAULT_CLUSTER_ADDRESS" -export MARIADB_GALERA_DEFAULT_CLUSTER_NAME="galera" -export DB_GALERA_DEFAULT_CLUSTER_NAME="$MARIADB_GALERA_DEFAULT_CLUSTER_NAME" -export MARIADB_GALERA_DEFAULT_NODE_NAME="" -export DB_GALERA_DEFAULT_NODE_NAME="$MARIADB_GALERA_DEFAULT_NODE_NAME" -export MARIADB_GALERA_DEFAULT_NODE_ADDRESS="" -export DB_GALERA_DEFAULT_NODE_ADDRESS="$MARIADB_GALERA_DEFAULT_NODE_ADDRESS" -export MARIADB_GALERA_DEFAULT_SST_METHOD="mariabackup" -export DB_GALERA_DEFAULT_SST_METHOD="$MARIADB_GALERA_DEFAULT_SST_METHOD" -export MARIADB_GALERA_DEFAULT_MARIABACKUP_USER="mariabackup" -export DB_GALERA_DEFAULT_MARIABACKUP_USER="$MARIADB_GALERA_DEFAULT_MARIABACKUP_USER" -export MARIADB_GALERA_DEFAULT_MARIABACKUP_PASSWORD="" -export DB_GALERA_DEFAULT_MARIABACKUP_PASSWORD="$MARIADB_GALERA_DEFAULT_MARIABACKUP_PASSWORD" - -# Galera cluster configuration. -export MARIADB_GALERA_CONF_DIR="${MARIADB_GALERA_CONF_DIR:-/opt/bitnami/mariadb/conf}" -export DB_GALERA_CONF_DIR="$MARIADB_GALERA_CONF_DIR" -export MARIADB_GALERA_MOUNTED_CONF_DIR="${MARIADB_GALERA_MOUNTED_CONF_DIR:-/bitnami/conf}" -export DB_GALERA_MOUNTED_CONF_DIR="$MARIADB_GALERA_MOUNTED_CONF_DIR" -export MARIADB_GALERA_FORCE_SAFETOBOOTSTRAP="${MARIADB_GALERA_FORCE_SAFETOBOOTSTRAP:-}" -export DB_GALERA_FORCE_SAFETOBOOTSTRAP="$MARIADB_GALERA_FORCE_SAFETOBOOTSTRAP" -export MARIADB_GALERA_CLUSTER_BOOTSTRAP="${MARIADB_GALERA_CLUSTER_BOOTSTRAP:-}" -export DB_GALERA_CLUSTER_BOOTSTRAP="$MARIADB_GALERA_CLUSTER_BOOTSTRAP" -export MARIADB_GALERA_CLUSTER_ADDRESS="${MARIADB_GALERA_CLUSTER_ADDRESS:-}" -export DB_GALERA_CLUSTER_ADDRESS="$MARIADB_GALERA_CLUSTER_ADDRESS" -export MARIADB_GALERA_CLUSTER_NAME="${MARIADB_GALERA_CLUSTER_NAME:-$DB_GALERA_DEFAULT_CLUSTER_NAME}" -export DB_GALERA_CLUSTER_NAME="$MARIADB_GALERA_CLUSTER_NAME" -export MARIADB_GALERA_NODE_NAME="${MARIADB_GALERA_NODE_NAME:-}" -export DB_GALERA_NODE_NAME="$MARIADB_GALERA_NODE_NAME" -export MARIADB_GALERA_NODE_ADDRESS="${MARIADB_GALERA_NODE_ADDRESS:-}" -export DB_GALERA_NODE_ADDRESS="$MARIADB_GALERA_NODE_ADDRESS" -export MARIADB_GALERA_SST_METHOD="${MARIADB_GALERA_SST_METHOD:-$DB_GALERA_DEFAULT_SST_METHOD}" -export DB_GALERA_SST_METHOD="$MARIADB_GALERA_SST_METHOD" -export MARIADB_GALERA_MARIABACKUP_USER="${MARIADB_GALERA_MARIABACKUP_USER:-$DB_GALERA_DEFAULT_MARIABACKUP_USER}" -export DB_GALERA_MARIABACKUP_USER="$MARIADB_GALERA_MARIABACKUP_USER" -export MARIADB_GALERA_MARIABACKUP_PASSWORD="${MARIADB_GALERA_MARIABACKUP_PASSWORD:-$DB_GALERA_DEFAULT_MARIABACKUP_PASSWORD}" -export DB_GALERA_MARIABACKUP_PASSWORD="$MARIADB_GALERA_MARIABACKUP_PASSWORD" - -# LDAP -export MARIADB_ENABLE_LDAP="${MARIADB_ENABLE_LDAP:-no}" -export DB_ENABLE_LDAP="$MARIADB_ENABLE_LDAP" - -# SSL/TLS configuration -export MARIADB_ENABLE_TLS="${MARIADB_ENABLE_TLS:-no}" -export DB_ENABLE_TLS="$MARIADB_ENABLE_TLS" -export MARIADB_TLS_CERT_FILE="${MARIADB_TLS_CERT_FILE:-}" -export DB_TLS_CERT_FILE="$MARIADB_TLS_CERT_FILE" -export MARIADB_TLS_KEY_FILE="${MARIADB_TLS_KEY_FILE:-}" -export DB_TLS_KEY_FILE="$MARIADB_TLS_KEY_FILE" -export MARIADB_TLS_CA_FILE="${MARIADB_TLS_CA_FILE:-}" -export DB_TLS_CA_FILE="$MARIADB_TLS_CA_FILE" -export MARIADB_REPLICATION_USER="${MARIADB_REPLICATION_USER:-monitor}" -export DB_REPLICATION_USER="$MARIADB_REPLICATION_USER" # only used during the first initialization -export MARIADB_REPLICATION_PASSWORD="${MARIADB_REPLICATION_PASSWORD:-monitor}" -export DB_REPLICATION_PASSWORD="$MARIADB_REPLICATION_PASSWORD" # only used during the first initialization - -# Custom environment variables may be defined below diff --git a/bitnami/mariadb-galera/10.5/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/entrypoint.sh b/bitnami/mariadb-galera/10.5/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/entrypoint.sh deleted file mode 100755 index fc345ddf26ef..000000000000 --- a/bitnami/mariadb-galera/10.5/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/entrypoint.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/libmariadbgalera.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# We add the copy from default config in the entrypoint to not break users -# bypassing the setup.sh logic. If the file already exists do not overwrite (in -# case someone mounts a configuration file in /opt/bitnami/mariadb/conf) -debug "Copying files from $DB_DEFAULT_CONF_DIR to $DB_CONF_DIR" -cp -nr "$DB_DEFAULT_CONF_DIR"/. "$DB_CONF_DIR" - -print_welcome_page - -if [[ "$1" = "/opt/bitnami/scripts/mariadb-galera/run.sh" ]]; then - info "** Starting MariaDB setup **" - /opt/bitnami/scripts/mariadb-galera/setup.sh - info "** MariaDB setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/mariadb-galera/10.5/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/healthcheck.sh b/bitnami/mariadb-galera/10.5/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/healthcheck.sh deleted file mode 100755 index b7e19b0b6dbf..000000000000 --- a/bitnami/mariadb-galera/10.5/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/healthcheck.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libmariadbgalera.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -mysql_healthcheck diff --git a/bitnami/mariadb-galera/10.5/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/postunpack.sh b/bitnami/mariadb-galera/10.5/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/postunpack.sh deleted file mode 100755 index 37f744bc9c0a..000000000000 --- a/bitnami/mariadb-galera/10.5/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/postunpack.sh +++ /dev/null @@ -1,45 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libldapclient.sh -. /opt/bitnami/scripts/libmariadbgalera.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# Load LDAP environment variables -eval "$(ldap_env)" - -# Configure MariaDB options based on build-time defaults -info "Configuring default MariaDB options" -ensure_dir_exists "$DB_CONF_DIR" -mysql_create_default_config - -for dir in "$DB_TMP_DIR" "$DB_LOGS_DIR" "$DB_CONF_DIR" "$DB_DEFAULT_CONF_DIR" "${DB_CONF_DIR}/bitnami" "$DB_VOLUME_DIR" "$DB_DATA_DIR" "$DB_GALERA_BOOTSTRAP_DIR"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" -done - -# LDAP permissions -ldap_configure_permissions -ldap_create_pam_config "mariadb" - -# Fix to avoid issues detecting plugins in mysql_install_db -ln -sf "$DB_BASE_DIR/plugin" "$DB_BASE_DIR/lib/plugin" - -# Redirect all logging to stdout -ln -sf /dev/stdout "$DB_LOGS_DIR/mysqld.log" - -# Copy all initially generated configuration files to the default directory -# (this is to avoid breaking when entrypoint is being overridden) -cp -r "${DB_CONF_DIR}/"* "$DB_DEFAULT_CONF_DIR" diff --git a/bitnami/mariadb-galera/10.5/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/run.sh b/bitnami/mariadb-galera/10.5/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/run.sh deleted file mode 100755 index 59aecfdba0c4..000000000000 --- a/bitnami/mariadb-galera/10.5/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/run.sh +++ /dev/null @@ -1,50 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libldapclient.sh -. /opt/bitnami/scripts/libmariadbgalera.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# Load LDAP environment variables -eval "$(ldap_env)" - -# mysqld_safe does not allow logging to stdout/stderr, so we stick with mysqld -EXEC="${DB_SBIN_DIR}/mysqld" - -flags=("--defaults-file=${DB_CONF_DIR}/my.cnf" "--basedir=${DB_BASE_DIR}" "--datadir=${DB_DATA_DIR}" "--socket=${DB_SOCKET_FILE}") -[[ -z "${DB_PID_FILE:-}" ]] || flags+=("--pid-file=${DB_PID_FILE}") - -# Add flags specified via the 'DB_EXTRA_FLAGS' environment variable -read -r -a db_extra_flags <<< "$(mysql_extra_flags)" -[[ "${#db_extra_flags[@]}" -gt 0 ]] && flags+=("${db_extra_flags[@]}") - -# Add flags passed to this script -flags+=("$@") - -# Fix for MDEV-16183 - mysqld_safe already does this, but we are using mysqld -LD_PRELOAD="$(find_jemalloc_lib)${LD_PRELOAD:+ "$LD_PRELOAD"}" -export LD_PRELOAD - -is_boolean_yes "$DB_ENABLE_LDAP" && ldap_start_nslcd_bg - -info "** Starting MariaDB **" - -set_previous_boot - -if am_i_root; then - exec_as_user "$DB_DAEMON_USER" "$EXEC" "${flags[@]}" -else - exec "$EXEC" "${flags[@]}" -fi diff --git a/bitnami/mariadb-galera/10.5/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/setup.sh b/bitnami/mariadb-galera/10.5/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/setup.sh deleted file mode 100755 index 9c9d3cc2cc41..000000000000 --- a/bitnami/mariadb-galera/10.5/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/setup.sh +++ /dev/null @@ -1,48 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libmariadbgalera.sh -. /opt/bitnami/scripts/libldapclient.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# Load LDAP environment variables -eval "$(ldap_env)" - -# Ensure mysql unix socket file does not exist -rm -rf "${DB_SOCKET_FILE}.lock" -# Ensure MariaDB environment variables settings are valid -mysql_validate -# Ensure MariaDB is stopped when this script ends. -trap "mysql_stop" EXIT -if am_i_root; then - # Ensure 'daemon' user exists when running as 'root' - ensure_user_exists "$DB_DAEMON_USER" --group "$DB_DAEMON_GROUP" - # Ensure 'nslcd' user exists when running as 'root' - ensure_user_exists "$LDAP_NSLCD_USER" --group "$LDAP_NSLCD_GROUP" - # Fix logging issue when running as root - chmod o+w "$(readlink /dev/stdout)" -fi -# Ensure MariaDB is initialized -mysql_initialize -# Ensure LDAP is initialized -is_boolean_yes "$DB_ENABLE_LDAP" && ldap_initialize -# Allow running custom initialization scripts -mysql_custom_scripts 'init' -# Allow running custom start scripts -mysql_custom_scripts 'start' -# Stop MariaDB before flagging it as fully initialized. -# Relying only on the trap defined above could produce a race condition. -mysql_stop diff --git a/bitnami/mariadb-galera/10.5/debian-11/tags-info.yaml b/bitnami/mariadb-galera/10.5/debian-11/tags-info.yaml deleted file mode 100644 index 22135cf0a61b..000000000000 --- a/bitnami/mariadb-galera/10.5/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "10.5" -- 10.5-debian-11 -- 10.5.24 diff --git a/bitnami/mariadb-galera/10.6/debian-11/Dockerfile b/bitnami/mariadb-galera/10.6/debian-11/Dockerfile deleted file mode 100644 index b3a920f71d9e..000000000000 --- a/bitnami/mariadb-galera/10.6/debian-11/Dockerfile +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T17:03:29Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="10.6.17-debian-11-r16" \ - org.opencontainers.image.title="mariadb-galera" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="10.6.17" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl iproute2 ldap-utils libaio1 libaudit1 libcap-ng0 libcrypt1 libgcc-s1 libicu67 libldap-common liblzma5 libncurses6 libpam-ldapd libpam0g libssl1.1 libstdc++6 libtinfo6 libxml2 nslcd procps psmisc rsync socat zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "ini-file-1.4.6-8-linux-${OS_ARCH}-debian-11" \ - "mariadb-galera-10.6.17-0-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN mkdir /docker-entrypoint-initdb.d - -COPY rootfs / -RUN /opt/bitnami/scripts/mariadb-galera/postunpack.sh -ENV APP_VERSION="10.6.17" \ - BITNAMI_APP_NAME="mariadb-galera" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/common/sbin:/opt/bitnami/mariadb/bin:/opt/bitnami/mariadb/sbin:$PATH" - -EXPOSE 3306 4444 4567 4568 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/mariadb-galera/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/mariadb-galera/run.sh" ] diff --git a/bitnami/mariadb-galera/10.6/debian-11/docker-compose.yml b/bitnami/mariadb-galera/10.6/debian-11/docker-compose.yml deleted file mode 100644 index 3b31c74495a5..000000000000 --- a/bitnami/mariadb-galera/10.6/debian-11/docker-compose.yml +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2.1' - -services: - mariadb-galera: - image: docker.io/bitnami/mariadb-galera:10.6 - ports: - - '3306:3306' - - '4444:4444' - - '4567:4567' - - '4568:4568' - volumes: - - 'mariadb_galera_data:/bitnami/mariadb' - environment: - # ALLOW_EMPTY_PASSWORD is recommended only for development. - - ALLOW_EMPTY_PASSWORD=yes - - MARIADB_GALERA_CLUSTER_ADDRESS=gcomm:// - healthcheck: - test: ['CMD', '/opt/bitnami/scripts/mariadb-galera/healthcheck.sh'] - interval: 15s - timeout: 5s - retries: 6 - -volumes: - mariadb_galera_data: - driver: local diff --git a/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 794dcb93100f..000000000000 --- a/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "ini-file": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.4.6-8" - }, - "mariadb-galera": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "10.6.17-0" - } -} \ No newline at end of file diff --git a/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/mariadb-galera/10.6/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/mariadb-galera/10.6/debian-11/rootfs/opt/bitnami/scripts/libldapclient.sh b/bitnami/mariadb-galera/10.6/debian-11/rootfs/opt/bitnami/scripts/libldapclient.sh deleted file mode 100644 index 3ab5431883a1..000000000000 --- a/bitnami/mariadb-galera/10.6/debian-11/rootfs/opt/bitnami/scripts/libldapclient.sh +++ /dev/null @@ -1,222 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami LDAP library - -# shellcheck disable=SC1090,SC1091 - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -######################## -# Loads global variables used on LDAP configuration. -# Globals: -# LDAP_* -# Arguments: -# None -# Returns: -# Series of exports to be used as 'eval' arguments -######################### -ldap_env() { - cat <<"EOF" -export LDAP_NSLCD_USER="nslcd" -export LDAP_URI="${LDAP_URI:-}" -export LDAP_BASE="${LDAP_BASE:-}" -export LDAP_BIND_DN="${LDAP_BIND_DN:-}" -export LDAP_BIND_PASSWORD="${LDAP_BIND_PASSWORD:-}" -export LDAP_BASE_LOOKUP="${LDAP_BASE_LOOKUP:-}" -export LDAP_NSS_INITGROUPS_IGNOREUSERS="${LDAP_NSS_INITGROUPS_IGNOREUSERS:-root,nslcd}" -export LDAP_SCOPE="${LDAP_SCOPE:-}" -export LDAP_TLS_REQCERT="${LDAP_TLS_REQCERT:-}" -export LDAP_SEARCH_FILTER="${LDAP_SEARCH_FILTER:-}" -export LDAP_SEARCH_MAP="${LDAP_SEARCH_MAP:-}" - -EOF - if [[ "$OS_FLAVOUR" =~ ^debian-.*$ ]]; then - cat <<"EOF" -export LDAP_NSLCD_GROUP="nslcd" -EOF - elif [[ "$OS_FLAVOUR" =~ ^(photon)-.*$ ]]; then - cat <<"EOF" -export LDAP_NSLCD_GROUP="ldap" -EOF - fi -} - -######################## -# Return LDAP config file path depending on distro -# Globals: -# OS_FLAVOUR -# Arguments: -# None -# Returns: -# (String) LDAP config file path -######################### -ldap_openldap_config_path() { - local openldap_config - case "$OS_FLAVOUR" in - debian-* | ubuntu-*) openldap_config=/etc/ldap/ldap.conf ;; - photon-* | redhatubi-*) openldap_config=/etc/openldap/ldap.conf ;; - *) error "Unsupported OS flavor ${OS_FLAVOUR}" && exit 1 ;; - esac - echo "$openldap_config" -} - -######################## -# Configure LDAP permissions (to be used at postunpack leve). -# Globals: -# LDAP_* -# Arguments: -# None -# Returns: -# None -######################### -ldap_configure_permissions() { - ensure_dir_exists "/var/run/nslcd" && configure_permissions_ownership "/var/run/nslcd" -u "root" -g "root" -d "775" - # The nslcd.conf file may not exist in distros like UBI, so we need to create it first - touch "/etc/nslcd.conf" - configure_permissions_ownership "/etc/nslcd.conf" -u "root" -g "root" -f "660" - configure_permissions_ownership "$(ldap_openldap_config_path)" -u "root" -g "root" -f "660" -} - -######################## -# Create nslcd.conf file -# Globals: -# LDAP_* -# Arguments: -# None -# Returns: -# None -######################### -ldap_create_nslcd_config() { - if am_i_root; then - chown "root:${LDAP_NSLCD_GROUP}" "/etc/nslcd.conf" - chown -R "${LDAP_NSLCD_USER}:${LDAP_NSLCD_GROUP}" "/var/run/nslcd" - cat >"/etc/nslcd.conf" <"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"$(ldap_openldap_config_path)" <"/etc/pam.d/${filename}" < 32 )); then - print_validation_error "The password can not be longer than 32 characters. Set the environment variable $(get_env_var ROOT_PASSWORD) with a shorter value (currently ${#DB_ROOT_PASSWORD} characters)" - fi - if [[ -n "$DB_USER" ]]; then - if is_boolean_yes "$DB_ENABLE_LDAP" && [[ -n "$DB_PASSWORD" ]]; then - warn "You enabled LDAP authentication. '$DB_USER' user will be authentication using LDAP, the password set at the environment variable $(get_env_var PASSWORD) will be ignored" - elif ! is_boolean_yes "$DB_ENABLE_LDAP" && [[ -z "$DB_PASSWORD" ]]; then - empty_password_error "$(get_env_var PASSWORD)" - fi - fi - fi - fi - - if [[ -n "$DB_GALERA_FORCE_SAFETOBOOTSTRAP" ]] && ! is_yes_no_value "$DB_GALERA_FORCE_SAFETOBOOTSTRAP"; then - print_validation_error "The allowed values for $(get_env_var GALERA_FORCE_SAFETOBOOTSTRAP) are yes or no." - fi - - if [[ -z "$DB_GALERA_CLUSTER_NAME" ]]; then - print_validation_error "Galera cluster cannot be created without setting the environment variable $(get_env_var GALERA_CLUSTER_NAME)." - fi - - if [[ -z "$(get_galera_cluster_address_value)" ]]; then - print_validation_error "Galera cluster cannot be created without setting the environment variable $(get_env_var GALERA_CLUSTER_ADDRESS). If you are bootstrapping a new Galera cluster, set the environment variable $(get_env_var GALERA_CLUSTER_ADDRESS)=yes." - fi - - if [[ "${DB_ROOT_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "$(get_env_var ROOT_PASSWORD)" - fi - if [[ "${DB_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "$(get_env_var PASSWORD)" - fi - - if is_boolean_yes "$DB_ENABLE_LDAP" && { [[ -z "${LDAP_URI}" ]] || [[ -z "${LDAP_BASE}" ]] || [[ -z "${LDAP_BIND_DN}" ]] || [[ -z "${LDAP_BIND_PASSWORD}" ]]; }; then - print_validation_error "The LDAP configuration is required when LDAP authentication is enabled. Set the environment variables LDAP_URI, LDAP_BASE, LDAP_BIND_DN and LDAP_BIND_PASSWORD with the LDAP configuration." - fi - - if is_boolean_yes "$DB_ENABLE_TLS"; then - if [[ -z "${DB_TLS_CERT_FILE}" ]] || [[ -z "${DB_TLS_KEY_FILE}" ]] || [[ -z "${DB_TLS_CA_FILE}" ]]; then - print_validation_error "The TLS cert file, key and CA are required when TLS is enabled. Set the environment variables TLS_CERT_FILE, TLS_KEY_FILE and TLS_CA_FILE with the path to each file." - fi - if [[ ! -f "${DB_TLS_CERT_FILE}" ]]; then - print_validation_error "The TLS_CERT file ${DB_TLS_CERT_FILE} must exist." - fi - if [[ ! -f "${DB_TLS_KEY_FILE}" ]]; then - print_validation_error "The TLS_KEY file ${DB_TLS_KEY_FILE} must exist." - fi - if [[ ! -f "${DB_TLS_CA_FILE}" ]]; then - print_validation_error "The TLS_CA file ${DB_TLS_CA_FILE} must exist." - fi - fi - - collation_env_var="$(get_env_var COLLATION)" - is_empty_value "${!collation_env_var:-}" || warn "The usage of '$(get_env_var COLLATION)' is deprecated and will soon be removed. Use '$(get_env_var COLLATE)' instead." - - [[ "$error_code" -eq 0 ]] || exit "$error_code" -} - -######################## -# Creates MySQL/MariaDB configuration file -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_create_default_config() { - debug "Creating main configuration file" - cat > "$DB_CONF_FILE" < "${DB_CONF_DIR}/bitnami/my_custom.cnf" - else - warn "Could not inject custom configuration for the ${DB_FLAVOR} configuration file '$DB_CONF_DIR/bitnami/my_custom.cnf' because it is not writable." - fi - fi - - if [[ -e "$DB_DATA_DIR/mysql" ]]; then - info "Persisted data detected. Restoring" - - if is_boolean_yes "$(get_galera_cluster_bootstrap_value)"; then - if is_boolean_yes "$DB_GALERA_FORCE_SAFETOBOOTSTRAP"; then - set_safe_to_bootstrap - fi - if ! is_safe_to_bootstrap; then - error "It is not safe to bootstrap form this node ('safe_to_bootstrap=0' is set in 'grastate.dat'). If you want to force bootstrap, set the environment variable MARIADB_GALERA_FORCE_SAFETOBOOTSTRAP=yes" - exit 1 - fi - fi - - return - else - # initialization should not be performed on non-primary nodes of a galera cluster - if is_boolean_yes "$(get_galera_cluster_bootstrap_value)"; then - debug "Cleaning data directory to ensure successfully initialization" - rm -rf "${DB_DATA_DIR:?}"/* - mysql_install_db - mysql_start_bg - debug "Deleting all users to avoid issues with galera configuration" - mysql_execute "mysql" </dev/null - hostname - fi -} - -######################## -# Check for user override of wsrep_node_address -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# String with node address -######################### -get_node_address() { - if [[ -n "$DB_GALERA_NODE_ADDRESS" ]]; then - echo "$DB_GALERA_NODE_ADDRESS" - else - # In some environments, the network may not be fully set up when starting the initialization - # So, to avoid issues, we retry the 'hostname' command until it succeeds (for a few minutes) - local -r retries="60" - local -r seconds="5" - retry_while "hostname -i" "$retries" "$seconds" >/dev/null - # prefer IPv6 over IPv4 if available - # This works by pulling any IPv4 addresses encountered into hold space and emitting it only when the EOF line is encountered - printf '%s\nEOF' "$(hostname -i | tr ' ' '\n')" | sed '/:/{;q;};/^EOF$/{;g;q;};h;d' - fi -} - -######################## -# Starts MySQL/MariaDB in the background and waits until it's ready -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_start_bg() { - local -a flags=("--defaults-file=${DB_CONF_FILE}" "--basedir=${DB_BASE_DIR}" "--datadir=${DB_DATA_DIR}" "--socket=${DB_SOCKET_FILE}") - - # Only allow local connections until MySQL is fully initialized, to avoid apps trying to connect to MySQL before it is fully initialized - flags+=("--bind-address=127.0.0.1") - - # Add flags specified via the 'DB_EXTRA_FLAGS' environment variable - read -r -a db_extra_flags <<< "$(mysql_extra_flags)" - [[ "${#db_extra_flags[@]}" -gt 0 ]] && flags+=("${db_extra_flags[@]}") - - # Do not start as root, to avoid permission issues - am_i_root && flags+=("--user=${DB_DAEMON_USER}") - - # The slave should only start in 'run.sh', elseways user credentials would be needed for any connection - flags+=("--skip-slave-start") - flags+=("$@") - - is_mysql_running && return - - info "Starting $DB_FLAVOR in background" - debug_execute "${DB_SBIN_DIR}/mysqld" "${flags[@]}" & - - # we cannot use wait_for_mysql_access here as mysql_upgrade for MySQL >=8 depends on this command - # users are not configured on slave nodes during initialization due to --skip-slave-start - wait_for_mysql - - # Wait for WSREP to be ready. If WSREP is not ready, we cannot do any transactions, thus cannot - # create any users, and WSREP instantly kills MariaDB if doing so - wait_for_wsrep - - # Special configuration flag for system with slow disks that could take more time - # in initializing - if [[ -n "${DB_INIT_SLEEP_TIME}" ]]; then - debug "Sleeping ${DB_INIT_SLEEP_TIME} seconds before continuing with initialization" - sleep "${DB_INIT_SLEEP_TIME}" - fi -} - -######################## -# Wait for WSREP to be ready to do transactions -# Arguments: -# None -# Returns: -# None -######################## -wait_for_wsrep() { - local -r retries=300 - local -r sleep_time=2 - if ! retry_while is_wsrep_ready "$retries" "$sleep_time"; then - error "WSREP did not become ready" - return 1 - fi -} - -######################## -# Checks for WSREP to be ready to do transactions -# Arguments: -# None -# Returns: -# Boolean -######################## -is_wsrep_ready() { - debug "Checking if WSREP is ready" - is_ready="$(mysql_execute_print_output "mysql" "root" <> "$custom_conf_file" - cat "$old_custom_conf_file" >> "$custom_conf_file" - fi - if am_i_root; then - [[ -e "$DB_VOLUME_DIR/.initialized" ]] && rm "$DB_VOLUME_DIR/.initialized" - rm -rf "$DB_VOLUME_DIR/conf" - else - warn "Old custom configuration migrated, please manually remove the 'conf' directory from the volume use to persist data" - fi -} - -######################## -# Ensure a db user exists with the given password for the '%' host -# Globals: -# DB_* -# Flags: -# -p|--password - database password -# -u|--user - database user -# --auth-plugin - authentication plugin -# --use-ldap - authenticate user via LDAP -# --host - database host -# --port - database host -# Arguments: -# $1 - database user -# Returns: -# None -######################### -mysql_ensure_user_exists() { - local -r user="${1:?user is required}" - local password="" - local auth_plugin="" - local use_ldap="no" - local hosts - local auth_string="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -p|--password) - shift - password="${1:?missing database password}" - ;; - --auth-plugin) - shift - auth_plugin="${1:?missing authentication plugin}" - ;; - --use-ldap) - use_ldap="yes" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if is_boolean_yes "$use_ldap"; then - auth_string="identified via pam using '$DB_FLAVOR'" - elif [[ -n "$password" ]]; then - if [[ -n "$auth_plugin" ]]; then - auth_string="identified with $auth_plugin by '$password'" - else - auth_string="identified by '$password'" - fi - fi - debug "creating database user \'$user\'" - - local -a mysql_execute_cmd=("mysql_execute") - local -a mysql_execute_print_output_cmd=("mysql_execute_print_output") - if [[ -n "$db_host" && -n "$db_port" ]]; then - mysql_execute_cmd=("mysql_remote_execute" "$db_host" "$db_port") - mysql_execute_print_output_cmd=("mysql_remote_execute_print_output" "$db_host" "$db_port") - fi - - local mysql_create_user_cmd - [[ "$DB_FLAVOR" = "mariadb" ]] && mysql_create_user_cmd="create or replace user" || mysql_create_user_cmd="create user if not exists" - "${mysql_execute_cmd[@]}" "mysql" "$DB_ROOT_USER" "$DB_ROOT_PASSWORD" <=10.4, the mysql.user table was replaced with a view: https://mariadb.com/kb/en/mysqluser-table/ - # Views have a definer user, in this case set to 'root', which needs to exist for the view to work - # In MySQL, to avoid issues when renaming the root user, they use the 'mysql.sys' user as a definer: https://dev.mysql.com/doc/refman/5.7/en/sys-schema.html - # However, for MariaDB that is not the case, so when the 'root' user is renamed the 'mysql.user' table stops working and the view needs to be fixed - if [[ "$user" != "root" && ! "$(mysql_get_version)" =~ ^10.[0123]. ]]; then - alter_view_str="$(mysql_execute_print_output "mysql" "$user" "$password" "-s" <&2 - return 1 - ;; - esac - shift - done - - local -a mysql_execute_cmd=("mysql_execute") - [[ -n "$db_host" && -n "$db_port" ]] && mysql_execute_cmd=("mysql_remote_execute" "$db_host" "$db_port") - - local -a create_database_args=() - [[ -n "$character_set" ]] && create_database_args+=("character set = '${character_set}'") - [[ -n "$collate" ]] && create_database_args+=("collate = '${collate}'") - - debug "Creating database $database" - "${mysql_execute_cmd[@]}" "mysql" "$DB_ROOT_USER" "$DB_ROOT_PASSWORD" <&2 - return 1 - ;; - esac - shift - done - - local -a flags=("$user") - [[ -n "$db_host" ]] && flags+=("--host" "${db_host}") - [[ -n "$db_port" ]] && flags+=("--port" "${db_port}") - if is_boolean_yes "$use_ldap"; then - flags+=("--use-ldap") - elif [[ -n "$password" ]]; then - flags+=("-p" "$password") - [[ -n "$auth_plugin" ]] && flags=("${flags[@]}" "--auth-plugin" "$auth_plugin") - fi - mysql_ensure_user_exists "${flags[@]}" -} - -######################## -# Optionally create the given database, and then optionally give a user -# full privileges on the database. -# Flags: -# -u|--user - database user -# --character-set - character set -# --collation - collation -# --host - database host -# --port - database port -# Arguments: -# $1 - database name -# Returns: -# None -######################### -mysql_ensure_optional_database_exists() { - local -r database="${1:?database is missing}" - local character_set="" - local collate="" - local user="" - local privileges="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - --character-set) - shift - character_set="${1:?missing character set}" - ;; - --collate) - shift - collate="${1:?missing collate}" - ;; - -u|--user) - shift - user="${1:?missing database user}" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - --privileges) - shift - privileges="${1:?missing privileges}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - local -a flags=("$database") - [[ -n "$character_set" ]] && flags+=("--character-set" "$character_set") - [[ -n "$collate" ]] && flags+=("--collate" "$collate") - [[ -n "$db_host" ]] && flags+=("--host" "$db_host") - [[ -n "$db_port" ]] && flags+=("--port" "$db_port") - mysql_ensure_database_exists "${flags[@]}" - - if [[ -n "$user" ]]; then - mysql_ensure_user_has_database_privileges "$user" "$database" "$privileges" "$db_host" "$db_port" - fi -} - -######################## -# Add or modify an entry in the MySQL configuration file ("$DB_CONF_FILE") -# Globals: -# DB_* -# Arguments: -# $1 - MySQL variable name -# $2 - Value to assign to the MySQL variable -# $3 - Section in the MySQL configuration file the key is located (default: mysqld) -# $4 - Configuration file (default: "$BD_CONF_FILE") -# Returns: -# None -######################### -mysql_conf_set() { - local -r key="${1:?key missing}" - local -r value="${2:?value missing}" - read -r -a sections <<<"${3:-mysqld}" - local -r ignore_inline_comments="${4:-no}" - local -r file="${5:-"$DB_CONF_FILE"}" - info "Setting ${key} option" - debug "Setting ${key} to '${value}' in ${DB_FLAVOR} configuration file ${file}" - # Check if the configuration exists in the file - for section in "${sections[@]}"; do - if is_boolean_yes "$ignore_inline_comments"; then - ini-file set --ignore-inline-comments --section "$section" --key "$key" --value "$value" "$file" - else - ini-file set --section "$section" --key "$key" --value "$value" "$file" - fi - done -} - -######################## -# Update MySQL/MariaDB configuration file with user custom inputs -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_update_custom_config() { - # Persisted configuration files from old versions - ! is_dir_empty "$DB_VOLUME_DIR" && [[ -d "$DB_VOLUME_DIR/conf" ]] && mysql_migrate_old_configuration - - # User injected custom configuration - if [[ -f "$DB_CONF_DIR/my_custom.cnf" ]]; then - debug "Injecting custom configuration from my_custom.conf" - cat "$DB_CONF_DIR/my_custom.cnf" > "$DB_CONF_DIR/bitnami/my_custom.cnf" - fi - - ! is_empty_value "$DB_USER" && mysql_conf_set "user" "$DB_USER" "mysqladmin" - ! is_empty_value "$DB_PORT_NUMBER" && mysql_conf_set "port" "$DB_PORT_NUMBER" "mysqld client manager" - ! is_empty_value "$DB_CHARACTER_SET" && mysql_conf_set "character_set_server" "$DB_CHARACTER_SET" - ! is_empty_value "$DB_COLLATE" && mysql_conf_set "collation_server" "$DB_COLLATE" - ! is_empty_value "$DB_BIND_ADDRESS" && mysql_conf_set "bind_address" "$DB_BIND_ADDRESS" - ! is_empty_value "$DB_AUTHENTICATION_PLUGIN" && mysql_conf_set "default_authentication_plugin" "$DB_AUTHENTICATION_PLUGIN" - ! is_empty_value "$DB_SQL_MODE" && mysql_conf_set "sql_mode" "$DB_SQL_MODE" - ! is_empty_value "$DB_ENABLE_SLOW_QUERY" && mysql_conf_set "slow_query_log" "$DB_ENABLE_SLOW_QUERY" - ! is_empty_value "$DB_LONG_QUERY_TIME" && mysql_conf_set "long_query_time" "$DB_LONG_QUERY_TIME" - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Find the path to the libjemalloc library file -# Globals: -# None -# Arguments: -# None -# Returns: -# Path to a libjemalloc shared object file -######################### -find_jemalloc_lib() { - local -a locations=( "/usr/lib" "/usr/lib64" ) - local -r pattern='libjemalloc.so.[0-9]' - local path - for dir in "${locations[@]}"; do - # Find the first element matching the pattern and quit - [[ ! -d "$dir" ]] && continue - path="$(find "$dir" -name "$pattern" -print -quit)" - [[ -n "$path" ]] && break - done - echo "${path:-}" -} - -######################## -# Execute a reliable health check against the current mysql instance -# Globals: -# DB_ROOT_PASSWORD, DB_MASTER_ROOT_PASSWORD -# Arguments: -# None -# Returns: -# mysqladmin output -######################### -mysql_healthcheck() { - local args=("-uroot" "-h0.0.0.0") - local root_password - - root_password="$(get_master_env_var_value ROOT_PASSWORD)" - if [[ -n "$root_password" ]]; then - args+=("-p${root_password}") - fi - - mysqladmin "${args[@]}" ping && mysqladmin "${args[@]}" status -} - -######################## -# Prints flavor of 'mysql' client (useful to determine proper CLI flags that can be used) -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# mysql client flavor -######################### -mysql_client_flavor() { - if "${DB_BIN_DIR}/mysql" "--version" 2>&1 | grep -q MariaDB; then - echo "mariadb" - else - echo "mysql" - fi -} - -######################## -# Prints extra options for MySQL client calls (i.e. SSL options) -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# List of options to pass to "mysql" CLI -######################### -mysql_client_extra_opts() { - # Helper to get the proper value for the MySQL client environment variable - mysql_client_env_value() { - local env_name="MYSQL_CLIENT_${1:?missing name}" - if [[ -n "${!env_name:-}" ]]; then - echo "${!env_name:-}" - else - env_name="DB_CLIENT_${1}" - echo "${!env_name:-}" - fi - } - local -a opts=() - local key value - if is_boolean_yes "${DB_ENABLE_SSL:-no}"; then - if [[ "$(mysql_client_flavor)" = "mysql" ]]; then - opts+=("--ssl-mode=REQUIRED") - else - opts+=("--ssl=TRUE") - fi - # Add "--ssl-ca", "--ssl-key" and "--ssl-cert" options if the env vars are defined - for key in ca key cert; do - value="$(mysql_client_env_value "SSL_${key^^}_FILE")" - [[ -n "${value}" ]] && opts+=("--ssl-${key}=${value}") - done - fi - echo "${opts[@]:-}" -} diff --git a/bitnami/mariadb-galera/10.6/debian-11/rootfs/opt/bitnami/scripts/mariadb-env.sh b/bitnami/mariadb-galera/10.6/debian-11/rootfs/opt/bitnami/scripts/mariadb-env.sh deleted file mode 100644 index 8f8b893a268c..000000000000 --- a/bitnami/mariadb-galera/10.6/debian-11/rootfs/opt/bitnami/scripts/mariadb-env.sh +++ /dev/null @@ -1,261 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for mariadb - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-mariadb}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -mariadb_env_vars=( - ALLOW_EMPTY_PASSWORD - MARIADB_AUTHENTICATION_PLUGIN - MARIADB_ROOT_USER - MARIADB_ROOT_PASSWORD - MARIADB_USER - MARIADB_PASSWORD - MARIADB_DATABASE - MARIADB_MASTER_HOST - MARIADB_MASTER_PORT_NUMBER - MARIADB_MASTER_ROOT_USER - MARIADB_MASTER_ROOT_PASSWORD - MARIADB_MASTER_DELAY - MARIADB_REPLICATION_USER - MARIADB_REPLICATION_PASSWORD - MARIADB_PORT_NUMBER - MARIADB_REPLICATION_MODE - MARIADB_REPLICATION_SLAVE_DUMP - MARIADB_EXTRA_FLAGS - MARIADB_INIT_SLEEP_TIME - MARIADB_CHARACTER_SET - MARIADB_COLLATE - MARIADB_BIND_ADDRESS - MARIADB_SQL_MODE - MARIADB_SKIP_TEST_DB - MARIADB_CLIENT_ENABLE_SSL - MARIADB_CLIENT_SSL_CA_FILE - MARIADB_CLIENT_SSL_CERT_FILE - MARIADB_CLIENT_SSL_KEY_FILE - MARIADB_CLIENT_EXTRA_FLAGS - MARIADB_STARTUP_WAIT_RETRIES - MARIADB_STARTUP_WAIT_SLEEP_TIME - MARIADB_ENABLE_SLOW_QUERY - MARIADB_LONG_QUERY_TIME - MARIADB_GALERA_CONF_DIR - MARIADB_GALERA_MOUNTED_CONF_DIR - MARIADB_GALERA_FORCE_SAFETOBOOTSTRAP - MARIADB_GALERA_CLUSTER_BOOTSTRAP - MARIADB_GALERA_CLUSTER_ADDRESS - MARIADB_GALERA_CLUSTER_NAME - MARIADB_GALERA_NODE_NAME - MARIADB_GALERA_NODE_ADDRESS - MARIADB_GALERA_SST_METHOD - MARIADB_GALERA_MARIABACKUP_USER - MARIADB_GALERA_MARIABACKUP_PASSWORD - MARIADB_ENABLE_LDAP - MARIADB_ENABLE_TLS - MARIADB_TLS_CERT_FILE - MARIADB_TLS_KEY_FILE - MARIADB_TLS_CA_FILE - MARIADB_REPLICATION_USER - MARIADB_REPLICATION_PASSWORD - DB_ENABLE_SLOW_QUERY - DB_LONG_QUERY_TIME -) -for env_var in "${mariadb_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset mariadb_env_vars -export DB_FLAVOR="mariadb" - -# Paths -export DB_BASE_DIR="${BITNAMI_ROOT_DIR}/mariadb" -export DB_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/mariadb" -export DB_DATA_DIR="${DB_VOLUME_DIR}/data" -export DB_BIN_DIR="${DB_BASE_DIR}/bin" -export DB_SBIN_DIR="${DB_BASE_DIR}/sbin" -export DB_CONF_DIR="${DB_BASE_DIR}/conf" -export DB_DEFAULT_CONF_DIR="${DB_BASE_DIR}/conf.default" -export DB_LOGS_DIR="${DB_BASE_DIR}/logs" -export DB_TMP_DIR="${DB_BASE_DIR}/tmp" -export DB_CONF_FILE="${DB_CONF_DIR}/my.cnf" -export DB_PID_FILE="${DB_TMP_DIR}/mysqld.pid" -export DB_SOCKET_FILE="${DB_TMP_DIR}/mysql.sock" -export PATH="${DB_SBIN_DIR}:${DB_BIN_DIR}:/opt/bitnami/common/bin:${PATH}" - -# System users (when running with a privileged user) -export DB_DAEMON_USER="mysql" -export DB_DAEMON_GROUP="mysql" - -# Default configuration (build-time) -export MARIADB_DEFAULT_PORT_NUMBER="3306" -export DB_DEFAULT_PORT_NUMBER="$MARIADB_DEFAULT_PORT_NUMBER" # only used at build time -export MARIADB_DEFAULT_CHARACTER_SET="utf8mb4" -export DB_DEFAULT_CHARACTER_SET="$MARIADB_DEFAULT_CHARACTER_SET" # only used at build time -export MARIADB_DEFAULT_BIND_ADDRESS="0.0.0.0" -export DB_DEFAULT_BIND_ADDRESS="$MARIADB_DEFAULT_BIND_ADDRESS" # only used at build time - -# MariaDB Galera authentication. -export ALLOW_EMPTY_PASSWORD="${ALLOW_EMPTY_PASSWORD:-no}" -export MARIADB_AUTHENTICATION_PLUGIN="${MARIADB_AUTHENTICATION_PLUGIN:-}" -export DB_AUTHENTICATION_PLUGIN="$MARIADB_AUTHENTICATION_PLUGIN" -export MARIADB_ROOT_USER="${MARIADB_ROOT_USER:-root}" -export DB_ROOT_USER="$MARIADB_ROOT_USER" # only used during the first initialization -export MARIADB_ROOT_PASSWORD="${MARIADB_ROOT_PASSWORD:-}" -export DB_ROOT_PASSWORD="$MARIADB_ROOT_PASSWORD" # only used during the first initialization -export MARIADB_USER="${MARIADB_USER:-}" -export DB_USER="$MARIADB_USER" # only used during the first initialization -export MARIADB_PASSWORD="${MARIADB_PASSWORD:-}" -export DB_PASSWORD="$MARIADB_PASSWORD" # only used during the first initialization -export MARIADB_DATABASE="${MARIADB_DATABASE:-}" -export DB_DATABASE="$MARIADB_DATABASE" # only used during the first initialization -export MARIADB_MASTER_HOST="${MARIADB_MASTER_HOST:-}" -export DB_MASTER_HOST="$MARIADB_MASTER_HOST" # only used during the first initialization -export MARIADB_MASTER_PORT_NUMBER="${MARIADB_MASTER_PORT_NUMBER:-3306}" -export DB_MASTER_PORT_NUMBER="$MARIADB_MASTER_PORT_NUMBER" # only used during the first initialization -export MARIADB_MASTER_ROOT_USER="${MARIADB_MASTER_ROOT_USER:-root}" -export DB_MASTER_ROOT_USER="$MARIADB_MASTER_ROOT_USER" # only used during the first initialization -export MARIADB_MASTER_ROOT_PASSWORD="${MARIADB_MASTER_ROOT_PASSWORD:-}" -export DB_MASTER_ROOT_PASSWORD="$MARIADB_MASTER_ROOT_PASSWORD" # only used during the first initialization -export MARIADB_MASTER_DELAY="${MARIADB_MASTER_DELAY:-0}" -export DB_MASTER_DELAY="$MARIADB_MASTER_DELAY" # only used during the first initialization -export MARIADB_REPLICATION_USER="${MARIADB_REPLICATION_USER:-}" -export DB_REPLICATION_USER="$MARIADB_REPLICATION_USER" # only used during the first initialization -export MARIADB_REPLICATION_PASSWORD="${MARIADB_REPLICATION_PASSWORD:-}" -export DB_REPLICATION_PASSWORD="$MARIADB_REPLICATION_PASSWORD" # only used during the first initialization - -# Settings -export MARIADB_PORT_NUMBER="${MARIADB_PORT_NUMBER:-}" -export DB_PORT_NUMBER="$MARIADB_PORT_NUMBER" -export MARIADB_REPLICATION_MODE="${MARIADB_REPLICATION_MODE:-}" -export DB_REPLICATION_MODE="$MARIADB_REPLICATION_MODE" -export MARIADB_REPLICATION_SLAVE_DUMP="${MARIADB_REPLICATION_SLAVE_DUMP:-false}" -export DB_REPLICATION_SLAVE_DUMP="$MARIADB_REPLICATION_SLAVE_DUMP" -export MARIADB_EXTRA_FLAGS="${MARIADB_EXTRA_FLAGS:-}" -export DB_EXTRA_FLAGS="$MARIADB_EXTRA_FLAGS" -export MARIADB_INIT_SLEEP_TIME="${MARIADB_INIT_SLEEP_TIME:-}" -export DB_INIT_SLEEP_TIME="$MARIADB_INIT_SLEEP_TIME" -export MARIADB_CHARACTER_SET="${MARIADB_CHARACTER_SET:-}" -export DB_CHARACTER_SET="$MARIADB_CHARACTER_SET" -# MARIADB_COLLATION is deprecated in favor of MARIADB_COLLATE -MARIADB_COLLATE="${MARIADB_COLLATE:-"${MARIADB_COLLATION:-}"}" -export MARIADB_COLLATE="${MARIADB_COLLATE:-}" -export DB_COLLATE="$MARIADB_COLLATE" -export MARIADB_BIND_ADDRESS="${MARIADB_BIND_ADDRESS:-}" -export DB_BIND_ADDRESS="$MARIADB_BIND_ADDRESS" -export MARIADB_SQL_MODE="${MARIADB_SQL_MODE:-}" -export DB_SQL_MODE="$MARIADB_SQL_MODE" -export MARIADB_SKIP_TEST_DB="${MARIADB_SKIP_TEST_DB:-no}" -export DB_SKIP_TEST_DB="$MARIADB_SKIP_TEST_DB" -export MARIADB_CLIENT_ENABLE_SSL="${MARIADB_CLIENT_ENABLE_SSL:-no}" -export DB_CLIENT_ENABLE_SSL="$MARIADB_CLIENT_ENABLE_SSL" -export MARIADB_CLIENT_SSL_CA_FILE="${MARIADB_CLIENT_SSL_CA_FILE:-}" -export DB_CLIENT_SSL_CA_FILE="$MARIADB_CLIENT_SSL_CA_FILE" -export MARIADB_CLIENT_SSL_CERT_FILE="${MARIADB_CLIENT_SSL_CERT_FILE:-}" -export DB_CLIENT_SSL_CERT_FILE="$MARIADB_CLIENT_SSL_CERT_FILE" -export MARIADB_CLIENT_SSL_KEY_FILE="${MARIADB_CLIENT_SSL_KEY_FILE:-}" -export DB_CLIENT_SSL_KEY_FILE="$MARIADB_CLIENT_SSL_KEY_FILE" -export MARIADB_CLIENT_EXTRA_FLAGS="${MARIADB_CLIENT_EXTRA_FLAGS:-no}" -export DB_CLIENT_EXTRA_FLAGS="$MARIADB_CLIENT_EXTRA_FLAGS" -export MARIADB_STARTUP_WAIT_RETRIES="${MARIADB_STARTUP_WAIT_RETRIES:-300}" -export DB_STARTUP_WAIT_RETRIES="$MARIADB_STARTUP_WAIT_RETRIES" -export MARIADB_STARTUP_WAIT_SLEEP_TIME="${MARIADB_STARTUP_WAIT_SLEEP_TIME:-2}" -export DB_STARTUP_WAIT_SLEEP_TIME="$MARIADB_STARTUP_WAIT_SLEEP_TIME" -MARIADB_ENABLE_SLOW_QUERY="${MARIADB_ENABLE_SLOW_QUERY:-"${DB_ENABLE_SLOW_QUERY:-}"}" -export MARIADB_ENABLE_SLOW_QUERY="${MARIADB_ENABLE_SLOW_QUERY:-0}" -export DB_ENABLE_SLOW_QUERY="$MARIADB_ENABLE_SLOW_QUERY" -MARIADB_LONG_QUERY_TIME="${MARIADB_LONG_QUERY_TIME:-"${DB_LONG_QUERY_TIME:-}"}" -export MARIADB_LONG_QUERY_TIME="${MARIADB_LONG_QUERY_TIME:-10.0}" -export DB_LONG_QUERY_TIME="$MARIADB_LONG_QUERY_TIME" - -# Galera paths -export MARIADB_GALERA_GRASTATE_FILE="${DB_DATA_DIR}/grastate.dat" -export DB_GALERA_GRASTATE_FILE="$MARIADB_GALERA_GRASTATE_FILE" -export MARIADB_GALERA_BOOTSTRAP_DIR="${DB_VOLUME_DIR}/.bootstrap" -export DB_GALERA_BOOTSTRAP_DIR="$MARIADB_GALERA_BOOTSTRAP_DIR" -export MARIADB_GALERA_BOOTSTRAP_FILE="${DB_GALERA_BOOTSTRAP_DIR}/done" -export DB_GALERA_BOOTSTRAP_FILE="$MARIADB_GALERA_BOOTSTRAP_FILE" - -# Galera build-time defaults for cluster configuration -export MARIADB_GALERA_DEFAULT_CLUSTER_ADDRESS="gcomm://" -export DB_GALERA_DEFAULT_CLUSTER_ADDRESS="$MARIADB_GALERA_DEFAULT_CLUSTER_ADDRESS" -export MARIADB_GALERA_DEFAULT_CLUSTER_NAME="galera" -export DB_GALERA_DEFAULT_CLUSTER_NAME="$MARIADB_GALERA_DEFAULT_CLUSTER_NAME" -export MARIADB_GALERA_DEFAULT_NODE_NAME="" -export DB_GALERA_DEFAULT_NODE_NAME="$MARIADB_GALERA_DEFAULT_NODE_NAME" -export MARIADB_GALERA_DEFAULT_NODE_ADDRESS="" -export DB_GALERA_DEFAULT_NODE_ADDRESS="$MARIADB_GALERA_DEFAULT_NODE_ADDRESS" -export MARIADB_GALERA_DEFAULT_SST_METHOD="mariabackup" -export DB_GALERA_DEFAULT_SST_METHOD="$MARIADB_GALERA_DEFAULT_SST_METHOD" -export MARIADB_GALERA_DEFAULT_MARIABACKUP_USER="mariabackup" -export DB_GALERA_DEFAULT_MARIABACKUP_USER="$MARIADB_GALERA_DEFAULT_MARIABACKUP_USER" -export MARIADB_GALERA_DEFAULT_MARIABACKUP_PASSWORD="" -export DB_GALERA_DEFAULT_MARIABACKUP_PASSWORD="$MARIADB_GALERA_DEFAULT_MARIABACKUP_PASSWORD" - -# Galera cluster configuration. -export MARIADB_GALERA_CONF_DIR="${MARIADB_GALERA_CONF_DIR:-/opt/bitnami/mariadb/conf}" -export DB_GALERA_CONF_DIR="$MARIADB_GALERA_CONF_DIR" -export MARIADB_GALERA_MOUNTED_CONF_DIR="${MARIADB_GALERA_MOUNTED_CONF_DIR:-/bitnami/conf}" -export DB_GALERA_MOUNTED_CONF_DIR="$MARIADB_GALERA_MOUNTED_CONF_DIR" -export MARIADB_GALERA_FORCE_SAFETOBOOTSTRAP="${MARIADB_GALERA_FORCE_SAFETOBOOTSTRAP:-}" -export DB_GALERA_FORCE_SAFETOBOOTSTRAP="$MARIADB_GALERA_FORCE_SAFETOBOOTSTRAP" -export MARIADB_GALERA_CLUSTER_BOOTSTRAP="${MARIADB_GALERA_CLUSTER_BOOTSTRAP:-}" -export DB_GALERA_CLUSTER_BOOTSTRAP="$MARIADB_GALERA_CLUSTER_BOOTSTRAP" -export MARIADB_GALERA_CLUSTER_ADDRESS="${MARIADB_GALERA_CLUSTER_ADDRESS:-}" -export DB_GALERA_CLUSTER_ADDRESS="$MARIADB_GALERA_CLUSTER_ADDRESS" -export MARIADB_GALERA_CLUSTER_NAME="${MARIADB_GALERA_CLUSTER_NAME:-$DB_GALERA_DEFAULT_CLUSTER_NAME}" -export DB_GALERA_CLUSTER_NAME="$MARIADB_GALERA_CLUSTER_NAME" -export MARIADB_GALERA_NODE_NAME="${MARIADB_GALERA_NODE_NAME:-}" -export DB_GALERA_NODE_NAME="$MARIADB_GALERA_NODE_NAME" -export MARIADB_GALERA_NODE_ADDRESS="${MARIADB_GALERA_NODE_ADDRESS:-}" -export DB_GALERA_NODE_ADDRESS="$MARIADB_GALERA_NODE_ADDRESS" -export MARIADB_GALERA_SST_METHOD="${MARIADB_GALERA_SST_METHOD:-$DB_GALERA_DEFAULT_SST_METHOD}" -export DB_GALERA_SST_METHOD="$MARIADB_GALERA_SST_METHOD" -export MARIADB_GALERA_MARIABACKUP_USER="${MARIADB_GALERA_MARIABACKUP_USER:-$DB_GALERA_DEFAULT_MARIABACKUP_USER}" -export DB_GALERA_MARIABACKUP_USER="$MARIADB_GALERA_MARIABACKUP_USER" -export MARIADB_GALERA_MARIABACKUP_PASSWORD="${MARIADB_GALERA_MARIABACKUP_PASSWORD:-$DB_GALERA_DEFAULT_MARIABACKUP_PASSWORD}" -export DB_GALERA_MARIABACKUP_PASSWORD="$MARIADB_GALERA_MARIABACKUP_PASSWORD" - -# LDAP -export MARIADB_ENABLE_LDAP="${MARIADB_ENABLE_LDAP:-no}" -export DB_ENABLE_LDAP="$MARIADB_ENABLE_LDAP" - -# SSL/TLS configuration -export MARIADB_ENABLE_TLS="${MARIADB_ENABLE_TLS:-no}" -export DB_ENABLE_TLS="$MARIADB_ENABLE_TLS" -export MARIADB_TLS_CERT_FILE="${MARIADB_TLS_CERT_FILE:-}" -export DB_TLS_CERT_FILE="$MARIADB_TLS_CERT_FILE" -export MARIADB_TLS_KEY_FILE="${MARIADB_TLS_KEY_FILE:-}" -export DB_TLS_KEY_FILE="$MARIADB_TLS_KEY_FILE" -export MARIADB_TLS_CA_FILE="${MARIADB_TLS_CA_FILE:-}" -export DB_TLS_CA_FILE="$MARIADB_TLS_CA_FILE" -export MARIADB_REPLICATION_USER="${MARIADB_REPLICATION_USER:-monitor}" -export DB_REPLICATION_USER="$MARIADB_REPLICATION_USER" # only used during the first initialization -export MARIADB_REPLICATION_PASSWORD="${MARIADB_REPLICATION_PASSWORD:-monitor}" -export DB_REPLICATION_PASSWORD="$MARIADB_REPLICATION_PASSWORD" # only used during the first initialization - -# Custom environment variables may be defined below diff --git a/bitnami/mariadb-galera/10.6/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/entrypoint.sh b/bitnami/mariadb-galera/10.6/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/entrypoint.sh deleted file mode 100755 index fc345ddf26ef..000000000000 --- a/bitnami/mariadb-galera/10.6/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/entrypoint.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/libmariadbgalera.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# We add the copy from default config in the entrypoint to not break users -# bypassing the setup.sh logic. If the file already exists do not overwrite (in -# case someone mounts a configuration file in /opt/bitnami/mariadb/conf) -debug "Copying files from $DB_DEFAULT_CONF_DIR to $DB_CONF_DIR" -cp -nr "$DB_DEFAULT_CONF_DIR"/. "$DB_CONF_DIR" - -print_welcome_page - -if [[ "$1" = "/opt/bitnami/scripts/mariadb-galera/run.sh" ]]; then - info "** Starting MariaDB setup **" - /opt/bitnami/scripts/mariadb-galera/setup.sh - info "** MariaDB setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/mariadb-galera/10.6/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/healthcheck.sh b/bitnami/mariadb-galera/10.6/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/healthcheck.sh deleted file mode 100755 index b7e19b0b6dbf..000000000000 --- a/bitnami/mariadb-galera/10.6/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/healthcheck.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libmariadbgalera.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -mysql_healthcheck diff --git a/bitnami/mariadb-galera/10.6/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/postunpack.sh b/bitnami/mariadb-galera/10.6/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/postunpack.sh deleted file mode 100755 index 37f744bc9c0a..000000000000 --- a/bitnami/mariadb-galera/10.6/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/postunpack.sh +++ /dev/null @@ -1,45 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libldapclient.sh -. /opt/bitnami/scripts/libmariadbgalera.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# Load LDAP environment variables -eval "$(ldap_env)" - -# Configure MariaDB options based on build-time defaults -info "Configuring default MariaDB options" -ensure_dir_exists "$DB_CONF_DIR" -mysql_create_default_config - -for dir in "$DB_TMP_DIR" "$DB_LOGS_DIR" "$DB_CONF_DIR" "$DB_DEFAULT_CONF_DIR" "${DB_CONF_DIR}/bitnami" "$DB_VOLUME_DIR" "$DB_DATA_DIR" "$DB_GALERA_BOOTSTRAP_DIR"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" -done - -# LDAP permissions -ldap_configure_permissions -ldap_create_pam_config "mariadb" - -# Fix to avoid issues detecting plugins in mysql_install_db -ln -sf "$DB_BASE_DIR/plugin" "$DB_BASE_DIR/lib/plugin" - -# Redirect all logging to stdout -ln -sf /dev/stdout "$DB_LOGS_DIR/mysqld.log" - -# Copy all initially generated configuration files to the default directory -# (this is to avoid breaking when entrypoint is being overridden) -cp -r "${DB_CONF_DIR}/"* "$DB_DEFAULT_CONF_DIR" diff --git a/bitnami/mariadb-galera/10.6/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/run.sh b/bitnami/mariadb-galera/10.6/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/run.sh deleted file mode 100755 index 59aecfdba0c4..000000000000 --- a/bitnami/mariadb-galera/10.6/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/run.sh +++ /dev/null @@ -1,50 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libldapclient.sh -. /opt/bitnami/scripts/libmariadbgalera.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# Load LDAP environment variables -eval "$(ldap_env)" - -# mysqld_safe does not allow logging to stdout/stderr, so we stick with mysqld -EXEC="${DB_SBIN_DIR}/mysqld" - -flags=("--defaults-file=${DB_CONF_DIR}/my.cnf" "--basedir=${DB_BASE_DIR}" "--datadir=${DB_DATA_DIR}" "--socket=${DB_SOCKET_FILE}") -[[ -z "${DB_PID_FILE:-}" ]] || flags+=("--pid-file=${DB_PID_FILE}") - -# Add flags specified via the 'DB_EXTRA_FLAGS' environment variable -read -r -a db_extra_flags <<< "$(mysql_extra_flags)" -[[ "${#db_extra_flags[@]}" -gt 0 ]] && flags+=("${db_extra_flags[@]}") - -# Add flags passed to this script -flags+=("$@") - -# Fix for MDEV-16183 - mysqld_safe already does this, but we are using mysqld -LD_PRELOAD="$(find_jemalloc_lib)${LD_PRELOAD:+ "$LD_PRELOAD"}" -export LD_PRELOAD - -is_boolean_yes "$DB_ENABLE_LDAP" && ldap_start_nslcd_bg - -info "** Starting MariaDB **" - -set_previous_boot - -if am_i_root; then - exec_as_user "$DB_DAEMON_USER" "$EXEC" "${flags[@]}" -else - exec "$EXEC" "${flags[@]}" -fi diff --git a/bitnami/mariadb-galera/10.6/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/setup.sh b/bitnami/mariadb-galera/10.6/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/setup.sh deleted file mode 100755 index 9c9d3cc2cc41..000000000000 --- a/bitnami/mariadb-galera/10.6/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/setup.sh +++ /dev/null @@ -1,48 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libmariadbgalera.sh -. /opt/bitnami/scripts/libldapclient.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# Load LDAP environment variables -eval "$(ldap_env)" - -# Ensure mysql unix socket file does not exist -rm -rf "${DB_SOCKET_FILE}.lock" -# Ensure MariaDB environment variables settings are valid -mysql_validate -# Ensure MariaDB is stopped when this script ends. -trap "mysql_stop" EXIT -if am_i_root; then - # Ensure 'daemon' user exists when running as 'root' - ensure_user_exists "$DB_DAEMON_USER" --group "$DB_DAEMON_GROUP" - # Ensure 'nslcd' user exists when running as 'root' - ensure_user_exists "$LDAP_NSLCD_USER" --group "$LDAP_NSLCD_GROUP" - # Fix logging issue when running as root - chmod o+w "$(readlink /dev/stdout)" -fi -# Ensure MariaDB is initialized -mysql_initialize -# Ensure LDAP is initialized -is_boolean_yes "$DB_ENABLE_LDAP" && ldap_initialize -# Allow running custom initialization scripts -mysql_custom_scripts 'init' -# Allow running custom start scripts -mysql_custom_scripts 'start' -# Stop MariaDB before flagging it as fully initialized. -# Relying only on the trap defined above could produce a race condition. -mysql_stop diff --git a/bitnami/mariadb-galera/10.6/debian-11/tags-info.yaml b/bitnami/mariadb-galera/10.6/debian-11/tags-info.yaml deleted file mode 100644 index 962233c0df13..000000000000 --- a/bitnami/mariadb-galera/10.6/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "10.6" -- 10.6-debian-11 -- 10.6.17 diff --git a/bitnami/mariadb-galera/11.0/debian-11/Dockerfile b/bitnami/mariadb-galera/11.0/debian-11/Dockerfile deleted file mode 100644 index 60438d18ae7c..000000000000 --- a/bitnami/mariadb-galera/11.0/debian-11/Dockerfile +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T10:31:22Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="11.0.5-debian-11-r14" \ - org.opencontainers.image.title="mariadb-galera" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="11.0.5" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl iproute2 ldap-utils libaio1 libaudit1 libcap-ng0 libcrypt1 libgcc-s1 libicu67 libldap-common liblzma5 libncurses6 libpam-ldapd libpam0g libssl1.1 libstdc++6 libtinfo6 libxml2 nslcd procps psmisc rsync socat zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "ini-file-1.4.6-8-linux-${OS_ARCH}-debian-11" \ - "mariadb-galera-11.0.5-0-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN mkdir /docker-entrypoint-initdb.d - -COPY rootfs / -RUN /opt/bitnami/scripts/mariadb-galera/postunpack.sh -ENV APP_VERSION="11.0.5" \ - BITNAMI_APP_NAME="mariadb-galera" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/common/sbin:/opt/bitnami/mariadb/bin:/opt/bitnami/mariadb/sbin:$PATH" - -EXPOSE 3306 4444 4567 4568 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/mariadb-galera/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/mariadb-galera/run.sh" ] diff --git a/bitnami/mariadb-galera/11.0/debian-11/docker-compose.yml b/bitnami/mariadb-galera/11.0/debian-11/docker-compose.yml deleted file mode 100644 index 601dc9238bb7..000000000000 --- a/bitnami/mariadb-galera/11.0/debian-11/docker-compose.yml +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2.1' - -services: - mariadb-galera: - image: docker.io/bitnami/mariadb-galera:11.0 - ports: - - '3306:3306' - - '4444:4444' - - '4567:4567' - - '4568:4568' - volumes: - - 'mariadb_galera_data:/bitnami/mariadb' - environment: - # ALLOW_EMPTY_PASSWORD is recommended only for development. - - ALLOW_EMPTY_PASSWORD=yes - - MARIADB_GALERA_CLUSTER_ADDRESS=gcomm:// - healthcheck: - test: ['CMD', '/opt/bitnami/scripts/mariadb-galera/healthcheck.sh'] - interval: 15s - timeout: 5s - retries: 6 - -volumes: - mariadb_galera_data: - driver: local diff --git a/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index f5a0dfc15d15..000000000000 --- a/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "ini-file": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.4.6-8" - }, - "mariadb-galera": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "11.0.5-0" - } -} \ No newline at end of file diff --git a/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/mariadb-galera/11.0/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/mariadb-galera/11.0/debian-11/rootfs/opt/bitnami/scripts/libldapclient.sh b/bitnami/mariadb-galera/11.0/debian-11/rootfs/opt/bitnami/scripts/libldapclient.sh deleted file mode 100644 index 3ab5431883a1..000000000000 --- a/bitnami/mariadb-galera/11.0/debian-11/rootfs/opt/bitnami/scripts/libldapclient.sh +++ /dev/null @@ -1,222 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami LDAP library - -# shellcheck disable=SC1090,SC1091 - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -######################## -# Loads global variables used on LDAP configuration. -# Globals: -# LDAP_* -# Arguments: -# None -# Returns: -# Series of exports to be used as 'eval' arguments -######################### -ldap_env() { - cat <<"EOF" -export LDAP_NSLCD_USER="nslcd" -export LDAP_URI="${LDAP_URI:-}" -export LDAP_BASE="${LDAP_BASE:-}" -export LDAP_BIND_DN="${LDAP_BIND_DN:-}" -export LDAP_BIND_PASSWORD="${LDAP_BIND_PASSWORD:-}" -export LDAP_BASE_LOOKUP="${LDAP_BASE_LOOKUP:-}" -export LDAP_NSS_INITGROUPS_IGNOREUSERS="${LDAP_NSS_INITGROUPS_IGNOREUSERS:-root,nslcd}" -export LDAP_SCOPE="${LDAP_SCOPE:-}" -export LDAP_TLS_REQCERT="${LDAP_TLS_REQCERT:-}" -export LDAP_SEARCH_FILTER="${LDAP_SEARCH_FILTER:-}" -export LDAP_SEARCH_MAP="${LDAP_SEARCH_MAP:-}" - -EOF - if [[ "$OS_FLAVOUR" =~ ^debian-.*$ ]]; then - cat <<"EOF" -export LDAP_NSLCD_GROUP="nslcd" -EOF - elif [[ "$OS_FLAVOUR" =~ ^(photon)-.*$ ]]; then - cat <<"EOF" -export LDAP_NSLCD_GROUP="ldap" -EOF - fi -} - -######################## -# Return LDAP config file path depending on distro -# Globals: -# OS_FLAVOUR -# Arguments: -# None -# Returns: -# (String) LDAP config file path -######################### -ldap_openldap_config_path() { - local openldap_config - case "$OS_FLAVOUR" in - debian-* | ubuntu-*) openldap_config=/etc/ldap/ldap.conf ;; - photon-* | redhatubi-*) openldap_config=/etc/openldap/ldap.conf ;; - *) error "Unsupported OS flavor ${OS_FLAVOUR}" && exit 1 ;; - esac - echo "$openldap_config" -} - -######################## -# Configure LDAP permissions (to be used at postunpack leve). -# Globals: -# LDAP_* -# Arguments: -# None -# Returns: -# None -######################### -ldap_configure_permissions() { - ensure_dir_exists "/var/run/nslcd" && configure_permissions_ownership "/var/run/nslcd" -u "root" -g "root" -d "775" - # The nslcd.conf file may not exist in distros like UBI, so we need to create it first - touch "/etc/nslcd.conf" - configure_permissions_ownership "/etc/nslcd.conf" -u "root" -g "root" -f "660" - configure_permissions_ownership "$(ldap_openldap_config_path)" -u "root" -g "root" -f "660" -} - -######################## -# Create nslcd.conf file -# Globals: -# LDAP_* -# Arguments: -# None -# Returns: -# None -######################### -ldap_create_nslcd_config() { - if am_i_root; then - chown "root:${LDAP_NSLCD_GROUP}" "/etc/nslcd.conf" - chown -R "${LDAP_NSLCD_USER}:${LDAP_NSLCD_GROUP}" "/var/run/nslcd" - cat >"/etc/nslcd.conf" <"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"$(ldap_openldap_config_path)" <"/etc/pam.d/${filename}" < 32 )); then - print_validation_error "The password can not be longer than 32 characters. Set the environment variable $(get_env_var ROOT_PASSWORD) with a shorter value (currently ${#DB_ROOT_PASSWORD} characters)" - fi - if [[ -n "$DB_USER" ]]; then - if is_boolean_yes "$DB_ENABLE_LDAP" && [[ -n "$DB_PASSWORD" ]]; then - warn "You enabled LDAP authentication. '$DB_USER' user will be authentication using LDAP, the password set at the environment variable $(get_env_var PASSWORD) will be ignored" - elif ! is_boolean_yes "$DB_ENABLE_LDAP" && [[ -z "$DB_PASSWORD" ]]; then - empty_password_error "$(get_env_var PASSWORD)" - fi - fi - fi - fi - - if [[ -n "$DB_GALERA_FORCE_SAFETOBOOTSTRAP" ]] && ! is_yes_no_value "$DB_GALERA_FORCE_SAFETOBOOTSTRAP"; then - print_validation_error "The allowed values for $(get_env_var GALERA_FORCE_SAFETOBOOTSTRAP) are yes or no." - fi - - if [[ -z "$DB_GALERA_CLUSTER_NAME" ]]; then - print_validation_error "Galera cluster cannot be created without setting the environment variable $(get_env_var GALERA_CLUSTER_NAME)." - fi - - if [[ -z "$(get_galera_cluster_address_value)" ]]; then - print_validation_error "Galera cluster cannot be created without setting the environment variable $(get_env_var GALERA_CLUSTER_ADDRESS). If you are bootstrapping a new Galera cluster, set the environment variable $(get_env_var GALERA_CLUSTER_ADDRESS)=yes." - fi - - if [[ "${DB_ROOT_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "$(get_env_var ROOT_PASSWORD)" - fi - if [[ "${DB_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "$(get_env_var PASSWORD)" - fi - - if is_boolean_yes "$DB_ENABLE_LDAP" && { [[ -z "${LDAP_URI}" ]] || [[ -z "${LDAP_BASE}" ]] || [[ -z "${LDAP_BIND_DN}" ]] || [[ -z "${LDAP_BIND_PASSWORD}" ]]; }; then - print_validation_error "The LDAP configuration is required when LDAP authentication is enabled. Set the environment variables LDAP_URI, LDAP_BASE, LDAP_BIND_DN and LDAP_BIND_PASSWORD with the LDAP configuration." - fi - - if is_boolean_yes "$DB_ENABLE_TLS"; then - if [[ -z "${DB_TLS_CERT_FILE}" ]] || [[ -z "${DB_TLS_KEY_FILE}" ]] || [[ -z "${DB_TLS_CA_FILE}" ]]; then - print_validation_error "The TLS cert file, key and CA are required when TLS is enabled. Set the environment variables TLS_CERT_FILE, TLS_KEY_FILE and TLS_CA_FILE with the path to each file." - fi - if [[ ! -f "${DB_TLS_CERT_FILE}" ]]; then - print_validation_error "The TLS_CERT file ${DB_TLS_CERT_FILE} must exist." - fi - if [[ ! -f "${DB_TLS_KEY_FILE}" ]]; then - print_validation_error "The TLS_KEY file ${DB_TLS_KEY_FILE} must exist." - fi - if [[ ! -f "${DB_TLS_CA_FILE}" ]]; then - print_validation_error "The TLS_CA file ${DB_TLS_CA_FILE} must exist." - fi - fi - - collation_env_var="$(get_env_var COLLATION)" - is_empty_value "${!collation_env_var:-}" || warn "The usage of '$(get_env_var COLLATION)' is deprecated and will soon be removed. Use '$(get_env_var COLLATE)' instead." - - [[ "$error_code" -eq 0 ]] || exit "$error_code" -} - -######################## -# Creates MySQL/MariaDB configuration file -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_create_default_config() { - debug "Creating main configuration file" - cat > "$DB_CONF_FILE" < "${DB_CONF_DIR}/bitnami/my_custom.cnf" - else - warn "Could not inject custom configuration for the ${DB_FLAVOR} configuration file '$DB_CONF_DIR/bitnami/my_custom.cnf' because it is not writable." - fi - fi - - if [[ -e "$DB_DATA_DIR/mysql" ]]; then - info "Persisted data detected. Restoring" - - if is_boolean_yes "$(get_galera_cluster_bootstrap_value)"; then - if is_boolean_yes "$DB_GALERA_FORCE_SAFETOBOOTSTRAP"; then - set_safe_to_bootstrap - fi - if ! is_safe_to_bootstrap; then - error "It is not safe to bootstrap form this node ('safe_to_bootstrap=0' is set in 'grastate.dat'). If you want to force bootstrap, set the environment variable MARIADB_GALERA_FORCE_SAFETOBOOTSTRAP=yes" - exit 1 - fi - fi - - return - else - # initialization should not be performed on non-primary nodes of a galera cluster - if is_boolean_yes "$(get_galera_cluster_bootstrap_value)"; then - debug "Cleaning data directory to ensure successfully initialization" - rm -rf "${DB_DATA_DIR:?}"/* - mysql_install_db - mysql_start_bg - debug "Deleting all users to avoid issues with galera configuration" - mysql_execute "mysql" </dev/null - hostname - fi -} - -######################## -# Check for user override of wsrep_node_address -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# String with node address -######################### -get_node_address() { - if [[ -n "$DB_GALERA_NODE_ADDRESS" ]]; then - echo "$DB_GALERA_NODE_ADDRESS" - else - # In some environments, the network may not be fully set up when starting the initialization - # So, to avoid issues, we retry the 'hostname' command until it succeeds (for a few minutes) - local -r retries="60" - local -r seconds="5" - retry_while "hostname -i" "$retries" "$seconds" >/dev/null - # prefer IPv6 over IPv4 if available - # This works by pulling any IPv4 addresses encountered into hold space and emitting it only when the EOF line is encountered - printf '%s\nEOF' "$(hostname -i | tr ' ' '\n')" | sed '/:/{;q;};/^EOF$/{;g;q;};h;d' - fi -} - -######################## -# Starts MySQL/MariaDB in the background and waits until it's ready -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_start_bg() { - local -a flags=("--defaults-file=${DB_CONF_FILE}" "--basedir=${DB_BASE_DIR}" "--datadir=${DB_DATA_DIR}" "--socket=${DB_SOCKET_FILE}") - - # Only allow local connections until MySQL is fully initialized, to avoid apps trying to connect to MySQL before it is fully initialized - flags+=("--bind-address=127.0.0.1") - - # Add flags specified via the 'DB_EXTRA_FLAGS' environment variable - read -r -a db_extra_flags <<< "$(mysql_extra_flags)" - [[ "${#db_extra_flags[@]}" -gt 0 ]] && flags+=("${db_extra_flags[@]}") - - # Do not start as root, to avoid permission issues - am_i_root && flags+=("--user=${DB_DAEMON_USER}") - - # The slave should only start in 'run.sh', elseways user credentials would be needed for any connection - flags+=("--skip-slave-start") - flags+=("$@") - - is_mysql_running && return - - info "Starting $DB_FLAVOR in background" - debug_execute "${DB_SBIN_DIR}/mysqld" "${flags[@]}" & - - # we cannot use wait_for_mysql_access here as mysql_upgrade for MySQL >=8 depends on this command - # users are not configured on slave nodes during initialization due to --skip-slave-start - wait_for_mysql - - # Wait for WSREP to be ready. If WSREP is not ready, we cannot do any transactions, thus cannot - # create any users, and WSREP instantly kills MariaDB if doing so - wait_for_wsrep - - # Special configuration flag for system with slow disks that could take more time - # in initializing - if [[ -n "${DB_INIT_SLEEP_TIME}" ]]; then - debug "Sleeping ${DB_INIT_SLEEP_TIME} seconds before continuing with initialization" - sleep "${DB_INIT_SLEEP_TIME}" - fi -} - -######################## -# Wait for WSREP to be ready to do transactions -# Arguments: -# None -# Returns: -# None -######################## -wait_for_wsrep() { - local -r retries=300 - local -r sleep_time=2 - if ! retry_while is_wsrep_ready "$retries" "$sleep_time"; then - error "WSREP did not become ready" - return 1 - fi -} - -######################## -# Checks for WSREP to be ready to do transactions -# Arguments: -# None -# Returns: -# Boolean -######################## -is_wsrep_ready() { - debug "Checking if WSREP is ready" - is_ready="$(mysql_execute_print_output "mysql" "root" <> "$custom_conf_file" - cat "$old_custom_conf_file" >> "$custom_conf_file" - fi - if am_i_root; then - [[ -e "$DB_VOLUME_DIR/.initialized" ]] && rm "$DB_VOLUME_DIR/.initialized" - rm -rf "$DB_VOLUME_DIR/conf" - else - warn "Old custom configuration migrated, please manually remove the 'conf' directory from the volume use to persist data" - fi -} - -######################## -# Ensure a db user exists with the given password for the '%' host -# Globals: -# DB_* -# Flags: -# -p|--password - database password -# -u|--user - database user -# --auth-plugin - authentication plugin -# --use-ldap - authenticate user via LDAP -# --host - database host -# --port - database host -# Arguments: -# $1 - database user -# Returns: -# None -######################### -mysql_ensure_user_exists() { - local -r user="${1:?user is required}" - local password="" - local auth_plugin="" - local use_ldap="no" - local hosts - local auth_string="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -p|--password) - shift - password="${1:?missing database password}" - ;; - --auth-plugin) - shift - auth_plugin="${1:?missing authentication plugin}" - ;; - --use-ldap) - use_ldap="yes" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if is_boolean_yes "$use_ldap"; then - auth_string="identified via pam using '$DB_FLAVOR'" - elif [[ -n "$password" ]]; then - if [[ -n "$auth_plugin" ]]; then - auth_string="identified with $auth_plugin by '$password'" - else - auth_string="identified by '$password'" - fi - fi - debug "creating database user \'$user\'" - - local -a mysql_execute_cmd=("mysql_execute") - local -a mysql_execute_print_output_cmd=("mysql_execute_print_output") - if [[ -n "$db_host" && -n "$db_port" ]]; then - mysql_execute_cmd=("mysql_remote_execute" "$db_host" "$db_port") - mysql_execute_print_output_cmd=("mysql_remote_execute_print_output" "$db_host" "$db_port") - fi - - local mysql_create_user_cmd - [[ "$DB_FLAVOR" = "mariadb" ]] && mysql_create_user_cmd="create or replace user" || mysql_create_user_cmd="create user if not exists" - "${mysql_execute_cmd[@]}" "mysql" "$DB_ROOT_USER" "$DB_ROOT_PASSWORD" <=10.4, the mysql.user table was replaced with a view: https://mariadb.com/kb/en/mysqluser-table/ - # Views have a definer user, in this case set to 'root', which needs to exist for the view to work - # In MySQL, to avoid issues when renaming the root user, they use the 'mysql.sys' user as a definer: https://dev.mysql.com/doc/refman/5.7/en/sys-schema.html - # However, for MariaDB that is not the case, so when the 'root' user is renamed the 'mysql.user' table stops working and the view needs to be fixed - if [[ "$user" != "root" && ! "$(mysql_get_version)" =~ ^10.[0123]. ]]; then - alter_view_str="$(mysql_execute_print_output "mysql" "$user" "$password" "-s" <&2 - return 1 - ;; - esac - shift - done - - local -a mysql_execute_cmd=("mysql_execute") - [[ -n "$db_host" && -n "$db_port" ]] && mysql_execute_cmd=("mysql_remote_execute" "$db_host" "$db_port") - - local -a create_database_args=() - [[ -n "$character_set" ]] && create_database_args+=("character set = '${character_set}'") - [[ -n "$collate" ]] && create_database_args+=("collate = '${collate}'") - - debug "Creating database $database" - "${mysql_execute_cmd[@]}" "mysql" "$DB_ROOT_USER" "$DB_ROOT_PASSWORD" <&2 - return 1 - ;; - esac - shift - done - - local -a flags=("$user") - [[ -n "$db_host" ]] && flags+=("--host" "${db_host}") - [[ -n "$db_port" ]] && flags+=("--port" "${db_port}") - if is_boolean_yes "$use_ldap"; then - flags+=("--use-ldap") - elif [[ -n "$password" ]]; then - flags+=("-p" "$password") - [[ -n "$auth_plugin" ]] && flags=("${flags[@]}" "--auth-plugin" "$auth_plugin") - fi - mysql_ensure_user_exists "${flags[@]}" -} - -######################## -# Optionally create the given database, and then optionally give a user -# full privileges on the database. -# Flags: -# -u|--user - database user -# --character-set - character set -# --collation - collation -# --host - database host -# --port - database port -# Arguments: -# $1 - database name -# Returns: -# None -######################### -mysql_ensure_optional_database_exists() { - local -r database="${1:?database is missing}" - local character_set="" - local collate="" - local user="" - local privileges="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - --character-set) - shift - character_set="${1:?missing character set}" - ;; - --collate) - shift - collate="${1:?missing collate}" - ;; - -u|--user) - shift - user="${1:?missing database user}" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - --privileges) - shift - privileges="${1:?missing privileges}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - local -a flags=("$database") - [[ -n "$character_set" ]] && flags+=("--character-set" "$character_set") - [[ -n "$collate" ]] && flags+=("--collate" "$collate") - [[ -n "$db_host" ]] && flags+=("--host" "$db_host") - [[ -n "$db_port" ]] && flags+=("--port" "$db_port") - mysql_ensure_database_exists "${flags[@]}" - - if [[ -n "$user" ]]; then - mysql_ensure_user_has_database_privileges "$user" "$database" "$privileges" "$db_host" "$db_port" - fi -} - -######################## -# Add or modify an entry in the MySQL configuration file ("$DB_CONF_FILE") -# Globals: -# DB_* -# Arguments: -# $1 - MySQL variable name -# $2 - Value to assign to the MySQL variable -# $3 - Section in the MySQL configuration file the key is located (default: mysqld) -# $4 - Configuration file (default: "$BD_CONF_FILE") -# Returns: -# None -######################### -mysql_conf_set() { - local -r key="${1:?key missing}" - local -r value="${2:?value missing}" - read -r -a sections <<<"${3:-mysqld}" - local -r ignore_inline_comments="${4:-no}" - local -r file="${5:-"$DB_CONF_FILE"}" - info "Setting ${key} option" - debug "Setting ${key} to '${value}' in ${DB_FLAVOR} configuration file ${file}" - # Check if the configuration exists in the file - for section in "${sections[@]}"; do - if is_boolean_yes "$ignore_inline_comments"; then - ini-file set --ignore-inline-comments --section "$section" --key "$key" --value "$value" "$file" - else - ini-file set --section "$section" --key "$key" --value "$value" "$file" - fi - done -} - -######################## -# Update MySQL/MariaDB configuration file with user custom inputs -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_update_custom_config() { - # Persisted configuration files from old versions - ! is_dir_empty "$DB_VOLUME_DIR" && [[ -d "$DB_VOLUME_DIR/conf" ]] && mysql_migrate_old_configuration - - # User injected custom configuration - if [[ -f "$DB_CONF_DIR/my_custom.cnf" ]]; then - debug "Injecting custom configuration from my_custom.conf" - cat "$DB_CONF_DIR/my_custom.cnf" > "$DB_CONF_DIR/bitnami/my_custom.cnf" - fi - - ! is_empty_value "$DB_USER" && mysql_conf_set "user" "$DB_USER" "mysqladmin" - ! is_empty_value "$DB_PORT_NUMBER" && mysql_conf_set "port" "$DB_PORT_NUMBER" "mysqld client manager" - ! is_empty_value "$DB_CHARACTER_SET" && mysql_conf_set "character_set_server" "$DB_CHARACTER_SET" - ! is_empty_value "$DB_COLLATE" && mysql_conf_set "collation_server" "$DB_COLLATE" - ! is_empty_value "$DB_BIND_ADDRESS" && mysql_conf_set "bind_address" "$DB_BIND_ADDRESS" - ! is_empty_value "$DB_AUTHENTICATION_PLUGIN" && mysql_conf_set "default_authentication_plugin" "$DB_AUTHENTICATION_PLUGIN" - ! is_empty_value "$DB_SQL_MODE" && mysql_conf_set "sql_mode" "$DB_SQL_MODE" - ! is_empty_value "$DB_ENABLE_SLOW_QUERY" && mysql_conf_set "slow_query_log" "$DB_ENABLE_SLOW_QUERY" - ! is_empty_value "$DB_LONG_QUERY_TIME" && mysql_conf_set "long_query_time" "$DB_LONG_QUERY_TIME" - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Find the path to the libjemalloc library file -# Globals: -# None -# Arguments: -# None -# Returns: -# Path to a libjemalloc shared object file -######################### -find_jemalloc_lib() { - local -a locations=( "/usr/lib" "/usr/lib64" ) - local -r pattern='libjemalloc.so.[0-9]' - local path - for dir in "${locations[@]}"; do - # Find the first element matching the pattern and quit - [[ ! -d "$dir" ]] && continue - path="$(find "$dir" -name "$pattern" -print -quit)" - [[ -n "$path" ]] && break - done - echo "${path:-}" -} - -######################## -# Execute a reliable health check against the current mysql instance -# Globals: -# DB_ROOT_PASSWORD, DB_MASTER_ROOT_PASSWORD -# Arguments: -# None -# Returns: -# mysqladmin output -######################### -mysql_healthcheck() { - local args=("-uroot" "-h0.0.0.0") - local root_password - - root_password="$(get_master_env_var_value ROOT_PASSWORD)" - if [[ -n "$root_password" ]]; then - args+=("-p${root_password}") - fi - - mysqladmin "${args[@]}" ping && mysqladmin "${args[@]}" status -} - -######################## -# Prints flavor of 'mysql' client (useful to determine proper CLI flags that can be used) -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# mysql client flavor -######################### -mysql_client_flavor() { - if "${DB_BIN_DIR}/mysql" "--version" 2>&1 | grep -q MariaDB; then - echo "mariadb" - else - echo "mysql" - fi -} - -######################## -# Prints extra options for MySQL client calls (i.e. SSL options) -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# List of options to pass to "mysql" CLI -######################### -mysql_client_extra_opts() { - # Helper to get the proper value for the MySQL client environment variable - mysql_client_env_value() { - local env_name="MYSQL_CLIENT_${1:?missing name}" - if [[ -n "${!env_name:-}" ]]; then - echo "${!env_name:-}" - else - env_name="DB_CLIENT_${1}" - echo "${!env_name:-}" - fi - } - local -a opts=() - local key value - if is_boolean_yes "${DB_ENABLE_SSL:-no}"; then - if [[ "$(mysql_client_flavor)" = "mysql" ]]; then - opts+=("--ssl-mode=REQUIRED") - else - opts+=("--ssl=TRUE") - fi - # Add "--ssl-ca", "--ssl-key" and "--ssl-cert" options if the env vars are defined - for key in ca key cert; do - value="$(mysql_client_env_value "SSL_${key^^}_FILE")" - [[ -n "${value}" ]] && opts+=("--ssl-${key}=${value}") - done - fi - echo "${opts[@]:-}" -} diff --git a/bitnami/mariadb-galera/11.0/debian-11/rootfs/opt/bitnami/scripts/mariadb-env.sh b/bitnami/mariadb-galera/11.0/debian-11/rootfs/opt/bitnami/scripts/mariadb-env.sh deleted file mode 100644 index 8f8b893a268c..000000000000 --- a/bitnami/mariadb-galera/11.0/debian-11/rootfs/opt/bitnami/scripts/mariadb-env.sh +++ /dev/null @@ -1,261 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for mariadb - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-mariadb}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -mariadb_env_vars=( - ALLOW_EMPTY_PASSWORD - MARIADB_AUTHENTICATION_PLUGIN - MARIADB_ROOT_USER - MARIADB_ROOT_PASSWORD - MARIADB_USER - MARIADB_PASSWORD - MARIADB_DATABASE - MARIADB_MASTER_HOST - MARIADB_MASTER_PORT_NUMBER - MARIADB_MASTER_ROOT_USER - MARIADB_MASTER_ROOT_PASSWORD - MARIADB_MASTER_DELAY - MARIADB_REPLICATION_USER - MARIADB_REPLICATION_PASSWORD - MARIADB_PORT_NUMBER - MARIADB_REPLICATION_MODE - MARIADB_REPLICATION_SLAVE_DUMP - MARIADB_EXTRA_FLAGS - MARIADB_INIT_SLEEP_TIME - MARIADB_CHARACTER_SET - MARIADB_COLLATE - MARIADB_BIND_ADDRESS - MARIADB_SQL_MODE - MARIADB_SKIP_TEST_DB - MARIADB_CLIENT_ENABLE_SSL - MARIADB_CLIENT_SSL_CA_FILE - MARIADB_CLIENT_SSL_CERT_FILE - MARIADB_CLIENT_SSL_KEY_FILE - MARIADB_CLIENT_EXTRA_FLAGS - MARIADB_STARTUP_WAIT_RETRIES - MARIADB_STARTUP_WAIT_SLEEP_TIME - MARIADB_ENABLE_SLOW_QUERY - MARIADB_LONG_QUERY_TIME - MARIADB_GALERA_CONF_DIR - MARIADB_GALERA_MOUNTED_CONF_DIR - MARIADB_GALERA_FORCE_SAFETOBOOTSTRAP - MARIADB_GALERA_CLUSTER_BOOTSTRAP - MARIADB_GALERA_CLUSTER_ADDRESS - MARIADB_GALERA_CLUSTER_NAME - MARIADB_GALERA_NODE_NAME - MARIADB_GALERA_NODE_ADDRESS - MARIADB_GALERA_SST_METHOD - MARIADB_GALERA_MARIABACKUP_USER - MARIADB_GALERA_MARIABACKUP_PASSWORD - MARIADB_ENABLE_LDAP - MARIADB_ENABLE_TLS - MARIADB_TLS_CERT_FILE - MARIADB_TLS_KEY_FILE - MARIADB_TLS_CA_FILE - MARIADB_REPLICATION_USER - MARIADB_REPLICATION_PASSWORD - DB_ENABLE_SLOW_QUERY - DB_LONG_QUERY_TIME -) -for env_var in "${mariadb_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset mariadb_env_vars -export DB_FLAVOR="mariadb" - -# Paths -export DB_BASE_DIR="${BITNAMI_ROOT_DIR}/mariadb" -export DB_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/mariadb" -export DB_DATA_DIR="${DB_VOLUME_DIR}/data" -export DB_BIN_DIR="${DB_BASE_DIR}/bin" -export DB_SBIN_DIR="${DB_BASE_DIR}/sbin" -export DB_CONF_DIR="${DB_BASE_DIR}/conf" -export DB_DEFAULT_CONF_DIR="${DB_BASE_DIR}/conf.default" -export DB_LOGS_DIR="${DB_BASE_DIR}/logs" -export DB_TMP_DIR="${DB_BASE_DIR}/tmp" -export DB_CONF_FILE="${DB_CONF_DIR}/my.cnf" -export DB_PID_FILE="${DB_TMP_DIR}/mysqld.pid" -export DB_SOCKET_FILE="${DB_TMP_DIR}/mysql.sock" -export PATH="${DB_SBIN_DIR}:${DB_BIN_DIR}:/opt/bitnami/common/bin:${PATH}" - -# System users (when running with a privileged user) -export DB_DAEMON_USER="mysql" -export DB_DAEMON_GROUP="mysql" - -# Default configuration (build-time) -export MARIADB_DEFAULT_PORT_NUMBER="3306" -export DB_DEFAULT_PORT_NUMBER="$MARIADB_DEFAULT_PORT_NUMBER" # only used at build time -export MARIADB_DEFAULT_CHARACTER_SET="utf8mb4" -export DB_DEFAULT_CHARACTER_SET="$MARIADB_DEFAULT_CHARACTER_SET" # only used at build time -export MARIADB_DEFAULT_BIND_ADDRESS="0.0.0.0" -export DB_DEFAULT_BIND_ADDRESS="$MARIADB_DEFAULT_BIND_ADDRESS" # only used at build time - -# MariaDB Galera authentication. -export ALLOW_EMPTY_PASSWORD="${ALLOW_EMPTY_PASSWORD:-no}" -export MARIADB_AUTHENTICATION_PLUGIN="${MARIADB_AUTHENTICATION_PLUGIN:-}" -export DB_AUTHENTICATION_PLUGIN="$MARIADB_AUTHENTICATION_PLUGIN" -export MARIADB_ROOT_USER="${MARIADB_ROOT_USER:-root}" -export DB_ROOT_USER="$MARIADB_ROOT_USER" # only used during the first initialization -export MARIADB_ROOT_PASSWORD="${MARIADB_ROOT_PASSWORD:-}" -export DB_ROOT_PASSWORD="$MARIADB_ROOT_PASSWORD" # only used during the first initialization -export MARIADB_USER="${MARIADB_USER:-}" -export DB_USER="$MARIADB_USER" # only used during the first initialization -export MARIADB_PASSWORD="${MARIADB_PASSWORD:-}" -export DB_PASSWORD="$MARIADB_PASSWORD" # only used during the first initialization -export MARIADB_DATABASE="${MARIADB_DATABASE:-}" -export DB_DATABASE="$MARIADB_DATABASE" # only used during the first initialization -export MARIADB_MASTER_HOST="${MARIADB_MASTER_HOST:-}" -export DB_MASTER_HOST="$MARIADB_MASTER_HOST" # only used during the first initialization -export MARIADB_MASTER_PORT_NUMBER="${MARIADB_MASTER_PORT_NUMBER:-3306}" -export DB_MASTER_PORT_NUMBER="$MARIADB_MASTER_PORT_NUMBER" # only used during the first initialization -export MARIADB_MASTER_ROOT_USER="${MARIADB_MASTER_ROOT_USER:-root}" -export DB_MASTER_ROOT_USER="$MARIADB_MASTER_ROOT_USER" # only used during the first initialization -export MARIADB_MASTER_ROOT_PASSWORD="${MARIADB_MASTER_ROOT_PASSWORD:-}" -export DB_MASTER_ROOT_PASSWORD="$MARIADB_MASTER_ROOT_PASSWORD" # only used during the first initialization -export MARIADB_MASTER_DELAY="${MARIADB_MASTER_DELAY:-0}" -export DB_MASTER_DELAY="$MARIADB_MASTER_DELAY" # only used during the first initialization -export MARIADB_REPLICATION_USER="${MARIADB_REPLICATION_USER:-}" -export DB_REPLICATION_USER="$MARIADB_REPLICATION_USER" # only used during the first initialization -export MARIADB_REPLICATION_PASSWORD="${MARIADB_REPLICATION_PASSWORD:-}" -export DB_REPLICATION_PASSWORD="$MARIADB_REPLICATION_PASSWORD" # only used during the first initialization - -# Settings -export MARIADB_PORT_NUMBER="${MARIADB_PORT_NUMBER:-}" -export DB_PORT_NUMBER="$MARIADB_PORT_NUMBER" -export MARIADB_REPLICATION_MODE="${MARIADB_REPLICATION_MODE:-}" -export DB_REPLICATION_MODE="$MARIADB_REPLICATION_MODE" -export MARIADB_REPLICATION_SLAVE_DUMP="${MARIADB_REPLICATION_SLAVE_DUMP:-false}" -export DB_REPLICATION_SLAVE_DUMP="$MARIADB_REPLICATION_SLAVE_DUMP" -export MARIADB_EXTRA_FLAGS="${MARIADB_EXTRA_FLAGS:-}" -export DB_EXTRA_FLAGS="$MARIADB_EXTRA_FLAGS" -export MARIADB_INIT_SLEEP_TIME="${MARIADB_INIT_SLEEP_TIME:-}" -export DB_INIT_SLEEP_TIME="$MARIADB_INIT_SLEEP_TIME" -export MARIADB_CHARACTER_SET="${MARIADB_CHARACTER_SET:-}" -export DB_CHARACTER_SET="$MARIADB_CHARACTER_SET" -# MARIADB_COLLATION is deprecated in favor of MARIADB_COLLATE -MARIADB_COLLATE="${MARIADB_COLLATE:-"${MARIADB_COLLATION:-}"}" -export MARIADB_COLLATE="${MARIADB_COLLATE:-}" -export DB_COLLATE="$MARIADB_COLLATE" -export MARIADB_BIND_ADDRESS="${MARIADB_BIND_ADDRESS:-}" -export DB_BIND_ADDRESS="$MARIADB_BIND_ADDRESS" -export MARIADB_SQL_MODE="${MARIADB_SQL_MODE:-}" -export DB_SQL_MODE="$MARIADB_SQL_MODE" -export MARIADB_SKIP_TEST_DB="${MARIADB_SKIP_TEST_DB:-no}" -export DB_SKIP_TEST_DB="$MARIADB_SKIP_TEST_DB" -export MARIADB_CLIENT_ENABLE_SSL="${MARIADB_CLIENT_ENABLE_SSL:-no}" -export DB_CLIENT_ENABLE_SSL="$MARIADB_CLIENT_ENABLE_SSL" -export MARIADB_CLIENT_SSL_CA_FILE="${MARIADB_CLIENT_SSL_CA_FILE:-}" -export DB_CLIENT_SSL_CA_FILE="$MARIADB_CLIENT_SSL_CA_FILE" -export MARIADB_CLIENT_SSL_CERT_FILE="${MARIADB_CLIENT_SSL_CERT_FILE:-}" -export DB_CLIENT_SSL_CERT_FILE="$MARIADB_CLIENT_SSL_CERT_FILE" -export MARIADB_CLIENT_SSL_KEY_FILE="${MARIADB_CLIENT_SSL_KEY_FILE:-}" -export DB_CLIENT_SSL_KEY_FILE="$MARIADB_CLIENT_SSL_KEY_FILE" -export MARIADB_CLIENT_EXTRA_FLAGS="${MARIADB_CLIENT_EXTRA_FLAGS:-no}" -export DB_CLIENT_EXTRA_FLAGS="$MARIADB_CLIENT_EXTRA_FLAGS" -export MARIADB_STARTUP_WAIT_RETRIES="${MARIADB_STARTUP_WAIT_RETRIES:-300}" -export DB_STARTUP_WAIT_RETRIES="$MARIADB_STARTUP_WAIT_RETRIES" -export MARIADB_STARTUP_WAIT_SLEEP_TIME="${MARIADB_STARTUP_WAIT_SLEEP_TIME:-2}" -export DB_STARTUP_WAIT_SLEEP_TIME="$MARIADB_STARTUP_WAIT_SLEEP_TIME" -MARIADB_ENABLE_SLOW_QUERY="${MARIADB_ENABLE_SLOW_QUERY:-"${DB_ENABLE_SLOW_QUERY:-}"}" -export MARIADB_ENABLE_SLOW_QUERY="${MARIADB_ENABLE_SLOW_QUERY:-0}" -export DB_ENABLE_SLOW_QUERY="$MARIADB_ENABLE_SLOW_QUERY" -MARIADB_LONG_QUERY_TIME="${MARIADB_LONG_QUERY_TIME:-"${DB_LONG_QUERY_TIME:-}"}" -export MARIADB_LONG_QUERY_TIME="${MARIADB_LONG_QUERY_TIME:-10.0}" -export DB_LONG_QUERY_TIME="$MARIADB_LONG_QUERY_TIME" - -# Galera paths -export MARIADB_GALERA_GRASTATE_FILE="${DB_DATA_DIR}/grastate.dat" -export DB_GALERA_GRASTATE_FILE="$MARIADB_GALERA_GRASTATE_FILE" -export MARIADB_GALERA_BOOTSTRAP_DIR="${DB_VOLUME_DIR}/.bootstrap" -export DB_GALERA_BOOTSTRAP_DIR="$MARIADB_GALERA_BOOTSTRAP_DIR" -export MARIADB_GALERA_BOOTSTRAP_FILE="${DB_GALERA_BOOTSTRAP_DIR}/done" -export DB_GALERA_BOOTSTRAP_FILE="$MARIADB_GALERA_BOOTSTRAP_FILE" - -# Galera build-time defaults for cluster configuration -export MARIADB_GALERA_DEFAULT_CLUSTER_ADDRESS="gcomm://" -export DB_GALERA_DEFAULT_CLUSTER_ADDRESS="$MARIADB_GALERA_DEFAULT_CLUSTER_ADDRESS" -export MARIADB_GALERA_DEFAULT_CLUSTER_NAME="galera" -export DB_GALERA_DEFAULT_CLUSTER_NAME="$MARIADB_GALERA_DEFAULT_CLUSTER_NAME" -export MARIADB_GALERA_DEFAULT_NODE_NAME="" -export DB_GALERA_DEFAULT_NODE_NAME="$MARIADB_GALERA_DEFAULT_NODE_NAME" -export MARIADB_GALERA_DEFAULT_NODE_ADDRESS="" -export DB_GALERA_DEFAULT_NODE_ADDRESS="$MARIADB_GALERA_DEFAULT_NODE_ADDRESS" -export MARIADB_GALERA_DEFAULT_SST_METHOD="mariabackup" -export DB_GALERA_DEFAULT_SST_METHOD="$MARIADB_GALERA_DEFAULT_SST_METHOD" -export MARIADB_GALERA_DEFAULT_MARIABACKUP_USER="mariabackup" -export DB_GALERA_DEFAULT_MARIABACKUP_USER="$MARIADB_GALERA_DEFAULT_MARIABACKUP_USER" -export MARIADB_GALERA_DEFAULT_MARIABACKUP_PASSWORD="" -export DB_GALERA_DEFAULT_MARIABACKUP_PASSWORD="$MARIADB_GALERA_DEFAULT_MARIABACKUP_PASSWORD" - -# Galera cluster configuration. -export MARIADB_GALERA_CONF_DIR="${MARIADB_GALERA_CONF_DIR:-/opt/bitnami/mariadb/conf}" -export DB_GALERA_CONF_DIR="$MARIADB_GALERA_CONF_DIR" -export MARIADB_GALERA_MOUNTED_CONF_DIR="${MARIADB_GALERA_MOUNTED_CONF_DIR:-/bitnami/conf}" -export DB_GALERA_MOUNTED_CONF_DIR="$MARIADB_GALERA_MOUNTED_CONF_DIR" -export MARIADB_GALERA_FORCE_SAFETOBOOTSTRAP="${MARIADB_GALERA_FORCE_SAFETOBOOTSTRAP:-}" -export DB_GALERA_FORCE_SAFETOBOOTSTRAP="$MARIADB_GALERA_FORCE_SAFETOBOOTSTRAP" -export MARIADB_GALERA_CLUSTER_BOOTSTRAP="${MARIADB_GALERA_CLUSTER_BOOTSTRAP:-}" -export DB_GALERA_CLUSTER_BOOTSTRAP="$MARIADB_GALERA_CLUSTER_BOOTSTRAP" -export MARIADB_GALERA_CLUSTER_ADDRESS="${MARIADB_GALERA_CLUSTER_ADDRESS:-}" -export DB_GALERA_CLUSTER_ADDRESS="$MARIADB_GALERA_CLUSTER_ADDRESS" -export MARIADB_GALERA_CLUSTER_NAME="${MARIADB_GALERA_CLUSTER_NAME:-$DB_GALERA_DEFAULT_CLUSTER_NAME}" -export DB_GALERA_CLUSTER_NAME="$MARIADB_GALERA_CLUSTER_NAME" -export MARIADB_GALERA_NODE_NAME="${MARIADB_GALERA_NODE_NAME:-}" -export DB_GALERA_NODE_NAME="$MARIADB_GALERA_NODE_NAME" -export MARIADB_GALERA_NODE_ADDRESS="${MARIADB_GALERA_NODE_ADDRESS:-}" -export DB_GALERA_NODE_ADDRESS="$MARIADB_GALERA_NODE_ADDRESS" -export MARIADB_GALERA_SST_METHOD="${MARIADB_GALERA_SST_METHOD:-$DB_GALERA_DEFAULT_SST_METHOD}" -export DB_GALERA_SST_METHOD="$MARIADB_GALERA_SST_METHOD" -export MARIADB_GALERA_MARIABACKUP_USER="${MARIADB_GALERA_MARIABACKUP_USER:-$DB_GALERA_DEFAULT_MARIABACKUP_USER}" -export DB_GALERA_MARIABACKUP_USER="$MARIADB_GALERA_MARIABACKUP_USER" -export MARIADB_GALERA_MARIABACKUP_PASSWORD="${MARIADB_GALERA_MARIABACKUP_PASSWORD:-$DB_GALERA_DEFAULT_MARIABACKUP_PASSWORD}" -export DB_GALERA_MARIABACKUP_PASSWORD="$MARIADB_GALERA_MARIABACKUP_PASSWORD" - -# LDAP -export MARIADB_ENABLE_LDAP="${MARIADB_ENABLE_LDAP:-no}" -export DB_ENABLE_LDAP="$MARIADB_ENABLE_LDAP" - -# SSL/TLS configuration -export MARIADB_ENABLE_TLS="${MARIADB_ENABLE_TLS:-no}" -export DB_ENABLE_TLS="$MARIADB_ENABLE_TLS" -export MARIADB_TLS_CERT_FILE="${MARIADB_TLS_CERT_FILE:-}" -export DB_TLS_CERT_FILE="$MARIADB_TLS_CERT_FILE" -export MARIADB_TLS_KEY_FILE="${MARIADB_TLS_KEY_FILE:-}" -export DB_TLS_KEY_FILE="$MARIADB_TLS_KEY_FILE" -export MARIADB_TLS_CA_FILE="${MARIADB_TLS_CA_FILE:-}" -export DB_TLS_CA_FILE="$MARIADB_TLS_CA_FILE" -export MARIADB_REPLICATION_USER="${MARIADB_REPLICATION_USER:-monitor}" -export DB_REPLICATION_USER="$MARIADB_REPLICATION_USER" # only used during the first initialization -export MARIADB_REPLICATION_PASSWORD="${MARIADB_REPLICATION_PASSWORD:-monitor}" -export DB_REPLICATION_PASSWORD="$MARIADB_REPLICATION_PASSWORD" # only used during the first initialization - -# Custom environment variables may be defined below diff --git a/bitnami/mariadb-galera/11.0/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/entrypoint.sh b/bitnami/mariadb-galera/11.0/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/entrypoint.sh deleted file mode 100755 index ce45c70c5cdd..000000000000 --- a/bitnami/mariadb-galera/11.0/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/entrypoint.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/libmariadbgalera.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# We add the copy from default config in the entrypoint to not break users -# bypassing the setup.sh logic. If the file already exists do not overwrite (in -# case someone mounts a configuration file in /opt/bitnami/mariadb/conf) -debug "Copying files from $DB_DEFAULT_CONF_DIR to $DB_CONF_DIR" -cp -nfr "$DB_DEFAULT_CONF_DIR"/. "$DB_CONF_DIR" - -print_welcome_page - -if [[ "$1" = "/opt/bitnami/scripts/mariadb-galera/run.sh" ]]; then - info "** Starting MariaDB setup **" - /opt/bitnami/scripts/mariadb-galera/setup.sh - info "** MariaDB setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/mariadb-galera/11.0/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/healthcheck.sh b/bitnami/mariadb-galera/11.0/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/healthcheck.sh deleted file mode 100755 index b7e19b0b6dbf..000000000000 --- a/bitnami/mariadb-galera/11.0/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/healthcheck.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libmariadbgalera.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -mysql_healthcheck diff --git a/bitnami/mariadb-galera/11.0/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/postunpack.sh b/bitnami/mariadb-galera/11.0/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/postunpack.sh deleted file mode 100755 index 37f744bc9c0a..000000000000 --- a/bitnami/mariadb-galera/11.0/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/postunpack.sh +++ /dev/null @@ -1,45 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libldapclient.sh -. /opt/bitnami/scripts/libmariadbgalera.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# Load LDAP environment variables -eval "$(ldap_env)" - -# Configure MariaDB options based on build-time defaults -info "Configuring default MariaDB options" -ensure_dir_exists "$DB_CONF_DIR" -mysql_create_default_config - -for dir in "$DB_TMP_DIR" "$DB_LOGS_DIR" "$DB_CONF_DIR" "$DB_DEFAULT_CONF_DIR" "${DB_CONF_DIR}/bitnami" "$DB_VOLUME_DIR" "$DB_DATA_DIR" "$DB_GALERA_BOOTSTRAP_DIR"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" -done - -# LDAP permissions -ldap_configure_permissions -ldap_create_pam_config "mariadb" - -# Fix to avoid issues detecting plugins in mysql_install_db -ln -sf "$DB_BASE_DIR/plugin" "$DB_BASE_DIR/lib/plugin" - -# Redirect all logging to stdout -ln -sf /dev/stdout "$DB_LOGS_DIR/mysqld.log" - -# Copy all initially generated configuration files to the default directory -# (this is to avoid breaking when entrypoint is being overridden) -cp -r "${DB_CONF_DIR}/"* "$DB_DEFAULT_CONF_DIR" diff --git a/bitnami/mariadb-galera/11.0/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/run.sh b/bitnami/mariadb-galera/11.0/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/run.sh deleted file mode 100755 index 59aecfdba0c4..000000000000 --- a/bitnami/mariadb-galera/11.0/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/run.sh +++ /dev/null @@ -1,50 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libldapclient.sh -. /opt/bitnami/scripts/libmariadbgalera.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# Load LDAP environment variables -eval "$(ldap_env)" - -# mysqld_safe does not allow logging to stdout/stderr, so we stick with mysqld -EXEC="${DB_SBIN_DIR}/mysqld" - -flags=("--defaults-file=${DB_CONF_DIR}/my.cnf" "--basedir=${DB_BASE_DIR}" "--datadir=${DB_DATA_DIR}" "--socket=${DB_SOCKET_FILE}") -[[ -z "${DB_PID_FILE:-}" ]] || flags+=("--pid-file=${DB_PID_FILE}") - -# Add flags specified via the 'DB_EXTRA_FLAGS' environment variable -read -r -a db_extra_flags <<< "$(mysql_extra_flags)" -[[ "${#db_extra_flags[@]}" -gt 0 ]] && flags+=("${db_extra_flags[@]}") - -# Add flags passed to this script -flags+=("$@") - -# Fix for MDEV-16183 - mysqld_safe already does this, but we are using mysqld -LD_PRELOAD="$(find_jemalloc_lib)${LD_PRELOAD:+ "$LD_PRELOAD"}" -export LD_PRELOAD - -is_boolean_yes "$DB_ENABLE_LDAP" && ldap_start_nslcd_bg - -info "** Starting MariaDB **" - -set_previous_boot - -if am_i_root; then - exec_as_user "$DB_DAEMON_USER" "$EXEC" "${flags[@]}" -else - exec "$EXEC" "${flags[@]}" -fi diff --git a/bitnami/mariadb-galera/11.0/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/setup.sh b/bitnami/mariadb-galera/11.0/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/setup.sh deleted file mode 100755 index 9c9d3cc2cc41..000000000000 --- a/bitnami/mariadb-galera/11.0/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/setup.sh +++ /dev/null @@ -1,48 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libmariadbgalera.sh -. /opt/bitnami/scripts/libldapclient.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# Load LDAP environment variables -eval "$(ldap_env)" - -# Ensure mysql unix socket file does not exist -rm -rf "${DB_SOCKET_FILE}.lock" -# Ensure MariaDB environment variables settings are valid -mysql_validate -# Ensure MariaDB is stopped when this script ends. -trap "mysql_stop" EXIT -if am_i_root; then - # Ensure 'daemon' user exists when running as 'root' - ensure_user_exists "$DB_DAEMON_USER" --group "$DB_DAEMON_GROUP" - # Ensure 'nslcd' user exists when running as 'root' - ensure_user_exists "$LDAP_NSLCD_USER" --group "$LDAP_NSLCD_GROUP" - # Fix logging issue when running as root - chmod o+w "$(readlink /dev/stdout)" -fi -# Ensure MariaDB is initialized -mysql_initialize -# Ensure LDAP is initialized -is_boolean_yes "$DB_ENABLE_LDAP" && ldap_initialize -# Allow running custom initialization scripts -mysql_custom_scripts 'init' -# Allow running custom start scripts -mysql_custom_scripts 'start' -# Stop MariaDB before flagging it as fully initialized. -# Relying only on the trap defined above could produce a race condition. -mysql_stop diff --git a/bitnami/mariadb-galera/11.0/debian-11/tags-info.yaml b/bitnami/mariadb-galera/11.0/debian-11/tags-info.yaml deleted file mode 100644 index 80ca1c948e38..000000000000 --- a/bitnami/mariadb-galera/11.0/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "11.0" -- 11.0-debian-11 -- 11.0.5 diff --git a/bitnami/mariadb-galera/11.1/debian-11/Dockerfile b/bitnami/mariadb-galera/11.1/debian-11/Dockerfile deleted file mode 100644 index c602858c5bb0..000000000000 --- a/bitnami/mariadb-galera/11.1/debian-11/Dockerfile +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T17:04:41Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="11.1.4-debian-11-r16" \ - org.opencontainers.image.title="mariadb-galera" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="11.1.4" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl iproute2 ldap-utils libaio1 libaudit1 libcap-ng0 libcrypt1 libgcc-s1 libicu67 libldap-common liblzma5 libncurses6 libpam-ldapd libpam0g libssl1.1 libstdc++6 libtinfo6 libxml2 nslcd procps psmisc rsync socat zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "ini-file-1.4.6-8-linux-${OS_ARCH}-debian-11" \ - "mariadb-galera-11.1.4-0-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN mkdir /docker-entrypoint-initdb.d - -COPY rootfs / -RUN /opt/bitnami/scripts/mariadb-galera/postunpack.sh -ENV APP_VERSION="11.1.4" \ - BITNAMI_APP_NAME="mariadb-galera" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/common/sbin:/opt/bitnami/mariadb/bin:/opt/bitnami/mariadb/sbin:$PATH" - -EXPOSE 3306 4444 4567 4568 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/mariadb-galera/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/mariadb-galera/run.sh" ] diff --git a/bitnami/mariadb-galera/11.1/debian-11/docker-compose.yml b/bitnami/mariadb-galera/11.1/debian-11/docker-compose.yml deleted file mode 100644 index fd46ccbb5719..000000000000 --- a/bitnami/mariadb-galera/11.1/debian-11/docker-compose.yml +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2.1' - -services: - mariadb-galera: - image: docker.io/bitnami/mariadb-galera:11.1 - ports: - - '3306:3306' - - '4444:4444' - - '4567:4567' - - '4568:4568' - volumes: - - 'mariadb_galera_data:/bitnami/mariadb' - environment: - # ALLOW_EMPTY_PASSWORD is recommended only for development. - - ALLOW_EMPTY_PASSWORD=yes - - MARIADB_GALERA_CLUSTER_ADDRESS=gcomm:// - healthcheck: - test: ['CMD', '/opt/bitnami/scripts/mariadb-galera/healthcheck.sh'] - interval: 15s - timeout: 5s - retries: 6 - -volumes: - mariadb_galera_data: - driver: local diff --git a/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 4bcff567abba..000000000000 --- a/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "ini-file": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.4.6-8" - }, - "mariadb-galera": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "11.1.4-0" - } -} \ No newline at end of file diff --git a/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/mariadb-galera/11.1/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/mariadb-galera/11.1/debian-11/rootfs/opt/bitnami/scripts/libldapclient.sh b/bitnami/mariadb-galera/11.1/debian-11/rootfs/opt/bitnami/scripts/libldapclient.sh deleted file mode 100644 index 3ab5431883a1..000000000000 --- a/bitnami/mariadb-galera/11.1/debian-11/rootfs/opt/bitnami/scripts/libldapclient.sh +++ /dev/null @@ -1,222 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami LDAP library - -# shellcheck disable=SC1090,SC1091 - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -######################## -# Loads global variables used on LDAP configuration. -# Globals: -# LDAP_* -# Arguments: -# None -# Returns: -# Series of exports to be used as 'eval' arguments -######################### -ldap_env() { - cat <<"EOF" -export LDAP_NSLCD_USER="nslcd" -export LDAP_URI="${LDAP_URI:-}" -export LDAP_BASE="${LDAP_BASE:-}" -export LDAP_BIND_DN="${LDAP_BIND_DN:-}" -export LDAP_BIND_PASSWORD="${LDAP_BIND_PASSWORD:-}" -export LDAP_BASE_LOOKUP="${LDAP_BASE_LOOKUP:-}" -export LDAP_NSS_INITGROUPS_IGNOREUSERS="${LDAP_NSS_INITGROUPS_IGNOREUSERS:-root,nslcd}" -export LDAP_SCOPE="${LDAP_SCOPE:-}" -export LDAP_TLS_REQCERT="${LDAP_TLS_REQCERT:-}" -export LDAP_SEARCH_FILTER="${LDAP_SEARCH_FILTER:-}" -export LDAP_SEARCH_MAP="${LDAP_SEARCH_MAP:-}" - -EOF - if [[ "$OS_FLAVOUR" =~ ^debian-.*$ ]]; then - cat <<"EOF" -export LDAP_NSLCD_GROUP="nslcd" -EOF - elif [[ "$OS_FLAVOUR" =~ ^(photon)-.*$ ]]; then - cat <<"EOF" -export LDAP_NSLCD_GROUP="ldap" -EOF - fi -} - -######################## -# Return LDAP config file path depending on distro -# Globals: -# OS_FLAVOUR -# Arguments: -# None -# Returns: -# (String) LDAP config file path -######################### -ldap_openldap_config_path() { - local openldap_config - case "$OS_FLAVOUR" in - debian-* | ubuntu-*) openldap_config=/etc/ldap/ldap.conf ;; - photon-* | redhatubi-*) openldap_config=/etc/openldap/ldap.conf ;; - *) error "Unsupported OS flavor ${OS_FLAVOUR}" && exit 1 ;; - esac - echo "$openldap_config" -} - -######################## -# Configure LDAP permissions (to be used at postunpack leve). -# Globals: -# LDAP_* -# Arguments: -# None -# Returns: -# None -######################### -ldap_configure_permissions() { - ensure_dir_exists "/var/run/nslcd" && configure_permissions_ownership "/var/run/nslcd" -u "root" -g "root" -d "775" - # The nslcd.conf file may not exist in distros like UBI, so we need to create it first - touch "/etc/nslcd.conf" - configure_permissions_ownership "/etc/nslcd.conf" -u "root" -g "root" -f "660" - configure_permissions_ownership "$(ldap_openldap_config_path)" -u "root" -g "root" -f "660" -} - -######################## -# Create nslcd.conf file -# Globals: -# LDAP_* -# Arguments: -# None -# Returns: -# None -######################### -ldap_create_nslcd_config() { - if am_i_root; then - chown "root:${LDAP_NSLCD_GROUP}" "/etc/nslcd.conf" - chown -R "${LDAP_NSLCD_USER}:${LDAP_NSLCD_GROUP}" "/var/run/nslcd" - cat >"/etc/nslcd.conf" <"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"$(ldap_openldap_config_path)" <"/etc/pam.d/${filename}" < 32 )); then - print_validation_error "The password can not be longer than 32 characters. Set the environment variable $(get_env_var ROOT_PASSWORD) with a shorter value (currently ${#DB_ROOT_PASSWORD} characters)" - fi - if [[ -n "$DB_USER" ]]; then - if is_boolean_yes "$DB_ENABLE_LDAP" && [[ -n "$DB_PASSWORD" ]]; then - warn "You enabled LDAP authentication. '$DB_USER' user will be authentication using LDAP, the password set at the environment variable $(get_env_var PASSWORD) will be ignored" - elif ! is_boolean_yes "$DB_ENABLE_LDAP" && [[ -z "$DB_PASSWORD" ]]; then - empty_password_error "$(get_env_var PASSWORD)" - fi - fi - fi - fi - - if [[ -n "$DB_GALERA_FORCE_SAFETOBOOTSTRAP" ]] && ! is_yes_no_value "$DB_GALERA_FORCE_SAFETOBOOTSTRAP"; then - print_validation_error "The allowed values for $(get_env_var GALERA_FORCE_SAFETOBOOTSTRAP) are yes or no." - fi - - if [[ -z "$DB_GALERA_CLUSTER_NAME" ]]; then - print_validation_error "Galera cluster cannot be created without setting the environment variable $(get_env_var GALERA_CLUSTER_NAME)." - fi - - if [[ -z "$(get_galera_cluster_address_value)" ]]; then - print_validation_error "Galera cluster cannot be created without setting the environment variable $(get_env_var GALERA_CLUSTER_ADDRESS). If you are bootstrapping a new Galera cluster, set the environment variable $(get_env_var GALERA_CLUSTER_ADDRESS)=yes." - fi - - if [[ "${DB_ROOT_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "$(get_env_var ROOT_PASSWORD)" - fi - if [[ "${DB_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "$(get_env_var PASSWORD)" - fi - - if is_boolean_yes "$DB_ENABLE_LDAP" && { [[ -z "${LDAP_URI}" ]] || [[ -z "${LDAP_BASE}" ]] || [[ -z "${LDAP_BIND_DN}" ]] || [[ -z "${LDAP_BIND_PASSWORD}" ]]; }; then - print_validation_error "The LDAP configuration is required when LDAP authentication is enabled. Set the environment variables LDAP_URI, LDAP_BASE, LDAP_BIND_DN and LDAP_BIND_PASSWORD with the LDAP configuration." - fi - - if is_boolean_yes "$DB_ENABLE_TLS"; then - if [[ -z "${DB_TLS_CERT_FILE}" ]] || [[ -z "${DB_TLS_KEY_FILE}" ]] || [[ -z "${DB_TLS_CA_FILE}" ]]; then - print_validation_error "The TLS cert file, key and CA are required when TLS is enabled. Set the environment variables TLS_CERT_FILE, TLS_KEY_FILE and TLS_CA_FILE with the path to each file." - fi - if [[ ! -f "${DB_TLS_CERT_FILE}" ]]; then - print_validation_error "The TLS_CERT file ${DB_TLS_CERT_FILE} must exist." - fi - if [[ ! -f "${DB_TLS_KEY_FILE}" ]]; then - print_validation_error "The TLS_KEY file ${DB_TLS_KEY_FILE} must exist." - fi - if [[ ! -f "${DB_TLS_CA_FILE}" ]]; then - print_validation_error "The TLS_CA file ${DB_TLS_CA_FILE} must exist." - fi - fi - - collation_env_var="$(get_env_var COLLATION)" - is_empty_value "${!collation_env_var:-}" || warn "The usage of '$(get_env_var COLLATION)' is deprecated and will soon be removed. Use '$(get_env_var COLLATE)' instead." - - [[ "$error_code" -eq 0 ]] || exit "$error_code" -} - -######################## -# Creates MySQL/MariaDB configuration file -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_create_default_config() { - debug "Creating main configuration file" - cat > "$DB_CONF_FILE" < "${DB_CONF_DIR}/bitnami/my_custom.cnf" - else - warn "Could not inject custom configuration for the ${DB_FLAVOR} configuration file '$DB_CONF_DIR/bitnami/my_custom.cnf' because it is not writable." - fi - fi - - if [[ -e "$DB_DATA_DIR/mysql" ]]; then - info "Persisted data detected. Restoring" - - if is_boolean_yes "$(get_galera_cluster_bootstrap_value)"; then - if is_boolean_yes "$DB_GALERA_FORCE_SAFETOBOOTSTRAP"; then - set_safe_to_bootstrap - fi - if ! is_safe_to_bootstrap; then - error "It is not safe to bootstrap form this node ('safe_to_bootstrap=0' is set in 'grastate.dat'). If you want to force bootstrap, set the environment variable MARIADB_GALERA_FORCE_SAFETOBOOTSTRAP=yes" - exit 1 - fi - fi - - return - else - # initialization should not be performed on non-primary nodes of a galera cluster - if is_boolean_yes "$(get_galera_cluster_bootstrap_value)"; then - debug "Cleaning data directory to ensure successfully initialization" - rm -rf "${DB_DATA_DIR:?}"/* - mysql_install_db - mysql_start_bg - debug "Deleting all users to avoid issues with galera configuration" - mysql_execute "mysql" </dev/null - hostname - fi -} - -######################## -# Check for user override of wsrep_node_address -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# String with node address -######################### -get_node_address() { - if [[ -n "$DB_GALERA_NODE_ADDRESS" ]]; then - echo "$DB_GALERA_NODE_ADDRESS" - else - # In some environments, the network may not be fully set up when starting the initialization - # So, to avoid issues, we retry the 'hostname' command until it succeeds (for a few minutes) - local -r retries="60" - local -r seconds="5" - retry_while "hostname -i" "$retries" "$seconds" >/dev/null - # prefer IPv6 over IPv4 if available - # This works by pulling any IPv4 addresses encountered into hold space and emitting it only when the EOF line is encountered - printf '%s\nEOF' "$(hostname -i | tr ' ' '\n')" | sed '/:/{;q;};/^EOF$/{;g;q;};h;d' - fi -} - -######################## -# Starts MySQL/MariaDB in the background and waits until it's ready -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_start_bg() { - local -a flags=("--defaults-file=${DB_CONF_FILE}" "--basedir=${DB_BASE_DIR}" "--datadir=${DB_DATA_DIR}" "--socket=${DB_SOCKET_FILE}") - - # Only allow local connections until MySQL is fully initialized, to avoid apps trying to connect to MySQL before it is fully initialized - flags+=("--bind-address=127.0.0.1") - - # Add flags specified via the 'DB_EXTRA_FLAGS' environment variable - read -r -a db_extra_flags <<< "$(mysql_extra_flags)" - [[ "${#db_extra_flags[@]}" -gt 0 ]] && flags+=("${db_extra_flags[@]}") - - # Do not start as root, to avoid permission issues - am_i_root && flags+=("--user=${DB_DAEMON_USER}") - - # The slave should only start in 'run.sh', elseways user credentials would be needed for any connection - flags+=("--skip-slave-start") - flags+=("$@") - - is_mysql_running && return - - info "Starting $DB_FLAVOR in background" - debug_execute "${DB_SBIN_DIR}/mysqld" "${flags[@]}" & - - # we cannot use wait_for_mysql_access here as mysql_upgrade for MySQL >=8 depends on this command - # users are not configured on slave nodes during initialization due to --skip-slave-start - wait_for_mysql - - # Wait for WSREP to be ready. If WSREP is not ready, we cannot do any transactions, thus cannot - # create any users, and WSREP instantly kills MariaDB if doing so - wait_for_wsrep - - # Special configuration flag for system with slow disks that could take more time - # in initializing - if [[ -n "${DB_INIT_SLEEP_TIME}" ]]; then - debug "Sleeping ${DB_INIT_SLEEP_TIME} seconds before continuing with initialization" - sleep "${DB_INIT_SLEEP_TIME}" - fi -} - -######################## -# Wait for WSREP to be ready to do transactions -# Arguments: -# None -# Returns: -# None -######################## -wait_for_wsrep() { - local -r retries=300 - local -r sleep_time=2 - if ! retry_while is_wsrep_ready "$retries" "$sleep_time"; then - error "WSREP did not become ready" - return 1 - fi -} - -######################## -# Checks for WSREP to be ready to do transactions -# Arguments: -# None -# Returns: -# Boolean -######################## -is_wsrep_ready() { - debug "Checking if WSREP is ready" - is_ready="$(mysql_execute_print_output "mysql" "root" <> "$custom_conf_file" - cat "$old_custom_conf_file" >> "$custom_conf_file" - fi - if am_i_root; then - [[ -e "$DB_VOLUME_DIR/.initialized" ]] && rm "$DB_VOLUME_DIR/.initialized" - rm -rf "$DB_VOLUME_DIR/conf" - else - warn "Old custom configuration migrated, please manually remove the 'conf' directory from the volume use to persist data" - fi -} - -######################## -# Ensure a db user exists with the given password for the '%' host -# Globals: -# DB_* -# Flags: -# -p|--password - database password -# -u|--user - database user -# --auth-plugin - authentication plugin -# --use-ldap - authenticate user via LDAP -# --host - database host -# --port - database host -# Arguments: -# $1 - database user -# Returns: -# None -######################### -mysql_ensure_user_exists() { - local -r user="${1:?user is required}" - local password="" - local auth_plugin="" - local use_ldap="no" - local hosts - local auth_string="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -p|--password) - shift - password="${1:?missing database password}" - ;; - --auth-plugin) - shift - auth_plugin="${1:?missing authentication plugin}" - ;; - --use-ldap) - use_ldap="yes" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if is_boolean_yes "$use_ldap"; then - auth_string="identified via pam using '$DB_FLAVOR'" - elif [[ -n "$password" ]]; then - if [[ -n "$auth_plugin" ]]; then - auth_string="identified with $auth_plugin by '$password'" - else - auth_string="identified by '$password'" - fi - fi - debug "creating database user \'$user\'" - - local -a mysql_execute_cmd=("mysql_execute") - local -a mysql_execute_print_output_cmd=("mysql_execute_print_output") - if [[ -n "$db_host" && -n "$db_port" ]]; then - mysql_execute_cmd=("mysql_remote_execute" "$db_host" "$db_port") - mysql_execute_print_output_cmd=("mysql_remote_execute_print_output" "$db_host" "$db_port") - fi - - local mysql_create_user_cmd - [[ "$DB_FLAVOR" = "mariadb" ]] && mysql_create_user_cmd="create or replace user" || mysql_create_user_cmd="create user if not exists" - "${mysql_execute_cmd[@]}" "mysql" "$DB_ROOT_USER" "$DB_ROOT_PASSWORD" <=10.4, the mysql.user table was replaced with a view: https://mariadb.com/kb/en/mysqluser-table/ - # Views have a definer user, in this case set to 'root', which needs to exist for the view to work - # In MySQL, to avoid issues when renaming the root user, they use the 'mysql.sys' user as a definer: https://dev.mysql.com/doc/refman/5.7/en/sys-schema.html - # However, for MariaDB that is not the case, so when the 'root' user is renamed the 'mysql.user' table stops working and the view needs to be fixed - if [[ "$user" != "root" && ! "$(mysql_get_version)" =~ ^10.[0123]. ]]; then - alter_view_str="$(mysql_execute_print_output "mysql" "$user" "$password" "-s" <&2 - return 1 - ;; - esac - shift - done - - local -a mysql_execute_cmd=("mysql_execute") - [[ -n "$db_host" && -n "$db_port" ]] && mysql_execute_cmd=("mysql_remote_execute" "$db_host" "$db_port") - - local -a create_database_args=() - [[ -n "$character_set" ]] && create_database_args+=("character set = '${character_set}'") - [[ -n "$collate" ]] && create_database_args+=("collate = '${collate}'") - - debug "Creating database $database" - "${mysql_execute_cmd[@]}" "mysql" "$DB_ROOT_USER" "$DB_ROOT_PASSWORD" <&2 - return 1 - ;; - esac - shift - done - - local -a flags=("$user") - [[ -n "$db_host" ]] && flags+=("--host" "${db_host}") - [[ -n "$db_port" ]] && flags+=("--port" "${db_port}") - if is_boolean_yes "$use_ldap"; then - flags+=("--use-ldap") - elif [[ -n "$password" ]]; then - flags+=("-p" "$password") - [[ -n "$auth_plugin" ]] && flags=("${flags[@]}" "--auth-plugin" "$auth_plugin") - fi - mysql_ensure_user_exists "${flags[@]}" -} - -######################## -# Optionally create the given database, and then optionally give a user -# full privileges on the database. -# Flags: -# -u|--user - database user -# --character-set - character set -# --collation - collation -# --host - database host -# --port - database port -# Arguments: -# $1 - database name -# Returns: -# None -######################### -mysql_ensure_optional_database_exists() { - local -r database="${1:?database is missing}" - local character_set="" - local collate="" - local user="" - local privileges="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - --character-set) - shift - character_set="${1:?missing character set}" - ;; - --collate) - shift - collate="${1:?missing collate}" - ;; - -u|--user) - shift - user="${1:?missing database user}" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - --privileges) - shift - privileges="${1:?missing privileges}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - local -a flags=("$database") - [[ -n "$character_set" ]] && flags+=("--character-set" "$character_set") - [[ -n "$collate" ]] && flags+=("--collate" "$collate") - [[ -n "$db_host" ]] && flags+=("--host" "$db_host") - [[ -n "$db_port" ]] && flags+=("--port" "$db_port") - mysql_ensure_database_exists "${flags[@]}" - - if [[ -n "$user" ]]; then - mysql_ensure_user_has_database_privileges "$user" "$database" "$privileges" "$db_host" "$db_port" - fi -} - -######################## -# Add or modify an entry in the MySQL configuration file ("$DB_CONF_FILE") -# Globals: -# DB_* -# Arguments: -# $1 - MySQL variable name -# $2 - Value to assign to the MySQL variable -# $3 - Section in the MySQL configuration file the key is located (default: mysqld) -# $4 - Configuration file (default: "$BD_CONF_FILE") -# Returns: -# None -######################### -mysql_conf_set() { - local -r key="${1:?key missing}" - local -r value="${2:?value missing}" - read -r -a sections <<<"${3:-mysqld}" - local -r ignore_inline_comments="${4:-no}" - local -r file="${5:-"$DB_CONF_FILE"}" - info "Setting ${key} option" - debug "Setting ${key} to '${value}' in ${DB_FLAVOR} configuration file ${file}" - # Check if the configuration exists in the file - for section in "${sections[@]}"; do - if is_boolean_yes "$ignore_inline_comments"; then - ini-file set --ignore-inline-comments --section "$section" --key "$key" --value "$value" "$file" - else - ini-file set --section "$section" --key "$key" --value "$value" "$file" - fi - done -} - -######################## -# Update MySQL/MariaDB configuration file with user custom inputs -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_update_custom_config() { - # Persisted configuration files from old versions - ! is_dir_empty "$DB_VOLUME_DIR" && [[ -d "$DB_VOLUME_DIR/conf" ]] && mysql_migrate_old_configuration - - # User injected custom configuration - if [[ -f "$DB_CONF_DIR/my_custom.cnf" ]]; then - debug "Injecting custom configuration from my_custom.conf" - cat "$DB_CONF_DIR/my_custom.cnf" > "$DB_CONF_DIR/bitnami/my_custom.cnf" - fi - - ! is_empty_value "$DB_USER" && mysql_conf_set "user" "$DB_USER" "mysqladmin" - ! is_empty_value "$DB_PORT_NUMBER" && mysql_conf_set "port" "$DB_PORT_NUMBER" "mysqld client manager" - ! is_empty_value "$DB_CHARACTER_SET" && mysql_conf_set "character_set_server" "$DB_CHARACTER_SET" - ! is_empty_value "$DB_COLLATE" && mysql_conf_set "collation_server" "$DB_COLLATE" - ! is_empty_value "$DB_BIND_ADDRESS" && mysql_conf_set "bind_address" "$DB_BIND_ADDRESS" - ! is_empty_value "$DB_AUTHENTICATION_PLUGIN" && mysql_conf_set "default_authentication_plugin" "$DB_AUTHENTICATION_PLUGIN" - ! is_empty_value "$DB_SQL_MODE" && mysql_conf_set "sql_mode" "$DB_SQL_MODE" - ! is_empty_value "$DB_ENABLE_SLOW_QUERY" && mysql_conf_set "slow_query_log" "$DB_ENABLE_SLOW_QUERY" - ! is_empty_value "$DB_LONG_QUERY_TIME" && mysql_conf_set "long_query_time" "$DB_LONG_QUERY_TIME" - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Find the path to the libjemalloc library file -# Globals: -# None -# Arguments: -# None -# Returns: -# Path to a libjemalloc shared object file -######################### -find_jemalloc_lib() { - local -a locations=( "/usr/lib" "/usr/lib64" ) - local -r pattern='libjemalloc.so.[0-9]' - local path - for dir in "${locations[@]}"; do - # Find the first element matching the pattern and quit - [[ ! -d "$dir" ]] && continue - path="$(find "$dir" -name "$pattern" -print -quit)" - [[ -n "$path" ]] && break - done - echo "${path:-}" -} - -######################## -# Execute a reliable health check against the current mysql instance -# Globals: -# DB_ROOT_PASSWORD, DB_MASTER_ROOT_PASSWORD -# Arguments: -# None -# Returns: -# mysqladmin output -######################### -mysql_healthcheck() { - local args=("-uroot" "-h0.0.0.0") - local root_password - - root_password="$(get_master_env_var_value ROOT_PASSWORD)" - if [[ -n "$root_password" ]]; then - args+=("-p${root_password}") - fi - - mysqladmin "${args[@]}" ping && mysqladmin "${args[@]}" status -} - -######################## -# Prints flavor of 'mysql' client (useful to determine proper CLI flags that can be used) -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# mysql client flavor -######################### -mysql_client_flavor() { - if "${DB_BIN_DIR}/mysql" "--version" 2>&1 | grep -q MariaDB; then - echo "mariadb" - else - echo "mysql" - fi -} - -######################## -# Prints extra options for MySQL client calls (i.e. SSL options) -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# List of options to pass to "mysql" CLI -######################### -mysql_client_extra_opts() { - # Helper to get the proper value for the MySQL client environment variable - mysql_client_env_value() { - local env_name="MYSQL_CLIENT_${1:?missing name}" - if [[ -n "${!env_name:-}" ]]; then - echo "${!env_name:-}" - else - env_name="DB_CLIENT_${1}" - echo "${!env_name:-}" - fi - } - local -a opts=() - local key value - if is_boolean_yes "${DB_ENABLE_SSL:-no}"; then - if [[ "$(mysql_client_flavor)" = "mysql" ]]; then - opts+=("--ssl-mode=REQUIRED") - else - opts+=("--ssl=TRUE") - fi - # Add "--ssl-ca", "--ssl-key" and "--ssl-cert" options if the env vars are defined - for key in ca key cert; do - value="$(mysql_client_env_value "SSL_${key^^}_FILE")" - [[ -n "${value}" ]] && opts+=("--ssl-${key}=${value}") - done - fi - echo "${opts[@]:-}" -} diff --git a/bitnami/mariadb-galera/11.1/debian-11/rootfs/opt/bitnami/scripts/mariadb-env.sh b/bitnami/mariadb-galera/11.1/debian-11/rootfs/opt/bitnami/scripts/mariadb-env.sh deleted file mode 100644 index 8f8b893a268c..000000000000 --- a/bitnami/mariadb-galera/11.1/debian-11/rootfs/opt/bitnami/scripts/mariadb-env.sh +++ /dev/null @@ -1,261 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for mariadb - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-mariadb}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -mariadb_env_vars=( - ALLOW_EMPTY_PASSWORD - MARIADB_AUTHENTICATION_PLUGIN - MARIADB_ROOT_USER - MARIADB_ROOT_PASSWORD - MARIADB_USER - MARIADB_PASSWORD - MARIADB_DATABASE - MARIADB_MASTER_HOST - MARIADB_MASTER_PORT_NUMBER - MARIADB_MASTER_ROOT_USER - MARIADB_MASTER_ROOT_PASSWORD - MARIADB_MASTER_DELAY - MARIADB_REPLICATION_USER - MARIADB_REPLICATION_PASSWORD - MARIADB_PORT_NUMBER - MARIADB_REPLICATION_MODE - MARIADB_REPLICATION_SLAVE_DUMP - MARIADB_EXTRA_FLAGS - MARIADB_INIT_SLEEP_TIME - MARIADB_CHARACTER_SET - MARIADB_COLLATE - MARIADB_BIND_ADDRESS - MARIADB_SQL_MODE - MARIADB_SKIP_TEST_DB - MARIADB_CLIENT_ENABLE_SSL - MARIADB_CLIENT_SSL_CA_FILE - MARIADB_CLIENT_SSL_CERT_FILE - MARIADB_CLIENT_SSL_KEY_FILE - MARIADB_CLIENT_EXTRA_FLAGS - MARIADB_STARTUP_WAIT_RETRIES - MARIADB_STARTUP_WAIT_SLEEP_TIME - MARIADB_ENABLE_SLOW_QUERY - MARIADB_LONG_QUERY_TIME - MARIADB_GALERA_CONF_DIR - MARIADB_GALERA_MOUNTED_CONF_DIR - MARIADB_GALERA_FORCE_SAFETOBOOTSTRAP - MARIADB_GALERA_CLUSTER_BOOTSTRAP - MARIADB_GALERA_CLUSTER_ADDRESS - MARIADB_GALERA_CLUSTER_NAME - MARIADB_GALERA_NODE_NAME - MARIADB_GALERA_NODE_ADDRESS - MARIADB_GALERA_SST_METHOD - MARIADB_GALERA_MARIABACKUP_USER - MARIADB_GALERA_MARIABACKUP_PASSWORD - MARIADB_ENABLE_LDAP - MARIADB_ENABLE_TLS - MARIADB_TLS_CERT_FILE - MARIADB_TLS_KEY_FILE - MARIADB_TLS_CA_FILE - MARIADB_REPLICATION_USER - MARIADB_REPLICATION_PASSWORD - DB_ENABLE_SLOW_QUERY - DB_LONG_QUERY_TIME -) -for env_var in "${mariadb_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset mariadb_env_vars -export DB_FLAVOR="mariadb" - -# Paths -export DB_BASE_DIR="${BITNAMI_ROOT_DIR}/mariadb" -export DB_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/mariadb" -export DB_DATA_DIR="${DB_VOLUME_DIR}/data" -export DB_BIN_DIR="${DB_BASE_DIR}/bin" -export DB_SBIN_DIR="${DB_BASE_DIR}/sbin" -export DB_CONF_DIR="${DB_BASE_DIR}/conf" -export DB_DEFAULT_CONF_DIR="${DB_BASE_DIR}/conf.default" -export DB_LOGS_DIR="${DB_BASE_DIR}/logs" -export DB_TMP_DIR="${DB_BASE_DIR}/tmp" -export DB_CONF_FILE="${DB_CONF_DIR}/my.cnf" -export DB_PID_FILE="${DB_TMP_DIR}/mysqld.pid" -export DB_SOCKET_FILE="${DB_TMP_DIR}/mysql.sock" -export PATH="${DB_SBIN_DIR}:${DB_BIN_DIR}:/opt/bitnami/common/bin:${PATH}" - -# System users (when running with a privileged user) -export DB_DAEMON_USER="mysql" -export DB_DAEMON_GROUP="mysql" - -# Default configuration (build-time) -export MARIADB_DEFAULT_PORT_NUMBER="3306" -export DB_DEFAULT_PORT_NUMBER="$MARIADB_DEFAULT_PORT_NUMBER" # only used at build time -export MARIADB_DEFAULT_CHARACTER_SET="utf8mb4" -export DB_DEFAULT_CHARACTER_SET="$MARIADB_DEFAULT_CHARACTER_SET" # only used at build time -export MARIADB_DEFAULT_BIND_ADDRESS="0.0.0.0" -export DB_DEFAULT_BIND_ADDRESS="$MARIADB_DEFAULT_BIND_ADDRESS" # only used at build time - -# MariaDB Galera authentication. -export ALLOW_EMPTY_PASSWORD="${ALLOW_EMPTY_PASSWORD:-no}" -export MARIADB_AUTHENTICATION_PLUGIN="${MARIADB_AUTHENTICATION_PLUGIN:-}" -export DB_AUTHENTICATION_PLUGIN="$MARIADB_AUTHENTICATION_PLUGIN" -export MARIADB_ROOT_USER="${MARIADB_ROOT_USER:-root}" -export DB_ROOT_USER="$MARIADB_ROOT_USER" # only used during the first initialization -export MARIADB_ROOT_PASSWORD="${MARIADB_ROOT_PASSWORD:-}" -export DB_ROOT_PASSWORD="$MARIADB_ROOT_PASSWORD" # only used during the first initialization -export MARIADB_USER="${MARIADB_USER:-}" -export DB_USER="$MARIADB_USER" # only used during the first initialization -export MARIADB_PASSWORD="${MARIADB_PASSWORD:-}" -export DB_PASSWORD="$MARIADB_PASSWORD" # only used during the first initialization -export MARIADB_DATABASE="${MARIADB_DATABASE:-}" -export DB_DATABASE="$MARIADB_DATABASE" # only used during the first initialization -export MARIADB_MASTER_HOST="${MARIADB_MASTER_HOST:-}" -export DB_MASTER_HOST="$MARIADB_MASTER_HOST" # only used during the first initialization -export MARIADB_MASTER_PORT_NUMBER="${MARIADB_MASTER_PORT_NUMBER:-3306}" -export DB_MASTER_PORT_NUMBER="$MARIADB_MASTER_PORT_NUMBER" # only used during the first initialization -export MARIADB_MASTER_ROOT_USER="${MARIADB_MASTER_ROOT_USER:-root}" -export DB_MASTER_ROOT_USER="$MARIADB_MASTER_ROOT_USER" # only used during the first initialization -export MARIADB_MASTER_ROOT_PASSWORD="${MARIADB_MASTER_ROOT_PASSWORD:-}" -export DB_MASTER_ROOT_PASSWORD="$MARIADB_MASTER_ROOT_PASSWORD" # only used during the first initialization -export MARIADB_MASTER_DELAY="${MARIADB_MASTER_DELAY:-0}" -export DB_MASTER_DELAY="$MARIADB_MASTER_DELAY" # only used during the first initialization -export MARIADB_REPLICATION_USER="${MARIADB_REPLICATION_USER:-}" -export DB_REPLICATION_USER="$MARIADB_REPLICATION_USER" # only used during the first initialization -export MARIADB_REPLICATION_PASSWORD="${MARIADB_REPLICATION_PASSWORD:-}" -export DB_REPLICATION_PASSWORD="$MARIADB_REPLICATION_PASSWORD" # only used during the first initialization - -# Settings -export MARIADB_PORT_NUMBER="${MARIADB_PORT_NUMBER:-}" -export DB_PORT_NUMBER="$MARIADB_PORT_NUMBER" -export MARIADB_REPLICATION_MODE="${MARIADB_REPLICATION_MODE:-}" -export DB_REPLICATION_MODE="$MARIADB_REPLICATION_MODE" -export MARIADB_REPLICATION_SLAVE_DUMP="${MARIADB_REPLICATION_SLAVE_DUMP:-false}" -export DB_REPLICATION_SLAVE_DUMP="$MARIADB_REPLICATION_SLAVE_DUMP" -export MARIADB_EXTRA_FLAGS="${MARIADB_EXTRA_FLAGS:-}" -export DB_EXTRA_FLAGS="$MARIADB_EXTRA_FLAGS" -export MARIADB_INIT_SLEEP_TIME="${MARIADB_INIT_SLEEP_TIME:-}" -export DB_INIT_SLEEP_TIME="$MARIADB_INIT_SLEEP_TIME" -export MARIADB_CHARACTER_SET="${MARIADB_CHARACTER_SET:-}" -export DB_CHARACTER_SET="$MARIADB_CHARACTER_SET" -# MARIADB_COLLATION is deprecated in favor of MARIADB_COLLATE -MARIADB_COLLATE="${MARIADB_COLLATE:-"${MARIADB_COLLATION:-}"}" -export MARIADB_COLLATE="${MARIADB_COLLATE:-}" -export DB_COLLATE="$MARIADB_COLLATE" -export MARIADB_BIND_ADDRESS="${MARIADB_BIND_ADDRESS:-}" -export DB_BIND_ADDRESS="$MARIADB_BIND_ADDRESS" -export MARIADB_SQL_MODE="${MARIADB_SQL_MODE:-}" -export DB_SQL_MODE="$MARIADB_SQL_MODE" -export MARIADB_SKIP_TEST_DB="${MARIADB_SKIP_TEST_DB:-no}" -export DB_SKIP_TEST_DB="$MARIADB_SKIP_TEST_DB" -export MARIADB_CLIENT_ENABLE_SSL="${MARIADB_CLIENT_ENABLE_SSL:-no}" -export DB_CLIENT_ENABLE_SSL="$MARIADB_CLIENT_ENABLE_SSL" -export MARIADB_CLIENT_SSL_CA_FILE="${MARIADB_CLIENT_SSL_CA_FILE:-}" -export DB_CLIENT_SSL_CA_FILE="$MARIADB_CLIENT_SSL_CA_FILE" -export MARIADB_CLIENT_SSL_CERT_FILE="${MARIADB_CLIENT_SSL_CERT_FILE:-}" -export DB_CLIENT_SSL_CERT_FILE="$MARIADB_CLIENT_SSL_CERT_FILE" -export MARIADB_CLIENT_SSL_KEY_FILE="${MARIADB_CLIENT_SSL_KEY_FILE:-}" -export DB_CLIENT_SSL_KEY_FILE="$MARIADB_CLIENT_SSL_KEY_FILE" -export MARIADB_CLIENT_EXTRA_FLAGS="${MARIADB_CLIENT_EXTRA_FLAGS:-no}" -export DB_CLIENT_EXTRA_FLAGS="$MARIADB_CLIENT_EXTRA_FLAGS" -export MARIADB_STARTUP_WAIT_RETRIES="${MARIADB_STARTUP_WAIT_RETRIES:-300}" -export DB_STARTUP_WAIT_RETRIES="$MARIADB_STARTUP_WAIT_RETRIES" -export MARIADB_STARTUP_WAIT_SLEEP_TIME="${MARIADB_STARTUP_WAIT_SLEEP_TIME:-2}" -export DB_STARTUP_WAIT_SLEEP_TIME="$MARIADB_STARTUP_WAIT_SLEEP_TIME" -MARIADB_ENABLE_SLOW_QUERY="${MARIADB_ENABLE_SLOW_QUERY:-"${DB_ENABLE_SLOW_QUERY:-}"}" -export MARIADB_ENABLE_SLOW_QUERY="${MARIADB_ENABLE_SLOW_QUERY:-0}" -export DB_ENABLE_SLOW_QUERY="$MARIADB_ENABLE_SLOW_QUERY" -MARIADB_LONG_QUERY_TIME="${MARIADB_LONG_QUERY_TIME:-"${DB_LONG_QUERY_TIME:-}"}" -export MARIADB_LONG_QUERY_TIME="${MARIADB_LONG_QUERY_TIME:-10.0}" -export DB_LONG_QUERY_TIME="$MARIADB_LONG_QUERY_TIME" - -# Galera paths -export MARIADB_GALERA_GRASTATE_FILE="${DB_DATA_DIR}/grastate.dat" -export DB_GALERA_GRASTATE_FILE="$MARIADB_GALERA_GRASTATE_FILE" -export MARIADB_GALERA_BOOTSTRAP_DIR="${DB_VOLUME_DIR}/.bootstrap" -export DB_GALERA_BOOTSTRAP_DIR="$MARIADB_GALERA_BOOTSTRAP_DIR" -export MARIADB_GALERA_BOOTSTRAP_FILE="${DB_GALERA_BOOTSTRAP_DIR}/done" -export DB_GALERA_BOOTSTRAP_FILE="$MARIADB_GALERA_BOOTSTRAP_FILE" - -# Galera build-time defaults for cluster configuration -export MARIADB_GALERA_DEFAULT_CLUSTER_ADDRESS="gcomm://" -export DB_GALERA_DEFAULT_CLUSTER_ADDRESS="$MARIADB_GALERA_DEFAULT_CLUSTER_ADDRESS" -export MARIADB_GALERA_DEFAULT_CLUSTER_NAME="galera" -export DB_GALERA_DEFAULT_CLUSTER_NAME="$MARIADB_GALERA_DEFAULT_CLUSTER_NAME" -export MARIADB_GALERA_DEFAULT_NODE_NAME="" -export DB_GALERA_DEFAULT_NODE_NAME="$MARIADB_GALERA_DEFAULT_NODE_NAME" -export MARIADB_GALERA_DEFAULT_NODE_ADDRESS="" -export DB_GALERA_DEFAULT_NODE_ADDRESS="$MARIADB_GALERA_DEFAULT_NODE_ADDRESS" -export MARIADB_GALERA_DEFAULT_SST_METHOD="mariabackup" -export DB_GALERA_DEFAULT_SST_METHOD="$MARIADB_GALERA_DEFAULT_SST_METHOD" -export MARIADB_GALERA_DEFAULT_MARIABACKUP_USER="mariabackup" -export DB_GALERA_DEFAULT_MARIABACKUP_USER="$MARIADB_GALERA_DEFAULT_MARIABACKUP_USER" -export MARIADB_GALERA_DEFAULT_MARIABACKUP_PASSWORD="" -export DB_GALERA_DEFAULT_MARIABACKUP_PASSWORD="$MARIADB_GALERA_DEFAULT_MARIABACKUP_PASSWORD" - -# Galera cluster configuration. -export MARIADB_GALERA_CONF_DIR="${MARIADB_GALERA_CONF_DIR:-/opt/bitnami/mariadb/conf}" -export DB_GALERA_CONF_DIR="$MARIADB_GALERA_CONF_DIR" -export MARIADB_GALERA_MOUNTED_CONF_DIR="${MARIADB_GALERA_MOUNTED_CONF_DIR:-/bitnami/conf}" -export DB_GALERA_MOUNTED_CONF_DIR="$MARIADB_GALERA_MOUNTED_CONF_DIR" -export MARIADB_GALERA_FORCE_SAFETOBOOTSTRAP="${MARIADB_GALERA_FORCE_SAFETOBOOTSTRAP:-}" -export DB_GALERA_FORCE_SAFETOBOOTSTRAP="$MARIADB_GALERA_FORCE_SAFETOBOOTSTRAP" -export MARIADB_GALERA_CLUSTER_BOOTSTRAP="${MARIADB_GALERA_CLUSTER_BOOTSTRAP:-}" -export DB_GALERA_CLUSTER_BOOTSTRAP="$MARIADB_GALERA_CLUSTER_BOOTSTRAP" -export MARIADB_GALERA_CLUSTER_ADDRESS="${MARIADB_GALERA_CLUSTER_ADDRESS:-}" -export DB_GALERA_CLUSTER_ADDRESS="$MARIADB_GALERA_CLUSTER_ADDRESS" -export MARIADB_GALERA_CLUSTER_NAME="${MARIADB_GALERA_CLUSTER_NAME:-$DB_GALERA_DEFAULT_CLUSTER_NAME}" -export DB_GALERA_CLUSTER_NAME="$MARIADB_GALERA_CLUSTER_NAME" -export MARIADB_GALERA_NODE_NAME="${MARIADB_GALERA_NODE_NAME:-}" -export DB_GALERA_NODE_NAME="$MARIADB_GALERA_NODE_NAME" -export MARIADB_GALERA_NODE_ADDRESS="${MARIADB_GALERA_NODE_ADDRESS:-}" -export DB_GALERA_NODE_ADDRESS="$MARIADB_GALERA_NODE_ADDRESS" -export MARIADB_GALERA_SST_METHOD="${MARIADB_GALERA_SST_METHOD:-$DB_GALERA_DEFAULT_SST_METHOD}" -export DB_GALERA_SST_METHOD="$MARIADB_GALERA_SST_METHOD" -export MARIADB_GALERA_MARIABACKUP_USER="${MARIADB_GALERA_MARIABACKUP_USER:-$DB_GALERA_DEFAULT_MARIABACKUP_USER}" -export DB_GALERA_MARIABACKUP_USER="$MARIADB_GALERA_MARIABACKUP_USER" -export MARIADB_GALERA_MARIABACKUP_PASSWORD="${MARIADB_GALERA_MARIABACKUP_PASSWORD:-$DB_GALERA_DEFAULT_MARIABACKUP_PASSWORD}" -export DB_GALERA_MARIABACKUP_PASSWORD="$MARIADB_GALERA_MARIABACKUP_PASSWORD" - -# LDAP -export MARIADB_ENABLE_LDAP="${MARIADB_ENABLE_LDAP:-no}" -export DB_ENABLE_LDAP="$MARIADB_ENABLE_LDAP" - -# SSL/TLS configuration -export MARIADB_ENABLE_TLS="${MARIADB_ENABLE_TLS:-no}" -export DB_ENABLE_TLS="$MARIADB_ENABLE_TLS" -export MARIADB_TLS_CERT_FILE="${MARIADB_TLS_CERT_FILE:-}" -export DB_TLS_CERT_FILE="$MARIADB_TLS_CERT_FILE" -export MARIADB_TLS_KEY_FILE="${MARIADB_TLS_KEY_FILE:-}" -export DB_TLS_KEY_FILE="$MARIADB_TLS_KEY_FILE" -export MARIADB_TLS_CA_FILE="${MARIADB_TLS_CA_FILE:-}" -export DB_TLS_CA_FILE="$MARIADB_TLS_CA_FILE" -export MARIADB_REPLICATION_USER="${MARIADB_REPLICATION_USER:-monitor}" -export DB_REPLICATION_USER="$MARIADB_REPLICATION_USER" # only used during the first initialization -export MARIADB_REPLICATION_PASSWORD="${MARIADB_REPLICATION_PASSWORD:-monitor}" -export DB_REPLICATION_PASSWORD="$MARIADB_REPLICATION_PASSWORD" # only used during the first initialization - -# Custom environment variables may be defined below diff --git a/bitnami/mariadb-galera/11.1/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/entrypoint.sh b/bitnami/mariadb-galera/11.1/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/entrypoint.sh deleted file mode 100755 index fc345ddf26ef..000000000000 --- a/bitnami/mariadb-galera/11.1/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/entrypoint.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/libmariadbgalera.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# We add the copy from default config in the entrypoint to not break users -# bypassing the setup.sh logic. If the file already exists do not overwrite (in -# case someone mounts a configuration file in /opt/bitnami/mariadb/conf) -debug "Copying files from $DB_DEFAULT_CONF_DIR to $DB_CONF_DIR" -cp -nr "$DB_DEFAULT_CONF_DIR"/. "$DB_CONF_DIR" - -print_welcome_page - -if [[ "$1" = "/opt/bitnami/scripts/mariadb-galera/run.sh" ]]; then - info "** Starting MariaDB setup **" - /opt/bitnami/scripts/mariadb-galera/setup.sh - info "** MariaDB setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/mariadb-galera/11.1/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/healthcheck.sh b/bitnami/mariadb-galera/11.1/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/healthcheck.sh deleted file mode 100755 index b7e19b0b6dbf..000000000000 --- a/bitnami/mariadb-galera/11.1/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/healthcheck.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libmariadbgalera.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -mysql_healthcheck diff --git a/bitnami/mariadb-galera/11.1/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/postunpack.sh b/bitnami/mariadb-galera/11.1/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/postunpack.sh deleted file mode 100755 index 37f744bc9c0a..000000000000 --- a/bitnami/mariadb-galera/11.1/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/postunpack.sh +++ /dev/null @@ -1,45 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libldapclient.sh -. /opt/bitnami/scripts/libmariadbgalera.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# Load LDAP environment variables -eval "$(ldap_env)" - -# Configure MariaDB options based on build-time defaults -info "Configuring default MariaDB options" -ensure_dir_exists "$DB_CONF_DIR" -mysql_create_default_config - -for dir in "$DB_TMP_DIR" "$DB_LOGS_DIR" "$DB_CONF_DIR" "$DB_DEFAULT_CONF_DIR" "${DB_CONF_DIR}/bitnami" "$DB_VOLUME_DIR" "$DB_DATA_DIR" "$DB_GALERA_BOOTSTRAP_DIR"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" -done - -# LDAP permissions -ldap_configure_permissions -ldap_create_pam_config "mariadb" - -# Fix to avoid issues detecting plugins in mysql_install_db -ln -sf "$DB_BASE_DIR/plugin" "$DB_BASE_DIR/lib/plugin" - -# Redirect all logging to stdout -ln -sf /dev/stdout "$DB_LOGS_DIR/mysqld.log" - -# Copy all initially generated configuration files to the default directory -# (this is to avoid breaking when entrypoint is being overridden) -cp -r "${DB_CONF_DIR}/"* "$DB_DEFAULT_CONF_DIR" diff --git a/bitnami/mariadb-galera/11.1/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/run.sh b/bitnami/mariadb-galera/11.1/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/run.sh deleted file mode 100755 index 59aecfdba0c4..000000000000 --- a/bitnami/mariadb-galera/11.1/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/run.sh +++ /dev/null @@ -1,50 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libldapclient.sh -. /opt/bitnami/scripts/libmariadbgalera.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# Load LDAP environment variables -eval "$(ldap_env)" - -# mysqld_safe does not allow logging to stdout/stderr, so we stick with mysqld -EXEC="${DB_SBIN_DIR}/mysqld" - -flags=("--defaults-file=${DB_CONF_DIR}/my.cnf" "--basedir=${DB_BASE_DIR}" "--datadir=${DB_DATA_DIR}" "--socket=${DB_SOCKET_FILE}") -[[ -z "${DB_PID_FILE:-}" ]] || flags+=("--pid-file=${DB_PID_FILE}") - -# Add flags specified via the 'DB_EXTRA_FLAGS' environment variable -read -r -a db_extra_flags <<< "$(mysql_extra_flags)" -[[ "${#db_extra_flags[@]}" -gt 0 ]] && flags+=("${db_extra_flags[@]}") - -# Add flags passed to this script -flags+=("$@") - -# Fix for MDEV-16183 - mysqld_safe already does this, but we are using mysqld -LD_PRELOAD="$(find_jemalloc_lib)${LD_PRELOAD:+ "$LD_PRELOAD"}" -export LD_PRELOAD - -is_boolean_yes "$DB_ENABLE_LDAP" && ldap_start_nslcd_bg - -info "** Starting MariaDB **" - -set_previous_boot - -if am_i_root; then - exec_as_user "$DB_DAEMON_USER" "$EXEC" "${flags[@]}" -else - exec "$EXEC" "${flags[@]}" -fi diff --git a/bitnami/mariadb-galera/11.1/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/setup.sh b/bitnami/mariadb-galera/11.1/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/setup.sh deleted file mode 100755 index 9c9d3cc2cc41..000000000000 --- a/bitnami/mariadb-galera/11.1/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/setup.sh +++ /dev/null @@ -1,48 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libmariadbgalera.sh -. /opt/bitnami/scripts/libldapclient.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# Load LDAP environment variables -eval "$(ldap_env)" - -# Ensure mysql unix socket file does not exist -rm -rf "${DB_SOCKET_FILE}.lock" -# Ensure MariaDB environment variables settings are valid -mysql_validate -# Ensure MariaDB is stopped when this script ends. -trap "mysql_stop" EXIT -if am_i_root; then - # Ensure 'daemon' user exists when running as 'root' - ensure_user_exists "$DB_DAEMON_USER" --group "$DB_DAEMON_GROUP" - # Ensure 'nslcd' user exists when running as 'root' - ensure_user_exists "$LDAP_NSLCD_USER" --group "$LDAP_NSLCD_GROUP" - # Fix logging issue when running as root - chmod o+w "$(readlink /dev/stdout)" -fi -# Ensure MariaDB is initialized -mysql_initialize -# Ensure LDAP is initialized -is_boolean_yes "$DB_ENABLE_LDAP" && ldap_initialize -# Allow running custom initialization scripts -mysql_custom_scripts 'init' -# Allow running custom start scripts -mysql_custom_scripts 'start' -# Stop MariaDB before flagging it as fully initialized. -# Relying only on the trap defined above could produce a race condition. -mysql_stop diff --git a/bitnami/mariadb-galera/11.1/debian-11/tags-info.yaml b/bitnami/mariadb-galera/11.1/debian-11/tags-info.yaml deleted file mode 100644 index 5ea1cc231d99..000000000000 --- a/bitnami/mariadb-galera/11.1/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "11.1" -- 11.1-debian-11 -- 11.1.4 diff --git a/bitnami/mariadb-galera/11.2/debian-11/Dockerfile b/bitnami/mariadb-galera/11.2/debian-11/Dockerfile deleted file mode 100644 index b10cb4858c99..000000000000 --- a/bitnami/mariadb-galera/11.2/debian-11/Dockerfile +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T10:35:59Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="11.2.3-debian-11-r16" \ - org.opencontainers.image.title="mariadb-galera" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="11.2.3" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl iproute2 ldap-utils libaio1 libaudit1 libcap-ng0 libcrypt1 libgcc-s1 libicu67 libldap-common liblzma5 libncurses6 libpam-ldapd libpam0g libssl1.1 libstdc++6 libtinfo6 libxml2 nslcd procps psmisc rsync socat zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "ini-file-1.4.6-8-linux-${OS_ARCH}-debian-11" \ - "mariadb-galera-11.2.3-0-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN mkdir /docker-entrypoint-initdb.d - -COPY rootfs / -RUN /opt/bitnami/scripts/mariadb-galera/postunpack.sh -ENV APP_VERSION="11.2.3" \ - BITNAMI_APP_NAME="mariadb-galera" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/common/sbin:/opt/bitnami/mariadb/bin:/opt/bitnami/mariadb/sbin:$PATH" - -EXPOSE 3306 4444 4567 4568 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/mariadb-galera/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/mariadb-galera/run.sh" ] diff --git a/bitnami/mariadb-galera/11.2/debian-11/docker-compose.yml b/bitnami/mariadb-galera/11.2/debian-11/docker-compose.yml deleted file mode 100644 index 45ab9c377311..000000000000 --- a/bitnami/mariadb-galera/11.2/debian-11/docker-compose.yml +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2.1' - -services: - mariadb-galera: - image: docker.io/bitnami/mariadb-galera:11.2 - ports: - - '3306:3306' - - '4444:4444' - - '4567:4567' - - '4568:4568' - volumes: - - 'mariadb_galera_data:/bitnami/mariadb' - environment: - # ALLOW_EMPTY_PASSWORD is recommended only for development. - - ALLOW_EMPTY_PASSWORD=yes - - MARIADB_GALERA_CLUSTER_ADDRESS=gcomm:// - healthcheck: - test: ['CMD', '/opt/bitnami/scripts/mariadb-galera/healthcheck.sh'] - interval: 15s - timeout: 5s - retries: 6 - -volumes: - mariadb_galera_data: - driver: local diff --git a/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index c0dad51195a6..000000000000 --- a/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "ini-file": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.4.6-8" - }, - "mariadb-galera": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "11.2.3-0" - } -} \ No newline at end of file diff --git a/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/mariadb-galera/11.2/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/mariadb-galera/11.2/debian-11/rootfs/opt/bitnami/scripts/libldapclient.sh b/bitnami/mariadb-galera/11.2/debian-11/rootfs/opt/bitnami/scripts/libldapclient.sh deleted file mode 100644 index 3ab5431883a1..000000000000 --- a/bitnami/mariadb-galera/11.2/debian-11/rootfs/opt/bitnami/scripts/libldapclient.sh +++ /dev/null @@ -1,222 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami LDAP library - -# shellcheck disable=SC1090,SC1091 - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -######################## -# Loads global variables used on LDAP configuration. -# Globals: -# LDAP_* -# Arguments: -# None -# Returns: -# Series of exports to be used as 'eval' arguments -######################### -ldap_env() { - cat <<"EOF" -export LDAP_NSLCD_USER="nslcd" -export LDAP_URI="${LDAP_URI:-}" -export LDAP_BASE="${LDAP_BASE:-}" -export LDAP_BIND_DN="${LDAP_BIND_DN:-}" -export LDAP_BIND_PASSWORD="${LDAP_BIND_PASSWORD:-}" -export LDAP_BASE_LOOKUP="${LDAP_BASE_LOOKUP:-}" -export LDAP_NSS_INITGROUPS_IGNOREUSERS="${LDAP_NSS_INITGROUPS_IGNOREUSERS:-root,nslcd}" -export LDAP_SCOPE="${LDAP_SCOPE:-}" -export LDAP_TLS_REQCERT="${LDAP_TLS_REQCERT:-}" -export LDAP_SEARCH_FILTER="${LDAP_SEARCH_FILTER:-}" -export LDAP_SEARCH_MAP="${LDAP_SEARCH_MAP:-}" - -EOF - if [[ "$OS_FLAVOUR" =~ ^debian-.*$ ]]; then - cat <<"EOF" -export LDAP_NSLCD_GROUP="nslcd" -EOF - elif [[ "$OS_FLAVOUR" =~ ^(photon)-.*$ ]]; then - cat <<"EOF" -export LDAP_NSLCD_GROUP="ldap" -EOF - fi -} - -######################## -# Return LDAP config file path depending on distro -# Globals: -# OS_FLAVOUR -# Arguments: -# None -# Returns: -# (String) LDAP config file path -######################### -ldap_openldap_config_path() { - local openldap_config - case "$OS_FLAVOUR" in - debian-* | ubuntu-*) openldap_config=/etc/ldap/ldap.conf ;; - photon-* | redhatubi-*) openldap_config=/etc/openldap/ldap.conf ;; - *) error "Unsupported OS flavor ${OS_FLAVOUR}" && exit 1 ;; - esac - echo "$openldap_config" -} - -######################## -# Configure LDAP permissions (to be used at postunpack leve). -# Globals: -# LDAP_* -# Arguments: -# None -# Returns: -# None -######################### -ldap_configure_permissions() { - ensure_dir_exists "/var/run/nslcd" && configure_permissions_ownership "/var/run/nslcd" -u "root" -g "root" -d "775" - # The nslcd.conf file may not exist in distros like UBI, so we need to create it first - touch "/etc/nslcd.conf" - configure_permissions_ownership "/etc/nslcd.conf" -u "root" -g "root" -f "660" - configure_permissions_ownership "$(ldap_openldap_config_path)" -u "root" -g "root" -f "660" -} - -######################## -# Create nslcd.conf file -# Globals: -# LDAP_* -# Arguments: -# None -# Returns: -# None -######################### -ldap_create_nslcd_config() { - if am_i_root; then - chown "root:${LDAP_NSLCD_GROUP}" "/etc/nslcd.conf" - chown -R "${LDAP_NSLCD_USER}:${LDAP_NSLCD_GROUP}" "/var/run/nslcd" - cat >"/etc/nslcd.conf" <"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"/etc/nslcd.conf" <>"$(ldap_openldap_config_path)" <"/etc/pam.d/${filename}" < 32 )); then - print_validation_error "The password can not be longer than 32 characters. Set the environment variable $(get_env_var ROOT_PASSWORD) with a shorter value (currently ${#DB_ROOT_PASSWORD} characters)" - fi - if [[ -n "$DB_USER" ]]; then - if is_boolean_yes "$DB_ENABLE_LDAP" && [[ -n "$DB_PASSWORD" ]]; then - warn "You enabled LDAP authentication. '$DB_USER' user will be authentication using LDAP, the password set at the environment variable $(get_env_var PASSWORD) will be ignored" - elif ! is_boolean_yes "$DB_ENABLE_LDAP" && [[ -z "$DB_PASSWORD" ]]; then - empty_password_error "$(get_env_var PASSWORD)" - fi - fi - fi - fi - - if [[ -n "$DB_GALERA_FORCE_SAFETOBOOTSTRAP" ]] && ! is_yes_no_value "$DB_GALERA_FORCE_SAFETOBOOTSTRAP"; then - print_validation_error "The allowed values for $(get_env_var GALERA_FORCE_SAFETOBOOTSTRAP) are yes or no." - fi - - if [[ -z "$DB_GALERA_CLUSTER_NAME" ]]; then - print_validation_error "Galera cluster cannot be created without setting the environment variable $(get_env_var GALERA_CLUSTER_NAME)." - fi - - if [[ -z "$(get_galera_cluster_address_value)" ]]; then - print_validation_error "Galera cluster cannot be created without setting the environment variable $(get_env_var GALERA_CLUSTER_ADDRESS). If you are bootstrapping a new Galera cluster, set the environment variable $(get_env_var GALERA_CLUSTER_ADDRESS)=yes." - fi - - if [[ "${DB_ROOT_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "$(get_env_var ROOT_PASSWORD)" - fi - if [[ "${DB_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "$(get_env_var PASSWORD)" - fi - - if is_boolean_yes "$DB_ENABLE_LDAP" && { [[ -z "${LDAP_URI}" ]] || [[ -z "${LDAP_BASE}" ]] || [[ -z "${LDAP_BIND_DN}" ]] || [[ -z "${LDAP_BIND_PASSWORD}" ]]; }; then - print_validation_error "The LDAP configuration is required when LDAP authentication is enabled. Set the environment variables LDAP_URI, LDAP_BASE, LDAP_BIND_DN and LDAP_BIND_PASSWORD with the LDAP configuration." - fi - - if is_boolean_yes "$DB_ENABLE_TLS"; then - if [[ -z "${DB_TLS_CERT_FILE}" ]] || [[ -z "${DB_TLS_KEY_FILE}" ]] || [[ -z "${DB_TLS_CA_FILE}" ]]; then - print_validation_error "The TLS cert file, key and CA are required when TLS is enabled. Set the environment variables TLS_CERT_FILE, TLS_KEY_FILE and TLS_CA_FILE with the path to each file." - fi - if [[ ! -f "${DB_TLS_CERT_FILE}" ]]; then - print_validation_error "The TLS_CERT file ${DB_TLS_CERT_FILE} must exist." - fi - if [[ ! -f "${DB_TLS_KEY_FILE}" ]]; then - print_validation_error "The TLS_KEY file ${DB_TLS_KEY_FILE} must exist." - fi - if [[ ! -f "${DB_TLS_CA_FILE}" ]]; then - print_validation_error "The TLS_CA file ${DB_TLS_CA_FILE} must exist." - fi - fi - - collation_env_var="$(get_env_var COLLATION)" - is_empty_value "${!collation_env_var:-}" || warn "The usage of '$(get_env_var COLLATION)' is deprecated and will soon be removed. Use '$(get_env_var COLLATE)' instead." - - [[ "$error_code" -eq 0 ]] || exit "$error_code" -} - -######################## -# Creates MySQL/MariaDB configuration file -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_create_default_config() { - debug "Creating main configuration file" - cat > "$DB_CONF_FILE" < "${DB_CONF_DIR}/bitnami/my_custom.cnf" - else - warn "Could not inject custom configuration for the ${DB_FLAVOR} configuration file '$DB_CONF_DIR/bitnami/my_custom.cnf' because it is not writable." - fi - fi - - if [[ -e "$DB_DATA_DIR/mysql" ]]; then - info "Persisted data detected. Restoring" - - if is_boolean_yes "$(get_galera_cluster_bootstrap_value)"; then - if is_boolean_yes "$DB_GALERA_FORCE_SAFETOBOOTSTRAP"; then - set_safe_to_bootstrap - fi - if ! is_safe_to_bootstrap; then - error "It is not safe to bootstrap form this node ('safe_to_bootstrap=0' is set in 'grastate.dat'). If you want to force bootstrap, set the environment variable MARIADB_GALERA_FORCE_SAFETOBOOTSTRAP=yes" - exit 1 - fi - fi - - return - else - # initialization should not be performed on non-primary nodes of a galera cluster - if is_boolean_yes "$(get_galera_cluster_bootstrap_value)"; then - debug "Cleaning data directory to ensure successfully initialization" - rm -rf "${DB_DATA_DIR:?}"/* - mysql_install_db - mysql_start_bg - debug "Deleting all users to avoid issues with galera configuration" - mysql_execute "mysql" </dev/null - hostname - fi -} - -######################## -# Check for user override of wsrep_node_address -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# String with node address -######################### -get_node_address() { - if [[ -n "$DB_GALERA_NODE_ADDRESS" ]]; then - echo "$DB_GALERA_NODE_ADDRESS" - else - # In some environments, the network may not be fully set up when starting the initialization - # So, to avoid issues, we retry the 'hostname' command until it succeeds (for a few minutes) - local -r retries="60" - local -r seconds="5" - retry_while "hostname -i" "$retries" "$seconds" >/dev/null - # prefer IPv6 over IPv4 if available - # This works by pulling any IPv4 addresses encountered into hold space and emitting it only when the EOF line is encountered - printf '%s\nEOF' "$(hostname -i | tr ' ' '\n')" | sed '/:/{;q;};/^EOF$/{;g;q;};h;d' - fi -} - -######################## -# Starts MySQL/MariaDB in the background and waits until it's ready -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_start_bg() { - local -a flags=("--defaults-file=${DB_CONF_FILE}" "--basedir=${DB_BASE_DIR}" "--datadir=${DB_DATA_DIR}" "--socket=${DB_SOCKET_FILE}") - - # Only allow local connections until MySQL is fully initialized, to avoid apps trying to connect to MySQL before it is fully initialized - flags+=("--bind-address=127.0.0.1") - - # Add flags specified via the 'DB_EXTRA_FLAGS' environment variable - read -r -a db_extra_flags <<< "$(mysql_extra_flags)" - [[ "${#db_extra_flags[@]}" -gt 0 ]] && flags+=("${db_extra_flags[@]}") - - # Do not start as root, to avoid permission issues - am_i_root && flags+=("--user=${DB_DAEMON_USER}") - - # The slave should only start in 'run.sh', elseways user credentials would be needed for any connection - flags+=("--skip-slave-start") - flags+=("$@") - - is_mysql_running && return - - info "Starting $DB_FLAVOR in background" - debug_execute "${DB_SBIN_DIR}/mysqld" "${flags[@]}" & - - # we cannot use wait_for_mysql_access here as mysql_upgrade for MySQL >=8 depends on this command - # users are not configured on slave nodes during initialization due to --skip-slave-start - wait_for_mysql - - # Wait for WSREP to be ready. If WSREP is not ready, we cannot do any transactions, thus cannot - # create any users, and WSREP instantly kills MariaDB if doing so - wait_for_wsrep - - # Special configuration flag for system with slow disks that could take more time - # in initializing - if [[ -n "${DB_INIT_SLEEP_TIME}" ]]; then - debug "Sleeping ${DB_INIT_SLEEP_TIME} seconds before continuing with initialization" - sleep "${DB_INIT_SLEEP_TIME}" - fi -} - -######################## -# Wait for WSREP to be ready to do transactions -# Arguments: -# None -# Returns: -# None -######################## -wait_for_wsrep() { - local -r retries=300 - local -r sleep_time=2 - if ! retry_while is_wsrep_ready "$retries" "$sleep_time"; then - error "WSREP did not become ready" - return 1 - fi -} - -######################## -# Checks for WSREP to be ready to do transactions -# Arguments: -# None -# Returns: -# Boolean -######################## -is_wsrep_ready() { - debug "Checking if WSREP is ready" - is_ready="$(mysql_execute_print_output "mysql" "root" <> "$custom_conf_file" - cat "$old_custom_conf_file" >> "$custom_conf_file" - fi - if am_i_root; then - [[ -e "$DB_VOLUME_DIR/.initialized" ]] && rm "$DB_VOLUME_DIR/.initialized" - rm -rf "$DB_VOLUME_DIR/conf" - else - warn "Old custom configuration migrated, please manually remove the 'conf' directory from the volume use to persist data" - fi -} - -######################## -# Ensure a db user exists with the given password for the '%' host -# Globals: -# DB_* -# Flags: -# -p|--password - database password -# -u|--user - database user -# --auth-plugin - authentication plugin -# --use-ldap - authenticate user via LDAP -# --host - database host -# --port - database host -# Arguments: -# $1 - database user -# Returns: -# None -######################### -mysql_ensure_user_exists() { - local -r user="${1:?user is required}" - local password="" - local auth_plugin="" - local use_ldap="no" - local hosts - local auth_string="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -p|--password) - shift - password="${1:?missing database password}" - ;; - --auth-plugin) - shift - auth_plugin="${1:?missing authentication plugin}" - ;; - --use-ldap) - use_ldap="yes" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if is_boolean_yes "$use_ldap"; then - auth_string="identified via pam using '$DB_FLAVOR'" - elif [[ -n "$password" ]]; then - if [[ -n "$auth_plugin" ]]; then - auth_string="identified with $auth_plugin by '$password'" - else - auth_string="identified by '$password'" - fi - fi - debug "creating database user \'$user\'" - - local -a mysql_execute_cmd=("mysql_execute") - local -a mysql_execute_print_output_cmd=("mysql_execute_print_output") - if [[ -n "$db_host" && -n "$db_port" ]]; then - mysql_execute_cmd=("mysql_remote_execute" "$db_host" "$db_port") - mysql_execute_print_output_cmd=("mysql_remote_execute_print_output" "$db_host" "$db_port") - fi - - local mysql_create_user_cmd - [[ "$DB_FLAVOR" = "mariadb" ]] && mysql_create_user_cmd="create or replace user" || mysql_create_user_cmd="create user if not exists" - "${mysql_execute_cmd[@]}" "mysql" "$DB_ROOT_USER" "$DB_ROOT_PASSWORD" <=10.4, the mysql.user table was replaced with a view: https://mariadb.com/kb/en/mysqluser-table/ - # Views have a definer user, in this case set to 'root', which needs to exist for the view to work - # In MySQL, to avoid issues when renaming the root user, they use the 'mysql.sys' user as a definer: https://dev.mysql.com/doc/refman/5.7/en/sys-schema.html - # However, for MariaDB that is not the case, so when the 'root' user is renamed the 'mysql.user' table stops working and the view needs to be fixed - if [[ "$user" != "root" && ! "$(mysql_get_version)" =~ ^10.[0123]. ]]; then - alter_view_str="$(mysql_execute_print_output "mysql" "$user" "$password" "-s" <&2 - return 1 - ;; - esac - shift - done - - local -a mysql_execute_cmd=("mysql_execute") - [[ -n "$db_host" && -n "$db_port" ]] && mysql_execute_cmd=("mysql_remote_execute" "$db_host" "$db_port") - - local -a create_database_args=() - [[ -n "$character_set" ]] && create_database_args+=("character set = '${character_set}'") - [[ -n "$collate" ]] && create_database_args+=("collate = '${collate}'") - - debug "Creating database $database" - "${mysql_execute_cmd[@]}" "mysql" "$DB_ROOT_USER" "$DB_ROOT_PASSWORD" <&2 - return 1 - ;; - esac - shift - done - - local -a flags=("$user") - [[ -n "$db_host" ]] && flags+=("--host" "${db_host}") - [[ -n "$db_port" ]] && flags+=("--port" "${db_port}") - if is_boolean_yes "$use_ldap"; then - flags+=("--use-ldap") - elif [[ -n "$password" ]]; then - flags+=("-p" "$password") - [[ -n "$auth_plugin" ]] && flags=("${flags[@]}" "--auth-plugin" "$auth_plugin") - fi - mysql_ensure_user_exists "${flags[@]}" -} - -######################## -# Optionally create the given database, and then optionally give a user -# full privileges on the database. -# Flags: -# -u|--user - database user -# --character-set - character set -# --collation - collation -# --host - database host -# --port - database port -# Arguments: -# $1 - database name -# Returns: -# None -######################### -mysql_ensure_optional_database_exists() { - local -r database="${1:?database is missing}" - local character_set="" - local collate="" - local user="" - local privileges="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - --character-set) - shift - character_set="${1:?missing character set}" - ;; - --collate) - shift - collate="${1:?missing collate}" - ;; - -u|--user) - shift - user="${1:?missing database user}" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - --privileges) - shift - privileges="${1:?missing privileges}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - local -a flags=("$database") - [[ -n "$character_set" ]] && flags+=("--character-set" "$character_set") - [[ -n "$collate" ]] && flags+=("--collate" "$collate") - [[ -n "$db_host" ]] && flags+=("--host" "$db_host") - [[ -n "$db_port" ]] && flags+=("--port" "$db_port") - mysql_ensure_database_exists "${flags[@]}" - - if [[ -n "$user" ]]; then - mysql_ensure_user_has_database_privileges "$user" "$database" "$privileges" "$db_host" "$db_port" - fi -} - -######################## -# Add or modify an entry in the MySQL configuration file ("$DB_CONF_FILE") -# Globals: -# DB_* -# Arguments: -# $1 - MySQL variable name -# $2 - Value to assign to the MySQL variable -# $3 - Section in the MySQL configuration file the key is located (default: mysqld) -# $4 - Configuration file (default: "$BD_CONF_FILE") -# Returns: -# None -######################### -mysql_conf_set() { - local -r key="${1:?key missing}" - local -r value="${2:?value missing}" - read -r -a sections <<<"${3:-mysqld}" - local -r ignore_inline_comments="${4:-no}" - local -r file="${5:-"$DB_CONF_FILE"}" - info "Setting ${key} option" - debug "Setting ${key} to '${value}' in ${DB_FLAVOR} configuration file ${file}" - # Check if the configuration exists in the file - for section in "${sections[@]}"; do - if is_boolean_yes "$ignore_inline_comments"; then - ini-file set --ignore-inline-comments --section "$section" --key "$key" --value "$value" "$file" - else - ini-file set --section "$section" --key "$key" --value "$value" "$file" - fi - done -} - -######################## -# Update MySQL/MariaDB configuration file with user custom inputs -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_update_custom_config() { - # Persisted configuration files from old versions - ! is_dir_empty "$DB_VOLUME_DIR" && [[ -d "$DB_VOLUME_DIR/conf" ]] && mysql_migrate_old_configuration - - # User injected custom configuration - if [[ -f "$DB_CONF_DIR/my_custom.cnf" ]]; then - debug "Injecting custom configuration from my_custom.conf" - cat "$DB_CONF_DIR/my_custom.cnf" > "$DB_CONF_DIR/bitnami/my_custom.cnf" - fi - - ! is_empty_value "$DB_USER" && mysql_conf_set "user" "$DB_USER" "mysqladmin" - ! is_empty_value "$DB_PORT_NUMBER" && mysql_conf_set "port" "$DB_PORT_NUMBER" "mysqld client manager" - ! is_empty_value "$DB_CHARACTER_SET" && mysql_conf_set "character_set_server" "$DB_CHARACTER_SET" - ! is_empty_value "$DB_COLLATE" && mysql_conf_set "collation_server" "$DB_COLLATE" - ! is_empty_value "$DB_BIND_ADDRESS" && mysql_conf_set "bind_address" "$DB_BIND_ADDRESS" - ! is_empty_value "$DB_AUTHENTICATION_PLUGIN" && mysql_conf_set "default_authentication_plugin" "$DB_AUTHENTICATION_PLUGIN" - ! is_empty_value "$DB_SQL_MODE" && mysql_conf_set "sql_mode" "$DB_SQL_MODE" - ! is_empty_value "$DB_ENABLE_SLOW_QUERY" && mysql_conf_set "slow_query_log" "$DB_ENABLE_SLOW_QUERY" - ! is_empty_value "$DB_LONG_QUERY_TIME" && mysql_conf_set "long_query_time" "$DB_LONG_QUERY_TIME" - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Find the path to the libjemalloc library file -# Globals: -# None -# Arguments: -# None -# Returns: -# Path to a libjemalloc shared object file -######################### -find_jemalloc_lib() { - local -a locations=( "/usr/lib" "/usr/lib64" ) - local -r pattern='libjemalloc.so.[0-9]' - local path - for dir in "${locations[@]}"; do - # Find the first element matching the pattern and quit - [[ ! -d "$dir" ]] && continue - path="$(find "$dir" -name "$pattern" -print -quit)" - [[ -n "$path" ]] && break - done - echo "${path:-}" -} - -######################## -# Execute a reliable health check against the current mysql instance -# Globals: -# DB_ROOT_PASSWORD, DB_MASTER_ROOT_PASSWORD -# Arguments: -# None -# Returns: -# mysqladmin output -######################### -mysql_healthcheck() { - local args=("-uroot" "-h0.0.0.0") - local root_password - - root_password="$(get_master_env_var_value ROOT_PASSWORD)" - if [[ -n "$root_password" ]]; then - args+=("-p${root_password}") - fi - - mysqladmin "${args[@]}" ping && mysqladmin "${args[@]}" status -} - -######################## -# Prints flavor of 'mysql' client (useful to determine proper CLI flags that can be used) -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# mysql client flavor -######################### -mysql_client_flavor() { - if "${DB_BIN_DIR}/mysql" "--version" 2>&1 | grep -q MariaDB; then - echo "mariadb" - else - echo "mysql" - fi -} - -######################## -# Prints extra options for MySQL client calls (i.e. SSL options) -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# List of options to pass to "mysql" CLI -######################### -mysql_client_extra_opts() { - # Helper to get the proper value for the MySQL client environment variable - mysql_client_env_value() { - local env_name="MYSQL_CLIENT_${1:?missing name}" - if [[ -n "${!env_name:-}" ]]; then - echo "${!env_name:-}" - else - env_name="DB_CLIENT_${1}" - echo "${!env_name:-}" - fi - } - local -a opts=() - local key value - if is_boolean_yes "${DB_ENABLE_SSL:-no}"; then - if [[ "$(mysql_client_flavor)" = "mysql" ]]; then - opts+=("--ssl-mode=REQUIRED") - else - opts+=("--ssl=TRUE") - fi - # Add "--ssl-ca", "--ssl-key" and "--ssl-cert" options if the env vars are defined - for key in ca key cert; do - value="$(mysql_client_env_value "SSL_${key^^}_FILE")" - [[ -n "${value}" ]] && opts+=("--ssl-${key}=${value}") - done - fi - echo "${opts[@]:-}" -} diff --git a/bitnami/mariadb-galera/11.2/debian-11/rootfs/opt/bitnami/scripts/mariadb-env.sh b/bitnami/mariadb-galera/11.2/debian-11/rootfs/opt/bitnami/scripts/mariadb-env.sh deleted file mode 100644 index 8f8b893a268c..000000000000 --- a/bitnami/mariadb-galera/11.2/debian-11/rootfs/opt/bitnami/scripts/mariadb-env.sh +++ /dev/null @@ -1,261 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for mariadb - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-mariadb}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -mariadb_env_vars=( - ALLOW_EMPTY_PASSWORD - MARIADB_AUTHENTICATION_PLUGIN - MARIADB_ROOT_USER - MARIADB_ROOT_PASSWORD - MARIADB_USER - MARIADB_PASSWORD - MARIADB_DATABASE - MARIADB_MASTER_HOST - MARIADB_MASTER_PORT_NUMBER - MARIADB_MASTER_ROOT_USER - MARIADB_MASTER_ROOT_PASSWORD - MARIADB_MASTER_DELAY - MARIADB_REPLICATION_USER - MARIADB_REPLICATION_PASSWORD - MARIADB_PORT_NUMBER - MARIADB_REPLICATION_MODE - MARIADB_REPLICATION_SLAVE_DUMP - MARIADB_EXTRA_FLAGS - MARIADB_INIT_SLEEP_TIME - MARIADB_CHARACTER_SET - MARIADB_COLLATE - MARIADB_BIND_ADDRESS - MARIADB_SQL_MODE - MARIADB_SKIP_TEST_DB - MARIADB_CLIENT_ENABLE_SSL - MARIADB_CLIENT_SSL_CA_FILE - MARIADB_CLIENT_SSL_CERT_FILE - MARIADB_CLIENT_SSL_KEY_FILE - MARIADB_CLIENT_EXTRA_FLAGS - MARIADB_STARTUP_WAIT_RETRIES - MARIADB_STARTUP_WAIT_SLEEP_TIME - MARIADB_ENABLE_SLOW_QUERY - MARIADB_LONG_QUERY_TIME - MARIADB_GALERA_CONF_DIR - MARIADB_GALERA_MOUNTED_CONF_DIR - MARIADB_GALERA_FORCE_SAFETOBOOTSTRAP - MARIADB_GALERA_CLUSTER_BOOTSTRAP - MARIADB_GALERA_CLUSTER_ADDRESS - MARIADB_GALERA_CLUSTER_NAME - MARIADB_GALERA_NODE_NAME - MARIADB_GALERA_NODE_ADDRESS - MARIADB_GALERA_SST_METHOD - MARIADB_GALERA_MARIABACKUP_USER - MARIADB_GALERA_MARIABACKUP_PASSWORD - MARIADB_ENABLE_LDAP - MARIADB_ENABLE_TLS - MARIADB_TLS_CERT_FILE - MARIADB_TLS_KEY_FILE - MARIADB_TLS_CA_FILE - MARIADB_REPLICATION_USER - MARIADB_REPLICATION_PASSWORD - DB_ENABLE_SLOW_QUERY - DB_LONG_QUERY_TIME -) -for env_var in "${mariadb_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset mariadb_env_vars -export DB_FLAVOR="mariadb" - -# Paths -export DB_BASE_DIR="${BITNAMI_ROOT_DIR}/mariadb" -export DB_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/mariadb" -export DB_DATA_DIR="${DB_VOLUME_DIR}/data" -export DB_BIN_DIR="${DB_BASE_DIR}/bin" -export DB_SBIN_DIR="${DB_BASE_DIR}/sbin" -export DB_CONF_DIR="${DB_BASE_DIR}/conf" -export DB_DEFAULT_CONF_DIR="${DB_BASE_DIR}/conf.default" -export DB_LOGS_DIR="${DB_BASE_DIR}/logs" -export DB_TMP_DIR="${DB_BASE_DIR}/tmp" -export DB_CONF_FILE="${DB_CONF_DIR}/my.cnf" -export DB_PID_FILE="${DB_TMP_DIR}/mysqld.pid" -export DB_SOCKET_FILE="${DB_TMP_DIR}/mysql.sock" -export PATH="${DB_SBIN_DIR}:${DB_BIN_DIR}:/opt/bitnami/common/bin:${PATH}" - -# System users (when running with a privileged user) -export DB_DAEMON_USER="mysql" -export DB_DAEMON_GROUP="mysql" - -# Default configuration (build-time) -export MARIADB_DEFAULT_PORT_NUMBER="3306" -export DB_DEFAULT_PORT_NUMBER="$MARIADB_DEFAULT_PORT_NUMBER" # only used at build time -export MARIADB_DEFAULT_CHARACTER_SET="utf8mb4" -export DB_DEFAULT_CHARACTER_SET="$MARIADB_DEFAULT_CHARACTER_SET" # only used at build time -export MARIADB_DEFAULT_BIND_ADDRESS="0.0.0.0" -export DB_DEFAULT_BIND_ADDRESS="$MARIADB_DEFAULT_BIND_ADDRESS" # only used at build time - -# MariaDB Galera authentication. -export ALLOW_EMPTY_PASSWORD="${ALLOW_EMPTY_PASSWORD:-no}" -export MARIADB_AUTHENTICATION_PLUGIN="${MARIADB_AUTHENTICATION_PLUGIN:-}" -export DB_AUTHENTICATION_PLUGIN="$MARIADB_AUTHENTICATION_PLUGIN" -export MARIADB_ROOT_USER="${MARIADB_ROOT_USER:-root}" -export DB_ROOT_USER="$MARIADB_ROOT_USER" # only used during the first initialization -export MARIADB_ROOT_PASSWORD="${MARIADB_ROOT_PASSWORD:-}" -export DB_ROOT_PASSWORD="$MARIADB_ROOT_PASSWORD" # only used during the first initialization -export MARIADB_USER="${MARIADB_USER:-}" -export DB_USER="$MARIADB_USER" # only used during the first initialization -export MARIADB_PASSWORD="${MARIADB_PASSWORD:-}" -export DB_PASSWORD="$MARIADB_PASSWORD" # only used during the first initialization -export MARIADB_DATABASE="${MARIADB_DATABASE:-}" -export DB_DATABASE="$MARIADB_DATABASE" # only used during the first initialization -export MARIADB_MASTER_HOST="${MARIADB_MASTER_HOST:-}" -export DB_MASTER_HOST="$MARIADB_MASTER_HOST" # only used during the first initialization -export MARIADB_MASTER_PORT_NUMBER="${MARIADB_MASTER_PORT_NUMBER:-3306}" -export DB_MASTER_PORT_NUMBER="$MARIADB_MASTER_PORT_NUMBER" # only used during the first initialization -export MARIADB_MASTER_ROOT_USER="${MARIADB_MASTER_ROOT_USER:-root}" -export DB_MASTER_ROOT_USER="$MARIADB_MASTER_ROOT_USER" # only used during the first initialization -export MARIADB_MASTER_ROOT_PASSWORD="${MARIADB_MASTER_ROOT_PASSWORD:-}" -export DB_MASTER_ROOT_PASSWORD="$MARIADB_MASTER_ROOT_PASSWORD" # only used during the first initialization -export MARIADB_MASTER_DELAY="${MARIADB_MASTER_DELAY:-0}" -export DB_MASTER_DELAY="$MARIADB_MASTER_DELAY" # only used during the first initialization -export MARIADB_REPLICATION_USER="${MARIADB_REPLICATION_USER:-}" -export DB_REPLICATION_USER="$MARIADB_REPLICATION_USER" # only used during the first initialization -export MARIADB_REPLICATION_PASSWORD="${MARIADB_REPLICATION_PASSWORD:-}" -export DB_REPLICATION_PASSWORD="$MARIADB_REPLICATION_PASSWORD" # only used during the first initialization - -# Settings -export MARIADB_PORT_NUMBER="${MARIADB_PORT_NUMBER:-}" -export DB_PORT_NUMBER="$MARIADB_PORT_NUMBER" -export MARIADB_REPLICATION_MODE="${MARIADB_REPLICATION_MODE:-}" -export DB_REPLICATION_MODE="$MARIADB_REPLICATION_MODE" -export MARIADB_REPLICATION_SLAVE_DUMP="${MARIADB_REPLICATION_SLAVE_DUMP:-false}" -export DB_REPLICATION_SLAVE_DUMP="$MARIADB_REPLICATION_SLAVE_DUMP" -export MARIADB_EXTRA_FLAGS="${MARIADB_EXTRA_FLAGS:-}" -export DB_EXTRA_FLAGS="$MARIADB_EXTRA_FLAGS" -export MARIADB_INIT_SLEEP_TIME="${MARIADB_INIT_SLEEP_TIME:-}" -export DB_INIT_SLEEP_TIME="$MARIADB_INIT_SLEEP_TIME" -export MARIADB_CHARACTER_SET="${MARIADB_CHARACTER_SET:-}" -export DB_CHARACTER_SET="$MARIADB_CHARACTER_SET" -# MARIADB_COLLATION is deprecated in favor of MARIADB_COLLATE -MARIADB_COLLATE="${MARIADB_COLLATE:-"${MARIADB_COLLATION:-}"}" -export MARIADB_COLLATE="${MARIADB_COLLATE:-}" -export DB_COLLATE="$MARIADB_COLLATE" -export MARIADB_BIND_ADDRESS="${MARIADB_BIND_ADDRESS:-}" -export DB_BIND_ADDRESS="$MARIADB_BIND_ADDRESS" -export MARIADB_SQL_MODE="${MARIADB_SQL_MODE:-}" -export DB_SQL_MODE="$MARIADB_SQL_MODE" -export MARIADB_SKIP_TEST_DB="${MARIADB_SKIP_TEST_DB:-no}" -export DB_SKIP_TEST_DB="$MARIADB_SKIP_TEST_DB" -export MARIADB_CLIENT_ENABLE_SSL="${MARIADB_CLIENT_ENABLE_SSL:-no}" -export DB_CLIENT_ENABLE_SSL="$MARIADB_CLIENT_ENABLE_SSL" -export MARIADB_CLIENT_SSL_CA_FILE="${MARIADB_CLIENT_SSL_CA_FILE:-}" -export DB_CLIENT_SSL_CA_FILE="$MARIADB_CLIENT_SSL_CA_FILE" -export MARIADB_CLIENT_SSL_CERT_FILE="${MARIADB_CLIENT_SSL_CERT_FILE:-}" -export DB_CLIENT_SSL_CERT_FILE="$MARIADB_CLIENT_SSL_CERT_FILE" -export MARIADB_CLIENT_SSL_KEY_FILE="${MARIADB_CLIENT_SSL_KEY_FILE:-}" -export DB_CLIENT_SSL_KEY_FILE="$MARIADB_CLIENT_SSL_KEY_FILE" -export MARIADB_CLIENT_EXTRA_FLAGS="${MARIADB_CLIENT_EXTRA_FLAGS:-no}" -export DB_CLIENT_EXTRA_FLAGS="$MARIADB_CLIENT_EXTRA_FLAGS" -export MARIADB_STARTUP_WAIT_RETRIES="${MARIADB_STARTUP_WAIT_RETRIES:-300}" -export DB_STARTUP_WAIT_RETRIES="$MARIADB_STARTUP_WAIT_RETRIES" -export MARIADB_STARTUP_WAIT_SLEEP_TIME="${MARIADB_STARTUP_WAIT_SLEEP_TIME:-2}" -export DB_STARTUP_WAIT_SLEEP_TIME="$MARIADB_STARTUP_WAIT_SLEEP_TIME" -MARIADB_ENABLE_SLOW_QUERY="${MARIADB_ENABLE_SLOW_QUERY:-"${DB_ENABLE_SLOW_QUERY:-}"}" -export MARIADB_ENABLE_SLOW_QUERY="${MARIADB_ENABLE_SLOW_QUERY:-0}" -export DB_ENABLE_SLOW_QUERY="$MARIADB_ENABLE_SLOW_QUERY" -MARIADB_LONG_QUERY_TIME="${MARIADB_LONG_QUERY_TIME:-"${DB_LONG_QUERY_TIME:-}"}" -export MARIADB_LONG_QUERY_TIME="${MARIADB_LONG_QUERY_TIME:-10.0}" -export DB_LONG_QUERY_TIME="$MARIADB_LONG_QUERY_TIME" - -# Galera paths -export MARIADB_GALERA_GRASTATE_FILE="${DB_DATA_DIR}/grastate.dat" -export DB_GALERA_GRASTATE_FILE="$MARIADB_GALERA_GRASTATE_FILE" -export MARIADB_GALERA_BOOTSTRAP_DIR="${DB_VOLUME_DIR}/.bootstrap" -export DB_GALERA_BOOTSTRAP_DIR="$MARIADB_GALERA_BOOTSTRAP_DIR" -export MARIADB_GALERA_BOOTSTRAP_FILE="${DB_GALERA_BOOTSTRAP_DIR}/done" -export DB_GALERA_BOOTSTRAP_FILE="$MARIADB_GALERA_BOOTSTRAP_FILE" - -# Galera build-time defaults for cluster configuration -export MARIADB_GALERA_DEFAULT_CLUSTER_ADDRESS="gcomm://" -export DB_GALERA_DEFAULT_CLUSTER_ADDRESS="$MARIADB_GALERA_DEFAULT_CLUSTER_ADDRESS" -export MARIADB_GALERA_DEFAULT_CLUSTER_NAME="galera" -export DB_GALERA_DEFAULT_CLUSTER_NAME="$MARIADB_GALERA_DEFAULT_CLUSTER_NAME" -export MARIADB_GALERA_DEFAULT_NODE_NAME="" -export DB_GALERA_DEFAULT_NODE_NAME="$MARIADB_GALERA_DEFAULT_NODE_NAME" -export MARIADB_GALERA_DEFAULT_NODE_ADDRESS="" -export DB_GALERA_DEFAULT_NODE_ADDRESS="$MARIADB_GALERA_DEFAULT_NODE_ADDRESS" -export MARIADB_GALERA_DEFAULT_SST_METHOD="mariabackup" -export DB_GALERA_DEFAULT_SST_METHOD="$MARIADB_GALERA_DEFAULT_SST_METHOD" -export MARIADB_GALERA_DEFAULT_MARIABACKUP_USER="mariabackup" -export DB_GALERA_DEFAULT_MARIABACKUP_USER="$MARIADB_GALERA_DEFAULT_MARIABACKUP_USER" -export MARIADB_GALERA_DEFAULT_MARIABACKUP_PASSWORD="" -export DB_GALERA_DEFAULT_MARIABACKUP_PASSWORD="$MARIADB_GALERA_DEFAULT_MARIABACKUP_PASSWORD" - -# Galera cluster configuration. -export MARIADB_GALERA_CONF_DIR="${MARIADB_GALERA_CONF_DIR:-/opt/bitnami/mariadb/conf}" -export DB_GALERA_CONF_DIR="$MARIADB_GALERA_CONF_DIR" -export MARIADB_GALERA_MOUNTED_CONF_DIR="${MARIADB_GALERA_MOUNTED_CONF_DIR:-/bitnami/conf}" -export DB_GALERA_MOUNTED_CONF_DIR="$MARIADB_GALERA_MOUNTED_CONF_DIR" -export MARIADB_GALERA_FORCE_SAFETOBOOTSTRAP="${MARIADB_GALERA_FORCE_SAFETOBOOTSTRAP:-}" -export DB_GALERA_FORCE_SAFETOBOOTSTRAP="$MARIADB_GALERA_FORCE_SAFETOBOOTSTRAP" -export MARIADB_GALERA_CLUSTER_BOOTSTRAP="${MARIADB_GALERA_CLUSTER_BOOTSTRAP:-}" -export DB_GALERA_CLUSTER_BOOTSTRAP="$MARIADB_GALERA_CLUSTER_BOOTSTRAP" -export MARIADB_GALERA_CLUSTER_ADDRESS="${MARIADB_GALERA_CLUSTER_ADDRESS:-}" -export DB_GALERA_CLUSTER_ADDRESS="$MARIADB_GALERA_CLUSTER_ADDRESS" -export MARIADB_GALERA_CLUSTER_NAME="${MARIADB_GALERA_CLUSTER_NAME:-$DB_GALERA_DEFAULT_CLUSTER_NAME}" -export DB_GALERA_CLUSTER_NAME="$MARIADB_GALERA_CLUSTER_NAME" -export MARIADB_GALERA_NODE_NAME="${MARIADB_GALERA_NODE_NAME:-}" -export DB_GALERA_NODE_NAME="$MARIADB_GALERA_NODE_NAME" -export MARIADB_GALERA_NODE_ADDRESS="${MARIADB_GALERA_NODE_ADDRESS:-}" -export DB_GALERA_NODE_ADDRESS="$MARIADB_GALERA_NODE_ADDRESS" -export MARIADB_GALERA_SST_METHOD="${MARIADB_GALERA_SST_METHOD:-$DB_GALERA_DEFAULT_SST_METHOD}" -export DB_GALERA_SST_METHOD="$MARIADB_GALERA_SST_METHOD" -export MARIADB_GALERA_MARIABACKUP_USER="${MARIADB_GALERA_MARIABACKUP_USER:-$DB_GALERA_DEFAULT_MARIABACKUP_USER}" -export DB_GALERA_MARIABACKUP_USER="$MARIADB_GALERA_MARIABACKUP_USER" -export MARIADB_GALERA_MARIABACKUP_PASSWORD="${MARIADB_GALERA_MARIABACKUP_PASSWORD:-$DB_GALERA_DEFAULT_MARIABACKUP_PASSWORD}" -export DB_GALERA_MARIABACKUP_PASSWORD="$MARIADB_GALERA_MARIABACKUP_PASSWORD" - -# LDAP -export MARIADB_ENABLE_LDAP="${MARIADB_ENABLE_LDAP:-no}" -export DB_ENABLE_LDAP="$MARIADB_ENABLE_LDAP" - -# SSL/TLS configuration -export MARIADB_ENABLE_TLS="${MARIADB_ENABLE_TLS:-no}" -export DB_ENABLE_TLS="$MARIADB_ENABLE_TLS" -export MARIADB_TLS_CERT_FILE="${MARIADB_TLS_CERT_FILE:-}" -export DB_TLS_CERT_FILE="$MARIADB_TLS_CERT_FILE" -export MARIADB_TLS_KEY_FILE="${MARIADB_TLS_KEY_FILE:-}" -export DB_TLS_KEY_FILE="$MARIADB_TLS_KEY_FILE" -export MARIADB_TLS_CA_FILE="${MARIADB_TLS_CA_FILE:-}" -export DB_TLS_CA_FILE="$MARIADB_TLS_CA_FILE" -export MARIADB_REPLICATION_USER="${MARIADB_REPLICATION_USER:-monitor}" -export DB_REPLICATION_USER="$MARIADB_REPLICATION_USER" # only used during the first initialization -export MARIADB_REPLICATION_PASSWORD="${MARIADB_REPLICATION_PASSWORD:-monitor}" -export DB_REPLICATION_PASSWORD="$MARIADB_REPLICATION_PASSWORD" # only used during the first initialization - -# Custom environment variables may be defined below diff --git a/bitnami/mariadb-galera/11.2/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/entrypoint.sh b/bitnami/mariadb-galera/11.2/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/entrypoint.sh deleted file mode 100755 index ce45c70c5cdd..000000000000 --- a/bitnami/mariadb-galera/11.2/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/entrypoint.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/libmariadbgalera.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# We add the copy from default config in the entrypoint to not break users -# bypassing the setup.sh logic. If the file already exists do not overwrite (in -# case someone mounts a configuration file in /opt/bitnami/mariadb/conf) -debug "Copying files from $DB_DEFAULT_CONF_DIR to $DB_CONF_DIR" -cp -nfr "$DB_DEFAULT_CONF_DIR"/. "$DB_CONF_DIR" - -print_welcome_page - -if [[ "$1" = "/opt/bitnami/scripts/mariadb-galera/run.sh" ]]; then - info "** Starting MariaDB setup **" - /opt/bitnami/scripts/mariadb-galera/setup.sh - info "** MariaDB setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/mariadb-galera/11.2/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/healthcheck.sh b/bitnami/mariadb-galera/11.2/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/healthcheck.sh deleted file mode 100755 index b7e19b0b6dbf..000000000000 --- a/bitnami/mariadb-galera/11.2/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/healthcheck.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libmariadbgalera.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -mysql_healthcheck diff --git a/bitnami/mariadb-galera/11.2/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/postunpack.sh b/bitnami/mariadb-galera/11.2/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/postunpack.sh deleted file mode 100755 index 37f744bc9c0a..000000000000 --- a/bitnami/mariadb-galera/11.2/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/postunpack.sh +++ /dev/null @@ -1,45 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libldapclient.sh -. /opt/bitnami/scripts/libmariadbgalera.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# Load LDAP environment variables -eval "$(ldap_env)" - -# Configure MariaDB options based on build-time defaults -info "Configuring default MariaDB options" -ensure_dir_exists "$DB_CONF_DIR" -mysql_create_default_config - -for dir in "$DB_TMP_DIR" "$DB_LOGS_DIR" "$DB_CONF_DIR" "$DB_DEFAULT_CONF_DIR" "${DB_CONF_DIR}/bitnami" "$DB_VOLUME_DIR" "$DB_DATA_DIR" "$DB_GALERA_BOOTSTRAP_DIR"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" -done - -# LDAP permissions -ldap_configure_permissions -ldap_create_pam_config "mariadb" - -# Fix to avoid issues detecting plugins in mysql_install_db -ln -sf "$DB_BASE_DIR/plugin" "$DB_BASE_DIR/lib/plugin" - -# Redirect all logging to stdout -ln -sf /dev/stdout "$DB_LOGS_DIR/mysqld.log" - -# Copy all initially generated configuration files to the default directory -# (this is to avoid breaking when entrypoint is being overridden) -cp -r "${DB_CONF_DIR}/"* "$DB_DEFAULT_CONF_DIR" diff --git a/bitnami/mariadb-galera/11.2/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/run.sh b/bitnami/mariadb-galera/11.2/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/run.sh deleted file mode 100755 index 59aecfdba0c4..000000000000 --- a/bitnami/mariadb-galera/11.2/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/run.sh +++ /dev/null @@ -1,50 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libldapclient.sh -. /opt/bitnami/scripts/libmariadbgalera.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# Load LDAP environment variables -eval "$(ldap_env)" - -# mysqld_safe does not allow logging to stdout/stderr, so we stick with mysqld -EXEC="${DB_SBIN_DIR}/mysqld" - -flags=("--defaults-file=${DB_CONF_DIR}/my.cnf" "--basedir=${DB_BASE_DIR}" "--datadir=${DB_DATA_DIR}" "--socket=${DB_SOCKET_FILE}") -[[ -z "${DB_PID_FILE:-}" ]] || flags+=("--pid-file=${DB_PID_FILE}") - -# Add flags specified via the 'DB_EXTRA_FLAGS' environment variable -read -r -a db_extra_flags <<< "$(mysql_extra_flags)" -[[ "${#db_extra_flags[@]}" -gt 0 ]] && flags+=("${db_extra_flags[@]}") - -# Add flags passed to this script -flags+=("$@") - -# Fix for MDEV-16183 - mysqld_safe already does this, but we are using mysqld -LD_PRELOAD="$(find_jemalloc_lib)${LD_PRELOAD:+ "$LD_PRELOAD"}" -export LD_PRELOAD - -is_boolean_yes "$DB_ENABLE_LDAP" && ldap_start_nslcd_bg - -info "** Starting MariaDB **" - -set_previous_boot - -if am_i_root; then - exec_as_user "$DB_DAEMON_USER" "$EXEC" "${flags[@]}" -else - exec "$EXEC" "${flags[@]}" -fi diff --git a/bitnami/mariadb-galera/11.2/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/setup.sh b/bitnami/mariadb-galera/11.2/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/setup.sh deleted file mode 100755 index 9c9d3cc2cc41..000000000000 --- a/bitnami/mariadb-galera/11.2/debian-11/rootfs/opt/bitnami/scripts/mariadb-galera/setup.sh +++ /dev/null @@ -1,48 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libmariadbgalera.sh -. /opt/bitnami/scripts/libldapclient.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# Load LDAP environment variables -eval "$(ldap_env)" - -# Ensure mysql unix socket file does not exist -rm -rf "${DB_SOCKET_FILE}.lock" -# Ensure MariaDB environment variables settings are valid -mysql_validate -# Ensure MariaDB is stopped when this script ends. -trap "mysql_stop" EXIT -if am_i_root; then - # Ensure 'daemon' user exists when running as 'root' - ensure_user_exists "$DB_DAEMON_USER" --group "$DB_DAEMON_GROUP" - # Ensure 'nslcd' user exists when running as 'root' - ensure_user_exists "$LDAP_NSLCD_USER" --group "$LDAP_NSLCD_GROUP" - # Fix logging issue when running as root - chmod o+w "$(readlink /dev/stdout)" -fi -# Ensure MariaDB is initialized -mysql_initialize -# Ensure LDAP is initialized -is_boolean_yes "$DB_ENABLE_LDAP" && ldap_initialize -# Allow running custom initialization scripts -mysql_custom_scripts 'init' -# Allow running custom start scripts -mysql_custom_scripts 'start' -# Stop MariaDB before flagging it as fully initialized. -# Relying only on the trap defined above could produce a race condition. -mysql_stop diff --git a/bitnami/mariadb-galera/11.2/debian-11/tags-info.yaml b/bitnami/mariadb-galera/11.2/debian-11/tags-info.yaml deleted file mode 100644 index f2eddb7719e1..000000000000 --- a/bitnami/mariadb-galera/11.2/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "11.2" -- 11.2-debian-11 -- 11.2.3 -- latest diff --git a/bitnami/mariadb/10.11/debian-11/Dockerfile b/bitnami/mariadb/10.11/debian-11/Dockerfile deleted file mode 100644 index 6da8d21ac1d3..000000000000 --- a/bitnami/mariadb/10.11/debian-11/Dockerfile +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T10:40:17Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="10.11.7-debian-11-r14" \ - org.opencontainers.image.title="mariadb" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="10.11.7" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libaio1 libaudit1 libcap-ng0 libcrypt1 libgcc-s1 libicu67 liblzma5 libncurses6 libpam0g libssl1.1 libstdc++6 libtinfo6 libxml2 procps psmisc zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "ini-file-1.4.6-8-linux-${OS_ARCH}-debian-11" \ - "mariadb-10.11.7-0-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN mkdir /docker-entrypoint-initdb.d - -COPY rootfs / -RUN /opt/bitnami/scripts/mariadb/postunpack.sh -ENV APP_VERSION="10.11.7" \ - BITNAMI_APP_NAME="mariadb" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/common/sbin:/opt/bitnami/mariadb/bin:/opt/bitnami/mariadb/sbin:$PATH" - -EXPOSE 3306 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/mariadb/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/mariadb/run.sh" ] diff --git a/bitnami/mariadb/10.11/debian-11/docker-compose.yml b/bitnami/mariadb/10.11/debian-11/docker-compose.yml deleted file mode 100644 index 4bbac1ce8064..000000000000 --- a/bitnami/mariadb/10.11/debian-11/docker-compose.yml +++ /dev/null @@ -1,24 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2.1' - -services: - mariadb: - image: docker.io/bitnami/mariadb:10.11 - ports: - - '3306:3306' - volumes: - - 'mariadb_data:/bitnami/mariadb' - environment: - # ALLOW_EMPTY_PASSWORD is recommended only for development. - - ALLOW_EMPTY_PASSWORD=yes - healthcheck: - test: ['CMD', '/opt/bitnami/scripts/mariadb/healthcheck.sh'] - interval: 15s - timeout: 5s - retries: 6 - -volumes: - mariadb_data: - driver: local diff --git a/bitnami/mariadb/10.11/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/mariadb/10.11/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 67775e433ddc..000000000000 --- a/bitnami/mariadb/10.11/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "ini-file": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.4.6-8" - }, - "mariadb": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "10.11.7-0" - } -} \ No newline at end of file diff --git a/bitnami/mariadb/10.11/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/mariadb/10.11/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/mariadb/10.11/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/mariadb/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/mariadb/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/mariadb/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/mariadb/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/mariadb/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/mariadb/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/mariadb/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/mariadb/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/mariadb/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/mariadb/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/mariadb/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/mariadb/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/mariadb/10.11/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/mariadb/10.11/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/mariadb/10.11/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/mariadb/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/mariadb/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/mariadb/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/mariadb/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/mariadb/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/mariadb/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/mariadb/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/mariadb/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/mariadb/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/mariadb/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/mariadb/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/mariadb/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/mariadb/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/mariadb/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/mariadb/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/mariadb/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/mariadb/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/mariadb/10.11/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/mariadb/10.11/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/mariadb/10.11/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/mariadb/10.11/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/mariadb/10.11/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/mariadb/10.11/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/mariadb/10.11/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/mariadb/10.11/debian-11/rootfs/opt/bitnami/scripts/libmariadb.sh b/bitnami/mariadb/10.11/debian-11/rootfs/opt/bitnami/scripts/libmariadb.sh deleted file mode 100644 index bba902411336..000000000000 --- a/bitnami/mariadb/10.11/debian-11/rootfs/opt/bitnami/scripts/libmariadb.sh +++ /dev/null @@ -1,1419 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami MySQL library - -# shellcheck disable=SC1090,SC1091,SC2119,SC2120 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libversion.sh - -######################## -# Configure database extra start flags -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# Array with extra flags to use -######################### -mysql_extra_flags() { - local randNumber - local -a dbExtraFlags=() - # shellcheck disable=SC2153 - read -r -a userExtraFlags <<< "$DB_EXTRA_FLAGS" - - if [[ -n "$DB_REPLICATION_MODE" ]]; then - randNumber="$(head /dev/urandom | tr -dc 0-9 | head -c 3 ; echo '')" - dbExtraFlags+=("--server-id=$randNumber" "--binlog-format=ROW" "--log-bin=mysql-bin" "--sync-binlog=1") - if [[ "$DB_REPLICATION_MODE" = "slave" ]]; then - dbExtraFlags+=("--relay-log=mysql-relay-bin" "--log-slave-updates=1" "--read-only=1") - if [[ "$DB_FLAVOR" = "mysql" ]]; then - dbExtraFlags+=("--master-info-repository=TABLE" "--relay-log-info-repository=TABLE") - fi - elif [[ "$DB_REPLICATION_MODE" = "master" ]]; then - dbExtraFlags+=("--innodb_flush_log_at_trx_commit=1") - fi - fi - - [[ "${#userExtraFlags[@]}" -eq 0 ]] || dbExtraFlags+=("${userExtraFlags[@]}") - - echo "${dbExtraFlags[@]:-}" -} - -######################## -# Validate settings in MYSQL_*/MARIADB_* environment variables -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_validate() { - info "Validating settings in MYSQL_*/MARIADB_* env vars" - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - empty_password_enabled_warn() { - warn "You set the environment variable ALLOW_EMPTY_PASSWORD=${ALLOW_EMPTY_PASSWORD}. For safety reasons, do not use this flag in a production environment." - } - empty_password_error() { - print_validation_error "The $1 environment variable is empty or not set. Set the environment variable ALLOW_EMPTY_PASSWORD=yes to allow the container to be started with blank passwords. This is recommended only for development." - } - backslash_password_error() { - print_validation_error "The password cannot contain backslashes ('\'). Set the environment variable $1 with no backslashes (more info at https://dev.mysql.com/doc/refman/8.0/en/string-comparison-functions.html)" - } - - if [[ -n "$DB_REPLICATION_MODE" ]]; then - if [[ "$DB_REPLICATION_MODE" = "master" ]]; then - if is_boolean_yes "$ALLOW_EMPTY_PASSWORD"; then - empty_password_enabled_warn - else - if [[ -n "$DB_REPLICATION_USER" ]] && [[ -z "$DB_REPLICATION_PASSWORD" ]]; then - empty_password_error "$(get_env_var REPLICATION_PASSWORD)" - fi - if [[ -z "$DB_ROOT_PASSWORD" ]]; then - empty_password_error "$(get_env_var ROOT_PASSWORD)" - fi - if (( ${#DB_ROOT_PASSWORD} > 32 )); then - print_validation_error "The password can not be longer than 32 characters. Set the environment variable $(get_env_var ROOT_PASSWORD) with a shorter value (currently ${#DB_ROOT_PASSWORD} characters)" - fi - if [[ -n "$DB_USER" ]] && [[ -z "$DB_PASSWORD" ]]; then - empty_password_error "$(get_env_var PASSWORD)" - fi - fi - elif [[ "$DB_REPLICATION_MODE" = "slave" ]]; then - if [[ -z "$DB_MASTER_HOST" ]]; then - print_validation_error "Slave replication mode chosen without setting the environment variable $(get_env_var MASTER_HOST). Use it to indicate where the Master node is running" - fi - else - print_validation_error "Invalid replication mode. Available options are 'master/slave'" - fi - else - if is_boolean_yes "$ALLOW_EMPTY_PASSWORD"; then - empty_password_enabled_warn - else - if [[ -z "$DB_ROOT_PASSWORD" ]]; then - empty_password_error "$(get_env_var ROOT_PASSWORD)" - fi - if [[ -n "$DB_USER" ]] && [[ -z "$DB_PASSWORD" ]]; then - empty_password_error "$(get_env_var PASSWORD)" - fi - fi - fi - if [[ "${DB_ROOT_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "$(get_env_var ROOT_PASSWORD)" - fi - if [[ -n "$DB_USER" ]] && [[ "$DB_USER" = "root" ]]; then - print_validation_error "root user is already created in the database and you can't use it as username for user creation." - fi - if [[ "${DB_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "$(get_env_var PASSWORD)" - fi - if [[ "${DB_REPLICATION_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "$(get_env_var REPLICATION_PASSWORD)" - fi - - collation_env_var="$(get_env_var COLLATION)" - is_empty_value "${!collation_env_var:-}" || warn "The usage of '$(get_env_var COLLATION)' is deprecated and will soon be removed. Use '$(get_env_var COLLATE)' instead." - - [[ "$error_code" -eq 0 ]] || exit "$error_code" -} - -######################## -# Creates MySQL/MariaDB configuration file -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_create_default_config() { - debug "Creating main configuration file" - cat > "$DB_CONF_FILE" < "$DUMP_FILE"; then - info "Finish dump database $DB" - info "Ensure database exists $DB" - mysql -u "$DB_MASTER_ROOT_USER" < "${DB_CONF_DIR}/bitnami/my_custom.cnf" - if ! grep --silent "!include ${DB_CONF_DIR}/bitnami/my_custom.cnf" "${DB_CONF_FILE}"; then - echo "!include ${DB_CONF_DIR}/bitnami/my_custom.cnf" >> "${DB_CONF_FILE}" - fi - else - warn "Could not inject custom configuration for the ${DB_FLAVOR} configuration file '$DB_CONF_DIR/bitnami/my_custom.cnf' because it is not writable." - fi - fi - - if [[ -e "$DB_DATA_DIR/mysql" ]]; then - info "Using persisted data" - # mysql_upgrade requires the server to be running - [[ -n "$(get_master_env_var_value ROOT_PASSWORD)" ]] && export ROOT_AUTH_ENABLED="yes" - # https://dev.mysql.com/doc/refman/8.0/en/replication-upgrade.html - mysql_upgrade - else - debug "Cleaning data directory to ensure successfully initialization" - rm -rf "${DB_DATA_DIR:?}"/* - info "Installing database" - mysql_install_db - mysql_start_bg - wait_for_mysql_access - # we delete existing users and create new ones with stricter access - # commands can still be executed until we restart or run 'flush privileges' - info "Configuring authentication" - mysql_execute "mysql" <=8 depends on this command - # users are not configured on slave nodes during initialization due to --skip-slave-start - wait_for_mysql - - # Special configuration flag for system with slow disks that could take more time - # in initializing - if [[ -n "${DB_INIT_SLEEP_TIME}" ]]; then - debug "Sleeping ${DB_INIT_SLEEP_TIME} seconds before continuing with initialization" - sleep "${DB_INIT_SLEEP_TIME}" - fi -} - -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for mysql common - -######################## -# Extract mysql version from version string -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# Version string -######################### -mysql_get_version() { - local ver_string - local -a ver_split - - ver_string=$("${DB_BIN_DIR}/mysql" "--version") - read -r -a ver_split <<< "$ver_string" - - if [[ "$ver_string" = *" Distrib "* ]]; then - echo "${ver_split[4]::-1}" - else - echo "${ver_split[2]}" - fi -} - -######################## -# Gets an environment variable name based on the suffix -# Globals: -# DB_FLAVOR -# Arguments: -# $1 - environment variable suffix -# Returns: -# environment variable name -######################### -get_env_var() { - local -r id="${1:?id is required}" - local -r prefix="${DB_FLAVOR//-/_}" - echo "${prefix^^}_${id}" -} - -######################## -# Gets an environment variable value for the master node and based on the suffix -# Arguments: -# $1 - environment variable suffix -# Returns: -# environment variable value -######################### -get_master_env_var_value() { - local envVar - - PREFIX="" - [[ "${DB_REPLICATION_MODE:-}" = "slave" ]] && PREFIX="MASTER_" - envVar="$(get_env_var "${PREFIX}${1}_FILE")" - if [[ -f "${!envVar:-}" ]]; then - echo "$(< "${!envVar}")" - else - envVar="$(get_env_var "${PREFIX}${1}")" - echo "${!envVar:-}" - fi -} - -######################## -# Execute an arbitrary query/queries against the running MySQL/MariaDB service and print to stdout -# Stdin: -# Query/queries to execute -# Globals: -# BITNAMI_DEBUG -# DB_* -# Arguments: -# $1 - Database where to run the queries -# $2 - User to run queries -# $3 - Password -# $4 - Extra MySQL CLI options -# Returns: -# None -mysql_execute_print_output() { - local -r db="${1:-}" - local -r user="${2:-root}" - local -r pass="${3:-}" - local -a opts extra_opts - read -r -a opts <<< "${@:4}" - read -r -a extra_opts <<< "$(mysql_client_extra_opts)" - - # Process mysql CLI arguments - local -a args=() - if [[ -f "$DB_CONF_FILE" ]]; then - args+=("--defaults-file=${DB_CONF_FILE}") - fi - args+=("-N" "-u" "$user") - [[ -n "$db" ]] && args+=("$db") - [[ -n "$pass" ]] && args+=("-p$pass") - [[ "${#opts[@]}" -gt 0 ]] && args+=("${opts[@]}") - [[ "${#extra_opts[@]}" -gt 0 ]] && args+=("${extra_opts[@]}") - - # Obtain the command specified via stdin - if [[ "${BITNAMI_DEBUG:-false}" = true ]]; then - local mysql_cmd - mysql_cmd="$(> "$custom_conf_file" - cat "$old_custom_conf_file" >> "$custom_conf_file" - fi - if am_i_root; then - [[ -e "$DB_VOLUME_DIR/.initialized" ]] && rm "$DB_VOLUME_DIR/.initialized" - rm -rf "$DB_VOLUME_DIR/conf" - else - warn "Old custom configuration migrated, please manually remove the 'conf' directory from the volume use to persist data" - fi -} - -######################## -# Ensure a db user exists with the given password for the '%' host -# Globals: -# DB_* -# Flags: -# -p|--password - database password -# -u|--user - database user -# --auth-plugin - authentication plugin -# --use-ldap - authenticate user via LDAP -# --host - database host -# --port - database host -# Arguments: -# $1 - database user -# Returns: -# None -######################### -mysql_ensure_user_exists() { - local -r user="${1:?user is required}" - local password="" - local auth_plugin="" - local use_ldap="no" - local hosts - local auth_string="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -p|--password) - shift - password="${1:?missing database password}" - ;; - --auth-plugin) - shift - auth_plugin="${1:?missing authentication plugin}" - ;; - --use-ldap) - use_ldap="yes" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if is_boolean_yes "$use_ldap"; then - auth_string="identified via pam using '$DB_FLAVOR'" - elif [[ -n "$password" ]]; then - if [[ -n "$auth_plugin" ]]; then - auth_string="identified with $auth_plugin by '$password'" - else - auth_string="identified by '$password'" - fi - fi - debug "creating database user \'$user\'" - - local -a mysql_execute_cmd=("mysql_execute") - local -a mysql_execute_print_output_cmd=("mysql_execute_print_output") - if [[ -n "$db_host" && -n "$db_port" ]]; then - mysql_execute_cmd=("mysql_remote_execute" "$db_host" "$db_port") - mysql_execute_print_output_cmd=("mysql_remote_execute_print_output" "$db_host" "$db_port") - fi - - local mysql_create_user_cmd - [[ "$DB_FLAVOR" = "mariadb" ]] && mysql_create_user_cmd="create or replace user" || mysql_create_user_cmd="create user if not exists" - "${mysql_execute_cmd[@]}" "mysql" "$DB_ROOT_USER" "$DB_ROOT_PASSWORD" <=10.4, the mysql.user table was replaced with a view: https://mariadb.com/kb/en/mysqluser-table/ - # Views have a definer user, in this case set to 'root', which needs to exist for the view to work - # In MySQL, to avoid issues when renaming the root user, they use the 'mysql.sys' user as a definer: https://dev.mysql.com/doc/refman/5.7/en/sys-schema.html - # However, for MariaDB that is not the case, so when the 'root' user is renamed the 'mysql.user' table stops working and the view needs to be fixed - if [[ "$user" != "root" && ! "$(mysql_get_version)" =~ ^10.[0123]. ]]; then - alter_view_str="$(mysql_execute_print_output "mysql" "$user" "$password" "-s" <&2 - return 1 - ;; - esac - shift - done - - local -a mysql_execute_cmd=("mysql_execute") - [[ -n "$db_host" && -n "$db_port" ]] && mysql_execute_cmd=("mysql_remote_execute" "$db_host" "$db_port") - - local -a create_database_args=() - [[ -n "$character_set" ]] && create_database_args+=("character set = '${character_set}'") - [[ -n "$collate" ]] && create_database_args+=("collate = '${collate}'") - - debug "Creating database $database" - "${mysql_execute_cmd[@]}" "mysql" "$DB_ROOT_USER" "$DB_ROOT_PASSWORD" <&2 - return 1 - ;; - esac - shift - done - - local -a flags=("$user") - [[ -n "$db_host" ]] && flags+=("--host" "${db_host}") - [[ -n "$db_port" ]] && flags+=("--port" "${db_port}") - if is_boolean_yes "$use_ldap"; then - flags+=("--use-ldap") - elif [[ -n "$password" ]]; then - flags+=("-p" "$password") - [[ -n "$auth_plugin" ]] && flags=("${flags[@]}" "--auth-plugin" "$auth_plugin") - fi - mysql_ensure_user_exists "${flags[@]}" -} - -######################## -# Optionally create the given database, and then optionally give a user -# full privileges on the database. -# Flags: -# -u|--user - database user -# --character-set - character set -# --collation - collation -# --host - database host -# --port - database port -# Arguments: -# $1 - database name -# Returns: -# None -######################### -mysql_ensure_optional_database_exists() { - local -r database="${1:?database is missing}" - local character_set="" - local collate="" - local user="" - local privileges="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - --character-set) - shift - character_set="${1:?missing character set}" - ;; - --collate) - shift - collate="${1:?missing collate}" - ;; - -u|--user) - shift - user="${1:?missing database user}" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - --privileges) - shift - privileges="${1:?missing privileges}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - local -a flags=("$database") - [[ -n "$character_set" ]] && flags+=("--character-set" "$character_set") - [[ -n "$collate" ]] && flags+=("--collate" "$collate") - [[ -n "$db_host" ]] && flags+=("--host" "$db_host") - [[ -n "$db_port" ]] && flags+=("--port" "$db_port") - mysql_ensure_database_exists "${flags[@]}" - - if [[ -n "$user" ]]; then - mysql_ensure_user_has_database_privileges "$user" "$database" "$privileges" "$db_host" "$db_port" - fi -} - -######################## -# Add or modify an entry in the MySQL configuration file ("$DB_CONF_FILE") -# Globals: -# DB_* -# Arguments: -# $1 - MySQL variable name -# $2 - Value to assign to the MySQL variable -# $3 - Section in the MySQL configuration file the key is located (default: mysqld) -# $4 - Configuration file (default: "$BD_CONF_FILE") -# Returns: -# None -######################### -mysql_conf_set() { - local -r key="${1:?key missing}" - local -r value="${2:?value missing}" - read -r -a sections <<<"${3:-mysqld}" - local -r ignore_inline_comments="${4:-no}" - local -r file="${5:-"$DB_CONF_FILE"}" - info "Setting ${key} option" - debug "Setting ${key} to '${value}' in ${DB_FLAVOR} configuration file ${file}" - # Check if the configuration exists in the file - for section in "${sections[@]}"; do - if is_boolean_yes "$ignore_inline_comments"; then - ini-file set --ignore-inline-comments --section "$section" --key "$key" --value "$value" "$file" - else - ini-file set --section "$section" --key "$key" --value "$value" "$file" - fi - done -} - -######################## -# Update MySQL/MariaDB configuration file with user custom inputs -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_update_custom_config() { - # Persisted configuration files from old versions - ! is_dir_empty "$DB_VOLUME_DIR" && [[ -d "$DB_VOLUME_DIR/conf" ]] && mysql_migrate_old_configuration - - # User injected custom configuration - if [[ -f "$DB_CONF_DIR/my_custom.cnf" ]]; then - debug "Injecting custom configuration from my_custom.conf" - cat "$DB_CONF_DIR/my_custom.cnf" > "$DB_CONF_DIR/bitnami/my_custom.cnf" - fi - - ! is_empty_value "$DB_USER" && mysql_conf_set "user" "$DB_USER" "mysqladmin" - ! is_empty_value "$DB_PORT_NUMBER" && mysql_conf_set "port" "$DB_PORT_NUMBER" "mysqld client manager" - ! is_empty_value "$DB_CHARACTER_SET" && mysql_conf_set "character_set_server" "$DB_CHARACTER_SET" - ! is_empty_value "$DB_COLLATE" && mysql_conf_set "collation_server" "$DB_COLLATE" - ! is_empty_value "$DB_BIND_ADDRESS" && mysql_conf_set "bind_address" "$DB_BIND_ADDRESS" - ! is_empty_value "$DB_AUTHENTICATION_PLUGIN" && mysql_conf_set "default_authentication_plugin" "$DB_AUTHENTICATION_PLUGIN" - ! is_empty_value "$DB_SQL_MODE" && mysql_conf_set "sql_mode" "$DB_SQL_MODE" - ! is_empty_value "$DB_ENABLE_SLOW_QUERY" && mysql_conf_set "slow_query_log" "$DB_ENABLE_SLOW_QUERY" - ! is_empty_value "$DB_LONG_QUERY_TIME" && mysql_conf_set "long_query_time" "$DB_LONG_QUERY_TIME" - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Find the path to the libjemalloc library file -# Globals: -# None -# Arguments: -# None -# Returns: -# Path to a libjemalloc shared object file -######################### -find_jemalloc_lib() { - local -a locations=( "/usr/lib" "/usr/lib64" ) - local -r pattern='libjemalloc.so.[0-9]' - local path - for dir in "${locations[@]}"; do - # Find the first element matching the pattern and quit - [[ ! -d "$dir" ]] && continue - path="$(find "$dir" -name "$pattern" -print -quit)" - [[ -n "$path" ]] && break - done - echo "${path:-}" -} - -######################## -# Execute a reliable health check against the current mysql instance -# Globals: -# DB_ROOT_PASSWORD, DB_MASTER_ROOT_PASSWORD -# Arguments: -# None -# Returns: -# mysqladmin output -######################### -mysql_healthcheck() { - local args=("-uroot" "-h0.0.0.0") - local root_password - - root_password="$(get_master_env_var_value ROOT_PASSWORD)" - if [[ -n "$root_password" ]]; then - args+=("-p${root_password}") - fi - - mysqladmin "${args[@]}" ping && mysqladmin "${args[@]}" status -} - -######################## -# Prints flavor of 'mysql' client (useful to determine proper CLI flags that can be used) -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# mysql client flavor -######################### -mysql_client_flavor() { - if "${DB_BIN_DIR}/mysql" "--version" 2>&1 | grep -q MariaDB; then - echo "mariadb" - else - echo "mysql" - fi -} - -######################## -# Prints extra options for MySQL client calls (i.e. SSL options) -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# List of options to pass to "mysql" CLI -######################### -mysql_client_extra_opts() { - # Helper to get the proper value for the MySQL client environment variable - mysql_client_env_value() { - local env_name="MYSQL_CLIENT_${1:?missing name}" - if [[ -n "${!env_name:-}" ]]; then - echo "${!env_name:-}" - else - env_name="DB_CLIENT_${1}" - echo "${!env_name:-}" - fi - } - local -a opts=() - local key value - if is_boolean_yes "${DB_ENABLE_SSL:-no}"; then - if [[ "$(mysql_client_flavor)" = "mysql" ]]; then - opts+=("--ssl-mode=REQUIRED") - else - opts+=("--ssl=TRUE") - fi - # Add "--ssl-ca", "--ssl-key" and "--ssl-cert" options if the env vars are defined - for key in ca key cert; do - value="$(mysql_client_env_value "SSL_${key^^}_FILE")" - [[ -n "${value}" ]] && opts+=("--ssl-${key}=${value}") - done - fi - echo "${opts[@]:-}" -} diff --git a/bitnami/mariadb/10.11/debian-11/rootfs/opt/bitnami/scripts/mariadb-env.sh b/bitnami/mariadb/10.11/debian-11/rootfs/opt/bitnami/scripts/mariadb-env.sh deleted file mode 100644 index 5a226f21476f..000000000000 --- a/bitnami/mariadb/10.11/debian-11/rootfs/opt/bitnami/scripts/mariadb-env.sh +++ /dev/null @@ -1,177 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for mariadb - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-mariadb}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -mariadb_env_vars=( - ALLOW_EMPTY_PASSWORD - MARIADB_AUTHENTICATION_PLUGIN - MARIADB_ROOT_USER - MARIADB_ROOT_PASSWORD - MARIADB_USER - MARIADB_PASSWORD - MARIADB_DATABASE - MARIADB_MASTER_HOST - MARIADB_MASTER_PORT_NUMBER - MARIADB_MASTER_ROOT_USER - MARIADB_MASTER_ROOT_PASSWORD - MARIADB_MASTER_DELAY - MARIADB_REPLICATION_USER - MARIADB_REPLICATION_PASSWORD - MARIADB_PORT_NUMBER - MARIADB_REPLICATION_MODE - MARIADB_REPLICATION_SLAVE_DUMP - MARIADB_EXTRA_FLAGS - MARIADB_INIT_SLEEP_TIME - MARIADB_CHARACTER_SET - MARIADB_COLLATE - MARIADB_BIND_ADDRESS - MARIADB_SQL_MODE - MARIADB_SKIP_TEST_DB - MARIADB_CLIENT_ENABLE_SSL - MARIADB_CLIENT_SSL_CA_FILE - MARIADB_CLIENT_SSL_CERT_FILE - MARIADB_CLIENT_SSL_KEY_FILE - MARIADB_CLIENT_EXTRA_FLAGS - MARIADB_STARTUP_WAIT_RETRIES - MARIADB_STARTUP_WAIT_SLEEP_TIME - MARIADB_ENABLE_SLOW_QUERY - MARIADB_LONG_QUERY_TIME - DB_ENABLE_SLOW_QUERY - DB_LONG_QUERY_TIME -) -for env_var in "${mariadb_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset mariadb_env_vars -export DB_FLAVOR="mariadb" - -# Paths -export DB_BASE_DIR="${BITNAMI_ROOT_DIR}/mariadb" -export DB_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/mariadb" -export DB_DATA_DIR="${DB_VOLUME_DIR}/data" -export DB_BIN_DIR="${DB_BASE_DIR}/bin" -export DB_SBIN_DIR="${DB_BASE_DIR}/sbin" -export DB_CONF_DIR="${DB_BASE_DIR}/conf" -export DB_DEFAULT_CONF_DIR="${DB_BASE_DIR}/conf.default" -export DB_LOGS_DIR="${DB_BASE_DIR}/logs" -export DB_TMP_DIR="${DB_BASE_DIR}/tmp" -export DB_CONF_FILE="${DB_CONF_DIR}/my.cnf" -export DB_PID_FILE="${DB_TMP_DIR}/mysqld.pid" -export DB_SOCKET_FILE="${DB_TMP_DIR}/mysql.sock" -export PATH="${DB_SBIN_DIR}:${DB_BIN_DIR}:/opt/bitnami/common/bin:${PATH}" - -# System users (when running with a privileged user) -export DB_DAEMON_USER="mysql" -export DB_DAEMON_GROUP="mysql" - -# Default configuration (build-time) -export MARIADB_DEFAULT_PORT_NUMBER="3306" -export DB_DEFAULT_PORT_NUMBER="$MARIADB_DEFAULT_PORT_NUMBER" # only used at build time -export MARIADB_DEFAULT_CHARACTER_SET="utf8mb4" -export DB_DEFAULT_CHARACTER_SET="$MARIADB_DEFAULT_CHARACTER_SET" # only used at build time -export MARIADB_DEFAULT_BIND_ADDRESS="0.0.0.0" -export DB_DEFAULT_BIND_ADDRESS="$MARIADB_DEFAULT_BIND_ADDRESS" # only used at build time - -# MariaDB authentication. -export ALLOW_EMPTY_PASSWORD="${ALLOW_EMPTY_PASSWORD:-no}" -export MARIADB_AUTHENTICATION_PLUGIN="${MARIADB_AUTHENTICATION_PLUGIN:-}" -export DB_AUTHENTICATION_PLUGIN="$MARIADB_AUTHENTICATION_PLUGIN" -export MARIADB_ROOT_USER="${MARIADB_ROOT_USER:-root}" -export DB_ROOT_USER="$MARIADB_ROOT_USER" # only used during the first initialization -export MARIADB_ROOT_PASSWORD="${MARIADB_ROOT_PASSWORD:-}" -export DB_ROOT_PASSWORD="$MARIADB_ROOT_PASSWORD" # only used during the first initialization -export MARIADB_USER="${MARIADB_USER:-}" -export DB_USER="$MARIADB_USER" # only used during the first initialization -export MARIADB_PASSWORD="${MARIADB_PASSWORD:-}" -export DB_PASSWORD="$MARIADB_PASSWORD" # only used during the first initialization -export MARIADB_DATABASE="${MARIADB_DATABASE:-}" -export DB_DATABASE="$MARIADB_DATABASE" # only used during the first initialization -export MARIADB_MASTER_HOST="${MARIADB_MASTER_HOST:-}" -export DB_MASTER_HOST="$MARIADB_MASTER_HOST" # only used during the first initialization -export MARIADB_MASTER_PORT_NUMBER="${MARIADB_MASTER_PORT_NUMBER:-3306}" -export DB_MASTER_PORT_NUMBER="$MARIADB_MASTER_PORT_NUMBER" # only used during the first initialization -export MARIADB_MASTER_ROOT_USER="${MARIADB_MASTER_ROOT_USER:-root}" -export DB_MASTER_ROOT_USER="$MARIADB_MASTER_ROOT_USER" # only used during the first initialization -export MARIADB_MASTER_ROOT_PASSWORD="${MARIADB_MASTER_ROOT_PASSWORD:-}" -export DB_MASTER_ROOT_PASSWORD="$MARIADB_MASTER_ROOT_PASSWORD" # only used during the first initialization -export MARIADB_MASTER_DELAY="${MARIADB_MASTER_DELAY:-0}" -export DB_MASTER_DELAY="$MARIADB_MASTER_DELAY" # only used during the first initialization -export MARIADB_REPLICATION_USER="${MARIADB_REPLICATION_USER:-}" -export DB_REPLICATION_USER="$MARIADB_REPLICATION_USER" # only used during the first initialization -export MARIADB_REPLICATION_PASSWORD="${MARIADB_REPLICATION_PASSWORD:-}" -export DB_REPLICATION_PASSWORD="$MARIADB_REPLICATION_PASSWORD" # only used during the first initialization - -# Settings -export MARIADB_PORT_NUMBER="${MARIADB_PORT_NUMBER:-}" -export DB_PORT_NUMBER="$MARIADB_PORT_NUMBER" -export MARIADB_REPLICATION_MODE="${MARIADB_REPLICATION_MODE:-}" -export DB_REPLICATION_MODE="$MARIADB_REPLICATION_MODE" -export MARIADB_REPLICATION_SLAVE_DUMP="${MARIADB_REPLICATION_SLAVE_DUMP:-false}" -export DB_REPLICATION_SLAVE_DUMP="$MARIADB_REPLICATION_SLAVE_DUMP" -export MARIADB_EXTRA_FLAGS="${MARIADB_EXTRA_FLAGS:-}" -export DB_EXTRA_FLAGS="$MARIADB_EXTRA_FLAGS" -export MARIADB_INIT_SLEEP_TIME="${MARIADB_INIT_SLEEP_TIME:-}" -export DB_INIT_SLEEP_TIME="$MARIADB_INIT_SLEEP_TIME" -export MARIADB_CHARACTER_SET="${MARIADB_CHARACTER_SET:-}" -export DB_CHARACTER_SET="$MARIADB_CHARACTER_SET" -# MARIADB_COLLATION is deprecated in favor of MARIADB_COLLATE -MARIADB_COLLATE="${MARIADB_COLLATE:-"${MARIADB_COLLATION:-}"}" -export MARIADB_COLLATE="${MARIADB_COLLATE:-}" -export DB_COLLATE="$MARIADB_COLLATE" -export MARIADB_BIND_ADDRESS="${MARIADB_BIND_ADDRESS:-}" -export DB_BIND_ADDRESS="$MARIADB_BIND_ADDRESS" -export MARIADB_SQL_MODE="${MARIADB_SQL_MODE:-}" -export DB_SQL_MODE="$MARIADB_SQL_MODE" -export MARIADB_SKIP_TEST_DB="${MARIADB_SKIP_TEST_DB:-no}" -export DB_SKIP_TEST_DB="$MARIADB_SKIP_TEST_DB" -export MARIADB_CLIENT_ENABLE_SSL="${MARIADB_CLIENT_ENABLE_SSL:-no}" -export DB_CLIENT_ENABLE_SSL="$MARIADB_CLIENT_ENABLE_SSL" -export MARIADB_CLIENT_SSL_CA_FILE="${MARIADB_CLIENT_SSL_CA_FILE:-}" -export DB_CLIENT_SSL_CA_FILE="$MARIADB_CLIENT_SSL_CA_FILE" -export MARIADB_CLIENT_SSL_CERT_FILE="${MARIADB_CLIENT_SSL_CERT_FILE:-}" -export DB_CLIENT_SSL_CERT_FILE="$MARIADB_CLIENT_SSL_CERT_FILE" -export MARIADB_CLIENT_SSL_KEY_FILE="${MARIADB_CLIENT_SSL_KEY_FILE:-}" -export DB_CLIENT_SSL_KEY_FILE="$MARIADB_CLIENT_SSL_KEY_FILE" -export MARIADB_CLIENT_EXTRA_FLAGS="${MARIADB_CLIENT_EXTRA_FLAGS:-no}" -export DB_CLIENT_EXTRA_FLAGS="$MARIADB_CLIENT_EXTRA_FLAGS" -export MARIADB_STARTUP_WAIT_RETRIES="${MARIADB_STARTUP_WAIT_RETRIES:-300}" -export DB_STARTUP_WAIT_RETRIES="$MARIADB_STARTUP_WAIT_RETRIES" -export MARIADB_STARTUP_WAIT_SLEEP_TIME="${MARIADB_STARTUP_WAIT_SLEEP_TIME:-2}" -export DB_STARTUP_WAIT_SLEEP_TIME="$MARIADB_STARTUP_WAIT_SLEEP_TIME" -MARIADB_ENABLE_SLOW_QUERY="${MARIADB_ENABLE_SLOW_QUERY:-"${DB_ENABLE_SLOW_QUERY:-}"}" -export MARIADB_ENABLE_SLOW_QUERY="${MARIADB_ENABLE_SLOW_QUERY:-0}" -export DB_ENABLE_SLOW_QUERY="$MARIADB_ENABLE_SLOW_QUERY" -MARIADB_LONG_QUERY_TIME="${MARIADB_LONG_QUERY_TIME:-"${DB_LONG_QUERY_TIME:-}"}" -export MARIADB_LONG_QUERY_TIME="${MARIADB_LONG_QUERY_TIME:-10.0}" -export DB_LONG_QUERY_TIME="$MARIADB_LONG_QUERY_TIME" - -# Custom environment variables may be defined below diff --git a/bitnami/mariadb/10.11/debian-11/rootfs/opt/bitnami/scripts/mariadb/entrypoint.sh b/bitnami/mariadb/10.11/debian-11/rootfs/opt/bitnami/scripts/mariadb/entrypoint.sh deleted file mode 100755 index 2778b418f2fd..000000000000 --- a/bitnami/mariadb/10.11/debian-11/rootfs/opt/bitnami/scripts/mariadb/entrypoint.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/libmariadb.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -print_welcome_page - -# We add the copy from default config in the entrypoint to not break users -# bypassing the setup.sh logic. If the file already exists do not overwrite (in -# case someone mounts a configuration file in /opt/bitnami/mariadb/conf) -debug "Copying files from $DB_DEFAULT_CONF_DIR to $DB_CONF_DIR" -cp -nr "$DB_DEFAULT_CONF_DIR"/. "$DB_CONF_DIR" - -if [[ "$1" = "/opt/bitnami/scripts/mariadb/run.sh" ]]; then - info "** Starting MariaDB setup **" - /opt/bitnami/scripts/mariadb/setup.sh - info "** MariaDB setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/mariadb/10.11/debian-11/rootfs/opt/bitnami/scripts/mariadb/healthcheck.sh b/bitnami/mariadb/10.11/debian-11/rootfs/opt/bitnami/scripts/mariadb/healthcheck.sh deleted file mode 100755 index a42fac08c834..000000000000 --- a/bitnami/mariadb/10.11/debian-11/rootfs/opt/bitnami/scripts/mariadb/healthcheck.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libmariadb.sh - -# Load MySQL environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -mysql_healthcheck diff --git a/bitnami/mariadb/10.11/debian-11/rootfs/opt/bitnami/scripts/mariadb/postunpack.sh b/bitnami/mariadb/10.11/debian-11/rootfs/opt/bitnami/scripts/mariadb/postunpack.sh deleted file mode 100755 index 98108424f464..000000000000 --- a/bitnami/mariadb/10.11/debian-11/rootfs/opt/bitnami/scripts/mariadb/postunpack.sh +++ /dev/null @@ -1,37 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libmariadb.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# Configure MariaDB options based on build-time defaults -info "Configuring default MariaDB options" -ensure_dir_exists "$DB_CONF_DIR" -mysql_create_default_config - -for dir in "$DB_TMP_DIR" "$DB_LOGS_DIR" "$DB_CONF_DIR" "$DB_DEFAULT_CONF_DIR" "${DB_CONF_DIR}/bitnami" "$DB_VOLUME_DIR" "$DB_DATA_DIR"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" -done - -# Fix to avoid issues detecting plugins in mysql_install_db -ln -sf "$DB_BASE_DIR/plugin" "$DB_BASE_DIR/lib/plugin" - -# Redirect all logging to stdout -ln -sf "/proc/1/fd/1" "$DB_LOGS_DIR/mysqld.log" - -# Copy all initially generated configuration files to the default directory -# (this is to avoid breaking when entrypoint is being overridden) -cp -r "${DB_CONF_DIR}/"* "$DB_DEFAULT_CONF_DIR" diff --git a/bitnami/mariadb/10.11/debian-11/rootfs/opt/bitnami/scripts/mariadb/run.sh b/bitnami/mariadb/10.11/debian-11/rootfs/opt/bitnami/scripts/mariadb/run.sh deleted file mode 100755 index 6be2d7dadf5a..000000000000 --- a/bitnami/mariadb/10.11/debian-11/rootfs/opt/bitnami/scripts/mariadb/run.sh +++ /dev/null @@ -1,41 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libmariadb.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# mysqld_safe does not allow logging to stdout/stderr, so we stick with mysqld -EXEC="${DB_SBIN_DIR}/mysqld" - -flags=("--defaults-file=${DB_CONF_DIR}/my.cnf" "--basedir=${DB_BASE_DIR}" "--datadir=${DB_DATA_DIR}" "--socket=${DB_SOCKET_FILE}") -[[ -z "${DB_PID_FILE:-}" ]] || flags+=("--pid-file=${DB_PID_FILE}") - -# Add flags specified via the 'DB_EXTRA_FLAGS' environment variable -read -r -a db_extra_flags <<< "$(mysql_extra_flags)" -[[ "${#db_extra_flags[@]}" -gt 0 ]] && flags+=("${db_extra_flags[@]}") - -# Add flags passed to this script -flags+=("$@") - -# Fix for MDEV-16183 - mysqld_safe already does this, but we are using mysqld -LD_PRELOAD="$(find_jemalloc_lib)${LD_PRELOAD:+ "$LD_PRELOAD"}" -export LD_PRELOAD - -info "** Starting MariaDB **" -if am_i_root; then - exec_as_user "$DB_DAEMON_USER" "$EXEC" "${flags[@]}" -else - exec "$EXEC" "${flags[@]}" -fi diff --git a/bitnami/mariadb/10.11/debian-11/rootfs/opt/bitnami/scripts/mariadb/setup.sh b/bitnami/mariadb/10.11/debian-11/rootfs/opt/bitnami/scripts/mariadb/setup.sh deleted file mode 100755 index dc9c12a2bd05..000000000000 --- a/bitnami/mariadb/10.11/debian-11/rootfs/opt/bitnami/scripts/mariadb/setup.sh +++ /dev/null @@ -1,40 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libmariadb.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# Ensure mysql unix socket file does not exist -rm -rf "${DB_SOCKET_FILE}.lock" -# Ensure MariaDB environment variables settings are valid -mysql_validate -# Ensure MariaDB is stopped when this script ends. -trap "mysql_stop" EXIT -if am_i_root; then - # Ensure 'daemon' user exists when running as 'root' - ensure_user_exists "$DB_DAEMON_USER" --group "$DB_DAEMON_GROUP" - # Fix logging issue when running as root - chmod o+w "$(readlink /dev/stdout)" -fi -# Ensure MariaDB is initialized -mysql_initialize -# Allow running custom initialization scripts -mysql_custom_scripts 'init' -# Allow running custom start scripts -mysql_custom_scripts 'start' -# Stop MariaDB before flagging it as fully initialized. -# Relying only on the trap defined above could produce a race condition. -mysql_stop diff --git a/bitnami/mariadb/10.11/debian-11/tags-info.yaml b/bitnami/mariadb/10.11/debian-11/tags-info.yaml deleted file mode 100644 index 93f63728d1a3..000000000000 --- a/bitnami/mariadb/10.11/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "10.11" -- 10.11-debian-11 -- 10.11.7 diff --git a/bitnami/mariadb/10.4/debian-11/Dockerfile b/bitnami/mariadb/10.4/debian-11/Dockerfile deleted file mode 100644 index cada75bb84e9..000000000000 --- a/bitnami/mariadb/10.4/debian-11/Dockerfile +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T10:43:48Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="10.4.33-debian-11-r15" \ - org.opencontainers.image.title="mariadb" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="10.4.33" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libaio1 libaudit1 libcap-ng0 libcrypt1 libgcc-s1 libicu67 libjemalloc2 liblzma5 libncurses6 libpam0g libssl1.1 libstdc++6 libtinfo6 libxml2 procps psmisc zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "ini-file-1.4.6-8-linux-${OS_ARCH}-debian-11" \ - "mariadb-10.4.33-0-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN mkdir /docker-entrypoint-initdb.d - -COPY rootfs / -RUN /opt/bitnami/scripts/mariadb/postunpack.sh -ENV APP_VERSION="10.4.33" \ - BITNAMI_APP_NAME="mariadb" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/common/sbin:/opt/bitnami/mariadb/bin:/opt/bitnami/mariadb/sbin:$PATH" - -EXPOSE 3306 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/mariadb/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/mariadb/run.sh" ] diff --git a/bitnami/mariadb/10.4/debian-11/docker-compose.yml b/bitnami/mariadb/10.4/debian-11/docker-compose.yml deleted file mode 100644 index 2f6029e21cb0..000000000000 --- a/bitnami/mariadb/10.4/debian-11/docker-compose.yml +++ /dev/null @@ -1,24 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2.1' - -services: - mariadb: - image: docker.io/bitnami/mariadb:10.4 - ports: - - '3306:3306' - volumes: - - 'mariadb_data:/bitnami/mariadb' - environment: - # ALLOW_EMPTY_PASSWORD is recommended only for development. - - ALLOW_EMPTY_PASSWORD=yes - healthcheck: - test: ['CMD', '/opt/bitnami/scripts/mariadb/healthcheck.sh'] - interval: 15s - timeout: 5s - retries: 6 - -volumes: - mariadb_data: - driver: local diff --git a/bitnami/mariadb/10.4/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/mariadb/10.4/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 58824cb28813..000000000000 --- a/bitnami/mariadb/10.4/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "ini-file": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.4.6-8" - }, - "mariadb": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "10.4.33-0" - } -} \ No newline at end of file diff --git a/bitnami/mariadb/10.4/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/mariadb/10.4/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/mariadb/10.4/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/mariadb/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/mariadb/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/mariadb/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/mariadb/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/mariadb/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/mariadb/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/mariadb/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/mariadb/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/mariadb/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/mariadb/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/mariadb/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/mariadb/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/mariadb/10.4/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/mariadb/10.4/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/mariadb/10.4/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/mariadb/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/mariadb/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/mariadb/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/mariadb/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/mariadb/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/mariadb/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/mariadb/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/mariadb/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/mariadb/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/mariadb/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/mariadb/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/mariadb/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/mariadb/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/mariadb/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/mariadb/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/mariadb/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/mariadb/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/mariadb/10.4/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/mariadb/10.4/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/mariadb/10.4/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/mariadb/10.4/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/mariadb/10.4/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/mariadb/10.4/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/mariadb/10.4/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/mariadb/10.4/debian-11/rootfs/opt/bitnami/scripts/libmariadb.sh b/bitnami/mariadb/10.4/debian-11/rootfs/opt/bitnami/scripts/libmariadb.sh deleted file mode 100644 index bba902411336..000000000000 --- a/bitnami/mariadb/10.4/debian-11/rootfs/opt/bitnami/scripts/libmariadb.sh +++ /dev/null @@ -1,1419 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami MySQL library - -# shellcheck disable=SC1090,SC1091,SC2119,SC2120 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libversion.sh - -######################## -# Configure database extra start flags -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# Array with extra flags to use -######################### -mysql_extra_flags() { - local randNumber - local -a dbExtraFlags=() - # shellcheck disable=SC2153 - read -r -a userExtraFlags <<< "$DB_EXTRA_FLAGS" - - if [[ -n "$DB_REPLICATION_MODE" ]]; then - randNumber="$(head /dev/urandom | tr -dc 0-9 | head -c 3 ; echo '')" - dbExtraFlags+=("--server-id=$randNumber" "--binlog-format=ROW" "--log-bin=mysql-bin" "--sync-binlog=1") - if [[ "$DB_REPLICATION_MODE" = "slave" ]]; then - dbExtraFlags+=("--relay-log=mysql-relay-bin" "--log-slave-updates=1" "--read-only=1") - if [[ "$DB_FLAVOR" = "mysql" ]]; then - dbExtraFlags+=("--master-info-repository=TABLE" "--relay-log-info-repository=TABLE") - fi - elif [[ "$DB_REPLICATION_MODE" = "master" ]]; then - dbExtraFlags+=("--innodb_flush_log_at_trx_commit=1") - fi - fi - - [[ "${#userExtraFlags[@]}" -eq 0 ]] || dbExtraFlags+=("${userExtraFlags[@]}") - - echo "${dbExtraFlags[@]:-}" -} - -######################## -# Validate settings in MYSQL_*/MARIADB_* environment variables -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_validate() { - info "Validating settings in MYSQL_*/MARIADB_* env vars" - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - empty_password_enabled_warn() { - warn "You set the environment variable ALLOW_EMPTY_PASSWORD=${ALLOW_EMPTY_PASSWORD}. For safety reasons, do not use this flag in a production environment." - } - empty_password_error() { - print_validation_error "The $1 environment variable is empty or not set. Set the environment variable ALLOW_EMPTY_PASSWORD=yes to allow the container to be started with blank passwords. This is recommended only for development." - } - backslash_password_error() { - print_validation_error "The password cannot contain backslashes ('\'). Set the environment variable $1 with no backslashes (more info at https://dev.mysql.com/doc/refman/8.0/en/string-comparison-functions.html)" - } - - if [[ -n "$DB_REPLICATION_MODE" ]]; then - if [[ "$DB_REPLICATION_MODE" = "master" ]]; then - if is_boolean_yes "$ALLOW_EMPTY_PASSWORD"; then - empty_password_enabled_warn - else - if [[ -n "$DB_REPLICATION_USER" ]] && [[ -z "$DB_REPLICATION_PASSWORD" ]]; then - empty_password_error "$(get_env_var REPLICATION_PASSWORD)" - fi - if [[ -z "$DB_ROOT_PASSWORD" ]]; then - empty_password_error "$(get_env_var ROOT_PASSWORD)" - fi - if (( ${#DB_ROOT_PASSWORD} > 32 )); then - print_validation_error "The password can not be longer than 32 characters. Set the environment variable $(get_env_var ROOT_PASSWORD) with a shorter value (currently ${#DB_ROOT_PASSWORD} characters)" - fi - if [[ -n "$DB_USER" ]] && [[ -z "$DB_PASSWORD" ]]; then - empty_password_error "$(get_env_var PASSWORD)" - fi - fi - elif [[ "$DB_REPLICATION_MODE" = "slave" ]]; then - if [[ -z "$DB_MASTER_HOST" ]]; then - print_validation_error "Slave replication mode chosen without setting the environment variable $(get_env_var MASTER_HOST). Use it to indicate where the Master node is running" - fi - else - print_validation_error "Invalid replication mode. Available options are 'master/slave'" - fi - else - if is_boolean_yes "$ALLOW_EMPTY_PASSWORD"; then - empty_password_enabled_warn - else - if [[ -z "$DB_ROOT_PASSWORD" ]]; then - empty_password_error "$(get_env_var ROOT_PASSWORD)" - fi - if [[ -n "$DB_USER" ]] && [[ -z "$DB_PASSWORD" ]]; then - empty_password_error "$(get_env_var PASSWORD)" - fi - fi - fi - if [[ "${DB_ROOT_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "$(get_env_var ROOT_PASSWORD)" - fi - if [[ -n "$DB_USER" ]] && [[ "$DB_USER" = "root" ]]; then - print_validation_error "root user is already created in the database and you can't use it as username for user creation." - fi - if [[ "${DB_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "$(get_env_var PASSWORD)" - fi - if [[ "${DB_REPLICATION_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "$(get_env_var REPLICATION_PASSWORD)" - fi - - collation_env_var="$(get_env_var COLLATION)" - is_empty_value "${!collation_env_var:-}" || warn "The usage of '$(get_env_var COLLATION)' is deprecated and will soon be removed. Use '$(get_env_var COLLATE)' instead." - - [[ "$error_code" -eq 0 ]] || exit "$error_code" -} - -######################## -# Creates MySQL/MariaDB configuration file -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_create_default_config() { - debug "Creating main configuration file" - cat > "$DB_CONF_FILE" < "$DUMP_FILE"; then - info "Finish dump database $DB" - info "Ensure database exists $DB" - mysql -u "$DB_MASTER_ROOT_USER" < "${DB_CONF_DIR}/bitnami/my_custom.cnf" - if ! grep --silent "!include ${DB_CONF_DIR}/bitnami/my_custom.cnf" "${DB_CONF_FILE}"; then - echo "!include ${DB_CONF_DIR}/bitnami/my_custom.cnf" >> "${DB_CONF_FILE}" - fi - else - warn "Could not inject custom configuration for the ${DB_FLAVOR} configuration file '$DB_CONF_DIR/bitnami/my_custom.cnf' because it is not writable." - fi - fi - - if [[ -e "$DB_DATA_DIR/mysql" ]]; then - info "Using persisted data" - # mysql_upgrade requires the server to be running - [[ -n "$(get_master_env_var_value ROOT_PASSWORD)" ]] && export ROOT_AUTH_ENABLED="yes" - # https://dev.mysql.com/doc/refman/8.0/en/replication-upgrade.html - mysql_upgrade - else - debug "Cleaning data directory to ensure successfully initialization" - rm -rf "${DB_DATA_DIR:?}"/* - info "Installing database" - mysql_install_db - mysql_start_bg - wait_for_mysql_access - # we delete existing users and create new ones with stricter access - # commands can still be executed until we restart or run 'flush privileges' - info "Configuring authentication" - mysql_execute "mysql" <=8 depends on this command - # users are not configured on slave nodes during initialization due to --skip-slave-start - wait_for_mysql - - # Special configuration flag for system with slow disks that could take more time - # in initializing - if [[ -n "${DB_INIT_SLEEP_TIME}" ]]; then - debug "Sleeping ${DB_INIT_SLEEP_TIME} seconds before continuing with initialization" - sleep "${DB_INIT_SLEEP_TIME}" - fi -} - -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for mysql common - -######################## -# Extract mysql version from version string -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# Version string -######################### -mysql_get_version() { - local ver_string - local -a ver_split - - ver_string=$("${DB_BIN_DIR}/mysql" "--version") - read -r -a ver_split <<< "$ver_string" - - if [[ "$ver_string" = *" Distrib "* ]]; then - echo "${ver_split[4]::-1}" - else - echo "${ver_split[2]}" - fi -} - -######################## -# Gets an environment variable name based on the suffix -# Globals: -# DB_FLAVOR -# Arguments: -# $1 - environment variable suffix -# Returns: -# environment variable name -######################### -get_env_var() { - local -r id="${1:?id is required}" - local -r prefix="${DB_FLAVOR//-/_}" - echo "${prefix^^}_${id}" -} - -######################## -# Gets an environment variable value for the master node and based on the suffix -# Arguments: -# $1 - environment variable suffix -# Returns: -# environment variable value -######################### -get_master_env_var_value() { - local envVar - - PREFIX="" - [[ "${DB_REPLICATION_MODE:-}" = "slave" ]] && PREFIX="MASTER_" - envVar="$(get_env_var "${PREFIX}${1}_FILE")" - if [[ -f "${!envVar:-}" ]]; then - echo "$(< "${!envVar}")" - else - envVar="$(get_env_var "${PREFIX}${1}")" - echo "${!envVar:-}" - fi -} - -######################## -# Execute an arbitrary query/queries against the running MySQL/MariaDB service and print to stdout -# Stdin: -# Query/queries to execute -# Globals: -# BITNAMI_DEBUG -# DB_* -# Arguments: -# $1 - Database where to run the queries -# $2 - User to run queries -# $3 - Password -# $4 - Extra MySQL CLI options -# Returns: -# None -mysql_execute_print_output() { - local -r db="${1:-}" - local -r user="${2:-root}" - local -r pass="${3:-}" - local -a opts extra_opts - read -r -a opts <<< "${@:4}" - read -r -a extra_opts <<< "$(mysql_client_extra_opts)" - - # Process mysql CLI arguments - local -a args=() - if [[ -f "$DB_CONF_FILE" ]]; then - args+=("--defaults-file=${DB_CONF_FILE}") - fi - args+=("-N" "-u" "$user") - [[ -n "$db" ]] && args+=("$db") - [[ -n "$pass" ]] && args+=("-p$pass") - [[ "${#opts[@]}" -gt 0 ]] && args+=("${opts[@]}") - [[ "${#extra_opts[@]}" -gt 0 ]] && args+=("${extra_opts[@]}") - - # Obtain the command specified via stdin - if [[ "${BITNAMI_DEBUG:-false}" = true ]]; then - local mysql_cmd - mysql_cmd="$(> "$custom_conf_file" - cat "$old_custom_conf_file" >> "$custom_conf_file" - fi - if am_i_root; then - [[ -e "$DB_VOLUME_DIR/.initialized" ]] && rm "$DB_VOLUME_DIR/.initialized" - rm -rf "$DB_VOLUME_DIR/conf" - else - warn "Old custom configuration migrated, please manually remove the 'conf' directory from the volume use to persist data" - fi -} - -######################## -# Ensure a db user exists with the given password for the '%' host -# Globals: -# DB_* -# Flags: -# -p|--password - database password -# -u|--user - database user -# --auth-plugin - authentication plugin -# --use-ldap - authenticate user via LDAP -# --host - database host -# --port - database host -# Arguments: -# $1 - database user -# Returns: -# None -######################### -mysql_ensure_user_exists() { - local -r user="${1:?user is required}" - local password="" - local auth_plugin="" - local use_ldap="no" - local hosts - local auth_string="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -p|--password) - shift - password="${1:?missing database password}" - ;; - --auth-plugin) - shift - auth_plugin="${1:?missing authentication plugin}" - ;; - --use-ldap) - use_ldap="yes" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if is_boolean_yes "$use_ldap"; then - auth_string="identified via pam using '$DB_FLAVOR'" - elif [[ -n "$password" ]]; then - if [[ -n "$auth_plugin" ]]; then - auth_string="identified with $auth_plugin by '$password'" - else - auth_string="identified by '$password'" - fi - fi - debug "creating database user \'$user\'" - - local -a mysql_execute_cmd=("mysql_execute") - local -a mysql_execute_print_output_cmd=("mysql_execute_print_output") - if [[ -n "$db_host" && -n "$db_port" ]]; then - mysql_execute_cmd=("mysql_remote_execute" "$db_host" "$db_port") - mysql_execute_print_output_cmd=("mysql_remote_execute_print_output" "$db_host" "$db_port") - fi - - local mysql_create_user_cmd - [[ "$DB_FLAVOR" = "mariadb" ]] && mysql_create_user_cmd="create or replace user" || mysql_create_user_cmd="create user if not exists" - "${mysql_execute_cmd[@]}" "mysql" "$DB_ROOT_USER" "$DB_ROOT_PASSWORD" <=10.4, the mysql.user table was replaced with a view: https://mariadb.com/kb/en/mysqluser-table/ - # Views have a definer user, in this case set to 'root', which needs to exist for the view to work - # In MySQL, to avoid issues when renaming the root user, they use the 'mysql.sys' user as a definer: https://dev.mysql.com/doc/refman/5.7/en/sys-schema.html - # However, for MariaDB that is not the case, so when the 'root' user is renamed the 'mysql.user' table stops working and the view needs to be fixed - if [[ "$user" != "root" && ! "$(mysql_get_version)" =~ ^10.[0123]. ]]; then - alter_view_str="$(mysql_execute_print_output "mysql" "$user" "$password" "-s" <&2 - return 1 - ;; - esac - shift - done - - local -a mysql_execute_cmd=("mysql_execute") - [[ -n "$db_host" && -n "$db_port" ]] && mysql_execute_cmd=("mysql_remote_execute" "$db_host" "$db_port") - - local -a create_database_args=() - [[ -n "$character_set" ]] && create_database_args+=("character set = '${character_set}'") - [[ -n "$collate" ]] && create_database_args+=("collate = '${collate}'") - - debug "Creating database $database" - "${mysql_execute_cmd[@]}" "mysql" "$DB_ROOT_USER" "$DB_ROOT_PASSWORD" <&2 - return 1 - ;; - esac - shift - done - - local -a flags=("$user") - [[ -n "$db_host" ]] && flags+=("--host" "${db_host}") - [[ -n "$db_port" ]] && flags+=("--port" "${db_port}") - if is_boolean_yes "$use_ldap"; then - flags+=("--use-ldap") - elif [[ -n "$password" ]]; then - flags+=("-p" "$password") - [[ -n "$auth_plugin" ]] && flags=("${flags[@]}" "--auth-plugin" "$auth_plugin") - fi - mysql_ensure_user_exists "${flags[@]}" -} - -######################## -# Optionally create the given database, and then optionally give a user -# full privileges on the database. -# Flags: -# -u|--user - database user -# --character-set - character set -# --collation - collation -# --host - database host -# --port - database port -# Arguments: -# $1 - database name -# Returns: -# None -######################### -mysql_ensure_optional_database_exists() { - local -r database="${1:?database is missing}" - local character_set="" - local collate="" - local user="" - local privileges="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - --character-set) - shift - character_set="${1:?missing character set}" - ;; - --collate) - shift - collate="${1:?missing collate}" - ;; - -u|--user) - shift - user="${1:?missing database user}" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - --privileges) - shift - privileges="${1:?missing privileges}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - local -a flags=("$database") - [[ -n "$character_set" ]] && flags+=("--character-set" "$character_set") - [[ -n "$collate" ]] && flags+=("--collate" "$collate") - [[ -n "$db_host" ]] && flags+=("--host" "$db_host") - [[ -n "$db_port" ]] && flags+=("--port" "$db_port") - mysql_ensure_database_exists "${flags[@]}" - - if [[ -n "$user" ]]; then - mysql_ensure_user_has_database_privileges "$user" "$database" "$privileges" "$db_host" "$db_port" - fi -} - -######################## -# Add or modify an entry in the MySQL configuration file ("$DB_CONF_FILE") -# Globals: -# DB_* -# Arguments: -# $1 - MySQL variable name -# $2 - Value to assign to the MySQL variable -# $3 - Section in the MySQL configuration file the key is located (default: mysqld) -# $4 - Configuration file (default: "$BD_CONF_FILE") -# Returns: -# None -######################### -mysql_conf_set() { - local -r key="${1:?key missing}" - local -r value="${2:?value missing}" - read -r -a sections <<<"${3:-mysqld}" - local -r ignore_inline_comments="${4:-no}" - local -r file="${5:-"$DB_CONF_FILE"}" - info "Setting ${key} option" - debug "Setting ${key} to '${value}' in ${DB_FLAVOR} configuration file ${file}" - # Check if the configuration exists in the file - for section in "${sections[@]}"; do - if is_boolean_yes "$ignore_inline_comments"; then - ini-file set --ignore-inline-comments --section "$section" --key "$key" --value "$value" "$file" - else - ini-file set --section "$section" --key "$key" --value "$value" "$file" - fi - done -} - -######################## -# Update MySQL/MariaDB configuration file with user custom inputs -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_update_custom_config() { - # Persisted configuration files from old versions - ! is_dir_empty "$DB_VOLUME_DIR" && [[ -d "$DB_VOLUME_DIR/conf" ]] && mysql_migrate_old_configuration - - # User injected custom configuration - if [[ -f "$DB_CONF_DIR/my_custom.cnf" ]]; then - debug "Injecting custom configuration from my_custom.conf" - cat "$DB_CONF_DIR/my_custom.cnf" > "$DB_CONF_DIR/bitnami/my_custom.cnf" - fi - - ! is_empty_value "$DB_USER" && mysql_conf_set "user" "$DB_USER" "mysqladmin" - ! is_empty_value "$DB_PORT_NUMBER" && mysql_conf_set "port" "$DB_PORT_NUMBER" "mysqld client manager" - ! is_empty_value "$DB_CHARACTER_SET" && mysql_conf_set "character_set_server" "$DB_CHARACTER_SET" - ! is_empty_value "$DB_COLLATE" && mysql_conf_set "collation_server" "$DB_COLLATE" - ! is_empty_value "$DB_BIND_ADDRESS" && mysql_conf_set "bind_address" "$DB_BIND_ADDRESS" - ! is_empty_value "$DB_AUTHENTICATION_PLUGIN" && mysql_conf_set "default_authentication_plugin" "$DB_AUTHENTICATION_PLUGIN" - ! is_empty_value "$DB_SQL_MODE" && mysql_conf_set "sql_mode" "$DB_SQL_MODE" - ! is_empty_value "$DB_ENABLE_SLOW_QUERY" && mysql_conf_set "slow_query_log" "$DB_ENABLE_SLOW_QUERY" - ! is_empty_value "$DB_LONG_QUERY_TIME" && mysql_conf_set "long_query_time" "$DB_LONG_QUERY_TIME" - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Find the path to the libjemalloc library file -# Globals: -# None -# Arguments: -# None -# Returns: -# Path to a libjemalloc shared object file -######################### -find_jemalloc_lib() { - local -a locations=( "/usr/lib" "/usr/lib64" ) - local -r pattern='libjemalloc.so.[0-9]' - local path - for dir in "${locations[@]}"; do - # Find the first element matching the pattern and quit - [[ ! -d "$dir" ]] && continue - path="$(find "$dir" -name "$pattern" -print -quit)" - [[ -n "$path" ]] && break - done - echo "${path:-}" -} - -######################## -# Execute a reliable health check against the current mysql instance -# Globals: -# DB_ROOT_PASSWORD, DB_MASTER_ROOT_PASSWORD -# Arguments: -# None -# Returns: -# mysqladmin output -######################### -mysql_healthcheck() { - local args=("-uroot" "-h0.0.0.0") - local root_password - - root_password="$(get_master_env_var_value ROOT_PASSWORD)" - if [[ -n "$root_password" ]]; then - args+=("-p${root_password}") - fi - - mysqladmin "${args[@]}" ping && mysqladmin "${args[@]}" status -} - -######################## -# Prints flavor of 'mysql' client (useful to determine proper CLI flags that can be used) -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# mysql client flavor -######################### -mysql_client_flavor() { - if "${DB_BIN_DIR}/mysql" "--version" 2>&1 | grep -q MariaDB; then - echo "mariadb" - else - echo "mysql" - fi -} - -######################## -# Prints extra options for MySQL client calls (i.e. SSL options) -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# List of options to pass to "mysql" CLI -######################### -mysql_client_extra_opts() { - # Helper to get the proper value for the MySQL client environment variable - mysql_client_env_value() { - local env_name="MYSQL_CLIENT_${1:?missing name}" - if [[ -n "${!env_name:-}" ]]; then - echo "${!env_name:-}" - else - env_name="DB_CLIENT_${1}" - echo "${!env_name:-}" - fi - } - local -a opts=() - local key value - if is_boolean_yes "${DB_ENABLE_SSL:-no}"; then - if [[ "$(mysql_client_flavor)" = "mysql" ]]; then - opts+=("--ssl-mode=REQUIRED") - else - opts+=("--ssl=TRUE") - fi - # Add "--ssl-ca", "--ssl-key" and "--ssl-cert" options if the env vars are defined - for key in ca key cert; do - value="$(mysql_client_env_value "SSL_${key^^}_FILE")" - [[ -n "${value}" ]] && opts+=("--ssl-${key}=${value}") - done - fi - echo "${opts[@]:-}" -} diff --git a/bitnami/mariadb/10.4/debian-11/rootfs/opt/bitnami/scripts/mariadb-env.sh b/bitnami/mariadb/10.4/debian-11/rootfs/opt/bitnami/scripts/mariadb-env.sh deleted file mode 100644 index 5a226f21476f..000000000000 --- a/bitnami/mariadb/10.4/debian-11/rootfs/opt/bitnami/scripts/mariadb-env.sh +++ /dev/null @@ -1,177 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for mariadb - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-mariadb}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -mariadb_env_vars=( - ALLOW_EMPTY_PASSWORD - MARIADB_AUTHENTICATION_PLUGIN - MARIADB_ROOT_USER - MARIADB_ROOT_PASSWORD - MARIADB_USER - MARIADB_PASSWORD - MARIADB_DATABASE - MARIADB_MASTER_HOST - MARIADB_MASTER_PORT_NUMBER - MARIADB_MASTER_ROOT_USER - MARIADB_MASTER_ROOT_PASSWORD - MARIADB_MASTER_DELAY - MARIADB_REPLICATION_USER - MARIADB_REPLICATION_PASSWORD - MARIADB_PORT_NUMBER - MARIADB_REPLICATION_MODE - MARIADB_REPLICATION_SLAVE_DUMP - MARIADB_EXTRA_FLAGS - MARIADB_INIT_SLEEP_TIME - MARIADB_CHARACTER_SET - MARIADB_COLLATE - MARIADB_BIND_ADDRESS - MARIADB_SQL_MODE - MARIADB_SKIP_TEST_DB - MARIADB_CLIENT_ENABLE_SSL - MARIADB_CLIENT_SSL_CA_FILE - MARIADB_CLIENT_SSL_CERT_FILE - MARIADB_CLIENT_SSL_KEY_FILE - MARIADB_CLIENT_EXTRA_FLAGS - MARIADB_STARTUP_WAIT_RETRIES - MARIADB_STARTUP_WAIT_SLEEP_TIME - MARIADB_ENABLE_SLOW_QUERY - MARIADB_LONG_QUERY_TIME - DB_ENABLE_SLOW_QUERY - DB_LONG_QUERY_TIME -) -for env_var in "${mariadb_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset mariadb_env_vars -export DB_FLAVOR="mariadb" - -# Paths -export DB_BASE_DIR="${BITNAMI_ROOT_DIR}/mariadb" -export DB_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/mariadb" -export DB_DATA_DIR="${DB_VOLUME_DIR}/data" -export DB_BIN_DIR="${DB_BASE_DIR}/bin" -export DB_SBIN_DIR="${DB_BASE_DIR}/sbin" -export DB_CONF_DIR="${DB_BASE_DIR}/conf" -export DB_DEFAULT_CONF_DIR="${DB_BASE_DIR}/conf.default" -export DB_LOGS_DIR="${DB_BASE_DIR}/logs" -export DB_TMP_DIR="${DB_BASE_DIR}/tmp" -export DB_CONF_FILE="${DB_CONF_DIR}/my.cnf" -export DB_PID_FILE="${DB_TMP_DIR}/mysqld.pid" -export DB_SOCKET_FILE="${DB_TMP_DIR}/mysql.sock" -export PATH="${DB_SBIN_DIR}:${DB_BIN_DIR}:/opt/bitnami/common/bin:${PATH}" - -# System users (when running with a privileged user) -export DB_DAEMON_USER="mysql" -export DB_DAEMON_GROUP="mysql" - -# Default configuration (build-time) -export MARIADB_DEFAULT_PORT_NUMBER="3306" -export DB_DEFAULT_PORT_NUMBER="$MARIADB_DEFAULT_PORT_NUMBER" # only used at build time -export MARIADB_DEFAULT_CHARACTER_SET="utf8mb4" -export DB_DEFAULT_CHARACTER_SET="$MARIADB_DEFAULT_CHARACTER_SET" # only used at build time -export MARIADB_DEFAULT_BIND_ADDRESS="0.0.0.0" -export DB_DEFAULT_BIND_ADDRESS="$MARIADB_DEFAULT_BIND_ADDRESS" # only used at build time - -# MariaDB authentication. -export ALLOW_EMPTY_PASSWORD="${ALLOW_EMPTY_PASSWORD:-no}" -export MARIADB_AUTHENTICATION_PLUGIN="${MARIADB_AUTHENTICATION_PLUGIN:-}" -export DB_AUTHENTICATION_PLUGIN="$MARIADB_AUTHENTICATION_PLUGIN" -export MARIADB_ROOT_USER="${MARIADB_ROOT_USER:-root}" -export DB_ROOT_USER="$MARIADB_ROOT_USER" # only used during the first initialization -export MARIADB_ROOT_PASSWORD="${MARIADB_ROOT_PASSWORD:-}" -export DB_ROOT_PASSWORD="$MARIADB_ROOT_PASSWORD" # only used during the first initialization -export MARIADB_USER="${MARIADB_USER:-}" -export DB_USER="$MARIADB_USER" # only used during the first initialization -export MARIADB_PASSWORD="${MARIADB_PASSWORD:-}" -export DB_PASSWORD="$MARIADB_PASSWORD" # only used during the first initialization -export MARIADB_DATABASE="${MARIADB_DATABASE:-}" -export DB_DATABASE="$MARIADB_DATABASE" # only used during the first initialization -export MARIADB_MASTER_HOST="${MARIADB_MASTER_HOST:-}" -export DB_MASTER_HOST="$MARIADB_MASTER_HOST" # only used during the first initialization -export MARIADB_MASTER_PORT_NUMBER="${MARIADB_MASTER_PORT_NUMBER:-3306}" -export DB_MASTER_PORT_NUMBER="$MARIADB_MASTER_PORT_NUMBER" # only used during the first initialization -export MARIADB_MASTER_ROOT_USER="${MARIADB_MASTER_ROOT_USER:-root}" -export DB_MASTER_ROOT_USER="$MARIADB_MASTER_ROOT_USER" # only used during the first initialization -export MARIADB_MASTER_ROOT_PASSWORD="${MARIADB_MASTER_ROOT_PASSWORD:-}" -export DB_MASTER_ROOT_PASSWORD="$MARIADB_MASTER_ROOT_PASSWORD" # only used during the first initialization -export MARIADB_MASTER_DELAY="${MARIADB_MASTER_DELAY:-0}" -export DB_MASTER_DELAY="$MARIADB_MASTER_DELAY" # only used during the first initialization -export MARIADB_REPLICATION_USER="${MARIADB_REPLICATION_USER:-}" -export DB_REPLICATION_USER="$MARIADB_REPLICATION_USER" # only used during the first initialization -export MARIADB_REPLICATION_PASSWORD="${MARIADB_REPLICATION_PASSWORD:-}" -export DB_REPLICATION_PASSWORD="$MARIADB_REPLICATION_PASSWORD" # only used during the first initialization - -# Settings -export MARIADB_PORT_NUMBER="${MARIADB_PORT_NUMBER:-}" -export DB_PORT_NUMBER="$MARIADB_PORT_NUMBER" -export MARIADB_REPLICATION_MODE="${MARIADB_REPLICATION_MODE:-}" -export DB_REPLICATION_MODE="$MARIADB_REPLICATION_MODE" -export MARIADB_REPLICATION_SLAVE_DUMP="${MARIADB_REPLICATION_SLAVE_DUMP:-false}" -export DB_REPLICATION_SLAVE_DUMP="$MARIADB_REPLICATION_SLAVE_DUMP" -export MARIADB_EXTRA_FLAGS="${MARIADB_EXTRA_FLAGS:-}" -export DB_EXTRA_FLAGS="$MARIADB_EXTRA_FLAGS" -export MARIADB_INIT_SLEEP_TIME="${MARIADB_INIT_SLEEP_TIME:-}" -export DB_INIT_SLEEP_TIME="$MARIADB_INIT_SLEEP_TIME" -export MARIADB_CHARACTER_SET="${MARIADB_CHARACTER_SET:-}" -export DB_CHARACTER_SET="$MARIADB_CHARACTER_SET" -# MARIADB_COLLATION is deprecated in favor of MARIADB_COLLATE -MARIADB_COLLATE="${MARIADB_COLLATE:-"${MARIADB_COLLATION:-}"}" -export MARIADB_COLLATE="${MARIADB_COLLATE:-}" -export DB_COLLATE="$MARIADB_COLLATE" -export MARIADB_BIND_ADDRESS="${MARIADB_BIND_ADDRESS:-}" -export DB_BIND_ADDRESS="$MARIADB_BIND_ADDRESS" -export MARIADB_SQL_MODE="${MARIADB_SQL_MODE:-}" -export DB_SQL_MODE="$MARIADB_SQL_MODE" -export MARIADB_SKIP_TEST_DB="${MARIADB_SKIP_TEST_DB:-no}" -export DB_SKIP_TEST_DB="$MARIADB_SKIP_TEST_DB" -export MARIADB_CLIENT_ENABLE_SSL="${MARIADB_CLIENT_ENABLE_SSL:-no}" -export DB_CLIENT_ENABLE_SSL="$MARIADB_CLIENT_ENABLE_SSL" -export MARIADB_CLIENT_SSL_CA_FILE="${MARIADB_CLIENT_SSL_CA_FILE:-}" -export DB_CLIENT_SSL_CA_FILE="$MARIADB_CLIENT_SSL_CA_FILE" -export MARIADB_CLIENT_SSL_CERT_FILE="${MARIADB_CLIENT_SSL_CERT_FILE:-}" -export DB_CLIENT_SSL_CERT_FILE="$MARIADB_CLIENT_SSL_CERT_FILE" -export MARIADB_CLIENT_SSL_KEY_FILE="${MARIADB_CLIENT_SSL_KEY_FILE:-}" -export DB_CLIENT_SSL_KEY_FILE="$MARIADB_CLIENT_SSL_KEY_FILE" -export MARIADB_CLIENT_EXTRA_FLAGS="${MARIADB_CLIENT_EXTRA_FLAGS:-no}" -export DB_CLIENT_EXTRA_FLAGS="$MARIADB_CLIENT_EXTRA_FLAGS" -export MARIADB_STARTUP_WAIT_RETRIES="${MARIADB_STARTUP_WAIT_RETRIES:-300}" -export DB_STARTUP_WAIT_RETRIES="$MARIADB_STARTUP_WAIT_RETRIES" -export MARIADB_STARTUP_WAIT_SLEEP_TIME="${MARIADB_STARTUP_WAIT_SLEEP_TIME:-2}" -export DB_STARTUP_WAIT_SLEEP_TIME="$MARIADB_STARTUP_WAIT_SLEEP_TIME" -MARIADB_ENABLE_SLOW_QUERY="${MARIADB_ENABLE_SLOW_QUERY:-"${DB_ENABLE_SLOW_QUERY:-}"}" -export MARIADB_ENABLE_SLOW_QUERY="${MARIADB_ENABLE_SLOW_QUERY:-0}" -export DB_ENABLE_SLOW_QUERY="$MARIADB_ENABLE_SLOW_QUERY" -MARIADB_LONG_QUERY_TIME="${MARIADB_LONG_QUERY_TIME:-"${DB_LONG_QUERY_TIME:-}"}" -export MARIADB_LONG_QUERY_TIME="${MARIADB_LONG_QUERY_TIME:-10.0}" -export DB_LONG_QUERY_TIME="$MARIADB_LONG_QUERY_TIME" - -# Custom environment variables may be defined below diff --git a/bitnami/mariadb/10.4/debian-11/rootfs/opt/bitnami/scripts/mariadb/entrypoint.sh b/bitnami/mariadb/10.4/debian-11/rootfs/opt/bitnami/scripts/mariadb/entrypoint.sh deleted file mode 100755 index 2778b418f2fd..000000000000 --- a/bitnami/mariadb/10.4/debian-11/rootfs/opt/bitnami/scripts/mariadb/entrypoint.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/libmariadb.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -print_welcome_page - -# We add the copy from default config in the entrypoint to not break users -# bypassing the setup.sh logic. If the file already exists do not overwrite (in -# case someone mounts a configuration file in /opt/bitnami/mariadb/conf) -debug "Copying files from $DB_DEFAULT_CONF_DIR to $DB_CONF_DIR" -cp -nr "$DB_DEFAULT_CONF_DIR"/. "$DB_CONF_DIR" - -if [[ "$1" = "/opt/bitnami/scripts/mariadb/run.sh" ]]; then - info "** Starting MariaDB setup **" - /opt/bitnami/scripts/mariadb/setup.sh - info "** MariaDB setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/mariadb/10.4/debian-11/rootfs/opt/bitnami/scripts/mariadb/healthcheck.sh b/bitnami/mariadb/10.4/debian-11/rootfs/opt/bitnami/scripts/mariadb/healthcheck.sh deleted file mode 100755 index a42fac08c834..000000000000 --- a/bitnami/mariadb/10.4/debian-11/rootfs/opt/bitnami/scripts/mariadb/healthcheck.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libmariadb.sh - -# Load MySQL environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -mysql_healthcheck diff --git a/bitnami/mariadb/10.4/debian-11/rootfs/opt/bitnami/scripts/mariadb/postunpack.sh b/bitnami/mariadb/10.4/debian-11/rootfs/opt/bitnami/scripts/mariadb/postunpack.sh deleted file mode 100755 index 98108424f464..000000000000 --- a/bitnami/mariadb/10.4/debian-11/rootfs/opt/bitnami/scripts/mariadb/postunpack.sh +++ /dev/null @@ -1,37 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libmariadb.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# Configure MariaDB options based on build-time defaults -info "Configuring default MariaDB options" -ensure_dir_exists "$DB_CONF_DIR" -mysql_create_default_config - -for dir in "$DB_TMP_DIR" "$DB_LOGS_DIR" "$DB_CONF_DIR" "$DB_DEFAULT_CONF_DIR" "${DB_CONF_DIR}/bitnami" "$DB_VOLUME_DIR" "$DB_DATA_DIR"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" -done - -# Fix to avoid issues detecting plugins in mysql_install_db -ln -sf "$DB_BASE_DIR/plugin" "$DB_BASE_DIR/lib/plugin" - -# Redirect all logging to stdout -ln -sf "/proc/1/fd/1" "$DB_LOGS_DIR/mysqld.log" - -# Copy all initially generated configuration files to the default directory -# (this is to avoid breaking when entrypoint is being overridden) -cp -r "${DB_CONF_DIR}/"* "$DB_DEFAULT_CONF_DIR" diff --git a/bitnami/mariadb/10.4/debian-11/rootfs/opt/bitnami/scripts/mariadb/run.sh b/bitnami/mariadb/10.4/debian-11/rootfs/opt/bitnami/scripts/mariadb/run.sh deleted file mode 100755 index 6be2d7dadf5a..000000000000 --- a/bitnami/mariadb/10.4/debian-11/rootfs/opt/bitnami/scripts/mariadb/run.sh +++ /dev/null @@ -1,41 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libmariadb.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# mysqld_safe does not allow logging to stdout/stderr, so we stick with mysqld -EXEC="${DB_SBIN_DIR}/mysqld" - -flags=("--defaults-file=${DB_CONF_DIR}/my.cnf" "--basedir=${DB_BASE_DIR}" "--datadir=${DB_DATA_DIR}" "--socket=${DB_SOCKET_FILE}") -[[ -z "${DB_PID_FILE:-}" ]] || flags+=("--pid-file=${DB_PID_FILE}") - -# Add flags specified via the 'DB_EXTRA_FLAGS' environment variable -read -r -a db_extra_flags <<< "$(mysql_extra_flags)" -[[ "${#db_extra_flags[@]}" -gt 0 ]] && flags+=("${db_extra_flags[@]}") - -# Add flags passed to this script -flags+=("$@") - -# Fix for MDEV-16183 - mysqld_safe already does this, but we are using mysqld -LD_PRELOAD="$(find_jemalloc_lib)${LD_PRELOAD:+ "$LD_PRELOAD"}" -export LD_PRELOAD - -info "** Starting MariaDB **" -if am_i_root; then - exec_as_user "$DB_DAEMON_USER" "$EXEC" "${flags[@]}" -else - exec "$EXEC" "${flags[@]}" -fi diff --git a/bitnami/mariadb/10.4/debian-11/rootfs/opt/bitnami/scripts/mariadb/setup.sh b/bitnami/mariadb/10.4/debian-11/rootfs/opt/bitnami/scripts/mariadb/setup.sh deleted file mode 100755 index dc9c12a2bd05..000000000000 --- a/bitnami/mariadb/10.4/debian-11/rootfs/opt/bitnami/scripts/mariadb/setup.sh +++ /dev/null @@ -1,40 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libmariadb.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# Ensure mysql unix socket file does not exist -rm -rf "${DB_SOCKET_FILE}.lock" -# Ensure MariaDB environment variables settings are valid -mysql_validate -# Ensure MariaDB is stopped when this script ends. -trap "mysql_stop" EXIT -if am_i_root; then - # Ensure 'daemon' user exists when running as 'root' - ensure_user_exists "$DB_DAEMON_USER" --group "$DB_DAEMON_GROUP" - # Fix logging issue when running as root - chmod o+w "$(readlink /dev/stdout)" -fi -# Ensure MariaDB is initialized -mysql_initialize -# Allow running custom initialization scripts -mysql_custom_scripts 'init' -# Allow running custom start scripts -mysql_custom_scripts 'start' -# Stop MariaDB before flagging it as fully initialized. -# Relying only on the trap defined above could produce a race condition. -mysql_stop diff --git a/bitnami/mariadb/10.4/debian-11/tags-info.yaml b/bitnami/mariadb/10.4/debian-11/tags-info.yaml deleted file mode 100644 index b3f7e7ef04f9..000000000000 --- a/bitnami/mariadb/10.4/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "10.4" -- 10.4-debian-11 -- 10.4.33 diff --git a/bitnami/mariadb/10.5/debian-11/Dockerfile b/bitnami/mariadb/10.5/debian-11/Dockerfile deleted file mode 100644 index bcc9632ebaed..000000000000 --- a/bitnami/mariadb/10.5/debian-11/Dockerfile +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T10:47:44Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="10.5.24-debian-11-r15" \ - org.opencontainers.image.title="mariadb" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="10.5.24" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libaio1 libaudit1 libcap-ng0 libcrypt1 libgcc-s1 libicu67 liblzma5 libncurses6 libpam0g libssl1.1 libstdc++6 libtinfo6 libxml2 procps psmisc zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "ini-file-1.4.6-8-linux-${OS_ARCH}-debian-11" \ - "mariadb-10.5.24-0-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN mkdir /docker-entrypoint-initdb.d - -COPY rootfs / -RUN /opt/bitnami/scripts/mariadb/postunpack.sh -ENV APP_VERSION="10.5.24" \ - BITNAMI_APP_NAME="mariadb" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/common/sbin:/opt/bitnami/mariadb/bin:/opt/bitnami/mariadb/sbin:$PATH" - -EXPOSE 3306 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/mariadb/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/mariadb/run.sh" ] diff --git a/bitnami/mariadb/10.5/debian-11/docker-compose.yml b/bitnami/mariadb/10.5/debian-11/docker-compose.yml deleted file mode 100644 index a4350e2205fb..000000000000 --- a/bitnami/mariadb/10.5/debian-11/docker-compose.yml +++ /dev/null @@ -1,24 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2.1' - -services: - mariadb: - image: docker.io/bitnami/mariadb:10.5 - ports: - - '3306:3306' - volumes: - - 'mariadb_data:/bitnami/mariadb' - environment: - # ALLOW_EMPTY_PASSWORD is recommended only for development. - - ALLOW_EMPTY_PASSWORD=yes - healthcheck: - test: ['CMD', '/opt/bitnami/scripts/mariadb/healthcheck.sh'] - interval: 15s - timeout: 5s - retries: 6 - -volumes: - mariadb_data: - driver: local diff --git a/bitnami/mariadb/10.5/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/mariadb/10.5/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 5b9c3e8771c2..000000000000 --- a/bitnami/mariadb/10.5/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "ini-file": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.4.6-8" - }, - "mariadb": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "10.5.24-0" - } -} \ No newline at end of file diff --git a/bitnami/mariadb/10.5/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/mariadb/10.5/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/mariadb/10.5/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/mariadb/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/mariadb/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/mariadb/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/mariadb/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/mariadb/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/mariadb/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/mariadb/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/mariadb/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/mariadb/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/mariadb/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/mariadb/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/mariadb/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/mariadb/10.5/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/mariadb/10.5/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/mariadb/10.5/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/mariadb/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/mariadb/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/mariadb/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/mariadb/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/mariadb/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/mariadb/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/mariadb/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/mariadb/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/mariadb/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/mariadb/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/mariadb/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/mariadb/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/mariadb/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/mariadb/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/mariadb/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/mariadb/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/mariadb/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/mariadb/10.5/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/mariadb/10.5/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/mariadb/10.5/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/mariadb/10.5/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/mariadb/10.5/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/mariadb/10.5/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/mariadb/10.5/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/mariadb/10.5/debian-11/rootfs/opt/bitnami/scripts/libmariadb.sh b/bitnami/mariadb/10.5/debian-11/rootfs/opt/bitnami/scripts/libmariadb.sh deleted file mode 100644 index bba902411336..000000000000 --- a/bitnami/mariadb/10.5/debian-11/rootfs/opt/bitnami/scripts/libmariadb.sh +++ /dev/null @@ -1,1419 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami MySQL library - -# shellcheck disable=SC1090,SC1091,SC2119,SC2120 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libversion.sh - -######################## -# Configure database extra start flags -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# Array with extra flags to use -######################### -mysql_extra_flags() { - local randNumber - local -a dbExtraFlags=() - # shellcheck disable=SC2153 - read -r -a userExtraFlags <<< "$DB_EXTRA_FLAGS" - - if [[ -n "$DB_REPLICATION_MODE" ]]; then - randNumber="$(head /dev/urandom | tr -dc 0-9 | head -c 3 ; echo '')" - dbExtraFlags+=("--server-id=$randNumber" "--binlog-format=ROW" "--log-bin=mysql-bin" "--sync-binlog=1") - if [[ "$DB_REPLICATION_MODE" = "slave" ]]; then - dbExtraFlags+=("--relay-log=mysql-relay-bin" "--log-slave-updates=1" "--read-only=1") - if [[ "$DB_FLAVOR" = "mysql" ]]; then - dbExtraFlags+=("--master-info-repository=TABLE" "--relay-log-info-repository=TABLE") - fi - elif [[ "$DB_REPLICATION_MODE" = "master" ]]; then - dbExtraFlags+=("--innodb_flush_log_at_trx_commit=1") - fi - fi - - [[ "${#userExtraFlags[@]}" -eq 0 ]] || dbExtraFlags+=("${userExtraFlags[@]}") - - echo "${dbExtraFlags[@]:-}" -} - -######################## -# Validate settings in MYSQL_*/MARIADB_* environment variables -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_validate() { - info "Validating settings in MYSQL_*/MARIADB_* env vars" - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - empty_password_enabled_warn() { - warn "You set the environment variable ALLOW_EMPTY_PASSWORD=${ALLOW_EMPTY_PASSWORD}. For safety reasons, do not use this flag in a production environment." - } - empty_password_error() { - print_validation_error "The $1 environment variable is empty or not set. Set the environment variable ALLOW_EMPTY_PASSWORD=yes to allow the container to be started with blank passwords. This is recommended only for development." - } - backslash_password_error() { - print_validation_error "The password cannot contain backslashes ('\'). Set the environment variable $1 with no backslashes (more info at https://dev.mysql.com/doc/refman/8.0/en/string-comparison-functions.html)" - } - - if [[ -n "$DB_REPLICATION_MODE" ]]; then - if [[ "$DB_REPLICATION_MODE" = "master" ]]; then - if is_boolean_yes "$ALLOW_EMPTY_PASSWORD"; then - empty_password_enabled_warn - else - if [[ -n "$DB_REPLICATION_USER" ]] && [[ -z "$DB_REPLICATION_PASSWORD" ]]; then - empty_password_error "$(get_env_var REPLICATION_PASSWORD)" - fi - if [[ -z "$DB_ROOT_PASSWORD" ]]; then - empty_password_error "$(get_env_var ROOT_PASSWORD)" - fi - if (( ${#DB_ROOT_PASSWORD} > 32 )); then - print_validation_error "The password can not be longer than 32 characters. Set the environment variable $(get_env_var ROOT_PASSWORD) with a shorter value (currently ${#DB_ROOT_PASSWORD} characters)" - fi - if [[ -n "$DB_USER" ]] && [[ -z "$DB_PASSWORD" ]]; then - empty_password_error "$(get_env_var PASSWORD)" - fi - fi - elif [[ "$DB_REPLICATION_MODE" = "slave" ]]; then - if [[ -z "$DB_MASTER_HOST" ]]; then - print_validation_error "Slave replication mode chosen without setting the environment variable $(get_env_var MASTER_HOST). Use it to indicate where the Master node is running" - fi - else - print_validation_error "Invalid replication mode. Available options are 'master/slave'" - fi - else - if is_boolean_yes "$ALLOW_EMPTY_PASSWORD"; then - empty_password_enabled_warn - else - if [[ -z "$DB_ROOT_PASSWORD" ]]; then - empty_password_error "$(get_env_var ROOT_PASSWORD)" - fi - if [[ -n "$DB_USER" ]] && [[ -z "$DB_PASSWORD" ]]; then - empty_password_error "$(get_env_var PASSWORD)" - fi - fi - fi - if [[ "${DB_ROOT_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "$(get_env_var ROOT_PASSWORD)" - fi - if [[ -n "$DB_USER" ]] && [[ "$DB_USER" = "root" ]]; then - print_validation_error "root user is already created in the database and you can't use it as username for user creation." - fi - if [[ "${DB_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "$(get_env_var PASSWORD)" - fi - if [[ "${DB_REPLICATION_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "$(get_env_var REPLICATION_PASSWORD)" - fi - - collation_env_var="$(get_env_var COLLATION)" - is_empty_value "${!collation_env_var:-}" || warn "The usage of '$(get_env_var COLLATION)' is deprecated and will soon be removed. Use '$(get_env_var COLLATE)' instead." - - [[ "$error_code" -eq 0 ]] || exit "$error_code" -} - -######################## -# Creates MySQL/MariaDB configuration file -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_create_default_config() { - debug "Creating main configuration file" - cat > "$DB_CONF_FILE" < "$DUMP_FILE"; then - info "Finish dump database $DB" - info "Ensure database exists $DB" - mysql -u "$DB_MASTER_ROOT_USER" < "${DB_CONF_DIR}/bitnami/my_custom.cnf" - if ! grep --silent "!include ${DB_CONF_DIR}/bitnami/my_custom.cnf" "${DB_CONF_FILE}"; then - echo "!include ${DB_CONF_DIR}/bitnami/my_custom.cnf" >> "${DB_CONF_FILE}" - fi - else - warn "Could not inject custom configuration for the ${DB_FLAVOR} configuration file '$DB_CONF_DIR/bitnami/my_custom.cnf' because it is not writable." - fi - fi - - if [[ -e "$DB_DATA_DIR/mysql" ]]; then - info "Using persisted data" - # mysql_upgrade requires the server to be running - [[ -n "$(get_master_env_var_value ROOT_PASSWORD)" ]] && export ROOT_AUTH_ENABLED="yes" - # https://dev.mysql.com/doc/refman/8.0/en/replication-upgrade.html - mysql_upgrade - else - debug "Cleaning data directory to ensure successfully initialization" - rm -rf "${DB_DATA_DIR:?}"/* - info "Installing database" - mysql_install_db - mysql_start_bg - wait_for_mysql_access - # we delete existing users and create new ones with stricter access - # commands can still be executed until we restart or run 'flush privileges' - info "Configuring authentication" - mysql_execute "mysql" <=8 depends on this command - # users are not configured on slave nodes during initialization due to --skip-slave-start - wait_for_mysql - - # Special configuration flag for system with slow disks that could take more time - # in initializing - if [[ -n "${DB_INIT_SLEEP_TIME}" ]]; then - debug "Sleeping ${DB_INIT_SLEEP_TIME} seconds before continuing with initialization" - sleep "${DB_INIT_SLEEP_TIME}" - fi -} - -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for mysql common - -######################## -# Extract mysql version from version string -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# Version string -######################### -mysql_get_version() { - local ver_string - local -a ver_split - - ver_string=$("${DB_BIN_DIR}/mysql" "--version") - read -r -a ver_split <<< "$ver_string" - - if [[ "$ver_string" = *" Distrib "* ]]; then - echo "${ver_split[4]::-1}" - else - echo "${ver_split[2]}" - fi -} - -######################## -# Gets an environment variable name based on the suffix -# Globals: -# DB_FLAVOR -# Arguments: -# $1 - environment variable suffix -# Returns: -# environment variable name -######################### -get_env_var() { - local -r id="${1:?id is required}" - local -r prefix="${DB_FLAVOR//-/_}" - echo "${prefix^^}_${id}" -} - -######################## -# Gets an environment variable value for the master node and based on the suffix -# Arguments: -# $1 - environment variable suffix -# Returns: -# environment variable value -######################### -get_master_env_var_value() { - local envVar - - PREFIX="" - [[ "${DB_REPLICATION_MODE:-}" = "slave" ]] && PREFIX="MASTER_" - envVar="$(get_env_var "${PREFIX}${1}_FILE")" - if [[ -f "${!envVar:-}" ]]; then - echo "$(< "${!envVar}")" - else - envVar="$(get_env_var "${PREFIX}${1}")" - echo "${!envVar:-}" - fi -} - -######################## -# Execute an arbitrary query/queries against the running MySQL/MariaDB service and print to stdout -# Stdin: -# Query/queries to execute -# Globals: -# BITNAMI_DEBUG -# DB_* -# Arguments: -# $1 - Database where to run the queries -# $2 - User to run queries -# $3 - Password -# $4 - Extra MySQL CLI options -# Returns: -# None -mysql_execute_print_output() { - local -r db="${1:-}" - local -r user="${2:-root}" - local -r pass="${3:-}" - local -a opts extra_opts - read -r -a opts <<< "${@:4}" - read -r -a extra_opts <<< "$(mysql_client_extra_opts)" - - # Process mysql CLI arguments - local -a args=() - if [[ -f "$DB_CONF_FILE" ]]; then - args+=("--defaults-file=${DB_CONF_FILE}") - fi - args+=("-N" "-u" "$user") - [[ -n "$db" ]] && args+=("$db") - [[ -n "$pass" ]] && args+=("-p$pass") - [[ "${#opts[@]}" -gt 0 ]] && args+=("${opts[@]}") - [[ "${#extra_opts[@]}" -gt 0 ]] && args+=("${extra_opts[@]}") - - # Obtain the command specified via stdin - if [[ "${BITNAMI_DEBUG:-false}" = true ]]; then - local mysql_cmd - mysql_cmd="$(> "$custom_conf_file" - cat "$old_custom_conf_file" >> "$custom_conf_file" - fi - if am_i_root; then - [[ -e "$DB_VOLUME_DIR/.initialized" ]] && rm "$DB_VOLUME_DIR/.initialized" - rm -rf "$DB_VOLUME_DIR/conf" - else - warn "Old custom configuration migrated, please manually remove the 'conf' directory from the volume use to persist data" - fi -} - -######################## -# Ensure a db user exists with the given password for the '%' host -# Globals: -# DB_* -# Flags: -# -p|--password - database password -# -u|--user - database user -# --auth-plugin - authentication plugin -# --use-ldap - authenticate user via LDAP -# --host - database host -# --port - database host -# Arguments: -# $1 - database user -# Returns: -# None -######################### -mysql_ensure_user_exists() { - local -r user="${1:?user is required}" - local password="" - local auth_plugin="" - local use_ldap="no" - local hosts - local auth_string="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -p|--password) - shift - password="${1:?missing database password}" - ;; - --auth-plugin) - shift - auth_plugin="${1:?missing authentication plugin}" - ;; - --use-ldap) - use_ldap="yes" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if is_boolean_yes "$use_ldap"; then - auth_string="identified via pam using '$DB_FLAVOR'" - elif [[ -n "$password" ]]; then - if [[ -n "$auth_plugin" ]]; then - auth_string="identified with $auth_plugin by '$password'" - else - auth_string="identified by '$password'" - fi - fi - debug "creating database user \'$user\'" - - local -a mysql_execute_cmd=("mysql_execute") - local -a mysql_execute_print_output_cmd=("mysql_execute_print_output") - if [[ -n "$db_host" && -n "$db_port" ]]; then - mysql_execute_cmd=("mysql_remote_execute" "$db_host" "$db_port") - mysql_execute_print_output_cmd=("mysql_remote_execute_print_output" "$db_host" "$db_port") - fi - - local mysql_create_user_cmd - [[ "$DB_FLAVOR" = "mariadb" ]] && mysql_create_user_cmd="create or replace user" || mysql_create_user_cmd="create user if not exists" - "${mysql_execute_cmd[@]}" "mysql" "$DB_ROOT_USER" "$DB_ROOT_PASSWORD" <=10.4, the mysql.user table was replaced with a view: https://mariadb.com/kb/en/mysqluser-table/ - # Views have a definer user, in this case set to 'root', which needs to exist for the view to work - # In MySQL, to avoid issues when renaming the root user, they use the 'mysql.sys' user as a definer: https://dev.mysql.com/doc/refman/5.7/en/sys-schema.html - # However, for MariaDB that is not the case, so when the 'root' user is renamed the 'mysql.user' table stops working and the view needs to be fixed - if [[ "$user" != "root" && ! "$(mysql_get_version)" =~ ^10.[0123]. ]]; then - alter_view_str="$(mysql_execute_print_output "mysql" "$user" "$password" "-s" <&2 - return 1 - ;; - esac - shift - done - - local -a mysql_execute_cmd=("mysql_execute") - [[ -n "$db_host" && -n "$db_port" ]] && mysql_execute_cmd=("mysql_remote_execute" "$db_host" "$db_port") - - local -a create_database_args=() - [[ -n "$character_set" ]] && create_database_args+=("character set = '${character_set}'") - [[ -n "$collate" ]] && create_database_args+=("collate = '${collate}'") - - debug "Creating database $database" - "${mysql_execute_cmd[@]}" "mysql" "$DB_ROOT_USER" "$DB_ROOT_PASSWORD" <&2 - return 1 - ;; - esac - shift - done - - local -a flags=("$user") - [[ -n "$db_host" ]] && flags+=("--host" "${db_host}") - [[ -n "$db_port" ]] && flags+=("--port" "${db_port}") - if is_boolean_yes "$use_ldap"; then - flags+=("--use-ldap") - elif [[ -n "$password" ]]; then - flags+=("-p" "$password") - [[ -n "$auth_plugin" ]] && flags=("${flags[@]}" "--auth-plugin" "$auth_plugin") - fi - mysql_ensure_user_exists "${flags[@]}" -} - -######################## -# Optionally create the given database, and then optionally give a user -# full privileges on the database. -# Flags: -# -u|--user - database user -# --character-set - character set -# --collation - collation -# --host - database host -# --port - database port -# Arguments: -# $1 - database name -# Returns: -# None -######################### -mysql_ensure_optional_database_exists() { - local -r database="${1:?database is missing}" - local character_set="" - local collate="" - local user="" - local privileges="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - --character-set) - shift - character_set="${1:?missing character set}" - ;; - --collate) - shift - collate="${1:?missing collate}" - ;; - -u|--user) - shift - user="${1:?missing database user}" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - --privileges) - shift - privileges="${1:?missing privileges}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - local -a flags=("$database") - [[ -n "$character_set" ]] && flags+=("--character-set" "$character_set") - [[ -n "$collate" ]] && flags+=("--collate" "$collate") - [[ -n "$db_host" ]] && flags+=("--host" "$db_host") - [[ -n "$db_port" ]] && flags+=("--port" "$db_port") - mysql_ensure_database_exists "${flags[@]}" - - if [[ -n "$user" ]]; then - mysql_ensure_user_has_database_privileges "$user" "$database" "$privileges" "$db_host" "$db_port" - fi -} - -######################## -# Add or modify an entry in the MySQL configuration file ("$DB_CONF_FILE") -# Globals: -# DB_* -# Arguments: -# $1 - MySQL variable name -# $2 - Value to assign to the MySQL variable -# $3 - Section in the MySQL configuration file the key is located (default: mysqld) -# $4 - Configuration file (default: "$BD_CONF_FILE") -# Returns: -# None -######################### -mysql_conf_set() { - local -r key="${1:?key missing}" - local -r value="${2:?value missing}" - read -r -a sections <<<"${3:-mysqld}" - local -r ignore_inline_comments="${4:-no}" - local -r file="${5:-"$DB_CONF_FILE"}" - info "Setting ${key} option" - debug "Setting ${key} to '${value}' in ${DB_FLAVOR} configuration file ${file}" - # Check if the configuration exists in the file - for section in "${sections[@]}"; do - if is_boolean_yes "$ignore_inline_comments"; then - ini-file set --ignore-inline-comments --section "$section" --key "$key" --value "$value" "$file" - else - ini-file set --section "$section" --key "$key" --value "$value" "$file" - fi - done -} - -######################## -# Update MySQL/MariaDB configuration file with user custom inputs -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_update_custom_config() { - # Persisted configuration files from old versions - ! is_dir_empty "$DB_VOLUME_DIR" && [[ -d "$DB_VOLUME_DIR/conf" ]] && mysql_migrate_old_configuration - - # User injected custom configuration - if [[ -f "$DB_CONF_DIR/my_custom.cnf" ]]; then - debug "Injecting custom configuration from my_custom.conf" - cat "$DB_CONF_DIR/my_custom.cnf" > "$DB_CONF_DIR/bitnami/my_custom.cnf" - fi - - ! is_empty_value "$DB_USER" && mysql_conf_set "user" "$DB_USER" "mysqladmin" - ! is_empty_value "$DB_PORT_NUMBER" && mysql_conf_set "port" "$DB_PORT_NUMBER" "mysqld client manager" - ! is_empty_value "$DB_CHARACTER_SET" && mysql_conf_set "character_set_server" "$DB_CHARACTER_SET" - ! is_empty_value "$DB_COLLATE" && mysql_conf_set "collation_server" "$DB_COLLATE" - ! is_empty_value "$DB_BIND_ADDRESS" && mysql_conf_set "bind_address" "$DB_BIND_ADDRESS" - ! is_empty_value "$DB_AUTHENTICATION_PLUGIN" && mysql_conf_set "default_authentication_plugin" "$DB_AUTHENTICATION_PLUGIN" - ! is_empty_value "$DB_SQL_MODE" && mysql_conf_set "sql_mode" "$DB_SQL_MODE" - ! is_empty_value "$DB_ENABLE_SLOW_QUERY" && mysql_conf_set "slow_query_log" "$DB_ENABLE_SLOW_QUERY" - ! is_empty_value "$DB_LONG_QUERY_TIME" && mysql_conf_set "long_query_time" "$DB_LONG_QUERY_TIME" - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Find the path to the libjemalloc library file -# Globals: -# None -# Arguments: -# None -# Returns: -# Path to a libjemalloc shared object file -######################### -find_jemalloc_lib() { - local -a locations=( "/usr/lib" "/usr/lib64" ) - local -r pattern='libjemalloc.so.[0-9]' - local path - for dir in "${locations[@]}"; do - # Find the first element matching the pattern and quit - [[ ! -d "$dir" ]] && continue - path="$(find "$dir" -name "$pattern" -print -quit)" - [[ -n "$path" ]] && break - done - echo "${path:-}" -} - -######################## -# Execute a reliable health check against the current mysql instance -# Globals: -# DB_ROOT_PASSWORD, DB_MASTER_ROOT_PASSWORD -# Arguments: -# None -# Returns: -# mysqladmin output -######################### -mysql_healthcheck() { - local args=("-uroot" "-h0.0.0.0") - local root_password - - root_password="$(get_master_env_var_value ROOT_PASSWORD)" - if [[ -n "$root_password" ]]; then - args+=("-p${root_password}") - fi - - mysqladmin "${args[@]}" ping && mysqladmin "${args[@]}" status -} - -######################## -# Prints flavor of 'mysql' client (useful to determine proper CLI flags that can be used) -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# mysql client flavor -######################### -mysql_client_flavor() { - if "${DB_BIN_DIR}/mysql" "--version" 2>&1 | grep -q MariaDB; then - echo "mariadb" - else - echo "mysql" - fi -} - -######################## -# Prints extra options for MySQL client calls (i.e. SSL options) -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# List of options to pass to "mysql" CLI -######################### -mysql_client_extra_opts() { - # Helper to get the proper value for the MySQL client environment variable - mysql_client_env_value() { - local env_name="MYSQL_CLIENT_${1:?missing name}" - if [[ -n "${!env_name:-}" ]]; then - echo "${!env_name:-}" - else - env_name="DB_CLIENT_${1}" - echo "${!env_name:-}" - fi - } - local -a opts=() - local key value - if is_boolean_yes "${DB_ENABLE_SSL:-no}"; then - if [[ "$(mysql_client_flavor)" = "mysql" ]]; then - opts+=("--ssl-mode=REQUIRED") - else - opts+=("--ssl=TRUE") - fi - # Add "--ssl-ca", "--ssl-key" and "--ssl-cert" options if the env vars are defined - for key in ca key cert; do - value="$(mysql_client_env_value "SSL_${key^^}_FILE")" - [[ -n "${value}" ]] && opts+=("--ssl-${key}=${value}") - done - fi - echo "${opts[@]:-}" -} diff --git a/bitnami/mariadb/10.5/debian-11/rootfs/opt/bitnami/scripts/mariadb-env.sh b/bitnami/mariadb/10.5/debian-11/rootfs/opt/bitnami/scripts/mariadb-env.sh deleted file mode 100644 index 5a226f21476f..000000000000 --- a/bitnami/mariadb/10.5/debian-11/rootfs/opt/bitnami/scripts/mariadb-env.sh +++ /dev/null @@ -1,177 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for mariadb - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-mariadb}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -mariadb_env_vars=( - ALLOW_EMPTY_PASSWORD - MARIADB_AUTHENTICATION_PLUGIN - MARIADB_ROOT_USER - MARIADB_ROOT_PASSWORD - MARIADB_USER - MARIADB_PASSWORD - MARIADB_DATABASE - MARIADB_MASTER_HOST - MARIADB_MASTER_PORT_NUMBER - MARIADB_MASTER_ROOT_USER - MARIADB_MASTER_ROOT_PASSWORD - MARIADB_MASTER_DELAY - MARIADB_REPLICATION_USER - MARIADB_REPLICATION_PASSWORD - MARIADB_PORT_NUMBER - MARIADB_REPLICATION_MODE - MARIADB_REPLICATION_SLAVE_DUMP - MARIADB_EXTRA_FLAGS - MARIADB_INIT_SLEEP_TIME - MARIADB_CHARACTER_SET - MARIADB_COLLATE - MARIADB_BIND_ADDRESS - MARIADB_SQL_MODE - MARIADB_SKIP_TEST_DB - MARIADB_CLIENT_ENABLE_SSL - MARIADB_CLIENT_SSL_CA_FILE - MARIADB_CLIENT_SSL_CERT_FILE - MARIADB_CLIENT_SSL_KEY_FILE - MARIADB_CLIENT_EXTRA_FLAGS - MARIADB_STARTUP_WAIT_RETRIES - MARIADB_STARTUP_WAIT_SLEEP_TIME - MARIADB_ENABLE_SLOW_QUERY - MARIADB_LONG_QUERY_TIME - DB_ENABLE_SLOW_QUERY - DB_LONG_QUERY_TIME -) -for env_var in "${mariadb_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset mariadb_env_vars -export DB_FLAVOR="mariadb" - -# Paths -export DB_BASE_DIR="${BITNAMI_ROOT_DIR}/mariadb" -export DB_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/mariadb" -export DB_DATA_DIR="${DB_VOLUME_DIR}/data" -export DB_BIN_DIR="${DB_BASE_DIR}/bin" -export DB_SBIN_DIR="${DB_BASE_DIR}/sbin" -export DB_CONF_DIR="${DB_BASE_DIR}/conf" -export DB_DEFAULT_CONF_DIR="${DB_BASE_DIR}/conf.default" -export DB_LOGS_DIR="${DB_BASE_DIR}/logs" -export DB_TMP_DIR="${DB_BASE_DIR}/tmp" -export DB_CONF_FILE="${DB_CONF_DIR}/my.cnf" -export DB_PID_FILE="${DB_TMP_DIR}/mysqld.pid" -export DB_SOCKET_FILE="${DB_TMP_DIR}/mysql.sock" -export PATH="${DB_SBIN_DIR}:${DB_BIN_DIR}:/opt/bitnami/common/bin:${PATH}" - -# System users (when running with a privileged user) -export DB_DAEMON_USER="mysql" -export DB_DAEMON_GROUP="mysql" - -# Default configuration (build-time) -export MARIADB_DEFAULT_PORT_NUMBER="3306" -export DB_DEFAULT_PORT_NUMBER="$MARIADB_DEFAULT_PORT_NUMBER" # only used at build time -export MARIADB_DEFAULT_CHARACTER_SET="utf8mb4" -export DB_DEFAULT_CHARACTER_SET="$MARIADB_DEFAULT_CHARACTER_SET" # only used at build time -export MARIADB_DEFAULT_BIND_ADDRESS="0.0.0.0" -export DB_DEFAULT_BIND_ADDRESS="$MARIADB_DEFAULT_BIND_ADDRESS" # only used at build time - -# MariaDB authentication. -export ALLOW_EMPTY_PASSWORD="${ALLOW_EMPTY_PASSWORD:-no}" -export MARIADB_AUTHENTICATION_PLUGIN="${MARIADB_AUTHENTICATION_PLUGIN:-}" -export DB_AUTHENTICATION_PLUGIN="$MARIADB_AUTHENTICATION_PLUGIN" -export MARIADB_ROOT_USER="${MARIADB_ROOT_USER:-root}" -export DB_ROOT_USER="$MARIADB_ROOT_USER" # only used during the first initialization -export MARIADB_ROOT_PASSWORD="${MARIADB_ROOT_PASSWORD:-}" -export DB_ROOT_PASSWORD="$MARIADB_ROOT_PASSWORD" # only used during the first initialization -export MARIADB_USER="${MARIADB_USER:-}" -export DB_USER="$MARIADB_USER" # only used during the first initialization -export MARIADB_PASSWORD="${MARIADB_PASSWORD:-}" -export DB_PASSWORD="$MARIADB_PASSWORD" # only used during the first initialization -export MARIADB_DATABASE="${MARIADB_DATABASE:-}" -export DB_DATABASE="$MARIADB_DATABASE" # only used during the first initialization -export MARIADB_MASTER_HOST="${MARIADB_MASTER_HOST:-}" -export DB_MASTER_HOST="$MARIADB_MASTER_HOST" # only used during the first initialization -export MARIADB_MASTER_PORT_NUMBER="${MARIADB_MASTER_PORT_NUMBER:-3306}" -export DB_MASTER_PORT_NUMBER="$MARIADB_MASTER_PORT_NUMBER" # only used during the first initialization -export MARIADB_MASTER_ROOT_USER="${MARIADB_MASTER_ROOT_USER:-root}" -export DB_MASTER_ROOT_USER="$MARIADB_MASTER_ROOT_USER" # only used during the first initialization -export MARIADB_MASTER_ROOT_PASSWORD="${MARIADB_MASTER_ROOT_PASSWORD:-}" -export DB_MASTER_ROOT_PASSWORD="$MARIADB_MASTER_ROOT_PASSWORD" # only used during the first initialization -export MARIADB_MASTER_DELAY="${MARIADB_MASTER_DELAY:-0}" -export DB_MASTER_DELAY="$MARIADB_MASTER_DELAY" # only used during the first initialization -export MARIADB_REPLICATION_USER="${MARIADB_REPLICATION_USER:-}" -export DB_REPLICATION_USER="$MARIADB_REPLICATION_USER" # only used during the first initialization -export MARIADB_REPLICATION_PASSWORD="${MARIADB_REPLICATION_PASSWORD:-}" -export DB_REPLICATION_PASSWORD="$MARIADB_REPLICATION_PASSWORD" # only used during the first initialization - -# Settings -export MARIADB_PORT_NUMBER="${MARIADB_PORT_NUMBER:-}" -export DB_PORT_NUMBER="$MARIADB_PORT_NUMBER" -export MARIADB_REPLICATION_MODE="${MARIADB_REPLICATION_MODE:-}" -export DB_REPLICATION_MODE="$MARIADB_REPLICATION_MODE" -export MARIADB_REPLICATION_SLAVE_DUMP="${MARIADB_REPLICATION_SLAVE_DUMP:-false}" -export DB_REPLICATION_SLAVE_DUMP="$MARIADB_REPLICATION_SLAVE_DUMP" -export MARIADB_EXTRA_FLAGS="${MARIADB_EXTRA_FLAGS:-}" -export DB_EXTRA_FLAGS="$MARIADB_EXTRA_FLAGS" -export MARIADB_INIT_SLEEP_TIME="${MARIADB_INIT_SLEEP_TIME:-}" -export DB_INIT_SLEEP_TIME="$MARIADB_INIT_SLEEP_TIME" -export MARIADB_CHARACTER_SET="${MARIADB_CHARACTER_SET:-}" -export DB_CHARACTER_SET="$MARIADB_CHARACTER_SET" -# MARIADB_COLLATION is deprecated in favor of MARIADB_COLLATE -MARIADB_COLLATE="${MARIADB_COLLATE:-"${MARIADB_COLLATION:-}"}" -export MARIADB_COLLATE="${MARIADB_COLLATE:-}" -export DB_COLLATE="$MARIADB_COLLATE" -export MARIADB_BIND_ADDRESS="${MARIADB_BIND_ADDRESS:-}" -export DB_BIND_ADDRESS="$MARIADB_BIND_ADDRESS" -export MARIADB_SQL_MODE="${MARIADB_SQL_MODE:-}" -export DB_SQL_MODE="$MARIADB_SQL_MODE" -export MARIADB_SKIP_TEST_DB="${MARIADB_SKIP_TEST_DB:-no}" -export DB_SKIP_TEST_DB="$MARIADB_SKIP_TEST_DB" -export MARIADB_CLIENT_ENABLE_SSL="${MARIADB_CLIENT_ENABLE_SSL:-no}" -export DB_CLIENT_ENABLE_SSL="$MARIADB_CLIENT_ENABLE_SSL" -export MARIADB_CLIENT_SSL_CA_FILE="${MARIADB_CLIENT_SSL_CA_FILE:-}" -export DB_CLIENT_SSL_CA_FILE="$MARIADB_CLIENT_SSL_CA_FILE" -export MARIADB_CLIENT_SSL_CERT_FILE="${MARIADB_CLIENT_SSL_CERT_FILE:-}" -export DB_CLIENT_SSL_CERT_FILE="$MARIADB_CLIENT_SSL_CERT_FILE" -export MARIADB_CLIENT_SSL_KEY_FILE="${MARIADB_CLIENT_SSL_KEY_FILE:-}" -export DB_CLIENT_SSL_KEY_FILE="$MARIADB_CLIENT_SSL_KEY_FILE" -export MARIADB_CLIENT_EXTRA_FLAGS="${MARIADB_CLIENT_EXTRA_FLAGS:-no}" -export DB_CLIENT_EXTRA_FLAGS="$MARIADB_CLIENT_EXTRA_FLAGS" -export MARIADB_STARTUP_WAIT_RETRIES="${MARIADB_STARTUP_WAIT_RETRIES:-300}" -export DB_STARTUP_WAIT_RETRIES="$MARIADB_STARTUP_WAIT_RETRIES" -export MARIADB_STARTUP_WAIT_SLEEP_TIME="${MARIADB_STARTUP_WAIT_SLEEP_TIME:-2}" -export DB_STARTUP_WAIT_SLEEP_TIME="$MARIADB_STARTUP_WAIT_SLEEP_TIME" -MARIADB_ENABLE_SLOW_QUERY="${MARIADB_ENABLE_SLOW_QUERY:-"${DB_ENABLE_SLOW_QUERY:-}"}" -export MARIADB_ENABLE_SLOW_QUERY="${MARIADB_ENABLE_SLOW_QUERY:-0}" -export DB_ENABLE_SLOW_QUERY="$MARIADB_ENABLE_SLOW_QUERY" -MARIADB_LONG_QUERY_TIME="${MARIADB_LONG_QUERY_TIME:-"${DB_LONG_QUERY_TIME:-}"}" -export MARIADB_LONG_QUERY_TIME="${MARIADB_LONG_QUERY_TIME:-10.0}" -export DB_LONG_QUERY_TIME="$MARIADB_LONG_QUERY_TIME" - -# Custom environment variables may be defined below diff --git a/bitnami/mariadb/10.5/debian-11/rootfs/opt/bitnami/scripts/mariadb/entrypoint.sh b/bitnami/mariadb/10.5/debian-11/rootfs/opt/bitnami/scripts/mariadb/entrypoint.sh deleted file mode 100755 index 2778b418f2fd..000000000000 --- a/bitnami/mariadb/10.5/debian-11/rootfs/opt/bitnami/scripts/mariadb/entrypoint.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/libmariadb.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -print_welcome_page - -# We add the copy from default config in the entrypoint to not break users -# bypassing the setup.sh logic. If the file already exists do not overwrite (in -# case someone mounts a configuration file in /opt/bitnami/mariadb/conf) -debug "Copying files from $DB_DEFAULT_CONF_DIR to $DB_CONF_DIR" -cp -nr "$DB_DEFAULT_CONF_DIR"/. "$DB_CONF_DIR" - -if [[ "$1" = "/opt/bitnami/scripts/mariadb/run.sh" ]]; then - info "** Starting MariaDB setup **" - /opt/bitnami/scripts/mariadb/setup.sh - info "** MariaDB setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/mariadb/10.5/debian-11/rootfs/opt/bitnami/scripts/mariadb/healthcheck.sh b/bitnami/mariadb/10.5/debian-11/rootfs/opt/bitnami/scripts/mariadb/healthcheck.sh deleted file mode 100755 index a42fac08c834..000000000000 --- a/bitnami/mariadb/10.5/debian-11/rootfs/opt/bitnami/scripts/mariadb/healthcheck.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libmariadb.sh - -# Load MySQL environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -mysql_healthcheck diff --git a/bitnami/mariadb/10.5/debian-11/rootfs/opt/bitnami/scripts/mariadb/postunpack.sh b/bitnami/mariadb/10.5/debian-11/rootfs/opt/bitnami/scripts/mariadb/postunpack.sh deleted file mode 100755 index 98108424f464..000000000000 --- a/bitnami/mariadb/10.5/debian-11/rootfs/opt/bitnami/scripts/mariadb/postunpack.sh +++ /dev/null @@ -1,37 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libmariadb.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# Configure MariaDB options based on build-time defaults -info "Configuring default MariaDB options" -ensure_dir_exists "$DB_CONF_DIR" -mysql_create_default_config - -for dir in "$DB_TMP_DIR" "$DB_LOGS_DIR" "$DB_CONF_DIR" "$DB_DEFAULT_CONF_DIR" "${DB_CONF_DIR}/bitnami" "$DB_VOLUME_DIR" "$DB_DATA_DIR"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" -done - -# Fix to avoid issues detecting plugins in mysql_install_db -ln -sf "$DB_BASE_DIR/plugin" "$DB_BASE_DIR/lib/plugin" - -# Redirect all logging to stdout -ln -sf "/proc/1/fd/1" "$DB_LOGS_DIR/mysqld.log" - -# Copy all initially generated configuration files to the default directory -# (this is to avoid breaking when entrypoint is being overridden) -cp -r "${DB_CONF_DIR}/"* "$DB_DEFAULT_CONF_DIR" diff --git a/bitnami/mariadb/10.5/debian-11/rootfs/opt/bitnami/scripts/mariadb/run.sh b/bitnami/mariadb/10.5/debian-11/rootfs/opt/bitnami/scripts/mariadb/run.sh deleted file mode 100755 index 6be2d7dadf5a..000000000000 --- a/bitnami/mariadb/10.5/debian-11/rootfs/opt/bitnami/scripts/mariadb/run.sh +++ /dev/null @@ -1,41 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libmariadb.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# mysqld_safe does not allow logging to stdout/stderr, so we stick with mysqld -EXEC="${DB_SBIN_DIR}/mysqld" - -flags=("--defaults-file=${DB_CONF_DIR}/my.cnf" "--basedir=${DB_BASE_DIR}" "--datadir=${DB_DATA_DIR}" "--socket=${DB_SOCKET_FILE}") -[[ -z "${DB_PID_FILE:-}" ]] || flags+=("--pid-file=${DB_PID_FILE}") - -# Add flags specified via the 'DB_EXTRA_FLAGS' environment variable -read -r -a db_extra_flags <<< "$(mysql_extra_flags)" -[[ "${#db_extra_flags[@]}" -gt 0 ]] && flags+=("${db_extra_flags[@]}") - -# Add flags passed to this script -flags+=("$@") - -# Fix for MDEV-16183 - mysqld_safe already does this, but we are using mysqld -LD_PRELOAD="$(find_jemalloc_lib)${LD_PRELOAD:+ "$LD_PRELOAD"}" -export LD_PRELOAD - -info "** Starting MariaDB **" -if am_i_root; then - exec_as_user "$DB_DAEMON_USER" "$EXEC" "${flags[@]}" -else - exec "$EXEC" "${flags[@]}" -fi diff --git a/bitnami/mariadb/10.5/debian-11/rootfs/opt/bitnami/scripts/mariadb/setup.sh b/bitnami/mariadb/10.5/debian-11/rootfs/opt/bitnami/scripts/mariadb/setup.sh deleted file mode 100755 index dc9c12a2bd05..000000000000 --- a/bitnami/mariadb/10.5/debian-11/rootfs/opt/bitnami/scripts/mariadb/setup.sh +++ /dev/null @@ -1,40 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libmariadb.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# Ensure mysql unix socket file does not exist -rm -rf "${DB_SOCKET_FILE}.lock" -# Ensure MariaDB environment variables settings are valid -mysql_validate -# Ensure MariaDB is stopped when this script ends. -trap "mysql_stop" EXIT -if am_i_root; then - # Ensure 'daemon' user exists when running as 'root' - ensure_user_exists "$DB_DAEMON_USER" --group "$DB_DAEMON_GROUP" - # Fix logging issue when running as root - chmod o+w "$(readlink /dev/stdout)" -fi -# Ensure MariaDB is initialized -mysql_initialize -# Allow running custom initialization scripts -mysql_custom_scripts 'init' -# Allow running custom start scripts -mysql_custom_scripts 'start' -# Stop MariaDB before flagging it as fully initialized. -# Relying only on the trap defined above could produce a race condition. -mysql_stop diff --git a/bitnami/mariadb/10.5/debian-11/tags-info.yaml b/bitnami/mariadb/10.5/debian-11/tags-info.yaml deleted file mode 100644 index 22135cf0a61b..000000000000 --- a/bitnami/mariadb/10.5/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "10.5" -- 10.5-debian-11 -- 10.5.24 diff --git a/bitnami/mariadb/10.6/debian-11/Dockerfile b/bitnami/mariadb/10.6/debian-11/Dockerfile deleted file mode 100644 index 5396f88ee4de..000000000000 --- a/bitnami/mariadb/10.6/debian-11/Dockerfile +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T17:04:29Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="10.6.17-debian-11-r15" \ - org.opencontainers.image.title="mariadb" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="10.6.17" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libaio1 libaudit1 libcap-ng0 libcrypt1 libgcc-s1 libicu67 liblzma5 libncurses6 libpam0g libssl1.1 libstdc++6 libtinfo6 libxml2 procps psmisc zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "ini-file-1.4.6-8-linux-${OS_ARCH}-debian-11" \ - "mariadb-10.6.17-0-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN mkdir /docker-entrypoint-initdb.d - -COPY rootfs / -RUN /opt/bitnami/scripts/mariadb/postunpack.sh -ENV APP_VERSION="10.6.17" \ - BITNAMI_APP_NAME="mariadb" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/common/sbin:/opt/bitnami/mariadb/bin:/opt/bitnami/mariadb/sbin:$PATH" - -EXPOSE 3306 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/mariadb/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/mariadb/run.sh" ] diff --git a/bitnami/mariadb/10.6/debian-11/docker-compose.yml b/bitnami/mariadb/10.6/debian-11/docker-compose.yml deleted file mode 100644 index c5bd850fb50c..000000000000 --- a/bitnami/mariadb/10.6/debian-11/docker-compose.yml +++ /dev/null @@ -1,24 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2.1' - -services: - mariadb: - image: docker.io/bitnami/mariadb:10.6 - ports: - - '3306:3306' - volumes: - - 'mariadb_data:/bitnami/mariadb' - environment: - # ALLOW_EMPTY_PASSWORD is recommended only for development. - - ALLOW_EMPTY_PASSWORD=yes - healthcheck: - test: ['CMD', '/opt/bitnami/scripts/mariadb/healthcheck.sh'] - interval: 15s - timeout: 5s - retries: 6 - -volumes: - mariadb_data: - driver: local diff --git a/bitnami/mariadb/10.6/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/mariadb/10.6/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 7ba5573688e9..000000000000 --- a/bitnami/mariadb/10.6/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "ini-file": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.4.6-8" - }, - "mariadb": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "10.6.17-0" - } -} \ No newline at end of file diff --git a/bitnami/mariadb/10.6/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/mariadb/10.6/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/mariadb/10.6/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/mariadb/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/mariadb/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/mariadb/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/mariadb/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/mariadb/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/mariadb/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/mariadb/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/mariadb/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/mariadb/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/mariadb/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/mariadb/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/mariadb/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/mariadb/10.6/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/mariadb/10.6/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/mariadb/10.6/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/mariadb/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/mariadb/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/mariadb/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/mariadb/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/mariadb/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/mariadb/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/mariadb/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/mariadb/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/mariadb/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/mariadb/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/mariadb/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/mariadb/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/mariadb/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/mariadb/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/mariadb/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/mariadb/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/mariadb/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/mariadb/10.6/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/mariadb/10.6/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/mariadb/10.6/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/mariadb/10.6/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/mariadb/10.6/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/mariadb/10.6/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/mariadb/10.6/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/mariadb/10.6/debian-11/rootfs/opt/bitnami/scripts/libmariadb.sh b/bitnami/mariadb/10.6/debian-11/rootfs/opt/bitnami/scripts/libmariadb.sh deleted file mode 100644 index bba902411336..000000000000 --- a/bitnami/mariadb/10.6/debian-11/rootfs/opt/bitnami/scripts/libmariadb.sh +++ /dev/null @@ -1,1419 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami MySQL library - -# shellcheck disable=SC1090,SC1091,SC2119,SC2120 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libversion.sh - -######################## -# Configure database extra start flags -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# Array with extra flags to use -######################### -mysql_extra_flags() { - local randNumber - local -a dbExtraFlags=() - # shellcheck disable=SC2153 - read -r -a userExtraFlags <<< "$DB_EXTRA_FLAGS" - - if [[ -n "$DB_REPLICATION_MODE" ]]; then - randNumber="$(head /dev/urandom | tr -dc 0-9 | head -c 3 ; echo '')" - dbExtraFlags+=("--server-id=$randNumber" "--binlog-format=ROW" "--log-bin=mysql-bin" "--sync-binlog=1") - if [[ "$DB_REPLICATION_MODE" = "slave" ]]; then - dbExtraFlags+=("--relay-log=mysql-relay-bin" "--log-slave-updates=1" "--read-only=1") - if [[ "$DB_FLAVOR" = "mysql" ]]; then - dbExtraFlags+=("--master-info-repository=TABLE" "--relay-log-info-repository=TABLE") - fi - elif [[ "$DB_REPLICATION_MODE" = "master" ]]; then - dbExtraFlags+=("--innodb_flush_log_at_trx_commit=1") - fi - fi - - [[ "${#userExtraFlags[@]}" -eq 0 ]] || dbExtraFlags+=("${userExtraFlags[@]}") - - echo "${dbExtraFlags[@]:-}" -} - -######################## -# Validate settings in MYSQL_*/MARIADB_* environment variables -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_validate() { - info "Validating settings in MYSQL_*/MARIADB_* env vars" - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - empty_password_enabled_warn() { - warn "You set the environment variable ALLOW_EMPTY_PASSWORD=${ALLOW_EMPTY_PASSWORD}. For safety reasons, do not use this flag in a production environment." - } - empty_password_error() { - print_validation_error "The $1 environment variable is empty or not set. Set the environment variable ALLOW_EMPTY_PASSWORD=yes to allow the container to be started with blank passwords. This is recommended only for development." - } - backslash_password_error() { - print_validation_error "The password cannot contain backslashes ('\'). Set the environment variable $1 with no backslashes (more info at https://dev.mysql.com/doc/refman/8.0/en/string-comparison-functions.html)" - } - - if [[ -n "$DB_REPLICATION_MODE" ]]; then - if [[ "$DB_REPLICATION_MODE" = "master" ]]; then - if is_boolean_yes "$ALLOW_EMPTY_PASSWORD"; then - empty_password_enabled_warn - else - if [[ -n "$DB_REPLICATION_USER" ]] && [[ -z "$DB_REPLICATION_PASSWORD" ]]; then - empty_password_error "$(get_env_var REPLICATION_PASSWORD)" - fi - if [[ -z "$DB_ROOT_PASSWORD" ]]; then - empty_password_error "$(get_env_var ROOT_PASSWORD)" - fi - if (( ${#DB_ROOT_PASSWORD} > 32 )); then - print_validation_error "The password can not be longer than 32 characters. Set the environment variable $(get_env_var ROOT_PASSWORD) with a shorter value (currently ${#DB_ROOT_PASSWORD} characters)" - fi - if [[ -n "$DB_USER" ]] && [[ -z "$DB_PASSWORD" ]]; then - empty_password_error "$(get_env_var PASSWORD)" - fi - fi - elif [[ "$DB_REPLICATION_MODE" = "slave" ]]; then - if [[ -z "$DB_MASTER_HOST" ]]; then - print_validation_error "Slave replication mode chosen without setting the environment variable $(get_env_var MASTER_HOST). Use it to indicate where the Master node is running" - fi - else - print_validation_error "Invalid replication mode. Available options are 'master/slave'" - fi - else - if is_boolean_yes "$ALLOW_EMPTY_PASSWORD"; then - empty_password_enabled_warn - else - if [[ -z "$DB_ROOT_PASSWORD" ]]; then - empty_password_error "$(get_env_var ROOT_PASSWORD)" - fi - if [[ -n "$DB_USER" ]] && [[ -z "$DB_PASSWORD" ]]; then - empty_password_error "$(get_env_var PASSWORD)" - fi - fi - fi - if [[ "${DB_ROOT_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "$(get_env_var ROOT_PASSWORD)" - fi - if [[ -n "$DB_USER" ]] && [[ "$DB_USER" = "root" ]]; then - print_validation_error "root user is already created in the database and you can't use it as username for user creation." - fi - if [[ "${DB_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "$(get_env_var PASSWORD)" - fi - if [[ "${DB_REPLICATION_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "$(get_env_var REPLICATION_PASSWORD)" - fi - - collation_env_var="$(get_env_var COLLATION)" - is_empty_value "${!collation_env_var:-}" || warn "The usage of '$(get_env_var COLLATION)' is deprecated and will soon be removed. Use '$(get_env_var COLLATE)' instead." - - [[ "$error_code" -eq 0 ]] || exit "$error_code" -} - -######################## -# Creates MySQL/MariaDB configuration file -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_create_default_config() { - debug "Creating main configuration file" - cat > "$DB_CONF_FILE" < "$DUMP_FILE"; then - info "Finish dump database $DB" - info "Ensure database exists $DB" - mysql -u "$DB_MASTER_ROOT_USER" < "${DB_CONF_DIR}/bitnami/my_custom.cnf" - if ! grep --silent "!include ${DB_CONF_DIR}/bitnami/my_custom.cnf" "${DB_CONF_FILE}"; then - echo "!include ${DB_CONF_DIR}/bitnami/my_custom.cnf" >> "${DB_CONF_FILE}" - fi - else - warn "Could not inject custom configuration for the ${DB_FLAVOR} configuration file '$DB_CONF_DIR/bitnami/my_custom.cnf' because it is not writable." - fi - fi - - if [[ -e "$DB_DATA_DIR/mysql" ]]; then - info "Using persisted data" - # mysql_upgrade requires the server to be running - [[ -n "$(get_master_env_var_value ROOT_PASSWORD)" ]] && export ROOT_AUTH_ENABLED="yes" - # https://dev.mysql.com/doc/refman/8.0/en/replication-upgrade.html - mysql_upgrade - else - debug "Cleaning data directory to ensure successfully initialization" - rm -rf "${DB_DATA_DIR:?}"/* - info "Installing database" - mysql_install_db - mysql_start_bg - wait_for_mysql_access - # we delete existing users and create new ones with stricter access - # commands can still be executed until we restart or run 'flush privileges' - info "Configuring authentication" - mysql_execute "mysql" <=8 depends on this command - # users are not configured on slave nodes during initialization due to --skip-slave-start - wait_for_mysql - - # Special configuration flag for system with slow disks that could take more time - # in initializing - if [[ -n "${DB_INIT_SLEEP_TIME}" ]]; then - debug "Sleeping ${DB_INIT_SLEEP_TIME} seconds before continuing with initialization" - sleep "${DB_INIT_SLEEP_TIME}" - fi -} - -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for mysql common - -######################## -# Extract mysql version from version string -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# Version string -######################### -mysql_get_version() { - local ver_string - local -a ver_split - - ver_string=$("${DB_BIN_DIR}/mysql" "--version") - read -r -a ver_split <<< "$ver_string" - - if [[ "$ver_string" = *" Distrib "* ]]; then - echo "${ver_split[4]::-1}" - else - echo "${ver_split[2]}" - fi -} - -######################## -# Gets an environment variable name based on the suffix -# Globals: -# DB_FLAVOR -# Arguments: -# $1 - environment variable suffix -# Returns: -# environment variable name -######################### -get_env_var() { - local -r id="${1:?id is required}" - local -r prefix="${DB_FLAVOR//-/_}" - echo "${prefix^^}_${id}" -} - -######################## -# Gets an environment variable value for the master node and based on the suffix -# Arguments: -# $1 - environment variable suffix -# Returns: -# environment variable value -######################### -get_master_env_var_value() { - local envVar - - PREFIX="" - [[ "${DB_REPLICATION_MODE:-}" = "slave" ]] && PREFIX="MASTER_" - envVar="$(get_env_var "${PREFIX}${1}_FILE")" - if [[ -f "${!envVar:-}" ]]; then - echo "$(< "${!envVar}")" - else - envVar="$(get_env_var "${PREFIX}${1}")" - echo "${!envVar:-}" - fi -} - -######################## -# Execute an arbitrary query/queries against the running MySQL/MariaDB service and print to stdout -# Stdin: -# Query/queries to execute -# Globals: -# BITNAMI_DEBUG -# DB_* -# Arguments: -# $1 - Database where to run the queries -# $2 - User to run queries -# $3 - Password -# $4 - Extra MySQL CLI options -# Returns: -# None -mysql_execute_print_output() { - local -r db="${1:-}" - local -r user="${2:-root}" - local -r pass="${3:-}" - local -a opts extra_opts - read -r -a opts <<< "${@:4}" - read -r -a extra_opts <<< "$(mysql_client_extra_opts)" - - # Process mysql CLI arguments - local -a args=() - if [[ -f "$DB_CONF_FILE" ]]; then - args+=("--defaults-file=${DB_CONF_FILE}") - fi - args+=("-N" "-u" "$user") - [[ -n "$db" ]] && args+=("$db") - [[ -n "$pass" ]] && args+=("-p$pass") - [[ "${#opts[@]}" -gt 0 ]] && args+=("${opts[@]}") - [[ "${#extra_opts[@]}" -gt 0 ]] && args+=("${extra_opts[@]}") - - # Obtain the command specified via stdin - if [[ "${BITNAMI_DEBUG:-false}" = true ]]; then - local mysql_cmd - mysql_cmd="$(> "$custom_conf_file" - cat "$old_custom_conf_file" >> "$custom_conf_file" - fi - if am_i_root; then - [[ -e "$DB_VOLUME_DIR/.initialized" ]] && rm "$DB_VOLUME_DIR/.initialized" - rm -rf "$DB_VOLUME_DIR/conf" - else - warn "Old custom configuration migrated, please manually remove the 'conf' directory from the volume use to persist data" - fi -} - -######################## -# Ensure a db user exists with the given password for the '%' host -# Globals: -# DB_* -# Flags: -# -p|--password - database password -# -u|--user - database user -# --auth-plugin - authentication plugin -# --use-ldap - authenticate user via LDAP -# --host - database host -# --port - database host -# Arguments: -# $1 - database user -# Returns: -# None -######################### -mysql_ensure_user_exists() { - local -r user="${1:?user is required}" - local password="" - local auth_plugin="" - local use_ldap="no" - local hosts - local auth_string="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -p|--password) - shift - password="${1:?missing database password}" - ;; - --auth-plugin) - shift - auth_plugin="${1:?missing authentication plugin}" - ;; - --use-ldap) - use_ldap="yes" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if is_boolean_yes "$use_ldap"; then - auth_string="identified via pam using '$DB_FLAVOR'" - elif [[ -n "$password" ]]; then - if [[ -n "$auth_plugin" ]]; then - auth_string="identified with $auth_plugin by '$password'" - else - auth_string="identified by '$password'" - fi - fi - debug "creating database user \'$user\'" - - local -a mysql_execute_cmd=("mysql_execute") - local -a mysql_execute_print_output_cmd=("mysql_execute_print_output") - if [[ -n "$db_host" && -n "$db_port" ]]; then - mysql_execute_cmd=("mysql_remote_execute" "$db_host" "$db_port") - mysql_execute_print_output_cmd=("mysql_remote_execute_print_output" "$db_host" "$db_port") - fi - - local mysql_create_user_cmd - [[ "$DB_FLAVOR" = "mariadb" ]] && mysql_create_user_cmd="create or replace user" || mysql_create_user_cmd="create user if not exists" - "${mysql_execute_cmd[@]}" "mysql" "$DB_ROOT_USER" "$DB_ROOT_PASSWORD" <=10.4, the mysql.user table was replaced with a view: https://mariadb.com/kb/en/mysqluser-table/ - # Views have a definer user, in this case set to 'root', which needs to exist for the view to work - # In MySQL, to avoid issues when renaming the root user, they use the 'mysql.sys' user as a definer: https://dev.mysql.com/doc/refman/5.7/en/sys-schema.html - # However, for MariaDB that is not the case, so when the 'root' user is renamed the 'mysql.user' table stops working and the view needs to be fixed - if [[ "$user" != "root" && ! "$(mysql_get_version)" =~ ^10.[0123]. ]]; then - alter_view_str="$(mysql_execute_print_output "mysql" "$user" "$password" "-s" <&2 - return 1 - ;; - esac - shift - done - - local -a mysql_execute_cmd=("mysql_execute") - [[ -n "$db_host" && -n "$db_port" ]] && mysql_execute_cmd=("mysql_remote_execute" "$db_host" "$db_port") - - local -a create_database_args=() - [[ -n "$character_set" ]] && create_database_args+=("character set = '${character_set}'") - [[ -n "$collate" ]] && create_database_args+=("collate = '${collate}'") - - debug "Creating database $database" - "${mysql_execute_cmd[@]}" "mysql" "$DB_ROOT_USER" "$DB_ROOT_PASSWORD" <&2 - return 1 - ;; - esac - shift - done - - local -a flags=("$user") - [[ -n "$db_host" ]] && flags+=("--host" "${db_host}") - [[ -n "$db_port" ]] && flags+=("--port" "${db_port}") - if is_boolean_yes "$use_ldap"; then - flags+=("--use-ldap") - elif [[ -n "$password" ]]; then - flags+=("-p" "$password") - [[ -n "$auth_plugin" ]] && flags=("${flags[@]}" "--auth-plugin" "$auth_plugin") - fi - mysql_ensure_user_exists "${flags[@]}" -} - -######################## -# Optionally create the given database, and then optionally give a user -# full privileges on the database. -# Flags: -# -u|--user - database user -# --character-set - character set -# --collation - collation -# --host - database host -# --port - database port -# Arguments: -# $1 - database name -# Returns: -# None -######################### -mysql_ensure_optional_database_exists() { - local -r database="${1:?database is missing}" - local character_set="" - local collate="" - local user="" - local privileges="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - --character-set) - shift - character_set="${1:?missing character set}" - ;; - --collate) - shift - collate="${1:?missing collate}" - ;; - -u|--user) - shift - user="${1:?missing database user}" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - --privileges) - shift - privileges="${1:?missing privileges}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - local -a flags=("$database") - [[ -n "$character_set" ]] && flags+=("--character-set" "$character_set") - [[ -n "$collate" ]] && flags+=("--collate" "$collate") - [[ -n "$db_host" ]] && flags+=("--host" "$db_host") - [[ -n "$db_port" ]] && flags+=("--port" "$db_port") - mysql_ensure_database_exists "${flags[@]}" - - if [[ -n "$user" ]]; then - mysql_ensure_user_has_database_privileges "$user" "$database" "$privileges" "$db_host" "$db_port" - fi -} - -######################## -# Add or modify an entry in the MySQL configuration file ("$DB_CONF_FILE") -# Globals: -# DB_* -# Arguments: -# $1 - MySQL variable name -# $2 - Value to assign to the MySQL variable -# $3 - Section in the MySQL configuration file the key is located (default: mysqld) -# $4 - Configuration file (default: "$BD_CONF_FILE") -# Returns: -# None -######################### -mysql_conf_set() { - local -r key="${1:?key missing}" - local -r value="${2:?value missing}" - read -r -a sections <<<"${3:-mysqld}" - local -r ignore_inline_comments="${4:-no}" - local -r file="${5:-"$DB_CONF_FILE"}" - info "Setting ${key} option" - debug "Setting ${key} to '${value}' in ${DB_FLAVOR} configuration file ${file}" - # Check if the configuration exists in the file - for section in "${sections[@]}"; do - if is_boolean_yes "$ignore_inline_comments"; then - ini-file set --ignore-inline-comments --section "$section" --key "$key" --value "$value" "$file" - else - ini-file set --section "$section" --key "$key" --value "$value" "$file" - fi - done -} - -######################## -# Update MySQL/MariaDB configuration file with user custom inputs -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_update_custom_config() { - # Persisted configuration files from old versions - ! is_dir_empty "$DB_VOLUME_DIR" && [[ -d "$DB_VOLUME_DIR/conf" ]] && mysql_migrate_old_configuration - - # User injected custom configuration - if [[ -f "$DB_CONF_DIR/my_custom.cnf" ]]; then - debug "Injecting custom configuration from my_custom.conf" - cat "$DB_CONF_DIR/my_custom.cnf" > "$DB_CONF_DIR/bitnami/my_custom.cnf" - fi - - ! is_empty_value "$DB_USER" && mysql_conf_set "user" "$DB_USER" "mysqladmin" - ! is_empty_value "$DB_PORT_NUMBER" && mysql_conf_set "port" "$DB_PORT_NUMBER" "mysqld client manager" - ! is_empty_value "$DB_CHARACTER_SET" && mysql_conf_set "character_set_server" "$DB_CHARACTER_SET" - ! is_empty_value "$DB_COLLATE" && mysql_conf_set "collation_server" "$DB_COLLATE" - ! is_empty_value "$DB_BIND_ADDRESS" && mysql_conf_set "bind_address" "$DB_BIND_ADDRESS" - ! is_empty_value "$DB_AUTHENTICATION_PLUGIN" && mysql_conf_set "default_authentication_plugin" "$DB_AUTHENTICATION_PLUGIN" - ! is_empty_value "$DB_SQL_MODE" && mysql_conf_set "sql_mode" "$DB_SQL_MODE" - ! is_empty_value "$DB_ENABLE_SLOW_QUERY" && mysql_conf_set "slow_query_log" "$DB_ENABLE_SLOW_QUERY" - ! is_empty_value "$DB_LONG_QUERY_TIME" && mysql_conf_set "long_query_time" "$DB_LONG_QUERY_TIME" - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Find the path to the libjemalloc library file -# Globals: -# None -# Arguments: -# None -# Returns: -# Path to a libjemalloc shared object file -######################### -find_jemalloc_lib() { - local -a locations=( "/usr/lib" "/usr/lib64" ) - local -r pattern='libjemalloc.so.[0-9]' - local path - for dir in "${locations[@]}"; do - # Find the first element matching the pattern and quit - [[ ! -d "$dir" ]] && continue - path="$(find "$dir" -name "$pattern" -print -quit)" - [[ -n "$path" ]] && break - done - echo "${path:-}" -} - -######################## -# Execute a reliable health check against the current mysql instance -# Globals: -# DB_ROOT_PASSWORD, DB_MASTER_ROOT_PASSWORD -# Arguments: -# None -# Returns: -# mysqladmin output -######################### -mysql_healthcheck() { - local args=("-uroot" "-h0.0.0.0") - local root_password - - root_password="$(get_master_env_var_value ROOT_PASSWORD)" - if [[ -n "$root_password" ]]; then - args+=("-p${root_password}") - fi - - mysqladmin "${args[@]}" ping && mysqladmin "${args[@]}" status -} - -######################## -# Prints flavor of 'mysql' client (useful to determine proper CLI flags that can be used) -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# mysql client flavor -######################### -mysql_client_flavor() { - if "${DB_BIN_DIR}/mysql" "--version" 2>&1 | grep -q MariaDB; then - echo "mariadb" - else - echo "mysql" - fi -} - -######################## -# Prints extra options for MySQL client calls (i.e. SSL options) -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# List of options to pass to "mysql" CLI -######################### -mysql_client_extra_opts() { - # Helper to get the proper value for the MySQL client environment variable - mysql_client_env_value() { - local env_name="MYSQL_CLIENT_${1:?missing name}" - if [[ -n "${!env_name:-}" ]]; then - echo "${!env_name:-}" - else - env_name="DB_CLIENT_${1}" - echo "${!env_name:-}" - fi - } - local -a opts=() - local key value - if is_boolean_yes "${DB_ENABLE_SSL:-no}"; then - if [[ "$(mysql_client_flavor)" = "mysql" ]]; then - opts+=("--ssl-mode=REQUIRED") - else - opts+=("--ssl=TRUE") - fi - # Add "--ssl-ca", "--ssl-key" and "--ssl-cert" options if the env vars are defined - for key in ca key cert; do - value="$(mysql_client_env_value "SSL_${key^^}_FILE")" - [[ -n "${value}" ]] && opts+=("--ssl-${key}=${value}") - done - fi - echo "${opts[@]:-}" -} diff --git a/bitnami/mariadb/10.6/debian-11/rootfs/opt/bitnami/scripts/mariadb-env.sh b/bitnami/mariadb/10.6/debian-11/rootfs/opt/bitnami/scripts/mariadb-env.sh deleted file mode 100644 index 5a226f21476f..000000000000 --- a/bitnami/mariadb/10.6/debian-11/rootfs/opt/bitnami/scripts/mariadb-env.sh +++ /dev/null @@ -1,177 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for mariadb - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-mariadb}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -mariadb_env_vars=( - ALLOW_EMPTY_PASSWORD - MARIADB_AUTHENTICATION_PLUGIN - MARIADB_ROOT_USER - MARIADB_ROOT_PASSWORD - MARIADB_USER - MARIADB_PASSWORD - MARIADB_DATABASE - MARIADB_MASTER_HOST - MARIADB_MASTER_PORT_NUMBER - MARIADB_MASTER_ROOT_USER - MARIADB_MASTER_ROOT_PASSWORD - MARIADB_MASTER_DELAY - MARIADB_REPLICATION_USER - MARIADB_REPLICATION_PASSWORD - MARIADB_PORT_NUMBER - MARIADB_REPLICATION_MODE - MARIADB_REPLICATION_SLAVE_DUMP - MARIADB_EXTRA_FLAGS - MARIADB_INIT_SLEEP_TIME - MARIADB_CHARACTER_SET - MARIADB_COLLATE - MARIADB_BIND_ADDRESS - MARIADB_SQL_MODE - MARIADB_SKIP_TEST_DB - MARIADB_CLIENT_ENABLE_SSL - MARIADB_CLIENT_SSL_CA_FILE - MARIADB_CLIENT_SSL_CERT_FILE - MARIADB_CLIENT_SSL_KEY_FILE - MARIADB_CLIENT_EXTRA_FLAGS - MARIADB_STARTUP_WAIT_RETRIES - MARIADB_STARTUP_WAIT_SLEEP_TIME - MARIADB_ENABLE_SLOW_QUERY - MARIADB_LONG_QUERY_TIME - DB_ENABLE_SLOW_QUERY - DB_LONG_QUERY_TIME -) -for env_var in "${mariadb_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset mariadb_env_vars -export DB_FLAVOR="mariadb" - -# Paths -export DB_BASE_DIR="${BITNAMI_ROOT_DIR}/mariadb" -export DB_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/mariadb" -export DB_DATA_DIR="${DB_VOLUME_DIR}/data" -export DB_BIN_DIR="${DB_BASE_DIR}/bin" -export DB_SBIN_DIR="${DB_BASE_DIR}/sbin" -export DB_CONF_DIR="${DB_BASE_DIR}/conf" -export DB_DEFAULT_CONF_DIR="${DB_BASE_DIR}/conf.default" -export DB_LOGS_DIR="${DB_BASE_DIR}/logs" -export DB_TMP_DIR="${DB_BASE_DIR}/tmp" -export DB_CONF_FILE="${DB_CONF_DIR}/my.cnf" -export DB_PID_FILE="${DB_TMP_DIR}/mysqld.pid" -export DB_SOCKET_FILE="${DB_TMP_DIR}/mysql.sock" -export PATH="${DB_SBIN_DIR}:${DB_BIN_DIR}:/opt/bitnami/common/bin:${PATH}" - -# System users (when running with a privileged user) -export DB_DAEMON_USER="mysql" -export DB_DAEMON_GROUP="mysql" - -# Default configuration (build-time) -export MARIADB_DEFAULT_PORT_NUMBER="3306" -export DB_DEFAULT_PORT_NUMBER="$MARIADB_DEFAULT_PORT_NUMBER" # only used at build time -export MARIADB_DEFAULT_CHARACTER_SET="utf8mb4" -export DB_DEFAULT_CHARACTER_SET="$MARIADB_DEFAULT_CHARACTER_SET" # only used at build time -export MARIADB_DEFAULT_BIND_ADDRESS="0.0.0.0" -export DB_DEFAULT_BIND_ADDRESS="$MARIADB_DEFAULT_BIND_ADDRESS" # only used at build time - -# MariaDB authentication. -export ALLOW_EMPTY_PASSWORD="${ALLOW_EMPTY_PASSWORD:-no}" -export MARIADB_AUTHENTICATION_PLUGIN="${MARIADB_AUTHENTICATION_PLUGIN:-}" -export DB_AUTHENTICATION_PLUGIN="$MARIADB_AUTHENTICATION_PLUGIN" -export MARIADB_ROOT_USER="${MARIADB_ROOT_USER:-root}" -export DB_ROOT_USER="$MARIADB_ROOT_USER" # only used during the first initialization -export MARIADB_ROOT_PASSWORD="${MARIADB_ROOT_PASSWORD:-}" -export DB_ROOT_PASSWORD="$MARIADB_ROOT_PASSWORD" # only used during the first initialization -export MARIADB_USER="${MARIADB_USER:-}" -export DB_USER="$MARIADB_USER" # only used during the first initialization -export MARIADB_PASSWORD="${MARIADB_PASSWORD:-}" -export DB_PASSWORD="$MARIADB_PASSWORD" # only used during the first initialization -export MARIADB_DATABASE="${MARIADB_DATABASE:-}" -export DB_DATABASE="$MARIADB_DATABASE" # only used during the first initialization -export MARIADB_MASTER_HOST="${MARIADB_MASTER_HOST:-}" -export DB_MASTER_HOST="$MARIADB_MASTER_HOST" # only used during the first initialization -export MARIADB_MASTER_PORT_NUMBER="${MARIADB_MASTER_PORT_NUMBER:-3306}" -export DB_MASTER_PORT_NUMBER="$MARIADB_MASTER_PORT_NUMBER" # only used during the first initialization -export MARIADB_MASTER_ROOT_USER="${MARIADB_MASTER_ROOT_USER:-root}" -export DB_MASTER_ROOT_USER="$MARIADB_MASTER_ROOT_USER" # only used during the first initialization -export MARIADB_MASTER_ROOT_PASSWORD="${MARIADB_MASTER_ROOT_PASSWORD:-}" -export DB_MASTER_ROOT_PASSWORD="$MARIADB_MASTER_ROOT_PASSWORD" # only used during the first initialization -export MARIADB_MASTER_DELAY="${MARIADB_MASTER_DELAY:-0}" -export DB_MASTER_DELAY="$MARIADB_MASTER_DELAY" # only used during the first initialization -export MARIADB_REPLICATION_USER="${MARIADB_REPLICATION_USER:-}" -export DB_REPLICATION_USER="$MARIADB_REPLICATION_USER" # only used during the first initialization -export MARIADB_REPLICATION_PASSWORD="${MARIADB_REPLICATION_PASSWORD:-}" -export DB_REPLICATION_PASSWORD="$MARIADB_REPLICATION_PASSWORD" # only used during the first initialization - -# Settings -export MARIADB_PORT_NUMBER="${MARIADB_PORT_NUMBER:-}" -export DB_PORT_NUMBER="$MARIADB_PORT_NUMBER" -export MARIADB_REPLICATION_MODE="${MARIADB_REPLICATION_MODE:-}" -export DB_REPLICATION_MODE="$MARIADB_REPLICATION_MODE" -export MARIADB_REPLICATION_SLAVE_DUMP="${MARIADB_REPLICATION_SLAVE_DUMP:-false}" -export DB_REPLICATION_SLAVE_DUMP="$MARIADB_REPLICATION_SLAVE_DUMP" -export MARIADB_EXTRA_FLAGS="${MARIADB_EXTRA_FLAGS:-}" -export DB_EXTRA_FLAGS="$MARIADB_EXTRA_FLAGS" -export MARIADB_INIT_SLEEP_TIME="${MARIADB_INIT_SLEEP_TIME:-}" -export DB_INIT_SLEEP_TIME="$MARIADB_INIT_SLEEP_TIME" -export MARIADB_CHARACTER_SET="${MARIADB_CHARACTER_SET:-}" -export DB_CHARACTER_SET="$MARIADB_CHARACTER_SET" -# MARIADB_COLLATION is deprecated in favor of MARIADB_COLLATE -MARIADB_COLLATE="${MARIADB_COLLATE:-"${MARIADB_COLLATION:-}"}" -export MARIADB_COLLATE="${MARIADB_COLLATE:-}" -export DB_COLLATE="$MARIADB_COLLATE" -export MARIADB_BIND_ADDRESS="${MARIADB_BIND_ADDRESS:-}" -export DB_BIND_ADDRESS="$MARIADB_BIND_ADDRESS" -export MARIADB_SQL_MODE="${MARIADB_SQL_MODE:-}" -export DB_SQL_MODE="$MARIADB_SQL_MODE" -export MARIADB_SKIP_TEST_DB="${MARIADB_SKIP_TEST_DB:-no}" -export DB_SKIP_TEST_DB="$MARIADB_SKIP_TEST_DB" -export MARIADB_CLIENT_ENABLE_SSL="${MARIADB_CLIENT_ENABLE_SSL:-no}" -export DB_CLIENT_ENABLE_SSL="$MARIADB_CLIENT_ENABLE_SSL" -export MARIADB_CLIENT_SSL_CA_FILE="${MARIADB_CLIENT_SSL_CA_FILE:-}" -export DB_CLIENT_SSL_CA_FILE="$MARIADB_CLIENT_SSL_CA_FILE" -export MARIADB_CLIENT_SSL_CERT_FILE="${MARIADB_CLIENT_SSL_CERT_FILE:-}" -export DB_CLIENT_SSL_CERT_FILE="$MARIADB_CLIENT_SSL_CERT_FILE" -export MARIADB_CLIENT_SSL_KEY_FILE="${MARIADB_CLIENT_SSL_KEY_FILE:-}" -export DB_CLIENT_SSL_KEY_FILE="$MARIADB_CLIENT_SSL_KEY_FILE" -export MARIADB_CLIENT_EXTRA_FLAGS="${MARIADB_CLIENT_EXTRA_FLAGS:-no}" -export DB_CLIENT_EXTRA_FLAGS="$MARIADB_CLIENT_EXTRA_FLAGS" -export MARIADB_STARTUP_WAIT_RETRIES="${MARIADB_STARTUP_WAIT_RETRIES:-300}" -export DB_STARTUP_WAIT_RETRIES="$MARIADB_STARTUP_WAIT_RETRIES" -export MARIADB_STARTUP_WAIT_SLEEP_TIME="${MARIADB_STARTUP_WAIT_SLEEP_TIME:-2}" -export DB_STARTUP_WAIT_SLEEP_TIME="$MARIADB_STARTUP_WAIT_SLEEP_TIME" -MARIADB_ENABLE_SLOW_QUERY="${MARIADB_ENABLE_SLOW_QUERY:-"${DB_ENABLE_SLOW_QUERY:-}"}" -export MARIADB_ENABLE_SLOW_QUERY="${MARIADB_ENABLE_SLOW_QUERY:-0}" -export DB_ENABLE_SLOW_QUERY="$MARIADB_ENABLE_SLOW_QUERY" -MARIADB_LONG_QUERY_TIME="${MARIADB_LONG_QUERY_TIME:-"${DB_LONG_QUERY_TIME:-}"}" -export MARIADB_LONG_QUERY_TIME="${MARIADB_LONG_QUERY_TIME:-10.0}" -export DB_LONG_QUERY_TIME="$MARIADB_LONG_QUERY_TIME" - -# Custom environment variables may be defined below diff --git a/bitnami/mariadb/10.6/debian-11/rootfs/opt/bitnami/scripts/mariadb/entrypoint.sh b/bitnami/mariadb/10.6/debian-11/rootfs/opt/bitnami/scripts/mariadb/entrypoint.sh deleted file mode 100755 index 2778b418f2fd..000000000000 --- a/bitnami/mariadb/10.6/debian-11/rootfs/opt/bitnami/scripts/mariadb/entrypoint.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/libmariadb.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -print_welcome_page - -# We add the copy from default config in the entrypoint to not break users -# bypassing the setup.sh logic. If the file already exists do not overwrite (in -# case someone mounts a configuration file in /opt/bitnami/mariadb/conf) -debug "Copying files from $DB_DEFAULT_CONF_DIR to $DB_CONF_DIR" -cp -nr "$DB_DEFAULT_CONF_DIR"/. "$DB_CONF_DIR" - -if [[ "$1" = "/opt/bitnami/scripts/mariadb/run.sh" ]]; then - info "** Starting MariaDB setup **" - /opt/bitnami/scripts/mariadb/setup.sh - info "** MariaDB setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/mariadb/10.6/debian-11/rootfs/opt/bitnami/scripts/mariadb/healthcheck.sh b/bitnami/mariadb/10.6/debian-11/rootfs/opt/bitnami/scripts/mariadb/healthcheck.sh deleted file mode 100755 index a42fac08c834..000000000000 --- a/bitnami/mariadb/10.6/debian-11/rootfs/opt/bitnami/scripts/mariadb/healthcheck.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libmariadb.sh - -# Load MySQL environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -mysql_healthcheck diff --git a/bitnami/mariadb/10.6/debian-11/rootfs/opt/bitnami/scripts/mariadb/postunpack.sh b/bitnami/mariadb/10.6/debian-11/rootfs/opt/bitnami/scripts/mariadb/postunpack.sh deleted file mode 100755 index 98108424f464..000000000000 --- a/bitnami/mariadb/10.6/debian-11/rootfs/opt/bitnami/scripts/mariadb/postunpack.sh +++ /dev/null @@ -1,37 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libmariadb.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# Configure MariaDB options based on build-time defaults -info "Configuring default MariaDB options" -ensure_dir_exists "$DB_CONF_DIR" -mysql_create_default_config - -for dir in "$DB_TMP_DIR" "$DB_LOGS_DIR" "$DB_CONF_DIR" "$DB_DEFAULT_CONF_DIR" "${DB_CONF_DIR}/bitnami" "$DB_VOLUME_DIR" "$DB_DATA_DIR"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" -done - -# Fix to avoid issues detecting plugins in mysql_install_db -ln -sf "$DB_BASE_DIR/plugin" "$DB_BASE_DIR/lib/plugin" - -# Redirect all logging to stdout -ln -sf "/proc/1/fd/1" "$DB_LOGS_DIR/mysqld.log" - -# Copy all initially generated configuration files to the default directory -# (this is to avoid breaking when entrypoint is being overridden) -cp -r "${DB_CONF_DIR}/"* "$DB_DEFAULT_CONF_DIR" diff --git a/bitnami/mariadb/10.6/debian-11/rootfs/opt/bitnami/scripts/mariadb/run.sh b/bitnami/mariadb/10.6/debian-11/rootfs/opt/bitnami/scripts/mariadb/run.sh deleted file mode 100755 index 6be2d7dadf5a..000000000000 --- a/bitnami/mariadb/10.6/debian-11/rootfs/opt/bitnami/scripts/mariadb/run.sh +++ /dev/null @@ -1,41 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libmariadb.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# mysqld_safe does not allow logging to stdout/stderr, so we stick with mysqld -EXEC="${DB_SBIN_DIR}/mysqld" - -flags=("--defaults-file=${DB_CONF_DIR}/my.cnf" "--basedir=${DB_BASE_DIR}" "--datadir=${DB_DATA_DIR}" "--socket=${DB_SOCKET_FILE}") -[[ -z "${DB_PID_FILE:-}" ]] || flags+=("--pid-file=${DB_PID_FILE}") - -# Add flags specified via the 'DB_EXTRA_FLAGS' environment variable -read -r -a db_extra_flags <<< "$(mysql_extra_flags)" -[[ "${#db_extra_flags[@]}" -gt 0 ]] && flags+=("${db_extra_flags[@]}") - -# Add flags passed to this script -flags+=("$@") - -# Fix for MDEV-16183 - mysqld_safe already does this, but we are using mysqld -LD_PRELOAD="$(find_jemalloc_lib)${LD_PRELOAD:+ "$LD_PRELOAD"}" -export LD_PRELOAD - -info "** Starting MariaDB **" -if am_i_root; then - exec_as_user "$DB_DAEMON_USER" "$EXEC" "${flags[@]}" -else - exec "$EXEC" "${flags[@]}" -fi diff --git a/bitnami/mariadb/10.6/debian-11/rootfs/opt/bitnami/scripts/mariadb/setup.sh b/bitnami/mariadb/10.6/debian-11/rootfs/opt/bitnami/scripts/mariadb/setup.sh deleted file mode 100755 index dc9c12a2bd05..000000000000 --- a/bitnami/mariadb/10.6/debian-11/rootfs/opt/bitnami/scripts/mariadb/setup.sh +++ /dev/null @@ -1,40 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libmariadb.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# Ensure mysql unix socket file does not exist -rm -rf "${DB_SOCKET_FILE}.lock" -# Ensure MariaDB environment variables settings are valid -mysql_validate -# Ensure MariaDB is stopped when this script ends. -trap "mysql_stop" EXIT -if am_i_root; then - # Ensure 'daemon' user exists when running as 'root' - ensure_user_exists "$DB_DAEMON_USER" --group "$DB_DAEMON_GROUP" - # Fix logging issue when running as root - chmod o+w "$(readlink /dev/stdout)" -fi -# Ensure MariaDB is initialized -mysql_initialize -# Allow running custom initialization scripts -mysql_custom_scripts 'init' -# Allow running custom start scripts -mysql_custom_scripts 'start' -# Stop MariaDB before flagging it as fully initialized. -# Relying only on the trap defined above could produce a race condition. -mysql_stop diff --git a/bitnami/mariadb/10.6/debian-11/tags-info.yaml b/bitnami/mariadb/10.6/debian-11/tags-info.yaml deleted file mode 100644 index 962233c0df13..000000000000 --- a/bitnami/mariadb/10.6/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "10.6" -- 10.6-debian-11 -- 10.6.17 diff --git a/bitnami/mariadb/11.0/debian-11/Dockerfile b/bitnami/mariadb/11.0/debian-11/Dockerfile deleted file mode 100644 index 4c0ef6042e67..000000000000 --- a/bitnami/mariadb/11.0/debian-11/Dockerfile +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T10:55:07Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="11.0.5-debian-11-r15" \ - org.opencontainers.image.title="mariadb" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="11.0.5" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libaio1 libaudit1 libcap-ng0 libcrypt1 libgcc-s1 libicu67 liblzma5 libncurses6 libpam0g libssl1.1 libstdc++6 libtinfo6 libxml2 procps psmisc zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "ini-file-1.4.6-8-linux-${OS_ARCH}-debian-11" \ - "mariadb-11.0.5-0-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN mkdir /docker-entrypoint-initdb.d - -COPY rootfs / -RUN /opt/bitnami/scripts/mariadb/postunpack.sh -ENV APP_VERSION="11.0.5" \ - BITNAMI_APP_NAME="mariadb" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/common/sbin:/opt/bitnami/mariadb/bin:/opt/bitnami/mariadb/sbin:$PATH" - -EXPOSE 3306 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/mariadb/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/mariadb/run.sh" ] diff --git a/bitnami/mariadb/11.0/debian-11/docker-compose.yml b/bitnami/mariadb/11.0/debian-11/docker-compose.yml deleted file mode 100644 index 8442a6a47b8f..000000000000 --- a/bitnami/mariadb/11.0/debian-11/docker-compose.yml +++ /dev/null @@ -1,24 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2.1' - -services: - mariadb: - image: docker.io/bitnami/mariadb:11.0 - ports: - - '3306:3306' - volumes: - - 'mariadb_data:/bitnami/mariadb' - environment: - # ALLOW_EMPTY_PASSWORD is recommended only for development. - - ALLOW_EMPTY_PASSWORD=yes - healthcheck: - test: ['CMD', '/opt/bitnami/scripts/mariadb/healthcheck.sh'] - interval: 15s - timeout: 5s - retries: 6 - -volumes: - mariadb_data: - driver: local diff --git a/bitnami/mariadb/11.0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/mariadb/11.0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 6c31d1498f58..000000000000 --- a/bitnami/mariadb/11.0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "ini-file": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.4.6-8" - }, - "mariadb": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "11.0.5-0" - } -} \ No newline at end of file diff --git a/bitnami/mariadb/11.0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/mariadb/11.0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/mariadb/11.0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/mariadb/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/mariadb/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/mariadb/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/mariadb/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/mariadb/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/mariadb/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/mariadb/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/mariadb/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/mariadb/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/mariadb/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/mariadb/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/mariadb/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/mariadb/11.0/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/mariadb/11.0/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/mariadb/11.0/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/mariadb/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/mariadb/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/mariadb/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/mariadb/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/mariadb/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/mariadb/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/mariadb/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/mariadb/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/mariadb/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/mariadb/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/mariadb/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/mariadb/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/mariadb/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/mariadb/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/mariadb/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/mariadb/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/mariadb/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/mariadb/11.0/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/mariadb/11.0/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/mariadb/11.0/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/mariadb/11.0/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/mariadb/11.0/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/mariadb/11.0/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/mariadb/11.0/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/mariadb/11.0/debian-11/rootfs/opt/bitnami/scripts/libmariadb.sh b/bitnami/mariadb/11.0/debian-11/rootfs/opt/bitnami/scripts/libmariadb.sh deleted file mode 100644 index bba902411336..000000000000 --- a/bitnami/mariadb/11.0/debian-11/rootfs/opt/bitnami/scripts/libmariadb.sh +++ /dev/null @@ -1,1419 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami MySQL library - -# shellcheck disable=SC1090,SC1091,SC2119,SC2120 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libversion.sh - -######################## -# Configure database extra start flags -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# Array with extra flags to use -######################### -mysql_extra_flags() { - local randNumber - local -a dbExtraFlags=() - # shellcheck disable=SC2153 - read -r -a userExtraFlags <<< "$DB_EXTRA_FLAGS" - - if [[ -n "$DB_REPLICATION_MODE" ]]; then - randNumber="$(head /dev/urandom | tr -dc 0-9 | head -c 3 ; echo '')" - dbExtraFlags+=("--server-id=$randNumber" "--binlog-format=ROW" "--log-bin=mysql-bin" "--sync-binlog=1") - if [[ "$DB_REPLICATION_MODE" = "slave" ]]; then - dbExtraFlags+=("--relay-log=mysql-relay-bin" "--log-slave-updates=1" "--read-only=1") - if [[ "$DB_FLAVOR" = "mysql" ]]; then - dbExtraFlags+=("--master-info-repository=TABLE" "--relay-log-info-repository=TABLE") - fi - elif [[ "$DB_REPLICATION_MODE" = "master" ]]; then - dbExtraFlags+=("--innodb_flush_log_at_trx_commit=1") - fi - fi - - [[ "${#userExtraFlags[@]}" -eq 0 ]] || dbExtraFlags+=("${userExtraFlags[@]}") - - echo "${dbExtraFlags[@]:-}" -} - -######################## -# Validate settings in MYSQL_*/MARIADB_* environment variables -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_validate() { - info "Validating settings in MYSQL_*/MARIADB_* env vars" - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - empty_password_enabled_warn() { - warn "You set the environment variable ALLOW_EMPTY_PASSWORD=${ALLOW_EMPTY_PASSWORD}. For safety reasons, do not use this flag in a production environment." - } - empty_password_error() { - print_validation_error "The $1 environment variable is empty or not set. Set the environment variable ALLOW_EMPTY_PASSWORD=yes to allow the container to be started with blank passwords. This is recommended only for development." - } - backslash_password_error() { - print_validation_error "The password cannot contain backslashes ('\'). Set the environment variable $1 with no backslashes (more info at https://dev.mysql.com/doc/refman/8.0/en/string-comparison-functions.html)" - } - - if [[ -n "$DB_REPLICATION_MODE" ]]; then - if [[ "$DB_REPLICATION_MODE" = "master" ]]; then - if is_boolean_yes "$ALLOW_EMPTY_PASSWORD"; then - empty_password_enabled_warn - else - if [[ -n "$DB_REPLICATION_USER" ]] && [[ -z "$DB_REPLICATION_PASSWORD" ]]; then - empty_password_error "$(get_env_var REPLICATION_PASSWORD)" - fi - if [[ -z "$DB_ROOT_PASSWORD" ]]; then - empty_password_error "$(get_env_var ROOT_PASSWORD)" - fi - if (( ${#DB_ROOT_PASSWORD} > 32 )); then - print_validation_error "The password can not be longer than 32 characters. Set the environment variable $(get_env_var ROOT_PASSWORD) with a shorter value (currently ${#DB_ROOT_PASSWORD} characters)" - fi - if [[ -n "$DB_USER" ]] && [[ -z "$DB_PASSWORD" ]]; then - empty_password_error "$(get_env_var PASSWORD)" - fi - fi - elif [[ "$DB_REPLICATION_MODE" = "slave" ]]; then - if [[ -z "$DB_MASTER_HOST" ]]; then - print_validation_error "Slave replication mode chosen without setting the environment variable $(get_env_var MASTER_HOST). Use it to indicate where the Master node is running" - fi - else - print_validation_error "Invalid replication mode. Available options are 'master/slave'" - fi - else - if is_boolean_yes "$ALLOW_EMPTY_PASSWORD"; then - empty_password_enabled_warn - else - if [[ -z "$DB_ROOT_PASSWORD" ]]; then - empty_password_error "$(get_env_var ROOT_PASSWORD)" - fi - if [[ -n "$DB_USER" ]] && [[ -z "$DB_PASSWORD" ]]; then - empty_password_error "$(get_env_var PASSWORD)" - fi - fi - fi - if [[ "${DB_ROOT_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "$(get_env_var ROOT_PASSWORD)" - fi - if [[ -n "$DB_USER" ]] && [[ "$DB_USER" = "root" ]]; then - print_validation_error "root user is already created in the database and you can't use it as username for user creation." - fi - if [[ "${DB_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "$(get_env_var PASSWORD)" - fi - if [[ "${DB_REPLICATION_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "$(get_env_var REPLICATION_PASSWORD)" - fi - - collation_env_var="$(get_env_var COLLATION)" - is_empty_value "${!collation_env_var:-}" || warn "The usage of '$(get_env_var COLLATION)' is deprecated and will soon be removed. Use '$(get_env_var COLLATE)' instead." - - [[ "$error_code" -eq 0 ]] || exit "$error_code" -} - -######################## -# Creates MySQL/MariaDB configuration file -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_create_default_config() { - debug "Creating main configuration file" - cat > "$DB_CONF_FILE" < "$DUMP_FILE"; then - info "Finish dump database $DB" - info "Ensure database exists $DB" - mysql -u "$DB_MASTER_ROOT_USER" < "${DB_CONF_DIR}/bitnami/my_custom.cnf" - if ! grep --silent "!include ${DB_CONF_DIR}/bitnami/my_custom.cnf" "${DB_CONF_FILE}"; then - echo "!include ${DB_CONF_DIR}/bitnami/my_custom.cnf" >> "${DB_CONF_FILE}" - fi - else - warn "Could not inject custom configuration for the ${DB_FLAVOR} configuration file '$DB_CONF_DIR/bitnami/my_custom.cnf' because it is not writable." - fi - fi - - if [[ -e "$DB_DATA_DIR/mysql" ]]; then - info "Using persisted data" - # mysql_upgrade requires the server to be running - [[ -n "$(get_master_env_var_value ROOT_PASSWORD)" ]] && export ROOT_AUTH_ENABLED="yes" - # https://dev.mysql.com/doc/refman/8.0/en/replication-upgrade.html - mysql_upgrade - else - debug "Cleaning data directory to ensure successfully initialization" - rm -rf "${DB_DATA_DIR:?}"/* - info "Installing database" - mysql_install_db - mysql_start_bg - wait_for_mysql_access - # we delete existing users and create new ones with stricter access - # commands can still be executed until we restart or run 'flush privileges' - info "Configuring authentication" - mysql_execute "mysql" <=8 depends on this command - # users are not configured on slave nodes during initialization due to --skip-slave-start - wait_for_mysql - - # Special configuration flag for system with slow disks that could take more time - # in initializing - if [[ -n "${DB_INIT_SLEEP_TIME}" ]]; then - debug "Sleeping ${DB_INIT_SLEEP_TIME} seconds before continuing with initialization" - sleep "${DB_INIT_SLEEP_TIME}" - fi -} - -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for mysql common - -######################## -# Extract mysql version from version string -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# Version string -######################### -mysql_get_version() { - local ver_string - local -a ver_split - - ver_string=$("${DB_BIN_DIR}/mysql" "--version") - read -r -a ver_split <<< "$ver_string" - - if [[ "$ver_string" = *" Distrib "* ]]; then - echo "${ver_split[4]::-1}" - else - echo "${ver_split[2]}" - fi -} - -######################## -# Gets an environment variable name based on the suffix -# Globals: -# DB_FLAVOR -# Arguments: -# $1 - environment variable suffix -# Returns: -# environment variable name -######################### -get_env_var() { - local -r id="${1:?id is required}" - local -r prefix="${DB_FLAVOR//-/_}" - echo "${prefix^^}_${id}" -} - -######################## -# Gets an environment variable value for the master node and based on the suffix -# Arguments: -# $1 - environment variable suffix -# Returns: -# environment variable value -######################### -get_master_env_var_value() { - local envVar - - PREFIX="" - [[ "${DB_REPLICATION_MODE:-}" = "slave" ]] && PREFIX="MASTER_" - envVar="$(get_env_var "${PREFIX}${1}_FILE")" - if [[ -f "${!envVar:-}" ]]; then - echo "$(< "${!envVar}")" - else - envVar="$(get_env_var "${PREFIX}${1}")" - echo "${!envVar:-}" - fi -} - -######################## -# Execute an arbitrary query/queries against the running MySQL/MariaDB service and print to stdout -# Stdin: -# Query/queries to execute -# Globals: -# BITNAMI_DEBUG -# DB_* -# Arguments: -# $1 - Database where to run the queries -# $2 - User to run queries -# $3 - Password -# $4 - Extra MySQL CLI options -# Returns: -# None -mysql_execute_print_output() { - local -r db="${1:-}" - local -r user="${2:-root}" - local -r pass="${3:-}" - local -a opts extra_opts - read -r -a opts <<< "${@:4}" - read -r -a extra_opts <<< "$(mysql_client_extra_opts)" - - # Process mysql CLI arguments - local -a args=() - if [[ -f "$DB_CONF_FILE" ]]; then - args+=("--defaults-file=${DB_CONF_FILE}") - fi - args+=("-N" "-u" "$user") - [[ -n "$db" ]] && args+=("$db") - [[ -n "$pass" ]] && args+=("-p$pass") - [[ "${#opts[@]}" -gt 0 ]] && args+=("${opts[@]}") - [[ "${#extra_opts[@]}" -gt 0 ]] && args+=("${extra_opts[@]}") - - # Obtain the command specified via stdin - if [[ "${BITNAMI_DEBUG:-false}" = true ]]; then - local mysql_cmd - mysql_cmd="$(> "$custom_conf_file" - cat "$old_custom_conf_file" >> "$custom_conf_file" - fi - if am_i_root; then - [[ -e "$DB_VOLUME_DIR/.initialized" ]] && rm "$DB_VOLUME_DIR/.initialized" - rm -rf "$DB_VOLUME_DIR/conf" - else - warn "Old custom configuration migrated, please manually remove the 'conf' directory from the volume use to persist data" - fi -} - -######################## -# Ensure a db user exists with the given password for the '%' host -# Globals: -# DB_* -# Flags: -# -p|--password - database password -# -u|--user - database user -# --auth-plugin - authentication plugin -# --use-ldap - authenticate user via LDAP -# --host - database host -# --port - database host -# Arguments: -# $1 - database user -# Returns: -# None -######################### -mysql_ensure_user_exists() { - local -r user="${1:?user is required}" - local password="" - local auth_plugin="" - local use_ldap="no" - local hosts - local auth_string="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -p|--password) - shift - password="${1:?missing database password}" - ;; - --auth-plugin) - shift - auth_plugin="${1:?missing authentication plugin}" - ;; - --use-ldap) - use_ldap="yes" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if is_boolean_yes "$use_ldap"; then - auth_string="identified via pam using '$DB_FLAVOR'" - elif [[ -n "$password" ]]; then - if [[ -n "$auth_plugin" ]]; then - auth_string="identified with $auth_plugin by '$password'" - else - auth_string="identified by '$password'" - fi - fi - debug "creating database user \'$user\'" - - local -a mysql_execute_cmd=("mysql_execute") - local -a mysql_execute_print_output_cmd=("mysql_execute_print_output") - if [[ -n "$db_host" && -n "$db_port" ]]; then - mysql_execute_cmd=("mysql_remote_execute" "$db_host" "$db_port") - mysql_execute_print_output_cmd=("mysql_remote_execute_print_output" "$db_host" "$db_port") - fi - - local mysql_create_user_cmd - [[ "$DB_FLAVOR" = "mariadb" ]] && mysql_create_user_cmd="create or replace user" || mysql_create_user_cmd="create user if not exists" - "${mysql_execute_cmd[@]}" "mysql" "$DB_ROOT_USER" "$DB_ROOT_PASSWORD" <=10.4, the mysql.user table was replaced with a view: https://mariadb.com/kb/en/mysqluser-table/ - # Views have a definer user, in this case set to 'root', which needs to exist for the view to work - # In MySQL, to avoid issues when renaming the root user, they use the 'mysql.sys' user as a definer: https://dev.mysql.com/doc/refman/5.7/en/sys-schema.html - # However, for MariaDB that is not the case, so when the 'root' user is renamed the 'mysql.user' table stops working and the view needs to be fixed - if [[ "$user" != "root" && ! "$(mysql_get_version)" =~ ^10.[0123]. ]]; then - alter_view_str="$(mysql_execute_print_output "mysql" "$user" "$password" "-s" <&2 - return 1 - ;; - esac - shift - done - - local -a mysql_execute_cmd=("mysql_execute") - [[ -n "$db_host" && -n "$db_port" ]] && mysql_execute_cmd=("mysql_remote_execute" "$db_host" "$db_port") - - local -a create_database_args=() - [[ -n "$character_set" ]] && create_database_args+=("character set = '${character_set}'") - [[ -n "$collate" ]] && create_database_args+=("collate = '${collate}'") - - debug "Creating database $database" - "${mysql_execute_cmd[@]}" "mysql" "$DB_ROOT_USER" "$DB_ROOT_PASSWORD" <&2 - return 1 - ;; - esac - shift - done - - local -a flags=("$user") - [[ -n "$db_host" ]] && flags+=("--host" "${db_host}") - [[ -n "$db_port" ]] && flags+=("--port" "${db_port}") - if is_boolean_yes "$use_ldap"; then - flags+=("--use-ldap") - elif [[ -n "$password" ]]; then - flags+=("-p" "$password") - [[ -n "$auth_plugin" ]] && flags=("${flags[@]}" "--auth-plugin" "$auth_plugin") - fi - mysql_ensure_user_exists "${flags[@]}" -} - -######################## -# Optionally create the given database, and then optionally give a user -# full privileges on the database. -# Flags: -# -u|--user - database user -# --character-set - character set -# --collation - collation -# --host - database host -# --port - database port -# Arguments: -# $1 - database name -# Returns: -# None -######################### -mysql_ensure_optional_database_exists() { - local -r database="${1:?database is missing}" - local character_set="" - local collate="" - local user="" - local privileges="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - --character-set) - shift - character_set="${1:?missing character set}" - ;; - --collate) - shift - collate="${1:?missing collate}" - ;; - -u|--user) - shift - user="${1:?missing database user}" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - --privileges) - shift - privileges="${1:?missing privileges}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - local -a flags=("$database") - [[ -n "$character_set" ]] && flags+=("--character-set" "$character_set") - [[ -n "$collate" ]] && flags+=("--collate" "$collate") - [[ -n "$db_host" ]] && flags+=("--host" "$db_host") - [[ -n "$db_port" ]] && flags+=("--port" "$db_port") - mysql_ensure_database_exists "${flags[@]}" - - if [[ -n "$user" ]]; then - mysql_ensure_user_has_database_privileges "$user" "$database" "$privileges" "$db_host" "$db_port" - fi -} - -######################## -# Add or modify an entry in the MySQL configuration file ("$DB_CONF_FILE") -# Globals: -# DB_* -# Arguments: -# $1 - MySQL variable name -# $2 - Value to assign to the MySQL variable -# $3 - Section in the MySQL configuration file the key is located (default: mysqld) -# $4 - Configuration file (default: "$BD_CONF_FILE") -# Returns: -# None -######################### -mysql_conf_set() { - local -r key="${1:?key missing}" - local -r value="${2:?value missing}" - read -r -a sections <<<"${3:-mysqld}" - local -r ignore_inline_comments="${4:-no}" - local -r file="${5:-"$DB_CONF_FILE"}" - info "Setting ${key} option" - debug "Setting ${key} to '${value}' in ${DB_FLAVOR} configuration file ${file}" - # Check if the configuration exists in the file - for section in "${sections[@]}"; do - if is_boolean_yes "$ignore_inline_comments"; then - ini-file set --ignore-inline-comments --section "$section" --key "$key" --value "$value" "$file" - else - ini-file set --section "$section" --key "$key" --value "$value" "$file" - fi - done -} - -######################## -# Update MySQL/MariaDB configuration file with user custom inputs -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_update_custom_config() { - # Persisted configuration files from old versions - ! is_dir_empty "$DB_VOLUME_DIR" && [[ -d "$DB_VOLUME_DIR/conf" ]] && mysql_migrate_old_configuration - - # User injected custom configuration - if [[ -f "$DB_CONF_DIR/my_custom.cnf" ]]; then - debug "Injecting custom configuration from my_custom.conf" - cat "$DB_CONF_DIR/my_custom.cnf" > "$DB_CONF_DIR/bitnami/my_custom.cnf" - fi - - ! is_empty_value "$DB_USER" && mysql_conf_set "user" "$DB_USER" "mysqladmin" - ! is_empty_value "$DB_PORT_NUMBER" && mysql_conf_set "port" "$DB_PORT_NUMBER" "mysqld client manager" - ! is_empty_value "$DB_CHARACTER_SET" && mysql_conf_set "character_set_server" "$DB_CHARACTER_SET" - ! is_empty_value "$DB_COLLATE" && mysql_conf_set "collation_server" "$DB_COLLATE" - ! is_empty_value "$DB_BIND_ADDRESS" && mysql_conf_set "bind_address" "$DB_BIND_ADDRESS" - ! is_empty_value "$DB_AUTHENTICATION_PLUGIN" && mysql_conf_set "default_authentication_plugin" "$DB_AUTHENTICATION_PLUGIN" - ! is_empty_value "$DB_SQL_MODE" && mysql_conf_set "sql_mode" "$DB_SQL_MODE" - ! is_empty_value "$DB_ENABLE_SLOW_QUERY" && mysql_conf_set "slow_query_log" "$DB_ENABLE_SLOW_QUERY" - ! is_empty_value "$DB_LONG_QUERY_TIME" && mysql_conf_set "long_query_time" "$DB_LONG_QUERY_TIME" - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Find the path to the libjemalloc library file -# Globals: -# None -# Arguments: -# None -# Returns: -# Path to a libjemalloc shared object file -######################### -find_jemalloc_lib() { - local -a locations=( "/usr/lib" "/usr/lib64" ) - local -r pattern='libjemalloc.so.[0-9]' - local path - for dir in "${locations[@]}"; do - # Find the first element matching the pattern and quit - [[ ! -d "$dir" ]] && continue - path="$(find "$dir" -name "$pattern" -print -quit)" - [[ -n "$path" ]] && break - done - echo "${path:-}" -} - -######################## -# Execute a reliable health check against the current mysql instance -# Globals: -# DB_ROOT_PASSWORD, DB_MASTER_ROOT_PASSWORD -# Arguments: -# None -# Returns: -# mysqladmin output -######################### -mysql_healthcheck() { - local args=("-uroot" "-h0.0.0.0") - local root_password - - root_password="$(get_master_env_var_value ROOT_PASSWORD)" - if [[ -n "$root_password" ]]; then - args+=("-p${root_password}") - fi - - mysqladmin "${args[@]}" ping && mysqladmin "${args[@]}" status -} - -######################## -# Prints flavor of 'mysql' client (useful to determine proper CLI flags that can be used) -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# mysql client flavor -######################### -mysql_client_flavor() { - if "${DB_BIN_DIR}/mysql" "--version" 2>&1 | grep -q MariaDB; then - echo "mariadb" - else - echo "mysql" - fi -} - -######################## -# Prints extra options for MySQL client calls (i.e. SSL options) -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# List of options to pass to "mysql" CLI -######################### -mysql_client_extra_opts() { - # Helper to get the proper value for the MySQL client environment variable - mysql_client_env_value() { - local env_name="MYSQL_CLIENT_${1:?missing name}" - if [[ -n "${!env_name:-}" ]]; then - echo "${!env_name:-}" - else - env_name="DB_CLIENT_${1}" - echo "${!env_name:-}" - fi - } - local -a opts=() - local key value - if is_boolean_yes "${DB_ENABLE_SSL:-no}"; then - if [[ "$(mysql_client_flavor)" = "mysql" ]]; then - opts+=("--ssl-mode=REQUIRED") - else - opts+=("--ssl=TRUE") - fi - # Add "--ssl-ca", "--ssl-key" and "--ssl-cert" options if the env vars are defined - for key in ca key cert; do - value="$(mysql_client_env_value "SSL_${key^^}_FILE")" - [[ -n "${value}" ]] && opts+=("--ssl-${key}=${value}") - done - fi - echo "${opts[@]:-}" -} diff --git a/bitnami/mariadb/11.0/debian-11/rootfs/opt/bitnami/scripts/mariadb-env.sh b/bitnami/mariadb/11.0/debian-11/rootfs/opt/bitnami/scripts/mariadb-env.sh deleted file mode 100644 index 5a226f21476f..000000000000 --- a/bitnami/mariadb/11.0/debian-11/rootfs/opt/bitnami/scripts/mariadb-env.sh +++ /dev/null @@ -1,177 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for mariadb - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-mariadb}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -mariadb_env_vars=( - ALLOW_EMPTY_PASSWORD - MARIADB_AUTHENTICATION_PLUGIN - MARIADB_ROOT_USER - MARIADB_ROOT_PASSWORD - MARIADB_USER - MARIADB_PASSWORD - MARIADB_DATABASE - MARIADB_MASTER_HOST - MARIADB_MASTER_PORT_NUMBER - MARIADB_MASTER_ROOT_USER - MARIADB_MASTER_ROOT_PASSWORD - MARIADB_MASTER_DELAY - MARIADB_REPLICATION_USER - MARIADB_REPLICATION_PASSWORD - MARIADB_PORT_NUMBER - MARIADB_REPLICATION_MODE - MARIADB_REPLICATION_SLAVE_DUMP - MARIADB_EXTRA_FLAGS - MARIADB_INIT_SLEEP_TIME - MARIADB_CHARACTER_SET - MARIADB_COLLATE - MARIADB_BIND_ADDRESS - MARIADB_SQL_MODE - MARIADB_SKIP_TEST_DB - MARIADB_CLIENT_ENABLE_SSL - MARIADB_CLIENT_SSL_CA_FILE - MARIADB_CLIENT_SSL_CERT_FILE - MARIADB_CLIENT_SSL_KEY_FILE - MARIADB_CLIENT_EXTRA_FLAGS - MARIADB_STARTUP_WAIT_RETRIES - MARIADB_STARTUP_WAIT_SLEEP_TIME - MARIADB_ENABLE_SLOW_QUERY - MARIADB_LONG_QUERY_TIME - DB_ENABLE_SLOW_QUERY - DB_LONG_QUERY_TIME -) -for env_var in "${mariadb_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset mariadb_env_vars -export DB_FLAVOR="mariadb" - -# Paths -export DB_BASE_DIR="${BITNAMI_ROOT_DIR}/mariadb" -export DB_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/mariadb" -export DB_DATA_DIR="${DB_VOLUME_DIR}/data" -export DB_BIN_DIR="${DB_BASE_DIR}/bin" -export DB_SBIN_DIR="${DB_BASE_DIR}/sbin" -export DB_CONF_DIR="${DB_BASE_DIR}/conf" -export DB_DEFAULT_CONF_DIR="${DB_BASE_DIR}/conf.default" -export DB_LOGS_DIR="${DB_BASE_DIR}/logs" -export DB_TMP_DIR="${DB_BASE_DIR}/tmp" -export DB_CONF_FILE="${DB_CONF_DIR}/my.cnf" -export DB_PID_FILE="${DB_TMP_DIR}/mysqld.pid" -export DB_SOCKET_FILE="${DB_TMP_DIR}/mysql.sock" -export PATH="${DB_SBIN_DIR}:${DB_BIN_DIR}:/opt/bitnami/common/bin:${PATH}" - -# System users (when running with a privileged user) -export DB_DAEMON_USER="mysql" -export DB_DAEMON_GROUP="mysql" - -# Default configuration (build-time) -export MARIADB_DEFAULT_PORT_NUMBER="3306" -export DB_DEFAULT_PORT_NUMBER="$MARIADB_DEFAULT_PORT_NUMBER" # only used at build time -export MARIADB_DEFAULT_CHARACTER_SET="utf8mb4" -export DB_DEFAULT_CHARACTER_SET="$MARIADB_DEFAULT_CHARACTER_SET" # only used at build time -export MARIADB_DEFAULT_BIND_ADDRESS="0.0.0.0" -export DB_DEFAULT_BIND_ADDRESS="$MARIADB_DEFAULT_BIND_ADDRESS" # only used at build time - -# MariaDB authentication. -export ALLOW_EMPTY_PASSWORD="${ALLOW_EMPTY_PASSWORD:-no}" -export MARIADB_AUTHENTICATION_PLUGIN="${MARIADB_AUTHENTICATION_PLUGIN:-}" -export DB_AUTHENTICATION_PLUGIN="$MARIADB_AUTHENTICATION_PLUGIN" -export MARIADB_ROOT_USER="${MARIADB_ROOT_USER:-root}" -export DB_ROOT_USER="$MARIADB_ROOT_USER" # only used during the first initialization -export MARIADB_ROOT_PASSWORD="${MARIADB_ROOT_PASSWORD:-}" -export DB_ROOT_PASSWORD="$MARIADB_ROOT_PASSWORD" # only used during the first initialization -export MARIADB_USER="${MARIADB_USER:-}" -export DB_USER="$MARIADB_USER" # only used during the first initialization -export MARIADB_PASSWORD="${MARIADB_PASSWORD:-}" -export DB_PASSWORD="$MARIADB_PASSWORD" # only used during the first initialization -export MARIADB_DATABASE="${MARIADB_DATABASE:-}" -export DB_DATABASE="$MARIADB_DATABASE" # only used during the first initialization -export MARIADB_MASTER_HOST="${MARIADB_MASTER_HOST:-}" -export DB_MASTER_HOST="$MARIADB_MASTER_HOST" # only used during the first initialization -export MARIADB_MASTER_PORT_NUMBER="${MARIADB_MASTER_PORT_NUMBER:-3306}" -export DB_MASTER_PORT_NUMBER="$MARIADB_MASTER_PORT_NUMBER" # only used during the first initialization -export MARIADB_MASTER_ROOT_USER="${MARIADB_MASTER_ROOT_USER:-root}" -export DB_MASTER_ROOT_USER="$MARIADB_MASTER_ROOT_USER" # only used during the first initialization -export MARIADB_MASTER_ROOT_PASSWORD="${MARIADB_MASTER_ROOT_PASSWORD:-}" -export DB_MASTER_ROOT_PASSWORD="$MARIADB_MASTER_ROOT_PASSWORD" # only used during the first initialization -export MARIADB_MASTER_DELAY="${MARIADB_MASTER_DELAY:-0}" -export DB_MASTER_DELAY="$MARIADB_MASTER_DELAY" # only used during the first initialization -export MARIADB_REPLICATION_USER="${MARIADB_REPLICATION_USER:-}" -export DB_REPLICATION_USER="$MARIADB_REPLICATION_USER" # only used during the first initialization -export MARIADB_REPLICATION_PASSWORD="${MARIADB_REPLICATION_PASSWORD:-}" -export DB_REPLICATION_PASSWORD="$MARIADB_REPLICATION_PASSWORD" # only used during the first initialization - -# Settings -export MARIADB_PORT_NUMBER="${MARIADB_PORT_NUMBER:-}" -export DB_PORT_NUMBER="$MARIADB_PORT_NUMBER" -export MARIADB_REPLICATION_MODE="${MARIADB_REPLICATION_MODE:-}" -export DB_REPLICATION_MODE="$MARIADB_REPLICATION_MODE" -export MARIADB_REPLICATION_SLAVE_DUMP="${MARIADB_REPLICATION_SLAVE_DUMP:-false}" -export DB_REPLICATION_SLAVE_DUMP="$MARIADB_REPLICATION_SLAVE_DUMP" -export MARIADB_EXTRA_FLAGS="${MARIADB_EXTRA_FLAGS:-}" -export DB_EXTRA_FLAGS="$MARIADB_EXTRA_FLAGS" -export MARIADB_INIT_SLEEP_TIME="${MARIADB_INIT_SLEEP_TIME:-}" -export DB_INIT_SLEEP_TIME="$MARIADB_INIT_SLEEP_TIME" -export MARIADB_CHARACTER_SET="${MARIADB_CHARACTER_SET:-}" -export DB_CHARACTER_SET="$MARIADB_CHARACTER_SET" -# MARIADB_COLLATION is deprecated in favor of MARIADB_COLLATE -MARIADB_COLLATE="${MARIADB_COLLATE:-"${MARIADB_COLLATION:-}"}" -export MARIADB_COLLATE="${MARIADB_COLLATE:-}" -export DB_COLLATE="$MARIADB_COLLATE" -export MARIADB_BIND_ADDRESS="${MARIADB_BIND_ADDRESS:-}" -export DB_BIND_ADDRESS="$MARIADB_BIND_ADDRESS" -export MARIADB_SQL_MODE="${MARIADB_SQL_MODE:-}" -export DB_SQL_MODE="$MARIADB_SQL_MODE" -export MARIADB_SKIP_TEST_DB="${MARIADB_SKIP_TEST_DB:-no}" -export DB_SKIP_TEST_DB="$MARIADB_SKIP_TEST_DB" -export MARIADB_CLIENT_ENABLE_SSL="${MARIADB_CLIENT_ENABLE_SSL:-no}" -export DB_CLIENT_ENABLE_SSL="$MARIADB_CLIENT_ENABLE_SSL" -export MARIADB_CLIENT_SSL_CA_FILE="${MARIADB_CLIENT_SSL_CA_FILE:-}" -export DB_CLIENT_SSL_CA_FILE="$MARIADB_CLIENT_SSL_CA_FILE" -export MARIADB_CLIENT_SSL_CERT_FILE="${MARIADB_CLIENT_SSL_CERT_FILE:-}" -export DB_CLIENT_SSL_CERT_FILE="$MARIADB_CLIENT_SSL_CERT_FILE" -export MARIADB_CLIENT_SSL_KEY_FILE="${MARIADB_CLIENT_SSL_KEY_FILE:-}" -export DB_CLIENT_SSL_KEY_FILE="$MARIADB_CLIENT_SSL_KEY_FILE" -export MARIADB_CLIENT_EXTRA_FLAGS="${MARIADB_CLIENT_EXTRA_FLAGS:-no}" -export DB_CLIENT_EXTRA_FLAGS="$MARIADB_CLIENT_EXTRA_FLAGS" -export MARIADB_STARTUP_WAIT_RETRIES="${MARIADB_STARTUP_WAIT_RETRIES:-300}" -export DB_STARTUP_WAIT_RETRIES="$MARIADB_STARTUP_WAIT_RETRIES" -export MARIADB_STARTUP_WAIT_SLEEP_TIME="${MARIADB_STARTUP_WAIT_SLEEP_TIME:-2}" -export DB_STARTUP_WAIT_SLEEP_TIME="$MARIADB_STARTUP_WAIT_SLEEP_TIME" -MARIADB_ENABLE_SLOW_QUERY="${MARIADB_ENABLE_SLOW_QUERY:-"${DB_ENABLE_SLOW_QUERY:-}"}" -export MARIADB_ENABLE_SLOW_QUERY="${MARIADB_ENABLE_SLOW_QUERY:-0}" -export DB_ENABLE_SLOW_QUERY="$MARIADB_ENABLE_SLOW_QUERY" -MARIADB_LONG_QUERY_TIME="${MARIADB_LONG_QUERY_TIME:-"${DB_LONG_QUERY_TIME:-}"}" -export MARIADB_LONG_QUERY_TIME="${MARIADB_LONG_QUERY_TIME:-10.0}" -export DB_LONG_QUERY_TIME="$MARIADB_LONG_QUERY_TIME" - -# Custom environment variables may be defined below diff --git a/bitnami/mariadb/11.0/debian-11/rootfs/opt/bitnami/scripts/mariadb/entrypoint.sh b/bitnami/mariadb/11.0/debian-11/rootfs/opt/bitnami/scripts/mariadb/entrypoint.sh deleted file mode 100755 index 2778b418f2fd..000000000000 --- a/bitnami/mariadb/11.0/debian-11/rootfs/opt/bitnami/scripts/mariadb/entrypoint.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/libmariadb.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -print_welcome_page - -# We add the copy from default config in the entrypoint to not break users -# bypassing the setup.sh logic. If the file already exists do not overwrite (in -# case someone mounts a configuration file in /opt/bitnami/mariadb/conf) -debug "Copying files from $DB_DEFAULT_CONF_DIR to $DB_CONF_DIR" -cp -nr "$DB_DEFAULT_CONF_DIR"/. "$DB_CONF_DIR" - -if [[ "$1" = "/opt/bitnami/scripts/mariadb/run.sh" ]]; then - info "** Starting MariaDB setup **" - /opt/bitnami/scripts/mariadb/setup.sh - info "** MariaDB setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/mariadb/11.0/debian-11/rootfs/opt/bitnami/scripts/mariadb/healthcheck.sh b/bitnami/mariadb/11.0/debian-11/rootfs/opt/bitnami/scripts/mariadb/healthcheck.sh deleted file mode 100755 index a42fac08c834..000000000000 --- a/bitnami/mariadb/11.0/debian-11/rootfs/opt/bitnami/scripts/mariadb/healthcheck.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libmariadb.sh - -# Load MySQL environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -mysql_healthcheck diff --git a/bitnami/mariadb/11.0/debian-11/rootfs/opt/bitnami/scripts/mariadb/postunpack.sh b/bitnami/mariadb/11.0/debian-11/rootfs/opt/bitnami/scripts/mariadb/postunpack.sh deleted file mode 100755 index 98108424f464..000000000000 --- a/bitnami/mariadb/11.0/debian-11/rootfs/opt/bitnami/scripts/mariadb/postunpack.sh +++ /dev/null @@ -1,37 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libmariadb.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# Configure MariaDB options based on build-time defaults -info "Configuring default MariaDB options" -ensure_dir_exists "$DB_CONF_DIR" -mysql_create_default_config - -for dir in "$DB_TMP_DIR" "$DB_LOGS_DIR" "$DB_CONF_DIR" "$DB_DEFAULT_CONF_DIR" "${DB_CONF_DIR}/bitnami" "$DB_VOLUME_DIR" "$DB_DATA_DIR"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" -done - -# Fix to avoid issues detecting plugins in mysql_install_db -ln -sf "$DB_BASE_DIR/plugin" "$DB_BASE_DIR/lib/plugin" - -# Redirect all logging to stdout -ln -sf "/proc/1/fd/1" "$DB_LOGS_DIR/mysqld.log" - -# Copy all initially generated configuration files to the default directory -# (this is to avoid breaking when entrypoint is being overridden) -cp -r "${DB_CONF_DIR}/"* "$DB_DEFAULT_CONF_DIR" diff --git a/bitnami/mariadb/11.0/debian-11/rootfs/opt/bitnami/scripts/mariadb/run.sh b/bitnami/mariadb/11.0/debian-11/rootfs/opt/bitnami/scripts/mariadb/run.sh deleted file mode 100755 index 6be2d7dadf5a..000000000000 --- a/bitnami/mariadb/11.0/debian-11/rootfs/opt/bitnami/scripts/mariadb/run.sh +++ /dev/null @@ -1,41 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libmariadb.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# mysqld_safe does not allow logging to stdout/stderr, so we stick with mysqld -EXEC="${DB_SBIN_DIR}/mysqld" - -flags=("--defaults-file=${DB_CONF_DIR}/my.cnf" "--basedir=${DB_BASE_DIR}" "--datadir=${DB_DATA_DIR}" "--socket=${DB_SOCKET_FILE}") -[[ -z "${DB_PID_FILE:-}" ]] || flags+=("--pid-file=${DB_PID_FILE}") - -# Add flags specified via the 'DB_EXTRA_FLAGS' environment variable -read -r -a db_extra_flags <<< "$(mysql_extra_flags)" -[[ "${#db_extra_flags[@]}" -gt 0 ]] && flags+=("${db_extra_flags[@]}") - -# Add flags passed to this script -flags+=("$@") - -# Fix for MDEV-16183 - mysqld_safe already does this, but we are using mysqld -LD_PRELOAD="$(find_jemalloc_lib)${LD_PRELOAD:+ "$LD_PRELOAD"}" -export LD_PRELOAD - -info "** Starting MariaDB **" -if am_i_root; then - exec_as_user "$DB_DAEMON_USER" "$EXEC" "${flags[@]}" -else - exec "$EXEC" "${flags[@]}" -fi diff --git a/bitnami/mariadb/11.0/debian-11/rootfs/opt/bitnami/scripts/mariadb/setup.sh b/bitnami/mariadb/11.0/debian-11/rootfs/opt/bitnami/scripts/mariadb/setup.sh deleted file mode 100755 index dc9c12a2bd05..000000000000 --- a/bitnami/mariadb/11.0/debian-11/rootfs/opt/bitnami/scripts/mariadb/setup.sh +++ /dev/null @@ -1,40 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libmariadb.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# Ensure mysql unix socket file does not exist -rm -rf "${DB_SOCKET_FILE}.lock" -# Ensure MariaDB environment variables settings are valid -mysql_validate -# Ensure MariaDB is stopped when this script ends. -trap "mysql_stop" EXIT -if am_i_root; then - # Ensure 'daemon' user exists when running as 'root' - ensure_user_exists "$DB_DAEMON_USER" --group "$DB_DAEMON_GROUP" - # Fix logging issue when running as root - chmod o+w "$(readlink /dev/stdout)" -fi -# Ensure MariaDB is initialized -mysql_initialize -# Allow running custom initialization scripts -mysql_custom_scripts 'init' -# Allow running custom start scripts -mysql_custom_scripts 'start' -# Stop MariaDB before flagging it as fully initialized. -# Relying only on the trap defined above could produce a race condition. -mysql_stop diff --git a/bitnami/mariadb/11.0/debian-11/tags-info.yaml b/bitnami/mariadb/11.0/debian-11/tags-info.yaml deleted file mode 100644 index 80ca1c948e38..000000000000 --- a/bitnami/mariadb/11.0/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "11.0" -- 11.0-debian-11 -- 11.0.5 diff --git a/bitnami/mariadb/11.1/debian-11/Dockerfile b/bitnami/mariadb/11.1/debian-11/Dockerfile deleted file mode 100644 index 9bcc18873f67..000000000000 --- a/bitnami/mariadb/11.1/debian-11/Dockerfile +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T10:58:24Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="11.1.4-debian-11-r14" \ - org.opencontainers.image.title="mariadb" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="11.1.4" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libaio1 libaudit1 libcap-ng0 libcrypt1 libgcc-s1 libicu67 liblzma5 libncurses6 libpam0g libssl1.1 libstdc++6 libtinfo6 libxml2 procps psmisc zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "ini-file-1.4.6-8-linux-${OS_ARCH}-debian-11" \ - "mariadb-11.1.4-0-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN mkdir /docker-entrypoint-initdb.d - -COPY rootfs / -RUN /opt/bitnami/scripts/mariadb/postunpack.sh -ENV APP_VERSION="11.1.4" \ - BITNAMI_APP_NAME="mariadb" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/common/sbin:/opt/bitnami/mariadb/bin:/opt/bitnami/mariadb/sbin:$PATH" - -EXPOSE 3306 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/mariadb/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/mariadb/run.sh" ] diff --git a/bitnami/mariadb/11.1/debian-11/docker-compose.yml b/bitnami/mariadb/11.1/debian-11/docker-compose.yml deleted file mode 100644 index 9dc55733e030..000000000000 --- a/bitnami/mariadb/11.1/debian-11/docker-compose.yml +++ /dev/null @@ -1,24 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2.1' - -services: - mariadb: - image: docker.io/bitnami/mariadb:11.1 - ports: - - '3306:3306' - volumes: - - 'mariadb_data:/bitnami/mariadb' - environment: - # ALLOW_EMPTY_PASSWORD is recommended only for development. - - ALLOW_EMPTY_PASSWORD=yes - healthcheck: - test: ['CMD', '/opt/bitnami/scripts/mariadb/healthcheck.sh'] - interval: 15s - timeout: 5s - retries: 6 - -volumes: - mariadb_data: - driver: local diff --git a/bitnami/mariadb/11.1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/mariadb/11.1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index e6f644cef4b4..000000000000 --- a/bitnami/mariadb/11.1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "ini-file": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.4.6-8" - }, - "mariadb": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "11.1.4-0" - } -} \ No newline at end of file diff --git a/bitnami/mariadb/11.1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/mariadb/11.1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/mariadb/11.1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/mariadb/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/mariadb/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/mariadb/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/mariadb/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/mariadb/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/mariadb/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/mariadb/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/mariadb/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/mariadb/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/mariadb/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/mariadb/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/mariadb/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/mariadb/11.1/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/mariadb/11.1/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/mariadb/11.1/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/mariadb/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/mariadb/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/mariadb/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/mariadb/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/mariadb/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/mariadb/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/mariadb/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/mariadb/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/mariadb/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/mariadb/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/mariadb/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/mariadb/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/mariadb/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/mariadb/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/mariadb/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/mariadb/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/mariadb/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/mariadb/11.1/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/mariadb/11.1/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/mariadb/11.1/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/mariadb/11.1/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/mariadb/11.1/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/mariadb/11.1/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/mariadb/11.1/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/mariadb/11.1/debian-11/rootfs/opt/bitnami/scripts/libmariadb.sh b/bitnami/mariadb/11.1/debian-11/rootfs/opt/bitnami/scripts/libmariadb.sh deleted file mode 100644 index bba902411336..000000000000 --- a/bitnami/mariadb/11.1/debian-11/rootfs/opt/bitnami/scripts/libmariadb.sh +++ /dev/null @@ -1,1419 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami MySQL library - -# shellcheck disable=SC1090,SC1091,SC2119,SC2120 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libversion.sh - -######################## -# Configure database extra start flags -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# Array with extra flags to use -######################### -mysql_extra_flags() { - local randNumber - local -a dbExtraFlags=() - # shellcheck disable=SC2153 - read -r -a userExtraFlags <<< "$DB_EXTRA_FLAGS" - - if [[ -n "$DB_REPLICATION_MODE" ]]; then - randNumber="$(head /dev/urandom | tr -dc 0-9 | head -c 3 ; echo '')" - dbExtraFlags+=("--server-id=$randNumber" "--binlog-format=ROW" "--log-bin=mysql-bin" "--sync-binlog=1") - if [[ "$DB_REPLICATION_MODE" = "slave" ]]; then - dbExtraFlags+=("--relay-log=mysql-relay-bin" "--log-slave-updates=1" "--read-only=1") - if [[ "$DB_FLAVOR" = "mysql" ]]; then - dbExtraFlags+=("--master-info-repository=TABLE" "--relay-log-info-repository=TABLE") - fi - elif [[ "$DB_REPLICATION_MODE" = "master" ]]; then - dbExtraFlags+=("--innodb_flush_log_at_trx_commit=1") - fi - fi - - [[ "${#userExtraFlags[@]}" -eq 0 ]] || dbExtraFlags+=("${userExtraFlags[@]}") - - echo "${dbExtraFlags[@]:-}" -} - -######################## -# Validate settings in MYSQL_*/MARIADB_* environment variables -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_validate() { - info "Validating settings in MYSQL_*/MARIADB_* env vars" - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - empty_password_enabled_warn() { - warn "You set the environment variable ALLOW_EMPTY_PASSWORD=${ALLOW_EMPTY_PASSWORD}. For safety reasons, do not use this flag in a production environment." - } - empty_password_error() { - print_validation_error "The $1 environment variable is empty or not set. Set the environment variable ALLOW_EMPTY_PASSWORD=yes to allow the container to be started with blank passwords. This is recommended only for development." - } - backslash_password_error() { - print_validation_error "The password cannot contain backslashes ('\'). Set the environment variable $1 with no backslashes (more info at https://dev.mysql.com/doc/refman/8.0/en/string-comparison-functions.html)" - } - - if [[ -n "$DB_REPLICATION_MODE" ]]; then - if [[ "$DB_REPLICATION_MODE" = "master" ]]; then - if is_boolean_yes "$ALLOW_EMPTY_PASSWORD"; then - empty_password_enabled_warn - else - if [[ -n "$DB_REPLICATION_USER" ]] && [[ -z "$DB_REPLICATION_PASSWORD" ]]; then - empty_password_error "$(get_env_var REPLICATION_PASSWORD)" - fi - if [[ -z "$DB_ROOT_PASSWORD" ]]; then - empty_password_error "$(get_env_var ROOT_PASSWORD)" - fi - if (( ${#DB_ROOT_PASSWORD} > 32 )); then - print_validation_error "The password can not be longer than 32 characters. Set the environment variable $(get_env_var ROOT_PASSWORD) with a shorter value (currently ${#DB_ROOT_PASSWORD} characters)" - fi - if [[ -n "$DB_USER" ]] && [[ -z "$DB_PASSWORD" ]]; then - empty_password_error "$(get_env_var PASSWORD)" - fi - fi - elif [[ "$DB_REPLICATION_MODE" = "slave" ]]; then - if [[ -z "$DB_MASTER_HOST" ]]; then - print_validation_error "Slave replication mode chosen without setting the environment variable $(get_env_var MASTER_HOST). Use it to indicate where the Master node is running" - fi - else - print_validation_error "Invalid replication mode. Available options are 'master/slave'" - fi - else - if is_boolean_yes "$ALLOW_EMPTY_PASSWORD"; then - empty_password_enabled_warn - else - if [[ -z "$DB_ROOT_PASSWORD" ]]; then - empty_password_error "$(get_env_var ROOT_PASSWORD)" - fi - if [[ -n "$DB_USER" ]] && [[ -z "$DB_PASSWORD" ]]; then - empty_password_error "$(get_env_var PASSWORD)" - fi - fi - fi - if [[ "${DB_ROOT_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "$(get_env_var ROOT_PASSWORD)" - fi - if [[ -n "$DB_USER" ]] && [[ "$DB_USER" = "root" ]]; then - print_validation_error "root user is already created in the database and you can't use it as username for user creation." - fi - if [[ "${DB_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "$(get_env_var PASSWORD)" - fi - if [[ "${DB_REPLICATION_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "$(get_env_var REPLICATION_PASSWORD)" - fi - - collation_env_var="$(get_env_var COLLATION)" - is_empty_value "${!collation_env_var:-}" || warn "The usage of '$(get_env_var COLLATION)' is deprecated and will soon be removed. Use '$(get_env_var COLLATE)' instead." - - [[ "$error_code" -eq 0 ]] || exit "$error_code" -} - -######################## -# Creates MySQL/MariaDB configuration file -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_create_default_config() { - debug "Creating main configuration file" - cat > "$DB_CONF_FILE" < "$DUMP_FILE"; then - info "Finish dump database $DB" - info "Ensure database exists $DB" - mysql -u "$DB_MASTER_ROOT_USER" < "${DB_CONF_DIR}/bitnami/my_custom.cnf" - if ! grep --silent "!include ${DB_CONF_DIR}/bitnami/my_custom.cnf" "${DB_CONF_FILE}"; then - echo "!include ${DB_CONF_DIR}/bitnami/my_custom.cnf" >> "${DB_CONF_FILE}" - fi - else - warn "Could not inject custom configuration for the ${DB_FLAVOR} configuration file '$DB_CONF_DIR/bitnami/my_custom.cnf' because it is not writable." - fi - fi - - if [[ -e "$DB_DATA_DIR/mysql" ]]; then - info "Using persisted data" - # mysql_upgrade requires the server to be running - [[ -n "$(get_master_env_var_value ROOT_PASSWORD)" ]] && export ROOT_AUTH_ENABLED="yes" - # https://dev.mysql.com/doc/refman/8.0/en/replication-upgrade.html - mysql_upgrade - else - debug "Cleaning data directory to ensure successfully initialization" - rm -rf "${DB_DATA_DIR:?}"/* - info "Installing database" - mysql_install_db - mysql_start_bg - wait_for_mysql_access - # we delete existing users and create new ones with stricter access - # commands can still be executed until we restart or run 'flush privileges' - info "Configuring authentication" - mysql_execute "mysql" <=8 depends on this command - # users are not configured on slave nodes during initialization due to --skip-slave-start - wait_for_mysql - - # Special configuration flag for system with slow disks that could take more time - # in initializing - if [[ -n "${DB_INIT_SLEEP_TIME}" ]]; then - debug "Sleeping ${DB_INIT_SLEEP_TIME} seconds before continuing with initialization" - sleep "${DB_INIT_SLEEP_TIME}" - fi -} - -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for mysql common - -######################## -# Extract mysql version from version string -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# Version string -######################### -mysql_get_version() { - local ver_string - local -a ver_split - - ver_string=$("${DB_BIN_DIR}/mysql" "--version") - read -r -a ver_split <<< "$ver_string" - - if [[ "$ver_string" = *" Distrib "* ]]; then - echo "${ver_split[4]::-1}" - else - echo "${ver_split[2]}" - fi -} - -######################## -# Gets an environment variable name based on the suffix -# Globals: -# DB_FLAVOR -# Arguments: -# $1 - environment variable suffix -# Returns: -# environment variable name -######################### -get_env_var() { - local -r id="${1:?id is required}" - local -r prefix="${DB_FLAVOR//-/_}" - echo "${prefix^^}_${id}" -} - -######################## -# Gets an environment variable value for the master node and based on the suffix -# Arguments: -# $1 - environment variable suffix -# Returns: -# environment variable value -######################### -get_master_env_var_value() { - local envVar - - PREFIX="" - [[ "${DB_REPLICATION_MODE:-}" = "slave" ]] && PREFIX="MASTER_" - envVar="$(get_env_var "${PREFIX}${1}_FILE")" - if [[ -f "${!envVar:-}" ]]; then - echo "$(< "${!envVar}")" - else - envVar="$(get_env_var "${PREFIX}${1}")" - echo "${!envVar:-}" - fi -} - -######################## -# Execute an arbitrary query/queries against the running MySQL/MariaDB service and print to stdout -# Stdin: -# Query/queries to execute -# Globals: -# BITNAMI_DEBUG -# DB_* -# Arguments: -# $1 - Database where to run the queries -# $2 - User to run queries -# $3 - Password -# $4 - Extra MySQL CLI options -# Returns: -# None -mysql_execute_print_output() { - local -r db="${1:-}" - local -r user="${2:-root}" - local -r pass="${3:-}" - local -a opts extra_opts - read -r -a opts <<< "${@:4}" - read -r -a extra_opts <<< "$(mysql_client_extra_opts)" - - # Process mysql CLI arguments - local -a args=() - if [[ -f "$DB_CONF_FILE" ]]; then - args+=("--defaults-file=${DB_CONF_FILE}") - fi - args+=("-N" "-u" "$user") - [[ -n "$db" ]] && args+=("$db") - [[ -n "$pass" ]] && args+=("-p$pass") - [[ "${#opts[@]}" -gt 0 ]] && args+=("${opts[@]}") - [[ "${#extra_opts[@]}" -gt 0 ]] && args+=("${extra_opts[@]}") - - # Obtain the command specified via stdin - if [[ "${BITNAMI_DEBUG:-false}" = true ]]; then - local mysql_cmd - mysql_cmd="$(> "$custom_conf_file" - cat "$old_custom_conf_file" >> "$custom_conf_file" - fi - if am_i_root; then - [[ -e "$DB_VOLUME_DIR/.initialized" ]] && rm "$DB_VOLUME_DIR/.initialized" - rm -rf "$DB_VOLUME_DIR/conf" - else - warn "Old custom configuration migrated, please manually remove the 'conf' directory from the volume use to persist data" - fi -} - -######################## -# Ensure a db user exists with the given password for the '%' host -# Globals: -# DB_* -# Flags: -# -p|--password - database password -# -u|--user - database user -# --auth-plugin - authentication plugin -# --use-ldap - authenticate user via LDAP -# --host - database host -# --port - database host -# Arguments: -# $1 - database user -# Returns: -# None -######################### -mysql_ensure_user_exists() { - local -r user="${1:?user is required}" - local password="" - local auth_plugin="" - local use_ldap="no" - local hosts - local auth_string="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -p|--password) - shift - password="${1:?missing database password}" - ;; - --auth-plugin) - shift - auth_plugin="${1:?missing authentication plugin}" - ;; - --use-ldap) - use_ldap="yes" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if is_boolean_yes "$use_ldap"; then - auth_string="identified via pam using '$DB_FLAVOR'" - elif [[ -n "$password" ]]; then - if [[ -n "$auth_plugin" ]]; then - auth_string="identified with $auth_plugin by '$password'" - else - auth_string="identified by '$password'" - fi - fi - debug "creating database user \'$user\'" - - local -a mysql_execute_cmd=("mysql_execute") - local -a mysql_execute_print_output_cmd=("mysql_execute_print_output") - if [[ -n "$db_host" && -n "$db_port" ]]; then - mysql_execute_cmd=("mysql_remote_execute" "$db_host" "$db_port") - mysql_execute_print_output_cmd=("mysql_remote_execute_print_output" "$db_host" "$db_port") - fi - - local mysql_create_user_cmd - [[ "$DB_FLAVOR" = "mariadb" ]] && mysql_create_user_cmd="create or replace user" || mysql_create_user_cmd="create user if not exists" - "${mysql_execute_cmd[@]}" "mysql" "$DB_ROOT_USER" "$DB_ROOT_PASSWORD" <=10.4, the mysql.user table was replaced with a view: https://mariadb.com/kb/en/mysqluser-table/ - # Views have a definer user, in this case set to 'root', which needs to exist for the view to work - # In MySQL, to avoid issues when renaming the root user, they use the 'mysql.sys' user as a definer: https://dev.mysql.com/doc/refman/5.7/en/sys-schema.html - # However, for MariaDB that is not the case, so when the 'root' user is renamed the 'mysql.user' table stops working and the view needs to be fixed - if [[ "$user" != "root" && ! "$(mysql_get_version)" =~ ^10.[0123]. ]]; then - alter_view_str="$(mysql_execute_print_output "mysql" "$user" "$password" "-s" <&2 - return 1 - ;; - esac - shift - done - - local -a mysql_execute_cmd=("mysql_execute") - [[ -n "$db_host" && -n "$db_port" ]] && mysql_execute_cmd=("mysql_remote_execute" "$db_host" "$db_port") - - local -a create_database_args=() - [[ -n "$character_set" ]] && create_database_args+=("character set = '${character_set}'") - [[ -n "$collate" ]] && create_database_args+=("collate = '${collate}'") - - debug "Creating database $database" - "${mysql_execute_cmd[@]}" "mysql" "$DB_ROOT_USER" "$DB_ROOT_PASSWORD" <&2 - return 1 - ;; - esac - shift - done - - local -a flags=("$user") - [[ -n "$db_host" ]] && flags+=("--host" "${db_host}") - [[ -n "$db_port" ]] && flags+=("--port" "${db_port}") - if is_boolean_yes "$use_ldap"; then - flags+=("--use-ldap") - elif [[ -n "$password" ]]; then - flags+=("-p" "$password") - [[ -n "$auth_plugin" ]] && flags=("${flags[@]}" "--auth-plugin" "$auth_plugin") - fi - mysql_ensure_user_exists "${flags[@]}" -} - -######################## -# Optionally create the given database, and then optionally give a user -# full privileges on the database. -# Flags: -# -u|--user - database user -# --character-set - character set -# --collation - collation -# --host - database host -# --port - database port -# Arguments: -# $1 - database name -# Returns: -# None -######################### -mysql_ensure_optional_database_exists() { - local -r database="${1:?database is missing}" - local character_set="" - local collate="" - local user="" - local privileges="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - --character-set) - shift - character_set="${1:?missing character set}" - ;; - --collate) - shift - collate="${1:?missing collate}" - ;; - -u|--user) - shift - user="${1:?missing database user}" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - --privileges) - shift - privileges="${1:?missing privileges}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - local -a flags=("$database") - [[ -n "$character_set" ]] && flags+=("--character-set" "$character_set") - [[ -n "$collate" ]] && flags+=("--collate" "$collate") - [[ -n "$db_host" ]] && flags+=("--host" "$db_host") - [[ -n "$db_port" ]] && flags+=("--port" "$db_port") - mysql_ensure_database_exists "${flags[@]}" - - if [[ -n "$user" ]]; then - mysql_ensure_user_has_database_privileges "$user" "$database" "$privileges" "$db_host" "$db_port" - fi -} - -######################## -# Add or modify an entry in the MySQL configuration file ("$DB_CONF_FILE") -# Globals: -# DB_* -# Arguments: -# $1 - MySQL variable name -# $2 - Value to assign to the MySQL variable -# $3 - Section in the MySQL configuration file the key is located (default: mysqld) -# $4 - Configuration file (default: "$BD_CONF_FILE") -# Returns: -# None -######################### -mysql_conf_set() { - local -r key="${1:?key missing}" - local -r value="${2:?value missing}" - read -r -a sections <<<"${3:-mysqld}" - local -r ignore_inline_comments="${4:-no}" - local -r file="${5:-"$DB_CONF_FILE"}" - info "Setting ${key} option" - debug "Setting ${key} to '${value}' in ${DB_FLAVOR} configuration file ${file}" - # Check if the configuration exists in the file - for section in "${sections[@]}"; do - if is_boolean_yes "$ignore_inline_comments"; then - ini-file set --ignore-inline-comments --section "$section" --key "$key" --value "$value" "$file" - else - ini-file set --section "$section" --key "$key" --value "$value" "$file" - fi - done -} - -######################## -# Update MySQL/MariaDB configuration file with user custom inputs -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_update_custom_config() { - # Persisted configuration files from old versions - ! is_dir_empty "$DB_VOLUME_DIR" && [[ -d "$DB_VOLUME_DIR/conf" ]] && mysql_migrate_old_configuration - - # User injected custom configuration - if [[ -f "$DB_CONF_DIR/my_custom.cnf" ]]; then - debug "Injecting custom configuration from my_custom.conf" - cat "$DB_CONF_DIR/my_custom.cnf" > "$DB_CONF_DIR/bitnami/my_custom.cnf" - fi - - ! is_empty_value "$DB_USER" && mysql_conf_set "user" "$DB_USER" "mysqladmin" - ! is_empty_value "$DB_PORT_NUMBER" && mysql_conf_set "port" "$DB_PORT_NUMBER" "mysqld client manager" - ! is_empty_value "$DB_CHARACTER_SET" && mysql_conf_set "character_set_server" "$DB_CHARACTER_SET" - ! is_empty_value "$DB_COLLATE" && mysql_conf_set "collation_server" "$DB_COLLATE" - ! is_empty_value "$DB_BIND_ADDRESS" && mysql_conf_set "bind_address" "$DB_BIND_ADDRESS" - ! is_empty_value "$DB_AUTHENTICATION_PLUGIN" && mysql_conf_set "default_authentication_plugin" "$DB_AUTHENTICATION_PLUGIN" - ! is_empty_value "$DB_SQL_MODE" && mysql_conf_set "sql_mode" "$DB_SQL_MODE" - ! is_empty_value "$DB_ENABLE_SLOW_QUERY" && mysql_conf_set "slow_query_log" "$DB_ENABLE_SLOW_QUERY" - ! is_empty_value "$DB_LONG_QUERY_TIME" && mysql_conf_set "long_query_time" "$DB_LONG_QUERY_TIME" - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Find the path to the libjemalloc library file -# Globals: -# None -# Arguments: -# None -# Returns: -# Path to a libjemalloc shared object file -######################### -find_jemalloc_lib() { - local -a locations=( "/usr/lib" "/usr/lib64" ) - local -r pattern='libjemalloc.so.[0-9]' - local path - for dir in "${locations[@]}"; do - # Find the first element matching the pattern and quit - [[ ! -d "$dir" ]] && continue - path="$(find "$dir" -name "$pattern" -print -quit)" - [[ -n "$path" ]] && break - done - echo "${path:-}" -} - -######################## -# Execute a reliable health check against the current mysql instance -# Globals: -# DB_ROOT_PASSWORD, DB_MASTER_ROOT_PASSWORD -# Arguments: -# None -# Returns: -# mysqladmin output -######################### -mysql_healthcheck() { - local args=("-uroot" "-h0.0.0.0") - local root_password - - root_password="$(get_master_env_var_value ROOT_PASSWORD)" - if [[ -n "$root_password" ]]; then - args+=("-p${root_password}") - fi - - mysqladmin "${args[@]}" ping && mysqladmin "${args[@]}" status -} - -######################## -# Prints flavor of 'mysql' client (useful to determine proper CLI flags that can be used) -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# mysql client flavor -######################### -mysql_client_flavor() { - if "${DB_BIN_DIR}/mysql" "--version" 2>&1 | grep -q MariaDB; then - echo "mariadb" - else - echo "mysql" - fi -} - -######################## -# Prints extra options for MySQL client calls (i.e. SSL options) -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# List of options to pass to "mysql" CLI -######################### -mysql_client_extra_opts() { - # Helper to get the proper value for the MySQL client environment variable - mysql_client_env_value() { - local env_name="MYSQL_CLIENT_${1:?missing name}" - if [[ -n "${!env_name:-}" ]]; then - echo "${!env_name:-}" - else - env_name="DB_CLIENT_${1}" - echo "${!env_name:-}" - fi - } - local -a opts=() - local key value - if is_boolean_yes "${DB_ENABLE_SSL:-no}"; then - if [[ "$(mysql_client_flavor)" = "mysql" ]]; then - opts+=("--ssl-mode=REQUIRED") - else - opts+=("--ssl=TRUE") - fi - # Add "--ssl-ca", "--ssl-key" and "--ssl-cert" options if the env vars are defined - for key in ca key cert; do - value="$(mysql_client_env_value "SSL_${key^^}_FILE")" - [[ -n "${value}" ]] && opts+=("--ssl-${key}=${value}") - done - fi - echo "${opts[@]:-}" -} diff --git a/bitnami/mariadb/11.1/debian-11/rootfs/opt/bitnami/scripts/mariadb-env.sh b/bitnami/mariadb/11.1/debian-11/rootfs/opt/bitnami/scripts/mariadb-env.sh deleted file mode 100644 index 5a226f21476f..000000000000 --- a/bitnami/mariadb/11.1/debian-11/rootfs/opt/bitnami/scripts/mariadb-env.sh +++ /dev/null @@ -1,177 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for mariadb - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-mariadb}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -mariadb_env_vars=( - ALLOW_EMPTY_PASSWORD - MARIADB_AUTHENTICATION_PLUGIN - MARIADB_ROOT_USER - MARIADB_ROOT_PASSWORD - MARIADB_USER - MARIADB_PASSWORD - MARIADB_DATABASE - MARIADB_MASTER_HOST - MARIADB_MASTER_PORT_NUMBER - MARIADB_MASTER_ROOT_USER - MARIADB_MASTER_ROOT_PASSWORD - MARIADB_MASTER_DELAY - MARIADB_REPLICATION_USER - MARIADB_REPLICATION_PASSWORD - MARIADB_PORT_NUMBER - MARIADB_REPLICATION_MODE - MARIADB_REPLICATION_SLAVE_DUMP - MARIADB_EXTRA_FLAGS - MARIADB_INIT_SLEEP_TIME - MARIADB_CHARACTER_SET - MARIADB_COLLATE - MARIADB_BIND_ADDRESS - MARIADB_SQL_MODE - MARIADB_SKIP_TEST_DB - MARIADB_CLIENT_ENABLE_SSL - MARIADB_CLIENT_SSL_CA_FILE - MARIADB_CLIENT_SSL_CERT_FILE - MARIADB_CLIENT_SSL_KEY_FILE - MARIADB_CLIENT_EXTRA_FLAGS - MARIADB_STARTUP_WAIT_RETRIES - MARIADB_STARTUP_WAIT_SLEEP_TIME - MARIADB_ENABLE_SLOW_QUERY - MARIADB_LONG_QUERY_TIME - DB_ENABLE_SLOW_QUERY - DB_LONG_QUERY_TIME -) -for env_var in "${mariadb_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset mariadb_env_vars -export DB_FLAVOR="mariadb" - -# Paths -export DB_BASE_DIR="${BITNAMI_ROOT_DIR}/mariadb" -export DB_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/mariadb" -export DB_DATA_DIR="${DB_VOLUME_DIR}/data" -export DB_BIN_DIR="${DB_BASE_DIR}/bin" -export DB_SBIN_DIR="${DB_BASE_DIR}/sbin" -export DB_CONF_DIR="${DB_BASE_DIR}/conf" -export DB_DEFAULT_CONF_DIR="${DB_BASE_DIR}/conf.default" -export DB_LOGS_DIR="${DB_BASE_DIR}/logs" -export DB_TMP_DIR="${DB_BASE_DIR}/tmp" -export DB_CONF_FILE="${DB_CONF_DIR}/my.cnf" -export DB_PID_FILE="${DB_TMP_DIR}/mysqld.pid" -export DB_SOCKET_FILE="${DB_TMP_DIR}/mysql.sock" -export PATH="${DB_SBIN_DIR}:${DB_BIN_DIR}:/opt/bitnami/common/bin:${PATH}" - -# System users (when running with a privileged user) -export DB_DAEMON_USER="mysql" -export DB_DAEMON_GROUP="mysql" - -# Default configuration (build-time) -export MARIADB_DEFAULT_PORT_NUMBER="3306" -export DB_DEFAULT_PORT_NUMBER="$MARIADB_DEFAULT_PORT_NUMBER" # only used at build time -export MARIADB_DEFAULT_CHARACTER_SET="utf8mb4" -export DB_DEFAULT_CHARACTER_SET="$MARIADB_DEFAULT_CHARACTER_SET" # only used at build time -export MARIADB_DEFAULT_BIND_ADDRESS="0.0.0.0" -export DB_DEFAULT_BIND_ADDRESS="$MARIADB_DEFAULT_BIND_ADDRESS" # only used at build time - -# MariaDB authentication. -export ALLOW_EMPTY_PASSWORD="${ALLOW_EMPTY_PASSWORD:-no}" -export MARIADB_AUTHENTICATION_PLUGIN="${MARIADB_AUTHENTICATION_PLUGIN:-}" -export DB_AUTHENTICATION_PLUGIN="$MARIADB_AUTHENTICATION_PLUGIN" -export MARIADB_ROOT_USER="${MARIADB_ROOT_USER:-root}" -export DB_ROOT_USER="$MARIADB_ROOT_USER" # only used during the first initialization -export MARIADB_ROOT_PASSWORD="${MARIADB_ROOT_PASSWORD:-}" -export DB_ROOT_PASSWORD="$MARIADB_ROOT_PASSWORD" # only used during the first initialization -export MARIADB_USER="${MARIADB_USER:-}" -export DB_USER="$MARIADB_USER" # only used during the first initialization -export MARIADB_PASSWORD="${MARIADB_PASSWORD:-}" -export DB_PASSWORD="$MARIADB_PASSWORD" # only used during the first initialization -export MARIADB_DATABASE="${MARIADB_DATABASE:-}" -export DB_DATABASE="$MARIADB_DATABASE" # only used during the first initialization -export MARIADB_MASTER_HOST="${MARIADB_MASTER_HOST:-}" -export DB_MASTER_HOST="$MARIADB_MASTER_HOST" # only used during the first initialization -export MARIADB_MASTER_PORT_NUMBER="${MARIADB_MASTER_PORT_NUMBER:-3306}" -export DB_MASTER_PORT_NUMBER="$MARIADB_MASTER_PORT_NUMBER" # only used during the first initialization -export MARIADB_MASTER_ROOT_USER="${MARIADB_MASTER_ROOT_USER:-root}" -export DB_MASTER_ROOT_USER="$MARIADB_MASTER_ROOT_USER" # only used during the first initialization -export MARIADB_MASTER_ROOT_PASSWORD="${MARIADB_MASTER_ROOT_PASSWORD:-}" -export DB_MASTER_ROOT_PASSWORD="$MARIADB_MASTER_ROOT_PASSWORD" # only used during the first initialization -export MARIADB_MASTER_DELAY="${MARIADB_MASTER_DELAY:-0}" -export DB_MASTER_DELAY="$MARIADB_MASTER_DELAY" # only used during the first initialization -export MARIADB_REPLICATION_USER="${MARIADB_REPLICATION_USER:-}" -export DB_REPLICATION_USER="$MARIADB_REPLICATION_USER" # only used during the first initialization -export MARIADB_REPLICATION_PASSWORD="${MARIADB_REPLICATION_PASSWORD:-}" -export DB_REPLICATION_PASSWORD="$MARIADB_REPLICATION_PASSWORD" # only used during the first initialization - -# Settings -export MARIADB_PORT_NUMBER="${MARIADB_PORT_NUMBER:-}" -export DB_PORT_NUMBER="$MARIADB_PORT_NUMBER" -export MARIADB_REPLICATION_MODE="${MARIADB_REPLICATION_MODE:-}" -export DB_REPLICATION_MODE="$MARIADB_REPLICATION_MODE" -export MARIADB_REPLICATION_SLAVE_DUMP="${MARIADB_REPLICATION_SLAVE_DUMP:-false}" -export DB_REPLICATION_SLAVE_DUMP="$MARIADB_REPLICATION_SLAVE_DUMP" -export MARIADB_EXTRA_FLAGS="${MARIADB_EXTRA_FLAGS:-}" -export DB_EXTRA_FLAGS="$MARIADB_EXTRA_FLAGS" -export MARIADB_INIT_SLEEP_TIME="${MARIADB_INIT_SLEEP_TIME:-}" -export DB_INIT_SLEEP_TIME="$MARIADB_INIT_SLEEP_TIME" -export MARIADB_CHARACTER_SET="${MARIADB_CHARACTER_SET:-}" -export DB_CHARACTER_SET="$MARIADB_CHARACTER_SET" -# MARIADB_COLLATION is deprecated in favor of MARIADB_COLLATE -MARIADB_COLLATE="${MARIADB_COLLATE:-"${MARIADB_COLLATION:-}"}" -export MARIADB_COLLATE="${MARIADB_COLLATE:-}" -export DB_COLLATE="$MARIADB_COLLATE" -export MARIADB_BIND_ADDRESS="${MARIADB_BIND_ADDRESS:-}" -export DB_BIND_ADDRESS="$MARIADB_BIND_ADDRESS" -export MARIADB_SQL_MODE="${MARIADB_SQL_MODE:-}" -export DB_SQL_MODE="$MARIADB_SQL_MODE" -export MARIADB_SKIP_TEST_DB="${MARIADB_SKIP_TEST_DB:-no}" -export DB_SKIP_TEST_DB="$MARIADB_SKIP_TEST_DB" -export MARIADB_CLIENT_ENABLE_SSL="${MARIADB_CLIENT_ENABLE_SSL:-no}" -export DB_CLIENT_ENABLE_SSL="$MARIADB_CLIENT_ENABLE_SSL" -export MARIADB_CLIENT_SSL_CA_FILE="${MARIADB_CLIENT_SSL_CA_FILE:-}" -export DB_CLIENT_SSL_CA_FILE="$MARIADB_CLIENT_SSL_CA_FILE" -export MARIADB_CLIENT_SSL_CERT_FILE="${MARIADB_CLIENT_SSL_CERT_FILE:-}" -export DB_CLIENT_SSL_CERT_FILE="$MARIADB_CLIENT_SSL_CERT_FILE" -export MARIADB_CLIENT_SSL_KEY_FILE="${MARIADB_CLIENT_SSL_KEY_FILE:-}" -export DB_CLIENT_SSL_KEY_FILE="$MARIADB_CLIENT_SSL_KEY_FILE" -export MARIADB_CLIENT_EXTRA_FLAGS="${MARIADB_CLIENT_EXTRA_FLAGS:-no}" -export DB_CLIENT_EXTRA_FLAGS="$MARIADB_CLIENT_EXTRA_FLAGS" -export MARIADB_STARTUP_WAIT_RETRIES="${MARIADB_STARTUP_WAIT_RETRIES:-300}" -export DB_STARTUP_WAIT_RETRIES="$MARIADB_STARTUP_WAIT_RETRIES" -export MARIADB_STARTUP_WAIT_SLEEP_TIME="${MARIADB_STARTUP_WAIT_SLEEP_TIME:-2}" -export DB_STARTUP_WAIT_SLEEP_TIME="$MARIADB_STARTUP_WAIT_SLEEP_TIME" -MARIADB_ENABLE_SLOW_QUERY="${MARIADB_ENABLE_SLOW_QUERY:-"${DB_ENABLE_SLOW_QUERY:-}"}" -export MARIADB_ENABLE_SLOW_QUERY="${MARIADB_ENABLE_SLOW_QUERY:-0}" -export DB_ENABLE_SLOW_QUERY="$MARIADB_ENABLE_SLOW_QUERY" -MARIADB_LONG_QUERY_TIME="${MARIADB_LONG_QUERY_TIME:-"${DB_LONG_QUERY_TIME:-}"}" -export MARIADB_LONG_QUERY_TIME="${MARIADB_LONG_QUERY_TIME:-10.0}" -export DB_LONG_QUERY_TIME="$MARIADB_LONG_QUERY_TIME" - -# Custom environment variables may be defined below diff --git a/bitnami/mariadb/11.1/debian-11/rootfs/opt/bitnami/scripts/mariadb/entrypoint.sh b/bitnami/mariadb/11.1/debian-11/rootfs/opt/bitnami/scripts/mariadb/entrypoint.sh deleted file mode 100755 index 2778b418f2fd..000000000000 --- a/bitnami/mariadb/11.1/debian-11/rootfs/opt/bitnami/scripts/mariadb/entrypoint.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/libmariadb.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -print_welcome_page - -# We add the copy from default config in the entrypoint to not break users -# bypassing the setup.sh logic. If the file already exists do not overwrite (in -# case someone mounts a configuration file in /opt/bitnami/mariadb/conf) -debug "Copying files from $DB_DEFAULT_CONF_DIR to $DB_CONF_DIR" -cp -nr "$DB_DEFAULT_CONF_DIR"/. "$DB_CONF_DIR" - -if [[ "$1" = "/opt/bitnami/scripts/mariadb/run.sh" ]]; then - info "** Starting MariaDB setup **" - /opt/bitnami/scripts/mariadb/setup.sh - info "** MariaDB setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/mariadb/11.1/debian-11/rootfs/opt/bitnami/scripts/mariadb/healthcheck.sh b/bitnami/mariadb/11.1/debian-11/rootfs/opt/bitnami/scripts/mariadb/healthcheck.sh deleted file mode 100755 index a42fac08c834..000000000000 --- a/bitnami/mariadb/11.1/debian-11/rootfs/opt/bitnami/scripts/mariadb/healthcheck.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libmariadb.sh - -# Load MySQL environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -mysql_healthcheck diff --git a/bitnami/mariadb/11.1/debian-11/rootfs/opt/bitnami/scripts/mariadb/postunpack.sh b/bitnami/mariadb/11.1/debian-11/rootfs/opt/bitnami/scripts/mariadb/postunpack.sh deleted file mode 100755 index 98108424f464..000000000000 --- a/bitnami/mariadb/11.1/debian-11/rootfs/opt/bitnami/scripts/mariadb/postunpack.sh +++ /dev/null @@ -1,37 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libmariadb.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# Configure MariaDB options based on build-time defaults -info "Configuring default MariaDB options" -ensure_dir_exists "$DB_CONF_DIR" -mysql_create_default_config - -for dir in "$DB_TMP_DIR" "$DB_LOGS_DIR" "$DB_CONF_DIR" "$DB_DEFAULT_CONF_DIR" "${DB_CONF_DIR}/bitnami" "$DB_VOLUME_DIR" "$DB_DATA_DIR"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" -done - -# Fix to avoid issues detecting plugins in mysql_install_db -ln -sf "$DB_BASE_DIR/plugin" "$DB_BASE_DIR/lib/plugin" - -# Redirect all logging to stdout -ln -sf "/proc/1/fd/1" "$DB_LOGS_DIR/mysqld.log" - -# Copy all initially generated configuration files to the default directory -# (this is to avoid breaking when entrypoint is being overridden) -cp -r "${DB_CONF_DIR}/"* "$DB_DEFAULT_CONF_DIR" diff --git a/bitnami/mariadb/11.1/debian-11/rootfs/opt/bitnami/scripts/mariadb/run.sh b/bitnami/mariadb/11.1/debian-11/rootfs/opt/bitnami/scripts/mariadb/run.sh deleted file mode 100755 index 6be2d7dadf5a..000000000000 --- a/bitnami/mariadb/11.1/debian-11/rootfs/opt/bitnami/scripts/mariadb/run.sh +++ /dev/null @@ -1,41 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libmariadb.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# mysqld_safe does not allow logging to stdout/stderr, so we stick with mysqld -EXEC="${DB_SBIN_DIR}/mysqld" - -flags=("--defaults-file=${DB_CONF_DIR}/my.cnf" "--basedir=${DB_BASE_DIR}" "--datadir=${DB_DATA_DIR}" "--socket=${DB_SOCKET_FILE}") -[[ -z "${DB_PID_FILE:-}" ]] || flags+=("--pid-file=${DB_PID_FILE}") - -# Add flags specified via the 'DB_EXTRA_FLAGS' environment variable -read -r -a db_extra_flags <<< "$(mysql_extra_flags)" -[[ "${#db_extra_flags[@]}" -gt 0 ]] && flags+=("${db_extra_flags[@]}") - -# Add flags passed to this script -flags+=("$@") - -# Fix for MDEV-16183 - mysqld_safe already does this, but we are using mysqld -LD_PRELOAD="$(find_jemalloc_lib)${LD_PRELOAD:+ "$LD_PRELOAD"}" -export LD_PRELOAD - -info "** Starting MariaDB **" -if am_i_root; then - exec_as_user "$DB_DAEMON_USER" "$EXEC" "${flags[@]}" -else - exec "$EXEC" "${flags[@]}" -fi diff --git a/bitnami/mariadb/11.1/debian-11/rootfs/opt/bitnami/scripts/mariadb/setup.sh b/bitnami/mariadb/11.1/debian-11/rootfs/opt/bitnami/scripts/mariadb/setup.sh deleted file mode 100755 index dc9c12a2bd05..000000000000 --- a/bitnami/mariadb/11.1/debian-11/rootfs/opt/bitnami/scripts/mariadb/setup.sh +++ /dev/null @@ -1,40 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libmariadb.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# Ensure mysql unix socket file does not exist -rm -rf "${DB_SOCKET_FILE}.lock" -# Ensure MariaDB environment variables settings are valid -mysql_validate -# Ensure MariaDB is stopped when this script ends. -trap "mysql_stop" EXIT -if am_i_root; then - # Ensure 'daemon' user exists when running as 'root' - ensure_user_exists "$DB_DAEMON_USER" --group "$DB_DAEMON_GROUP" - # Fix logging issue when running as root - chmod o+w "$(readlink /dev/stdout)" -fi -# Ensure MariaDB is initialized -mysql_initialize -# Allow running custom initialization scripts -mysql_custom_scripts 'init' -# Allow running custom start scripts -mysql_custom_scripts 'start' -# Stop MariaDB before flagging it as fully initialized. -# Relying only on the trap defined above could produce a race condition. -mysql_stop diff --git a/bitnami/mariadb/11.1/debian-11/tags-info.yaml b/bitnami/mariadb/11.1/debian-11/tags-info.yaml deleted file mode 100644 index 5ea1cc231d99..000000000000 --- a/bitnami/mariadb/11.1/debian-11/tags-info.yaml +++ /dev/null @@ -1,4 +0,0 @@ -rolling-tags: -- "11.1" -- 11.1-debian-11 -- 11.1.4 diff --git a/bitnami/mariadb/11.2/debian-11/Dockerfile b/bitnami/mariadb/11.2/debian-11/Dockerfile deleted file mode 100644 index 430a5013b31d..000000000000 --- a/bitnami/mariadb/11.2/debian-11/Dockerfile +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T11:03:13Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="11.2.3-debian-11-r15" \ - org.opencontainers.image.title="mariadb" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="11.2.3" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libaio1 libaudit1 libcap-ng0 libcrypt1 libgcc-s1 libicu67 liblzma5 libncurses6 libpam0g libssl1.1 libstdc++6 libtinfo6 libxml2 procps psmisc zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "ini-file-1.4.6-8-linux-${OS_ARCH}-debian-11" \ - "mariadb-11.2.3-0-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN mkdir /docker-entrypoint-initdb.d - -COPY rootfs / -RUN /opt/bitnami/scripts/mariadb/postunpack.sh -ENV APP_VERSION="11.2.3" \ - BITNAMI_APP_NAME="mariadb" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/common/sbin:/opt/bitnami/mariadb/bin:/opt/bitnami/mariadb/sbin:$PATH" - -EXPOSE 3306 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/mariadb/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/mariadb/run.sh" ] diff --git a/bitnami/mariadb/11.2/debian-11/docker-compose.yml b/bitnami/mariadb/11.2/debian-11/docker-compose.yml deleted file mode 100644 index b25ea307d7f9..000000000000 --- a/bitnami/mariadb/11.2/debian-11/docker-compose.yml +++ /dev/null @@ -1,24 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2.1' - -services: - mariadb: - image: docker.io/bitnami/mariadb:11.2 - ports: - - '3306:3306' - volumes: - - 'mariadb_data:/bitnami/mariadb' - environment: - # ALLOW_EMPTY_PASSWORD is recommended only for development. - - ALLOW_EMPTY_PASSWORD=yes - healthcheck: - test: ['CMD', '/opt/bitnami/scripts/mariadb/healthcheck.sh'] - interval: 15s - timeout: 5s - retries: 6 - -volumes: - mariadb_data: - driver: local diff --git a/bitnami/mariadb/11.2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/mariadb/11.2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 6d13af3fa9d3..000000000000 --- a/bitnami/mariadb/11.2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "ini-file": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.4.6-8" - }, - "mariadb": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "11.2.3-0" - } -} \ No newline at end of file diff --git a/bitnami/mariadb/11.2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/mariadb/11.2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/mariadb/11.2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/mariadb/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/mariadb/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/mariadb/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/mariadb/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/mariadb/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/mariadb/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/mariadb/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/mariadb/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/mariadb/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/mariadb/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/mariadb/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/mariadb/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/mariadb/11.2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/mariadb/11.2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/mariadb/11.2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/mariadb/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/mariadb/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/mariadb/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/mariadb/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/mariadb/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/mariadb/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/mariadb/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/mariadb/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/mariadb/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/mariadb/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/mariadb/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/mariadb/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/mariadb/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/mariadb/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/mariadb/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/mariadb/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/mariadb/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/mariadb/11.2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/mariadb/11.2/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/mariadb/11.2/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/mariadb/11.2/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/mariadb/11.2/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/mariadb/11.2/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/mariadb/11.2/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/mariadb/11.2/debian-11/rootfs/opt/bitnami/scripts/libmariadb.sh b/bitnami/mariadb/11.2/debian-11/rootfs/opt/bitnami/scripts/libmariadb.sh deleted file mode 100644 index bba902411336..000000000000 --- a/bitnami/mariadb/11.2/debian-11/rootfs/opt/bitnami/scripts/libmariadb.sh +++ /dev/null @@ -1,1419 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami MySQL library - -# shellcheck disable=SC1090,SC1091,SC2119,SC2120 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libversion.sh - -######################## -# Configure database extra start flags -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# Array with extra flags to use -######################### -mysql_extra_flags() { - local randNumber - local -a dbExtraFlags=() - # shellcheck disable=SC2153 - read -r -a userExtraFlags <<< "$DB_EXTRA_FLAGS" - - if [[ -n "$DB_REPLICATION_MODE" ]]; then - randNumber="$(head /dev/urandom | tr -dc 0-9 | head -c 3 ; echo '')" - dbExtraFlags+=("--server-id=$randNumber" "--binlog-format=ROW" "--log-bin=mysql-bin" "--sync-binlog=1") - if [[ "$DB_REPLICATION_MODE" = "slave" ]]; then - dbExtraFlags+=("--relay-log=mysql-relay-bin" "--log-slave-updates=1" "--read-only=1") - if [[ "$DB_FLAVOR" = "mysql" ]]; then - dbExtraFlags+=("--master-info-repository=TABLE" "--relay-log-info-repository=TABLE") - fi - elif [[ "$DB_REPLICATION_MODE" = "master" ]]; then - dbExtraFlags+=("--innodb_flush_log_at_trx_commit=1") - fi - fi - - [[ "${#userExtraFlags[@]}" -eq 0 ]] || dbExtraFlags+=("${userExtraFlags[@]}") - - echo "${dbExtraFlags[@]:-}" -} - -######################## -# Validate settings in MYSQL_*/MARIADB_* environment variables -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_validate() { - info "Validating settings in MYSQL_*/MARIADB_* env vars" - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - empty_password_enabled_warn() { - warn "You set the environment variable ALLOW_EMPTY_PASSWORD=${ALLOW_EMPTY_PASSWORD}. For safety reasons, do not use this flag in a production environment." - } - empty_password_error() { - print_validation_error "The $1 environment variable is empty or not set. Set the environment variable ALLOW_EMPTY_PASSWORD=yes to allow the container to be started with blank passwords. This is recommended only for development." - } - backslash_password_error() { - print_validation_error "The password cannot contain backslashes ('\'). Set the environment variable $1 with no backslashes (more info at https://dev.mysql.com/doc/refman/8.0/en/string-comparison-functions.html)" - } - - if [[ -n "$DB_REPLICATION_MODE" ]]; then - if [[ "$DB_REPLICATION_MODE" = "master" ]]; then - if is_boolean_yes "$ALLOW_EMPTY_PASSWORD"; then - empty_password_enabled_warn - else - if [[ -n "$DB_REPLICATION_USER" ]] && [[ -z "$DB_REPLICATION_PASSWORD" ]]; then - empty_password_error "$(get_env_var REPLICATION_PASSWORD)" - fi - if [[ -z "$DB_ROOT_PASSWORD" ]]; then - empty_password_error "$(get_env_var ROOT_PASSWORD)" - fi - if (( ${#DB_ROOT_PASSWORD} > 32 )); then - print_validation_error "The password can not be longer than 32 characters. Set the environment variable $(get_env_var ROOT_PASSWORD) with a shorter value (currently ${#DB_ROOT_PASSWORD} characters)" - fi - if [[ -n "$DB_USER" ]] && [[ -z "$DB_PASSWORD" ]]; then - empty_password_error "$(get_env_var PASSWORD)" - fi - fi - elif [[ "$DB_REPLICATION_MODE" = "slave" ]]; then - if [[ -z "$DB_MASTER_HOST" ]]; then - print_validation_error "Slave replication mode chosen without setting the environment variable $(get_env_var MASTER_HOST). Use it to indicate where the Master node is running" - fi - else - print_validation_error "Invalid replication mode. Available options are 'master/slave'" - fi - else - if is_boolean_yes "$ALLOW_EMPTY_PASSWORD"; then - empty_password_enabled_warn - else - if [[ -z "$DB_ROOT_PASSWORD" ]]; then - empty_password_error "$(get_env_var ROOT_PASSWORD)" - fi - if [[ -n "$DB_USER" ]] && [[ -z "$DB_PASSWORD" ]]; then - empty_password_error "$(get_env_var PASSWORD)" - fi - fi - fi - if [[ "${DB_ROOT_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "$(get_env_var ROOT_PASSWORD)" - fi - if [[ -n "$DB_USER" ]] && [[ "$DB_USER" = "root" ]]; then - print_validation_error "root user is already created in the database and you can't use it as username for user creation." - fi - if [[ "${DB_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "$(get_env_var PASSWORD)" - fi - if [[ "${DB_REPLICATION_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "$(get_env_var REPLICATION_PASSWORD)" - fi - - collation_env_var="$(get_env_var COLLATION)" - is_empty_value "${!collation_env_var:-}" || warn "The usage of '$(get_env_var COLLATION)' is deprecated and will soon be removed. Use '$(get_env_var COLLATE)' instead." - - [[ "$error_code" -eq 0 ]] || exit "$error_code" -} - -######################## -# Creates MySQL/MariaDB configuration file -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_create_default_config() { - debug "Creating main configuration file" - cat > "$DB_CONF_FILE" < "$DUMP_FILE"; then - info "Finish dump database $DB" - info "Ensure database exists $DB" - mysql -u "$DB_MASTER_ROOT_USER" < "${DB_CONF_DIR}/bitnami/my_custom.cnf" - if ! grep --silent "!include ${DB_CONF_DIR}/bitnami/my_custom.cnf" "${DB_CONF_FILE}"; then - echo "!include ${DB_CONF_DIR}/bitnami/my_custom.cnf" >> "${DB_CONF_FILE}" - fi - else - warn "Could not inject custom configuration for the ${DB_FLAVOR} configuration file '$DB_CONF_DIR/bitnami/my_custom.cnf' because it is not writable." - fi - fi - - if [[ -e "$DB_DATA_DIR/mysql" ]]; then - info "Using persisted data" - # mysql_upgrade requires the server to be running - [[ -n "$(get_master_env_var_value ROOT_PASSWORD)" ]] && export ROOT_AUTH_ENABLED="yes" - # https://dev.mysql.com/doc/refman/8.0/en/replication-upgrade.html - mysql_upgrade - else - debug "Cleaning data directory to ensure successfully initialization" - rm -rf "${DB_DATA_DIR:?}"/* - info "Installing database" - mysql_install_db - mysql_start_bg - wait_for_mysql_access - # we delete existing users and create new ones with stricter access - # commands can still be executed until we restart or run 'flush privileges' - info "Configuring authentication" - mysql_execute "mysql" <=8 depends on this command - # users are not configured on slave nodes during initialization due to --skip-slave-start - wait_for_mysql - - # Special configuration flag for system with slow disks that could take more time - # in initializing - if [[ -n "${DB_INIT_SLEEP_TIME}" ]]; then - debug "Sleeping ${DB_INIT_SLEEP_TIME} seconds before continuing with initialization" - sleep "${DB_INIT_SLEEP_TIME}" - fi -} - -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for mysql common - -######################## -# Extract mysql version from version string -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# Version string -######################### -mysql_get_version() { - local ver_string - local -a ver_split - - ver_string=$("${DB_BIN_DIR}/mysql" "--version") - read -r -a ver_split <<< "$ver_string" - - if [[ "$ver_string" = *" Distrib "* ]]; then - echo "${ver_split[4]::-1}" - else - echo "${ver_split[2]}" - fi -} - -######################## -# Gets an environment variable name based on the suffix -# Globals: -# DB_FLAVOR -# Arguments: -# $1 - environment variable suffix -# Returns: -# environment variable name -######################### -get_env_var() { - local -r id="${1:?id is required}" - local -r prefix="${DB_FLAVOR//-/_}" - echo "${prefix^^}_${id}" -} - -######################## -# Gets an environment variable value for the master node and based on the suffix -# Arguments: -# $1 - environment variable suffix -# Returns: -# environment variable value -######################### -get_master_env_var_value() { - local envVar - - PREFIX="" - [[ "${DB_REPLICATION_MODE:-}" = "slave" ]] && PREFIX="MASTER_" - envVar="$(get_env_var "${PREFIX}${1}_FILE")" - if [[ -f "${!envVar:-}" ]]; then - echo "$(< "${!envVar}")" - else - envVar="$(get_env_var "${PREFIX}${1}")" - echo "${!envVar:-}" - fi -} - -######################## -# Execute an arbitrary query/queries against the running MySQL/MariaDB service and print to stdout -# Stdin: -# Query/queries to execute -# Globals: -# BITNAMI_DEBUG -# DB_* -# Arguments: -# $1 - Database where to run the queries -# $2 - User to run queries -# $3 - Password -# $4 - Extra MySQL CLI options -# Returns: -# None -mysql_execute_print_output() { - local -r db="${1:-}" - local -r user="${2:-root}" - local -r pass="${3:-}" - local -a opts extra_opts - read -r -a opts <<< "${@:4}" - read -r -a extra_opts <<< "$(mysql_client_extra_opts)" - - # Process mysql CLI arguments - local -a args=() - if [[ -f "$DB_CONF_FILE" ]]; then - args+=("--defaults-file=${DB_CONF_FILE}") - fi - args+=("-N" "-u" "$user") - [[ -n "$db" ]] && args+=("$db") - [[ -n "$pass" ]] && args+=("-p$pass") - [[ "${#opts[@]}" -gt 0 ]] && args+=("${opts[@]}") - [[ "${#extra_opts[@]}" -gt 0 ]] && args+=("${extra_opts[@]}") - - # Obtain the command specified via stdin - if [[ "${BITNAMI_DEBUG:-false}" = true ]]; then - local mysql_cmd - mysql_cmd="$(> "$custom_conf_file" - cat "$old_custom_conf_file" >> "$custom_conf_file" - fi - if am_i_root; then - [[ -e "$DB_VOLUME_DIR/.initialized" ]] && rm "$DB_VOLUME_DIR/.initialized" - rm -rf "$DB_VOLUME_DIR/conf" - else - warn "Old custom configuration migrated, please manually remove the 'conf' directory from the volume use to persist data" - fi -} - -######################## -# Ensure a db user exists with the given password for the '%' host -# Globals: -# DB_* -# Flags: -# -p|--password - database password -# -u|--user - database user -# --auth-plugin - authentication plugin -# --use-ldap - authenticate user via LDAP -# --host - database host -# --port - database host -# Arguments: -# $1 - database user -# Returns: -# None -######################### -mysql_ensure_user_exists() { - local -r user="${1:?user is required}" - local password="" - local auth_plugin="" - local use_ldap="no" - local hosts - local auth_string="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -p|--password) - shift - password="${1:?missing database password}" - ;; - --auth-plugin) - shift - auth_plugin="${1:?missing authentication plugin}" - ;; - --use-ldap) - use_ldap="yes" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if is_boolean_yes "$use_ldap"; then - auth_string="identified via pam using '$DB_FLAVOR'" - elif [[ -n "$password" ]]; then - if [[ -n "$auth_plugin" ]]; then - auth_string="identified with $auth_plugin by '$password'" - else - auth_string="identified by '$password'" - fi - fi - debug "creating database user \'$user\'" - - local -a mysql_execute_cmd=("mysql_execute") - local -a mysql_execute_print_output_cmd=("mysql_execute_print_output") - if [[ -n "$db_host" && -n "$db_port" ]]; then - mysql_execute_cmd=("mysql_remote_execute" "$db_host" "$db_port") - mysql_execute_print_output_cmd=("mysql_remote_execute_print_output" "$db_host" "$db_port") - fi - - local mysql_create_user_cmd - [[ "$DB_FLAVOR" = "mariadb" ]] && mysql_create_user_cmd="create or replace user" || mysql_create_user_cmd="create user if not exists" - "${mysql_execute_cmd[@]}" "mysql" "$DB_ROOT_USER" "$DB_ROOT_PASSWORD" <=10.4, the mysql.user table was replaced with a view: https://mariadb.com/kb/en/mysqluser-table/ - # Views have a definer user, in this case set to 'root', which needs to exist for the view to work - # In MySQL, to avoid issues when renaming the root user, they use the 'mysql.sys' user as a definer: https://dev.mysql.com/doc/refman/5.7/en/sys-schema.html - # However, for MariaDB that is not the case, so when the 'root' user is renamed the 'mysql.user' table stops working and the view needs to be fixed - if [[ "$user" != "root" && ! "$(mysql_get_version)" =~ ^10.[0123]. ]]; then - alter_view_str="$(mysql_execute_print_output "mysql" "$user" "$password" "-s" <&2 - return 1 - ;; - esac - shift - done - - local -a mysql_execute_cmd=("mysql_execute") - [[ -n "$db_host" && -n "$db_port" ]] && mysql_execute_cmd=("mysql_remote_execute" "$db_host" "$db_port") - - local -a create_database_args=() - [[ -n "$character_set" ]] && create_database_args+=("character set = '${character_set}'") - [[ -n "$collate" ]] && create_database_args+=("collate = '${collate}'") - - debug "Creating database $database" - "${mysql_execute_cmd[@]}" "mysql" "$DB_ROOT_USER" "$DB_ROOT_PASSWORD" <&2 - return 1 - ;; - esac - shift - done - - local -a flags=("$user") - [[ -n "$db_host" ]] && flags+=("--host" "${db_host}") - [[ -n "$db_port" ]] && flags+=("--port" "${db_port}") - if is_boolean_yes "$use_ldap"; then - flags+=("--use-ldap") - elif [[ -n "$password" ]]; then - flags+=("-p" "$password") - [[ -n "$auth_plugin" ]] && flags=("${flags[@]}" "--auth-plugin" "$auth_plugin") - fi - mysql_ensure_user_exists "${flags[@]}" -} - -######################## -# Optionally create the given database, and then optionally give a user -# full privileges on the database. -# Flags: -# -u|--user - database user -# --character-set - character set -# --collation - collation -# --host - database host -# --port - database port -# Arguments: -# $1 - database name -# Returns: -# None -######################### -mysql_ensure_optional_database_exists() { - local -r database="${1:?database is missing}" - local character_set="" - local collate="" - local user="" - local privileges="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - --character-set) - shift - character_set="${1:?missing character set}" - ;; - --collate) - shift - collate="${1:?missing collate}" - ;; - -u|--user) - shift - user="${1:?missing database user}" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - --privileges) - shift - privileges="${1:?missing privileges}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - local -a flags=("$database") - [[ -n "$character_set" ]] && flags+=("--character-set" "$character_set") - [[ -n "$collate" ]] && flags+=("--collate" "$collate") - [[ -n "$db_host" ]] && flags+=("--host" "$db_host") - [[ -n "$db_port" ]] && flags+=("--port" "$db_port") - mysql_ensure_database_exists "${flags[@]}" - - if [[ -n "$user" ]]; then - mysql_ensure_user_has_database_privileges "$user" "$database" "$privileges" "$db_host" "$db_port" - fi -} - -######################## -# Add or modify an entry in the MySQL configuration file ("$DB_CONF_FILE") -# Globals: -# DB_* -# Arguments: -# $1 - MySQL variable name -# $2 - Value to assign to the MySQL variable -# $3 - Section in the MySQL configuration file the key is located (default: mysqld) -# $4 - Configuration file (default: "$BD_CONF_FILE") -# Returns: -# None -######################### -mysql_conf_set() { - local -r key="${1:?key missing}" - local -r value="${2:?value missing}" - read -r -a sections <<<"${3:-mysqld}" - local -r ignore_inline_comments="${4:-no}" - local -r file="${5:-"$DB_CONF_FILE"}" - info "Setting ${key} option" - debug "Setting ${key} to '${value}' in ${DB_FLAVOR} configuration file ${file}" - # Check if the configuration exists in the file - for section in "${sections[@]}"; do - if is_boolean_yes "$ignore_inline_comments"; then - ini-file set --ignore-inline-comments --section "$section" --key "$key" --value "$value" "$file" - else - ini-file set --section "$section" --key "$key" --value "$value" "$file" - fi - done -} - -######################## -# Update MySQL/MariaDB configuration file with user custom inputs -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_update_custom_config() { - # Persisted configuration files from old versions - ! is_dir_empty "$DB_VOLUME_DIR" && [[ -d "$DB_VOLUME_DIR/conf" ]] && mysql_migrate_old_configuration - - # User injected custom configuration - if [[ -f "$DB_CONF_DIR/my_custom.cnf" ]]; then - debug "Injecting custom configuration from my_custom.conf" - cat "$DB_CONF_DIR/my_custom.cnf" > "$DB_CONF_DIR/bitnami/my_custom.cnf" - fi - - ! is_empty_value "$DB_USER" && mysql_conf_set "user" "$DB_USER" "mysqladmin" - ! is_empty_value "$DB_PORT_NUMBER" && mysql_conf_set "port" "$DB_PORT_NUMBER" "mysqld client manager" - ! is_empty_value "$DB_CHARACTER_SET" && mysql_conf_set "character_set_server" "$DB_CHARACTER_SET" - ! is_empty_value "$DB_COLLATE" && mysql_conf_set "collation_server" "$DB_COLLATE" - ! is_empty_value "$DB_BIND_ADDRESS" && mysql_conf_set "bind_address" "$DB_BIND_ADDRESS" - ! is_empty_value "$DB_AUTHENTICATION_PLUGIN" && mysql_conf_set "default_authentication_plugin" "$DB_AUTHENTICATION_PLUGIN" - ! is_empty_value "$DB_SQL_MODE" && mysql_conf_set "sql_mode" "$DB_SQL_MODE" - ! is_empty_value "$DB_ENABLE_SLOW_QUERY" && mysql_conf_set "slow_query_log" "$DB_ENABLE_SLOW_QUERY" - ! is_empty_value "$DB_LONG_QUERY_TIME" && mysql_conf_set "long_query_time" "$DB_LONG_QUERY_TIME" - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Find the path to the libjemalloc library file -# Globals: -# None -# Arguments: -# None -# Returns: -# Path to a libjemalloc shared object file -######################### -find_jemalloc_lib() { - local -a locations=( "/usr/lib" "/usr/lib64" ) - local -r pattern='libjemalloc.so.[0-9]' - local path - for dir in "${locations[@]}"; do - # Find the first element matching the pattern and quit - [[ ! -d "$dir" ]] && continue - path="$(find "$dir" -name "$pattern" -print -quit)" - [[ -n "$path" ]] && break - done - echo "${path:-}" -} - -######################## -# Execute a reliable health check against the current mysql instance -# Globals: -# DB_ROOT_PASSWORD, DB_MASTER_ROOT_PASSWORD -# Arguments: -# None -# Returns: -# mysqladmin output -######################### -mysql_healthcheck() { - local args=("-uroot" "-h0.0.0.0") - local root_password - - root_password="$(get_master_env_var_value ROOT_PASSWORD)" - if [[ -n "$root_password" ]]; then - args+=("-p${root_password}") - fi - - mysqladmin "${args[@]}" ping && mysqladmin "${args[@]}" status -} - -######################## -# Prints flavor of 'mysql' client (useful to determine proper CLI flags that can be used) -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# mysql client flavor -######################### -mysql_client_flavor() { - if "${DB_BIN_DIR}/mysql" "--version" 2>&1 | grep -q MariaDB; then - echo "mariadb" - else - echo "mysql" - fi -} - -######################## -# Prints extra options for MySQL client calls (i.e. SSL options) -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# List of options to pass to "mysql" CLI -######################### -mysql_client_extra_opts() { - # Helper to get the proper value for the MySQL client environment variable - mysql_client_env_value() { - local env_name="MYSQL_CLIENT_${1:?missing name}" - if [[ -n "${!env_name:-}" ]]; then - echo "${!env_name:-}" - else - env_name="DB_CLIENT_${1}" - echo "${!env_name:-}" - fi - } - local -a opts=() - local key value - if is_boolean_yes "${DB_ENABLE_SSL:-no}"; then - if [[ "$(mysql_client_flavor)" = "mysql" ]]; then - opts+=("--ssl-mode=REQUIRED") - else - opts+=("--ssl=TRUE") - fi - # Add "--ssl-ca", "--ssl-key" and "--ssl-cert" options if the env vars are defined - for key in ca key cert; do - value="$(mysql_client_env_value "SSL_${key^^}_FILE")" - [[ -n "${value}" ]] && opts+=("--ssl-${key}=${value}") - done - fi - echo "${opts[@]:-}" -} diff --git a/bitnami/mariadb/11.2/debian-11/rootfs/opt/bitnami/scripts/mariadb-env.sh b/bitnami/mariadb/11.2/debian-11/rootfs/opt/bitnami/scripts/mariadb-env.sh deleted file mode 100644 index 5a226f21476f..000000000000 --- a/bitnami/mariadb/11.2/debian-11/rootfs/opt/bitnami/scripts/mariadb-env.sh +++ /dev/null @@ -1,177 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for mariadb - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-mariadb}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -mariadb_env_vars=( - ALLOW_EMPTY_PASSWORD - MARIADB_AUTHENTICATION_PLUGIN - MARIADB_ROOT_USER - MARIADB_ROOT_PASSWORD - MARIADB_USER - MARIADB_PASSWORD - MARIADB_DATABASE - MARIADB_MASTER_HOST - MARIADB_MASTER_PORT_NUMBER - MARIADB_MASTER_ROOT_USER - MARIADB_MASTER_ROOT_PASSWORD - MARIADB_MASTER_DELAY - MARIADB_REPLICATION_USER - MARIADB_REPLICATION_PASSWORD - MARIADB_PORT_NUMBER - MARIADB_REPLICATION_MODE - MARIADB_REPLICATION_SLAVE_DUMP - MARIADB_EXTRA_FLAGS - MARIADB_INIT_SLEEP_TIME - MARIADB_CHARACTER_SET - MARIADB_COLLATE - MARIADB_BIND_ADDRESS - MARIADB_SQL_MODE - MARIADB_SKIP_TEST_DB - MARIADB_CLIENT_ENABLE_SSL - MARIADB_CLIENT_SSL_CA_FILE - MARIADB_CLIENT_SSL_CERT_FILE - MARIADB_CLIENT_SSL_KEY_FILE - MARIADB_CLIENT_EXTRA_FLAGS - MARIADB_STARTUP_WAIT_RETRIES - MARIADB_STARTUP_WAIT_SLEEP_TIME - MARIADB_ENABLE_SLOW_QUERY - MARIADB_LONG_QUERY_TIME - DB_ENABLE_SLOW_QUERY - DB_LONG_QUERY_TIME -) -for env_var in "${mariadb_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset mariadb_env_vars -export DB_FLAVOR="mariadb" - -# Paths -export DB_BASE_DIR="${BITNAMI_ROOT_DIR}/mariadb" -export DB_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/mariadb" -export DB_DATA_DIR="${DB_VOLUME_DIR}/data" -export DB_BIN_DIR="${DB_BASE_DIR}/bin" -export DB_SBIN_DIR="${DB_BASE_DIR}/sbin" -export DB_CONF_DIR="${DB_BASE_DIR}/conf" -export DB_DEFAULT_CONF_DIR="${DB_BASE_DIR}/conf.default" -export DB_LOGS_DIR="${DB_BASE_DIR}/logs" -export DB_TMP_DIR="${DB_BASE_DIR}/tmp" -export DB_CONF_FILE="${DB_CONF_DIR}/my.cnf" -export DB_PID_FILE="${DB_TMP_DIR}/mysqld.pid" -export DB_SOCKET_FILE="${DB_TMP_DIR}/mysql.sock" -export PATH="${DB_SBIN_DIR}:${DB_BIN_DIR}:/opt/bitnami/common/bin:${PATH}" - -# System users (when running with a privileged user) -export DB_DAEMON_USER="mysql" -export DB_DAEMON_GROUP="mysql" - -# Default configuration (build-time) -export MARIADB_DEFAULT_PORT_NUMBER="3306" -export DB_DEFAULT_PORT_NUMBER="$MARIADB_DEFAULT_PORT_NUMBER" # only used at build time -export MARIADB_DEFAULT_CHARACTER_SET="utf8mb4" -export DB_DEFAULT_CHARACTER_SET="$MARIADB_DEFAULT_CHARACTER_SET" # only used at build time -export MARIADB_DEFAULT_BIND_ADDRESS="0.0.0.0" -export DB_DEFAULT_BIND_ADDRESS="$MARIADB_DEFAULT_BIND_ADDRESS" # only used at build time - -# MariaDB authentication. -export ALLOW_EMPTY_PASSWORD="${ALLOW_EMPTY_PASSWORD:-no}" -export MARIADB_AUTHENTICATION_PLUGIN="${MARIADB_AUTHENTICATION_PLUGIN:-}" -export DB_AUTHENTICATION_PLUGIN="$MARIADB_AUTHENTICATION_PLUGIN" -export MARIADB_ROOT_USER="${MARIADB_ROOT_USER:-root}" -export DB_ROOT_USER="$MARIADB_ROOT_USER" # only used during the first initialization -export MARIADB_ROOT_PASSWORD="${MARIADB_ROOT_PASSWORD:-}" -export DB_ROOT_PASSWORD="$MARIADB_ROOT_PASSWORD" # only used during the first initialization -export MARIADB_USER="${MARIADB_USER:-}" -export DB_USER="$MARIADB_USER" # only used during the first initialization -export MARIADB_PASSWORD="${MARIADB_PASSWORD:-}" -export DB_PASSWORD="$MARIADB_PASSWORD" # only used during the first initialization -export MARIADB_DATABASE="${MARIADB_DATABASE:-}" -export DB_DATABASE="$MARIADB_DATABASE" # only used during the first initialization -export MARIADB_MASTER_HOST="${MARIADB_MASTER_HOST:-}" -export DB_MASTER_HOST="$MARIADB_MASTER_HOST" # only used during the first initialization -export MARIADB_MASTER_PORT_NUMBER="${MARIADB_MASTER_PORT_NUMBER:-3306}" -export DB_MASTER_PORT_NUMBER="$MARIADB_MASTER_PORT_NUMBER" # only used during the first initialization -export MARIADB_MASTER_ROOT_USER="${MARIADB_MASTER_ROOT_USER:-root}" -export DB_MASTER_ROOT_USER="$MARIADB_MASTER_ROOT_USER" # only used during the first initialization -export MARIADB_MASTER_ROOT_PASSWORD="${MARIADB_MASTER_ROOT_PASSWORD:-}" -export DB_MASTER_ROOT_PASSWORD="$MARIADB_MASTER_ROOT_PASSWORD" # only used during the first initialization -export MARIADB_MASTER_DELAY="${MARIADB_MASTER_DELAY:-0}" -export DB_MASTER_DELAY="$MARIADB_MASTER_DELAY" # only used during the first initialization -export MARIADB_REPLICATION_USER="${MARIADB_REPLICATION_USER:-}" -export DB_REPLICATION_USER="$MARIADB_REPLICATION_USER" # only used during the first initialization -export MARIADB_REPLICATION_PASSWORD="${MARIADB_REPLICATION_PASSWORD:-}" -export DB_REPLICATION_PASSWORD="$MARIADB_REPLICATION_PASSWORD" # only used during the first initialization - -# Settings -export MARIADB_PORT_NUMBER="${MARIADB_PORT_NUMBER:-}" -export DB_PORT_NUMBER="$MARIADB_PORT_NUMBER" -export MARIADB_REPLICATION_MODE="${MARIADB_REPLICATION_MODE:-}" -export DB_REPLICATION_MODE="$MARIADB_REPLICATION_MODE" -export MARIADB_REPLICATION_SLAVE_DUMP="${MARIADB_REPLICATION_SLAVE_DUMP:-false}" -export DB_REPLICATION_SLAVE_DUMP="$MARIADB_REPLICATION_SLAVE_DUMP" -export MARIADB_EXTRA_FLAGS="${MARIADB_EXTRA_FLAGS:-}" -export DB_EXTRA_FLAGS="$MARIADB_EXTRA_FLAGS" -export MARIADB_INIT_SLEEP_TIME="${MARIADB_INIT_SLEEP_TIME:-}" -export DB_INIT_SLEEP_TIME="$MARIADB_INIT_SLEEP_TIME" -export MARIADB_CHARACTER_SET="${MARIADB_CHARACTER_SET:-}" -export DB_CHARACTER_SET="$MARIADB_CHARACTER_SET" -# MARIADB_COLLATION is deprecated in favor of MARIADB_COLLATE -MARIADB_COLLATE="${MARIADB_COLLATE:-"${MARIADB_COLLATION:-}"}" -export MARIADB_COLLATE="${MARIADB_COLLATE:-}" -export DB_COLLATE="$MARIADB_COLLATE" -export MARIADB_BIND_ADDRESS="${MARIADB_BIND_ADDRESS:-}" -export DB_BIND_ADDRESS="$MARIADB_BIND_ADDRESS" -export MARIADB_SQL_MODE="${MARIADB_SQL_MODE:-}" -export DB_SQL_MODE="$MARIADB_SQL_MODE" -export MARIADB_SKIP_TEST_DB="${MARIADB_SKIP_TEST_DB:-no}" -export DB_SKIP_TEST_DB="$MARIADB_SKIP_TEST_DB" -export MARIADB_CLIENT_ENABLE_SSL="${MARIADB_CLIENT_ENABLE_SSL:-no}" -export DB_CLIENT_ENABLE_SSL="$MARIADB_CLIENT_ENABLE_SSL" -export MARIADB_CLIENT_SSL_CA_FILE="${MARIADB_CLIENT_SSL_CA_FILE:-}" -export DB_CLIENT_SSL_CA_FILE="$MARIADB_CLIENT_SSL_CA_FILE" -export MARIADB_CLIENT_SSL_CERT_FILE="${MARIADB_CLIENT_SSL_CERT_FILE:-}" -export DB_CLIENT_SSL_CERT_FILE="$MARIADB_CLIENT_SSL_CERT_FILE" -export MARIADB_CLIENT_SSL_KEY_FILE="${MARIADB_CLIENT_SSL_KEY_FILE:-}" -export DB_CLIENT_SSL_KEY_FILE="$MARIADB_CLIENT_SSL_KEY_FILE" -export MARIADB_CLIENT_EXTRA_FLAGS="${MARIADB_CLIENT_EXTRA_FLAGS:-no}" -export DB_CLIENT_EXTRA_FLAGS="$MARIADB_CLIENT_EXTRA_FLAGS" -export MARIADB_STARTUP_WAIT_RETRIES="${MARIADB_STARTUP_WAIT_RETRIES:-300}" -export DB_STARTUP_WAIT_RETRIES="$MARIADB_STARTUP_WAIT_RETRIES" -export MARIADB_STARTUP_WAIT_SLEEP_TIME="${MARIADB_STARTUP_WAIT_SLEEP_TIME:-2}" -export DB_STARTUP_WAIT_SLEEP_TIME="$MARIADB_STARTUP_WAIT_SLEEP_TIME" -MARIADB_ENABLE_SLOW_QUERY="${MARIADB_ENABLE_SLOW_QUERY:-"${DB_ENABLE_SLOW_QUERY:-}"}" -export MARIADB_ENABLE_SLOW_QUERY="${MARIADB_ENABLE_SLOW_QUERY:-0}" -export DB_ENABLE_SLOW_QUERY="$MARIADB_ENABLE_SLOW_QUERY" -MARIADB_LONG_QUERY_TIME="${MARIADB_LONG_QUERY_TIME:-"${DB_LONG_QUERY_TIME:-}"}" -export MARIADB_LONG_QUERY_TIME="${MARIADB_LONG_QUERY_TIME:-10.0}" -export DB_LONG_QUERY_TIME="$MARIADB_LONG_QUERY_TIME" - -# Custom environment variables may be defined below diff --git a/bitnami/mariadb/11.2/debian-11/rootfs/opt/bitnami/scripts/mariadb/entrypoint.sh b/bitnami/mariadb/11.2/debian-11/rootfs/opt/bitnami/scripts/mariadb/entrypoint.sh deleted file mode 100755 index 2778b418f2fd..000000000000 --- a/bitnami/mariadb/11.2/debian-11/rootfs/opt/bitnami/scripts/mariadb/entrypoint.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/libmariadb.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -print_welcome_page - -# We add the copy from default config in the entrypoint to not break users -# bypassing the setup.sh logic. If the file already exists do not overwrite (in -# case someone mounts a configuration file in /opt/bitnami/mariadb/conf) -debug "Copying files from $DB_DEFAULT_CONF_DIR to $DB_CONF_DIR" -cp -nr "$DB_DEFAULT_CONF_DIR"/. "$DB_CONF_DIR" - -if [[ "$1" = "/opt/bitnami/scripts/mariadb/run.sh" ]]; then - info "** Starting MariaDB setup **" - /opt/bitnami/scripts/mariadb/setup.sh - info "** MariaDB setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/mariadb/11.2/debian-11/rootfs/opt/bitnami/scripts/mariadb/healthcheck.sh b/bitnami/mariadb/11.2/debian-11/rootfs/opt/bitnami/scripts/mariadb/healthcheck.sh deleted file mode 100755 index a42fac08c834..000000000000 --- a/bitnami/mariadb/11.2/debian-11/rootfs/opt/bitnami/scripts/mariadb/healthcheck.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libmariadb.sh - -# Load MySQL environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -mysql_healthcheck diff --git a/bitnami/mariadb/11.2/debian-11/rootfs/opt/bitnami/scripts/mariadb/postunpack.sh b/bitnami/mariadb/11.2/debian-11/rootfs/opt/bitnami/scripts/mariadb/postunpack.sh deleted file mode 100755 index 98108424f464..000000000000 --- a/bitnami/mariadb/11.2/debian-11/rootfs/opt/bitnami/scripts/mariadb/postunpack.sh +++ /dev/null @@ -1,37 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libmariadb.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# Configure MariaDB options based on build-time defaults -info "Configuring default MariaDB options" -ensure_dir_exists "$DB_CONF_DIR" -mysql_create_default_config - -for dir in "$DB_TMP_DIR" "$DB_LOGS_DIR" "$DB_CONF_DIR" "$DB_DEFAULT_CONF_DIR" "${DB_CONF_DIR}/bitnami" "$DB_VOLUME_DIR" "$DB_DATA_DIR"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" -done - -# Fix to avoid issues detecting plugins in mysql_install_db -ln -sf "$DB_BASE_DIR/plugin" "$DB_BASE_DIR/lib/plugin" - -# Redirect all logging to stdout -ln -sf "/proc/1/fd/1" "$DB_LOGS_DIR/mysqld.log" - -# Copy all initially generated configuration files to the default directory -# (this is to avoid breaking when entrypoint is being overridden) -cp -r "${DB_CONF_DIR}/"* "$DB_DEFAULT_CONF_DIR" diff --git a/bitnami/mariadb/11.2/debian-11/rootfs/opt/bitnami/scripts/mariadb/run.sh b/bitnami/mariadb/11.2/debian-11/rootfs/opt/bitnami/scripts/mariadb/run.sh deleted file mode 100755 index 6be2d7dadf5a..000000000000 --- a/bitnami/mariadb/11.2/debian-11/rootfs/opt/bitnami/scripts/mariadb/run.sh +++ /dev/null @@ -1,41 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libmariadb.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# mysqld_safe does not allow logging to stdout/stderr, so we stick with mysqld -EXEC="${DB_SBIN_DIR}/mysqld" - -flags=("--defaults-file=${DB_CONF_DIR}/my.cnf" "--basedir=${DB_BASE_DIR}" "--datadir=${DB_DATA_DIR}" "--socket=${DB_SOCKET_FILE}") -[[ -z "${DB_PID_FILE:-}" ]] || flags+=("--pid-file=${DB_PID_FILE}") - -# Add flags specified via the 'DB_EXTRA_FLAGS' environment variable -read -r -a db_extra_flags <<< "$(mysql_extra_flags)" -[[ "${#db_extra_flags[@]}" -gt 0 ]] && flags+=("${db_extra_flags[@]}") - -# Add flags passed to this script -flags+=("$@") - -# Fix for MDEV-16183 - mysqld_safe already does this, but we are using mysqld -LD_PRELOAD="$(find_jemalloc_lib)${LD_PRELOAD:+ "$LD_PRELOAD"}" -export LD_PRELOAD - -info "** Starting MariaDB **" -if am_i_root; then - exec_as_user "$DB_DAEMON_USER" "$EXEC" "${flags[@]}" -else - exec "$EXEC" "${flags[@]}" -fi diff --git a/bitnami/mariadb/11.2/debian-11/rootfs/opt/bitnami/scripts/mariadb/setup.sh b/bitnami/mariadb/11.2/debian-11/rootfs/opt/bitnami/scripts/mariadb/setup.sh deleted file mode 100755 index dc9c12a2bd05..000000000000 --- a/bitnami/mariadb/11.2/debian-11/rootfs/opt/bitnami/scripts/mariadb/setup.sh +++ /dev/null @@ -1,40 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libmariadb.sh - -# Load MariaDB environment variables -. /opt/bitnami/scripts/mariadb-env.sh - -# Ensure mysql unix socket file does not exist -rm -rf "${DB_SOCKET_FILE}.lock" -# Ensure MariaDB environment variables settings are valid -mysql_validate -# Ensure MariaDB is stopped when this script ends. -trap "mysql_stop" EXIT -if am_i_root; then - # Ensure 'daemon' user exists when running as 'root' - ensure_user_exists "$DB_DAEMON_USER" --group "$DB_DAEMON_GROUP" - # Fix logging issue when running as root - chmod o+w "$(readlink /dev/stdout)" -fi -# Ensure MariaDB is initialized -mysql_initialize -# Allow running custom initialization scripts -mysql_custom_scripts 'init' -# Allow running custom start scripts -mysql_custom_scripts 'start' -# Stop MariaDB before flagging it as fully initialized. -# Relying only on the trap defined above could produce a race condition. -mysql_stop diff --git a/bitnami/mariadb/11.2/debian-11/tags-info.yaml b/bitnami/mariadb/11.2/debian-11/tags-info.yaml deleted file mode 100644 index f2eddb7719e1..000000000000 --- a/bitnami/mariadb/11.2/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "11.2" -- 11.2-debian-11 -- 11.2.3 -- latest diff --git a/bitnami/mastodon/4/debian-11/Dockerfile b/bitnami/mastodon/4/debian-11/Dockerfile deleted file mode 100644 index 082c5d2302a0..000000000000 --- a/bitnami/mastodon/4/debian-11/Dockerfile +++ /dev/null @@ -1,61 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T15:00:23Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="4.2.7-debian-11-r0" \ - org.opencontainers.image.title="mastodon" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="4.2.7" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages acl ca-certificates curl ffmpeg file imagemagick libbrotli1 libbsd0 libbz2-1.0 libcom-err2 libcrypt1 libcurl4 libedit2 libffi7 libgcc-s1 libgcrypt20 libgmp10 libgnutls30 libgpg-error0 libgssapi-krb5-2 libhogweed6 libicu67 libidn11 libidn2-0 libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 libldap-2.4-2 liblz4-1 liblzma5 libmd0 libncursesw6 libnettle8 libnghttp2-14 libnsl2 libp11-kit0 libpcre2-8-0 libpq5 libpsl5 libreadline-dev libreadline8 librtmp1 libsasl2-2 libsqlite3-0 libssh2-1 libssl-dev libssl1.1 libstdc++6 libtasn1-6 libtinfo6 libtirpc3 libunistring2 libuuid1 libxml2 libxslt1.1 libyaml-0-2 libyaml-dev procps sqlite3 zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "python-3.11.8-0-linux-${OS_ARCH}-debian-11" \ - "wait-for-port-1.0.7-8-linux-${OS_ARCH}-debian-11" \ - "ruby-3.2.3-1-linux-${OS_ARCH}-debian-11" \ - "redis-client-7.0.15-1-linux-${OS_ARCH}-debian-11" \ - "postgresql-client-16.2.0-0-linux-${OS_ARCH}-debian-11" \ - "node-20.11.1-0-linux-${OS_ARCH}-debian-11" \ - "mastodon-4.2.7-0-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/mastodon/postunpack.sh -ENV APP_VERSION="4.2.7" \ - BITNAMI_APP_NAME="mastodon" \ - PATH="/opt/bitnami/python/bin:/opt/bitnami/common/bin:/opt/bitnami/ruby/bin:/opt/bitnami/redis/bin:/opt/bitnami/postgresql/bin:/opt/bitnami/node/bin:/opt/bitnami/mastodon/bin:$PATH" - -EXPOSE 3000 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/mastodon/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/mastodon/run.sh" ] diff --git a/bitnami/mastodon/4/debian-11/docker-compose.yml b/bitnami/mastodon/4/debian-11/docker-compose.yml deleted file mode 100644 index 391a0e83db0c..000000000000 --- a/bitnami/mastodon/4/debian-11/docker-compose.yml +++ /dev/null @@ -1,68 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' -services: - postgresql: - image: docker.io/bitnami/postgresql:16 - volumes: - - 'postgresql_data:/bitnami/postgresql' - environment: - - POSTGRESQL_DATABASE=bitnami_mastodon - - POSTGRESQL_USERNAME=bn_mastodon - - POSTGRESQL_PASSWORD=bitnami1 - redis: - image: docker.io/bitnami/redis:7.0 - volumes: - - 'redis_data:/bitnami/redis' - environment: - - ALLOW_EMPTY_PASSWORD=yes - elasticsearch: - image: docker.io/bitnami/elasticsearch:8 - volumes: - - 'elasticsearch_data:/bitnami/elasticsearch/data' - environment: - - ELASTICSEARCH_ENABLE_SECURITY=true - - ELASTICSEARCH_SKIP_TRANSPORT_TLS=true - - ELASTICSEARCH_ENABLE_REST_TLS=false - - ELASTICSEARCH_PASSWORD=bitnami123 - mastodon: - image: docker.io/bitnami/mastodon:4 - ports: - - 80:3000 - volumes: - - 'mastodon_data:/bitnami/mastodon' - environment: - - ALLOW_EMPTY_PASSWORD=yes - - MASTODON_MODE=web - - MASTODON_DATABASE_PASSWORD=bitnami1 - - MASTODON_ELASTICSEARCH_PASSWORD=bitnami123 - mastodon-streaming: - image: docker.io/bitnami/mastodon:4 - ports: - - 4000:4000 - environment: - - ALLOW_EMPTY_PASSWORD=yes - - MASTODON_MODE=streaming - - MASTODON_DATABASE_PASSWORD=bitnami1 - - MASTODON_ELASTICSEARCH_PASSWORD=bitnami123 - mastodon-sidekiq: - image: docker.io/bitnami/mastodon:4 - volumes: - - 'mastodon_data:/bitnami/mastodon' - environment: - - ALLOW_EMPTY_PASSWORD=yes - - MASTODON_MODE=sidekiq - - MASTODON_DATABASE_PASSWORD=bitnami1 - - MASTODON_ELASTICSEARCH_PASSWORD=bitnami123 -volumes: - postgresql_data: - driver: local - minio_data: - driver: local - redis_data: - driver: local - elasticsearch_data: - driver: local - mastodon_data: - driver: local diff --git a/bitnami/mastodon/4/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/mastodon/4/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 0d5afa205397..000000000000 --- a/bitnami/mastodon/4/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,44 +0,0 @@ -{ - "mastodon": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "4.2.7-0" - }, - "node": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "20.11.1-0" - }, - "postgresql-client": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "16.2.0-0" - }, - "python": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.11.8-0" - }, - "redis-client": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "7.0.15-1" - }, - "ruby": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.2.3-1" - }, - "wait-for-port": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.7-8" - } -} \ No newline at end of file diff --git a/bitnami/mastodon/4/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/mastodon/4/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/mastodon/4/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/mastodon/4/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/mastodon/4/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/mastodon/4/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/mastodon/4/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/mastodon/4/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/mastodon/4/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/mastodon/4/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/mastodon/4/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/mastodon/4/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/mastodon/4/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/mastodon/4/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/mastodon/4/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/mastodon/4/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/mastodon/4/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/mastodon/4/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/mastodon/4/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/mastodon/4/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/mastodon/4/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/mastodon/4/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/mastodon/4/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/mastodon/4/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/mastodon/4/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/mastodon/4/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/mastodon/4/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/mastodon/4/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/mastodon/4/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/mastodon/4/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/mastodon/4/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/mastodon/4/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/mastodon/4/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/mastodon/4/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/mastodon/4/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/mastodon/4/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/mastodon/4/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/mastodon/4/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/mastodon/4/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/mastodon/4/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/mastodon/4/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/mastodon/4/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/mastodon/4/debian-11/rootfs/opt/bitnami/scripts/libmastodon.sh b/bitnami/mastodon/4/debian-11/rootfs/opt/bitnami/scripts/libmastodon.sh deleted file mode 100644 index 79fe6cfd9e86..000000000000 --- a/bitnami/mastodon/4/debian-11/rootfs/opt/bitnami/scripts/libmastodon.sh +++ /dev/null @@ -1,649 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Mastodon library - -# shellcheck disable=SC1090 -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libpersistence.sh -. /opt/bitnami/scripts/libservice.sh - -######################## -# Validate settings in MASTODON_* env vars -# Globals: -# MASTODON_* -# Arguments: -# None -# Returns: -# 0 if the validation succeeded, 1 otherwise -######################### -mastodon_validate() { - debug "Validating settings in MASTODON_* environment variables..." - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - check_empty_value() { - if is_empty_value "${!1}"; then - print_validation_error "${1} must be set" - fi - } - - check_multi_value() { - if [[ " ${2} " != *" ${!1} "* ]]; then - print_validation_error "The allowed values for ${1} are: ${2}" - fi - } - check_resolved_hostname() { - if ! is_hostname_resolved "$1"; then - warn "Hostname ${1} could not be resolved, this could lead to connection issues" - fi - } - check_valid_port() { - local port_var="${1:?missing port variable}" - local err - if ! err="$(validate_port "${!port_var}")"; then - print_validation_error "An invalid port was specified in the environment variable ${port_var}: ${err}." - fi - } - - check_true_false() { - if ! is_true_false_value "${!1}"; then - print_validation_error "The allowed values for ${1} are: true or false" - fi - } - - check_integer() { - if ! is_int "${!1}"; then - print_validation_error "The value for ${1} is not a valid integer" - fi - } - - check_password_length() { - local password_var="${1:?missing password_var}" - local length="${2:?missing length}" - local password="${!1}" - if [[ "${#password}" -lt "$length" ]]; then - print_validation_error "${password_var} must be at least ${length} characters" - fi - } - - check_true_false "MASTODON_ELASTICSEARCH_ENABLED" - if is_boolean_yes "$MASTODON_ELASTICSEARCH_ENABLED"; then - check_true_false "MASTODON_MIGRATE_ELASTICSEARCH" - check_resolved_hostname "MASTODON_ELASTICSEARCH_HOST" - check_valid_port "MASTODON_ELASTICSEARCH_PORT_NUMBER" - fi - - # Validate credentials - if is_boolean_yes "${ALLOW_EMPTY_PASSWORD:-}"; then - warn "You set the environment variable ALLOW_EMPTY_PASSWORD=${ALLOW_EMPTY_PASSWORD:-}. For safety reasons, do not use this flag in a production environment." - else - if [[ "$MASTODON_MODE" == "web" ]]; then - is_empty_value "${MASTODON_DATABASE_PASSWORD:-}" && print_validation_error "The MASTODON_DATABASE_PASSWORD environment variable is empty or not set. Set the environment variable ALLOW_EMPTY_PASSWORD=yes to allow a blank password. This is only recommended for development environments." - is_empty_value "${MASTODON_REDIS_PASSWORD:-}" && print_validation_error "The MASTODON_REDIS_PASSWORD environment variable is empty or not set. Set the environment variable ALLOW_EMPTY_PASSWORD=yes to allow a blank password. This is only recommended for development environments." - is_boolean_yes "$MASTODON_ELASTICSEARCH_ENABLED" && is_empty_value "${MASTODON_ELASTICSEARCH_PASSWORD:-}" && print_validation_error "The MASTODON_ELASTICSEARCH_PASSWORD environment variable is empty or not set. Set the environment variable ALLOW_EMPTY_PASSWORD=yes to allow a blank password. This is only recommended for development environments." - fi - fi - - # Mastodon mode - check_multi_value "MASTODON_MODE" "web sidekiq streaming" - - check_true_false "MASTODON_CREATE_ADMIN" - if is_boolean_yes "$MASTODON_CREATE_ADMIN"; then - check_empty_value "MASTODON_ADMIN_EMAIL" - check_empty_value "MASTODON_ADMIN_PASSWORD" - check_empty_value "MASTODON_ADMIN_USERNAME" - fi - - check_true_false "MASTODON_S3_ENABLED" - - if is_boolean_yes "$MASTODON_S3_ENABLED"; then - check_empty_value "MASTODON_S3_HOSTNAME" - check_resolved_hostname "$MASTODON_S3_HOSTNAME" - check_valid_port "MASTODON_S3_PORT_NUMBER" - check_empty_value "MASTODON_S3_ALIAS_HOST" - check_empty_value "MASTODON_S3_ENDPOINT" - check_empty_value "MASTODON_AWS_ACCESS_KEY_ID" - check_empty_value "MASTODON_AWS_SECRET_ACCESS_KEY" - check_multi_value "MASTODON_S3_PROTOCOL" "http https" - fi - - if [[ $MASTODON_MODE != "web" ]]; then - is_empty_value "${MASTODON_WEB_HOST}" && print_validation_error "For Sidekiq and Streaming modes, the MASTODON_WEB_HOST variable must be set" - check_resolved_hostname "MASTODON_WEB_HOST" - fi - - check_valid_port "MASTODON_WEB_PORT_NUMBER" - check_valid_port "MASTODON_STREAMING_PORT_NUMBER" - - check_empty_value "MASTODON_SECRET_KEY_BASE" - check_empty_value "MASTODON_OTP_SECRET" - - check_true_false "MASTODON_MIGRATE_DATABASE" - check_resolved_hostname "MASTODON_DATABASE_HOST" - check_valid_port "MASTODON_DATABASE_PORT_NUMBER" - check_integer "MASTODON_DATABASE_POOL" - - check_resolved_hostname "MASTODON_REDIS_HOST" - check_valid_port "MASTODON_REDIS_PORT_NUMBER" - - check_true_false "MASTODON_ALLOW_ALL_DOMAINS" - check_password_length "MASTODON_ADMIN_PASSWORD" "8" - return "$error_code" -} - -######################## -# Executes Bundler with the proper environment and the specified arguments and print result to stdout -# Globals: -# MASTODON_* -# Arguments: -# $1..$n - Arguments to pass to the CLI call -# Returns: -# None -######################### -mastodon_bundle_execute_print_output() { - # Avoid creating unnecessary cache files at initialization time - local -a cmd=("bundle" "exec" "$@") - # Run as application user to avoid having to change permissions/ownership afterwards - am_i_root && cmd=("run_as_user" "$MASTODON_DAEMON_USER" "${cmd[@]}") - ( - cd "$MASTODON_BASE_DIR" || false - "${cmd[@]}" - ) -} - -######################## -# Executes Bundler with the proper environment and the specified arguments -# Globals: -# MASTODON_* -# Arguments: -# $1..$n - Arguments to pass to the CLI call -# Returns: -# None -######################### -mastodon_bundle_execute() { - debug_execute mastodon_bundle_execute_print_output "$@" -} - -######################## -# Executes the 'rake' CLI with the proper Bundler environment and the specified arguments and print result to stdout -# Globals: -# MASTODON_* -# Arguments: -# $1..$n - Arguments to pass to the CLI call -# Returns: -# None -######################### -mastodon_rake_execute_print_output() { - mastodon_bundle_execute_print_output "rake" "$@" -} - -######################## -# Executes the 'rake' CLI with the proper Bundler environment and the specified arguments -# Globals: -# MASTODON_* -# Arguments: -# $1..$n - Arguments to pass to the CLI call -# Returns: -# None -######################### -mastodon_rake_execute() { - debug_execute mastodon_rake_execute_print_output "$@" -} - -######################## -# Executes the commands specified via stdin in the Rails console for Discourse -# Globals: -# MASTODON_* -# Arguments: -# None -# Returns: -# None -######################### -mastodon_console_execute() { - local rails_cmd - rails_cmd="$(&1) - debug "$res" - echo "$res" | grep -q '1 row' - } - if ! retry_while "debug_execute check_postgresql_connection" "$MASTODON_STARTUP_ATTEMPTS"; then - error "Could not connect to the PostgreSQL database" - return 1 - fi - info "PostgreSQL instance is ready" -} - -######################## -# Wait for Elasticsearch to be ready -# Globals: -# * MASTODON_* -# Arguments: -# None -# Returns: None -######################### -mastodon_wait_for_elasticsearch_connection() { - local -r connection_string="${1:?missing connection string}" - info "Waiting for Elasticsearch to be ready at $connection_string" - check_elasticsearch_connection() { - local curl_args=("-k" "$connection_string" "--max-time" "5") - if ! is_empty_value "${MASTODON_ELASTICSEARCH_PASSWORD:-}"; then - curl_args+=("-u" "$MASTODON_ELASTICSEARCH_USER:$MASTODON_ELASTICSEARCH_PASSWORD") - fi - local -r res=$(curl "${curl_args[@]}" 2>&1) - debug "$res" - echo "$res" | grep -q 'You Know' - } - if ! retry_while "debug_execute check_elasticsearch_connection" "$MASTODON_STARTUP_ATTEMPTS"; then - error "Could not connect to Elasticsearch" - return 1 - fi - info "Elasticsearch instance is ready" -} - -######################## -# Wait for S3 connection -# Globals: -# * MASTODON_* -# Arguments: None -# Returns: None -######################### -mastodon_wait_for_s3_connection() { - local -r host="${1:?missing host}" - local -r port="${2:?missing port}" - info "Waiting for S3 to be ready at ${MASTODON_S3_PROTOCOL}://${host}:${port}" - if ! retry_while "debug_execute wait-for-port --host ${host} ${port}" "$MASTODON_STARTUP_ATTEMPTS"; then - error "Could not connect to S3" - return 1 - fi - info "S3 instance is ready" -} - -######################## -# Wait for Redis connection -# Globals: -# * MASTODON_* -# Arguments: -# 1: Connection string -# Returns: None -######################### -mastodon_wait_for_redis_connection() { - local -r connection_string="${1:?missing connection string}" - info "Waiting for Redis to be ready at ${connection_string##*@}" - check_redis_connection() { - local -r redis_args=("-u" "$connection_string" "PING") - local -r res=$(redis-cli "${redis_args[@]}" 2>&1) - debug "$res" - echo "$res" | grep -q 'PONG' - } - if ! retry_while "debug_execute check_redis_connection" "$MASTODON_STARTUP_ATTEMPTS"; then - error "Could not connect to Redis" - return 1 - fi - info "Redis instance is ready" -} - -######################## -# Wait for Mastodon Web to be available -# Globals: -# * MASTODON_* -# Arguments: -# None -# Returns: None -######################### -mastodon_wait_for_web_connection() { - local -r connection_string="${1:?missing connection string}" - info "Checking for web server at $connection_string" - check_web_connection() { - # We use the /health endpoint to check if the web server is ready - # https://github.com/mastodon/mastodon/blob/main/config/initializers/1_hosts.rb#L34 - local -r curl_args=("${connection_string}/health" "--max-time" "5") - local -r res=$(curl "${curl_args[@]}" 2>&1) - debug "$res" - echo "$res" | grep -q 'OK' - } - if ! retry_while "debug_execute check_web_connection" "$MASTODON_STARTUP_ATTEMPTS"; then - error "Could not connect to the Web server" - return 1 - fi - info "Web server is ready" -} - -######################## -# Initialize Mastodon -# Arguments: -# None -# Returns: -# None -######################### -mastodon_initialize() { - # Logic inspired on the official helm chart - # Source: https://github.com/mastodon/mastodon/tree/main/chart/templates - # The logic in this function will be used for docker-compose deployments. In the helm - # chart we will use separate jobs that call the migration and precompilation commands. - # This will allow better scalability and avoid race condition issues. - # There is no configuration file in Mastodon, as everything is done via environment variables - # https://github.com/mastodon/mastodon/blob/main/chart/templates/configmap-env.yaml - info "Initializing Mastodon" - local -r app_name="mastodon" - - # All the initialization logic will be performed by the web node, the other nodes - # will just wait for web to be available - if [[ "$MASTODON_MODE" == "web" ]]; then - # If we are using S3, we do not need to enable persistence. Otherwise we need - # to persist the system and public folders - # https://github.com/mastodon/mastodon/blob/main/chart/templates/deployment-web.yaml#L89 - if is_boolean_yes "$MASTODON_S3_ENABLED"; then - info "Waiting for S3 connection" - mastodon_wait_for_s3_connection "$MASTODON_S3_HOSTNAME" "$MASTODON_S3_PORT_NUMBER" - fi - - local -r psql_connection_string="postgresql://${MASTODON_DATABASE_USERNAME}:${MASTODON_DATABASE_PASSWORD}@${MASTODON_DATABASE_HOST}:${MASTODON_DATABASE_PORT_NUMBER}/${MASTODON_DATABASE_NAME}" - mastodon_wait_for_postgresql_connection "$psql_connection_string" - if is_boolean_yes "$MASTODON_MIGRATE_DATABASE"; then - info "Migrating database" - mastodon_rake_execute db:migrate - fi - - local redis_connection_string="redis://" - if [[ -n "${MASTODON_REDIS_PASSWORD:-}" ]]; then - redis_connection_string+="${MASTODON_REDIS_PASSWORD}@" - fi - redis_connection_string+="${MASTODON_REDIS_HOST}:${MASTODON_REDIS_PORT_NUMBER}" - mastodon_wait_for_redis_connection "$redis_connection_string" - - # Elasticsearch is an optional component in Mastodon. It is necessary for enabling - # text searches - if is_boolean_yes "$MASTODON_ELASTICSEARCH_ENABLED"; then - local -r elasticsearch_connection_string="http://${MASTODON_ELASTICSEARCH_HOST}:${MASTODON_ELASTICSEARCH_PORT_NUMBER}" - mastodon_wait_for_elasticsearch_connection "$elasticsearch_connection_string" - if is_boolean_yes "$MASTODON_MIGRATE_ELASTICSEARCH"; then - info "Migrating Elasticsearch" - mastodon_rake_execute chewy:upgrade - fi - fi - - if is_boolean_yes "$MASTODON_CREATE_ADMIN"; then - mastodon_ensure_admin_user_exists - fi - - if ! is_boolean_yes "$MASTODON_S3_ENABLED"; then - if ! is_app_initialized "$app_name"; then - info "Persisting Mastodon application" - persist_app "$app_name" "$MASTODON_DATA_TO_PERSIST" - else - info "Mastodon application already initialized, restoring..." - restore_persisted_app "$app_name" "$MASTODON_DATA_TO_PERSIST" - fi - fi - - if is_boolean_yes "$MASTODON_ASSETS_PRECOMPILE"; then - info "Precompiling assets" - mastodon_rake_execute "assets:precompile" - fi - - else - - # When the mode is sidekiq or streaming, we want to wait for the web node to be available - info "Waiting for Mastodon web to be available" - mastodon_wait_for_web_connection "http://${MASTODON_WEB_HOST}:${MASTODON_WEB_PORT_NUMBER}" - if ! is_boolean_yes "$MASTODON_S3_ENABLED" && [[ "$MASTODON_MODE" == "sidekiq" ]]; then - # If the web node is available, we can assume that the shared volume has been initialized so - # we can safely restore it (we don't need it for the streaming service) - # https://github.com/mastodon/mastodon/blob/main/chart/templates/deployment-streaming.yaml#L77 - info "Mastodon application already initialized, restoring..." - restore_persisted_app "$app_name" "$MASTODON_DATA_TO_PERSIST" - fi - fi - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Add or modify an entry in the Mastodon configuration file (.env.production) -# Globals: -# MASTODON_BASE_DIR -# MASTODON_CFG_* -# Arguments: -# $1 - Environment variable name -# $2 - Value to assign to the environment variable -# Returns: -# None -######################### -mastodon_conf_set() { - local -r key="${1:?key missing}" - local -r value="${2:-}" - local -r conf_file="${MASTODON_BASE_DIR}/.env.production" - debug "Setting ${key} to '${value}' in Mastodon .env.production configuration" - # Sanitize key (sed does not support fixed string substitutions) - local sanitized_pattern - sanitized_pattern="^\s*(#\s*)?$(sed 's/[]\[^$.*/]/\\&/g' <<< "$key")\s*=.*" - local entry="${key}=${value}" - # Check if the configuration exists in the file - if grep -q -E "$sanitized_pattern" "$conf_file"; then - # It exists, so replace the line - replace_in_file "$conf_file" "$sanitized_pattern" "$entry" - else - cat >> "$conf_file" <<< "$entry" - fi -} - -######################## -# Obtain Mastodon runtime configuration and environment variables -# Arguments: -# None -# Returns: -# Mastodon runtime configuration and environment variables -######################### -mastodon_runtime_env() { - # Convert the .env.production file so it can be loaded with eval - sed -E 's/^\s*([^# ])/export \1/' "${MASTODON_BASE_DIR}/.env.production" -} - -######################## -# Check if mastodon-web is running -# Arguments: -# None -# Returns: -# Boolean -######################### -mastodon_is_web_running() { - # mastodon-web does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "puma" | head -n 1 > "$MASTODON_WEB_PID_FILE" - - pid="$(get_pid_from_file "$MASTODON_WEB_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if mastodon-web is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -mastodon_is_web_not_running() { - ! mastodon_is_web_running -} - -######################## -# Stop mastodon-web -# Arguments: -# None -# Returns: -# None -######################### -mastodon_web_stop() { - ! mastodon_is_web_running && return - stop_service_using_pid "$MASTODON_WEB_PID_FILE" -} - -######################## -# Check if mastodon-streaming is running -# Arguments: -# None -# Returns: -# Boolean -######################### -mastodon_is_streaming_running() { - # mastodon-streaming does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "^node \./streaming$" | head -n 1 > "$MASTODON_STREAMING_PID_FILE" - - pid="$(get_pid_from_file "$MASTODON_STREAMING_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if mastodon-streaming is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -mastodon_is_streaming_not_running() { - ! mastodon_is_streaming_running -} - -######################## -# Stop mastodon-streaming -# Arguments: -# None -# Returns: -# None -######################### -mastodon_streaming_stop() { - ! mastodon_is_streaming_running && return - stop_service_using_pid "$MASTODON_STREAMING_PID_FILE" -} - -######################## -# Check if mastodon-sidekiq is running -# Arguments: -# None -# Returns: -# Boolean -######################### -mastodon_is_sidekiq_running() { - # mastodon-sidekiq does not create any PID file - # We regenerate the PID file for each time we query it to avoid getting outdated - pgrep -f "(bin/sidekiq$|^sidekiq )" | head -n 1 > "$MASTODON_SIDEKIQ_PID_FILE" - - pid="$(get_pid_from_file "$MASTODON_SIDEKIQ_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if mastodon-sidekiq is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -mastodon_is_sidekiq_not_running() { - ! mastodon_is_sidekiq_running -} - -######################## -# Stop mastodon-sidekiq -# Arguments: -# None -# Returns: -# None -######################### -mastodon_sidekiq_stop() { - ! mastodon_is_sidekiq_running && return - stop_service_using_pid "$MASTODON_SIDEKIQ_PID_FILE" -} diff --git a/bitnami/mastodon/4/debian-11/rootfs/opt/bitnami/scripts/mastodon-env.sh b/bitnami/mastodon/4/debian-11/rootfs/opt/bitnami/scripts/mastodon-env.sh deleted file mode 100644 index bf72acd06cb5..000000000000 --- a/bitnami/mastodon/4/debian-11/rootfs/opt/bitnami/scripts/mastodon-env.sh +++ /dev/null @@ -1,267 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for mastodon - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-mastodon}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -mastodon_env_vars=( - MASTODON_MODE - ALLOW_EMPTY_PASSWORD - MASTODON_CREATE_ADMIN - MASTODON_ADMIN_USERNAME - MASTODON_ADMIN_PASSWORD - MASTODON_ADMIN_EMAIL - MASTODON_ALLOW_ALL_DOMAINS - MASTODON_SECRET_KEY_BASE - MASTODON_OTP_SECRET - MASTODON_HTTPS_ENABLED - MASTODON_ASSETS_PRECOMPILE - MASTODON_WEB_DOMAIN - MASTODON_WEB_HOST - MASTODON_WEB_PORT_NUMBER - MASTODON_STREAMING_PORT_NUMBER - MASTODON_STREAMING_API_BASE_URL - RAILS_SERVE_STATIC_FILES - MASTODON_BIND_ADDRESS - MASTODON_DATA_TO_PERSIST - MASTODON_MIGRATE_DATABASE - MASTODON_DATABASE_HOST - MASTODON_DATABASE_PORT_NUMBER - MASTODON_DATABASE_NAME - MASTODON_DATABASE_USERNAME - MASTODON_DATABASE_PASSWORD - MASTODON_DATABASE_POOL - MASTODON_REDIS_HOST - MASTODON_REDIS_PORT_NUMBER - MASTODON_REDIS_PASSWORD - MASTODON_ELASTICSEARCH_ENABLED - MASTODON_MIGRATE_ELASTICSEARCH - MASTODON_ELASTICSEARCH_HOST - MASTODON_ELASTICSEARCH_PORT_NUMBER - MASTODON_ELASTICSEARCH_USER - MASTODON_ELASTICSEARCH_PASSWORD - MASTODON_S3_ENABLED - MASTODON_S3_BUCKET - MASTODON_S3_HOSTNAME - MASTODON_S3_PROTOCOL - MASTODON_S3_PORT_NUMBER - MASTODON_S3_ALIAS_HOST - MASTODON_AWS_SECRET_ACCESS_KEY - MASTODON_AWS_ACCESS_KEY_ID - MASTODON_S3_REGION - MASTODON_S3_ENDPOINT - MASTODON_STARTUP_ATTEMPTS - SECRET_KEY_BASE - OTP_SECRET - WEB_DOMAIN - STREAMING_API_BASE_URL - BIND - DB_HOST - DB_PORT - DB_NAME - DB_USER - DB_PASS - DB_POOL - REDIS_HOST - REDIS_PORT - REDIS_PASSWORD - ES_ENABLED - ES_HOST - ES_PORT - ES_USER - ES_PASS - S3_ENABLED - S3_BUCKET - S3_HOSTNAME - S3_PROTOCOL - S3_ALIAS_HOST - AWS_SECRET_ACCESS_KEY - AWS_ACCESS_KEY_ID - S3_ENDPOINT -) -for env_var in "${mastodon_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset mastodon_env_vars - -# Paths -export MASTODON_BASE_DIR="${BITNAMI_ROOT_DIR}/mastodon" -export MASTODON_VOLUME_DIR="/bitnami/mastodon" -export MASTODON_ASSETS_DIR="${MASTODON_BASE_DIR}/public/assets" -export MASTODON_SYSTEM_DIR="${MASTODON_BASE_DIR}/public/system" -export MASTODON_TMP_DIR="${MASTODON_BASE_DIR}/tmp" -export MASTODON_LOGS_DIR="${MASTODON_BASE_DIR}/log" - -# Mastodon configuration parameters -export MASTODON_MODE="${MASTODON_MODE:-web}" -export ALLOW_EMPTY_PASSWORD="${ALLOW_EMPTY_PASSWORD:-no}" -export MASTODON_CREATE_ADMIN="${MASTODON_CREATE_ADMIN:-true}" -export MASTODON_ADMIN_USERNAME="${MASTODON_ADMIN_USERNAME:-user}" -export MASTODON_ADMIN_PASSWORD="${MASTODON_ADMIN_PASSWORD:-bitnami1}" -export MASTODON_ADMIN_EMAIL="${MASTODON_ADMIN_EMAIL:-user@bitnami.org}" -export MASTODON_ALLOW_ALL_DOMAINS="${MASTODON_ALLOW_ALL_DOMAINS:-true}" -MASTODON_SECRET_KEY_BASE="${MASTODON_SECRET_KEY_BASE:-"${SECRET_KEY_BASE:-}"}" -export MASTODON_SECRET_KEY_BASE="${MASTODON_SECRET_KEY_BASE:-bitnami123}" -export SECRET_KEY_BASE="$MASTODON_SECRET_KEY_BASE" -export MASTODON_CFG_SECRET_KEY_BASE="$MASTODON_SECRET_KEY_BASE" -MASTODON_OTP_SECRET="${MASTODON_OTP_SECRET:-"${OTP_SECRET:-}"}" -export MASTODON_OTP_SECRET="${MASTODON_OTP_SECRET:-bitnami123}" -export OTP_SECRET="$MASTODON_OTP_SECRET" -export MASTODON_CFG_OTP_SECRET="$MASTODON_OTP_SECRET" -export MASTODON_HTTPS_ENABLED="${MASTODON_HTTPS_ENABLED:-false}" -export MASTODON_ASSETS_PRECOMPILE="${MASTODON_ASSETS_PRECOMPILE:-true}" -MASTODON_WEB_DOMAIN="${MASTODON_WEB_DOMAIN:-"${WEB_DOMAIN:-}"}" -export MASTODON_WEB_DOMAIN="${MASTODON_WEB_DOMAIN:-127.0.0.1}" -export WEB_DOMAIN="$MASTODON_WEB_DOMAIN" -export MASTODON_CFG_WEB_DOMAIN="$MASTODON_WEB_DOMAIN" -export MASTODON_WEB_HOST="${MASTODON_WEB_HOST:-mastodon}" -export MASTODON_WEB_PORT_NUMBER="${MASTODON_WEB_PORT_NUMBER:-3000}" -export MASTODON_STREAMING_PORT_NUMBER="${MASTODON_STREAMING_PORT_NUMBER:-4000}" -MASTODON_STREAMING_API_BASE_URL="${MASTODON_STREAMING_API_BASE_URL:-"${STREAMING_API_BASE_URL:-}"}" -export MASTODON_STREAMING_API_BASE_URL="${MASTODON_STREAMING_API_BASE_URL:-ws://localhost:${MASTODON_STREAMING_PORT_NUMBER}}" -export STREAMING_API_BASE_URL="$MASTODON_STREAMING_API_BASE_URL" -export MASTODON_CFG_STREAMING_API_BASE_URL="$MASTODON_STREAMING_API_BASE_URL" -export RAILS_SERVE_STATIC_FILES="${RAILS_SERVE_STATIC_FILES:-true}" -MASTODON_BIND_ADDRESS="${MASTODON_BIND_ADDRESS:-"${BIND:-}"}" -export MASTODON_BIND_ADDRESS="${MASTODON_BIND_ADDRESS:-0.0.0.0}" -export BIND="$MASTODON_BIND_ADDRESS" -export MASTODON_CFG_BIND="$MASTODON_BIND_ADDRESS" -export MASTODON_DATA_TO_PERSIST="${MASTODON_DATA_TO_PERSIST:-$MASTODON_ASSETS_DIR $MASTODON_SYSTEM_DIR}" - -# Database configuration -export MASTODON_MIGRATE_DATABASE="${MASTODON_MIGRATE_DATABASE:-true}" -MASTODON_DATABASE_HOST="${MASTODON_DATABASE_HOST:-"${DB_HOST:-}"}" -export MASTODON_DATABASE_HOST="${MASTODON_DATABASE_HOST:-postgresql}" -export DB_HOST="$MASTODON_DATABASE_HOST" -export MASTODON_CFG_DB_HOST="$MASTODON_DATABASE_HOST" -MASTODON_DATABASE_PORT_NUMBER="${MASTODON_DATABASE_PORT_NUMBER:-"${DB_PORT:-}"}" -export MASTODON_DATABASE_PORT_NUMBER="${MASTODON_DATABASE_PORT_NUMBER:-5432}" -export DB_PORT="$MASTODON_DATABASE_PORT_NUMBER" -export MASTODON_CFG_DB_PORT="$MASTODON_DATABASE_PORT_NUMBER" -MASTODON_DATABASE_NAME="${MASTODON_DATABASE_NAME:-"${DB_NAME:-}"}" -export MASTODON_DATABASE_NAME="${MASTODON_DATABASE_NAME:-bitnami_mastodon}" -export DB_NAME="$MASTODON_DATABASE_NAME" -export MASTODON_CFG_DB_NAME="$MASTODON_DATABASE_NAME" -MASTODON_DATABASE_USERNAME="${MASTODON_DATABASE_USERNAME:-"${DB_USER:-}"}" -export MASTODON_DATABASE_USERNAME="${MASTODON_DATABASE_USERNAME:-bn_mastodon}" -export DB_USER="$MASTODON_DATABASE_USERNAME" -export MASTODON_CFG_DB_USER="$MASTODON_DATABASE_USERNAME" -MASTODON_DATABASE_PASSWORD="${MASTODON_DATABASE_PASSWORD:-"${DB_PASS:-}"}" -export MASTODON_DATABASE_PASSWORD="${MASTODON_DATABASE_PASSWORD:-}" -export DB_PASS="$MASTODON_DATABASE_PASSWORD" -export MASTODON_CFG_DB_PASS="$MASTODON_DATABASE_PASSWORD" -MASTODON_DATABASE_POOL="${MASTODON_DATABASE_POOL:-"${DB_POOL:-}"}" -export MASTODON_DATABASE_POOL="${MASTODON_DATABASE_POOL:-5}" -export DB_POOL="$MASTODON_DATABASE_POOL" -export MASTODON_CFG_DB_POOL="$MASTODON_DATABASE_POOL" - -# Redis configuration -MASTODON_REDIS_HOST="${MASTODON_REDIS_HOST:-"${REDIS_HOST:-}"}" -export MASTODON_REDIS_HOST="${MASTODON_REDIS_HOST:-redis}" -export REDIS_HOST="$MASTODON_REDIS_HOST" -export MASTODON_CFG_REDIS_HOST="$MASTODON_REDIS_HOST" # only used during the first initialization -MASTODON_REDIS_PORT_NUMBER="${MASTODON_REDIS_PORT_NUMBER:-"${REDIS_PORT:-}"}" -export MASTODON_REDIS_PORT_NUMBER="${MASTODON_REDIS_PORT_NUMBER:-6379}" -export REDIS_PORT="$MASTODON_REDIS_PORT_NUMBER" -export MASTODON_CFG_REDIS_PORT="$MASTODON_REDIS_PORT_NUMBER" # only used during the first initialization -MASTODON_REDIS_PASSWORD="${MASTODON_REDIS_PASSWORD:-"${REDIS_PASSWORD:-}"}" -export MASTODON_REDIS_PASSWORD="${MASTODON_REDIS_PASSWORD:-}" -export REDIS_PASSWORD="$MASTODON_REDIS_PASSWORD" -export MASTODON_CFG_REDIS_PASSWORD="$MASTODON_REDIS_PASSWORD" # only used during the first initialization - -# Elasticsearch configuration -MASTODON_ELASTICSEARCH_ENABLED="${MASTODON_ELASTICSEARCH_ENABLED:-"${ES_ENABLED:-}"}" -export MASTODON_ELASTICSEARCH_ENABLED="${MASTODON_ELASTICSEARCH_ENABLED:-true}" -export ES_ENABLED="$MASTODON_ELASTICSEARCH_ENABLED" -export MASTODON_CFG_ES_ENABLED="$MASTODON_ELASTICSEARCH_ENABLED" -export MASTODON_MIGRATE_ELASTICSEARCH="${MASTODON_MIGRATE_ELASTICSEARCH:-true}" -MASTODON_ELASTICSEARCH_HOST="${MASTODON_ELASTICSEARCH_HOST:-"${ES_HOST:-}"}" -export MASTODON_ELASTICSEARCH_HOST="${MASTODON_ELASTICSEARCH_HOST:-elasticsearch}" -export ES_HOST="$MASTODON_ELASTICSEARCH_HOST" -export MASTODON_CFG_ES_HOST="$MASTODON_ELASTICSEARCH_HOST" -MASTODON_ELASTICSEARCH_PORT_NUMBER="${MASTODON_ELASTICSEARCH_PORT_NUMBER:-"${ES_PORT:-}"}" -export MASTODON_ELASTICSEARCH_PORT_NUMBER="${MASTODON_ELASTICSEARCH_PORT_NUMBER:-9200}" -export ES_PORT="$MASTODON_ELASTICSEARCH_PORT_NUMBER" -export MASTODON_CFG_ES_PORT="$MASTODON_ELASTICSEARCH_PORT_NUMBER" -MASTODON_ELASTICSEARCH_USER="${MASTODON_ELASTICSEARCH_USER:-"${ES_USER:-}"}" -export MASTODON_ELASTICSEARCH_USER="${MASTODON_ELASTICSEARCH_USER:-elastic}" -export ES_USER="$MASTODON_ELASTICSEARCH_USER" -export MASTODON_CFG_ES_USER="$MASTODON_ELASTICSEARCH_USER" -MASTODON_ELASTICSEARCH_PASSWORD="${MASTODON_ELASTICSEARCH_PASSWORD:-"${ES_PASS:-}"}" -export MASTODON_ELASTICSEARCH_PASSWORD="${MASTODON_ELASTICSEARCH_PASSWORD:-}" -export ES_PASS="$MASTODON_ELASTICSEARCH_PASSWORD" -export MASTODON_CFG_ES_PASS="$MASTODON_ELASTICSEARCH_PASSWORD" - -# S3 configuration -MASTODON_S3_ENABLED="${MASTODON_S3_ENABLED:-"${S3_ENABLED:-}"}" -export MASTODON_S3_ENABLED="${MASTODON_S3_ENABLED:-false}" -export S3_ENABLED="$MASTODON_S3_ENABLED" -export MASTODON_CFG_S3_ENABLED="$MASTODON_S3_ENABLED" -MASTODON_S3_BUCKET="${MASTODON_S3_BUCKET:-"${S3_BUCKET:-}"}" -export MASTODON_S3_BUCKET="${MASTODON_S3_BUCKET:-bitnami_mastodon}" -export S3_BUCKET="$MASTODON_S3_BUCKET" -export MASTODON_CFG_S3_BUCKET="$MASTODON_S3_BUCKET" -MASTODON_S3_HOSTNAME="${MASTODON_S3_HOSTNAME:-"${S3_HOSTNAME:-}"}" -export MASTODON_S3_HOSTNAME="${MASTODON_S3_HOSTNAME:-minio}" -export S3_HOSTNAME="$MASTODON_S3_HOSTNAME" -export MASTODON_CFG_S3_HOSTNAME="$MASTODON_S3_HOSTNAME" -MASTODON_S3_PROTOCOL="${MASTODON_S3_PROTOCOL:-"${S3_PROTOCOL:-}"}" -export MASTODON_S3_PROTOCOL="${MASTODON_S3_PROTOCOL:-http}" -export S3_PROTOCOL="$MASTODON_S3_PROTOCOL" -export MASTODON_CFG_S3_PROTOCOL="$MASTODON_S3_PROTOCOL" -export MASTODON_S3_PORT_NUMBER="${MASTODON_S3_PORT_NUMBER:-9000}" -MASTODON_S3_ALIAS_HOST="${MASTODON_S3_ALIAS_HOST:-"${S3_ALIAS_HOST:-}"}" -export MASTODON_S3_ALIAS_HOST="${MASTODON_S3_ALIAS_HOST:-localhost:${MASTODON_S3_PORT_NUMBER}}" -export S3_ALIAS_HOST="$MASTODON_S3_ALIAS_HOST" -export MASTODON_CFG_S3_ALIAS_HOST="$MASTODON_S3_ALIAS_HOST" -MASTODON_AWS_SECRET_ACCESS_KEY="${MASTODON_AWS_SECRET_ACCESS_KEY:-"${AWS_SECRET_ACCESS_KEY:-}"}" -export MASTODON_AWS_SECRET_ACCESS_KEY="${MASTODON_AWS_SECRET_ACCESS_KEY:-}" -export AWS_SECRET_ACCESS_KEY="$MASTODON_AWS_SECRET_ACCESS_KEY" -export MASTODON_CFG_AWS_SECRET_ACCESS_KEY="$MASTODON_AWS_SECRET_ACCESS_KEY" -MASTODON_AWS_ACCESS_KEY_ID="${MASTODON_AWS_ACCESS_KEY_ID:-"${AWS_ACCESS_KEY_ID:-}"}" -export MASTODON_AWS_ACCESS_KEY_ID="${MASTODON_AWS_ACCESS_KEY_ID:-}" -export AWS_ACCESS_KEY_ID="$MASTODON_AWS_ACCESS_KEY_ID" -export MASTODON_CFG_AWS_ACCESS_KEY_ID="$MASTODON_AWS_ACCESS_KEY_ID" -export MASTODON_S3_REGION="${MASTODON_S3_REGION:-us-east-1}" -MASTODON_S3_ENDPOINT="${MASTODON_S3_ENDPOINT:-"${S3_ENDPOINT:-}"}" -export MASTODON_S3_ENDPOINT="${MASTODON_S3_ENDPOINT:-${MASTODON_S3_PROTOCOL}://${MASTODON_S3_HOSTNAME}:${MASTODON_S3_PORT_NUMBER}}" -export S3_ENDPOINT="$MASTODON_S3_ENDPOINT" -export MASTODON_CFG_S3_ENDPOINT="$MASTODON_S3_ENDPOINT" -export MASTODON_STARTUP_ATTEMPTS="${MASTODON_STARTUP_ATTEMPTS:-40}" - -# Rails and node variables -export NODE_ENV="production" -export RAILS_ENV="production" - -# Mastodon system parameters -export MASTODON_DAEMON_USER="mastodon" -export MASTODON_DAEMON_GROUP="mastodon" - -# Custom environment variables may be defined below diff --git a/bitnami/mastodon/4/debian-11/rootfs/opt/bitnami/scripts/mastodon/entrypoint.sh b/bitnami/mastodon/4/debian-11/rootfs/opt/bitnami/scripts/mastodon/entrypoint.sh deleted file mode 100755 index 5ce54ab73a61..000000000000 --- a/bitnami/mastodon/4/debian-11/rootfs/opt/bitnami/scripts/mastodon/entrypoint.sh +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Mastodon environment variables -. /opt/bitnami/scripts/mastodon-env.sh - -print_welcome_page - -if [[ "$1" = "/opt/bitnami/scripts/mastodon/run.sh" ]]; then - info "** Starting Mastodon ${MASTODON_MODE} setup **" - /opt/bitnami/scripts/mastodon/setup.sh - info "** Mastodon ${MASTODON_MODE} setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/mastodon/4/debian-11/rootfs/opt/bitnami/scripts/mastodon/postunpack.sh b/bitnami/mastodon/4/debian-11/rootfs/opt/bitnami/scripts/mastodon/postunpack.sh deleted file mode 100755 index 4841cf8c1964..000000000000 --- a/bitnami/mastodon/4/debian-11/rootfs/opt/bitnami/scripts/mastodon/postunpack.sh +++ /dev/null @@ -1,46 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libmastodon.sh - -# Load Mastodon environment variables -. /opt/bitnami/scripts/mastodon-env.sh - -# System User -ensure_user_exists "$MASTODON_DAEMON_USER" --group "$MASTODON_DAEMON_GROUP" --home "/home/${MASTODON_DAEMON_USER}" --system - -for dir in "$MASTODON_VOLUME_DIR" "$MASTODON_TMP_DIR" "$MASTODON_SYSTEM_DIR" "$MASTODON_ASSETS_DIR"; do - ensure_dir_exists "$dir" - configure_permissions_ownership "$dir" -d "775" -f "664" -g "root" -done - -# We need to give write permissions to the public folder so we can persist the system and assets folders -chmod g+rwX "${MASTODON_BASE_DIR}/public" - -# HACK: In order to allow accessing from different hosts and to enable/disable HTTPS in -# production mode, we need to change some Rails configuration files -# https://github.com/mastodon/mastodon/blob/main/config/initializers/1_hosts.rb#L33 -# https://github.com/mastodon/mastodon/blob/main/config/environments/production.rb#L47 - -# Make HTTPS mode depend on an environment variable and not the RAILS_ENV -replace_in_file "${MASTODON_BASE_DIR}/config/initializers/1_hosts.rb" "https = Rails.env.production[?]" "https = ENV['MASTODON_HTTPS_ENABLED'] == 'true'" - -# Clear authorized hosts array when MASTODON_ALLOW_ALL_DOMAINS is set to true -replace_in_file "${MASTODON_BASE_DIR}/config/initializers/1_hosts.rb" "config.host_authorization" "config.hosts.clear if ENV['MASTODON_ALLOW_ALL_DOMAINS'] == 'true'\n config.host_authorization" - -# Make HTTPS forced redirect to depend on the MASTODON_HTTPS_ENABLED variable -replace_in_file "${MASTODON_BASE_DIR}/config/environments/production.rb" "config.force_ssl = true" "config.force_ssl = ENV['MASTODON_HTTPS_ENABLED'] == 'true'" - -# Add symlinks to the default paths to make a similar UX as the upstream Mastodon container -# https://github.com/mastodonorg/mastodon/blob/release/Dockerfile#L6 -ln -s "${MASTODON_BASE_DIR}" "/opt/mastodon" diff --git a/bitnami/mastodon/4/debian-11/rootfs/opt/bitnami/scripts/mastodon/run.sh b/bitnami/mastodon/4/debian-11/rootfs/opt/bitnami/scripts/mastodon/run.sh deleted file mode 100755 index 78b28575b5a1..000000000000 --- a/bitnami/mastodon/4/debian-11/rootfs/opt/bitnami/scripts/mastodon/run.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libmastodon.sh - -# Load Mastodon environment variables -. /opt/bitnami/scripts/mastodon-env.sh - -# Load Mastodon configuration -eval "$(mastodon_runtime_env)" - -declare cmd -declare -a args=() - -cd "${MASTODON_BASE_DIR}" || exit 1 - -# Both the web and streaming services use the same PORT environment -# variable, so we need to set it here. -# https://github.com/mastodon/mastodon/blob/main/Procfile.dev#L1 -if [[ "$MASTODON_MODE" == "web" ]]; then - # Web service - export PORT="${PORT:-$MASTODON_WEB_PORT_NUMBER}" - cmd="bundle" - args+=("exec" "puma" "-C" "config/puma.rb") -elif [[ "$MASTODON_MODE" == "streaming" ]]; then - # Streaming service - export PORT="${PORT:-$MASTODON_STREAMING_PORT_NUMBER}" - cmd="node" - args+=("./streaming") -else - # Sidekiq - cmd="bundle" - args+=("exec" "sidekiq") -fi - -info "** Starting Mastodon ${MASTODON_MODE} **" -if am_i_root; then - exec_as_user "$MASTODON_DAEMON_USER" "$cmd" "${args[@]}" -else - exec "$cmd" "${args[@]}" -fi diff --git a/bitnami/mastodon/4/debian-11/rootfs/opt/bitnami/scripts/mastodon/setup.sh b/bitnami/mastodon/4/debian-11/rootfs/opt/bitnami/scripts/mastodon/setup.sh deleted file mode 100755 index ab89b438943b..000000000000 --- a/bitnami/mastodon/4/debian-11/rootfs/opt/bitnami/scripts/mastodon/setup.sh +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libmastodon.sh - -# Load Mastodon environment settings -. /opt/bitnami/scripts/mastodon-env.sh - -# Ensure Mastodon environment settings are valid -mastodon_validate -# Ensure 'mastodon' user exists when running as 'root' -am_i_root && ensure_user_exists "$MASTODON_DAEMON_USER" --group "$MASTODON_DAEMON_GROUP" - -mastodon_initialize diff --git a/bitnami/mastodon/4/debian-11/tags-info.yaml b/bitnami/mastodon/4/debian-11/tags-info.yaml deleted file mode 100644 index 7974bc473fc0..000000000000 --- a/bitnami/mastodon/4/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "4" -- 4-debian-11 -- 4.2.7 -- latest diff --git a/bitnami/matomo/5/debian-11/Dockerfile b/bitnami/matomo/5/debian-11/Dockerfile deleted file mode 100644 index 62b9761e8b1d..000000000000 --- a/bitnami/matomo/5/debian-11/Dockerfile +++ /dev/null @@ -1,68 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T17:04:50Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="5.0.2-debian-11-r18" \ - org.opencontainers.image.title="matomo" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="5.0.2" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages acl ca-certificates cron curl libaudit1 libbrotli1 libbsd0 libbz2-1.0 libcap-ng0 libcom-err2 libcrypt1 libcurl4 libexpat1 libffi7 libfftw3-double3 libfontconfig1 libfreetype6 libgcc-s1 libgcrypt20 libglib2.0-0 libgmp10 libgnutls30 libgomp1 libgpg-error0 libgssapi-krb5-2 libhogweed6 libicu67 libidn2-0 libjpeg62-turbo libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 liblcms2-2 libldap-2.4-2 libldap-common liblqr-1-0 libltdl7 liblzma5 libmagickcore-6.q16-6 libmagickwand-6.q16-6 libmd0 libmemcached11 libncurses6 libnettle8 libnghttp2-14 libonig5 libp11-kit0 libpam0g libpcre2-8-0 libpcre3 libpng16-16 libpq5 libpsl5 libreadline8 librtmp1 libsasl2-2 libsodium23 libsqlite3-0 libssh2-1 libssl1.1 libstdc++6 libsybdb5 libtasn1-6 libtidy5deb1 libtinfo6 libunistring2 libuuid1 libwebp6 libx11-6 libxau6 libxcb1 libxdmcp6 libxext6 libxml2 libxslt1.1 libzip4 openssl procps rsync zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "render-template-1.0.6-8-linux-${OS_ARCH}-debian-11" \ - "php-8.2.16-0-linux-${OS_ARCH}-debian-11" \ - "apache-2.4.58-6-linux-${OS_ARCH}-debian-11" \ - "mysql-client-10.11.7-0-linux-${OS_ARCH}-debian-11" \ - "libphp-8.2.16-0-linux-${OS_ARCH}-debian-11" \ - "ini-file-1.4.6-8-linux-${OS_ARCH}-debian-11" \ - "matomo-5.0.2-0-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN sed -i -e '/pam_loginuid.so/ s/^#*/#/' /etc/pam.d/cron - -COPY rootfs / -RUN /opt/bitnami/scripts/apache/postunpack.sh -RUN /opt/bitnami/scripts/php/postunpack.sh -RUN /opt/bitnami/scripts/apache-modphp/postunpack.sh -RUN /opt/bitnami/scripts/matomo/postunpack.sh -RUN /opt/bitnami/scripts/mysql-client/postunpack.sh -ENV APACHE_HTTPS_PORT_NUMBER="" \ - APACHE_HTTP_PORT_NUMBER="" \ - APP_VERSION="5.0.2" \ - BITNAMI_APP_NAME="matomo" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/php/bin:/opt/bitnami/php/sbin:/opt/bitnami/apache/bin:/opt/bitnami/mysql/bin:$PATH" - -EXPOSE 8080 8443 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/matomo/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/matomo/run.sh" ] diff --git a/bitnami/matomo/5/debian-11/docker-compose.yml b/bitnami/matomo/5/debian-11/docker-compose.yml deleted file mode 100644 index 8e4d87cd8a7c..000000000000 --- a/bitnami/matomo/5/debian-11/docker-compose.yml +++ /dev/null @@ -1,38 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: "2" -services: - mariadb: - image: docker.io/bitnami/mariadb:10.11 - environment: - # ALLOW_EMPTY_PASSWORD is recommended only for development. - - ALLOW_EMPTY_PASSWORD=yes - - MARIADB_USER=bn_matomo - - MARIADB_DATABASE=bitnami_matomo - # Flag necessary for the database max allowed packet check - # https://matomo.org/faq/troubleshooting/faq_183/ - - MARIADB_EXTRA_FLAGS=--max_allowed_packet=64MB - volumes: - - "mariadb_data:/bitnami/mariadb" - matomo: - image: docker.io/bitnami/matomo:5 - ports: - - "80:8080" - - "443:8443" - environment: - - MATOMO_DATABASE_HOST=mariadb - - MATOMO_DATABASE_PORT_NUMBER=3306 - - MATOMO_DATABASE_USER=bn_matomo - - MATOMO_DATABASE_NAME=bitnami_matomo - # ALLOW_EMPTY_PASSWORD is recommended only for development. - - ALLOW_EMPTY_PASSWORD=yes - volumes: - - "matomo_data:/bitnami/matomo" - depends_on: - - mariadb -volumes: - mariadb_data: - driver: local - matomo_data: - driver: local diff --git a/bitnami/matomo/5/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/matomo/5/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index b8aea8c39cd0..000000000000 --- a/bitnami/matomo/5/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,44 +0,0 @@ -{ - "apache": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.4.58-6" - }, - "ini-file": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.4.6-8" - }, - "libphp": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "8.2.16-0" - }, - "matomo": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "5.0.2-0" - }, - "mysql-client": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "10.11.7-0" - }, - "php": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "8.2.16-0" - }, - "render-template": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.6-8" - } -} \ No newline at end of file diff --git a/bitnami/matomo/5/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/matomo/5/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/matomo/5/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/matomo/5/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/matomo/5/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/matomo/5/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/matomo/5/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/matomo/5/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/matomo/5/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/matomo/5/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/matomo/5/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/matomo/5/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/matomo/5/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/matomo/5/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/matomo/5/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/matomo/5/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/matomo/5/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/matomo/5/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/matomo/5/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/matomo/5/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/matomo/5/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/matomo/5/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/matomo/5/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/matomo/5/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/matomo/5/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/matomo/5/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/matomo/5/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/matomo/5/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/matomo/5/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/matomo/5/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/matomo/5/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/matomo/5/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/matomo/5/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/matomo/5/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/matomo/5/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/matomo/5/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/matomo/5/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/matomo/5/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/matomo/5/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/matomo/5/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/matomo/5/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/matomo/5/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/apache/conf/deflate.conf b/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/apache/conf/deflate.conf deleted file mode 100644 index ca9bc1d6e4b6..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/apache/conf/deflate.conf +++ /dev/null @@ -1,5 +0,0 @@ - - AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css - AddOutputFilterByType DEFLATE application/x-javascript application/javascript application/ecmascript - AddOutputFilterByType DEFLATE application/rss+xml - diff --git a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/apache/conf/vhosts/00_status-vhost.conf b/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/apache/conf/vhosts/00_status-vhost.conf deleted file mode 100644 index c0838da2a4e5..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/apache/conf/vhosts/00_status-vhost.conf +++ /dev/null @@ -1,7 +0,0 @@ - - ServerName status.localhost - - Require local - SetHandler server-status - - diff --git a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache-env.sh b/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache-env.sh deleted file mode 100644 index 449481062e54..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache-env.sh +++ /dev/null @@ -1,80 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for apache - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-apache}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -apache_env_vars=( - APACHE_HTTP_PORT_NUMBER - APACHE_HTTPS_PORT_NUMBER - APACHE_SERVER_TOKENS - APACHE_HTTP_PORT - APACHE_HTTPS_PORT -) -for env_var in "${apache_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset apache_env_vars -export WEB_SERVER_TYPE="apache" - -# Paths -export APACHE_BASE_DIR="${BITNAMI_ROOT_DIR}/apache" -export APACHE_BIN_DIR="${APACHE_BASE_DIR}/bin" -export APACHE_CONF_DIR="${APACHE_BASE_DIR}/conf" -export APACHE_HTDOCS_DIR="${APACHE_BASE_DIR}/htdocs" -export APACHE_TMP_DIR="${APACHE_BASE_DIR}/var/run" -export APACHE_LOGS_DIR="${APACHE_BASE_DIR}/logs" -export APACHE_VHOSTS_DIR="${APACHE_CONF_DIR}/vhosts" -export APACHE_HTACCESS_DIR="${APACHE_VHOSTS_DIR}/htaccess" -export APACHE_CONF_FILE="${APACHE_CONF_DIR}/httpd.conf" -export APACHE_PID_FILE="${APACHE_TMP_DIR}/httpd.pid" -export PATH="${APACHE_BIN_DIR}:${BITNAMI_ROOT_DIR}/common/bin:${PATH}" - -# System users (when running with a privileged user) -export APACHE_DAEMON_USER="daemon" -export WEB_SERVER_DAEMON_USER="$APACHE_DAEMON_USER" -export APACHE_DAEMON_GROUP="daemon" -export WEB_SERVER_DAEMON_GROUP="$APACHE_DAEMON_GROUP" -export WEB_SERVER_GROUP="$APACHE_DAEMON_GROUP" - -# Apache configuration -export APACHE_DEFAULT_HTTP_PORT_NUMBER="8080" -export WEB_SERVER_DEFAULT_HTTP_PORT_NUMBER="$APACHE_DEFAULT_HTTP_PORT_NUMBER" # only used at build time -export APACHE_DEFAULT_HTTPS_PORT_NUMBER="8443" -export WEB_SERVER_DEFAULT_HTTPS_PORT_NUMBER="$APACHE_DEFAULT_HTTPS_PORT_NUMBER" # only used at build time -APACHE_HTTP_PORT_NUMBER="${APACHE_HTTP_PORT_NUMBER:-"${APACHE_HTTP_PORT:-}"}" -export APACHE_HTTP_PORT_NUMBER="${APACHE_HTTP_PORT_NUMBER:-}" -export WEB_SERVER_HTTP_PORT_NUMBER="$APACHE_HTTP_PORT_NUMBER" -APACHE_HTTPS_PORT_NUMBER="${APACHE_HTTPS_PORT_NUMBER:-"${APACHE_HTTPS_PORT:-}"}" -export APACHE_HTTPS_PORT_NUMBER="${APACHE_HTTPS_PORT_NUMBER:-}" -export WEB_SERVER_HTTPS_PORT_NUMBER="$APACHE_HTTPS_PORT_NUMBER" -export APACHE_SERVER_TOKENS="${APACHE_SERVER_TOKENS:-Prod}" - -# Custom environment variables may be defined below diff --git a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache-modphp/postunpack.sh b/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache-modphp/postunpack.sh deleted file mode 100755 index a415969338cc..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache-modphp/postunpack.sh +++ /dev/null @@ -1,39 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libversion.sh -. /opt/bitnami/scripts/libapache.sh - -# Load Apache environment -. /opt/bitnami/scripts/apache-env.sh -. /opt/bitnami/scripts/php-env.sh - -# Enable required Apache modules -apache_enable_module "mpm_prefork_module" -php_version="$("${PHP_BIN_DIR}/php" -v | grep ^PHP | cut -d' ' -f2))" -php_major_version="$(get_sematic_version "$php_version" 1)" -if [[ "$php_major_version" -eq "8" ]]; then - apache_enable_module "php_module" "modules/libphp.so" -else - apache_enable_module "php${php_major_version}_module" "modules/libphp${php_major_version}.so" -fi - -# Disable incompatible Apache modules -apache_disable_module "mpm_event_module" - -# Write Apache configuration -apache_php_conf_file="${APACHE_CONF_DIR}/bitnami/php.conf" -cat > "$apache_php_conf_file" < - {{server_name_configuration}} - {{additional_http_configuration}} - {{additional_configuration}} - diff --git a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-https-vhost.conf.tpl b/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-https-vhost.conf.tpl deleted file mode 100644 index 589538513c9c..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-https-vhost.conf.tpl +++ /dev/null @@ -1,10 +0,0 @@ -{{https_listen_configuration}} -{{before_vhost_configuration}} - - {{server_name_configuration}} - SSLEngine on - SSLCertificateFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.crt" - SSLCertificateKeyFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.key" - {{additional_https_configuration}} - {{additional_configuration}} - diff --git a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-prefix.conf.tpl b/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-prefix.conf.tpl deleted file mode 100644 index c895e537502a..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-prefix.conf.tpl +++ /dev/null @@ -1 +0,0 @@ -{{additional_configuration}} diff --git a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-http-vhost.conf.tpl b/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-http-vhost.conf.tpl deleted file mode 100644 index 96be8f822771..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-http-vhost.conf.tpl +++ /dev/null @@ -1,15 +0,0 @@ -{{http_listen_configuration}} -{{before_vhost_configuration}} - - {{server_name_configuration}} - DocumentRoot {{document_root}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - {{extra_directory_configuration}} - - {{additional_http_configuration}} - {{additional_configuration}} - {{htaccess_include}} - diff --git a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-https-vhost.conf.tpl b/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-https-vhost.conf.tpl deleted file mode 100644 index 1ad938929726..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-https-vhost.conf.tpl +++ /dev/null @@ -1,18 +0,0 @@ -{{https_listen_configuration}} -{{before_vhost_configuration}} - - {{server_name_configuration}} - SSLEngine on - SSLCertificateFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.crt" - SSLCertificateKeyFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.key" - DocumentRoot {{document_root}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - {{extra_directory_configuration}} - - {{additional_https_configuration}} - {{additional_configuration}} - {{htaccess_include}} - diff --git a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-prefix.conf.tpl b/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-prefix.conf.tpl deleted file mode 100644 index fc0f6c218196..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-prefix.conf.tpl +++ /dev/null @@ -1,9 +0,0 @@ -{{prefix_conf}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - {{extra_directory_configuration}} - -{{additional_configuration}} -{{htaccess_include}} diff --git a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-http-vhost.conf.tpl b/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-http-vhost.conf.tpl deleted file mode 100644 index 9440b89d28bf..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-http-vhost.conf.tpl +++ /dev/null @@ -1,11 +0,0 @@ -{{http_listen_configuration}} -{{before_vhost_configuration}} - - {{server_name_configuration}} - {{proxy_configuration}} - {{proxy_http_configuration}} - ProxyPass / {{proxy_address}} - ProxyPassReverse / {{proxy_address}} - {{additional_http_configuration}} - {{additional_configuration}} - diff --git a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-https-vhost.conf.tpl b/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-https-vhost.conf.tpl deleted file mode 100644 index 577cd461eb9d..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-https-vhost.conf.tpl +++ /dev/null @@ -1,14 +0,0 @@ -{{https_listen_configuration}} -{{before_vhost_configuration}} - - {{server_name_configuration}} - SSLEngine on - SSLCertificateFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.crt" - SSLCertificateKeyFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.key" - {{proxy_configuration}} - {{proxy_https_configuration}} - ProxyPass / {{proxy_address}} - ProxyPassReverse / {{proxy_address}} - {{additional_https_configuration}} - {{additional_configuration}} - diff --git a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-prefix.conf.tpl b/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-prefix.conf.tpl deleted file mode 100644 index 7ac08b131680..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-prefix.conf.tpl +++ /dev/null @@ -1,11 +0,0 @@ -{{prefix_conf}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - {{proxy_configuration}} - ProxyPass / {{proxy_address}} - ProxyPassReverse / {{proxy_address}} - {{extra_directory_configuration}} - -{{additional_configuration}} diff --git a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-http-vhost.conf.tpl b/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-http-vhost.conf.tpl deleted file mode 100644 index f518c7d42aab..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-http-vhost.conf.tpl +++ /dev/null @@ -1,16 +0,0 @@ -{{http_listen_configuration}} -{{before_vhost_configuration}} -PassengerPreStart http://localhost:{{http_port}}/ - - {{server_name_configuration}} - DocumentRoot {{document_root}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - PassengerEnabled on - {{extra_directory_configuration}} - - {{additional_http_configuration}} - {{additional_configuration}} - diff --git a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-https-vhost.conf.tpl b/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-https-vhost.conf.tpl deleted file mode 100644 index 5aae54c37d3b..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-https-vhost.conf.tpl +++ /dev/null @@ -1,19 +0,0 @@ -{{https_listen_configuration}} -{{before_vhost_configuration}} -PassengerPreStart https://localhost:{{https_port}}/ - - {{server_name_configuration}} - SSLEngine on - SSLCertificateFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.crt" - SSLCertificateKeyFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.key" - DocumentRoot {{document_root}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - PassengerEnabled on - {{extra_directory_configuration}} - - {{additional_https_configuration}} - {{additional_configuration}} - diff --git a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-prefix.conf.tpl b/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-prefix.conf.tpl deleted file mode 100644 index 2242d656b5a8..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-prefix.conf.tpl +++ /dev/null @@ -1,9 +0,0 @@ -{{prefix_conf}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - PassengerEnabled on - {{extra_directory_configuration}} - -{{additional_configuration}} diff --git a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami-ssl.conf.tpl b/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami-ssl.conf.tpl deleted file mode 100644 index f1d31ed3ecc3..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami-ssl.conf.tpl +++ /dev/null @@ -1,29 +0,0 @@ -# Default SSL Virtual Host configuration. - - - LoadModule ssl_module modules/mod_ssl.so - - -Listen 443 -SSLProtocol all -SSLv2 -SSLv3 -SSLHonorCipherOrder on -SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !EDH !RC4" -SSLPassPhraseDialog builtin -SSLSessionCache "shmcb:{{APACHE_LOGS_DIR}}/ssl_scache(512000)" -SSLSessionCacheTimeout 300 - - - DocumentRoot "{{APACHE_BASE_DIR}}/htdocs" - SSLEngine on - SSLCertificateFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.crt" - SSLCertificateKeyFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.key" - - - Options Indexes FollowSymLinks - AllowOverride All - Require all granted - - - # Error Documents - ErrorDocument 503 /503.html - diff --git a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami.conf.tpl b/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami.conf.tpl deleted file mode 100644 index 75a255c3efee..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami.conf.tpl +++ /dev/null @@ -1,17 +0,0 @@ -# Default Virtual Host configuration. - -# Let Apache know we're behind a SSL reverse proxy -SetEnvIf X-Forwarded-Proto https HTTPS=on - - - DocumentRoot "{{APACHE_BASE_DIR}}/htdocs" - - Options Indexes FollowSymLinks - AllowOverride All - Require all granted - - - # Error Documents - ErrorDocument 503 /503.html - - diff --git a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/entrypoint.sh b/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/entrypoint.sh deleted file mode 100755 index dad82feba389..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/entrypoint.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -#set -o xtrace - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Apache environment -. /opt/bitnami/scripts/apache-env.sh - -print_welcome_page - -if [[ "$*" == *"/opt/bitnami/scripts/apache/run.sh"* ]]; then - info "** Starting Apache setup **" - /opt/bitnami/scripts/apache/setup.sh - info "** Apache setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/postunpack.sh b/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/postunpack.sh deleted file mode 100755 index 6a480ad4ddde..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/postunpack.sh +++ /dev/null @@ -1,127 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh - -######################## -# Sets up the default Bitnami configuration -# Globals: -# APACHE_* -# Arguments: -# None -# Returns: -# None -######################### -apache_setup_bitnami_config() { - local template_dir="${BITNAMI_ROOT_DIR}/scripts/apache/bitnami-templates" - - # Enable Apache modules - local -a modules_to_enable=( - "deflate_module" - "negotiation_module" - "proxy[^\s]*_module" - "rewrite_module" - "slotmem_shm_module" - "socache_shmcb_module" - "ssl_module" - "status_module" - "version_module" - ) - for module in "${modules_to_enable[@]}"; do - apache_enable_module "$module" - done - - # Disable Apache modules - local -a modules_to_disable=( - "http2_module" - "proxy_hcheck_module" - "proxy_html_module" - "proxy_http2_module" - ) - for module in "${modules_to_disable[@]}"; do - apache_disable_module "$module" - done - - # Bitnami customizations - ensure_dir_exists "${APACHE_CONF_DIR}/bitnami" - render-template "${template_dir}/bitnami.conf.tpl" > "${APACHE_CONF_DIR}/bitnami/bitnami.conf" - render-template "${template_dir}/bitnami-ssl.conf.tpl" > "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf" - - # Add new configuration only once, to avoid a second postunpack run breaking Apache - local apache_conf_add - apache_conf_add="$(cat <>"$APACHE_CONF_FILE" < - RequestHeader unset Proxy - -EOF - fi -} - -# Load Apache environment -. /opt/bitnami/scripts/apache-env.sh - -apache_setup_bitnami_config - -# Ensure non-root user has write permissions on a set of directories -for dir in "$APACHE_TMP_DIR" "$APACHE_CONF_DIR" "$APACHE_LOGS_DIR" "$APACHE_VHOSTS_DIR" "$APACHE_HTACCESS_DIR" "$APACHE_HTDOCS_DIR"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" -done - -# Create 'apache2' symlink pointing to the 'apache' directory, for compatibility with Bitnami Docs guides -ln -sf apache "${BITNAMI_ROOT_DIR}/apache2" - -ln -sf "/dev/stdout" "${APACHE_LOGS_DIR}/access_log" -ln -sf "/dev/stderr" "${APACHE_LOGS_DIR}/error_log" - -# This file is necessary for avoiding the error -# "unable to write random state" -# Source: https://stackoverflow.com/questions/94445/using-openssl-what-does-unable-to-write-random-state-mean - -touch /.rnd && chmod g+rw /.rnd diff --git a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/reload.sh b/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/reload.sh deleted file mode 100755 index 759c76157cc5..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/reload.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Apache environment -. /opt/bitnami/scripts/apache-env.sh - -info "** Reloading Apache configuration **" -exec "${APACHE_BIN_DIR}/apachectl" -k graceful diff --git a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/restart.sh b/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/restart.sh deleted file mode 100755 index a58851df0bab..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/restart.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh - -# Load Apache environment variables -. /opt/bitnami/scripts/apache-env.sh - -/opt/bitnami/scripts/apache/stop.sh -/opt/bitnami/scripts/apache/start.sh diff --git a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/run.sh b/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/run.sh deleted file mode 100755 index 01872e16a58a..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/run.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Apache environment -. /opt/bitnami/scripts/apache-env.sh - -info "** Starting Apache **" -exec "${APACHE_BIN_DIR}/httpd" -f "$APACHE_CONF_FILE" -D "FOREGROUND" diff --git a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/setup.sh b/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/setup.sh deleted file mode 100755 index ab451b6c1442..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/setup.sh +++ /dev/null @@ -1,91 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libapache.sh - -# Load Apache environment -. /opt/bitnami/scripts/apache-env.sh - -# Ensure Apache environment variables are valid -apache_validate - -# Ensure Apache daemon user exists when running as 'root' -am_i_root && ensure_user_exists "$APACHE_DAEMON_USER" --group "$APACHE_DAEMON_GROUP" - -# Generate SSL certs (without a passphrase) -ensure_dir_exists "${APACHE_CONF_DIR}/bitnami/certs" -if [[ ! -f "${APACHE_CONF_DIR}/bitnami/certs/server.crt" ]]; then - info "Generating sample certificates" - SSL_KEY_FILE="${APACHE_CONF_DIR}/bitnami/certs/server.key" - SSL_CERT_FILE="${APACHE_CONF_DIR}/bitnami/certs/server.crt" - SSL_CSR_FILE="${APACHE_CONF_DIR}/bitnami/certs/server.csr" - SSL_SUBJ="/CN=example.com" - SSL_EXT="subjectAltName=DNS:example.com,DNS:www.example.com,IP:127.0.0.1" - rm -f "$SSL_KEY_FILE" "$SSL_CERT_FILE" - openssl genrsa -out "$SSL_KEY_FILE" 4096 - # OpenSSL version 1.0.x does not use the same parameters as OpenSSL >= 1.1.x - if [[ "$(openssl version | grep -oE "[0-9]+\.[0-9]+")" == "1.0" ]]; then - openssl req -new -sha256 -out "$SSL_CSR_FILE" -key "$SSL_KEY_FILE" -nodes -subj "$SSL_SUBJ" - else - openssl req -new -sha256 -out "$SSL_CSR_FILE" -key "$SSL_KEY_FILE" -nodes -subj "$SSL_SUBJ" -addext "$SSL_EXT" - fi - openssl x509 -req -sha256 -in "$SSL_CSR_FILE" -signkey "$SSL_KEY_FILE" -out "$SSL_CERT_FILE" -days 1825 -extfile <(echo -n "$SSL_EXT") - rm -f "$SSL_CSR_FILE" -fi -# Load SSL configuration -if [[ -f "${APACHE_CONF_DIR}/bitnami/bitnami.conf" ]] && [[ -f "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf" ]]; then - ensure_apache_configuration_exists "Include \"${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf\"" "bitnami-ssl\.conf" "${APACHE_CONF_DIR}/bitnami/bitnami.conf" -fi - -# Copy vhosts files -if ! is_dir_empty "/vhosts"; then - info "Found mounted virtual hosts in '/vhosts'. Copying them to '${APACHE_BASE_DIR}/conf/vhosts'" - cp -Lr "/vhosts/." "${APACHE_VHOSTS_DIR}" -fi - -# Mount certificate files -if ! is_dir_empty "${APACHE_BASE_DIR}/certs"; then - warn "The directory '${APACHE_BASE_DIR}/certs' was externally mounted. This is a legacy configuration and will be deprecated soon. Please mount certificate files at '/certs' instead. Find an example at: https://github.com/bitnami/containers/tree/main/bitnami/apache#using-custom-ssl-certificates" - warn "Restoring certificates at '${APACHE_BASE_DIR}/certs' to '${APACHE_CONF_DIR}/bitnami/certs'" - rm -rf "${APACHE_CONF_DIR}/bitnami/certs" - ln -sf "${APACHE_BASE_DIR}/certs" "${APACHE_CONF_DIR}/bitnami/certs" -elif ! is_dir_empty "/certs"; then - info "Mounting certificates files from '/certs'" - rm -rf "${APACHE_CONF_DIR}/bitnami/certs" - ln -sf "/certs" "${APACHE_CONF_DIR}/bitnami/certs" -fi - -# Mount application files -if ! is_dir_empty "/app"; then - info "Mounting application files from '/app'" - rm -rf "$APACHE_HTDOCS_DIR" - ln -sf "/app" "$APACHE_HTDOCS_DIR" -fi - -# Restore persisted configuration files (deprecated) -if ! is_dir_empty "/bitnami/apache/conf"; then - warn "The directory '/bitnami/apache/conf' was externally mounted. This is a legacy configuration and will be deprecated soon. Please mount certificate files at '${APACHE_CONF_DIR}' instead. Find an example at: https://github.com/bitnami/containers/tree/main/bitnami/apache#full-configuration" - warn "Restoring configuration at '/bitnami/apache/conf' to '${APACHE_CONF_DIR}'" - rm -rf "$APACHE_CONF_DIR" - ln -sf "/bitnami/apache/conf" "$APACHE_CONF_DIR" -fi - -# Update ports in configuration -[[ -n "$APACHE_HTTP_PORT_NUMBER" ]] && info "Configuring the HTTP port" && apache_configure_http_port "$APACHE_HTTP_PORT_NUMBER" -[[ -n "$APACHE_HTTPS_PORT_NUMBER" ]] && info "Configuring the HTTPS port" && apache_configure_https_port "$APACHE_HTTPS_PORT_NUMBER" - -# Configure ServerTokens with user values -[[ -n "$APACHE_SERVER_TOKENS" ]] && info "Configuring Apache ServerTokens directive" && apache_configure_server_tokens "$APACHE_SERVER_TOKENS" - -# Fix logging issue when running as root -! am_i_root || chmod o+w "$(readlink /dev/stdout)" "$(readlink /dev/stderr)" diff --git a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/start.sh b/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/start.sh deleted file mode 100755 index 28425368c332..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/start.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Apache environment variables -. /opt/bitnami/scripts/apache-env.sh - -error_code=0 - -if is_apache_not_running; then - "${APACHE_BIN_DIR}/httpd" -f "$APACHE_CONF_FILE" - if ! retry_while "is_apache_running"; then - error "apache did not start" - error_code=1 - else - info "apache started" - fi -else - info "apache is already running" -fi - -exit "$error_code" diff --git a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/status.sh b/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/status.sh deleted file mode 100755 index 825fe8d37620..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/status.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Apache environment variables -. /opt/bitnami/scripts/apache-env.sh - -if is_apache_running; then - info "apache is already running" -else - info "apache is not running" -fi diff --git a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/stop.sh b/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/stop.sh deleted file mode 100755 index 8cca0a07ac64..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/apache/stop.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Apache environment variables -. /opt/bitnami/scripts/apache-env.sh - -error_code=0 - -if is_apache_running; then - BITNAMI_QUIET=1 apache_stop - if ! retry_while "is_apache_not_running"; then - error "apache could not be stopped" - error_code=1 - else - info "apache stopped" - fi -else - info "apache is not running" -fi - -exit "$error_code" diff --git a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/libapache.sh b/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/libapache.sh deleted file mode 100644 index c83892a10c5f..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/libapache.sh +++ /dev/null @@ -1,808 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Apache library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libservice.sh - -######################## -# Validate settings in APACHE_* env vars -# Globals: -# APACHE_* -# Arguments: -# None -# Returns: -# None -######################### -apache_validate() { - debug "Validating settings in APACHE_* environment variables" - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - check_allowed_port() { - local port_var="${1:?missing port variable}" - local -a validate_port_args=() - ! am_i_root && validate_port_args+=("-unprivileged") - validate_port_args+=("${!port_var}") - if ! err=$(validate_port "${validate_port_args[@]}"); then - print_validation_error "An invalid port was specified in the environment variable ${port_var}: ${err}." - fi - } - - [[ -w "$APACHE_CONF_FILE" ]] || warn "The Apache configuration file '${APACHE_CONF_FILE}' is not writable. Configurations based on environment variables will not be applied." - - if [[ -n "$APACHE_HTTP_PORT_NUMBER" ]] && [[ -n "$APACHE_HTTPS_PORT_NUMBER" ]]; then - if [[ "$APACHE_HTTP_PORT_NUMBER" -eq "$APACHE_HTTPS_PORT_NUMBER" ]]; then - print_validation_error "APACHE_HTTP_PORT_NUMBER and APACHE_HTTPS_PORT_NUMBER are bound to the same port!" - fi - fi - - [[ -n "$APACHE_HTTP_PORT_NUMBER" ]] && check_allowed_port APACHE_HTTP_PORT_NUMBER - [[ -n "$APACHE_HTTPS_PORT_NUMBER" ]] && check_allowed_port APACHE_HTTPS_PORT_NUMBER - - [[ "$error_code" -eq 0 ]] || exit "$error_code" -} - -######################## -# Configure Apache's HTTP port -# Globals: -# APACHE_CONF_FILE, APACHE_CONF_DIR -# Arguments: -# None -# Returns: -# None -######################### -apache_configure_http_port() { - local -r port=${1:?missing port} - local -r listen_exp="s|^\s*Listen\s+([^:]*:)?[0-9]+\s*$|Listen ${port}|" - local -r server_name_exp="s|^\s*#?\s*ServerName\s+([^:\s]+)(:[0-9]+)?$|ServerName \1:${port}|" - local -r vhost_exp="s|VirtualHost\s+([^:>]+)(:[0-9]+)|VirtualHost \1:${port}|" - local apache_configuration - - if [[ -w "$APACHE_CONF_FILE" ]]; then - debug "Configuring port ${port} on file ${APACHE_CONF_FILE}" - apache_configuration="$(sed -E -e "$listen_exp" -e "$server_name_exp" "$APACHE_CONF_FILE")" - echo "$apache_configuration" > "$APACHE_CONF_FILE" - fi - - if [[ -w "${APACHE_CONF_DIR}/bitnami/bitnami.conf" ]]; then - debug "Configuring port ${port} on file ${APACHE_CONF_DIR}/bitnami/bitnami.conf" - apache_configuration="$(sed -E "$vhost_exp" "${APACHE_CONF_DIR}/bitnami/bitnami.conf")" - echo "$apache_configuration" > "${APACHE_CONF_DIR}/bitnami/bitnami.conf" - fi - - if [[ -w "${APACHE_VHOSTS_DIR}/00_status-vhost.conf" ]]; then - debug "Configuring port ${port} on file ${APACHE_VHOSTS_DIR}/00_status-vhost.conf" - apache_configuration="$(sed -E "$vhost_exp" "${APACHE_VHOSTS_DIR}/00_status-vhost.conf")" - echo "$apache_configuration" > "${APACHE_VHOSTS_DIR}/00_status-vhost.conf" - fi -} - -######################## -# Configure Apache's HTTPS port -# Globals: -# APACHE_CONF_DIR -# Arguments: -# None -# Returns: -# None -######################### -apache_configure_https_port() { - local -r port=${1:?missing port} - local -r listen_exp="s|^\s*Listen\s+([^:]*:)?[0-9]+\s*$|Listen ${port}|" - local -r vhost_exp="s|VirtualHost\s+([^:>]+)(:[0-9]+)|VirtualHost \1:${port}|" - local apache_configuration - - if [[ -w "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf" ]]; then - debug "Configuring port ${port} on file ${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf" - apache_configuration="$(sed -E -e "$listen_exp" -e "$vhost_exp" "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf")" - echo "$apache_configuration" > "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf" - fi -} - -######################## -# Configure Apache's ServerTokens directive -# Globals: -# APACHE_CONF_DIR -# Arguments: -# $1 - Value for ServerTokens directive -# Returns: -# None -######################### -apache_configure_server_tokens() { - local -r value=${1:?missing value} - local -r server_tokens_exp="s|^\s*ServerTokens\s+\w+\s*$|ServerTokens ${value}|" - local apache_configuration - - if [[ -w "$APACHE_CONF_FILE" ]]; then - debug "Configuring ServerTokens ${value} on file ${APACHE_CONF_FILE}" - apache_configuration="$(sed -E -e "$server_tokens_exp" "$APACHE_CONF_FILE")" - echo "$apache_configuration" > "$APACHE_CONF_FILE" - fi -} - -######################## -# Enable a module in the Apache configuration file -# Globals: -# APACHE_CONF_FILE -# Arguments: -# $1 - Module to enable -# $2 - Path to module .so file (optional if already defined in httpd.conf) -# Returns: -# None -######################### -apache_enable_module() { - local -r name="${1:?missing name}" - local -r file="${2:-}" - local -r regex="[#\s]*(LoadModule\s+${name}\s+.*)$" - local apache_configuration - - if [[ -w "$APACHE_CONF_FILE" ]]; then - debug "Enabling module '${name}'" - if grep -q -E "$regex" "$APACHE_CONF_FILE"; then - # Uncomment line if the module was already defined - replace_in_file "$APACHE_CONF_FILE" "$regex" "\1" - elif [[ -n "$file" ]]; then - # Add right after the last LoadModule, so all Apache modules are organized in the same section of the file - append_file_after_last_match "$APACHE_CONF_FILE" "^[#\s]*LoadModule" "LoadModule ${name} ${file}" - else - error "Module ${name} was not defined in ${APACHE_CONF_FILE}. Please specify the 'file' parameter for 'apache_enable_module'." - fi - fi -} - -######################## -# Disable a module in the Apache configuration file -# Globals: -# APACHE_CONF_FILE -# Arguments: -# $1 - Module to disable -# Returns: -# None -######################### -apache_disable_module() { - local -r name="${1:?missing name}" - local -r file="${2:-}" - local -r regex="[#\s]*(LoadModule\s+${name}\s+.*)$" - local apache_configuration - - if [[ -w "$APACHE_CONF_FILE" ]]; then - debug "Disabling module '${name}'" - replace_in_file "$APACHE_CONF_FILE" "$regex" "#\1" - fi -} - -######################## -# Stop Apache -# Globals: -# APACHE_* -# Arguments: -# None -# Returns: -# None -######################### -apache_stop() { - is_apache_not_running && return - stop_service_using_pid "$APACHE_PID_FILE" -} - -######################## -# Check if Apache is running -# Globals: -# APACHE_PID_FILE -# Arguments: -# None -# Returns: -# Whether Apache is running -######################## -is_apache_running() { - local pid - pid="$(get_pid_from_file "$APACHE_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if Apache is running -# Globals: -# APACHE_PID_FILE -# Arguments: -# None -# Returns: -# Whether Apache is not running -######################## -is_apache_not_running() { - ! is_apache_running -} - -######################## -# Ensure configuration gets added to the main Apache configuration file -# Globals: -# APACHE_* -# Arguments: -# $1 - configuration string -# $2 - pattern to use for checking if the configuration already exists (default: $1) -# $3 - Apache configuration file (default: $APACHE_CONF_FILE) -# Returns: -# None -######################## -ensure_apache_configuration_exists() { - local -r conf="${1:?conf missing}" - local -r pattern="${2:-"$conf"}" - local -r conf_file="${3:-"$APACHE_CONF_FILE"}" - # Enable configuration by appending to httpd.conf - if ! grep -E -q "$pattern" "$conf_file"; then - if is_file_writable "$conf_file"; then - cat >> "$conf_file" <<< "$conf" - else - error "Could not add the following configuration to '${conf_file}:" - error "" - error "$(indent "$conf" 4)" - error "" - error "Include the configuration manually and try again." - return 1 - fi - fi -} - -######################## -# Collect all the .htaccess files from /opt/bitnami/$name and write the result in the 'htaccess' directory -# Globals: -# APACHE_* -# Arguments: -# $1 - App name -# $2 - Overwrite the original .htaccess with the explanation text (defaults to 'yes') -# Flags: -# --document-root - Path to document root directory -# Returns: -# None -######################## -apache_replace_htaccess_files() { - local -r app="${1:?missing app}" - local -r result_file="${APACHE_HTACCESS_DIR}/${app}-htaccess.conf" - # Default options - local document_root="${BITNAMI_ROOT_DIR}/${app}" - local overwrite="yes" - local -a htaccess_files - local htaccess_dir - local htaccess_contents - # Validate arguments - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --document-root) - shift - document_root="$1" - ;; - --overwrite) - shift - overwrite="$1" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - if is_file_writable "$result_file"; then - # Locate all .htaccess files inside the document root - read -r -a htaccess_files <<< "$(find "$document_root" -name .htaccess -print0 | xargs -0)" - [[ "${#htaccess_files[@]}" = 0 ]] && return - # Create file with root group write privileges, so it can be modified in non-root containers - [[ ! -f "$result_file" ]] && touch "$result_file" && chmod g+rw "$result_file" - for htaccess_file in "${htaccess_files[@]}"; do - htaccess_dir="$(dirname "$htaccess_file")" - htaccess_contents="$(indent "$(< "$htaccess_file")" 2)" - # Skip if it was already included to the resulting htaccess file - if grep -q "^" <<< "$htaccess_contents"; then - continue - fi - # Add to the htaccess file - cat >> "$result_file" < -${htaccess_contents} - -EOF - # Overwrite the original .htaccess with the explanation text - if is_boolean_yes "$overwrite"; then - echo "# This configuration has been moved to the ${result_file} config file for performance and security reasons" > "$htaccess_file" - fi - done - elif [[ ! -f "$result_file" ]]; then - error "Could not create htaccess for ${app} at '${result_file}'. Check permissions and ownership for parent directories." - return 1 - else - warn "The ${app} htaccess file '${result_file}' is not writable. Configurations based on environment variables will not be applied for this file." - return - fi -} - -######################## -# Ensure an Apache application configuration exists (in virtual host format) -# Globals: -# APACHE_* -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on what configuration template will be used, allowed values: php, (empty) -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases (defaults to '*') -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render the app's virtual hosts with a .disabled prefix -# --disable-http - Whether to render the app's HTTP virtual host with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS virtual host with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# --additional-configuration - Additional vhost configuration (no default) -# --additional-http-configuration - Additional HTTP vhost configuration (no default) -# --additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --before-vhost-configuration - Configuration to add before the directive (no default) -# --allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --document-root - Path to document root directory -# --extra-directory-configuration - Extra configuration for the document root directory -# --proxy-address - Address where to proxy requests -# --proxy-configuration - Extra configuration for the proxy -# --proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_apache_app_configuration_exists() { - local -r app="${1:?missing app}" - # Default options - local type="" - local -a hosts=("127.0.0.1" "_default_") - local server_name="www.example.com" # Default ServerName in httpd.conf - local -a server_aliases=("*") - local allow_remote_connections="yes" - local disable="no" - local disable_http="no" - local disable_https="no" - local move_htaccess="yes" - # Template variables defaults - export additional_configuration="" - export additional_http_configuration="" - export additional_https_configuration="" - export before_vhost_configuration="" - export allow_override="All" - export document_root="${BITNAMI_ROOT_DIR}/${app}" - export extra_directory_configuration="" - export default_http_port="${APACHE_HTTP_PORT_NUMBER:-"$APACHE_DEFAULT_HTTP_PORT_NUMBER"}" - export default_https_port="${APACHE_HTTPS_PORT_NUMBER:-"$APACHE_DEFAULT_HTTPS_PORT_NUMBER"}" - export http_port="$default_http_port" - export https_port="$default_https_port" - export proxy_address="" - export proxy_configuration="" - export proxy_http_configuration="" - export proxy_https_configuration="" - # Validate arguments - local var_name - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --hosts \ - | --server-aliases) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - read -r -a "${var_name?}" <<< "$1" - ;; - --disable \ - | --disable-http \ - | --disable-https \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - export "${var_name}=yes" - ;; - --type \ - | --server-name \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --move-htaccess \ - | --additional-configuration \ - | --additional-http-configuration \ - | --additional-https-configuration \ - | --before-vhost-configuration \ - | --allow-override \ - | --document-root \ - | --extra-directory-configuration \ - | --proxy-address \ - | --proxy-configuration \ - | --proxy-http-configuration \ - | --proxy-https-configuration \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - export "${var_name}=${1}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Construct listen ports configuration (only to add when using non-standard ports) - export http_listen_configuration="" - export https_listen_configuration="" - [[ "$http_port" != "$default_http_port" ]] && http_listen_configuration="Listen ${http_port}" - [[ "$https_port" != "$default_https_port" ]] && https_listen_configuration="Listen ${https_port}" - # Construct host string in the format of "host1:port1[ host2:port2[ ...]]" - export http_listen_addresses="" - export https_listen_addresses="" - for host in "${hosts[@]}"; do - http_listen="${host}:${http_port}" - https_listen="${host}:${https_port}" - [[ -z "${http_listen_addresses:-}" ]] && http_listen_addresses="$http_listen" || http_listen_addresses="${http_listen_addresses} ${http_listen}" - [[ -z "${https_listen_addresses:-}" ]] && https_listen_addresses="$https_listen" || https_listen_addresses="${https_listen_addresses} ${https_listen}" - done - # Construct ServerName/ServerAlias block - export server_name_configuration="" - if ! is_empty_value "${server_name:-}"; then - server_name_configuration="ServerName ${server_name}" - fi - if [[ "${#server_aliases[@]}" -gt 0 ]]; then - server_name_configuration+=$'\n'"ServerAlias ${server_aliases[*]}" - fi - # App .htaccess support (only when type is not defined) - export htaccess_include - [[ -z "$type" || "$type" = "php" ]] && is_boolean_yes "$move_htaccess" && apache_replace_htaccess_files "$app" --document-root "$document_root" - if [[ -z "$type" || "$type" = "php" ]] && [[ -f "${APACHE_HTACCESS_DIR}/${app}-htaccess.conf" ]]; then - allow_override="None" - htaccess_include="Include \"${APACHE_HTACCESS_DIR}/${app}-htaccess.conf\"" - else - # allow_override is already set to the expected value - htaccess_include="" - fi - # ACL configuration - export acl_configuration - if is_boolean_yes "$allow_remote_connections"; then - acl_configuration="Require all granted" - else - acl_configuration="$(cat < "$http_vhost" - elif [[ ! -f "$http_vhost" ]]; then - error "Could not create virtual host for ${app} at '${http_vhost}'. Check permissions and ownership for parent directories." - return 1 - else - warn "The ${app} virtual host file '${http_vhost}' is not writable. Configurations based on environment variables will not be applied for this file." - fi - if is_file_writable "$https_vhost"; then - # Create file with root group write privileges, so it can be modified in non-root containers - [[ ! -f "$https_vhost" ]] && touch "$https_vhost" && chmod g+rw "$https_vhost" - render-template "${template_dir}/${template_name}-https-vhost.conf.tpl" | sed '/^\s*$/d' > "$https_vhost" - elif [[ ! -f "$https_vhost" ]]; then - error "Could not create virtual host for ${app} at '${https_vhost}'. Check permissions and ownership for parent directories." - return 1 - else - warn "The ${app} virtual host file '${https_vhost}' is not writable. Configurations based on environment variables will not be applied for this file." - fi -} - -######################## -# Ensure an Apache application configuration does not exist anymore (in virtual hosts format) -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_apache_app_configuration_not_exists() { - local -r app="${1:?missing app}" - local -r http_vhost="${APACHE_VHOSTS_DIR}/${app}-vhost.conf" - local -r https_vhost="${APACHE_VHOSTS_DIR}/${app}-https-vhost.conf" - local -r disable_suffix=".disabled" - # Note that 'rm -f' will not fail if the files don't exist - # However if we lack permissions to remove the file, it will result in a non-zero exit code, as expected by this function - rm -f "$http_vhost" "$https_vhost" "${http_vhost}${disable_suffix}" "${https_vhost}${disable_suffix}" -} - -######################## -# Ensure Apache loads the configuration for an application in a URL prefix -# Globals: -# APACHE_* -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on what configuration template will be used, allowed values: php, (empty) -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --additional-configuration - Additional vhost configuration (no default) -# --allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --document-root - Path to document root directory -# --extra-directory-configuration - Extra configuration for the document root directory -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_apache_prefix_configuration_exists() { - local -r app="${1:?missing app}" - # Default options - local type="" - local allow_remote_connections="yes" - local move_htaccess="yes" - local prefix="/${app}" - # Template variables defaults - export additional_configuration="" - export allow_override="All" - export document_root="${BITNAMI_ROOT_DIR}/${app}" - export extra_directory_configuration="" - # Validate arguments - local var_name - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --type \ - | --allow-remote-connections \ - | --move-htaccess \ - | --prefix \ - | --additional-configuration \ - | --allow-override \ - | --document-root \ - | --extra-directory-configuration \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "${var_name}=${1}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # App .htaccess support (only when type is not defined) - export htaccess_include - [[ -z "$type" || "$type" = "php" ]] && is_boolean_yes "$move_htaccess" && apache_replace_htaccess_files "$app" --document-root "$document_root" - if [[ -z "$type" || "$type" = "php" ]] && [[ -f "${APACHE_HTACCESS_DIR}/${app}-htaccess.conf" ]]; then - allow_override="None" - htaccess_include="Include \"${APACHE_HTACCESS_DIR}/${app}-htaccess.conf\"" - else - # allow_override is already set to the expected value - htaccess_include="" - fi - # ACL configuration - export acl_configuration - if is_boolean_yes "$allow_remote_connections"; then - acl_configuration="Require all granted" - else - acl_configuration="$(cat < "$prefix_file" - ensure_apache_configuration_exists "Include \"$prefix_file\"" - elif [[ ! -f "$prefix_file" ]]; then - error "Could not create web server configuration file for ${app} at '${prefix_file}'. Check permissions and ownership for parent directories." - return 1 - else - warn "The ${app} web server configuration file '${prefix_file}' is not writable. Configurations based on environment variables will not be applied for this file." - fi -} - -######################## -# Ensure Apache application configuration is updated with the runtime configuration (i.e. ports) -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -apache_update_app_configuration() { - local -r app="${1:?missing app}" - # Default options - local -a hosts=("127.0.0.1" "_default_") - local server_name="www.example.com" # Default ServerName in httpd.conf - local -a server_aliases=() - local enable_http="no" - local enable_https="no" - local disable_http="no" - local disable_https="no" - export default_http_port="${APACHE_HTTP_PORT_NUMBER:-"$APACHE_DEFAULT_HTTP_PORT_NUMBER"}" - export default_https_port="${APACHE_HTTPS_PORT_NUMBER:-"$APACHE_DEFAULT_HTTPS_PORT_NUMBER"}" - export http_port="$default_http_port" - export https_port="$default_https_port" - local var_name - # Validate arguments - local var_name - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --hosts \ - | --server-aliases) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - read -r -a "${var_name?}" <<< "$1" - ;; - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - declare "${var_name}=yes" - ;; - --server-name \ - | --http-port \ - | --https-port \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "${var_name}=${1}" - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Construct host string in the format of "host1:port1[ host2:port2[ ...]]" - export http_listen_addresses="" - export https_listen_addresses="" - for host in "${hosts[@]}"; do - http_listen="${host}:${http_port}" - https_listen="${host}:${https_port}" - [[ -z "${http_listen_addresses:-}" ]] && http_listen_addresses="$http_listen" || http_listen_addresses="${http_listen_addresses} ${http_listen}" - [[ -z "${https_listen_addresses:-}" ]] && https_listen_addresses="$https_listen" || https_listen_addresses="${https_listen_addresses} ${https_listen}" - done - # Update configuration - local -r http_vhost="${APACHE_VHOSTS_DIR}/${app}-vhost.conf" - local -r https_vhost="${APACHE_VHOSTS_DIR}/${app}-https-vhost.conf" - local -r disable_suffix=".disabled" - # Helper function to avoid duplicating code - update_common_vhost_config() { - local -r vhost_file="${1:?missing virtual host}" - # Update ServerName - if ! is_empty_value "${server_name:-}"; then - replace_in_file "$vhost_file" "^(\s*ServerName\s+).*" "\1${server_name}" - fi - # Update ServerAlias - if [[ "${#server_aliases[@]}" -gt 0 ]]; then - replace_in_file "$vhost_file" "^(\s*ServerAlias\s+).*" "\1${server_aliases[*]}" - fi - } - # Disable and enable configuration files - rename_conf_file() { - local -r origin="$1" - local -r destination="$2" - if is_file_writable "$origin" && is_file_writable "$destination"; then - warn "Could not rename virtual host file '${origin}' to '${destination}' due to lack of permissions." - else - mv "$origin" "$destination" - fi - } - is_boolean_yes "$disable_http" && [[ -e "$http_vhost" ]] && rename_conf_file "${http_vhost}${disable_suffix}" "$http_vhost" - is_boolean_yes "$disable_https" && [[ -e "$https_vhost" ]] && rename_conf_file "${https_vhost}${disable_suffix}" "$https_vhost" - is_boolean_yes "$enable_http" && [[ -e "${http_vhost}${disable_suffix}" ]] && rename_conf_file "${http_vhost}${disable_suffix}" "$http_vhost" - is_boolean_yes "$enable_https" && [[ -e "${https_vhost}${disable_suffix}" ]] && rename_conf_file "${https_vhost}${disable_suffix}" "$https_vhost" - # Update only configuration files without the '.disabled' suffix - if [[ -e "$http_vhost" ]]; then - if is_file_writable "$http_vhost"; then - update_common_vhost_config "$http_vhost" - # Update vhost-specific config (listen port and addresses) - replace_in_file "$http_vhost" "^Listen .*" "Listen ${http_port}" - replace_in_file "$http_vhost" "^$" "" - else - warn "The ${app} virtual host file '${http_vhost}' is not writable. Configurations based on environment variables will not be applied for this file." - fi - fi - if [[ -e "$https_vhost" ]]; then - if is_file_writable "$https_vhost"; then - update_common_vhost_config "$https_vhost" - # Update vhost-specific config (listen port and addresses) - replace_in_file "$https_vhost" "^Listen .*" "Listen ${https_port}" - replace_in_file "$https_vhost" "^$" "" - else - warn "The ${app} virtual host file '${https_vhost}' is not writable. Configurations based on environment variables will not be applied for this file." - fi - fi -} - -######################## -# Create a password file for basic authentication and restrict its permissions -# Globals: -# * -# Arguments: -# $1 - file -# $2 - username -# $3 - password -# Returns: -# true if the configuration was updated, false otherwise -######################## -apache_create_password_file() { - local -r file="${1:?missing file}" - local -r username="${2:?missing username}" - local -r password="${3:?missing password}" - - "${APACHE_BIN_DIR}/htpasswd" -bc "$file" "$username" "$password" - am_i_root && configure_permissions_ownership "$file" --file-mode "600" --user "$APACHE_DAEMON_USER" --group "$APACHE_DAEMON_GROUP" -} diff --git a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/libmatomo.sh b/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/libmatomo.sh deleted file mode 100644 index 23103a1fdf1d..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/libmatomo.sh +++ /dev/null @@ -1,425 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Matomo library - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/libphp.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libpersistence.sh -. /opt/bitnami/scripts/libwebserver.sh - -# Load database library -if [[ -f /opt/bitnami/scripts/libmysqlclient.sh ]]; then - . /opt/bitnami/scripts/libmysqlclient.sh -elif [[ -f /opt/bitnami/scripts/libmysql.sh ]]; then - . /opt/bitnami/scripts/libmysql.sh -elif [[ -f /opt/bitnami/scripts/libmariadb.sh ]]; then - . /opt/bitnami/scripts/libmariadb.sh -fi - -######################## -# Validate settings in MATOMO_* env vars -# Globals: -# MATOMO_* -# Arguments: -# None -# Returns: -# 0 if the validation succeeded, 1 otherwise -######################### -matomo_validate() { - debug "Validating settings in MATOMO_* environment variables..." - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - check_yes_no_value() { - if ! is_yes_no_value "${!1}" && ! is_true_false_value "${!1}"; then - print_validation_error "The allowed values for ${1} are: yes no" - fi - } - check_multi_value() { - if [[ " ${2} " != *" ${!1} "* ]]; then - print_validation_error "The allowed values for ${1} are: ${2}" - fi - } - - check_valid_port() { - local port_var="${1:?missing port variable}" - local err - if ! err="$(validate_port "${!port_var}")"; then - print_validation_error "An invalid port was specified in the environment variable ${port_var}: ${err}." - fi - } - - # Validate credentials - if is_boolean_yes "$ALLOW_EMPTY_PASSWORD"; then - warn "You set the environment variable ALLOW_EMPTY_PASSWORD=${ALLOW_EMPTY_PASSWORD}. For safety reasons, do not use this flag in a production environment." - else - for empty_env_var in "MATOMO_DATABASE_PASSWORD" "MATOMO_PASSWORD"; do - is_empty_value "${!empty_env_var}" && print_validation_error "The ${empty_env_var} environment variable is empty or not set. Set the environment variable ALLOW_EMPTY_PASSWORD=yes to allow a blank password. This is only recommended for development environments." - done - fi - - # Check yes no values - for yes_no_var in "MATOMO_ENABLE_DATABASE_SSL" "MATOMO_ENABLE_PROXY_URI_HEADER" "MATOMO_VERIFY_DATABASE_SSL" "MATOMO_ENABLE_FORCE_SSL" "MATOMO_ENABLE_ASSUME_SECURE_PROTOCOL"; do - check_yes_no_value "${yes_no_var}" - done - - # Validate SMTP credentials - if ! is_empty_value "$MATOMO_SMTP_HOST"; then - for empty_env_var in "MATOMO_SMTP_USER" "MATOMO_SMTP_PASSWORD"; do - is_empty_value "${!empty_env_var}" && warn "The ${empty_env_var} environment variable is empty or not set." - done - is_empty_value "$MATOMO_SMTP_PORT_NUMBER" && print_validation_error "The MATOMO_SMTP_PORT_NUMBER environment variable is empty or not set." - ! is_empty_value "$MATOMO_SMTP_PORT_NUMBER" && check_valid_port "MATOMO_SMTP_PORT_NUMBER" - ! is_empty_value "$MATOMO_SMTP_PROTOCOL" && check_multi_value "MATOMO_SMTP_PROTOCOL" "ssl tls none" - ! is_empty_value "$MATOMO_SMTP_AUTH" && check_multi_value "MATOMO_SMTP_AUTH" "Plain Login Crammd5" - fi - - # Check that the web server is properly set up - web_server_validate || print_validation_error "Web server validation failed" - - return "$error_code" -} - -######################## -# Ensure Matomo is initialized -# Globals: -# MATOMO_* -# Arguments: -# None -# Returns: -# None -######################### -matomo_initialize() { - # Update Matomo configuration via mounted configuration files and environment variables - # Check if Matomo has already been initialized and persisted in a previous run - local db_host db_port db_name db_user db_pass - local -r app_name="matomo" - if ! is_app_initialized "$app_name"; then - # Ensure Matomo persisted directories exist (i.e. when a volume has been mounted to /bitnami) - info "Ensuring Matomo directories exist" - ensure_dir_exists "$MATOMO_VOLUME_DIR" - # Use daemon:root ownership for compatibility when running as a non-root user - am_i_root && configure_permissions_ownership "$MATOMO_VOLUME_DIR" -d "775" -f "664" -u "$WEB_SERVER_DAEMON_USER" -g "root" - info "Trying to connect to the database server" - db_host="$MATOMO_DATABASE_HOST" - db_port="$MATOMO_DATABASE_PORT_NUMBER" - db_name="$MATOMO_DATABASE_NAME" - db_user="$MATOMO_DATABASE_USER" - db_pass="$MATOMO_DATABASE_PASSWORD" - matomo_wait_for_db_connection "$db_host" "$db_port" "$db_name" "$db_user" "$db_pass" - - if ! is_boolean_yes "$MATOMO_SKIP_BOOTSTRAP"; then - matomo_pass_wizard - local -a mysql_execute_args=("$db_host" "$db_port" "$db_name" "$db_user" "$db_pass") - if am_i_root; then - ## If the application is running as root, the cron jobs will be executed, so we need to disable - ## the browser-triggered archiving so the "Last Successful Archiving Completion" check passes. - ## In a non-root container we can only use the browser-triggered archiving, meaning that the - ## system check will show a warning (but not a failure) - ## https://matomo.org/docs/setup-auto-archiving/ - mysql_remote_execute "${mysql_execute_args[@]}" < /dev/null 2>> ${MATOMO_BASE_DIR}/tmp/logs/matomo-cron.log" --run-as "$WEB_SERVER_DAEMON_USER" --schedule "*/1 * * * *" - else - warn "Skipping cron configuration for Matomo because of running as a non-root user" - fi - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Add or modify an entry in the Matomo configuration file (config.inc.php) -# Globals: -# MATOMO_* -# Arguments: -# $1 - PHP variable name -# $2 - Value to assign to the PHP variable -# $3 - Whether the value is a literal, or if instead it should be quoted (default: no) -# Returns: -# None -######################### -matomo_conf_set() { - local -r key="${1:?key missing}" - local -r value="${2:?value missing}" - local -r is_literal="${3:-no}" - debug "Setting ${key} to '${value}' in Matomo configuration (literal: ${is_literal})" - # Sanitize key (sed does not support fixed string substitutions) - local sanitized_pattern - sanitized_pattern="^\s*(//\s*)?$(sed 's/[]\[^$.*/]/\\&/g' <<<"$key")\s*=.*" - local entry - is_boolean_yes "$is_literal" && entry="${key} = $value;" || entry="${key} = '$value';" - # Check if the configuration exists in the file - if grep -q -E "$sanitized_pattern" "$MATOMO_CONF_FILE"; then - # It exists, so replace the line - replace_in_file "$MATOMO_CONF_FILE" "$sanitized_pattern" "$entry" - else - # The Matomo configuration file includes all supported keys, but because of its format, - # we cannot append contents to the end. We can assume thi - warn "Could not set the Matomo '${key}' configuration. Check that the file has not been modified externally." - fi -} - -######################## -# Get an entry from the Matomo configuration file (config.inc.php) -# Globals: -# MATOMO_* -# Arguments: -# $1 - PHP variable name -# Returns: -# None -######################### -matomo_conf_get() { - local -r key="${1:?key missing}" - debug "Getting ${key} from Matomo configuration" - # Sanitize key (sed does not support fixed string substitutions) - local sanitized_pattern - sanitized_pattern="^\s*(//\s*)?$(sed 's/[]\[^$.*/]/\\&/g' <<<"$key")\s*=([^;]+);" - debug "$sanitized_pattern" - grep -E "$sanitized_pattern" "$MATOMO_CONF_FILE" | sed -E "s|${sanitized_pattern}|\2|" | tr -d "\"' " -} - -######################## -# Wait until the database is accessible with the currently-known credentials -# Globals: -# * -# Arguments: -# $1 - database host -# $2 - database port -# $3 - database name -# $4 - database username -# $5 - database user password (optional) -# Returns: -# true if the database connection succeeded, false otherwise -######################### -matomo_wait_for_db_connection() { - local -r db_host="${1:?missing database host}" - local -r db_port="${2:?missing database port}" - local -r db_name="${3:?missing database name}" - local -r db_user="${4:?missing database user}" - local -r db_pass="${5:-}" - check_mysql_connection() { - echo "SELECT 1" | mysql_remote_execute "$db_host" "$db_port" "$db_name" "$db_user" "$db_pass" - } - if ! retry_while "check_mysql_connection"; then - error "Could not connect to the database" - return 1 - fi -} - -######################## -# Pass Matomo wizard -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the wizard succeeded, false otherwise -######################### -matomo_pass_wizard() { - local -r port="${WEB_SERVER_HTTP_PORT_NUMBER:-"$WEB_SERVER_DEFAULT_HTTP_PORT_NUMBER"}" - local wizard_url cookie_file curl_output - local -a curl_opts curl_data_opts - wizard_url="http://127.0.0.1:${port}/" - cookie_file="/tmp/cookie$(generate_random_string -t alphanumeric -c 8)" - curl_opts=("--location" "--silent" "--cookie" "$cookie_file" "--cookie-jar" "$cookie_file") - # Ensure the web server is started - web_server_start - info "Passing Matomo installation wizard" - # Step 0: Get cookies - debug_execute "curl" "${curl_opts[@]}" "$wizard_url" - # Step 1: System check - curl_data_opts=( - "--data-urlencode" "action=systemCheck" - ) - debug_execute "curl" "${curl_opts[@]}" "${curl_data_opts[@]}" "${wizard_url}" - - # Step 2: Database setup - curl_data_opts=( - "--data-urlencode" "action=databaseSetup" - "--data-urlencode" "host=${MATOMO_DATABASE_HOST}:${MATOMO_DATABASE_PORT_NUMBER}" - "--data-urlencode" "username=${MATOMO_DATABASE_USER}" - "--data-urlencode" "password=${MATOMO_DATABASE_PASSWORD}" - "--data-urlencode" "dbname=${MATOMO_DATABASE_NAME}" - "--data-urlencode" "tables_prefix=${MATOMO_DATABASE_TABLE_PREFIX}" - "--data-urlencode" "adapter=MYSQLI" - ) - debug_execute "curl" "${curl_opts[@]}" "${curl_data_opts[@]}" "${wizard_url}" - - # Step 3: Create tables - curl_data_opts=( - "--data-urlencode" "action=tablesCreation" - "--data-urlencode" "module=Installation" - ) - debug_execute "curl" "${curl_opts[@]}" "${curl_data_opts[@]}" "${wizard_url}" - - # Step 4: Setup super-user - curl_data_opts=( - "--data-urlencode" "action=setupSuperUser" - "--data-urlencode" "module=Installation" - "--data-urlencode" "login=${MATOMO_USERNAME}" - "--data-urlencode" "password=${MATOMO_PASSWORD}" - "--data-urlencode" "password_bis=${MATOMO_PASSWORD}" - "--data-urlencode" "email=${MATOMO_EMAIL}" - ) - debug_execute "curl" "${curl_opts[@]}" "${curl_data_opts[@]}" "${wizard_url}" - - # Step 5: Setup first tracking website - curl_data_opts=( - "--data-urlencode" "action=firstWebsiteSetup" - "--data-urlencode" "module=Installation" - "--data-urlencode" "siteName=${MATOMO_WEBSITE_NAME}" - "--data-urlencode" "url=${MATOMO_WEBSITE_HOST}" - "--data-urlencode" "timezone=UTC-8" - ) - debug_execute "curl" "${curl_opts[@]}" "${curl_data_opts[@]}" "${wizard_url}" - - # Step 6: Tracking code - curl_data_opts=( - "--data-urlencode" "action=trackingCode" - "--data-urlencode" "module=Installation" - ) - - # Step 7: Finish installation - curl_data_opts=( - "--data-urlencode" "action=finished" - "--data-urlencode" "module=Installation" - ) - - curl_output="$(curl "${curl_opts[@]}" "${curl_data_opts[@]}" "${wizard_url}" 2>/dev/null)" - - if [[ "$curl_output" != *"Success"* ]]; then - error "An error occurred while installing Matomo" - debug "$curl_output" - return 1 - else - info "Matomo wizard finished successfully" - fi - # Stop the web server afterwards - web_server_stop -} diff --git a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/libmysqlclient.sh b/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/libmysqlclient.sh deleted file mode 100644 index fc8e6ee12d28..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/libmysqlclient.sh +++ /dev/null @@ -1,1094 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami MySQL Client library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh - -######################## -# Validate settings in MYSQL_CLIENT_* environment variables -# Globals: -# MYSQL_CLIENT_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_client_validate() { - info "Validating settings in MYSQL_CLIENT_* env vars" - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - empty_password_enabled_warn() { - warn "You set the environment variable ALLOW_EMPTY_PASSWORD=${ALLOW_EMPTY_PASSWORD}. For safety reasons, do not use this flag in a production environment." - } - empty_password_error() { - print_validation_error "The $1 environment variable is empty or not set. Set the environment variable ALLOW_EMPTY_PASSWORD=yes to allow the container to be started with blank passwords. This is recommended only for development." - } - backslash_password_error() { - print_validation_error "The password cannot contain backslashes ('\'). Set the environment variable $1 with no backslashes (more info at https://dev.mysql.com/doc/refman/8.0/en/string-comparison-functions.html)" - } - - check_yes_no_value() { - if ! is_yes_no_value "${!1}" && ! is_true_false_value "${!1}"; then - print_validation_error "The allowed values for ${1} are: yes no" - fi - } - - check_multi_value() { - if [[ " ${2} " != *" ${!1} "* ]]; then - print_validation_error "The allowed values for ${1} are: ${2}" - fi - } - - # Only validate environment variables if any action needs to be performed - check_yes_no_value "MYSQL_CLIENT_ENABLE_SSL_WRAPPER" - check_multi_value "MYSQL_CLIENT_FLAVOR" "mariadb mysql" - - if [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_USER" || -n "$MYSQL_CLIENT_CREATE_DATABASE_NAME" ]]; then - if is_boolean_yes "$ALLOW_EMPTY_PASSWORD"; then - empty_password_enabled_warn - else - if [[ -z "$MYSQL_CLIENT_DATABASE_ROOT_PASSWORD" ]]; then - empty_password_error "MYSQL_CLIENT_DATABASE_ROOT_PASSWORD" - fi - if [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_USER" ]] && [[ -z "$MYSQL_CLIENT_CREATE_DATABASE_PASSWORD" ]]; then - empty_password_error "MYSQL_CLIENT_CREATE_DATABASE_PASSWORD" - fi - fi - if [[ "${MYSQL_CLIENT_DATABASE_ROOT_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "MYSQL_CLIENT_DATABASE_ROOT_PASSWORD" - fi - if [[ "${MYSQL_CLIENT_CREATE_DATABASE_PASSWORD:-}" = *\\* ]]; then - backslash_password_error "MYSQL_CLIENT_CREATE_DATABASE_PASSWORD" - fi - fi - return "$error_code" -} - -######################## -# Perform actions to a database -# Globals: -# DB_* -# MYSQL_CLIENT_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_client_initialize() { - # Wrap binary to force the usage of SSL - if is_boolean_yes "$MYSQL_CLIENT_ENABLE_SSL_WRAPPER"; then - mysql_client_wrap_binary_for_ssl - fi - # Wait for the database to be accessible if any action needs to be performed - if [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_USER" || -n "$MYSQL_CLIENT_CREATE_DATABASE_NAME" ]]; then - info "Trying to connect to the database server" - check_mysql_connection() { - echo "SELECT 1" | mysql_execute "mysql" "$MYSQL_CLIENT_DATABASE_ROOT_USER" "$MYSQL_CLIENT_DATABASE_ROOT_PASSWORD" "-h" "$MYSQL_CLIENT_DATABASE_HOST" "-P" "$MYSQL_CLIENT_DATABASE_PORT_NUMBER" - } - if ! retry_while "check_mysql_connection"; then - error "Could not connect to the database server" - return 1 - fi - fi - # Ensure a database user exists in the server - if [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_USER" ]]; then - info "Creating database user ${MYSQL_CLIENT_CREATE_DATABASE_USER}" - local -a args=("$MYSQL_CLIENT_CREATE_DATABASE_USER" "--host" "$MYSQL_CLIENT_DATABASE_HOST" "--port" "$MYSQL_CLIENT_DATABASE_PORT_NUMBER") - [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_PASSWORD" ]] && args+=("-p" "$MYSQL_CLIENT_CREATE_DATABASE_PASSWORD") - [[ -n "$MYSQL_CLIENT_DATABASE_AUTHENTICATION_PLUGIN" ]] && args+=("--auth-plugin" "$MYSQL_CLIENT_DATABASE_AUTHENTICATION_PLUGIN") - mysql_ensure_optional_user_exists "${args[@]}" - fi - # Ensure a database exists in the server (and that the user has write privileges, if specified) - if [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_NAME" ]]; then - info "Creating database ${MYSQL_CLIENT_CREATE_DATABASE_NAME}" - local -a createdb_args=("$MYSQL_CLIENT_CREATE_DATABASE_NAME" "--host" "$MYSQL_CLIENT_DATABASE_HOST" "--port" "$MYSQL_CLIENT_DATABASE_PORT_NUMBER") - [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_USER" ]] && createdb_args+=("-u" "$MYSQL_CLIENT_CREATE_DATABASE_USER") - [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_CHARACTER_SET" ]] && createdb_args+=("--character-set" "$MYSQL_CLIENT_CREATE_DATABASE_CHARACTER_SET") - [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_COLLATE" ]] && createdb_args+=("--collate" "$MYSQL_CLIENT_CREATE_DATABASE_COLLATE") - [[ -n "$MYSQL_CLIENT_CREATE_DATABASE_PRIVILEGES" ]] && createdb_args+=("--privileges" "$MYSQL_CLIENT_CREATE_DATABASE_PRIVILEGES") - mysql_ensure_optional_database_exists "${createdb_args[@]}" - fi -} - -######################## -# Wrap binary to force the usage of SSL -# Globals: -# DB_* -# MYSQL_CLIENT_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_client_wrap_binary_for_ssl() { - local wrapper_file="${DB_BIN_DIR}/mysql" - # In MySQL Client 10.6, mysql is a link to the mariadb binary - if [[ -f "${DB_BIN_DIR}/mariadb" ]]; then - wrapper_file="${DB_BIN_DIR}/mariadb" - fi - local -r wrapped_binary_file="${DB_BASE_DIR}/.bin/mysql" - local -a ssl_opts=() - read -r -a ssl_opts <<<"$(mysql_client_extra_opts)" - - mv "$wrapper_file" "$wrapped_binary_file" - cat >"$wrapper_file" <> "$custom_conf_file" - cat "$old_custom_conf_file" >> "$custom_conf_file" - fi - if am_i_root; then - [[ -e "$DB_VOLUME_DIR/.initialized" ]] && rm "$DB_VOLUME_DIR/.initialized" - rm -rf "$DB_VOLUME_DIR/conf" - else - warn "Old custom configuration migrated, please manually remove the 'conf' directory from the volume use to persist data" - fi -} - -######################## -# Ensure a db user exists with the given password for the '%' host -# Globals: -# DB_* -# Flags: -# -p|--password - database password -# -u|--user - database user -# --auth-plugin - authentication plugin -# --use-ldap - authenticate user via LDAP -# --host - database host -# --port - database host -# Arguments: -# $1 - database user -# Returns: -# None -######################### -mysql_ensure_user_exists() { - local -r user="${1:?user is required}" - local password="" - local auth_plugin="" - local use_ldap="no" - local hosts - local auth_string="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -p|--password) - shift - password="${1:?missing database password}" - ;; - --auth-plugin) - shift - auth_plugin="${1:?missing authentication plugin}" - ;; - --use-ldap) - use_ldap="yes" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if is_boolean_yes "$use_ldap"; then - auth_string="identified via pam using '$DB_FLAVOR'" - elif [[ -n "$password" ]]; then - if [[ -n "$auth_plugin" ]]; then - auth_string="identified with $auth_plugin by '$password'" - else - auth_string="identified by '$password'" - fi - fi - debug "creating database user \'$user\'" - - local -a mysql_execute_cmd=("mysql_execute") - local -a mysql_execute_print_output_cmd=("mysql_execute_print_output") - if [[ -n "$db_host" && -n "$db_port" ]]; then - mysql_execute_cmd=("mysql_remote_execute" "$db_host" "$db_port") - mysql_execute_print_output_cmd=("mysql_remote_execute_print_output" "$db_host" "$db_port") - fi - - local mysql_create_user_cmd - [[ "$DB_FLAVOR" = "mariadb" ]] && mysql_create_user_cmd="create or replace user" || mysql_create_user_cmd="create user if not exists" - "${mysql_execute_cmd[@]}" "mysql" "$DB_ROOT_USER" "$DB_ROOT_PASSWORD" <=10.4, the mysql.user table was replaced with a view: https://mariadb.com/kb/en/mysqluser-table/ - # Views have a definer user, in this case set to 'root', which needs to exist for the view to work - # In MySQL, to avoid issues when renaming the root user, they use the 'mysql.sys' user as a definer: https://dev.mysql.com/doc/refman/5.7/en/sys-schema.html - # However, for MariaDB that is not the case, so when the 'root' user is renamed the 'mysql.user' table stops working and the view needs to be fixed - if [[ "$user" != "root" && ! "$(mysql_get_version)" =~ ^10.[0123]. ]]; then - alter_view_str="$(mysql_execute_print_output "mysql" "$user" "$password" "-s" <&2 - return 1 - ;; - esac - shift - done - - local -a mysql_execute_cmd=("mysql_execute") - [[ -n "$db_host" && -n "$db_port" ]] && mysql_execute_cmd=("mysql_remote_execute" "$db_host" "$db_port") - - local -a create_database_args=() - [[ -n "$character_set" ]] && create_database_args+=("character set = '${character_set}'") - [[ -n "$collate" ]] && create_database_args+=("collate = '${collate}'") - - debug "Creating database $database" - "${mysql_execute_cmd[@]}" "mysql" "$DB_ROOT_USER" "$DB_ROOT_PASSWORD" <&2 - return 1 - ;; - esac - shift - done - - local -a flags=("$user") - [[ -n "$db_host" ]] && flags+=("--host" "${db_host}") - [[ -n "$db_port" ]] && flags+=("--port" "${db_port}") - if is_boolean_yes "$use_ldap"; then - flags+=("--use-ldap") - elif [[ -n "$password" ]]; then - flags+=("-p" "$password") - [[ -n "$auth_plugin" ]] && flags=("${flags[@]}" "--auth-plugin" "$auth_plugin") - fi - mysql_ensure_user_exists "${flags[@]}" -} - -######################## -# Optionally create the given database, and then optionally give a user -# full privileges on the database. -# Flags: -# -u|--user - database user -# --character-set - character set -# --collation - collation -# --host - database host -# --port - database port -# Arguments: -# $1 - database name -# Returns: -# None -######################### -mysql_ensure_optional_database_exists() { - local -r database="${1:?database is missing}" - local character_set="" - local collate="" - local user="" - local privileges="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - --character-set) - shift - character_set="${1:?missing character set}" - ;; - --collate) - shift - collate="${1:?missing collate}" - ;; - -u|--user) - shift - user="${1:?missing database user}" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - --privileges) - shift - privileges="${1:?missing privileges}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - local -a flags=("$database") - [[ -n "$character_set" ]] && flags+=("--character-set" "$character_set") - [[ -n "$collate" ]] && flags+=("--collate" "$collate") - [[ -n "$db_host" ]] && flags+=("--host" "$db_host") - [[ -n "$db_port" ]] && flags+=("--port" "$db_port") - mysql_ensure_database_exists "${flags[@]}" - - if [[ -n "$user" ]]; then - mysql_ensure_user_has_database_privileges "$user" "$database" "$privileges" "$db_host" "$db_port" - fi -} - -######################## -# Add or modify an entry in the MySQL configuration file ("$DB_CONF_FILE") -# Globals: -# DB_* -# Arguments: -# $1 - MySQL variable name -# $2 - Value to assign to the MySQL variable -# $3 - Section in the MySQL configuration file the key is located (default: mysqld) -# $4 - Configuration file (default: "$BD_CONF_FILE") -# Returns: -# None -######################### -mysql_conf_set() { - local -r key="${1:?key missing}" - local -r value="${2:?value missing}" - read -r -a sections <<<"${3:-mysqld}" - local -r ignore_inline_comments="${4:-no}" - local -r file="${5:-"$DB_CONF_FILE"}" - info "Setting ${key} option" - debug "Setting ${key} to '${value}' in ${DB_FLAVOR} configuration file ${file}" - # Check if the configuration exists in the file - for section in "${sections[@]}"; do - if is_boolean_yes "$ignore_inline_comments"; then - ini-file set --ignore-inline-comments --section "$section" --key "$key" --value "$value" "$file" - else - ini-file set --section "$section" --key "$key" --value "$value" "$file" - fi - done -} - -######################## -# Update MySQL/MariaDB configuration file with user custom inputs -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_update_custom_config() { - # Persisted configuration files from old versions - ! is_dir_empty "$DB_VOLUME_DIR" && [[ -d "$DB_VOLUME_DIR/conf" ]] && mysql_migrate_old_configuration - - # User injected custom configuration - if [[ -f "$DB_CONF_DIR/my_custom.cnf" ]]; then - debug "Injecting custom configuration from my_custom.conf" - cat "$DB_CONF_DIR/my_custom.cnf" > "$DB_CONF_DIR/bitnami/my_custom.cnf" - fi - - ! is_empty_value "$DB_USER" && mysql_conf_set "user" "$DB_USER" "mysqladmin" - ! is_empty_value "$DB_PORT_NUMBER" && mysql_conf_set "port" "$DB_PORT_NUMBER" "mysqld client manager" - ! is_empty_value "$DB_CHARACTER_SET" && mysql_conf_set "character_set_server" "$DB_CHARACTER_SET" - ! is_empty_value "$DB_COLLATE" && mysql_conf_set "collation_server" "$DB_COLLATE" - ! is_empty_value "$DB_BIND_ADDRESS" && mysql_conf_set "bind_address" "$DB_BIND_ADDRESS" - ! is_empty_value "$DB_AUTHENTICATION_PLUGIN" && mysql_conf_set "default_authentication_plugin" "$DB_AUTHENTICATION_PLUGIN" - ! is_empty_value "$DB_SQL_MODE" && mysql_conf_set "sql_mode" "$DB_SQL_MODE" - ! is_empty_value "$DB_ENABLE_SLOW_QUERY" && mysql_conf_set "slow_query_log" "$DB_ENABLE_SLOW_QUERY" - ! is_empty_value "$DB_LONG_QUERY_TIME" && mysql_conf_set "long_query_time" "$DB_LONG_QUERY_TIME" - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Find the path to the libjemalloc library file -# Globals: -# None -# Arguments: -# None -# Returns: -# Path to a libjemalloc shared object file -######################### -find_jemalloc_lib() { - local -a locations=( "/usr/lib" "/usr/lib64" ) - local -r pattern='libjemalloc.so.[0-9]' - local path - for dir in "${locations[@]}"; do - # Find the first element matching the pattern and quit - [[ ! -d "$dir" ]] && continue - path="$(find "$dir" -name "$pattern" -print -quit)" - [[ -n "$path" ]] && break - done - echo "${path:-}" -} - -######################## -# Execute a reliable health check against the current mysql instance -# Globals: -# DB_ROOT_PASSWORD, DB_MASTER_ROOT_PASSWORD -# Arguments: -# None -# Returns: -# mysqladmin output -######################### -mysql_healthcheck() { - local args=("-uroot" "-h0.0.0.0") - local root_password - - root_password="$(get_master_env_var_value ROOT_PASSWORD)" - if [[ -n "$root_password" ]]; then - args+=("-p${root_password}") - fi - - mysqladmin "${args[@]}" ping && mysqladmin "${args[@]}" status -} - -######################## -# Prints flavor of 'mysql' client (useful to determine proper CLI flags that can be used) -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# mysql client flavor -######################### -mysql_client_flavor() { - if "${DB_BIN_DIR}/mysql" "--version" 2>&1 | grep -q MariaDB; then - echo "mariadb" - else - echo "mysql" - fi -} - -######################## -# Prints extra options for MySQL client calls (i.e. SSL options) -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# List of options to pass to "mysql" CLI -######################### -mysql_client_extra_opts() { - # Helper to get the proper value for the MySQL client environment variable - mysql_client_env_value() { - local env_name="MYSQL_CLIENT_${1:?missing name}" - if [[ -n "${!env_name:-}" ]]; then - echo "${!env_name:-}" - else - env_name="DB_CLIENT_${1}" - echo "${!env_name:-}" - fi - } - local -a opts=() - local key value - if is_boolean_yes "${DB_ENABLE_SSL:-no}"; then - if [[ "$(mysql_client_flavor)" = "mysql" ]]; then - opts+=("--ssl-mode=REQUIRED") - else - opts+=("--ssl=TRUE") - fi - # Add "--ssl-ca", "--ssl-key" and "--ssl-cert" options if the env vars are defined - for key in ca key cert; do - value="$(mysql_client_env_value "SSL_${key^^}_FILE")" - [[ -n "${value}" ]] && opts+=("--ssl-${key}=${value}") - done - fi - echo "${opts[@]:-}" -} diff --git a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/libphp.sh b/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/libphp.sh deleted file mode 100644 index a107519847f5..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/libphp.sh +++ /dev/null @@ -1,260 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami PHP library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libwebserver.sh - -######################## -# Add or modify an entry in the main PHP configuration file (php.ini) -# Globals: -# PHP_CONF_FILE -# Arguments: -# $1 - Key -# $2 - Value -# $3 - File to modify (default: $PHP_CONF_FILE) -# Returns: -# None -######################### -php_conf_set() { - local -r key="${1:?key missing}" - local -r value="${2:?value missing}" - local -r file="${3:-"$PHP_CONF_FILE"}" - local pattern="^[; ]*${key}\s*=.*$" - if [[ "$key" = "extension" || "$key" = "zend_extension" ]]; then - # The "extension" property works a bit different for PHP, as there is one per module to be included, meaning it is additive unlike other configurations - # Because of that, we first check if the extension was defined in the file to replace the proper entry - pattern="^[; ]*${key}\s*=\s*[\"]?${value}(\.so)?[\"]?\s*$" - fi - local -r entry="${key} = ${value}" - if is_file_writable "$file"; then - # Not using the ini-file tool since it does not play well with php.ini - if grep -q -E "$pattern" "$file"; then - replace_in_file "$file" "$pattern" "$entry" - else - cat >> "$file" <<< "$entry" - fi - else - warn "The PHP configuration file '${file}' is not writable. The '${key}' option will not be configured." - fi -} - -######################## -# Ensure PHP is initialized -# Globals: -# PHP_* -# Arguments: -# None -# Returns: -# None -######################### -php_initialize() { - # Configure PHP options based on the runtime environment - info "Configuring PHP options" - php_set_runtime_config "$PHP_CONF_FILE" - - # PHP-FPM configuration - ! is_empty_value "$PHP_FPM_LISTEN_ADDRESS" && info "Setting PHP-FPM listen option" && php_conf_set "listen" "$PHP_FPM_LISTEN_ADDRESS" "${PHP_CONF_DIR}/php-fpm.d/www.conf" - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Set PHP runtime options, based on user-provided environment variables -# Globals: -# PHP_* -# Arguments: -# None -# Returns: -# None -######################### -php_set_runtime_config() { - local -r conf_file="${1:?missing conf file}" - - ! is_empty_value "$PHP_DATE_TIMEZONE" && info "Setting PHP date.timezone option" && php_conf_set date.timezone "$PHP_DATE_TIMEZONE" "$conf_file" - ! is_empty_value "$PHP_ENABLE_OPCACHE" && info "Setting PHP opcache.enable option" && php_conf_set opcache.enable "$PHP_ENABLE_OPCACHE" "$conf_file" - ! is_empty_value "$PHP_EXPOSE_PHP" && info "Setting PHP expose_php option" && php_conf_set expose_php "$PHP_EXPOSE_PHP" "$conf_file" - ! is_empty_value "$PHP_MAX_EXECUTION_TIME" && info "Setting PHP max_execution_time option" && php_conf_set max_execution_time "$PHP_MAX_EXECUTION_TIME" "$conf_file" - ! is_empty_value "$PHP_MAX_INPUT_TIME" && info "Setting PHP max_input_time option" && php_conf_set max_input_time "$PHP_MAX_INPUT_TIME" "$conf_file" - ! is_empty_value "$PHP_MAX_INPUT_VARS" && info "Setting PHP max_input_vars option" && php_conf_set max_input_vars "$PHP_MAX_INPUT_VARS" "$conf_file" - ! is_empty_value "$PHP_MEMORY_LIMIT" && info "Setting PHP memory_limit option" && php_conf_set memory_limit "$PHP_MEMORY_LIMIT" "$conf_file" - ! is_empty_value "$PHP_POST_MAX_SIZE" && info "Setting PHP post_max_size option" && php_conf_set post_max_size "$PHP_POST_MAX_SIZE" "$conf_file" - ! is_empty_value "$PHP_UPLOAD_MAX_FILESIZE" && info "Setting PHP upload_max_filesize option" && php_conf_set upload_max_filesize "$PHP_UPLOAD_MAX_FILESIZE" "$conf_file" - ! is_empty_value "$PHP_OUTPUT_BUFFERING" && info "Setting PHP output_buffering option" && php_conf_set output_buffering "$PHP_OUTPUT_BUFFERING" "$conf_file" - - true -} - -######################## -# Convert a yes/no value to a PHP boolean -# Globals: -# None -# Arguments: -# $1 - yes/no value -# Returns: -# None -######################### -php_convert_to_boolean() { - local -r value="${1:?missing value}" - is_boolean_yes "$value" && echo "true" || echo "false" -} - -######################## -# Execute/run PHP code and print to stdout -# Globals: -# None -# Stdin: -# Code to execute -# Arguments: -# $1..$n - Input arguments to script -# Returns: -# None -######################### -php_execute_print_output() { - local php_cmd - # Obtain the command specified via stdin - php_cmd="$(/dev/null - wait - exit $? -} -trap _forwardTerm TERM - -# Start cron -if am_i_root; then - info "** Starting cron **" - if ! cron_start; then - error "Failed to start cron. Check that it is installed and its configuration is correct." - exit 1 - fi -else - warn "Cron will not be started because of running as a non-root user" -fi - -# Start Apache -if [[ -f "/opt/bitnami/scripts/nginx-php-fpm/run.sh" ]]; then - exec "/opt/bitnami/scripts/nginx-php-fpm/run.sh" -else - exec "/opt/bitnami/scripts/$(web_server_type)/run.sh" -fi diff --git a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/matomo/setup.sh b/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/matomo/setup.sh deleted file mode 100755 index c8ba88c8d43e..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/matomo/setup.sh +++ /dev/null @@ -1,40 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load Matomo environment -. /opt/bitnami/scripts/matomo-env.sh - -# Load MySQL Client environment for 'mysql_remote_execute' (after 'matomo-env.sh' so that MODULE is not set to a wrong value) -if [[ -f /opt/bitnami/scripts/mysql-client-env.sh ]]; then - . /opt/bitnami/scripts/mysql-client-env.sh -elif [[ -f /opt/bitnami/scripts/mysql-env.sh ]]; then - . /opt/bitnami/scripts/mysql-env.sh -elif [[ -f /opt/bitnami/scripts/mariadb-env.sh ]]; then - . /opt/bitnami/scripts/mariadb-env.sh -fi - -# Load libraries -. /opt/bitnami/scripts/libmatomo.sh -. /opt/bitnami/scripts/libwebserver.sh - -# Load web server environment and functions (after Matomo environment file so MODULE is not set to a wrong value) -. "/opt/bitnami/scripts/$(web_server_type)-env.sh" -# Load PHP environment for cron configuration (after 'matomo-env.sh' so that MODULE is not set to a wrong value) -. /opt/bitnami/scripts/php-env.sh - -# Ensure Matomo environment variables are valid -matomo_validate - -# Update web server configuration with runtime environment (needs to happen before the initialization) -web_server_update_app_configuration "matomo" - -# Ensure Matomo is initialized -matomo_initialize diff --git a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/mysql-client-env.sh b/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/mysql-client-env.sh deleted file mode 100644 index 5220ed4ea36d..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/mysql-client-env.sh +++ /dev/null @@ -1,128 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for mysql - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-mysql}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -mysql_env_vars=( - MYSQL_CLIENT_FLAVOR - ALLOW_EMPTY_PASSWORD - MYSQL_CLIENT_DATABASE_AUTHENTICATION_PLUGIN - MYSQL_CLIENT_DATABASE_HOST - MYSQL_CLIENT_DATABASE_PORT_NUMBER - MYSQL_CLIENT_DATABASE_ROOT_USER - MYSQL_CLIENT_DATABASE_ROOT_PASSWORD - MYSQL_CLIENT_CREATE_DATABASE_NAME - MYSQL_CLIENT_CREATE_DATABASE_USER - MYSQL_CLIENT_CREATE_DATABASE_PASSWORD - MYSQL_CLIENT_CREATE_DATABASE_CHARACTER_SET - MYSQL_CLIENT_CREATE_DATABASE_COLLATE - MYSQL_CLIENT_CREATE_DATABASE_PRIVILEGES - MYSQL_CLIENT_ENABLE_SSL_WRAPPER - MYSQL_CLIENT_ENABLE_SSL - MYSQL_CLIENT_SSL_CA_FILE - MYSQL_CLIENT_SSL_CERT_FILE - MYSQL_CLIENT_SSL_KEY_FILE - MYSQL_CLIENT_EXTRA_FLAGS - MARIADB_AUTHENTICATION_PLUGIN - MARIADB_HOST - MARIADB_PORT_NUMBER - MARIADB_ROOT_USER - MARIADB_ROOT_PASSWORD -) -for env_var in "${mysql_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset mysql_env_vars -export MYSQL_CLIENT_FLAVOR="${MYSQL_CLIENT_FLAVOR:-mariadb}" -export DB_FLAVOR="$MYSQL_CLIENT_FLAVOR" - -# Paths -export DB_BASE_DIR="${BITNAMI_ROOT_DIR}/mysql" -export DB_VOLUME_DIR="${BITNAMI_VOLUME_DIR}/mysql" -export DB_DATA_DIR="${DB_VOLUME_DIR}/data" -export DB_BIN_DIR="${DB_BASE_DIR}/bin" -export DB_SBIN_DIR="${DB_BASE_DIR}/bin" -export DB_CONF_DIR="${DB_BASE_DIR}/conf" -export DB_DEFAULT_CONF_DIR="${DB_BASE_DIR}/conf.default" -export DB_LOGS_DIR="${DB_BASE_DIR}/logs" -export DB_TMP_DIR="${DB_BASE_DIR}/tmp" -export DB_CONF_FILE="${DB_CONF_DIR}/my.cnf" -export DB_PID_FILE="${DB_TMP_DIR}/mysqld.pid" -export DB_SOCKET_FILE="${DB_TMP_DIR}/mysql.sock" -export PATH="${DB_SBIN_DIR}:${DB_BIN_DIR}:/opt/bitnami/common/bin:${PATH}" - -# System users (when running with a privileged user) -export DB_DAEMON_USER="mysql" -export DB_DAEMON_GROUP="mysql" - -# MySQL client configuration -export ALLOW_EMPTY_PASSWORD="${ALLOW_EMPTY_PASSWORD:-no}" -MYSQL_CLIENT_DATABASE_AUTHENTICATION_PLUGIN="${MYSQL_CLIENT_DATABASE_AUTHENTICATION_PLUGIN:-"${MARIADB_AUTHENTICATION_PLUGIN:-}"}" -export MYSQL_CLIENT_DATABASE_AUTHENTICATION_PLUGIN="${MYSQL_CLIENT_DATABASE_AUTHENTICATION_PLUGIN:-}" -export DB_AUTHENTICATION_PLUGIN="$MYSQL_CLIENT_DATABASE_AUTHENTICATION_PLUGIN" -MYSQL_CLIENT_DATABASE_HOST="${MYSQL_CLIENT_DATABASE_HOST:-"${MARIADB_HOST:-}"}" -export MYSQL_CLIENT_DATABASE_HOST="${MYSQL_CLIENT_DATABASE_HOST:-mariadb}" -export DB_HOST="$MYSQL_CLIENT_DATABASE_HOST" -MYSQL_CLIENT_DATABASE_PORT_NUMBER="${MYSQL_CLIENT_DATABASE_PORT_NUMBER:-"${MARIADB_PORT_NUMBER:-}"}" -export MYSQL_CLIENT_DATABASE_PORT_NUMBER="${MYSQL_CLIENT_DATABASE_PORT_NUMBER:-3306}" -export DB_PORT_NUMBER="$MYSQL_CLIENT_DATABASE_PORT_NUMBER" -MYSQL_CLIENT_DATABASE_ROOT_USER="${MYSQL_CLIENT_DATABASE_ROOT_USER:-"${MARIADB_ROOT_USER:-}"}" -export MYSQL_CLIENT_DATABASE_ROOT_USER="${MYSQL_CLIENT_DATABASE_ROOT_USER:-root}" -export DB_ROOT_USER="$MYSQL_CLIENT_DATABASE_ROOT_USER" # only used during the first initialization -MYSQL_CLIENT_DATABASE_ROOT_PASSWORD="${MYSQL_CLIENT_DATABASE_ROOT_PASSWORD:-"${MARIADB_ROOT_PASSWORD:-}"}" -export MYSQL_CLIENT_DATABASE_ROOT_PASSWORD="${MYSQL_CLIENT_DATABASE_ROOT_PASSWORD:-}" -export DB_ROOT_PASSWORD="$MYSQL_CLIENT_DATABASE_ROOT_PASSWORD" # only used during the first initialization -export MYSQL_CLIENT_CREATE_DATABASE_NAME="${MYSQL_CLIENT_CREATE_DATABASE_NAME:-}" -export DB_CREATE_DATABASE_NAME="$MYSQL_CLIENT_CREATE_DATABASE_NAME" # only used during the first initialization -export MYSQL_CLIENT_CREATE_DATABASE_USER="${MYSQL_CLIENT_CREATE_DATABASE_USER:-}" -export DB_CREATE_DATABASE_USER="$MYSQL_CLIENT_CREATE_DATABASE_USER" -export MYSQL_CLIENT_CREATE_DATABASE_PASSWORD="${MYSQL_CLIENT_CREATE_DATABASE_PASSWORD:-}" -export DB_CREATE_DATABASE_PASSWORD="$MYSQL_CLIENT_CREATE_DATABASE_PASSWORD" -export MYSQL_CLIENT_CREATE_DATABASE_CHARACTER_SET="${MYSQL_CLIENT_CREATE_DATABASE_CHARACTER_SET:-}" -export DB_CREATE_DATABASE_CHARACTER_SET="$MYSQL_CLIENT_CREATE_DATABASE_CHARACTER_SET" -export MYSQL_CLIENT_CREATE_DATABASE_COLLATE="${MYSQL_CLIENT_CREATE_DATABASE_COLLATE:-}" -export DB_CREATE_DATABASE_COLLATE="$MYSQL_CLIENT_CREATE_DATABASE_COLLATE" -export MYSQL_CLIENT_CREATE_DATABASE_PRIVILEGES="${MYSQL_CLIENT_CREATE_DATABASE_PRIVILEGES:-}" -export DB_CREATE_DATABASE_PRIVILEGES="$MYSQL_CLIENT_CREATE_DATABASE_PRIVILEGES" -export MYSQL_CLIENT_ENABLE_SSL_WRAPPER="${MYSQL_CLIENT_ENABLE_SSL_WRAPPER:-no}" -export DB_ENABLE_SSL_WRAPPER="$MYSQL_CLIENT_ENABLE_SSL_WRAPPER" -export MYSQL_CLIENT_ENABLE_SSL="${MYSQL_CLIENT_ENABLE_SSL:-no}" -export DB_ENABLE_SSL="$MYSQL_CLIENT_ENABLE_SSL" -export MYSQL_CLIENT_SSL_CA_FILE="${MYSQL_CLIENT_SSL_CA_FILE:-}" -export DB_SSL_CA_FILE="$MYSQL_CLIENT_SSL_CA_FILE" -export MYSQL_CLIENT_SSL_CERT_FILE="${MYSQL_CLIENT_SSL_CERT_FILE:-}" -export DB_SSL_CERT_FILE="$MYSQL_CLIENT_SSL_CERT_FILE" -export MYSQL_CLIENT_SSL_KEY_FILE="${MYSQL_CLIENT_SSL_KEY_FILE:-}" -export DB_SSL_KEY_FILE="$MYSQL_CLIENT_SSL_KEY_FILE" -export MYSQL_CLIENT_EXTRA_FLAGS="${MYSQL_CLIENT_EXTRA_FLAGS:-no}" -export DB_EXTRA_FLAGS="$MYSQL_CLIENT_EXTRA_FLAGS" - -# Custom environment variables may be defined below diff --git a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/mysql-client/postunpack.sh b/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/mysql-client/postunpack.sh deleted file mode 100755 index 79ec6ad52f2d..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/mysql-client/postunpack.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh - -# Load MySQL Client environment variables -. /opt/bitnami/scripts/mysql-client-env.sh - -for dir in "$DB_BIN_DIR" "${DB_BASE_DIR}/.bin"; do - ensure_dir_exists "$dir" - chmod g+rwX "$dir" -done diff --git a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/mysql-client/setup.sh b/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/mysql-client/setup.sh deleted file mode 100755 index 13a2e13861ab..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/mysql-client/setup.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libmysqlclient.sh - -# Load MySQL Client environment variables -. /opt/bitnami/scripts/mysql-client-env.sh - -# Ensure MySQL Client environment variables settings are valid -mysql_client_validate -# Ensure MySQL Client is initialized -mysql_client_initialize diff --git a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/php-env.sh b/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/php-env.sh deleted file mode 100644 index 97043106ecb5..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/php-env.sh +++ /dev/null @@ -1,90 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for php - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-php}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -php_env_vars=( - PHP_FPM_LISTEN_ADDRESS - PHP_DATE_TIMEZONE - PHP_ENABLE_OPCACHE - PHP_MAX_EXECUTION_TIME - PHP_MAX_INPUT_TIME - PHP_MAX_INPUT_VARS - PHP_MEMORY_LIMIT - PHP_POST_MAX_SIZE - PHP_UPLOAD_MAX_FILESIZE - PHP_OPCACHE_ENABLED -) -for env_var in "${php_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset php_env_vars - -# Paths -export PHP_BASE_DIR="${BITNAMI_ROOT_DIR}/php" -export PHP_BIN_DIR="${PHP_BASE_DIR}/bin" -export PHP_CONF_DIR="${PHP_BASE_DIR}/etc" -export PHP_TMP_DIR="${PHP_BASE_DIR}/var/run" -export PHP_CONF_FILE="${PHP_CONF_DIR}/php.ini" - -# PHP default build-time configuration -export PHP_DEFAULT_OPCACHE_INTERNED_STRINGS_BUFFER="16" # only used at build time -export PHP_DEFAULT_OPCACHE_MEMORY_CONSUMPTION="192" # only used at build time -export PHP_DEFAULT_OPCACHE_FILE_CACHE="${PHP_TMP_DIR}/opcache_file" # only used at build time - -# PHP-FPM configuration -export PHP_FPM_SBIN_DIR="${PHP_BASE_DIR}/sbin" -export PHP_FPM_LOGS_DIR="${PHP_BASE_DIR}/logs" -export PHP_FPM_LOG_FILE="${PHP_FPM_LOGS_DIR}/php-fpm.log" -export PHP_FPM_CONF_FILE="${PHP_CONF_DIR}/php-fpm.conf" -export PHP_FPM_PID_FILE="${PHP_TMP_DIR}/php-fpm.pid" -export PHP_FPM_DEFAULT_LISTEN_ADDRESS="${PHP_TMP_DIR}/www.sock" # only used at build time -export PHP_FPM_LISTEN_ADDRESS="${PHP_FPM_LISTEN_ADDRESS:-}" -export PATH="${PHP_FPM_SBIN_DIR}:${PHP_BIN_DIR}:${BITNAMI_ROOT_DIR}/common/bin:${PATH}" - -# System users (when running with a privileged user) -export PHP_FPM_DAEMON_USER="daemon" -export PHP_FPM_DAEMON_GROUP="daemon" - -# PHP configuration -export PHP_DATE_TIMEZONE="${PHP_DATE_TIMEZONE:-}" -PHP_ENABLE_OPCACHE="${PHP_ENABLE_OPCACHE:-"${PHP_OPCACHE_ENABLED:-}"}" -export PHP_ENABLE_OPCACHE="${PHP_ENABLE_OPCACHE:-}" -export PHP_EXPOSE_PHP="0" -export PHP_MAX_EXECUTION_TIME="${PHP_MAX_EXECUTION_TIME:-}" -export PHP_MAX_INPUT_TIME="${PHP_MAX_INPUT_TIME:-}" -export PHP_MAX_INPUT_VARS="${PHP_MAX_INPUT_VARS:-}" -export PHP_MEMORY_LIMIT="${PHP_MEMORY_LIMIT:-}" -export PHP_POST_MAX_SIZE="${PHP_POST_MAX_SIZE:-}" -export PHP_UPLOAD_MAX_FILESIZE="${PHP_UPLOAD_MAX_FILESIZE:-}" -export PHP_OUTPUT_BUFFERING="8196" - -# Custom environment variables may be defined below diff --git a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/php/postunpack.sh b/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/php/postunpack.sh deleted file mode 100755 index 9a8b9fe2bcd9..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/php/postunpack.sh +++ /dev/null @@ -1,43 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libphp.sh -. /opt/bitnami/scripts/libfs.sh - -# Load PHP-FPM environment variables -. /opt/bitnami/scripts/php-env.sh - -# PHP OPcache optimizations -php_conf_set "opcache.interned_strings_buffer" "$PHP_DEFAULT_OPCACHE_INTERNED_STRINGS_BUFFER" -php_conf_set "opcache.memory_consumption" "$PHP_DEFAULT_OPCACHE_MEMORY_CONSUMPTION" -php_conf_set "opcache.file_cache" "$PHP_DEFAULT_OPCACHE_FILE_CACHE" - -# PHP-FPM configuration -php_conf_set "listen" "$PHP_FPM_DEFAULT_LISTEN_ADDRESS" "${PHP_CONF_DIR}/php-fpm.d/www.conf" - -# TMP dir configuration -php_conf_set "upload_tmp_dir" "${PHP_BASE_DIR}/tmp" -php_conf_set "session.save_path" "${PHP_TMP_DIR}/session" - -# Ensure directories used by PHP-FPM exist and have proper ownership and permissions -for dir in "$PHP_CONF_DIR" "${PHP_BASE_DIR}/tmp" "$PHP_TMP_DIR" "$PHP_FPM_LOGS_DIR" "${PHP_TMP_DIR}/session"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" -done - -info "Disabling PHP-FPM daemon user/group configuration" -mv "${PHP_CONF_DIR}/common.conf" "${PHP_CONF_DIR}/common.conf.disabled" -touch "${PHP_CONF_DIR}/common.conf" - -# Log to stdout/stderr for easy debugging -ln -sf "/dev/stdout" "$PHP_FPM_LOG_FILE" -php_conf_set "error_log" "/dev/stderr" diff --git a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/php/reload.sh b/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/php/reload.sh deleted file mode 100755 index 4721f1b41abd..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/php/reload.sh +++ /dev/null @@ -1,37 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libphp.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libwebserver.sh - -# Load PHP-FPM environment -. /opt/bitnami/scripts/php-env.sh - -# Load web server environment and functions -. "/opt/bitnami/scripts/$(web_server_type)-env.sh" - -error_code=0 - -if is_php_fpm_enabled; then - if is_php_fpm_not_running; then - error "php-fpm is not running" - error_code=1 - else - info "** Reloading PHP-FPM configuration **" - php_fpm_reload - fi -else - web_server_reload -fi - -exit "$error_code" diff --git a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/php/restart.sh b/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/php/restart.sh deleted file mode 100755 index 14587e2006d7..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/php/restart.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libphp.sh - -# Load PHP-FPM environment variables -. /opt/bitnami/scripts/php-env.sh - -/opt/bitnami/scripts/php/stop.sh -/opt/bitnami/scripts/php/start.sh diff --git a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/php/run.sh b/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/php/run.sh deleted file mode 100755 index f8fe567bef51..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/php/run.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libphp.sh -. /opt/bitnami/scripts/liblog.sh - -# Load PHP-FPM environment variables -. /opt/bitnami/scripts/php-env.sh - -info "** Starting PHP-FPM **" -declare -a args=("--pid" "$PHP_FPM_PID_FILE" "--fpm-config" "$PHP_FPM_CONF_FILE" "-c" "$PHP_CONF_DIR" "-F") -exec "${PHP_FPM_SBIN_DIR}/php-fpm" "${args[@]}" diff --git a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/php/setup.sh b/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/php/setup.sh deleted file mode 100755 index 7cb7d21fc5a3..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/php/setup.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libphp.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh - -# Load PHP-FPM environment variables -. /opt/bitnami/scripts/php-env.sh - -# Ensure PHP-FPM daemon user exists and required folder belongs to this user when running as 'root' -if am_i_root; then - ensure_user_exists "$PHP_FPM_DAEMON_USER" --group "$PHP_FPM_DAEMON_GROUP" - ensure_dir_exists "$PHP_TMP_DIR" - chown -R "${PHP_FPM_DAEMON_USER}:${PHP_FPM_DAEMON_GROUP}" "$PHP_TMP_DIR" - # Enable daemon configuration - if [[ ! -f "${PHP_CONF_DIR}/common.conf" ]]; then - cp "${PHP_CONF_DIR}/common.conf.disabled" "${PHP_CONF_DIR}/common.conf" - fi -fi - -php_initialize - -# Fix logging issue when running as root -! am_i_root || chmod o+w "$(readlink /dev/stdout)" "$(readlink /dev/stderr)" diff --git a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/php/start.sh b/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/php/start.sh deleted file mode 100755 index bb9dfd15fc86..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/php/start.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libphp.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh - -# Load PHP-FPM environment variables -. /opt/bitnami/scripts/php-env.sh - -error_code=0 - -if is_php_fpm_not_running; then - nohup /opt/bitnami/scripts/php/run.sh >/dev/null 2>&1 & - if ! retry_while "is_php_fpm_running"; then - error "php-fpm did not start" - error_code=1 - else - info "php-fpm started" - fi -else - info "php-fpm is already running" -fi - -exit "$error_code" diff --git a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/php/status.sh b/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/php/status.sh deleted file mode 100755 index fcb71cf40410..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/php/status.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libphp.sh -. /opt/bitnami/scripts/liblog.sh - -# Load PHP-FPM environment variables -. /opt/bitnami/scripts/php-env.sh - -if is_php_fpm_running; then - info "php-fpm is already running" -else - info "php-fpm is not running" -fi diff --git a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/php/stop.sh b/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/php/stop.sh deleted file mode 100755 index 153f256030eb..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/opt/bitnami/scripts/php/stop.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libphp.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh - -# Load PHP-FPM environment variables -. /opt/bitnami/scripts/php-env.sh - -error_code=0 - -if is_php_fpm_running; then - BITNAMI_QUIET=1 php_fpm_stop - if ! retry_while "is_php_fpm_not_running"; then - error "php-fpm could not be stopped" - error_code=1 - else - info "php-fpm stopped" - fi -else - info "php-fpm is not running" -fi - -exit "$error_code" diff --git a/bitnami/matomo/5/debian-11/rootfs/post-init.d/php.sh b/bitnami/matomo/5/debian-11/rootfs/post-init.d/php.sh deleted file mode 100755 index 75fbeb8b58bc..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/post-init.d/php.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Executes custom PHP init scripts - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries with logging functions -if [[ -f /opt/bitnami/base/functions ]]; then - . /opt/bitnami/base/functions -else - . /opt/bitnami/scripts/liblog.sh -fi - -# Loop through all input files passed via stdin -read -r -a custom_init_scripts <<< "$@" -failure=0 -if [[ "${#custom_init_scripts[@]}" -gt 0 ]]; then - for custom_init_script in "${custom_init_scripts[@]}"; do - [[ "$custom_init_script" != *".php" ]] && continue - info "Executing ${custom_init_script} with PHP interpreter" - php "$custom_init_script" || failure=1 - [[ "$failure" -ne 0 ]] && error "Failed to execute ${custom_init_script}" - done -fi - -exit "$failure" diff --git a/bitnami/matomo/5/debian-11/rootfs/post-init.d/shell.sh b/bitnami/matomo/5/debian-11/rootfs/post-init.d/shell.sh deleted file mode 100755 index 15ec2defbee7..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/post-init.d/shell.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Executes custom Bash init scripts - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries with logging functions -if [[ -f /opt/bitnami/base/functions ]]; then - . /opt/bitnami/base/functions -else - . /opt/bitnami/scripts/liblog.sh -fi - -# Loop through all input files passed via stdin -read -r -a custom_init_scripts <<< "$@" -failure=0 -if [[ "${#custom_init_scripts[@]}" -gt 0 ]]; then - for custom_init_script in "${custom_init_scripts[@]}"; do - [[ "$custom_init_script" != *".sh" ]] && continue - if [[ -x "$custom_init_script" ]]; then - info "Executing ${custom_init_script}" - "$custom_init_script" || failure="1" - else - info "Sourcing ${custom_init_script} as it is not executable by the current user, any error may cause initialization to fail" - . "$custom_init_script" - fi - [[ "$failure" -ne 0 ]] && error "Failed to execute ${custom_init_script}" - done -fi - -exit "$failure" diff --git a/bitnami/matomo/5/debian-11/rootfs/post-init.d/sql-mysql.sh b/bitnami/matomo/5/debian-11/rootfs/post-init.d/sql-mysql.sh deleted file mode 100755 index 3618812a8335..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/post-init.d/sql-mysql.sh +++ /dev/null @@ -1,48 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Executes custom MySQL (.sql or .sql.gz) init scripts - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries with logging functions -if [[ -f /opt/bitnami/base/functions ]]; then - . /opt/bitnami/base/functions -else - . /opt/bitnami/scripts/liblog.sh -fi - -mysql_execute() { - local -r sql_file="${1:?missing file}" - local failure=0 - mysql_cmd=("mysql" "-h" "$MARIADB_HOST" "-P" "$MARIADB_PORT_NUMBER" "-u" "$MARIADB_ROOT_USER") - if [[ "${ALLOW_EMPTY_PASSWORD:-no}" != "yes" ]]; then - mysql_cmd+=("-p${MARIADB_ROOT_PASSWORD}") - fi - if [[ "$sql_file" == *".sql" ]]; then - "${mysql_cmd[@]}" < "$sql_file" || failure=$? - elif [[ "$sql_file" == *".sql.gz" ]]; then - gunzip -c "$sql_file" | "${mysql_cmd[@]}" || failure=$? - fi - return "$failure" -} - -# Loop through all input files passed via stdin -read -r -a custom_init_scripts <<< "$@" -failure=0 -if [[ "${#custom_init_scripts[@]}" -gt 0 ]]; then - for custom_init_script in "${custom_init_scripts[@]}"; do - [[ ! "$custom_init_script" =~ ^.*(\.sql|\.sql\.gz)$ ]] && continue - info "Executing ${custom_init_script}" - mysql_execute "$custom_init_script" || failure=1 - [[ "$failure" -ne 0 ]] && error "Failed to execute ${custom_init_script}" - done -fi - -exit "$failure" diff --git a/bitnami/matomo/5/debian-11/rootfs/post-init.sh b/bitnami/matomo/5/debian-11/rootfs/post-init.sh deleted file mode 100755 index 67251273f7f6..000000000000 --- a/bitnami/matomo/5/debian-11/rootfs/post-init.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Only execute init scripts once -if [[ ! -f "/bitnami/matomo/.user_scripts_initialized" && -d "/docker-entrypoint-init.d" ]]; then - read -r -a init_scripts <<< "$(find "/docker-entrypoint-init.d" -type f -print0 | sort -z | xargs -0)" - if [[ "${#init_scripts[@]}" -gt 0 ]] && [[ ! -f "/bitnami/matomo/.user_scripts_initialized" ]]; then - mkdir -p "/bitnami/matomo" - for init_script in "${init_scripts[@]}"; do - for init_script_type_handler in /post-init.d/*.sh; do - "$init_script_type_handler" "$init_script" - done - done - fi - - touch "/bitnami/matomo/.user_scripts_initialized" -fi diff --git a/bitnami/matomo/5/debian-11/tags-info.yaml b/bitnami/matomo/5/debian-11/tags-info.yaml deleted file mode 100644 index 0cc5837fe8a2..000000000000 --- a/bitnami/matomo/5/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "5" -- 5-debian-11 -- 5.0.2 -- latest diff --git a/bitnami/mediawiki/1/debian-11/Dockerfile b/bitnami/mediawiki/1/debian-11/Dockerfile deleted file mode 100644 index d617ece21579..000000000000 --- a/bitnami/mediawiki/1/debian-11/Dockerfile +++ /dev/null @@ -1,67 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T13:48:08Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.41.0-debian-11-r19" \ - org.opencontainers.image.title="mediawiki" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="1.41.0" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages acl ca-certificates curl libaudit1 libbrotli1 libbsd0 libbz2-1.0 libcap-ng0 libcom-err2 libcrypt1 libcurl4 libexpat1 libffi7 libfftw3-double3 libfontconfig1 libfreetype6 libgcc-s1 libgcrypt20 libglib2.0-0 libgmp10 libgnutls30 libgomp1 libgpg-error0 libgssapi-krb5-2 libhogweed6 libicu67 libidn2-0 libjpeg62-turbo libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 liblcms2-2 libldap-2.4-2 liblqr-1-0 libltdl7 liblzma5 libmagickcore-6.q16-6 libmagickwand-6.q16-6 libmd0 libmemcached11 libncurses6 libnettle8 libnghttp2-14 libonig5 libp11-kit0 libpam0g libpcre2-8-0 libpcre3 libpng16-16 libpq5 libpsl5 libreadline8 librtmp1 libsasl2-2 libsodium23 libsqlite3-0 libssh2-1 libssl1.1 libstdc++6 libsybdb5 libtasn1-6 libtidy5deb1 libtinfo6 libunistring2 libuuid1 libwebp6 libx11-6 libxau6 libxcb1 libxdmcp6 libxext6 libxml2 libxslt1.1 libzip4 openssl procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "render-template-1.0.6-8-linux-${OS_ARCH}-debian-11" \ - "php-8.1.27-5-linux-${OS_ARCH}-debian-11" \ - "apache-2.4.58-6-linux-${OS_ARCH}-debian-11" \ - "mysql-client-11.2.3-0-linux-${OS_ARCH}-debian-11" \ - "libphp-8.1.27-2-linux-${OS_ARCH}-debian-11" \ - "mediawiki-1.41.0-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/apache/postunpack.sh -RUN /opt/bitnami/scripts/php/postunpack.sh -RUN /opt/bitnami/scripts/apache-modphp/postunpack.sh -RUN /opt/bitnami/scripts/mediawiki/postunpack.sh -RUN /opt/bitnami/scripts/mysql-client/postunpack.sh -ENV APACHE_HTTPS_PORT_NUMBER="" \ - APACHE_HTTP_PORT_NUMBER="" \ - APP_VERSION="1.41.0" \ - BITNAMI_APP_NAME="mediawiki" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/php/bin:/opt/bitnami/php/sbin:/opt/bitnami/apache/bin:/opt/bitnami/mysql/bin:$PATH" - -EXPOSE 8080 8443 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/mediawiki/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/apache/run.sh" ] diff --git a/bitnami/mediawiki/1/debian-11/docker-compose.yml b/bitnami/mediawiki/1/debian-11/docker-compose.yml deleted file mode 100644 index af970a67d4de..000000000000 --- a/bitnami/mediawiki/1/debian-11/docker-compose.yml +++ /dev/null @@ -1,35 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' -services: - mariadb: - image: docker.io/bitnami/mariadb:11.2 - environment: - # ALLOW_EMPTY_PASSWORD is recommended only for development. - - ALLOW_EMPTY_PASSWORD=yes - - MARIADB_USER=bn_mediawiki - - MARIADB_DATABASE=bitnami_mediawiki - volumes: - - 'mariadb_data:/bitnami/mariadb' - mediawiki: - image: docker.io/bitnami/mediawiki:1 - ports: - - '80:8080' - - '443:8443' - environment: - - MEDIAWIKI_DATABASE_HOST=mariadb - - MEDIAWIKI_DATABASE_PORT_NUMBER=3306 - - MEDIAWIKI_DATABASE_USER=bn_mediawiki - - MEDIAWIKI_DATABASE_NAME=bitnami_mediawiki - # ALLOW_EMPTY_PASSWORD is recommended only for development. - - ALLOW_EMPTY_PASSWORD=yes - volumes: - - 'mediawiki_data:/bitnami/mediawiki' - depends_on: - - mariadb -volumes: - mariadb_data: - driver: local - mediawiki_data: - driver: local diff --git a/bitnami/mediawiki/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/mediawiki/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 260dc3edbe8c..000000000000 --- a/bitnami/mediawiki/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,38 +0,0 @@ -{ - "apache": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.4.58-6" - }, - "libphp": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "8.1.27-2" - }, - "mediawiki": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.41.0-1" - }, - "mysql-client": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "11.2.3-0" - }, - "php": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "8.1.27-5" - }, - "render-template": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.6-8" - } -} \ No newline at end of file diff --git a/bitnami/mediawiki/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/mediawiki/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/mediawiki/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/mediawiki/1/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/mediawiki/1/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/mediawiki/1/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/mediawiki/1/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/mediawiki/1/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/mediawiki/1/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/mediawiki/1/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/mediawiki/1/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/mediawiki/1/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/mediawiki/1/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/mediawiki/1/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/mediawiki/1/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/mediawiki/1/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/mediawiki/1/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/mediawiki/1/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/mediawiki/1/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/mediawiki/1/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/mediawiki/1/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/mediawiki/1/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/mediawiki/1/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/mediawiki/1/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/mediawiki/1/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/mediawiki/1/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/mediawiki/1/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/mediawiki/1/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/mediawiki/1/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/mediawiki/1/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/mediawiki/1/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/mediawiki/1/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/mediawiki/1/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/mediawiki/1/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/mediawiki/1/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/mediawiki/1/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/mediawiki/1/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/mediawiki/1/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/mediawiki/1/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/mediawiki/1/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/mediawiki/1/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/mediawiki/1/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/apache/conf/deflate.conf b/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/apache/conf/deflate.conf deleted file mode 100644 index ca9bc1d6e4b6..000000000000 --- a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/apache/conf/deflate.conf +++ /dev/null @@ -1,5 +0,0 @@ - - AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css - AddOutputFilterByType DEFLATE application/x-javascript application/javascript application/ecmascript - AddOutputFilterByType DEFLATE application/rss+xml - diff --git a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/apache/conf/vhosts/00_status-vhost.conf b/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/apache/conf/vhosts/00_status-vhost.conf deleted file mode 100644 index c0838da2a4e5..000000000000 --- a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/apache/conf/vhosts/00_status-vhost.conf +++ /dev/null @@ -1,7 +0,0 @@ - - ServerName status.localhost - - Require local - SetHandler server-status - - diff --git a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache-env.sh b/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache-env.sh deleted file mode 100644 index 449481062e54..000000000000 --- a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache-env.sh +++ /dev/null @@ -1,80 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for apache - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-apache}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -apache_env_vars=( - APACHE_HTTP_PORT_NUMBER - APACHE_HTTPS_PORT_NUMBER - APACHE_SERVER_TOKENS - APACHE_HTTP_PORT - APACHE_HTTPS_PORT -) -for env_var in "${apache_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset apache_env_vars -export WEB_SERVER_TYPE="apache" - -# Paths -export APACHE_BASE_DIR="${BITNAMI_ROOT_DIR}/apache" -export APACHE_BIN_DIR="${APACHE_BASE_DIR}/bin" -export APACHE_CONF_DIR="${APACHE_BASE_DIR}/conf" -export APACHE_HTDOCS_DIR="${APACHE_BASE_DIR}/htdocs" -export APACHE_TMP_DIR="${APACHE_BASE_DIR}/var/run" -export APACHE_LOGS_DIR="${APACHE_BASE_DIR}/logs" -export APACHE_VHOSTS_DIR="${APACHE_CONF_DIR}/vhosts" -export APACHE_HTACCESS_DIR="${APACHE_VHOSTS_DIR}/htaccess" -export APACHE_CONF_FILE="${APACHE_CONF_DIR}/httpd.conf" -export APACHE_PID_FILE="${APACHE_TMP_DIR}/httpd.pid" -export PATH="${APACHE_BIN_DIR}:${BITNAMI_ROOT_DIR}/common/bin:${PATH}" - -# System users (when running with a privileged user) -export APACHE_DAEMON_USER="daemon" -export WEB_SERVER_DAEMON_USER="$APACHE_DAEMON_USER" -export APACHE_DAEMON_GROUP="daemon" -export WEB_SERVER_DAEMON_GROUP="$APACHE_DAEMON_GROUP" -export WEB_SERVER_GROUP="$APACHE_DAEMON_GROUP" - -# Apache configuration -export APACHE_DEFAULT_HTTP_PORT_NUMBER="8080" -export WEB_SERVER_DEFAULT_HTTP_PORT_NUMBER="$APACHE_DEFAULT_HTTP_PORT_NUMBER" # only used at build time -export APACHE_DEFAULT_HTTPS_PORT_NUMBER="8443" -export WEB_SERVER_DEFAULT_HTTPS_PORT_NUMBER="$APACHE_DEFAULT_HTTPS_PORT_NUMBER" # only used at build time -APACHE_HTTP_PORT_NUMBER="${APACHE_HTTP_PORT_NUMBER:-"${APACHE_HTTP_PORT:-}"}" -export APACHE_HTTP_PORT_NUMBER="${APACHE_HTTP_PORT_NUMBER:-}" -export WEB_SERVER_HTTP_PORT_NUMBER="$APACHE_HTTP_PORT_NUMBER" -APACHE_HTTPS_PORT_NUMBER="${APACHE_HTTPS_PORT_NUMBER:-"${APACHE_HTTPS_PORT:-}"}" -export APACHE_HTTPS_PORT_NUMBER="${APACHE_HTTPS_PORT_NUMBER:-}" -export WEB_SERVER_HTTPS_PORT_NUMBER="$APACHE_HTTPS_PORT_NUMBER" -export APACHE_SERVER_TOKENS="${APACHE_SERVER_TOKENS:-Prod}" - -# Custom environment variables may be defined below diff --git a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache-modphp/postunpack.sh b/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache-modphp/postunpack.sh deleted file mode 100755 index a415969338cc..000000000000 --- a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache-modphp/postunpack.sh +++ /dev/null @@ -1,39 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libversion.sh -. /opt/bitnami/scripts/libapache.sh - -# Load Apache environment -. /opt/bitnami/scripts/apache-env.sh -. /opt/bitnami/scripts/php-env.sh - -# Enable required Apache modules -apache_enable_module "mpm_prefork_module" -php_version="$("${PHP_BIN_DIR}/php" -v | grep ^PHP | cut -d' ' -f2))" -php_major_version="$(get_sematic_version "$php_version" 1)" -if [[ "$php_major_version" -eq "8" ]]; then - apache_enable_module "php_module" "modules/libphp.so" -else - apache_enable_module "php${php_major_version}_module" "modules/libphp${php_major_version}.so" -fi - -# Disable incompatible Apache modules -apache_disable_module "mpm_event_module" - -# Write Apache configuration -apache_php_conf_file="${APACHE_CONF_DIR}/bitnami/php.conf" -cat > "$apache_php_conf_file" < - {{server_name_configuration}} - {{additional_http_configuration}} - {{additional_configuration}} - diff --git a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-https-vhost.conf.tpl b/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-https-vhost.conf.tpl deleted file mode 100644 index 589538513c9c..000000000000 --- a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-https-vhost.conf.tpl +++ /dev/null @@ -1,10 +0,0 @@ -{{https_listen_configuration}} -{{before_vhost_configuration}} - - {{server_name_configuration}} - SSLEngine on - SSLCertificateFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.crt" - SSLCertificateKeyFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.key" - {{additional_https_configuration}} - {{additional_configuration}} - diff --git a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-prefix.conf.tpl b/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-prefix.conf.tpl deleted file mode 100644 index c895e537502a..000000000000 --- a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-generic-prefix.conf.tpl +++ /dev/null @@ -1 +0,0 @@ -{{additional_configuration}} diff --git a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-http-vhost.conf.tpl b/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-http-vhost.conf.tpl deleted file mode 100644 index 96be8f822771..000000000000 --- a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-http-vhost.conf.tpl +++ /dev/null @@ -1,15 +0,0 @@ -{{http_listen_configuration}} -{{before_vhost_configuration}} - - {{server_name_configuration}} - DocumentRoot {{document_root}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - {{extra_directory_configuration}} - - {{additional_http_configuration}} - {{additional_configuration}} - {{htaccess_include}} - diff --git a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-https-vhost.conf.tpl b/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-https-vhost.conf.tpl deleted file mode 100644 index 1ad938929726..000000000000 --- a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-https-vhost.conf.tpl +++ /dev/null @@ -1,18 +0,0 @@ -{{https_listen_configuration}} -{{before_vhost_configuration}} - - {{server_name_configuration}} - SSLEngine on - SSLCertificateFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.crt" - SSLCertificateKeyFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.key" - DocumentRoot {{document_root}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - {{extra_directory_configuration}} - - {{additional_https_configuration}} - {{additional_configuration}} - {{htaccess_include}} - diff --git a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-prefix.conf.tpl b/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-prefix.conf.tpl deleted file mode 100644 index fc0f6c218196..000000000000 --- a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-prefix.conf.tpl +++ /dev/null @@ -1,9 +0,0 @@ -{{prefix_conf}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - {{extra_directory_configuration}} - -{{additional_configuration}} -{{htaccess_include}} diff --git a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-http-vhost.conf.tpl b/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-http-vhost.conf.tpl deleted file mode 100644 index 9440b89d28bf..000000000000 --- a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-http-vhost.conf.tpl +++ /dev/null @@ -1,11 +0,0 @@ -{{http_listen_configuration}} -{{before_vhost_configuration}} - - {{server_name_configuration}} - {{proxy_configuration}} - {{proxy_http_configuration}} - ProxyPass / {{proxy_address}} - ProxyPassReverse / {{proxy_address}} - {{additional_http_configuration}} - {{additional_configuration}} - diff --git a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-https-vhost.conf.tpl b/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-https-vhost.conf.tpl deleted file mode 100644 index 577cd461eb9d..000000000000 --- a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-https-vhost.conf.tpl +++ /dev/null @@ -1,14 +0,0 @@ -{{https_listen_configuration}} -{{before_vhost_configuration}} - - {{server_name_configuration}} - SSLEngine on - SSLCertificateFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.crt" - SSLCertificateKeyFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.key" - {{proxy_configuration}} - {{proxy_https_configuration}} - ProxyPass / {{proxy_address}} - ProxyPassReverse / {{proxy_address}} - {{additional_https_configuration}} - {{additional_configuration}} - diff --git a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-prefix.conf.tpl b/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-prefix.conf.tpl deleted file mode 100644 index 7ac08b131680..000000000000 --- a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-proxy-prefix.conf.tpl +++ /dev/null @@ -1,11 +0,0 @@ -{{prefix_conf}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - {{proxy_configuration}} - ProxyPass / {{proxy_address}} - ProxyPassReverse / {{proxy_address}} - {{extra_directory_configuration}} - -{{additional_configuration}} diff --git a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-http-vhost.conf.tpl b/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-http-vhost.conf.tpl deleted file mode 100644 index f518c7d42aab..000000000000 --- a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-http-vhost.conf.tpl +++ /dev/null @@ -1,16 +0,0 @@ -{{http_listen_configuration}} -{{before_vhost_configuration}} -PassengerPreStart http://localhost:{{http_port}}/ - - {{server_name_configuration}} - DocumentRoot {{document_root}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - PassengerEnabled on - {{extra_directory_configuration}} - - {{additional_http_configuration}} - {{additional_configuration}} - diff --git a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-https-vhost.conf.tpl b/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-https-vhost.conf.tpl deleted file mode 100644 index 5aae54c37d3b..000000000000 --- a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-https-vhost.conf.tpl +++ /dev/null @@ -1,19 +0,0 @@ -{{https_listen_configuration}} -{{before_vhost_configuration}} -PassengerPreStart https://localhost:{{https_port}}/ - - {{server_name_configuration}} - SSLEngine on - SSLCertificateFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.crt" - SSLCertificateKeyFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.key" - DocumentRoot {{document_root}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - PassengerEnabled on - {{extra_directory_configuration}} - - {{additional_https_configuration}} - {{additional_configuration}} - diff --git a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-prefix.conf.tpl b/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-prefix.conf.tpl deleted file mode 100644 index 2242d656b5a8..000000000000 --- a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/app-ruby-passenger-prefix.conf.tpl +++ /dev/null @@ -1,9 +0,0 @@ -{{prefix_conf}} - - Options -Indexes +FollowSymLinks -MultiViews - AllowOverride {{allow_override}} - {{acl_configuration}} - PassengerEnabled on - {{extra_directory_configuration}} - -{{additional_configuration}} diff --git a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami-ssl.conf.tpl b/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami-ssl.conf.tpl deleted file mode 100644 index f1d31ed3ecc3..000000000000 --- a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami-ssl.conf.tpl +++ /dev/null @@ -1,29 +0,0 @@ -# Default SSL Virtual Host configuration. - - - LoadModule ssl_module modules/mod_ssl.so - - -Listen 443 -SSLProtocol all -SSLv2 -SSLv3 -SSLHonorCipherOrder on -SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !EDH !RC4" -SSLPassPhraseDialog builtin -SSLSessionCache "shmcb:{{APACHE_LOGS_DIR}}/ssl_scache(512000)" -SSLSessionCacheTimeout 300 - - - DocumentRoot "{{APACHE_BASE_DIR}}/htdocs" - SSLEngine on - SSLCertificateFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.crt" - SSLCertificateKeyFile "{{APACHE_CONF_DIR}}/bitnami/certs/server.key" - - - Options Indexes FollowSymLinks - AllowOverride All - Require all granted - - - # Error Documents - ErrorDocument 503 /503.html - diff --git a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami.conf.tpl b/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami.conf.tpl deleted file mode 100644 index 75a255c3efee..000000000000 --- a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami.conf.tpl +++ /dev/null @@ -1,17 +0,0 @@ -# Default Virtual Host configuration. - -# Let Apache know we're behind a SSL reverse proxy -SetEnvIf X-Forwarded-Proto https HTTPS=on - - - DocumentRoot "{{APACHE_BASE_DIR}}/htdocs" - - Options Indexes FollowSymLinks - AllowOverride All - Require all granted - - - # Error Documents - ErrorDocument 503 /503.html - - diff --git a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/entrypoint.sh b/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/entrypoint.sh deleted file mode 100755 index dad82feba389..000000000000 --- a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/entrypoint.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -#set -o xtrace - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Apache environment -. /opt/bitnami/scripts/apache-env.sh - -print_welcome_page - -if [[ "$*" == *"/opt/bitnami/scripts/apache/run.sh"* ]]; then - info "** Starting Apache setup **" - /opt/bitnami/scripts/apache/setup.sh - info "** Apache setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/postunpack.sh b/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/postunpack.sh deleted file mode 100755 index 6a480ad4ddde..000000000000 --- a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/postunpack.sh +++ /dev/null @@ -1,127 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh - -######################## -# Sets up the default Bitnami configuration -# Globals: -# APACHE_* -# Arguments: -# None -# Returns: -# None -######################### -apache_setup_bitnami_config() { - local template_dir="${BITNAMI_ROOT_DIR}/scripts/apache/bitnami-templates" - - # Enable Apache modules - local -a modules_to_enable=( - "deflate_module" - "negotiation_module" - "proxy[^\s]*_module" - "rewrite_module" - "slotmem_shm_module" - "socache_shmcb_module" - "ssl_module" - "status_module" - "version_module" - ) - for module in "${modules_to_enable[@]}"; do - apache_enable_module "$module" - done - - # Disable Apache modules - local -a modules_to_disable=( - "http2_module" - "proxy_hcheck_module" - "proxy_html_module" - "proxy_http2_module" - ) - for module in "${modules_to_disable[@]}"; do - apache_disable_module "$module" - done - - # Bitnami customizations - ensure_dir_exists "${APACHE_CONF_DIR}/bitnami" - render-template "${template_dir}/bitnami.conf.tpl" > "${APACHE_CONF_DIR}/bitnami/bitnami.conf" - render-template "${template_dir}/bitnami-ssl.conf.tpl" > "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf" - - # Add new configuration only once, to avoid a second postunpack run breaking Apache - local apache_conf_add - apache_conf_add="$(cat <>"$APACHE_CONF_FILE" < - RequestHeader unset Proxy - -EOF - fi -} - -# Load Apache environment -. /opt/bitnami/scripts/apache-env.sh - -apache_setup_bitnami_config - -# Ensure non-root user has write permissions on a set of directories -for dir in "$APACHE_TMP_DIR" "$APACHE_CONF_DIR" "$APACHE_LOGS_DIR" "$APACHE_VHOSTS_DIR" "$APACHE_HTACCESS_DIR" "$APACHE_HTDOCS_DIR"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" -done - -# Create 'apache2' symlink pointing to the 'apache' directory, for compatibility with Bitnami Docs guides -ln -sf apache "${BITNAMI_ROOT_DIR}/apache2" - -ln -sf "/dev/stdout" "${APACHE_LOGS_DIR}/access_log" -ln -sf "/dev/stderr" "${APACHE_LOGS_DIR}/error_log" - -# This file is necessary for avoiding the error -# "unable to write random state" -# Source: https://stackoverflow.com/questions/94445/using-openssl-what-does-unable-to-write-random-state-mean - -touch /.rnd && chmod g+rw /.rnd diff --git a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/reload.sh b/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/reload.sh deleted file mode 100755 index 759c76157cc5..000000000000 --- a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/reload.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Apache environment -. /opt/bitnami/scripts/apache-env.sh - -info "** Reloading Apache configuration **" -exec "${APACHE_BIN_DIR}/apachectl" -k graceful diff --git a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/restart.sh b/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/restart.sh deleted file mode 100755 index a58851df0bab..000000000000 --- a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/restart.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh - -# Load Apache environment variables -. /opt/bitnami/scripts/apache-env.sh - -/opt/bitnami/scripts/apache/stop.sh -/opt/bitnami/scripts/apache/start.sh diff --git a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/run.sh b/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/run.sh deleted file mode 100755 index 01872e16a58a..000000000000 --- a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/run.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Apache environment -. /opt/bitnami/scripts/apache-env.sh - -info "** Starting Apache **" -exec "${APACHE_BIN_DIR}/httpd" -f "$APACHE_CONF_FILE" -D "FOREGROUND" diff --git a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/setup.sh b/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/setup.sh deleted file mode 100755 index ab451b6c1442..000000000000 --- a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/setup.sh +++ /dev/null @@ -1,91 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libapache.sh - -# Load Apache environment -. /opt/bitnami/scripts/apache-env.sh - -# Ensure Apache environment variables are valid -apache_validate - -# Ensure Apache daemon user exists when running as 'root' -am_i_root && ensure_user_exists "$APACHE_DAEMON_USER" --group "$APACHE_DAEMON_GROUP" - -# Generate SSL certs (without a passphrase) -ensure_dir_exists "${APACHE_CONF_DIR}/bitnami/certs" -if [[ ! -f "${APACHE_CONF_DIR}/bitnami/certs/server.crt" ]]; then - info "Generating sample certificates" - SSL_KEY_FILE="${APACHE_CONF_DIR}/bitnami/certs/server.key" - SSL_CERT_FILE="${APACHE_CONF_DIR}/bitnami/certs/server.crt" - SSL_CSR_FILE="${APACHE_CONF_DIR}/bitnami/certs/server.csr" - SSL_SUBJ="/CN=example.com" - SSL_EXT="subjectAltName=DNS:example.com,DNS:www.example.com,IP:127.0.0.1" - rm -f "$SSL_KEY_FILE" "$SSL_CERT_FILE" - openssl genrsa -out "$SSL_KEY_FILE" 4096 - # OpenSSL version 1.0.x does not use the same parameters as OpenSSL >= 1.1.x - if [[ "$(openssl version | grep -oE "[0-9]+\.[0-9]+")" == "1.0" ]]; then - openssl req -new -sha256 -out "$SSL_CSR_FILE" -key "$SSL_KEY_FILE" -nodes -subj "$SSL_SUBJ" - else - openssl req -new -sha256 -out "$SSL_CSR_FILE" -key "$SSL_KEY_FILE" -nodes -subj "$SSL_SUBJ" -addext "$SSL_EXT" - fi - openssl x509 -req -sha256 -in "$SSL_CSR_FILE" -signkey "$SSL_KEY_FILE" -out "$SSL_CERT_FILE" -days 1825 -extfile <(echo -n "$SSL_EXT") - rm -f "$SSL_CSR_FILE" -fi -# Load SSL configuration -if [[ -f "${APACHE_CONF_DIR}/bitnami/bitnami.conf" ]] && [[ -f "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf" ]]; then - ensure_apache_configuration_exists "Include \"${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf\"" "bitnami-ssl\.conf" "${APACHE_CONF_DIR}/bitnami/bitnami.conf" -fi - -# Copy vhosts files -if ! is_dir_empty "/vhosts"; then - info "Found mounted virtual hosts in '/vhosts'. Copying them to '${APACHE_BASE_DIR}/conf/vhosts'" - cp -Lr "/vhosts/." "${APACHE_VHOSTS_DIR}" -fi - -# Mount certificate files -if ! is_dir_empty "${APACHE_BASE_DIR}/certs"; then - warn "The directory '${APACHE_BASE_DIR}/certs' was externally mounted. This is a legacy configuration and will be deprecated soon. Please mount certificate files at '/certs' instead. Find an example at: https://github.com/bitnami/containers/tree/main/bitnami/apache#using-custom-ssl-certificates" - warn "Restoring certificates at '${APACHE_BASE_DIR}/certs' to '${APACHE_CONF_DIR}/bitnami/certs'" - rm -rf "${APACHE_CONF_DIR}/bitnami/certs" - ln -sf "${APACHE_BASE_DIR}/certs" "${APACHE_CONF_DIR}/bitnami/certs" -elif ! is_dir_empty "/certs"; then - info "Mounting certificates files from '/certs'" - rm -rf "${APACHE_CONF_DIR}/bitnami/certs" - ln -sf "/certs" "${APACHE_CONF_DIR}/bitnami/certs" -fi - -# Mount application files -if ! is_dir_empty "/app"; then - info "Mounting application files from '/app'" - rm -rf "$APACHE_HTDOCS_DIR" - ln -sf "/app" "$APACHE_HTDOCS_DIR" -fi - -# Restore persisted configuration files (deprecated) -if ! is_dir_empty "/bitnami/apache/conf"; then - warn "The directory '/bitnami/apache/conf' was externally mounted. This is a legacy configuration and will be deprecated soon. Please mount certificate files at '${APACHE_CONF_DIR}' instead. Find an example at: https://github.com/bitnami/containers/tree/main/bitnami/apache#full-configuration" - warn "Restoring configuration at '/bitnami/apache/conf' to '${APACHE_CONF_DIR}'" - rm -rf "$APACHE_CONF_DIR" - ln -sf "/bitnami/apache/conf" "$APACHE_CONF_DIR" -fi - -# Update ports in configuration -[[ -n "$APACHE_HTTP_PORT_NUMBER" ]] && info "Configuring the HTTP port" && apache_configure_http_port "$APACHE_HTTP_PORT_NUMBER" -[[ -n "$APACHE_HTTPS_PORT_NUMBER" ]] && info "Configuring the HTTPS port" && apache_configure_https_port "$APACHE_HTTPS_PORT_NUMBER" - -# Configure ServerTokens with user values -[[ -n "$APACHE_SERVER_TOKENS" ]] && info "Configuring Apache ServerTokens directive" && apache_configure_server_tokens "$APACHE_SERVER_TOKENS" - -# Fix logging issue when running as root -! am_i_root || chmod o+w "$(readlink /dev/stdout)" "$(readlink /dev/stderr)" diff --git a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/start.sh b/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/start.sh deleted file mode 100755 index 28425368c332..000000000000 --- a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/start.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Apache environment variables -. /opt/bitnami/scripts/apache-env.sh - -error_code=0 - -if is_apache_not_running; then - "${APACHE_BIN_DIR}/httpd" -f "$APACHE_CONF_FILE" - if ! retry_while "is_apache_running"; then - error "apache did not start" - error_code=1 - else - info "apache started" - fi -else - info "apache is already running" -fi - -exit "$error_code" diff --git a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/status.sh b/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/status.sh deleted file mode 100755 index 825fe8d37620..000000000000 --- a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/status.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Apache environment variables -. /opt/bitnami/scripts/apache-env.sh - -if is_apache_running; then - info "apache is already running" -else - info "apache is not running" -fi diff --git a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/stop.sh b/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/stop.sh deleted file mode 100755 index 8cca0a07ac64..000000000000 --- a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/apache/stop.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libapache.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh - -# Load Apache environment variables -. /opt/bitnami/scripts/apache-env.sh - -error_code=0 - -if is_apache_running; then - BITNAMI_QUIET=1 apache_stop - if ! retry_while "is_apache_not_running"; then - error "apache could not be stopped" - error_code=1 - else - info "apache stopped" - fi -else - info "apache is not running" -fi - -exit "$error_code" diff --git a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/libapache.sh b/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/libapache.sh deleted file mode 100644 index c83892a10c5f..000000000000 --- a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/libapache.sh +++ /dev/null @@ -1,808 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Apache library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libservice.sh - -######################## -# Validate settings in APACHE_* env vars -# Globals: -# APACHE_* -# Arguments: -# None -# Returns: -# None -######################### -apache_validate() { - debug "Validating settings in APACHE_* environment variables" - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - check_allowed_port() { - local port_var="${1:?missing port variable}" - local -a validate_port_args=() - ! am_i_root && validate_port_args+=("-unprivileged") - validate_port_args+=("${!port_var}") - if ! err=$(validate_port "${validate_port_args[@]}"); then - print_validation_error "An invalid port was specified in the environment variable ${port_var}: ${err}." - fi - } - - [[ -w "$APACHE_CONF_FILE" ]] || warn "The Apache configuration file '${APACHE_CONF_FILE}' is not writable. Configurations based on environment variables will not be applied." - - if [[ -n "$APACHE_HTTP_PORT_NUMBER" ]] && [[ -n "$APACHE_HTTPS_PORT_NUMBER" ]]; then - if [[ "$APACHE_HTTP_PORT_NUMBER" -eq "$APACHE_HTTPS_PORT_NUMBER" ]]; then - print_validation_error "APACHE_HTTP_PORT_NUMBER and APACHE_HTTPS_PORT_NUMBER are bound to the same port!" - fi - fi - - [[ -n "$APACHE_HTTP_PORT_NUMBER" ]] && check_allowed_port APACHE_HTTP_PORT_NUMBER - [[ -n "$APACHE_HTTPS_PORT_NUMBER" ]] && check_allowed_port APACHE_HTTPS_PORT_NUMBER - - [[ "$error_code" -eq 0 ]] || exit "$error_code" -} - -######################## -# Configure Apache's HTTP port -# Globals: -# APACHE_CONF_FILE, APACHE_CONF_DIR -# Arguments: -# None -# Returns: -# None -######################### -apache_configure_http_port() { - local -r port=${1:?missing port} - local -r listen_exp="s|^\s*Listen\s+([^:]*:)?[0-9]+\s*$|Listen ${port}|" - local -r server_name_exp="s|^\s*#?\s*ServerName\s+([^:\s]+)(:[0-9]+)?$|ServerName \1:${port}|" - local -r vhost_exp="s|VirtualHost\s+([^:>]+)(:[0-9]+)|VirtualHost \1:${port}|" - local apache_configuration - - if [[ -w "$APACHE_CONF_FILE" ]]; then - debug "Configuring port ${port} on file ${APACHE_CONF_FILE}" - apache_configuration="$(sed -E -e "$listen_exp" -e "$server_name_exp" "$APACHE_CONF_FILE")" - echo "$apache_configuration" > "$APACHE_CONF_FILE" - fi - - if [[ -w "${APACHE_CONF_DIR}/bitnami/bitnami.conf" ]]; then - debug "Configuring port ${port} on file ${APACHE_CONF_DIR}/bitnami/bitnami.conf" - apache_configuration="$(sed -E "$vhost_exp" "${APACHE_CONF_DIR}/bitnami/bitnami.conf")" - echo "$apache_configuration" > "${APACHE_CONF_DIR}/bitnami/bitnami.conf" - fi - - if [[ -w "${APACHE_VHOSTS_DIR}/00_status-vhost.conf" ]]; then - debug "Configuring port ${port} on file ${APACHE_VHOSTS_DIR}/00_status-vhost.conf" - apache_configuration="$(sed -E "$vhost_exp" "${APACHE_VHOSTS_DIR}/00_status-vhost.conf")" - echo "$apache_configuration" > "${APACHE_VHOSTS_DIR}/00_status-vhost.conf" - fi -} - -######################## -# Configure Apache's HTTPS port -# Globals: -# APACHE_CONF_DIR -# Arguments: -# None -# Returns: -# None -######################### -apache_configure_https_port() { - local -r port=${1:?missing port} - local -r listen_exp="s|^\s*Listen\s+([^:]*:)?[0-9]+\s*$|Listen ${port}|" - local -r vhost_exp="s|VirtualHost\s+([^:>]+)(:[0-9]+)|VirtualHost \1:${port}|" - local apache_configuration - - if [[ -w "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf" ]]; then - debug "Configuring port ${port} on file ${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf" - apache_configuration="$(sed -E -e "$listen_exp" -e "$vhost_exp" "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf")" - echo "$apache_configuration" > "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf" - fi -} - -######################## -# Configure Apache's ServerTokens directive -# Globals: -# APACHE_CONF_DIR -# Arguments: -# $1 - Value for ServerTokens directive -# Returns: -# None -######################### -apache_configure_server_tokens() { - local -r value=${1:?missing value} - local -r server_tokens_exp="s|^\s*ServerTokens\s+\w+\s*$|ServerTokens ${value}|" - local apache_configuration - - if [[ -w "$APACHE_CONF_FILE" ]]; then - debug "Configuring ServerTokens ${value} on file ${APACHE_CONF_FILE}" - apache_configuration="$(sed -E -e "$server_tokens_exp" "$APACHE_CONF_FILE")" - echo "$apache_configuration" > "$APACHE_CONF_FILE" - fi -} - -######################## -# Enable a module in the Apache configuration file -# Globals: -# APACHE_CONF_FILE -# Arguments: -# $1 - Module to enable -# $2 - Path to module .so file (optional if already defined in httpd.conf) -# Returns: -# None -######################### -apache_enable_module() { - local -r name="${1:?missing name}" - local -r file="${2:-}" - local -r regex="[#\s]*(LoadModule\s+${name}\s+.*)$" - local apache_configuration - - if [[ -w "$APACHE_CONF_FILE" ]]; then - debug "Enabling module '${name}'" - if grep -q -E "$regex" "$APACHE_CONF_FILE"; then - # Uncomment line if the module was already defined - replace_in_file "$APACHE_CONF_FILE" "$regex" "\1" - elif [[ -n "$file" ]]; then - # Add right after the last LoadModule, so all Apache modules are organized in the same section of the file - append_file_after_last_match "$APACHE_CONF_FILE" "^[#\s]*LoadModule" "LoadModule ${name} ${file}" - else - error "Module ${name} was not defined in ${APACHE_CONF_FILE}. Please specify the 'file' parameter for 'apache_enable_module'." - fi - fi -} - -######################## -# Disable a module in the Apache configuration file -# Globals: -# APACHE_CONF_FILE -# Arguments: -# $1 - Module to disable -# Returns: -# None -######################### -apache_disable_module() { - local -r name="${1:?missing name}" - local -r file="${2:-}" - local -r regex="[#\s]*(LoadModule\s+${name}\s+.*)$" - local apache_configuration - - if [[ -w "$APACHE_CONF_FILE" ]]; then - debug "Disabling module '${name}'" - replace_in_file "$APACHE_CONF_FILE" "$regex" "#\1" - fi -} - -######################## -# Stop Apache -# Globals: -# APACHE_* -# Arguments: -# None -# Returns: -# None -######################### -apache_stop() { - is_apache_not_running && return - stop_service_using_pid "$APACHE_PID_FILE" -} - -######################## -# Check if Apache is running -# Globals: -# APACHE_PID_FILE -# Arguments: -# None -# Returns: -# Whether Apache is running -######################## -is_apache_running() { - local pid - pid="$(get_pid_from_file "$APACHE_PID_FILE")" - if [[ -n "$pid" ]]; then - is_service_running "$pid" - else - false - fi -} - -######################## -# Check if Apache is running -# Globals: -# APACHE_PID_FILE -# Arguments: -# None -# Returns: -# Whether Apache is not running -######################## -is_apache_not_running() { - ! is_apache_running -} - -######################## -# Ensure configuration gets added to the main Apache configuration file -# Globals: -# APACHE_* -# Arguments: -# $1 - configuration string -# $2 - pattern to use for checking if the configuration already exists (default: $1) -# $3 - Apache configuration file (default: $APACHE_CONF_FILE) -# Returns: -# None -######################## -ensure_apache_configuration_exists() { - local -r conf="${1:?conf missing}" - local -r pattern="${2:-"$conf"}" - local -r conf_file="${3:-"$APACHE_CONF_FILE"}" - # Enable configuration by appending to httpd.conf - if ! grep -E -q "$pattern" "$conf_file"; then - if is_file_writable "$conf_file"; then - cat >> "$conf_file" <<< "$conf" - else - error "Could not add the following configuration to '${conf_file}:" - error "" - error "$(indent "$conf" 4)" - error "" - error "Include the configuration manually and try again." - return 1 - fi - fi -} - -######################## -# Collect all the .htaccess files from /opt/bitnami/$name and write the result in the 'htaccess' directory -# Globals: -# APACHE_* -# Arguments: -# $1 - App name -# $2 - Overwrite the original .htaccess with the explanation text (defaults to 'yes') -# Flags: -# --document-root - Path to document root directory -# Returns: -# None -######################## -apache_replace_htaccess_files() { - local -r app="${1:?missing app}" - local -r result_file="${APACHE_HTACCESS_DIR}/${app}-htaccess.conf" - # Default options - local document_root="${BITNAMI_ROOT_DIR}/${app}" - local overwrite="yes" - local -a htaccess_files - local htaccess_dir - local htaccess_contents - # Validate arguments - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --document-root) - shift - document_root="$1" - ;; - --overwrite) - shift - overwrite="$1" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - if is_file_writable "$result_file"; then - # Locate all .htaccess files inside the document root - read -r -a htaccess_files <<< "$(find "$document_root" -name .htaccess -print0 | xargs -0)" - [[ "${#htaccess_files[@]}" = 0 ]] && return - # Create file with root group write privileges, so it can be modified in non-root containers - [[ ! -f "$result_file" ]] && touch "$result_file" && chmod g+rw "$result_file" - for htaccess_file in "${htaccess_files[@]}"; do - htaccess_dir="$(dirname "$htaccess_file")" - htaccess_contents="$(indent "$(< "$htaccess_file")" 2)" - # Skip if it was already included to the resulting htaccess file - if grep -q "^" <<< "$htaccess_contents"; then - continue - fi - # Add to the htaccess file - cat >> "$result_file" < -${htaccess_contents} - -EOF - # Overwrite the original .htaccess with the explanation text - if is_boolean_yes "$overwrite"; then - echo "# This configuration has been moved to the ${result_file} config file for performance and security reasons" > "$htaccess_file" - fi - done - elif [[ ! -f "$result_file" ]]; then - error "Could not create htaccess for ${app} at '${result_file}'. Check permissions and ownership for parent directories." - return 1 - else - warn "The ${app} htaccess file '${result_file}' is not writable. Configurations based on environment variables will not be applied for this file." - return - fi -} - -######################## -# Ensure an Apache application configuration exists (in virtual host format) -# Globals: -# APACHE_* -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on what configuration template will be used, allowed values: php, (empty) -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases (defaults to '*') -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render the app's virtual hosts with a .disabled prefix -# --disable-http - Whether to render the app's HTTP virtual host with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS virtual host with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# --additional-configuration - Additional vhost configuration (no default) -# --additional-http-configuration - Additional HTTP vhost configuration (no default) -# --additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --before-vhost-configuration - Configuration to add before the directive (no default) -# --allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --document-root - Path to document root directory -# --extra-directory-configuration - Extra configuration for the document root directory -# --proxy-address - Address where to proxy requests -# --proxy-configuration - Extra configuration for the proxy -# --proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_apache_app_configuration_exists() { - local -r app="${1:?missing app}" - # Default options - local type="" - local -a hosts=("127.0.0.1" "_default_") - local server_name="www.example.com" # Default ServerName in httpd.conf - local -a server_aliases=("*") - local allow_remote_connections="yes" - local disable="no" - local disable_http="no" - local disable_https="no" - local move_htaccess="yes" - # Template variables defaults - export additional_configuration="" - export additional_http_configuration="" - export additional_https_configuration="" - export before_vhost_configuration="" - export allow_override="All" - export document_root="${BITNAMI_ROOT_DIR}/${app}" - export extra_directory_configuration="" - export default_http_port="${APACHE_HTTP_PORT_NUMBER:-"$APACHE_DEFAULT_HTTP_PORT_NUMBER"}" - export default_https_port="${APACHE_HTTPS_PORT_NUMBER:-"$APACHE_DEFAULT_HTTPS_PORT_NUMBER"}" - export http_port="$default_http_port" - export https_port="$default_https_port" - export proxy_address="" - export proxy_configuration="" - export proxy_http_configuration="" - export proxy_https_configuration="" - # Validate arguments - local var_name - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --hosts \ - | --server-aliases) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - read -r -a "${var_name?}" <<< "$1" - ;; - --disable \ - | --disable-http \ - | --disable-https \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - export "${var_name}=yes" - ;; - --type \ - | --server-name \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --move-htaccess \ - | --additional-configuration \ - | --additional-http-configuration \ - | --additional-https-configuration \ - | --before-vhost-configuration \ - | --allow-override \ - | --document-root \ - | --extra-directory-configuration \ - | --proxy-address \ - | --proxy-configuration \ - | --proxy-http-configuration \ - | --proxy-https-configuration \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - export "${var_name}=${1}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Construct listen ports configuration (only to add when using non-standard ports) - export http_listen_configuration="" - export https_listen_configuration="" - [[ "$http_port" != "$default_http_port" ]] && http_listen_configuration="Listen ${http_port}" - [[ "$https_port" != "$default_https_port" ]] && https_listen_configuration="Listen ${https_port}" - # Construct host string in the format of "host1:port1[ host2:port2[ ...]]" - export http_listen_addresses="" - export https_listen_addresses="" - for host in "${hosts[@]}"; do - http_listen="${host}:${http_port}" - https_listen="${host}:${https_port}" - [[ -z "${http_listen_addresses:-}" ]] && http_listen_addresses="$http_listen" || http_listen_addresses="${http_listen_addresses} ${http_listen}" - [[ -z "${https_listen_addresses:-}" ]] && https_listen_addresses="$https_listen" || https_listen_addresses="${https_listen_addresses} ${https_listen}" - done - # Construct ServerName/ServerAlias block - export server_name_configuration="" - if ! is_empty_value "${server_name:-}"; then - server_name_configuration="ServerName ${server_name}" - fi - if [[ "${#server_aliases[@]}" -gt 0 ]]; then - server_name_configuration+=$'\n'"ServerAlias ${server_aliases[*]}" - fi - # App .htaccess support (only when type is not defined) - export htaccess_include - [[ -z "$type" || "$type" = "php" ]] && is_boolean_yes "$move_htaccess" && apache_replace_htaccess_files "$app" --document-root "$document_root" - if [[ -z "$type" || "$type" = "php" ]] && [[ -f "${APACHE_HTACCESS_DIR}/${app}-htaccess.conf" ]]; then - allow_override="None" - htaccess_include="Include \"${APACHE_HTACCESS_DIR}/${app}-htaccess.conf\"" - else - # allow_override is already set to the expected value - htaccess_include="" - fi - # ACL configuration - export acl_configuration - if is_boolean_yes "$allow_remote_connections"; then - acl_configuration="Require all granted" - else - acl_configuration="$(cat < "$http_vhost" - elif [[ ! -f "$http_vhost" ]]; then - error "Could not create virtual host for ${app} at '${http_vhost}'. Check permissions and ownership for parent directories." - return 1 - else - warn "The ${app} virtual host file '${http_vhost}' is not writable. Configurations based on environment variables will not be applied for this file." - fi - if is_file_writable "$https_vhost"; then - # Create file with root group write privileges, so it can be modified in non-root containers - [[ ! -f "$https_vhost" ]] && touch "$https_vhost" && chmod g+rw "$https_vhost" - render-template "${template_dir}/${template_name}-https-vhost.conf.tpl" | sed '/^\s*$/d' > "$https_vhost" - elif [[ ! -f "$https_vhost" ]]; then - error "Could not create virtual host for ${app} at '${https_vhost}'. Check permissions and ownership for parent directories." - return 1 - else - warn "The ${app} virtual host file '${https_vhost}' is not writable. Configurations based on environment variables will not be applied for this file." - fi -} - -######################## -# Ensure an Apache application configuration does not exist anymore (in virtual hosts format) -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_apache_app_configuration_not_exists() { - local -r app="${1:?missing app}" - local -r http_vhost="${APACHE_VHOSTS_DIR}/${app}-vhost.conf" - local -r https_vhost="${APACHE_VHOSTS_DIR}/${app}-https-vhost.conf" - local -r disable_suffix=".disabled" - # Note that 'rm -f' will not fail if the files don't exist - # However if we lack permissions to remove the file, it will result in a non-zero exit code, as expected by this function - rm -f "$http_vhost" "$https_vhost" "${http_vhost}${disable_suffix}" "${https_vhost}${disable_suffix}" -} - -######################## -# Ensure Apache loads the configuration for an application in a URL prefix -# Globals: -# APACHE_* -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on what configuration template will be used, allowed values: php, (empty) -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --additional-configuration - Additional vhost configuration (no default) -# --allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --document-root - Path to document root directory -# --extra-directory-configuration - Extra configuration for the document root directory -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_apache_prefix_configuration_exists() { - local -r app="${1:?missing app}" - # Default options - local type="" - local allow_remote_connections="yes" - local move_htaccess="yes" - local prefix="/${app}" - # Template variables defaults - export additional_configuration="" - export allow_override="All" - export document_root="${BITNAMI_ROOT_DIR}/${app}" - export extra_directory_configuration="" - # Validate arguments - local var_name - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --type \ - | --allow-remote-connections \ - | --move-htaccess \ - | --prefix \ - | --additional-configuration \ - | --allow-override \ - | --document-root \ - | --extra-directory-configuration \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "${var_name}=${1}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # App .htaccess support (only when type is not defined) - export htaccess_include - [[ -z "$type" || "$type" = "php" ]] && is_boolean_yes "$move_htaccess" && apache_replace_htaccess_files "$app" --document-root "$document_root" - if [[ -z "$type" || "$type" = "php" ]] && [[ -f "${APACHE_HTACCESS_DIR}/${app}-htaccess.conf" ]]; then - allow_override="None" - htaccess_include="Include \"${APACHE_HTACCESS_DIR}/${app}-htaccess.conf\"" - else - # allow_override is already set to the expected value - htaccess_include="" - fi - # ACL configuration - export acl_configuration - if is_boolean_yes "$allow_remote_connections"; then - acl_configuration="Require all granted" - else - acl_configuration="$(cat < "$prefix_file" - ensure_apache_configuration_exists "Include \"$prefix_file\"" - elif [[ ! -f "$prefix_file" ]]; then - error "Could not create web server configuration file for ${app} at '${prefix_file}'. Check permissions and ownership for parent directories." - return 1 - else - warn "The ${app} web server configuration file '${prefix_file}' is not writable. Configurations based on environment variables will not be applied for this file." - fi -} - -######################## -# Ensure Apache application configuration is updated with the runtime configuration (i.e. ports) -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -apache_update_app_configuration() { - local -r app="${1:?missing app}" - # Default options - local -a hosts=("127.0.0.1" "_default_") - local server_name="www.example.com" # Default ServerName in httpd.conf - local -a server_aliases=() - local enable_http="no" - local enable_https="no" - local disable_http="no" - local disable_https="no" - export default_http_port="${APACHE_HTTP_PORT_NUMBER:-"$APACHE_DEFAULT_HTTP_PORT_NUMBER"}" - export default_https_port="${APACHE_HTTPS_PORT_NUMBER:-"$APACHE_DEFAULT_HTTPS_PORT_NUMBER"}" - export http_port="$default_http_port" - export https_port="$default_https_port" - local var_name - # Validate arguments - local var_name - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --hosts \ - | --server-aliases) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - read -r -a "${var_name?}" <<< "$1" - ;; - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - declare "${var_name}=yes" - ;; - --server-name \ - | --http-port \ - | --https-port \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "${var_name}=${1}" - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Construct host string in the format of "host1:port1[ host2:port2[ ...]]" - export http_listen_addresses="" - export https_listen_addresses="" - for host in "${hosts[@]}"; do - http_listen="${host}:${http_port}" - https_listen="${host}:${https_port}" - [[ -z "${http_listen_addresses:-}" ]] && http_listen_addresses="$http_listen" || http_listen_addresses="${http_listen_addresses} ${http_listen}" - [[ -z "${https_listen_addresses:-}" ]] && https_listen_addresses="$https_listen" || https_listen_addresses="${https_listen_addresses} ${https_listen}" - done - # Update configuration - local -r http_vhost="${APACHE_VHOSTS_DIR}/${app}-vhost.conf" - local -r https_vhost="${APACHE_VHOSTS_DIR}/${app}-https-vhost.conf" - local -r disable_suffix=".disabled" - # Helper function to avoid duplicating code - update_common_vhost_config() { - local -r vhost_file="${1:?missing virtual host}" - # Update ServerName - if ! is_empty_value "${server_name:-}"; then - replace_in_file "$vhost_file" "^(\s*ServerName\s+).*" "\1${server_name}" - fi - # Update ServerAlias - if [[ "${#server_aliases[@]}" -gt 0 ]]; then - replace_in_file "$vhost_file" "^(\s*ServerAlias\s+).*" "\1${server_aliases[*]}" - fi - } - # Disable and enable configuration files - rename_conf_file() { - local -r origin="$1" - local -r destination="$2" - if is_file_writable "$origin" && is_file_writable "$destination"; then - warn "Could not rename virtual host file '${origin}' to '${destination}' due to lack of permissions." - else - mv "$origin" "$destination" - fi - } - is_boolean_yes "$disable_http" && [[ -e "$http_vhost" ]] && rename_conf_file "${http_vhost}${disable_suffix}" "$http_vhost" - is_boolean_yes "$disable_https" && [[ -e "$https_vhost" ]] && rename_conf_file "${https_vhost}${disable_suffix}" "$https_vhost" - is_boolean_yes "$enable_http" && [[ -e "${http_vhost}${disable_suffix}" ]] && rename_conf_file "${http_vhost}${disable_suffix}" "$http_vhost" - is_boolean_yes "$enable_https" && [[ -e "${https_vhost}${disable_suffix}" ]] && rename_conf_file "${https_vhost}${disable_suffix}" "$https_vhost" - # Update only configuration files without the '.disabled' suffix - if [[ -e "$http_vhost" ]]; then - if is_file_writable "$http_vhost"; then - update_common_vhost_config "$http_vhost" - # Update vhost-specific config (listen port and addresses) - replace_in_file "$http_vhost" "^Listen .*" "Listen ${http_port}" - replace_in_file "$http_vhost" "^$" "" - else - warn "The ${app} virtual host file '${http_vhost}' is not writable. Configurations based on environment variables will not be applied for this file." - fi - fi - if [[ -e "$https_vhost" ]]; then - if is_file_writable "$https_vhost"; then - update_common_vhost_config "$https_vhost" - # Update vhost-specific config (listen port and addresses) - replace_in_file "$https_vhost" "^Listen .*" "Listen ${https_port}" - replace_in_file "$https_vhost" "^$" "" - else - warn "The ${app} virtual host file '${https_vhost}' is not writable. Configurations based on environment variables will not be applied for this file." - fi - fi -} - -######################## -# Create a password file for basic authentication and restrict its permissions -# Globals: -# * -# Arguments: -# $1 - file -# $2 - username -# $3 - password -# Returns: -# true if the configuration was updated, false otherwise -######################## -apache_create_password_file() { - local -r file="${1:?missing file}" - local -r username="${2:?missing username}" - local -r password="${3:?missing password}" - - "${APACHE_BIN_DIR}/htpasswd" -bc "$file" "$username" "$password" - am_i_root && configure_permissions_ownership "$file" --file-mode "600" --user "$APACHE_DAEMON_USER" --group "$APACHE_DAEMON_GROUP" -} diff --git a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/libmediawiki.sh b/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/libmediawiki.sh deleted file mode 100644 index 5200a4c98d32..000000000000 --- a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/libmediawiki.sh +++ /dev/null @@ -1,330 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami MediaWiki library - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/libphp.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libpersistence.sh -. /opt/bitnami/scripts/libwebserver.sh - -# Load database library -if [[ -f /opt/bitnami/scripts/libmysqlclient.sh ]]; then - . /opt/bitnami/scripts/libmysqlclient.sh -elif [[ -f /opt/bitnami/scripts/libmysql.sh ]]; then - . /opt/bitnami/scripts/libmysql.sh -elif [[ -f /opt/bitnami/scripts/libmariadb.sh ]]; then - . /opt/bitnami/scripts/libmariadb.sh -fi - -######################## -# Validate settings in MEDIAWIKI_* env vars -# Globals: -# MEDIAWIKI_* -# Arguments: -# None -# Returns: -# 0 if the validation succeeded, 1 otherwise -######################### -mediawiki_validate() { - debug "Validating settings in MEDIAWIKI_* environment variables..." - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - check_yes_no_value() { - if ! is_yes_no_value "${!1}" && ! is_true_false_value "${!1}"; then - print_validation_error "The allowed values for ${1} are: yes no" - fi - } - check_valid_port() { - local port_var="${1:?missing port variable}" - local err - if ! err="$(validate_port "${!port_var}")"; then - print_validation_error "An invalid port was specified in the environment variable ${port_var}: ${err}." - fi - } - - # Validate credentials - if is_boolean_yes "$ALLOW_EMPTY_PASSWORD"; then - warn "You set the environment variable ALLOW_EMPTY_PASSWORD=${ALLOW_EMPTY_PASSWORD}. For safety reasons, do not use this flag in a production environment." - else - for empty_env_var in "MEDIAWIKI_DATABASE_PASSWORD" "MEDIAWIKI_PASSWORD"; do - is_empty_value "${!empty_env_var}" && print_validation_error "The ${empty_env_var} environment variable is empty or not set. Set the environment variable ALLOW_EMPTY_PASSWORD=yes to allow a blank password. This is only recommended for development environments." - done - fi - - # Validate SMTP credentials - if ! is_empty_value "$MEDIAWIKI_SMTP_HOST"; then - for empty_env_var in "MEDIAWIKI_SMTP_USER" "MEDIAWIKI_SMTP_PASSWORD"; do - is_empty_value "${!empty_env_var}" && warn "The ${empty_env_var} environment variable is empty or not set." - done - check_yes_no_value "MEDIAWIKI_ENABLE_SMTP_AUTH" - is_empty_value "$MEDIAWIKI_SMTP_PORT_NUMBER" && print_validation_error "The MEDIAWIKI_SMTP_PORT_NUMBER environment variable is empty or not set." - ! is_empty_value "$MEDIAWIKI_SMTP_PORT_NUMBER" && check_valid_port "MEDIAWIKI_SMTP_PORT_NUMBER" - fi - - # Check that the web server is properly set up - web_server_validate || print_validation_error "Web server validation failed" - - return "$error_code" -} - -######################## -# Ensure MediaWiki is initialized -# Globals: -# MEDIAWIKI_* -# Arguments: -# None -# Returns: -# None -######################### -mediawiki_initialize() { - # Check if mediawiki has already been initialized and persisted in a previous run - local -r app_name="mediawiki" - local db_host db_port db_name db_user db_pass - if ! is_app_initialized "$app_name"; then - # Ensure the MediaWiki base directory exists and has proper permissions - info "Configuring file permissions for MediaWiki" - ensure_dir_exists "$MEDIAWIKI_VOLUME_DIR" - # Use daemon:root ownership for compatibility when running as a non-root user - am_i_root && configure_permissions_ownership "$MEDIAWIKI_VOLUME_DIR" -d "775" -f "664" -u "$WEB_SERVER_DAEMON_USER" -g "root" - - db_host="$MEDIAWIKI_DATABASE_HOST" - db_port="$MEDIAWIKI_DATABASE_PORT_NUMBER" - db_name="$MEDIAWIKI_DATABASE_NAME" - db_user="$MEDIAWIKI_DATABASE_USER" - db_pass="$MEDIAWIKI_DATABASE_PASSWORD" - info "Trying to connect to the database server" - mediawiki_wait_for_db_connection "$db_host" "$db_port" "$db_name" "$db_user" "$db_pass" - - # Perform initial bootstrap of the database - if ! is_boolean_yes "$MEDIAWIKI_SKIP_BOOTSTRAP"; then - info "Running MediaWiki install script" - debug_execute php "${MEDIAWIKI_BASE_DIR}/maintenance/install.php" "$MEDIAWIKI_WIKI_NAME" "$MEDIAWIKI_USERNAME" \ - --pass "$MEDIAWIKI_PASSWORD" \ - --dbserver "$db_host" \ - --dbport "$db_port" \ - --dbuser "$db_user" \ - --dbpass "$db_pass" \ - --installdbuser "$db_user" \ - --installdbpass "$db_pass" \ - --dbname "$db_name" - # Configure admin e-mail as it is not handled by the installation command - echo "UPDATE user SET user_email='${MEDIAWIKI_EMAIL}' WHERE user_id='1'" | mediawiki_sql_execute - else - info "An already initialized MediaWiki database was provided, configuration will be skipped" - # Perform MediaWiki database schema upgrade - debug_execute php "${MEDIAWIKI_BASE_DIR}/maintenance/update.php" - fi - - # Configure MediaWiki based on environment variables - info "Configuring MediaWiki settings" - mediawiki_configure_short_urls - mediawiki_conf_set "\$wgEnableUploads" "true" yes - which convert >/dev/null && mediawiki_conf_set "\$wgUseImageMagick" "true" yes - mediawiki_configure_host "$MEDIAWIKI_HOST" - mediawiki_conf_set "\$wgEmergencyContact" "$MEDIAWIKI_EMAIL" - mediawiki_conf_set "\$wgPasswordSender" "$MEDIAWIKI_EMAIL" - mediawiki_configure_smtp - - info "Persisting MediaWiki installation" - persist_app "$app_name" "$MEDIAWIKI_DATA_TO_PERSIST" - else - info "Restoring persisted MediaWiki installation" - restore_persisted_app "$app_name" "$MEDIAWIKI_DATA_TO_PERSIST" - info "Trying to connect to the database server" - db_host="$(mediawiki_conf_get "\$wgDBserver")" - db_name="$(mediawiki_conf_get "\$wgDBname")" - db_user="$(mediawiki_conf_get "\$wgDBuser")" - db_pass="$(mediawiki_conf_get "\$wgDBpassword")" - # The port number option is only supported for PostgreSQL, so rely on environment variables instead - db_port="$MEDIAWIKI_DATABASE_PORT_NUMBER" - mediawiki_wait_for_db_connection "$db_host" "$db_port" "$db_name" "$db_user" "$db_pass" - # Perform MediaWiki database schema upgrade - debug_execute php "${MEDIAWIKI_BASE_DIR}/maintenance/update.php" - fi - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Add or modify an entry in the MediaWiki configuration file (config.inc.php) -# Globals: -# MEDIAWIKI_* -# Arguments: -# $1 - PHP variable name -# $2 - Value to assign to the PHP variable -# $3 - Whether the value is a literal, or if instead it should be quoted (default: no) -# Returns: -# None -######################### -mediawiki_conf_set() { - local -r key="${1:?key missing}" - local -r value="${2:-}" - local -r is_literal="${3:-no}" - debug "Setting ${key} to '${value}' in MediaWiki configuration (literal: ${is_literal})" - # Sanitize key (sed does not support fixed string substitutions) - local sanitized_pattern - sanitized_pattern="^\s*(//\s*)?$(sed 's/[]\[^$.*/]/\\&/g' <<< "$key")\s*=.*" - local entry - is_boolean_yes "$is_literal" && entry="${key} = $value;" || entry="${key} = '$value';" - # Check if the configuration exists in the file - if grep -q -E "$sanitized_pattern" "$MEDIAWIKI_CONF_FILE"; then - # It exists, so replace the line - replace_in_file "$MEDIAWIKI_CONF_FILE" "$sanitized_pattern" "$entry" - else - # The MediaWiki configuration file includes all supported keys, but because of its format, - # we cannot append contents to the end. We can assume thi - warn "Could not set the MediaWiki '${key}' configuration. Check that the file has not been modified externally." - fi -} - -######################## -# Get an entry from the MediaWiki configuration file (config.inc.php) -# Globals: -# MEDIAWIKI_* -# Arguments: -# $1 - PHP variable name -# Returns: -# None -######################### -mediawiki_conf_get() { - local -r key="${1:?key missing}" - debug "Getting ${key} from MediaWiki configuration" - # Sanitize key (sed does not support fixed string substitutions) - local sanitized_pattern - sanitized_pattern="^\s*(//\s*)?$(sed 's/[]\[^$.*/]/\\&/g' <<< "$key")\s*=([^;]+);" - debug "$sanitized_pattern" - grep -E "$sanitized_pattern" "$MEDIAWIKI_CONF_FILE" | sed -E "s|${sanitized_pattern}|\\2|" | tr -d "\"' " -} - -######################## -# Execute an SQL command with MediaWiki's database credentials -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the command was executed properly, false otherwise -######################### -mediawiki_sql_execute() { - local -a args=( - "$MEDIAWIKI_DATABASE_HOST" - "$MEDIAWIKI_DATABASE_PORT_NUMBER" - "$MEDIAWIKI_DATABASE_NAME" - "$MEDIAWIKI_DATABASE_USER" - "$MEDIAWIKI_DATABASE_PASSWORD" - ) - mysql_remote_execute "${args[@]}" -} - -######################## -# Wait until the database is accessible with the currently-known credentials -# Globals: -# * -# Arguments: -# $1 - database host -# $2 - database port -# $3 - database name -# $4 - database username -# $5 - database user password (optional) -# Returns: -# true if the database connection succeeded, false otherwise -######################### -mediawiki_wait_for_db_connection() { - local -r db_host="${1:?missing database host}" - local -r db_port="${2:?missing database port}" - local -r db_name="${3:?missing database name}" - local -r db_user="${4:?missing database user}" - local -r db_pass="${5:-}" - check_mysql_connection() { - echo "SELECT 1" | mysql_remote_execute "$db_host" "$db_port" "$db_name" "$db_user" "$db_pass" - } - if ! retry_while "check_mysql_connection"; then - error "Could not connect to the database" - return 1 - fi -} - -######################## -# Configure MediaWiki SMTP credentials -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -mediawiki_configure_smtp() { - is_empty_value "$MEDIAWIKI_SMTP_HOST" && return - info "Setting SMTP credentials" - cat >>"$MEDIAWIKI_CONF_FILE" < '${MEDIAWIKI_SMTP_HOST}', -'IDHost' => '${MEDIAWIKI_SMTP_HOST_ID}', -'port' => ${MEDIAWIKI_SMTP_PORT_NUMBER}, -'username' => '${MEDIAWIKI_SMTP_USER}', -'password' => '${MEDIAWIKI_SMTP_PASSWORD}', -'auth' => $(php_convert_to_boolean "$MEDIAWIKI_ENABLE_SMTP_AUTH") -); -EOF -} - -######################## -# Configure MediaWiki short URLs -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -mediawiki_configure_short_urls() { - info "Setting MediaWiki short URLs" - mediawiki_conf_set "\$wgScriptPath" "" - cat >>"$MEDIAWIKI_CONF_FILE" <"$wrapper_file" <> "$custom_conf_file" - cat "$old_custom_conf_file" >> "$custom_conf_file" - fi - if am_i_root; then - [[ -e "$DB_VOLUME_DIR/.initialized" ]] && rm "$DB_VOLUME_DIR/.initialized" - rm -rf "$DB_VOLUME_DIR/conf" - else - warn "Old custom configuration migrated, please manually remove the 'conf' directory from the volume use to persist data" - fi -} - -######################## -# Ensure a db user exists with the given password for the '%' host -# Globals: -# DB_* -# Flags: -# -p|--password - database password -# -u|--user - database user -# --auth-plugin - authentication plugin -# --use-ldap - authenticate user via LDAP -# --host - database host -# --port - database host -# Arguments: -# $1 - database user -# Returns: -# None -######################### -mysql_ensure_user_exists() { - local -r user="${1:?user is required}" - local password="" - local auth_plugin="" - local use_ldap="no" - local hosts - local auth_string="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -p|--password) - shift - password="${1:?missing database password}" - ;; - --auth-plugin) - shift - auth_plugin="${1:?missing authentication plugin}" - ;; - --use-ldap) - use_ldap="yes" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if is_boolean_yes "$use_ldap"; then - auth_string="identified via pam using '$DB_FLAVOR'" - elif [[ -n "$password" ]]; then - if [[ -n "$auth_plugin" ]]; then - auth_string="identified with $auth_plugin by '$password'" - else - auth_string="identified by '$password'" - fi - fi - debug "creating database user \'$user\'" - - local -a mysql_execute_cmd=("mysql_execute") - local -a mysql_execute_print_output_cmd=("mysql_execute_print_output") - if [[ -n "$db_host" && -n "$db_port" ]]; then - mysql_execute_cmd=("mysql_remote_execute" "$db_host" "$db_port") - mysql_execute_print_output_cmd=("mysql_remote_execute_print_output" "$db_host" "$db_port") - fi - - local mysql_create_user_cmd - [[ "$DB_FLAVOR" = "mariadb" ]] && mysql_create_user_cmd="create or replace user" || mysql_create_user_cmd="create user if not exists" - "${mysql_execute_cmd[@]}" "mysql" "$DB_ROOT_USER" "$DB_ROOT_PASSWORD" <=10.4, the mysql.user table was replaced with a view: https://mariadb.com/kb/en/mysqluser-table/ - # Views have a definer user, in this case set to 'root', which needs to exist for the view to work - # In MySQL, to avoid issues when renaming the root user, they use the 'mysql.sys' user as a definer: https://dev.mysql.com/doc/refman/5.7/en/sys-schema.html - # However, for MariaDB that is not the case, so when the 'root' user is renamed the 'mysql.user' table stops working and the view needs to be fixed - if [[ "$user" != "root" && ! "$(mysql_get_version)" =~ ^10.[0123]. ]]; then - alter_view_str="$(mysql_execute_print_output "mysql" "$user" "$password" "-s" <&2 - return 1 - ;; - esac - shift - done - - local -a mysql_execute_cmd=("mysql_execute") - [[ -n "$db_host" && -n "$db_port" ]] && mysql_execute_cmd=("mysql_remote_execute" "$db_host" "$db_port") - - local -a create_database_args=() - [[ -n "$character_set" ]] && create_database_args+=("character set = '${character_set}'") - [[ -n "$collate" ]] && create_database_args+=("collate = '${collate}'") - - debug "Creating database $database" - "${mysql_execute_cmd[@]}" "mysql" "$DB_ROOT_USER" "$DB_ROOT_PASSWORD" <&2 - return 1 - ;; - esac - shift - done - - local -a flags=("$user") - [[ -n "$db_host" ]] && flags+=("--host" "${db_host}") - [[ -n "$db_port" ]] && flags+=("--port" "${db_port}") - if is_boolean_yes "$use_ldap"; then - flags+=("--use-ldap") - elif [[ -n "$password" ]]; then - flags+=("-p" "$password") - [[ -n "$auth_plugin" ]] && flags=("${flags[@]}" "--auth-plugin" "$auth_plugin") - fi - mysql_ensure_user_exists "${flags[@]}" -} - -######################## -# Optionally create the given database, and then optionally give a user -# full privileges on the database. -# Flags: -# -u|--user - database user -# --character-set - character set -# --collation - collation -# --host - database host -# --port - database port -# Arguments: -# $1 - database name -# Returns: -# None -######################### -mysql_ensure_optional_database_exists() { - local -r database="${1:?database is missing}" - local character_set="" - local collate="" - local user="" - local privileges="" - # For accessing an external database - local db_host="" - local db_port="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - --character-set) - shift - character_set="${1:?missing character set}" - ;; - --collate) - shift - collate="${1:?missing collate}" - ;; - -u|--user) - shift - user="${1:?missing database user}" - ;; - --host) - shift - db_host="${1:?missing database host}" - ;; - --port) - shift - db_port="${1:?missing database port}" - ;; - --privileges) - shift - privileges="${1:?missing privileges}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - local -a flags=("$database") - [[ -n "$character_set" ]] && flags+=("--character-set" "$character_set") - [[ -n "$collate" ]] && flags+=("--collate" "$collate") - [[ -n "$db_host" ]] && flags+=("--host" "$db_host") - [[ -n "$db_port" ]] && flags+=("--port" "$db_port") - mysql_ensure_database_exists "${flags[@]}" - - if [[ -n "$user" ]]; then - mysql_ensure_user_has_database_privileges "$user" "$database" "$privileges" "$db_host" "$db_port" - fi -} - -######################## -# Add or modify an entry in the MySQL configuration file ("$DB_CONF_FILE") -# Globals: -# DB_* -# Arguments: -# $1 - MySQL variable name -# $2 - Value to assign to the MySQL variable -# $3 - Section in the MySQL configuration file the key is located (default: mysqld) -# $4 - Configuration file (default: "$BD_CONF_FILE") -# Returns: -# None -######################### -mysql_conf_set() { - local -r key="${1:?key missing}" - local -r value="${2:?value missing}" - read -r -a sections <<<"${3:-mysqld}" - local -r ignore_inline_comments="${4:-no}" - local -r file="${5:-"$DB_CONF_FILE"}" - info "Setting ${key} option" - debug "Setting ${key} to '${value}' in ${DB_FLAVOR} configuration file ${file}" - # Check if the configuration exists in the file - for section in "${sections[@]}"; do - if is_boolean_yes "$ignore_inline_comments"; then - ini-file set --ignore-inline-comments --section "$section" --key "$key" --value "$value" "$file" - else - ini-file set --section "$section" --key "$key" --value "$value" "$file" - fi - done -} - -######################## -# Update MySQL/MariaDB configuration file with user custom inputs -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# None -######################### -mysql_update_custom_config() { - # Persisted configuration files from old versions - ! is_dir_empty "$DB_VOLUME_DIR" && [[ -d "$DB_VOLUME_DIR/conf" ]] && mysql_migrate_old_configuration - - # User injected custom configuration - if [[ -f "$DB_CONF_DIR/my_custom.cnf" ]]; then - debug "Injecting custom configuration from my_custom.conf" - cat "$DB_CONF_DIR/my_custom.cnf" > "$DB_CONF_DIR/bitnami/my_custom.cnf" - fi - - ! is_empty_value "$DB_USER" && mysql_conf_set "user" "$DB_USER" "mysqladmin" - ! is_empty_value "$DB_PORT_NUMBER" && mysql_conf_set "port" "$DB_PORT_NUMBER" "mysqld client manager" - ! is_empty_value "$DB_CHARACTER_SET" && mysql_conf_set "character_set_server" "$DB_CHARACTER_SET" - ! is_empty_value "$DB_COLLATE" && mysql_conf_set "collation_server" "$DB_COLLATE" - ! is_empty_value "$DB_BIND_ADDRESS" && mysql_conf_set "bind_address" "$DB_BIND_ADDRESS" - ! is_empty_value "$DB_AUTHENTICATION_PLUGIN" && mysql_conf_set "default_authentication_plugin" "$DB_AUTHENTICATION_PLUGIN" - ! is_empty_value "$DB_SQL_MODE" && mysql_conf_set "sql_mode" "$DB_SQL_MODE" - ! is_empty_value "$DB_ENABLE_SLOW_QUERY" && mysql_conf_set "slow_query_log" "$DB_ENABLE_SLOW_QUERY" - ! is_empty_value "$DB_LONG_QUERY_TIME" && mysql_conf_set "long_query_time" "$DB_LONG_QUERY_TIME" - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Find the path to the libjemalloc library file -# Globals: -# None -# Arguments: -# None -# Returns: -# Path to a libjemalloc shared object file -######################### -find_jemalloc_lib() { - local -a locations=( "/usr/lib" "/usr/lib64" ) - local -r pattern='libjemalloc.so.[0-9]' - local path - for dir in "${locations[@]}"; do - # Find the first element matching the pattern and quit - [[ ! -d "$dir" ]] && continue - path="$(find "$dir" -name "$pattern" -print -quit)" - [[ -n "$path" ]] && break - done - echo "${path:-}" -} - -######################## -# Execute a reliable health check against the current mysql instance -# Globals: -# DB_ROOT_PASSWORD, DB_MASTER_ROOT_PASSWORD -# Arguments: -# None -# Returns: -# mysqladmin output -######################### -mysql_healthcheck() { - local args=("-uroot" "-h0.0.0.0") - local root_password - - root_password="$(get_master_env_var_value ROOT_PASSWORD)" - if [[ -n "$root_password" ]]; then - args+=("-p${root_password}") - fi - - mysqladmin "${args[@]}" ping && mysqladmin "${args[@]}" status -} - -######################## -# Prints flavor of 'mysql' client (useful to determine proper CLI flags that can be used) -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# mysql client flavor -######################### -mysql_client_flavor() { - if "${DB_BIN_DIR}/mysql" "--version" 2>&1 | grep -q MariaDB; then - echo "mariadb" - else - echo "mysql" - fi -} - -######################## -# Prints extra options for MySQL client calls (i.e. SSL options) -# Globals: -# DB_* -# Arguments: -# None -# Returns: -# List of options to pass to "mysql" CLI -######################### -mysql_client_extra_opts() { - # Helper to get the proper value for the MySQL client environment variable - mysql_client_env_value() { - local env_name="MYSQL_CLIENT_${1:?missing name}" - if [[ -n "${!env_name:-}" ]]; then - echo "${!env_name:-}" - else - env_name="DB_CLIENT_${1}" - echo "${!env_name:-}" - fi - } - local -a opts=() - local key value - if is_boolean_yes "${DB_ENABLE_SSL:-no}"; then - if [[ "$(mysql_client_flavor)" = "mysql" ]]; then - opts+=("--ssl-mode=REQUIRED") - else - opts+=("--ssl=TRUE") - fi - # Add "--ssl-ca", "--ssl-key" and "--ssl-cert" options if the env vars are defined - for key in ca key cert; do - value="$(mysql_client_env_value "SSL_${key^^}_FILE")" - [[ -n "${value}" ]] && opts+=("--ssl-${key}=${value}") - done - fi - echo "${opts[@]:-}" -} diff --git a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/libphp.sh b/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/libphp.sh deleted file mode 100644 index a107519847f5..000000000000 --- a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/libphp.sh +++ /dev/null @@ -1,260 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami PHP library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libfile.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libwebserver.sh - -######################## -# Add or modify an entry in the main PHP configuration file (php.ini) -# Globals: -# PHP_CONF_FILE -# Arguments: -# $1 - Key -# $2 - Value -# $3 - File to modify (default: $PHP_CONF_FILE) -# Returns: -# None -######################### -php_conf_set() { - local -r key="${1:?key missing}" - local -r value="${2:?value missing}" - local -r file="${3:-"$PHP_CONF_FILE"}" - local pattern="^[; ]*${key}\s*=.*$" - if [[ "$key" = "extension" || "$key" = "zend_extension" ]]; then - # The "extension" property works a bit different for PHP, as there is one per module to be included, meaning it is additive unlike other configurations - # Because of that, we first check if the extension was defined in the file to replace the proper entry - pattern="^[; ]*${key}\s*=\s*[\"]?${value}(\.so)?[\"]?\s*$" - fi - local -r entry="${key} = ${value}" - if is_file_writable "$file"; then - # Not using the ini-file tool since it does not play well with php.ini - if grep -q -E "$pattern" "$file"; then - replace_in_file "$file" "$pattern" "$entry" - else - cat >> "$file" <<< "$entry" - fi - else - warn "The PHP configuration file '${file}' is not writable. The '${key}' option will not be configured." - fi -} - -######################## -# Ensure PHP is initialized -# Globals: -# PHP_* -# Arguments: -# None -# Returns: -# None -######################### -php_initialize() { - # Configure PHP options based on the runtime environment - info "Configuring PHP options" - php_set_runtime_config "$PHP_CONF_FILE" - - # PHP-FPM configuration - ! is_empty_value "$PHP_FPM_LISTEN_ADDRESS" && info "Setting PHP-FPM listen option" && php_conf_set "listen" "$PHP_FPM_LISTEN_ADDRESS" "${PHP_CONF_DIR}/php-fpm.d/www.conf" - - # Avoid exit code of previous commands to affect the result of this function - true -} - -######################## -# Set PHP runtime options, based on user-provided environment variables -# Globals: -# PHP_* -# Arguments: -# None -# Returns: -# None -######################### -php_set_runtime_config() { - local -r conf_file="${1:?missing conf file}" - - ! is_empty_value "$PHP_DATE_TIMEZONE" && info "Setting PHP date.timezone option" && php_conf_set date.timezone "$PHP_DATE_TIMEZONE" "$conf_file" - ! is_empty_value "$PHP_ENABLE_OPCACHE" && info "Setting PHP opcache.enable option" && php_conf_set opcache.enable "$PHP_ENABLE_OPCACHE" "$conf_file" - ! is_empty_value "$PHP_EXPOSE_PHP" && info "Setting PHP expose_php option" && php_conf_set expose_php "$PHP_EXPOSE_PHP" "$conf_file" - ! is_empty_value "$PHP_MAX_EXECUTION_TIME" && info "Setting PHP max_execution_time option" && php_conf_set max_execution_time "$PHP_MAX_EXECUTION_TIME" "$conf_file" - ! is_empty_value "$PHP_MAX_INPUT_TIME" && info "Setting PHP max_input_time option" && php_conf_set max_input_time "$PHP_MAX_INPUT_TIME" "$conf_file" - ! is_empty_value "$PHP_MAX_INPUT_VARS" && info "Setting PHP max_input_vars option" && php_conf_set max_input_vars "$PHP_MAX_INPUT_VARS" "$conf_file" - ! is_empty_value "$PHP_MEMORY_LIMIT" && info "Setting PHP memory_limit option" && php_conf_set memory_limit "$PHP_MEMORY_LIMIT" "$conf_file" - ! is_empty_value "$PHP_POST_MAX_SIZE" && info "Setting PHP post_max_size option" && php_conf_set post_max_size "$PHP_POST_MAX_SIZE" "$conf_file" - ! is_empty_value "$PHP_UPLOAD_MAX_FILESIZE" && info "Setting PHP upload_max_filesize option" && php_conf_set upload_max_filesize "$PHP_UPLOAD_MAX_FILESIZE" "$conf_file" - ! is_empty_value "$PHP_OUTPUT_BUFFERING" && info "Setting PHP output_buffering option" && php_conf_set output_buffering "$PHP_OUTPUT_BUFFERING" "$conf_file" - - true -} - -######################## -# Convert a yes/no value to a PHP boolean -# Globals: -# None -# Arguments: -# $1 - yes/no value -# Returns: -# None -######################### -php_convert_to_boolean() { - local -r value="${1:?missing value}" - is_boolean_yes "$value" && echo "true" || echo "false" -} - -######################## -# Execute/run PHP code and print to stdout -# Globals: -# None -# Stdin: -# Code to execute -# Arguments: -# $1..$n - Input arguments to script -# Returns: -# None -######################### -php_execute_print_output() { - local php_cmd - # Obtain the command specified via stdin - php_cmd="$(/dev/null 2>&1 & - if ! retry_while "is_php_fpm_running"; then - error "php-fpm did not start" - error_code=1 - else - info "php-fpm started" - fi -else - info "php-fpm is already running" -fi - -exit "$error_code" diff --git a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/php/status.sh b/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/php/status.sh deleted file mode 100755 index fcb71cf40410..000000000000 --- a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/php/status.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libphp.sh -. /opt/bitnami/scripts/liblog.sh - -# Load PHP-FPM environment variables -. /opt/bitnami/scripts/php-env.sh - -if is_php_fpm_running; then - info "php-fpm is already running" -else - info "php-fpm is not running" -fi diff --git a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/php/stop.sh b/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/php/stop.sh deleted file mode 100755 index 153f256030eb..000000000000 --- a/bitnami/mediawiki/1/debian-11/rootfs/opt/bitnami/scripts/php/stop.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libphp.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh - -# Load PHP-FPM environment variables -. /opt/bitnami/scripts/php-env.sh - -error_code=0 - -if is_php_fpm_running; then - BITNAMI_QUIET=1 php_fpm_stop - if ! retry_while "is_php_fpm_not_running"; then - error "php-fpm could not be stopped" - error_code=1 - else - info "php-fpm stopped" - fi -else - info "php-fpm is not running" -fi - -exit "$error_code" diff --git a/bitnami/mediawiki/1/debian-11/rootfs/post-init.d/php.sh b/bitnami/mediawiki/1/debian-11/rootfs/post-init.d/php.sh deleted file mode 100755 index 75fbeb8b58bc..000000000000 --- a/bitnami/mediawiki/1/debian-11/rootfs/post-init.d/php.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Executes custom PHP init scripts - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries with logging functions -if [[ -f /opt/bitnami/base/functions ]]; then - . /opt/bitnami/base/functions -else - . /opt/bitnami/scripts/liblog.sh -fi - -# Loop through all input files passed via stdin -read -r -a custom_init_scripts <<< "$@" -failure=0 -if [[ "${#custom_init_scripts[@]}" -gt 0 ]]; then - for custom_init_script in "${custom_init_scripts[@]}"; do - [[ "$custom_init_script" != *".php" ]] && continue - info "Executing ${custom_init_script} with PHP interpreter" - php "$custom_init_script" || failure=1 - [[ "$failure" -ne 0 ]] && error "Failed to execute ${custom_init_script}" - done -fi - -exit "$failure" diff --git a/bitnami/mediawiki/1/debian-11/rootfs/post-init.d/shell.sh b/bitnami/mediawiki/1/debian-11/rootfs/post-init.d/shell.sh deleted file mode 100755 index 15ec2defbee7..000000000000 --- a/bitnami/mediawiki/1/debian-11/rootfs/post-init.d/shell.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Executes custom Bash init scripts - -# shellcheck disable=SC1090,SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries with logging functions -if [[ -f /opt/bitnami/base/functions ]]; then - . /opt/bitnami/base/functions -else - . /opt/bitnami/scripts/liblog.sh -fi - -# Loop through all input files passed via stdin -read -r -a custom_init_scripts <<< "$@" -failure=0 -if [[ "${#custom_init_scripts[@]}" -gt 0 ]]; then - for custom_init_script in "${custom_init_scripts[@]}"; do - [[ "$custom_init_script" != *".sh" ]] && continue - if [[ -x "$custom_init_script" ]]; then - info "Executing ${custom_init_script}" - "$custom_init_script" || failure="1" - else - info "Sourcing ${custom_init_script} as it is not executable by the current user, any error may cause initialization to fail" - . "$custom_init_script" - fi - [[ "$failure" -ne 0 ]] && error "Failed to execute ${custom_init_script}" - done -fi - -exit "$failure" diff --git a/bitnami/mediawiki/1/debian-11/rootfs/post-init.d/sql-mysql.sh b/bitnami/mediawiki/1/debian-11/rootfs/post-init.d/sql-mysql.sh deleted file mode 100755 index 3618812a8335..000000000000 --- a/bitnami/mediawiki/1/debian-11/rootfs/post-init.d/sql-mysql.sh +++ /dev/null @@ -1,48 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Executes custom MySQL (.sql or .sql.gz) init scripts - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries with logging functions -if [[ -f /opt/bitnami/base/functions ]]; then - . /opt/bitnami/base/functions -else - . /opt/bitnami/scripts/liblog.sh -fi - -mysql_execute() { - local -r sql_file="${1:?missing file}" - local failure=0 - mysql_cmd=("mysql" "-h" "$MARIADB_HOST" "-P" "$MARIADB_PORT_NUMBER" "-u" "$MARIADB_ROOT_USER") - if [[ "${ALLOW_EMPTY_PASSWORD:-no}" != "yes" ]]; then - mysql_cmd+=("-p${MARIADB_ROOT_PASSWORD}") - fi - if [[ "$sql_file" == *".sql" ]]; then - "${mysql_cmd[@]}" < "$sql_file" || failure=$? - elif [[ "$sql_file" == *".sql.gz" ]]; then - gunzip -c "$sql_file" | "${mysql_cmd[@]}" || failure=$? - fi - return "$failure" -} - -# Loop through all input files passed via stdin -read -r -a custom_init_scripts <<< "$@" -failure=0 -if [[ "${#custom_init_scripts[@]}" -gt 0 ]]; then - for custom_init_script in "${custom_init_scripts[@]}"; do - [[ ! "$custom_init_script" =~ ^.*(\.sql|\.sql\.gz)$ ]] && continue - info "Executing ${custom_init_script}" - mysql_execute "$custom_init_script" || failure=1 - [[ "$failure" -ne 0 ]] && error "Failed to execute ${custom_init_script}" - done -fi - -exit "$failure" diff --git a/bitnami/mediawiki/1/debian-11/rootfs/post-init.sh b/bitnami/mediawiki/1/debian-11/rootfs/post-init.sh deleted file mode 100755 index f4b01fd35bd9..000000000000 --- a/bitnami/mediawiki/1/debian-11/rootfs/post-init.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Only execute init scripts once -if [[ ! -f "/bitnami/mediawiki/.user_scripts_initialized" && -d "/docker-entrypoint-init.d" ]]; then - read -r -a init_scripts <<< "$(find "/docker-entrypoint-init.d" -type f -print0 | sort -z | xargs -0)" - if [[ "${#init_scripts[@]}" -gt 0 ]] && [[ ! -f "/bitnami/mediawiki/.user_scripts_initialized" ]]; then - mkdir -p "/bitnami/mediawiki" - for init_script in "${init_scripts[@]}"; do - for init_script_type_handler in /post-init.d/*.sh; do - "$init_script_type_handler" "$init_script" - done - done - fi - - touch "/bitnami/mediawiki/.user_scripts_initialized" -fi diff --git a/bitnami/mediawiki/1/debian-11/tags-info.yaml b/bitnami/mediawiki/1/debian-11/tags-info.yaml deleted file mode 100644 index 09cf9a1eb4e4..000000000000 --- a/bitnami/mediawiki/1/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "1" -- 1-debian-11 -- 1.41.0 -- latest diff --git a/bitnami/memcached-exporter/0/debian-11/Dockerfile b/bitnami/memcached-exporter/0/debian-11/Dockerfile deleted file mode 100644 index 08ce381d3e7c..000000000000 --- a/bitnami/memcached-exporter/0/debian-11/Dockerfile +++ /dev/null @@ -1,54 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T12:18:15Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="0.14.2-debian-11-r23" \ - org.opencontainers.image.title="memcached-exporter" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="0.14.2" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "memcached-exporter-0.14.2-4-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="0.14.2" \ - BITNAMI_APP_NAME="memcached-exporter" \ - PATH="/opt/bitnami/memcached-exporter/bin:$PATH" - -EXPOSE 9150 - -WORKDIR /opt/bitnami/memcached-exporter -USER 1001 -ENTRYPOINT [ "memcached_exporter" ] diff --git a/bitnami/memcached-exporter/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/memcached-exporter/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 2617041f090e..000000000000 --- a/bitnami/memcached-exporter/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "memcached-exporter": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "0.14.2-4" - } -} \ No newline at end of file diff --git a/bitnami/memcached-exporter/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/memcached-exporter/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/memcached-exporter/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/memcached-exporter/0/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/memcached-exporter/0/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/memcached-exporter/0/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/memcached-exporter/0/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/memcached-exporter/0/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/memcached-exporter/0/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/memcached-exporter/0/debian-11/tags-info.yaml b/bitnami/memcached-exporter/0/debian-11/tags-info.yaml deleted file mode 100644 index e308a3016a66..000000000000 --- a/bitnami/memcached-exporter/0/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "0" -- 0-debian-11 -- 0.14.2 -- latest diff --git a/bitnami/memcached/1/debian-11/Dockerfile b/bitnami/memcached/1/debian-11/Dockerfile deleted file mode 100644 index 2ebcd3c66b49..000000000000 --- a/bitnami/memcached/1/debian-11/Dockerfile +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T12:19:05Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="1.6.23-debian-11-r21" \ - org.opencontainers.image.title="memcached" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="1.6.23" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libevent-2.1-7 libsasl2-2 libsasl2-modules libssl1.1 netcat-openbsd procps sasl2-bin -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "memcached-1.6.23-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN ln -s /opt/bitnami/scripts/memcached/entrypoint.sh /entrypoint.sh -RUN ln -s /opt/bitnami/scripts/memcached/run.sh /run.sh - -COPY rootfs / -RUN /opt/bitnami/scripts/memcached/postunpack.sh -ENV APP_VERSION="1.6.23" \ - BITNAMI_APP_NAME="memcached" \ - PATH="/opt/bitnami/memcached/bin:$PATH" - -EXPOSE 11211 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/memcached/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/memcached/run.sh" ] diff --git a/bitnami/memcached/1/debian-11/docker-compose.yml b/bitnami/memcached/1/debian-11/docker-compose.yml deleted file mode 100644 index db19066887c6..000000000000 --- a/bitnami/memcached/1/debian-11/docker-compose.yml +++ /dev/null @@ -1,10 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' - -services: - memcached: - image: docker.io/bitnami/memcached:1 - ports: - - '11211:11211' diff --git a/bitnami/memcached/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/memcached/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index cbb972ac3329..000000000000 --- a/bitnami/memcached/1/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "memcached": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.6.23-1" - } -} \ No newline at end of file diff --git a/bitnami/memcached/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/memcached/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/memcached/1/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/memcached/1/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/memcached/1/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/memcached/1/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/memcached/1/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/memcached/1/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/memcached/1/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/memcached/1/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/memcached/1/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/memcached/1/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/memcached/1/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/memcached/1/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/memcached/1/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/memcached/1/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/memcached/1/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/memcached/1/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/memcached/1/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/memcached/1/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/memcached/1/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/memcached/1/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/memcached/1/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/memcached/1/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/memcached/1/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/memcached/1/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/memcached/1/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/memcached/1/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/memcached/1/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/memcached/1/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/memcached/1/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/memcached/1/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/memcached/1/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/memcached/1/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/memcached/1/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/memcached/1/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/memcached/1/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/memcached/1/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/memcached/1/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/memcached/1/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/memcached/1/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/memcached/1/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/memcached/1/debian-11/rootfs/opt/bitnami/scripts/libmemcached.sh b/bitnami/memcached/1/debian-11/rootfs/opt/bitnami/scripts/libmemcached.sh deleted file mode 100644 index 93cc5dd4da15..000000000000 --- a/bitnami/memcached/1/debian-11/rootfs/opt/bitnami/scripts/libmemcached.sh +++ /dev/null @@ -1,177 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami Memcached library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Validate settings in MEMCACHED_* env vars -# Globals: -# MEMCACHED_PORT_NUMBER -# Arguments: -# None -# Returns: -# None -######################### -memcached_validate() { - local error_code=0 - debug "Validating settings in MEMCACHED_* env vars" - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - # Memcached port validation - local validate_port_args=() - validate_port_args+=("-unprivileged") - if ! err=$(validate_port "${validate_port_args[@]}" "${MEMCACHED_PORT_NUMBER}"); then - print_validation_error "An invalid port was specified in the environment variable MEMCACHED_PORT_NUMBER: $err" - fi - - # Memcached Cache Size validation - if [[ -n "${MEMCACHED_CACHE_SIZE}" ]] && ! is_positive_int "${MEMCACHED_CACHE_SIZE}"; then - print_validation_error "The variable MEMCACHED_CACHE_SIZE must be positive integer" - fi - - # Memcached Max Connections validation - if [[ -n "${MEMCACHED_MAX_CONNECTIONS}" ]] && ! is_positive_int "${MEMCACHED_MAX_CONNECTIONS}"; then - print_validation_error "The variable MEMCACHED_MAX_CONNECTIONS must be positive integer" - fi - - # Memcached Threads validation - if [[ -n "${MEMCACHED_THREADS}" ]] && ! is_positive_int "${MEMCACHED_THREADS}"; then - print_validation_error "The variable MEMCACHED_THREADS must be positive integer" - fi - - # Memcached Item size validation - if [[ -n "${MEMCACHED_MAX_ITEM_SIZE}" ]] && ! is_positive_int "${MEMCACHED_MAX_ITEM_SIZE}"; then - print_validation_error "The variable MEMCACHED_MAX_ITEM_SIZE must be positive integer" - fi - - [[ "${error_code}" -eq 0 ]] || exit "$error_code" -} - -######################## -# Ensure Memcached is initialized -# Globals: -# MEMCACHED_USERNAME -# MEMCACHED_PASSWORD -# Arguments: -# None -# Returns: -# None -######################### -memcached_initialize() { - info "Initializing Memcached" - - if [[ ! -f "${SASL_CONF_FILE}" && -n "${MEMCACHED_PASSWORD}" ]]; then - info "Enabling authentication" - memcached_enable_authentication "${MEMCACHED_USERNAME}" "${MEMCACHED_PASSWORD}" - fi -} - -######################## -# Create SASL user -# Globals: -# SASL_DB_FILE -# Arguments: -# $1 - username -# $2 - password -# Returns: -# None -######################### -memcached_create_user() { - local user="${1:?user is required}" - local password="${2:?password is required}" - debug "Creating memcached user '${user}'" - echo "${password}" | saslpasswd2 -f "${SASL_DB_FILE}" -a "memcached" -c "${user}" -p - # The SASL database file is created with 0640 permissions and owned by the creation user - # In order to Memcached having write privileges over the file, only the group will be set - ! am_i_root || chgrp "${MEMCACHED_DAEMON_GROUP}" "${SASL_DB_FILE}" -} - -######################## -# Enable authentication for Memcached -# Globals: -# SASL_CONF_FILE -# SASL_DB_FILE -# Arguments: -# $1 - username -# $2 - password -# Returns: -# None -######################### -memcached_enable_authentication() { - local user="${1:?user is required}" - local password="${2:?password is required}" - - memcached_create_user "${user}" "${password}" - - debug "Generating config file '${SASL_CONF_FILE}'" - cat >"${SASL_CONF_FILE}" </dev/null - fi -} diff --git a/bitnami/memcached/1/debian-11/rootfs/opt/bitnami/scripts/memcached-env.sh b/bitnami/memcached/1/debian-11/rootfs/opt/bitnami/scripts/memcached-env.sh deleted file mode 100644 index 5947443066e7..000000000000 --- a/bitnami/memcached/1/debian-11/rootfs/opt/bitnami/scripts/memcached-env.sh +++ /dev/null @@ -1,81 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for memcached - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-memcached}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -memcached_env_vars=( - MEMCACHED_LISTEN_ADDRESS - MEMCACHED_PORT_NUMBER - MEMCACHED_USERNAME - MEMCACHED_PASSWORD - MEMCACHED_MAX_ITEM_SIZE - MEMCACHED_EXTRA_FLAGS - MEMCACHED_MAX_TIMEOUT - MEMCACHED_CACHE_SIZE - MEMCACHED_MAX_CONNECTIONS - MEMCACHED_THREADS -) -for env_var in "${memcached_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset memcached_env_vars - -# Paths -export MEMCACHED_BASE_DIR="${BITNAMI_ROOT_DIR}/memcached" -export MEMCACHED_CONF_DIR="${MEMCACHED_BASE_DIR}/conf" -export MEMCACHED_DEFAULT_CONF_DIR="${MEMCACHED_BASE_DIR}/conf.default" -export MEMCACHED_BIN_DIR="${MEMCACHED_BASE_DIR}/bin" -export PATH="${MEMCACHED_BIN_DIR}:${BITNAMI_ROOT_DIR}/common/bin:${PATH}" - -# SASL -export SASL_CONF_PATH="${MEMCACHED_CONF_DIR}/sasl2" -export SASL_CONF_FILE="${SASL_CONF_PATH}/memcached.conf" -export SASL_DB_FILE="${SASL_CONF_PATH}/memcachedsasldb" - -# System users (when running with a privileged user) -export MEMCACHED_DAEMON_USER="memcached" -export MEMCACHED_DAEMON_GROUP="memcached" - -# Memcached configuration -export MEMCACHED_LISTEN_ADDRESS="${MEMCACHED_LISTEN_ADDRESS:-}" -export MEMCACHED_PORT_NUMBER="${MEMCACHED_PORT_NUMBER:-11211}" -export MEMCACHED_USERNAME="${MEMCACHED_USERNAME:-root}" -export MEMCACHED_PASSWORD="${MEMCACHED_PASSWORD:-}" -export MEMCACHED_MAX_ITEM_SIZE="${MEMCACHED_MAX_ITEM_SIZE:-}" -export MEMCACHED_EXTRA_FLAGS="${MEMCACHED_EXTRA_FLAGS:-}" - -# Memcached optimizations -export MEMCACHED_MAX_TIMEOUT="${MEMCACHED_MAX_TIMEOUT:-5}" -export MEMCACHED_CACHE_SIZE="${MEMCACHED_CACHE_SIZE:-}" -export MEMCACHED_MAX_CONNECTIONS="${MEMCACHED_MAX_CONNECTIONS:-}" -export MEMCACHED_THREADS="${MEMCACHED_THREADS:-}" - -# Custom environment variables may be defined below diff --git a/bitnami/memcached/1/debian-11/rootfs/opt/bitnami/scripts/memcached/entrypoint.sh b/bitnami/memcached/1/debian-11/rootfs/opt/bitnami/scripts/memcached/entrypoint.sh deleted file mode 100755 index 21d8750c20a2..000000000000 --- a/bitnami/memcached/1/debian-11/rootfs/opt/bitnami/scripts/memcached/entrypoint.sh +++ /dev/null @@ -1,35 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libmemcached.sh - -# Load Memcached environment variables -. /opt/bitnami/scripts/memcached-env.sh - -print_welcome_page - -# We add the copy from default config in the entrypoint to not break users -# bypassing the setup.sh logic. If the file already exists do not overwrite (in -# case someone mounts a configuration file in /opt/bitnami/memcached/conf) -debug "Copying files from $MEMCACHED_DEFAULT_CONF_DIR to $MEMCACHED_CONF_DIR" -cp -nfr "$MEMCACHED_DEFAULT_CONF_DIR"/. "$MEMCACHED_CONF_DIR" - -if [[ "$*" = *"/opt/bitnami/scripts/memcached/run.sh"* || "$*" = *"/run.sh"* ]]; then - info "** Starting Memcached setup **" - /opt/bitnami/scripts/memcached/setup.sh - info "** Memcached setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/memcached/1/debian-11/rootfs/opt/bitnami/scripts/memcached/postunpack.sh b/bitnami/memcached/1/debian-11/rootfs/opt/bitnami/scripts/memcached/postunpack.sh deleted file mode 100755 index edbf0e04e4ca..000000000000 --- a/bitnami/memcached/1/debian-11/rootfs/opt/bitnami/scripts/memcached/postunpack.sh +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libmemcached.sh -. /opt/bitnami/scripts/libfs.sh - -# Load Memcached environment variables -. /opt/bitnami/scripts/memcached-env.sh - -# Ensure directories used by Memcached exist and have proper ownership and permissions -for dir in "$MEMCACHED_CONF_DIR" "$SASL_CONF_PATH"; do - ensure_dir_exists "$dir" - chmod -R g+rwX "$dir" -done - -# Copy all initially generated configuration files to the default directory -# (this is to avoid breaking when entrypoint is being overridden) -cp -r "${MEMCACHED_CONF_DIR}/"* "$MEMCACHED_DEFAULT_CONF_DIR" \ No newline at end of file diff --git a/bitnami/memcached/1/debian-11/rootfs/opt/bitnami/scripts/memcached/run.sh b/bitnami/memcached/1/debian-11/rootfs/opt/bitnami/scripts/memcached/run.sh deleted file mode 100755 index 91f27d5706a3..000000000000 --- a/bitnami/memcached/1/debian-11/rootfs/opt/bitnami/scripts/memcached/run.sh +++ /dev/null @@ -1,40 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libmemcached.sh - -# Load Memcached environment variables -. /opt/bitnami/scripts/memcached-env.sh - -# Configure arguments with extra flags -args=("-u" "$MEMCACHED_DAEMON_USER" "-p" "$MEMCACHED_PORT_NUMBER" "-v") -[[ -n "$MEMCACHED_LISTEN_ADDRESS" ]] && args+=("-l" "$MEMCACHED_LISTEN_ADDRESS") -# SASL -[[ -f "$SASL_DB_FILE" ]] && args+=("-S") -# Memory configuration -[[ -n "$MEMCACHED_CACHE_SIZE" ]] && args+=("-m" "$MEMCACHED_CACHE_SIZE") -[[ -n "$MEMCACHED_MAX_CONNECTIONS" ]] && args+=("-c" "$MEMCACHED_MAX_CONNECTIONS") -[[ -n "$MEMCACHED_THREADS" ]] && args+=("-t" "$MEMCACHED_THREADS") -[[ -n "$MEMCACHED_MAX_ITEM_SIZE" ]] && args+=("-I" "$MEMCACHED_MAX_ITEM_SIZE") -# Extra flags -read -r -a extra_flags <<<"$MEMCACHED_EXTRA_FLAGS" -[[ "${#extra_flags[@]}" -gt 0 ]] && args+=("${extra_flags[@]}") -args+=("$@") - -info "** Starting Memcached **" -if am_i_root; then - exec_as_user "$MEMCACHED_DAEMON_USER" memcached "${args[@]}" -else - exec memcached "${args[@]}" -fi diff --git a/bitnami/memcached/1/debian-11/rootfs/opt/bitnami/scripts/memcached/setup.sh b/bitnami/memcached/1/debian-11/rootfs/opt/bitnami/scripts/memcached/setup.sh deleted file mode 100755 index ae0a993f7601..000000000000 --- a/bitnami/memcached/1/debian-11/rootfs/opt/bitnami/scripts/memcached/setup.sh +++ /dev/null @@ -1,30 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -# set -o xtrace # Uncomment this line for debugging purposes - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libmemcached.sh - -# Load Memcached environment variables -. /opt/bitnami/scripts/memcached-env.sh - -# Ensure Memcached environment variables are valid -memcached_validate - -# Create Memcached system user and group -if am_i_root; then - info "Creating Memcached daemon user" - ensure_user_exists "$MEMCACHED_DAEMON_USER" --group "$MEMCACHED_DAEMON_GROUP" -fi - -# Ensure Memcached is initialized -memcached_initialize diff --git a/bitnami/memcached/1/debian-11/tags-info.yaml b/bitnami/memcached/1/debian-11/tags-info.yaml deleted file mode 100644 index 88968b6c583c..000000000000 --- a/bitnami/memcached/1/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "1" -- 1-debian-11 -- 1.6.23 -- latest diff --git a/bitnami/metallb-controller/0/debian-11/Dockerfile b/bitnami/metallb-controller/0/debian-11/Dockerfile deleted file mode 100644 index 0f78c976ef12..000000000000 --- a/bitnami/metallb-controller/0/debian-11/Dockerfile +++ /dev/null @@ -1,52 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T13:40:25Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="0.14.3-debian-11-r19" \ - org.opencontainers.image.title="metallb-controller" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="0.14.3" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "metallb-0.14.3-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="0.14.3" \ - BITNAMI_APP_NAME="metallb-controller" \ - PATH="/opt/bitnami/metallb/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "controller" ] -CMD [ "--help" ] diff --git a/bitnami/metallb-controller/0/debian-11/docker-compose.yml b/bitnami/metallb-controller/0/debian-11/docker-compose.yml deleted file mode 100644 index c0b2ffd7a4ff..000000000000 --- a/bitnami/metallb-controller/0/debian-11/docker-compose.yml +++ /dev/null @@ -1,7 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' -services: - metallb: - image: docker.io/bitnami/metallb-controller:0 diff --git a/bitnami/metallb-controller/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/metallb-controller/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 3bd0d115b706..000000000000 --- a/bitnami/metallb-controller/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "metallb": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "0.14.3-1" - } -} \ No newline at end of file diff --git a/bitnami/metallb-controller/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/metallb-controller/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/metallb-controller/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/metallb-controller/0/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/metallb-controller/0/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/metallb-controller/0/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/metallb-controller/0/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/metallb-controller/0/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/metallb-controller/0/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/metallb-controller/0/debian-11/tags-info.yaml b/bitnami/metallb-controller/0/debian-11/tags-info.yaml deleted file mode 100644 index 074d6e9864f7..000000000000 --- a/bitnami/metallb-controller/0/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "0" -- 0-debian-11 -- 0.14.3 -- latest diff --git a/bitnami/metallb-speaker/0/debian-11/Dockerfile b/bitnami/metallb-speaker/0/debian-11/Dockerfile deleted file mode 100644 index c452cad629ae..000000000000 --- a/bitnami/metallb-speaker/0/debian-11/Dockerfile +++ /dev/null @@ -1,52 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T17:09:42Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="0.14.3-debian-11-r20" \ - org.opencontainers.image.title="metallb-speaker" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="0.14.3" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "metallb-speaker-0.14.3-1-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -ENV APP_VERSION="0.14.3" \ - BITNAMI_APP_NAME="metallb-speaker" \ - PATH="/opt/bitnami/metallb-speaker/bin:$PATH" - -USER 1001 -ENTRYPOINT [ "speaker" ] -CMD [ "--help" ] diff --git a/bitnami/metallb-speaker/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/metallb-speaker/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index f3fd437e68d3..000000000000 --- a/bitnami/metallb-speaker/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "metallb-speaker": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "0.14.3-1" - } -} \ No newline at end of file diff --git a/bitnami/metallb-speaker/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/metallb-speaker/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/metallb-speaker/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/metallb-speaker/0/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/metallb-speaker/0/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/metallb-speaker/0/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/metallb-speaker/0/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/metallb-speaker/0/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/metallb-speaker/0/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/metallb-speaker/0/debian-11/tags-info.yaml b/bitnami/metallb-speaker/0/debian-11/tags-info.yaml deleted file mode 100644 index 074d6e9864f7..000000000000 --- a/bitnami/metallb-speaker/0/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "0" -- 0-debian-11 -- 0.14.3 -- latest diff --git a/bitnami/metrics-server/0/debian-11/Dockerfile b/bitnami/metrics-server/0/debian-11/Dockerfile deleted file mode 100644 index 60aaf82d749a..000000000000 --- a/bitnami/metrics-server/0/debian-11/Dockerfile +++ /dev/null @@ -1,55 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T13:46:10Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="0.7.0-debian-11-r19" \ - org.opencontainers.image.title="metrics-server" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="0.7.0" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "metrics-server-0.7.0-2-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -RUN chown -R 1001:root /opt/bitnami/metrics-server && chmod -R g+rwX /opt/bitnami/metrics-server -ENV APP_VERSION="0.7.0" \ - BITNAMI_APP_NAME="metrics-server" \ - PATH="/opt/bitnami/metrics-server/bin:$PATH" - -EXPOSE 8443 - -WORKDIR /opt/bitnami/metrics-server -USER 1001 -ENTRYPOINT [ "metrics-server", "--secure-port=8443", "--cert-dir=/opt/bitnami/metrics-server/certificates" ] diff --git a/bitnami/metrics-server/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/metrics-server/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 956ed6aff3e6..000000000000 --- a/bitnami/metrics-server/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "metrics-server": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "0.7.0-2" - } -} \ No newline at end of file diff --git a/bitnami/metrics-server/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/metrics-server/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/metrics-server/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/metrics-server/0/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/metrics-server/0/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/metrics-server/0/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/metrics-server/0/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/metrics-server/0/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/metrics-server/0/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/metrics-server/0/debian-11/tags-info.yaml b/bitnami/metrics-server/0/debian-11/tags-info.yaml deleted file mode 100644 index 34402fa8fc96..000000000000 --- a/bitnami/metrics-server/0/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "0" -- 0-debian-11 -- 0.7.0 -- latest diff --git a/bitnami/milvus/2/debian-11/Dockerfile b/bitnami/milvus/2/debian-11/Dockerfile deleted file mode 100644 index 8a6aa2343015..000000000000 --- a/bitnami/milvus/2/debian-11/Dockerfile +++ /dev/null @@ -1,57 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T05:52:33Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="2.3.9-debian-11-r0" \ - org.opencontainers.image.title="milvus" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="2.3.9" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libgcc-s1 libgomp1 libstdc++6 procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "yq-4.41.1-0-linux-${OS_ARCH}-debian-11" \ - "wait-for-port-1.0.7-8-linux-${OS_ARCH}-debian-11" \ - "render-template-1.0.6-8-linux-${OS_ARCH}-debian-11" \ - "milvus-2.3.9-0-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN useradd -r -u 1001 -g root milvus -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN mkdir -p /opt/bitnami/milvus/tmp && chmod g+rwX /opt/bitnami/milvus/tmp && ln -s /opt/bitnami/milvus/tmp /run/milvus && mkdir -p /bitnami/milvus/data && chmod g+rwX /bitnami/milvus/data && ln -s /bitnami/milvus/data /var/lib/milvus && ln -s /opt/bitnami/milvus /milvus - -ENV APP_VERSION="2.3.9" \ - BITNAMI_APP_NAME="milvus" \ - LD_LIBRARY_PATH="/opt/bitnami/milvus/lib:$LD_LIBRARY_PATH" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/milvus/bin:$PATH" - -WORKDIR /opt/bitnami/milvus -USER 1001 -ENTRYPOINT [ "/opt/bitnami/milvus/bin/milvus" ] diff --git a/bitnami/milvus/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/milvus/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 7646392248bb..000000000000 --- a/bitnami/milvus/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,26 +0,0 @@ -{ - "milvus": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.3.9-0" - }, - "render-template": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.6-8" - }, - "wait-for-port": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.7-8" - }, - "yq": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "4.41.1-0" - } -} \ No newline at end of file diff --git a/bitnami/milvus/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/milvus/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/milvus/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/milvus/2/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/milvus/2/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/milvus/2/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/milvus/2/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/milvus/2/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/milvus/2/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/milvus/2/debian-11/tags-info.yaml b/bitnami/milvus/2/debian-11/tags-info.yaml deleted file mode 100644 index 494a0503e9bd..000000000000 --- a/bitnami/milvus/2/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "2" -- 2-debian-11 -- 2.3.9 -- latest diff --git a/bitnami/minio-client/2024/debian-11/Dockerfile b/bitnami/minio-client/2024/debian-11/Dockerfile deleted file mode 100644 index 5d5e7850b2e5..000000000000 --- a/bitnami/minio-client/2024/debian-11/Dockerfile +++ /dev/null @@ -1,55 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-17T04:23:43Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="2024.2.16-debian-11-r0" \ - org.opencontainers.image.title="minio-client" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="2024.2.16" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl jq procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "minio-client-2024.2.16-0-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/minio-client/postunpack.sh -ENV APP_VERSION="2024.2.16" \ - BITNAMI_APP_NAME="minio-client" \ - PATH="/opt/bitnami/minio-client/bin:$PATH" - -WORKDIR /opt/bitnami/minio-client -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/minio-client/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/minio-client/run.sh" ] diff --git a/bitnami/minio-client/2024/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/minio-client/2024/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index a94e2adedbeb..000000000000 --- a/bitnami/minio-client/2024/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "minio-client": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2024.2.16-0" - } -} \ No newline at end of file diff --git a/bitnami/minio-client/2024/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/minio-client/2024/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/minio-client/2024/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/minio-client/2024/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/minio-client/2024/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/minio-client/2024/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/minio-client/2024/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/minio-client/2024/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/minio-client/2024/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/minio-client/2024/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/minio-client/2024/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/minio-client/2024/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/minio-client/2024/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/minio-client/2024/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/minio-client/2024/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/minio-client/2024/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/minio-client/2024/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/minio-client/2024/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/minio-client/2024/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/minio-client/2024/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/minio-client/2024/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/minio-client/2024/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/minio-client/2024/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/minio-client/2024/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/minio-client/2024/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/minio-client/2024/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/minio-client/2024/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/minio-client/2024/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/minio-client/2024/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/minio-client/2024/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/minio-client/2024/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/minio-client/2024/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/minio-client/2024/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/minio-client/2024/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/minio-client/2024/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/minio-client/2024/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/minio-client/2024/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/minio-client/2024/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/minio-client/2024/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/minio-client/2024/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/minio-client/2024/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/minio-client/2024/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/minio-client/2024/debian-11/rootfs/opt/bitnami/scripts/libminioclient.sh b/bitnami/minio-client/2024/debian-11/rootfs/opt/bitnami/scripts/libminioclient.sh deleted file mode 100644 index 571f6a4818f5..000000000000 --- a/bitnami/minio-client/2024/debian-11/rootfs/opt/bitnami/scripts/libminioclient.sh +++ /dev/null @@ -1,109 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami MinIO Client library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Check if a bucket already exists -# Globals: -# MINIO_CLIENT_CONF_DIR -# Arguments: -# $1 - Bucket name -# Returns: -# Boolean -minio_client_bucket_exists() { - local -r bucket_name="${1:?bucket required}" - if minio_client_execute stat "${bucket_name}" >/dev/null 2>&1; then - true - else - false - fi -} - -######################## -# Execute an arbitrary MinIO client command -# Globals: -# MINIO_CLIENT_CONF_DIR -# Arguments: -# $@ - Command to execute -# Returns: -# None -minio_client_execute() { - local -r args=("--config-dir" "${MINIO_CLIENT_CONF_DIR}" "--quiet" "$@") - local exec - exec=$(command -v mc) - - if am_i_root; then - run_as_user "$MINIO_DAEMON_USER" "${exec}" "${args[@]}" - else - "${exec}" "${args[@]}" - fi -} - -######################## -# Execute an arbitrary MinIO client command with a 2s timeout -# Globals: -# MINIO_CLIENT_CONF_DIR -# Arguments: -# $@ - Command to execute -# Returns: -# None -minio_client_execute_timeout() { - local -r args=("--config-dir" "${MINIO_CLIENT_CONF_DIR}" "--quiet" "$@") - local exec - exec=$(command -v mc) - - if am_i_root; then - cat > /tmp/cmd.sh << EOF -#!/bin/bash -# timeout forks its own shell process, so we need to provide it with the expected environment -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/minio-env.sh -. /opt/bitnami/scripts/minio-client-env.sh -. /opt/bitnami/scripts/libminio.sh -. /opt/bitnami/scripts/libminioclient.sh -run_as_user "$MINIO_DAEMON_USER" "${exec}" ${args[@]} -EOF - chmod +x /tmp/cmd.sh - timeout 5s bash -c "/tmp/cmd.sh" - rm -f /tmp/cmd.sh - else - timeout 5s "${exec}" "${args[@]}" - fi -} - -######################## -# Configure MinIO Client to use a MinIO server -# Globals: -# MINIO_SERVER_* -# Arguments: -# None -# Returns: -# Series of exports to be used as 'eval' arguments -######################### -minio_client_configure_server() { - if [[ -n "$MINIO_SERVER_HOST" ]] && [[ -n "$MINIO_SERVER_ROOT_USER" ]] && [[ -n "$MINIO_SERVER_ROOT_PASSWORD" ]]; then - info "Adding Minio host to 'mc' configuration..." - minio_client_execute config host add minio "${MINIO_SERVER_SCHEME}://${MINIO_SERVER_HOST}:${MINIO_SERVER_PORT_NUMBER}" "${MINIO_SERVER_ROOT_USER}" "${MINIO_SERVER_ROOT_PASSWORD}" - fi -} - -######################## -# Configure MinIO Client to use a local MinIO server -# Arguments: -# None -# Returns: -# Series of exports to be used as 'eval' arguments -######################### -minio_client_configure_local() { - info "Adding local Minio host to 'mc' configuration..." - minio_client_execute config host add local "${MINIO_SERVER_SCHEME}://localhost:${MINIO_SERVER_PORT_NUMBER}" "${MINIO_SERVER_ROOT_USER}" "${MINIO_SERVER_ROOT_PASSWORD}" >/dev/null 2>&1 -} diff --git a/bitnami/minio-client/2024/debian-11/rootfs/opt/bitnami/scripts/minio-client-env.sh b/bitnami/minio-client/2024/debian-11/rootfs/opt/bitnami/scripts/minio-client-env.sh deleted file mode 100644 index 0ae04116847a..000000000000 --- a/bitnami/minio-client/2024/debian-11/rootfs/opt/bitnami/scripts/minio-client-env.sh +++ /dev/null @@ -1,74 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for minio-client - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-minio-client}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -minio_client_env_vars=( - MINIO_CLIENT_CONF_DIR - MINIO_SERVER_HOST - MINIO_SERVER_PORT_NUMBER - MINIO_SERVER_SCHEME - MINIO_SERVER_ROOT_USER - MINIO_SERVER_ROOT_PASSWORD - MINIO_CLIENT_ACCESS_KEY - MINIO_SERVER_ACCESS_KEY - MINIO_CLIENT_SECRET_KEY - MINIO_SERVER_SECRET_KEY -) -for env_var in "${minio_client_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset minio_client_env_vars - -# Paths -export MINIO_CLIENT_BASE_DIR="${BITNAMI_ROOT_DIR}/minio-client" -export MINIO_CLIENT_BIN_DIR="${MINIO_CLIENT_BASE_DIR}/bin" -export MINIO_CLIENT_CONF_DIR="${MINIO_CLIENT_CONF_DIR:-/.mc}" -export PATH="${MINIO_CLIENT_BIN_DIR}:${PATH}" - -# MinIO Client configuration -export MINIO_SERVER_HOST="${MINIO_SERVER_HOST:-}" -export MINIO_SERVER_PORT_NUMBER="${MINIO_SERVER_PORT_NUMBER:-9000}" -export MINIO_SERVER_SCHEME="${MINIO_SERVER_SCHEME:-http}" - -# MinIO Client security -MINIO_SERVER_ROOT_USER="${MINIO_SERVER_ROOT_USER:-"${MINIO_CLIENT_ACCESS_KEY:-}"}" -MINIO_SERVER_ROOT_USER="${MINIO_SERVER_ROOT_USER:-"${MINIO_SERVER_ACCESS_KEY:-}"}" -export MINIO_SERVER_ROOT_USER="${MINIO_SERVER_ROOT_USER:-}" -MINIO_SERVER_ROOT_PASSWORD="${MINIO_SERVER_ROOT_PASSWORD:-"${MINIO_CLIENT_SECRET_KEY:-}"}" -MINIO_SERVER_ROOT_PASSWORD="${MINIO_SERVER_ROOT_PASSWORD:-"${MINIO_SERVER_SECRET_KEY:-}"}" -export MINIO_SERVER_ROOT_PASSWORD="${MINIO_SERVER_ROOT_PASSWORD:-}" - -# System users (when running with a privileged user) -export MINIO_DAEMON_USER="minio" -export MINIO_DAEMON_GROUP="minio" - -# Custom environment variables may be defined below diff --git a/bitnami/minio-client/2024/debian-11/rootfs/opt/bitnami/scripts/minio-client/entrypoint.sh b/bitnami/minio-client/2024/debian-11/rootfs/opt/bitnami/scripts/minio-client/entrypoint.sh deleted file mode 100755 index 675502bd2ddd..000000000000 --- a/bitnami/minio-client/2024/debian-11/rootfs/opt/bitnami/scripts/minio-client/entrypoint.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -#set -o xtrace - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -print_welcome_page - -if [[ "$*" = *"/opt/bitnami/scripts/minio-client/run.sh"* ]]; then - info "** Starting MinIO Client setup **" - /opt/bitnami/scripts/minio-client/setup.sh - info "** MinIO Client setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/minio-client/2024/debian-11/rootfs/opt/bitnami/scripts/minio-client/postunpack.sh b/bitnami/minio-client/2024/debian-11/rootfs/opt/bitnami/scripts/minio-client/postunpack.sh deleted file mode 100755 index 3b5d18050d14..000000000000 --- a/bitnami/minio-client/2024/debian-11/rootfs/opt/bitnami/scripts/minio-client/postunpack.sh +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libminioclient.sh - -# Load MinIO Client environment -. /opt/bitnami/scripts/minio-client-env.sh - -for dir in "$MINIO_CLIENT_BASE_DIR" "$MINIO_CLIENT_CONF_DIR"; do - ensure_dir_exists "$dir" -done -chmod -R g+rwX "$MINIO_CLIENT_BASE_DIR" "$MINIO_CLIENT_CONF_DIR" diff --git a/bitnami/minio-client/2024/debian-11/rootfs/opt/bitnami/scripts/minio-client/run.sh b/bitnami/minio-client/2024/debian-11/rootfs/opt/bitnami/scripts/minio-client/run.sh deleted file mode 100755 index 5622423ed951..000000000000 --- a/bitnami/minio-client/2024/debian-11/rootfs/opt/bitnami/scripts/minio-client/run.sh +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -#set -o xtrace - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libminioclient.sh - -# Load MinIO Client environment -. /opt/bitnami/scripts/minio-client-env.sh - -# Constants -EXEC=$(command -v mc) -ARGS=("--config-dir" "${MINIO_CLIENT_CONF_DIR}" "$@") - -if am_i_root; then - exec_as_user "${MINIO_CLIENT_DAEMON_USER}" "${EXEC}" "${ARGS[@]}" -else - exec "${EXEC}" "${ARGS[@]}" -fi diff --git a/bitnami/minio-client/2024/debian-11/rootfs/opt/bitnami/scripts/minio-client/setup.sh b/bitnami/minio-client/2024/debian-11/rootfs/opt/bitnami/scripts/minio-client/setup.sh deleted file mode 100755 index 914634e4dc62..000000000000 --- a/bitnami/minio-client/2024/debian-11/rootfs/opt/bitnami/scripts/minio-client/setup.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -#set -o xtrace - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/libminioclient.sh - -# Load MinIO Client environment -. /opt/bitnami/scripts/minio-client-env.sh - -# Configure MinIO Client to use a MinIO server -minio_client_configure_server diff --git a/bitnami/minio-client/2024/debian-11/tags-info.yaml b/bitnami/minio-client/2024/debian-11/tags-info.yaml deleted file mode 100644 index c16bc80ce854..000000000000 --- a/bitnami/minio-client/2024/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "2024" -- 2024-debian-11 -- 2024.2.16 -- latest diff --git a/bitnami/minio/2024/debian-11/Dockerfile b/bitnami/minio/2024/debian-11/Dockerfile deleted file mode 100644 index 0b9b57c85c22..000000000000 --- a/bitnami/minio/2024/debian-11/Dockerfile +++ /dev/null @@ -1,61 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-17T04:23:34Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="2024.2.17-debian-11-r0" \ - org.opencontainers.image.title="minio" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="2024.2.17" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl jq procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "wait-for-port-1.0.7-8-linux-${OS_ARCH}-debian-11" \ - "minio-client-2024.2.16-0-linux-${OS_ARCH}-debian-11" \ - "minio-2024.2.17-0-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true - -COPY rootfs / -RUN /opt/bitnami/scripts/minio-client/postunpack.sh -RUN /opt/bitnami/scripts/minio/postunpack.sh -ENV APP_VERSION="2024.2.17" \ - BITNAMI_APP_NAME="minio" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/minio-client/bin:/opt/bitnami/minio/bin:$PATH" - -VOLUME [ "/bitnami/minio/data", "/certs" ] - -EXPOSE 9000 9001 - -WORKDIR /opt/bitnami/minio-client -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/minio/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/minio/run.sh" ] diff --git a/bitnami/minio/2024/debian-11/docker-compose.yml b/bitnami/minio/2024/debian-11/docker-compose.yml deleted file mode 100644 index cbb2c179a978..000000000000 --- a/bitnami/minio/2024/debian-11/docker-compose.yml +++ /dev/null @@ -1,17 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' - -services: - minio: - image: docker.io/bitnami/minio:2024 - ports: - - '9000:9000' - - '9001:9001' - volumes: - - 'minio_data:/bitnami/minio/data' - -volumes: - minio_data: - driver: local diff --git a/bitnami/minio/2024/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/minio/2024/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 15bee7080bf3..000000000000 --- a/bitnami/minio/2024/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "minio": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2024.2.17-0" - }, - "minio-client": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2024.2.16-0" - }, - "wait-for-port": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.7-8" - } -} \ No newline at end of file diff --git a/bitnami/minio/2024/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/minio/2024/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/minio/2024/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/minio/2024/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/minio/2024/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/minio/2024/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/minio/2024/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/minio/2024/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/minio/2024/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/minio/2024/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/minio/2024/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/minio/2024/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/minio/2024/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/minio/2024/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/minio/2024/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/minio/2024/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/minio/2024/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/minio/2024/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/minio/2024/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/minio/2024/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/minio/2024/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/minio/2024/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/minio/2024/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/minio/2024/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/minio/2024/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/minio/2024/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/minio/2024/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/minio/2024/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/minio/2024/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/minio/2024/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/minio/2024/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/minio/2024/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/minio/2024/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/minio/2024/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/minio/2024/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/minio/2024/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/minio/2024/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/minio/2024/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/minio/2024/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/minio/2024/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/minio/2024/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/minio/2024/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/minio/2024/debian-11/rootfs/opt/bitnami/scripts/libminio.sh b/bitnami/minio/2024/debian-11/rootfs/opt/bitnami/scripts/libminio.sh deleted file mode 100644 index ec192aa4492e..000000000000 --- a/bitnami/minio/2024/debian-11/rootfs/opt/bitnami/scripts/libminio.sh +++ /dev/null @@ -1,425 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami MinIO library - -# shellcheck disable=SC1091 - -# Load Libraries -. /opt/bitnami/scripts/libservice.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libminioclient.sh - -# Functions - -######################## -# Checks if MINIO_DISTRIBUTED_NODES uses the ellipses syntax {1...n} -# Globals: -# MINIO_DISTRIBUTED_NODES -# Arguments: -# None -# Returns: -# Boolean -######################### -is_distributed_ellipses_syntax() { - ! is_empty_value "$MINIO_DISTRIBUTED_NODES" && [[ $MINIO_DISTRIBUTED_NODES == *"..."* ]] -} - -######################## -# Obtain the list of drives used by the MinIO node -# Globals: -# MINIO_DISTRIBUTED_NODES -# Arguments: -# None -# Returns: -# Array with MinIO node drives -######################### -minio_distributed_drives() { - local -a drives=() - local -a nodes - - if ! is_empty_value "$MINIO_DISTRIBUTED_NODES"; then - read -r -a nodes <<<"$(tr ',;' ' ' <<<"${MINIO_DISTRIBUTED_NODES}")" - for node in "${nodes[@]}"; do - drive="$(parse_uri "${MINIO_SCHEME}://${node}" "path")" - drives+=("$drive") - done - fi - echo "${drives[@]}" -} - -######################## -# Checks if MinIO is running -# Globals: -# MINIO_PID -# Arguments: -# None -# Returns: -# Boolean -######################### -is_minio_running() { - local status - pgrep -f "$(command -v minio) server" >"$MINIO_PID_FILE" - pid="$(get_pid_from_file "$MINIO_PID_FILE")" - - if [[ -z "$pid" ]]; then - false - else - if ! is_service_running "$pid"; then - false - else - status="$(minio_client_execute_timeout admin info local --json | jq -r .info.mode)" - if [[ "$status" = "online" ]]; then - true - else - false - fi - fi - fi -} - -######################## -# Check if MinIO is live -# Globals: -# MINIO_PID -# Arguments: -# None -# Returns: -# Boolean -######################## -is_minio_live() { - local status_code - pgrep -f "$(command -v minio) server" >"$MINIO_PID_FILE" - pid="$(get_pid_from_file "$MINIO_PID_FILE")" - if [[ -z "${pid}" ]]; then - false - else - if ! is_service_running "$pid"; then - false - else - # We use cURL because we need to check the liveness before the client is configured - status_code=$(curl --write-out '%{http_code}' --silent --output /dev/null "${MINIO_SCHEME}://127.0.0.1:${MINIO_API_PORT_NUMBER}/minio/health/live") - if [[ "$status_code" = "200" ]]; then - true - else - false - fi - fi - fi -} - -######################## -# Wait for MinIO start -# Globals: -# MINIO_STARTUP_TIMEOUT -# Arguments: -# None -# Returns: -# None -######################## -wait_for_minio() { - local waited_time - waited_time=0 - while ! is_minio_live && [[ "$waited_time" -lt "$MINIO_STARTUP_TIMEOUT" ]]; do - sleep 5 - waited_time=$((waited_time + 5)) - done -} - -######################## -# Start MinIO in background and wait until it's ready -# Globals: -# MINIO_* -# Arguments: -# None -# Returns: -# None -######################### -minio_start_bg() { - local -r exec=$(command -v minio) - local -a args=("server" "--certs-dir" "${MINIO_CERTS_DIR}" "--console-address" ":${MINIO_CONSOLE_PORT_NUMBER}" "--address" ":${MINIO_API_PORT_NUMBER}") - local -a nodes - - if is_boolean_yes "$MINIO_DISTRIBUTED_MODE_ENABLED"; then - read -r -a nodes <<<"$(tr ',;' ' ' <<<"${MINIO_DISTRIBUTED_NODES}")" - for node in "${nodes[@]}"; do - if is_distributed_ellipses_syntax; then - args+=("${MINIO_SCHEME}://${node}") - else - args+=("${MINIO_SCHEME}://${node}:${MINIO_API_PORT_NUMBER}/${MINIO_DATA_DIR}") - fi - done - else - args+=("${MINIO_DATA_DIR}") - fi - - is_minio_running && return - info "Starting MinIO in background..." - if am_i_root; then - debug_execute run_as_user "$MINIO_DAEMON_USER" "${exec}" "${args[@]}" & - else - debug_execute "${exec}" "${args[@]}" & - fi - wait_for_minio -} - -######################## -# Stop MinIO -# Arguments: -# None -# Returns: -# None -######################### -minio_stop() { - if is_minio_running; then - info "Stopping MinIO..." - minio_client_execute_timeout admin service stop local >/dev/null 2>&1 || true - - local counter=5 - while is_minio_running; do - if [[ "$counter" -le 0 ]]; then - break - fi - sleep 1 - counter=$((counter - 1)) - done - else - info "MinIO is already stopped..." - fi -} - -######################## -# Configure Apache reverse proxy -# Arguments: -# None -# Returns: -# None -######################### -minio_configure_reverse_proxy() { - local -r console_http_port="${MINIO_APACHE_CONSOLE_HTTP_PORT:-"${APACHE_HTTP_PORT_NUMBER:-"$APACHE_DEFAULT_HTTP_PORT_NUMBER"}"}" - local -r console_https_port="${MINIO_APACHE_CONSOLE_HTTPS_PORT:-"${APACHE_HTTPS_PORT_NUMBER:-"$APACHE_DEFAULT_HTTPS_PORT_NUMBER"}"}" - local -r api_http_port="${MINIO_APACHE_API_HTTP_PORT_NUMBER}" - local -r api_https_port="${MINIO_APACHE_API_HTTPS_PORT_NUMBER}" - - # Create Apache vhost for Jaeger Query - ensure_web_server_app_configuration_exists "minio-console" \ - --type proxy \ - --apache-proxy-address "http://127.0.0.1:${MINIO_CONSOLE_PORT_NUMBER}/" \ - --http-port "$console_http_port" \ - --https-port "$console_https_port" - - # Create Apache vhost for Jaeger Collector - ensure_web_server_app_configuration_exists "minio-api" \ - --type proxy \ - --apache-proxy-address "http://127.0.0.1:${MINIO_API_PORT_NUMBER}/" \ - --http-port "$api_http_port" \ - --https-port "$api_https_port" \ - --apache-additional-configuration " - # Preserve Headers to avoid issue with mc - # https://github.com/minio/minio/issues/7936 - ProxyPreserveHost On - ProxyVia Block - " -} - -######################## -# Validate settings in MINIO_* env vars. -# Globals: -# MINIO_* -# Arguments: -# None -# Returns: -# None -######################### -minio_validate() { - debug "Validating settings in MINIO_* env vars.." - local error_code=0 - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - check_yes_no_value() { - if ! is_yes_no_value "${!1}"; then - print_validation_error "The allowed values for $1 are [yes, no]" - fi - } - check_allowed_port() { - local validate_port_args=() - ! am_i_root && validate_port_args+=("-unprivileged") - if ! err=$(validate_port "${validate_port_args[@]}" "${!1}"); then - print_validation_error "An invalid port was specified in the environment variable $1: $err" - fi - } - - if is_boolean_yes "$MINIO_DISTRIBUTED_MODE_ENABLED"; then - if [[ -z "${MINIO_ROOT_USER:-}" ]] || [[ -z "${MINIO_ROOT_PASSWORD:-}" ]]; then - print_validation_error "Distributed mode is enabled. Both MINIO_ROOT_USER and MINIO_ROOT_PASSWORD environment must be set" - fi - if [[ -z "${MINIO_DISTRIBUTED_NODES:-}" ]]; then - print_validation_error "Distributed mode is enabled. Nodes must be indicated setting the environment variable MINIO_DISTRIBUTED_NODES" - else - read -r -a nodes <<<"$(tr ',;' ' ' <<<"${MINIO_DISTRIBUTED_NODES}")" - if ! is_distributed_ellipses_syntax && ([[ "${#nodes[@]}" -lt 4 ]] || (("${#nodes[@]}" % 2))); then - print_validation_error "Number of nodes must even and greater than 4." - fi - fi - else - if [[ -n "${MINIO_DISTRIBUTED_NODES:-}" ]]; then - warn "Distributed mode is not enabled. The nodes set at the environment variable MINIO_DISTRIBUTED_NODES will be ignored." - fi - fi - if [[ -n "${MINIO_BROWSER:-}" ]]; then - shopt -s nocasematch - if [[ "$MINIO_BROWSER" = "off" ]]; then - warn "Access to MinIO web UI is disabled!! More information at: https://github.com/minio/minio/tree/master/docs/config/#browser" - fi - shopt -u nocasematch - fi - if [[ -n "${MINIO_HTTP_TRACE:-}" ]]; then - if [[ -w "$MINIO_HTTP_TRACE" ]]; then - info "HTTP log trace enabled. Find the HTTP logs at: $MINIO_HTTP_TRACE" - else - print_validation_error "The HTTP log file specified at the environment variable MINIO_HTTP_TRACE is not writtable by current user \"$(id -u)\"" - fi - fi - shopt -s nocasematch - if ! is_dir_empty "${MINIO_CERTS_DIR}" && [[ "${MINIO_SCHEME}" == "http" ]] && [[ "${MINIO_SERVER_URL}" == "http://"* ]]; then - warn "Certificates provided but 'http' scheme in use. Please set MINIO_SCHEME and/or MINIO_SERVER_URL variables" - fi - if [[ "${MINIO_SCHEME}" != "http" ]] && [[ "${MINIO_SCHEME}" != "https" ]]; then - print_validation_error "The values allowed for MINIO_SCHEME are only [http, https]" - fi - shopt -u nocasematch - - check_yes_no_value MINIO_SKIP_CLIENT - check_yes_no_value MINIO_DISTRIBUTED_MODE_ENABLED - check_yes_no_value MINIO_FORCE_NEW_KEYS - check_allowed_port MINIO_CONSOLE_PORT_NUMBER - check_allowed_port MINIO_API_PORT_NUMBER - - return "$error_code" -} - -######################## -# Create default buckets -# Globals: -# MINIO_DEFAULT_BUCKETS -# Arguments: -# None -# Returns: -# None -######################### -minio_create_default_buckets() { - if [[ -n "$MINIO_DEFAULT_BUCKETS" ]]; then - read -r -a buckets <<<"$(tr ',;' ' ' <<<"${MINIO_DEFAULT_BUCKETS}")" - info "Creating default buckets..." - for b in "${buckets[@]}"; do - read -r -a bucket_info <<<"$(tr ':' ' ' <<<"${b}")" - if ! minio_client_bucket_exists "local/${bucket_info[0]}"; then - if [[ -n "${MINIO_REGION_NAME:-}" ]]; then - minio_client_execute mb "--region" "${MINIO_REGION_NAME}" "local/${bucket_info[0]}" - else - minio_client_execute mb "local/${bucket_info[0]}" - fi - if [ ${#bucket_info[@]} -eq 2 ]; then - info "Setting policy ${bucket_info[1]} for local bucket ${bucket_info[0]}" - minio_client_execute anonymous set "${bucket_info[1]}" local/"${bucket_info[0]}"/ - fi - else - info "Bucket local/${bucket_info[0]} already exists, skipping creation." - fi - done - fi -} - -######################## -# Regenerate MinIO credentials -# Globals: -# MINIO_* -# Arguments: -# None -# Returns: -# None -######################### -minio_regenerate_keys() { - local error_code=0 - if is_boolean_yes "$MINIO_FORCE_NEW_KEYS" && [[ -f "${MINIO_DATA_DIR}/.root_user" ]] && [[ -f "${MINIO_DATA_DIR}/.root_password" ]]; then - MINIO_ROOT_USER_OLD="$(cat "${MINIO_DATA_DIR}/.root_user")" - MINIO_ROOT_PASSWORD_OLD="$(cat "${MINIO_DATA_DIR}/.root_password")" - if [[ "$MINIO_ROOT_USER_OLD" != "$MINIO_ROOT_USER" ]] || [[ "$MINIO_ROOT_PASSWORD_OLD" != "$MINIO_ROOT_PASSWORD" ]]; then - info "Reconfiguring MinIO credentials..." - export MINIO_ROOT_USER_OLD MINIO_ROOT_PASSWORD_OLD - # Restart MinIO to reconfigure credentials - # ref: https://docs.min.io/docs/minio-server-configuration-guide.html - minio_start_bg - info "Forcing container restart after key regeneration" - error_code=1 - fi - fi - echo "$MINIO_ROOT_USER" >"${MINIO_DATA_DIR}/.root_user" - echo "$MINIO_ROOT_PASSWORD" >"${MINIO_DATA_DIR}/.root_password" - if ! chmod 600 "${MINIO_DATA_DIR}/.root_user" "${MINIO_DATA_DIR}/.root_password"; then - warn "Unable to set secure permissions on key files ${MINIO_DATA_DIR}/.root_*" - fi - [[ "$error_code" -eq 0 ]] || exit "$error_code" -} - -######################## -# Return the node name of this instance -# Globals: -# MINIO_DISTRIBUTED_MODE_ENABLED -# MINIO_DISTRIBUTED_NODES -# Arguments: -# None -# Returns: -# None -######################### -minio_node_hostname() { - if is_boolean_yes "$MINIO_DISTRIBUTED_MODE_ENABLED"; then - read -r -a nodes <<<"$(tr ',;' ' ' <<<"${MINIO_DISTRIBUTED_NODES}")" - for node in "${nodes[@]}"; do - [[ $(get_machine_ip) = $(dns_lookup "$node") ]] && echo "$node" && return - done - error "Could not find own node in MINIO_DISTRIBUTE_NODES: ${MINIO_DISTRIBUTED_NODES}" - exit 1 - else - echo "localhost" - fi -} - -######################## -# Check if MinIO daemon is not running -# Arguments: -# None -# Returns: -# Boolean -######################### -is_minio_not_running() { - ! is_minio_running -} - -############### -# Initialize MinIO service -# Globals: -# MINIO_* -# Arguments: -# None -# Returns: -# None -######################### -minio_initialize() { - if am_i_root; then - debug "Ensuring MinIO daemon user/group exists" - ensure_user_exists "$MINIO_DAEMON_USER" --group "$MINIO_DAEMON_GROUP" - debug "Ensuring MinIO config folder '$MINIO_CLIENT_CONF_DIR' exists" - ensure_dir_exists "$MINIO_CLIENT_CONF_DIR" - if [[ -n "${MINIO_DAEMON_USER:-}" ]]; then - chown -R "${MINIO_DAEMON_USER:-}" "$MINIO_BASE_DIR" "$MINIO_DATA_DIR" "$MINIO_CLIENT_CONF_DIR" - fi - fi -} diff --git a/bitnami/minio/2024/debian-11/rootfs/opt/bitnami/scripts/libminioclient.sh b/bitnami/minio/2024/debian-11/rootfs/opt/bitnami/scripts/libminioclient.sh deleted file mode 100644 index 571f6a4818f5..000000000000 --- a/bitnami/minio/2024/debian-11/rootfs/opt/bitnami/scripts/libminioclient.sh +++ /dev/null @@ -1,109 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami MinIO Client library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Check if a bucket already exists -# Globals: -# MINIO_CLIENT_CONF_DIR -# Arguments: -# $1 - Bucket name -# Returns: -# Boolean -minio_client_bucket_exists() { - local -r bucket_name="${1:?bucket required}" - if minio_client_execute stat "${bucket_name}" >/dev/null 2>&1; then - true - else - false - fi -} - -######################## -# Execute an arbitrary MinIO client command -# Globals: -# MINIO_CLIENT_CONF_DIR -# Arguments: -# $@ - Command to execute -# Returns: -# None -minio_client_execute() { - local -r args=("--config-dir" "${MINIO_CLIENT_CONF_DIR}" "--quiet" "$@") - local exec - exec=$(command -v mc) - - if am_i_root; then - run_as_user "$MINIO_DAEMON_USER" "${exec}" "${args[@]}" - else - "${exec}" "${args[@]}" - fi -} - -######################## -# Execute an arbitrary MinIO client command with a 2s timeout -# Globals: -# MINIO_CLIENT_CONF_DIR -# Arguments: -# $@ - Command to execute -# Returns: -# None -minio_client_execute_timeout() { - local -r args=("--config-dir" "${MINIO_CLIENT_CONF_DIR}" "--quiet" "$@") - local exec - exec=$(command -v mc) - - if am_i_root; then - cat > /tmp/cmd.sh << EOF -#!/bin/bash -# timeout forks its own shell process, so we need to provide it with the expected environment -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/minio-env.sh -. /opt/bitnami/scripts/minio-client-env.sh -. /opt/bitnami/scripts/libminio.sh -. /opt/bitnami/scripts/libminioclient.sh -run_as_user "$MINIO_DAEMON_USER" "${exec}" ${args[@]} -EOF - chmod +x /tmp/cmd.sh - timeout 5s bash -c "/tmp/cmd.sh" - rm -f /tmp/cmd.sh - else - timeout 5s "${exec}" "${args[@]}" - fi -} - -######################## -# Configure MinIO Client to use a MinIO server -# Globals: -# MINIO_SERVER_* -# Arguments: -# None -# Returns: -# Series of exports to be used as 'eval' arguments -######################### -minio_client_configure_server() { - if [[ -n "$MINIO_SERVER_HOST" ]] && [[ -n "$MINIO_SERVER_ROOT_USER" ]] && [[ -n "$MINIO_SERVER_ROOT_PASSWORD" ]]; then - info "Adding Minio host to 'mc' configuration..." - minio_client_execute config host add minio "${MINIO_SERVER_SCHEME}://${MINIO_SERVER_HOST}:${MINIO_SERVER_PORT_NUMBER}" "${MINIO_SERVER_ROOT_USER}" "${MINIO_SERVER_ROOT_PASSWORD}" - fi -} - -######################## -# Configure MinIO Client to use a local MinIO server -# Arguments: -# None -# Returns: -# Series of exports to be used as 'eval' arguments -######################### -minio_client_configure_local() { - info "Adding local Minio host to 'mc' configuration..." - minio_client_execute config host add local "${MINIO_SERVER_SCHEME}://localhost:${MINIO_SERVER_PORT_NUMBER}" "${MINIO_SERVER_ROOT_USER}" "${MINIO_SERVER_ROOT_PASSWORD}" >/dev/null 2>&1 -} diff --git a/bitnami/minio/2024/debian-11/rootfs/opt/bitnami/scripts/minio-client-env.sh b/bitnami/minio/2024/debian-11/rootfs/opt/bitnami/scripts/minio-client-env.sh deleted file mode 100644 index 0ae04116847a..000000000000 --- a/bitnami/minio/2024/debian-11/rootfs/opt/bitnami/scripts/minio-client-env.sh +++ /dev/null @@ -1,74 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for minio-client - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-minio-client}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -minio_client_env_vars=( - MINIO_CLIENT_CONF_DIR - MINIO_SERVER_HOST - MINIO_SERVER_PORT_NUMBER - MINIO_SERVER_SCHEME - MINIO_SERVER_ROOT_USER - MINIO_SERVER_ROOT_PASSWORD - MINIO_CLIENT_ACCESS_KEY - MINIO_SERVER_ACCESS_KEY - MINIO_CLIENT_SECRET_KEY - MINIO_SERVER_SECRET_KEY -) -for env_var in "${minio_client_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset minio_client_env_vars - -# Paths -export MINIO_CLIENT_BASE_DIR="${BITNAMI_ROOT_DIR}/minio-client" -export MINIO_CLIENT_BIN_DIR="${MINIO_CLIENT_BASE_DIR}/bin" -export MINIO_CLIENT_CONF_DIR="${MINIO_CLIENT_CONF_DIR:-/.mc}" -export PATH="${MINIO_CLIENT_BIN_DIR}:${PATH}" - -# MinIO Client configuration -export MINIO_SERVER_HOST="${MINIO_SERVER_HOST:-}" -export MINIO_SERVER_PORT_NUMBER="${MINIO_SERVER_PORT_NUMBER:-9000}" -export MINIO_SERVER_SCHEME="${MINIO_SERVER_SCHEME:-http}" - -# MinIO Client security -MINIO_SERVER_ROOT_USER="${MINIO_SERVER_ROOT_USER:-"${MINIO_CLIENT_ACCESS_KEY:-}"}" -MINIO_SERVER_ROOT_USER="${MINIO_SERVER_ROOT_USER:-"${MINIO_SERVER_ACCESS_KEY:-}"}" -export MINIO_SERVER_ROOT_USER="${MINIO_SERVER_ROOT_USER:-}" -MINIO_SERVER_ROOT_PASSWORD="${MINIO_SERVER_ROOT_PASSWORD:-"${MINIO_CLIENT_SECRET_KEY:-}"}" -MINIO_SERVER_ROOT_PASSWORD="${MINIO_SERVER_ROOT_PASSWORD:-"${MINIO_SERVER_SECRET_KEY:-}"}" -export MINIO_SERVER_ROOT_PASSWORD="${MINIO_SERVER_ROOT_PASSWORD:-}" - -# System users (when running with a privileged user) -export MINIO_DAEMON_USER="minio" -export MINIO_DAEMON_GROUP="minio" - -# Custom environment variables may be defined below diff --git a/bitnami/minio/2024/debian-11/rootfs/opt/bitnami/scripts/minio-client/entrypoint.sh b/bitnami/minio/2024/debian-11/rootfs/opt/bitnami/scripts/minio-client/entrypoint.sh deleted file mode 100755 index 675502bd2ddd..000000000000 --- a/bitnami/minio/2024/debian-11/rootfs/opt/bitnami/scripts/minio-client/entrypoint.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -#set -o xtrace - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -print_welcome_page - -if [[ "$*" = *"/opt/bitnami/scripts/minio-client/run.sh"* ]]; then - info "** Starting MinIO Client setup **" - /opt/bitnami/scripts/minio-client/setup.sh - info "** MinIO Client setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/minio/2024/debian-11/rootfs/opt/bitnami/scripts/minio-client/postunpack.sh b/bitnami/minio/2024/debian-11/rootfs/opt/bitnami/scripts/minio-client/postunpack.sh deleted file mode 100755 index 3b5d18050d14..000000000000 --- a/bitnami/minio/2024/debian-11/rootfs/opt/bitnami/scripts/minio-client/postunpack.sh +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libminioclient.sh - -# Load MinIO Client environment -. /opt/bitnami/scripts/minio-client-env.sh - -for dir in "$MINIO_CLIENT_BASE_DIR" "$MINIO_CLIENT_CONF_DIR"; do - ensure_dir_exists "$dir" -done -chmod -R g+rwX "$MINIO_CLIENT_BASE_DIR" "$MINIO_CLIENT_CONF_DIR" diff --git a/bitnami/minio/2024/debian-11/rootfs/opt/bitnami/scripts/minio-client/run.sh b/bitnami/minio/2024/debian-11/rootfs/opt/bitnami/scripts/minio-client/run.sh deleted file mode 100755 index 5622423ed951..000000000000 --- a/bitnami/minio/2024/debian-11/rootfs/opt/bitnami/scripts/minio-client/run.sh +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -#set -o xtrace - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libminioclient.sh - -# Load MinIO Client environment -. /opt/bitnami/scripts/minio-client-env.sh - -# Constants -EXEC=$(command -v mc) -ARGS=("--config-dir" "${MINIO_CLIENT_CONF_DIR}" "$@") - -if am_i_root; then - exec_as_user "${MINIO_CLIENT_DAEMON_USER}" "${EXEC}" "${ARGS[@]}" -else - exec "${EXEC}" "${ARGS[@]}" -fi diff --git a/bitnami/minio/2024/debian-11/rootfs/opt/bitnami/scripts/minio-client/setup.sh b/bitnami/minio/2024/debian-11/rootfs/opt/bitnami/scripts/minio-client/setup.sh deleted file mode 100755 index 914634e4dc62..000000000000 --- a/bitnami/minio/2024/debian-11/rootfs/opt/bitnami/scripts/minio-client/setup.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -#set -o xtrace - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libnet.sh -. /opt/bitnami/scripts/libminioclient.sh - -# Load MinIO Client environment -. /opt/bitnami/scripts/minio-client-env.sh - -# Configure MinIO Client to use a MinIO server -minio_client_configure_server diff --git a/bitnami/minio/2024/debian-11/rootfs/opt/bitnami/scripts/minio-env.sh b/bitnami/minio/2024/debian-11/rootfs/opt/bitnami/scripts/minio-env.sh deleted file mode 100644 index 622831f1abf8..000000000000 --- a/bitnami/minio/2024/debian-11/rootfs/opt/bitnami/scripts/minio-env.sh +++ /dev/null @@ -1,94 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Environment configuration for minio - -# The values for all environment variables will be set in the below order of precedence -# 1. Custom environment variables defined below after Bitnami defaults -# 2. Constants defined in this file (environment variables with no default), i.e. BITNAMI_ROOT_DIR -# 3. Environment variables overridden via external files using *_FILE variables (see below) -# 4. Environment variables set externally (i.e. current Bash context/Dockerfile/userdata) - -# Load logging library -# shellcheck disable=SC1090,SC1091 -. /opt/bitnami/scripts/liblog.sh - -export BITNAMI_ROOT_DIR="/opt/bitnami" -export BITNAMI_VOLUME_DIR="/bitnami" - -# Logging configuration -export MODULE="${MODULE:-minio}" -export BITNAMI_DEBUG="${BITNAMI_DEBUG:-false}" - -# By setting an environment variable matching *_FILE to a file path, the prefixed environment -# variable will be overridden with the value specified in that file -minio_env_vars=( - MINIO_DATA_DIR - MINIO_API_PORT_NUMBER - MINIO_CONSOLE_PORT_NUMBER - MINIO_SCHEME - MINIO_SKIP_CLIENT - MINIO_DISTRIBUTED_MODE_ENABLED - MINIO_DEFAULT_BUCKETS - MINIO_STARTUP_TIMEOUT - MINIO_SERVER_URL - MINIO_APACHE_CONSOLE_HTTP_PORT_NUMBER - MINIO_APACHE_CONSOLE_HTTPS_PORT_NUMBER - MINIO_APACHE_API_HTTP_PORT_NUMBER - MINIO_APACHE_API_HTTPS_PORT_NUMBER - MINIO_FORCE_NEW_KEYS - MINIO_ROOT_USER - MINIO_ROOT_PASSWORD -) -for env_var in "${minio_env_vars[@]}"; do - file_env_var="${env_var}_FILE" - if [[ -n "${!file_env_var:-}" ]]; then - if [[ -r "${!file_env_var:-}" ]]; then - export "${env_var}=$(< "${!file_env_var}")" - unset "${file_env_var}" - else - warn "Skipping export of '${env_var}'. '${!file_env_var:-}' is not readable." - fi - fi -done -unset minio_env_vars - -# Paths -export MINIO_BASE_DIR="${BITNAMI_ROOT_DIR}/minio" -export MINIO_BIN_DIR="${MINIO_BASE_DIR}/bin" -export MINIO_CERTS_DIR="/certs" -export MINIO_LOGS_DIR="${MINIO_BASE_DIR}/log" -export MINIO_TMP_DIR="${MINIO_BASE_DIR}/tmp" -export MINIO_SECRETS_DIR="${MINIO_BASE_DIR}/secrets" -export MINIO_DATA_DIR="${MINIO_DATA_DIR:-/bitnami/minio/data}" -export MINIO_LOG_FILE="${MINIO_LOGS_DIR}/minio.log" -export MINIO_PID_FILE="${MINIO_TMP_DIR}/minio.pid" -export PATH="${MINIO_BIN_DIR}:${PATH}" - -# System users (when running with a privileged user) -export MINIO_DAEMON_USER="minio" -export MINIO_DAEMON_GROUP="minio" - -# MinIO configuration -export MINIO_API_PORT_NUMBER="${MINIO_API_PORT_NUMBER:-9000}" -export MINIO_CONSOLE_PORT_NUMBER="${MINIO_CONSOLE_PORT_NUMBER:-9001}" -export MINIO_SCHEME="${MINIO_SCHEME:-http}" -export MINIO_SKIP_CLIENT="${MINIO_SKIP_CLIENT:-no}" -export MINIO_DISTRIBUTED_MODE_ENABLED="${MINIO_DISTRIBUTED_MODE_ENABLED:-no}" -export MINIO_DEFAULT_BUCKETS="${MINIO_DEFAULT_BUCKETS:-}" -export MINIO_STARTUP_TIMEOUT="${MINIO_STARTUP_TIMEOUT:-10}" -export MINIO_SERVER_URL="${MINIO_SERVER_URL:-$MINIO_SCHEME://localhost:$MINIO_API_PORT_NUMBER}" - -# MinIO apache proxy ports -export MINIO_APACHE_CONSOLE_HTTP_PORT_NUMBER="${MINIO_APACHE_CONSOLE_HTTP_PORT_NUMBER:-80}" -export MINIO_APACHE_CONSOLE_HTTPS_PORT_NUMBER="${MINIO_APACHE_CONSOLE_HTTPS_PORT_NUMBER:-443}" -export MINIO_APACHE_API_HTTP_PORT_NUMBER="${MINIO_APACHE_API_HTTP_PORT_NUMBER:-9000}" -export MINIO_APACHE_API_HTTPS_PORT_NUMBER="${MINIO_APACHE_API_HTTPS_PORT_NUMBER:-9443}" - -# MinIO security -export MINIO_FORCE_NEW_KEYS="${MINIO_FORCE_NEW_KEYS:-no}" -export MINIO_ROOT_USER="${MINIO_ROOT_USER:-minio}" -export MINIO_ROOT_PASSWORD="${MINIO_ROOT_PASSWORD:-miniosecret}" - -# Custom environment variables may be defined below diff --git a/bitnami/minio/2024/debian-11/rootfs/opt/bitnami/scripts/minio/entrypoint.sh b/bitnami/minio/2024/debian-11/rootfs/opt/bitnami/scripts/minio/entrypoint.sh deleted file mode 100755 index e72888d06ded..000000000000 --- a/bitnami/minio/2024/debian-11/rootfs/opt/bitnami/scripts/minio/entrypoint.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -#set -o xtrace - -# Load libraries -. /opt/bitnami/scripts/libbitnami.sh -. /opt/bitnami/scripts/liblog.sh - -print_welcome_page - -if [[ "$*" = *"/opt/bitnami/scripts/minio/run.sh"* ]]; then - info "** Starting MinIO setup **" - /opt/bitnami/scripts/minio/setup.sh - info "** MinIO setup finished! **" -fi - -echo "" -exec "$@" diff --git a/bitnami/minio/2024/debian-11/rootfs/opt/bitnami/scripts/minio/postunpack.sh b/bitnami/minio/2024/debian-11/rootfs/opt/bitnami/scripts/minio/postunpack.sh deleted file mode 100755 index 58ffd22cf05b..000000000000 --- a/bitnami/minio/2024/debian-11/rootfs/opt/bitnami/scripts/minio/postunpack.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1090,SC1091 - -# Load libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libminio.sh - -# Load MinIO environment -. /opt/bitnami/scripts/minio-env.sh - -# Ensure non-root user has write permissions on a set of directories -for dir in "$MINIO_DATA_DIR" "$MINIO_CERTS_DIR" "$MINIO_LOGS_DIR" "$MINIO_TMP_DIR" "$MINIO_SECRETS_DIR"; do - ensure_dir_exists "$dir" -done -chmod -R g+rwX "$MINIO_DATA_DIR" "$MINIO_CERTS_DIR" "$MINIO_LOGS_DIR" "$MINIO_SECRETS_DIR" "$MINIO_TMP_DIR" - -# Redirect all logging to stdout/stderr -ln -sf /dev/stdout "$MINIO_LOGS_DIR/minio-http.log" diff --git a/bitnami/minio/2024/debian-11/rootfs/opt/bitnami/scripts/minio/run.sh b/bitnami/minio/2024/debian-11/rootfs/opt/bitnami/scripts/minio/run.sh deleted file mode 100755 index 6dbdd4f54325..000000000000 --- a/bitnami/minio/2024/debian-11/rootfs/opt/bitnami/scripts/minio/run.sh +++ /dev/null @@ -1,43 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -#set -o xtrace - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/libminio.sh - -# Load MinIO environment -. /opt/bitnami/scripts/minio-env.sh - -# Constants -EXEC=$(command -v minio) -ARGS=("server" "--certs-dir" "${MINIO_CERTS_DIR}" "--console-address" ":${MINIO_CONSOLE_PORT_NUMBER}" "--address" ":${MINIO_API_PORT_NUMBER}") -# Add any extra flags passed to this script -ARGS+=("$@") -if is_boolean_yes "$MINIO_DISTRIBUTED_MODE_ENABLED"; then - read -r -a nodes <<< "$(tr ',;' ' ' <<< "${MINIO_DISTRIBUTED_NODES}")" - for node in "${nodes[@]}"; do - if is_distributed_ellipses_syntax; then - ARGS+=("${MINIO_SCHEME}://${node}") - else - ARGS+=("${MINIO_SCHEME}://${node}:${MINIO_API_PORT_NUMBER}/${MINIO_DATA_DIR}") - fi - done -else - ARGS+=("${MINIO_DATA_DIR}") -fi - -info "** Starting MinIO **" -if am_i_root; then - exec_as_user "${MINIO_DAEMON_USER}" "${EXEC}" "${ARGS[@]}" -else - exec "${EXEC}" "${ARGS[@]}" -fi diff --git a/bitnami/minio/2024/debian-11/rootfs/opt/bitnami/scripts/minio/setup.sh b/bitnami/minio/2024/debian-11/rootfs/opt/bitnami/scripts/minio/setup.sh deleted file mode 100755 index 936a3d0aff18..000000000000 --- a/bitnami/minio/2024/debian-11/rootfs/opt/bitnami/scripts/minio/setup.sh +++ /dev/null @@ -1,67 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# shellcheck disable=SC1091 - -set -o errexit -set -o nounset -set -o pipefail -#set -o xtrace - -# Load libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libminio.sh - -# Load MinIO environment -. /opt/bitnami/scripts/minio-env.sh - -MINIO_SERVER_SCHEME=$(echo "$MINIO_SCHEME" | tr '[:upper:]' '[:lower:]') - -export MINIO_SERVER_PORT_NUMBER="$MINIO_API_PORT_NUMBER" -export MINIO_SERVER_ROOT_USER="${MINIO_ROOT_USER:-}" -export MINIO_SERVER_ROOT_PASSWORD="${MINIO_ROOT_PASSWORD:-}" -export MINIO_SERVER_SCHEME - -# Load MinIO Client environment -. /opt/bitnami/scripts/minio-client-env.sh - -# Validate settings in MINIO_* env vars. -minio_validate - -minio_initialize - -# Keys regeneration -minio_regenerate_keys - -if is_boolean_yes "$MINIO_SKIP_CLIENT"; then - debug "Skipping MinIO client configuration..." -else - if [[ "$MINIO_SERVER_SCHEME" == "https" ]]; then - [[ ! -d "${MINIO_CLIENT_CONF_DIR}/certs" ]] && mkdir -p "${MINIO_CLIENT_CONF_DIR}/certs" - [[ -d "${MINIO_CERTS_DIR}/CAs" ]] && cp -r "${MINIO_CERTS_DIR}/CAs/" "${MINIO_CLIENT_CONF_DIR}/certs/CAs" - fi - # Start MinIO server in background - minio_start_bg - # Ensure MinIO Client is stopped when this script ends. - trap "minio_stop" EXIT - - if is_boolean_yes "$MINIO_DISTRIBUTED_MODE_ENABLED" && is_distributed_ellipses_syntax; then - read -r -a drives <<<"$(minio_distributed_drives)" - data_drive="${drives[0]}" - fi - - # Try to add a local server within a minute. - if ! retry_while "minio_client_configure_local ${data_drive:-MINIO_DATA_DIR}/.minio.sys/config/config.json"; then - echo "Failed to add temporary MinIO server" - exit 1 - fi - - if is_boolean_yes "$MINIO_DISTRIBUTED_MODE_ENABLED"; then - # Wait for other clients (distribute mode) - sleep 5 - fi - - # Create default buckets - minio_create_default_buckets -fi diff --git a/bitnami/minio/2024/debian-11/tags-info.yaml b/bitnami/minio/2024/debian-11/tags-info.yaml deleted file mode 100644 index bfe08666d8fc..000000000000 --- a/bitnami/minio/2024/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "2024" -- 2024-debian-11 -- 2024.2.17 -- latest diff --git a/bitnami/mlflow/2/debian-11/Dockerfile b/bitnami/mlflow/2/debian-11/Dockerfile deleted file mode 100644 index 9347a24f3b5e..000000000000 --- a/bitnami/mlflow/2/debian-11/Dockerfile +++ /dev/null @@ -1,55 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-16T13:43:06Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="2.10.2-debian-11-r16" \ - org.opencontainers.image.title="mlflow" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="2.10.2" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl git libbz2-1.0 libcom-err2 libcrypt1 libffi7 libgcc-s1 libgmp10 libgnutls30 libgssapi-krb5-2 libhogweed6 libidn2-0 libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 libldap-2.4-2 liblzma5 libncursesw6 libnettle8 libnsl2 libp11-kit0 libpq5 libreadline8 libsasl2-2 libsqlite3-0 libssl1.1 libstdc++6 libtasn1-6 libtinfo6 libtirpc3 libunistring2 procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "python-3.10.13-15-linux-${OS_ARCH}-debian-11" \ - "mlflow-2.10.2-0-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN useradd -r -u 1001 -g root mlflow -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN mkdir /.local && chmod g+rwX /.local - -RUN mkdir -p /app/mlruns /app/mlartifacts /bitnami/mlflow && chmod g+rwX /app /app/mlruns /app/mlartifacts /bitnami/mlflow && ln -s /opt/bitnami/python/lib/*/site-packages/mlflow/server/auth/ /bitnami/mlflow-basic-auth -ENV APP_VERSION="2.10.2" \ - BITNAMI_APP_NAME="mlflow" \ - PATH="/opt/bitnami/python/bin:$PATH" - -WORKDIR /app -USER 1001 -ENTRYPOINT [ "python" ] diff --git a/bitnami/mlflow/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/mlflow/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 1515ca9e56c0..000000000000 --- a/bitnami/mlflow/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "mlflow": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.10.2-0" - }, - "python": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "3.10.13-15" - } -} \ No newline at end of file diff --git a/bitnami/mlflow/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/mlflow/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/mlflow/2/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/mlflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/mlflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/mlflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/mlflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/mlflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/mlflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/mlflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/mlflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/mlflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/mlflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/mlflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/mlflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/mlflow/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/mlflow/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/mlflow/2/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/mlflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/mlflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/mlflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/mlflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/mlflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/mlflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/mlflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/mlflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/mlflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/mlflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/mlflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/mlflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/mlflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/mlflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/mlflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/mlflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/mlflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/mlflow/2/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/mlflow/2/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/mlflow/2/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/mlflow/2/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/mlflow/2/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/mlflow/2/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/mlflow/2/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/mlflow/2/debian-11/tags-info.yaml b/bitnami/mlflow/2/debian-11/tags-info.yaml deleted file mode 100644 index 956d45fc5eb0..000000000000 --- a/bitnami/mlflow/2/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "2" -- 2-debian-11 -- 2.10.2 -- latest diff --git a/bitnami/mongodb-exporter/0/debian-11/Dockerfile b/bitnami/mongodb-exporter/0/debian-11/Dockerfile deleted file mode 100644 index 45a8c10c1091..000000000000 --- a/bitnami/mongodb-exporter/0/debian-11/Dockerfile +++ /dev/null @@ -1,55 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T09:55:54Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="0.40.0-debian-11-r24" \ - org.opencontainers.image.title="mongodb-exporter" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="0.40.0" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl procps -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "mongodb-exporter-0.40.0-5-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get autoremove --purge -y curl && \ - apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN ln -sf /opt/bitnami/mongodb-exporter/bin/mongodb_exporter /bin/mongodb_exporter - -ENV APP_VERSION="0.40.0" \ - BITNAMI_APP_NAME="mongodb-exporter" \ - PATH="/opt/bitnami/mongodb-exporter/bin:$PATH" - -EXPOSE 9216 - -WORKDIR /opt/bitnami/mongodb-exporter -USER 1001 -ENTRYPOINT [ "mongodb_exporter" ] diff --git a/bitnami/mongodb-exporter/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/mongodb-exporter/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index 6145f3d278f6..000000000000 --- a/bitnami/mongodb-exporter/0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "mongodb-exporter": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "0.40.0-5" - } -} \ No newline at end of file diff --git a/bitnami/mongodb-exporter/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/mongodb-exporter/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/mongodb-exporter/0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/mongodb-exporter/0/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/mongodb-exporter/0/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/mongodb-exporter/0/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/mongodb-exporter/0/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/mongodb-exporter/0/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/mongodb-exporter/0/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/mongodb-exporter/0/debian-11/tags-info.yaml b/bitnami/mongodb-exporter/0/debian-11/tags-info.yaml deleted file mode 100644 index 814fa7a165d0..000000000000 --- a/bitnami/mongodb-exporter/0/debian-11/tags-info.yaml +++ /dev/null @@ -1,5 +0,0 @@ -rolling-tags: -- "0" -- 0-debian-11 -- 0.40.0 -- latest diff --git a/bitnami/mongodb-sharded/5.0/debian-11/Dockerfile b/bitnami/mongodb-sharded/5.0/debian-11/Dockerfile deleted file mode 100644 index 2fb058ad6a84..000000000000 --- a/bitnami/mongodb-sharded/5.0/debian-11/Dockerfile +++ /dev/null @@ -1,62 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -FROM docker.io/bitnami/minideb:bullseye - -ARG TARGETARCH - -LABEL com.vmware.cp.artifact.flavor="sha256:1e1b4657a77f0d47e9220f0c37b9bf7802581b93214fff7d1bd2364c8bf22e8e" \ - org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2024-02-19T09:53:54Z" \ - org.opencontainers.image.description="Application packaged by VMware, Inc" \ - org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="5.0.24-debian-11-r20" \ - org.opencontainers.image.title="mongodb-sharded" \ - org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="5.0.24" - -ENV HOME="/" \ - OS_ARCH="${TARGETARCH:-amd64}" \ - OS_FLAVOUR="debian-11" \ - OS_NAME="linux" - -COPY prebuildfs / -SHELL ["/bin/bash", "-o", "errexit", "-o", "nounset", "-o", "pipefail", "-c"] -# Install required system packages and dependencies -RUN install_packages ca-certificates curl libbrotli1 libcom-err2 libcurl4 libffi7 libgcc-s1 libgcrypt20 libgmp10 libgnutls30 libgpg-error0 libgssapi-krb5-2 libhogweed6 libidn2-0 libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 libldap-2.4-2 liblzma5 libnettle8 libnghttp2-14 libp11-kit0 libpsl5 librtmp1 libsasl2-2 libssh2-1 libssl1.1 libtasn1-6 libunistring2 numactl procps zlib1g -RUN mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ ; \ - COMPONENTS=( \ - "yq-4.41.1-0-linux-${OS_ARCH}-debian-11" \ - "wait-for-port-1.0.7-8-linux-${OS_ARCH}-debian-11" \ - "render-template-1.0.6-8-linux-${OS_ARCH}-debian-11" \ - "mongodb-shell-2.1.4-0-linux-${OS_ARCH}-debian-11" \ - "mongodb-5.0.24-5-linux-${OS_ARCH}-debian-11" \ - ) ; \ - for COMPONENT in "${COMPONENTS[@]}"; do \ - if [ ! -f "${COMPONENT}.tar.gz" ]; then \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz" -O ; \ - curl -SsLf "https://downloads.bitnami.com/files/stacksmith/${COMPONENT}.tar.gz.sha256" -O ; \ - fi ; \ - sha256sum -c "${COMPONENT}.tar.gz.sha256" ; \ - tar -zxf "${COMPONENT}.tar.gz" -C /opt/bitnami --strip-components=2 --no-same-owner --wildcards '*/files' ; \ - rm -rf "${COMPONENT}".tar.gz{,.sha256} ; \ - done -RUN apt-get update && apt-get upgrade -y && \ - apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives -RUN chmod g+rwX /opt/bitnami -RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true -RUN ln -s /opt/bitnami/scripts/mongodb-sharded/entrypoint.sh /entrypoint.sh -RUN ln -s /opt/bitnami/scripts/liblog.sh /liblog.sh -RUN ln -s /opt/bitnami/scripts/mongodb-sharded/run.sh /run.sh - -COPY rootfs / -RUN /opt/bitnami/scripts/mongodb-sharded/postunpack.sh -ENV APP_VERSION="5.0.24" \ - BITNAMI_APP_NAME="mongodb-sharded" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/mongodb/bin:$PATH" - -EXPOSE 27017 - -USER 1001 -ENTRYPOINT [ "/opt/bitnami/scripts/mongodb-sharded/entrypoint.sh" ] -CMD [ "/opt/bitnami/scripts/mongodb-sharded/run.sh" ] diff --git a/bitnami/mongodb-sharded/5.0/debian-11/docker-compose.yml b/bitnami/mongodb-sharded/5.0/debian-11/docker-compose.yml deleted file mode 100644 index f37a6d14cead..000000000000 --- a/bitnami/mongodb-sharded/5.0/debian-11/docker-compose.yml +++ /dev/null @@ -1,48 +0,0 @@ -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -version: '2' - -services: - mongodb-sharded: - image: docker.io/bitnami/mongodb-sharded:5.0 - environment: - - MONGODB_ADVERTISED_HOSTNAME=mongodb-sharded - - MONGODB_SHARDING_MODE=mongos - - MONGODB_CFG_PRIMARY_HOST=mongodb-cfg - - MONGODB_CFG_REPLICA_SET_NAME=cfgreplicaset - - MONGODB_REPLICA_SET_KEY=replicasetkey123 - - MONGODB_ROOT_PASSWORD=password123 - ports: - - "27017:27017" - - mongodb-shard0: - image: docker.io/bitnami/mongodb-sharded:5.0 - environment: - - MONGODB_ADVERTISED_HOSTNAME=mongodb-shard0 - - MONGODB_SHARDING_MODE=shardsvr - - MONGODB_MONGOS_HOST=mongodb-sharded - - MONGODB_ROOT_PASSWORD=password123 - - MONGODB_REPLICA_SET_MODE=primary - - MONGODB_REPLICA_SET_KEY=replicasetkey123 - - MONGODB_REPLICA_SET_NAME=shard0 - volumes: - - 'shard0_data:/bitnami' - - mongodb-cfg: - image: docker.io/bitnami/mongodb-sharded:5.0 - environment: - - MONGODB_ADVERTISED_HOSTNAME=mongodb-cfg - - MONGODB_SHARDING_MODE=configsvr - - MONGODB_ROOT_PASSWORD=password123 - - MONGODB_REPLICA_SET_MODE=primary - - MONGODB_REPLICA_SET_KEY=replicasetkey123 - - MONGODB_REPLICA_SET_NAME=cfgreplicaset - volumes: - - 'cfg_data:/bitnami' - -volumes: - shard0_data: - driver: local - cfg_data: - driver: local diff --git a/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json deleted file mode 100644 index f638757485ff..000000000000 --- a/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ /dev/null @@ -1,32 +0,0 @@ -{ - "mongodb": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "5.0.24-5" - }, - "mongodb-shell": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "2.1.4-0" - }, - "render-template": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.6-8" - }, - "wait-for-port": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.0.7-8" - }, - "yq": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "4.41.1-0" - } -} \ No newline at end of file diff --git a/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt b/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt deleted file mode 100644 index 76956b38e82c..000000000000 --- a/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/opt/bitnami/licenses/licenses.txt +++ /dev/null @@ -1,2 +0,0 @@ -Bitnami containers ship with software bundles. You can find the licenses under: -/opt/bitnami/[name-of-bundle]/licenses/[bundle-version].txt diff --git a/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh b/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh deleted file mode 100644 index 3853c789b2ea..000000000000 --- a/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/opt/bitnami/scripts/libbitnami.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami custom library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Constants -BOLD='\033[1m' - -# Functions - -######################## -# Print the welcome page -# Globals: -# DISABLE_WELCOME_MESSAGE -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_welcome_page() { - if [[ -z "${DISABLE_WELCOME_MESSAGE:-}" ]]; then - if [[ -n "$BITNAMI_APP_NAME" ]]; then - print_image_welcome_page - fi - fi -} - -######################## -# Print the welcome page for a Bitnami Docker image -# Globals: -# BITNAMI_APP_NAME -# Arguments: -# None -# Returns: -# None -######################### -print_image_welcome_page() { - local github_url="https://github.com/bitnami/containers" - - info "" - info "${BOLD}Welcome to the Bitnami ${BITNAMI_APP_NAME} container${RESET}" - info "Subscribe to project updates by watching ${BOLD}${github_url}${RESET}" - info "Submit issues and feature requests at ${BOLD}${github_url}/issues${RESET}" - info "" -} - diff --git a/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh b/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh deleted file mode 100644 index 63759c777f3b..000000000000 --- a/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/opt/bitnami/scripts/libfile.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing files - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libos.sh - -# Functions - -######################## -# Replace a regex-matching string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# $4 - use POSIX regex. Default: true -# Returns: -# None -######################### -replace_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - local posix_regex=${4:-true} - - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - if [[ $posix_regex = true ]]; then - result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - else - result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Replace a regex-matching multiline string in a file -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - substitute regex -# Returns: -# None -######################### -replace_in_file_multiline() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local substitute_regex="${3:?substitute regex is required}" - - local result - local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues - result="$(perl -pe "BEGIN{undef $/;} s${del}${match_regex}${del}${substitute_regex}${del}sg" "$filename")" - echo "$result" > "$filename" -} - -######################## -# Remove a line in a file based on a regex -# Arguments: -# $1 - filename -# $2 - match regex -# $3 - use POSIX regex. Default: true -# Returns: -# None -######################### -remove_in_file() { - local filename="${1:?filename is required}" - local match_regex="${2:?match regex is required}" - local posix_regex=${3:-true} - local result - - # We should avoid using 'sed in-place' substitutions - # 1) They are not compatible with files mounted from ConfigMap(s) - # 2) We found incompatibility issues with Debian10 and "in-place" substitutions - if [[ $posix_regex = true ]]; then - result="$(sed -E "/$match_regex/d" "$filename")" - else - result="$(sed "/$match_regex/d" "$filename")" - fi - echo "$result" > "$filename" -} - -######################## -# Appends text after the last line matching a pattern -# Arguments: -# $1 - file -# $2 - match regex -# $3 - contents to add -# Returns: -# None -######################### -append_file_after_last_match() { - local file="${1:?missing file}" - local match_regex="${2:?missing pattern}" - local value="${3:?missing value}" - - # We read the file in reverse, replace the first match (0,/pattern/s) and then reverse the results again - result="$(tac "$file" | sed -E "0,/($match_regex)/s||${value}\n\1|" | tac)" - echo "$result" > "$file" -} - -######################## -# Wait until certain entry is present in a log file -# Arguments: -# $1 - entry to look for -# $2 - log file -# $3 - max retries. Default: 12 -# $4 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -wait_for_log_entry() { - local -r entry="${1:-missing entry}" - local -r log_file="${2:-missing log file}" - local -r retries="${3:-12}" - local -r interval_time="${4:-5}" - local attempt=0 - - check_log_file_for_entry() { - if ! grep -qE "$entry" "$log_file"; then - debug "Entry \"${entry}\" still not present in ${log_file} (attempt $((++attempt))/${retries})" - return 1 - fi - } - debug "Checking that ${log_file} log file contains entry \"${entry}\"" - if retry_while check_log_file_for_entry "$retries" "$interval_time"; then - debug "Found entry \"${entry}\" in ${log_file}" - true - else - error "Could not find entry \"${entry}\" in ${log_file} after ${retries} retries" - debug_execute cat "$log_file" - return 1 - fi -} diff --git a/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh b/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh deleted file mode 100644 index 96b22f99710c..000000000000 --- a/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/opt/bitnami/scripts/libfs.sh +++ /dev/null @@ -1,193 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for file system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Ensure a file/directory is owned (user and group) but the given user -# Arguments: -# $1 - filepath -# $2 - owner -# Returns: -# None -######################### -owned_by() { - local path="${1:?path is missing}" - local owner="${2:?owner is missing}" - local group="${3:-}" - - if [[ -n $group ]]; then - chown "$owner":"$group" "$path" - else - chown "$owner":"$owner" "$path" - fi -} - -######################## -# Ensure a directory exists and, optionally, is owned by the given user -# Arguments: -# $1 - directory -# $2 - owner -# Returns: -# None -######################### -ensure_dir_exists() { - local dir="${1:?directory is missing}" - local owner_user="${2:-}" - local owner_group="${3:-}" - - [ -d "${dir}" ] || mkdir -p "${dir}" - if [[ -n $owner_user ]]; then - owned_by "$dir" "$owner_user" "$owner_group" - fi -} - -######################## -# Checks whether a directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_dir_empty() { - local -r path="${1:?missing directory}" - # Calculate real path in order to avoid issues with symlinks - local -r dir="$(realpath "$path")" - if [[ ! -e "$dir" ]] || [[ -z "$(ls -A "$dir")" ]]; then - true - else - false - fi -} - -######################## -# Checks whether a mounted directory is empty or not -# arguments: -# $1 - directory -# returns: -# boolean -######################### -is_mounted_dir_empty() { - local dir="${1:?missing directory}" - - if is_dir_empty "$dir" || find "$dir" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" -exec false {} +; then - true - else - false - fi -} - -######################## -# Checks whether a file can be written to or not -# arguments: -# $1 - file -# returns: -# boolean -######################### -is_file_writable() { - local file="${1:?missing file}" - local dir - dir="$(dirname "$file")" - - if [[ (-f "$file" && -w "$file") || (! -f "$file" && -d "$dir" && -w "$dir") ]]; then - true - else - false - fi -} - -######################## -# Relativize a path -# arguments: -# $1 - path -# $2 - base -# returns: -# None -######################### -relativize() { - local -r path="${1:?missing path}" - local -r base="${2:?missing base}" - pushd "$base" >/dev/null || exit - realpath -q --no-symlinks --relative-base="$base" "$path" | sed -e 's|^/$|.|' -e 's|^/||' - popd >/dev/null || exit -} - -######################## -# Configure permisions and ownership recursively -# Globals: -# None -# Arguments: -# $1 - paths (as a string). -# Flags: -# -f|--file-mode - mode for directories. -# -d|--dir-mode - mode for files. -# -u|--user - user -# -g|--group - group -# Returns: -# None -######################### -configure_permissions_ownership() { - local -r paths="${1:?paths is missing}" - local dir_mode="" - local file_mode="" - local user="" - local group="" - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -f | --file-mode) - shift - file_mode="${1:?missing mode for files}" - ;; - -d | --dir-mode) - shift - dir_mode="${1:?missing mode for directories}" - ;; - -u | --user) - shift - user="${1:?missing user}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - read -r -a filepaths <<<"$paths" - for p in "${filepaths[@]}"; do - if [[ -e "$p" ]]; then - find -L "$p" -printf "" - if [[ -n $dir_mode ]]; then - find -L "$p" -type d ! -perm "$dir_mode" -print0 | xargs -r -0 chmod "$dir_mode" - fi - if [[ -n $file_mode ]]; then - find -L "$p" -type f ! -perm "$file_mode" -print0 | xargs -r -0 chmod "$file_mode" - fi - if [[ -n $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}:${group}" - elif [[ -n $user ]] && [[ -z $group ]]; then - find -L "$p" -print0 | xargs -r -0 chown "${user}" - elif [[ -z $user ]] && [[ -n $group ]]; then - find -L "$p" -print0 | xargs -r -0 chgrp "${group}" - fi - else - stderr_print "$p does not exist" - fi - done -} diff --git a/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh b/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh deleted file mode 100644 index dadd06149e00..000000000000 --- a/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/opt/bitnami/scripts/libhook.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library to use for scripts expected to be used as Kubernetes lifecycle hooks - -# shellcheck disable=SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libos.sh - -# Override functions that log to stdout/stderr of the current process, so they print to process 1 -for function_to_override in stderr_print debug_execute; do - # Output is sent to output of process 1 and thus end up in the container log - # The hook output in general isn't saved - eval "$(declare -f "$function_to_override") >/proc/1/fd/1 2>/proc/1/fd/2" -done diff --git a/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh b/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh deleted file mode 100644 index 2a9e76a4d725..000000000000 --- a/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/opt/bitnami/scripts/liblog.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for logging functions - -# Constants -RESET='\033[0m' -RED='\033[38;5;1m' -GREEN='\033[38;5;2m' -YELLOW='\033[38;5;3m' -MAGENTA='\033[38;5;5m' -CYAN='\033[38;5;6m' - -# Functions - -######################## -# Print to STDERR -# Arguments: -# Message to print -# Returns: -# None -######################### -stderr_print() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_QUIET:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if ! [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - printf "%b\\n" "${*}" >&2 - fi -} - -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -log() { - stderr_print "${CYAN}${MODULE:-} ${MAGENTA}$(date "+%T.%2N ")${RESET}${*}" -} -######################## -# Log an 'info' message -# Arguments: -# Message to log -# Returns: -# None -######################### -info() { - log "${GREEN}INFO ${RESET} ==> ${*}" -} -######################## -# Log message -# Arguments: -# Message to log -# Returns: -# None -######################### -warn() { - log "${YELLOW}WARN ${RESET} ==> ${*}" -} -######################## -# Log an 'error' message -# Arguments: -# Message to log -# Returns: -# None -######################### -error() { - log "${RED}ERROR${RESET} ==> ${*}" -} -######################## -# Log a 'debug' message -# Globals: -# BITNAMI_DEBUG -# Arguments: -# None -# Returns: -# None -######################### -debug() { - # 'is_boolean_yes' is defined in libvalidations.sh, but depends on this file so we cannot source it - local bool="${BITNAMI_DEBUG:-false}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - log "${MAGENTA}DEBUG${RESET} ==> ${*}" - fi -} - -######################## -# Indent a string -# Arguments: -# $1 - string -# $2 - number of indentation characters (default: 4) -# $3 - indentation character (default: " ") -# Returns: -# None -######################### -indent() { - local string="${1:-}" - local num="${2:?missing num}" - local char="${3:-" "}" - # Build the indentation unit string - local indent_unit="" - for ((i = 0; i < num; i++)); do - indent_unit="${indent_unit}${char}" - done - # shellcheck disable=SC2001 - # Complex regex, see https://github.com/koalaman/shellcheck/wiki/SC2001#exceptions - echo "$string" | sed "s/^/${indent_unit}/" -} diff --git a/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh b/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh deleted file mode 100644 index b47c69a56825..000000000000 --- a/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/opt/bitnami/scripts/libnet.sh +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for network functions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Resolve IP address for a host/domain (i.e. DNS lookup) -# Arguments: -# $1 - Hostname to resolve -# $2 - IP address version (v4, v6), leave empty for resolving to any version -# Returns: -# IP -######################### -dns_lookup() { - local host="${1:?host is missing}" - local ip_version="${2:-}" - getent "ahosts${ip_version}" "$host" | awk '/STREAM/ {print $1 }' | head -n 1 -} - -######################### -# Wait for a hostname and return the IP -# Arguments: -# $1 - hostname -# $2 - number of retries -# $3 - seconds to wait between retries -# Returns: -# - IP address that corresponds to the hostname -######################### -wait_for_dns_lookup() { - local hostname="${1:?hostname is missing}" - local retries="${2:-5}" - local seconds="${3:-1}" - check_host() { - if [[ $(dns_lookup "$hostname") == "" ]]; then - false - else - true - fi - } - # Wait for the host to be ready - retry_while "check_host ${hostname}" "$retries" "$seconds" - dns_lookup "$hostname" -} - -######################## -# Get machine's IP -# Arguments: -# None -# Returns: -# Machine IP -######################### -get_machine_ip() { - local -a ip_addresses - local hostname - hostname="$(hostname)" - read -r -a ip_addresses <<< "$(dns_lookup "$hostname" | xargs echo)" - if [[ "${#ip_addresses[@]}" -gt 1 ]]; then - warn "Found more than one IP address associated to hostname ${hostname}: ${ip_addresses[*]}, will use ${ip_addresses[0]}" - elif [[ "${#ip_addresses[@]}" -lt 1 ]]; then - error "Could not find any IP address associated to hostname ${hostname}" - exit 1 - fi - echo "${ip_addresses[0]}" -} - -######################## -# Check if the provided argument is a resolved hostname -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_hostname_resolved() { - local -r host="${1:?missing value}" - if [[ -n "$(dns_lookup "$host")" ]]; then - true - else - false - fi -} - -######################## -# Parse URL -# Globals: -# None -# Arguments: -# $1 - uri - String -# $2 - component to obtain. Valid options (scheme, authority, userinfo, host, port, path, query or fragment) - String -# Returns: -# String -parse_uri() { - local uri="${1:?uri is missing}" - local component="${2:?component is missing}" - - # Solution based on https://tools.ietf.org/html/rfc3986#appendix-B with - # additional sub-expressions to split authority into userinfo, host and port - # Credits to Patryk Obara (see https://stackoverflow.com/a/45977232/6694969) - local -r URI_REGEX='^(([^:/?#]+):)?(//((([^@/?#]+)@)?([^:/?#]+)(:([0-9]+))?))?(/([^?#]*))?(\?([^#]*))?(#(.*))?' - # || | ||| | | | | | | | | | - # |2 scheme | ||6 userinfo 7 host | 9 port | 11 rpath | 13 query | 15 fragment - # 1 scheme: | |5 userinfo@ 8 :... 10 path 12 ?... 14 #... - # | 4 authority - # 3 //... - local index=0 - case "$component" in - scheme) - index=2 - ;; - authority) - index=4 - ;; - userinfo) - index=6 - ;; - host) - index=7 - ;; - port) - index=9 - ;; - path) - index=10 - ;; - query) - index=13 - ;; - fragment) - index=14 - ;; - *) - stderr_print "unrecognized component $component" - return 1 - ;; - esac - [[ "$uri" =~ $URI_REGEX ]] && echo "${BASH_REMATCH[${index}]}" -} - -######################## -# Wait for a HTTP connection to succeed -# Globals: -# * -# Arguments: -# $1 - URL to wait for -# $2 - Maximum amount of retries (optional) -# $3 - Time between retries (optional) -# Returns: -# true if the HTTP connection succeeded, false otherwise -######################### -wait_for_http_connection() { - local url="${1:?missing url}" - local retries="${2:-}" - local sleep_time="${3:-}" - if ! retry_while "debug_execute curl --silent ${url}" "$retries" "$sleep_time"; then - error "Could not connect to ${url}" - return 1 - fi -} diff --git a/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh deleted file mode 100644 index c0500acee78d..000000000000 --- a/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ /dev/null @@ -1,657 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for operating system actions - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libvalidations.sh - -# Functions - -######################## -# Check if an user exists in the system -# Arguments: -# $1 - user -# Returns: -# Boolean -######################### -user_exists() { - local user="${1:?user is missing}" - id "$user" >/dev/null 2>&1 -} - -######################## -# Check if a group exists in the system -# Arguments: -# $1 - group -# Returns: -# Boolean -######################### -group_exists() { - local group="${1:?group is missing}" - getent group "$group" >/dev/null 2>&1 -} - -######################## -# Create a group in the system if it does not exist already -# Arguments: -# $1 - group -# Flags: -# -i|--gid - the ID for the new group -# -s|--system - Whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_group_exists() { - local group="${1:?group is missing}" - local gid="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --gid) - shift - gid="${1:?missing gid}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! group_exists "$group"; then - local -a args=("$group") - if [[ -n "$gid" ]]; then - if group_exists "$gid"; then - error "The GID $gid is already in use." >&2 - return 1 - fi - args+=("--gid" "$gid") - fi - $is_system_user && args+=("--system") - groupadd "${args[@]}" >/dev/null 2>&1 - fi -} - -######################## -# Create an user in the system if it does not exist already -# Arguments: -# $1 - user -# Flags: -# -i|--uid - the ID for the new user -# -g|--group - the group the new user should belong to -# -a|--append-groups - comma-separated list of supplemental groups to append to the new user -# -h|--home - the home directory for the new user -# -s|--system - whether to create new user as system user (uid <= 999) -# Returns: -# None -######################### -ensure_user_exists() { - local user="${1:?user is missing}" - local uid="" - local group="" - local append_groups="" - local home="" - local is_system_user=false - - # Validate arguments - shift 1 - while [ "$#" -gt 0 ]; do - case "$1" in - -i | --uid) - shift - uid="${1:?missing uid}" - ;; - -g | --group) - shift - group="${1:?missing group}" - ;; - -a | --append-groups) - shift - append_groups="${1:?missing append_groups}" - ;; - -h | --home) - shift - home="${1:?missing home directory}" - ;; - -s | --system) - is_system_user=true - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - - if ! user_exists "$user"; then - local -a user_args=("-N" "$user") - if [[ -n "$uid" ]]; then - if user_exists "$uid"; then - error "The UID $uid is already in use." - return 1 - fi - user_args+=("--uid" "$uid") - else - $is_system_user && user_args+=("--system") - fi - useradd "${user_args[@]}" >/dev/null 2>&1 - fi - - if [[ -n "$group" ]]; then - local -a group_args=("$group") - $is_system_user && group_args+=("--system") - ensure_group_exists "${group_args[@]}" - usermod -g "$group" "$user" >/dev/null 2>&1 - fi - - if [[ -n "$append_groups" ]]; then - local -a groups - read -ra groups <<<"$(tr ',;' ' ' <<<"$append_groups")" - for group in "${groups[@]}"; do - ensure_group_exists "$group" - usermod -aG "$group" "$user" >/dev/null 2>&1 - done - fi - - if [[ -n "$home" ]]; then - mkdir -p "$home" - usermod -d "$home" "$user" >/dev/null 2>&1 - configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group" - fi -} - -######################## -# Check if the script is currently running as root -# Arguments: -# $1 - user -# $2 - group -# Returns: -# Boolean -######################### -am_i_root() { - if [[ "$(id -u)" = "0" ]]; then - true - else - false - fi -} - -######################## -# Print OS metadata -# Arguments: -# $1 - Flag name -# Flags: -# --id - Distro ID -# --version - Distro version -# --branch - Distro branch -# --codename - Distro codename -# --name - Distro name -# --pretty-name - Distro pretty name -# Returns: -# String -######################### -get_os_metadata() { - local -r flag_name="${1:?missing flag}" - # Helper function - get_os_release_metadata() { - local -r env_name="${1:?missing environment variable name}" - ( - . /etc/os-release - echo "${!env_name}" - ) - } - case "$flag_name" in - --id) - get_os_release_metadata ID - ;; - --version) - get_os_release_metadata VERSION_ID - ;; - --branch) - get_os_release_metadata VERSION_ID | sed 's/\..*//' - ;; - --codename) - get_os_release_metadata VERSION_CODENAME - ;; - --name) - get_os_release_metadata NAME - ;; - --pretty-name) - get_os_release_metadata PRETTY_NAME - ;; - *) - error "Unknown flag ${flag_name}" - return 1 - ;; - esac -} - -######################## -# Get total memory available -# Arguments: -# None -# Returns: -# Memory in bytes -######################### -get_total_memory() { - echo $(($(grep MemTotal /proc/meminfo | awk '{print $2}') / 1024)) -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# None -# Flags: -# --memory - memory size (optional) -# Returns: -# Detected instance size -######################### -get_machine_size() { - local memory="" - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - --memory) - shift - memory="${1:?missing memory}" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - if [[ -z "$memory" ]]; then - debug "Memory was not specified, detecting available memory automatically" - memory="$(get_total_memory)" - fi - sanitized_memory=$(convert_to_mb "$memory") - if [[ "$sanitized_memory" -gt 26000 ]]; then - echo 2xlarge - elif [[ "$sanitized_memory" -gt 13000 ]]; then - echo xlarge - elif [[ "$sanitized_memory" -gt 6000 ]]; then - echo large - elif [[ "$sanitized_memory" -gt 3000 ]]; then - echo medium - elif [[ "$sanitized_memory" -gt 1500 ]]; then - echo small - else - echo micro - fi -} - -######################## -# Get machine size depending on specified memory -# Globals: -# None -# Arguments: -# $1 - memory size (optional) -# Returns: -# Detected instance size -######################### -get_supported_machine_sizes() { - echo micro small medium large xlarge 2xlarge -} - -######################## -# Convert memory size from string to amount of megabytes (i.e. 2G -> 2048) -# Globals: -# None -# Arguments: -# $1 - memory size -# Returns: -# Result of the conversion -######################### -convert_to_mb() { - local amount="${1:-}" - if [[ $amount =~ ^([0-9]+)(m|M|g|G) ]]; then - size="${BASH_REMATCH[1]}" - unit="${BASH_REMATCH[2]}" - if [[ "$unit" = "g" || "$unit" = "G" ]]; then - amount="$((size * 1024))" - else - amount="$size" - fi - fi - echo "$amount" -} - -######################### -# Redirects output to /dev/null if debug mode is disabled -# Globals: -# BITNAMI_DEBUG -# Arguments: -# $@ - Command to execute -# Returns: -# None -######################### -debug_execute() { - if is_boolean_yes "${BITNAMI_DEBUG:-false}"; then - "$@" - else - "$@" >/dev/null 2>&1 - fi -} - -######################## -# Retries a command a given number of times -# Arguments: -# $1 - cmd (as a string) -# $2 - max retries. Default: 12 -# $3 - sleep between retries (in seconds). Default: 5 -# Returns: -# Boolean -######################### -retry_while() { - local cmd="${1:?cmd is missing}" - local retries="${2:-12}" - local sleep_time="${3:-5}" - local return_value=1 - - read -r -a command <<<"$cmd" - for ((i = 1; i <= retries; i += 1)); do - "${command[@]}" && return_value=0 && break - sleep "$sleep_time" - done - return $return_value -} - -######################## -# Generate a random string -# Arguments: -# -t|--type - String type (ascii, alphanumeric, numeric), defaults to ascii -# -c|--count - Number of characters, defaults to 32 -# Arguments: -# None -# Returns: -# None -# Returns: -# String -######################### -generate_random_string() { - local type="ascii" - local count="32" - local filter - local result - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - -t | --type) - shift - type="$1" - ;; - -c | --count) - shift - count="$1" - ;; - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - # Validate type - case "$type" in - ascii) - filter="[:print:]" - ;; - numeric) - filter="0-9" - ;; - alphanumeric) - filter="a-zA-Z0-9" - ;; - alphanumeric+special|special+alphanumeric) - # Limit variety of special characters, so there is a higher chance of containing more alphanumeric characters - # Special characters are harder to write, and it could impact the overall UX if most passwords are too complex - filter='a-zA-Z0-9:@.,/+!=' - ;; - *) - echo "Invalid type ${type}" >&2 - return 1 - ;; - esac - # Obtain count + 10 lines from /dev/urandom to ensure that the resulting string has the expected size - # Note there is a very small chance of strings starting with EOL character - # Therefore, the higher amount of lines read, this will happen less frequently - result="$(head -n "$((count + 10))" /dev/urandom | tr -dc "$filter" | head -c "$count")" - echo "$result" -} - -######################## -# Create md5 hash from a string -# Arguments: -# $1 - string -# Returns: -# md5 hash - string -######################### -generate_md5_hash() { - local -r str="${1:?missing input string}" - echo -n "$str" | md5sum | awk '{print $1}' -} - -######################## -# Create sha1 hash from a string -# Arguments: -# $1 - string -# $2 - algorithm - 1 (default), 224, 256, 384, 512 -# Returns: -# sha1 hash - string -######################### -generate_sha_hash() { - local -r str="${1:?missing input string}" - local -r algorithm="${2:-1}" - echo -n "$str" | "sha${algorithm}sum" | awk '{print $1}' -} - -######################## -# Converts a string to its hexadecimal representation -# Arguments: -# $1 - string -# Returns: -# hexadecimal representation of the string -######################### -convert_to_hex() { - local -r str=${1:?missing input string} - local -i iterator - local char - for ((iterator = 0; iterator < ${#str}; iterator++)); do - char=${str:iterator:1} - printf '%x' "'${char}" - done -} - -######################## -# Get boot time -# Globals: -# None -# Arguments: -# None -# Returns: -# Boot time metadata -######################### -get_boot_time() { - stat /proc --format=%Y -} - -######################## -# Get machine ID -# Globals: -# None -# Arguments: -# None -# Returns: -# Machine ID -######################### -get_machine_id() { - local machine_id - if [[ -f /etc/machine-id ]]; then - machine_id="$(cat /etc/machine-id)" - fi - if [[ -z "$machine_id" ]]; then - # Fallback to the boot-time, which will at least ensure a unique ID in the current session - machine_id="$(get_boot_time)" - fi - echo "$machine_id" -} - -######################## -# Get the root partition's disk device ID (e.g. /dev/sda1) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root partition disk ID -######################### -get_disk_device_id() { - local device_id="" - if grep -q ^/dev /proc/mounts; then - device_id="$(grep ^/dev /proc/mounts | awk '$2 == "/" { print $1 }' | tail -1)" - fi - # If it could not be autodetected, fallback to /dev/sda1 as a default - if [[ -z "$device_id" || ! -b "$device_id" ]]; then - device_id="/dev/sda1" - fi - echo "$device_id" -} - -######################## -# Get the root disk device ID (e.g. /dev/sda) -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk ID -######################### -get_root_disk_device_id() { - get_disk_device_id | sed -E 's/p?[0-9]+$//' -} - -######################## -# Get the root disk size in bytes -# Globals: -# None -# Arguments: -# None -# Returns: -# Root disk size in bytes -######################### -get_root_disk_size() { - fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true -} - -######################## -# Run command as a specific user and group (optional) -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -run_as_user() { - run_chroot "$@" -} - -######################## -# Execute command as a specific user and group (optional), -# replacing the current process image -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Returns: -# Exit code of the specified command -######################### -exec_as_user() { - run_chroot --replace-process "$@" -} - -######################## -# Run a command using chroot -# Arguments: -# $1 - USER(:GROUP) to switch to -# $2..$n - command to execute -# Flags: -# -r | --replace-process - Replace the current process image (optional) -# Returns: -# Exit code of the specified command -######################### -run_chroot() { - local userspec - local user - local homedir - local replace=false - local -r cwd="$(pwd)" - - # Parse and validate flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -r | --replace-process) - replace=true - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - # Parse and validate arguments - if [[ "$#" -lt 2 ]]; then - echo "expected at least 2 arguments" - return 1 - else - userspec=$1 - shift - - # userspec can optionally include the group, so we parse the user - user=$(echo "$userspec" | cut -d':' -f1) - fi - - if ! am_i_root; then - error "Could not switch to '${userspec}': Operation not permitted" - return 1 - fi - - # Get the HOME directory for the user to switch, as chroot does - # not properly update this env and some scripts rely on it - homedir=$(eval echo "~${user}") - if [[ ! -d $homedir ]]; then - homedir="${HOME:-/}" - fi - - # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion - if [[ "$replace" = true ]]; then - exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - else - chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" - fi -} diff --git a/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh b/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh deleted file mode 100644 index af6af64d6dd0..000000000000 --- a/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/opt/bitnami/scripts/libpersistence.sh +++ /dev/null @@ -1,124 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami persistence library -# Used for bringing persistence capabilities to applications that don't have clear separation of data and logic - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libfs.sh -. /opt/bitnami/scripts/libos.sh -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libversion.sh - -# Functions - -######################## -# Persist an application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# $2 - List of app files to persist -# Returns: -# true if all steps succeeded, false otherwise -######################### -persist_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_persist <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Persist the individual files - if [[ "${#files_to_persist[@]}" -le 0 ]]; then - warn "No files are configured to be persisted" - return - fi - pushd "$install_dir" >/dev/null || exit - local file_to_persist_relative file_to_persist_destination file_to_persist_destination_folder - local -r tmp_file="/tmp/perms.acl" - for file_to_persist in "${files_to_persist[@]}"; do - if [[ ! -f "$file_to_persist" && ! -d "$file_to_persist" ]]; then - error "Cannot persist '${file_to_persist}' because it does not exist" - return 1 - fi - file_to_persist_relative="$(relativize "$file_to_persist" "$install_dir")" - file_to_persist_destination="${persist_dir}/${file_to_persist_relative}" - file_to_persist_destination_folder="$(dirname "$file_to_persist_destination")" - # Get original permissions for existing files, which will be applied later - # Exclude the root directory with 'sed', to avoid issues when copying the entirety of it to a volume - getfacl -R "$file_to_persist_relative" | sed -E '/# file: (\..+|[^.])/,$!d' > "$tmp_file" - # Copy directories to the volume - ensure_dir_exists "$file_to_persist_destination_folder" - cp -Lr --preserve=links "$file_to_persist_relative" "$file_to_persist_destination_folder" - # Restore permissions - pushd "$persist_dir" >/dev/null || exit - if am_i_root; then - setfacl --restore="$tmp_file" - else - # When running as non-root, don't change ownership - setfacl --restore=<(grep -E -v '^# (owner|group):' "$tmp_file") - fi - popd >/dev/null || exit - done - popd >/dev/null || exit - rm -f "$tmp_file" - # Install the persisted files into the installation directory, via symlinks - restore_persisted_app "$@" -} - -######################## -# Restore a persisted application directory -# Globals: -# BITNAMI_ROOT_DIR -# BITNAMI_VOLUME_DIR -# FORCE_MAJOR_UPGRADE -# Arguments: -# $1 - App folder name -# $2 - List of app files to restore -# Returns: -# true if all steps succeeded, false otherwise -######################### -restore_persisted_app() { - local -r app="${1:?missing app}" - local -a files_to_restore - read -r -a files_to_restore <<< "$(tr ',;:' ' ' <<< "$2")" - local -r install_dir="${BITNAMI_ROOT_DIR}/${app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - # Restore the individual persisted files - if [[ "${#files_to_restore[@]}" -le 0 ]]; then - warn "No persisted files are configured to be restored" - return - fi - local file_to_restore_relative file_to_restore_origin file_to_restore_destination - for file_to_restore in "${files_to_restore[@]}"; do - file_to_restore_relative="$(relativize "$file_to_restore" "$install_dir")" - # We use 'realpath --no-symlinks' to ensure that the case of '.' is covered and the directory is removed - file_to_restore_origin="$(realpath --no-symlinks "${install_dir}/${file_to_restore_relative}")" - file_to_restore_destination="$(realpath --no-symlinks "${persist_dir}/${file_to_restore_relative}")" - rm -rf "$file_to_restore_origin" - ln -sfn "$file_to_restore_destination" "$file_to_restore_origin" - done -} - -######################## -# Check if an application directory was already persisted -# Globals: -# BITNAMI_VOLUME_DIR -# Arguments: -# $1 - App folder name -# Returns: -# true if all steps succeeded, false otherwise -######################### -is_app_initialized() { - local -r app="${1:?missing app}" - local -r persist_dir="${BITNAMI_VOLUME_DIR}/${app}" - if ! is_mounted_dir_empty "$persist_dir"; then - true - else - false - fi -} diff --git a/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh b/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh deleted file mode 100644 index 107f54e6b5c9..000000000000 --- a/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/opt/bitnami/scripts/libservice.sh +++ /dev/null @@ -1,496 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing services - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/liblog.sh - -# Functions - -######################## -# Read the provided pid file and returns a PID -# Arguments: -# $1 - Pid file -# Returns: -# PID -######################### -get_pid_from_file() { - local pid_file="${1:?pid file is missing}" - - if [[ -f "$pid_file" ]]; then - if [[ -n "$(< "$pid_file")" ]] && [[ "$(< "$pid_file")" -gt 0 ]]; then - echo "$(< "$pid_file")" - fi - fi -} - -######################## -# Check if a provided PID corresponds to a running service -# Arguments: -# $1 - PID -# Returns: -# Boolean -######################### -is_service_running() { - local pid="${1:?pid is missing}" - - kill -0 "$pid" 2>/dev/null -} - -######################## -# Stop a service by sending a termination signal to its pid -# Arguments: -# $1 - Pid file -# $2 - Signal number (optional) -# Returns: -# None -######################### -stop_service_using_pid() { - local pid_file="${1:?pid file is missing}" - local signal="${2:-}" - local pid - - pid="$(get_pid_from_file "$pid_file")" - [[ -z "$pid" ]] || ! is_service_running "$pid" && return - - if [[ -n "$signal" ]]; then - kill "-${signal}" "$pid" - else - kill "$pid" - fi - - local counter=10 - while [[ "$counter" -ne 0 ]] && is_service_running "$pid"; do - sleep 1 - counter=$((counter - 1)) - done -} - -######################## -# Start cron daemon -# Arguments: -# None -# Returns: -# true if started correctly, false otherwise -######################### -cron_start() { - if [[ -x "/usr/sbin/cron" ]]; then - /usr/sbin/cron - elif [[ -x "/usr/sbin/crond" ]]; then - /usr/sbin/crond - else - false - fi -} - -######################## -# Generate a cron configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Command -# Flags: -# --run-as - User to run as (default: root) -# --schedule - Cron schedule configuration (default: * * * * *) -# Returns: -# None -######################### -generate_cron_conf() { - local service_name="${1:?service name is missing}" - local cmd="${2:?command is missing}" - local run_as="root" - local schedule="* * * * *" - local clean="true" - - # Parse optional CLI flags - shift 2 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --run-as) - shift - run_as="$1" - ;; - --schedule) - shift - schedule="$1" - ;; - --no-clean) - clean="false" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - mkdir -p /etc/cron.d - if "$clean"; then - cat > "/etc/cron.d/${service_name}" <> /etc/cron.d/"$service_name" - fi -} - -######################## -# Remove a cron configuration file for a given service -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_cron_conf() { - local service_name="${1:?service name is missing}" - local cron_conf_dir="/etc/monit/conf.d" - rm -f "${cron_conf_dir}/${service_name}" -} - -######################## -# Generate a monit configuration file for a given service -# Arguments: -# $1 - Service name -# $2 - Pid file -# $3 - Start command -# $4 - Stop command -# Flags: -# --disable - Whether to disable the monit configuration -# Returns: -# None -######################### -generate_monit_conf() { - local service_name="${1:?service name is missing}" - local pid_file="${2:?pid file is missing}" - local start_command="${3:?start command is missing}" - local stop_command="${4:?stop command is missing}" - local monit_conf_dir="/etc/monit/conf.d" - local disabled="no" - - # Parse optional CLI flags - shift 4 - while [[ "$#" -gt 0 ]]; do - case "$1" in - --disable) - disabled="yes" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - - is_boolean_yes "$disabled" && conf_suffix=".disabled" - mkdir -p "$monit_conf_dir" - cat > "${monit_conf_dir}/${service_name}.conf${conf_suffix:-}" <&2 - return 1 - ;; - esac - shift - done - - mkdir -p "$logrotate_conf_dir" - cat < "${logrotate_conf_dir}/${service_name}" -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -${log_path} { - ${period} - rotate ${rotations} - dateext - compress - copytruncate - missingok -$(indent "$extra" 2) -} -EOF -} - -######################## -# Remove a logrotate configuration file -# Arguments: -# $1 - Service name -# Returns: -# None -######################### -remove_logrotate_conf() { - local service_name="${1:?service name is missing}" - local logrotate_conf_dir="/etc/logrotate.d" - rm -f "${logrotate_conf_dir}/${service_name}" -} - -######################## -# Generate a Systemd configuration file -# Arguments: -# $1 - Service name -# Flags: -# --custom-service-content - Custom content to add to the [service] block -# --environment - Environment variable to define (multiple --environment options may be passed) -# --environment-file - Text file with environment variables (multiple --environment-file options may be passed) -# --exec-start - Start command (required) -# --exec-start-pre - Pre-start command (optional) -# --exec-start-post - Post-start command (optional) -# --exec-stop - Stop command (optional) -# --exec-reload - Reload command (optional) -# --group - System group to start the service with -# --name - Service full name (e.g. Apache HTTP Server, defaults to $1) -# --restart - When to restart the Systemd service after being stopped (defaults to always) -# --pid-file - Service PID file -# --standard-output - File where to print stdout output -# --standard-error - File where to print stderr output -# --success-exit-status - Exit code that indicates a successful shutdown -# --type - Systemd unit type (defaults to forking) -# --user - System user to start the service with -# --working-directory - Working directory at which to start the service -# Returns: -# None -######################### -generate_systemd_conf() { - local -r service_name="${1:?service name is missing}" - local -r systemd_units_dir="/etc/systemd/system" - local -r service_file="${systemd_units_dir}/bitnami.${service_name}.service" - # Default values - local name="$service_name" - local type="forking" - local user="" - local group="" - local environment="" - local environment_file="" - local exec_start="" - local exec_start_pre="" - local exec_start_post="" - local exec_stop="" - local exec_reload="" - local restart="always" - local pid_file="" - local standard_output="journal" - local standard_error="" - local limits_content="" - local success_exit_status="" - local custom_service_content="" - local working_directory="" - # Parse CLI flags - shift - while [[ "$#" -gt 0 ]]; do - case "$1" in - --name \ - | --type \ - | --user \ - | --group \ - | --exec-start \ - | --exec-stop \ - | --exec-reload \ - | --restart \ - | --pid-file \ - | --standard-output \ - | --standard-error \ - | --success-exit-status \ - | --custom-service-content \ - | --working-directory \ - ) - var_name="$(echo "$1" | sed -e "s/^--//" -e "s/-/_/g")" - shift - declare "$var_name"="${1:?"${var_name} value is missing"}" - ;; - --limit-*) - [[ -n "$limits_content" ]] && limits_content+=$'\n' - var_name="${1//--limit-}" - shift - limits_content+="Limit${var_name^^}=${1:?"--limit-${var_name} value is missing"}" - ;; - --exec-start-pre) - shift - [[ -n "$exec_start_pre" ]] && exec_start_pre+=$'\n' - exec_start_pre+="ExecStartPre=${1:?"--exec-start-pre value is missing"}" - ;; - --exec-start-post) - shift - [[ -n "$exec_start_post" ]] && exec_start_post+=$'\n' - exec_start_post+="ExecStartPost=${1:?"--exec-start-post value is missing"}" - ;; - --environment) - shift - # It is possible to add multiple environment lines - [[ -n "$environment" ]] && environment+=$'\n' - environment+="Environment=${1:?"--environment value is missing"}" - ;; - --environment-file) - shift - # It is possible to add multiple environment-file lines - [[ -n "$environment_file" ]] && environment_file+=$'\n' - environment_file+="EnvironmentFile=${1:?"--environment-file value is missing"}" - ;; - *) - echo "Invalid command line flag ${1}" >&2 - return 1 - ;; - esac - shift - done - # Validate inputs - local error="no" - if [[ -z "$exec_start" ]]; then - error "The --exec-start option is required" - error="yes" - fi - if [[ "$error" != "no" ]]; then - return 1 - fi - # Generate the Systemd unit - cat > "$service_file" <> "$service_file" <<< "WorkingDirectory=${working_directory}" - fi - if [[ -n "$exec_start_pre" ]]; then - # This variable may contain multiple ExecStartPre= directives - cat >> "$service_file" <<< "$exec_start_pre" - fi - if [[ -n "$exec_start" ]]; then - cat >> "$service_file" <<< "ExecStart=${exec_start}" - fi - if [[ -n "$exec_start_post" ]]; then - # This variable may contain multiple ExecStartPost= directives - cat >> "$service_file" <<< "$exec_start_post" - fi - # Optional stop and reload commands - if [[ -n "$exec_stop" ]]; then - cat >> "$service_file" <<< "ExecStop=${exec_stop}" - fi - if [[ -n "$exec_reload" ]]; then - cat >> "$service_file" <<< "ExecReload=${exec_reload}" - fi - # User and group - if [[ -n "$user" ]]; then - cat >> "$service_file" <<< "User=${user}" - fi - if [[ -n "$group" ]]; then - cat >> "$service_file" <<< "Group=${group}" - fi - # PID file allows to determine if the main process is running properly (for Restart=always) - if [[ -n "$pid_file" ]]; then - cat >> "$service_file" <<< "PIDFile=${pid_file}" - fi - if [[ -n "$restart" ]]; then - cat >> "$service_file" <<< "Restart=${restart}" - fi - # Environment flags - if [[ -n "$environment" ]]; then - # This variable may contain multiple Environment= directives - cat >> "$service_file" <<< "$environment" - fi - if [[ -n "$environment_file" ]]; then - # This variable may contain multiple EnvironmentFile= directives - cat >> "$service_file" <<< "$environment_file" - fi - # Logging - if [[ -n "$standard_output" ]]; then - cat >> "$service_file" <<< "StandardOutput=${standard_output}" - fi - if [[ -n "$standard_error" ]]; then - cat >> "$service_file" <<< "StandardError=${standard_error}" - fi - if [[ -n "$custom_service_content" ]]; then - # This variable may contain multiple miscellaneous directives - cat >> "$service_file" <<< "$custom_service_content" - fi - if [[ -n "$success_exit_status" ]]; then - cat >> "$service_file" <> "$service_file" <> "$service_file" <> "$service_file" <= 0 )); then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean or is the string 'yes/true' -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_boolean_yes() { - local -r bool="${1:-}" - # comparison is performed without regard to the case of alphabetic characters - shopt -s nocasematch - if [[ "$bool" = 1 || "$bool" =~ ^(yes|true)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean yes/no value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_yes_no_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(yes|no)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean true/false value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_true_false_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^(true|false)$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is a boolean 1/0 value -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_1_0_value() { - local -r bool="${1:-}" - if [[ "$bool" =~ ^[10]$ ]]; then - true - else - false - fi -} - -######################## -# Check if the provided argument is an empty string or not defined -# Arguments: -# $1 - Value to check -# Returns: -# Boolean -######################### -is_empty_value() { - local -r val="${1:-}" - if [[ -z "$val" ]]; then - true - else - false - fi -} - -######################## -# Validate if the provided argument is a valid port -# Arguments: -# $1 - Port to validate -# Returns: -# Boolean and error message -######################### -validate_port() { - local value - local unprivileged=0 - - # Parse flags - while [[ "$#" -gt 0 ]]; do - case "$1" in - -unprivileged) - unprivileged=1 - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [[ "$#" -gt 1 ]]; then - echo "too many arguments provided" - return 2 - elif [[ "$#" -eq 0 ]]; then - stderr_print "missing port argument" - return 1 - else - value=$1 - fi - - if [[ -z "$value" ]]; then - echo "the value is empty" - return 1 - else - if ! is_int "$value"; then - echo "value is not an integer" - return 2 - elif [[ "$value" -lt 0 ]]; then - echo "negative value provided" - return 2 - elif [[ "$value" -gt 65535 ]]; then - echo "requested port is greater than 65535" - return 2 - elif [[ "$unprivileged" = 1 && "$value" -lt 1024 ]]; then - echo "privileged port requested" - return 3 - fi - fi -} - -######################## -# Validate if the provided argument is a valid IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv6() { - local ip="${1:?ip is missing}" - local stat=1 - local full_address_regex='^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$' - local short_address_regex='^((([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6}::(([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}){0,6})$' - - if [[ $ip =~ $full_address_regex || $ip =~ $short_address_regex || $ip == "::" ]]; then - stat=0 - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ipv4() { - local ip="${1:?ip is missing}" - local stat=1 - - if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - read -r -a ip_array <<< "$(tr '.' ' ' <<< "$ip")" - [[ ${ip_array[0]} -le 255 && ${ip_array[1]} -le 255 \ - && ${ip_array[2]} -le 255 && ${ip_array[3]} -le 255 ]] - stat=$? - fi - return $stat -} - -######################## -# Validate if the provided argument is a valid IPv4 or IPv6 address -# Arguments: -# $1 - IP to validate -# Returns: -# Boolean -######################### -validate_ip() { - local ip="${1:?ip is missing}" - local stat=1 - - if validate_ipv4 "$ip"; then - stat=0 - else - stat=$(validate_ipv6 "$ip") - fi - return $stat -} - -######################## -# Validate a string format -# Arguments: -# $1 - String to validate -# Returns: -# Boolean -######################### -validate_string() { - local string - local min_length=-1 - local max_length=-1 - - # Parse flags - while [ "$#" -gt 0 ]; do - case "$1" in - -min-length) - shift - min_length=${1:-} - ;; - -max-length) - shift - max_length=${1:-} - ;; - --) - shift - break - ;; - -*) - stderr_print "unrecognized flag $1" - return 1 - ;; - *) - break - ;; - esac - shift - done - - if [ "$#" -gt 1 ]; then - stderr_print "too many arguments provided" - return 2 - elif [ "$#" -eq 0 ]; then - stderr_print "missing string" - return 1 - else - string=$1 - fi - - if [[ "$min_length" -ge 0 ]] && [[ "${#string}" -lt "$min_length" ]]; then - echo "string length is less than $min_length" - return 1 - fi - if [[ "$max_length" -ge 0 ]] && [[ "${#string}" -gt "$max_length" ]]; then - echo "string length is great than $max_length" - return 1 - fi -} diff --git a/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh b/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh deleted file mode 100644 index 6ca71ac7bdbb..000000000000 --- a/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/opt/bitnami/scripts/libversion.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Library for managing versions strings - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh - -# Functions -######################## -# Gets semantic version -# Arguments: -# $1 - version: string to extract major.minor.patch -# $2 - section: 1 to extract major, 2 to extract minor, 3 to extract patch -# Returns: -# array with the major, minor and release -######################### -get_sematic_version () { - local version="${1:?version is required}" - local section="${2:?section is required}" - local -a version_sections - - #Regex to parse versions: x.y.z - local -r regex='([0-9]+)(\.([0-9]+)(\.([0-9]+))?)?' - - if [[ "$version" =~ $regex ]]; then - local i=1 - local j=1 - local n=${#BASH_REMATCH[*]} - - while [[ $i -lt $n ]]; do - if [[ -n "${BASH_REMATCH[$i]}" ]] && [[ "${BASH_REMATCH[$i]:0:1}" != '.' ]]; then - version_sections[j]="${BASH_REMATCH[$i]}" - ((j++)) - fi - ((i++)) - done - - local number_regex='^[0-9]+$' - if [[ "$section" =~ $number_regex ]] && (( section > 0 )) && (( section <= 3 )); then - echo "${version_sections[$section]}" - return - else - stderr_print "Section allowed values are: 1, 2, and 3" - return 1 - fi - fi -} diff --git a/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh b/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh deleted file mode 100644 index 8023f9b0549a..000000000000 --- a/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/opt/bitnami/scripts/libwebserver.sh +++ /dev/null @@ -1,476 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -# -# Bitnami web server handler library - -# shellcheck disable=SC1090,SC1091 - -# Load generic libraries -. /opt/bitnami/scripts/liblog.sh - -######################## -# Execute a command (or list of commands) with the web server environment and library loaded -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_execute() { - local -r web_server="${1:?missing web server}" - shift - # Run program in sub-shell to avoid web server environment getting loaded when not necessary - ( - . "/opt/bitnami/scripts/lib${web_server}.sh" - . "/opt/bitnami/scripts/${web_server}-env.sh" - "$@" - ) -} - -######################## -# Prints the list of enabled web servers -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_list() { - local -r -a supported_web_servers=(apache nginx) - local -a existing_web_servers=() - for web_server in "${supported_web_servers[@]}"; do - [[ -f "/opt/bitnami/scripts/${web_server}-env.sh" ]] && existing_web_servers+=("$web_server") - done - echo "${existing_web_servers[@]:-}" -} - -######################## -# Prints the currently-enabled web server type (only one, in order of preference) -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_type() { - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - echo "${web_servers[0]:-}" -} - -######################## -# Validate that a supported web server is configured -# Globals: -# None -# Arguments: -# None -# Returns: -# None -######################### -web_server_validate() { - local error_code=0 - local supported_web_servers=("apache" "nginx") - - # Auxiliary functions - print_validation_error() { - error "$1" - error_code=1 - } - - if [[ -z "$(web_server_type)" || ! " ${supported_web_servers[*]} " == *" $(web_server_type) "* ]]; then - print_validation_error "Could not detect any supported web servers. It must be one of: ${supported_web_servers[*]}" - elif ! web_server_execute "$(web_server_type)" type -t "is_$(web_server_type)_running" >/dev/null; then - print_validation_error "Could not load the $(web_server_type) web server library from /opt/bitnami/scripts. Check that it exists and is readable." - fi - - return "$error_code" -} - -######################## -# Check whether the web server is running -# Globals: -# * -# Arguments: -# None -# Returns: -# true if the web server is running, false otherwise -######################### -is_web_server_running() { - "is_$(web_server_type)_running" -} - -######################## -# Start web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_start() { - info "Starting $(web_server_type) in background" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl start "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/start.sh" - fi -} - -######################## -# Stop web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_stop() { - info "Stopping $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl stop "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/stop.sh" - fi -} - -######################## -# Restart web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_restart() { - info "Restarting $(web_server_type)" - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl restart "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/restart.sh" - fi -} - -######################## -# Reload web server -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_reload() { - if [[ "${BITNAMI_SERVICE_MANAGER:-}" = "systemd" ]]; then - systemctl reload "bitnami.$(web_server_type).service" - else - "${BITNAMI_ROOT_DIR}/scripts/$(web_server_type)/reload.sh" - fi -} - -######################## -# Ensure a web server application configuration exists (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --type - Application type, which has an effect on which configuration template to use -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --disable - Whether to render server configurations with a .disabled prefix -# --disable-http - Whether to render the app's HTTP server configuration with a .disabled prefix -# --disable-https - Whether to render the app's HTTPS server configuration with a .disabled prefix -# --http-port - HTTP port number -# --https-port - HTTPS port number -# --document-root - Path to document root directory -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-additional-http-configuration - Additional HTTP vhost configuration (no default) -# --apache-additional-https-configuration - Additional HTTPS vhost configuration (no default) -# --apache-before-vhost-configuration - Configuration to add before the directive (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no' and type is not defined) -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-proxy-address - Address where to proxy requests -# --apache-proxy-configuration - Extra configuration for the proxy -# --apache-proxy-http-configuration - Extra configuration for the proxy HTTP vhost -# --apache-proxy-https-configuration - Extra configuration for the proxy HTTPS vhost -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup (only allowed when type is not defined) -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# --nginx-external-configuration - Configuration external to server block (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_app_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --disable \ - | --disable-http \ - | --disable-https \ - ) - apache_args+=("$1") - nginx_args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --type \ - | --allow-remote-connections \ - | --http-port \ - | --https-port \ - | --document-root \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-additional-http-configuration \ - | --apache-additional-https-configuration \ - | --apache-before-vhost-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-proxy-address \ - | --apache-proxy-configuration \ - | --apache-proxy-http-configuration \ - | --apache-proxy-https-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "${2:?missing value}") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration \ - | --nginx-external-configuration) - nginx_args+=("${1//nginx-/}" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration does not exist anymore (i.e. Apache virtual host format or NGINX server block) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Returns: -# true if the configuration was disabled, false otherwise -######################## -ensure_web_server_app_configuration_not_exists() { - local app="${1:?missing app}" - local -a web_servers - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "ensure_${web_server}_app_configuration_not_exists" "$app" - done -} - -######################## -# Ensure the web server loads the configuration for an application in a URL prefix -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --allow-remote-connections - Whether to allow remote connections or to require local connections -# --document-root - Path to document root directory -# --prefix - URL prefix from where it will be accessible (i.e. /myapp) -# --type - Application type, which has an effect on what configuration template will be used -# Apache-specific flags: -# --apache-additional-configuration - Additional vhost configuration (no default) -# --apache-allow-override - Whether to allow .htaccess files (only allowed when --move-htaccess is set to 'no') -# --apache-extra-directory-configuration - Extra configuration for the document root directory -# --apache-move-htaccess - Move .htaccess files to a common place so they can be loaded during Apache startup -# NGINX-specific flags: -# --nginx-additional-configuration - Additional server block configuration (no default) -# Returns: -# true if the configuration was enabled, false otherwise -######################## -ensure_web_server_prefix_configuration_exists() { - local app="${1:?missing app}" - shift - local -a apache_args nginx_args web_servers args_var - apache_args=("$app") - nginx_args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --allow-remote-connections \ - | --document-root \ - | --prefix \ - | --type \ - ) - apache_args+=("$1" "${2:?missing value}") - nginx_args+=("$1" "${2:?missing value}") - shift - ;; - - # Specific Apache flags - --apache-additional-configuration \ - | --apache-allow-override \ - | --apache-extra-directory-configuration \ - | --apache-move-htaccess \ - ) - apache_args+=("${1//apache-/}" "$2") - shift - ;; - - # Specific NGINX flags - --nginx-additional-configuration) - nginx_args+=("${1//nginx-/}" "$2") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - args_var="${web_server}_args[@]" - web_server_execute "$web_server" "ensure_${web_server}_prefix_configuration_exists" "${!args_var}" - done -} - -######################## -# Ensure a web server application configuration is updated with the runtime configuration (i.e. ports) -# It serves as a wrapper for the specific web server function -# Globals: -# * -# Arguments: -# $1 - App name -# Flags: -# --hosts - Host listen addresses -# --server-name - Server name -# --server-aliases - Server aliases -# --enable-http - Enable HTTP app configuration (if not enabled already) -# --enable-https - Enable HTTPS app configuration (if not enabled already) -# --disable-http - Disable HTTP app configuration (if not disabled already) -# --disable-https - Disable HTTPS app configuration (if not disabled already) -# --http-port - HTTP port number -# --https-port - HTTPS port number -# Returns: -# true if the configuration was updated, false otherwise -######################## -web_server_update_app_configuration() { - local app="${1:?missing app}" - shift - local -a args web_servers - args=("$app") - # Validate arguments - while [[ "$#" -gt 0 ]]; do - case "$1" in - # Common flags - --enable-http \ - | --enable-https \ - | --disable-http \ - | --disable-https \ - ) - args+=("$1") - ;; - --hosts \ - | --server-name \ - | --server-aliases \ - | --http-port \ - | --https-port \ - ) - args+=("$1" "${2:?missing value}") - shift - ;; - - *) - echo "Invalid command line flag $1" >&2 - return 1 - ;; - esac - shift - done - read -r -a web_servers <<< "$(web_server_list)" - for web_server in "${web_servers[@]}"; do - web_server_execute "$web_server" "${web_server}_update_app_configuration" "${args[@]}" - done -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_enable_loading_page() { - ensure_web_server_app_configuration_exists "__loading" --hosts "_default_" \ - --apache-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -RedirectMatch 503 ^/$ -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -ErrorDocument 404 /index.html -ErrorDocument 503 /index.html" \ - --nginx-additional-configuration " -# Show a HTTP 503 Service Unavailable page by default -location / { - return 503; -} -# Show index.html if server is answering with 404 Not Found or 503 Service Unavailable status codes -error_page 404 @installing; -error_page 503 @installing; -location @installing { - rewrite ^(.*)$ /index.html break; -}" - web_server_reload -} - -######################## -# Enable loading page, which shows users that the initialization process is not yet completed -# Globals: -# * -# Arguments: -# None -# Returns: -# None -######################### -web_server_disable_install_page() { - ensure_web_server_app_configuration_not_exists "__loading" - web_server_reload -} diff --git a/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/usr/sbin/install_packages b/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/usr/sbin/install_packages deleted file mode 100755 index acbc3173208c..000000000000 --- a/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/usr/sbin/install_packages +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -eu - -n=0 -max=2 -export DEBIAN_FRONTEND=noninteractive - -until [ $n -gt $max ]; do - set +e - ( - apt-get update -qq && - apt-get install -y --no-install-recommends "$@" - ) - CODE=$? - set -e - if [ $CODE -eq 0 ]; then - break - fi - if [ $n -eq $max ]; then - exit $CODE - fi - echo "apt failed, retrying" - n=$(($n + 1)) -done -apt-get clean && rm -rf /var/lib/apt/lists /var/cache/apt/archives diff --git a/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/usr/sbin/run-script b/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/usr/sbin/run-script deleted file mode 100755 index 4ca0f897277e..000000000000 --- a/bitnami/mongodb-sharded/5.0/debian-11/prebuildfs/usr/sbin/run-script +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 -set -u - -if [ $# -eq 0 ]; then - >&2 echo "No arguments provided" - exit 1 -fi - -script=$1 -exit_code="${2:-96}" -fail_if_not_present="${3:-n}" - -if test -f "$script"; then - sh $script - - if [ $? -ne 0 ]; then - exit $((exit_code)) - fi -elif [ "$fail_if_not_present" = "y" ]; then - >&2 echo "script not found: $script" - exit 127 -fi diff --git a/bitnami/mongodb-sharded/5.0/debian-11/rootfs/opt/bitnami/mongodb/templates/mongodb.conf.tpl b/bitnami/mongodb-sharded/5.0/debian-11/rootfs/opt/bitnami/mongodb/templates/mongodb.conf.tpl deleted file mode 100644 index 0a5dbe5765ed..000000000000 --- a/bitnami/mongodb-sharded/5.0/debian-11/rootfs/opt/bitnami/mongodb/templates/mongodb.conf.tpl +++ /dev/null @@ -1,52 +0,0 @@ -# mongod.conf -# for documentation of all options, see: -# http://docs.mongodb.org/manual/reference/configuration-options/ - -# where and how to store data. -storage: - dbPath: {{MONGODB_DATA_DIR}}/db - journal: - enabled: {{MONGODB_DEFAULT_ENABLE_JOURNAL}} - directoryPerDB: {{MONGODB_DEFAULT_ENABLE_DIRECTORY_PER_DB}} - -# where to write logging data. -systemLog: - destination: file - quiet: {{MONGODB_DEFAULT_DISABLE_SYSTEM_LOG}} - logAppend: true - logRotate: reopen - path: {{MONGODB_LOG_DIR}}/mongodb.log - verbosity: {{MONGODB_DEFAULT_SYSTEM_LOG_VERBOSITY}} - -# network interfaces -net: - port: {{MONGODB_DEFAULT_PORT_NUMBER}} - unixDomainSocket: - enabled: true - pathPrefix: {{MONGODB_TMP_DIR}} - ipv6: {{MONGODB_DEFAULT_ENABLE_IPV6}} - bindIpAll: false - bindIp: 127.0.0.1 - -# replica set options -#replication: - #replSetName: {{MONGODB_DEFAULT_REPLICA_SET_NAME}} - #enableMajorityReadConcern: {{MONGODB_DEFAULT_ENABLE_MAJORITY_READ}} - -# sharding options -#sharding: - #clusterRole: - -# process management options -processManagement: - fork: false - pidFilePath: {{MONGODB_PID_FILE}} - -# set parameter options -setParameter: - enableLocalhostAuthBypass: true - -# security options -security: - authorization: disabled - #keyFile: replace_me diff --git a/bitnami/mongodb-sharded/5.0/debian-11/rootfs/opt/bitnami/mongodb/templates/mongos.conf.tpl b/bitnami/mongodb-sharded/5.0/debian-11/rootfs/opt/bitnami/mongodb/templates/mongos.conf.tpl deleted file mode 100644 index 0edc1d4a8e65..000000000000 --- a/bitnami/mongodb-sharded/5.0/debian-11/rootfs/opt/bitnami/mongodb/templates/mongos.conf.tpl +++ /dev/null @@ -1,38 +0,0 @@ -# mongod.conf -# for documentation of all options, see: -# http://docs.mongodb.org/manual/reference/configuration-options/ - -# where to write logging data. -systemLog: - destination: file - quiet: {{MONGODB_DEFAULT_DISABLE_SYSTEM_LOG}} - logAppend: true - logRotate: reopen - path: {{MONGODB_LOG_DIR}}/mongodb.log - verbosity: {{MONGODB_DEFAULT_SYSTEM_LOG_VERBOSITY}} - -# network interfaces -net: - port: {{MONGODB_DEFAULT_PORT_NUMBER}} - unixDomainSocket: - enabled: true - pathPrefix: {{MONGODB_TMP_DIR}} - ipv6: {{MONGODB_DEFAULT_ENABLE_IPV6}} - bindIpAll: false - bindIp: 127.0.0.1 - -# sharding options -sharding: - configDB: 127.0.0.1 - -security: - keyFile: {{MONGODB_KEY_FILE}} - -# process management options -processManagement: - fork: false - pidFilePath: {{MONGODB_PID_FILE}} - -# set parameter options -setParameter: - enableLocalhostAuthBypass: false diff --git a/bitnami/mongodb-sharded/5.0/debian-11/rootfs/opt/bitnami/scripts/libmongodb-sharded.sh b/bitnami/mongodb-sharded/5.0/debian-11/rootfs/opt/bitnami/scripts/libmongodb-sharded.sh deleted file mode 100644 index 661d2077c846..000000000000 --- a/bitnami/mongodb-sharded/5.0/debian-11/rootfs/opt/bitnami/scripts/libmongodb-sharded.sh +++ /dev/null @@ -1,378 +0,0 @@ -#!/bin/bash -# Copyright VMware, Inc. -# SPDX-License-Identifier: APACHE-2.0 - -# -# Bitnami MongoDB library - -# shellcheck disable=SC1091 - -# Load Generic Libraries -. /opt/bitnami/scripts/liblog.sh -. /opt/bitnami/scripts/libvalidations.sh -. /opt/bitnami/scripts/libmongodb.sh - -######################## -# Get current status of the shard in the cluster -# Globals: -# MONGODB_* -# Arguments: -# $1 - Name of the replica set -# Returns: -# None -######################### -mongodb_sharded_shard_currently_in_cluster() { - local -r replicaset="${1:?node is required}" - local result - - result=$( - mongodb_execute_print_output "$MONGODB_ROOT_USER" "$MONGODB_ROOT_PASSWORD" "admin" "$MONGODB_MONGOS_HOST" "$MONGODB_MONGOS_PORT_NUMBER" <"$conf_file_path" -} - -######################## -# Change common logging settings -# Globals: -# MONGODB_* -# Arguments: -# None -# Returns: -# None -######################### -mongodb_set_log_conf() { - local -r conf_file_path="${1:-$MONGODB_CONF_FILE}" - local -r conf_file_name="${conf_file_path#"$MONGODB_CONF_DIR"}" - if ! mongodb_is_file_external "$conf_file_name"; then - if [[ -n "$MONGODB_DISABLE_SYSTEM_LOG" ]]; then - mongodb_config_apply_regex "quiet:.*" "quiet: $({ is_boolean_yes "$MONGODB_DISABLE_SYSTEM_LOG" && echo 'true'; } || echo 'false')" "$conf_file_path" - fi - if [[ -n "$MONGODB_SYSTEM_LOG_VERBOSITY" ]]; then - mongodb_config_apply_regex "verbosity:.*" "verbosity: $MONGODB_SYSTEM_LOG_VERBOSITY" "$conf_file_path" - fi - else - debug "$conf_file_name mounted. Skipping setting log settings" - fi -} - -######################## -# Change journaling setting -# Globals: -# MONGODB_* -# Arguments: -# None -# Returns: -# None -######################### -mongodb_set_journal_conf() { - local -r conf_file_path="${1:-$MONGODB_CONF_FILE}" - local -r conf_file_name="${conf_file_path#"$MONGODB_CONF_DIR"}" - local mongodb_conf - - if ! mongodb_is_file_external "$conf_file_name"; then - # Disable journal.enabled since it is not supported from 7.0 on - if [[ "$(mongodb_get_version)" =~ ^7\..\. ]]; then - mongodb_conf="$(sed '/journal:/,/enabled: .*/d' "$conf_file_path")" - echo "$mongodb_conf" >"$conf_file_path" - else - if [[ -n "$MONGODB_ENABLE_JOURNAL" ]]; then - mongodb_conf="$(sed -E "/^ *journal:/,/^ *[^:]*:/s/enabled:.*/enabled: $({ is_boolean_yes "$MONGODB_ENABLE_JOURNAL" && echo 'true'; } || echo 'false')/" "$conf_file_path")" - echo "$mongodb_conf" >"$conf_file_path" - fi - fi - else - debug "$conf_file_name mounted. Skipping setting log settings" - fi -} - -######################## -# Change common storage settings -# Globals: -# MONGODB_* -# Arguments: -# None -# Returns: -# None -######################### -mongodb_set_storage_conf() { - local -r conf_file_path="${1:-$MONGODB_CONF_FILE}" - local -r conf_file_name="${conf_file_path#"$MONGODB_CONF_DIR"}" - - if ! mongodb_is_file_external "$conf_file_name"; then - if [[ -n "$MONGODB_ENABLE_DIRECTORY_PER_DB" ]]; then - mongodb_config_apply_regex "directoryPerDB:.*" "directoryPerDB: $({ is_boolean_yes "$MONGODB_ENABLE_DIRECTORY_PER_DB" && echo 'true'; } || echo 'false')" "$conf_file_path" - fi - else - debug "$conf_file_name mounted. Skipping setting storage settings" - fi -} - -######################## -# Change common network settings -# Globals: -# MONGODB_* -# Arguments: -# None -# Returns: -# None -######################### -mongodb_set_net_conf() { - local -r conf_file_path="${1:-$MONGODB_CONF_FILE}" - local -r conf_file_name="${conf_file_path#"$MONGODB_CONF_DIR"}" - - if ! mongodb_is_file_external "$conf_file_name"; then - if [[ -n "$MONGODB_PORT_NUMBER" ]]; then - mongodb_config_apply_regex "port:.*" "port: $MONGODB_PORT_NUMBER" "$conf_file_path" - fi - if [[ -n "$MONGODB_ENABLE_IPV6" ]]; then - mongodb_config_apply_regex "ipv6:.*" "ipv6: $({ is_boolean_yes "$MONGODB_ENABLE_IPV6" && echo 'true'; } || echo 'false')" "$conf_file_path" - fi - else - debug "$conf_file_name mounted. Skipping setting port and IPv6 settings" - fi -} -######################## -# Change bind ip address to 0.0.0.0 -# Globals: -# MONGODB_* -# Arguments: -# None -# Returns: -# None -######################### -mongodb_set_listen_all_conf() { - local -r conf_file_path="${1:-$MONGODB_CONF_FILE}" - local -r conf_file_name="${conf_file_path#"$MONGODB_CONF_DIR"}" - - if ! mongodb_is_file_external "$conf_file_name"; then - mongodb_config_apply_regex "#?bindIp:.*" "#bindIp:" "$conf_file_path" - mongodb_config_apply_regex "#?bindIpAll:.*" "bindIpAll: true" "$conf_file_path" - else - debug "$conf_file_name mounted. Skipping IP binding to all addresses" - fi -} - -######################## -# Disable javascript -# Globals: -# MONGODB_* -# Arguments: -# None -# Returns: -# None -######################### -mongodb_disable_javascript_conf() { - local -r conf_file_path="${1:-$MONGODB_CONF_FILE}" - local -r conf_file_name="${conf_file_path#"$MONGODB_CONF_DIR"}" - - if ! mongodb_is_file_external "$conf_file_name"; then - mongodb_config_apply_regex "#?security:" "security:\n javascriptEnabled: false" "$conf_file_path" - else - debug "$conf_file_name mounted. Skipping disabling javascript" - fi -} - -######################## -# Enable Auth -# Globals: -# MONGODB_* -# Arguments: -# None -# Return -# None -######################### -mongodb_set_auth_conf() { - local -r conf_file_path="${1:-$MONGODB_CONF_FILE}" - local -r conf_file_name="${conf_file_path#"$MONGODB_CONF_DIR"}" - - local authorization - - if ! mongodb_is_file_external "$conf_file_name"; then - if [[ -n "$MONGODB_ROOT_PASSWORD" ]] || [[ -n "$MONGODB_INITIAL_PRIMARY_ROOT_PASSWORD" ]] || [[ -n "$MONGODB_PASSWORD" ]]; then - authorization="$(yq eval .security.authorization "$MONGODB_CONF_FILE")" - if [[ "$authorization" = "disabled" ]]; then - - info "Enabling authentication..." - # TODO: replace 'sed' calls with 'yq' once 'yq write' does not remove comments - mongodb_config_apply_regex "#?authorization:.*" "authorization: enabled" "$conf_file_path" - mongodb_config_apply_regex "#?enableLocalhostAuthBypass:.*" "enableLocalhostAuthBypass: false" "$conf_file_path" - fi - fi - else - debug "$conf_file_name mounted. Skipping authorization enabling" - fi -} - -######################## -# Enable ReplicaSetMode -# Globals: -# MONGODB_* -# Arguments: -# None -# Returns: -# None -######################### -mongodb_set_replicasetmode_conf() { - local -r conf_file_path="${1:-$MONGODB_CONF_FILE}" - local -r conf_file_name="${conf_file_path#"$MONGODB_CONF_DIR"}" - - if ! mongodb_is_file_external "$conf_file_name"; then - mongodb_config_apply_regex "#?replication:.*" "replication:" "$conf_file_path" - mongodb_config_apply_regex "#?replSetName:" "replSetName:" "$conf_file_path" - mongodb_config_apply_regex "#?enableMajorityReadConcern:.*" "enableMajorityReadConcern:" "$conf_file_path" - if [[ -n "$MONGODB_REPLICA_SET_NAME" ]]; then - mongodb_config_apply_regex "replSetName:.*" "replSetName: $MONGODB_REPLICA_SET_NAME" "$conf_file_path" - fi - if [[ -n "$MONGODB_ENABLE_MAJORITY_READ" ]]; then - mongodb_config_apply_regex "enableMajorityReadConcern:.*" "enableMajorityReadConcern: $({ (is_boolean_yes "$MONGODB_ENABLE_MAJORITY_READ" || [[ "$(mongodb_get_version)" =~ ^5\..\. ]]) && echo 'true'; } || echo 'false')" "$conf_file_path" - fi - else - debug "$conf_file_name mounted. Skipping replicaset mode enabling" - fi -} - -######################## -# Create a MongoDB user and provide read/write permissions on a database -# Globals: -# MONGODB_ROOT_PASSWORD -# Arguments: -# $1 - Name of user -# $2 - Password for user -# $3 - Name of database (empty for default database) -# Returns: -# None -######################### -mongodb_create_user() { - local -r user="${1:?user is required}" - local -r password="${2:-}" - local -r database="${3:-}" - local query - - if [[ -z "$password" ]]; then - warn "Cannot create user '$user', no password provided" - return 0 - fi - # Build proper query (default database or specific one) - query="db.getSiblingDB('$database').createUser({ user: '$user', pwd: '$password', roles: [{role: 'readWrite', db: '$database'}] })" - [[ -z "$database" ]] && query="db.getSiblingDB(db.stats().db).createUser({ user: '$user', pwd: '$password', roles: [{role: 'readWrite', db: db.getSiblingDB(db.stats().db).stats().db }] })" - # Create user, discarding mongo CLI output for clean logs - info "Creating user '$user'..." - mongodb_execute "$MONGODB_ROOT_USER" "$MONGODB_ROOT_PASSWORD" "" "127.0.0.1" <<<"$query" -} - -######################## -# Create the appropriate users -# Globals: -# MONGODB_* -# Arguments: -# None -# Returns: -# None -######################### -mongodb_create_users() { - info "Creating users..." - - if [[ -n "$MONGODB_ROOT_PASSWORD" ]] && ! [[ "$MONGODB_REPLICA_SET_MODE" =~ ^(secondary|arbiter|hidden) ]]; then - info "Creating $MONGODB_ROOT_USER user..." - mongodb_execute "" "" "" "127.0.0.1" <"$MONGODB_KEY_FILE" - - chmod 600 "$MONGODB_KEY_FILE" - - if am_i_root; then - configure_permissions "$MONGODB_KEY_FILE" "$MONGODB_DAEMON_USER" "$MONGODB_DAEMON_GROUP" "" "600" - else - chmod 600 "$MONGODB_KEY_FILE" - fi - else - debug "keyfile mounted. Skipping keyfile generation" - fi -} - -######################## -# Get if primary node is initialized -# Globals: -# MONGODB_* -# Arguments: -# $1 - node -# $2 - port -# Returns: -# None -######################### -mongodb_is_primary_node_initiated() { - local node="${1:?node is required}" - local port="${2:?port is required}" - local result - result=$( - mongodb_execute_print_output "$MONGODB_ROOT_USER" "$MONGODB_ROOT_PASSWORD" "admin" "127.0.0.1" "$MONGODB_PORT_NUMBER" < m.name === '$node:$port' && m.stateStr === 'SECONDARY').length === 1 -EOF - ) - debug "$result" - - grep -q "true" <<<"$result" -} - -######################## -# Grant voting rights to secondary node -# Globals: -# MONGODB_* -# Arguments: -# $1 - node -# $2 - port -# Returns: -# Boolean -######################### -mongodb_configure_secondary_node_voting() { - local -r node="${1:?node is required}" - local -r port="${2:?port is required}" - - debug "Granting voting rights to the node" - local reconfig_cmd="rs.reconfigForPSASet(member, cfg)" - [[ "$(mongodb_get_version)" =~ ^4\.(0|2)\. ]] && reconfig_cmd="rs.reconfig(cfg)" - result=$( - mongodb_execute_print_output "$MONGODB_INITIAL_PRIMARY_ROOT_USER" "$MONGODB_INITIAL_PRIMARY_ROOT_PASSWORD" "admin" "$MONGODB_INITIAL_PRIMARY_HOST" "$MONGODB_INITIAL_PRIMARY_PORT_NUMBER" < m.host === '$node:$port') -cfg.members[member].priority = 1 -cfg.members[member].votes = 1 -$reconfig_cmd -EOF - ) - debug "$result" - - grep -q "ok: 1" <<<"$result" -} - -######################## -# Get if hidden node is pending -# Globals: -# MONGODB_* -# Arguments: -# $1 - node -# $2 - port -# Returns: -# Boolean -######################### -mongodb_is_hidden_node_pending() { - local node="${1:?node is required}" - local port="${2:?port is required}" - local result - - mongodb_set_dwc - - debug "Adding hidden node ${node}:${port}" - result=$( - mongodb_execute_print_output "$MONGODB_INITIAL_PRIMARY_ROOT_USER" "$MONGODB_INITIAL_PRIMARY_ROOT_PASSWORD" "admin" "$MONGODB_INITIAL_PRIMARY_HOST" "$MONGODB_INITIAL_PRIMARY_PORT_NUMBER" <